Warning: Permanently added '[localhost]:32517' (ECDSA) to the list of known hosts. 2025/11/14 19:18:19 fuzzer started 2025/11/14 19:18:20 dialing manager at localhost:37161 syzkaller login: [ 51.588082] cgroup: Unknown subsys name 'net' [ 51.637960] cgroup: Unknown subsys name 'cpuset' [ 51.662515] cgroup: Unknown subsys name 'rlimit' 2025/11/14 19:18:29 syscalls: 2214 2025/11/14 19:18:29 code coverage: enabled 2025/11/14 19:18:29 comparison tracing: enabled 2025/11/14 19:18:29 extra coverage: enabled 2025/11/14 19:18:29 setuid sandbox: enabled 2025/11/14 19:18:29 namespace sandbox: enabled 2025/11/14 19:18:29 Android sandbox: enabled 2025/11/14 19:18:29 fault injection: enabled 2025/11/14 19:18:29 leak checking: enabled 2025/11/14 19:18:29 net packet injection: enabled 2025/11/14 19:18:29 net device setup: enabled 2025/11/14 19:18:29 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/11/14 19:18:29 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/11/14 19:18:29 USB emulation: enabled 2025/11/14 19:18:29 hci packet injection: enabled 2025/11/14 19:18:29 wifi device emulation: enabled 2025/11/14 19:18:29 802.15.4 emulation: enabled 2025/11/14 19:18:29 fetching corpus: 50, signal 24814/26612 (executing program) 2025/11/14 19:18:30 fetching corpus: 100, signal 33199/36652 (executing program) 2025/11/14 19:18:30 fetching corpus: 150, signal 41172/46166 (executing program) 2025/11/14 19:18:30 fetching corpus: 200, signal 51370/57775 (executing program) 2025/11/14 19:18:30 fetching corpus: 250, signal 56571/64391 (executing program) 2025/11/14 19:18:30 fetching corpus: 300, signal 60741/69927 (executing program) 2025/11/14 19:18:30 fetching corpus: 350, signal 64522/74996 (executing program) 2025/11/14 19:18:30 fetching corpus: 400, signal 68830/80510 (executing program) 2025/11/14 19:18:30 fetching corpus: 450, signal 71384/84363 (executing program) 2025/11/14 19:18:30 fetching corpus: 500, signal 75644/89751 (executing program) 2025/11/14 19:18:30 fetching corpus: 550, signal 77837/93142 (executing program) 2025/11/14 19:18:30 fetching corpus: 600, signal 81641/97951 (executing program) 2025/11/14 19:18:31 fetching corpus: 650, signal 85987/103179 (executing program) 2025/11/14 19:18:31 fetching corpus: 700, signal 87923/106202 (executing program) 2025/11/14 19:18:31 fetching corpus: 750, signal 90305/109626 (executing program) 2025/11/14 19:18:31 fetching corpus: 800, signal 91955/112337 (executing program) 2025/11/14 19:18:31 fetching corpus: 850, signal 93709/115128 (executing program) 2025/11/14 19:18:31 fetching corpus: 900, signal 95189/117672 (executing program) 2025/11/14 19:18:31 fetching corpus: 950, signal 98042/121360 (executing program) 2025/11/14 19:18:31 fetching corpus: 1000, signal 99832/124095 (executing program) 2025/11/14 19:18:32 fetching corpus: 1050, signal 105042/129709 (executing program) 2025/11/14 19:18:32 fetching corpus: 1100, signal 106385/131958 (executing program) 2025/11/14 19:18:32 fetching corpus: 1150, signal 109030/135270 (executing program) 2025/11/14 19:18:32 fetching corpus: 1200, signal 110503/137662 (executing program) 2025/11/14 19:18:32 fetching corpus: 1250, signal 112093/140040 (executing program) 2025/11/14 19:18:32 fetching corpus: 1300, signal 113749/142491 (executing program) 2025/11/14 19:18:32 fetching corpus: 1350, signal 114876/144479 (executing program) 2025/11/14 19:18:32 fetching corpus: 1400, signal 116145/146555 (executing program) 2025/11/14 19:18:32 fetching corpus: 1450, signal 117456/148629 (executing program) 2025/11/14 19:18:32 fetching corpus: 1500, signal 119015/150855 (executing program) 2025/11/14 19:18:33 fetching corpus: 1550, signal 120262/152886 (executing program) 2025/11/14 19:18:33 fetching corpus: 1600, signal 122206/155429 (executing program) 2025/11/14 19:18:33 fetching corpus: 1650, signal 122939/157034 (executing program) 2025/11/14 19:18:33 fetching corpus: 1700, signal 123702/158650 (executing program) 2025/11/14 19:18:33 fetching corpus: 1750, signal 125473/160995 (executing program) 2025/11/14 19:18:33 fetching corpus: 1800, signal 126618/162813 (executing program) 2025/11/14 19:18:33 fetching corpus: 1850, signal 128110/164886 (executing program) 2025/11/14 19:18:33 fetching corpus: 1900, signal 128777/166361 (executing program) 2025/11/14 19:18:33 fetching corpus: 1950, signal 129973/168200 (executing program) 2025/11/14 19:18:33 fetching corpus: 2000, signal 130841/169763 (executing program) 2025/11/14 19:18:34 fetching corpus: 2050, signal 132322/171749 (executing program) 2025/11/14 19:18:34 fetching corpus: 2100, signal 133941/173819 (executing program) 2025/11/14 19:18:34 fetching corpus: 2150, signal 134840/175409 (executing program) 2025/11/14 19:18:34 fetching corpus: 2200, signal 135481/176739 (executing program) 2025/11/14 19:18:34 fetching corpus: 2250, signal 136265/178198 (executing program) 2025/11/14 19:18:34 fetching corpus: 2300, signal 137207/179706 (executing program) 2025/11/14 19:18:34 fetching corpus: 2350, signal 138236/181268 (executing program) 2025/11/14 19:18:34 fetching corpus: 2400, signal 139079/182701 (executing program) 2025/11/14 19:18:34 fetching corpus: 2450, signal 139774/184035 (executing program) 2025/11/14 19:18:34 fetching corpus: 2500, signal 140728/185537 (executing program) 2025/11/14 19:18:35 fetching corpus: 2550, signal 141657/187005 (executing program) 2025/11/14 19:18:35 fetching corpus: 2600, signal 143045/188680 (executing program) 2025/11/14 19:18:35 fetching corpus: 2650, signal 143483/189793 (executing program) 2025/11/14 19:18:35 fetching corpus: 2700, signal 144334/191166 (executing program) 2025/11/14 19:18:35 fetching corpus: 2750, signal 145090/192500 (executing program) 2025/11/14 19:18:35 fetching corpus: 2800, signal 146070/193920 (executing program) 2025/11/14 19:18:35 fetching corpus: 2850, signal 146550/195004 (executing program) 2025/11/14 19:18:35 fetching corpus: 2900, signal 147322/196266 (executing program) 2025/11/14 19:18:35 fetching corpus: 2950, signal 148157/197527 (executing program) 2025/11/14 19:18:35 fetching corpus: 3000, signal 148860/198715 (executing program) 2025/11/14 19:18:36 fetching corpus: 3050, signal 149601/199925 (executing program) 2025/11/14 19:18:36 fetching corpus: 3100, signal 150374/201161 (executing program) 2025/11/14 19:18:36 fetching corpus: 3150, signal 151125/202367 (executing program) 2025/11/14 19:18:36 fetching corpus: 3200, signal 152151/203684 (executing program) 2025/11/14 19:18:36 fetching corpus: 3250, signal 152950/204885 (executing program) 2025/11/14 19:18:36 fetching corpus: 3300, signal 153766/206089 (executing program) 2025/11/14 19:18:36 fetching corpus: 3350, signal 154880/207444 (executing program) 2025/11/14 19:18:36 fetching corpus: 3400, signal 155501/208553 (executing program) 2025/11/14 19:18:37 fetching corpus: 3450, signal 156332/209735 (executing program) 2025/11/14 19:18:37 fetching corpus: 3500, signal 156994/210834 (executing program) 2025/11/14 19:18:37 fetching corpus: 3550, signal 157732/211911 (executing program) 2025/11/14 19:18:37 fetching corpus: 3600, signal 158145/212858 (executing program) 2025/11/14 19:18:37 fetching corpus: 3650, signal 158759/213804 (executing program) 2025/11/14 19:18:37 fetching corpus: 3700, signal 159447/214797 (executing program) 2025/11/14 19:18:37 fetching corpus: 3750, signal 160123/215824 (executing program) 2025/11/14 19:18:37 fetching corpus: 3800, signal 160932/216886 (executing program) 2025/11/14 19:18:37 fetching corpus: 3850, signal 161493/217817 (executing program) 2025/11/14 19:18:38 fetching corpus: 3900, signal 162232/218804 (executing program) 2025/11/14 19:18:38 fetching corpus: 3950, signal 162760/219726 (executing program) 2025/11/14 19:18:38 fetching corpus: 4000, signal 163465/220696 (executing program) 2025/11/14 19:18:38 fetching corpus: 4050, signal 164408/221737 (executing program) 2025/11/14 19:18:38 fetching corpus: 4100, signal 164963/222631 (executing program) 2025/11/14 19:18:38 fetching corpus: 4150, signal 165407/223458 (executing program) 2025/11/14 19:18:38 fetching corpus: 4200, signal 165808/224302 (executing program) 2025/11/14 19:18:38 fetching corpus: 4250, signal 166438/225196 (executing program) 2025/11/14 19:18:38 fetching corpus: 4300, signal 166882/226073 (executing program) 2025/11/14 19:18:38 fetching corpus: 4350, signal 167543/226965 (executing program) 2025/11/14 19:18:39 fetching corpus: 4400, signal 168142/227819 (executing program) 2025/11/14 19:18:39 fetching corpus: 4450, signal 168726/228661 (executing program) 2025/11/14 19:18:39 fetching corpus: 4500, signal 169365/229506 (executing program) 2025/11/14 19:18:39 fetching corpus: 4550, signal 169806/230278 (executing program) 2025/11/14 19:18:39 fetching corpus: 4600, signal 170693/231187 (executing program) 2025/11/14 19:18:39 fetching corpus: 4650, signal 171103/231885 (executing program) 2025/11/14 19:18:39 fetching corpus: 4700, signal 171547/232613 (executing program) 2025/11/14 19:18:39 fetching corpus: 4750, signal 173121/233705 (executing program) 2025/11/14 19:18:39 fetching corpus: 4800, signal 173757/234492 (executing program) 2025/11/14 19:18:39 fetching corpus: 4850, signal 174344/235266 (executing program) 2025/11/14 19:18:40 fetching corpus: 4900, signal 174842/236023 (executing program) 2025/11/14 19:18:40 fetching corpus: 4950, signal 175287/236720 (executing program) 2025/11/14 19:18:40 fetching corpus: 5000, signal 175683/237464 (executing program) 2025/11/14 19:18:40 fetching corpus: 5050, signal 176207/238199 (executing program) 2025/11/14 19:18:40 fetching corpus: 5100, signal 176911/238954 (executing program) 2025/11/14 19:18:40 fetching corpus: 5150, signal 177809/239725 (executing program) 2025/11/14 19:18:40 fetching corpus: 5200, signal 178463/240483 (executing program) 2025/11/14 19:18:40 fetching corpus: 5250, signal 179009/241148 (executing program) 2025/11/14 19:18:40 fetching corpus: 5300, signal 179657/241869 (executing program) 2025/11/14 19:18:41 fetching corpus: 5350, signal 180171/242522 (executing program) 2025/11/14 19:18:41 fetching corpus: 5400, signal 180516/243143 (executing program) 2025/11/14 19:18:41 fetching corpus: 5450, signal 181048/243810 (executing program) 2025/11/14 19:18:41 fetching corpus: 5500, signal 181527/244439 (executing program) 2025/11/14 19:18:41 fetching corpus: 5550, signal 182055/245070 (executing program) 2025/11/14 19:18:41 fetching corpus: 5600, signal 182488/245686 (executing program) 2025/11/14 19:18:41 fetching corpus: 5650, signal 182885/246293 (executing program) 2025/11/14 19:18:41 fetching corpus: 5700, signal 183340/246914 (executing program) 2025/11/14 19:18:41 fetching corpus: 5750, signal 183681/247493 (executing program) 2025/11/14 19:18:41 fetching corpus: 5800, signal 184105/248071 (executing program) 2025/11/14 19:18:42 fetching corpus: 5850, signal 184569/248693 (executing program) 2025/11/14 19:18:42 fetching corpus: 5900, signal 185723/249291 (executing program) 2025/11/14 19:18:42 fetching corpus: 5950, signal 186017/249864 (executing program) 2025/11/14 19:18:42 fetching corpus: 6000, signal 186467/250401 (executing program) 2025/11/14 19:18:42 fetching corpus: 6050, signal 186924/250956 (executing program) 2025/11/14 19:18:42 fetching corpus: 6100, signal 187289/251531 (executing program) 2025/11/14 19:18:42 fetching corpus: 6150, signal 187757/252071 (executing program) 2025/11/14 19:18:42 fetching corpus: 6200, signal 188050/252640 (executing program) 2025/11/14 19:18:42 fetching corpus: 6250, signal 188509/253187 (executing program) 2025/11/14 19:18:42 fetching corpus: 6300, signal 188934/253697 (executing program) 2025/11/14 19:18:43 fetching corpus: 6350, signal 189413/254209 (executing program) 2025/11/14 19:18:43 fetching corpus: 6400, signal 189862/254230 (executing program) 2025/11/14 19:18:43 fetching corpus: 6450, signal 190206/254230 (executing program) 2025/11/14 19:18:43 fetching corpus: 6500, signal 190768/254230 (executing program) 2025/11/14 19:18:43 fetching corpus: 6550, signal 191049/254230 (executing program) 2025/11/14 19:18:43 fetching corpus: 6600, signal 191359/254230 (executing program) 2025/11/14 19:18:43 fetching corpus: 6650, signal 191921/254230 (executing program) 2025/11/14 19:18:43 fetching corpus: 6700, signal 192327/254230 (executing program) 2025/11/14 19:18:43 fetching corpus: 6750, signal 192635/254230 (executing program) 2025/11/14 19:18:43 fetching corpus: 6800, signal 193185/254230 (executing program) 2025/11/14 19:18:43 fetching corpus: 6850, signal 193595/254230 (executing program) 2025/11/14 19:18:44 fetching corpus: 6900, signal 194061/254230 (executing program) 2025/11/14 19:18:44 fetching corpus: 6950, signal 194438/254230 (executing program) 2025/11/14 19:18:44 fetching corpus: 7000, signal 194830/254230 (executing program) 2025/11/14 19:18:44 fetching corpus: 7050, signal 195132/254230 (executing program) 2025/11/14 19:18:44 fetching corpus: 7100, signal 195488/254230 (executing program) 2025/11/14 19:18:44 fetching corpus: 7150, signal 195864/254230 (executing program) 2025/11/14 19:18:44 fetching corpus: 7200, signal 196113/254230 (executing program) 2025/11/14 19:18:44 fetching corpus: 7250, signal 196345/254230 (executing program) 2025/11/14 19:18:44 fetching corpus: 7300, signal 196660/254230 (executing program) 2025/11/14 19:18:44 fetching corpus: 7350, signal 197159/254230 (executing program) 2025/11/14 19:18:44 fetching corpus: 7400, signal 197459/254230 (executing program) 2025/11/14 19:18:45 fetching corpus: 7450, signal 197750/254230 (executing program) 2025/11/14 19:18:45 fetching corpus: 7500, signal 198113/254230 (executing program) 2025/11/14 19:18:45 fetching corpus: 7550, signal 198438/254230 (executing program) 2025/11/14 19:18:45 fetching corpus: 7600, signal 198680/254230 (executing program) 2025/11/14 19:18:45 fetching corpus: 7650, signal 199017/254230 (executing program) 2025/11/14 19:18:45 fetching corpus: 7700, signal 199309/254230 (executing program) 2025/11/14 19:18:45 fetching corpus: 7750, signal 199605/254231 (executing program) 2025/11/14 19:18:45 fetching corpus: 7800, signal 199998/254231 (executing program) 2025/11/14 19:18:45 fetching corpus: 7850, signal 200292/254231 (executing program) 2025/11/14 19:18:45 fetching corpus: 7900, signal 200604/254231 (executing program) 2025/11/14 19:18:45 fetching corpus: 7950, signal 200912/254231 (executing program) 2025/11/14 19:18:46 fetching corpus: 8000, signal 201185/254231 (executing program) 2025/11/14 19:18:46 fetching corpus: 8050, signal 201508/254231 (executing program) 2025/11/14 19:18:46 fetching corpus: 8100, signal 201860/254231 (executing program) 2025/11/14 19:18:46 fetching corpus: 8150, signal 202143/254231 (executing program) 2025/11/14 19:18:46 fetching corpus: 8200, signal 202392/254231 (executing program) 2025/11/14 19:18:46 fetching corpus: 8250, signal 202806/254231 (executing program) 2025/11/14 19:18:46 fetching corpus: 8300, signal 203110/254231 (executing program) 2025/11/14 19:18:46 fetching corpus: 8350, signal 203348/254231 (executing program) 2025/11/14 19:18:46 fetching corpus: 8400, signal 203559/254231 (executing program) 2025/11/14 19:18:46 fetching corpus: 8450, signal 203770/254231 (executing program) 2025/11/14 19:18:46 fetching corpus: 8500, signal 203986/254231 (executing program) 2025/11/14 19:18:47 fetching corpus: 8550, signal 204434/254231 (executing program) 2025/11/14 19:18:47 fetching corpus: 8600, signal 204688/254231 (executing program) 2025/11/14 19:18:47 fetching corpus: 8650, signal 204914/254231 (executing program) 2025/11/14 19:18:47 fetching corpus: 8700, signal 205220/254231 (executing program) 2025/11/14 19:18:47 fetching corpus: 8750, signal 205622/254231 (executing program) 2025/11/14 19:18:47 fetching corpus: 8800, signal 205876/254231 (executing program) 2025/11/14 19:18:47 fetching corpus: 8850, signal 206124/254231 (executing program) 2025/11/14 19:18:47 fetching corpus: 8900, signal 206479/254231 (executing program) 2025/11/14 19:18:47 fetching corpus: 8950, signal 206732/254235 (executing program) 2025/11/14 19:18:47 fetching corpus: 9000, signal 207103/254246 (executing program) 2025/11/14 19:18:47 fetching corpus: 9050, signal 207356/254246 (executing program) 2025/11/14 19:18:48 fetching corpus: 9100, signal 207607/254246 (executing program) 2025/11/14 19:18:48 fetching corpus: 9150, signal 208040/254246 (executing program) 2025/11/14 19:18:48 fetching corpus: 9200, signal 208335/254246 (executing program) 2025/11/14 19:18:48 fetching corpus: 9250, signal 208710/254246 (executing program) 2025/11/14 19:18:48 fetching corpus: 9300, signal 209029/254246 (executing program) 2025/11/14 19:18:48 fetching corpus: 9350, signal 209386/254246 (executing program) 2025/11/14 19:18:48 fetching corpus: 9400, signal 209655/254246 (executing program) 2025/11/14 19:18:48 fetching corpus: 9450, signal 209955/254246 (executing program) 2025/11/14 19:18:48 fetching corpus: 9500, signal 210287/254246 (executing program) 2025/11/14 19:18:48 fetching corpus: 9550, signal 210607/254246 (executing program) 2025/11/14 19:18:49 fetching corpus: 9600, signal 210866/254246 (executing program) 2025/11/14 19:18:49 fetching corpus: 9650, signal 211052/254247 (executing program) 2025/11/14 19:18:49 fetching corpus: 9700, signal 211258/254247 (executing program) 2025/11/14 19:18:49 fetching corpus: 9750, signal 211516/254247 (executing program) 2025/11/14 19:18:49 fetching corpus: 9800, signal 211666/254252 (executing program) 2025/11/14 19:18:49 fetching corpus: 9850, signal 211921/254252 (executing program) 2025/11/14 19:18:49 fetching corpus: 9900, signal 212247/254252 (executing program) 2025/11/14 19:18:49 fetching corpus: 9950, signal 212483/254252 (executing program) 2025/11/14 19:18:49 fetching corpus: 10000, signal 212723/254252 (executing program) 2025/11/14 19:18:49 fetching corpus: 10050, signal 213119/254252 (executing program) 2025/11/14 19:18:50 fetching corpus: 10100, signal 213347/254252 (executing program) 2025/11/14 19:18:50 fetching corpus: 10150, signal 213588/254254 (executing program) 2025/11/14 19:18:50 fetching corpus: 10200, signal 213777/254254 (executing program) 2025/11/14 19:18:50 fetching corpus: 10250, signal 214008/254254 (executing program) 2025/11/14 19:18:50 fetching corpus: 10300, signal 214326/254254 (executing program) 2025/11/14 19:18:50 fetching corpus: 10350, signal 214578/254254 (executing program) 2025/11/14 19:18:50 fetching corpus: 10400, signal 214846/254254 (executing program) 2025/11/14 19:18:50 fetching corpus: 10450, signal 215060/254254 (executing program) 2025/11/14 19:18:50 fetching corpus: 10500, signal 215289/254254 (executing program) 2025/11/14 19:18:50 fetching corpus: 10550, signal 215468/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 10600, signal 215669/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 10650, signal 215884/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 10700, signal 216143/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 10750, signal 216326/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 10800, signal 216494/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 10850, signal 216727/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 10900, signal 216912/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 10950, signal 217089/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 11000, signal 217250/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 11050, signal 217481/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 11100, signal 217742/254254 (executing program) 2025/11/14 19:18:51 fetching corpus: 11150, signal 218020/254254 (executing program) 2025/11/14 19:18:52 fetching corpus: 11200, signal 218229/254254 (executing program) 2025/11/14 19:18:52 fetching corpus: 11250, signal 218487/254254 (executing program) 2025/11/14 19:18:52 fetching corpus: 11300, signal 218951/254254 (executing program) 2025/11/14 19:18:52 fetching corpus: 11350, signal 219144/254254 (executing program) 2025/11/14 19:18:52 fetching corpus: 11400, signal 219340/254256 (executing program) 2025/11/14 19:18:52 fetching corpus: 11450, signal 219595/254256 (executing program) 2025/11/14 19:18:52 fetching corpus: 11500, signal 219863/254256 (executing program) 2025/11/14 19:18:52 fetching corpus: 11550, signal 220143/254256 (executing program) 2025/11/14 19:18:52 fetching corpus: 11600, signal 220376/254256 (executing program) 2025/11/14 19:18:52 fetching corpus: 11650, signal 220641/254258 (executing program) 2025/11/14 19:18:53 fetching corpus: 11700, signal 220845/254258 (executing program) 2025/11/14 19:18:53 fetching corpus: 11750, signal 221177/254258 (executing program) 2025/11/14 19:18:53 fetching corpus: 11800, signal 221383/254258 (executing program) 2025/11/14 19:18:53 fetching corpus: 11850, signal 221598/254258 (executing program) 2025/11/14 19:18:53 fetching corpus: 11900, signal 221965/254258 (executing program) 2025/11/14 19:18:53 fetching corpus: 11950, signal 222151/254265 (executing program) 2025/11/14 19:18:53 fetching corpus: 12000, signal 222449/254265 (executing program) 2025/11/14 19:18:53 fetching corpus: 12050, signal 222668/254265 (executing program) 2025/11/14 19:18:53 fetching corpus: 12100, signal 222902/254265 (executing program) 2025/11/14 19:18:53 fetching corpus: 12150, signal 223121/254265 (executing program) 2025/11/14 19:18:53 fetching corpus: 12200, signal 223840/254265 (executing program) 2025/11/14 19:18:54 fetching corpus: 12250, signal 224030/254265 (executing program) 2025/11/14 19:18:54 fetching corpus: 12300, signal 224266/254265 (executing program) 2025/11/14 19:18:54 fetching corpus: 12350, signal 224526/254265 (executing program) 2025/11/14 19:18:54 fetching corpus: 12400, signal 224735/254265 (executing program) 2025/11/14 19:18:54 fetching corpus: 12450, signal 224962/254265 (executing program) 2025/11/14 19:18:54 fetching corpus: 12500, signal 225141/254265 (executing program) 2025/11/14 19:18:54 fetching corpus: 12550, signal 225323/254265 (executing program) 2025/11/14 19:18:54 fetching corpus: 12600, signal 225621/254265 (executing program) 2025/11/14 19:18:54 fetching corpus: 12650, signal 225888/254265 (executing program) 2025/11/14 19:18:54 fetching corpus: 12700, signal 226223/254265 (executing program) 2025/11/14 19:18:55 fetching corpus: 12750, signal 226489/254265 (executing program) 2025/11/14 19:18:55 fetching corpus: 12800, signal 226670/254266 (executing program) 2025/11/14 19:18:55 fetching corpus: 12850, signal 226872/254266 (executing program) 2025/11/14 19:18:55 fetching corpus: 12900, signal 227169/254268 (executing program) 2025/11/14 19:18:55 fetching corpus: 12950, signal 227329/254268 (executing program) 2025/11/14 19:18:55 fetching corpus: 13000, signal 227674/254268 (executing program) 2025/11/14 19:18:55 fetching corpus: 13050, signal 227886/254268 (executing program) 2025/11/14 19:18:55 fetching corpus: 13100, signal 228060/254268 (executing program) 2025/11/14 19:18:55 fetching corpus: 13150, signal 228209/254268 (executing program) 2025/11/14 19:18:55 fetching corpus: 13200, signal 228387/254268 (executing program) 2025/11/14 19:18:56 fetching corpus: 13250, signal 228708/254268 (executing program) 2025/11/14 19:18:56 fetching corpus: 13300, signal 228891/254268 (executing program) 2025/11/14 19:18:56 fetching corpus: 13350, signal 229110/254268 (executing program) 2025/11/14 19:18:56 fetching corpus: 13400, signal 229300/254268 (executing program) 2025/11/14 19:18:56 fetching corpus: 13450, signal 229469/254268 (executing program) 2025/11/14 19:18:56 fetching corpus: 13500, signal 229708/254268 (executing program) 2025/11/14 19:18:56 fetching corpus: 13550, signal 229874/254268 (executing program) 2025/11/14 19:18:56 fetching corpus: 13600, signal 230186/254268 (executing program) 2025/11/14 19:18:56 fetching corpus: 13650, signal 230409/254268 (executing program) 2025/11/14 19:18:57 fetching corpus: 13700, signal 230587/254268 (executing program) 2025/11/14 19:18:57 fetching corpus: 13750, signal 230854/254268 (executing program) 2025/11/14 19:18:57 fetching corpus: 13800, signal 231009/254268 (executing program) 2025/11/14 19:18:57 fetching corpus: 13850, signal 231170/254268 (executing program) 2025/11/14 19:18:57 fetching corpus: 13900, signal 231356/254268 (executing program) 2025/11/14 19:18:57 fetching corpus: 13950, signal 231528/254268 (executing program) 2025/11/14 19:18:57 fetching corpus: 14000, signal 231712/254268 (executing program) 2025/11/14 19:18:57 fetching corpus: 14050, signal 231870/254268 (executing program) 2025/11/14 19:18:57 fetching corpus: 14100, signal 232025/254268 (executing program) 2025/11/14 19:18:57 fetching corpus: 14150, signal 232186/254268 (executing program) 2025/11/14 19:18:58 fetching corpus: 14200, signal 232359/254268 (executing program) 2025/11/14 19:18:58 fetching corpus: 14250, signal 232523/254268 (executing program) 2025/11/14 19:18:58 fetching corpus: 14300, signal 232686/254268 (executing program) 2025/11/14 19:18:58 fetching corpus: 14350, signal 232864/254268 (executing program) 2025/11/14 19:18:58 fetching corpus: 14400, signal 233067/254268 (executing program) 2025/11/14 19:18:58 fetching corpus: 14450, signal 233223/254268 (executing program) 2025/11/14 19:18:58 fetching corpus: 14500, signal 233385/254268 (executing program) 2025/11/14 19:18:58 fetching corpus: 14550, signal 233566/254268 (executing program) 2025/11/14 19:18:58 fetching corpus: 14600, signal 233765/254268 (executing program) 2025/11/14 19:18:58 fetching corpus: 14650, signal 233993/254268 (executing program) 2025/11/14 19:18:58 fetching corpus: 14700, signal 234202/254268 (executing program) 2025/11/14 19:18:59 fetching corpus: 14750, signal 234373/254268 (executing program) 2025/11/14 19:18:59 fetching corpus: 14800, signal 234581/254268 (executing program) 2025/11/14 19:18:59 fetching corpus: 14850, signal 234709/254268 (executing program) 2025/11/14 19:18:59 fetching corpus: 14900, signal 234910/254268 (executing program) 2025/11/14 19:18:59 fetching corpus: 14950, signal 235061/254268 (executing program) 2025/11/14 19:18:59 fetching corpus: 15000, signal 235195/254268 (executing program) 2025/11/14 19:18:59 fetching corpus: 15050, signal 235642/254268 (executing program) 2025/11/14 19:18:59 fetching corpus: 15100, signal 235784/254268 (executing program) 2025/11/14 19:18:59 fetching corpus: 15150, signal 235935/254268 (executing program) 2025/11/14 19:19:00 fetching corpus: 15200, signal 236194/254268 (executing program) 2025/11/14 19:19:00 fetching corpus: 15250, signal 236417/254268 (executing program) 2025/11/14 19:19:00 fetching corpus: 15300, signal 236584/254268 (executing program) 2025/11/14 19:19:00 fetching corpus: 15350, signal 236716/254268 (executing program) 2025/11/14 19:19:00 fetching corpus: 15400, signal 236901/254268 (executing program) 2025/11/14 19:19:00 fetching corpus: 15435, signal 237044/254268 (executing program) 2025/11/14 19:19:00 fetching corpus: 15435, signal 237044/254268 (executing program) 2025/11/14 19:19:02 starting 8 fuzzer processes 19:19:02 executing program 0: ioctl$CDROMRESET(0xffffffffffffffff, 0x5312) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000000)={0x40, 0x1, 0x9}) fcntl$getown(0xffffffffffffffff, 0x9) r0 = syz_open_dev$vcsu(&(0x7f0000000040), 0x91, 0x10000) ioctl$CDROM_DEBUG(r0, 0x5330, 0x1) ioctl$CDROM_SET_OPTIONS(r0, 0x5320, 0x0) stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)) r1 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000140)) ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000180)={{r1}, "8c329a630097f886aade41d5f75cb9dcb934781b52be2abbd29e5351b51face63859c3a1e2ac5eaaf96129a30f0efbb8fa7c0f69a7a3e59e0c8bca969622b7c04266a60c55899fa0bfb081d106cb09ed142c965e8051f1818e34049181647126a14bc6f00b08b0dbac9b0916de278bc297061b538082d0f4b41da1a0a534d546ed2b5f64c8e1abf9fb6766fddcb8b1a46a84cbc057c386ad9f345ce5aa5027a67aa1b974b655497bd76bf0a0cf3b58805a033bda8c33c36c65146e905d2d7d8e9e66d1ac569f66b03a3310782fdebc604259aefacb93fe49e86669be3b04e55fbff7704fd507f43262e38ecc64fced96ed6fa223840686293cb08c867d182beb5179b1dc58e074398a067561244298a1d83e41e47b9d79bf2ad115e1076977ff0238c2847f995999faf0c1c1223853b3600e29013b82692864e332746f988e7e4833f33f5bffc58a89708cec330409c832404fd61d7bad46bdd951d2801770cbaddeb38b3f323463086cf55c6f5b5fbb546224c3c01e8acc4a2c52dc9d0dbecd6a7f20434711b56205f4205acb980cf41fb574d642176aa11176309b9ef8b741145a89d6cf1cf3f122708cd3b7dd1f5a0d7502edcf419316743fd14660ab2802976c37e6f50967b7755cece3fe5d137e226aa124a5ec33aafdc78dc3670f32f2dab71d4849d89d54f976b27abdee987c14d17c4be9d04aec48133d5b4718e6793fe85ca5b0968203a38b98c2945c04f099a3ce959bb0cf158722f2998adcaaefed21a49fd6136e1a0c09943b71e2c1a3719b7404bb76ef47ed133f1c4db1af1cd404d6c5d140e68aac6a8733dc1bebf7206dc77acbfc9fd41f7698585f963c95fbcca4506d16015824ffae492f3af329ff26f9054a6aee06025cbeaa7c1c4197151804066f1fc9832d73d061ea99c6b84a7ae8c8e72db0c1edd08bb77d82594f5bc5c2ca5fe1b8295292473667a7e6cb6daab90928c09e822526020d372804c1a5d4650ef6801d40b27e56af6dec6ec009b2bfb768c5fd1cd516fd9217d4a301aa81ce690651e52f1164c46a7b19b49d76a577750ccf853d88565b5ccbe495131ece4633a1334b215738b40c96a098417d7bc3e8d87302e818121bf5ef11eaa3576b50253501600a48989b2178473ced499b1c6f33d55d568075c7d03f5742809ae2eb4a0bafa9512a7ce0a3183b479d8c77275bcb5869233b38f1044b08063c71d2491f5b40352adb95d8bd9bf83715d43db120ede7d52c2939e0b5b2a73af662c1ab799fa303e9f7c31ee1e3cfcfa2a63f193f88d9472d6760e83ffa79180feb3db943c8acb839327abcbfbc864b8b90aa9be0450d287503a365c84ed77294aa2136f93c5c24a7ef1a83716896e45824c997252d804c676c045bf3bd2bb9d83f29f607c91e280210f670c82a24c8c3b61e57118170f3f6a541ff6363325ac8f8007b469100c0a8ae1429133aeb3ea28821bb15743549c060287f15b7bfa330adb461b8f1402b774404f6195303900c0df88ff61168ab5ed1d65b0331aa3916a466e46648d02956cd33f085bfd8d45751172ed41a569bf16567d728bbffb58785e81cd7f24e5c0daed4fb866150f8a0df3f67e4cf2b55bd4dce2f639a46e8253778dc88335b01e136be755298734aab91d7c666f08eeaf1fd36df6b9292eba4a67d04eb7f6f63f498ef93c55be570397cb2b885406781d8b0cbd31c55f91c465834fa09f647654d75b2ec9502410172bba32780632a632603adc5008daa2efa7028d00744f6047adb3c66458d83e4035228f2dd3479df16d29caeed4a8374238979e8b7f3399a4589ec78670a49fec872b10aa4073082e6cfb022603b3eade477ed2fb1969175fb3eb6d8ec01257face36d6cca7eef5c008e42960eeef6043b8edc629647f798bdc29640d71ce547b0bc1bdcf035ce0eb2ac2890bb6954ebf225974bd0076577f32a19736dc85440320349d0f44bf4367420cac9eb984bf34f0b30649de530359e55e8f0a7aad63331c053e8105d90b28256fe8fb5a9daf3e58e7c21d21699e0156eddd9f8a7da2f771bcdd8d044e9929f2d8af4dfcd6122e20bc5d214c575915c6d89896e148d0ef0830955e8f0cb738f8755679e3c3c386434661dc62467135aea218fa8cf5d4cd4398a6859e08c246bdac47c60bfa592cf410c6cba89edb311908f5b6a74950f04ce25592dc41caf9de9eeb5c63f7ddea8eaa8aa46002bd7710152228bf72097d1ae0e135c31e3f9e10099aa9518bbfebfd6d97535e8a7f16df6fe0ac132b6babb59e5eee3063aee3dffc2f9a30a77ad3fb138626ef0f676bdc7d53bcba7a8f77313e0adbf055126d81ca92e2b2c6c84eee66501c235766c7b7916e41cee295801489b267606918f0774b1eb2152e4edd797a5b930e187e77fb646834e8d7d3245fcbc513c28b28a467c450595f75c61b56037a4ca1ea0f741732810552fc502012173a9a23f1b32de2a9dec23b4fcb2456860918944f2ada94dfca8001286e8ca3bfacc0d550f591091c98d213bbb02f3523e75e8c84480bc5a6e89d74530de0f82fa91ac220ac564dc64abb16390db6739c92e4f752a69244fd684b70840ef994c11290e716452db1fc652b035251a08fa7f155853365ed41e66df3719fcbf51e7c9b6aaaec8bdc409a4ec5444a7da4435429ce11da180772a772a04ed083f20f1bbdc6a9e72dd456de9367709548d6e61439243517b4d658ff4953051ac18675b533080b29176fabd0f25d213f364e6ddaa316e6e9e4e529eb58808069a94a9f37395efffef3a94a84702eca3797057dc478d59a2a0a5b45ff0b3cdea388e65fe312cefbf5514170c3d13a8a122150d3286108fd274ba88c71a4597fae82e73995170ef19f67404a7dcb251db056c76465dcce2a63624c7ee6bc134fc6a331dc02b0eb9d15be3ad464e4d56396712ead4540e5722b36733ed65d2c03e72805f708eb11e1be8baf07ab775c0f441a524ff69d84e7585be3cfcae6f220e82fa539262d8f5e577a139999bc69fddaccc015d54843f9761da4e53650e60ea54aba9698e7061fecc3f6a66df3e6981cbb02ac99c02dd9675e4de9890742d97a1253c7d759fc3274a5d4dff398aadeb4f6bef40d1881928a3fe6df9c7d15788ceafbdcccb8d38a85cdb4d159758927fb4da46e256e186e675ac016ae412aa959bed83388a0793aac878c15d8e1ce03a6e2775ca00f361662cd08d2ef05a02d1f9245da959fd1620627c2f39b33c977be7bfc5185382517701762b4b2b2b40cf0d4b68339899f494317ca10cf300b9915e20935564f62d5ac99d57d656a47d1c3b69345d7ef64d73549291d0da8987bdf0b8e9bf0218f611c89207ed22b88747dc0be11ecc762d5ece964f068ad0aadd10754c91084aa1396633fca722720ccfbbbb4efbef00a64a5cc5b6b2ff1671f0c6bbe57298dde58c67f18e40ea9647aa7164fc3bf2aa7441e85103a5eb41aa52b2a91fbb93cdf3fa851f7bb4df71a3aaaba053b8f77b37e1e5680811e61c16fe6312e4ff69adabd929d405c53f9c459bbfd4cc01bec080f8c3bb1aeaa05b1cfe220a4fc6cace590ef72d08b6f3be6d8c52d683c9fb81a6f3dc278e9d53c26df536e00107dac76bb46fb41ae4c1bb43321091b339ad438141b1951f724d17ceb93f6527b0c0f13b953ae6dc92c0c1ebf220c31fc48254b6826fe0a994e9ff45a032499cba6e0dc9c22ddd59ac15718370eb63513a30f231ec86cc3ae49f74938db353513eebae1d63829684bbc7bfcc15102e3678a0c21cfc1d137a4bf579ab74e2a58fa30a46225ab18fb31c85c054e371252c7424b7f9cd46586b46b6ab8b8850956366134120f900254eb1150d4f2d4d063c829389b36a9cbeb8177a7e4e4f76acfea73c361299bb33bc6d2046076aaa0c7b726fcaab7719933ae504a91e104be99e68049c56f6dda253ab5fcef3bd245e87c4668ef5a46b452c4241a1aabcf84217545114a949f14921566eab4b3ca5f4accd951370c790bcc9b23c543bf70c5673091b3329f7eeb2ff0384f7ad6aa7c39db1b7539b030efc446baea1fb5a1a968e1fb8e3bae253fc0f99eeebd13fc490f2f5b8842e2b3e5c160ce9adec6b30b17ca5bc81693363b1176510e043a1d81b86ead8e0434ee024a378bb81512a35a4839a6ecd1ce69974ead1ef7296e6de16030e9a58b977ec435f8da60d7d459b5ae52f8c1ac8c1604d468efe3df2679331b42fdc419fee90502bd881bfeb5fa2999844cd34c2199e9865db89874e0a0ac5a8eda7e3816e5f72e5bb849137cd258f7f145055561369a8d4257c4b548f754825911278dd3e47e0473eec0a21a666441a1b9259887ac3e7f90bb3e44c555d4bfb0ecf89f68eb2fa5b077384aaae4e89f4157a40ed999b9682094e82effbccd85832c99b2cedb2089da05fa1f6d074f78a67801062933116b238291b2d4e309d5f89a15ed79709e19a625c5ce1071fc598cdbc23399ddf5840d8c82cdffdfce3eb2ae83ec31bc98224657dde99830600cb47db13757e35bcb66339a77471ee546805ef244f8bc64309d3d03512c82f7ad1711b641ae75446f075fe297d69a9ed951521be074e8d9b32e60292cba5bae570a0def9a52285140bf3984ed4fc8ed8123806ea31e02d18e45b5434fc30b09a69b233ca3d32fe128f6a7bd975a9f35203a3cb49229c6cd4ee8ad007d4a425d9ae39d23372de6495915c4c3b376eaca3c6ada445c424397cfe748a0234c2025bf23845e222b1c26e687b4e7aef54bbcafc63e025b8062dd67b86b36c933be56a415ccf2091098f05b4fd6e535e1b2ffcbbf0f675b4ced85e58f4d9d4d8269047f2b19e4ba8c8e12a37090da79887fbcc922de02cebca5aa90b7d2c0324ec5370ec075e1135b1cec886a85d2a484147a3b2839b7717837a7927640434018e087d7421e9aa07a388d6ddf7bfa274d65822708af64a8f59436b52d922eb94ad1b259252978bf16bffa50042c64633a3c141cf488022488547288cc774e9790aa01173800623d0cb5417e9d4cdeb1bda47b3a8040aed4229755ea03577f91f1103d9818fbe930b83eab262edc8c36e68d6da088b7a7222022f8f6d131c379bda0844e794e2665e63bd9f5788fbd80d3f88aa489a1bc6508224a729ec0d864814e33ade4db9373922ae02fcf8d207fc08840afb54d4ad5fd9ead744a0078ff9c55f49174e4a7ef078b5d26a0cd8252a36718b56c13a94d95ac33d32aa8eb856e710efe20d6ecdc68761dcb359ff1cfef1c5aba3b6a28affe7ba6c69e54a53fbbd38d10b3293fd0a489a2db151803282322b6707167fc042108423383954a1aa949cf1ef2cad30e86fb283431a0602e89190064f7b905aa6baed230a7e2160c939a38d88ab5bf6a07d42fd8bc66ee95b675f091763a556af970e5debba09e0b34b551925c46825d4976f66d39f5ef463c8ff99eea24dc6e1991e1d99657f9369294d467ae7851f94a7173a820661f13429b31a7cee7e14478b7ca1faacbdf709bdd9f25c7c6458f84f95b312a5c6832f3c67e7deaa96dbd4a5f69d8ccdffa7ac21e13344ce87478bc36e7c3490dc3efda56826f7bb940fa329f4b446f40e0de82c9164c39ba35d469cc82bb880257d0c11b10d53c23227d4f35edc6366c69258e35c060872d734948eed6e69d838a86e2ab9f4c201a748cbe3a7f2218b265959137a1d18a5612889243bbb2c46e0ec28a6602e1fd05999fa4219bd00701e2bee3c027d0dad8dc50c748373cc67a96aa111dc5611232273791bf66962"}) syz_mount_image$vfat(&(0x7f0000001180), &(0x7f00000011c0)='./file0\x00', 0x0, 0x1, &(0x7f00000012c0)=[{&(0x7f0000001200)="5c7db60c6ec5a41b0ef77e1802c240f68bf3a27eee92eb852e3f31e13e1f605fabb3372b6a1d8efa0acda5dbcfa402f6efdafbd43b279b83124edf9ca26676c897d9d2517082f6676aa7826ead35e98a9fe5943315e8779c3da25fbf57598a55906e0f82fbeabfbf40a949ba52dc8f50c8771806e94fbada22f27360c94c3d42cd1b4c71d6dafedf61f4df6a44f218c5066d92f04c905a0cfa6b4982f55ad5366dc29bdcee575bdd1f360e", 0xab, 0x6}], 0x106000, &(0x7f0000001300)={[{@uni_xlate}, {@nonumtail}, {@uni_xlate}, {@uni_xlate}, {@shortname_mixed}, {@shortname_lower}], [{@appraise_type}]}) ioctl$PTP_PIN_SETFUNC2(r0, 0x40603d10, &(0x7f0000001380)={'\x00', 0x7f, 0x0, 0x401}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000001400)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0) ioctl$CDROM_LAST_WRITTEN(r2, 0x5395, &(0x7f0000001480)) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000014c0), 0x400, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000001500)={{0x1, 0x1, 0x18, r3, {0xe92}}, './file0/file0\x00'}) mount_setattr(0xffffffffffffffff, &(0x7f0000001540)='./file0\x00', 0x1800, &(0x7f0000001580)={0x100002, 0x84, 0x100000, {r1}}, 0x20) openat$sr(0xffffffffffffff9c, &(0x7f00000015c0), 0x2000, 0x0) fcntl$setflags(0xffffffffffffffff, 0x2, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000001700)=[{&(0x7f0000001640)="a9f9d72a3af1e8ce11401f8227d4dd1ae47d103326e224abf97cfb99c3ebb065d7d6f46a8bd61c22c1b536fb060d079a7c212e636c", 0x35}, {&(0x7f0000001680)="d74b7819ee8b380b488546e9056eb571137e388232dd92e50078bbf0180be5cd1a9b354ac491bf29cee0cea5e82fedec0f63076a33e13c1c911dc1e3914cd24a74f93987ec059675ad72811d2d4ceb463980ee9cb6fb71e7b086b093ec9a41ec487d92d1b046ec6286c931ca17eb5e6ac641513ceb65e257ad272f095398edd2", 0x80}], 0x2, 0x0) 19:19:02 executing program 1: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r0, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x2982}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x9}]}, 0x2c}}, 0x1) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x68, r1, 0x200, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x2c}}}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x21}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x10}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x40}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1685}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3d0}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2d}]}, 0x68}, 0x1, 0x0, 0x0, 0x44}, 0x40c0000) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x7d}, @val={0x8, 0x3, r2}, @void}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10040080) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000440), 0xc800, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_MAC_ACL(r4, &(0x7f0000000680)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000500)={0x12c, r5, 0x10, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa}, {0xa}, {0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x34, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x64, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa}, {0xa}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}]}, 0x12c}, 0x1, 0x0, 0x0, 0x4040}, 0x4) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_WOWLAN(r4, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, r0, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r6}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c811}, 0x804) sendmsg$NL80211_CMD_LEAVE_MESH(r4, &(0x7f00000008c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x7fffffff, 0x12}}}}, ["", "", "", "", "", ""]}, 0x20}}, 0x40084) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f00000009c0)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x2c, r5, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@void, @void, @val={0xc, 0x99, {0x6, 0x4d}}}}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x55, 0x52}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x880) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a40), r4) r8 = ioctl$TUNGETDEVNETNS(r4, 0x54e3, 0x0) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x40, r7, 0x200, 0x70bd2a, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x7fff, 0x1}}}}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r8}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r4}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x26}]}, 0x40}, 0x1, 0x0, 0x0, 0x8080}, 0x40051) sendmsg$NL80211_CMD_UPDATE_FT_IES(r4, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x38, r1, 0x200, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x4, 0x6f}}}}, [@NL80211_ATTR_MDID={0x6, 0xb1, 0x20}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x200}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x40044) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000e40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000cc0)={0x11c, r0, 0x4, 0x8, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_STA_EXT_CAPABILITY={0x50, 0xac, "8d8c766019bf02ab677d0911e1cf4ccca48fd9e5eeed2ce7da02fffc8045fc17f1e13a5334da5dd1476d4f780d74d68e5d2c3191550ca339a6cf046c75e1a5f6562d831a0a568cd93fcb30e7"}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x6e7}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x2}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x74, 0xbe, "936e475ad84671949016f6b05b9f14fa794e7a53761f27e1c7156e958a7774554bbac3456f0530e24e79756262b31d67ebda012341cc9b0f439373813ef5f1190dcff37af7bf58be4b6a09b221b8f50bfc6b71ba53185aab4d8bb69334196c068ff4e06d6d6ff3f1db8ee47b595bc337"}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x20, 0xac, "35a33c8dc82a2a23caf2ff7001787414a826333f37f62059df1322c3"}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x9, 0xa4a}}]}, 0x11c}, 0x1, 0x0, 0x0, 0x14}, 0x40100) 19:19:02 executing program 2: r0 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f0000000040)={0x0, @aes256, 0x0, @desc4}) ioctl(r0, 0x3f, &(0x7f0000000080)="dfed8b06b1355a293286142de8758b3cb1e7f5a6a06684625f86cf4d2b56d65fc46630b94e6cdcf1e436430f9258cc82f53425af36af19f7039358b44501b39b8c03f4183653f0a7cf2f693e6ffb1393f5f5e6fbfe54da9eda8d9fd1e9df18e71cc741c86912456caedb85aa50468d388402e5daa51b843383fbbb3c") r1 = dup2(0xffffffffffffffff, r0) ioctl$HIDIOCINITREPORT(0xffffffffffffffff, 0x4805, 0x0) syz_io_uring_setup(0x2378, &(0x7f0000000100)={0x0, 0xccb4, 0x10, 0x3, 0x2b5}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0)=0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000240)=@IORING_OP_SEND={0x1a, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000200)="3b6f37765f2c24d623ae3b148a6790e2776f251bad7275dd0446aa6c61608bc12582e1823f8131dbf5", 0x29, 0x10000000, 0x2f7a26e0ed5c9ee, {0x0, r3}}, 0xfb) r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000280), 0x8040, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/123, 0x7b}, {&(0x7f0000000340)=""/114, 0x72}], 0x2) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff7000/0x9000)=nil, 0x9000, 0x0, 0x4000010, r1, 0x0) syz_io_uring_setup(0x315a, &(0x7f0000000400)={0x0, 0x63e6, 0x1, 0x0, 0xe6}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000480), &(0x7f00000004c0)=0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000500)=@IORING_OP_ASYNC_CANCEL={0xe, 0x3, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1, {0x0, r7}}, 0x40) recvmsg$unix(r4, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000540)=""/83, 0x53}, {&(0x7f00000005c0)=""/161, 0xa1}, {&(0x7f0000000680)=""/41, 0x29}, {&(0x7f00000006c0)=""/173, 0xad}], 0x4, &(0x7f00000007c0)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60}, 0x2103) r9 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r8, 0xc0189375, &(0x7f0000000880)={{0x1, 0x1, 0x18, r9}, './file0\x00'}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f00000008c0)={0x80000000}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000900)={{0x1, 0x1, 0x18, r4, {0x400}}, './file0/file0\x00'}) fadvise64(r10, 0x3, 0xffffffff80000000, 0x5) 19:19:02 executing program 3: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendmsg$TIPC_NL_MON_PEER_GET(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x9c, r0, 0x8, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x18, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}]}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xffc}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfe48}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), r2) sendmsg$TIPC_NL_BEARER_ADD(r1, &(0x7f00000005c0)={&(0x7f0000000200), 0xc, &(0x7f0000000580)={&(0x7f0000000280)={0x2f4, r3, 0x200, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0xf8, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf82}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3ff}]}]}, @TIPC_NLA_BEARER={0xc0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}}, {0x20, 0x2, @in6={0xa, 0x5, 0x8, @mcast2, 0x20}}}}, @TIPC_NLA_BEARER_NAME={0xb, 0x1, @l2={'ib', 0x3a, 'wg1\x00'}}, @TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'gretap0\x00'}}, @TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'vlan0\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100}]}]}, @TIPC_NLA_LINK={0xc0, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2400000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_BEARER={0x68, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff9}]}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3f}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @rand_addr=0x64010100}}, {0x14, 0x2, @in={0x2, 0x4e23, @empty}}}}]}]}, 0x2f4}, 0x1, 0x0, 0x0, 0x40c5884}, 0x20044050) socketpair(0x2, 0x4, 0x1, &(0x7f0000000600)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000006c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DISCONNECT(r1, &(0x7f00000007c0)={&(0x7f0000000640), 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x70, r6, 0x4, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x200, 0x1e}}}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xd}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3d}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x38}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xc}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x37}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2d}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2c}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000010}, 0x8010) r8 = syz_genetlink_get_family_id$fou(&(0x7f0000000840), r5) sendmsg$FOU_CMD_DEL(r5, &(0x7f0000000940)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000900)={&(0x7f0000000880)={0x6c, r8, 0x10, 0x70bd2a, 0x25dfdbfb, {}, [@FOU_ATTR_PORT={0x6, 0x1, 0x4e22}, @FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x3b}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e22}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e23}, @FOU_ATTR_PEER_V4={0x8, 0x8, @multicast2}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @FOU_ATTR_PEER_V6={0x14, 0x9, @loopback}]}, 0x6c}, 0x1, 0x0, 0x0, 0x10000}, 0x20000000) r9 = dup3(r2, r4, 0x80000) syz_genetlink_get_family_id$batadv(&(0x7f0000000980), r9) r10 = pidfd_getfd(r9, r2, 0x0) pipe2(&(0x7f00000009c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r11, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x28, r6, 0x1, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x400, 0xc}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x50}, 0x0) r13 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r13, 0x0, 0x484, &(0x7f0000000b00)=""/152, &(0x7f0000000bc0)=0x98) fadvise64(r10, 0xdb8, 0x4, 0x3) sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000e00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d00)={0xb4, 0x0, 0x200, 0x0, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x54, 0x7, 0x0, 0x1, [{0x8, 0x1, r2}, {0x8}, {0x8}, {0x8}, {0x8, 0x1, r1}, {0x8, 0x1, r12}, {0x8, 0x1, r1}, {0x8, 0x1, r5}, {0x8}, {0x8, 0x1, r5}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x6}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x8}, @NBD_ATTR_SOCKETS={0x2c, 0x7, 0x0, 0x1, [{0x8, 0x1, r9}, {0x8}, {0x8, 0x1, r10}, {0x8, 0x1, r11}, {0x8, 0x1, r11}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4850}, 0xc000) [ 94.097279] audit: type=1400 audit(1763147942.867:7): avc: denied { execmem } for pid=275 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 19:19:02 executing program 4: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r0, 0x300, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x1}, @NL80211_ATTR_STA_VLAN={0x8}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0xa}, @NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x1}]}, 0x3c}}, 0x22004806) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r1, 0x200, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0x8}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40c0}, 0x4) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000280), 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x68, r2, 0x200, 0x70bd28, 0x25dfdbff, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x49, 0x4, {'gcm(aes)\x00', 0x21, "c7f67054a8667d5e18bfbb214e1f291924df1896108ecf89a1d21c7f7ae3e8dd9c"}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000010}, 0x20000000) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000640)={&(0x7f0000000440)={0x1e8, r0, 0x100, 0x70bd2a, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x7ff, 0x73}}}}, [@NL80211_ATTR_KEYS={0x178, 0x51, 0x0, 0x1, [{0x58, 0x0, 0x0, 0x1, [@NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "26cad55f76"}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "9b5d638ea7e3ea84278bb0ebea"}, @NL80211_KEY_IDX={0x5, 0x2, 0x4}, @NL80211_KEY_MODE={0x5, 0x9, 0x2}, @NL80211_KEY_SEQ={0x5, 0x4, '0'}, @NL80211_KEY_TYPE={0x8, 0x7, 0x2}, @NL80211_KEY_DEFAULT_TYPES={0x8, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_TYPE={0x8, 0x7, 0x2}, @NL80211_KEY_TYPE={0x8, 0x7, 0x1}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "2beb1aeb2adc926a42874ed760"}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "69dab62b1616a7ddf1de8cb808"}, @NL80211_KEY_DEFAULT_TYPES={0x10, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}]}, {0x48, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "2642f24029fd42abbb58e76f78"}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "baaf5d2342"}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "7f95c346e4"}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "43542aaac251f84bbc33037651"}]}, {0x74, 0x0, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPES={0x24, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_KEY_IDX={0x5, 0x2, 0x3}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_DEFAULT_TYPES={0x14, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "da8837e3769fc3628874eac983"}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}]}, @NL80211_ATTR_PREV_BSSID={0xa, 0x4f, @from_mac}, @NL80211_ATTR_SSID={0x11, 0x34, @random="8083d6eba3096debf1d022c868"}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x6}, @NL80211_ATTR_SSID={0x4}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x2004c004}, 0x40) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000006c0), 0x1000, 0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r3, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x2405000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x24, 0x0, 0x0, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4004084) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000840), r3) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f00000009c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000880)={0xfc, r4, 0x4, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x81}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x17}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3ff}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x10001}]}, @TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "b8859395fb931a30cc545b66b8315a3352de210c4e5439a48e7f8698623bf495"}}]}, @TIPC_NLA_MON={0x54, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x400}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3f}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3a}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20040000}, 0x341aac2e4e11197f) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r3, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x4000004}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x1c, 0x0, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x8000}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0x40) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r3, 0x89f9, &(0x7f0000000bc0)={'ip6gre0\x00', &(0x7f0000000b40)={'ip6tnl0\x00', 0x0, 0x29, 0x0, 0x0, 0x6, 0x40, @private2, @dev={0xfe, 0x80, '\x00', 0x3e}, 0x1, 0x7, 0x6, 0x9e28}}) accept4$packet(r3, &(0x7f0000000c00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000c40)=0x14, 0x40800) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r3, 0x89f8, &(0x7f0000000d00)={'ip6tnl0\x00', &(0x7f0000000c80)={'sit0\x00', 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, @mcast1, @empty, 0x8, 0x10, 0x8, 0x4}}) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r3, 0x89fb, &(0x7f0000000dc0)={'ip6gre0\x00', &(0x7f0000000d40)={'sit0\x00', 0x0, 0x4, 0x7f, 0x40, 0x7, 0x29, @dev={0xfe, 0x80, '\x00', 0x23}, @remote, 0x20, 0x20, 0x8, 0x3}}) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r3, 0x89f7, &(0x7f0000000e80)={'syztnl0\x00', &(0x7f0000000e00)={'syztnl0\x00', 0x0, 0x29, 0x3, 0x14, 0x1, 0x10, @mcast2, @loopback, 0x7, 0x20, 0x2, 0x4e6}}) accept$packet(r3, &(0x7f0000000ec0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000f00)=0x14) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000fc0)={'ip6gre0\x00', &(0x7f0000000f40)={'ip6tnl0\x00', 0x0, 0x4, 0x1, 0xa0, 0x6, 0x10, @empty, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x20, 0x0, 0x1ff, 0xd4}}) sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f00000015c0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001580)={&(0x7f00000013c0)={0x1c0, 0x0, 0x2, 0x70bd2b, 0x25dfdbff, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x40044010}, 0x4) 19:19:02 executing program 5: write(0xffffffffffffffff, &(0x7f0000000000)="e36b112db4e249b9933f0455ca949989405ff3d490c5f34934e4f8a6c1a2d922d8e438f29312a6155b8c3c86f0c6bc9bff352b5bbdcb555df338813867ed03d99d4689dfa93da1ba2f86b2d7e2f757c853caa1fb820a46879c18771ef3086ddfdb25c4882eca250a7fabfc93bca32ffa4c956d9ddd5b769d3c48b976da3aece5c587c0a63a7d0b6523b57414c321fff20d9764b185f7e6963be8b265816f705698bf7e90b757c24114a60f820ae2386a21ffc5ffc78cad23718743031d9995c484b1b4b1722c12d144599bed63476bdb15e36452dbdc81b082e40946084a556362375f5ad77d4692d53bf9f9d8cce6416a772d1c1cf6bd6d08", 0xf9) ioctl$CDROM_GET_MCN(0xffffffffffffffff, 0x5311, &(0x7f0000000100)) r0 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000140)={0x10000002}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000002c0)={0x10, 0x0, &(0x7f0000000180)=[@request_death], 0xe6, 0x0, &(0x7f00000001c0)="0b3eda2fb5389ebace53c159493bbbd2343d1eb9a7ebc1ccfa41026977686edd5765ab0a8e4ae1e102066594b0014bcb3cfe20b9a87e4673b707ed2aace80cc9851b56ed94d0d666f82bfb28d50c99b5302fc9671a983dcfd031a9c1da46a299e625beadae4a259a476d73c3f7c1b5b74eca6225257f3b94b836ba0b2ab098ec7dcd37a78cbfb64241bb75b2d2a7e6388fe53a95ce952606c90d1c5af85a41a29f5484b43a3adefb5031aa825ba1e1eec3054f27ca239b9213531e93928c9ebc3717ce13c05e63a09aad1c1f5bba2dcdf9bee25649da1efaf199473a965a8e53afc606ba2c00"}) ioctl$CDROM_LOCKDOOR(0xffffffffffffffff, 0x5329, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000300), 0x5, 0x2de11be82b057d28) r2 = openat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x121000, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000380)={0x2}) ioctl$F2FS_IOC_DEFRAGMENT(r2, 0xc010f508, &(0x7f00000003c0)={0xfffffffffffffffb, 0x100000000}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, 0xffffffffffffffff, &(0x7f0000000400)={0x10000002}) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000440), 0x90002, 0x0) fsetxattr(r3, &(0x7f0000000480)=@known='system.posix_acl_access\x00', &(0x7f00000004c0)='/dev/vcs#\x00', 0xa, 0x2) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r0, &(0x7f0000000500)={0x40000012}) r4 = fsmount(r3, 0x1, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000540)={'veth0_to_team\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r4, 0x89fb, &(0x7f0000000600)={'ip6_vti0\x00', &(0x7f0000000580)={'syztnl1\x00', r5, 0x2f, 0x4, 0x1, 0x10001, 0x40, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, 0x8000, 0x40, 0x8, 0x6}}) sendmsg$NL80211_CMD_DEL_TX_TS(r2, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x68, 0x0, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x8, 0x34}}}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xb}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xe}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xf}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x40000) r6 = fsmount(r3, 0x1, 0x0) clone3(&(0x7f0000000d00)={0x5010080, &(0x7f0000000780), &(0x7f00000007c0), &(0x7f0000000800), {0x1d}, &(0x7f0000000840)=""/209, 0xd1, &(0x7f0000000940)=""/56, &(0x7f0000000cc0)=[0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0], 0x5, {r6}}, 0x58) 19:19:02 executing program 7: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) ioctl$INCFS_IOC_PERMIT_FILL(0xffffffffffffffff, 0x40046721, &(0x7f0000000040)={r0}) write(r0, &(0x7f0000000080)="c838b361cd2969c1f4b9e60ce1f63396543fbb275523173843fccaa49bf3fbd36b0bbf0eb426c07595a1697ea72b80f192587d4c8ceaebe4f80715d08351512e3da4a63690feb4c4aa9902790b56b24c4a2e1bd5f9dafab66614a1c3c0949bc03329107cdb1de607dcc173c5508b9c96b3c91e82e032ebf9ca309ca1a5a265e475d717d71daa2acc9ac82c07ee6d6b9cfde370b70c83489df33e3aee7aa02a43175b8793f99b61", 0xa7) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000140)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x61}) r1 = fsmount(r0, 0x0, 0x1) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000180)) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000001c0)='/dev/sr0\x00', &(0x7f0000000200)='\x8e9):*\xe4\x00', 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000240)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) sendmsg$NL80211_CMD_SET_KEY(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x7c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0xef5, 0x5}}}}, [@NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x2}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "666235ede2"}, @NL80211_ATTR_KEY={0x38, 0x50, 0x0, 0x1, [@NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_SEQ={0x9, 0x4, "f8d8f1feed"}, @NL80211_KEY_MODE={0x5, 0x9, 0x1}, @NL80211_KEY_SEQ={0x10, 0x4, "b9e938c411451129b370acdd"}, @NL80211_KEY_DEFAULT_MGMT={0x4}]}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4806}, 0x94) getsockopt$IP6T_SO_GET_REVISION_TARGET(r2, 0x29, 0x45, &(0x7f00000003c0)={'icmp6\x00'}, &(0x7f0000000400)=0x1e) ioctl$BTRFS_IOC_QGROUP_CREATE(r2, 0x4010942a, &(0x7f0000000440)={0x0, 0x3}) r3 = syz_open_procfs(0x0, &(0x7f0000000480)='net/xfrm_stat\x00') close_range(r3, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000000540)={'ip6tnl0\x00', &(0x7f00000004c0)={'syztnl1\x00', 0x0, 0x3c01d41e2eabd3b, 0x1f, 0x3, 0xfffffff9, 0x12, @private1={0xfc, 0x1, '\x00', 0x1}, @loopback, 0x1, 0x20, 0x63f5fcc9, 0x1000}}) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000580)={@empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7fff, 0x200, 0x7, 0x100, 0x5, 0x40890388, r4}) r5 = fspick(r0, &(0x7f0000000600)='./file0\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000640)={{0x1, 0x1, 0x18, r0}, './file1\x00'}) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f00000006c0), 0x42c201, 0x0) renameat(r6, &(0x7f0000000680)='./file0\x00', r7, &(0x7f0000000700)='./file0\x00') 19:19:02 executing program 6: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)=0x0) r1 = fspick(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r2 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='memory.max\x00', 0x2, 0x0) kcmp$KCMP_EPOLL_TFD(r0, 0x0, 0x7, r1, &(0x7f00000000c0)={0xffffffffffffffff, r2, 0xe0d}) r3 = creat(&(0x7f0000000100)='./file0\x00', 0x0) getsockopt$EBT_SO_GET_INIT_ENTRIES(r3, 0x0, 0x83, &(0x7f0000001180)={'nat\x00', 0x0, 0x3, 0x1000, [0x1, 0x5, 0x7fff, 0x3, 0x800, 0x400], 0x3, &(0x7f0000000140)=[{}, {}, {}], &(0x7f0000000180)=""/4096}, &(0x7f0000001200)=0x78) fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000001240), &(0x7f0000001280)='./file0\x00', 0x8, 0x1) r4 = syz_io_uring_setup(0x6e0a, &(0x7f00000012c0)={0x0, 0xf14a, 0x20, 0x2, 0xc0, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000001340), &(0x7f0000001380)=0x0) syz_io_uring_submit(0x0, r5, &(0x7f0000001500)=@IORING_OP_STATX={0x15, 0x2, 0x0, 0xffffffffffffffff, &(0x7f00000013c0), &(0x7f00000014c0)='./file0\x00', 0x63a, 0x400}, 0x80000001) openat$cgroup_devices(r3, &(0x7f0000001540)='devices.allow\x00', 0x2, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000001580)={{{@in=@private, @in=@empty}}, {{@in=@initdev}, 0x0, @in6=@private0}}, &(0x7f0000001680)=0xe8) ioctl$LOOP_SET_FD(r3, 0x4c00, r3) umount2(&(0x7f00000016c0)='./file0\x00', 0x1) write$P9_RLCREATE(0xffffffffffffffff, &(0x7f0000001700)={0x18, 0xf, 0x1, {{0x4, 0x1, 0x3}, 0x2}}, 0x18) ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f0000001740)={{0x1, 0x1, 0x18, r1, {0x100}}, './file0\x00'}) signalfd4(r4, &(0x7f0000001780)={[0x6]}, 0x8, 0x800) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000017c0)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) ioctl$BLKRRPART(r6, 0x125f, 0x0) syz_io_uring_setup(0x3fac, &(0x7f0000001800)={0x0, 0xc2fd, 0x4, 0x1, 0x4, 0x0, r1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000001880)=0x0, &(0x7f00000018c0)) syz_io_uring_submit(r7, r5, &(0x7f0000002e80)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd=r1, 0x8, &(0x7f0000002dc0)=[{&(0x7f0000001900)=""/21, 0x15}, {&(0x7f0000001940)=""/221, 0xdd}, {&(0x7f0000001a40)=""/234, 0xea}, {&(0x7f0000001b40)=""/74, 0x4a}, {&(0x7f0000001bc0)=""/228, 0xe4}, {&(0x7f0000001cc0)=""/75, 0x4b}, {&(0x7f0000001d40)=""/44, 0x2c}, {&(0x7f0000001d80)=""/31, 0x1f}, {&(0x7f0000001dc0)=""/4096, 0x1000}], 0x9, 0x14}, 0x7) [ 95.241413] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 95.243587] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 95.245326] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 95.247540] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 95.249389] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.370219] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 95.372284] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 95.373247] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 95.375194] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 95.376367] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 95.431503] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 95.447016] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 95.448615] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 95.450317] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 95.454243] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 95.456977] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 95.457812] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 95.462935] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 95.480321] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 95.481767] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 95.482817] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 95.485840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 95.492191] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 95.496860] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 95.499601] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 95.503303] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 95.508996] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 95.519339] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 95.522990] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 95.525287] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 95.536576] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 95.538110] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 95.549852] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 95.557820] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 95.557840] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 95.560647] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 95.571934] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 95.572047] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 95.590013] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 95.598945] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 97.279412] Bluetooth: hci0: command tx timeout [ 97.406776] Bluetooth: hci1: command tx timeout [ 97.534888] Bluetooth: hci2: command tx timeout [ 97.535505] Bluetooth: hci3: command tx timeout [ 97.601842] Bluetooth: hci6: command tx timeout [ 97.602343] Bluetooth: hci4: command tx timeout [ 97.662913] Bluetooth: hci5: command tx timeout [ 97.663477] Bluetooth: hci7: command tx timeout [ 99.326838] Bluetooth: hci0: command tx timeout [ 99.454829] Bluetooth: hci1: command tx timeout [ 99.582785] Bluetooth: hci3: command tx timeout [ 99.583200] Bluetooth: hci2: command tx timeout [ 99.646854] Bluetooth: hci4: command tx timeout [ 99.647263] Bluetooth: hci6: command tx timeout [ 99.710845] Bluetooth: hci7: command tx timeout [ 99.711254] Bluetooth: hci5: command tx timeout [ 101.376843] Bluetooth: hci0: command tx timeout [ 101.502804] Bluetooth: hci1: command tx timeout [ 101.631121] Bluetooth: hci2: command tx timeout [ 101.631551] Bluetooth: hci3: command tx timeout [ 101.694880] Bluetooth: hci4: command tx timeout [ 101.695286] Bluetooth: hci6: command tx timeout [ 101.759249] Bluetooth: hci5: command tx timeout [ 101.759649] Bluetooth: hci7: command tx timeout [ 103.423315] Bluetooth: hci0: command tx timeout [ 103.552739] Bluetooth: hci1: command tx timeout [ 103.678790] Bluetooth: hci3: command tx timeout [ 103.679258] Bluetooth: hci2: command tx timeout [ 103.742897] Bluetooth: hci4: command tx timeout [ 103.743354] Bluetooth: hci6: command tx timeout [ 103.806803] Bluetooth: hci7: command tx timeout [ 103.807253] Bluetooth: hci5: command tx timeout [ 128.078167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.078953] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 128.265938] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.266567] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 19:19:37 executing program 4: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x20204}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x24000000) unshare(0x24000200) r1 = getpid() pidfd_open(r1, 0x0) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x16, 0x4, 0x84, 0x4, 0x0, 0xffff, 0x1040, 0x4, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8000, 0x1, @perf_bp={&(0x7f0000000080), 0x8}, 0x1b8b0, 0x1, 0x8c0, 0x5, 0x6c8e, 0x1e, 0xb2f4, 0x0, 0xbb, 0x0, 0x4a4d}, r1, 0xd, r0, 0xe) unshare(0x2c020600) [ 129.231624] audit: type=1400 audit(1763147977.998:8): avc: denied { open } for pid=3578 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 129.237804] audit: type=1400 audit(1763147977.999:9): avc: denied { kernel } for pid=3578 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 129.277288] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000017: 0000 [#1] SMP KASAN NOPTI [ 129.278214] KASAN: null-ptr-deref in range [0x00000000000000b8-0x00000000000000bf] [ 129.278845] CPU: 0 UID: 0 PID: 3583 Comm: syz-executor.4 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) [ 129.279697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.281119] RIP: 0010:put_pid_ns+0x30/0x80 [ 129.281954] Code: 89 fd 53 e8 42 a0 03 00 48 85 ed 74 3d e8 38 a0 03 00 48 8d bd d0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 75 35 48 8b 9d d0 00 00 00 bf 08 00 00 00 48 89 de e8 [ 129.285363] RSP: 0018:ffff8880176d7db0 EFLAGS: 00010216 [ 129.286275] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffc90005212000 [ 129.287462] RDX: 0000000000000017 RSI: ffffffff817193a8 RDI: 00000000000000ba [ 129.288709] RBP: ffffffffffffffea R08: 0000000000000001 R09: ffffed1002edafa3 [ 129.289277] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880165756c0 [ 129.289842] R13: ffff888016575874 R14: ffffffff85cfdf20 R15: ffff888014638878 [ 129.290415] FS: 00007fbc559b3700(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000 [ 129.291065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.291537] CR2: 00007f2e7f7dc59e CR3: 000000001ea06000 CR4: 0000000000350ef0 [ 129.292102] Call Trace: [ 129.292313] [ 129.292497] nsproxy_free+0xfa/0x5a0 [ 129.292805] create_new_namespaces+0x585/0x750 [ 129.293171] unshare_nsproxy_namespaces+0xc0/0x200 [ 129.293566] ksys_unshare+0x468/0xa10 [ 129.293883] ? __pfx_ksys_unshare+0x10/0x10 [ 129.294235] ? xfd_validate_state+0x55/0x180 [ 129.294605] __x64_sys_unshare+0x31/0x40 [ 129.294934] do_syscall_64+0xbf/0x430 [ 129.295260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.295669] RIP: 0033:0x7fbc5843db19 [ 129.295968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.297408] RSP: 002b:00007fbc559b3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 129.298005] RAX: ffffffffffffffda RBX: 00007fbc58550f60 RCX: 00007fbc5843db19 [ 129.298580] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000024000200 [ 129.299145] RBP: 00007fbc58497f6d R08: 0000000000000000 R09: 0000000000000000 [ 129.299704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.300263] R13: 00007ffe591a484f R14: 00007fbc559b3300 R15: 0000000000022000 [ 129.300830] [ 129.301020] Modules linked in: [ 129.301430] ---[ end trace 0000000000000000 ]--- [ 129.301906] RIP: 0010:put_pid_ns+0x30/0x80 [ 129.302257] Code: 89 fd 53 e8 42 a0 03 00 48 85 ed 74 3d e8 38 a0 03 00 48 8d bd d0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 75 35 48 8b 9d d0 00 00 00 bf 08 00 00 00 48 89 de e8 [ 129.303805] RSP: 0018:ffff8880176d7db0 EFLAGS: 00010216 [ 129.304235] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffc90005212000 [ 129.304920] RDX: 0000000000000017 RSI: ffffffff817193a8 RDI: 00000000000000ba [ 129.305489] RBP: ffffffffffffffea R08: 0000000000000001 R09: ffffed1002edafa3 [ 129.306150] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880165756c0 [ 129.306804] R13: ffff888016575874 R14: ffffffff85cfdf20 R15: ffff888014638878 [ 129.307375] FS: 00007fbc559b3700(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000 [ 129.308093] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.308562] CR2: 00007f2e7f7dc59e CR3: 000000001ea06000 CR4: 0000000000350ef0 [ 129.724155] ieee80211 phy4: Selected rate control algorithm 'minstrel_ht' [ 129.766339] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.766994] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.791690] ieee80211 phy5: Selected rate control algorithm 'minstrel_ht' [ 129.869442] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.870222] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.048426] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000017: 0000 [#2] SMP KASAN NOPTI [ 130.049370] KASAN: null-ptr-deref in range [0x00000000000000b8-0x00000000000000bf] [ 130.049974] CPU: 1 UID: 0 PID: 3591 Comm: syz-executor.4 Tainted: G D 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) [ 130.050915] Tainted: [D]=DIE [ 130.051161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 130.051812] RIP: 0010:put_pid_ns+0x30/0x80 [ 130.052161] Code: 89 fd 53 e8 42 a0 03 00 48 85 ed 74 3d e8 38 a0 03 00 48 8d bd d0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 75 35 48 8b 9d d0 00 00 00 bf 08 00 00 00 48 89 de e8 [ 130.053582] RSP: 0018:ffff888016857db0 EFLAGS: 00010216 [ 130.054003] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffc90005a16000 [ 130.054581] RDX: 0000000000000017 RSI: ffffffff817193a8 RDI: 00000000000000ba [ 130.055144] RBP: ffffffffffffffea R08: 0000000000000001 R09: ffffed1002d0afa3 [ 130.055700] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88801619cb60 [ 130.056258] R13: ffff88801619cd14 R14: ffffffff85cfdf20 R15: ffff888049082438 [ 130.056884] FS: 00007fbc55992700(0000) GS:ffff8880e548f000(0000) knlGS:0000000000000000 [ 130.057755] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.058372] CR2: 00007fc123ba9000 CR3: 000000001ea06000 CR4: 0000000000350ef0 [ 130.058941] Call Trace: [ 130.059155] [ 130.059341] nsproxy_free+0xfa/0x5a0 [ 130.059646] create_new_namespaces+0x585/0x750 [ 130.060020] unshare_nsproxy_namespaces+0xc0/0x200 [ 130.060413] ksys_unshare+0x468/0xa10 [ 130.060728] ? __pfx_ksys_unshare+0x10/0x10 [ 130.061073] ? xfd_validate_state+0x55/0x180 [ 130.061437] __x64_sys_unshare+0x31/0x40 [ 130.061768] do_syscall_64+0xbf/0x430 [ 130.062081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.062488] RIP: 0033:0x7fbc5843db19 [ 130.062792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.064490] RSP: 002b:00007fbc55992188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 130.065253] RAX: ffffffffffffffda RBX: 00007fbc58551020 RCX: 00007fbc5843db19 [ 130.066001] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000024000000 [ 130.066579] RBP: 00007fbc58497f6d R08: 0000000000000000 R09: 0000000000000000 [ 130.067141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.067703] R13: 00007ffe591a484f R14: 00007fbc55992300 R15: 0000000000022000 [ 130.068268] [ 130.068458] Modules linked in: [ 130.068840] ---[ end trace 0000000000000000 ]--- [ 130.069217] RIP: 0010:put_pid_ns+0x30/0x80 [ 130.069559] Code: 89 fd 53 e8 42 a0 03 00 48 85 ed 74 3d e8 38 a0 03 00 48 8d bd d0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 75 35 48 8b 9d d0 00 00 00 bf 08 00 00 00 48 89 de e8 [ 130.071073] RSP: 0018:ffff8880176d7db0 EFLAGS: 00010216 [ 130.071500] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffc90005212000 [ 130.072119] RDX: 0000000000000017 RSI: ffffffff817193a8 RDI: 00000000000000ba [ 130.072677] RBP: ffffffffffffffea R08: 0000000000000001 R09: ffffed1002edafa3 [ 130.073294] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880165756c0 [ 130.073879] R13: ffff888016575874 R14: ffffffff85cfdf20 R15: ffff888014638878 [ 130.074439] FS: 00007fbc55992700(0000) GS:ffff8880e548f000(0000) knlGS:0000000000000000 [ 130.075092] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.075669] CR2: 00007fc123ba9000 CR3: 000000001ea06000 CR4: 0000000000350ef0 19:19:38 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000001c0)={'wlan1\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x6c, 0x0, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'syzkaller1\x00'}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20040000}, 0x20004000) sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x1c, r1, 0x200, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x20000044) [ 130.562365] ieee80211 phy6: Selected rate control algorithm 'minstrel_ht' [ 130.652790] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.653416] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.661474] ieee80211 phy7: Selected rate control algorithm 'minstrel_ht' [ 130.713245] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.713882] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.727634] ieee80211 phy8: Selected rate control algorithm 'minstrel_ht' [ 130.801898] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.802486] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.826296] ieee80211 phy9: Selected rate control algorithm 'minstrel_ht' [ 130.887939] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.888546] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.174229] ieee80211 phy10: Selected rate control algorithm 'minstrel_ht' [ 131.203412] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.204059] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.212450] ieee80211 phy11: Selected rate control algorithm 'minstrel_ht' [ 131.256092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.256664] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.404860] ieee80211 phy12: Selected rate control algorithm 'minstrel_ht' [ 131.444748] ieee80211 phy13: Selected rate control algorithm 'minstrel_ht' [ 131.445389] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.445961] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.483108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.483752] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.546627] ieee80211 phy14: Selected rate control algorithm 'minstrel_ht' [ 131.563011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.563618] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.566962] ieee80211 phy15: Selected rate control algorithm 'minstrel_ht' [ 131.589223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.590003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.738170] ieee80211 phy16: Selected rate control algorithm 'minstrel_ht' [ 131.764114] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.764682] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.769487] ieee80211 phy17: Selected rate control algorithm 'minstrel_ht' [ 131.782246] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.782893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 VM DIAGNOSIS: 19:19:38 Registers: info registers vcpu 0 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8293dd05 RDI=ffffffff889747c0 RBP=ffffffff88974780 RSP=ffff8880176d7680 R8 =0000000000000000 R9 =ffffed1001663046 R10=0000000000000030 R11=0000000065646f43 R12=0000000000000030 R13=0000000000000010 R14=ffffffff88974780 R15=ffffffff8293dcf0 RIP=ffffffff8293dd5d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fbc559b3700 00000000 00000000 GS =0000 ffff8880e538f000 00000000 00000000 LDT=0000 fffffe1600000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2e7f7dc59e CR3=000000001ea06000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fbc585247c000007fbc585247c8 XMM02=00007fbc585247e000007fbc585247c0 XMM03=00007fbc585247c800007fbc585247c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000558964be0000 RCX=ffffffff84c5dc7a RDX=ffff88801463b780 RSI=ffffffff818f1a1f RDI=0000000000000006 RBP=ffffea00001ddaa0 RSP=ffff88801f757b40 R8 =0000000000000001 R9 =fffff9400003bb50 R10=0000000000000004 R11=0000000000000000 R12=0000000000000001 R13=ffff88801f757d68 R14=0000558964be3000 R15=0000000000000000 RIP=ffffffff817533e8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e548f000 00000000 00000000 LDT=0000 fffffe4400000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000558964be0040 CR3=000000000e0ec000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=ffffffffffffffffffff000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000