Warning: Permanently added '10.128.10.7' (ED25519) to the list of known hosts.
2024/04/08 12:28:00 fuzzer started
2024/04/08 12:28:00 dialing manager at 10.128.0.169:30001
[   68.528408][ T5071] cgroup: Unknown subsys name 'net'
[   68.653831][ T5071] cgroup: Unknown subsys name 'rlimit'
2024/04/08 12:28:02 syscalls: 3744
2024/04/08 12:28:02 code coverage: enabled
2024/04/08 12:28:02 comparison tracing: enabled
2024/04/08 12:28:02 extra coverage: enabled
2024/04/08 12:28:02 delay kcov mmap: enabled
2024/04/08 12:28:02 setuid sandbox: enabled
2024/04/08 12:28:02 namespace sandbox: enabled
2024/04/08 12:28:02 Android sandbox: /sys/fs/selinux/policy does not exist
2024/04/08 12:28:02 fault injection: enabled
2024/04/08 12:28:02 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2024/04/08 12:28:02 net packet injection: enabled
2024/04/08 12:28:02 net device setup: enabled
2024/04/08 12:28:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2024/04/08 12:28:02 devlink PCI setup: PCI device 0000:00:10.0 is not available
2024/04/08 12:28:02 NIC VF setup: PCI device 0000:00:11.0 is not available
2024/04/08 12:28:02 USB emulation: enabled
2024/04/08 12:28:02 hci packet injection: enabled
2024/04/08 12:28:02 wifi device emulation: enabled
2024/04/08 12:28:02 802.15.4 emulation: enabled
2024/04/08 12:28:02 swap file: enabled
[   70.267060][ T5071] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
2024/04/08 12:28:02 starting 6 executor processes
[   70.959016][ T1240] ieee802154 phy0 wpan0: encryption failed: -22
[   70.965614][ T1240] ieee802154 phy1 wpan1: encryption failed: -22
[   71.396099][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   71.413796][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   71.433215][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   71.443448][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   71.453081][   T52] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   71.460428][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   71.561370][ T4466] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   71.570017][ T4466] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   71.610504][ T5088] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   71.619027][ T5095] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   71.627385][ T5095] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   71.635726][ T5095] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   71.637476][ T5099] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   71.643951][ T5095] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   71.658036][ T5095] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   71.659336][ T5099] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   71.665592][ T5095] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   71.674220][ T5099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   71.693136][ T5097] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   71.702337][ T5097] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   71.709603][ T5099] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   71.717966][ T5099] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   71.725558][ T5099] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   71.733401][ T5099] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   71.745121][ T5099] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   71.754387][   T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   71.762597][   T52] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   71.772112][ T4466] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   71.779876][ T4466] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   71.788449][ T4466] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   71.879130][   T52] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   71.887444][   T52] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   71.895245][   T52] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   71.914509][   T52] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   71.922466][   T52] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   71.930290][   T52] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   72.009478][ T5086] chnl_net:caif_netlink_parms(): no params data found
[   72.295947][ T5086] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.303842][ T5086] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.311205][ T5086] bridge_slave_0: entered allmulticast mode
[   72.318889][ T5086] bridge_slave_0: entered promiscuous mode
[   72.332031][ T5086] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.339473][ T5086] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.346930][ T5086] bridge_slave_1: entered allmulticast mode
[   72.354587][ T5086] bridge_slave_1: entered promiscuous mode
[   72.457980][ T5086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.478468][ T5086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.562448][ T5086] team0: Port device team_slave_0 added
[   72.620036][ T5086] team0: Port device team_slave_1 added
[   72.706781][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.713981][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.739954][ T5086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.818562][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.825650][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.852197][ T5086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.928167][ T5105] chnl_net:caif_netlink_parms(): no params data found
[   73.038194][ T5086] hsr_slave_0: entered promiscuous mode
[   73.045347][ T5086] hsr_slave_1: entered promiscuous mode
[   73.163451][ T5090] chnl_net:caif_netlink_parms(): no params data found
[   73.177380][ T5094] chnl_net:caif_netlink_parms(): no params data found
[   73.227857][ T5092] chnl_net:caif_netlink_parms(): no params data found
[   73.282512][ T5105] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.289909][ T5105] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.297399][ T5105] bridge_slave_0: entered allmulticast mode
[   73.305096][ T5105] bridge_slave_0: entered promiscuous mode
[   73.385634][ T5105] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.392968][ T5105] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.400275][ T5105] bridge_slave_1: entered allmulticast mode
[   73.408072][ T5105] bridge_slave_1: entered promiscuous mode
[   73.415215][ T5098] chnl_net:caif_netlink_parms(): no params data found
[   73.515049][   T52] Bluetooth: hci0: command tx timeout
[   73.553016][ T5105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   73.619515][ T5105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   73.759593][ T5094] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.766957][ T5094] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.774749][ T5094] bridge_slave_0: entered allmulticast mode
[   73.782133][ T5094] bridge_slave_0: entered promiscuous mode
[   73.791962][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.799188][ T5094] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.806473][ T5094] bridge_slave_1: entered allmulticast mode
[   73.814046][ T5094] bridge_slave_1: entered promiscuous mode
[   73.821147][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.829409][ T5090] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.837102][   T52] Bluetooth: hci4: command tx timeout
[   73.837128][ T4466] Bluetooth: hci3: command tx timeout
[   73.837314][ T4466] Bluetooth: hci2: command tx timeout
[   73.842733][   T52] Bluetooth: hci1: command tx timeout
[   73.859769][ T5090] bridge_slave_0: entered allmulticast mode
[   73.867382][ T5090] bridge_slave_0: entered promiscuous mode
[   73.879108][ T5105] team0: Port device team_slave_0 added
[   73.886901][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.896622][ T5090] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.907007][ T5090] bridge_slave_1: entered allmulticast mode
[   73.914932][ T5090] bridge_slave_1: entered promiscuous mode
[   73.942037][ T5092] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.949497][ T5092] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.957309][ T5092] bridge_slave_0: entered allmulticast mode
[   73.964581][ T5092] bridge_slave_0: entered promiscuous mode
[   73.993105][   T52] Bluetooth: hci5: command tx timeout
[   73.994736][ T5105] team0: Port device team_slave_1 added
[   74.059989][ T5098] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.067272][ T5098] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.075132][ T5098] bridge_slave_0: entered allmulticast mode
[   74.082548][ T5098] bridge_slave_0: entered promiscuous mode
[   74.090873][ T5092] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.098265][ T5092] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.105592][ T5092] bridge_slave_1: entered allmulticast mode
[   74.112735][ T5092] bridge_slave_1: entered promiscuous mode
[   74.152531][ T5094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.198169][ T5090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.219903][ T5098] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.227544][ T5098] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.235098][ T5098] bridge_slave_1: entered allmulticast mode
[   74.242347][ T5098] bridge_slave_1: entered promiscuous mode
[   74.282371][ T5092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.294733][ T5094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.331194][ T5090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.380395][ T5092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.419870][ T5105] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.428814][ T5105] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.460348][ T5105] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.505126][ T5098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.542684][ T5105] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.549932][ T5105] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.576310][ T5105] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.599898][ T5090] team0: Port device team_slave_0 added
[   74.608925][ T5098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.638395][ T5092] team0: Port device team_slave_0 added
[   74.647995][ T5092] team0: Port device team_slave_1 added
[   74.662430][ T5094] team0: Port device team_slave_0 added
[   74.674690][ T5094] team0: Port device team_slave_1 added
[   74.699658][ T5090] team0: Port device team_slave_1 added
[   74.823163][ T5098] team0: Port device team_slave_0 added
[   74.831111][ T5092] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.840030][ T5092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.866275][ T5092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.881124][ T5092] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.888363][ T5092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.914583][ T5092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.933706][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.940678][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.966793][ T5094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.992729][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.999889][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.026055][ T5090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   75.040605][ T5098] team0: Port device team_slave_1 added
[   75.076972][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_1
[   75.084438][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.110657][ T5094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   75.127942][ T5105] hsr_slave_0: entered promiscuous mode
[   75.134617][ T5105] hsr_slave_1: entered promiscuous mode
[   75.140886][ T5105] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.148802][ T5105] Cannot create hsr debugfs directory
[   75.171618][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_1
[   75.182891][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.210105][ T5090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   75.239251][ T5098] batman_adv: batadv0: Adding interface: batadv_slave_0
[   75.246389][ T5098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.272500][ T5098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   75.381678][ T5098] batman_adv: batadv0: Adding interface: batadv_slave_1
[   75.388766][ T5098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.415254][ T5098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   75.427118][ T5086] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   75.493832][ T5092] hsr_slave_0: entered promiscuous mode
[   75.500619][ T5092] hsr_slave_1: entered promiscuous mode
[   75.507434][ T5092] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.515765][ T5092] Cannot create hsr debugfs directory
[   75.527563][ T5086] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   75.545559][ T5094] hsr_slave_0: entered promiscuous mode
[   75.552143][ T5094] hsr_slave_1: entered promiscuous mode
[   75.558685][ T5094] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.566411][ T5094] Cannot create hsr debugfs directory
[   75.593051][   T52] Bluetooth: hci0: command tx timeout
[   75.610372][ T5086] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   75.680920][ T5086] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   75.723692][ T5090] hsr_slave_0: entered promiscuous mode
[   75.730127][ T5090] hsr_slave_1: entered promiscuous mode
[   75.742732][ T5090] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.750341][ T5090] Cannot create hsr debugfs directory
[   75.794328][ T5098] hsr_slave_0: entered promiscuous mode
[   75.800825][ T5098] hsr_slave_1: entered promiscuous mode
[   75.807536][ T5098] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.815194][ T5098] Cannot create hsr debugfs directory
[   75.913034][   T52] Bluetooth: hci1: command tx timeout
[   75.913872][ T4466] Bluetooth: hci2: command tx timeout
[   75.918460][   T52] Bluetooth: hci3: command tx timeout
[   75.924120][ T5095] Bluetooth: hci4: command tx timeout
[   76.073727][   T52] Bluetooth: hci5: command tx timeout
[   76.366444][ T5105] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   76.383802][ T5105] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   76.420332][ T5105] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   76.448830][ T5105] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   76.520512][ T5094] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   76.538904][ T5094] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   76.565626][ T5094] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   76.577575][ T5094] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   76.650050][ T5090] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   76.685203][ T5090] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   76.698017][ T5090] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   76.710670][ T5090] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   76.732026][ T5086] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.790053][ T5086] 8021q: adding VLAN 0 to HW filter on device team0
[   76.871916][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.879470][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.972221][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.979481][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.996464][ T5092] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   77.016476][ T5092] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   77.084412][ T5092] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   77.108793][ T5092] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   77.261562][ T5098] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   77.310000][ T5098] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   77.324406][ T5098] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   77.350095][ T5105] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.375867][ T5098] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   77.405312][ T5094] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.503946][ T5094] 8021q: adding VLAN 0 to HW filter on device team0
[   77.530037][ T5105] 8021q: adding VLAN 0 to HW filter on device team0
[   77.567445][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.574596][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.627010][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.634210][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.647632][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.654778][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.673575][   T52] Bluetooth: hci0: command tx timeout
[   77.714187][ T5090] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.731484][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.738670][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.935569][ T5090] 8021q: adding VLAN 0 to HW filter on device team0
[   77.995222][ T4466] Bluetooth: hci4: command tx timeout
[   78.000808][ T5088] Bluetooth: hci1: command tx timeout
[   78.009847][ T5088] Bluetooth: hci3: command tx timeout
[   78.015963][   T52] Bluetooth: hci2: command tx timeout
[   78.020728][ T5092] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.059875][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.067087][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.119995][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.127862][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.153245][   T52] Bluetooth: hci5: command tx timeout
[   78.189568][ T5092] 8021q: adding VLAN 0 to HW filter on device team0
[   78.258098][ T5086] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.286938][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.294164][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.349477][ T5098] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.401070][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.408313][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.530006][ T5098] 8021q: adding VLAN 0 to HW filter on device team0
[   78.595824][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.603045][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.617028][ T5105] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.667360][ T5094] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.702501][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.709799][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.776042][ T5086] veth0_vlan: entered promiscuous mode
[   78.791571][ T5092] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   78.984460][ T5086] veth1_vlan: entered promiscuous mode
[   79.085070][ T5105] veth0_vlan: entered promiscuous mode
[   79.177633][ T5086] veth0_macvtap: entered promiscuous mode
[   79.272038][ T5105] veth1_vlan: entered promiscuous mode
[   79.288305][ T5086] veth1_macvtap: entered promiscuous mode
[   79.308661][ T5090] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.381274][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.416764][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.465608][ T5086] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.478694][ T5086] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.487854][ T5086] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.497335][ T5086] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.552180][ T5094] veth0_vlan: entered promiscuous mode
[   79.580582][ T5092] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.606176][ T5105] veth0_macvtap: entered promiscuous mode
[   79.625775][ T5098] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.656471][ T5105] veth1_macvtap: entered promiscuous mode
[   79.699440][ T5094] veth1_vlan: entered promiscuous mode
[   79.754463][   T52] Bluetooth: hci0: command tx timeout
[   79.811936][ T5090] veth0_vlan: entered promiscuous mode
[   79.881573][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.893776][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.907352][ T5105] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.919562][ T2786] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.949112][ T2786] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.961408][ T5090] veth1_vlan: entered promiscuous mode
[   79.987754][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.999420][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.012204][ T5105] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.031267][ T5094] veth0_macvtap: entered promiscuous mode
[   80.083976][   T52] Bluetooth: hci2: command tx timeout
[   80.089449][ T4466] Bluetooth: hci4: command tx timeout
[   80.095281][ T5088] Bluetooth: hci3: command tx timeout
[   80.100711][ T5088] Bluetooth: hci1: command tx timeout
[   80.113534][ T5105] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.122270][ T5105] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.131763][ T5105] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.140542][ T5105] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.163530][ T5092] veth0_vlan: entered promiscuous mode
[   80.177239][  T739] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.191885][ T5092] veth1_vlan: entered promiscuous mode
[   80.197541][  T739] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.201451][ T5094] veth1_macvtap: entered promiscuous mode
[   80.233707][ T5088] Bluetooth: hci5: command tx timeout
[   80.283187][ T5090] veth0_macvtap: entered promiscuous mode
12:28:12 executing program 1:
mlockall(0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
setpgid(0x0, 0x0)

[   80.324551][ T5090] veth1_macvtap: entered promiscuous mode
[   80.351831][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.363743][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.376529][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.390652][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.407110][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.447163][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.465522][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.485528][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.499956][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.512234][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.522429][ T5092] veth0_macvtap: entered promiscuous mode
[   80.568328][ T5092] veth1_macvtap: entered promiscuous mode
[   80.579242][ T5094] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.592907][ T5094] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.601627][ T5094] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.615039][ T5094] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.629585][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.644406][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.654696][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.665531][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.675665][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.686507][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.698749][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.790984][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.802154][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.812654][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.823541][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.837139][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.847946][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.862040][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.941011][ T5098] veth0_vlan: entered promiscuous mode
[   80.970876][ T2777] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.977587][ T5090] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.990302][ T2777] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.002910][ T5090] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.011640][ T5090] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.038682][ T5090] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.115789][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.145663][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.173038][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.190603][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.201738][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.212537][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.223896][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.234915][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.247106][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.269414][   T24] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.287160][   T24] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.334171][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.359475][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.382912][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.403077][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.424348][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.436307][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.456395][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.471948][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.487084][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.496721][ T5098] veth1_vlan: entered promiscuous mode
[   81.561449][ T5092] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.572503][ T5092] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.582070][ T5092] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.591424][ T5092] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.661708][  T739] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
12:28:13 executing program 3:
mlockall(0x3)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
syz_read_part_table(0x5ef, &(0x7f0000000600)="$eJzs2zFoG2cUB/Any7JLAs2SKUOpM2QoXVKytaJtgqw0JGCUZgkZEkgoIZpcCChUyBAPjYaEaAgZs4SAltieLGswtNjY0LkYDy4GD15a7MXQxVfsO0Mru6Zu3ULh94PTp3v8v3t66NYv+F/ri1+SJMlFRDJ49N0DURre25aLWxEx9P27k+ldau+pZyOiEBEr6f3g61cnuk82Lxfay9e3zt2ea/Zl+bHsOvmmc+PPuiaNo/9S/h1vi/OnHo+Plp/WiveXyvXPIuLaxEap0rnabE1eKVy6m8YaC1m+P1u/bkQ8igdxJ6pRjXt/+y9d+WP/tZft1fPbZ8rt6SQf0X02+1GWG0mXXP8/mna/nvnXHg49v9mqX2xMnX5xoTazWFnPp7nq7ns/cMzdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4bm+L86cej4+Wn9aK95fK9bVvf/zh2sRGqdK52mxNXilcupvlFrK1Pwayb7V4FA/iTlQj4l6M7n/0p7uf7xzSPMnv6/+yvXp++0y5Pf3VJ78Od5/NfjyeRkeOcebf6+3/cOj5zVb94odTp19cqM0sVtbzaa46eNDuw4YDAAAAAAAAAAAAAAAAAACAv640/MX7I59XvozIxa2I+ODnb/p26kl23j0X8d7OejbLr2T1169OdJ9sXi60l69vnbs91/wpq49l18k3nRu9p+PHvuspHHimnv/SbwEAAP//6maVVg==")

[   81.704815][  T739] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.940428][ T5098] veth0_macvtap: entered promiscuous mode
[   82.045939][ T2786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.046429][ T5098] veth1_macvtap: entered promiscuous mode
[   82.078386][ T2786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.144147][ T5087] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.168784][ T5087] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.370835][ T2786] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.395257][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.413546][ T2786] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.430404][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.459607][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.495184][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.511190][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.532948][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.562033][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.589005][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.606318][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.628559][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.659238][ T5098] batman_adv: batadv0: Interface activated: batadv_slave_0
12:28:14 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = accept$inet6(r1, 0x0, 0x0)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x2, @remote}, 0x10)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0x5450, 0x0)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040), &(0x7f0000000180)=0x4)
setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x0, 0x0, 0x0)

[   82.722266][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.769021][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.797549][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.828228][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.845345][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.866241][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.883971][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[   82.892910][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.918147][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
12:28:15 executing program 5:
r0 = socket$inet6(0xa, 0x801, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000003940)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r1, r2, 0x0)
accept4$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14, 0x80800)
r4 = dup3(r0, r0, 0x0)
sendto$inet_nvme_pdu(r4, &(0x7f0000005c80), 0x80, 0x0, 0x0, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x5450)
r5 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r5, 0x29, 0x20, &(0x7f0000000080), 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='devices.list\x00', 0x275a, 0x0)
r7 = mq_open(&(0x7f0000000000)='cgroup.controllers\x00', 0x40, 0x48, &(0x7f0000000040)={0xffffffff, 0x6, 0x8, 0x10000})
dup3(r6, r7, 0x0)
ioctl$FIONCLEX(r6, 0x5450)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000480), &(0x7f00000004c0)={'L+', 0xffffffffffffffe0}, 0x16, 0x0)
fsetxattr$trusted_overlay_opaque(r7, 0x0, &(0x7f0000000640), 0x2, 0x0)
r8 = syz_clone3(&(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom1\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFLAGS(r9, 0x5421, &(0x7f0000000000))
tkill(r8, 0x0)
write$cgroup_devices(r7, &(0x7f0000000700)=ANY=[], 0x9)

[   82.935596][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.963361][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.011149][ T5098] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.114979][ T5098] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.161707][ T5098] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.189253][ T5098] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.218324][ T5098] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
12:28:15 executing program 5:
mlockall(0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000080))
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

[   83.335023][ T5143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.363156][ T5143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.469632][    T7] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.492963][    T7] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:28:15 executing program 0:
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/class/dmi', 0x0, 0x0)
r2 = dup3(r0, r1, 0x0)
symlinkat(&(0x7f0000000080)='./file1\x00', r2, &(0x7f00000000c0)='./file0\x00')
linkat(r2, &(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000040)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2100005, 0x0)

12:28:15 executing program 2:
truncate(&(0x7f0000003340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

12:28:15 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000366000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000932000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

[   83.939508][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
12:28:16 executing program 2:
syz_open_dev$evdev(0x0, 0x0, 0x0)
r0 = syz_open_dev$evdev(0x0, 0x1, 0x0)
r1 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004ea19ffff1e0006031a00000804800200090581", @ANYBLOB], 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, 0x0, 0x0)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r3, 0x0, 0x0)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x80104592, 0x0)
syz_usb_disconnect(r1)
ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000000c0)={0x24, &(0x7f00000001c0)={0x40, 0x0, 0x40, {0x40, 0x0, "319c4a886c0b5303e759cd0e4ceb0396b440a2847af51d0f604f30c4ca04a26020ffbe08e5702db1e77784d6395e849f409420ac07007b05f3c27320fe83"}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0)
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000200)=0x1)

12:28:16 executing program 1:
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x5, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x202, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)

[   83.994058][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.268653][ T5143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.301825][ T5143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:28:16 executing program 1:
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x4, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x50}, [@call={0x85, 0x0, 0x0, 0x39}]}, &(0x7f0000000000)='GPL\x00'}, 0x90)

12:28:16 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCGETS2(r0, 0x5452, &(0x7f00000000c0))
mlockall(0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.log\x00', 0x0, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)

[   84.563323][   T50] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   84.983801][   T50] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   85.022990][   T50] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   85.065307][   T50] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[   85.094141][   T50] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   85.244386][   T50] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   85.284039][   T50] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   85.292071][   T50] usb 3-1: Product: syz
[   85.338183][   T50] usb 3-1: Manufacturer: syz
[   85.442324][   T50] cdc_wdm 3-1:1.0: skipping garbage
[   85.453114][   T50] cdc_wdm 3-1:1.0: skipping garbage
[   85.458764][   T50] cdc_wdm: probe of 3-1:1.0 failed with error -22
12:28:17 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0)
r1 = socket$packet(0x11, 0x0, 0x300)
dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080))
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000040))
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, 0x0)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
r3 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$int_in(r4, 0x5452, &(0x7f0000000200)=0x3e)
ioctl$DRM_IOCTL_SET_UNIQUE(0xffffffffffffffff, 0x40106410, &(0x7f0000000140)={0x1, &(0x7f0000000100)="d8"})
recvmmsg(r4, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}}], 0xf00, 0x0, 0x0)
fcntl$setsig(r4, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r5}], 0x1, 0xfffffffffffffff8)
dup2(r4, r5)
syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = epoll_create1(0x0)
epoll_pwait2(r6, &(0x7f0000000180)=[{}], 0x1, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
fcntl$setown(r5, 0x8, r3)
tkill(r3, 0x14)

[   85.612174][   T50] usb 3-1: USB disconnect, device number 2
[   86.215228][   T50] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   86.325530][ T1785] cfg80211: failed to load regulatory.db
12:28:18 executing program 3:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2a101, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}})

12:28:18 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x0, @local}, 0x10)
write$binfmt_elf64(r0, 0x0, 0x100000530)

[   86.613884][   T50] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   86.622544][   T50] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   86.704915][   T50] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[   86.745698][   T50] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   86.759825][ T5228] 9pnet_fd: Insufficient options for proto=fd
12:28:18 executing program 3:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)

12:28:18 executing program 1:
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000002540)={0x5})

[   86.934446][   T50] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
12:28:19 executing program 3:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0}, 0x90)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x90)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r1, r0, 0x16, 0x0, @void}, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_SECURITY(r2, 0x112, 0xa, &(0x7f0000003000), 0x2)

[   86.979077][   T50] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   87.017732][   T50] usb 3-1: Product: syz
[   87.024740][   T50] usb 3-1: Manufacturer: syz
12:28:19 executing program 1:
open(&(0x7f0000000080)='./bus\x00', 0x105042, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000300), 0x0, 0x0, 0x0)

[   87.132245][   T50] cdc_wdm 3-1:1.0: skipping garbage
[   87.137573][   T50] cdc_wdm 3-1:1.0: skipping garbage
[   87.161190][   T50] cdc_wdm: probe of 3-1:1.0 failed with error -22
[   87.207648][ T5235] ==================================================================
[   87.215765][ T5235] BUG: KASAN: slab-out-of-bounds in l2cap_sock_setsockopt+0x2182/0x2930
[   87.224161][ T5235] Read of size 4 at addr ffff88802b52e3e3 by task syz-executor.3/5235
[   87.232329][ T5235] 
[   87.234667][ T5235] CPU: 1 PID: 5235 Comm: syz-executor.3 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0
[   87.244667][ T5235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   87.254742][ T5235] Call Trace:
[   87.258046][ T5235]  <TASK>
[   87.260993][ T5235]  dump_stack_lvl+0x241/0x360
[   87.264653][   T28] audit: type=1800 audit(1712579299.245:2): pid=5237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1972 res=0 errno=0
[   87.265734][ T5235]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.291445][ T5235]  ? __pfx__printk+0x10/0x10
[   87.296069][ T5235]  ? srso_return_thunk+0x5/0x5f
[   87.300934][ T5235]  ? _printk+0xd5/0x120
[   87.305106][ T5235]  ? __virt_addr_valid+0x183/0x520
[   87.310235][ T5235]  ? srso_return_thunk+0x5/0x5f
[   87.315099][ T5235]  print_report+0x169/0x550
[   87.319644][ T5235]  ? __virt_addr_valid+0x183/0x520
[   87.324779][ T5235]  ? srso_return_thunk+0x5/0x5f
[   87.329640][ T5235]  ? __virt_addr_valid+0x44e/0x520
[   87.334767][ T5235]  ? srso_return_thunk+0x5/0x5f
[   87.339627][ T5235]  ? __phys_addr+0xba/0x170
[   87.344149][ T5235]  ? l2cap_sock_setsockopt+0x2182/0x2930
[   87.349789][ T5235]  kasan_report+0x143/0x180
[   87.354309][ T5235]  ? l2cap_sock_setsockopt+0x214/0x2930
[   87.359864][ T5235]  ? l2cap_sock_setsockopt+0x2182/0x2930
[   87.365508][ T5235]  l2cap_sock_setsockopt+0x2182/0x2930
[   87.370978][ T5235]  ? __cgroup_bpf_run_filter_setsockopt+0x4c9/0x1040
[   87.377666][ T5235]  ? __pfx___cgroup_bpf_run_filter_setsockopt+0x10/0x10
[   87.384616][ T5235]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[   87.390429][ T5235]  ? __pfx_aa_sk_perm+0x10/0x10
[   87.395321][ T5235]  ? alarm_timer_nsleep_restart+0x90/0x2c0
[   87.401148][ T5235]  ? aa_sock_opt_perm+0x79/0x120
[   87.406104][ T5235]  ? srso_return_thunk+0x5/0x5f
[   87.410963][ T5235]  ? srso_return_thunk+0x5/0x5f
[   87.415827][ T5235]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[   87.421636][ T5235]  do_sock_setsockopt+0x3b1/0x720
[   87.426716][ T5235]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   87.432278][ T5235]  ? __fget_files+0x3f4/0x470
[   87.436969][ T5235]  ? __fget_files+0x28/0x470
[   87.441579][ T5235]  __sys_setsockopt+0x1ae/0x250
[   87.446452][ T5235]  __x64_sys_setsockopt+0xb5/0xd0
[   87.451496][ T5235]  do_syscall_64+0xfd/0x240
[   87.456006][ T5235]  entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   87.461912][ T5235] RIP: 0033:0x7fdd15e7de69
[   87.466332][ T5235] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   87.485967][ T5235] RSP: 002b:00007fdd16b470c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   87.494404][ T5235] RAX: ffffffffffffffda RBX: 00007fdd15fabf80 RCX: 00007fdd15e7de69
[   87.502387][ T5235] RDX: 000000000000000a RSI: 0000000000000112 RDI: 0000000000000007
[   87.510376][ T5235] RBP: 00007fdd15eca47a R08: 0000000000000002 R09: 0000000000000000
[   87.518369][ T5235] R10: 0000000020003000 R11: 0000000000000246 R12: 0000000000000000
[   87.526365][ T5235] R13: 000000000000000b R14: 00007fdd15fabf80 R15: 00007ffcf0d4d698
[   87.534375][ T5235]  </TASK>
[   87.537845][ T5235] 
[   87.540197][ T5235] Allocated by task 5235:
[   87.544544][ T5235]  kasan_save_track+0x3f/0x80
[   87.549250][ T5235]  __kasan_kmalloc+0x98/0xb0
[   87.553868][ T5235]  __kmalloc+0x233/0x4a0
[   87.558127][ T5235]  __cgroup_bpf_run_filter_setsockopt+0xd2f/0x1040
[   87.564655][ T5235]  do_sock_setsockopt+0x6b4/0x720
[   87.569721][ T5235]  __sys_setsockopt+0x1ae/0x250
[   87.574596][ T5235]  __x64_sys_setsockopt+0xb5/0xd0
[   87.579640][ T5235]  do_syscall_64+0xfd/0x240
[   87.584147][ T5235]  entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   87.590054][ T5235] 
[   87.592373][ T5235] The buggy address belongs to the object at ffff88802b52e3e0
[   87.592373][ T5235]  which belongs to the cache kmalloc-8 of size 8
[   87.606092][ T5235] The buggy address is located 1 bytes to the right of
[   87.606092][ T5235]  allocated 2-byte region [ffff88802b52e3e0, ffff88802b52e3e2)
[   87.620428][ T5235] 
[   87.622756][ T5235] The buggy address belongs to the physical page:
[   87.629168][ T5235] page:ffffea0000ad4b80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2b52e
[   87.639347][ T5235] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[   87.646906][ T5235] page_type: 0xffffffff()
[   87.651236][ T5235] raw: 00fff00000000800 ffff888014c41280 dead000000000100 dead000000000122
[   87.659823][ T5235] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[   87.668408][ T5235] page dumped because: kasan: bad access detected
[   87.674827][ T5235] page_owner tracks the page as allocated
[   87.680542][ T5235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, tgid 1 (swapper/0), ts 17845456388, free_ts 17836649403
[   87.698101][ T5235]  post_alloc_hook+0x1ea/0x210
[   87.702911][ T5235]  get_page_from_freelist+0x33ea/0x3580
[   87.708466][ T5235]  __alloc_pages+0x256/0x680
[   87.713061][ T5235]  alloc_slab_page+0x5f/0x160
[   87.717760][ T5235]  new_slab+0x84/0x2f0
[   87.721835][ T5235]  ___slab_alloc+0xc73/0x1260
[   87.726522][ T5235]  __kmalloc_node_track_caller+0x2d6/0x4e0
[   87.732332][ T5235]  kstrdup+0x3a/0x80
[   87.736233][ T5235]  __kernfs_new_node+0x9d/0x880
[   87.741089][ T5235]  kernfs_new_node+0x13a/0x240
[   87.745860][ T5235]  kernfs_create_dir_ns+0x43/0x120
[   87.750974][ T5235]  sysfs_create_dir_ns+0x189/0x3a0
[   87.756096][ T5235]  kobject_add_internal+0x435/0x8d0
[   87.761299][ T5235]  kobject_init_and_add+0x124/0x190
[   87.766513][ T5235]  locate_module_kobject+0xdd/0x160
[   87.771721][ T5235]  kernel_add_sysfs_param+0x20/0x130
[   87.777021][ T5235] page last free pid 925 tgid 925 stack trace:
[   87.783177][ T5235]  free_unref_page_prepare+0x968/0xa90
[   87.788657][ T5235]  free_unref_page+0x37/0x3f0
[   87.793351][ T5235]  vfree+0x186/0x2e0
[   87.797261][ T5235]  delayed_vfree_work+0x56/0x80
[   87.802123][ T5235]  process_scheduled_works+0xa02/0x1770
[   87.807674][ T5235]  worker_thread+0x86d/0xd70
[   87.812271][ T5235]  kthread+0x2f2/0x390
[   87.816349][ T5235]  ret_from_fork+0x4d/0x80
[   87.820778][ T5235]  ret_from_fork_asm+0x1a/0x30
[   87.825558][ T5235] 
[   87.827879][ T5235] Memory state around the buggy address:
[   87.833506][ T5235]  ffff88802b52e280: 06 fc fc fc 05 fc fc fc fa fc fc fc fa fc fc fc
[   87.841566][ T5235]  ffff88802b52e300: 05 fc fc fc 05 fc fc fc 05 fc fc fc 06 fc fc fc
[   87.849625][ T5235] >ffff88802b52e380: 06 fc fc fc 05 fc fc fc fa fc fc fc 02 fc fc fc
[   87.857683][ T5235]                                                        ^
[   87.864878][ T5235]  ffff88802b52e400: 05 fc fc fc 05 fc fc fc 05 fc fc fc 00 fc fc fc
[   87.872943][ T5235]  ffff88802b52e480: 00 fc fc fc 05 fc fc fc 05 fc fc fc 04 fc fc fc
[   87.881015][ T5235] ==================================================================
[   87.982504][ T5235] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   87.989756][ T5235] CPU: 0 PID: 5235 Comm: syz-executor.3 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0
[   87.999752][ T5235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   88.009824][ T5235] Call Trace:
[   88.013136][ T5235]  <TASK>
[   88.016081][ T5235]  dump_stack_lvl+0x241/0x360
[   88.020800][ T5235]  ? __pfx_dump_stack_lvl+0x10/0x10
[   88.026041][ T5235]  ? __pfx__printk+0x10/0x10
12:28:20 executing program 1:
r0 = open(&(0x7f0000000280)='./bus\x00', 0x105042, 0x0)
setrlimit(0x1, &(0x7f0000000100)={0xffffffff, 0xffffffffffffffff})
fallocate(r0, 0x0, 0x0, 0x7fffffff)
utime(&(0x7f00000002c0)='./bus\x00', 0x0)
creat(0x0, 0x0)
setxattr$incfs_id(&(0x7f0000001080)='./bus\x00', &(0x7f0000001400), 0x0, 0x0, 0x0)

[   88.030677][ T5235]  ? preempt_schedule+0xe1/0xf0
[   88.035551][ T5235]  ? srso_return_thunk+0x5/0x5f
[   88.040425][ T5235]  ? vscnprintf+0x5d/0x90
[   88.044783][ T5235]  panic+0x349/0x860
[   88.048731][ T5235]  ? check_panic_on_warn+0x21/0xb0
[   88.053866][ T5235]  ? __pfx_panic+0x10/0x10
[   88.058312][ T5235]  ? srso_return_thunk+0x5/0x5f
[   88.063184][ T5235]  ? srso_return_thunk+0x5/0x5f
[   88.068044][ T5235]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   88.074048][ T5235]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   88.080396][ T5235]  ? print_report+0x502/0x550
[   88.085095][ T5235]  check_panic_on_warn+0x86/0xb0
[   88.090053][ T5235]  ? l2cap_sock_setsockopt+0x2182/0x2930
[   88.095691][ T5235]  end_report+0x6e/0x140
[   88.099947][ T5235]  kasan_report+0x154/0x180
[   88.104466][ T5235]  ? l2cap_sock_setsockopt+0x214/0x2930
[   88.110018][ T5235]  ? l2cap_sock_setsockopt+0x2182/0x2930
[   88.115661][ T5235]  l2cap_sock_setsockopt+0x2182/0x2930
[   88.121132][ T5235]  ? __cgroup_bpf_run_filter_setsockopt+0x4c9/0x1040
[   88.127820][ T5235]  ? __pfx___cgroup_bpf_run_filter_setsockopt+0x10/0x10
[   88.134770][ T5235]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[   88.140580][ T5235]  ? __pfx_aa_sk_perm+0x10/0x10
[   88.145450][ T5235]  ? alarm_timer_nsleep_restart+0x90/0x2c0
[   88.151274][ T5235]  ? aa_sock_opt_perm+0x79/0x120
[   88.156232][ T5235]  ? srso_return_thunk+0x5/0x5f
[   88.161092][ T5235]  ? srso_return_thunk+0x5/0x5f
[   88.165955][ T5235]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[   88.171770][ T5235]  do_sock_setsockopt+0x3b1/0x720
[   88.176828][ T5235]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   88.182391][ T5235]  ? __fget_files+0x3f4/0x470
[   88.187174][ T5235]  ? __fget_files+0x28/0x470
[   88.191787][ T5235]  __sys_setsockopt+0x1ae/0x250
[   88.196665][ T5235]  __x64_sys_setsockopt+0xb5/0xd0
[   88.201719][ T5235]  do_syscall_64+0xfd/0x240
[   88.206237][ T5235]  entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   88.212161][ T5235] RIP: 0033:0x7fdd15e7de69
[   88.216584][ T5235] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   88.236210][ T5235] RSP: 002b:00007fdd16b470c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   88.244646][ T5235] RAX: ffffffffffffffda RBX: 00007fdd15fabf80 RCX: 00007fdd15e7de69
[   88.252626][ T5235] RDX: 000000000000000a RSI: 0000000000000112 RDI: 0000000000000007
[   88.260609][ T5235] RBP: 00007fdd15eca47a R08: 0000000000000002 R09: 0000000000000000
[   88.268590][ T5235] R10: 0000000020003000 R11: 0000000000000246 R12: 0000000000000000
[   88.276572][ T5235] R13: 000000000000000b R14: 00007fdd15fabf80 R15: 00007ffcf0d4d698
[   88.284566][ T5235]  </TASK>
[   88.287863][ T5235] Kernel Offset: disabled
[   88.292181][ T5235] Rebooting in 86400 seconds..