last executing test programs:

10m9.034069613s ago: executing program 4 (id=5):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4002})
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000080)="0bc3ff", 0x3}, {&(0x7f0000000000)='G', 0x1}, {&(0x7f0000000240)="d336bd75243cb9a60000", 0xa}], 0x3)

10m8.564446363s ago: executing program 4 (id=24):
io_setup(0x7f, &(0x7f0000000940)=<r0=>0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
io_submit(r0, 0x1, &(0x7f0000001280)=[&(0x7f0000001000)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

10m8.214109303s ago: executing program 4 (id=30):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x10)
symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

10m7.858551436s ago: executing program 4 (id=34):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x80000000, 0x2)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r0, &(0x7f0000000240)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x7}}, 0x10)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x1, 0x2, 0x2, 0x0, 0x3c})

9m52.734225014s ago: executing program 32 (id=34):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x80000000, 0x2)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r0, &(0x7f0000000240)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x7}}, 0x10)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x1, 0x2, 0x2, 0x0, 0x3c})

8m46.658168466s ago: executing program 5 (id=984):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast2, 0xdd}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x4c, &(0x7f0000000000)=0xc000000, 0x4)

8m46.624325082s ago: executing program 5 (id=985):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7d}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)

8m46.461883097s ago: executing program 5 (id=988):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b70300001b0000008500000083000000bf0900000000000055090100000000009500000000000000bf080000000000007b9af8ff00000000b5090500000000007baaf0ff00000000bda804000000000007080000f8ffffffbfa400000000000007000000f0ffffffb70200000800000018220000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004600000076000000bf91000000000000b6080000000000008500000085000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

8m46.381807738s ago: executing program 5 (id=990):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x38011, r0, 0x1f4c3000)
mount$9p_fd(0x0, 0x0, &(0x7f00000024c0), 0x80, &(0x7f00000047c0))

8m46.178265949s ago: executing program 5 (id=992):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)

8m46.05385031s ago: executing program 5 (id=993):
syz_io_uring_setup(0x800235, &(0x7f0000001240)={0x0, 0x8cc8, 0x10100, 0x2, 0x75}, &(0x7f0000000000), 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000000000)=""/4103, &(0x7f0000001080)=0x1007)

8m30.954668419s ago: executing program 33 (id=993):
syz_io_uring_setup(0x800235, &(0x7f0000001240)={0x0, 0x8cc8, 0x10100, 0x2, 0x75}, &(0x7f0000000000), 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000000000)=""/4103, &(0x7f0000001080)=0x1007)

7m28.205886875s ago: executing program 2 (id=2285):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0xffc0}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

7m27.84173816s ago: executing program 2 (id=2289):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'})

7m27.701873155s ago: executing program 2 (id=2292):
r0 = socket$netlink(0x10, 0x3, 0x15)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
close(0x3)

7m27.498250063s ago: executing program 2 (id=2295):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
mount_setattr(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x8100, &(0x7f0000000000)={0x0, 0x0, 0x20000}, 0x20)

7m27.379285071s ago: executing program 2 (id=2298):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x1c, r1, 0x1, 0xfffffffd, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}}, 0x20040010)

7m27.121497373s ago: executing program 2 (id=2304):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
open(&(0x7f0000000340)='./file0\x00', 0x300, 0x69)

7m26.826940295s ago: executing program 34 (id=2304):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
open(&(0x7f0000000340)='./file0\x00', 0x300, 0x69)

1m17.610287407s ago: executing program 3 (id=7754):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000080)='FROZEN\x00', 0x7)

1m17.509698115s ago: executing program 3 (id=7756):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x80000001, 0x4, 0x32, 0x0, 0xff}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
sendto$inet6(r0, &(0x7f0000000080)='8', 0x1, 0x65014, &(0x7f0000000340)={0xa, 0x4e23, 0x5, @local, 0x7}, 0x1c)

1m16.577507445s ago: executing program 3 (id=7776):
openat$ptmx(0xffffffffffffff9c, 0x0, 0xb00, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x34, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x1}]}, 0x34}}, 0x0)

1m16.486000077s ago: executing program 3 (id=7777):
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000280), 0x20c82, 0x0)
r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

1m16.478792371s ago: executing program 3 (id=7778):
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000200)=0x10)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

1m16.430995308s ago: executing program 3 (id=7779):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x8, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x2, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@dev={0xfe, 0x80, '\x00', 0x3a}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xa0, 0x2e}}, [@migrate={0x50, 0x11, [{@in=@loopback=0xac1414aa, @in=@loopback, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@loopback, 0x3c, 0x4, 0x0, 0x0, 0xa, 0xa}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1m1.300769749s ago: executing program 35 (id=7779):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x8, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x2, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@dev={0xfe, 0x80, '\x00', 0x3a}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xa0, 0x2e}}, [@migrate={0x50, 0x11, [{@in=@loopback=0xac1414aa, @in=@loopback, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@loopback, 0x3c, 0x4, 0x0, 0x0, 0xa, 0xa}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

23.098901523s ago: executing program 6 (id=8422):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000440)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7}, 0x1c, &(0x7f0000001440)=[{&(0x7f00000000c0)="a2", 0x1}], 0x1}}], 0x1, 0x6001)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000100)={0x2, 0x21, 0x206, 0x4, 0x7, 0x64e6, 0x3, 0x6}, &(0x7f0000000140)=0x20)

22.91055612s ago: executing program 6 (id=8427):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x0, 0x0)
preadv2(r1, &(0x7f0000000280)=[{&(0x7f00000008c0)=""/211, 0xd3}], 0x1, 0x0, 0x0, 0x0)

22.707325445s ago: executing program 6 (id=8431):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
write$FUSE_IOCTL(r0, &(0x7f0000000100)={0x20}, 0xfdef)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2200080, &(0x7f0000002400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})

21.775291707s ago: executing program 6 (id=8449):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000380)='./file0\x00', r0, 0x0, 0x40)

21.621258454s ago: executing program 6 (id=8451):
io_submit(0x0, 0x1, &(0x7f00000002c0)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000140)='i', 0x1}])
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000140), 0x0, 0x0, 0x1)

21.098382359s ago: executing program 6 (id=8457):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x28, 0x1, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x24, 0x2c, 0xd27, 0xffffffff, 0x0, {0x0, 0x0, 0x0, r2, {0x10}, {0x0, 0x6}, {0x0, 0x5}}}, 0x24}}, 0x40008c4)

20.684106234s ago: executing program 36 (id=8457):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x28, 0x1, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x24, 0x2c, 0xd27, 0xffffffff, 0x0, {0x0, 0x0, 0x0, r2, {0x10}, {0x0, 0x6}, {0x0, 0x5}}}, 0x24}}, 0x40008c4)

3.220190376s ago: executing program 9 (id=8653):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x9, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000100)=0x8, 0x4)

2.852151742s ago: executing program 7 (id=8656):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = socket(0x1d, 0x2, 0x6)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x6a, 0x3, 0x0, &(0x7f0000000000)=0xfffffffffffffd68)

2.726207434s ago: executing program 8 (id=8658):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
faccessat2(0xffffffffffffff9c, 0x0, 0x2, 0x0)

2.72086641s ago: executing program 7 (id=8669):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6c0000001000ffff27bd01000000df2500000000", @ANYRES32=0x0, @ANYBLOB="137c0300231a05004c0012800e00010069703667726574617000000038000280140007000000000000000000fffffffffffffffe14000600fe"], 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x20040000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0xc000802)

2.480947399s ago: executing program 7 (id=8661):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r0, &(0x7f0000000000)={&(0x7f00000001c0)={0xa, 0x4e21, 0x80000, @mcast2, 0x80800}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=[@tclass={{0x14, 0x29, 0x43, 0x7f2}}], 0x18}, 0x40c0)

2.429654356s ago: executing program 0 (id=8662):
r0 = syz_io_uring_setup(0x512d, &(0x7f0000000180)={0x0, 0xcc19, 0x130c8, 0x6, 0x30e}, &(0x7f0000000100), &(0x7f0000000200))
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000000), 0x0)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0)
io_uring_enter(r0, 0x2e6f, 0x8555, 0x2, 0x0, 0x0)

2.27975691s ago: executing program 7 (id=8664):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xf6272000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ppoll(&(0x7f00000000c0), 0x2a, 0x0, &(0x7f00000001c0)={[0x2a]}, 0x8)

2.198519924s ago: executing program 0 (id=8665):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e21, 0x1, @remote, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140), 0x4)

2.054969674s ago: executing program 0 (id=8667):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32=r2, @ANYBLOB="0a0001"], 0x48}}, 0x0)

1.743119048s ago: executing program 9 (id=8670):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fd9bff252a00000014002b8008000400ffff0200080001000000000008000300", @ANYRES32=r2, @ANYBLOB="08002a0006000000050029000000000008002c"], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x10)

1.649705234s ago: executing program 0 (id=8671):
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FSYNC={0x3, 0x8, 0x0, @fd_index=0x5, 0x0, 0x0, 0x0, 0x333e9a5aec46f63f})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.56237656s ago: executing program 8 (id=8674):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x7, 0x40, 0x0, {0x0, 0xea60}, {0x77359400}, {}, 0x1, @can={{0x3, 0x0, 0x1, 0x1}, 0x2, 0x3, 0x0, 0x0, "3eb9d3adfb751535"}}, 0x48}, 0x1, 0x0, 0x0, 0x8890}, 0x400c0)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000dc0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000540)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000fbdbdf25270000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c0053"], 0x50}, 0x1, 0x0, 0x0, 0x24040011}, 0x0)

1.52099056s ago: executing program 9 (id=8675):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x400000000003, 0x7ffff, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sysfs$2(0x2, 0x2, &(0x7f0000000000)=""/29)

1.380237437s ago: executing program 0 (id=8676):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000380)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r0, 0x48e9, 0x0, 0x2, 0x0, 0x0)

1.33812055s ago: executing program 1 (id=8677):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@bridge_setlink={0x30, 0x13, 0xa29, 0x0, 0xffffffff, {0x7, 0x0, 0x0, r1, 0x0, 0xd420}, [@IFLA_AF_SPEC={0x4, 0xc}, @IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4}}]}]}, 0x30}}, 0x48090)

1.337148816s ago: executing program 8 (id=8678):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000300)=0x2000004)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000400)=0xfffffffd)

1.196115575s ago: executing program 0 (id=8679):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)=0x4)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000240)=0x6)

1.119004385s ago: executing program 8 (id=8680):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
recvmmsg$unix(r1, &(0x7f0000003700)=[{{0x0, 0x78d, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)

1.072183494s ago: executing program 1 (id=8681):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
setsockopt$nfc_llcp_NFC_LLCP_RW(r0, 0x118, 0x0, &(0x7f0000000140)=0xa, 0x4)
bind$nfc_llcp(r0, &(0x7f00000001c0)={0x27, 0x0, 0x0, 0x2, 0x0, 0x49, "c46e9fd1a84b7fa0bf2cca6beb9363a680b652a86bcf56a1b9ca5386103a5ccbe47b7b9aa6d8d701a3ba00000000b97800001022f987617c318500", 0x3a}, 0x60)
getsockopt$inet_buf(r0, 0x118, 0x0, 0x0, &(0x7f00000003c0)=0x14)

1.026140501s ago: executing program 7 (id=8682):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e21, 0x9, @private0={0xfc, 0x0, '\x00', 0x1}, 0xff}, 0x1c)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000000))

932.330125ms ago: executing program 1 (id=8683):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000000000eab0000040"])

710.270038ms ago: executing program 8 (id=8684):
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000040)=@o_path={&(0x7f0000000000)='./file0\x00'}, 0x18)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)=r0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f0000000100), &(0x7f0000000040)=""/17, 0x2}, 0x20)

588.358114ms ago: executing program 1 (id=8685):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(r0, 0x0, 0x8014)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="b70700000000000063118b000000000040000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xb579, &(0x7f000000cf3d)=""/195}, 0x23)

506.203901ms ago: executing program 8 (id=8686):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xb, 0x2, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_clone3(&(0x7f00000002c0)={0x50000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)

390.591438ms ago: executing program 9 (id=8687):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xc, 0x4, 0x4, 0x7, 0x0, r0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x5, r2}, 0x38)

361.673427ms ago: executing program 1 (id=8688):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioprio_set$uid(0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0)

224.036706ms ago: executing program 9 (id=8689):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r0, 0x7ac, 0x0)

83.446402ms ago: executing program 7 (id=8690):
syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000680))

79.927307ms ago: executing program 1 (id=8691):
r0 = open(&(0x7f0000000080)='./file0\x00', 0x48141, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x20001, 0x0)
fcntl$getflags(r0, 0x401)

0s ago: executing program 9 (id=8692):
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, &(0x7f0000000040)='}\x00')
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xc)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, &(0x7f0000000240)='}\x00')
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xc)

kernel console output (not intermixed with test programs):

generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.475920][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.475949][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.475978][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476007][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476036][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476065][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476094][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476123][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476152][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476181][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476210][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476240][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476269][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476298][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476326][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476355][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476384][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476412][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476441][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476470][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476498][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476527][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476556][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476585][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476613][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476641][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.476668][ T5918] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[  438.483324][ T5918] hid-generic 0000:0000:0000.004B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  438.508747][T17973] program syz.0.5515 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  439.152574][T17982] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  439.447768][T17996] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5526'.
[  439.652131][T18009] GUP no longer grows the stack in syz.6.5533 (18009): 200000005000-200000008000 (200000004000)
[  439.667851][T18009] CPU: 0 UID: 0 PID: 18009 Comm: syz.6.5533 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  439.667884][T18009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  439.667902][T18009] Call Trace:
[  439.667915][T18009]  <TASK>
[  439.667926][T18009]  dump_stack_lvl+0x189/0x250
[  439.667963][T18009]  ? __pfx_dump_stack_lvl+0x10/0x10
[  439.667989][T18009]  ? __pfx__printk+0x10/0x10
[  439.668017][T18009]  ? find_vma+0xe7/0x160
[  439.668066][T18009]  fixup_user_fault+0x661/0x720
[  439.668108][T18009]  fault_in_user_writeable+0x72/0xe0
[  439.668139][T18009]  futex_lock_pi+0x283/0xa60
[  439.668182][T18009]  ? __pfx_futex_lock_pi+0x10/0x10
[  439.668212][T18009]  ? get_futex_key+0x880/0x1640
[  439.668271][T18009]  ? __pfx_futex_wake_mark+0x10/0x10
[  439.668325][T18009]  ? __pfx_userfaultfd_unmap_complete+0x10/0x10
[  439.668372][T18009]  do_futex+0x292/0x420
[  439.668407][T18009]  ? __pfx_do_futex+0x10/0x10
[  439.668437][T18009]  ? __vm_munmap+0x301/0x3d0
[  439.668478][T18009]  __se_sys_futex+0x36f/0x400
[  439.668515][T18009]  ? __pfx___se_sys_futex+0x10/0x10
[  439.668567][T18009]  ? rcu_is_watching+0x15/0xb0
[  439.668599][T18009]  ? __x64_sys_futex+0x21/0xf0
[  439.668630][T18009]  do_syscall_64+0xfa/0x3b0
[  439.668657][T18009]  ? lockdep_hardirqs_on+0x9c/0x150
[  439.668680][T18009]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.668703][T18009]  ? clear_bhb_loop+0x60/0xb0
[  439.668732][T18009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.668754][T18009] RIP: 0033:0x7fbd5cb8ebe9
[  439.668782][T18009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.668802][T18009] RSP: 002b:00007fbd5d92e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  439.668846][T18009] RAX: ffffffffffffffda RBX: 00007fbd5cdb5fa0 RCX: 00007fbd5cb8ebe9
[  439.668863][T18009] RDX: 00000000fffffffd RSI: 000000000000008d RDI: 0000200000004000
[  439.668879][T18009] RBP: 00007fbd5cc11e19 R08: 0000000000000000 R09: 0000000000000000
[  439.668893][T18009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  439.668907][T18009] R13: 00007fbd5cdb6038 R14: 00007fbd5cdb5fa0 R15: 00007ffcebda6d08
[  439.668944][T18009]  </TASK>
[  439.891500][    C0] vkms_vblank_simulate: vblank timer overrun
[  440.898383][T18059] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.5556'.
[  441.190342][   T30] audit: type=1326 audit(1755180309.718:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18072 comm="syz.1.5563" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa4c238ebe9 code=0x0
[  441.477585][T18087] sp0: Synchronizing with TNC
[  441.620637][T18092] dummy0: entered promiscuous mode
[  442.024148][  T980] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  442.188672][  T980] usb 4-1: config 0 interface 0 altsetting 252 endpoint 0x81 has an invalid bInterval 129, changing to 11
[  442.221414][  T980] usb 4-1: config 0 interface 0 altsetting 252 endpoint 0x81 has invalid wMaxPacketSize 0
[  442.243033][  T980] usb 4-1: config 0 interface 0 has no altsetting 0
[  442.257408][  T980] usb 4-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00
[  442.268798][  T980] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.280836][  T980] usb 4-1: config 0 descriptor??
[  442.701899][  T980] uclogic 0003:5543:0064.004C: item fetching failed at offset 5/7
[  442.724925][  T980] uclogic 0003:5543:0064.004C: parse failed
[  442.725041][  T980] uclogic 0003:5543:0064.004C: probe with driver uclogic failed with error -22
[  442.850739][T18136] netlink: 716 bytes leftover after parsing attributes in process `syz.7.5593'.
[  442.910566][ T5918] usb 4-1: USB disconnect, device number 44
[  443.075457][T18145] program syz.1.5597 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  443.159305][T18147] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  443.166388][T18147] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  443.174858][T18147] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  443.181353][T18147] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  443.190434][T18147] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  443.196995][T18147] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  443.204682][T18147] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  443.211183][T18147] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  443.219582][T18147] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  443.226163][T18147] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  444.023651][   T24] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  444.195713][   T24] usb 2-1: config 0 interface 0 altsetting 13 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  444.225323][   T24] usb 2-1: config 0 interface 0 altsetting 13 endpoint 0x81 has invalid wMaxPacketSize 0
[  444.242387][   T24] usb 2-1: config 0 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  444.286045][   T24] usb 2-1: config 0 interface 0 has no altsetting 0
[  444.303776][   T24] usb 2-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00
[  444.313030][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.335309][   T24] usb 2-1: config 0 descriptor??
[  444.757567][   T24] uclogic 0003:28BD:0042.004D: interface is invalid, ignoring
[  444.972554][  T980] usb 2-1: USB disconnect, device number 49
[  445.311161][T18225] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5636'.
[  445.328452][T18225] netlink: 'syz.7.5636': attribute type 2 has an invalid length.
[  445.353661][T18225] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5636'.
[  445.377342][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  445.583123][T18238] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5643'.
[  445.935065][T18255] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5650'.
[  446.117608][T18261] mkiss: ax0: crc mode is auto.
[  446.386475][T18270] bridge1: entered promiscuous mode
[  446.402989][T18270] bridge1: entered allmulticast mode
[  446.427129][T18270] team0: Port device bridge1 added
[  446.871901][T18296] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5671'.
[  447.334034][T18311] netlink: 'syz.7.5678': attribute type 1 has an invalid length.
[  448.284260][T18364] netlink: 'syz.1.5705': attribute type 1 has an invalid length.
[  448.314430][T18364] NCSI netlink: No device for ifindex 0
[  448.315959][ T5941] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  448.493967][ T5941] usb 4-1: Using ep0 maxpacket: 32
[  448.505346][ T5941] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  448.538246][ T5941] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  448.572340][ T5941] usb 4-1: config 0 interface 0 has no altsetting 0
[  448.586109][ T5941] usb 4-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  448.615684][ T5941] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  448.655332][ T5941] usb 4-1: config 0 descriptor??
[  449.102376][ T5941] dragonrise 0003:0079:0011.004E: unknown main item tag 0x0
[  449.133083][ T5941] dragonrise 0003:0079:0011.004E: hidraw0: USB HID v0.00 Device [HID 0079:0011] on usb-dummy_hcd.3-1/input0
[  449.332582][ T5941] usb 4-1: USB disconnect, device number 45
[  449.695655][T18428] bridge2: entered promiscuous mode
[  449.700960][T18428] bridge2: entered allmulticast mode
[  449.725760][T18428] team0: Port device bridge2 added
[  450.026070][T18447] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5745'.
[  450.333453][T18460] : entered promiscuous mode
[  450.683639][ T5852] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  450.854090][ T5852] usb 2-1: Using ep0 maxpacket: 8
[  450.861352][ T5852] usb 2-1: unable to get BOS descriptor or descriptor too short
[  450.873276][ T5852] usb 2-1: config 1 interface 0 altsetting 1 bulk endpoint 0x1 has invalid maxpacket 64
[  450.887200][ T5852] usb 2-1: config 1 interface 0 has no altsetting 0
[  450.898353][ T5852] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  450.908710][ T5852] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.917953][ T5852] usb 2-1: Product: syz
[  450.922203][ T5852] usb 2-1: Manufacturer: syz
[  450.927836][ T5852] usb 2-1: SerialNumber: syz
[  450.937317][T18468] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  451.359485][ T5852] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 50 if 0 alt 1 proto 1 vid 0x0525 pid 0xA4A8
[  451.556371][ T5852] usb 2-1: USB disconnect, device number 50
[  451.574947][ T5852] usblp0: removed
[  452.306247][T18528] netlink: 'syz.1.5782': attribute type 2 has an invalid length.
[  452.334329][T18528] k�*�]�: entered promiscuous mode
[  453.030757][   T30] audit: type=1326 audit(1755180321.558:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18561 comm="syz.3.5798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc16478ebe9 code=0x7ffc0000
[  453.060680][ T5852] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  453.085179][   T30] audit: type=1326 audit(1755180321.558:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18561 comm="syz.3.5798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc16478ebe9 code=0x7ffc0000
[  453.107827][    C0] vkms_vblank_simulate: vblank timer overrun
[  453.148692][   T30] audit: type=1326 audit(1755180321.588:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18561 comm="syz.3.5798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fc16478ebe9 code=0x7ffc0000
[  453.173329][   T30] audit: type=1326 audit(1755180321.588:212): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18561 comm="syz.3.5798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc16478ebe9 code=0x7ffc0000
[  453.198651][   T30] audit: type=1326 audit(1755180321.588:213): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18561 comm="syz.3.5798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fc16478ebe9 code=0x7ffc0000
[  453.230031][   T30] audit: type=1326 audit(1755180321.588:214): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18561 comm="syz.3.5798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc16478ebe9 code=0x7ffc0000
[  453.254880][ T5852] usb 2-1: Using ep0 maxpacket: 16
[  453.272646][ T5852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  453.288108][ T5852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  453.300176][ T5852] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  453.320356][ T5852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.340622][ T5852] usb 2-1: config 0 descriptor??
[  453.529430][T18578] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5805'.
[  453.807518][ T5852] hid-multitouch 0003:1FD2:6007.004F: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.1-1/input0
[  453.998269][ T5918] usb 2-1: USB disconnect, device number 51
[  454.868142][T18639] netlink: 'syz.7.5834': attribute type 1 has an invalid length.
[  454.978984][T18644] iso9660: Bad value for 'gid'
[  454.987928][T18644] iso9660: Bad value for 'gid'
[  455.023124][T18647] sg_write: data in/out 10372/14 bytes for SCSI command 0x0-- guessing data in;
[  455.023124][T18647]    program syz.0.5837 not setting count and/or reply_len properly
[  455.504025][ T5911] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  455.623197][T18678] netlink: 'syz.1.5853': attribute type 2 has an invalid length.
[  455.677096][ T5911] usb 4-1: Using ep0 maxpacket: 32
[  455.687626][ T5911] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  455.739417][ T5911] usb 4-1: New USB device found, idVendor=5543, idProduct=004d, bcdDevice= 0.00
[  455.779643][ T5911] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.815259][ T5911] usb 4-1: config 0 descriptor??
[  456.378891][T18715] netlink: 'syz.6.5869': attribute type 10 has an invalid length.
[  456.389125][T18715] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  456.412165][T18715] team0: Port device virt_wifi0 added
[  456.448676][ T5911] usb 4-1: string descriptor 0 read error: -71
[  456.464172][ T5911] uclogic 0003:5543:004D.0050: failed retrieving string descriptor #200: -71
[  456.483956][ T5911] uclogic 0003:5543:004D.0050: failed retrieving pen parameters: -71
[  456.508962][ T5911] uclogic 0003:5543:004D.0050: failed probing pen v2 parameters: -71
[  456.528278][ T5911] uclogic 0003:5543:004D.0050: failed probing parameters: -71
[  456.538474][ T5911] uclogic 0003:5543:004D.0050: probe with driver uclogic failed with error -71
[  456.561227][ T5911] usb 4-1: USB disconnect, device number 46
[  456.821813][ T5911] kernel write not supported for file /sg0 (pid: 5911 comm: kworker/0:5)
[  457.044575][   T30] audit: type=1326 audit(1755180325.568:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18745 comm="syz.1.5883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  457.086605][   T30] audit: type=1326 audit(1755180325.578:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18745 comm="syz.1.5883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  457.108306][    C0] vkms_vblank_simulate: vblank timer overrun
[  457.157407][   T30] audit: type=1326 audit(1755180325.578:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18745 comm="syz.1.5883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  457.181746][   T30] audit: type=1326 audit(1755180325.578:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18745 comm="syz.1.5883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  457.884181][ T5911] usb 4-1: new low-speed USB device number 47 using dummy_hcd
[  457.905788][T18791] devpts: Bad value for 'max'
[  458.056040][ T5911] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  458.076916][ T5911] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  458.103175][ T5911] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 64, setting to 8
[  458.114903][ T5911] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  458.129078][ T5911] usb 4-1: New USB device found, idVendor=046d, idProduct=c70a, bcdDevice= 0.00
[  458.139698][ T5911] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.153232][ T5911] usb 4-1: config 0 descriptor??
[  458.160584][T18777] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  458.589909][ T5911] logitech-djreceiver 0003:046D:C70A.0051: hidraw0: USB HID v0.00 Device [HID 046d:c70a] on usb-dummy_hcd.3-1/input0
[  458.785083][ T5911] usb 4-1: USB disconnect, device number 47
[  459.192564][T18850] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  459.249980][T18852] macsec1: entered promiscuous mode
[  459.257978][T18852] macsec1: entered allmulticast mode
[  459.361915][T18856] program syz.7.5937 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  460.502428][T18909] netlink: 'syz.1.5963': attribute type 1 has an invalid length.
[  460.933645][ T5941] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  461.105002][ T5941] usb 2-1: New USB device found, idVendor=056e, idProduct=00e6, bcdDevice= 0.00
[  461.126336][ T5941] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.168819][ T5941] usb 2-1: config 0 descriptor??
[  461.590224][ T5941] elecom 0003:056E:00E6.0052: unknown main item tag 0x0
[  461.630450][ T5941] elecom 0003:056E:00E6.0052: unknown main item tag 0x0
[  461.650704][ T5941] elecom 0003:056E:00E6.0052: unknown main item tag 0x0
[  461.676860][ T5941] elecom 0003:056E:00E6.0052: unknown main item tag 0x0
[  461.694232][ T5941] elecom 0003:056E:00E6.0052: unknown main item tag 0x0
[  461.742842][ T5941] elecom 0003:056E:00E6.0052: hidraw0: USB HID v1.01 Device [HID 056e:00e6] on usb-dummy_hcd.1-1/input0
[  461.798935][ T5918] usb 2-1: USB disconnect, device number 52
[  463.315397][T19022] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6019'.
[  464.278268][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  464.278290][   T30] audit: type=1800 audit(1755180332.808:224): pid=19043 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.6.6031" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  464.304549][    C0] vkms_vblank_simulate: vblank timer overrun
[  464.660485][T19052] netlink: 'syz.6.6033': attribute type 3 has an invalid length.
[  464.903394][T19057] tmpfs: Cannot disable swap on remount
[  465.273869][T19063] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6039'.
[  465.282933][T19063] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6039'.
[  465.722163][T19073] RDS: rds_bind could not find a transport for ::4000:0:20:0, load rds_tcp or rds_rdma?
[  465.767831][   T30] audit: type=1326 audit(1755180334.298:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19075 comm="syz.6.6045" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbd5cb8ebe9 code=0x0
[  465.788995][    C0] vkms_vblank_simulate: vblank timer overrun
[  466.914183][ T5918] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  467.037599][T19106] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6059'.
[  467.075699][ T5918] usb 4-1: Using ep0 maxpacket: 8
[  467.087152][ T5918] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  467.109567][ T5918] usb 4-1: config 0 has no interface number 0
[  467.125092][ T5918] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  467.164542][ T5918] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  467.203565][ T5918] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  467.259003][ T5918] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  467.297803][ T5918] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  467.328596][ T5918] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.367228][ T5918] usb 4-1: config 0 descriptor??
[  467.416894][ T5918] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  467.627357][ T5918] usb 4-1: USB disconnect, device number 48
[  467.649960][ T5918] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  469.234433][ T5852] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  469.419137][ T5852] usb 4-1: config 0 interface 0 altsetting 185 endpoint 0x81 has invalid wMaxPacketSize 0
[  469.442175][ T5852] usb 4-1: config 0 interface 0 has no altsetting 0
[  469.452376][ T5852] usb 4-1: New USB device found, idVendor=05ac, idProduct=027a, bcdDevice= 0.00
[  469.464397][ T5852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.504865][ T5852] usb 4-1: config 0 descriptor??
[  469.847787][   T30] audit: type=1400 audit(1755180338.378:226): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=19166 comm="syz.6.6086" src=1 dest=20000 netif=wpan0
[  470.016384][ T5852] apple 0003:05AC:027A.0053: hidraw0: USB HID v8.00 Device [HID 05ac:027a] on usb-dummy_hcd.3-1/input0
[  470.196380][T19177] ieee802154 phy0 wpan0: encryption failed: -126
[  470.231073][ T5918] usb 4-1: USB disconnect, device number 49
[  470.654401][ T5852] usb 2-1: new full-speed USB device number 53 using dummy_hcd
[  470.847453][T19192] smc: net device bond0 erased user defined pnetid SYZ2
[  470.873988][ T5852] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  470.920270][ T5852] usb 2-1: config 0 interface 0 has no altsetting 0
[  470.959509][ T5852] usb 2-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  471.023111][ T5852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  471.082479][ T5852] usb 2-1: config 0 descriptor??
[  471.542435][ T5852] kye 0003:0458:5016.0054: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  471.662412][ T5852] kye 0003:0458:5016.0054: hidraw0: USB HID v0.0f Device [HID 0458:5016] on usb-dummy_hcd.1-1/input0
[  471.725031][ T5852] kye 0003:0458:5016.0054: tablet-enabling feature report not found
[  471.800206][ T5852] kye 0003:0458:5016.0054: tablet enabling failed
[  471.873668][ T5852] usb 2-1: USB disconnect, device number 53
[  472.668732][T19227] ieee802154 phy0 wpan0: encryption failed: -126
[  473.417780][T19245] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6122'.
[  474.028206][T19261] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6130'.
[  474.442446][   T30] audit: type=1326 audit(1755180342.968:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19270 comm="syz.3.6136" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc16478ebe9 code=0x0
[  477.909207][T19335] ip6erspan0: entered allmulticast mode
[  478.349115][T19346] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6170'.
[  478.759480][T19355] mkiss: ax0: crc mode is auto.
[  479.820572][T19375] Bluetooth: MGMT ver 1.23
[  481.501065][T19407] netlink: 'syz.3.6199': attribute type 1 has an invalid length.
[  481.884218][ T5911] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  482.064578][ T5911] usb 4-1: Using ep0 maxpacket: 32
[  482.084921][ T5911] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  482.119570][ T5911] usb 4-1: config 0 has no interface number 0
[  482.168665][ T5911] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  482.206862][ T5911] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  482.254685][ T5911] usb 4-1: Product: syz
[  482.273950][ T5911] usb 4-1: Manufacturer: syz
[  482.314641][ T5911] usb 4-1: SerialNumber: syz
[  482.342227][ T5911] usb 4-1: config 0 descriptor??
[  482.399814][ T5911] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  482.436378][ T5911] usb 4-1: selecting invalid altsetting 1
[  482.452532][ T5911] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  482.492138][ T5911] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  482.523960][ T5911] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  482.552989][ T5911] usb 4-1: media controller created
[  482.641403][ T5911] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  482.715818][ T5911] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  482.752619][ T5911] zl10353_read_register: readreg error (reg=127, ret==-71)
[  482.799424][ T5911] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  482.979105][ T5911] usb 4-1: USB disconnect, device number 50
[  484.938041][T19467] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6225'.
[  484.984124][T19467] netlink: 2 bytes leftover after parsing attributes in process `syz.7.6225'.
[  485.430364][T19476] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6229'.
[  485.617046][T19484] random: crng reseeded on system resumption
[  487.611367][T19520] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  488.225874][T19530] netlink: 212408 bytes leftover after parsing attributes in process `syz.6.6253'.
[  488.265885][T19530] net_ratelimit: 1052 callbacks suppressed
[  488.265907][T19530] netlink: zone id is out of range
[  488.320141][T19530] netlink: get zone limit has 8 unknown bytes
[  489.453733][T19548] veth0_to_bond: entered allmulticast mode
[  489.515162][ T5904] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  489.686969][ T5904] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  489.717875][ T5904] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  489.746907][ T5904] usb 4-1: config 1 has no interface number 0
[  489.766438][ T5904] usb 4-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  489.799337][ T5904] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  489.812719][ T5904] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.841582][ T5904] usb 4-1: Product: syz
[  489.847556][ T5904] usb 4-1: Manufacturer: syz
[  489.852753][ T5904] usb 4-1: SerialNumber: syz
[  489.880548][ T5904] usb 4-1: selecting invalid altsetting 1
[  490.309198][ T5904] usb 4-1: selecting invalid altsetting 1
[  490.315426][ T5904] cdc_ncm 4-1:1.1: bind() failure
[  490.502242][ T5904] usb 4-1: USB disconnect, device number 51
[  491.288613][T19580] tipc: Enabled bearer <udp:s>, priority 10
[  491.978414][T19597] gfs2: path_lookup on c:::!(>��y�o�=O-��Fm�SH_Y8y�u
[  491.978414][T19597] FãzR��#�xI�6B��YCg)�'!�A�{g�
[  491.978414][T19597] �}�m�]x���%{q��m�*��PN���~%U5J�hBoGh�N�]�.L�.`���$�
 returned error -2
[  492.294648][ T5911] tipc: Node number set to 4278255617
[  492.382390][T19605] sp0: Synchronizing with TNC
[  492.427173][T19604] [U] �
[  492.522662][T19610] netlink: 'syz.3.6290': attribute type 2 has an invalid length.
[  492.562067][T19610] netlink: 'syz.3.6290': attribute type 2 has an invalid length.
[  494.594130][T19652] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  495.374991][T19663] netlink: 277 bytes leftover after parsing attributes in process `syz.7.6317'.
[  495.781775][T19671] ipvlan2: entered promiscuous mode
[  495.816354][T19671] bridge0: port 3(ipvlan2) entered blocking state
[  495.855068][T19671] bridge0: port 3(ipvlan2) entered disabled state
[  495.889871][T19671] ipvlan2: entered allmulticast mode
[  495.907676][T19671] bridge0: entered allmulticast mode
[  495.945362][T19671] ipvlan2: left allmulticast mode
[  495.974920][T19671] bridge0: left allmulticast mode
[  497.860375][T19712] tipc: Enabled bearer <eth:ipvlan0>, priority 10
[  500.411998][T19768] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6366'.
[  500.454767][T19769] delete_channel: no stack
[  500.482942][T19766] delete_channel: no stack
[  501.190506][T19785] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6375'.
[  503.306041][T19828] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6396'.
[  503.865979][ T5852] usb 4-1: new full-speed USB device number 52 using dummy_hcd
[  504.048483][ T5852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  504.070083][ T5852] usb 4-1: New USB device found, idVendor=0b05, idProduct=17e0, bcdDevice= 0.00
[  504.093211][ T5852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.127061][ T5852] usb 4-1: config 0 descriptor??
[  504.580294][ T5852] asus 0003:0B05:17E0.0055: item fetching failed at offset 2/5
[  504.613369][ T5852] asus 0003:0B05:17E0.0055: Asus hid parse failed: -22
[  504.639358][ T5852] asus 0003:0B05:17E0.0055: probe with driver asus failed with error -22
[  504.800700][ T5852] usb 4-1: USB disconnect, device number 52
[  504.956246][T19859] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (virtio1-input.0)
[  506.556494][T19893] loop6: detected capacity change from 0 to 7
[  506.602633][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  506.611945][    C0] buffer_io_error: 6 callbacks suppressed
[  506.611961][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  506.663542][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  506.672836][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  506.686075][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  506.695386][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  506.709040][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  506.718420][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  506.746808][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  506.756151][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  506.786652][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  506.795972][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  506.810542][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  506.819825][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  506.827885][T19893] ldm_validate_partition_table(): Disk read failed.
[  506.839590][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  506.848860][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  506.858643][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  506.867930][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  506.882884][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  506.892162][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  506.909091][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  506.923568][T19893] Dev loop6: unable to read RDB block 0
[  506.965138][T19893]  loop6: unable to read partition table
[  506.994281][T19893] loop6: partition table beyond EOD, truncated
[  507.026799][T19893] loop_reread_partitions: partition scan of loop6 (�被x������() failed (rc=-5)
[  507.984426][ T5904] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  508.027922][T19922] netlink: 'syz.0.6440': attribute type 29 has an invalid length.
[  508.083202][T19923] netlink: 'syz.0.6440': attribute type 29 has an invalid length.
[  508.144569][ T5904] usb 4-1: Using ep0 maxpacket: 8
[  508.162950][ T5904] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[  508.233883][ T5904] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  508.288217][ T5904] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  508.332821][ T5904] usb 4-1: Product: syz
[  508.366557][ T5904] usb 4-1: Manufacturer: syz
[  508.395909][ T5904] usb 4-1: SerialNumber: syz
[  508.650398][ T5904] usb 4-1: Handspring Visor / Palm OS: port 0, is for unknown use
[  508.689396][ T5904] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  508.721528][ T5904] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2
[  508.851779][ T5904] usb 4-1: palm_os_3_probe - error -71 getting bytes available request
[  508.901437][ T5904] visor 4-1:1.0: Handspring Visor / Palm OS converter detected
[  508.940176][ T5904] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  509.001366][ T5904] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  509.051985][ T5904] usb 4-1: USB disconnect, device number 53
[  509.093676][ T5904] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  509.147070][ T5904] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  509.226673][ T5904] visor 4-1:1.0: device disconnected
[  510.268571][T19963] xt_hashlimit: max too large, truncated to 1048576
[  511.736243][ T5904] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  511.939304][ T5904] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  511.973446][ T5904] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.039202][ T5904] usb 4-1: config 0 descriptor??
[  512.324624][ T5852] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  512.354102][ T5904] udl 4-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  512.524266][ T5852] usb 2-1: Using ep0 maxpacket: 32
[  512.548498][ T5852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  512.567905][ T5904] [drm:udl_init] *ERROR* Selecting channel failed
[  512.616666][ T5852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  512.656419][ T5904] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  512.678203][ T5852] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  512.703387][ T5904] [drm] Initialized udl on minor 2
[  512.718298][ T5852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.737500][ T5904] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  512.768471][ T5852] usb 2-1: config 0 descriptor??
[  512.777061][ T5904] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  512.788804][ T5918] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  512.816042][ T5852] hub 2-1:0.0: USB hub found
[  512.832952][ T5918] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  512.867909][ T5904] usb 4-1: USB disconnect, device number 54
[  512.911891][ T5918] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  513.037528][ T5852] hub 2-1:0.0: 2 ports detected
[  513.459762][ T5852] usb 2-1: USB disconnect, device number 54
[  513.709903][    C1] sched: DL replenish lagged too much
[  517.069196][T20108] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6522'.
[  517.082177][T20108] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6522'.
[  517.103002][T20108] netlink: 'syz.3.6522': attribute type 14 has an invalid length.
[  517.122589][T20108] netlink: 'syz.3.6522': attribute type 11 has an invalid length.
[  517.317835][T20110] netlink: 'syz.7.6523': attribute type 1 has an invalid length.
[  517.349810][T20110] netlink: 224 bytes leftover after parsing attributes in process `syz.7.6523'.
[  518.514042][ T5904] usb 4-1: new full-speed USB device number 55 using dummy_hcd
[  518.591308][T20139] netlink: 'syz.0.6537': attribute type 2 has an invalid length.
[  518.742632][ T5904] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  518.769935][ T5904] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  518.803127][ T5904] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  518.831623][ T5904] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  518.873389][ T5904] usb 4-1: config 0 descriptor??
[  518.906089][ T5904] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  518.943724][ T5904] dvb-usb: bulk message failed: -22 (3/0)
[  518.971134][ T5904] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  519.061963][ T5904] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  519.083666][ T5904] usb 4-1: media controller created
[  519.111391][T20129] dvb-usb: bulk message failed: -22 (4/0)
[  519.120295][ T5904] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  519.149462][ T5904] dvb-usb: bulk message failed: -22 (6/0)
[  519.159122][ T5904] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  519.182074][ T5904] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input38
[  519.215887][ T5948] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  519.255598][ T5904] dvb-usb: schedule remote query interval to 150 msecs.
[  519.280869][ T5904] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  519.327010][ T5904] usb 4-1: USB disconnect, device number 55
[  519.475140][ T5904] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  519.721463][ T5948] usb 2-1: Using ep0 maxpacket: 32
[  519.861443][ T5948] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  519.881382][ T5948] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  519.910168][ T5948] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  520.196422][ T5948] usb 2-1: config 1 has no interface number 0
[  520.202625][ T5948] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  520.259428][ T5948] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  520.369085][ T5948] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  520.436199][ T5948] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  520.580244][ T5948] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  520.959232][ T5948] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[  521.444044][ T5904] usb 2-1: USB disconnect, device number 55
[  521.479386][ T5904] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  522.042618][T20213] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6572'.
[  522.864315][ T5852] usb 4-1: new low-speed USB device number 56 using dummy_hcd
[  523.095493][ T5852] usb 4-1: config index 0 descriptor too short (expected 6427, got 27)
[  523.144392][ T5852] usb 4-1: config 0 has an invalid interface number: 21 but max is 0
[  523.196440][ T5852] usb 4-1: config 0 has no interface number 0
[  523.252761][ T5852] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[  523.312620][ T5852] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  523.359837][ T5852] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  523.443868][ T5852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.524010][ T5852] usb 4-1: config 0 descriptor??
[  523.900948][T20248] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6589'.
[  524.173426][ T5852] usb 4-1: USB disconnect, device number 56
[  526.277451][T20285] sp0: Synchronizing with TNC
[  526.496117][T20289] netlink: 256 bytes leftover after parsing attributes in process `syz.7.6606'.
[  526.553778][T20289] netlink: 72 bytes leftover after parsing attributes in process `syz.7.6606'.
[  527.151443][T20299] rdma_op ffff8880310329f0 conn xmit_rdma 0000000000000000
[  529.562598][   T30] audit: type=1400 audit(1755180397.698:228): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=20336 comm="syz.7.6630" src=1 dest=20000 netif=wpan0
[  530.804364][ T5948] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  530.993674][ T5948] usb 4-1: Using ep0 maxpacket: 32
[  531.047178][ T5948] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[  531.083713][ T5948] usb 4-1: config 0 has no interface number 0
[  531.135243][ T5948] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  531.197989][ T5948] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0
[  531.256222][ T5948] usb 4-1: config 0 interface 85 has no altsetting 0
[  531.304672][ T5948] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  531.353718][ T5948] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  531.361788][ T5948] usb 4-1: Product: syz
[  531.373129][T20385] program syz.6.6652 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  531.417231][ T5948] usb 4-1: Manufacturer: syz
[  531.421908][ T5948] usb 4-1: SerialNumber: syz
[  531.491200][ T5948] usb 4-1: config 0 descriptor??
[  531.754902][ T5948] appletouch 4-1:0.85: Failed to read mode from device.
[  531.794248][ T5948] appletouch 4-1:0.85: probe with driver appletouch failed with error -5
[  532.061276][T20399] program syz.1.6659 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  532.089632][ T5948] usb 4-1: USB disconnect, device number 57
[  532.904573][T20411] dvmrp1: entered allmulticast mode
[  532.950748][T20411] dvmrp1: left allmulticast mode
[  533.954070][ T5948] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  534.123765][ T5948] usb 4-1: Using ep0 maxpacket: 16
[  534.141769][ T5948] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  534.186121][ T5948] usb 4-1: config 0 has no interface number 0
[  534.233190][ T5948] usb 4-1: config 0 interface 41 has no altsetting 0
[  534.271738][ T5948] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  534.323784][ T5948] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  534.367343][ T5948] usb 4-1: Product: syz
[  534.371586][ T5948] usb 4-1: Manufacturer: syz
[  534.414363][ T5948] usb 4-1: SerialNumber: syz
[  534.450734][ T5948] usb 4-1: config 0 descriptor??
[  534.494095][ T5948] CoreChips 4-1:0.41: probe with driver CoreChips failed with error -22
[  534.761509][ T5948] usb 4-1: USB disconnect, device number 58
[  538.913741][ T5941] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  539.102412][ T5941] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  539.147371][ T5941] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  539.191196][ T5941] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  539.253734][ T5941] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  539.331080][ T5941] usb 4-1: config 0 descriptor??
[  539.832194][ T5941] kone 0003:1E7D:2CED.0056: unknown main item tag 0x4
[  539.931910][ T5941] kone 0003:1E7D:2CED.0056: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.3-1/input0
[  540.092015][ T5941] usb 4-1: USB disconnect, device number 59
[  540.137302][T20498] sp0: Synchronizing with TNC
[  544.874232][T20576] sp0: Synchronizing with TNC
[  546.809765][T20614] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6754'.
[  548.892690][T20665] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6777'.
[  548.963813][T20665] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6777'.
[  549.134756][T20667] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  552.016513][T20727] netlink: 32 bytes leftover after parsing attributes in process `syz.6.6806'.
[  553.928595][ T3481] tipc: Resetting bearer <eth:team0>
[  554.773414][T20788] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6838'.
[  554.805962][T20790] netlink: 'syz.1.6836': attribute type 1 has an invalid length.
[  557.232338][ T5904] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  557.401203][T20844] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6864'.
[  557.630363][T20849] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6867'.
[  557.818053][ T5904] usb 4-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  557.838676][ T5904] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  557.870447][ T5904] usb 4-1: config 0 descriptor??
[  558.380348][ T5904] hackrf 4-1:0.0: Board ID: 00
[  558.399703][ T5904] hackrf 4-1:0.0: Firmware version: 
[  558.441068][ T5904] hackrf 4-1:0.0: Registered as swradio24
[  558.461350][ T5904] videodev: could not get a free minor
[  558.480910][ T5904] hackrf 4-1:0.0: Failed to register as video device (-23)
[  558.543084][ T5904] hackrf 4-1:0.0: probe with driver hackrf failed with error -23
[  558.612126][ T5904] usb 4-1: USB disconnect, device number 60
[  559.690941][T20891] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6887'.
[  560.144390][ T5941] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  560.330316][ T5941] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  560.342457][ T5941] usb 2-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  560.358851][ T5941] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.372239][ T5941] usb 2-1: config 0 descriptor??
[  560.574416][T20913] support for cryptoloop has been removed.  Use dm-crypt instead.
[  560.847650][ T5941] hid (null): usage index exceeded
[  560.888378][ T5941] itetech 0003:258A:6A88.0057: ignoring exceeding usage max
[  560.935134][ T5941] itetech 0003:258A:6A88.0057: ignoring exceeding usage max
[  560.970777][ T5941] itetech 0003:258A:6A88.0057: usage index exceeded
[  561.020437][ T5941] itetech 0003:258A:6A88.0057: item 0 0 2 2 parsing failed
[  561.061008][ T5941] itetech 0003:258A:6A88.0057: probe with driver itetech failed with error -22
[  561.136073][ T5941] usb 2-1: USB disconnect, device number 56
[  565.281050][T21000] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6937'.
[  566.071428][T21015] program syz.7.6945 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  567.844044][ T5918] usb 2-1: new full-speed USB device number 57 using dummy_hcd
[  568.016072][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  568.073238][ T5918] usb 2-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  568.137801][ T5918] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  568.254032][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  568.345417][ T5918] usb 2-1: config 0 descriptor??
[  568.385121][T21050] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  568.643201][T21073] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6974'.
[  568.844619][ T5918] belkin 0003:050D:3201.0058: unknown main item tag 0x2
[  568.877366][ T5918] belkin 0003:050D:3201.0058: unknown main item tag 0x0
[  568.994025][ T5918] belkin 0003:050D:3201.0058: hiddev0,hidraw0: USB HID v1.01 Device [HID 050d:3201] on usb-dummy_hcd.1-1/input0
[  569.082480][ T5918] usb 2-1: USB disconnect, device number 57
[  569.691563][T21088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6981'.
[  569.754805][T21088] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  569.943908][T21091] [U] �
[  570.325441][ T5850] Bluetooth: hci3: command 0x0406 tx timeout
[  570.478789][T21105] netlink: 'syz.7.6990': attribute type 1 has an invalid length.
[  570.716732][   T30] audit: type=1326 audit(1755180439.238:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21111 comm="syz.1.6993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  571.037207][   T30] audit: type=1326 audit(1755180439.238:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21111 comm="syz.1.6993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  571.058858][    C0] vkms_vblank_simulate: vblank timer overrun
[  571.161046][   T30] audit: type=1326 audit(1755180439.248:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21111 comm="syz.1.6993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  571.279821][   T30] audit: type=1326 audit(1755180439.248:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21111 comm="syz.1.6993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  571.396413][   T30] audit: type=1326 audit(1755180439.248:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21111 comm="syz.1.6993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  571.511842][   T30] audit: type=1326 audit(1755180439.278:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21111 comm="syz.1.6993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  571.589625][   T30] audit: type=1326 audit(1755180439.278:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21111 comm="syz.1.6993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  573.599272][T21169] netlink: 'syz.1.7019': attribute type 5 has an invalid length.
[  576.064790][   T30] audit: type=1326 audit(1755180444.588:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21221 comm="syz.3.7041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc16478ebe9 code=0x7ffc0000
[  576.161278][   T30] audit: type=1326 audit(1755180444.628:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21221 comm="syz.3.7041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fc16478ebe9 code=0x7ffc0000
[  576.249513][   T30] audit: type=1326 audit(1755180444.648:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21221 comm="syz.3.7041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc16478ebe9 code=0x7ffc0000
[  576.348520][   T30] audit: type=1326 audit(1755180444.648:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21221 comm="syz.3.7041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fc16478ebe9 code=0x7ffc0000
[  576.506689][   T30] audit: type=1326 audit(1755180444.658:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21221 comm="syz.3.7041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc16478ebe9 code=0x7ffc0000
[  578.074342][T21260] netlink: 47 bytes leftover after parsing attributes in process `syz.1.7060'.
[  578.810610][T21278] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7069'.
[  578.826358][T21278] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7069'.
[  579.810563][T21289] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  580.065302][T21296] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  580.849060][T21309] CIFS: Unable to determine destination address
[  582.116253][T21343] netlink: 44 bytes leftover after parsing attributes in process `syz.0.7096'.
[  582.237871][T21343] netlink: 43 bytes leftover after parsing attributes in process `syz.0.7096'.
[  582.347188][T21343] netlink: 'syz.0.7096': attribute type 6 has an invalid length.
[  582.484967][T21343] netlink: 'syz.0.7096': attribute type 5 has an invalid length.
[  582.492783][T21343] netlink: 43 bytes leftover after parsing attributes in process `syz.0.7096'.
[  583.083745][ T5911] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  583.253586][ T5911] usb 2-1: Using ep0 maxpacket: 16
[  583.264248][ T5911] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  583.287007][ T5911] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  583.314173][ T5911] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  583.351519][ T5911] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  583.412060][ T5911] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  583.460080][ T5911] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  583.507403][ T5911] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  583.558259][ T5911] usb 2-1: Manufacturer: syz
[  583.599552][ T5911] usb 2-1: config 0 descriptor??
[  584.093994][ T5911] rc_core: IR keymap rc-hauppauge not found
[  584.101396][T21381] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1340
[  584.121750][ T5911] Registered IR keymap rc-empty
[  584.141642][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.207195][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.258333][ T5911] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  584.319740][ T5911] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input41
[  584.387111][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.454322][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.494304][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.524523][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.564240][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.605461][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.666056][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.734390][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.784325][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.835362][ T5911] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  584.866714][ T5911] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  584.906439][ T5911] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  584.958953][ T5911] usb 2-1: USB disconnect, device number 58
[  586.282217][T21410] sp0: Synchronizing with TNC
[  586.338819][T21408] [U] �
[  586.680373][T21422] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7134'.
[  587.180116][T21433] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7140'.
[  587.796218][T21447] overlayfs: missing 'workdir'
[  589.361199][T21484] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7166'.
[  589.552696][T21490] Bluetooth: MGMT ver 1.23
[  589.654326][ T5911] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  589.834089][ T5911] usb 4-1: Using ep0 maxpacket: 32
[  589.842674][ T5911] usb 4-1: config 0 has an invalid interface number: 29 but max is 0
[  589.877222][T21497] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  589.877222][T21497]    program syz.0.7171 not setting count and/or reply_len properly
[  589.903534][ T5911] usb 4-1: config 0 has no interface number 0
[  589.911098][T21498] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  589.932689][ T5911] usb 4-1: config 0 interface 29 has no altsetting 0
[  589.949888][T21498] batman_adv: batadv0: Removing interface: batadv_slave_0
[  589.986361][ T5911] usb 4-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  590.027884][ T5911] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  590.069425][ T5911] usb 4-1: Product: syz
[  590.082539][ T5911] usb 4-1: Manufacturer: syz
[  590.109365][ T5911] usb 4-1: SerialNumber: syz
[  590.155703][ T5911] usb 4-1: config 0 descriptor??
[  590.166429][T21498] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  590.201186][T21498] batman_adv: batadv0: Removing interface: batadv_slave_1
[  590.525990][ T5911] peak_usb 4-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[  590.750233][ T5911] peak_usb 4-1:0.29 can0: sending command failure: -8
[  590.781056][ T5911] peak_usb 4-1:0.29 can0: sending command failure: -8
[  590.813399][ T5911] peak_usb 4-1:0.29 can0: sending command failure: -8
[  591.096143][ T5911] peak_usb 4-1:0.29: probe with driver peak_usb failed with error -8
[  591.142972][T21518] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7181'.
[  591.164148][ T5911] usb 4-1: USB disconnect, device number 61
[  591.201319][T21518] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7181'.
[  592.454364][ T5911] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  592.600656][T21551] netlink: 'syz.7.7197': attribute type 1 has an invalid length.
[  592.644403][ T5911] usb 4-1: Using ep0 maxpacket: 32
[  592.656849][ T5911] usb 4-1: config 0 interface 0 altsetting 128 endpoint 0x2 has invalid wMaxPacketSize 0
[  592.687742][ T5911] usb 4-1: config 0 interface 0 has no altsetting 0
[  592.730990][ T5911] usb 4-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  592.761640][ T5911] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  592.792321][ T5911] usb 4-1: config 0 descriptor??
[  593.228877][ T5911] corsair-cpro 0003:1B1C:0C10.0059: unknown main item tag 0x0
[  593.263644][ T5911] corsair-cpro 0003:1B1C:0C10.0059: unknown main item tag 0x0
[  593.298242][ T5911] corsair-cpro 0003:1B1C:0C10.0059: unknown main item tag 0x0
[  593.320381][ T5911] corsair-cpro 0003:1B1C:0C10.0059: unknown main item tag 0x0
[  593.350976][ T5911] corsair-cpro 0003:1B1C:0C10.0059: unknown main item tag 0x0
[  593.389182][ T5911] corsair-cpro 0003:1B1C:0C10.0059: hidraw0: USB HID v4.06 Device [HID 1b1c:0c10] on usb-dummy_hcd.3-1/input0
[  593.491578][ T5911] corsair-cpro 0003:1B1C:0C10.0059: probe with driver corsair-cpro failed with error -38
[  593.543215][ T5911] usb 4-1: USB disconnect, device number 62
[  593.581569][T21566] pimreg3: entered allmulticast mode
[  594.404632][T21582] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7212'.
[  595.413683][ T5852] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  595.619397][ T5852] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  595.646946][ T5852] usb 4-1: config 0 has no interface number 0
[  595.675327][ T5852] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  595.713513][ T5852] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  595.740002][ T5852] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[  595.761692][T21618] netlink: 256 bytes leftover after parsing attributes in process `syz.6.7230'.
[  595.776033][ T5852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.797554][T21618] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7230'.
[  595.808640][ T5852] usb 4-1: config 0 descriptor??
[  596.345310][ T5852] input: HID 04d9:a055 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:04D9:A055.005A/input/input42
[  596.528857][ T5852] holtek_kbd 0003:04D9:A055.005A: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.3-1/input1
[  596.563220][T21629] bridge0: port 1(bridge_slave_0) entered disabled state
[  596.574776][T21629] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.635421][ T5852] usb 4-1: USB disconnect, device number 63
[  597.063930][ T5904] syz_tun: tun_net_xmit 110
[  597.112308][T21632] bridge0: port 1(bridge_slave_0) entered blocking state
[  597.119640][T21632] bridge0: port 1(bridge_slave_0) entered forwarding state
[  597.239938][T21632] bridge0: port 2(bridge_slave_1) entered blocking state
[  597.247245][T21632] bridge0: port 2(bridge_slave_1) entered forwarding state
[  597.844837][ T5852] syz_tun: tun_net_xmit 110
[  598.707738][T21669] binder: Bad value for 'stats'
[  600.041588][T21694] vivid-007: disconnect
[  600.051699][T21693] vivid-007: reconnect
[  600.136940][ T5852] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  600.326259][ T5852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  600.378444][ T5852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  600.437344][ T5852] usb 2-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00
[  600.480219][ T5852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  600.508882][T21701] tmpfs: User quota inode hardlimit too large.
[  600.529024][ T5852] usb 2-1: config 0 descriptor??
[  601.175156][ T5852] razer 0003:1532:010E.005B: failed to enable macro keys: -71
[  601.241893][ T5852] razer 0003:1532:010E.005B: hidraw0: USB HID v0.00 Device [HID 1532:010e] on usb-dummy_hcd.1-1/input0
[  601.301377][ T5852] usb 2-1: USB disconnect, device number 59
[  602.319061][T21731] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  603.751186][   T30] audit: type=1800 audit(1755180472.278:241): pid=21760 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.7295" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  604.110910][T21763] syz_tun: tun_net_xmit 126
[  606.208056][T21791] bridge_slave_1: entered promiscuous mode
[  606.730379][T21805] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7318'.
[  606.784126][T21808] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7319'.
[  608.483971][ T5911] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  608.664809][ T5911] usb 2-1: Using ep0 maxpacket: 32
[  608.689052][ T5911] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  608.729223][ T5911] usb 2-1: config 0 has no interface number 0
[  608.790581][ T5911] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  608.818606][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  608.879580][ T5911] usb 2-1: Product: syz
[  608.906352][ T5911] usb 2-1: Manufacturer: syz
[  608.921394][ T5911] usb 2-1: SerialNumber: syz
[  608.952834][ T5911] usb 2-1: config 0 descriptor??
[  608.987029][ T5911] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  609.037167][ T5911] usb 2-1: selecting invalid altsetting 1
[  609.042982][ T5911] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  609.091123][ T5911] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  609.158176][ T5911] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  609.226274][ T5911] usb 2-1: media controller created
[  609.448687][ T5911] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  609.600461][T21870] nbd: socks must be embedded in a SOCK_ITEM attr
[  610.244005][T21846] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  610.324376][ T5911] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  610.360600][ T5911] zl10353_read_register: readreg error (reg=127, ret==-71)
[  610.392482][ T5911] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  610.640454][ T5911] usb 2-1: USB disconnect, device number 60
[  612.182085][T21915] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7368'.
[  613.197143][T21937] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7380'.
[  613.367607][T21941] veth1_macvtap: left promiscuous mode
[  613.803821][T21944] sp0: Synchronizing with TNC
[  613.831840][T21944] sp0: Found TNC
[  613.932363][   T30] audit: type=1326 audit(1755180482.458:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21950 comm="syz.6.7386" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbd5cb8ebe9 code=0x0
[  615.441576][T22012] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.637111][T22012] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.800446][T22012] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.973786][T22012] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.172909][T22043] program syz.3.7426 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  616.199528][T22012] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  616.291737][T22012] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  616.334236][T22050] x_tables: ip6_tables: tcp match: only valid for protocol 6
[  616.352089][T22012] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  616.401056][T22012] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  616.698995][T22068] netlink: 'syz.6.7437': attribute type 2 has an invalid length.
[  616.932083][T22077] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[  617.028891][T22080] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7443'.
[  617.049431][T22080] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7443'.
[  617.132222][T22084] vivid-000: disconnect
[  617.387926][T22093] bridge0: entered promiscuous mode
[  617.395263][T22093] macvlan2: entered promiscuous mode
[  617.545010][T22101] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7453'.
[  617.909972][T22083] vivid-000: reconnect
[  618.312084][T22130] netlink: 'syz.0.7465': attribute type 2 has an invalid length.
[  618.437695][T22134] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.7467'.
[  618.714190][T22142] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7470'.
[  618.985591][T22156] misc userio: Can't change port type on an already running userio instance
[  620.233806][ T5919] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  620.395978][ T5919] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  620.419307][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  620.458557][ T5919] usb 2-1: config 0 descriptor??
[  620.711553][ T5919] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  620.915370][ T5919] [drm:udl_init] *ERROR* Selecting channel failed
[  620.956611][ T5919] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[  620.981339][ T5919] [drm] Initialized udl on minor 2
[  620.994335][ T5919] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  621.033201][ T5919] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  621.042263][ T5941] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  621.070793][ T5941] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  621.107317][ T5919] usb 2-1: USB disconnect, device number 61
[  621.136977][ T5941] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  621.182438][T22234] netlink: 'syz.0.7511': attribute type 4 has an invalid length.
[  621.692513][T22253] Dead loop on virtual device ip6_vti0, fix it urgently!
[  621.700184][T22253] Dead loop on virtual device ip6_vti0, fix it urgently!
[  621.707744][T22253] Dead loop on virtual device ip6_vti0, fix it urgently!
[  621.715278][T22253] Dead loop on virtual device ip6_vti0, fix it urgently!
[  621.722768][T22253] Dead loop on virtual device ip6_vti0, fix it urgently!
[  621.730319][T22253] Dead loop on virtual device ip6_vti0, fix it urgently!
[  621.884352][T22259] C: renamed from team_slave_0
[  621.932628][T22259] netlink: 'syz.1.7523': attribute type 4 has an invalid length.
[  621.952263][T22259] netlink: 116 bytes leftover after parsing attributes in process `syz.1.7523'.
[  621.962638][T22259] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  622.044080][T22263] kvm: kvm [22262]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000001b)
[  622.271370][T22268] overlayfs: failed to clone lowerpath
[  622.717230][   T30] audit: type=1326 audit(1755180491.248:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22280 comm="syz.7.7533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6357f8ebe9 code=0x7fc00000
[  622.856857][T22294] program syz.3.7539 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  623.046456][T22301] tap0: tun_chr_ioctl cmd 2147767521
[  623.327730][T22313] ptrace attach of "./syz-executor exec"[22315] was attempted by "./syz-executor exec"[22313]
[  623.427804][   T30] audit: type=1326 audit(1755180491.958:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22280 comm="syz.7.7533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6357f8ebe9 code=0x7fc00000
[  623.481823][T22321] netlink: 108 bytes leftover after parsing attributes in process `syz.1.7552'.
[  623.545028][T22319] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  623.688694][T22319] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  623.797472][T22333] Dead loop on virtual device ip6_vti0, fix it urgently!
[  623.882250][T22319] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  623.982400][T22340] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7561'.
[  624.020927][T22319] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  624.160698][T22319] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  624.178403][T22345] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  624.190408][T22319] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  624.232867][T22319] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  624.306530][T22319] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  624.458520][T22356] input: syz0 as /devices/virtual/input/input44
[  624.894143][T22374] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7577'.
[  624.985318][T22376] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7578'.
[  625.015924][T22376] netlink: 'syz.0.7578': attribute type 12 has an invalid length.
[  625.043679][T22376] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7578'.
[  625.278885][T22386] can0: slcan on ttyS3.
[  625.395692][T22386] can0 (unregistered): slcan off ttyS3.
[  625.828538][   T30] audit: type=1326 audit(1755180494.358:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22397 comm="syz.0.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6ede185ba7 code=0x7ffc0000
[  625.899435][   T30] audit: type=1326 audit(1755180494.358:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22397 comm="syz.0.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6ede12add9 code=0x7ffc0000
[  625.974033][   T30] audit: type=1326 audit(1755180494.358:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22397 comm="syz.0.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6ede185ba7 code=0x7ffc0000
[  626.053574][   T30] audit: type=1326 audit(1755180494.358:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22397 comm="syz.0.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6ede12add9 code=0x7ffc0000
[  626.117821][   T30] audit: type=1326 audit(1755180494.358:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22397 comm="syz.0.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6ede185ba7 code=0x7ffc0000
[  626.170103][   T30] audit: type=1326 audit(1755180494.358:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22397 comm="syz.0.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6ede12add9 code=0x7ffc0000
[  626.227401][   T30] audit: type=1326 audit(1755180494.358:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22397 comm="syz.0.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6ede185ba7 code=0x7ffc0000
[  626.286021][   T30] audit: type=1326 audit(1755180494.358:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22397 comm="syz.0.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6ede12add9 code=0x7ffc0000
[  627.232468][T22449] vlan2: entered promiscuous mode
[  627.247549][T22449] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  627.270895][T22449] vlan2: entered allmulticast mode
[  627.276730][T22449] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  627.295513][T22449] team0: Device vlan2 is up. Set it down before adding it as a team port
[  627.462288][T22457] team_slave_0: entered promiscuous mode
[  627.468521][T22457] team_slave_1: entered promiscuous mode
[  627.474567][T22457] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  628.717758][T22493] program syz.1.7627 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  628.744133][T22492] netlink: 'syz.7.7628': attribute type 1 has an invalid length.
[  628.803523][T22492] netlink: 172 bytes leftover after parsing attributes in process `syz.7.7628'.
[  628.927243][T22500] netlink: 'syz.6.7631': attribute type 8 has an invalid length.
[  629.010639][T22503] kvm: user requested TSC rate below hardware speed
[  629.410143][T22525] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.7643'.
[  629.644471][ T5904] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  629.687198][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  629.803593][ T5941] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  629.818048][ T5904] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  629.843876][ T5904] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  629.853816][ T5904] usb 2-1: New USB device found, idVendor=1b96, idProduct=000f, bcdDevice= 0.00
[  629.862909][ T5904] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.897213][ T5904] usb 2-1: config 0 descriptor??
[  629.968388][ T5941] usb 4-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  629.988196][ T5941] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  630.013041][ T5941] usb 4-1: Product: syz
[  630.024312][ T5941] usb 4-1: Manufacturer: syz
[  630.029006][ T5941] usb 4-1: SerialNumber: syz
[  630.057858][ T5941] usb 4-1: config 0 descriptor??
[  630.276402][ T5941] usb 4-1: ignoring: probably an ADSL modem
[  630.326818][ T5904] ntrig 0003:1B96:000F.005C: unknown main item tag 0x0
[  630.339626][ T5904] ntrig 0003:1B96:000F.005C: hidraw0: USB HID v0.00 Device [HID 1b96:000f] on usb-dummy_hcd.1-1/input0
[  630.537120][ T5904] ntrig 0003:1B96:000F.005C: Firmware version: 7.15.12.55.4 (3dbf fc9e)
[  630.675914][ T5941] cxacru 4-1:0.0: usbatm_usb_probe: bind failed: -19!
[  630.748108][ T5941] usb 2-1: USB disconnect, device number 62
[  630.879034][ T5904] usb 4-1: USB disconnect, device number 64
[  631.539805][T22555] Falling back ldisc for ptm0.
[  631.596912][T22558] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7659'.
[  632.819811][T22589] mac80211_hwsim hwsim16 wlan0: entered promiscuous mode
[  632.852354][T22589] macvtap1: entered allmulticast mode
[  632.878714][T22589] mac80211_hwsim hwsim16 wlan0: entered allmulticast mode
[  632.893018][T22589] mac80211_hwsim hwsim16 wlan0: left allmulticast mode
[  632.910774][T22589] mac80211_hwsim hwsim16 wlan0: left promiscuous mode
[  633.160666][T22599] netlink: 'syz.0.7678': attribute type 25 has an invalid length.
[  633.190800][T22599] netlink: 'syz.0.7678': attribute type 8 has an invalid length.
[  633.823781][T22637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7697'.
[  636.184239][T22699] netlink: 'syz.1.7725': attribute type 1 has an invalid length.
[  636.363555][ T5941] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[  636.471259][T22711] sctp: [Deprecated]: syz.7.7731 (pid 22711) Use of struct sctp_assoc_value in delayed_ack socket option.
[  636.471259][T22711] Use struct sctp_sack_info instead
[  636.509521][T22713] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.7732'.
[  636.523649][ T5941] usb 4-1: Using ep0 maxpacket: 8
[  636.532085][ T5941] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  636.558274][ T5941] usb 4-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  636.568165][ T5941] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  636.585842][ T5941] usb 4-1: SerialNumber: syz
[  636.594524][ T5941] usb 4-1: config 0 descriptor??
[  636.605736][ T5941] usb 4-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  636.613317][ T5941] usb 4-1: Failed to create links for entity 255
[  636.620172][ T5941] usb 4-1: Failed to register entities (-22).
[  636.679876][T22718] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7734'.
[  636.814500][ T5941] usb 4-1: USB disconnect, device number 65
[  638.170790][T22786] binder: 22785:22786 ioctl c0306201 200000000640 returned -22
[  640.203575][ T5919] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  640.374473][ T5919] usb 2-1: Using ep0 maxpacket: 16
[  640.385953][ T5919] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  640.403561][ T5919] usb 2-1: config 0 has no interface number 0
[  640.413558][ T5919] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  640.433580][ T5919] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  640.452417][ T5919] usb 2-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  640.462032][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.474678][ T5919] usb 2-1: config 0 descriptor??
[  641.089778][ T5919] uclogic 0003:28BD:0071.005D: pen parameters not found
[  641.115039][ T5919] uclogic 0003:28BD:0071.005D: interface is invalid, ignoring
[  641.294982][ T5919] usb 2-1: USB disconnect, device number 63
[  641.859917][T22858] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7802'.
[  641.879418][T22858] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7802'.
[  643.075211][T22891] 8021q: adding VLAN 0 to HW filter on device batadv1
[  643.097736][T22891] team0: Port device batadv1 added
[  644.428958][T22918] netlink: 44 bytes leftover after parsing attributes in process `syz.7.7828'.
[  644.594132][T22922] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7829'.
[  644.952569][T22931] netlink: 'syz.0.7834': attribute type 49 has an invalid length.
[  648.143878][T22989] bridge_slave_0: invalid flags given to default FDB implementation
[  648.281422][T22994] team0: Device gtp0 is of different type
[  650.778075][T23064] team_slave_0: entered promiscuous mode
[  650.783906][T23064] team_slave_1: entered promiscuous mode
[  650.963215][T23068] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7893'.
[  651.413247][T23079] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7898'.
[  651.423591][T23079] netem: change failed
[  652.044058][   T24] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  652.212173][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  652.232922][   T24] usb 2-1: no configurations
[  652.248434][   T24] usb 2-1: can't read configurations, error -22
[  652.329078][T23099] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7908'.
[  652.341805][T23099] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7908'.
[  652.530684][T23103] 8021q: adding VLAN 0 to HW filter on device batadv0
[  652.565207][T23103] batadv0: entered allmulticast mode
[  652.575664][T23103] team0: Port device batadv0 added
[  653.403713][T23133] mkiss: ax0: crc mode is auto.
[  654.659259][T23174] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7945'.
[  654.869170][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  654.883109][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  654.892710][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  654.901941][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  654.911383][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  655.365022][ T1148] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  655.421509][T23188] netlink: 'syz.0.7949': attribute type 21 has an invalid length.
[  655.446756][T23188] netlink: 'syz.0.7949': attribute type 1 has an invalid length.
[  655.456151][T23188] netlink: 16098 bytes leftover after parsing attributes in process `syz.0.7949'.
[  655.558466][ T1148] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  655.750236][ T1148] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  655.887941][ T1148] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  656.523016][ T1148] tipc: Resetting bearer <eth:xfrm0>
[  656.901195][T23237] program syz.0.7980 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  656.963935][ T5159] Bluetooth: hci4: command tx timeout
[  657.035710][ T1148] tipc: Disabling bearer <eth:xfrm0>
[  657.371140][T23178] chnl_net:caif_netlink_parms(): no params data found
[  657.563176][ T1148] tipc: Disabling bearer <eth:ipvlan0>
[  657.574697][ T1148] tipc: Left network mode
[  657.638620][T23257] netlink: 'syz.6.7978': attribute type 21 has an invalid length.
[  657.652708][T23257] netlink: 'syz.6.7978': attribute type 1 has an invalid length.
[  657.661885][T23257] netlink: 16098 bytes leftover after parsing attributes in process `syz.6.7978'.
[  657.838667][T23267] syzkaller1: tun_chr_ioctl cmd 35108
[  657.907874][T23178] bridge0: port 1(bridge_slave_0) entered blocking state
[  657.919241][T23178] bridge0: port 1(bridge_slave_0) entered disabled state
[  657.927062][T23178] bridge_slave_0: entered allmulticast mode
[  657.935150][T23178] bridge_slave_0: entered promiscuous mode
[  658.059439][T23279] input: syz1 as /devices/virtual/input/input45
[  658.066333][T23178] bridge0: port 2(bridge_slave_1) entered blocking state
[  658.094228][T23178] bridge0: port 2(bridge_slave_1) entered disabled state
[  658.101565][T23178] bridge_slave_1: entered allmulticast mode
[  658.131899][T23178] bridge_slave_1: entered promiscuous mode
[  658.436325][T23178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  658.476452][T23178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  658.645007][ T1148] hsr_slave_0: left promiscuous mode
[  658.654545][ T1148] hsr_slave_1: left promiscuous mode
[  658.725722][ T1148] veth0_macvtap: left promiscuous mode
[  658.737070][ T1148] veth1_vlan: left promiscuous mode
[  658.756880][ T1148] veth0_vlan: left promiscuous mode
[  659.044996][ T5159] Bluetooth: hci4: command tx timeout
[  660.391555][T23178] team0: Port device team_slave_0 added
[  660.490622][T23178] team0: Port device team_slave_1 added
[  660.630620][T23320] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  660.680402][T23178] batman_adv: batadv0: Adding interface: batadv_slave_0
[  660.710881][T23178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  660.783089][T23178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  660.822535][T23178] batman_adv: batadv0: Adding interface: batadv_slave_1
[  660.837284][T23178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  660.863206][    C0] vkms_vblank_simulate: vblank timer overrun
[  660.877241][T23178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  660.974350][   T24] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  661.049176][T23178] hsr_slave_0: entered promiscuous mode
[  661.067983][T23178] hsr_slave_1: entered promiscuous mode
[  661.075909][T23178] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  661.085085][T23178] Cannot create hsr debugfs directory
[  661.124626][ T5159] Bluetooth: hci4: command tx timeout
[  661.146078][   T24] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  661.164239][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  661.182592][   T24] usb 2-1: Product: syz
[  661.187223][   T24] usb 2-1: Manufacturer: syz
[  661.191869][   T24] usb 2-1: SerialNumber: syz
[  661.215672][   T24] usb 2-1: config 0 descriptor??
[  661.236660][   T24] ch341 2-1:0.0: ch341-uart converter detected
[  661.350501][ T1148] IPVS: stop unused estimator thread 0...
[  661.547043][T23340] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8014'.
[  661.978188][T23178] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  662.022580][T23178] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  662.053677][T23178] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  662.056503][   T24] usb 2-1: failed to send control message: -71
[  662.073943][T23178] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  662.079250][   T24] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  662.109017][   T24] usb 2-1: USB disconnect, device number 66
[  662.120290][   T24] ch341 2-1:0.0: device disconnected
[  662.360918][T23178] 8021q: adding VLAN 0 to HW filter on device bond0
[  662.409733][T23178] 8021q: adding VLAN 0 to HW filter on device team0
[  662.429735][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  662.436983][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  662.476092][ T3481] bridge0: port 2(bridge_slave_1) entered blocking state
[  662.483376][ T3481] bridge0: port 2(bridge_slave_1) entered forwarding state
[  662.858049][T23374] block nbd3: server does not support multiple connections per device.
[  662.893314][T23374] block nbd3: shutting down sockets
[  663.095508][T23178] 8021q: adding VLAN 0 to HW filter on device batadv0
[  663.204666][ T5159] Bluetooth: hci4: command tx timeout
[  663.795222][T23178] veth0_vlan: entered promiscuous mode
[  663.823981][T23178] veth1_vlan: entered promiscuous mode
[  663.910211][T23178] veth0_macvtap: entered promiscuous mode
[  663.950211][T23178] veth1_macvtap: entered promiscuous mode
[  663.996153][T23178] batman_adv: batadv0: Interface activated: batadv_slave_0
[  664.017599][T23178] batman_adv: batadv0: Interface activated: batadv_slave_1
[  664.070958][T23178] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  664.102450][T23178] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  664.123892][T23178] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  664.144182][T23178] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  664.326452][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  664.365840][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  664.463715][ T1169] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  664.471838][ T1169] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  664.681553][T23443] netlink: 28 bytes leftover after parsing attributes in process `syz.8.7933'.
[  664.715311][T23443] netem: change failed
[  664.721372][T23445] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  665.729863][ T5918] kernel write not supported for file bpf-prog (pid: 5918 comm: kworker/0:6)
[  666.553812][T23502] netlink: 'syz.8.8078': attribute type 1 has an invalid length.
[  666.575962][T23502] netlink: 72 bytes leftover after parsing attributes in process `syz.8.8078'.
[  666.619766][T23502] netlink: 97 bytes leftover after parsing attributes in process `syz.8.8078'.
[  666.983256][T23525] netlink: 'syz.8.8091': attribute type 49 has an invalid length.
[  667.445387][ T5852] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  667.483791][T23540] netlink: 104 bytes leftover after parsing attributes in process `syz.7.8098'.
[  667.645389][ T5852] usb 9-1: Using ep0 maxpacket: 8
[  667.660104][ T5852] usb 9-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  667.680137][ T5852] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  667.702892][T23548] sp0: Synchronizing with TNC
[  667.711685][T23547] [U] �``
[  667.722776][ T5852] usb 9-1: Product: syz
[  667.735141][ T5852] usb 9-1: Manufacturer: syz
[  667.841692][ T5852] usb 9-1: SerialNumber: syz
[  667.859192][ T5852] usb 9-1: config 0 descriptor??
[  667.883560][ T5852] gspca_main: se401-2.14.0 probing 047d:5003
[  668.481490][ T5852] input: se401 as /devices/platform/dummy_hcd.8/usb9/9-1/input/input46
[  668.702470][   T24] usb 9-1: USB disconnect, device number 2
[  668.914025][   T24] kernel write not supported for file bpf-map (pid: 24 comm: kworker/1:0)
[  669.963313][T23611] netlink: 'syz.0.8127': attribute type 1 has an invalid length.
[  669.995681][T23611] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8127'.
[  670.009660][T23612] tun0: tun_chr_ioctl cmd 1074025694
[  670.170911][T23616] program syz.0.8131 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  670.251773][T23620] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8133'.
[  670.333440][T23626] @: renamed from vlan0 (while UP)
[  670.416601][ T5852] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  670.596016][ T5852] usb 2-1: Using ep0 maxpacket: 8
[  670.614752][ T5852] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  670.637098][ T5852] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  670.650114][ T5852] usb 2-1: Product: syz
[  670.654440][ T5852] usb 2-1: Manufacturer: syz
[  670.659891][ T5852] usb 2-1: SerialNumber: syz
[  670.668937][ T5852] usb 2-1: config 0 descriptor??
[  670.689741][ T5852] gspca_main: se401-2.14.0 probing 047d:5003
[  670.865496][T23648] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  670.873978][T23648] batadv_slave_1: entered promiscuous mode
[  670.887695][T23648] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8146'.
[  671.102278][ T5852] gspca_se401: ExtraFeatures: 24
[  671.311180][ T5852] input: se401 as /devices/platform/dummy_hcd.1/usb2/2-1/input/input47
[  671.341779][ T5852] usb 2-1: USB disconnect, device number 67
[  671.497224][T23668] vcan0: tx drop: invalid sa for name 0x0000000000000003
[  671.663937][T23676] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  672.473393][T23703] ipvlan3: entered promiscuous mode
[  672.478912][T23703] ipvlan3: entered allmulticast mode
[  672.484375][T23703] hsr0: entered allmulticast mode
[  672.491515][T23703] hsr_slave_0: entered allmulticast mode
[  672.503201][T23703] hsr_slave_1: entered allmulticast mode
[  672.555709][ T5919] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  672.727593][ T5919] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  672.752488][ T5919] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  672.792643][ T5919] usb 9-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[  672.814564][ T5919] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  672.848472][ T5919] usb 9-1: config 0 descriptor??
[  673.283221][ T5919] hid-led 0003:1294:1320.005E: item fetching failed at offset 0/3
[  673.302263][ T5919] hid-led 0003:1294:1320.005E: probe with driver hid-led failed with error -22
[  673.321023][T23720] input: syz0 as /devices/virtual/input/input48
[  673.486131][ T5919] usb 9-1: USB disconnect, device number 3
[  673.952661][T23732] tun0: tun_chr_ioctl cmd 1074025694
[  674.152780][T23740] netlink: 'syz.8.8189': attribute type 12 has an invalid length.
[  675.553020][   T30] kauditd_printk_skb: 53 callbacks suppressed
[  675.553042][   T30] audit: type=1326 audit(1755182848.087:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23794 comm="syz.1.8217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  675.670516][T23797] tap0: tun_chr_ioctl cmd 1074025675
[  675.676005][   T30] audit: type=1326 audit(1755182848.127:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23794 comm="syz.1.8217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  675.676065][   T30] audit: type=1326 audit(1755182848.137:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23794 comm="syz.1.8217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  675.778909][   T30] audit: type=1326 audit(1755182848.137:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23794 comm="syz.1.8217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  675.795945][T23797] tap0: persist disabled
[  675.824750][   T30] audit: type=1326 audit(1755182848.137:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23794 comm="syz.1.8217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa4c2385ba7 code=0x7ffc0000
[  675.857527][   T30] audit: type=1326 audit(1755182848.137:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23794 comm="syz.1.8217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa4c232add9 code=0x7ffc0000
[  675.916647][   T30] audit: type=1326 audit(1755182848.137:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23794 comm="syz.1.8217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  675.953419][   T30] audit: type=1326 audit(1755182848.137:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23794 comm="syz.1.8217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa4c2385ba7 code=0x7ffc0000
[  676.026536][   T30] audit: type=1326 audit(1755182848.137:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23794 comm="syz.1.8217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa4c232add9 code=0x7ffc0000
[  676.067101][   T30] audit: type=1326 audit(1755182848.137:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23794 comm="syz.1.8217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c238ebe9 code=0x7ffc0000
[  676.438112][ T5852] usb 2-1: new full-speed USB device number 68 using dummy_hcd
[  676.624860][ T5852] usb 2-1: unable to read config index 0 descriptor/start: -71
[  676.647643][ T5852] usb 2-1: can't read configurations, error -71
[  676.814071][T23841] netlink: 'syz.7.8237': attribute type 6 has an invalid length.
[  677.114542][T23853] sch_fq: defrate 0 ignored.
[  679.069515][T23913] netlink: 52 bytes leftover after parsing attributes in process `syz.1.8268'.
[  679.470943][T23930] hsr0: entered promiscuous mode
[  679.480391][T23930] macvtap1: entered promiscuous mode
[  679.485896][T23930] macvtap1: entered allmulticast mode
[  679.491530][T23930] hsr0: entered allmulticast mode
[  679.497350][T23930] hsr_slave_0: entered allmulticast mode
[  679.503141][T23930] hsr_slave_1: entered allmulticast mode
[  679.511745][T23930] hsr0: left allmulticast mode
[  679.517086][T23930] hsr_slave_0: left allmulticast mode
[  679.522715][T23930] hsr_slave_1: left allmulticast mode
[  680.977741][T23975] kvm: apic: phys broadcast and lowest prio
[  681.175400][T23981] cgroup: fork rejected by pids controller in /syz8
[  681.582483][   T24] kernel read not supported for file /usbmon9 (pid: 24 comm: kworker/1:0)
[  681.637647][   T49] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  681.753239][   T49] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  681.841667][   T49] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  682.052742][   T49] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  682.124941][T24000] netlink: 16 bytes leftover after parsing attributes in process `syz.6.8311'.
[  682.147698][T24000] netlink: 16 bytes leftover after parsing attributes in process `syz.6.8311'.
[  682.422181][   T49] bridge_slave_1: left allmulticast mode
[  682.432479][   T49] bridge_slave_1: left promiscuous mode
[  682.456221][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.481246][   T49] bridge_slave_0: left allmulticast mode
[  682.499307][   T49] bridge_slave_0: left promiscuous mode
[  682.515197][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  682.567774][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  682.582117][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  682.597323][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  682.610730][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  682.619508][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  682.970102][T24027] netlink: 212376 bytes leftover after parsing attributes in process `syz.6.8321'.
[  683.312954][T24035] netlink: 1 bytes leftover after parsing attributes in process `syz.7.8324'.
[  683.946518][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  683.964539][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  683.985301][T24059] futex_wake_op: syz.0.8336 tries to shift op by -1; fix this program
[  683.998559][   T49] bond0 (unregistering): Released all slaves
[  684.577097][ T5911] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  684.648517][ T5159] Bluetooth: hci4: command tx timeout
[  684.690459][T24084] openvswitch: netlink: Tunnel attr 16 has unexpected len 12 expected 0
[  684.704778][   T49] hsr_slave_0: left promiscuous mode
[  684.705126][T24084] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  684.720649][   T49] hsr_slave_1: left promiscuous mode
[  684.740373][ T5911] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  684.751044][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  684.758748][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  684.767923][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  684.775288][ T5911] usb 2-1: Product: syz
[  684.781003][ T5911] usb 2-1: Manufacturer: syz
[  684.785665][ T5911] usb 2-1: SerialNumber: syz
[  684.791985][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  684.799746][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  684.811943][ T5911] usb 2-1: config 0 descriptor??
[  684.859265][   T49] veth1_macvtap: left promiscuous mode
[  684.864893][   T49] veth0_macvtap: left promiscuous mode
[  684.883754][   T49] veth1_vlan: left promiscuous mode
[  684.889335][   T49] veth0_vlan: left promiscuous mode
[  685.035343][ T5911] usb 2-1: USB disconnect, device number 70
[  685.545969][   T49] team0 (unregistering): Port device team_slave_1 removed
[  685.624071][   T49] team0 (unregistering): Port device team_slave_0 removed
[  686.390728][T24012] chnl_net:caif_netlink_parms(): no params data found
[  686.674394][T24012] bridge0: port 1(bridge_slave_0) entered blocking state
[  686.690088][T24012] bridge0: port 1(bridge_slave_0) entered disabled state
[  686.700634][T24012] bridge_slave_0: entered allmulticast mode
[  686.714722][T24012] bridge_slave_0: entered promiscuous mode
[  686.736741][T24012] bridge0: port 2(bridge_slave_1) entered blocking state
[  686.745010][ T5159] Bluetooth: hci4: command tx timeout
[  686.758557][T24012] bridge0: port 2(bridge_slave_1) entered disabled state
[  686.766434][T24012] bridge_slave_1: entered allmulticast mode
[  686.799203][T24012] bridge_slave_1: entered promiscuous mode
[  686.951005][T24012] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  686.985500][T24012] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  687.091533][T24012] team0: Port device team_slave_0 added
[  687.114095][T24012] team0: Port device team_slave_1 added
[  687.192190][T24012] batman_adv: batadv0: Adding interface: batadv_slave_0
[  687.199854][T24012] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  687.230072][T24012] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  687.268133][T24012] batman_adv: batadv0: Adding interface: batadv_slave_1
[  687.284499][T24012] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  687.313870][T24012] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  687.403731][T24012] hsr_slave_0: entered promiscuous mode
[  687.412416][T24012] hsr_slave_1: entered promiscuous mode
[  687.420516][T24012] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  687.428959][T24012] Cannot create hsr debugfs directory
[  687.692612][T24136] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8370'.
[  687.767819][T24138] netlink: 36 bytes leftover after parsing attributes in process `syz.7.8369'.
[  687.777072][T24138] netlink: 'syz.7.8369': attribute type 10 has an invalid length.
[  688.146624][T24012] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  688.166483][T24012] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  688.178586][T24012] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  688.193457][T24012] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  688.293310][T24012] 8021q: adding VLAN 0 to HW filter on device bond0
[  688.315887][T24012] 8021q: adding VLAN 0 to HW filter on device team0
[  688.331685][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  688.338907][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  688.359097][T23300] bridge0: port 2(bridge_slave_1) entered blocking state
[  688.366275][T23300] bridge0: port 2(bridge_slave_1) entered forwarding state
[  688.658366][T24163] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8377'.
[  688.667836][T24012] 8021q: adding VLAN 0 to HW filter on device batadv0
[  688.810310][ T5159] Bluetooth: hci4: command tx timeout
[  689.207368][T24012] veth0_vlan: entered promiscuous mode
[  689.230331][T24012] veth1_vlan: entered promiscuous mode
[  689.274588][T24012] veth0_macvtap: entered promiscuous mode
[  689.286732][T24012] veth1_macvtap: entered promiscuous mode
[  689.326292][T24012] batman_adv: batadv0: Interface activated: batadv_slave_0
[  689.346844][T24012] batman_adv: batadv0: Interface activated: batadv_slave_1
[  689.374491][T24012] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  689.385349][T24012] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  689.401949][T24012] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  689.414089][T24012] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  689.536423][ T3558] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  689.546501][ T3558] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  689.590549][ T1148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  689.605323][ T1148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  690.859328][T24229] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8405'.
[  690.903677][ T5159] Bluetooth: hci4: command tx timeout
[  691.134208][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  692.390366][T24283] batman_adv: batadv0: Adding interface: dummy0
[  692.396701][T24283] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  692.444557][T24283] batman_adv: batadv0: Interface activated: dummy0
[  692.679848][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  692.689245][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  693.480689][T24329] syz_tun: tun_net_xmit 1510
[  693.497615][T24329] syz_tun: tun_net_xmit 1510
[  693.532982][T24329] syz_tun: tun_net_xmit 1510
[  693.537739][T24329] syz_tun: tun_net_xmit 1510
[  693.549668][T24329] syz_tun: tun_net_xmit 1510
[  693.554500][T24329] syz_tun: tun_net_xmit 1510
[  693.563423][T24329] syz_tun: tun_net_xmit 1510
[  693.570578][T24329] syz_tun: tun_net_xmit 1510
[  693.575386][T24329] syz_tun: tun_net_xmit 1510
[  693.596431][T24329] syz_tun: tun_net_xmit 1510
[  693.602213][T24329] syz_tun: tun_net_xmit 1510
[  693.617004][T24329] syz_tun: tun_net_xmit 1510
[  693.624728][T24329] syz_tun: tun_net_xmit 1510
[  693.634827][T24329] syz_tun: tun_net_xmit 1510
[  693.640967][T24329] syz_tun: tun_net_xmit 1510
[  693.645794][T24329] syz_tun: tun_net_xmit 1510
[  693.672824][T24329] syz_tun: tun_net_xmit 1510
[  693.677759][T24329] syz_tun: tun_net_xmit 1510
[  693.685826][T24329] syz_tun: tun_net_xmit 1510
[  693.713135][T24329] syz_tun: tun_net_xmit 1510
[  693.717896][T24329] syz_tun: tun_net_xmit 1510
[  693.732923][T24329] syz_tun: tun_net_xmit 1510
[  693.737707][T24329] syz_tun: tun_net_xmit 1510
[  693.778333][T24329] syz_tun: tun_net_xmit 1510
[  693.783089][T24329] syz_tun: tun_net_xmit 1510
[  693.787796][T24329] syz_tun: tun_net_xmit 1510
[  693.838140][T24329] syz_tun: tun_net_xmit 1510
[  693.843879][T24329] syz_tun: tun_net_xmit 1510
[  693.878612][T24329] syz_tun: tun_net_xmit 1510
[  693.908581][T24329] syz_tun: tun_net_xmit 1510
[  693.913364][T24329] syz_tun: tun_net_xmit 1510
[  693.924453][T24329] syz_tun: tun_net_xmit 1510
[  693.932476][T24329] syz_tun: tun_net_xmit 1510
[  693.938788][T24329] syz_tun: tun_net_xmit 1510
[  693.943551][T24329] syz_tun: tun_net_xmit 1510
[  693.951542][T24329] syz_tun: tun_net_xmit 1510
[  693.956398][T24329] syz_tun: tun_net_xmit 1510
[  693.961454][T24329] syz_tun: tun_net_xmit 1510
[  693.966517][T24329] syz_tun: tun_net_xmit 1510
[  693.972547][T24329] syz_tun: tun_net_xmit 1510
[  693.977337][T24329] syz_tun: tun_net_xmit 1510
[  693.982266][T24329] syz_tun: tun_net_xmit 1510
[  693.986978][T24329] syz_tun: tun_net_xmit 1510
[  693.991839][T24329] syz_tun: tun_net_xmit 1510
[  693.997175][T24329] syz_tun: tun_net_xmit 1133
[  694.176883][T23300] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.301169][T23300] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.390425][T23300] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.482752][T23300] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.827404][T23300] bridge_slave_1: left allmulticast mode
[  694.840191][T23300] bridge_slave_1: left promiscuous mode
[  694.846590][T23300] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.872982][T23300] bridge_slave_0: left allmulticast mode
[  694.887327][T23300] bridge0: port 1(bridge_slave_0) entered disabled state
[  695.048028][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  695.072774][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  695.094159][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  695.103887][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  695.113381][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  695.118381][   T24] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  695.336000][   T24] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  695.348009][   T24] usb 9-1: config 0 interface 0 has no altsetting 0
[  695.369534][   T24] usb 9-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  695.385405][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  695.412679][   T24] usb 9-1: Product: syz
[  695.423017][   T24] usb 9-1: Manufacturer: syz
[  695.427880][   T24] usb 9-1: SerialNumber: syz
[  695.455289][   T24] usb 9-1: config 0 descriptor??
[  695.474793][   T24] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  695.504684][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  695.521860][   T24] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  695.536345][T24371] hfsplus: unable to find HFS+ superblock
[  695.548364][   T24] usb 9-1: media controller created
[  695.593904][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  695.750902][   T24] DVB: Unable to find symbol tda10046_attach()
[  695.757169][   T24] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  695.799436][   T24] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  695.973859][T23300] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  695.991350][T23300] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  696.012409][T23300] bond0 (unregistering): Released all slaves
[  696.013934][T24382] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8476'.
[  696.040371][   T24] dvb_usb_m920x 9-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  696.058072][   T24] usb 9-1: USB disconnect, device number 4
[  696.147879][T24382] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8476'.
[  696.221875][T23300] : left promiscuous mode
[  696.364424][T23300] tipc: Disabling bearer <udp:syz2>
[  696.385603][T23300] tipc: Left network mode
[  696.390228][T24390] netlink: 'syz.1.8478': attribute type 7 has an invalid length.
[  696.937832][T24360] chnl_net:caif_netlink_parms(): no params data found
[  697.205901][T23300] hsr_slave_0: left promiscuous mode
[  697.213031][T23300] hsr_slave_1: left promiscuous mode
[  697.218687][ T5850] Bluetooth: hci2: command tx timeout
[  697.239013][T23300] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  697.246730][T23300] batman_adv: batadv0: Removing interface: batadv_slave_0
[  697.258981][T23300] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  697.266514][T23300] batman_adv: batadv0: Removing interface: batadv_slave_1
[  697.311502][T23300] team_slave_0: left promiscuous mode
[  697.317673][T23300] team_slave_1: left promiscuous mode
[  697.323610][T23300] net veth1_virt_wifi virt_wifi0: left promiscuous mode
[  697.333494][T23300] veth0_macvtap: left promiscuous mode
[  697.339406][T23300] veth1_vlan: left promiscuous mode
[  697.542793][T23300] pimreg3 (unregistering): left allmulticast mode
[  697.916034][T23300] team0 (unregistering): Port device vlan0 removed
[  698.037283][T23300] team0 (unregistering): Port device virt_wifi0 removed
[  698.357650][T23300] team0 (unregistering): Port device team_slave_1 removed
[  698.424102][T23300] team0 (unregistering): Port device team_slave_0 removed
[  699.288897][ T5850] Bluetooth: hci2: command tx timeout
[  699.315680][T24360] bridge0: port 1(bridge_slave_0) entered blocking state
[  699.349105][T24360] bridge0: port 1(bridge_slave_0) entered disabled state
[  699.356534][T24360] bridge_slave_0: entered allmulticast mode
[  699.402750][T24360] bridge_slave_0: entered promiscuous mode
[  699.431905][T24360] bridge0: port 2(bridge_slave_1) entered blocking state
[  699.461362][T24360] bridge0: port 2(bridge_slave_1) entered disabled state
[  699.471685][T24360] bridge_slave_1: entered allmulticast mode
[  699.504521][T24360] bridge_slave_1: entered promiscuous mode
[  699.737259][T24360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  699.795204][T24458] vxcan3: entered allmulticast mode
[  699.865537][T24360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  700.046567][T24360] team0: Port device team_slave_0 added
[  700.086462][T23300] IPVS: stop unused estimator thread 0...
[  700.113198][T24360] team0: Port device team_slave_1 added
[  700.231658][T24360] batman_adv: batadv0: Adding interface: batadv_slave_0
[  700.257283][T24360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  700.325699][T24360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  700.345572][T24360] batman_adv: batadv0: Adding interface: batadv_slave_1
[  700.354018][T24360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  700.418940][T24360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  700.496318][T24486] netlink: 16 bytes leftover after parsing attributes in process `syz.8.8519'.
[  700.626250][T24360] hsr_slave_0: entered promiscuous mode
[  700.650326][T24360] hsr_slave_1: entered promiscuous mode
[  700.657098][T24360] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  700.683666][T24360] Cannot create hsr debugfs directory
[  700.746587][T24496] netlink: 'syz.7.8523': attribute type 1 has an invalid length.
[  700.762458][T24496] netlink: 144 bytes leftover after parsing attributes in process `syz.7.8523'.
[  700.774053][T24496] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8523'.
[  701.209970][T24360] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  701.231560][T24360] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  701.248413][T24360] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  701.269752][T24360] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  701.372236][ T5159] Bluetooth: hci2: command tx timeout
[  701.512389][T24360] 8021q: adding VLAN 0 to HW filter on device bond0
[  701.539753][T24360] 8021q: adding VLAN 0 to HW filter on device team0
[  701.560368][ T3558] bridge0: port 1(bridge_slave_0) entered blocking state
[  701.567663][ T3558] bridge0: port 1(bridge_slave_0) entered forwarding state
[  701.593729][ T3558] bridge0: port 2(bridge_slave_1) entered blocking state
[  701.601186][ T3558] bridge0: port 2(bridge_slave_1) entered forwarding state
[  701.938322][T24360] 8021q: adding VLAN 0 to HW filter on device batadv0
[  702.030275][T24531] bridge0: entered promiscuous mode
[  702.036359][T24531] macvtap1: entered allmulticast mode
[  702.048048][T24531] bridge0: entered allmulticast mode
[  702.058051][T24531] bridge0: port 3(macvtap1) entered blocking state
[  702.068468][T24531] bridge0: port 3(macvtap1) entered disabled state
[  702.085491][T24531] bridge0: left allmulticast mode
[  702.092406][T24531] bridge0: left promiscuous mode
[  702.518939][T24360] veth0_vlan: entered promiscuous mode
[  702.549701][T24360] veth1_vlan: entered promiscuous mode
[  702.585299][T24360] veth0_macvtap: entered promiscuous mode
[  702.613786][T24360] veth1_macvtap: entered promiscuous mode
[  702.656357][T24360] batman_adv: batadv0: Interface activated: batadv_slave_0
[  702.694350][T24360] batman_adv: batadv0: Interface activated: batadv_slave_1
[  702.706651][T24360] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  702.716938][T24360] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  702.730633][T24360] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  702.739808][T24360] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  702.917213][T23300] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  702.929622][T23300] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  702.969521][ T5850] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  702.970536][ T5159] Bluetooth: hci5: command 0x1003 tx timeout
[  703.046303][ T3558] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  703.059954][ T3558] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  703.451519][ T5850] Bluetooth: hci2: command tx timeout
[  703.507955][T24576] kvm: kvm [24574]: vcpu10, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010004) = 0x1
[  704.011622][T24605] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8563'.
[  704.030884][T24605] netlink: 26 bytes leftover after parsing attributes in process `syz.0.8563'.
[  704.179384][T24384] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  704.262535][T24619] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  704.283910][T24619] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8567'.
[  704.346271][T24384] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  704.372310][T24384] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  704.429870][T24384] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  704.454823][T24384] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  704.483442][T24602] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  704.506709][T24384] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  704.776597][T24384] usb 2-1: USB disconnect, device number 71
[  705.014863][T24670] hsr0: entered promiscuous mode
[  705.029842][T24670] macvtap1: entered promiscuous mode
[  705.049923][T24670] macvtap1: entered allmulticast mode
[  705.058008][T24670] hsr0: entered allmulticast mode
[  705.084094][T24670] hsr_slave_0: entered allmulticast mode
[  705.094246][T24670] hsr_slave_1: entered allmulticast mode
[  705.138536][T24670] hsr0: left allmulticast mode
[  705.144069][T24670] hsr_slave_0: left allmulticast mode
[  705.162760][T24670] hsr_slave_1: left allmulticast mode
[  705.680041][T24690] netlink: 40 bytes leftover after parsing attributes in process `syz.7.8585'.
[  705.697564][   T30] audit: type=1326 audit(1755183646.224:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24692 comm="syz.1.8587" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa4c238ebe9 code=0x0
[  705.969067][   T30] audit: type=1326 audit(1755183646.494:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24705 comm="syz.9.8591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86898ebe9 code=0x7ffc0000
[  706.063077][   T30] audit: type=1326 audit(1755183646.524:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24705 comm="syz.9.8591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86898ebe9 code=0x7ffc0000
[  706.114374][   T30] audit: type=1326 audit(1755183646.524:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24705 comm="syz.9.8591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff86898ebe9 code=0x7ffc0000
[  706.151052][   T30] audit: type=1326 audit(1755183646.524:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24705 comm="syz.9.8591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86898ebe9 code=0x7ffc0000
[  706.213520][   T30] audit: type=1326 audit(1755183646.524:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24705 comm="syz.9.8591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86898ebe9 code=0x7ffc0000
[  706.276995][   T30] audit: type=1326 audit(1755183646.524:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24705 comm="syz.9.8591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff86898ebe9 code=0x7ffc0000
[  706.325495][   T30] audit: type=1326 audit(1755183646.524:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24705 comm="syz.9.8591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86898ebe9 code=0x7ffc0000
[  706.349397][   T30] audit: type=1326 audit(1755183646.524:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24705 comm="syz.9.8591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86898ebe9 code=0x7ffc0000
[  706.374532][   T30] audit: type=1326 audit(1755183646.524:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24705 comm="syz.9.8591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7ff86898ebe9 code=0x7ffc0000
[  706.405915][ T5918] kernel read not supported for file /usbmon9 (pid: 5918 comm: kworker/0:6)
[  706.802402][T24726] program syz.8.8599 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  707.470191][T24384] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  707.630213][T24384] usb 9-1: Using ep0 maxpacket: 32
[  707.637213][T24384] usb 9-1: config 0 has an invalid interface number: 51 but max is 0
[  707.646087][T24384] usb 9-1: config 0 has no interface number 0
[  707.659284][T24384] usb 9-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  707.668697][T24384] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  707.677178][T24384] usb 9-1: Product: syz
[  707.692618][T24384] usb 9-1: Manufacturer: syz
[  707.697286][T24384] usb 9-1: SerialNumber: syz
[  707.712691][T24384] usb 9-1: config 0 descriptor??
[  707.721815][T24384] quatech2 9-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  707.821378][T24748] macvtap1: entered allmulticast mode
[  707.827891][T24748] bridge0: entered allmulticast mode
[  707.835779][T24748] bridge0: port 1(macvtap1) entered blocking state
[  707.842793][T24748] bridge0: port 1(macvtap1) entered disabled state
[  707.866215][T24748] bridge0: left allmulticast mode
[  707.931933][T24384] usb 9-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  707.946523][T24384] usb 9-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  708.346611][    C1] usb 9-1: qt2_read_bulk_callback - non-zero urb status: -71
[  708.347332][ T5918] usb 9-1: USB disconnect, device number 5
[  708.372957][ T5918] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  708.393861][ T5918] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  708.406046][ T5918] quatech2 9-1:0.51: device disconnected
[  709.001385][T24760] block nbd8: not configured, cannot reconfigure
[  709.104311][T24764] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.8615'.
[  709.177069][T24768] openvswitch: netlink: Tunnel attr 16 has unexpected len 12 expected 0
[  709.186121][T24768] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  709.221970][T24770] futex_wake_op: syz.1.8618 tries to shift op by -1; fix this program
[  710.477572][T24809] tipc: New replicast peer: 255.255.255.255
[  710.501802][T24809] tipc: Enabled bearer <udp:syz2>, priority 0
[  710.523061][T24809] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8635'.
[  710.600184][ T5904] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  710.662925][T24816] dummy0: entered promiscuous mode
[  710.683169][T24815] dummy0: left promiscuous mode
[  710.797852][ T5904] usb 9-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  710.813378][ T5904] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  710.824586][ T5904] usb 9-1: Product: syz
[  710.828814][ T5904] usb 9-1: Manufacturer: syz
[  710.838044][ T5904] usb 9-1: SerialNumber: syz
[  710.849800][ T5904] usb 9-1: config 0 descriptor??
[  710.975634][T24823] netlink: 20 bytes leftover after parsing attributes in process `syz.7.8642'.
[  711.093629][   T24] usb 9-1: USB disconnect, device number 6
[  711.251389][T24832] netlink: 104 bytes leftover after parsing attributes in process `syz.1.8646'.
[  711.580926][T24843] tipc: Started in network mode
[  711.585938][T24843] tipc: Node identity ac14140f, cluster identity 4711
[  711.597198][T24844] bpf: Bad value for 'uid'
[  711.606092][T24843] tipc: New replicast peer: 255.255.255.255
[  711.621098][T24843] tipc: Enabled bearer <udp:syz2>, priority 0
[  711.771279][T24846] netlink: 12 bytes leftover after parsing attributes in process `syz.9.8649'.
[  712.162615][T24854] netlink: 1 bytes leftover after parsing attributes in process `syz.8.8654'.
[  712.527543][T24864] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8669'.
[  712.611256][   T24] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  712.740472][ T5918] tipc: Node number set to 2886997007
[  713.491106][T24590] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  713.611137][   T24] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  713.712727][T24896] netlink: 'syz.8.8674': attribute type 83 has an invalid length.
[  714.573583][ T3481] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  714.614113][ T3481] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  715.185823][T24933] 
[  715.188214][T24933] =====================================================
[  715.195153][T24933] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[  715.202626][T24933] 6.16.0-syzkaller #0 Not tainted
[  715.207658][T24933] -----------------------------------------------------
[  715.214605][T24933] syz.1.8691/24933 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  715.222333][T24933] ffff888027136aa0 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370
[  715.230989][T24933] 
[  715.230989][T24933] and this task is already holding:
[  715.238356][T24933] ffff888034fe6210 (&new->fa_lock){...-}-{3:3}, at: kill_fasync+0x199/0x4d0
[  715.247119][T24933] which would create a new lock dependency:
[  715.253106][T24933]  (&new->fa_lock){...-}-{3:3} -> (&f_owner->lock){....}-{3:3}
[  715.260730][T24933] 
[  715.260730][T24933] but this new dependency connects a SOFTIRQ-irq-safe lock:
[  715.270186][T24933]  (&dev->event_lock#2){..-.}-{3:3}
[  715.270223][T24933] 
[  715.270223][T24933] ... which became SOFTIRQ-irq-safe at:
[  715.283125][T24933]   lock_acquire+0x120/0x360
[  715.287731][T24933]   _raw_spin_lock_irqsave+0xa7/0xf0
[  715.293042][T24933]   input_inject_event+0xab/0x320
[  715.298262][T24933]   led_trigger_event+0x138/0x210
[  715.303307][T24933]   kbd_bh+0x1c6/0x2e0
[  715.307389][T24933]   tasklet_action_common+0x369/0x580
[  715.312787][T24933]   handle_softirqs+0x283/0x870
[  715.317645][T24933]   run_ksoftirqd+0x9b/0x100
[  715.322246][T24933]   smpboot_thread_fn+0x53f/0xa60
[  715.327282][T24933]   kthread+0x70e/0x8a0
[  715.331452][T24933]   ret_from_fork+0x3fc/0x770
[  715.336137][T24933]   ret_from_fork_asm+0x1a/0x30
[  715.341011][T24933] 
[  715.341011][T24933] to a SOFTIRQ-irq-unsafe lock:
[  715.348043][T24933]  (tasklist_lock){.+.+}-{3:3}
[  715.348075][T24933] 
[  715.348075][T24933] ... which became SOFTIRQ-irq-unsafe at:
[  715.360724][T24933] ...
[  715.360733][T24933]   lock_acquire+0x120/0x360
[  715.367913][T24933]   _raw_read_lock+0x36/0x50
[  715.372514][T24933]   __do_wait+0xde/0x740
[  715.376774][T24933]   do_wait+0x1f8/0x520
[  715.380944][T24933]   kernel_wait+0xab/0x170
[  715.385372][T24933]   call_usermodehelper_exec_work+0xbe/0x230
[  715.391362][T24933]   process_scheduled_works+0xade/0x17b0
[  715.397011][T24933]   worker_thread+0x8a0/0xda0
[  715.401700][T24933]   kthread+0x70e/0x8a0
[  715.405883][T24933]   ret_from_fork+0x3fc/0x770
[  715.410564][T24933]   ret_from_fork_asm+0x1a/0x30
[  715.415454][T24933] 
[  715.415454][T24933] other info that might help us debug this:
[  715.415454][T24933] 
[  715.425781][T24933] Chain exists of:
[  715.425781][T24933]   &dev->event_lock#2 --> &new->fa_lock --> tasklist_lock
[  715.425781][T24933] 
[  715.438875][T24933]  Possible interrupt unsafe locking scenario:
[  715.438875][T24933] 
[  715.447220][T24933]        CPU0                    CPU1
[  715.452600][T24933]        ----                    ----
[  715.457981][T24933]   lock(tasklist_lock);
[  715.462244][T24933]                                local_irq_disable();
[  715.469040][T24933]                                lock(&dev->event_lock#2);
[  715.476293][T24933]                                lock(&new->fa_lock);
[  715.483129][T24933]   <Interrupt>
[  715.486596][T24933]     lock(&dev->event_lock#2);
[  715.491483][T24933] 
[  715.491483][T24933]  *** DEADLOCK ***
[  715.491483][T24933] 
[  715.499669][T24933] 4 locks held by syz.1.8691/24933:
[  715.504892][T24933]  #0: ffffffff8e2aebf0 (file_rwsem){++++}-{0:0}, at: __break_lease+0x37f/0x1620
[  715.514103][T24933]  #1: ffff888079af6bc8 (&ctx->flc_lock){+.+.}-{3:3}, at: __break_lease+0x387/0x1620
[  715.523657][T24933]  #2: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x53/0x4d0
[  715.532766][T24933]  #3: ffff888034fe6210 (&new->fa_lock){...-}-{3:3}, at: kill_fasync+0x199/0x4d0
[  715.541961][T24933] 
[  715.541961][T24933] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[  715.552415][T24933]   -> (&dev->event_lock#2){..-.}-{3:3} {
[  715.558185][T24933]      IN-SOFTIRQ-W at:
[  715.562354][T24933]                         lock_acquire+0x120/0x360
[  715.568894][T24933]                         _raw_spin_lock_irqsave+0xa7/0xf0
[  715.576203][T24933]                         input_inject_event+0xab/0x320
[  715.583159][T24933]                         led_trigger_event+0x138/0x210
[  715.590112][T24933]                         kbd_bh+0x1c6/0x2e0
[  715.596121][T24933]                         tasklet_action_common+0x369/0x580
[  715.603622][T24933]                         handle_softirqs+0x283/0x870
[  715.611121][T24933]                         run_ksoftirqd+0x9b/0x100
[  715.617658][T24933]                         smpboot_thread_fn+0x53f/0xa60
[  715.624616][T24933]                         kthread+0x70e/0x8a0
[  715.630892][T24933]                         ret_from_fork+0x3fc/0x770
[  715.637506][T24933]                         ret_from_fork_asm+0x1a/0x30
[  715.644304][T24933]      INITIAL USE at:
[  715.648396][T24933]                        lock_acquire+0x120/0x360
[  715.654839][T24933]                        _raw_spin_lock_irqsave+0xa7/0xf0
[  715.661993][T24933]                        input_inject_event+0xab/0x320
[  715.668877][T24933]                        kbd_led_trigger_activate+0xbc/0x100
[  715.676263][T24933]                        led_trigger_set+0x52d/0x950
[  715.682980][T24933]                        led_trigger_set_default+0x260/0x2a0
[  715.690400][T24933]                        led_classdev_register_ext+0x73d/0x930
[  715.698051][T24933]                        input_leds_connect+0x517/0x790
[  715.705013][T24933]                        input_register_device+0xceb/0x10b0
[  715.712342][T24933]                        atkbd_connect+0x70e/0x9c0
[  715.718868][T24933]                        serio_driver_probe+0x82/0xa0
[  715.725650][T24933]                        really_probe+0x26a/0x9a0
[  715.732133][T24933]                        __driver_probe_device+0x18c/0x2f0
[  715.739353][T24933]                        driver_probe_device+0x4f/0x430
[  715.746299][T24933]                        __driver_attach+0x452/0x700
[  715.752988][T24933]                        bus_for_each_dev+0x230/0x2b0
[  715.759766][T24933]                        serio_handle_event+0x1a2/0x860
[  715.766721][T24933]                        process_scheduled_works+0xade/0x17b0
[  715.774191][T24933]                        worker_thread+0x8a0/0xda0
[  715.780707][T24933]                        kthread+0x70e/0x8a0
[  715.786706][T24933]                        ret_from_fork+0x3fc/0x770
[  715.793216][T24933]                        ret_from_fork_asm+0x1a/0x30
[  715.799911][T24933]    }
[  715.802588][T24933]    ... key      at: [<ffffffff99dfdb60>] input_allocate_device.__key.5+0x0/0x20
[  715.811810][T24933]  -> (&client->buffer_lock){....}-{3:3} {
[  715.817657][T24933]     INITIAL USE at:
[  715.821649][T24933]                      lock_acquire+0x120/0x360
[  715.827900][T24933]                      _raw_spin_lock+0x2e/0x40
[  715.834165][T24933]                      evdev_pass_values+0xb9/0xbd0
[  715.840770][T24933]                      evdev_events+0x1e6/0x340
[  715.847041][T24933]                      input_pass_values+0x285/0x890
[  715.853739][T24933]                      input_event_dispose+0x330/0x6b0
[  715.860687][T24933]                      input_inject_event+0x1fe/0x320
[  715.867476][T24933]                      evdev_write+0x2fc/0x480
[  715.873643][T24933]                      vfs_write+0x27e/0xa90
[  715.879631][T24933]                      ksys_write+0x145/0x250
[  715.885705][T24933]                      do_syscall_64+0xfa/0x3b0
[  715.891997][T24933]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.899642][T24933]   }
[  715.902234][T24933]   ... key      at: [<ffffffff99dfde00>] evdev_open.__key.25+0x0/0x20
[  715.910496][T24933]   ... acquired at:
[  715.914421][T24933]    lock_acquire+0x120/0x360
[  715.919107][T24933]    _raw_spin_lock+0x2e/0x40
[  715.923810][T24933]    evdev_pass_values+0xb9/0xbd0
[  715.928843][T24933]    evdev_events+0x1e6/0x340
[  715.933546][T24933]    input_pass_values+0x285/0x890
[  715.938673][T24933]    input_event_dispose+0x330/0x6b0
[  715.943979][T24933]    input_inject_event+0x1fe/0x320
[  715.949366][T24933]    evdev_write+0x2fc/0x480
[  715.953963][T24933]    vfs_write+0x27e/0xa90
[  715.958388][T24933]    ksys_write+0x145/0x250
[  715.962904][T24933]    do_syscall_64+0xfa/0x3b0
[  715.967622][T24933]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.973711][T24933] 
[  715.976053][T24933] -> (&new->fa_lock){...-}-{3:3} {
[  715.981203][T24933]    IN-SOFTIRQ-R at:
[  715.985200][T24933]                     lock_acquire+0x120/0x360
[  715.991360][T24933]                     _raw_read_lock_irqsave+0xaf/0x100
[  715.998392][T24933]                     kill_fasync+0x199/0x4d0
[  716.004479][T24933]                     sock_wake_async+0x137/0x160
[  716.010936][T24933]                     sock_def_readable+0x3bb/0x550
[  716.017543][T24933]                     __sock_queue_rcv_skb+0x6a5/0x9c0
[  716.024411][T24933]                     sock_queue_rcv_skb_reason+0x75/0xe0
[  716.031539][T24933]                     raw_rcv+0x74b/0x9d0
[  716.037279][T24933]                     raw_local_deliver+0x9ee/0xe90
[  716.043891][T24933]                     ip_protocol_deliver_rcu+0x46/0x440
[  716.050990][T24933]                     ip_local_deliver_finish+0x2fb/0x580
[  716.058907][T24933]                     NF_HOOK+0x30c/0x3a0
[  716.064642][T24933]                     NF_HOOK+0x30c/0x3a0
[  716.070380][T24933]                     __netif_receive_skb+0x143/0x380
[  716.077241][T24933]                     process_backlog+0x60e/0x14f0
[  716.083766][T24933]                     __napi_poll+0xc4/0x480
[  716.090022][T24933]                     net_rx_action+0x707/0xe30
[  716.096378][T24933]                     handle_softirqs+0x283/0x870
[  716.102811][T24933]                     do_softirq+0xec/0x180
[  716.108718][T24933]                     __local_bh_enable_ip+0x17d/0x1c0
[  716.115581][T24933]                     __dev_queue_xmit+0x1cd7/0x3a70
[  716.122268][T24933]                     ip_finish_output2+0xd03/0x1160
[  716.128955][T24933]                     ip_push_pending_frames+0xbe/0x150
[  716.135905][T24933]                     raw_sendmsg+0x143f/0x18b0
[  716.142162][T24933]                     __sock_sendmsg+0x19c/0x270
[  716.148503][T24933]                     __sys_sendto+0x3bd/0x520
[  716.154675][T24933]                     __x64_sys_sendto+0xde/0x100
[  716.161109][T24933]                     do_syscall_64+0xfa/0x3b0
[  716.167280][T24933]                     entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.174835][T24933]    INITIAL USE at:
[  716.178742][T24933]                    lock_acquire+0x120/0x360
[  716.184814][T24933]                    _raw_write_lock_irq+0xa2/0xf0
[  716.191337][T24933]                    fasync_remove_entry+0xf1/0x1c0
[  716.197959][T24933]                    lease_modify+0x1ca/0x3c0
[  716.204049][T24933]                    locks_remove_file+0x4bf/0xea0
[  716.210580][T24933]                    __fput+0x3ab/0xa70
[  716.216146][T24933]                    task_work_run+0x1d1/0x260
[  716.222319][T24933]                    exit_to_user_mode_loop+0xec/0x110
[  716.229261][T24933]                    do_syscall_64+0x2bd/0x3b0
[  716.235430][T24933]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.242910][T24933]    INITIAL READ USE at:
[  716.247248][T24933]                         lock_acquire+0x120/0x360
[  716.253759][T24933]                         _raw_read_lock_irqsave+0xaf/0x100
[  716.261053][T24933]                         kill_fasync+0x199/0x4d0
[  716.267483][T24933]                         evdev_pass_values+0x627/0xbd0
[  716.274423][T24933]                         evdev_events+0x1e6/0x340
[  716.280946][T24933]                         input_pass_values+0x285/0x890
[  716.287902][T24933]                         input_event_dispose+0x330/0x6b0
[  716.295025][T24933]                         input_inject_event+0x1fe/0x320
[  716.302067][T24933]                         evdev_write+0x2fc/0x480
[  716.308494][T24933]                         vfs_write+0x27e/0xa90
[  716.314742][T24933]                         ksys_write+0x145/0x250
[  716.321095][T24933]                         do_syscall_64+0xfa/0x3b0
[  716.327633][T24933]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.336073][T24933]  }
[  716.338585][T24933]  ... key      at: [<ffffffff99aeef80>] fasync_insert_entry.__key+0x0/0x20
[  716.347281][T24933]  ... acquired at:
[  716.351089][T24933]    lock_acquire+0x120/0x360
[  716.355782][T24933]    _raw_read_lock_irqsave+0xaf/0x100
[  716.361280][T24933]    kill_fasync+0x199/0x4d0
[  716.365896][T24933]    evdev_pass_values+0x627/0xbd0
[  716.371017][T24933]    evdev_events+0x1e6/0x340
[  716.375719][T24933]    input_pass_values+0x285/0x890
[  716.380855][T24933]    input_event_dispose+0x330/0x6b0
[  716.386157][T24933]    input_inject_event+0x1fe/0x320
[  716.391373][T24933]    evdev_write+0x2fc/0x480
[  716.395968][T24933]    vfs_write+0x27e/0xa90
[  716.400392][T24933]    ksys_write+0x145/0x250
[  716.404910][T24933]    do_syscall_64+0xfa/0x3b0
[  716.409601][T24933]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.415675][T24933] 
[  716.418032][T24933] 
[  716.418032][T24933] the dependencies between the lock to be acquired
[  716.418043][T24933]  and SOFTIRQ-irq-unsafe lock:
[  716.431573][T24933]  -> (tasklist_lock){.+.+}-{3:3} {
[  716.436808][T24933]     HARDIRQ-ON-R at:
[  716.440891][T24933]                       lock_acquire+0x120/0x360
[  716.447238][T24933]                       _raw_read_lock+0x36/0x50
[  716.453576][T24933]                       __do_wait+0xde/0x740
[  716.459590][T24933]                       do_wait+0x1f8/0x520
[  716.465527][T24933]                       kernel_wait+0xab/0x170
[  716.471712][T24933]                       call_usermodehelper_exec_work+0xbe/0x230
[  716.479549][T24933]                       process_scheduled_works+0xade/0x17b0
[  716.486958][T24933]                       worker_thread+0x8a0/0xda0
[  716.493398][T24933]                       kthread+0x70e/0x8a0
[  716.499347][T24933]                       ret_from_fork+0x3fc/0x770
[  716.505780][T24933]                       ret_from_fork_asm+0x1a/0x30
[  716.512480][T24933]     SOFTIRQ-ON-R at:
[  716.516563][T24933]                       lock_acquire+0x120/0x360
[  716.523703][T24933]                       _raw_read_lock+0x36/0x50
[  716.530068][T24933]                       __do_wait+0xde/0x740
[  716.536179][T24933]                       do_wait+0x1f8/0x520
[  716.542110][T24933]                       kernel_wait+0xab/0x170
[  716.548551][T24933]                       call_usermodehelper_exec_work+0xbe/0x230
[  716.556461][T24933]                       process_scheduled_works+0xade/0x17b0
[  716.563849][T24933]                       worker_thread+0x8a0/0xda0
[  716.570296][T24933]                       kthread+0x70e/0x8a0
[  716.576218][T24933]                       ret_from_fork+0x3fc/0x770
[  716.582737][T24933]                       ret_from_fork_asm+0x1a/0x30
[  716.589629][T24933]     INITIAL USE at:
[  716.593632][T24933]                      lock_acquire+0x120/0x360
[  716.600346][T24933]                      _raw_write_lock_irq+0xa2/0xf0
[  716.607242][T24933]                      copy_process+0x21d5/0x3b80
[  716.613877][T24933]                      kernel_clone+0x224/0x7f0
[  716.620278][T24933]                      user_mode_thread+0xdd/0x140
[  716.626811][T24933]                      rest_init+0x23/0x300
[  716.632734][T24933]                      start_kernel+0x47d/0x500
[  716.638991][T24933]                      x86_64_start_reservations+0x24/0x30
[  716.646210][T24933]                      x86_64_start_kernel+0x143/0x1c0
[  716.653087][T24933]                      common_startup_64+0x13e/0x147
[  716.659806][T24933]     INITIAL READ USE at:
[  716.664251][T24933]                           lock_acquire+0x120/0x360
[  716.670945][T24933]                           _raw_read_lock+0x36/0x50
[  716.677630][T24933]                           __do_wait+0xde/0x740
[  716.683989][T24933]                           do_wait+0x1f8/0x520
[  716.690256][T24933]                           kernel_wait+0xab/0x170
[  716.696785][T24933]                           call_usermodehelper_exec_work+0xbe/0x230
[  716.704868][T24933]                           process_scheduled_works+0xade/0x17b0
[  716.712621][T24933]                           worker_thread+0x8a0/0xda0
[  716.719399][T24933]                           kthread+0x70e/0x8a0
[  716.725665][T24933]                           ret_from_fork+0x3fc/0x770
[  716.732437][T24933]                           ret_from_fork_asm+0x1a/0x30
[  716.739390][T24933]   }
[  716.741993][T24933]   ... key      at: [<ffffffff8de0c058>] tasklist_lock+0x18/0x40
[  716.749857][T24933]   ... acquired at:
[  716.753784][T24933]    lock_acquire+0x120/0x360
[  716.758478][T24933]    _raw_read_lock+0x36/0x50
[  716.763182][T24933]    send_sigurg+0x12b/0x420
[  716.767790][T24933]    sk_send_sigurg+0x6c/0x2e0
[  716.772573][T24933]    queue_oob+0x490/0x5a0
[  716.777041][T24933]    unix_stream_sendmsg+0xaf9/0xc90
[  716.782348][T24933]    __sock_sendmsg+0x21c/0x270
[  716.787212][T24933]    ____sys_sendmsg+0x52d/0x830
[  716.792172][T24933]    ___sys_sendmsg+0x21f/0x2a0
[  716.797048][T24933]    __sys_sendmmsg+0x227/0x430
[  716.801920][T24933]    __x64_sys_sendmmsg+0xa0/0xc0
[  716.806967][T24933]    do_syscall_64+0xfa/0x3b0
[  716.811663][T24933]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.817740][T24933] 
[  716.820068][T24933] -> (&f_owner->lock){....}-{3:3} {
[  716.825345][T24933]    INITIAL USE at:
[  716.829258][T24933]                    lock_acquire+0x120/0x360
[  716.835338][T24933]                    _raw_write_lock_irq+0xa2/0xf0
[  716.841860][T24933]                    __f_setown+0x67/0x370
[  716.847697][T24933]                    generic_setlease+0xd5d/0x1240
[  716.854215][T24933]                    fcntl_setlease+0x3a2/0x4c0
[  716.860471][T24933]                    do_fcntl+0x6a9/0x1910
[  716.866292][T24933]                    __se_sys_fcntl+0xc8/0x150
[  716.872461][T24933]                    do_syscall_64+0xfa/0x3b0
[  716.878546][T24933]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.886112][T24933]    INITIAL READ USE at:
[  716.890451][T24933]                         lock_acquire+0x120/0x360
[  716.897053][T24933]                         _raw_read_lock_irq+0xaa/0xf0
[  716.903918][T24933]                         do_fcntl+0x535/0x1910
[  716.910181][T24933]                         __se_sys_fcntl+0xc8/0x150
[  716.916785][T24933]                         do_syscall_64+0xfa/0x3b0
[  716.923384][T24933]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.931373][T24933]  }
[  716.933880][T24933]  ... key      at: [<ffffffff99aeef60>] file_f_owner_allocate.__key+0x0/0x20
[  716.942754][T24933]  ... acquired at:
[  716.946566][T24933]    lock_acquire+0x120/0x360
[  716.951253][T24933]    _raw_read_lock_irqsave+0xaf/0x100
[  716.956727][T24933]    send_sigio+0x38/0x370
[  716.961167][T24933]    kill_fasync+0x24d/0x4d0
[  716.965772][T24933]    lease_break_callback+0x26/0x30
[  716.970995][T24933]    __break_lease+0x6a5/0x1620
[  716.975867][T24933]    do_dentry_open+0xd62/0x1970
[  716.980819][T24933]    vfs_open+0x3b/0x340
[  716.985175][T24933]    path_openat+0x2ee5/0x3830
[  716.989962][T24933]    do_filp_open+0x1fa/0x410
[  716.994671][T24933]    do_sys_openat2+0x121/0x1c0
[  716.999539][T24933]    __x64_sys_openat+0x138/0x170
[  717.004585][T24933]    do_syscall_64+0xfa/0x3b0
[  717.009278][T24933]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.015374][T24933] 
[  717.017706][T24933] 
[  717.017706][T24933] stack backtrace:
[  717.023607][T24933] CPU: 0 UID: 0 PID: 24933 Comm: syz.1.8691 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  717.023629][T24933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  717.023641][T24933] Call Trace:
[  717.023651][T24933]  <TASK>
[  717.023661][T24933]  dump_stack_lvl+0x189/0x250
[  717.023686][T24933]  ? __pfx_dump_stack_lvl+0x10/0x10
[  717.023706][T24933]  ? __pfx__printk+0x10/0x10
[  717.023734][T24933]  validate_chain+0x1f05/0x2140
[  717.023768][T24933]  __lock_acquire+0xab9/0xd20
[  717.023788][T24933]  ? send_sigio+0x38/0x370
[  717.023811][T24933]  lock_acquire+0x120/0x360
[  717.023826][T24933]  ? send_sigio+0x38/0x370
[  717.023856][T24933]  _raw_read_lock_irqsave+0xaf/0x100
[  717.023874][T24933]  ? send_sigio+0x38/0x370
[  717.023897][T24933]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[  717.023915][T24933]  ? _raw_read_lock_irqsave+0xbb/0x100
[  717.023933][T24933]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[  717.023952][T24933]  send_sigio+0x38/0x370
[  717.023978][T24933]  kill_fasync+0x24d/0x4d0
[  717.024007][T24933]  ? kill_fasync+0x53/0x4d0
[  717.024032][T24933]  lease_break_callback+0x26/0x30
[  717.024060][T24933]  __break_lease+0x6a5/0x1620
[  717.024083][T24933]  ? smk_tskacc+0x2fc/0x370
[  717.024116][T24933]  ? __pfx___break_lease+0x10/0x10
[  717.024143][T24933]  ? mnt_get_write_access+0x68/0x2a0
[  717.024173][T24933]  do_dentry_open+0xd62/0x1970
[  717.024204][T24933]  vfs_open+0x3b/0x340
[  717.024224][T24933]  ? path_openat+0x2ecd/0x3830
[  717.024251][T24933]  path_openat+0x2ee5/0x3830
[  717.024276][T24933]  ? arch_stack_walk+0xfc/0x150
[  717.024311][T24933]  ? __pfx_path_openat+0x10/0x10
[  717.024336][T24933]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.024363][T24933]  do_filp_open+0x1fa/0x410
[  717.024389][T24933]  ? __lock_acquire+0xab9/0xd20
[  717.024405][T24933]  ? __pfx_do_filp_open+0x10/0x10
[  717.024441][T24933]  ? _raw_spin_unlock+0x28/0x50
[  717.024468][T24933]  ? alloc_fd+0x64c/0x6c0
[  717.024491][T24933]  do_sys_openat2+0x121/0x1c0
[  717.024514][T24933]  ? __se_sys_futex+0x36f/0x400
[  717.024538][T24933]  ? __pfx_do_sys_openat2+0x10/0x10
[  717.024564][T24933]  ? rcu_is_watching+0x15/0xb0
[  717.024586][T24933]  __x64_sys_openat+0x138/0x170
[  717.024612][T24933]  do_syscall_64+0xfa/0x3b0
[  717.024632][T24933]  ? lockdep_hardirqs_on+0x9c/0x150
[  717.024650][T24933]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.024668][T24933]  ? clear_bhb_loop+0x60/0xb0
[  717.024688][T24933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.024706][T24933] RIP: 0033:0x7fa4c238ebe9
[  717.024723][T24933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  717.024740][T24933] RSP: 002b:00007fa4c31aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  717.024762][T24933] RAX: ffffffffffffffda RBX: 00007fa4c25b5fa0 RCX: 00007fa4c238ebe9
[  717.024776][T24933] RDX: 0000000000020001 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  717.024789][T24933] RBP: 00007fa4c2411e19 R08: 0000000000000000 R09: 0000000000000000
[  717.024801][T24933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  717.024812][T24933] R13: 00007fa4c25b6038 R14: 00007fa4c25b5fa0 R15: 00007ffc932fdb08
[  717.024832][T24933]  </TASK>
[  717.355240][ T5918] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  718.162628][T24591] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.274044][T24591] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.418512][T24591] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.485363][T24591] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.613877][T24591] bridge_slave_1: left allmulticast mode
[  718.619616][T24591] bridge_slave_1: left promiscuous mode
[  718.641379][T24591] bridge0: port 2(bridge_slave_1) entered disabled state
[  718.652926][T24591] bridge_slave_0: left allmulticast mode
[  718.658811][T24591] bridge_slave_0: left promiscuous mode
[  718.665003][T24591] bridge0: port 1(bridge_slave_0) entered disabled state
[  718.769285][T24591] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  718.781755][T24591] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  718.793071][T24591] bond0 (unregistering): Released all slaves
[  718.884596][T24591] tipc: Disabling bearer <udp:syz2>
[  718.890227][T24591] tipc: Left network mode
[  718.891331][    C0] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  719.019501][T24591] hsr_slave_0: left promiscuous mode
[  719.025694][T24591] hsr_slave_1: left promiscuous mode
[  719.031822][T24591] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  719.039366][T24591] batman_adv: batadv0: Removing interface: batadv_slave_0
[  719.048714][T24591] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  719.057079][T24591] batman_adv: batadv0: Removing interface: batadv_slave_1
[  719.067917][T24591] veth1_macvtap: left promiscuous mode
[  719.073637][T24591] veth0_macvtap: left promiscuous mode
[  719.079225][T24591] veth1_vlan: left promiscuous mode
[  719.085073][T24591] veth0_vlan: left promiscuous mode
[  719.268036][T24591] team0 (unregistering): Port device team_slave_1 removed
[  719.304369][T24591] team0 (unregistering): Port device team_slave_0 removed
[  719.758139][T24591] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.808098][T24591] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.865802][T24591] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.906018][T24591] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.976678][T24591] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.018010][T24591] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.056735][T24591] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.117523][T24591] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.176020][T24591] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.216981][T24591] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.286439][T24591] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.337080][T24591] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.403824][T24591] bridge_slave_1: left allmulticast mode
[  720.409547][T24591] bridge_slave_1: left promiscuous mode
[  720.416177][T24591] bridge0: port 2(bridge_slave_1) entered disabled state
[  720.426496][T24591] bridge_slave_0: left allmulticast mode
[  720.432556][T24591] bridge_slave_0: left promiscuous mode
[  720.438263][T24591] bridge0: port 1(bridge_slave_0) entered disabled state
[  720.449270][T24591] bridge_slave_1: left allmulticast mode
[  720.455119][T24591] bridge_slave_1: left promiscuous mode
[  720.460883][T24591] bridge0: port 2(bridge_slave_1) entered disabled state
[  720.470102][T24591] bridge_slave_0: left allmulticast mode
[  720.475943][T24591] bridge_slave_0: left promiscuous mode
[  720.483552][T24591] bridge0: port 1(bridge_slave_0) entered disabled state
[  720.752888][T24591] team0: Port device bridge2 removed
[  720.807240][T24591] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  720.817598][T24591] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  720.827613][T24591] bond0 (unregistering): Released all slaves
[  720.917588][T24591] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  720.928335][T24591] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  720.938552][T24591] bond0 (unregistering): Released all slaves
[  721.092735][T24591] team0: Port device bridge1 removed
[  721.347401][T24591] bond0 (unregistering): Released all slaves
[  721.420765][T24591] �
: left promiscuous mode
[  721.462263][T24591] k�*�]�: left promiscuous mode
[  721.535705][T24591] tipc: Disabling bearer <udp:s>
[  721.541141][T24591] tipc: Disabling bearer <udp:syz2>
[  721.547142][T24591] tipc: Left network mode
[  721.557063][T24591] IPVS: stopping backup sync thread 22077 ...
[  721.929716][T24591] hsr_slave_0: left promiscuous mode
[  721.935820][T24591] hsr_slave_1: left promiscuous mode
[  721.946658][T24591] hsr_slave_0: left promiscuous mode
[  721.953051][T24591] hsr_slave_1: left promiscuous mode
[  721.959240][T24591] batman_adv: batadv0: Interface deactivated: dummy0
[  721.966364][T24591] batman_adv: batadv0: Removing interface: dummy0
[  721.974276][T24591] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  721.982178][T24591] batman_adv: batadv0: Removing interface: batadv_slave_0
[  721.995227][T24591] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  722.003719][T24591] batman_adv: batadv0: Removing interface: batadv_slave_1
[  722.015374][T24591] hsr_slave_0: left promiscuous mode
[  722.022098][T24591] hsr_slave_1: left promiscuous mode
[  722.038951][T24591] veth1_macvtap: left promiscuous mode
[  722.044598][T24591] veth0_macvtap: left promiscuous mode
[  722.050201][T24591] veth1_vlan: left promiscuous mode
[  722.056061][T24591] veth0_vlan: left promiscuous mode
[  722.063253][T24591] veth1_macvtap: left promiscuous mode
[  722.068775][T24591] veth0_macvtap: left promiscuous mode
[  722.074477][T24591] veth1_vlan: left promiscuous mode
[  722.079859][T24591] veth0_vlan: left promiscuous mode
[  722.086151][T24591] veth1_macvtap: left promiscuous mode
[  722.092208][T24591] veth0_macvtap: left promiscuous mode
[  722.097785][T24591] veth1_vlan: left promiscuous mode
[  722.103764][T24591] veth0_vlan: left promiscuous mode
[  722.255266][T24591] batadv0 (unregistering): left allmulticast mode
[  722.262930][T24591] team0 (unregistering): Port device batadv0 removed
[  722.397942][T24591] team_slave_1 (unregistering): left allmulticast mode
[  722.407384][T24591] team0 (unregistering): Port device team_slave_1 removed
[  722.437499][T24591] team_slave_0 (unregistering): left allmulticast mode
[  722.445105][T24591] team0 (unregistering): Port device team_slave_0 removed
[  722.793524][T24591] team0 (unregistering): Port device team_slave_1 removed
[  722.826865][T24591] team0 (unregistering): Port device team_slave_0 removed
[  722.948374][T24591] team0 (unregistering): Port device batadv1 removed
[  722.957056][T24591] pim6reg527 (unregistering): left allmulticast mode
[  722.966556][T24591] pim6reg (unregistering): left allmulticast mode
[  724.070446][T24591] ------------[ cut here ]------------
[  724.076035][T24591] WARNING: CPU: 0 PID: 24591 at net/ipv6/xfrm6_tunnel.c:341 xfrm6_tunnel_net_exit+0x81/0x100
[  724.086320][T24591] Modules linked in:
[  724.090263][T24591] CPU: 0 UID: 0 PID: 24591 Comm: kworker/u8:12 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  724.100625][T24591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  724.110876][T24591] Workqueue: netns cleanup_net
[  724.115861][T24591] RIP: 0010:xfrm6_tunnel_net_exit+0x81/0x100
[  724.121934][T24591] Code: 55 82 ef f7 4b 83 3c 2c 00 75 19 e8 09 9b 8f f7 49 81 fd f8 07 00 00 74 1d e8 fb 9a 8f f7 49 83 c5 08 eb c9 e8 f0 9a 8f f7 90 <0f> 0b 90 49 81 fd f8 07 00 00 75 e3 48 81 c3 00 08 00 00 45 31 f6
[  724.141916][T24591] RSP: 0018:ffffc9000b6e78b0 EFLAGS: 00010293
[  724.148038][T24591] RAX: ffffffff8a308ad0 RBX: ffff888011548000 RCX: ffff88802a78bc00
[  724.156167][T24591] RDX: 0000000000000000 RSI: ffffffff8be1ba20 RDI: ffff8880115480b8
[  724.165529][T24591] RBP: ffffc9000b6e79b0 R08: ffffffff8fa0b3f7 R09: 1ffffffff1f4167e
[  724.173606][T24591] R10: dffffc0000000000 R11: fffffbfff1f4167f R12: ffff888011548000
[  724.181609][T24591] R13: 00000000000000b8 R14: ffff8880333a4100 R15: dffffc0000000000
[  724.189680][T24591] FS:  0000000000000000(0000) GS:ffff888125c57000(0000) knlGS:0000000000000000
[  724.198691][T24591] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  724.205339][T24591] CR2: 0000001b30b1cff8 CR3: 000000000df38000 CR4: 00000000003526f0
[  724.213472][T24591] Call Trace:
[  724.216759][T24591]  <TASK>
[  724.219697][T24591]  ops_undo_list+0x497/0x990
[  724.224493][T24591]  ? __pfx_ops_undo_list+0x10/0x10
[  724.229657][T24591]  cleanup_net+0x4c5/0x800
[  724.234185][T24591]  ? __pfx_cleanup_net+0x10/0x10
[  724.239176][T24591]  ? rcu_is_watching+0x15/0xb0
[  724.244112][T24591]  ? process_scheduled_works+0x9ef/0x17b0
[  724.249867][T24591]  ? process_scheduled_works+0x9ef/0x17b0
[  724.255656][T24591]  process_scheduled_works+0xade/0x17b0
[  724.261259][T24591]  ? __pfx_process_scheduled_works+0x10/0x10
[  724.267347][T24591]  worker_thread+0x8a0/0xda0
[  724.272120][T24591]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  724.278513][T24591]  ? __kthread_parkme+0x7b/0x200
[  724.283567][T24591]  kthread+0x70e/0x8a0
[  724.287693][T24591]  ? __pfx_worker_thread+0x10/0x10
[  724.292866][T24591]  ? __pfx_kthread+0x10/0x10
[  724.297491][T24591]  ? _raw_spin_unlock_irq+0x23/0x50
[  724.302749][T24591]  ? lockdep_hardirqs_on+0x9c/0x150
[  724.307977][T24591]  ? __pfx_kthread+0x10/0x10
[  724.312748][T24591]  ret_from_fork+0x3fc/0x770
[  724.317374][T24591]  ? __pfx_ret_from_fork+0x10/0x10
[  724.322682][T24591]  ? __switch_to_asm+0x39/0x70
[  724.327502][T24591]  ? __switch_to_asm+0x33/0x70
[  724.332349][T24591]  ? __pfx_kthread+0x10/0x10
[  724.336987][T24591]  ret_from_fork_asm+0x1a/0x30
[  724.341842][T24591]  </TASK>
[  724.344901][T24591] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  724.352376][T24591] CPU: 0 UID: 0 PID: 24591 Comm: kworker/u8:12 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  724.362622][T24591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  724.372682][T24591] Workqueue: netns cleanup_net
[  724.377465][T24591] Call Trace:
[  724.380834][T24591]  <TASK>
[  724.383790][T24591]  dump_stack_lvl+0x99/0x250
[  724.388399][T24591]  ? __asan_memcpy+0x40/0x70
[  724.393020][T24591]  ? __pfx_dump_stack_lvl+0x10/0x10
[  724.398266][T24591]  ? __pfx__printk+0x10/0x10
[  724.402896][T24591]  panic+0x2db/0x790
[  724.406801][T24591]  ? __pfx_panic+0x10/0x10
[  724.411231][T24591]  ? ret_from_fork_asm+0x1a/0x30
[  724.416193][T24591]  __warn+0x31b/0x4b0
[  724.420191][T24591]  ? xfrm6_tunnel_net_exit+0x81/0x100
[  724.425574][T24591]  ? xfrm6_tunnel_net_exit+0x81/0x100
[  724.430957][T24591]  report_bug+0x2be/0x4f0
[  724.435291][T24591]  ? xfrm6_tunnel_net_exit+0x81/0x100
[  724.440677][T24591]  ? xfrm6_tunnel_net_exit+0x81/0x100
[  724.446069][T24591]  ? xfrm6_tunnel_net_exit+0x83/0x100
[  724.451462][T24591]  handle_bug+0x84/0x160
[  724.455728][T24591]  exc_invalid_op+0x1a/0x50
[  724.460306][T24591]  asm_exc_invalid_op+0x1a/0x20
[  724.465195][T24591] RIP: 0010:xfrm6_tunnel_net_exit+0x81/0x100
[  724.471205][T24591] Code: 55 82 ef f7 4b 83 3c 2c 00 75 19 e8 09 9b 8f f7 49 81 fd f8 07 00 00 74 1d e8 fb 9a 8f f7 49 83 c5 08 eb c9 e8 f0 9a 8f f7 90 <0f> 0b 90 49 81 fd f8 07 00 00 75 e3 48 81 c3 00 08 00 00 45 31 f6
[  724.490830][T24591] RSP: 0018:ffffc9000b6e78b0 EFLAGS: 00010293
[  724.496917][T24591] RAX: ffffffff8a308ad0 RBX: ffff888011548000 RCX: ffff88802a78bc00
[  724.504918][T24591] RDX: 0000000000000000 RSI: ffffffff8be1ba20 RDI: ffff8880115480b8
[  724.512917][T24591] RBP: ffffc9000b6e79b0 R08: ffffffff8fa0b3f7 R09: 1ffffffff1f4167e
[  724.520921][T24591] R10: dffffc0000000000 R11: fffffbfff1f4167f R12: ffff888011548000
[  724.528913][T24591] R13: 00000000000000b8 R14: ffff8880333a4100 R15: dffffc0000000000
[  724.536910][T24591]  ? xfrm6_tunnel_net_exit+0x80/0x100
[  724.542745][T24591]  ops_undo_list+0x497/0x990
[  724.547360][T24591]  ? __pfx_ops_undo_list+0x10/0x10
[  724.552498][T24591]  cleanup_net+0x4c5/0x800
[  724.556934][T24591]  ? __pfx_cleanup_net+0x10/0x10
[  724.561908][T24591]  ? rcu_is_watching+0x15/0xb0
[  724.566686][T24591]  ? process_scheduled_works+0x9ef/0x17b0
[  724.572437][T24591]  ? process_scheduled_works+0x9ef/0x17b0
[  724.578363][T24591]  process_scheduled_works+0xade/0x17b0
[  724.583931][T24591]  ? __pfx_process_scheduled_works+0x10/0x10
[  724.589940][T24591]  worker_thread+0x8a0/0xda0
[  724.594554][T24591]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  724.600913][T24591]  ? __kthread_parkme+0x7b/0x200
[  724.605874][T24591]  kthread+0x70e/0x8a0
[  724.609960][T24591]  ? __pfx_worker_thread+0x10/0x10
[  724.615086][T24591]  ? __pfx_kthread+0x10/0x10
[  724.619700][T24591]  ? _raw_spin_unlock_irq+0x23/0x50
[  724.624914][T24591]  ? lockdep_hardirqs_on+0x9c/0x150
[  724.630128][T24591]  ? __pfx_kthread+0x10/0x10
[  724.635005][T24591]  ret_from_fork+0x3fc/0x770
[  724.639610][T24591]  ? __pfx_ret_from_fork+0x10/0x10
[  724.644822][T24591]  ? __switch_to_asm+0x39/0x70
[  724.649731][T24591]  ? __switch_to_asm+0x33/0x70
[  724.654532][T24591]  ? __pfx_kthread+0x10/0x10
[  724.659241][T24591]  ret_from_fork_asm+0x1a/0x30
[  724.664032][T24591]  </TASK>
[  724.667504][T24591] Kernel Offset: disabled
[  724.671860][T24591] Rebooting in 86400 seconds..