Warning: Permanently added '[localhost]:35221' (ECDSA) to the list of known hosts.
2025/11/15 12:09:07 fuzzer started
2025/11/15 12:09:08 dialing manager at localhost:37161
syzkaller login: [   50.409119] cgroup: Unknown subsys name 'net'
[   50.479377] cgroup: Unknown subsys name 'cpuset'
[   50.494839] cgroup: Unknown subsys name 'rlimit'
2025/11/15 12:09:18 syscalls: 2214
2025/11/15 12:09:18 code coverage: enabled
2025/11/15 12:09:18 comparison tracing: enabled
2025/11/15 12:09:18 extra coverage: enabled
2025/11/15 12:09:18 setuid sandbox: enabled
2025/11/15 12:09:18 namespace sandbox: enabled
2025/11/15 12:09:18 Android sandbox: enabled
2025/11/15 12:09:18 fault injection: enabled
2025/11/15 12:09:18 leak checking: enabled
2025/11/15 12:09:18 net packet injection: enabled
2025/11/15 12:09:18 net device setup: enabled
2025/11/15 12:09:18 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/11/15 12:09:18 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/11/15 12:09:18 USB emulation: enabled
2025/11/15 12:09:18 hci packet injection: enabled
2025/11/15 12:09:18 wifi device emulation: enabled
2025/11/15 12:09:18 802.15.4 emulation: enabled
2025/11/15 12:09:18 fetching corpus: 50, signal 14509/16411 (executing program)
2025/11/15 12:09:18 fetching corpus: 100, signal 27005/30566 (executing program)
2025/11/15 12:09:19 fetching corpus: 150, signal 42424/47458 (executing program)
2025/11/15 12:09:19 fetching corpus: 200, signal 46991/53592 (executing program)
2025/11/15 12:09:19 fetching corpus: 250, signal 53724/61696 (executing program)
2025/11/15 12:09:19 fetching corpus: 300, signal 62262/71434 (executing program)
2025/11/15 12:09:19 fetching corpus: 350, signal 69580/79895 (executing program)
2025/11/15 12:09:19 fetching corpus: 400, signal 73885/85400 (executing program)
2025/11/15 12:09:19 fetching corpus: 450, signal 77106/89826 (executing program)
2025/11/15 12:09:19 fetching corpus: 500, signal 80922/94802 (executing program)
2025/11/15 12:09:20 fetching corpus: 550, signal 82974/98095 (executing program)
2025/11/15 12:09:20 fetching corpus: 600, signal 87249/103376 (executing program)
2025/11/15 12:09:20 fetching corpus: 650, signal 89979/107211 (executing program)
2025/11/15 12:09:20 fetching corpus: 700, signal 91294/109759 (executing program)
2025/11/15 12:09:20 fetching corpus: 750, signal 92754/112377 (executing program)
2025/11/15 12:09:20 fetching corpus: 800, signal 94321/115068 (executing program)
2025/11/15 12:09:20 fetching corpus: 850, signal 96348/118079 (executing program)
2025/11/15 12:09:20 fetching corpus: 900, signal 98122/120881 (executing program)
2025/11/15 12:09:20 fetching corpus: 950, signal 100782/124415 (executing program)
2025/11/15 12:09:20 fetching corpus: 1000, signal 102446/127091 (executing program)
2025/11/15 12:09:21 fetching corpus: 1050, signal 104363/129955 (executing program)
2025/11/15 12:09:21 fetching corpus: 1100, signal 106230/132740 (executing program)
2025/11/15 12:09:21 fetching corpus: 1150, signal 107698/135207 (executing program)
2025/11/15 12:09:21 fetching corpus: 1200, signal 109603/137947 (executing program)
2025/11/15 12:09:21 fetching corpus: 1250, signal 111451/140650 (executing program)
2025/11/15 12:09:21 fetching corpus: 1300, signal 113275/143277 (executing program)
2025/11/15 12:09:21 fetching corpus: 1350, signal 116659/147166 (executing program)
2025/11/15 12:09:21 fetching corpus: 1400, signal 118164/149553 (executing program)
2025/11/15 12:09:21 fetching corpus: 1450, signal 120784/152751 (executing program)
2025/11/15 12:09:21 fetching corpus: 1500, signal 122300/155050 (executing program)
2025/11/15 12:09:22 fetching corpus: 1550, signal 123196/156826 (executing program)
2025/11/15 12:09:22 fetching corpus: 1600, signal 124506/158906 (executing program)
2025/11/15 12:09:22 fetching corpus: 1650, signal 125836/160984 (executing program)
2025/11/15 12:09:22 fetching corpus: 1700, signal 127315/163154 (executing program)
2025/11/15 12:09:22 fetching corpus: 1750, signal 128516/165130 (executing program)
2025/11/15 12:09:22 fetching corpus: 1800, signal 129757/167067 (executing program)
2025/11/15 12:09:22 fetching corpus: 1850, signal 131739/169567 (executing program)
2025/11/15 12:09:22 fetching corpus: 1900, signal 132689/171261 (executing program)
2025/11/15 12:09:22 fetching corpus: 1950, signal 133498/172832 (executing program)
2025/11/15 12:09:22 fetching corpus: 2000, signal 134839/174806 (executing program)
2025/11/15 12:09:22 fetching corpus: 2050, signal 135487/176206 (executing program)
2025/11/15 12:09:23 fetching corpus: 2100, signal 136542/177915 (executing program)
2025/11/15 12:09:23 fetching corpus: 2150, signal 137723/179672 (executing program)
2025/11/15 12:09:23 fetching corpus: 2200, signal 138425/181116 (executing program)
2025/11/15 12:09:23 fetching corpus: 2250, signal 139633/182895 (executing program)
2025/11/15 12:09:23 fetching corpus: 2300, signal 140392/184414 (executing program)
2025/11/15 12:09:23 fetching corpus: 2350, signal 141583/186133 (executing program)
2025/11/15 12:09:23 fetching corpus: 2400, signal 142430/187623 (executing program)
2025/11/15 12:09:23 fetching corpus: 2450, signal 143978/189519 (executing program)
2025/11/15 12:09:23 fetching corpus: 2500, signal 144897/191033 (executing program)
2025/11/15 12:09:23 fetching corpus: 2550, signal 145617/192386 (executing program)
2025/11/15 12:09:23 fetching corpus: 2600, signal 146226/193650 (executing program)
2025/11/15 12:09:24 fetching corpus: 2650, signal 147473/195321 (executing program)
2025/11/15 12:09:24 fetching corpus: 2700, signal 148725/196955 (executing program)
2025/11/15 12:09:24 fetching corpus: 2750, signal 149955/198566 (executing program)
2025/11/15 12:09:24 fetching corpus: 2800, signal 151002/200022 (executing program)
2025/11/15 12:09:24 fetching corpus: 2850, signal 151571/201190 (executing program)
2025/11/15 12:09:24 fetching corpus: 2900, signal 152200/202464 (executing program)
2025/11/15 12:09:24 fetching corpus: 2950, signal 152632/203546 (executing program)
2025/11/15 12:09:24 fetching corpus: 3000, signal 153065/204628 (executing program)
2025/11/15 12:09:24 fetching corpus: 3050, signal 154027/206037 (executing program)
2025/11/15 12:09:24 fetching corpus: 3100, signal 155058/207424 (executing program)
2025/11/15 12:09:25 fetching corpus: 3150, signal 155558/208528 (executing program)
2025/11/15 12:09:25 fetching corpus: 3200, signal 156274/209765 (executing program)
2025/11/15 12:09:25 fetching corpus: 3250, signal 156932/210947 (executing program)
2025/11/15 12:09:25 fetching corpus: 3300, signal 158290/212474 (executing program)
2025/11/15 12:09:25 fetching corpus: 3350, signal 158889/213622 (executing program)
2025/11/15 12:09:25 fetching corpus: 3400, signal 159638/214825 (executing program)
2025/11/15 12:09:25 fetching corpus: 3450, signal 160321/215973 (executing program)
2025/11/15 12:09:25 fetching corpus: 3500, signal 160871/217062 (executing program)
2025/11/15 12:09:25 fetching corpus: 3550, signal 161428/218138 (executing program)
2025/11/15 12:09:26 fetching corpus: 3600, signal 162008/219186 (executing program)
2025/11/15 12:09:26 fetching corpus: 3650, signal 162820/220352 (executing program)
2025/11/15 12:09:26 fetching corpus: 3700, signal 163396/221378 (executing program)
2025/11/15 12:09:26 fetching corpus: 3750, signal 163930/222433 (executing program)
2025/11/15 12:09:26 fetching corpus: 3800, signal 164644/223539 (executing program)
2025/11/15 12:09:26 fetching corpus: 3850, signal 165055/224443 (executing program)
2025/11/15 12:09:26 fetching corpus: 3900, signal 165726/225480 (executing program)
2025/11/15 12:09:26 fetching corpus: 3950, signal 166176/226428 (executing program)
2025/11/15 12:09:26 fetching corpus: 4000, signal 166711/227436 (executing program)
2025/11/15 12:09:27 fetching corpus: 4050, signal 167339/228495 (executing program)
2025/11/15 12:09:27 fetching corpus: 4100, signal 168157/229602 (executing program)
2025/11/15 12:09:27 fetching corpus: 4150, signal 168915/230634 (executing program)
2025/11/15 12:09:27 fetching corpus: 4200, signal 169590/231659 (executing program)
2025/11/15 12:09:27 fetching corpus: 4250, signal 170205/232670 (executing program)
2025/11/15 12:09:27 fetching corpus: 4300, signal 170565/233563 (executing program)
2025/11/15 12:09:27 fetching corpus: 4350, signal 171405/234585 (executing program)
2025/11/15 12:09:27 fetching corpus: 4400, signal 171870/235477 (executing program)
2025/11/15 12:09:28 fetching corpus: 4450, signal 172435/236406 (executing program)
2025/11/15 12:09:28 fetching corpus: 4500, signal 172915/237340 (executing program)
2025/11/15 12:09:28 fetching corpus: 4550, signal 173438/238175 (executing program)
2025/11/15 12:09:28 fetching corpus: 4600, signal 173939/239054 (executing program)
2025/11/15 12:09:28 fetching corpus: 4650, signal 174541/239940 (executing program)
2025/11/15 12:09:28 fetching corpus: 4700, signal 174979/240752 (executing program)
2025/11/15 12:09:28 fetching corpus: 4750, signal 175321/241562 (executing program)
2025/11/15 12:09:28 fetching corpus: 4800, signal 175856/242403 (executing program)
2025/11/15 12:09:28 fetching corpus: 4850, signal 176521/243312 (executing program)
2025/11/15 12:09:28 fetching corpus: 4900, signal 176891/244054 (executing program)
2025/11/15 12:09:29 fetching corpus: 4950, signal 177372/244837 (executing program)
2025/11/15 12:09:29 fetching corpus: 5000, signal 177928/245667 (executing program)
2025/11/15 12:09:29 fetching corpus: 5050, signal 178393/246446 (executing program)
2025/11/15 12:09:29 fetching corpus: 5100, signal 178921/247204 (executing program)
2025/11/15 12:09:29 fetching corpus: 5150, signal 179295/247983 (executing program)
2025/11/15 12:09:29 fetching corpus: 5200, signal 179624/248748 (executing program)
2025/11/15 12:09:29 fetching corpus: 5250, signal 179971/249485 (executing program)
2025/11/15 12:09:29 fetching corpus: 5300, signal 180607/250299 (executing program)
2025/11/15 12:09:29 fetching corpus: 5350, signal 180941/251055 (executing program)
2025/11/15 12:09:29 fetching corpus: 5400, signal 181389/251835 (executing program)
2025/11/15 12:09:29 fetching corpus: 5450, signal 181855/252568 (executing program)
2025/11/15 12:09:30 fetching corpus: 5500, signal 182621/253371 (executing program)
2025/11/15 12:09:30 fetching corpus: 5550, signal 183235/254114 (executing program)
2025/11/15 12:09:30 fetching corpus: 5600, signal 184045/254908 (executing program)
2025/11/15 12:09:30 fetching corpus: 5650, signal 184636/255617 (executing program)
2025/11/15 12:09:30 fetching corpus: 5700, signal 185077/256329 (executing program)
2025/11/15 12:09:30 fetching corpus: 5750, signal 185745/257006 (executing program)
2025/11/15 12:09:30 fetching corpus: 5800, signal 186133/257679 (executing program)
2025/11/15 12:09:30 fetching corpus: 5850, signal 186536/258367 (executing program)
2025/11/15 12:09:30 fetching corpus: 5900, signal 186815/259014 (executing program)
2025/11/15 12:09:30 fetching corpus: 5950, signal 187209/259629 (executing program)
2025/11/15 12:09:31 fetching corpus: 6000, signal 187483/260284 (executing program)
2025/11/15 12:09:31 fetching corpus: 6050, signal 187903/260905 (executing program)
2025/11/15 12:09:31 fetching corpus: 6100, signal 188205/261502 (executing program)
2025/11/15 12:09:31 fetching corpus: 6150, signal 188598/262120 (executing program)
2025/11/15 12:09:31 fetching corpus: 6200, signal 188959/262742 (executing program)
2025/11/15 12:09:31 fetching corpus: 6250, signal 189399/263382 (executing program)
2025/11/15 12:09:31 fetching corpus: 6300, signal 189779/263988 (executing program)
2025/11/15 12:09:31 fetching corpus: 6350, signal 190228/264604 (executing program)
2025/11/15 12:09:31 fetching corpus: 6400, signal 190824/265203 (executing program)
2025/11/15 12:09:31 fetching corpus: 6450, signal 191151/265829 (executing program)
2025/11/15 12:09:32 fetching corpus: 6500, signal 191521/266440 (executing program)
2025/11/15 12:09:33 fetching corpus: 6550, signal 191893/267009 (executing program)
2025/11/15 12:09:33 fetching corpus: 6600, signal 192426/267624 (executing program)
2025/11/15 12:09:33 fetching corpus: 6650, signal 192783/268207 (executing program)
2025/11/15 12:09:33 fetching corpus: 6700, signal 193068/268773 (executing program)
2025/11/15 12:09:33 fetching corpus: 6750, signal 193423/269014 (executing program)
2025/11/15 12:09:33 fetching corpus: 6800, signal 193803/269014 (executing program)
2025/11/15 12:09:33 fetching corpus: 6850, signal 194163/269014 (executing program)
2025/11/15 12:09:33 fetching corpus: 6900, signal 194550/269014 (executing program)
2025/11/15 12:09:33 fetching corpus: 6950, signal 194827/269014 (executing program)
2025/11/15 12:09:34 fetching corpus: 7000, signal 195131/269014 (executing program)
2025/11/15 12:09:34 fetching corpus: 7050, signal 195456/269014 (executing program)
2025/11/15 12:09:34 fetching corpus: 7100, signal 195719/269014 (executing program)
2025/11/15 12:09:34 fetching corpus: 7150, signal 196109/269014 (executing program)
2025/11/15 12:09:34 fetching corpus: 7200, signal 196483/269014 (executing program)
2025/11/15 12:09:34 fetching corpus: 7250, signal 196778/269014 (executing program)
2025/11/15 12:09:34 fetching corpus: 7300, signal 197050/269014 (executing program)
2025/11/15 12:09:34 fetching corpus: 7350, signal 197353/269014 (executing program)
2025/11/15 12:09:34 fetching corpus: 7400, signal 197659/269014 (executing program)
2025/11/15 12:09:34 fetching corpus: 7450, signal 198033/269014 (executing program)
2025/11/15 12:09:35 fetching corpus: 7500, signal 198356/269024 (executing program)
2025/11/15 12:09:35 fetching corpus: 7550, signal 198567/269024 (executing program)
2025/11/15 12:09:35 fetching corpus: 7600, signal 198804/269024 (executing program)
2025/11/15 12:09:35 fetching corpus: 7650, signal 199187/269024 (executing program)
2025/11/15 12:09:35 fetching corpus: 7700, signal 199411/269024 (executing program)
2025/11/15 12:09:35 fetching corpus: 7750, signal 199881/269024 (executing program)
2025/11/15 12:09:35 fetching corpus: 7800, signal 200343/269024 (executing program)
2025/11/15 12:09:35 fetching corpus: 7850, signal 200647/269024 (executing program)
2025/11/15 12:09:35 fetching corpus: 7900, signal 200950/269024 (executing program)
2025/11/15 12:09:35 fetching corpus: 7950, signal 201315/269024 (executing program)
2025/11/15 12:09:35 fetching corpus: 8000, signal 201584/269024 (executing program)
2025/11/15 12:09:36 fetching corpus: 8050, signal 201910/269024 (executing program)
2025/11/15 12:09:36 fetching corpus: 8100, signal 202304/269034 (executing program)
2025/11/15 12:09:36 fetching corpus: 8150, signal 202614/269034 (executing program)
2025/11/15 12:09:36 fetching corpus: 8200, signal 202831/269034 (executing program)
2025/11/15 12:09:36 fetching corpus: 8250, signal 203072/269034 (executing program)
2025/11/15 12:09:36 fetching corpus: 8300, signal 203466/269035 (executing program)
2025/11/15 12:09:36 fetching corpus: 8350, signal 203725/269035 (executing program)
2025/11/15 12:09:36 fetching corpus: 8400, signal 204131/269035 (executing program)
2025/11/15 12:09:36 fetching corpus: 8450, signal 204478/269035 (executing program)
2025/11/15 12:09:36 fetching corpus: 8500, signal 204660/269035 (executing program)
2025/11/15 12:09:37 fetching corpus: 8550, signal 204954/269035 (executing program)
2025/11/15 12:09:37 fetching corpus: 8600, signal 205231/269035 (executing program)
2025/11/15 12:09:37 fetching corpus: 8650, signal 205495/269035 (executing program)
2025/11/15 12:09:37 fetching corpus: 8700, signal 205857/269035 (executing program)
2025/11/15 12:09:37 fetching corpus: 8750, signal 206280/269035 (executing program)
2025/11/15 12:09:37 fetching corpus: 8800, signal 206533/269035 (executing program)
2025/11/15 12:09:37 fetching corpus: 8850, signal 206965/269035 (executing program)
2025/11/15 12:09:37 fetching corpus: 8900, signal 207273/269035 (executing program)
2025/11/15 12:09:37 fetching corpus: 8950, signal 207641/269036 (executing program)
2025/11/15 12:09:38 fetching corpus: 9000, signal 207926/269036 (executing program)
2025/11/15 12:09:38 fetching corpus: 9050, signal 208264/269036 (executing program)
2025/11/15 12:09:38 fetching corpus: 9100, signal 208504/269036 (executing program)
2025/11/15 12:09:38 fetching corpus: 9150, signal 208788/269036 (executing program)
2025/11/15 12:09:38 fetching corpus: 9200, signal 209041/269036 (executing program)
2025/11/15 12:09:38 fetching corpus: 9250, signal 209445/269036 (executing program)
2025/11/15 12:09:38 fetching corpus: 9300, signal 209612/269037 (executing program)
2025/11/15 12:09:38 fetching corpus: 9350, signal 209860/269037 (executing program)
2025/11/15 12:09:38 fetching corpus: 9400, signal 210229/269037 (executing program)
2025/11/15 12:09:38 fetching corpus: 9450, signal 210499/269037 (executing program)
2025/11/15 12:09:39 fetching corpus: 9500, signal 211033/269037 (executing program)
2025/11/15 12:09:39 fetching corpus: 9550, signal 211253/269037 (executing program)
2025/11/15 12:09:39 fetching corpus: 9600, signal 211509/269037 (executing program)
2025/11/15 12:09:39 fetching corpus: 9650, signal 211665/269037 (executing program)
2025/11/15 12:09:39 fetching corpus: 9700, signal 211847/269037 (executing program)
2025/11/15 12:09:39 fetching corpus: 9750, signal 212120/269040 (executing program)
2025/11/15 12:09:39 fetching corpus: 9800, signal 213174/269040 (executing program)
2025/11/15 12:09:39 fetching corpus: 9850, signal 213439/269043 (executing program)
2025/11/15 12:09:39 fetching corpus: 9900, signal 213693/269043 (executing program)
2025/11/15 12:09:39 fetching corpus: 9950, signal 214021/269043 (executing program)
2025/11/15 12:09:40 fetching corpus: 10000, signal 214287/269043 (executing program)
2025/11/15 12:09:40 fetching corpus: 10050, signal 214878/269044 (executing program)
2025/11/15 12:09:40 fetching corpus: 10100, signal 215225/269044 (executing program)
2025/11/15 12:09:40 fetching corpus: 10150, signal 215502/269044 (executing program)
2025/11/15 12:09:40 fetching corpus: 10200, signal 215811/269044 (executing program)
2025/11/15 12:09:40 fetching corpus: 10250, signal 216035/269044 (executing program)
2025/11/15 12:09:40 fetching corpus: 10300, signal 216265/269044 (executing program)
2025/11/15 12:09:40 fetching corpus: 10350, signal 216513/269044 (executing program)
2025/11/15 12:09:40 fetching corpus: 10400, signal 216832/269044 (executing program)
2025/11/15 12:09:41 fetching corpus: 10450, signal 217181/269044 (executing program)
2025/11/15 12:09:41 fetching corpus: 10500, signal 217504/269044 (executing program)
2025/11/15 12:09:41 fetching corpus: 10550, signal 217778/269044 (executing program)
2025/11/15 12:09:41 fetching corpus: 10600, signal 218030/269046 (executing program)
2025/11/15 12:09:41 fetching corpus: 10650, signal 218233/269046 (executing program)
2025/11/15 12:09:41 fetching corpus: 10700, signal 218468/269046 (executing program)
2025/11/15 12:09:41 fetching corpus: 10750, signal 218719/269046 (executing program)
2025/11/15 12:09:41 fetching corpus: 10800, signal 219017/269046 (executing program)
2025/11/15 12:09:41 fetching corpus: 10850, signal 219353/269048 (executing program)
2025/11/15 12:09:41 fetching corpus: 10900, signal 219616/269048 (executing program)
2025/11/15 12:09:41 fetching corpus: 10950, signal 219884/269048 (executing program)
2025/11/15 12:09:42 fetching corpus: 11000, signal 220095/269048 (executing program)
2025/11/15 12:09:42 fetching corpus: 11050, signal 220385/269048 (executing program)
2025/11/15 12:09:42 fetching corpus: 11100, signal 220620/269048 (executing program)
2025/11/15 12:09:42 fetching corpus: 11150, signal 220864/269048 (executing program)
2025/11/15 12:09:42 fetching corpus: 11200, signal 221069/269048 (executing program)
2025/11/15 12:09:42 fetching corpus: 11250, signal 221254/269048 (executing program)
2025/11/15 12:09:42 fetching corpus: 11300, signal 221422/269048 (executing program)
2025/11/15 12:09:42 fetching corpus: 11350, signal 221754/269048 (executing program)
2025/11/15 12:09:42 fetching corpus: 11400, signal 221991/269048 (executing program)
2025/11/15 12:09:42 fetching corpus: 11450, signal 222254/269048 (executing program)
2025/11/15 12:09:42 fetching corpus: 11500, signal 222494/269048 (executing program)
2025/11/15 12:09:43 fetching corpus: 11550, signal 222710/269048 (executing program)
2025/11/15 12:09:43 fetching corpus: 11600, signal 222935/269048 (executing program)
2025/11/15 12:09:43 fetching corpus: 11650, signal 223210/269048 (executing program)
2025/11/15 12:09:43 fetching corpus: 11700, signal 223413/269048 (executing program)
2025/11/15 12:09:43 fetching corpus: 11750, signal 223623/269048 (executing program)
2025/11/15 12:09:43 fetching corpus: 11800, signal 223843/269048 (executing program)
2025/11/15 12:09:43 fetching corpus: 11850, signal 224015/269048 (executing program)
2025/11/15 12:09:43 fetching corpus: 11900, signal 224194/269048 (executing program)
2025/11/15 12:09:43 fetching corpus: 11950, signal 224414/269048 (executing program)
2025/11/15 12:09:43 fetching corpus: 12000, signal 224640/269048 (executing program)
2025/11/15 12:09:43 fetching corpus: 12050, signal 224833/269048 (executing program)
2025/11/15 12:09:44 fetching corpus: 12100, signal 225008/269048 (executing program)
2025/11/15 12:09:44 fetching corpus: 12150, signal 225200/269048 (executing program)
2025/11/15 12:09:44 fetching corpus: 12200, signal 225418/269049 (executing program)
2025/11/15 12:09:44 fetching corpus: 12250, signal 225757/269049 (executing program)
2025/11/15 12:09:44 fetching corpus: 12300, signal 225968/269049 (executing program)
2025/11/15 12:09:44 fetching corpus: 12350, signal 226291/269049 (executing program)
2025/11/15 12:09:44 fetching corpus: 12400, signal 226524/269049 (executing program)
2025/11/15 12:09:44 fetching corpus: 12450, signal 226723/269049 (executing program)
2025/11/15 12:09:44 fetching corpus: 12500, signal 226944/269050 (executing program)
2025/11/15 12:09:44 fetching corpus: 12550, signal 227142/269050 (executing program)
2025/11/15 12:09:45 fetching corpus: 12600, signal 227297/269050 (executing program)
2025/11/15 12:09:45 fetching corpus: 12650, signal 227456/269050 (executing program)
2025/11/15 12:09:45 fetching corpus: 12700, signal 227677/269050 (executing program)
2025/11/15 12:09:45 fetching corpus: 12750, signal 227937/269050 (executing program)
2025/11/15 12:09:45 fetching corpus: 12800, signal 228112/269050 (executing program)
2025/11/15 12:09:45 fetching corpus: 12850, signal 228306/269050 (executing program)
2025/11/15 12:09:45 fetching corpus: 12900, signal 228483/269050 (executing program)
2025/11/15 12:09:45 fetching corpus: 12950, signal 228682/269050 (executing program)
2025/11/15 12:09:45 fetching corpus: 13000, signal 228853/269050 (executing program)
2025/11/15 12:09:46 fetching corpus: 13050, signal 229115/269050 (executing program)
2025/11/15 12:09:46 fetching corpus: 13100, signal 229391/269050 (executing program)
2025/11/15 12:09:46 fetching corpus: 13150, signal 229694/269050 (executing program)
2025/11/15 12:09:46 fetching corpus: 13200, signal 229916/269050 (executing program)
2025/11/15 12:09:46 fetching corpus: 13250, signal 230204/269050 (executing program)
2025/11/15 12:09:46 fetching corpus: 13300, signal 230395/269050 (executing program)
2025/11/15 12:09:46 fetching corpus: 13350, signal 230573/269050 (executing program)
2025/11/15 12:09:46 fetching corpus: 13400, signal 230828/269050 (executing program)
2025/11/15 12:09:46 fetching corpus: 13450, signal 231049/269050 (executing program)
2025/11/15 12:09:46 fetching corpus: 13500, signal 231278/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 13550, signal 231454/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 13600, signal 231618/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 13650, signal 231773/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 13700, signal 231964/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 13750, signal 232124/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 13800, signal 232291/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 13850, signal 232516/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 13900, signal 232876/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 13950, signal 233045/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 14000, signal 233206/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 14050, signal 233323/269050 (executing program)
2025/11/15 12:09:47 fetching corpus: 14100, signal 233504/269050 (executing program)
2025/11/15 12:09:48 fetching corpus: 14150, signal 233683/269050 (executing program)
2025/11/15 12:09:48 fetching corpus: 14200, signal 233898/269050 (executing program)
2025/11/15 12:09:48 fetching corpus: 14250, signal 234125/269050 (executing program)
2025/11/15 12:09:48 fetching corpus: 14300, signal 234348/269050 (executing program)
2025/11/15 12:09:48 fetching corpus: 14350, signal 234560/269050 (executing program)
2025/11/15 12:09:48 fetching corpus: 14400, signal 234708/269050 (executing program)
2025/11/15 12:09:48 fetching corpus: 14450, signal 234884/269050 (executing program)
2025/11/15 12:09:48 fetching corpus: 14500, signal 235059/269050 (executing program)
2025/11/15 12:09:48 fetching corpus: 14550, signal 235305/269050 (executing program)
2025/11/15 12:09:49 fetching corpus: 14600, signal 235447/269050 (executing program)
2025/11/15 12:09:49 fetching corpus: 14650, signal 235678/269050 (executing program)
2025/11/15 12:09:49 fetching corpus: 14700, signal 235851/269050 (executing program)
2025/11/15 12:09:49 fetching corpus: 14750, signal 236018/269050 (executing program)
2025/11/15 12:09:49 fetching corpus: 14800, signal 236184/269050 (executing program)
2025/11/15 12:09:49 fetching corpus: 14850, signal 236357/269050 (executing program)
2025/11/15 12:09:49 fetching corpus: 14900, signal 236531/269050 (executing program)
2025/11/15 12:09:49 fetching corpus: 14950, signal 236653/269050 (executing program)
2025/11/15 12:09:49 fetching corpus: 15000, signal 236826/269050 (executing program)
2025/11/15 12:09:49 fetching corpus: 15050, signal 236971/269050 (executing program)
2025/11/15 12:09:49 fetching corpus: 15100, signal 237168/269050 (executing program)
2025/11/15 12:09:50 fetching corpus: 15150, signal 237366/269050 (executing program)
2025/11/15 12:09:50 fetching corpus: 15200, signal 237522/269050 (executing program)
2025/11/15 12:09:50 fetching corpus: 15250, signal 237723/269050 (executing program)
2025/11/15 12:09:50 fetching corpus: 15300, signal 237904/269050 (executing program)
2025/11/15 12:09:50 fetching corpus: 15350, signal 238168/269050 (executing program)
2025/11/15 12:09:50 fetching corpus: 15400, signal 238314/269050 (executing program)
2025/11/15 12:09:50 fetching corpus: 15450, signal 238480/269050 (executing program)
2025/11/15 12:09:50 fetching corpus: 15500, signal 238663/269050 (executing program)
2025/11/15 12:09:50 fetching corpus: 15550, signal 238831/269050 (executing program)
2025/11/15 12:09:50 fetching corpus: 15600, signal 239016/269050 (executing program)
2025/11/15 12:09:51 fetching corpus: 15650, signal 239162/269050 (executing program)
2025/11/15 12:09:51 fetching corpus: 15700, signal 239366/269050 (executing program)
2025/11/15 12:09:51 fetching corpus: 15750, signal 239574/269050 (executing program)
2025/11/15 12:09:51 fetching corpus: 15781, signal 239667/269053 (executing program)
2025/11/15 12:09:51 fetching corpus: 15781, signal 239667/269053 (executing program)
2025/11/15 12:09:53 starting 8 fuzzer processes
12:09:53 executing program 0:
ioctl$EVIOCSABS3F(0xffffffffffffffff, 0x401845ff, &(0x7f0000000000)={0xe8f, 0x5, 0xffffffff, 0x0, 0x3, 0x1000})
splice(0xffffffffffffffff, &(0x7f0000000040)=0x7, 0xffffffffffffffff, &(0x7f0000000080)=0x7f, 0x37, 0x2)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='personality\x00')
ioctl$EVIOCGNAME(r0, 0x80404506, &(0x7f0000000100)=""/17)
ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000140)=""/21)
r1 = syz_open_dev$evdev(&(0x7f0000000180), 0xfffffffffffffffd, 0x820000)
clock_gettime(0x0, &(0x7f00000001c0)={<r2=>0x0, <r3=>0x0})
write$evdev(r1, &(0x7f0000000200)=[{{r2, r3/1000+10000}, 0x0, 0x4, 0x7}, {{0x0, 0xea60}, 0x0, 0x2, 0x4}, {{0x0, 0x2710}, 0x16, 0x7ff, 0xfffffffd}, {{0x0, 0x2710}, 0x2, 0x1, 0x80000000}], 0x60)
r4 = openat$cgroup_freezer_state(r0, &(0x7f0000000280), 0x2, 0x0)
sendfile(r4, r0, &(0x7f00000002c0), 0x313)
ioctl$EVIOCGUNIQ(r0, 0x80404508, &(0x7f0000000300)=""/133)
ioctl$BTRFS_IOC_SCRUB(r4, 0xc400941b, &(0x7f00000003c0)={0x0, 0x9, 0x3ff, 0x1})
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$FS_IOC_SETVERSION(r5, 0x40087602, &(0x7f00000007c0)=0xf9e0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000800)='\x00', 0x0, r4)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r4, 0x40089413, &(0x7f0000000840)=0xfffffffffffffff7)
r6 = memfd_secret(0x80000)
ioctl$sock_inet_udp_SIOCINQ(r6, 0x541b, &(0x7f0000000880))
ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f00000008c0)=""/209)
ioctl$FS_IOC_GETFLAGS(r5, 0x80086601, &(0x7f00000009c0))

12:09:53 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000000))
r1 = accept(r0, &(0x7f0000000040)=@l2={0x1f, 0x0, @fixed}, &(0x7f00000000c0)=0x80)
setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f0000000100)={0x6, 0x4}, 0xc)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0xc, 0x7, 0x0, 0x1, [{0x8, 0x1, r1}]}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x5}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0xfffffffffffffc00}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x523}]}, 0x70}, 0x1, 0x0, 0x0, 0x8000}, 0x40008804)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x4, 0x70bd2c, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x2040000}, 0x20000000)
sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40200840}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x2c, 0x4, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x7}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000500), 0x10000, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r3, 0x8982, &(0x7f0000000540)={0x6, 'veth0_to_batadv\x00', {0xffd8}, 0x1f})
sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000007c0)={&(0x7f00000005c0)={0x1d0, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0xc0, 0x8, 0x0, 0x1, [{0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x77ef1946}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6e940e6f}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xba}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x741e9cf7}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x67009370}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x34137443}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x6c}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xc3}]}, {0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x32}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x97}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x38}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xe5383e4}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x5c}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x78}]}, {0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x2}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xfd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7a1ea478}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3bd5da1b}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x49bc08f9}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6328c21a}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x22}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_MLSCATLST={0xcc, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc028}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x216b}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3cd3}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x765f}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x794a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2ae7}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe75b}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xccc3}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe78d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1366}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2d1b552b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x524f}]}, {0x44, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7dfe24eb}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3dde}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5e7b74e5}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6b3}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5040e905}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x13cf}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xda0e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3ce5}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6c14}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x37a59c55}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x8840}, 0x20000000)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000880)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r1, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040000}, 0x40000)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000009c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x2000800}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x34, 0x0, 0x400, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_QOS_MAP={0x16, 0xc7, {[{0xff, 0x5}, {0xf2, 0x4}, {0x81, 0x2}, {0x9}, {0x2c, 0x3}], "c9c8bdf9fe294379"}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4040000)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r3, 0xf502, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000ac0)={0x2})
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000b40), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x3c, r6, 0x0, 0x70bd27, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @local}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4001}, 0x4004)

12:09:53 executing program 2:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
write$eventfd(r0, &(0x7f0000000000)=0xfffffffffffffff8, 0x8)
r1 = socket$inet(0x2, 0x4, 0x8)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000040)={0x0, ""/256, 0x0, 0x0, <r2=>0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, <r3=>0x0})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r1, 0xc0c89425, &(0x7f0000000240)={"7a8b2878d66ec9f8f6eeae84ce1f83e2", 0x0, r2, {0x0, 0x7}, {0x9, 0xffff}, 0x2, [0xfffffffffffffffc, 0x7, 0x8, 0x9, 0x400, 0x9, 0x0, 0x0, 0x200, 0x2, 0x4, 0x5, 0xffffffffffff5dfa, 0x8f65, 0x2, 0x8]})
r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000340), 0x22000, 0x0)
r5 = dup2(r0, r4)
r6 = syz_open_dev$sg(&(0x7f0000000380), 0x2, 0x10100)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r6, 0x81f8943c, &(0x7f00000003c0)={0x0, ""/256, 0x0, 0x0, <r7=>0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, <r8=>0x0})
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f00000005c0)=r5, 0x1)
setsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000600)={@initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010101, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r6, 0xc0c89425, &(0x7f0000000640)={"e6951c0b5ec0dc2aad8c4c35c1eb14ec", r3, r8, {0x7, 0xfff}, {0x1ff, 0x1}, 0x5, [0xfffffffffffffffb, 0x7, 0x8, 0x0, 0x5, 0x0, 0xfff, 0x20, 0x6, 0x1, 0x1, 0x6d, 0xff, 0x1, 0x0, 0x1]})
ioctl$BTRFS_IOC_START_SYNC(r1, 0x80089418, &(0x7f0000000740)=<r9=>0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(r6, 0x40089416, &(0x7f0000000780)=r9)
r10 = accept4$bt_l2cap(r0, &(0x7f0000000880)={0x1f, 0x0, @none}, &(0x7f00000008c0)=0xe, 0x800)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r6, 0xc0189377, &(0x7f0000000900)={{0x1, 0x1, 0x18, r10, {0x5, 0xd3}}, './file0\x00'})
ioctl$BTRFS_IOC_LOGICAL_INO(r6, 0xc0389424, &(0x7f0000000980)={0x3, 0x8, '\x00', 0x0, &(0x7f0000000940)=[0x0]})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r6, 0x5000943f, &(0x7f00000009c0)={{r4}, r7, 0x8, @unused=[0x4, 0x2, 0x1f, 0x100000001], @subvolid=0x6})
r11 = signalfd(r1, &(0x7f00000019c0)={[0x6]}, 0x8)
ioctl$SCSI_IOCTL_DOORLOCK(r11, 0x5380)

12:09:53 executing program 7:
fstat(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r2=>0x0, <r3=>0x0}, &(0x7f0000000200)=0xc)
fstat(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f00000002c0)={{}, {0x1, 0x3}, [{0x2, 0x6, 0xee01}, {0x2, 0x5, 0xffffffffffffffff}, {0x2, 0x6, r0}, {0x2, 0x5, 0xee00}], {0x4, 0x1}, [{0x8, 0x0, 0xffffffffffffffff}, {0x8, 0x4, 0xee01}, {0x8, 0x2, 0xee00}, {0x8, 0x4, 0xee01}, {0x8, 0x6, r1}, {0x8, 0x5, 0xee01}, {0x8, 0x3, 0xee01}, {0x8, 0x6, r3}, {0x8, 0x4, r4}, {0x8, 0x0, 0xffffffffffffffff}], {0x10, 0x1}, {0x20, 0x2}}, 0x94, 0x1)
newfstatat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x0, 0x800)
chdir(&(0x7f00000003c0)='./file0\x00')
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000480)={{0x1, 0x1, 0x18, <r5=>0xffffffffffffffff, {<r6=>r2, r1}}, './file0\x00'})
mount$cgroup(0x0, &(0x7f0000000400)='./file1\x00', &(0x7f0000000440), 0x8020, &(0x7f00000004c0)={[{}, {@clone_children}, {@name}, {@release_agent={'release_agent', 0x3d, './file0'}}, {@clone_children}], [{@fsuuid={'fsuuid', 0x3d, {[0x65, 0x62, 0x36, 0x35, 0x32, 0x37, 0x62, 0x65], 0x2d, [0x63, 0x63, 0x31, 0x35], 0x2d, [0x36, 0x64, 0x34, 0x30], 0x2d, [0x38, 0x64, 0x64, 0x34], 0x2d, [0x63, 0x33, 0x62, 0x35, 0x62, 0x0, 0x35, 0x36]}}}, {@fowner_lt={'fowner<', r6}}, {@obj_type={'obj_type', 0x3d, '^%}'}}, {@audit}, {@fowner_lt={'fowner<', r2}}, {@fowner_lt={'fowner<', r2}}, {@smackfsroot={'smackfsroot', 0x3d, 'system.posix_acl_access\x00'}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@dont_measure}]})
mkdir(&(0x7f0000000600)='./file1/file0\x00', 0x1b8)
ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f0000000640)={{0x1, 0x1, 0x18, <r7=>r5, {0x498}}, './file0\x00'})
chdir(&(0x7f0000000680)='./file1/file0\x00')
r8 = accept$inet(0xffffffffffffffff, &(0x7f0000000780)={0x2, 0x0, @multicast1}, &(0x7f00000007c0)=0x10)
r9 = eventfd(0x8)
r10 = epoll_create(0xfffffffd)
r11 = openat$zero(0xffffffffffffff9c, &(0x7f0000000900), 0x2600, 0x0)
r12 = pidfd_getfd(r7, r7, 0x0)
io_submit(0x0, 0x7, &(0x7f0000000cc0)=[&(0x7f0000000740)={0x0, 0x0, 0x0, 0x6, 0x7, r7, &(0x7f00000006c0)="1fa406e4ea02f461d226512e79df5655f8220ffb997a3bb2e53f2669c7afc8a3ad93eee99641a3f9e9b8ec38e795c3872565abbe92ab5b020cc02e5ca727b496c742583d3da340317e72db730940bd24879417a36d1463179398cc52cac63f6ff68e3fa60aa3dbd927b85fdb909e8f5ea0a277d1817a0212", 0x78, 0x2, 0x0, 0x1, r5}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x7, 0x85, r8, &(0x7f0000000800)="59bb4e0d22a7b80aa0b43e28bd9ef174f7a3bbde60693c94d35ea7038a80cec34d9bff8e07194b438e009530ec1786eb354b63e0f80793145a43768b58c5bacf70294c18287759101a18469afb58736bc947cb0fa9", 0x55, 0x1, 0x0, 0x3, r9}, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x1, 0xfffa, r10, &(0x7f00000008c0)="e24341c93e6befb6a4a9f02c769b56ff49e9bb0a90be", 0x16, 0x80, 0x0, 0x3, r11}, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x6, 0x1c0, r5, &(0x7f0000000980)="61134c78d298ba386b0c7cd52de63e844516cfb98caba65dd52cc2f850689c82467c43f91cba59f03d84e1de0166f403fabc62582dc12a40eb3c122103ff97add6a686e155ba02c84bb03bd02fcc6667a1565df8a283eaead07bc59d70db844239eacb75759ed2d7b2672601878eaf1199b14f750c298b4918268560c6e1da2b03f27f33ba5b9e4686cfcd6fa302d84413138f2c92fb4bc61192ca6cb0b4ac309d0eaa41bfa8633b9d0e58299d7e0b909a996173de00e66567caced216584e301e0ea2b7b30ae82dd034420fef926e1f47e6c3b342d8f9edac5a14cb2f740d7dca2bdfa098c4e7e0395e1af930fd7008ff8325cb3a", 0xf5, 0x5, 0x0, 0x3}, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x5, 0x2, r5, &(0x7f0000000ac0)="549ad54c876e0df630ecd7dc470736029026c00adb94e767311e7184d55133a9c8a664fa89fc0962d09d0367a49bedb1a28ff64e781e5763cfbd14267c659d38b365bd25d1ba9fbc361b47aba5fef05dda6dbdb786fef98b6edd339ae710520ab1e3a64b89d3b52f8a64e1a3d37492826e99e5ccb831a8f1584c123d2a", 0x7d, 0x8000, 0x0, 0x3, r12}, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x8, 0x6, r7, &(0x7f0000000b80), 0x0, 0x4609, 0x0, 0x2, r7}, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x5, 0x1000, 0xffffffffffffffff, &(0x7f0000000c00)="c9066126cf4b71389b8a1158fd0c87a4099c008064461df51ffb83ff22ae07352f00749723a0a7fe2650b69786d7da7c84f1f2f62b84e0fde1144dd5d69b6d65b6c019021d69d11254977897f10a9bf1f1f01d072921a35292847638abd3f58a464b6294f1746e9e4e59f95db43afb801bb4e55e1ab87cc512", 0x79, 0x6, 0x0, 0x1}])
chdir(&(0x7f0000000d00)='./file1\x00')
sendmmsg$inet(r7, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000d40)="766a5c16a1fc9a8ad94a0235f80d3adb8a131879ffafe1b797ebf9c7d1b6aad23a531c1557ecd3db5af0ddc8d4b9b552cb6a0f9751510423c486a454926f7369d88d9307dffaca017bfde045e1c0abe5caa61169f3b3fde34a026fe4ef995a168248e47119ea63c013507874596127f654612dd3ee8ff6048e81272ef930a0e4cf3be6e295ed2dbf5be924940801ca4e8da7cef3e854d182baa12e24c0be970afda6b6ee382fa077bda7eb20bd94909ac0c9d6b019c91d57bc7268a204c6b2b8c8a6fd", 0xc3}], 0x1, &(0x7f0000000e80)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x1}}, @ip_retopts={{0x34, 0x0, 0x7, {[@ra={0x94, 0x4}, @rr={0x7, 0x1f, 0x44, [@remote, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x3f}, @multicast1, @rand_addr=0x64010100]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x80}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x80}}], 0x1, 0x40000)

12:09:53 executing program 3:
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r1=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40109}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x64, r0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x64}, 0x1, 0x0, 0x0, 0x1}, 0x24004010)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xa590d491870843e}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, r0, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0x37}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x40)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f00000002c0), r2)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), r2)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000380)={'wpan1\x00', <r4=>0x0})
sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x24, r3, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x24}, 0x1, 0x0, 0x0, 0x2}, 0x8000)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000004c0), r2)
sendmsg$IEEE802154_ASSOCIATE_RESP(r5, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x68, r6, 0x4, 0x70bd28, 0x25dfdbfe, {}, [@IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa1}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x2f}, @IEEE802154_ATTR_STATUS={0x5}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa1}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0x300}}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa0}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xd55f}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000c0)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000600), r2)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r8, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x50, r3, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x30, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x4}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x8010)
sendmsg$IEEE802154_ADD_IFACE(r8, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x60000001}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x64, r7, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000000}, 0xc1)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000900), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x10000080}, 0xc, &(0x7f0000000a80)={&(0x7f0000000940)={0x12c, r9, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x88, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1f}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x2, @empty, 0x86}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @broadcast}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x5, @private1, 0x9}}}}]}, @TIPC_NLA_BEARER={0x90, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x94}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @private=0xa010101}}, {0x14, 0x2, @in={0x2, 0x4e22, @loopback}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
sendmsg$NET_DM_CMD_STOP(r5, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x14, 0x0, 0x300, 0x70bd29, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000010}, 0x84)
sendmsg$IEEE802154_LIST_PHY(r8, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x14, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000004}, 0x1)

12:09:53 executing program 4:
r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x85f, 0x315283)
ioctl$HIDIOCGUSAGE(r0, 0xc018480b, &(0x7f0000000040)={0x3, 0x3, 0x80000000, 0x28000, 0x30000000, 0x7ff})
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, &(0x7f0000000080)=0x81)
ioctl$HIDIOCGUSAGE(r0, 0xc018480b, &(0x7f00000000c0)={0x2, 0x1, 0x1000, 0x2, 0x0, 0xd3c})
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$cgroup_pid(r1, &(0x7f0000000140), 0x12)
process_mrelease(r0, 0x0)
ioctl$CDROM_DISC_STATUS(r1, 0x5327)
ioctl$HIDIOCGFLAG(r1, 0x8004480e, &(0x7f0000000180))
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r2=>r1, {0x4}}, './file0\x00'})
r3 = openat(r1, &(0x7f00000004c0)='./file0\x00', 0x180, 0x60)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0xc01, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000700)='./cgroup/syz0\x00', 0x200002, 0x0)
io_submit(0x0, 0x6, &(0x7f00000007c0)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x3, 0x0, r2, &(0x7f0000000200)="516089ae48495d8ee8e439bc7be3603b595e4e350b2d0d266f09bbef602228ad7a3ecd459a7f12ff3a1324f4598f3da0b53572eecc1b3f9325872f2fa7bf44269fc40a376ac27a3f59d4679b4aab2203594642fc85e21399809b6c7a437f0f6f27f85ed5cdaef28b68b22a4db214d4783ae6bc76dd2423d96c6197ff0698d173439ca10148c20bf49b0b366e3c1aceb759e9c9deaa9df2ec88112aa46da622e17d46618d48f4ca00434be28c2a024e645ad5891b7a71417d", 0xb8, 0x4, 0x0, 0x1, r2}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x7, 0x4, r1, &(0x7f0000000300)="a9d4b3c6f6c3521687fef2931b90448afadf7a2905f1cbd5a8503c8eb2b5fbe581e8f66fe6606ba25da72d85c1a92456fd2d2537c024b6daa209faef08d4ff7117ca51a35011a527412333078e9d90a1be7757d9eb615fe0dbb1bedf8bd80f0c055d17e556a3f41fc7db0df29da890bb559f8f658f8df662b8a98cafc34aaf974e2964fcead6f004cc7402096bacfa5ac1ae40ffcc0161f38e6e82a0065fc9c6504dafff3728f31e88796ea69c4c860828b592594a875c707f6906ecc8c4f58d0cc8e0007271b54be84ca179ea70e46f64327acb61f4d107ae0a1d086983e19534f089ddd14360", 0xe7, 0x4177, 0x0, 0x1, r2}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x5, r2, &(0x7f0000000440)="a7dc56f8e217cb96e9dd7712c3a4d745c3c228cd3c5d8bf69c05b95302a186be0ac661d0457ae5", 0x27, 0x1}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x6, 0x80, r3, &(0x7f0000000500)="bd1c9e41cb79a951db2eac80e53504961d64a2308cc0c8591ba2afb418323af70ca73d", 0x23, 0x8, 0x0, 0x3, r1}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x6, 0x3, r4, &(0x7f0000000580)="c20009cb831043733d568b3f35e6e1307b4b1e94b9a42f8f9effcc847ef0ff9ef40fe003402ea668f3d518766dfee61bd68fe617d8bfcfa1ec892d8f363859440c16ea51a89f935260c9c06e7c8355dc080cffc6a75169beb17e6248953238d181c49e05f948dc4b6ac0078da41b90a64f52cf8bc2e5cc252134c5441f8bcca6c6aa06e65e29d9716fd0a96e72b9fb9324b3faf7de9190e817ad8298e03818e3f4ee5f9b50c7e92d659c53d9d066deef19bb0f3119084c42257e1ea39d86383b6009bd7e8c54ae6af7adbb7362cf56c380ec0ff545b8af073a0ff67dbf08d2d6b3321df5", 0xe4, 0x80000001, 0x0, 0x3, r5}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x32a, r6, &(0x7f0000000740)="22612da739fa4bf927452c31ff6bf570d391aeb1476f529fdec6baade652ff83059f512d763e391035b8ebcab38e94725bd111a57f1b24bf4d7a45", 0x3b, 0x7, 0x0, 0x3, r2}])
fgetxattr(0xffffffffffffffff, &(0x7f0000000800)=@known='com.apple.system.Security\x00', &(0x7f0000000840)=""/61, 0x3d)
ioctl$EXT4_IOC_GETSTATE(r1, 0x40046629, &(0x7f0000000880))
dup2(r2, r2)
sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000a00)={&(0x7f00000008c0), 0xc, &(0x7f00000009c0)={&(0x7f0000000900)={0xb4, 0x0, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2e}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2b}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x400}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffffffff}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x5}]}, @IPVS_CMD_ATTR_DEST={0x50, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x6b}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e22}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3f}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast2}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x101}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000a80)={{0x1, 0x1, 0x18, r2}, '\x00'})

[   95.574237] audit: type=1400 audit(1763208593.441:7): avc:  denied  { execmem } for  pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
12:09:53 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NET_DM_CMD_START(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x100, 0x70bd2a, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40)
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x218, 0x70bd2a, 0x25dfdbfe, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x8001}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x44802)
sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x0, 0x8, 0x70bd2b, 0x25dfdbfc, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40c0}, 0x4850)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000340)=@abs, 0x6e, &(0x7f0000000840)=[{&(0x7f00000003c0)=""/81, 0x51}, {&(0x7f0000000440)=""/223, 0xdf}, {&(0x7f0000000540)=""/80, 0x50}, {&(0x7f00000005c0)=""/150, 0x96}, {&(0x7f0000000680)=""/129, 0x81}, {&(0x7f0000000740)=""/239, 0xef}], 0x6, &(0x7f00000008c0)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r1=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r2=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r3=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe8}, 0xa1a1)
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x38, 0x3e9, 0x2, 0x70bd2c, 0x25dfdbfe, {0x41, 0x0, 0x1, r3, 0x4, 0x0, 0x0, 0x7}, ["", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x80d7}, 0xc890)
sendmsg$IPSET_CMD_GET_BYNAME(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x2c, 0xe, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0xc804)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000bc0), r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c00)={<r4=>0xffffffffffffffff})
ioctl$FS_IOC_MEASURE_VERITY(r4, 0xc0046686, &(0x7f0000000c40)={0x3, 0xd, "e067cf305328ec2470f5e5f87f"})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000cc0), r2)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r1, &(0x7f0000000d80)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x38, r5, 0x8, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x7, 0x51}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x15}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x66}]}, 0x38}, 0x1, 0x0, 0x0, 0x5}, 0x40000)
fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000dc0), &(0x7f0000000e00), 0x2, 0x1)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000f40)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000e80)={0x70, 0x0, 0x300, 0x70bd26, 0x25dfdbfd, {}, [@IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x20096fa5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xffff}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}]}, 0x70}}, 0x8000)
r6 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000f80), 0x2b0a03, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r6, &(0x7f00000010c0)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001080)={&(0x7f0000001040)={0x24, r7, 0x2, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_COALESCE_STATS_BLOCK_USECS={0x8, 0xa, 0x8}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_HIGH={0x8, 0x14, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000800)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f00000011c0)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001180)={&(0x7f0000001140)={0x28, 0x0, 0x20, 0x70bd29, 0x25dfdbff, {}, [@IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x1}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
r8 = openat$null(0xffffffffffffff9c, &(0x7f0000001200), 0x2000, 0x0)
ioctl$TIOCSPGRP(r8, 0x5410, &(0x7f0000001240)=r3)

12:09:53 executing program 6:
ioctl$RTC_WKALM_RD(0xffffffffffffffff, 0x80287010, &(0x7f0000000000))
kcmp(0x0, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff)
r0 = inotify_init()
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000000080)={0x0, 0x0, "98626265e3177c65f6fb32d432f68c32d2e9b180bb8a748ca13e52a2c8cc0fde2af70d0baf359aea7d8dc2e426313a96190624c87d57950368c4d3d7b8a4058e851e53b5d82ddb33d4b955fba0fface513a02531f87e1550063f4989b501fbb4095500e3158308bfdc21f4f9c0b261da73b36c9a1fe44c3a6451fd5fa5dc046c7f5c772eb8ae82c13a5cd9f66850e47369d9fdbf284c24ccd4af9ee01a6e54031689295efbb741a88b3f231ef3877f16120b4cf5a439984059ad7a83de94014b1632e4617e1b0762eeed4ee24db23fc29475fae524b56820301710a9a5ec8ecd4962a4f54db8773e28ed41c0a29b6f419c954af2342104c167ffd346abd1b0a6", "c93564b897c33bbba1cfd59d3108d68ce67a5ccdd88aec60ad1c45ca55ee28c346747b2823becdd369e49825b7d6db614a3ffab8ec7263a8dc7a25634a892afffa1230ce0d2e168558d2e51ea34d4251c309d076b33f1e2f700844bd6d8dfd1e503d153015b2fe4eacd9fbb2d85d8889a4fdabffe8a453c7c1cd6fd76eabd21b1a0ba48b48c3818425f04cac33b71fb5d831a103f45a15e5eb702f44862990cd59c7c3386edbbbfa838b5751b97d088c0e454fff6865d988b964badb78e56d239f02a0d85d779336624cdb89eb3a8238655a64a0068765cf671609713465fbe4d78f7986c60c946a69501f21e431c22082ecdf719858e94c0124f1fd4b38b38e35a04ea40f3080649721b1229e526af2a2b5e971629728e39446660707853ef113f13f24e604d66cf94f6d7b822fc5afcb33274e579db440c73eefd2efb511c4837d8a289e978489d705991cbda9110df6eab63cc6752da70dd11c7eb705b0a835db86356dae72f26166957690573f7ed9dab1a2d25305a01778e9dadccf6b9338d998957d766737edf30806f075cf9a9872a0a8f30d96583dcaf6da32520ad48e050dd5d7aeaf1086eb1c1458264fc2c6d7dc133ead2544af84860b5a0e7eeca2924d0fdb895ad3486bc5944e2c520842834fda3caf74f2db3f51470848b1b0f113dc26da62615c37b8fa7dda0e62ba0c24b3455b76ab7484d7a522376e5a211c3a2d87fdd77c084088a308105785a9326f388ffebdab03432c22fd38d036cc70bebd4c6050e50b314786299b7d802415c95a5f55fe147f11e5dd3ac5e4d4bafc84aa657645de75e362ad316f850003f8a5824b8f9e6acb34a8b5404ed7a0db435ba34dff0131ce77e36f4e878d92972292a95fc0590e200fa730eb64b91b85f25502d5609f276f84af9ea0b0b731b6d332918408e01f44b2135653901b74caadc840add60a92ef2b22e9992774a4cedd5f7cc015f5de2019caa98aa256449fffdb08f1c63dfcd11eaa375e69e29722e94e9236b42f511ba1b843344020486d13e70f979ebe339ae327ec84fe27fe89e29216d180f0484ccc67fd80a76bdbbc82d05c212016702e00dc285fa040fa69676c3996edd660356dfa631ced7d7b24acd347960691f30d501eb50e37bb089b26d45ec3d3c51f4c213ab8bb8f976158b38e50206be9687ecf3106c26b870557a7dcf643be6091df99d460f96a221436a44749927c100301ece6cb5392b9c942902ccc05e428e5c615ddea76d4c67fa58861b78f6397c607707c22b21a2969e6b91aa35a7215e0eead74828d56c17bb4335d5a301c8d69f6494c2f14fda1296bb46305072303b29fc048a1a09ed81dd9a96394e96f87e84087ae413ae1e1d41e7ab17ddb45ccdd134a0784132ed576d0fc81e30fad1b663f0fa9bf33aa0fbbe0dfb38f02a434177064d9011ed608fb8c8fef67ee802f01cf38e97b55a7f62da2945fe49acf455b1fb386e7836e1f2c9dfbb57b142047aaa9a1328fb2493f86bea8fbad84457b84ce4da166bd56e96cfaaf02fb3926342157051cb893caf1526e7c66d4ab97175eed5575533e30c6a82191d564f31b3a69d1683ddc7051efcc47a5ddd6484f2714462e0fe30424c9853a004d782c55c933160d9b0786f354ea946fe2c10c8e7816d7ed4db7e897efe4656a647f1aa0508ac4505ba6f11357c5745ab6a9eace86589e9fff8d7eeb9d7c6cc757b0040854d229832f96292d306f406c52c255437ea8f8e7b799a5f3fc67c7747d86de7a6c3b62c3e8a835cb5f8b49038e06ebf0cc60195266fd504f1fd968a92061660c362443934d7229937ad7d9eb0cb07de45e4f1b9ae1741eacec962d7d9c51abd7cb177acaeae55165064216eb8eeb2f4371634b62e467cfd291ad99a5b7934b43791567f5392665e554724e8cc6d47b296e81eebe029d5ffea6aed43fd888f4c208455fc97ed4f47e2b2f108dca6b52ca7b70d6cccc5acaeecc13781aec73ddd942356465e31d1bbf2c65ab0f5f114cf274165451c656961d55ad9e23bf032df6f6f6e608f410236f9c468b4260a73e7b31302499b0551014278d69bba34825fad18845846a531f37b5df0d98945c942cee1ae7076ea66befacd6f8a223e226ec098618750a6ab4cf5ce320e118d8f9f35b5be8d64576fff64714bfa75ebe227859c3aa66827afaf2788a8eccae278469bfd6e48b35ed1102b154803d80f51f05cd9ed6cadb1b55ff810a11defb779777b5de62824ffe1426dcd63e97cf9d994baab172f4221811de8e728c4d35ba38805aea7a41f758fd6ee0e1023ef4b454aa2b3eb9d8395844562c4842342373573a1d28f9e5b0014214abc92ac509df8b9a742511095b7fa30a748abc74c771b9585e108206cca174042b2715ae0a98378014cc1b71095920886fc42904f76b9b4455e34c5b5c3241e918bdd860a754c279e50399617621a6ffe06e324691eb974d0e18b654676e77e9bdefe05b11c1b25e600428820ef59ac0d94145da632f709f02e173662cf201a3b4c24e85613378497d1fab447d378a56bcbb6e7550488da8d1f762a9f30066986fe452e57cb330d93be85a14225e1b4171f1c1d3ffd6399dadc5868e63810e5267497f8e65daf203b217a14b2b84ca73b225d9cd9ebb8d66abc404d9f2726730b8f61cadaf9bc76ea49e7ec8b321eb7845bacc0eee7299b2fa46d89b4d570430ec59c6df85cf4b225297f3e3cb02664856c1b5b9b13822fcfdbf88f5712a5234b70e30730713b4326ec606bc2c3186c87779b4db8285c2a602038a1d0e6958c6364403018dec2da389b4acca2f51b06d18284ba2cbf91e3ee9bbcf66bb400f731359881fba6ec5da82727d9972832da44f69fe3f6c5db32774b455eed9a412ef6d776405de90256795e9ea677650629eea3f04ae2ca0afaa7aa1b85c998d4bb1e4267612be76425f30167bccfd13381b777c7ce64211e01ef423f0c8ba8e4dc8186993e4b626c34323c53a90f918506b35882a97665ecd4e5e9beee7c12a7b118872cd388cc034e729562a8654ed64dfbb46c3cbd434058645892ab3b5c4239cccc6f74d040e776651d110b4b7a257853bfd37c1571c460001b51a42e2df29431f955884574a84cdae70b4aa0d8309e0a7445c652e3f940f1de807fe1429a067aa79b8a890d730ede4bbdcc47552bf850e79782775e4274bcb829a5dcb72655c3743ed548157939363fac52be55e4b84fdd0cd509073c724ea0579493be68759cb641708d8a4dec8f38f265f48fa2c82b3967c5c7079d47a4be144469ab83a7a5cc2a0ac03ef1994ad13032e7e408c2c20166c08fe56c35177e76be33b74fcf50b58d88ea7f56f40221ca6febd544e27095d44f71327c5c624972b6783fbbc042d840d8ccbdea74b6d0adf6b1e4b8138cdf7e81d80196905df8c001d87ba85d3c30e2c3f7e050d416f9f9e4d12d106958e8e9af7233dac242bd7607435c6f5bfcfbb8c9c9c4a20f917a20045c7ac53db69f962f740e5b03091b24aa71d75b3c2d7c3f10b00f5ae39ad9bb0ba1f00a1e6217787a61a29892a34bd57291c7a83acded558fef6c0077ae2bf66655f32bbbc1decfc9e8da4539152ecf03656379303932d43d56444a635eaf1c1a57bc2affed37f3f9a8d9a4ae0cb7dad34c8a1c163c7b79809499d1c5e2ef8ac74984b2652a3a7656ca6222d02507d79bf6f8eb3a085a9352777c43045c4f581dd6669194b5e099845eb5b1ce4f5780a7fa3d044bb9f6e632287398e5baf0effa2b8e599a64432333a2c7a8822ed266779f869fd655e4309a693c3799a1c5b59fd30bfd6fd5040f46f515f2301645f6858db60991efe2272501de781d0e96668598d86312b47f953f2fa69987f950689c26f43bedc4e3631eeb774ccda86bb389e9481546f099a8ec63f067bf4c2d74f667f439d6eac19c48cb5918fdbfc45710ecc7400bfaa1696af1a3dc0082ffc0149458975da51767153e9117101020696feb95f173b47ef927215f853c31ef1efd6cf1b2959778b28d071bd882e9ca84223878726d0dc40df0dee71e8e8e1c85678e6fda75d9690fce7c33ab591fd15a95f1eba13b07053f9c59a3ee81b4b3d3ebcc4eec2e4b0761270e9c9230f731bd7537acf53f8521ccbd39c5cb3da3df355995bf260f669e5de3629450e3635f155e6b985961d7bca4c07fc5614f181873e94712db4e15528ce9b64c19f461e0a5d25ad2988a37c43198677e3ada56715ceeb55498b5eaf54861ed1a2b5068a7471a80df17b8bd33653b108217aac6686d9bf581955177d35da0dcb4d47ea946124613885d82bfc4610e8ca61b6bbb25cb9a7d4c133cf7a36b233f93b36d8ab2f42c9f69965ded3b36db1389a4102b34cadb3736d21effe39fb9367c431015fcfac0ed671024bd0ff3243f9fbe8bcebf3d15e9d0b3404a5343ed5cdf6ebcba8472eb6aaa1bac449922f898b17cb077dee4cff96b1bda6deb4295d0a4174d20c0de3b97e73ec9564ef11a00b33aaef8d21509ff43b321aafeb261471b9bae2d2e967ede48145039ece52855857485eb4afb0c4746d261cc6b1f2c3cc2c9cd9e60265a5fd8a7813ebee6ebaf681a594be298a00f6f2e52711df66a1bf063e5cb367b886d1efefd091e28fb2985ac4a32cf2ee6a120b56d9cfdcdde77582bb9607bf83097e2f17a65872a52c6cef4fac49fcba00c1d1a4d74e6f972dcf4b31a0221bb6462d05ed7ac9cd29ad9c92bacbdf35f2b10cb475b31404a225260575c8beeceb4235c7dd2a898d003b9ae2b8f4d9ae362b5174e0ae64958be7d589d6e4015d019dd29ecade1a3ce459138efe1bc8a990743f207c0b3abbe6189bfd19ce0e14ec055eaeed059671263e555e0593c4fbe3b2d5a8cd64208cbf835d94614697cf44d7271a0b0f5a8ff8148659a29bab28614eeb8bdedb949ab516bf0de846745e0ece7f871d976fc0778c02b448e81625bf2993c06f298afd5f57841a9119af957c04d049ea3744dcb302fd73e17b500900137831e559b67018b8f8a791fa9481d8a8f0a829d2a41be4d93e8a733d1e4654f53733116dcf260d0aed0c356db6a72267294974211a67f50f107df099b6f0060b90b9649ccf4febfa505298454051dd00a3874048ea68b6ab46a0b1db4e97ab435c8bdf5b60639bcc89e1cd4d55fd106eb1299fddf5747e55498b448941bb04d65f056d4414cd6fde944967aa4b0a73870da4ff4fbfa76c1fb3dd00cd1bbcc76073809deb3f91058e03875f6562700aba24d7f39d6453d0b97e46514d3a692ee1e25b1eb0439965c60b71254ae3d9de0cf0a550286ec323402d8a156634c05da5803d2efb4b991e81ce768754f5fade3d9d8056d3189b9d6a8a2e091e3aff34703f03649a236af124bbb855b364b8f6e595bd34832708f5"})
r2 = signalfd(r1, &(0x7f0000001080)={[0x100000001]}, 0x8)
sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000001200)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001100)={0xb4, 0x0, 0x100, 0x70bd2b, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x44, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x9}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'macvtap0\x00'}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x147}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x1}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@private=0xa010101}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x6529}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}]}, 0xb4}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
r3 = openat$incfs(r2, &(0x7f0000001240)='.pending_reads\x00', 0x20000, 0x100)
ioctl$int_in(r3, 0x5452, &(0x7f0000001280)=0x1)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000012c0)='./binderfs/binder0\x00', 0x6, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000001600)={0xb0, 0x0, &(0x7f0000001500)=[@register_looper, @reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x58, 0x18, &(0x7f0000001300)={@fda={0x66646185, 0x1, 0x0, 0x2f}, @fda={0x66646185, 0x4, 0x0, 0x3e}, @flat=@binder={0x73622a85, 0x100a, 0x3}}, &(0x7f0000001380)={0x0, 0x20, 0x40}}}, @increfs_done={0x40106308, 0x1}, @register_looper, @reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000001440)={@flat=@weak_handle={0x77682a85, 0xe, 0x3}, @ptr={0x70742a85, 0x1, &(0x7f00000013c0)=""/77, 0x4d, 0x1, 0x3d}, @fda={0x66646185, 0x2, 0x2, 0x3}}, &(0x7f00000014c0)={0x0, 0x18, 0x40}}}, @register_looper, @increfs], 0x39, 0x0, &(0x7f00000015c0)="3cf05981567200dbfb40396cbc5a93d08cd90848ca30929d424f3aae0a1c61bab7a9fc56588ee28ae9a3a737dabbd2f788c19d078c411d4c3f"})
close_range(r2, r0, 0x2)
ioctl$RTC_IRQP_READ(r3, 0x8008700b, &(0x7f0000001640))
ioctl$RTC_ALM_READ(r2, 0x80247008, &(0x7f0000001680))
r5 = syz_open_dev$rtc(&(0x7f00000016c0), 0x4, 0x402800)
ioctl$BTRFS_IOC_SEND(r5, 0x40489426, &(0x7f0000001740)={{}, 0x4, &(0x7f0000001700)=[0x8, 0x3, 0x5, 0x8], 0x60, 0x0, [0x800, 0x7, 0x1]})
r6 = creat(&(0x7f00000017c0)='./file0\x00', 0x2)
inotify_add_watch(r6, &(0x7f0000001800)='./file0\x00', 0x20000000)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000001880), r6)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r3, &(0x7f0000001940)={&(0x7f0000001840)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001900)={&(0x7f00000018c0)={0x1c, r7, 0x4, 0x70bd28, 0x25dfdbff, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x24000000)

[   96.703797] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   96.707627] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   96.711838] ==================================================================
[   96.713112] BUG: KASAN: slab-use-after-free in hci_cmd_work+0x66d/0x6d0
[   96.714309] Read of size 2 at addr ffff88801d88e538 by task kworker/u11:2/292
[   96.721466] 
[   96.721778] CPU: 0 UID: 0 PID: 292 Comm: kworker/u11:2 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) 
[   96.721812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   96.721828] Workqueue: hci0 hci_cmd_work
[   96.721863] Call Trace:
[   96.721872]  <TASK>
[   96.721882]  dump_stack_lvl+0xca/0x120
[   96.721914]  print_report+0xcb/0x610
[   96.721948]  ? __virt_addr_valid+0x100/0x5d0
[   96.721977]  ? hci_cmd_work+0x66d/0x6d0
[   96.722009]  ? hci_cmd_work+0x66d/0x6d0
[   96.722041]  kasan_report+0xca/0x100
[   96.722073]  ? hci_cmd_work+0x66d/0x6d0
[   96.722109]  hci_cmd_work+0x66d/0x6d0
[   96.722143]  process_one_work+0x8e1/0x19c0
[   96.722187]  ? __pfx_process_one_work+0x10/0x10
[   96.722223]  ? move_linked_works+0x172/0x270
[   96.722251]  ? assign_work+0x196/0x240
[   96.722287]  worker_thread+0x67e/0xe90
[   96.722323]  ? trace_irq_enable.constprop.0+0xc2/0x100
[   96.722353]  ? __pfx_worker_thread+0x10/0x10
[   96.722405]  kthread+0x3c8/0x740
[   96.722438]  ? __pfx_kthread+0x10/0x10
[   96.722470]  ? ret_from_fork+0x79/0x7a0
[   96.722495]  ? lock_release+0xc8/0x290
[   96.722535]  ? __pfx_kthread+0x10/0x10
[   96.722568]  ret_from_fork+0x67a/0x7a0
[   96.722592]  ? __pfx_ret_from_fork+0x10/0x10
[   96.722619]  ? __switch_to+0x759/0x1060
[   96.722654]  ? __pfx_kthread+0x10/0x10
[   96.722687]  ret_from_fork_asm+0x1a/0x30
[   96.722729]  </TASK>
[   96.722737] 
[   96.744774] Allocated by task 290:
[   96.745376]  kasan_save_stack+0x24/0x50
[   96.746068]  kasan_save_track+0x14/0x30
[   96.746764]  __kasan_slab_alloc+0x59/0x70
[   96.747683]  kmem_cache_alloc_node_noprof+0x228/0x6b0
[   96.748851]  __alloc_skb+0x2ab/0x370
[   96.749713]  hci_cmd_sync_alloc+0x34/0x300
[   96.750694]  __hci_cmd_sync_sk+0xf7/0x5c0
[   96.751644]  hci_read_local_version_sync+0x2c/0x170
[   96.752754]  hci_dev_open_sync+0x145c/0x1f60
[   96.753749]  hci_power_on+0xdb/0x5d0
[   96.754623]  process_one_work+0x8e1/0x19c0
[   96.755587]  worker_thread+0x67e/0xe90
[   96.756476]  kthread+0x3c8/0x740
[   96.757258]  ret_from_fork+0x67a/0x7a0
[   96.758132]  ret_from_fork_asm+0x1a/0x30
[   96.759089] 
[   96.759481] Freed by task 293:
[   96.760193]  kasan_save_stack+0x24/0x50
[   96.761026]  kasan_save_track+0x14/0x30
[   96.761855]  kasan_save_free_info+0x3a/0x60
[   96.762701]  __kasan_slab_free+0x43/0x70
[   96.763572]  kmem_cache_free+0x26f/0x500
[   96.764292]  kfree_skbmem+0x18a/0x1f0
[   96.764950]  sk_skb_reason_drop+0x10e/0x1b0
[   96.765682]  vhci_read+0x3d5/0x5d0
[   96.766305]  vfs_read+0x1eb/0xc70
[   96.766927]  ksys_read+0x121/0x240
[   96.767536]  do_syscall_64+0xbf/0x430
[   96.768196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.769069] 
[   96.769366] The buggy address belongs to the object at ffff88801d88e500
[   96.769366]  which belongs to the cache skbuff_head_cache of size 232
[   96.771518] The buggy address is located 56 bytes inside of
[   96.771518]  freed 232-byte region [ffff88801d88e500, ffff88801d88e5e8)
[   96.773573] 
[   96.773876] The buggy address belongs to the physical page:
[   96.774816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1d88e
[   96.775965] flags: 0x100000000000000(node=0|zone=1)
[   96.776680] page_type: f5(slab)
[   96.777166] raw: 0100000000000000 ffff8880096c78c0 dead000000000100 dead000000000122
[   96.778289] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000
[   96.779443] page dumped because: kasan: bad access detected
[   96.780267] 
[   96.780524] Memory state around the buggy address:
[   96.781227]  ffff88801d88e400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   96.782284]  ffff88801d88e480: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[   96.783338] >ffff88801d88e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   96.784388]                                         ^
[   96.785132]  ffff88801d88e580: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[   96.786171]  ffff88801d88e600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   96.787211] ==================================================================
[   96.788339] Disabling lock debugging due to kernel taint
[   96.790037] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   96.796915] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   96.798623] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   96.799994] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   96.824089] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   96.825390] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   96.827951] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   96.830229] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   96.832185] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   96.854512] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   96.861920] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   96.869767] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   96.874620] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   96.875821] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   96.877850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   96.884594] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   96.885755] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   96.891698] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   96.903575] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   96.910639] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   96.912918] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   96.915539] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   96.917085] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   96.932629] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   96.933867] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   96.942781] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   96.944305] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   96.950495] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   96.951601] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   96.954822] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   96.958107] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   96.959188] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   96.960520] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   96.960648] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   96.962079] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   96.972703] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   96.977331] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   96.991506] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   98.867661] Bluetooth: hci3: command tx timeout
[   98.867894] Bluetooth: hci0: command tx timeout
[   98.929714] Bluetooth: hci2: command tx timeout
[   98.930649] Bluetooth: hci4: command tx timeout
[   98.930676] Bluetooth: hci1: command tx timeout
[   98.993592] Bluetooth: hci7: command tx timeout
[   99.057507] Bluetooth: hci5: command tx timeout
[   99.057880] Bluetooth: hci6: command tx timeout
[  100.913597] Bluetooth: hci0: command tx timeout
[  100.914028] Bluetooth: hci3: command tx timeout
[  100.977655] Bluetooth: hci2: command tx timeout
[  100.977671] Bluetooth: hci4: command tx timeout
[  100.977696] Bluetooth: hci1: command tx timeout
[  101.042716] Bluetooth: hci7: command tx timeout
[  101.106513] Bluetooth: hci5: command tx timeout
[  101.107274] Bluetooth: hci6: command tx timeout
[  102.963619] Bluetooth: hci3: command tx timeout
[  102.964264] Bluetooth: hci0: command tx timeout
[  103.025632] Bluetooth: hci2: command tx timeout
[  103.026445] Bluetooth: hci4: command tx timeout
[  103.027498] Bluetooth: hci1: command tx timeout
[  103.090657] Bluetooth: hci7: command tx timeout
[  103.153542] Bluetooth: hci6: command tx timeout
[  103.154200] Bluetooth: hci5: command tx timeout
[  105.009522] Bluetooth: hci3: command tx timeout
[  105.009538] Bluetooth: hci0: command tx timeout
[  105.073493] Bluetooth: hci1: command tx timeout
[  105.073514] Bluetooth: hci4: command tx timeout
[  105.073891] Bluetooth: hci2: command tx timeout
[  105.137503] Bluetooth: hci7: command tx timeout
[  105.201573] Bluetooth: hci6: command tx timeout
[  105.203529] Bluetooth: hci5: command tx timeout

VM DIAGNOSIS:
12:09:54  Registers:
info registers vcpu 0
RAX=000000000000002f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8293dd05 RDI=ffffffff889747c0 RBP=ffffffff88974780 RSP=ffff888016dcf618
R8 =0000000000000000 R9 =ffffed1001d85046 R10=000000000000002f R11=6431303838386652
R12=000000000000002f R13=0000000000000010 R14=ffffffff88974780 R15=ffffffff8293dcf0
RIP=ffffffff8293dd5d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e538f000 00000000 00000000
LDT=0000 fffffe5a00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f2be0276000 CR3=000000000e0e0000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007fd6f97fd7c000007fd6f97fd7c8
XMM02=00007fd6f97fd7e000007fd6f97fd7c0 XMM03=00007fd6f97fd7c800007fd6f97fd7c0
XMM04=ffffffffffffffffffffffffffffff00 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88806ce3e9e0 RCX=ffffffff8169b13c RDX=ffff888016750000
RSI=ffffffff8169b116 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888017ecf6e8
R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000001 R11=1ffff1100d9e6c41
R12=ffffed100d9c7d3d R13=ffff88806ce3e9e8 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff8169b118 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f34926b58c0 00000000 00000000
GS =0000 ffff8880e548f000 00000000 00000000
LDT=0000 fffffe1600000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055a8d8f532d8 CR3=000000000db11000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=0000000000000000bfe62e42fefa39ef XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000