last executing test programs:

6.48281005s ago: executing program 2 (id=7001):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r0, 0x89a1, 0x0)

6.347606407s ago: executing program 2 (id=7037):
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a0000"], 0x22)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x60202, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_emit_ethernet(0x36, 0x0, 0x0)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x1, 0x4800003e, r3, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r8, 0x8933, &(0x7f0000000240)={'wg0\x00', <r9=>0x0})
sendmsg$ETHTOOL_MSG_EEE_GET(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="34001000", @ANYRES16, @ANYBLOB="f3480000000000000000030000002000018008000100", @ANYRES32=r9, @ANYBLOB="1400020077673000"/20], 0x34}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000740)={0xbc, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x56, 0xe, {{{}, {}, @device_b, @device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6}}}, @NL80211_ATTR_BEACON_TAIL={0x2a, 0xf, [@channel_switch={0x25, 0x3, {0x0, 0x0, 0x5}}, @prep={0x83, 0x1f, {{}, 0x0, 0x0, @device_a, 0x0, @void, 0x9, 0x5, @device_a, 0x5}}]}, @NL80211_ATTR_PROBE_RESP={0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x971}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0xbc}, 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000d40)=@nat={'nat\x00', 0x2, 0x5, 0x470, 0xf0, 0xf0, 0xffffffff, 0x2d0, 0xf0, 0x3a0, 0x3a0, 0xffffffff, 0x3a0, 0x3a0, 0x5, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @remote, [], [], 'dvmrp0\x00', 'pimreg1\x00'}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @icmp_id, @icmp_id}}}, {{@ipv6={@dev, @loopback, [], [], 'batadv0\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@loopback, @ipv6=@local}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv4=@multicast1, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @gre_key, @gre_key}}}, {{@ipv6={@private0, @private2, [], [], 'ipvlan0\x00', 'pim6reg\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d0)

5.468478999s ago: executing program 4 (id=7045):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000090a000000000000000000000000000008000a40000000000900020073797a32"], 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x30, 0x4, 0x0, 0x0, 0xc0, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0xe, [{@private=0xa010102}, {@multicast1}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x9c, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @loopback, @multicast1, @private=0xa010102, @loopback]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

5.171536152s ago: executing program 3 (id=7048):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
ptrace$peeksig(0x4209, 0x0, &(0x7f0000000180)={0x1, 0x0, 0x4}, &(0x7f0000000540)=[{}, {}, {}, {}])
r0 = openat(0xffffffffffffff9c, 0x0, 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
io_uring_setup(0x354a, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x0, 0xa}}, 0x20)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000001c0), 0x40000, 0x0)
ioctl$IOMMU_TEST_OP_MD_CHECK_REFS(r2, 0x3ba0, &(0x7f0000000380)={0x48, 0x4, 0x0, 0x0, 0xec, &(0x7f0000000280)="ec5e444d178b9bccc55b468822becd79aa6d8f0e463be89923fab2d4daca51d6e55beb4ab3199ca22505bcaa2ef56c63f3154713eee6f209f4060f9c3c7b03d0ed5367872f0a1f05bd7d5d7b44cc6d49377128c5aa8ff3efa46d2b2957c56d60bebb21a1f61103497b7edb3c249fceaeea4618ef2180f5a37c6346d5d89be0cea92c26fffa911dfb33d6426b906452c4791037647287a18f8f57b4f41e97147b9b6b6436e4a94825205fe939ae8f4aad8ac3487359a3838f96e2b67a9e98254c96d4b4b4a16ebf7ee4040d316f600e4aae71e8ea2c300adab450c02723c62e31b2724f309708607c1ec10064", 0x40})
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x0, 0x200, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0xa, 0xfffc, 0x8a, @mcast2}}}, 0xfffffffffffffcaa)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000000c0), 0xffffffffffffffff, 0x0, 0x1, 0x4}}, 0x20)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r3, &(0x7f0000000200)=[{{&(0x7f0000000400)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10, 0x0}}], 0x1, 0x24040890)
setsockopt$sock_int(r3, 0x1, 0x12, &(0x7f0000000140)=0xffff0000, 0x4)
sendto$inet(r3, &(0x7f0000000180)='f', 0xfdef, 0x0, 0x0, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000180)={@local, @dev, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2, 0x0, @private, @multicast1}, {0x14, 0x0, 0x0, @multicast1, "a9598e73e3fb5f1f5ec74ce2d59477c9ecc1c22b"}}}}}, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000040), 0xffffffffffffffff, 0x0, 0x1, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21}, {0xa, 0x0, 0x0, @mcast2}}}, 0x48)

4.373263365s ago: executing program 4 (id=7052):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000006c0)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="00000000000000001c002b8008000100", @ANYBLOB='\b'], 0x3c}}, 0x0)

4.195136148s ago: executing program 3 (id=7053):
r0 = socket$kcm(0x2, 0x3, 0x106)
sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000380)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000500)=[{&(0x7f0000000700)}], 0x1}, 0x0)

4.193985925s ago: executing program 4 (id=7054):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x28, 0x4, 0x0, 0x0, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @local, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x401, 0x1000, 0x5, 0x0, 0x1, 0x0]}, @timestamp_prespec={0x44, 0x34, 0xbf, 0x3, 0x4, [{@multicast1}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private}]}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@dev}, {@multicast2}, {@private=0xa010101}, {@rand_addr, 0x800}, {@broadcast, 0x52b1}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000e40)="bd3119fab037020de607352a978727cdd46a7ad7671829c16bb1339d3f711b7c5da66f48a8b5842dad66eedf75899eb65d733423ca5651013e1db97f5d192e302ac583ccd19e1e8a3e7812af51f0eea31c5e05cec737cc11a38936d67d4c7cd78351177f51dab5ebe8523e54dd8db33ab6214499c610051df74b67669c9b554b25c70c3238ffaa908675df728ef76e7ae5ee938e025ed07603ec4cc86ee67be10ef6087e7ff0017b358ebee016f08b756cfd2645ccdf335d8b62b630939ba724776a5f2caa487586527f2066b2845e52758b6da2ce07de99165195af70ea9659005901a0f28e90b49a0803ab10698ade4c07337535c2600c45b8c497ab6863ad984815f375df57e5940e5322d90d66c84937e9b7f2356a6e16a026b2393670d370759a4567a87fd2a4d0d5857b9e2559a5a0a857b845f0e1495e8d9b574b0f4d1a55ec8d93c148a50c5c4228c653be69a7d728fa497ee129ec4e7b821ce041be389d37efd40b81a9704e5182b9cdca1f2d3312351e9edaa8ac96088c465a953e0ec3e8f26aa17ea3e1913b4d147141d1aef80b3ed959d14fad4ead4de92e10f0faca7acdce7c712ab95a11ff4c72798565f0794d7bc50f5082b52b34a1de7c5609e31e1fcc05fc7dbd73973b5dfc92896f57f5b76fd9df5067eb273f0960560df3dfd00ba068e28812244f700d76da4197bb332245f00112b73659c63dfb854eb8eed1a9881e5c49399b2c6932b540d3464d470cabb6", 0x216, 0x0, 0x0, 0x0)

4.11438766s ago: executing program 2 (id=7055):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x398}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x70, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x3c, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_INDEV={0x14, 0x8, 'veth0\x00'}, @TCA_U32_MARK={0x10}]}}]}, 0x70}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})

4.073291498s ago: executing program 3 (id=7056):
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791097"], 0x0}, 0x90)
syz_usb_control_io$hid(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendto(0xffffffffffffffff, &(0x7f00000000c0)="1f89923372db0c0bdcf1e46f946be6915876c838e85e0ac7f85d219d983fd4a2774f51a2bf17e1db1a15482e71e61c03a5a290a96054490118ece8f37355c951e122a5152f95acd9f5f97ad55e74383c94c44f4332abca39236bb897e9ea074a282baefd1a7c8dd1c7290db0c90983106d82b8a3bb93905c85b587a4112fab292bb333d9", 0x84, 0x0, 0x0, 0x0)
socket(0x10, 0x80002, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000140), 0x9)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

3.992793416s ago: executing program 2 (id=7057):
io_uring_setup(0x6804, &(0x7f0000000440))
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9}}, 0x50)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000002280), 0x0, 0x0)
open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)

3.823227416s ago: executing program 4 (id=7059):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="e000000013000100000000000000000063626328626c6f77666973682900"/224], 0xe0}}, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000340), 0x42, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_VFIO_IOAS$SET(0xffffffffffffffff, 0x3b88, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r1, &(0x7f0000006280)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
chmod(&(0x7f0000000040)='./file0\x00', 0x0)
removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=@random={'trusted.', '/dev/fuse\x00'})
syz_fuse_handle_req(r1, &(0x7f0000004280)="746742ca1b148a3d4a1d266df0e05721d3b36ffebab0a9750bf000dbdd0e2400445d3671239cb6e17c4e73c69319ff1319860a6a935682a8864763ca0fc3bb37a2570d6015d8148f349d76492ea77fa9c64f9a8d5f6f97ffcec860277cc20118c8ee9c18356b8b0c7182ae1b94c02875db65b3cda135a4be464f474d055a181153444cf6bf7c65c6cea7e9faf223a0aa9eecfeebef4a53414f7bbf33b238dd348197b7b645843b9c61e24b2dc115cf829b59eeba3bfb077434af9e8ce746957cb083b09b21a72d1c7a898b074710106196a1ac73f08bdd5c3f6eb270182fee4eb2a59512c8ac969aaae92b6b72d870e62d95c5ac3be4e987a8e0126ad9b8a72e737654c6637d55aabfd59949fe8962f61a42084cb4b381c7e845d36c9719dde0c21b1bf087d11ac73dec59d59492afdbe4560e4073e591b03f36ca7b674b2ecc29963626770c7e1c90cc7a9d5709e10c6d5414405c50dfe1c165a2b5aa99a4e50c854aeeac2a756ea6ca14bb68536476ec0397811f0b9e4759b2934cbb4cfc13cded31863c39633c3d79d11fecd01d831c1cb089d518500733b702627c48b9fa0202783896b267b22e84ee7ce3492ec5f212ba60c119a408cd9ba2a95c5bfd233e518a5f10ed6acc504b65592f1f43927b57e1deea98e4a1ac6ada92cd74afa7da3f4ab8f3947f69dceacffa4328ee06aebcbfaa0116f247c830d72e2cd7c03b011a374eeffffea06d6558026531e312a2e67da6fd9b5db77fa5e2583f5c0dbde326d9ad1c8c1bbe063a622781c8472583fc63edf049a93a27eec6422f31cbc7b9593b478648a51d6a2e96d6ce3949cced10708d432c73544023a9a3fceee55574af1e3054e68e2afee8d3939601ba78987c84059f559f815fa7a6f1ca8d54a9d32375ba1dd6ec1b95cd782666bb60169ad758c5dcbfe1e983a043e0e2a707bfdb297cc562e9a784a4a901310afcf27f499c90d7a82eb2367a8eab6b3fe461f7b48e2bf0cb4d26168a7cb6366a84d1d889f21e2b95b5acb01c98996ab4483197d6c84ea15a505fb3499664cdb66d1e4d94d92b390247d5cfe49c1e8233215d709e6573052f3cb35429145e9943fb595c95efd5734af77333500bf14049faad939553829e4e2ab8d7400aad2a6850bea35f909aca38fae95a2cb8ab7b567017f9cb190e2c9987e353235259391a9f18f85d7e06772b70cf4efe7c99708e7568bc4242d6d40b98d7322ada6da82d5ee5ff977dfbd3e4d6ae776fd1546aad74e27d93b46c0cd6b91ddd6db97c3a8479683800e163e89faf862c516048df71958789add1fecfd25bdb72b6fe3e9be9c4b47414ef69d81642ca69ea475fabcbaee1fe05948b3c021d9d59008e4a13bea45b4efa4b104afb6a947fc81ec8728366989fc6ba785b64f8f1e92aeeb8853ad2cb4db3875124b9ab57926a4bf9e0156f6821500c12c1ec6af90353d31801cb61e64f8258c5351ed34581f0cbbebbf4411f98ad1f4ee660b4c4c47fb56521608c8c29eb77316d3633cc65411b9d7a9f17f798e3aa498d5eb863c545fbb3efa34576c5b68bc410438cceac84fb808510dbdb191295cdf6762a103cb3567efea172870ba2bfe9d370685056d80c32ac053a1cc926712a185fff94b4b2d2f8d533f499667af7a15d5580f444cb34fbab6b4f4121923c29e93145cdf05be7361619ba6175991e5e41fb45af1b965fa13a89ce192923331fbebea46cc951bddaf6ad86277a7b8a992a92a29ffc00a68014a1134d2f716f062e20e7852a4c40442f2de37d32771f80551a46e2758a6dce9b2c4191a7772f4cb40d612ffc3c6c7d03dc08efb2bee1e4baef9ea07391fe3e57e62d589adeae48918244eacffda6022840c619a88acc4ae49b0d65e05d181f1969912363f13a188cbd96e615fca6e853e8be658c720ee34bd433874762637ee61000b5142a2990f34cf6e0f8c1e294c4816a377008e80817edea5d6048a497c8f84f061d5e255d37fe293f916086379afdc3de7b59c03b6312485ac16c5e4e4f454aed657f88243be439d31797246d164b83479f9f99b354590193cb6df458c58c8276a3b870f269dad278d9f50308ce996eceb1a61f0703946c1cdc9ba528876a8f03ba2fe7966fe4af800cb57ce1048e094b4d11d458a5dea614d68a9420b6c4b46d2a0375ee52b1f6b89873c808b85fe1b6a697e10762f6d8ca1a449c1848b2be07f446491ee7d88cf7a102dc12fdfb417b53e6eff843fb17c4b2eec619858ed866e0630327aedc8cf68fce159d5aeb35dfd6ea435ed13715285161f586fec250dfb69984d0cfb5ce36da1b7a654a47f750386df05fafc79277d0c47f9d8905a103e59057ce69cbb1aedd16adc6f7548579f2949092946bcb8e81acfd00d6b1f45cc226a24e991b760e9fbd1f4df195bc10a3f0439967c7b2e5571218aa7ef1269c5a346c8f2a7f6a3d4722ecf3fa37138d1963a14463d12a2851e628b00d09b537f422d13767032921ceaf947b5b7b04f67db2d044ecefd8f34b40b1284d54d02ade8a3abe89ebab9770bec1ab3a712529074862b6ea9861124ff815039287790bdadab79fc60762a11bd71e92c5cfd938827edf74b0897789f84883f0b3104970edc2ec1e192b804210f333f546680c0bddffe45942f5bf0281fc9db1ca9c7ddd570636f76c32671265bddef96307b1029e977e3ec06e5642c8d959d14b77a0922fe6b581e1f3b1627577c6a7de4f1f498eb1da3b697630920cf536c72f8978e86b2cac1d502a51e08b279551e9941781ced109ee23cca3be70033b065df24bd13bcd8136e65da8aaa63aa6dc2ce92996a5433d847d14dccb86ecb9b4eb493d31ec3ec0d9438c11bb89d71dc2add1e73191b55d344ab05eea8d2cfde3c1a5696a7506d60c2925c3ef8a70aec773d09c6fca773d8e178a7f760564178637bce8c8e1783bcb90bc113a085201e39d01552ab1f9e1bb3433233f3cc1ffa5fd55d294676a154f595f09833e7529887fbd5c9782c11b92fcc04057cda413e9b9fad6360f52ee370a38ae58754a055510ac522474380e99ee44fc815601d527ab220ea648e7b665164c66f744a4ec57cd8df3f3781edff97cf9b863503b904b36b7b500ad91d98918f66dc061219390b265694fd3ae8b7d546553a24281ae93133974cd1b52a1d9a4f2037ed9eb68854e5542833e2b2c30fd78d5796f26d82fe2cdec0e27fd11a7502fc3b9e133b2b00970c330c57cd154440f1b936887d8f474a22da9573403f650c0bffda8ad79ef797db60c5bb99f3dd3dc0b1b02a21b2db9996df7a43706680d82c8c698f15711be4a4a022b83bd9e9dbbe5622130030fed5239494d833149be5d54f2eed03c5a21024b504638af013f315255c4ef9d76dc4fe83a21bc7fa47ea758b0158e4f4d5bdf24dd7f7109d8cf6b4bfd518a4e98dc8ab72dff2bd8d4a050e5185975949bf7855a9125275c66ef8ed55e40c895a06716fee0b6653df925fd3bc8568331d7b442c2930092eb1b7ed8f8efbdfed25d2d3042c0550aa6f7afbc78b960217a119ac53c126499916147fb34cb5732bdb4fdeee7716af4ad0e24afda4af135cdb67f01177ac001387b1e81c1cfaf17fae23a81592e5c7199217f95efa7bafed8c1888b24fc7a612327c3f37e3000e3b3d7e1c44ef1dadcf0869b7b87b255a87f4716e230133ae2bc837cea4d4eb251a6435bfc7b3641ec5c002bae776f393ff2b0e0d484cbfeaab77bf91c48e11eecb4fd008a6cc1571d44d8270221ddc673b6104779beb3b15f4b972ffd1e5d152c15870a43a80655ba3d9a95e1a65350526eeb9932b56826e1e60c07c49022d9581a92f1ca19c2fb3b77b6c6f81114d36a50145dc4ae80a2d1f839b96555086d6a6debd28a79d2e6eec9f5542d306e39c254e3098055b6f863a3943bac3dcebb35482633a96c84fa1bfea8aeaef3796f448a8a42f0e25f904aee2907dc122a868280036d3502c50c998b51718c4123f142a8ad47a3d12cdce8efee86d33831286991ecfbfc583f4e1c3bc719c672571b6968012c24488d1d070ceefe71f4f6d82dd8611503f157104c890cb240a42f826502afb31e2c41b21241a10f4742e0f6123466530e7edcff02a1083bb81af08f98db2e7bb797c77bf75a18b5321d2480e1a06fa9b57063ebb8c7591af7c4b74f6d3ed3d25446d48a1259da567b43c88353625b3ed27b02eb572aa56a5bb67ef316b33b943d1a60fbaa3db6e8194ed60371e12d6345fecf3d227676e112156a97bdb8c8caf668f843f0c799619f2a82f8875b316ec1ad54e2d03844e521c596444fd140ab8e3a92ac5682ed36830c334104e4f2a141d099c5cd44132742a468aeb759344630c80257f7b50a2a6a7bfe22c4a0d6de8a63263683df9faaff8c9852a27b2cb1370fbdd8e07d82c24e92c98ad81d65f01396b381ca15309dd8bbe52ba6e458632c7eb15849c8a88d740f53477d473c310c4c89b24c33c137ffeefddecfd4bcf2770af93e222a65fcbae81bd44270bcf2c9a871a36b7df6943ce573cdff29b752d9c8ab45a73c434368467708f5b099cf4e8a87c0e7138589cdea7d0776034330c29d7aada3d324c2b33dd46ba714b4c600ff717d408364b809f61549ba8128a621f8b02e88baa574ff6f2a97ac44c20c72fdbdb3808a5c7a07f37ad56772f463232ad435c9dd3f0875449eef5ee1c30ac55135cd230d48e64898e09d911941b64fc1736bbd07fe787c4b11d21ba22bbebf02aff020ed09375bd8b5c176a7aa5633415c8ad9171b4ce7ce47ce9bc9afd61ebb09d8d6892c31b5c7020e14635f56d37326fe6ff41c0caf034267aba9518d66f18b4ae49b3a34ce970095f02b8fe002392971a23aba946f31166670bbcfb94ab6591679ea442b6e1104843d449ce13b57c678b05a7b678832bea1a5613eba4331d9f8cfb3ef84e897c9dc0ba464b8fc8f3d99028823cdcbade18f3bdd5751af9f9d7d4eac0edcdca3cd6d46d58f6b5dc87a68d8593897d62e77f6e92a2add1784e369f5e1d49d39b6be97d67f1616524687d00d5be0d8bdcf77cd37c2b1c7df25162c5f6e479bbef437b5a29a750024264de00adaf561351e9c517ebe7c87b51ffe95e133e8108de7e2cf8ae36c2226b8469fb7ba4ea961ddd13d1ca8166b0488232cc21dfd3d117e1297a0db743e10b068605ac4bfb03de90807f20604a0276c39f442831b5fb118b1f9c1e0f08156684882ffeec5a4b0cdbac536c6091943296fac5041e5b9200884b9e19d6d06c8088e3994fcad92be389bdca1a234b077eed8908ee1f754236e5e6485fdc56a39f48a22c0774063933bdf462448d5710485428acdc3bf23bbc88bb163f8cfce5ba8ddc0a8b3a8c8c5f77710dd03c85914ce6be6e5cfed757c4afb7720a17d04a6c2ca8ba539253ce4b0bfb4486f4f64a1da076ee492e4aec23bd7eed17bf274655ad2b9ff8430fad9935fdfca576076ff96a38e646f92ff584a6857d3a7659e80664d874f87a8e87fb87f8e134df0df20e46cc62a1434559ddcb338b0110c3995d8bdec0a02267381af6d707863e53a90467d8c6da3ab08481e869a2034bc54629ad7f6fb40fb98aac3ebcc9cec9fb084055869700925207d658e306de01d3d5a9fb348c46b8dcd8768d7208290738bc2d2e065c3c02d6359c046b03f01f908249eec4884aaeea75766d6090ed68b2b5cc43f6ebdfaab0ffb94d1cf72b328d8aa2df6e4c487572f54d22efc6d33b21a84b5bf57abecdf16dac97bb4547ae403b0da471c40613776a83beba0d95e5cc0357fbb993e95bd0dd4ad8dcb58ac274bf3df7309f7075faf5ba4cb13cb28cca11303d821660e600d9ea601a6b459c3be3e7aff7ce79d06692dd0415281fd857c2264cf43682424e19f3e50550d2a644325a7b579210aecf22514aaebfa61d9eb5fab051d5b519ee567b865100bee630a60dd2788666205e026e47005599cbb72736130b92ae45089808c9275b0080fc668caa51023beb386fe4ea2abd9834b22c57ecc7666c1a99e4b99ff77fcf7cf833c2b323b2a83706b4c62c738b744a120745d922fcba0099fc0085f97e9fe58e194a5473f5c839e5bdcb55907967ccd6c0119da4626aa407838d98c1099da397b2213ee5353587e9d4f76a61d57892a5cf2896bd5fd38b55be4069f709e9ec995b5bfa17b107ff95148b3f3b2142e1d2cd0366940ccb72b1b77e7562f0c9bf7284af1c480d50ed7260516b6dea97db3d88daa60e54cd51283b3284761f3fe022b3fedef757d8d6108915ff298c55d8e051d2d16990c06b8af2dfc027b66edd53f46326504a18c4c7779c7972f686c6563a0046c8cf7f9615e2a8f3b43acbe3a3bd8c0e88040d2cdd041ff1aa6c3a1e82faad590cf2457145062b18752bce5bce1fb836bd6798d342a4eb90a78dae2325fcabab79fdfd58bb889d3fde76c739804ba4c548e6fc739b463abd5fb8489aedce7ec0eb74881a41cc16ae6c6e8b3b9280cb5629eb2b477c8e10ff90fa10c66fc4d0378b21380bcd85e9526e61e51914ffadfd2ef80ebe00dc1bb0fad4729ca265af42e5f75bc8ef4e51a8366653c06c759c71a2ec824e67feea6e3c362beb67bdd09486f6db425b1f081cb0b588e8063b2d5c6a146834bbbbe9fc920c04fbf38aafa862d0a3b9a36b51f2b4b44eda882e491360da16cb51454f810cea4328ee9421e53cb13029aeb1d7a6d4c892b2aa3dd9f815329fe638e2e6be1bd41313a5d9fa80451a464b46d0f925528d027e40ed6604eb2da104939650d9c81b496d11b8d00a1c72817729ce3b4ca15673eec933cf1421e01e4b5b29dfad8568428e60b65ea057f72c050b940f6218604934f17a68cfd3175fc08a26a6416c04933d67fa6d92bc9605b52c361e086f5077090a3277f3fa23584eb083a25cedd2ac07106ad8c0e9e908a8ba0162053f9ab9f0b5ecba1348ae314186baa3f221ae232a907e0340d41d8099c1e597bb77c9e9b39d98ecc5d9cc8eb527428979e229483ea73ed1daac4d9fcde30c15e0f67bf8ae575f84c7596ad038de3eaa9d13f7a621979b94ed103c4cc882dfcaa271c6a9b5ad9da079f29daea299f01d45917c93c03b84d3e84cd283c8117b676cdd4bc435d7a4a8e1d82de066d45cd022a1a855f2c013bedfa5bb992c077366888026f89d5174df2044253758fec647be33282cca18d98a97d39176342e041d93d8515bf63becc4e6a4551409192b95b9de427ecc2faec375c2189894c6b54f1b6d2a50615d10312afa5569586a17c6c5960d73acf5a5ddf1e1e77c03d75db370d3b51c3c42c52011a7e65c93eef4beb1cd7825a7cf34bd9587c0c8730d9d691060ace9c5ab5bd43d2c0f54fd17e2e528a5889059887dc077e701c84c4b0094f7dbc7326d2e452c00d2bb0b9099febd00b57918ab03f6926aceb533cf873fe6d0f377c80297340d47c9a27ab4c76d3df6d89da201738e323760cdeff9c1920ccdfb1a64aa0b68d14dfcb5074f740b680968d247b7c0874d1bc28be793c2365f84e6f082ee2119271fa9bc76ea7147046362d35fe721836a1be1745ed60ac66d2c86c5ead707f2d19fca7377bf1714c22967fb7501c0267d19f0faa05aea0240f846d0b0bfa995a3bea3632d3c3b278f1736a687721a2d1a4d9d8bcc93169554782c09ec4cd0c4c9ffd20032d72da6fb48e916338cf2a1758808d3eb6837fe56c71206bd271237f490bce79152a9a3dec514f3ea41c018ee90c321c4712335eb44892c919a8bf061ca9b3f5088dffd6d82da87de52c7f71615e9eb53b591fc03fcab7f69ce97be09eb18fff6ba7a3b22087f26a25880aa74e1554a3c4caa5f18b5c0c2514f9a50440bf3ff73073c4b0bfef743590bd8dd438d8b9c72fa4b89ec6e7561809f07454e968692b4b5d26cd3738c8d121a89b5f6474bf68509ba3be9762a0c990d74d1fd5ca98026e8d6281c0e992a96265bdbdb2e625e4b992a8e71af652c314ca679184547e16184b7ba34f2a09cd380d36865497a3c9f24af91a01f4e2f43d8e6f94d6e72c4e4cb595e53979048d405165b5cad91583460eb4b3ad3aa351c6f69b78829ed2cecf493cda8250990d2ecc5e5adc6b9457c5807e8cf4bef75653751f133e8e62c7a3e98f9fb81520cc9874059e253b2173327d6937e4137f6b41117e818bdfc467f42aa50bdc174d1173903555391bbd162f457e34b82a558ec5db454d7a0f0aa47542f8f87ce3e511bd9bd6ad82b1dcc3bce17d132e7c639a0775104de2638873d1ce9089aa1d79e1c8485a9a01d4bba624be5b94dd6eb449fb94e86fdcff9c6bb5c76f832c213dc0e0c8ba7195e1a8989e88ae2f607290dc4918f2d29d7d3799dbfa49287ea71ace3f1c3e384dad12f8523cb174f1be3238b04aa0a781f05f127106ba3f502f29e06756c51153ed2d1aaff91c67ada6d8b2fdc07f7eb271119075b75ad6492cf1f36dc95d6d189149d87c706d4c5ef05ca408c8269a45129d671a77f96f005f276e78f646c4ec174b2cf90d3ed62279b3e499a5c0a59c463e4fe60ced1dc57676b73b6b28d701191e7beb7310117dfd821f83960f7e600794d240ca836a860869f9aac66a2e5aad2c52b7a8a1ad410eacffba7da2f25736a6e450bbb85540d6f949c687e671ac8018c4cdf18fcf54611416ca4429f84b90d4274ec7707b1ccfd9dad2063c378530a260355bb9fbe0384751ba86ccfb31d4d9d90c62386d1fd4a7219ad7ed2aaa5745663e94990f10d4bf24bfb37128a0b7d95d567909e8acb99053e04caa051c4159afae14c552a2f1f8b9b8b5759adcebef9ba7117add513f4f3a17bb7d3165d855ca231d9e74cd9cef06bdd55ae2c197a76124f713bc7668be94b23e4f7b31e9dc90b21391fb63e25465fde78b1cac196597e28ff278502707f436fe5b8a7eb1c9845d9ac09a5869c73caed6e3aa75d4e7edc4284e9262160bb1ece2f1ece9f55e5953bf5777297e5ebd6ecadaa9bdbd75cf3b464859c261da4573bf1bc72d78aad962b9f29c68c0423a5a4508725171e80def72fd6be6a27387a60099621309a7046cccfc29a6715e9eb61754b6468fd517a22e5335dec64a04ed90334fac0e9895bb897666e9826eaf96ab25cf8e33ca1735ce1e432c8ab6886c194e72fd5c5efd1bb10de65761038be8c9bc8604b9ac0e761e98f273e0b2d88173270a7b85848e235541db4fe11c98530a8d1baf9d7231c56c461c1ce86a2e23fc0da88fd38ffa9dd66c047ba8a16edf53e6d06b90fb4d976d53e22a8dc3bbbbc3f9de0ad9341590fff6a01e28d904b4b57d0dfc8f423f3bb8710ac74a5c34050c44fc3cbead645e3274ac83bfbb1379127c37ff875d79d14d2f57d751edd6b3b58fc7c008e96edc7a1d6ad3764574eb3365b80e6cc891e650d7b812de777da6831c0a8b6fecd380ff847b6969c2f61eb67efa69a8dce8ceef368232106b08652046ae6372e18cc043db94448bc604828f828a8653f2e95073dfb73de3cb35377d1cd150a7f79708c49d73a441a081cc95129a02d183acc58c2d29b6303bd592240041b7a719e1692f19792bba316c5e4e6e58df545e90f15cc360aff603b77040353872f504b0c65e7b56f1dc0c29e29524ae606830e673a6be18be0bfb82bb89580312c53faa625dbff6d322467b70305dd5cafa75dc270adc48e06d62f1c032e7e3e5525a655cda2d3ea7b6511a0a60ee0593e41fd15b71efea1541546e52c88ead20db180f8d634893392bb6eabe3ed13be1269fccfdcff26d91da6a7c7246bee369d8f0262ca6ea3021d91b2554892e91df735cb1fbce92e692741aaed80fa268efc70130a725675f0191cddad340c9036bd8421dd2089d9df61ed139c49d57b003302c55a2431048777f1d267a3fef6d4338b4e60a0630841517c8478166f726a4aad5ef78c1b6d49b14cff2ede6db47d18cbebc10bd65f84075bf1ffc929e1b6677ea1a1a67c3ade31ea69a629510c36c3d0c397ee5a1a8e1a76578433107220bbe664c97808d167ac197e44b780f5dbcbed3b6c8fb4f33d685fac8ee983bd95a4e88993168e52b2afc06b5fc4e4d978157841fd1a3f64a2611e5741618097ed923dfbda7c8766a92b6b033c13899fa3d1c28b07de1467220fde772aeb81cdc15153c30cbf47011956bde1f31f053bb73ab172cdf9db0b17a7d0e213198866b4f8cd7bbe36f7b15a54d8893c05446a2ef4c41d37dd77d3eb1ee68809062078a0c55471f98f07370143b92bc6d2956651ccbc112a57afb2227eefdc3a9974a7bdd2f0b34e68e8199edd70ee6fd006060ce8092a4dfae44e8e4061c341233953fb9b3187effeb52a983067a41ae7e1c246e59613a8ef91f0090ae54dd177f67606a63d415fe1c5846e98129310e56cc0af38e6a2bd9c5aa4347b59629094cb9c704d5a03de5e1747aee08f159175df01b2eb9de79f5f5c895222db476f63186c08c85084a7d4df9e827333bc8093bc669e70a09526466e035768e386bbc193cabbf7dc68b0d3dd71995677857a30b8de6d68af1633aa73c507ef75c9f5119d4390dcd1173060cdc5768cb971881209e1a4f6f5e332cd3599056f9bcda5c4f02677d075cce37c66ab66a67d926be619de9b1ac2144ee8b5d054a7fb805022c0dbf3d0df2edb990aa1cfc4214514dd82929ef39e007037875130e0785e7f6a0685028d0b13aca460e4579b1e1f075dc370017fcd1eb879d8948c8553f3fdf062f1f559baf037d9e429780aed5cf1d07edaa991f4adf1c2ea16d5eb2c8aa98067c70b4c97ee2ec8f99455716a8840fe4938b53c291b0fb4bd9b4f0ae27eeebb578579318d3f8e1b8a2acb4c8c7160c06f5f2fd99bf872f1ff5da908cac7ff9115dd2274d56a1d3f17d5af60d7284e4cc76f86a93338e865c70ae9f8f3067efdee4e8345f2323cb20d3674d85ad58ed9fb0559191ece216fd5603694d40ae308b9e773d2e2d05fba33dec47062d7d13f5494083a6b7daaf7d398bb351da87dfdb3eb2feeddced395f9cf370299ee9f656e7806b5439d18b6a42259a0b6445ead44379b5c6f5c4767e8d1a61979b463c3c42579c6aa42f114785bf33e13271527c6743565e1b69dbfb0d9e845b11ad69356b4beb16ad557e79c169867e727f666783cadaa554316d9dc88e446d99c6aaf8674af0476e5d9131787d4c744bbbb7a4234d3e6c41919c4ef45dba6aefd66c08dae7b0f45261f200b9335a08a6df9674676056d2afbda48866df5cb9bebad5c51b5160927930667d35c4108d367bd09d937ace0ad11970fad75fb691e947c5e0fa12a113d8191894b6f59401fba38a73603dda99dc6a3010e57e36a5154ae9f7f486814781916cdcd8b47b7f72e9974fa108bd4931c5178797cef32ca97d926cc2143df050179475af1bebcdc8f003ca90f44e7cc840de67c2aaf13223e66689ee93e913fa2197d00fe3141d72f7953ea4c05ff938dbf57cfeef270c08f1d3f06618f078a30af53900581d3c6014d976f5a958de0467e52995bdac9ad0c05790907204bbac57a9e2b1d796ca548f661348901ba28138a49f76f22f2d64c098efa53b490f58c92f2697bdb2faaacfdc9b282f8360f8", 0x2000, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)={0x78}, 0x0, 0x0, 0x0, 0x0, 0x0})
io_submit(0x0, 0x0, 0x0)
open$dir(0x0, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x0, 0x8000000)
capset(0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @mcast1, 0x200}, 0x9)
listen(0xffffffffffffffff, 0x80080400)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r3, &(0x7f0000e5c000)={0x2, 0x4e1f, @loopback=0x7f000002}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.empty_time\x00', 0x7a05, 0x1700)
write$cgroup_int(r4, &(0x7f0000000200), 0xf000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000a2e000/0x4000)=nil, &(0x7f0000905000/0x2000)=nil, &(0x7f0000000000)="66478143a496e385866f054e0cfb5bd8beb9d7a0a038d6f28024d80abdfb1b14fcc295cd892b9271491aa5474cf03f", 0x2f}, 0x68)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x3, 0xa}, {0x7ff, 0xfff9, 0x8, 0x7, 0x3}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x39}, {0x4, [{@any, 0x0, 0x7, 0x3, "b16530", 0xe}, {@none, 0x9, 0x6, 0x0, "360a8e", 0x8}, {@none, 0x0, 0x0, 0x5, "e77791", 0x7ff}, {@any, 0xfc, 0x0, 0xf2, "5e1308", 0x7ff}]}}}, 0x63)

3.722668102s ago: executing program 1 (id=7061):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)

3.676974995s ago: executing program 1 (id=7062):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x0)

3.292531649s ago: executing program 0 (id=7065):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = accept(r1, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x19, &(0x7f0000000340)=0x9, 0x3a)
close_range(r0, 0xffffffffffffffff, 0x0)

3.08818174s ago: executing program 2 (id=7066):
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a0000"], 0x22)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x60202, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_emit_ethernet(0x36, 0x0, 0x0)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x1, 0x4800003e, r3, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000007c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wg0\x00', <r9=>0x0})
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="34001000", @ANYRES16=r8, @ANYBLOB="f3480000000000000000030000002000018008000100", @ANYRES32=r9, @ANYBLOB="1400020077673000"/20], 0x34}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000740)={0xbc, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x56, 0xe, {{{}, {}, @device_b, @device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6}}}, @NL80211_ATTR_BEACON_TAIL={0x2a, 0xf, [@channel_switch={0x25, 0x3, {0x0, 0x0, 0x5}}, @prep={0x83, 0x1f, {{}, 0x0, 0x0, @device_a, 0x0, @void, 0x9, 0x5, @device_a, 0x5}}]}, @NL80211_ATTR_PROBE_RESP={0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x971}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0xbc}, 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000d40)=@nat={'nat\x00', 0x2, 0x5, 0x470, 0xf0, 0xf0, 0xffffffff, 0x2d0, 0xf0, 0x3a0, 0x3a0, 0xffffffff, 0x3a0, 0x3a0, 0x5, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @remote, [], [], 'dvmrp0\x00', 'pimreg1\x00'}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @icmp_id, @icmp_id}}}, {{@ipv6={@dev, @loopback, [], [], 'batadv0\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@loopback, @ipv6=@local}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv4=@multicast1, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @gre_key, @gre_key}}}, {{@ipv6={@private0, @private2, [], [], 'ipvlan0\x00', 'pim6reg\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d0)

2.927685647s ago: executing program 4 (id=7067):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x398}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x70, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x3c, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_INDEV={0x14, 0x8, 'veth0\x00'}, @TCA_U32_MARK={0x10}]}}]}, 0x70}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})

2.783026124s ago: executing program 2 (id=7068):
open(&(0x7f0000000500)='.\x00', 0x0, 0x0)
open(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000040)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x6, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000002400010025bd70e9ffff070000000000060004"], 0x1c}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="c0000000190001000000000000000000e0000002000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000008001f0003"], 0xc0}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000c0000000000fc0100000000000000000000000000a42ca84723f6c93b000a"], 0xb8}}, 0x0)

2.590162921s ago: executing program 1 (id=7070):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x33, 0x4, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private}, {@multicast1}, {@remote}, {@broadcast}, {@empty}, {@multicast1}, {@private}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@dev}, {@remote}, {@multicast2}, {@private}, {}, {@broadcast}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0x0, [@private, @rand_addr, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @multicast1, @private]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2.589287709s ago: executing program 4 (id=7071):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
ptrace$peeksig(0x4209, 0x0, &(0x7f0000000180)={0x1, 0x0, 0x4}, &(0x7f0000000540)=[{}, {}, {}, {}])
r0 = openat(0xffffffffffffff9c, 0x0, 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
io_uring_setup(0x354a, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x0, 0xa}}, 0x20)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000001c0), 0x40000, 0x0)
ioctl$IOMMU_TEST_OP_MD_CHECK_REFS(r2, 0x3ba0, &(0x7f0000000380)={0x48, 0x4, 0x0, 0x0, 0xec, &(0x7f0000000280)="ec5e444d178b9bccc55b468822becd79aa6d8f0e463be89923fab2d4daca51d6e55beb4ab3199ca22505bcaa2ef56c63f3154713eee6f209f4060f9c3c7b03d0ed5367872f0a1f05bd7d5d7b44cc6d49377128c5aa8ff3efa46d2b2957c56d60bebb21a1f61103497b7edb3c249fceaeea4618ef2180f5a37c6346d5d89be0cea92c26fffa911dfb33d6426b906452c4791037647287a18f8f57b4f41e97147b9b6b6436e4a94825205fe939ae8f4aad8ac3487359a3838f96e2b67a9e98254c96d4b4b4a16ebf7ee4040d316f600e4aae71e8ea2c300adab450c02723c62e31b2724f309708607c1ec10064", 0x40})
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x0, 0x200, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0xa, 0xfffc, 0x8a, @mcast2}}}, 0xfffffffffffffcaa)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000000c0), 0xffffffffffffffff, 0x0, 0x1, 0x4}}, 0x20)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r3, &(0x7f0000000200)=[{{&(0x7f0000000400)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10, 0x0}}], 0x1, 0x24040890)
setsockopt$sock_int(r3, 0x1, 0x12, &(0x7f0000000140)=0xffff0000, 0x4)
sendto$inet(r3, &(0x7f0000000180)='f', 0xfdef, 0x0, 0x0, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000180)={@local, @dev, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2, 0x0, @private, @multicast1}, {0x14, 0x0, 0x0, @multicast1, "a9598e73e3fb5f1f5ec74ce2d59477c9ecc1c22b"}}}}}, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000040), 0xffffffffffffffff, 0x0, 0x1, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21}, {0xa, 0x0, 0x0, @mcast2}}}, 0x48)

2.364860786s ago: executing program 0 (id=7072):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)

2.243497219s ago: executing program 3 (id=7074):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000100)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0xddf8ffdb, 0x0, 0x0, 0x140030})

2.148700804s ago: executing program 0 (id=7075):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000006c0)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="00000000000000001c002b8008000100", @ANYBLOB='\b'], 0x3c}}, 0x0)

2.04339221s ago: executing program 0 (id=7076):
io_uring_setup(0x6804, &(0x7f0000000440))
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020)
open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000002280), 0x0, 0x0)
open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)

1.965158794s ago: executing program 1 (id=7077):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="e000000013000100000000000000000063626328626c6f77666973682900"/224], 0xe0}}, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000340), 0x42, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_VFIO_IOAS$SET(0xffffffffffffffff, 0x3b88, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r1, &(0x7f0000006280)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
chmod(&(0x7f0000000040)='./file0\x00', 0x0)
removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=@random={'trusted.', '/dev/fuse\x00'})
syz_fuse_handle_req(r1, &(0x7f0000004280)="746742ca1b148a3d4a1d266df0e05721d3b36ffebab0a9750bf000dbdd0e2400445d3671239cb6e17c4e73c69319ff1319860a6a935682a8864763ca0fc3bb37a2570d6015d8148f349d76492ea77fa9c64f9a8d5f6f97ffcec860277cc20118c8ee9c18356b8b0c7182ae1b94c02875db65b3cda135a4be464f474d055a181153444cf6bf7c65c6cea7e9faf223a0aa9eecfeebef4a53414f7bbf33b238dd348197b7b645843b9c61e24b2dc115cf829b59eeba3bfb077434af9e8ce746957cb083b09b21a72d1c7a898b074710106196a1ac73f08bdd5c3f6eb270182fee4eb2a59512c8ac969aaae92b6b72d870e62d95c5ac3be4e987a8e0126ad9b8a72e737654c6637d55aabfd59949fe8962f61a42084cb4b381c7e845d36c9719dde0c21b1bf087d11ac73dec59d59492afdbe4560e4073e591b03f36ca7b674b2ecc29963626770c7e1c90cc7a9d5709e10c6d5414405c50dfe1c165a2b5aa99a4e50c854aeeac2a756ea6ca14bb68536476ec0397811f0b9e4759b2934cbb4cfc13cded31863c39633c3d79d11fecd01d831c1cb089d518500733b702627c48b9fa0202783896b267b22e84ee7ce3492ec5f212ba60c119a408cd9ba2a95c5bfd233e518a5f10ed6acc504b65592f1f43927b57e1deea98e4a1ac6ada92cd74afa7da3f4ab8f3947f69dceacffa4328ee06aebcbfaa0116f247c830d72e2cd7c03b011a374eeffffea06d6558026531e312a2e67da6fd9b5db77fa5e2583f5c0dbde326d9ad1c8c1bbe063a622781c8472583fc63edf049a93a27eec6422f31cbc7b9593b478648a51d6a2e96d6ce3949cced10708d432c73544023a9a3fceee55574af1e3054e68e2afee8d3939601ba78987c84059f559f815fa7a6f1ca8d54a9d32375ba1dd6ec1b95cd782666bb60169ad758c5dcbfe1e983a043e0e2a707bfdb297cc562e9a784a4a901310afcf27f499c90d7a82eb2367a8eab6b3fe461f7b48e2bf0cb4d26168a7cb6366a84d1d889f21e2b95b5acb01c98996ab4483197d6c84ea15a505fb3499664cdb66d1e4d94d92b390247d5cfe49c1e8233215d709e6573052f3cb35429145e9943fb595c95efd5734af77333500bf14049faad939553829e4e2ab8d7400aad2a6850bea35f909aca38fae95a2cb8ab7b567017f9cb190e2c9987e353235259391a9f18f85d7e06772b70cf4efe7c99708e7568bc4242d6d40b98d7322ada6da82d5ee5ff977dfbd3e4d6ae776fd1546aad74e27d93b46c0cd6b91ddd6db97c3a8479683800e163e89faf862c516048df71958789add1fecfd25bdb72b6fe3e9be9c4b47414ef69d81642ca69ea475fabcbaee1fe05948b3c021d9d59008e4a13bea45b4efa4b104afb6a947fc81ec8728366989fc6ba785b64f8f1e92aeeb8853ad2cb4db3875124b9ab57926a4bf9e0156f6821500c12c1ec6af90353d31801cb61e64f8258c5351ed34581f0cbbebbf4411f98ad1f4ee660b4c4c47fb56521608c8c29eb77316d3633cc65411b9d7a9f17f798e3aa498d5eb863c545fbb3efa34576c5b68bc410438cceac84fb808510dbdb191295cdf6762a103cb3567efea172870ba2bfe9d370685056d80c32ac053a1cc926712a185fff94b4b2d2f8d533f499667af7a15d5580f444cb34fbab6b4f4121923c29e93145cdf05be7361619ba6175991e5e41fb45af1b965fa13a89ce192923331fbebea46cc951bddaf6ad86277a7b8a992a92a29ffc00a68014a1134d2f716f062e20e7852a4c40442f2de37d32771f80551a46e2758a6dce9b2c4191a7772f4cb40d612ffc3c6c7d03dc08efb2bee1e4baef9ea07391fe3e57e62d589adeae48918244eacffda6022840c619a88acc4ae49b0d65e05d181f1969912363f13a188cbd96e615fca6e853e8be658c720ee34bd433874762637ee61000b5142a2990f34cf6e0f8c1e294c4816a377008e80817edea5d6048a497c8f84f061d5e255d37fe293f916086379afdc3de7b59c03b6312485ac16c5e4e4f454aed657f88243be439d31797246d164b83479f9f99b354590193cb6df458c58c8276a3b870f269dad278d9f50308ce996eceb1a61f0703946c1cdc9ba528876a8f03ba2fe7966fe4af800cb57ce1048e094b4d11d458a5dea614d68a9420b6c4b46d2a0375ee52b1f6b89873c808b85fe1b6a697e10762f6d8ca1a449c1848b2be07f446491ee7d88cf7a102dc12fdfb417b53e6eff843fb17c4b2eec619858ed866e0630327aedc8cf68fce159d5aeb35dfd6ea435ed13715285161f586fec250dfb69984d0cfb5ce36da1b7a654a47f750386df05fafc79277d0c47f9d8905a103e59057ce69cbb1aedd16adc6f7548579f2949092946bcb8e81acfd00d6b1f45cc226a24e991b760e9fbd1f4df195bc10a3f0439967c7b2e5571218aa7ef1269c5a346c8f2a7f6a3d4722ecf3fa37138d1963a14463d12a2851e628b00d09b537f422d13767032921ceaf947b5b7b04f67db2d044ecefd8f34b40b1284d54d02ade8a3abe89ebab9770bec1ab3a712529074862b6ea9861124ff815039287790bdadab79fc60762a11bd71e92c5cfd938827edf74b0897789f84883f0b3104970edc2ec1e192b804210f333f546680c0bddffe45942f5bf0281fc9db1ca9c7ddd570636f76c32671265bddef96307b1029e977e3ec06e5642c8d959d14b77a0922fe6b581e1f3b1627577c6a7de4f1f498eb1da3b697630920cf536c72f8978e86b2cac1d502a51e08b279551e9941781ced109ee23cca3be70033b065df24bd13bcd8136e65da8aaa63aa6dc2ce92996a5433d847d14dccb86ecb9b4eb493d31ec3ec0d9438c11bb89d71dc2add1e73191b55d344ab05eea8d2cfde3c1a5696a7506d60c2925c3ef8a70aec773d09c6fca773d8e178a7f760564178637bce8c8e1783bcb90bc113a085201e39d01552ab1f9e1bb3433233f3cc1ffa5fd55d294676a154f595f09833e7529887fbd5c9782c11b92fcc04057cda413e9b9fad6360f52ee370a38ae58754a055510ac522474380e99ee44fc815601d527ab220ea648e7b665164c66f744a4ec57cd8df3f3781edff97cf9b863503b904b36b7b500ad91d98918f66dc061219390b265694fd3ae8b7d546553a24281ae93133974cd1b52a1d9a4f2037ed9eb68854e5542833e2b2c30fd78d5796f26d82fe2cdec0e27fd11a7502fc3b9e133b2b00970c330c57cd154440f1b936887d8f474a22da9573403f650c0bffda8ad79ef797db60c5bb99f3dd3dc0b1b02a21b2db9996df7a43706680d82c8c698f15711be4a4a022b83bd9e9dbbe5622130030fed5239494d833149be5d54f2eed03c5a21024b504638af013f315255c4ef9d76dc4fe83a21bc7fa47ea758b0158e4f4d5bdf24dd7f7109d8cf6b4bfd518a4e98dc8ab72dff2bd8d4a050e5185975949bf7855a9125275c66ef8ed55e40c895a06716fee0b6653df925fd3bc8568331d7b442c2930092eb1b7ed8f8efbdfed25d2d3042c0550aa6f7afbc78b960217a119ac53c126499916147fb34cb5732bdb4fdeee7716af4ad0e24afda4af135cdb67f01177ac001387b1e81c1cfaf17fae23a81592e5c7199217f95efa7bafed8c1888b24fc7a612327c3f37e3000e3b3d7e1c44ef1dadcf0869b7b87b255a87f4716e230133ae2bc837cea4d4eb251a6435bfc7b3641ec5c002bae776f393ff2b0e0d484cbfeaab77bf91c48e11eecb4fd008a6cc1571d44d8270221ddc673b6104779beb3b15f4b972ffd1e5d152c15870a43a80655ba3d9a95e1a65350526eeb9932b56826e1e60c07c49022d9581a92f1ca19c2fb3b77b6c6f81114d36a50145dc4ae80a2d1f839b96555086d6a6debd28a79d2e6eec9f5542d306e39c254e3098055b6f863a3943bac3dcebb35482633a96c84fa1bfea8aeaef3796f448a8a42f0e25f904aee2907dc122a868280036d3502c50c998b51718c4123f142a8ad47a3d12cdce8efee86d33831286991ecfbfc583f4e1c3bc719c672571b6968012c24488d1d070ceefe71f4f6d82dd8611503f157104c890cb240a42f826502afb31e2c41b21241a10f4742e0f6123466530e7edcff02a1083bb81af08f98db2e7bb797c77bf75a18b5321d2480e1a06fa9b57063ebb8c7591af7c4b74f6d3ed3d25446d48a1259da567b43c88353625b3ed27b02eb572aa56a5bb67ef316b33b943d1a60fbaa3db6e8194ed60371e12d6345fecf3d227676e112156a97bdb8c8caf668f843f0c799619f2a82f8875b316ec1ad54e2d03844e521c596444fd140ab8e3a92ac5682ed36830c334104e4f2a141d099c5cd44132742a468aeb759344630c80257f7b50a2a6a7bfe22c4a0d6de8a63263683df9faaff8c9852a27b2cb1370fbdd8e07d82c24e92c98ad81d65f01396b381ca15309dd8bbe52ba6e458632c7eb15849c8a88d740f53477d473c310c4c89b24c33c137ffeefddecfd4bcf2770af93e222a65fcbae81bd44270bcf2c9a871a36b7df6943ce573cdff29b752d9c8ab45a73c434368467708f5b099cf4e8a87c0e7138589cdea7d0776034330c29d7aada3d324c2b33dd46ba714b4c600ff717d408364b809f61549ba8128a621f8b02e88baa574ff6f2a97ac44c20c72fdbdb3808a5c7a07f37ad56772f463232ad435c9dd3f0875449eef5ee1c30ac55135cd230d48e64898e09d911941b64fc1736bbd07fe787c4b11d21ba22bbebf02aff020ed09375bd8b5c176a7aa5633415c8ad9171b4ce7ce47ce9bc9afd61ebb09d8d6892c31b5c7020e14635f56d37326fe6ff41c0caf034267aba9518d66f18b4ae49b3a34ce970095f02b8fe002392971a23aba946f31166670bbcfb94ab6591679ea442b6e1104843d449ce13b57c678b05a7b678832bea1a5613eba4331d9f8cfb3ef84e897c9dc0ba464b8fc8f3d99028823cdcbade18f3bdd5751af9f9d7d4eac0edcdca3cd6d46d58f6b5dc87a68d8593897d62e77f6e92a2add1784e369f5e1d49d39b6be97d67f1616524687d00d5be0d8bdcf77cd37c2b1c7df25162c5f6e479bbef437b5a29a750024264de00adaf561351e9c517ebe7c87b51ffe95e133e8108de7e2cf8ae36c2226b8469fb7ba4ea961ddd13d1ca8166b0488232cc21dfd3d117e1297a0db743e10b068605ac4bfb03de90807f20604a0276c39f442831b5fb118b1f9c1e0f08156684882ffeec5a4b0cdbac536c6091943296fac5041e5b9200884b9e19d6d06c8088e3994fcad92be389bdca1a234b077eed8908ee1f754236e5e6485fdc56a39f48a22c0774063933bdf462448d5710485428acdc3bf23bbc88bb163f8cfce5ba8ddc0a8b3a8c8c5f77710dd03c85914ce6be6e5cfed757c4afb7720a17d04a6c2ca8ba539253ce4b0bfb4486f4f64a1da076ee492e4aec23bd7eed17bf274655ad2b9ff8430fad9935fdfca576076ff96a38e646f92ff584a6857d3a7659e80664d874f87a8e87fb87f8e134df0df20e46cc62a1434559ddcb338b0110c3995d8bdec0a02267381af6d707863e53a90467d8c6da3ab08481e869a2034bc54629ad7f6fb40fb98aac3ebcc9cec9fb084055869700925207d658e306de01d3d5a9fb348c46b8dcd8768d7208290738bc2d2e065c3c02d6359c046b03f01f908249eec4884aaeea75766d6090ed68b2b5cc43f6ebdfaab0ffb94d1cf72b328d8aa2df6e4c487572f54d22efc6d33b21a84b5bf57abecdf16dac97bb4547ae403b0da471c40613776a83beba0d95e5cc0357fbb993e95bd0dd4ad8dcb58ac274bf3df7309f7075faf5ba4cb13cb28cca11303d821660e600d9ea601a6b459c3be3e7aff7ce79d06692dd0415281fd857c2264cf43682424e19f3e50550d2a644325a7b579210aecf22514aaebfa61d9eb5fab051d5b519ee567b865100bee630a60dd2788666205e026e47005599cbb72736130b92ae45089808c9275b0080fc668caa51023beb386fe4ea2abd9834b22c57ecc7666c1a99e4b99ff77fcf7cf833c2b323b2a83706b4c62c738b744a120745d922fcba0099fc0085f97e9fe58e194a5473f5c839e5bdcb55907967ccd6c0119da4626aa407838d98c1099da397b2213ee5353587e9d4f76a61d57892a5cf2896bd5fd38b55be4069f709e9ec995b5bfa17b107ff95148b3f3b2142e1d2cd0366940ccb72b1b77e7562f0c9bf7284af1c480d50ed7260516b6dea97db3d88daa60e54cd51283b3284761f3fe022b3fedef757d8d6108915ff298c55d8e051d2d16990c06b8af2dfc027b66edd53f46326504a18c4c7779c7972f686c6563a0046c8cf7f9615e2a8f3b43acbe3a3bd8c0e88040d2cdd041ff1aa6c3a1e82faad590cf2457145062b18752bce5bce1fb836bd6798d342a4eb90a78dae2325fcabab79fdfd58bb889d3fde76c739804ba4c548e6fc739b463abd5fb8489aedce7ec0eb74881a41cc16ae6c6e8b3b9280cb5629eb2b477c8e10ff90fa10c66fc4d0378b21380bcd85e9526e61e51914ffadfd2ef80ebe00dc1bb0fad4729ca265af42e5f75bc8ef4e51a8366653c06c759c71a2ec824e67feea6e3c362beb67bdd09486f6db425b1f081cb0b588e8063b2d5c6a146834bbbbe9fc920c04fbf38aafa862d0a3b9a36b51f2b4b44eda882e491360da16cb51454f810cea4328ee9421e53cb13029aeb1d7a6d4c892b2aa3dd9f815329fe638e2e6be1bd41313a5d9fa80451a464b46d0f925528d027e40ed6604eb2da104939650d9c81b496d11b8d00a1c72817729ce3b4ca15673eec933cf1421e01e4b5b29dfad8568428e60b65ea057f72c050b940f6218604934f17a68cfd3175fc08a26a6416c04933d67fa6d92bc9605b52c361e086f5077090a3277f3fa23584eb083a25cedd2ac07106ad8c0e9e908a8ba0162053f9ab9f0b5ecba1348ae314186baa3f221ae232a907e0340d41d8099c1e597bb77c9e9b39d98ecc5d9cc8eb527428979e229483ea73ed1daac4d9fcde30c15e0f67bf8ae575f84c7596ad038de3eaa9d13f7a621979b94ed103c4cc882dfcaa271c6a9b5ad9da079f29daea299f01d45917c93c03b84d3e84cd283c8117b676cdd4bc435d7a4a8e1d82de066d45cd022a1a855f2c013bedfa5bb992c077366888026f89d5174df2044253758fec647be33282cca18d98a97d39176342e041d93d8515bf63becc4e6a4551409192b95b9de427ecc2faec375c2189894c6b54f1b6d2a50615d10312afa5569586a17c6c5960d73acf5a5ddf1e1e77c03d75db370d3b51c3c42c52011a7e65c93eef4beb1cd7825a7cf34bd9587c0c8730d9d691060ace9c5ab5bd43d2c0f54fd17e2e528a5889059887dc077e701c84c4b0094f7dbc7326d2e452c00d2bb0b9099febd00b57918ab03f6926aceb533cf873fe6d0f377c80297340d47c9a27ab4c76d3df6d89da201738e323760cdeff9c1920ccdfb1a64aa0b68d14dfcb5074f740b680968d247b7c0874d1bc28be793c2365f84e6f082ee2119271fa9bc76ea7147046362d35fe721836a1be1745ed60ac66d2c86c5ead707f2d19fca7377bf1714c22967fb7501c0267d19f0faa05aea0240f846d0b0bfa995a3bea3632d3c3b278f1736a687721a2d1a4d9d8bcc93169554782c09ec4cd0c4c9ffd20032d72da6fb48e916338cf2a1758808d3eb6837fe56c71206bd271237f490bce79152a9a3dec514f3ea41c018ee90c321c4712335eb44892c919a8bf061ca9b3f5088dffd6d82da87de52c7f71615e9eb53b591fc03fcab7f69ce97be09eb18fff6ba7a3b22087f26a25880aa74e1554a3c4caa5f18b5c0c2514f9a50440bf3ff73073c4b0bfef743590bd8dd438d8b9c72fa4b89ec6e7561809f07454e968692b4b5d26cd3738c8d121a89b5f6474bf68509ba3be9762a0c990d74d1fd5ca98026e8d6281c0e992a96265bdbdb2e625e4b992a8e71af652c314ca679184547e16184b7ba34f2a09cd380d36865497a3c9f24af91a01f4e2f43d8e6f94d6e72c4e4cb595e53979048d405165b5cad91583460eb4b3ad3aa351c6f69b78829ed2cecf493cda8250990d2ecc5e5adc6b9457c5807e8cf4bef75653751f133e8e62c7a3e98f9fb81520cc9874059e253b2173327d6937e4137f6b41117e818bdfc467f42aa50bdc174d1173903555391bbd162f457e34b82a558ec5db454d7a0f0aa47542f8f87ce3e511bd9bd6ad82b1dcc3bce17d132e7c639a0775104de2638873d1ce9089aa1d79e1c8485a9a01d4bba624be5b94dd6eb449fb94e86fdcff9c6bb5c76f832c213dc0e0c8ba7195e1a8989e88ae2f607290dc4918f2d29d7d3799dbfa49287ea71ace3f1c3e384dad12f8523cb174f1be3238b04aa0a781f05f127106ba3f502f29e06756c51153ed2d1aaff91c67ada6d8b2fdc07f7eb271119075b75ad6492cf1f36dc95d6d189149d87c706d4c5ef05ca408c8269a45129d671a77f96f005f276e78f646c4ec174b2cf90d3ed62279b3e499a5c0a59c463e4fe60ced1dc57676b73b6b28d701191e7beb7310117dfd821f83960f7e600794d240ca836a860869f9aac66a2e5aad2c52b7a8a1ad410eacffba7da2f25736a6e450bbb85540d6f949c687e671ac8018c4cdf18fcf54611416ca4429f84b90d4274ec7707b1ccfd9dad2063c378530a260355bb9fbe0384751ba86ccfb31d4d9d90c62386d1fd4a7219ad7ed2aaa5745663e94990f10d4bf24bfb37128a0b7d95d567909e8acb99053e04caa051c4159afae14c552a2f1f8b9b8b5759adcebef9ba7117add513f4f3a17bb7d3165d855ca231d9e74cd9cef06bdd55ae2c197a76124f713bc7668be94b23e4f7b31e9dc90b21391fb63e25465fde78b1cac196597e28ff278502707f436fe5b8a7eb1c9845d9ac09a5869c73caed6e3aa75d4e7edc4284e9262160bb1ece2f1ece9f55e5953bf5777297e5ebd6ecadaa9bdbd75cf3b464859c261da4573bf1bc72d78aad962b9f29c68c0423a5a4508725171e80def72fd6be6a27387a60099621309a7046cccfc29a6715e9eb61754b6468fd517a22e5335dec64a04ed90334fac0e9895bb897666e9826eaf96ab25cf8e33ca1735ce1e432c8ab6886c194e72fd5c5efd1bb10de65761038be8c9bc8604b9ac0e761e98f273e0b2d88173270a7b85848e235541db4fe11c98530a8d1baf9d7231c56c461c1ce86a2e23fc0da88fd38ffa9dd66c047ba8a16edf53e6d06b90fb4d976d53e22a8dc3bbbbc3f9de0ad9341590fff6a01e28d904b4b57d0dfc8f423f3bb8710ac74a5c34050c44fc3cbead645e3274ac83bfbb1379127c37ff875d79d14d2f57d751edd6b3b58fc7c008e96edc7a1d6ad3764574eb3365b80e6cc891e650d7b812de777da6831c0a8b6fecd380ff847b6969c2f61eb67efa69a8dce8ceef368232106b08652046ae6372e18cc043db94448bc604828f828a8653f2e95073dfb73de3cb35377d1cd150a7f79708c49d73a441a081cc95129a02d183acc58c2d29b6303bd592240041b7a719e1692f19792bba316c5e4e6e58df545e90f15cc360aff603b77040353872f504b0c65e7b56f1dc0c29e29524ae606830e673a6be18be0bfb82bb89580312c53faa625dbff6d322467b70305dd5cafa75dc270adc48e06d62f1c032e7e3e5525a655cda2d3ea7b6511a0a60ee0593e41fd15b71efea1541546e52c88ead20db180f8d634893392bb6eabe3ed13be1269fccfdcff26d91da6a7c7246bee369d8f0262ca6ea3021d91b2554892e91df735cb1fbce92e692741aaed80fa268efc70130a725675f0191cddad340c9036bd8421dd2089d9df61ed139c49d57b003302c55a2431048777f1d267a3fef6d4338b4e60a0630841517c8478166f726a4aad5ef78c1b6d49b14cff2ede6db47d18cbebc10bd65f84075bf1ffc929e1b6677ea1a1a67c3ade31ea69a629510c36c3d0c397ee5a1a8e1a76578433107220bbe664c97808d167ac197e44b780f5dbcbed3b6c8fb4f33d685fac8ee983bd95a4e88993168e52b2afc06b5fc4e4d978157841fd1a3f64a2611e5741618097ed923dfbda7c8766a92b6b033c13899fa3d1c28b07de1467220fde772aeb81cdc15153c30cbf47011956bde1f31f053bb73ab172cdf9db0b17a7d0e213198866b4f8cd7bbe36f7b15a54d8893c05446a2ef4c41d37dd77d3eb1ee68809062078a0c55471f98f07370143b92bc6d2956651ccbc112a57afb2227eefdc3a9974a7bdd2f0b34e68e8199edd70ee6fd006060ce8092a4dfae44e8e4061c341233953fb9b3187effeb52a983067a41ae7e1c246e59613a8ef91f0090ae54dd177f67606a63d415fe1c5846e98129310e56cc0af38e6a2bd9c5aa4347b59629094cb9c704d5a03de5e1747aee08f159175df01b2eb9de79f5f5c895222db476f63186c08c85084a7d4df9e827333bc8093bc669e70a09526466e035768e386bbc193cabbf7dc68b0d3dd71995677857a30b8de6d68af1633aa73c507ef75c9f5119d4390dcd1173060cdc5768cb971881209e1a4f6f5e332cd3599056f9bcda5c4f02677d075cce37c66ab66a67d926be619de9b1ac2144ee8b5d054a7fb805022c0dbf3d0df2edb990aa1cfc4214514dd82929ef39e007037875130e0785e7f6a0685028d0b13aca460e4579b1e1f075dc370017fcd1eb879d8948c8553f3fdf062f1f559baf037d9e429780aed5cf1d07edaa991f4adf1c2ea16d5eb2c8aa98067c70b4c97ee2ec8f99455716a8840fe4938b53c291b0fb4bd9b4f0ae27eeebb578579318d3f8e1b8a2acb4c8c7160c06f5f2fd99bf872f1ff5da908cac7ff9115dd2274d56a1d3f17d5af60d7284e4cc76f86a93338e865c70ae9f8f3067efdee4e8345f2323cb20d3674d85ad58ed9fb0559191ece216fd5603694d40ae308b9e773d2e2d05fba33dec47062d7d13f5494083a6b7daaf7d398bb351da87dfdb3eb2feeddced395f9cf370299ee9f656e7806b5439d18b6a42259a0b6445ead44379b5c6f5c4767e8d1a61979b463c3c42579c6aa42f114785bf33e13271527c6743565e1b69dbfb0d9e845b11ad69356b4beb16ad557e79c169867e727f666783cadaa554316d9dc88e446d99c6aaf8674af0476e5d9131787d4c744bbbb7a4234d3e6c41919c4ef45dba6aefd66c08dae7b0f45261f200b9335a08a6df9674676056d2afbda48866df5cb9bebad5c51b5160927930667d35c4108d367bd09d937ace0ad11970fad75fb691e947c5e0fa12a113d8191894b6f59401fba38a73603dda99dc6a3010e57e36a5154ae9f7f486814781916cdcd8b47b7f72e9974fa108bd4931c5178797cef32ca97d926cc2143df050179475af1bebcdc8f003ca90f44e7cc840de67c2aaf13223e66689ee93e913fa2197d00fe3141d72f7953ea4c05ff938dbf57cfeef270c08f1d3f06618f078a30af53900581d3c6014d976f5a958de0467e52995bdac9ad0c05790907204bbac57a9e2b1d796ca548f661348901ba28138a49f76f22f2d64c098efa53b490f58c92f2697bdb2faaacfdc9b282f8360f8", 0x2000, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)={0x78}, 0x0, 0x0, 0x0, 0x0, 0x0})
io_submit(0x0, 0x0, 0x0)
open$dir(0x0, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x0, 0x8000000)
capset(0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @mcast1, 0x200}, 0x9)
listen(0xffffffffffffffff, 0x80080400)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r3, &(0x7f0000e5c000)={0x2, 0x4e1f, @loopback=0x7f000002}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.empty_time\x00', 0x7a05, 0x1700)
write$cgroup_int(r4, &(0x7f0000000200), 0xf000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000a2e000/0x4000)=nil, &(0x7f0000905000/0x2000)=nil, &(0x7f0000000000)="66478143a496e385866f054e0cfb5bd8beb9d7a0a038d6f28024d80abdfb1b14fcc295cd892b9271491aa5474cf03f", 0x2f}, 0x68)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x3, 0xa}, {0x7ff, 0xfff9, 0x8, 0x7, 0x3}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x39}, {0x4, [{@any, 0x0, 0x7, 0x3, "b16530", 0xe}, {@none, 0x9, 0x6, 0x0, "360a8e", 0x8}, {@none, 0x0, 0x0, 0x5, "e77791", 0x7ff}, {@any, 0xfc, 0x0, 0xf2, "5e1308", 0x7ff}]}}}, 0x63)

1.848835388s ago: executing program 3 (id=7078):
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a0000"], 0x22)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x60202, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_emit_ethernet(0x36, 0x0, 0x0)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x1, 0x4800003e, r3, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000007c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wg0\x00', <r9=>0x0})
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="34001000", @ANYRES16=r8, @ANYBLOB="f3480000000000000000030000002000018008000100", @ANYRES32=r9, @ANYBLOB="1400020077673000"/20], 0x34}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000740)={0xbc, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x56, 0xe, {{{}, {}, @device_b, @device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6}}}, @NL80211_ATTR_BEACON_TAIL={0x2a, 0xf, [@channel_switch={0x25, 0x3, {0x0, 0x0, 0x5}}, @prep={0x83, 0x1f, {{}, 0x0, 0x0, @device_a, 0x0, @void, 0x9, 0x5, @device_a, 0x5}}]}, @NL80211_ATTR_PROBE_RESP={0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x971}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0xbc}, 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000d40)=@nat={'nat\x00', 0x2, 0x5, 0x470, 0xf0, 0xf0, 0xffffffff, 0x2d0, 0xf0, 0x3a0, 0x3a0, 0xffffffff, 0x3a0, 0x3a0, 0x5, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @remote, [], [], 'dvmrp0\x00', 'pimreg1\x00'}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @icmp_id, @icmp_id}}}, {{@ipv6={@dev, @loopback, [], [], 'batadv0\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@loopback, @ipv6=@local}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv4=@multicast1, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @gre_key, @gre_key}}}, {{@ipv6={@private0, @private2, [], [], 'ipvlan0\x00', 'pim6reg\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d0)

1.120421865s ago: executing program 0 (id=7079):
open(&(0x7f0000000500)='.\x00', 0x0, 0x0)
open(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000040)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x6, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000002400010025bd70e9ffff070000000000060004"], 0x1c}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="c0000000190001000000000000000000e0000002000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000008001f0003"], 0xc0}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000c0000000000fc0100000000000000000000000000a42ca84723f6c93b000a"], 0xb8}}, 0x0)

1.051075624s ago: executing program 1 (id=7080):
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000280)="ad", 0x1}, {&(0x7f0000000080)="a47fb2a54c206acdeaacc8ecd6d95c2526ce", 0x12}], 0x2)
getpid()
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/65, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xe6)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x6e, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000140)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfe, 0xf, 0x0, 0x80, 0x8, 0x0, 0x0, 0x6, 0x0, 0x3, 0x0, 0x2, 0xe, '\x00', 0x0, 0x7})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f0000000580)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r5, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)

696.540795ms ago: executing program 0 (id=7081):
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000280)="ad", 0x1}, {&(0x7f0000000080)="a47fb2a54c206acdeaacc8ecd6d95c2526ce", 0x12}], 0x2)
getpid()
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x6e, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfe, 0xf, 0x0, 0x80, 0x8, 0x0, 0x0, 0x6, 0x0, 0x3, 0x0, 0x2, 0xe, '\x00', 0x0, 0x7})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

201.832014ms ago: executing program 1 (id=7083):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000300)=0x208)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r0, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x800)
sendto$inet6(r0, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
shutdown(r0, 0x1)

0s ago: executing program 3 (id=7084):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000006c0)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB="3c000000100001080000", @ANYRES32=r2, @ANYBLOB="00000000000000001c002b8008000100", @ANYBLOB='\b'], 0x3c}}, 0x0)

kernel console output (not intermixed with test programs):

967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=552 comm="syz.2.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1de3375b99 code=0x7ffc0000
[ 1476.906027][ T5145] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1476.922445][ T5145] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1476.942432][ T5145] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1476.959565][   T29] audit: type=1326 audit(1719982108.700:1968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=552 comm="syz.2.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1de3375b99 code=0x7ffc0000
[ 1476.982385][ T5145] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1477.003920][ T5145] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1477.025179][   T29] audit: type=1326 audit(1719982108.700:1969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=552 comm="syz.2.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1de3375b99 code=0x7ffc0000
[ 1477.060013][ T5145] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1477.079984][ T5145] hub 2-1:1.0: bad descriptor, ignoring hub
[ 1477.086270][ T5145] hub 2-1:1.0: probe with driver hub failed with error -5
[ 1477.094556][ T5145] cdc_wdm 2-1:1.0: skipping garbage
[ 1477.097041][   T29] audit: type=1326 audit(1719982108.700:1970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=552 comm="syz.2.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1de3375b99 code=0x7ffc0000
[ 1477.100082][ T5145] cdc_wdm 2-1:1.0: skipping garbage
[ 1477.131538][ T5145] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 1477.140013][ T5145] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1477.209262][   T29] audit: type=1326 audit(1719982108.700:1971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=552 comm="syz.2.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1de3375b99 code=0x7ffc0000
[ 1477.280676][   T29] audit: type=1326 audit(1719982108.700:1972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=552 comm="syz.2.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1de3375b99 code=0x7ffc0000
[ 1477.360340][   T29] audit: type=1326 audit(1719982108.700:1973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=552 comm="syz.2.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f1de3375b99 code=0x7ffc0000
[ 1477.418063][   T29] audit: type=1326 audit(1719982108.700:1974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=552 comm="syz.2.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1de3375b99 code=0x7ffc0000
[ 1477.453404][T21608] usb 4-1: USB disconnect, device number 90
[ 1477.462648][T21500] usb 1-1: new high-speed USB device number 108 using dummy_hcd
[ 1477.463238][   T29] audit: type=1326 audit(1719982108.700:1975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=552 comm="syz.2.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1de3375b99 code=0x7ffc0000
[ 1477.496617][ T5145] usb 2-1: USB disconnect, device number 68
[ 1477.713334][T21500] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1477.752310][T21500] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1477.780562][T21500] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1477.789653][T21500] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1477.822863][T21500] usb 1-1: config 0 descriptor??
[ 1478.107348][T11401] Bluetooth: Wrong link type (-71)
[ 1478.242040][T21500] usbhid 1-1:0.0: can't add hid device: -71
[ 1478.253084][T21500] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1478.282697][T21500] usb 1-1: USB disconnect, device number 108
[ 1478.538784][  T595] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6752'.
[ 1479.701678][ T5148] usb 4-1: new high-speed USB device number 91 using dummy_hcd
[ 1479.901170][ T5148] usb 4-1: Using ep0 maxpacket: 16
[ 1479.907822][ T5148] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1479.922565][ T5148] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1479.931802][ T5149] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[ 1479.939518][ T5148] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1479.948577][ T5148] usb 4-1: Product: syz
[ 1479.953901][ T5148] usb 4-1: Manufacturer: syz
[ 1479.958532][ T5148] usb 4-1: SerialNumber: syz
[ 1479.966768][ T5148] usb 4-1: config 0 descriptor??
[ 1480.126830][T28451] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1480.141725][ T5149] usb 5-1: Using ep0 maxpacket: 8
[ 1480.152734][ T5149] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1480.180804][ T5149] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1480.189737][ T5149] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1480.243076][ T5149] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1480.280676][ T5148] usb 4-1: USB disconnect, device number 91
[ 1480.304389][ T5149] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1480.316632][T28451] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1480.343325][ T5149] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1480.378094][ T5149] hub 5-1:1.0: bad descriptor, ignoring hub
[ 1480.390607][ T5149] hub 5-1:1.0: probe with driver hub failed with error -5
[ 1480.419505][ T5149] cdc_wdm 5-1:1.0: skipping garbage
[ 1480.431318][ T5149] cdc_wdm 5-1:1.0: skipping garbage
[ 1480.450169][ T5149] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[ 1480.471751][ T5149] cdc_wdm 5-1:1.0: Unknown control protocol
[ 1480.508247][T28451] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1480.646900][T28451] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1480.689628][T20554] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1480.704056][T20554] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1480.714131][T20554] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1480.734528][T20554] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1480.749186][T20554] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1480.757310][T20554] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1480.881151][T21500] usb 5-1: USB disconnect, device number 92
[ 1480.898697][T28451] bridge_slave_1: left allmulticast mode
[ 1480.912087][T28451] bridge_slave_1: left promiscuous mode
[ 1480.926687][T28451] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1480.954194][T28451] bridge_slave_0: left allmulticast mode
[ 1480.980660][T28451] bridge_slave_0: left promiscuous mode
[ 1481.009275][T28451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1481.789292][T28451] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1481.815548][T28451] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1481.830978][   T29] kauditd_printk_skb: 49 callbacks suppressed
[ 1481.830995][   T29] audit: type=1326 audit(1719982113.660:2025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=652 comm="syz.4.6768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1481.832417][T28451] bond0 (unregistering): Released all slaves
[ 1481.876670][   T29] audit: type=1326 audit(1719982113.660:2026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=652 comm="syz.4.6768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1481.951062][   T29] audit: type=1326 audit(1719982113.670:2027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=652 comm="syz.4.6768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f11a477471f code=0x7ffc0000
[ 1482.013830][   T29] audit: type=1326 audit(1719982113.670:2028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=652 comm="syz.4.6768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1482.087370][   T29] audit: type=1326 audit(1719982113.670:2029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=652 comm="syz.4.6768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1482.151979][   T29] audit: type=1326 audit(1719982113.670:2030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=652 comm="syz.4.6768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1482.175233][   T29] audit: type=1326 audit(1719982113.670:2031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=652 comm="syz.4.6768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1482.214645][   T29] audit: type=1326 audit(1719982113.670:2032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=652 comm="syz.4.6768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1482.295008][   T29] audit: type=1326 audit(1719982113.700:2033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=652 comm="syz.4.6768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1482.407055][   T29] audit: type=1326 audit(1719982113.700:2034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=652 comm="syz.4.6768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1482.692681][ T5149] usb 4-1: new high-speed USB device number 92 using dummy_hcd
[ 1482.800080][T28451] hsr_slave_0: left promiscuous mode
[ 1482.824435][T28451] hsr_slave_1: left promiscuous mode
[ 1482.841043][T11401] Bluetooth: hci4: command tx timeout
[ 1482.853689][T28451] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1482.869231][T28451] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1482.890597][ T5149] usb 4-1: Using ep0 maxpacket: 16
[ 1482.914442][ T5149] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1482.947087][T28451] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1482.957136][T20554] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1482.969693][T20554] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1482.977714][ T5149] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1482.988900][T20554] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1483.000766][ T5149] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1483.009214][T20554] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1483.009220][T28451] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1483.026515][ T5149] usb 4-1: Product: syz
[ 1483.034853][ T5149] usb 4-1: Manufacturer: syz
[ 1483.039570][T20554] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1483.046800][ T5149] usb 4-1: SerialNumber: syz
[ 1483.052774][T20554] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1483.061425][ T5149] usb 4-1: config 0 descriptor??
[ 1483.135489][T28451] veth1_macvtap: left promiscuous mode
[ 1483.141622][T28451] veth0_macvtap: left promiscuous mode
[ 1483.147297][T28451] veth1_vlan: left promiscuous mode
[ 1483.180918][T28451] veth0_vlan: left promiscuous mode
[ 1483.352353][T21500] usb 4-1: USB disconnect, device number 92
[ 1483.878260][T11401] Bluetooth: hci2: command tx timeout
[ 1484.186430][T28451] team0 (unregistering): Port device team_slave_1 removed
[ 1484.262735][T28451] team0 (unregistering): Port device team_slave_0 removed
[ 1484.924700][T11401] Bluetooth: hci4: command tx timeout
[ 1484.996262][ T1242] ieee802154 phy0 wpan0: encryption failed: -22
[ 1485.002754][ T1242] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.082738][T11401] Bluetooth: hci1: command tx timeout
[ 1485.317998][  T629] chnl_net:caif_netlink_parms(): no params data found
[ 1485.508657][ T5149] usb 4-1: new high-speed USB device number 93 using dummy_hcd
[ 1485.700677][ T5149] usb 4-1: Using ep0 maxpacket: 16
[ 1485.717904][ T5149] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1485.739424][ T5149] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1485.755193][ T5149] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1485.773130][ T5149] usb 4-1: config 0 descriptor??
[ 1485.787906][  T629] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1485.821177][  T629] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1485.844624][  T629] bridge_slave_0: entered allmulticast mode
[ 1485.866883][  T629] bridge_slave_0: entered promiscuous mode
[ 1485.904481][  T629] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1485.923649][  T629] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1485.931784][  T629] bridge_slave_1: entered allmulticast mode
[ 1485.940102][  T629] bridge_slave_1: entered promiscuous mode
[ 1485.958906][  T678] chnl_net:caif_netlink_parms(): no params data found
[ 1486.154893][  T629] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1486.168615][  T629] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1486.178856][  T727] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6781'.
[ 1486.501248][ T5149] usbhid 4-1:0.0: can't add hid device: -71
[ 1486.507560][ T5149] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1486.537007][ T5149] usb 4-1: USB disconnect, device number 93
[ 1486.600383][  T678] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1486.622136][  T678] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1486.636615][  T678] bridge_slave_0: entered allmulticast mode
[ 1486.653293][  T678] bridge_slave_0: entered promiscuous mode
[ 1486.688404][  T629] team0: Port device team_slave_0 added
[ 1486.715893][  T678] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1486.727703][  T678] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1486.727945][T11401] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[ 1486.743776][  T678] bridge_slave_1: entered allmulticast mode
[ 1486.758766][  T678] bridge_slave_1: entered promiscuous mode
[ 1486.777465][  T629] team0: Port device team_slave_1 added
[ 1486.863973][T28451] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1486.991750][T11401] Bluetooth: hci4: command tx timeout
[ 1487.042244][  T678] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1487.113450][T28451] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1487.149596][  T629] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1487.151178][T11401] Bluetooth: hci1: command tx timeout
[ 1487.172170][   T29] kauditd_printk_skb: 33 callbacks suppressed
[ 1487.172186][   T29] audit: type=1326 audit(1719982119.010:2068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=747 comm="syz.4.6784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1487.179253][  T629] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1487.226765][  T629] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1487.248471][  T629] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1487.255602][  T629] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1487.284414][  T629] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1487.303105][   T29] audit: type=1326 audit(1719982119.010:2069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=747 comm="syz.4.6784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1487.346919][   T29] audit: type=1326 audit(1719982119.160:2070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=747 comm="syz.4.6784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1487.371466][   T29] audit: type=1326 audit(1719982119.160:2071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=747 comm="syz.4.6784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1487.406308][  T678] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1487.417027][   T29] audit: type=1326 audit(1719982119.160:2072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=747 comm="syz.4.6784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1487.448836][   T29] audit: type=1326 audit(1719982119.180:2073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=747 comm="syz.4.6784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f11a4775b99 code=0x7ffc0000
[ 1487.514919][T28451] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1487.612267][  T678] team0: Port device team_slave_0 added
[ 1487.634741][  T678] team0: Port device team_slave_1 added
[ 1487.702529][T28451] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1487.752537][   T29] audit: type=1326 audit(1719982119.590:2074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=766 comm="syz.3.6788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1487.821645][   T29] audit: type=1326 audit(1719982119.590:2075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=766 comm="syz.3.6788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1487.879942][   T29] audit: type=1326 audit(1719982119.590:2076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=766 comm="syz.3.6788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1487.907565][  T678] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1487.915127][   T29] audit: type=1326 audit(1719982119.590:2077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=766 comm="syz.3.6788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1487.923805][  T678] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1487.978706][  T678] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1488.022170][  T678] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1488.029213][  T678] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1488.058965][  T678] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1488.095905][  T629] hsr_slave_0: entered promiscuous mode
[ 1488.111468][  T629] hsr_slave_1: entered promiscuous mode
[ 1488.120953][  T629] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1488.128543][  T629] Cannot create hsr debugfs directory
[ 1488.431857][  T678] hsr_slave_0: entered promiscuous mode
[ 1488.489978][  T678] hsr_slave_1: entered promiscuous mode
[ 1488.515169][  T678] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1488.541376][  T678] Cannot create hsr debugfs directory
[ 1488.568998][  T778] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6790'.
[ 1488.875972][T28451] bridge_slave_1: left allmulticast mode
[ 1488.889009][T28451] bridge_slave_1: left promiscuous mode
[ 1488.904831][T28451] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1488.932674][T28451] bridge_slave_0: left allmulticast mode
[ 1488.938636][T28451] bridge_slave_0: left promiscuous mode
[ 1488.946845][T28451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1489.072168][T11401] Bluetooth: hci4: command tx timeout
[ 1489.231396][T11401] Bluetooth: hci1: command tx timeout
[ 1489.647330][T21608] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[ 1489.791197][T28451] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1489.808554][T28451] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1489.820856][T28451] bond0 (unregistering): Released all slaves
[ 1489.850710][T21608] usb 5-1: Using ep0 maxpacket: 32
[ 1489.869466][T21608] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11
[ 1489.890061][T21608] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1489.910901][T21608] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1489.949829][T21608] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1489.972727][T21608] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1489.988178][T21608] usb 5-1: Product: syz
[ 1489.999579][T21608] usb 5-1: Manufacturer: syz
[ 1490.020960][T21608] usb 5-1: SerialNumber: syz
[ 1490.473759][T21608] cdc_ncm 5-1:1.0: bind() failure
[ 1490.506679][T21608] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[ 1490.518153][T21608] cdc_ncm 5-1:1.1: bind() failure
[ 1490.554866][T21608] usb 5-1: USB disconnect, device number 93
[ 1490.624430][T28451] hsr_slave_0: left promiscuous mode
[ 1490.660576][T28451] hsr_slave_1: left promiscuous mode
[ 1490.677566][T28451] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1490.689682][T28451] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1490.716450][T28451] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1490.728624][T28451] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1490.793957][T28451] veth1_macvtap: left promiscuous mode
[ 1490.809610][T28451] veth0_macvtap: left promiscuous mode
[ 1490.819080][T28451] veth1_vlan: left promiscuous mode
[ 1490.826040][T28451] veth0_vlan: left promiscuous mode
[ 1491.080654][  T826] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1491.313136][T11401] Bluetooth: hci1: command tx timeout
[ 1491.878126][T28451] team0 (unregistering): Port device team_slave_1 removed
[ 1491.928125][T28451] team0 (unregistering): Port device team_slave_0 removed
[ 1493.301602][  T629] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1493.327450][  T629] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1493.357719][  T629] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1493.419295][  T629] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1493.879443][  T629] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1493.950197][  T629] 8021q: adding VLAN 0 to HW filter on device team0
[ 1494.015583][  T678] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1494.070040][  T678] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1494.120144][  T678] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1494.166201][ T5145] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1494.173515][ T5145] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1494.252271][ T5145] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1494.259457][ T5145] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1494.317009][  T678] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1494.745130][  T678] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1494.767481][  T629] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1494.888368][  T678] 8021q: adding VLAN 0 to HW filter on device team0
[ 1494.946233][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1494.953480][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1494.989636][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1494.996787][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1495.076871][  T629] veth0_vlan: entered promiscuous mode
[ 1495.164246][  T629] veth1_vlan: entered promiscuous mode
[ 1495.361189][  T629] veth0_macvtap: entered promiscuous mode
[ 1495.419057][  T629] veth1_macvtap: entered promiscuous mode
[ 1495.496171][  T678] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1495.566303][  T629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1495.598860][  T629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1495.631176][  T629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1495.652544][  T629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1495.673306][  T629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1495.728400][  T629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1495.749421][  T629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1495.778196][  T629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1495.821829][  T629] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1495.857391][  T629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1495.886349][  T629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1495.921892][  T629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1495.949252][  T629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1495.974282][  T629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1496.001460][  T629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1496.018140][  T629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1496.039183][  T629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1496.062922][  T629] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1496.113471][  T629] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.134764][  T629] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.171394][  T629] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.180323][  T629] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.239848][ T1011] netlink: 'syz.3.6840': attribute type 1 has an invalid length.
[ 1496.332685][  T678] veth0_vlan: entered promiscuous mode
[ 1496.408339][ T1018] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1496.443287][ T1018] bond1: (slave batadv1): Enslaving as a backup interface with an up link
[ 1496.529963][  T678] veth1_vlan: entered promiscuous mode
[ 1496.746285][  T678] veth0_macvtap: entered promiscuous mode
[ 1496.802213][  T678] veth1_macvtap: entered promiscuous mode
[ 1496.888664][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1496.917668][  T678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1496.924543][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1496.956462][  T678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1496.977046][  T678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1497.010410][  T678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1497.043837][  T678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1497.060591][  T678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1497.084343][  T678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1497.110676][  T678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1497.129629][ T1040] kvm: kvm [1039]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x1ce00000000
[ 1497.134491][  T678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1497.164153][  T678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1497.186080][  T678] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1497.253106][  T678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1497.278711][  T678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1497.313454][T11401] Bluetooth: hci3: command 0x0406 tx timeout
[ 1497.331301][  T678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1497.354414][  T678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1497.367465][  T678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1497.378224][  T678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1497.391940][  T678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1497.402623][  T678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1497.416310][  T678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1497.430191][  T678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1497.448615][  T678] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1497.477801][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1497.490413][  T678] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1497.505456][  T678] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1497.514731][  T678] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1497.523514][  T678] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1497.542028][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1497.783539][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1497.813356][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1497.909887][ T4361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1497.943077][ T4361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1498.142812][   T29] kauditd_printk_skb: 23 callbacks suppressed
[ 1498.142829][   T29] audit: type=1326 audit(1719982129.980:2101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1078 comm="syz.3.6855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1498.225984][   T29] audit: type=1326 audit(1719982129.980:2102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1078 comm="syz.3.6855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1498.322849][   T29] audit: type=1326 audit(1719982129.980:2103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1078 comm="syz.3.6855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb64677471f code=0x7ffc0000
[ 1498.428020][   T29] audit: type=1326 audit(1719982129.980:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1078 comm="syz.3.6855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1498.503139][   T29] audit: type=1326 audit(1719982129.980:2105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1078 comm="syz.3.6855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1498.573023][ T1101] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1498.580788][ T1101] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1498.598497][   T29] audit: type=1326 audit(1719982129.980:2106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1078 comm="syz.3.6855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1498.655743][ T1094] kvm: kvm [1093]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x100000008
[ 1498.665985][ T1105] bridge_slave_1: left allmulticast mode
[ 1498.684856][   T29] audit: type=1326 audit(1719982129.980:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1078 comm="syz.3.6855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1498.711101][ T1105] bridge_slave_1: left promiscuous mode
[ 1498.748412][ T1094] kvm: kvm [1093]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[ 1498.757875][ T1105] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1498.787910][   T29] audit: type=1326 audit(1719982129.980:2108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1078 comm="syz.3.6855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1498.824264][ T1094] kvm: kvm [1093]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x100000088
[ 1498.865686][ T1105] bridge_slave_0: left allmulticast mode
[ 1498.871876][ T1105] bridge_slave_0: left promiscuous mode
[ 1498.890941][   T29] audit: type=1326 audit(1719982130.010:2109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1078 comm="syz.3.6855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1498.914670][ T1105] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1498.982003][   T29] audit: type=1326 audit(1719982130.010:2110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1078 comm="syz.3.6855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb646775b99 code=0x7ffc0000
[ 1499.124705][ T5144] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[ 1499.314166][T20554] Bluetooth: hci0: command 0x0406 tx timeout
[ 1499.401371][ T5144] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1499.428493][ T5105] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[ 1499.460595][ T5144] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1499.513465][ T5144] usb 3-1: config 0 descriptor??
[ 1501.391197][T20554] Bluetooth: hci0: command 0x0406 tx timeout
[ 1501.746568][ T5144] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[ 1501.785597][ T5144] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[ 1501.838232][ T5144] [drm:udl_init] *ERROR* Selecting channel failed
[ 1501.897023][ T5144] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2
[ 1501.927094][ T5144] [drm] Initialized udl on minor 2
[ 1501.945590][ T5144] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1502.000902][ T5144] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1502.008072][ T5146] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1502.044421][ T5146] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1502.053092][ T5144] usb 3-1: USB disconnect, device number 89
[ 1502.080909][ T5146] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1502.286751][ T1186] kvm: kvm [1185]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x1ce00000000
[ 1506.021117][ T4361] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1506.093189][ T1318] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6903'.
[ 1506.227090][ T4361] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1506.366867][ T4361] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1506.462557][ T4361] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1506.590686][ T5105] Bluetooth: hci2: command 0x0406 tx timeout
[ 1507.481814][T11401] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1507.501539][T11401] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1507.512408][T11401] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1507.521700][T11401] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1507.548115][T11401] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1507.556522][T11401] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1508.217059][ T4361] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1508.244801][ T4361] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1508.273611][ T4361] bond0 (unregistering): Released all slaves
[ 1508.310835][ T1366] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6917'.
[ 1508.771595][ T5146] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[ 1508.913129][T11401] Bluetooth: hci1: command 0x0406 tx timeout
[ 1508.992693][ T5146] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1509.010576][ T5146] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1509.031428][ T5146] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1509.045715][ T5146] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1509.065598][ T5146] usb 2-1: SerialNumber: syz
[ 1509.080803][ T4361] hsr_slave_0: left promiscuous mode
[ 1509.124654][ T4361] hsr_slave_1: left promiscuous mode
[ 1509.147056][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1509.178627][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1509.211723][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1509.229109][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1509.315634][ T4361] veth1_macvtap: left promiscuous mode
[ 1509.337296][ T5146] usb 2-1: 0:2 : does not exist
[ 1509.366134][ T4361] veth0_macvtap: left promiscuous mode
[ 1509.379844][ T4361] veth1_vlan: left promiscuous mode
[ 1509.394257][ T4361] veth0_vlan: left promiscuous mode
[ 1509.415658][ T5146] usb 2-1: USB disconnect, device number 69
[ 1509.550837][ T5144] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[ 1509.630829][T20554] Bluetooth: hci2: command tx timeout
[ 1509.664894][T28675] udevd[28675]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1509.770318][ T5144] usb 4-1: Using ep0 maxpacket: 16
[ 1509.777856][ T5144] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1509.826338][ T5144] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1509.843768][ T5144] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1509.870621][ T5144] usb 4-1: Product: syz
[ 1509.874849][ T5144] usb 4-1: Manufacturer: syz
[ 1509.879471][ T5144] usb 4-1: SerialNumber: syz
[ 1509.894242][ T5144] usb 4-1: config 0 descriptor??
[ 1510.164833][ T5146] usb 4-1: USB disconnect, device number 94
[ 1510.556199][   T29] kauditd_printk_skb: 42 callbacks suppressed
[ 1510.556218][   T29] audit: type=1326 audit(1719982142.390:2153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1418 comm="syz.0.6931" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3f43375b99 code=0x0
[ 1510.853583][ T4361] team0 (unregistering): Port device team_slave_1 removed
[ 1510.964388][ T4361] team0 (unregistering): Port device team_slave_0 removed
[ 1511.711045][T20554] Bluetooth: hci2: command tx timeout
[ 1511.843821][ T1358] chnl_net:caif_netlink_parms(): no params data found
[ 1512.070664][ T5145] usb 4-1: new high-speed USB device number 95 using dummy_hcd
[ 1512.209653][ T1358] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1512.228288][ T1358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1512.240796][ T1358] bridge_slave_0: entered allmulticast mode
[ 1512.272075][ T1358] bridge_slave_0: entered promiscuous mode
[ 1512.291765][ T5145] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1512.313680][ T1358] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1512.330999][ T5145] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1512.350662][ T1358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1512.368288][ T1358] bridge_slave_1: entered allmulticast mode
[ 1512.374812][ T5145] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1512.394223][ T5145] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1512.402738][ T1358] bridge_slave_1: entered promiscuous mode
[ 1512.429074][ T5145] usb 4-1: SerialNumber: syz
[ 1512.588111][ T1358] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1512.626960][ T1358] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1512.664877][   T29] audit: type=1326 audit(1719982144.500:2154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1461 comm="syz.1.6942" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7720f75b99 code=0x0
[ 1512.756639][ T5145] usb 4-1: 0:2 : does not exist
[ 1512.782470][ T5145] usb 4-1: unit 5 not found!
[ 1512.862319][ T5145] usb 4-1: USB disconnect, device number 95
[ 1512.911955][T11401] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1512.922312][T11401] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1512.931968][T11401] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1512.943380][T11401] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1512.962756][T11401] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1512.974610][T11401] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1513.030388][ T4361] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1513.114723][ T1358] team0: Port device team_slave_0 added
[ 1513.123650][ T1358] team0: Port device team_slave_1 added
[ 1513.244175][T28675] udevd[28675]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1513.317143][ T4361] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1513.349421][ T1358] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1513.363167][ T1358] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1513.430576][ T1358] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1513.461022][ T1358] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1513.478246][ T1358] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1513.570788][ T1358] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1513.725791][ T4361] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1513.802199][T20554] Bluetooth: hci2: command tx timeout
[ 1513.939268][ T4361] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1514.129274][ T1358] hsr_slave_0: entered promiscuous mode
[ 1514.149412][ T1358] hsr_slave_1: entered promiscuous mode
[ 1514.161386][ T1358] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1514.177802][ T1358] Cannot create hsr debugfs directory
[ 1514.185289][T11401] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1514.199626][T11401] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1514.210155][T11401] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1514.236179][T11401] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1514.253834][T11401] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1514.261589][T11401] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1514.726795][   T29] audit: type=1326 audit(1719982146.560:2155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1507 comm="syz.3.6951" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb646775b99 code=0x0
[ 1514.841843][ T1518] netlink: 'syz.2.6953': attribute type 29 has an invalid length.
[ 1514.864203][ T4361] bridge_slave_1: left allmulticast mode
[ 1514.871233][ T4361] bridge_slave_1: left promiscuous mode
[ 1514.877091][ T4361] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1514.888711][ T4361] bridge_slave_0: left allmulticast mode
[ 1514.896396][ T4361] bridge_slave_0: left promiscuous mode
[ 1514.903667][ T4361] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1515.077884][T20554] Bluetooth: hci4: command tx timeout
[ 1515.419994][ T4361] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1515.434255][ T4361] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1515.445067][ T4361] bond0 (unregistering): Released all slaves
[ 1515.461515][ T1473] chnl_net:caif_netlink_parms(): no params data found
[ 1515.535395][ T1518] netlink: 'syz.2.6953': attribute type 29 has an invalid length.
[ 1515.543893][ T1519] netlink: 'syz.2.6953': attribute type 29 has an invalid length.
[ 1515.674330][ T1523] netlink: 'syz.2.6953': attribute type 29 has an invalid length.
[ 1515.870794][T11401] Bluetooth: hci2: command tx timeout
[ 1516.352073][T11401] Bluetooth: hci3: command tx timeout
[ 1516.627428][T20554] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1516.653710][T20554] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1516.663590][T20554] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1516.673365][T20554] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1516.682881][T20554] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1516.690288][T20554] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1516.847850][ T4361] hsr_slave_0: left promiscuous mode
[ 1516.855935][ T4361] hsr_slave_1: left promiscuous mode
[ 1516.862695][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1516.872459][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1516.881674][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1516.889213][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1516.975033][ T4361] veth1_macvtap: left promiscuous mode
[ 1516.984985][ T4361] veth0_macvtap: left promiscuous mode
[ 1517.000859][ T4361] veth1_vlan: left promiscuous mode
[ 1517.010305][ T4361] veth0_vlan: left promiscuous mode
[ 1517.152247][T11401] Bluetooth: hci4: command tx timeout
[ 1517.939438][ T4361] team0 (unregistering): Port device team_slave_1 removed
[ 1517.997964][ T4361] team0 (unregistering): Port device team_slave_0 removed
[ 1518.436647][T11401] Bluetooth: hci3: command tx timeout
[ 1518.529208][ T1473] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1518.536827][ T1473] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1518.544333][ T1473] bridge_slave_0: entered allmulticast mode
[ 1518.551653][ T1473] bridge_slave_0: entered promiscuous mode
[ 1518.560853][ T1473] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1518.568055][ T1473] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1518.576645][ T1473] bridge_slave_1: entered allmulticast mode
[ 1518.584566][ T1473] bridge_slave_1: entered promiscuous mode
[ 1518.599582][ T1497] chnl_net:caif_netlink_parms(): no params data found
[ 1518.766987][ T1473] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1518.830771][T11401] Bluetooth: hci0: command tx timeout
[ 1518.838919][ T1473] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1518.903851][ T1358] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1518.943412][ T1473] team0: Port device team_slave_0 added
[ 1518.988883][ T1358] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1519.003181][ T1358] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1519.016173][ T1473] team0: Port device team_slave_1 added
[ 1519.057948][ T1473] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1519.066214][ T1473] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1519.092836][ T1473] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1519.133676][ T1358] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1519.151724][ T1473] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1519.158699][ T1473] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1519.186262][ T1473] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1519.205241][ T1497] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1519.212611][ T1497] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1519.220308][ T1497] bridge_slave_0: entered allmulticast mode
[ 1519.227527][ T1497] bridge_slave_0: entered promiscuous mode
[ 1519.235191][T11401] Bluetooth: hci4: command tx timeout
[ 1519.241920][ T1497] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1519.249042][ T1497] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1519.256397][ T1497] bridge_slave_1: entered allmulticast mode
[ 1519.264074][ T1497] bridge_slave_1: entered promiscuous mode
[ 1519.397596][ T1473] hsr_slave_0: entered promiscuous mode
[ 1519.403964][ T1473] hsr_slave_1: entered promiscuous mode
[ 1519.410136][ T1473] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1519.418352][ T1473] Cannot create hsr debugfs directory
[ 1519.443760][ T1497] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1519.465126][ T1497] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1519.734736][ T1542] chnl_net:caif_netlink_parms(): no params data found
[ 1519.767000][ T1497] team0: Port device team_slave_0 added
[ 1519.780306][ T1497] team0: Port device team_slave_1 added
[ 1519.821781][ T4361] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1519.835790][   T29] audit: type=1326 audit(1719982151.670:2156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1574 comm="syz.2.6961" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe05e375b99 code=0x0
[ 1519.956718][ T4361] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1519.973581][ T1497] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1519.982208][ T1497] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1520.009129][ T1497] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1520.023277][ T1497] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1520.030238][ T1497] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1520.058805][ T1497] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1520.121122][ T4361] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1520.234083][ T4361] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1520.306763][ T1542] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1520.315356][ T1542] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1520.322907][ T1542] bridge_slave_0: entered allmulticast mode
[ 1520.331624][ T1542] bridge_slave_0: entered promiscuous mode
[ 1520.343470][ T1542] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1520.353260][ T1542] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1520.361201][ T1542] bridge_slave_1: entered allmulticast mode
[ 1520.368085][ T1542] bridge_slave_1: entered promiscuous mode
[ 1520.384567][ T1497] hsr_slave_0: entered promiscuous mode
[ 1520.397763][ T1497] hsr_slave_1: entered promiscuous mode
[ 1520.403971][ T1497] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1520.418322][ T1497] Cannot create hsr debugfs directory
[ 1520.511394][T11401] Bluetooth: hci3: command tx timeout
[ 1520.626256][ T1542] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1520.672634][ T1542] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1520.926832][T11401] Bluetooth: hci0: command tx timeout
[ 1521.008905][ T1358] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1521.109291][ T4361] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1521.169023][ T1542] team0: Port device team_slave_0 added
[ 1521.188172][ T1542] team0: Port device team_slave_1 added
[ 1521.251674][ T1358] 8021q: adding VLAN 0 to HW filter on device team0
[ 1521.320573][T11401] Bluetooth: hci4: command tx timeout
[ 1521.345209][ T4361] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1521.417718][T20554] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1521.429489][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1521.436704][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1521.438272][T20554] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1521.457166][T20554] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1521.468169][T20554] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1521.482525][T20554] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1521.489930][T20554] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1521.512977][ T1542] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1521.519971][ T1542] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1521.548423][ T1542] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1521.606441][ T4361] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1521.627028][ T1473] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1521.637837][ T1473] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1521.657190][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1521.664346][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1521.679642][ T1542] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1521.686736][ T1542] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1521.712811][ T1542] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1521.758976][ T1473] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1521.769758][ T1473] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1521.809293][ T4361] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1521.929974][ T1542] hsr_slave_0: entered promiscuous mode
[ 1521.937022][ T1542] hsr_slave_1: entered promiscuous mode
[ 1521.952197][ T1542] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1521.959793][ T1542] Cannot create hsr debugfs directory
[ 1522.590708][T20554] Bluetooth: hci3: command tx timeout
[ 1523.000762][T20554] Bluetooth: hci0: command tx timeout
[ 1523.222256][ T4361] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1523.244706][ T4361] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1523.271835][ T4361] bond0 (unregistering): Released all slaves
[ 1523.299556][ T4361] bond1 (unregistering): (slave batadv1): Releasing backup interface
[ 1523.314103][ T4361] bond1 (unregistering): Released all slaves
[ 1523.522755][ T4361] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1523.545610][ T4361] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1523.554363][T20554] Bluetooth: hci1: command tx timeout
[ 1523.575083][ T4361] bond0 (unregistering): Released all slaves
[ 1523.808875][ T4361] tipc: Disabling bearer <eth:team0>
[ 1523.817471][ T4361] tipc: Left network mode
[ 1524.229828][ T1596] chnl_net:caif_netlink_parms(): no params data found
[ 1524.270198][ T1473] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1524.593279][ T1358] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1524.636796][ T1473] 8021q: adding VLAN 0 to HW filter on device team0
[ 1524.712715][ T4361] hsr_slave_0: left promiscuous mode
[ 1524.718846][ T4361] hsr_slave_1: left promiscuous mode
[ 1524.725931][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1524.734881][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1524.744091][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1524.752145][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1524.764584][ T4361] hsr_slave_0: left promiscuous mode
[ 1524.770490][ T4361] hsr_slave_1: left promiscuous mode
[ 1524.777072][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1524.784870][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1524.793010][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1524.801212][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1524.838742][ T4361] veth1_macvtap: left promiscuous mode
[ 1524.845289][ T4361] veth0_macvtap: left promiscuous mode
[ 1524.851446][ T4361] veth1_vlan: left promiscuous mode
[ 1524.856739][ T4361] veth0_vlan: left promiscuous mode
[ 1524.863633][ T4361] veth1_macvtap: left promiscuous mode
[ 1524.869152][ T4361] veth0_macvtap: left promiscuous mode
[ 1524.874892][ T4361] veth1_vlan: left promiscuous mode
[ 1524.880186][ T4361] veth0_vlan: left promiscuous mode
[ 1525.070736][T20554] Bluetooth: hci0: command tx timeout
[ 1525.589477][ T4361] team0 (unregistering): Port device team_slave_1 removed
[ 1525.635988][T20554] Bluetooth: hci1: command tx timeout
[ 1525.648378][ T4361] team0 (unregistering): Port device team_slave_0 removed
[ 1526.603262][ T4361] team_slave_1 (unregistering): left promiscuous mode
[ 1526.617204][ T4361] team0 (unregistering): Port device team_slave_1 removed
[ 1526.667506][ T4361] team_slave_0 (unregistering): left promiscuous mode
[ 1526.676281][ T4361] team0 (unregistering): Port device team_slave_0 removed
[ 1527.225530][ T1596] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1527.251367][ T1596] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1527.258573][ T1596] bridge_slave_0: entered allmulticast mode
[ 1527.269131][ T1596] bridge_slave_0: entered promiscuous mode
[ 1527.286493][ T5145] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1527.293685][ T5145] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1527.336379][ T1596] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1527.359624][ T1596] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1527.380787][ T1596] bridge_slave_1: entered allmulticast mode
[ 1527.388262][ T1596] bridge_slave_1: entered promiscuous mode
[ 1527.504915][ T1596] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1527.542194][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1527.549394][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1527.593899][ T1358] veth0_vlan: entered promiscuous mode
[ 1527.609990][ T1596] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1527.646951][ T1358] veth1_vlan: entered promiscuous mode
[ 1527.710721][T20554] Bluetooth: hci1: command tx timeout
[ 1527.806500][ T1596] team0: Port device team_slave_0 added
[ 1527.837770][ T1596] team0: Port device team_slave_1 added
[ 1527.960881][ T1473] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1528.071709][ T1497] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1528.097130][ T1596] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1528.105200][ T1596] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1528.131896][ T1596] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1528.145002][ T1596] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1528.152590][ T1596] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1528.178694][ T1596] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1528.209211][ T1497] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1528.225297][ T1497] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1528.236331][ T1497] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1528.253671][ T1358] veth0_macvtap: entered promiscuous mode
[ 1528.316569][ T1358] veth1_macvtap: entered promiscuous mode
[ 1528.375271][ T1596] hsr_slave_0: entered promiscuous mode
[ 1528.386842][ T1596] hsr_slave_1: entered promiscuous mode
[ 1528.403614][ T1473] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1528.504875][ T1542] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1528.550049][ T1542] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1528.567188][ T1542] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1528.655053][ T4361] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1528.673047][ T1358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1528.684659][ T1358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.695096][ T1358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1528.705623][ T1358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.717419][ T1358] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1528.726720][ T1542] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1528.794827][ T4361] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1528.827943][ T1358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1528.839540][ T1358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.857370][ T1358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1528.867964][ T1358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.879108][ T1358] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1528.935853][ T4361] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1528.958768][ T1358] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1528.968332][ T1358] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1528.983603][ T1358] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1528.993116][ T1358] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1529.033313][ T4361] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1529.088087][ T1473] veth0_vlan: entered promiscuous mode
[ 1529.111128][ T1473] veth1_vlan: entered promiscuous mode
[ 1529.366848][ T1473] veth0_macvtap: entered promiscuous mode
[ 1529.455269][ T1473] veth1_macvtap: entered promiscuous mode
[ 1529.497801][ T4361] bridge_slave_1: left allmulticast mode
[ 1529.506611][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1529.523055][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1529.530774][ T4361] bridge_slave_1: left promiscuous mode
[ 1529.536581][ T4361] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1529.567756][ T4361] bridge_slave_0: left allmulticast mode
[ 1529.573703][ T4361] bridge_slave_0: left promiscuous mode
[ 1529.579494][ T4361] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1529.801056][T20554] Bluetooth: hci1: command tx timeout
[ 1530.038570][ T4361] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1530.050007][ T4361] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1530.062698][ T4361] bond0 (unregistering): Released all slaves
[ 1530.159534][ T1542] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1530.273994][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1530.289322][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1530.298810][ T1497] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1530.496033][ T1473] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1530.531515][ T1473] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1530.551934][ T1473] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1530.571270][ T1473] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1530.581712][ T1473] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1530.608299][ T1473] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1530.626136][ T1473] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1530.649332][ T1473] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1530.667287][ T1473] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1530.683861][ T1473] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1530.711921][ T1473] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1530.731571][ T1473] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1530.750691][ T1473] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1530.773990][ T1473] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1530.833100][ T1497] 8021q: adding VLAN 0 to HW filter on device team0
[ 1530.868508][ T1542] 8021q: adding VLAN 0 to HW filter on device team0
[ 1530.949407][ T4361] hsr_slave_0: left promiscuous mode
[ 1530.961452][ T4361] hsr_slave_1: left promiscuous mode
[ 1530.973703][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1530.990376][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1531.013012][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1531.029486][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1531.049638][ T4361] veth1_macvtap: left promiscuous mode
[ 1531.055419][ T4361] veth0_macvtap: left promiscuous mode
[ 1531.062362][ T4361] veth1_vlan: left promiscuous mode
[ 1531.067655][ T4361] veth0_vlan: left promiscuous mode
[ 1531.620188][ T4361] team0 (unregistering): Port device team_slave_1 removed
[ 1531.684748][ T4361] team0 (unregistering): Port device team_slave_0 removed
[ 1532.154255][ T1473] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1532.167105][ T1473] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1532.175890][ T1473] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1532.185235][ T1473] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1532.245793][T21500] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1532.253007][T21500] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1532.272919][T21500] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1532.280067][T21500] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1532.290194][T21500] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1532.297416][T21500] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1532.377961][T21500] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1532.385160][T21500] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1532.489021][ T1596] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1532.529941][ T1596] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1532.599173][ T1596] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1532.651160][ T1596] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1532.792456][ T1497] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1532.947843][ T1542] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1532.979560][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1533.011146][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1533.019318][ T1497] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1533.189382][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1533.219636][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1533.234998][ T1542] veth0_vlan: entered promiscuous mode
[ 1533.310884][ T1497] veth0_vlan: entered promiscuous mode
[ 1533.354109][ T1497] veth1_vlan: entered promiscuous mode
[ 1533.387370][ T1542] veth1_vlan: entered promiscuous mode
[ 1533.449797][ T1748] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6940'.
[ 1533.561676][ T1497] veth0_macvtap: entered promiscuous mode
[ 1533.586607][ T1596] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1533.614335][ T1497] veth1_macvtap: entered promiscuous mode
[ 1533.664625][ T1497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1533.676364][ T1497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.686981][ T1497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1533.699051][ T1497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.709661][ T1497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1533.720264][   T29] audit: type=1326 audit(1719982165.550:2157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1753 comm="syz.0.6968" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fe9b75b99 code=0x0
[ 1533.743814][ T1497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.755217][ T1497] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1533.774787][ T1497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1533.785514][ T1497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.795845][ T1497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1533.807714][ T1497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.817946][ T1497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1533.828420][ T1497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1533.839657][ T1497] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1533.850043][ T1542] veth0_macvtap: entered promiscuous mode
[ 1533.866115][ T1497] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1533.876395][ T1497] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1533.885854][ T1497] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1533.894740][ T1497] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1533.908073][ T1542] veth1_macvtap: entered promiscuous mode
[ 1533.922286][ T1596] 8021q: adding VLAN 0 to HW filter on device team0
[ 1533.955277][ T5148] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1533.962481][ T5148] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1534.020321][ T5172] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1534.027519][ T5172] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1534.096737][ T1542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1534.107765][ T1542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1534.118554][ T1542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1534.129189][ T1542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1534.140072][ T1542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1534.150582][ T1542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1534.160393][ T1542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1534.171756][ T1542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1534.183647][ T1542] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1534.207919][ T1542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1534.229958][ T1542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1534.251102][ T1542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1534.266047][ T1542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1534.279009][ T1542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1534.290174][ T1542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1534.300495][ T1542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1534.311976][ T1542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1534.327914][ T1542] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1534.341833][ T1542] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1534.352328][ T1542] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1534.362677][ T1542] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1534.371702][ T1542] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1534.426641][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1534.449777][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1534.586868][ T1596] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1534.635243][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1534.649490][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1534.751883][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1534.780100][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1534.857775][ T1761] netlink: 432 bytes leftover after parsing attributes in process `syz.1.6945'.
[ 1534.875795][T28451] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1534.892181][T28451] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1535.023849][ T1596] veth0_vlan: entered promiscuous mode
[ 1535.192311][   T61] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1535.258950][ T1596] veth1_vlan: entered promiscuous mode
[ 1535.401540][   T61] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1535.609373][   T61] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1535.699603][ T1596] veth0_macvtap: entered promiscuous mode
[ 1535.738369][   T29] audit: type=1326 audit(1719982167.570:2158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1779 comm="syz.3.6977" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ec0975b99 code=0x0
[ 1535.753561][ T1596] veth1_macvtap: entered promiscuous mode
[ 1535.776915][T11401] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1535.789125][T11401] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1535.792408][ T1596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1535.809296][ T1596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1535.809435][T11401] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1535.825290][ T1596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1535.840124][ T1596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1535.860871][ T1596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1535.875459][ T1596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1535.886141][ T1596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1535.886370][T11401] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1535.898557][ T1596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1535.916545][ T1596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1535.916747][T11401] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1535.929807][ T1596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1535.944770][T11401] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1535.946980][ T1596] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1536.039094][   T61] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1536.066413][ T1596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1536.084934][ T1596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1536.097159][ T1596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1536.107909][ T1596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1536.120258][ T1596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1536.131367][ T1596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1536.141334][ T1596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1536.152203][ T1596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1536.162469][ T1596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1536.173079][ T1596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1536.184409][ T1596] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1536.237839][ T1596] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1536.259900][ T1596] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1536.269017][ T1596] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1536.278441][ T1596] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1536.552505][   T61] bridge_slave_1: left allmulticast mode
[ 1536.558209][   T61] bridge_slave_1: left promiscuous mode
[ 1536.578544][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1536.631643][   T61] bridge_slave_0: left allmulticast mode
[ 1536.637326][   T61] bridge_slave_0: left promiscuous mode
[ 1536.658052][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1536.741348][T21500] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[ 1537.009659][T21500] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1537.020910][T21500] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1537.050844][T21500] usb 5-1: config 0 descriptor??
[ 1537.748295][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1537.779308][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1537.806399][   T61] bond0 (unregistering): Released all slaves
[ 1538.045509][T20554] Bluetooth: hci4: command tx timeout
[ 1538.438904][   T61] hsr_slave_0: left promiscuous mode
[ 1538.490300][   T61] hsr_slave_1: left promiscuous mode
[ 1538.531149][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1538.623382][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1538.656162][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1538.679674][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1538.696959][   T29] audit: type=1326 audit(1719982170.530:2159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1813 comm="syz.1.6989" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc51eb75b99 code=0x0
[ 1538.736354][T11401] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1538.750406][T11401] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1538.774625][T11401] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1538.786197][T11401] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1538.787923][   T61] veth1_macvtap: left promiscuous mode
[ 1538.800870][T11401] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1538.809599][T11401] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1538.859223][   T61] veth0_macvtap: left promiscuous mode
[ 1538.870001][   T61] veth1_vlan: left promiscuous mode
[ 1538.878319][   T61] veth0_vlan: left promiscuous mode
[ 1539.336138][T21500] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[ 1539.352509][T21500] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[ 1539.375496][T21500] [drm:udl_init] *ERROR* Selecting channel failed
[ 1539.448972][T21500] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2
[ 1539.463447][T21500] [drm] Initialized udl on minor 2
[ 1539.470982][T21500] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1539.479844][T21500] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[ 1539.489044][T27581] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1539.500581][T21500] usb 5-1: USB disconnect, device number 94
[ 1539.516373][T27581] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[ 1539.865091][   T61] team0 (unregistering): Port device team_slave_1 removed
[ 1539.917163][   T61] team0 (unregistering): Port device team_slave_0 removed
[ 1540.122445][T20554] Bluetooth: hci4: command tx timeout
[ 1540.432661][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1540.450588][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1540.616375][T17342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1540.630762][T17342] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1540.630883][ T1786] chnl_net:caif_netlink_parms(): no params data found
[ 1540.913272][T20554] Bluetooth: hci0: command tx timeout
[ 1541.315714][ T1786] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1541.351251][ T1786] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1541.380875][ T1786] bridge_slave_0: entered allmulticast mode
[ 1541.400651][ T1786] bridge_slave_0: entered promiscuous mode
[ 1541.439153][ T1786] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1541.468663][ T1786] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1541.491569][ T1786] bridge_slave_1: entered allmulticast mode
[ 1541.523596][ T1786] bridge_slave_1: entered promiscuous mode
[ 1541.560965][T21500] usb 5-1: new high-speed USB device number 95 using dummy_hcd
[ 1541.781550][T11401] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1541.794272][T11401] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1541.808633][T11401] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1541.829117][T11401] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1541.857110][T11401] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1541.864525][T11401] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1541.900735][T21500] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1541.963795][T21500] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1542.044159][ T1786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1542.067508][T21500] usb 5-1: config 0 descriptor??
[ 1542.128631][ T1786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1542.191860][T11401] Bluetooth: hci4: command tx timeout
[ 1542.435402][ T1817] chnl_net:caif_netlink_parms(): no params data found
[ 1542.557904][   T61] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1542.586546][   T29] audit: type=1326 audit(1719982174.420:2160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1865 comm="syz.2.6998" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0cce375b99 code=0x0
[ 1542.627493][ T1786] team0: Port device team_slave_0 added
[ 1542.704553][ T1786] team0: Port device team_slave_1 added
[ 1542.839358][   T61] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1542.869167][ T1786] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1542.887900][ T1786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1542.927696][ T1786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1542.991459][T11401] Bluetooth: hci0: command tx timeout
[ 1543.035258][   T61] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1543.061086][ T1786] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1543.068330][ T1786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1543.108981][ T1786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1543.235390][   T61] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1543.407850][ T1786] hsr_slave_0: entered promiscuous mode
[ 1543.422309][ T1786] hsr_slave_1: entered promiscuous mode
[ 1543.430735][ T1786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1543.439090][ T1786] Cannot create hsr debugfs directory
[ 1543.555053][ T1817] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1543.565980][ T1817] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1543.576554][ T1817] bridge_slave_0: entered allmulticast mode
[ 1543.587572][ T1817] bridge_slave_0: entered promiscuous mode
[ 1543.642363][ T1817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1543.649494][ T1817] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1543.677000][ T1817] bridge_slave_1: entered allmulticast mode
[ 1543.698384][ T1817] bridge_slave_1: entered promiscuous mode
[ 1543.924288][ T1817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1543.951631][T11401] Bluetooth: hci3: command tx timeout
[ 1544.035017][ T1817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1544.208727][T21500] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[ 1544.230878][T21500] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[ 1544.264433][T21500] [drm:udl_init] *ERROR* Selecting channel failed
[ 1544.282393][T21500] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2
[ 1544.289912][T21500] [drm] Initialized udl on minor 2
[ 1544.295118][T11401] Bluetooth: hci4: command tx timeout
[ 1544.301463][T21500] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1544.311927][T21500] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[ 1544.333555][T21608] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1544.343032][T21500] usb 5-1: USB disconnect, device number 95
[ 1544.365106][T21608] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[ 1544.710281][ T1817] team0: Port device team_slave_0 added
[ 1544.731689][T20554] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1544.734635][ T1817] team0: Port device team_slave_1 added
[ 1544.751577][T20554] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1544.761657][T20554] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1544.777882][T20554] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1544.786890][T20554] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1544.794437][T20554] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1544.948311][ T1861] chnl_net:caif_netlink_parms(): no params data found
[ 1545.059953][   T61] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1545.080693][T11401] Bluetooth: hci0: command tx timeout
[ 1545.102508][ T1817] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1545.109483][ T1817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1545.136667][ T1817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1545.230243][T21608] usb 5-1: new high-speed USB device number 96 using dummy_hcd
[ 1545.249204][   T61] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1545.265220][ T1817] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1545.272288][ T1817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1545.298449][ T1817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1545.422671][T21608] usb 5-1: Using ep0 maxpacket: 16
[ 1545.425363][   T61] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1545.429809][T21608] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1545.461581][T21608] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1545.473660][T21608] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1545.486450][T21608] usb 5-1: Product: syz
[ 1545.492218][T21608] usb 5-1: Manufacturer: syz
[ 1545.496964][T21608] usb 5-1: SerialNumber: syz
[ 1545.504476][T21608] usb 5-1: config 0 descriptor??
[ 1545.621971][   T61] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1545.667304][ T1817] hsr_slave_0: entered promiscuous mode
[ 1545.674999][ T1817] hsr_slave_1: entered promiscuous mode
[ 1545.681833][ T1817] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1545.689659][ T1817] Cannot create hsr debugfs directory
[ 1545.737598][T20759] usb 5-1: USB disconnect, device number 96
[ 1545.751022][ T1861] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1545.765267][ T1861] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1545.774822][ T1861] bridge_slave_0: entered allmulticast mode
[ 1545.784035][ T1861] bridge_slave_0: entered promiscuous mode
[ 1545.795592][ T1861] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1545.804680][ T1861] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1545.812244][ T1861] bridge_slave_1: entered allmulticast mode
[ 1545.819364][ T1861] bridge_slave_1: entered promiscuous mode
[ 1545.952985][ T1861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1545.966758][ T1861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1546.031258][T11401] Bluetooth: hci3: command tx timeout
[ 1546.043371][ T1861] team0: Port device team_slave_0 added
[ 1546.054028][ T1861] team0: Port device team_slave_1 added
[ 1546.160991][ T1861] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1546.173574][ T1861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1546.201879][ T1861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1546.256767][   T61] bridge_slave_1: left allmulticast mode
[ 1546.263170][   T61] bridge_slave_1: left promiscuous mode
[ 1546.268932][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1546.282891][   T61] bridge_slave_0: left allmulticast mode
[ 1546.288689][   T61] bridge_slave_0: left promiscuous mode
[ 1546.294977][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1546.309155][   T61] bridge_slave_1: left allmulticast mode
[ 1546.321201][   T61] bridge_slave_1: left promiscuous mode
[ 1546.337251][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1546.369509][   T61] bridge_slave_0: left allmulticast mode
[ 1546.392234][   T61] bridge_slave_0: left promiscuous mode
[ 1546.398069][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1546.434147][ T1242] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.440676][ T1242] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.842701][T11401] Bluetooth: hci1: command tx timeout
[ 1547.151478][T11401] Bluetooth: hci0: command tx timeout
[ 1547.363808][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1547.376749][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1547.389240][   T61] bond0 (unregistering): Released all slaves
[ 1547.549516][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1547.562846][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1547.573925][   T61] bond0 (unregistering): Released all slaves
[ 1547.592121][ T1861] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1547.599092][ T1861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1547.625391][ T1861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1547.853367][ T1786] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1547.917227][ T1786] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1547.945217][ T1786] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1547.965446][ T1893] chnl_net:caif_netlink_parms(): no params data found
[ 1548.113103][T11401] Bluetooth: hci3: command tx timeout
[ 1548.130590][ T1786] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1548.320270][ T1861] hsr_slave_0: entered promiscuous mode
[ 1548.338993][ T1861] hsr_slave_1: entered promiscuous mode
[ 1548.346382][ T1861] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1548.357862][ T1861] Cannot create hsr debugfs directory
[ 1548.732949][ T1893] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1548.747175][ T1893] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1548.764093][ T1893] bridge_slave_0: entered allmulticast mode
[ 1548.774881][ T1893] bridge_slave_0: entered promiscuous mode
[ 1548.795327][ T1893] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1548.811807][ T1893] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1548.842328][ T1893] bridge_slave_1: entered allmulticast mode
[ 1548.849834][ T1893] bridge_slave_1: entered promiscuous mode
[ 1548.911055][T11401] Bluetooth: hci1: command tx timeout
[ 1548.963703][   T61] hsr_slave_0: left promiscuous mode
[ 1549.001364][   T61] hsr_slave_1: left promiscuous mode
[ 1549.030928][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1549.038416][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1549.072768][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1549.080255][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1549.135327][   T61] hsr_slave_0: left promiscuous mode
[ 1549.171794][   T61] hsr_slave_1: left promiscuous mode
[ 1549.211605][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1549.219100][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1549.245803][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1549.262550][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1549.308917][   T61] veth1_macvtap: left promiscuous mode
[ 1549.315158][   T61] veth0_macvtap: left promiscuous mode
[ 1549.320899][   T61] veth1_vlan: left promiscuous mode
[ 1549.330631][   T61] veth0_vlan: left promiscuous mode
[ 1549.347509][   T61] veth1_macvtap: left promiscuous mode
[ 1549.356987][   T61] veth0_macvtap: left promiscuous mode
[ 1549.370690][   T61] veth1_vlan: left promiscuous mode
[ 1549.376067][   T61] veth0_vlan: left promiscuous mode
[ 1550.200892][T11401] Bluetooth: hci3: command tx timeout
[ 1550.519410][   T61] team0 (unregistering): Port device team_slave_1 removed
[ 1550.576561][   T61] team0 (unregistering): Port device team_slave_0 removed
[ 1550.993795][T11401] Bluetooth: hci1: command tx timeout
[ 1551.509970][   T61] team0 (unregistering): Port device team_slave_1 removed
[ 1551.595095][   T61] team0 (unregistering): Port device team_slave_0 removed
[ 1552.433550][ T1893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1552.501211][ T1893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1552.596057][ T1817] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1552.667804][ T1817] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1552.707345][ T1893] team0: Port device team_slave_0 added
[ 1552.826765][ T1971] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7015'.
[ 1552.858152][ T1817] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1552.894435][ T1817] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1552.912139][ T1893] team0: Port device team_slave_1 added
[ 1553.002541][ T1893] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1553.009517][ T1893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1553.040290][ T1893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1553.056803][ T1893] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1553.064233][ T1893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1553.090911][ T1893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1553.100991][T11401] Bluetooth: hci1: command tx timeout
[ 1553.205372][ T1786] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1553.267096][ T1786] 8021q: adding VLAN 0 to HW filter on device team0
[ 1553.311815][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1553.318944][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1553.354027][ T1893] hsr_slave_0: entered promiscuous mode
[ 1553.381103][ T1893] hsr_slave_1: entered promiscuous mode
[ 1553.410994][ T1893] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1553.418794][ T1893] Cannot create hsr debugfs directory
[ 1553.430614][T20759] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[ 1553.444840][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1553.452042][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1553.619835][T20759] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1553.632020][T20759] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1553.681343][T20759] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1553.712518][T20759] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1553.726006][T20759] usb 5-1: SerialNumber: syz
[ 1553.735875][ T1861] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1553.752289][ T1861] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1553.795161][ T1861] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1553.852147][ T1861] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1553.912132][ T1817] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1553.958178][T20759] usb 5-1: 0:2 : does not exist
[ 1554.008310][T20759] usb 5-1: USB disconnect, device number 97
[ 1554.054964][ T1893] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1554.145086][ T1893] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1554.170255][ T1817] 8021q: adding VLAN 0 to HW filter on device team0
[ 1554.201768][ T5145] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1554.208917][ T5145] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1554.243616][ T5145] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1554.250831][ T5145] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1554.262711][T28675] udevd[28675]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1554.363060][ T1893] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1554.399556][ T1786] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1554.439391][ T1893] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1554.598650][ T1817] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1554.647697][ T1861] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1554.660268][   T61] bridge_slave_1: left allmulticast mode
[ 1554.678666][   T61] bridge_slave_1: left promiscuous mode
[ 1554.686170][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1554.696811][   T61] bridge_slave_0: left allmulticast mode
[ 1554.703868][   T61] bridge_slave_0: left promiscuous mode
[ 1554.709768][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1555.244432][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1555.256313][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1555.271086][   T61] bond0 (unregistering): Released all slaves
[ 1555.448430][ T2003] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1555.535287][ T1861] 8021q: adding VLAN 0 to HW filter on device team0
[ 1555.644429][ T1893] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1555.678059][ T5149] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1555.685243][ T5149] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1555.704461][ T5149] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1555.711709][ T5149] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1555.783026][ T1893] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1555.803912][ T1893] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1555.848743][ T1817] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1555.902983][ T1786] veth0_vlan: entered promiscuous mode
[ 1555.912811][ T1893] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1555.972982][   T61] hsr_slave_0: left promiscuous mode
[ 1555.978928][   T61] hsr_slave_1: left promiscuous mode
[ 1556.001020][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1556.008511][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1556.022838][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1556.041160][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1556.092547][   T61] veth1_macvtap: left promiscuous mode
[ 1556.101438][   T61] veth0_macvtap: left promiscuous mode
[ 1556.107188][   T61] veth1_vlan: left promiscuous mode
[ 1556.114262][   T61] veth0_vlan: left promiscuous mode
[ 1557.280026][   T61] team0 (unregistering): Port device team_slave_1 removed
[ 1557.352573][   T61] team0 (unregistering): Port device team_slave_0 removed
[ 1557.944822][ T2075] kvm: pic: non byte read
[ 1557.949334][ T2075] kvm: pic: non byte read
[ 1557.969535][ T2075] kvm: pic: non byte read
[ 1557.981074][ T2075] kvm: pic: non byte read
[ 1557.985607][ T2075] kvm: pic: non byte read
[ 1557.990108][ T2075] kvm: pic: non byte read
[ 1558.002830][ T2075] kvm: pic: non byte read
[ 1558.007326][ T2075] kvm: pic: non byte read
[ 1558.028290][ T2075] kvm: pic: non byte read
[ 1558.033525][ T2075] kvm: pic: non byte read
[ 1558.128428][ T1786] veth1_vlan: entered promiscuous mode
[ 1558.225318][ T1861] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1558.386948][ T1817] veth0_vlan: entered promiscuous mode
[ 1558.441717][ T1786] veth0_macvtap: entered promiscuous mode
[ 1558.481788][ T1861] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1558.499223][ T1786] veth1_macvtap: entered promiscuous mode
[ 1558.539085][ T1817] veth1_vlan: entered promiscuous mode
[ 1558.580324][ T1786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1558.595618][ T1786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1558.616106][ T1786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1558.635374][ T1786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1558.649322][ T1786] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1558.744566][ T1786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1558.756433][ T1786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1558.767843][ T1786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1558.779127][ T1786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1558.798774][ T1786] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1558.879336][ T1786] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1558.889557][ T1786] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1558.898510][ T1786] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1558.907323][ T1786] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1558.927624][ T1817] veth0_macvtap: entered promiscuous mode
[ 1558.942002][ T1893] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1558.979618][ T1817] veth1_macvtap: entered promiscuous mode
[ 1559.072271][ T1817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1559.082910][ T1817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1559.097871][ T1817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1559.108440][ T1817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1559.118893][ T1817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1559.129642][ T1817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1559.142074][ T1817] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1559.166709][ T1893] 8021q: adding VLAN 0 to HW filter on device team0
[ 1559.178945][ T1861] veth0_vlan: entered promiscuous mode
[ 1559.196753][ T1817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1559.208446][ T1817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1559.221035][ T1817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1559.235928][ T1817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1559.245846][ T1817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1559.256691][ T1817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1559.271551][ T1817] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1559.293260][ T5148] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1559.300388][ T5148] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1559.310884][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1559.317993][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1559.329406][ T1817] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.338397][ T1817] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.347838][ T1817] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.356605][ T1817] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.395538][ T2475] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1559.414939][ T2475] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1559.416635][ T1861] veth1_vlan: entered promiscuous mode
[ 1559.537471][ T2475] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1559.556255][ T2475] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1559.666510][ T1861] veth0_macvtap: entered promiscuous mode
[ 1559.694413][ T4361] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1559.717288][ T4361] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1559.729687][ T1861] veth1_macvtap: entered promiscuous mode
[ 1559.751586][ T1893] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1559.823368][ T1861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1559.837981][ T1861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1559.850027][ T1861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1559.862124][ T1861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1559.877826][ T2096] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1559.883221][ T1861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1559.913086][ T1861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1559.940664][ T1861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1559.952297][ T1861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1559.964575][ T1861] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1559.977490][T17342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1559.995412][T17342] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1560.069333][ T1861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1560.107342][ T1861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.129116][ T1861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1560.145790][ T1861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.158458][ T1861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1560.187853][ T1861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.197796][ T1861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1560.208930][ T1861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.220242][ T1861] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1560.252499][ T1861] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1560.266535][ T1861] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1560.275724][ T1861] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1560.286248][ T1861] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1560.319432][ T1893] veth0_vlan: entered promiscuous mode
[ 1560.339083][ T1893] veth1_vlan: entered promiscuous mode
[ 1560.440685][ T5172] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[ 1560.476281][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1560.495415][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1560.524954][ T1893] veth0_macvtap: entered promiscuous mode
[ 1560.543883][ T1893] veth1_macvtap: entered promiscuous mode
[ 1560.617459][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1560.630184][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1560.634197][ T1893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1560.649164][ T1893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.661620][ T1893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1560.674675][ T5172] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1560.685142][ T5172] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1560.696443][ T1893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.707517][ T1893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1560.721857][ T5172] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1560.731326][ T5172] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1560.739494][ T1893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.749893][ T5172] usb 4-1: SerialNumber: syz
[ 1560.750178][ T1893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1560.770535][ T1893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.780721][ T1893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1560.791975][ T1893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.807070][ T1893] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1560.829696][ T1893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1560.860657][ T1893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.881526][ T1893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1560.892624][ T1893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.904312][ T1893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1560.915160][ T1893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.925255][ T1893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1560.936610][ T1893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.946897][ T1893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1560.957803][ T1893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.988295][ T5172] usb 4-1: 0:2 : does not exist
[ 1561.023532][ T1893] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1561.040906][ T5172] usb 4-1: USB disconnect, device number 96
[ 1561.075541][ T1893] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1561.096864][ T1893] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1561.142533][ T1893] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1561.180589][ T1893] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1561.325090][T28675] udevd[28675]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1561.519035][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1561.562020][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1561.647777][ T4361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1561.687714][ T4361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1562.014723][   T29] audit: type=1326 audit(1719982193.840:2161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2133 comm="syz.2.7037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6695775b99 code=0x7ffc0000
[ 1562.087818][   T29] audit: type=1326 audit(1719982193.840:2162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2133 comm="syz.2.7037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f669577471f code=0x7ffc0000
[ 1562.112460][T21500] usb 1-1: new high-speed USB device number 109 using dummy_hcd
[ 1562.162911][   T29] audit: type=1326 audit(1719982193.850:2163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2133 comm="syz.2.7037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6695775b99 code=0x7ffc0000
[ 1562.211616][   T29] audit: type=1326 audit(1719982193.850:2164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2133 comm="syz.2.7037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6695775b99 code=0x7ffc0000
[ 1562.342441][T21500] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1562.366024][   T29] audit: type=1326 audit(1719982193.850:2165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2133 comm="syz.2.7037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f6695775b99 code=0x7ffc0000
[ 1562.391900][T21500] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1562.410827][T21500] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1562.433780][T21500] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1562.442248][   T29] audit: type=1326 audit(1719982193.850:2166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2133 comm="syz.2.7037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6695775b99 code=0x7ffc0000
[ 1562.482272][T21500] usb 1-1: rejected 1 configuration due to insufficient available bus power
[ 1562.500516][T21500] usb 1-1: no configuration chosen from 1 choice
[ 1562.507240][   T29] audit: type=1326 audit(1719982193.850:2167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2133 comm="syz.2.7037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6695775b99 code=0x7ffc0000
[ 1562.570732][   T29] audit: type=1326 audit(1719982193.880:2168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2133 comm="syz.2.7037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f6695775b99 code=0x7ffc0000
[ 1562.620688][   T29] audit: type=1326 audit(1719982193.880:2169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2133 comm="syz.2.7037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6695775b99 code=0x7ffc0000
[ 1562.680957][   T29] audit: type=1326 audit(1719982193.880:2170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2133 comm="syz.2.7037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f6695775b99 code=0x7ffc0000
[ 1564.032108][T11401] Bluetooth: hci1: command tx timeout
[ 1564.541443][ T5144] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[ 1564.752462][ T5144] usb 4-1: Using ep0 maxpacket: 16
[ 1564.759285][ T5144] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1564.772600][ T5144] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1564.781910][ T5144] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1564.801375][ T5144] usb 4-1: config 0 descriptor??
[ 1564.840098][ T5146] usb 1-1: USB disconnect, device number 109
[ 1565.117685][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1565.418271][ T5144] usbhid 4-1:0.0: can't add hid device: -71
[ 1565.437652][ T5144] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1565.466746][ T5144] usb 4-1: USB disconnect, device number 97
[ 1565.598417][ T2475] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1565.800970][ T2475] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1565.977799][ T2475] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1566.172701][T20554] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1566.185085][T20554] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1566.199824][ T2475] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1566.210697][T20554] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1566.226553][T20554] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1566.235367][T20554] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1566.242937][T20554] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1566.466139][ T2475] bridge_slave_1: left allmulticast mode
[ 1566.481130][ T2475] bridge_slave_1: left promiscuous mode
[ 1566.497967][ T2475] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1566.511905][T11401] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1566.524339][T11401] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1566.535378][T11401] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1566.544763][T11401] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1566.552613][T11401] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1566.560212][T11401] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1566.561630][ T2475] bridge_slave_0: left allmulticast mode
[ 1566.610767][ T2475] bridge_slave_0: left promiscuous mode
[ 1566.616614][ T2475] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1567.170765][ T2475] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1567.201025][ T2475] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1567.221630][ T2475] bond0 (unregistering): Released all slaves
[ 1568.145302][ T2475] hsr_slave_0: left promiscuous mode
[ 1568.184165][ T2475] hsr_slave_1: left promiscuous mode
[ 1568.223411][ T2475] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1568.252545][ T2475] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1568.301547][ T2475] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1568.309022][ T2475] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1568.350992][T11401] Bluetooth: hci1: command tx timeout
[ 1568.387558][ T2475] veth1_macvtap: left promiscuous mode
[ 1568.410738][ T2475] veth0_macvtap: left promiscuous mode
[ 1568.422948][ T2475] veth1_vlan: left promiscuous mode
[ 1568.430346][ T2475] veth0_vlan: left promiscuous mode
[ 1568.438276][T20554] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1568.455349][T20554] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1568.464347][T20554] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1568.475585][T20554] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1568.491620][T20554] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1568.499100][T20554] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1568.511421][T20554] Bluetooth: hci0: command tx timeout
[ 1568.521917][ T2280] ==================================================================
[ 1568.530015][ T2280] BUG: KASAN: slab-use-after-free in kfree_skb_reason+0x41/0x3b0
[ 1568.537864][ T2280] Read of size 4 at addr ffff88801e929724 by task syz-executor/2280
[ 1568.545856][ T2280] 
[ 1568.548184][ T2280] CPU: 1 PID: 2280 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1568.558434][ T2280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1568.568506][ T2280] Call Trace:
[ 1568.571868][ T2280]  <TASK>
[ 1568.574811][ T2280]  dump_stack_lvl+0x241/0x360
[ 1568.579675][ T2280]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1568.584900][ T2280]  ? __pfx__printk+0x10/0x10
[ 1568.589576][ T2280]  ? _printk+0xd5/0x120
[ 1568.593762][ T2280]  ? __virt_addr_valid+0x183/0x520
[ 1568.598167][ T5105] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1568.598954][ T2280]  ? __virt_addr_valid+0x183/0x520
[ 1568.598987][ T2280]  print_report+0x169/0x550
[ 1568.609631][ T5105] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1568.611188][ T2280]  ? __virt_addr_valid+0x183/0x520
[ 1568.611218][ T2280]  ? __virt_addr_valid+0x183/0x520
[ 1568.611238][ T2280]  ? __virt_addr_valid+0x44e/0x520
[ 1568.611259][ T2280]  ? __phys_addr+0xba/0x170
[ 1568.611280][ T2280]  ? kfree_skb_reason+0x41/0x3b0
[ 1568.611300][ T2280]  kasan_report+0x143/0x180
[ 1568.611323][ T2280]  ? kfree_skb_reason+0x41/0x3b0
[ 1568.611344][ T2280]  kasan_check_range+0x282/0x290
[ 1568.623826][ T5105] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1568.627829][ T2280]  kfree_skb_reason+0x41/0x3b0
[ 1568.673365][ T2280]  __hci_req_sync+0x62f/0x950
[ 1568.678192][ T2280]  ? __pfx___hci_req_sync+0x10/0x10
[ 1568.683400][ T2280]  ? __pfx___mutex_lock+0x10/0x10
[ 1568.688533][ T2280]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1568.694638][ T2280]  ? __pfx_hci_scan_req+0x10/0x10
[ 1568.699727][ T2280]  hci_req_sync+0xa9/0xd0
[ 1568.704068][ T2280]  hci_dev_cmd+0x4c5/0xa50
[ 1568.708480][ T2280]  ? security_capable+0x90/0xb0
[ 1568.713431][ T2280]  ? __pfx_hci_dev_cmd+0x10/0x10
[ 1568.718359][ T2280]  ? hci_sock_ioctl+0x6c4/0xa40
[ 1568.723250][ T2280]  sock_do_ioctl+0x158/0x460
[ 1568.727894][ T2280]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1568.733009][ T2280]  sock_ioctl+0x629/0x8e0
[ 1568.737352][ T2280]  ? __pfx_sock_ioctl+0x10/0x10
[ 1568.742216][ T2280]  ? __fget_files+0x29/0x470
[ 1568.746831][ T2280]  ? __fget_files+0x3f6/0x470
[ 1568.751499][ T2280]  ? __fget_files+0x29/0x470
[ 1568.756079][ T2280]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1568.761021][ T2280]  ? security_file_ioctl+0x87/0xb0
[ 1568.766166][ T2280]  ? __pfx_sock_ioctl+0x10/0x10
[ 1568.771097][ T2280]  __se_sys_ioctl+0xfc/0x170
[ 1568.775678][ T2280]  do_syscall_64+0xf3/0x230
[ 1568.780170][ T2280]  ? clear_bhb_loop+0x35/0x90
[ 1568.784971][ T2280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1568.790887][ T2280] RIP: 0033:0x7f163377579b
[ 1568.795294][ T2280] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[ 1568.814893][ T2280] RSP: 002b:00007ffc4f4169f0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1568.823292][ T2280] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f163377579b
[ 1568.831249][ T2280] RDX: 00007ffc4f416a68 RSI: 00000000400448dd RDI: 0000000000000003
[ 1568.839205][ T2280] RBP: 0000555586cab4a8 R08: 0000000000000000 R09: 0000000000000000
[ 1568.847163][ T2280] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000003
[ 1568.855117][ T2280] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000009
[ 1568.863082][ T2280]  </TASK>
[ 1568.866086][ T2280] 
[ 1568.868392][ T2280] Allocated by task 20554:
[ 1568.872973][ T2280]  kasan_save_track+0x3f/0x80
[ 1568.877652][ T2280]  __kasan_slab_alloc+0x66/0x80
[ 1568.882504][ T2280]  kmem_cache_alloc_noprof+0x135/0x2a0
[ 1568.887985][ T2280]  skb_clone+0x20c/0x390
[ 1568.892271][ T2280]  hci_cmd_work+0x29e/0x670
[ 1568.896798][ T2280]  process_scheduled_works+0xa2c/0x1830
[ 1568.902338][ T2280]  worker_thread+0x86d/0xd50
[ 1568.906911][ T2280]  kthread+0x2f0/0x390
[ 1568.910969][ T2280]  ret_from_fork+0x4b/0x80
[ 1568.915371][ T2280]  ret_from_fork_asm+0x1a/0x30
[ 1568.920142][ T2280] 
[ 1568.922447][ T2280] Freed by task 5105:
[ 1568.926446][ T2280]  kasan_save_track+0x3f/0x80
[ 1568.931107][ T2280]  kasan_save_free_info+0x40/0x50
[ 1568.936117][ T2280]  poison_slab_object+0xe0/0x150
[ 1568.941037][ T2280]  __kasan_slab_free+0x37/0x60
[ 1568.945783][ T2280]  kmem_cache_free+0x145/0x350
[ 1568.950536][ T2280]  hci_req_sync_complete+0xe7/0x290
[ 1568.955721][ T2280]  hci_event_packet+0xc71/0x1540
[ 1568.960687][ T2280]  hci_rx_work+0x3e8/0xca0
[ 1568.965087][ T2280]  process_scheduled_works+0xa2c/0x1830
[ 1568.970614][ T2280]  worker_thread+0x86d/0xd50
[ 1568.975184][ T2280]  kthread+0x2f0/0x390
[ 1568.979235][ T2280]  ret_from_fork+0x4b/0x80
[ 1568.983639][ T2280]  ret_from_fork_asm+0x1a/0x30
[ 1568.988397][ T2280] 
[ 1568.990713][ T2280] The buggy address belongs to the object at ffff88801e929640
[ 1568.990713][ T2280]  which belongs to the cache skbuff_head_cache of size 240
[ 1569.005366][ T2280] The buggy address is located 228 bytes inside of
[ 1569.005366][ T2280]  freed 240-byte region [ffff88801e929640, ffff88801e929730)
[ 1569.019149][ T2280] 
[ 1569.021458][ T2280] The buggy address belongs to the physical page:
[ 1569.027860][ T2280] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e929
[ 1569.036612][ T2280] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1569.043714][ T2280] page_type: 0xffffefff(slab)
[ 1569.048388][ T2280] raw: 00fff00000000000 ffff8880196d6000 ffffea0001f8b680 dead000000000004
[ 1569.056956][ T2280] raw: 0000000000000000 00000000800c000c 00000001ffffefff 0000000000000000
[ 1569.065516][ T2280] page dumped because: kasan: bad access detected
[ 1569.071915][ T2280] page_owner tracks the page as allocated
[ 1569.077610][ T2280] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 30529, tgid 30529 (syz-executor), ts 1327919745491, free_ts 1327775530681
[ 1569.097383][ T2280]  post_alloc_hook+0x1f3/0x230
[ 1569.102169][ T2280]  get_page_from_freelist+0x2e4c/0x2f10
[ 1569.107702][ T2280]  __alloc_pages_noprof+0x256/0x6c0
[ 1569.112892][ T2280]  alloc_slab_page+0x5f/0x120
[ 1569.117555][ T2280]  allocate_slab+0x5a/0x2f0
[ 1569.122039][ T2280]  ___slab_alloc+0xcd1/0x14b0
[ 1569.127133][ T2280]  __slab_alloc+0x58/0xa0
[ 1569.131449][ T2280]  kmem_cache_alloc_node_noprof+0x1fe/0x320
[ 1569.137336][ T2280]  __alloc_skb+0x1c3/0x440
[ 1569.141738][ T2280]  alloc_uevent_skb+0x74/0x230
[ 1569.146541][ T2280]  kobject_uevent_net_broadcast+0x182/0x580
[ 1569.152416][ T2280]  kobject_uevent_env+0x57d/0x8e0
[ 1569.157424][ T2280]  netdev_queue_update_kobjects+0x2c4/0x5f0
[ 1569.163374][ T2280]  netdev_register_kobject+0x265/0x320
[ 1569.168850][ T2280]  register_netdevice+0x11d5/0x19e0
[ 1569.174091][ T2280]  veth_newlink+0x84f/0xcd0
[ 1569.178633][ T2280] page last free pid 30573 tgid 30567 stack trace:
[ 1569.185124][ T2280]  free_unref_page+0xd22/0xea0
[ 1569.189965][ T2280]  vfree+0x186/0x2e0
[ 1569.193852][ T2280]  kvm_arch_free_memslot+0x143/0x170
[ 1569.199142][ T2280]  kvm_free_memslots+0x146/0x1f0
[ 1569.204074][ T2280]  kvm_put_kvm+0xf0a/0x1300
[ 1569.208567][ T2280]  kvm_vcpu_release+0x57/0x70
[ 1569.213231][ T2280]  __fput+0x24a/0x8a0
[ 1569.217217][ T2280]  task_work_run+0x24f/0x310
[ 1569.221795][ T2280]  get_signal+0x15e6/0x1740
[ 1569.226300][ T2280]  arch_do_signal_or_restart+0x96/0x860
[ 1569.231845][ T2280]  syscall_exit_to_user_mode+0xc9/0x360
[ 1569.237378][ T2280]  do_syscall_64+0x100/0x230
[ 1569.241958][ T2280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1569.247842][ T2280] 
[ 1569.250149][ T2280] Memory state around the buggy address:
[ 1569.255764][ T2280]  ffff88801e929600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 1569.263809][ T2280]  ffff88801e929680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1569.271851][ T2280] >ffff88801e929700: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[ 1569.279900][ T2280]                                ^
[ 1569.284989][ T2280]  ffff88801e929780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1569.293128][ T2280]  ffff88801e929800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[ 1569.301288][ T2280] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor)
[ 1569.312896][ T5105] Bluetooth: hci2: command tx timeout
[ 1569.410496][ T2280] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1569.417746][ T2280] CPU: 0 PID: 2280 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00061-ge9d22f7a6655 #0
[ 1569.428004][ T2280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1569.438505][ T2280] Call Trace:
[ 1569.441776][ T2280]  <TASK>
[ 1569.444695][ T2280]  dump_stack_lvl+0x241/0x360
[ 1569.449365][ T2280]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1569.454549][ T2280]  ? __pfx__printk+0x10/0x10
[ 1569.459129][ T2280]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1569.465154][ T2280]  ? vscnprintf+0x5d/0x90
[ 1569.469471][ T2280]  panic+0x349/0x860
[ 1569.473363][ T2280]  ? check_panic_on_warn+0x21/0xb0
[ 1569.478467][ T2280]  ? __pfx_panic+0x10/0x10
[ 1569.482888][ T2280]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 1569.488890][ T2280]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1569.495227][ T2280]  check_panic_on_warn+0x86/0xb0
[ 1569.500168][ T2280]  ? kfree_skb_reason+0x41/0x3b0
[ 1569.505106][ T2280]  end_report+0x77/0x160
[ 1569.509338][ T2280]  kasan_report+0x154/0x180
[ 1569.513848][ T2280]  ? kfree_skb_reason+0x41/0x3b0
[ 1569.518777][ T2280]  kasan_check_range+0x282/0x290
[ 1569.523707][ T2280]  kfree_skb_reason+0x41/0x3b0
[ 1569.528461][ T2280]  __hci_req_sync+0x62f/0x950
[ 1569.533131][ T2280]  ? __pfx___hci_req_sync+0x10/0x10
[ 1569.538320][ T2280]  ? __pfx___mutex_lock+0x10/0x10
[ 1569.543332][ T2280]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1569.549399][ T2280]  ? __pfx_hci_scan_req+0x10/0x10
[ 1569.554409][ T2280]  hci_req_sync+0xa9/0xd0
[ 1569.558729][ T2280]  hci_dev_cmd+0x4c5/0xa50
[ 1569.563132][ T2280]  ? security_capable+0x90/0xb0
[ 1569.567971][ T2280]  ? __pfx_hci_dev_cmd+0x10/0x10
[ 1569.572904][ T2280]  ? hci_sock_ioctl+0x6c4/0xa40
[ 1569.577738][ T2280]  sock_do_ioctl+0x158/0x460
[ 1569.582322][ T2280]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1569.587429][ T2280]  sock_ioctl+0x629/0x8e0
[ 1569.591745][ T2280]  ? __pfx_sock_ioctl+0x10/0x10
[ 1569.596580][ T2280]  ? __fget_files+0x29/0x470
[ 1569.601162][ T2280]  ? __fget_files+0x3f6/0x470
[ 1569.605829][ T2280]  ? __fget_files+0x29/0x470
[ 1569.610411][ T2280]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1569.615343][ T2280]  ? security_file_ioctl+0x87/0xb0
[ 1569.620444][ T2280]  ? __pfx_sock_ioctl+0x10/0x10
[ 1569.625294][ T2280]  __se_sys_ioctl+0xfc/0x170
[ 1569.629870][ T2280]  do_syscall_64+0xf3/0x230
[ 1569.634362][ T2280]  ? clear_bhb_loop+0x35/0x90
[ 1569.639021][ T2280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1569.644904][ T2280] RIP: 0033:0x7f163377579b
[ 1569.649303][ T2280] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[ 1569.668901][ T2280] RSP: 002b:00007ffc4f4169f0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1569.677305][ T2280] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f163377579b
[ 1569.685280][ T2280] RDX: 00007ffc4f416a68 RSI: 00000000400448dd RDI: 0000000000000003
[ 1569.693246][ T2280] RBP: 0000555586cab4a8 R08: 0000000000000000 R09: 0000000000000000
[ 1569.701202][ T2280] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000003
[ 1569.709159][ T2280] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000009
[ 1569.717128][ T2280]  </TASK>
[ 1569.720379][ T2280] Kernel Offset: disabled
[ 1569.724696][ T2280] Rebooting in 86400 seconds..