Warning: Permanently added '[localhost]:14629' (ECDSA) to the list of known hosts.
2025/11/15 08:57:01 fuzzer started
2025/11/15 08:57:01 dialing manager at localhost:37161
syzkaller login: [   50.643254] cgroup: Unknown subsys name 'net'
[   50.714749] cgroup: Unknown subsys name 'cpuset'
[   50.732622] cgroup: Unknown subsys name 'rlimit'
2025/11/15 08:57:11 syscalls: 2214
2025/11/15 08:57:11 code coverage: enabled
2025/11/15 08:57:11 comparison tracing: enabled
2025/11/15 08:57:11 extra coverage: enabled
2025/11/15 08:57:11 setuid sandbox: enabled
2025/11/15 08:57:11 namespace sandbox: enabled
2025/11/15 08:57:11 Android sandbox: enabled
2025/11/15 08:57:11 fault injection: enabled
2025/11/15 08:57:11 leak checking: enabled
2025/11/15 08:57:11 net packet injection: enabled
2025/11/15 08:57:11 net device setup: enabled
2025/11/15 08:57:11 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/11/15 08:57:11 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/11/15 08:57:11 USB emulation: enabled
2025/11/15 08:57:11 hci packet injection: enabled
2025/11/15 08:57:11 wifi device emulation: enabled
2025/11/15 08:57:11 802.15.4 emulation: enabled
2025/11/15 08:57:11 fetching corpus: 50, signal 20090/21927 (executing program)
2025/11/15 08:57:11 fetching corpus: 100, signal 34885/38348 (executing program)
2025/11/15 08:57:12 fetching corpus: 150, signal 43503/48494 (executing program)
2025/11/15 08:57:12 fetching corpus: 200, signal 53200/59573 (executing program)
2025/11/15 08:57:12 fetching corpus: 250, signal 59073/66835 (executing program)
2025/11/15 08:57:12 fetching corpus: 300, signal 63004/72155 (executing program)
2025/11/15 08:57:12 fetching corpus: 350, signal 66840/77327 (executing program)
2025/11/15 08:57:12 fetching corpus: 400, signal 70566/82322 (executing program)
2025/11/15 08:57:12 fetching corpus: 450, signal 74110/87143 (executing program)
2025/11/15 08:57:12 fetching corpus: 500, signal 76433/90736 (executing program)
2025/11/15 08:57:12 fetching corpus: 550, signal 78297/93874 (executing program)
2025/11/15 08:57:12 fetching corpus: 600, signal 81148/97867 (executing program)
2025/11/15 08:57:12 fetching corpus: 650, signal 84635/102424 (executing program)
2025/11/15 08:57:13 fetching corpus: 700, signal 87156/106029 (executing program)
2025/11/15 08:57:13 fetching corpus: 750, signal 89625/109546 (executing program)
2025/11/15 08:57:13 fetching corpus: 800, signal 91801/112772 (executing program)
2025/11/15 08:57:13 fetching corpus: 850, signal 94105/116078 (executing program)
2025/11/15 08:57:13 fetching corpus: 900, signal 95695/118750 (executing program)
2025/11/15 08:57:13 fetching corpus: 950, signal 97075/121220 (executing program)
2025/11/15 08:57:13 fetching corpus: 1000, signal 98810/123957 (executing program)
2025/11/15 08:57:13 fetching corpus: 1050, signal 100130/126349 (executing program)
2025/11/15 08:57:13 fetching corpus: 1100, signal 102277/129416 (executing program)
2025/11/15 08:57:13 fetching corpus: 1150, signal 105021/132911 (executing program)
2025/11/15 08:57:13 fetching corpus: 1200, signal 106966/135672 (executing program)
2025/11/15 08:57:14 fetching corpus: 1250, signal 109423/138876 (executing program)
2025/11/15 08:57:14 fetching corpus: 1300, signal 110802/141147 (executing program)
2025/11/15 08:57:14 fetching corpus: 1350, signal 112020/143274 (executing program)
2025/11/15 08:57:14 fetching corpus: 1400, signal 113449/145555 (executing program)
2025/11/15 08:57:14 fetching corpus: 1450, signal 117154/149577 (executing program)
2025/11/15 08:57:14 fetching corpus: 1500, signal 118347/151598 (executing program)
2025/11/15 08:57:14 fetching corpus: 1550, signal 119322/153480 (executing program)
2025/11/15 08:57:14 fetching corpus: 1600, signal 120038/155122 (executing program)
2025/11/15 08:57:14 fetching corpus: 1650, signal 121361/157224 (executing program)
2025/11/15 08:57:14 fetching corpus: 1700, signal 122791/159363 (executing program)
2025/11/15 08:57:14 fetching corpus: 1750, signal 124064/161348 (executing program)
2025/11/15 08:57:14 fetching corpus: 1800, signal 125755/163664 (executing program)
2025/11/15 08:57:15 fetching corpus: 1850, signal 128302/166534 (executing program)
2025/11/15 08:57:15 fetching corpus: 1900, signal 129679/168583 (executing program)
2025/11/15 08:57:15 fetching corpus: 1950, signal 130570/170246 (executing program)
2025/11/15 08:57:15 fetching corpus: 2000, signal 131661/172069 (executing program)
2025/11/15 08:57:15 fetching corpus: 2050, signal 132709/173817 (executing program)
2025/11/15 08:57:15 fetching corpus: 2100, signal 133342/175243 (executing program)
2025/11/15 08:57:15 fetching corpus: 2150, signal 134989/177324 (executing program)
2025/11/15 08:57:15 fetching corpus: 2200, signal 136047/179030 (executing program)
2025/11/15 08:57:15 fetching corpus: 2250, signal 137040/180627 (executing program)
2025/11/15 08:57:15 fetching corpus: 2300, signal 137988/182216 (executing program)
2025/11/15 08:57:16 fetching corpus: 2350, signal 139100/183931 (executing program)
2025/11/15 08:57:16 fetching corpus: 2400, signal 140733/185933 (executing program)
2025/11/15 08:57:16 fetching corpus: 2450, signal 141393/187312 (executing program)
2025/11/15 08:57:16 fetching corpus: 2500, signal 142541/189005 (executing program)
2025/11/15 08:57:16 fetching corpus: 2550, signal 143354/190420 (executing program)
2025/11/15 08:57:16 fetching corpus: 2600, signal 144277/191930 (executing program)
2025/11/15 08:57:16 fetching corpus: 2650, signal 145407/193534 (executing program)
2025/11/15 08:57:16 fetching corpus: 2700, signal 146630/195199 (executing program)
2025/11/15 08:57:16 fetching corpus: 2750, signal 147702/196798 (executing program)
2025/11/15 08:57:16 fetching corpus: 2800, signal 148993/198372 (executing program)
2025/11/15 08:57:17 fetching corpus: 2850, signal 149677/199651 (executing program)
2025/11/15 08:57:17 fetching corpus: 2900, signal 150906/201276 (executing program)
2025/11/15 08:57:17 fetching corpus: 2950, signal 151644/202563 (executing program)
2025/11/15 08:57:17 fetching corpus: 3000, signal 152805/204040 (executing program)
2025/11/15 08:57:17 fetching corpus: 3050, signal 153700/205380 (executing program)
2025/11/15 08:57:17 fetching corpus: 3100, signal 154323/206527 (executing program)
2025/11/15 08:57:17 fetching corpus: 3150, signal 154968/207706 (executing program)
2025/11/15 08:57:17 fetching corpus: 3200, signal 156011/209140 (executing program)
2025/11/15 08:57:17 fetching corpus: 3250, signal 156820/210354 (executing program)
2025/11/15 08:57:17 fetching corpus: 3300, signal 157615/211577 (executing program)
2025/11/15 08:57:18 fetching corpus: 3350, signal 158480/212870 (executing program)
2025/11/15 08:57:18 fetching corpus: 3400, signal 159409/214153 (executing program)
2025/11/15 08:57:18 fetching corpus: 3450, signal 159919/215160 (executing program)
2025/11/15 08:57:18 fetching corpus: 3500, signal 160477/216170 (executing program)
2025/11/15 08:57:18 fetching corpus: 3550, signal 161075/217300 (executing program)
2025/11/15 08:57:18 fetching corpus: 3600, signal 161781/218372 (executing program)
2025/11/15 08:57:18 fetching corpus: 3650, signal 162280/219354 (executing program)
2025/11/15 08:57:18 fetching corpus: 3700, signal 162888/220430 (executing program)
2025/11/15 08:57:18 fetching corpus: 3750, signal 163588/221499 (executing program)
2025/11/15 08:57:19 fetching corpus: 3800, signal 164206/222520 (executing program)
2025/11/15 08:57:19 fetching corpus: 3850, signal 164652/223442 (executing program)
2025/11/15 08:57:19 fetching corpus: 3900, signal 165509/224528 (executing program)
2025/11/15 08:57:19 fetching corpus: 3950, signal 166368/225612 (executing program)
2025/11/15 08:57:19 fetching corpus: 4000, signal 166964/226573 (executing program)
2025/11/15 08:57:19 fetching corpus: 4050, signal 167472/227511 (executing program)
2025/11/15 08:57:19 fetching corpus: 4100, signal 168007/228451 (executing program)
2025/11/15 08:57:19 fetching corpus: 4150, signal 168569/229430 (executing program)
2025/11/15 08:57:19 fetching corpus: 4200, signal 169274/230415 (executing program)
2025/11/15 08:57:19 fetching corpus: 4250, signal 169939/231417 (executing program)
2025/11/15 08:57:20 fetching corpus: 4300, signal 170533/232293 (executing program)
2025/11/15 08:57:20 fetching corpus: 4350, signal 171118/233225 (executing program)
2025/11/15 08:57:20 fetching corpus: 4400, signal 171908/234236 (executing program)
2025/11/15 08:57:20 fetching corpus: 4450, signal 172463/235150 (executing program)
2025/11/15 08:57:20 fetching corpus: 4500, signal 172879/235988 (executing program)
2025/11/15 08:57:20 fetching corpus: 4550, signal 173262/236781 (executing program)
2025/11/15 08:57:20 fetching corpus: 4600, signal 173742/237606 (executing program)
2025/11/15 08:57:20 fetching corpus: 4650, signal 174228/238443 (executing program)
2025/11/15 08:57:20 fetching corpus: 4700, signal 174725/239284 (executing program)
2025/11/15 08:57:20 fetching corpus: 4750, signal 174991/240048 (executing program)
2025/11/15 08:57:20 fetching corpus: 4800, signal 175480/240877 (executing program)
2025/11/15 08:57:21 fetching corpus: 4850, signal 176132/241746 (executing program)
2025/11/15 08:57:21 fetching corpus: 4900, signal 177038/242696 (executing program)
2025/11/15 08:57:21 fetching corpus: 4950, signal 177463/243473 (executing program)
2025/11/15 08:57:21 fetching corpus: 5000, signal 177993/244267 (executing program)
2025/11/15 08:57:21 fetching corpus: 5050, signal 178421/245018 (executing program)
2025/11/15 08:57:21 fetching corpus: 5100, signal 178924/245797 (executing program)
2025/11/15 08:57:21 fetching corpus: 5150, signal 179497/246539 (executing program)
2025/11/15 08:57:21 fetching corpus: 5200, signal 179982/247329 (executing program)
2025/11/15 08:57:21 fetching corpus: 5250, signal 180370/248057 (executing program)
2025/11/15 08:57:21 fetching corpus: 5300, signal 180880/248856 (executing program)
2025/11/15 08:57:21 fetching corpus: 5350, signal 181329/249607 (executing program)
2025/11/15 08:57:22 fetching corpus: 5400, signal 181745/250339 (executing program)
2025/11/15 08:57:22 fetching corpus: 5450, signal 182132/251089 (executing program)
2025/11/15 08:57:22 fetching corpus: 5500, signal 182476/251778 (executing program)
2025/11/15 08:57:22 fetching corpus: 5550, signal 182978/252492 (executing program)
2025/11/15 08:57:22 fetching corpus: 5600, signal 183462/253198 (executing program)
2025/11/15 08:57:22 fetching corpus: 5650, signal 183870/253859 (executing program)
2025/11/15 08:57:22 fetching corpus: 5700, signal 184305/254553 (executing program)
2025/11/15 08:57:22 fetching corpus: 5750, signal 184694/255227 (executing program)
2025/11/15 08:57:22 fetching corpus: 5800, signal 185197/255913 (executing program)
2025/11/15 08:57:23 fetching corpus: 5850, signal 185559/256544 (executing program)
2025/11/15 08:57:23 fetching corpus: 5900, signal 185970/257192 (executing program)
2025/11/15 08:57:23 fetching corpus: 5950, signal 186282/257826 (executing program)
2025/11/15 08:57:23 fetching corpus: 6000, signal 186655/258481 (executing program)
2025/11/15 08:57:23 fetching corpus: 6050, signal 187077/259102 (executing program)
2025/11/15 08:57:23 fetching corpus: 6100, signal 187546/259756 (executing program)
2025/11/15 08:57:23 fetching corpus: 6150, signal 188031/260387 (executing program)
2025/11/15 08:57:23 fetching corpus: 6200, signal 188414/260973 (executing program)
2025/11/15 08:57:23 fetching corpus: 6250, signal 188807/261560 (executing program)
2025/11/15 08:57:24 fetching corpus: 6300, signal 189505/262162 (executing program)
2025/11/15 08:57:24 fetching corpus: 6350, signal 189835/262726 (executing program)
2025/11/15 08:57:24 fetching corpus: 6400, signal 190306/263310 (executing program)
2025/11/15 08:57:24 fetching corpus: 6450, signal 190625/263912 (executing program)
2025/11/15 08:57:24 fetching corpus: 6500, signal 190980/264465 (executing program)
2025/11/15 08:57:24 fetching corpus: 6550, signal 191253/265008 (executing program)
2025/11/15 08:57:24 fetching corpus: 6600, signal 191551/265561 (executing program)
2025/11/15 08:57:24 fetching corpus: 6650, signal 191967/266139 (executing program)
2025/11/15 08:57:24 fetching corpus: 6700, signal 192201/266172 (executing program)
2025/11/15 08:57:24 fetching corpus: 6750, signal 192537/266172 (executing program)
2025/11/15 08:57:24 fetching corpus: 6800, signal 193062/266172 (executing program)
2025/11/15 08:57:25 fetching corpus: 6850, signal 193431/266172 (executing program)
2025/11/15 08:57:25 fetching corpus: 6900, signal 193883/266172 (executing program)
2025/11/15 08:57:25 fetching corpus: 6950, signal 194172/266173 (executing program)
2025/11/15 08:57:25 fetching corpus: 7000, signal 194557/266175 (executing program)
2025/11/15 08:57:25 fetching corpus: 7050, signal 194944/266175 (executing program)
2025/11/15 08:57:25 fetching corpus: 7100, signal 195368/266175 (executing program)
2025/11/15 08:57:25 fetching corpus: 7150, signal 195706/266175 (executing program)
2025/11/15 08:57:25 fetching corpus: 7200, signal 196038/266176 (executing program)
2025/11/15 08:57:25 fetching corpus: 7250, signal 196398/266176 (executing program)
2025/11/15 08:57:25 fetching corpus: 7300, signal 196802/266176 (executing program)
2025/11/15 08:57:26 fetching corpus: 7350, signal 197118/266176 (executing program)
2025/11/15 08:57:26 fetching corpus: 7400, signal 197605/266176 (executing program)
2025/11/15 08:57:26 fetching corpus: 7450, signal 198057/266176 (executing program)
2025/11/15 08:57:26 fetching corpus: 7500, signal 198450/266176 (executing program)
2025/11/15 08:57:26 fetching corpus: 7550, signal 198768/266176 (executing program)
2025/11/15 08:57:26 fetching corpus: 7600, signal 199049/266176 (executing program)
2025/11/15 08:57:26 fetching corpus: 7650, signal 199391/266177 (executing program)
2025/11/15 08:57:26 fetching corpus: 7700, signal 199782/266196 (executing program)
2025/11/15 08:57:26 fetching corpus: 7750, signal 200061/266196 (executing program)
2025/11/15 08:57:26 fetching corpus: 7800, signal 200388/266196 (executing program)
2025/11/15 08:57:27 fetching corpus: 7850, signal 200648/266196 (executing program)
2025/11/15 08:57:27 fetching corpus: 7900, signal 201049/266196 (executing program)
2025/11/15 08:57:27 fetching corpus: 7950, signal 201310/266196 (executing program)
2025/11/15 08:57:27 fetching corpus: 8000, signal 201820/266196 (executing program)
2025/11/15 08:57:27 fetching corpus: 8050, signal 202139/266196 (executing program)
2025/11/15 08:57:27 fetching corpus: 8100, signal 202462/266196 (executing program)
2025/11/15 08:57:27 fetching corpus: 8150, signal 202827/266196 (executing program)
2025/11/15 08:57:27 fetching corpus: 8200, signal 203194/266207 (executing program)
2025/11/15 08:57:27 fetching corpus: 8250, signal 203483/266207 (executing program)
2025/11/15 08:57:27 fetching corpus: 8300, signal 203790/266207 (executing program)
2025/11/15 08:57:28 fetching corpus: 8350, signal 204041/266207 (executing program)
2025/11/15 08:57:28 fetching corpus: 8400, signal 204478/266207 (executing program)
2025/11/15 08:57:28 fetching corpus: 8450, signal 204769/266221 (executing program)
2025/11/15 08:57:28 fetching corpus: 8500, signal 205050/266221 (executing program)
2025/11/15 08:57:28 fetching corpus: 8550, signal 205332/266221 (executing program)
2025/11/15 08:57:28 fetching corpus: 8600, signal 205693/266221 (executing program)
2025/11/15 08:57:28 fetching corpus: 8650, signal 206095/266221 (executing program)
2025/11/15 08:57:28 fetching corpus: 8700, signal 206421/266221 (executing program)
2025/11/15 08:57:28 fetching corpus: 8750, signal 206718/266221 (executing program)
2025/11/15 08:57:28 fetching corpus: 8800, signal 206935/266221 (executing program)
2025/11/15 08:57:29 fetching corpus: 8850, signal 207214/266221 (executing program)
2025/11/15 08:57:29 fetching corpus: 8900, signal 207448/266221 (executing program)
2025/11/15 08:57:29 fetching corpus: 8950, signal 207905/266224 (executing program)
2025/11/15 08:57:29 fetching corpus: 9000, signal 208186/266224 (executing program)
2025/11/15 08:57:29 fetching corpus: 9050, signal 209166/266224 (executing program)
2025/11/15 08:57:29 fetching corpus: 9100, signal 209410/266224 (executing program)
2025/11/15 08:57:29 fetching corpus: 9150, signal 209694/266224 (executing program)
2025/11/15 08:57:29 fetching corpus: 9200, signal 209923/266224 (executing program)
2025/11/15 08:57:29 fetching corpus: 9250, signal 210147/266224 (executing program)
2025/11/15 08:57:30 fetching corpus: 9300, signal 210439/266224 (executing program)
2025/11/15 08:57:30 fetching corpus: 9350, signal 210709/266224 (executing program)
2025/11/15 08:57:30 fetching corpus: 9400, signal 210925/266224 (executing program)
2025/11/15 08:57:30 fetching corpus: 9450, signal 211301/266224 (executing program)
2025/11/15 08:57:30 fetching corpus: 9500, signal 211597/266224 (executing program)
2025/11/15 08:57:30 fetching corpus: 9550, signal 211854/266224 (executing program)
2025/11/15 08:57:30 fetching corpus: 9600, signal 212144/266224 (executing program)
2025/11/15 08:57:30 fetching corpus: 9650, signal 212466/266224 (executing program)
2025/11/15 08:57:30 fetching corpus: 9700, signal 212838/266224 (executing program)
2025/11/15 08:57:31 fetching corpus: 9750, signal 213095/266224 (executing program)
2025/11/15 08:57:31 fetching corpus: 9800, signal 213305/266224 (executing program)
2025/11/15 08:57:31 fetching corpus: 9850, signal 213562/266224 (executing program)
2025/11/15 08:57:31 fetching corpus: 9900, signal 213813/266224 (executing program)
2025/11/15 08:57:31 fetching corpus: 9950, signal 214029/266224 (executing program)
2025/11/15 08:57:31 fetching corpus: 10000, signal 214285/266224 (executing program)
2025/11/15 08:57:31 fetching corpus: 10050, signal 214466/266224 (executing program)
2025/11/15 08:57:31 fetching corpus: 10100, signal 214652/266224 (executing program)
2025/11/15 08:57:31 fetching corpus: 10150, signal 214885/266224 (executing program)
2025/11/15 08:57:31 fetching corpus: 10200, signal 215205/266224 (executing program)
2025/11/15 08:57:31 fetching corpus: 10250, signal 215425/266224 (executing program)
2025/11/15 08:57:32 fetching corpus: 10300, signal 215669/266224 (executing program)
2025/11/15 08:57:32 fetching corpus: 10350, signal 215852/266224 (executing program)
2025/11/15 08:57:32 fetching corpus: 10400, signal 216054/266224 (executing program)
2025/11/15 08:57:32 fetching corpus: 10450, signal 216273/266224 (executing program)
2025/11/15 08:57:32 fetching corpus: 10500, signal 216682/266224 (executing program)
2025/11/15 08:57:32 fetching corpus: 10550, signal 216960/266224 (executing program)
2025/11/15 08:57:32 fetching corpus: 10600, signal 217220/266224 (executing program)
2025/11/15 08:57:32 fetching corpus: 10650, signal 217450/266224 (executing program)
2025/11/15 08:57:32 fetching corpus: 10700, signal 217705/266224 (executing program)
2025/11/15 08:57:32 fetching corpus: 10750, signal 217913/266224 (executing program)
2025/11/15 08:57:32 fetching corpus: 10800, signal 218087/266224 (executing program)
2025/11/15 08:57:33 fetching corpus: 10850, signal 218399/266224 (executing program)
2025/11/15 08:57:33 fetching corpus: 10900, signal 218629/266224 (executing program)
2025/11/15 08:57:33 fetching corpus: 10950, signal 218943/266225 (executing program)
2025/11/15 08:57:33 fetching corpus: 11000, signal 219147/266225 (executing program)
2025/11/15 08:57:33 fetching corpus: 11050, signal 219363/266225 (executing program)
2025/11/15 08:57:33 fetching corpus: 11100, signal 219650/266225 (executing program)
2025/11/15 08:57:33 fetching corpus: 11150, signal 219916/266225 (executing program)
2025/11/15 08:57:33 fetching corpus: 11200, signal 220146/266225 (executing program)
2025/11/15 08:57:33 fetching corpus: 11250, signal 220349/266225 (executing program)
2025/11/15 08:57:33 fetching corpus: 11300, signal 220665/266225 (executing program)
2025/11/15 08:57:34 fetching corpus: 11350, signal 220898/266225 (executing program)
2025/11/15 08:57:34 fetching corpus: 11400, signal 221175/266225 (executing program)
2025/11/15 08:57:34 fetching corpus: 11450, signal 221342/266228 (executing program)
2025/11/15 08:57:34 fetching corpus: 11500, signal 221541/266228 (executing program)
2025/11/15 08:57:34 fetching corpus: 11550, signal 221700/266228 (executing program)
2025/11/15 08:57:34 fetching corpus: 11600, signal 221855/266228 (executing program)
2025/11/15 08:57:34 fetching corpus: 11650, signal 222116/266233 (executing program)
2025/11/15 08:57:34 fetching corpus: 11700, signal 222297/266233 (executing program)
2025/11/15 08:57:34 fetching corpus: 11750, signal 222478/266233 (executing program)
2025/11/15 08:57:34 fetching corpus: 11800, signal 222706/266233 (executing program)
2025/11/15 08:57:34 fetching corpus: 11850, signal 222856/266233 (executing program)
2025/11/15 08:57:35 fetching corpus: 11900, signal 223089/266233 (executing program)
2025/11/15 08:57:35 fetching corpus: 11950, signal 223252/266233 (executing program)
2025/11/15 08:57:35 fetching corpus: 12000, signal 223439/266233 (executing program)
2025/11/15 08:57:35 fetching corpus: 12050, signal 223893/266233 (executing program)
2025/11/15 08:57:35 fetching corpus: 12100, signal 224161/266233 (executing program)
2025/11/15 08:57:35 fetching corpus: 12150, signal 224330/266233 (executing program)
2025/11/15 08:57:35 fetching corpus: 12200, signal 224558/266233 (executing program)
2025/11/15 08:57:35 fetching corpus: 12250, signal 224877/266233 (executing program)
2025/11/15 08:57:35 fetching corpus: 12300, signal 225050/266233 (executing program)
2025/11/15 08:57:35 fetching corpus: 12350, signal 225314/266233 (executing program)
2025/11/15 08:57:35 fetching corpus: 12400, signal 225557/266233 (executing program)
2025/11/15 08:57:36 fetching corpus: 12450, signal 225762/266233 (executing program)
2025/11/15 08:57:36 fetching corpus: 12500, signal 225923/266233 (executing program)
2025/11/15 08:57:36 fetching corpus: 12550, signal 226105/266233 (executing program)
2025/11/15 08:57:36 fetching corpus: 12600, signal 226302/266233 (executing program)
2025/11/15 08:57:36 fetching corpus: 12650, signal 226535/266233 (executing program)
2025/11/15 08:57:36 fetching corpus: 12700, signal 226798/266233 (executing program)
2025/11/15 08:57:36 fetching corpus: 12750, signal 227029/266233 (executing program)
2025/11/15 08:57:36 fetching corpus: 12800, signal 227242/266233 (executing program)
2025/11/15 08:57:36 fetching corpus: 12850, signal 227431/266233 (executing program)
2025/11/15 08:57:36 fetching corpus: 12900, signal 227600/266234 (executing program)
2025/11/15 08:57:36 fetching corpus: 12950, signal 227841/266234 (executing program)
2025/11/15 08:57:37 fetching corpus: 13000, signal 228000/266234 (executing program)
2025/11/15 08:57:37 fetching corpus: 13050, signal 228202/266234 (executing program)
2025/11/15 08:57:37 fetching corpus: 13100, signal 228429/266234 (executing program)
2025/11/15 08:57:37 fetching corpus: 13150, signal 228581/266234 (executing program)
2025/11/15 08:57:37 fetching corpus: 13200, signal 228865/266234 (executing program)
2025/11/15 08:57:37 fetching corpus: 13250, signal 229094/266234 (executing program)
2025/11/15 08:57:37 fetching corpus: 13300, signal 229393/266234 (executing program)
2025/11/15 08:57:37 fetching corpus: 13350, signal 229579/266234 (executing program)
2025/11/15 08:57:37 fetching corpus: 13400, signal 229771/266234 (executing program)
2025/11/15 08:57:37 fetching corpus: 13450, signal 229936/266234 (executing program)
2025/11/15 08:57:37 fetching corpus: 13500, signal 230156/266234 (executing program)
2025/11/15 08:57:38 fetching corpus: 13550, signal 230409/266234 (executing program)
2025/11/15 08:57:38 fetching corpus: 13600, signal 230556/266235 (executing program)
2025/11/15 08:57:38 fetching corpus: 13650, signal 230771/266235 (executing program)
2025/11/15 08:57:38 fetching corpus: 13700, signal 230943/266235 (executing program)
2025/11/15 08:57:38 fetching corpus: 13750, signal 231122/266235 (executing program)
2025/11/15 08:57:38 fetching corpus: 13800, signal 231327/266235 (executing program)
2025/11/15 08:57:38 fetching corpus: 13850, signal 231580/266235 (executing program)
2025/11/15 08:57:38 fetching corpus: 13900, signal 231768/266235 (executing program)
2025/11/15 08:57:38 fetching corpus: 13950, signal 231910/266235 (executing program)
2025/11/15 08:57:38 fetching corpus: 14000, signal 232090/266235 (executing program)
2025/11/15 08:57:38 fetching corpus: 14050, signal 232247/266235 (executing program)
2025/11/15 08:57:38 fetching corpus: 14100, signal 232612/266235 (executing program)
2025/11/15 08:57:39 fetching corpus: 14150, signal 232812/266235 (executing program)
2025/11/15 08:57:39 fetching corpus: 14200, signal 232984/266235 (executing program)
2025/11/15 08:57:39 fetching corpus: 14250, signal 233251/266235 (executing program)
2025/11/15 08:57:39 fetching corpus: 14300, signal 233385/266235 (executing program)
2025/11/15 08:57:39 fetching corpus: 14350, signal 233585/266235 (executing program)
2025/11/15 08:57:39 fetching corpus: 14400, signal 233801/266235 (executing program)
2025/11/15 08:57:39 fetching corpus: 14450, signal 233965/266235 (executing program)
2025/11/15 08:57:39 fetching corpus: 14500, signal 234167/266235 (executing program)
2025/11/15 08:57:39 fetching corpus: 14550, signal 234290/266235 (executing program)
2025/11/15 08:57:39 fetching corpus: 14600, signal 234475/266235 (executing program)
2025/11/15 08:57:39 fetching corpus: 14650, signal 234613/266235 (executing program)
2025/11/15 08:57:40 fetching corpus: 14700, signal 234797/266235 (executing program)
2025/11/15 08:57:40 fetching corpus: 14750, signal 234993/266235 (executing program)
2025/11/15 08:57:40 fetching corpus: 14800, signal 235177/266235 (executing program)
2025/11/15 08:57:40 fetching corpus: 14850, signal 235369/266235 (executing program)
2025/11/15 08:57:40 fetching corpus: 14900, signal 235553/266235 (executing program)
2025/11/15 08:57:40 fetching corpus: 14950, signal 235855/266235 (executing program)
2025/11/15 08:57:40 fetching corpus: 15000, signal 236006/266237 (executing program)
2025/11/15 08:57:40 fetching corpus: 15050, signal 236158/266238 (executing program)
2025/11/15 08:57:40 fetching corpus: 15100, signal 236455/266238 (executing program)
2025/11/15 08:57:40 fetching corpus: 15150, signal 236652/266238 (executing program)
2025/11/15 08:57:41 fetching corpus: 15200, signal 236816/266238 (executing program)
2025/11/15 08:57:41 fetching corpus: 15250, signal 236998/266238 (executing program)
2025/11/15 08:57:41 fetching corpus: 15300, signal 237160/266238 (executing program)
2025/11/15 08:57:41 fetching corpus: 15350, signal 237364/266239 (executing program)
2025/11/15 08:57:41 fetching corpus: 15400, signal 237514/266246 (executing program)
2025/11/15 08:57:41 fetching corpus: 15450, signal 237631/266247 (executing program)
2025/11/15 08:57:41 fetching corpus: 15500, signal 237871/266247 (executing program)
2025/11/15 08:57:41 fetching corpus: 15550, signal 238019/266247 (executing program)
2025/11/15 08:57:41 fetching corpus: 15600, signal 238191/266247 (executing program)
2025/11/15 08:57:41 fetching corpus: 15650, signal 238855/266247 (executing program)
2025/11/15 08:57:42 fetching corpus: 15700, signal 239049/266247 (executing program)
2025/11/15 08:57:42 fetching corpus: 15750, signal 239193/266247 (executing program)
2025/11/15 08:57:42 fetching corpus: 15790, signal 239333/266247 (executing program)
2025/11/15 08:57:42 fetching corpus: 15790, signal 239333/266247 (executing program)
2025/11/15 08:57:44 starting 8 fuzzer processes
08:57:44 executing program 0:
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x20, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_PRIVACY={0x4}]}, 0x1c}}, 0x8000)
sendmsg$NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_MLSCATLST={0x28, 0xc, 0x0, 0x1, [{0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4a80a1de}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x31425563}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x55a1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc0f4}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x6000c000}, 0x4008894)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0xcc, 0x0, 0x9, 0x101, 0x0, 0x0, {0xc, 0x0, 0x9}, [@NFCTH_TUPLE={0x88, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @empty}}}]}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x4}}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x1e}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_STATUS={0x8}]}, 0xcc}, 0x1, 0x0, 0x0, 0x8080}, 0x8040)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', <r0=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000480)={0xd4, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r0}, @void}}, [@NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x7f}, {0x9, 0x2}, {0x40, 0x3}, {0x3f, 0x4}, {0x1, 0x7}, {0x1, 0x4}, {0x3, 0x6}, {0x6, 0x7}, {0x7a, 0x6}, {0xff, 0x1}, {0x1, 0x2}, {0x9, 0x3}, {0x20, 0x3}], "42a68c62b63239ae"}}, @NL80211_ATTR_QOS_MAP={0x12, 0xc7, {[{0x65, 0x4}, {0x80, 0x7}, {0x8, 0x7}], "fff5f13775c565f7"}}, @NL80211_ATTR_QOS_MAP={0x36, 0xc7, {[{0x6a, 0x4}, {0x6, 0x2}, {0x1, 0x2}, {0x2, 0x2}, {0x1}, {0xff, 0x1}, {0xd0, 0x5}, {0x9, 0x2}, {0xd1}, {0x80, 0x2}, {0xa4, 0x3}, {0x0, 0x3}, {0x7, 0x2}, {0x9, 0x1}, {0x6, 0x5}, {0x9, 0x5}, {0x19, 0x2}, {0x1, 0x6}, {0x1, 0x1}, {0x6, 0x2}, {0x5}], "c8e0faab9984b763"}}, @NL80211_ATTR_QOS_MAP={0xc, 0xc7, {[], "ea4f18b101a2b42f"}}, @NL80211_ATTR_QOS_MAP={0x22, 0xc7, {[{0x9, 0x4}, {0x9, 0x5}, {0x4, 0x3}, {0x40, 0x3}, {0xc1, 0x2}, {0xff, 0x3}, {0x81, 0x3}, {0x40, 0x1}, {0x3, 0x1}, {0x1, 0x4}, {0x8, 0x3}], "8869e1f4fc951cd0"}}, @NL80211_ATTR_QOS_MAP={0x12, 0xc7, {[{0xfd, 0x6}, {0xff, 0x4}, {0x6, 0x2}], "dd5afb7b4bb5e48a"}}]}, 0xd4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000814)
sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x14, 0x5, 0x1, 0x201, 0x0, 0x0, {0x7, 0x0, 0x5}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x58, 0x0, 0x500, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x9, 0x3}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}]}, 0x58}, 0x1, 0x0, 0x0, 0x20044014}, 0x4000004)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x20, r1, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x1, 0x1b}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4020010}, 0x4001)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000980)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, @in_args={0x4}}, './file0\x00'})
sendmsg$NFNL_MSG_CTHELPER_DEL(r2, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x60, 0x2, 0x9, 0x801, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_STATUS={0x8}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x1}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @loopback}}}]}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000080}, 0xc040)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000b00), 0x1a1000, 0x0)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0xd58ee81cd456c6c8}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x1c, r1, 0x100, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_USE_MFP={0x8, 0x42, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x12, r2, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c80), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000cc0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r3, &(0x7f0000000d80)={&(0x7f0000000c40), 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x28, r4, 0x2, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0xb, 0x5e}}}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000011}, 0x844)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000e00), r2)
sendmsg$TIPC_CMD_SHOW_STATS(r3, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x1c, r6, 0x20, 0x70bd25, 0x25dfdbfb, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
getxattr(&(0x7f0000000f00)='./file0\x00', &(0x7f0000000f40)=@random={'os2.', ' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, &(0x7f0000000f80)=""/220, 0xdc)

08:57:44 executing program 1:
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$CDROM_NEXT_WRITABLE(r0, 0x5394, &(0x7f0000000040))
r1 = dup2(r0, r0)
readv(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/60, 0x3c}], 0x1)
close(r0)
r2 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$KDGETKEYCODE(r2, 0x4b4c, &(0x7f0000000100)={0xff, 0x7})
ioctl$TUNGETFILTER(r0, 0x801054db, &(0x7f0000000140)=""/18)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>r0}, './file0\x00'})
ioctl$LOOP_SET_FD(r3, 0x4c00, r1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f00000001c0)={0x8000, 0x65d, 0x2, 0x20, 0x1, "5173626c3d184f93c2f8e6ab5800a497ebff8f", 0x2, 0x7})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='clear_refs\x00')
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0)
r4 = socket$nl_audit(0x10, 0x3, 0x9)
pread64(r4, &(0x7f0000000240)=""/220, 0xdc, 0x6)
r5 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000340), 0x400, 0x0)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r5, 0x40049366, &(0x7f0000000380))
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x565043, 0x1)
pipe(&(0x7f0000000400)={<r6=>0xffffffffffffffff})
sendmsg$TIPC_NL_LINK_SET(r6, &(0x7f00000006c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f00000004c0)={0x190, 0x0, 0x2, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_MEDIA={0x68, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xdc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_SOCK={0x9c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xb0}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000001}]}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}]}, @TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xf5e2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffffb}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1f}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9d3}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x80}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA={0x18, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @rand_addr=0x64010101}}, {0x14, 0x2, @in={0x2, 0x4e21, @multicast1}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'macvlan1\x00'}}]}]}, 0x190}, 0x1, 0x0, 0x0, 0x40}, 0x4040010)

08:57:44 executing program 7:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
io_submit(0x0, 0x2, &(0x7f0000000100)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffffffffffff, &(0x7f0000000000)="bad1d5be02f9a7562328ff0899b9106703fa60d10d21159fef656bf66ecb1e35a1daeaf59a8ce049475b088785ef7bceade08651df2d92e417cd89", 0x3b, 0x7, 0x0, 0x1}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x2, r0, &(0x7f0000000080)="5dd2df0f7ee17a2706237e6939d858d24bb0473166aa8fa165f4eb00354dd36c15", 0x21, 0x4, 0x0, 0x2}])
connect$bt_sco(r0, &(0x7f0000000140)={0x1f, @none}, 0x8)
r1 = memfd_secret(0x0)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000180)={0x1f, @none}, 0x8)
r2 = syz_open_dev$vcsa(&(0x7f00000001c0), 0xfffffffffffffe01, 0x20d01)
r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4)
fcntl$setlease(r2, 0x400, 0x1)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd=r2, 0x2, 0x0, 0x9}, 0x7)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/dev_snmp6\x00')
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r3)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r2, 0x40189429, &(0x7f0000000280)={0x1, 0x3})
connect$bt_sco(r5, &(0x7f00000002c0)={0x1f, @none}, 0x8)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000300), &(0x7f0000000340)=0xc)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
shutdown(r2, 0x0)

08:57:44 executing program 2:
getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x8)
io_setup(0x9, &(0x7f0000000080)=<r0=>0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x4, 0x20, 0x81, 0x800}, {0x5, 0x9, 0xb8, 0x2}]})
io_cancel(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x9ac, r1, &(0x7f0000000140)="d8983dd574acdbe8a2132484ca167064c3c53010d021c635ae777f60248d4f9cef1df0645694851b9805a8d43edf9d70f5a44ec80c89b14c6ffeb8328ca2f9d8dc5f059af3687789c5178b17200ac49cf8e144075ebf482a38cdaf32eb699aa0e7417966c8e92c697f615f51f0c014aaed6d0a4dfe0af3bd5f3fe813209b609816", 0x81, 0x8001, 0x0, 0x1}, &(0x7f0000000240))
r2 = accept$inet6(0xffffffffffffffff, &(0x7f00000022c0)={0xa, 0x0, 0x0, @remote}, &(0x7f0000002300)=0x1c)
r3 = accept$packet(0xffffffffffffffff, &(0x7f0000002400)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000002440)=0x14)
setsockopt$inet6_mreq(r2, 0x29, 0x14, &(0x7f0000002480)={@private2, r4}, 0x14)
getsockname(r3, &(0x7f00000024c0)=@sco, &(0x7f0000002540)=0x80)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000002580))
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f00000025c0)={{0x7, 0x81}, 0x100, './file0\x00'})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000002700))
r5 = syz_open_dev$mouse(&(0x7f0000002740), 0xbe, 0x2a2c0)
bind(r2, &(0x7f0000002780)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4, 0x2, 0x4}}, 0x80)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCOUTQNSD(r6, 0x894b, &(0x7f0000002800))
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r5, 0x89f4, &(0x7f00000028c0)={'ip6tnl0\x00', &(0x7f0000002840)={'ip6_vti0\x00', 0x0, 0x0, 0xb4, 0x28, 0x20, 0x8, @private2, @local, 0x1, 0x40, 0x3, 0xfffffff7}})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002900)={0x0, <r7=>0x0})
r8 = socket$packet(0x11, 0x2, 0x300)
kcmp(0x0, r7, 0x1, r8, r3)
setxattr$security_ima(&(0x7f0000002980)='./file0\x00', &(0x7f00000029c0), &(0x7f0000002a00)=@v1={0x2, "12"}, 0x2, 0x1)

08:57:44 executing program 3:
write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @sniff_subrate={{0x811, 0x8}, {0x1, 0x400, 0x6, 0x8}}}, 0xc)
recvmmsg(0xffffffffffffffff, &(0x7f0000000680)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)=""/141, 0x8d}, {&(0x7f0000000100)=""/207, 0xcf}, {&(0x7f0000000200)=""/207, 0xcf}, {&(0x7f0000000300)=""/3, 0x3}, {&(0x7f0000000340)=""/185, 0xb9}, {&(0x7f0000000400)=""/128, 0x80}, {&(0x7f0000000480)=""/39, 0x27}, {&(0x7f00000004c0)=""/191, 0xbf}, {&(0x7f0000000580)=""/4, 0x4}], 0x9}, 0x7fff}], 0x1, 0x2000, &(0x7f00000006c0)={0x77359400})
bind(0xffffffffffffffff, &(0x7f0000000700)=@hci={0x1f, 0x3}, 0x80)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000780)={{{@in6=@empty, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@private2}}, &(0x7f0000000880)=0xe8)
recvmmsg(0xffffffffffffffff, &(0x7f0000003d40)=[{{&(0x7f00000008c0)=@x25={0x9, @remote}, 0x80, &(0x7f0000000a40)=[{&(0x7f0000000940)=""/214, 0xd6}], 0x1, &(0x7f0000000a80)=""/217, 0xd9}, 0x5}, {{&(0x7f0000000b80)=@ieee802154, 0x80, &(0x7f0000001f80)=[{&(0x7f0000000c00)=""/140, 0x8c}, {&(0x7f0000000cc0)=""/41, 0x29}, {&(0x7f0000000d00)=""/126, 0x7e}, {&(0x7f0000000d80)=""/196, 0xc4}, {&(0x7f0000000e80)=""/4096, 0x1000}, {&(0x7f0000001e80)=""/246, 0xf6}], 0x6, &(0x7f0000002000)=""/164, 0xa4}, 0xc12}, {{&(0x7f00000020c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, &(0x7f00000028c0)=[{&(0x7f0000002140)=""/175, 0xaf}, {&(0x7f0000002200)=""/215, 0xd7}, {&(0x7f0000002300)=""/170, 0xaa}, {&(0x7f00000023c0)}, {&(0x7f0000002400)=""/164, 0xa4}, {&(0x7f00000024c0)=""/86, 0x56}, {&(0x7f0000002540)=""/213, 0xd5}, {&(0x7f0000002640)=""/210, 0xd2}, {&(0x7f0000002740)=""/74, 0x4a}, {&(0x7f00000027c0)=""/244, 0xf4}], 0xa, &(0x7f0000002980)=""/192, 0xc0}, 0xd041}, {{&(0x7f0000002a40)=@ax25={{0x3, @null}, [@remote, @netrom, @null, @null, @null, @rose, @bcast, @netrom]}, 0x80, &(0x7f0000002b00)=[{&(0x7f0000002ac0)=""/11, 0xb}], 0x1, &(0x7f0000002b40)=""/193, 0xc1}, 0x51}, {{0x0, 0x0, &(0x7f0000003d00)=[{&(0x7f0000002c40)=""/4096, 0x1000}, {&(0x7f0000003c40)=""/177, 0xb1}], 0x2}, 0xffff}], 0x5, 0x240, &(0x7f0000003e80)={0x0, 0x989680})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000004000)={'syztnl1\x00', &(0x7f0000003fc0)={'gre0\x00', <r2=>r0, 0x40, 0x20, 0x13cdcc59, 0x0, {{0x5, 0x4, 0x2, 0x3b, 0x14, 0x64, 0x0, 0x7f, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x34}, @broadcast}}}})
sendmsg$TEAM_CMD_NOOP(r1, &(0x7f0000004200)={&(0x7f0000003ec0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000041c0)={&(0x7f0000004040)={0x170, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [{{0x8, 0x1, r0}, {0x154, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xb39}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1711}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x0, 0x81, 0x1d, 0xcc70}, {0x5, 0xa7, 0x6, 0x6}, {0x6, 0x58, 0x0, 0x3ff}, {0x6, 0x8, 0x7f, 0x9}, {0x4, 0x81, 0x1b, 0x1}, {0xfff, 0x83, 0x6, 0x9}]}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r0}}}]}}]}, 0x170}, 0x1, 0x0, 0x0, 0x40}, 0x40040)
recvfrom(r1, &(0x7f0000004240)=""/7, 0x7, 0x12140, &(0x7f0000004280)=@rxrpc=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x6, @private0, 0x1}}, 0x80)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000004300)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
write$bt_hci(r3, &(0x7f0000004340)={0x1, @le_add_to_accept_list={{0x2011, 0x7}, {0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xb)
mount_setattr(r3, &(0x7f0000004380)='./file0\x00', 0x8100, &(0x7f00000043c0)={0x70, 0xf4, 0x60000, {r3}}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000004400)={{0x1, 0x1, 0x18, <r4=>r1}, './file0\x00'})
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000004480), r3)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r4, &(0x7f0000004540)={&(0x7f0000004440)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000004500)={&(0x7f00000044c0)={0x20, r5, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r3, 0x89fb, &(0x7f0000007540)={'sit0\x00', &(0x7f00000074c0)={'sit0\x00', <r6=>r2, 0x29, 0x8, 0x1f, 0xffffffff, 0x8, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, 0x80, 0x10, 0x1616, 0xffff5354}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000075c0)={'syztnl0\x00', &(0x7f0000007580)={'gretap0\x00', r6, 0x1, 0x20, 0x1, 0x5, {{0x8, 0x4, 0x0, 0x6, 0x20, 0x67, 0x0, 0x6, 0x2c99cfcb3baea2a3, 0x0, @private=0xa010102, @private=0xa010101, {[@ra={0x94, 0x4, 0x1}, @generic={0x44, 0x7, "46f1b431e3"}]}}}}})
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000007600)={{{@in=@multicast1, @in6=@private2}}, {{@in=@initdev}, 0x0, @in6=@empty}}, &(0x7f0000007700)=0xe8)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000007780)={'syztnl2\x00', &(0x7f0000007740)={'gre0\x00', r0, 0x1, 0x10, 0x4, 0xff, {{0x7, 0x4, 0x1, 0x3a, 0x1c, 0x65, 0x0, 0x4, 0x96333ff85a30a4c6, 0x0, @dev={0xac, 0x14, 0x14, 0x19}, @empty, {[@lsrr={0x83, 0x7, 0xc3, [@initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}}})
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000077c0)={{{@in6=@dev, @in=@dev}}, {{@in6=@private1}, 0x0, @in=@multicast2}}, &(0x7f00000078c0)=0xe8)

08:57:44 executing program 4:
r0 = syz_io_uring_complete(0x0)
ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000000)=0xfff)
ioctl$NS_GET_OWNER_UID(r0, 0xb704, &(0x7f0000000040))
ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000080))
r1 = dup3(0xffffffffffffffff, r0, 0x0)
syz_open_dev$evdev(&(0x7f00000000c0), 0x6, 0x109002)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
io_cancel(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3, 0x7, r2, &(0x7f0000000100)="83f27264b15d8163e18c137ef2cfaa187216a26fc6738f44bf8a503a7d4202d43838ccb8e9451e304129fbe2db12e27dd3a8012fdd3e66bc65b6cf1e8869c5d39cff33a96344daf7cf9e3fcb87537929eb52a3a8db210a208b8776f9600aeca036e4d55f0d558b586d2e897fc20054bf9691f4f1a9df386198bcf2f31cb31f3f78127e1820de6e7c1db6c3167c124a7c770af081b58bf139872e7cc01edca16a", 0xa0, 0x6, 0x0, 0x2}, &(0x7f0000000200))
ioctl$TIOCNXCL(r1, 0x540d)
r3 = dup3(r2, r0, 0x80000)
ioctl$KDSKBMETA(r3, 0x4b63, &(0x7f0000000240)=0x4)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000280)={{0x1, 0x1, 0x18, r4}, './file0\x00'})
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000002c0), 0x200000, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r5, 0x40806685, &(0x7f0000000400)={0x1, 0x3, 0x1000, 0x5, &(0x7f0000000300)="ec2d10149b", 0x85, 0x0, &(0x7f0000000340)="4d14f2b22a0620c9bb2c7cf186c0a84fdf8a8ab225faf74a400521055ffb4a3d312db162c6f7be2d57cbf9f404ddf2aba65f3b4e272247fbf5772fbe8cebfa452676dbf4e9f53b53f44481e730c8ba24a77e364eb4172ce3cd2d08e36f466cdf0a3a0fdcb244f1c19c5a8c368b3465cb3ac1e3946e49f8d9794652a9cfeeadc3a76a475485"})
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000480), 0x24d00, 0x0)
ioctl$EVIOCSABS0(r6, 0x401845c0, &(0x7f00000004c0)={0x81, 0x800, 0x8001, 0x1ff, 0x7, 0x2})
r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0)
ioctl$EVIOCGUNIQ(r7, 0x80404508, &(0x7f0000000540)=""/34)
ioctl$EVIOCGREP(r7, 0x80084503, &(0x7f0000000580)=""/87)

[   93.156699] audit: type=1400 audit(1763197064.303:7): avc:  denied  { execmem } for  pid=274 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
08:57:44 executing program 5:
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000000)={0x8}, 0x4)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0xffffffffffffffff}}, './file0\x00'})
ioctl$sock_bt_hci(r1, 0x400448e7, &(0x7f0000000080)="e57a7652ba739b3cec40f3c5d62cf1925fee8cff893530068bc84de1f2282385b69b23c548b561f5cdd4bfd2efd4bac4bf00f74ecb581e93943ba773042dd924d881bd70b5a1ae87e074b7cdd74213c25fad46707fa55264062a7ace06d90e509defcee5f3d9d2cbbf4ec5ff28a96bca9c618369b744966f9d22337313626133df154fbbfccc9fcc04cb807c4f6248becba49f0952dc65322f525f6767527976")
r2 = accept4$bt_l2cap(r1, &(0x7f0000000140)={0x1f, 0x0, @fixed}, &(0x7f0000000180)=0xe, 0x0)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000001c0))
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r2, 0x6628)
ioctl$BTRFS_IOC_BALANCE_CTL(r1, 0x40049421, 0x2)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = signalfd4(r3, &(0x7f0000000200)={[0x8e]}, 0x8, 0x800)
getsockopt$EBT_SO_GET_INFO(r4, 0x0, 0x80, &(0x7f0000000240)={'broute\x00', 0x0, 0x0, 0x0, [0x1ff, 0x6, 0x8, 0x2, 0x15, 0x1f]}, &(0x7f00000002c0)=0x78)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r2, 0x5000940a, &(0x7f0000000300)={{r5}, "c069d119bc2c03233ab74e37fbd99795ad1614835ceec38cb2987d5dc4d194a2bae8dd30f4c9b1102db74160fa432893cb3b0a61e2c1d573b16e57dba619e886a6adaa11e3dff5308eac3864120e0e0d9cb82e7605de2e276e2c50d5eb054ef960838bd07018c8859d1170f586a2d9f2d65369e2c99eb3b669a1bf9d4b4100f9908b5a3f3f2c251a4c982436971d7bf4760c32f6d69529b6e84111c0e49016c80c48872495fc8cf76bfde291588353e86915d6fdcab0298bb55b38b93985b0a3e23587119b8327642857cf5d3c85669b14da9d77f906ec036d7b7905b6b1190954d9d433db1efbe954163a4885d9231ac8597e66bc052519cfaeb8a09e26b525d634fa33e875d3588ccddf72651c45a3d2c57835084f7bbb492bf9c6fa3b10de0e335f9aeb5ac391ca4bd220901ff71323b86a44a05b79c7c7625827db7096e2066777f7a1d686ac9fa300b6ca321872bbd7b435d931c1e759b132ee0036d457c3feaefc4ac5b01dfc28f110d6e35419517f17200b188ccdb37735497743138e9485da4a56806c8af97d641f4a91b2809fe3ef606ab9fb2cf35be8c12565026ecd48d7f1459c955260540bae2268facd0ca3b72546c870a059cc30c2a6a83f4fb508e2dac94a2c79edfd19035ed98f02804767b763fbeb8eb7a1ce3fccbf1460a82adb6d2b4560d7f2d58de030be843235feb4693d51337dbdf5d29560e2d14a5e48daf1f7c9fef44ee502f5ed0263d8159368dcb5dbd1e328b6fd6e793be74385076b0ae6076db5525295773194cbb7f935801614c6dbb311c8a49f5b2ef224b5d20897dab3288c5a625e68d8aafca129589305c4a9f54800274783ef054dd8db8df17062dc54fb9ea7e82dc797cb816dd7810aeb0e5262b57a86b5e26a850e012eaf0be9bd28ba84f4d7308c9fd7dfca9fe6bc0b2cf41ef850580b383317592d4af4d33f5fea89d92bc0fbcf34729f27fcbfddd073c4047eb029f7b370625b519874283e0f4e0eb2c9c2b664809b16a21eebac797d01961aad9a65455ed21f8eda87a7e488153727dbd8655c48b38b6cda21b10355fc4918049571714686917abd224966c9499e7a9f872b19b3ca3a5f3446a5a12154b350869f3b7b9ea5450d9ca40360dc3ffa3bf8143af4dfd6fb1d237e6411d30bdb31cb584b294b9d1f91ce685b3410af2fca4c1029797f49ba7d3438c49d00cdf73b1203fc8f8dcfd2d5238c7c7b98018115e09aaca035a81f9d53c3f9bfdd989e26986ee268d875dab5cd726d64ae9f1cad889a16d5d97da8c66c7350676284f01cdc1cb3a12382de464196879292d893c1f807223d50a5d330e17fcd050047433a0b1ac032a38c359ed5f80aa28191c02d70c1ffda0789b3da68b98040cadc0185e81239fa780e2f9b7d68412ce507fa137fcce5f6f7de72027e3af260dfb508930f9cfdca5fb681d444cc674d98a85c9d24b3b7da6c14933531e26912d66aa26aab612ed358038043420f10efce9b42b0698afd140ba0258d755408fe4b6bf69c0937e1fa08407e26f890aaaa72aafeb0beac880aae7dd31e4637a6ad678d6c259de1710b4ac9a7035825308e9bf51cdd3d08f1fff265e4663e0041574d7b2a38134f14e787792e26085ea9012d93eaf0bb0fa07634906e0f35e486334061b1e55228f645c7fd337ace034d048fefdf537a45f45d9dc4ab37da475b3187dbd8ba087cf7278b2981602252e1aa5afce5eb2239e158fd25fa0d20dfe418f4e4473ab325a3695f168be28a73a23d698460f65d199fd9d257d9ce813a746e2103004b6c8a05180e500bbcf7517a524a698e34530b6c323dfede7d93219cdb119d270dc61b66283cc7652ca95a207860e41d6c2d62c6ae6e6ea69f2eee888df064b6ef4acecf5be72a2f00151c3891138392d2746e9329ae93ac5847aa9300a6bbc302462f1dcf913ff79041909d70f606080cadc8fa25d68529dc49fdc752e34e45a37c79838fa43873810b41611d9747b6234c4e43f4be839751a56d707d0c09c4b5490738eb1454223c78911896e3702cfdf67ca2758e817b67b393a14ed2872bf15677d4812d709acfc356c2f33309f1b955b51c2dd0aac7d5231c11bf42f8237d5a05a1baced8dac77f8d4392b81192cfd5c9fb7de708dcf755dbdb05c25aa03d1210bac25bb09e1b6509cd0746b4c4f9528ec856bee181ed3cc4567b998ea3994e133d10be729cb3769dc31d6cd2ca97cec5f66eb1f0a1cde5299bea54616a057f675c3fbd9e092407701b6d95eb7835bc2fc5c73a592dad3a077d18461c16a16f7238f3df2f67f024aff82ca80358e7b5fe0a89e324742972aaa374da9971b36edc9c532956c86beb5aec95ed25feaf2d798e8e2fcac5e8d61340ad888ee3c05a2d484c343ca98fe15018e2270bb98262d112e668e77368741e3f80234f95c9df6788ec3e3684d38de3213c43ee6468fa4776c7e711d6d8d004ae0f6f5d410408699ca3a6fed1d034cd1d3f532de9df8dfa7cd64a3ce710ab06c184f36af6e4f7cb0ec27a1a83abfba3df6bf5a1ae1a83076d588606e87962c03a55e31f6fcd7549b6537f4042a33f1e6fb1777f79c6d2306c3b35b880bc935ab6b802b30c7dbd722f55843dd22c418867046eb558c71e1e402f97966d8b5e7cde3c719536e4c0c148d318461624feb559c881d4516aaddba475f1beacfa11c18a0ac9cf101f031c26465149511e8492230359f8059e16358a0bc1cff5f65973e7ddfaa315497efdd576b95ecbda050ea453311b60582eee56f6dfe195f13a7551be9dea0dffb27fa0a3266077b4f9128e36862c5c4391d98d5e716812ced15436048a8891e0e27dd61bff5a93e11a3122455625818e534b5d5a273d50773da44a2a4817e332e6c5e5902b6c7960a1c49ca4f42067ec6199419d44f581363f9cf2b1f22093059258899ac821d6abcf24b36e5ed4d8c482927687fe461566bf51ddb2a99afcd4cc74ea3a131080004ad7ec6ec99483e147b8ef165e613528071d8d2a5f0ff36bd7d9e19be035b1d2942b8424f0368f8973881706b4993352e95530f256256ea07deaec63e88e712298d5dff6dc9366dfe4f98bd836f31736481f7d7865c3fd8405727448a9cbf3fd6674e17cc972d9d17843c410d0e70b05e28227ea7048bdcfca67e1362647d1baa033a1f9c1f6d2c3febd0984c79b8aea5f9c8669cff7dfcb1f2e2db6b53ad3fe28bee9232a8937bf5a710c06e6c54269f55adfabd33ae5dbbc9b989297d0cd32c855867235029a4504f8ac4e789ed5ee7fe144c0f489e94654e98680d3c9c90e1a60d935a056898d4d081f70ac9ff9a6b07e3422cca0d9e02e1f351d86d0174934dd9030df92798ace484b3477fb202c060c5be0d9c0797bad567b6a30e10d30cce78882cb0d2a7672453167a2c8af1392cf8167435f0404d32adc9646f73d72705906a872d0ec41d0ea26211c694b057c4e8ee1aae9112351144f1015091f58bfaf23ec2dbd8a1ca345a20bdf1656527a44b15312ff579992c017dc56e60c0abb3c4ba9bfc1b26aab6fddd3f4d242e37b2a3d6ac9d215d5df24035acd19b90e7d82a0df61d596f500aa39ee86ab302c72109be3c740d2b6bc30e7c665b1a0487899ae10c6349314ca139277732cc108a71914245d43024dc5a59bd2aff052cf000e17cbec51cd7b20e148f8e8e6989a62506563be31376b0b24241fca3f8013d8d2c38b484d2e2c2c8b7a5d5bd64754ed7e08d948c2c56050b4d976a1f05bc2f0a3b04f0040acda15eff3bf60b2174ccdbe987aa35f12bccefcdff98979747e38463de03b1c2486964ab1dadd5c5dfdc44d0bb0426fa4b8b5bb2439319d6a96dd69bd57752ecb58dc412bad714a3126754cd983fc212862f584e1824191e9ea7efe69a189a189cb22aac7cb768a38f660eb2fa1cf2d61305597d3c66266f5dab95b211afe30b1face6bfc3a4de44f012dfafa05a35f599b6874f3e2b97aa997a1548c6456a0114bf98140b7ae71b783ca9f841e5983045d7bab49b8bf45e7623b4813d61b2f06000ace29636d39dab16b8677e7c3cc1ceca94d98fd32bbe4c1584c7490edf6f091dc182a0ae50da9756eb77e97c52e28ebc7c41d112e290910aa74f13ddbe308c959fc02511576dedaa33564a5d9e98701c39b70c78929c131ada6f439d02ced60c5ed6c8c98821f24fd6c690a8015fd52a6cc6738abf4a591da547eeb42bcf9730101f09b3452c971a238499617eea979ae57ab5c8e7f7afe0dfecfa59126979ba727ec844af0a57bbaff65ad018da65cf5fe410ec3b4fda84f6693a172bb6e321a7bb9ef2fad6c7229473ccc040f54030f1d7b11436d3d0fb151e728c22e7cfde10a80d2f90fcc23dc52a79f64ae3aa40c105e979dba7c72bf164943e00bedb0cd587f3e8b0129628c79b3dda83004e6240e29f77c274858340c66d9bc59c21c97e23c1ea963e856d1f42f3bd0bfacadc1c4df90bc8556210f1cc844cc5843f2fe5a3c913ef031b02abf994e81dd30cd6ef5cfb2426845dee8bb0150f6a765a8e20b9458ae21c42482130ab26b0898f884e90d37cb1996f7f7c1f7b257af412ade202ac30ff3499310e22ec7ae081d4927db78918b9014ba14538849d7c4c8be68a2170c0ea6cc48bda6787205a3e26597872075fdbe6fddc2f8dfa1c926143da7a7d91e6b20b1c1f65b16d610177424ee3eb5eb8c994449dbe69fb2fad06830453acbed5b7593b35c8bd4e349eb907281c38dc163e3fa4b2245f43140ee795c4ed3dcd521d5b1dc5eeeb81870423c4347a01ee1a580dce2bdae94b20d5a2bd351204877dccc2975522f11093916f42b918ac5f59952fb8aaa5e5986dce20aa62e027b8d02730820c1933b21c7d0b6be9e4812fbd625526df93d95b57d88dd3a9b98593deb1d1ab16560a2c41d12930ef67b09c71492e21d70f6a3f7a95b9a7511aef4f245758f04af7558bde0809a09effc3258ec1803f40801200aaab6d177452a2d8d086a6ab7f078f862335ec58c59d86aa036cfd879efb2e0499ff204a7530413b9f81ce36c4a2b0260b6c779bb0a0edf841311b18b1675465993098a7625ded9e93d560ae781247db7a0a3491787f196596cd674a1b22b316509e08638996d47d7b1085eb44a88f3f5bfe74b6f5b8fe2a0891f7d0043f18f2ad3df7556be01904e8f11f3052afa7a99c1615d3af1cd328ce41adbdbc73a58d438b513d636115cbf056676d7dc52fdbe34168616b78d9918487ee6c8370ad61b2db58184171d869efdff88dfe6ac1b3de5826e0248c590d56433754ebdcb3a5e1ddf2f2bf1329ab32afde9b412a03274b755095c39f03fb0789b979e2078b92516247399632b8d71481dc82db3a250a1e8db83406c14dc6ff64d495373f1c9ee099806a898ee3118c2faf45a8cfa644b5137eb8891603bdfd28e14da2d41dd5a0ff8f157db34d1ee775da4c26e453cf562b152b2519e70657951101f3a0a6e547b6961b2ba9ffda500381f31482a9e3609ec461dbfb9e2459621e621ad2a29bd1cd424f21734ae4dc03ae1745b5ac8a0414803639573ec1de8d35aceecc9ac75692a92a274bcba8d0278ce37679c1da1bfc8279499c3d3c0a200b1981dd1833eacae73d5ea9462bbeef95b44b6ef22475e69f9c92436fe2b1ed9e2468d7b5e29971156c023913c6ca28ea9c87dcfd57374120bc0b5b7283305268794126b260f57c1fb385eb47e412481bc58315c9a81f6cce212e1762764969a8ac16b4957ce29c6151fd9c551c88c10ffaeb415b6e6019da6"})
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000001300)=0x2, 0x4)
r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000001340), 0x280, 0x0)
connect$bt_l2cap(r6, &(0x7f0000001380)={0x1f, 0x5, @any, 0x5}, 0xe)
r7 = signalfd4(r2, &(0x7f00000013c0)={[0x1]}, 0x8, 0x400)
getsockname$netlink(r7, &(0x7f0000001400), &(0x7f0000001440)=0xc)
r8 = openat$hpet(0xffffffffffffff9c, &(0x7f0000001480), 0x400800, 0x0)
setsockopt$bt_l2cap_L2CAP_CONNINFO(r8, 0x6, 0x2, &(0x7f00000014c0)={0x7f, "b2411a"}, 0x6)

08:57:44 executing program 6:
sendto(0xffffffffffffffff, &(0x7f0000000000)="4a8a9ed1a7e5fc3a94", 0x9, 0x22008000, &(0x7f0000000040)=@hci={0x1f, 0x1, 0x3}, 0x80)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x800, 0x14e)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000100)={0x3, 'veth1_to_hsr\x00', {0x1}, 0x1})
sendfile(r0, r0, 0x0, 0xfe9)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/attr/exec\x00', 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>r1}, './file0\x00'})
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000200), 0x608080, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r3, 0xc0189375, &(0x7f0000000240)={{0x1, 0x1, 0x18, r4}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f0000000280)={{0x1, 0x1, 0x18, r4, {0x101}}, './file0\x00'})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x101100, 0x21)
r6 = openat$random(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r7 = openat(r2, &(0x7f0000000340)='./file0\x00', 0x80080, 0x7a)
ioctl$FIDEDUPERANGE(r3, 0xc0189436, &(0x7f0000000380)={0x1000, 0x7fff, 0x3, 0x0, 0x0, [{{r5}, 0x8}, {{r6}, 0xffffffffffffffff}, {{r7}, 0x40}]})
syz_open_dev$rtc(&(0x7f0000000400), 0xfff, 0x14080)
recvmmsg$unix(r4, &(0x7f0000000600)=[{{&(0x7f0000000440), 0x6e, &(0x7f0000000580)=[{&(0x7f00000004c0)=""/139, 0x8b}], 0x1, &(0x7f00000005c0)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}], 0x1, 0x10003, &(0x7f0000000640))
ioctl$RTC_SET_TIME(r8, 0x4024700a, &(0x7f0000000680)={0x22, 0x3a, 0x4, 0x6, 0xb, 0x101, 0x0, 0x21, 0x1})
r9 = openat$cgroup_freezer_state(r4, &(0x7f00000006c0), 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r4, 0xc018937a, &(0x7f0000000700)={{0x1, 0x1, 0x18, r9, {0x4}}, './file0\x00'})
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000780)='/usr/sbin/cups-browsed\x00', 0x17)

[   94.368562] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   94.370715] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   94.373095] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   94.375903] ==================================================================
[   94.377224] BUG: KASAN: slab-use-after-free in hci_cmd_work+0x66d/0x6d0
[   94.378442] Read of size 2 at addr ffff88800d0c7038 by task kworker/u11:2/293
[   94.381246] 
[   94.382314] CPU: 0 UID: 0 PID: 293 Comm: kworker/u11:2 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) 
[   94.382350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   94.382367] Workqueue: hci0 hci_cmd_work
[   94.382401] Call Trace:
[   94.382411]  <TASK>
[   94.382420]  dump_stack_lvl+0xca/0x120
[   94.382452]  print_report+0xcb/0x610
[   94.382484]  ? __virt_addr_valid+0x100/0x5d0
[   94.382513]  ? hci_cmd_work+0x66d/0x6d0
[   94.382544]  ? hci_cmd_work+0x66d/0x6d0
[   94.382576]  kasan_report+0xca/0x100
[   94.382607]  ? hci_cmd_work+0x66d/0x6d0
[   94.382642]  hci_cmd_work+0x66d/0x6d0
[   94.382675]  process_one_work+0x8e1/0x19c0
[   94.382717]  ? __pfx_process_one_work+0x10/0x10
[   94.382753]  ? move_linked_works+0x172/0x270
[   94.382780]  ? assign_work+0x196/0x240
[   94.382816]  worker_thread+0x67e/0xe90
[   94.382850]  ? trace_irq_enable.constprop.0+0xc2/0x100
[   94.382880]  ? __pfx_worker_thread+0x10/0x10
[   94.383056]  kthread+0x3c8/0x740
[   94.383091]  ? __pfx_kthread+0x10/0x10
[   94.383122]  ? ret_from_fork+0x79/0x7a0
[   94.383146]  ? lock_release+0xc8/0x290
[   94.383184]  ? __pfx_kthread+0x10/0x10
[   94.383216]  ret_from_fork+0x67a/0x7a0
[   94.383241]  ? __pfx_ret_from_fork+0x10/0x10
[   94.383276]  ? __switch_to+0x759/0x1060
[   94.383310]  ? __pfx_kthread+0x10/0x10
[   94.383346]  ret_from_fork_asm+0x1a/0x30
[   94.383391]  </TASK>
[   94.383399] 
[   94.408584] Allocated by task 290:
[   94.409227]  kasan_save_stack+0x24/0x50
[   94.409962]  kasan_save_track+0x14/0x30
[   94.410675]  __kasan_slab_alloc+0x59/0x70
[   94.411432]  kmem_cache_alloc_node_noprof+0x228/0x6b0
[   94.412404]  __alloc_skb+0x2ab/0x370
[   94.413116]  hci_cmd_sync_alloc+0x34/0x300
[   94.413922]  __hci_cmd_sync_sk+0xf7/0x5c0
[   94.414703]  hci_read_buffer_size_sync+0x2c/0x170
[   94.415610]  hci_dev_open_sync+0x1874/0x1f60
[   94.416442]  hci_power_on+0xdb/0x5d0
[   94.417160]  process_one_work+0x8e1/0x19c0
[   94.417969]  worker_thread+0x67e/0xe90
[   94.418707]  kthread+0x3c8/0x740
[   94.419358]  ret_from_fork+0x67a/0x7a0
[   94.420103]  ret_from_fork_asm+0x1a/0x30
[   94.420875] 
[   94.421201] Freed by task 292:
[   94.421787]  kasan_save_stack+0x24/0x50
[   94.422525]  kasan_save_track+0x14/0x30
[   94.423270]  kasan_save_free_info+0x3a/0x60
[   94.424088]  __kasan_slab_free+0x43/0x70
[   94.424853]  kmem_cache_free+0x26f/0x500
[   94.425625]  kfree_skbmem+0x18a/0x1f0
[   94.426346]  sk_skb_reason_drop+0x10e/0x1b0
[   94.427148]  vhci_read+0x3d5/0x5d0
[   94.427837]  vfs_read+0x1eb/0xc70
[   94.428494]  ksys_read+0x121/0x240
[   94.429163]  do_syscall_64+0xbf/0x430
[   94.429884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.430825] 
[   94.431147] The buggy address belongs to the object at ffff88800d0c7000
[   94.431147]  which belongs to the cache skbuff_head_cache of size 232
[   94.433490] The buggy address is located 56 bytes inside of
[   94.433490]  freed 232-byte region [ffff88800d0c7000, ffff88800d0c70e8)
[   94.435644] 
[   94.435995] The buggy address belongs to the physical page:
[   94.436846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xd0c7
[   94.437991] memcg:ffff88800d243181
[   94.438512] anon flags: 0x100000000000000(node=0|zone=1)
[   94.439295] page_type: f5(slab)
[   94.439812] raw: 0100000000000000 ffff8880096c78c0 0000000000000000 dead000000000001
[   94.440931] raw: 0000000000000000 00000000000c000c 00000000f5000000 ffff88800d243181
[   94.442030] page dumped because: kasan: bad access detected
[   94.442835] 
[   94.443096] Memory state around the buggy address:
[   94.443825]  ffff88800d0c6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   94.444869]  ffff88800d0c6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   94.445912] >ffff88800d0c7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.446968]                                         ^
[   94.447730]  ffff88800d0c7080: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[   94.448785]  ffff88800d0c7100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   94.449832] ==================================================================
[   94.451018] Disabling lock debugging due to kernel taint
[   94.454867] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   94.458273] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   94.459531] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   94.459879] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   94.461558] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   94.463222] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   94.464301] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   94.490201] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   94.499404] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   94.500778] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   94.502942] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   94.529288] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   94.555738] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   94.562563] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   94.564721] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   94.566789] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   94.568807] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   94.570056] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   94.571838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   94.575704] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   94.581599] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   94.586675] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   94.589805] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   94.591206] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   94.592564] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   94.596442] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   94.599190] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   94.602583] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   94.603581] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   94.620478] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   94.623677] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   94.626810] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   94.630389] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   94.633717] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   94.634773] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   94.640643] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   94.643672] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   96.527247] Bluetooth: hci1: command tx timeout
[   96.527282] Bluetooth: hci0: command tx timeout
[   96.591655] Bluetooth: hci2: command tx timeout
[   96.655178] Bluetooth: hci5: command tx timeout
[   96.655194] Bluetooth: hci3: command tx timeout
[   96.721144] Bluetooth: hci6: command tx timeout
[   96.721178] Bluetooth: hci4: command tx timeout
[   96.721578] Bluetooth: hci7: command tx timeout
[   98.574209] Bluetooth: hci0: command tx timeout
[   98.574226] Bluetooth: hci1: command tx timeout
[   98.638266] Bluetooth: hci2: command tx timeout
[   98.702174] Bluetooth: hci5: command tx timeout
[   98.702200] Bluetooth: hci3: command tx timeout
[   98.766266] Bluetooth: hci7: command tx timeout
[   98.767209] Bluetooth: hci4: command tx timeout
[   98.767446] Bluetooth: hci6: command tx timeout
[  100.622242] Bluetooth: hci0: command tx timeout
[  100.622383] Bluetooth: hci1: command tx timeout
[  100.687203] Bluetooth: hci2: command tx timeout
[  100.750229] Bluetooth: hci3: command tx timeout
[  100.750335] Bluetooth: hci5: command tx timeout
[  100.814330] Bluetooth: hci4: command tx timeout
[  100.814659] Bluetooth: hci7: command tx timeout
[  100.815519] Bluetooth: hci6: command tx timeout
[  102.671252] Bluetooth: hci1: command tx timeout
[  102.671402] Bluetooth: hci0: command tx timeout
[  102.734205] Bluetooth: hci2: command tx timeout
[  102.799187] Bluetooth: hci5: command tx timeout
[  102.799953] Bluetooth: hci3: command tx timeout
[  102.862243] Bluetooth: hci7: command tx timeout
[  102.862389] Bluetooth: hci4: command tx timeout
[  102.863252] Bluetooth: hci6: command tx timeout

VM DIAGNOSIS:
08:57:45  Registers:
info registers vcpu 0
RAX=0000000080000001 RBX=ffff88801b397108 RCX=ffffffff84c44de5 RDX=ffff8880161e1bc0
RSI=0000000000000000 RDI=0000000000000001 RBP=ffffffff8855de74 RSP=ffff88801b397080
R8 =0000000000000001 R9 =ffffed1003672e21 R10=0000000000000030 R11=0000000000000001
R12=0000000000000030 R13=0000000000000017 R14=dffffc0000000000 R15=ffff88801b3970f0
RIP=ffffffff81752d57 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e538f000 00000000 00000000
LDT=0000 fffffe4400000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9da73ef408 CR3=000000000c068000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffffffffffffffffffff XMM01=000000000000000000004e4f49544341
XMM02=ffffffffffffffff00000000000000ff XMM03=696e656420737365636341002f737973
XMM04=0000000200000000000055850b76f240 XMM05=00000000000000000000000000000000
XMM06=000055850b7be32000000000ffffffff XMM07=00000000000000000000000000000000
XMM08=000000000000003000000000000002e0 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=dffffc0000000000 RBX=ffff888009557258 RCX=ffff8880095571ac RDX=1ffff110012aae56
RSI=ffffffff85e1fd40 RDI=ffff888009557258 RBP=ffff8880095572b0 RSP=ffff888009557240
R8 =ffffffff86ab71b8 R9 =ffff888009557298 R10=000000000003ca6e R11=0000000000025583
R12=ffff888009557320 R13=0000000000000000 R14=ffff888009548000 R15=0000000000092cc0
RIP=ffffffff8135f18e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f2736689900 00000000 00000000
GS =0000 ffff8880e548f000 00000000 00000000
LDT=0000 fffffe4500000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f8edd1b4220 CR3=000000000c068000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffffffffffffffffffff XMM01=30306234386136303638616663356134
XMM02=38303062343861363036386166633561 XMM03=2f6c616e72756f6a2f676f6c2f6e7572
XMM04=20876aad4bcf3b6e000000000012e918 XMM05=d3fdd5f48436fbd700000000000aead0
XMM06=3a3608f04cf507e600000000000ae988 XMM07=00000000000000000000000000000000
XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000
XMM10=20200000000020202020202020200000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000