Warning: Permanently added '[localhost]:5896' (ECDSA) to the list of known hosts.
2025/11/15 15:53:00 fuzzer started
2025/11/15 15:53:00 dialing manager at localhost:37161
syzkaller login: [   54.002929] cgroup: Unknown subsys name 'net'
[   54.057761] cgroup: Unknown subsys name 'cpuset'
[   54.069099] cgroup: Unknown subsys name 'rlimit'
2025/11/15 15:53:14 syscalls: 213
2025/11/15 15:53:14 code coverage: enabled
2025/11/15 15:53:14 comparison tracing: enabled
2025/11/15 15:53:14 extra coverage: enabled
2025/11/15 15:53:14 setuid sandbox: enabled
2025/11/15 15:53:14 namespace sandbox: enabled
2025/11/15 15:53:14 Android sandbox: enabled
2025/11/15 15:53:14 fault injection: enabled
2025/11/15 15:53:14 leak checking: enabled
2025/11/15 15:53:14 net packet injection: enabled
2025/11/15 15:53:14 net device setup: enabled
2025/11/15 15:53:14 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/11/15 15:53:14 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/11/15 15:53:14 USB emulation: enabled
2025/11/15 15:53:14 hci packet injection: enabled
2025/11/15 15:53:14 wifi device emulation: enabled
2025/11/15 15:53:14 802.15.4 emulation: enabled
2025/11/15 15:53:14 fetching corpus: 0, signal 0/0 (executing program)
2025/11/15 15:53:15 starting 8 fuzzer processes
15:53:15 executing program 0:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x6002, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
recvmsg$unix(r1, &(0x7f0000000380)={&(0x7f0000000040)=@abs, 0x6e, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/121, 0x79}, {&(0x7f0000000140)=""/69, 0x45}, {&(0x7f00000001c0)=""/44, 0x2c}, {&(0x7f0000000200)=""/92, 0x5c}], 0x4, &(0x7f00000002c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, <r2=>0xffffffffffffffff, 0xffffffffffffffff, <r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0x98}, 0x161)
ioctl$SCSI_IOCTL_PROBE_HOST(r8, 0x5385, &(0x7f00000003c0)={0xe5, ""/229})
ioctl$KDGKBENT(r7, 0x4b46, &(0x7f00000004c0)={0x81, 0x81, 0x6})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000500)={{0x1, 0x1, 0x18, <r9=>r0}, './file0\x00'})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000000540)={<r10=>0x0, 0x0, "a391ebc7fabf7ed1405cd9193d8d886b2d9630f169010765bc92a476f0caad236dc2492c2a06b6e50a183d29a03ab2120539437923bdccba86ce94f68bffbe57f4e108ce787812aeffa6aee8618931e3540a56780ab8658e3b2f9a8c71e3a1494c19081be4163b0ba94e7415810057ad5a1cf0239feba5137f9c4d14d4aafb484450ab30df6a2908740289aafa0e27beaed634ff0dab1489dd9ff94aeb2edbd7928ed4892b34afff748299e0bc591ebef63447729fd5649b22111e5c77a59cd5cc5bed6d87f91edfb777bd10000ff5d4aa3a4a950b3a4cb4c008c3d78817377900972987e4e4bb8f8edd216478991df41518934d4280192103ff2aba908f2092", "04483b6340db62116eadb365a2966b4f6f6fbed71bcf835847075fbb6a89fa158227cd6ed10e2cc4ff84178b47f41f11aba40d4cc6173edbf9915a221d409940af1148670c3bc24a6f145ab7bd6b329413848118db110ee63f3ace2eb2b2268ccff68e59e51caf35352ff487d73284478d358df4ce5541351a9e91494c2d0310c6f13adcb008b65cf7c55f11952ce3eda0a668c83c804728b7716cc7d2273fc5c300a5ecf51258ec05c1418994d3ca28be959b574e6c749c3495f681f49321aaf408f94d2e3fd96ca24d4312c928291f0fe3fe84956166e76414e160f3e693b37de950786be0dc662063717b7306b9b02b3b0e85dfc993e598540a98bd183bfc51703cb98156a80533ce630a05b0aeca5b004281a51d90718e820ae4025cacb4011fd031422f8ac2d6ea6c9a7ba3880bd781dd7f54bdb4c6cdc9ad3d8773619a5b4632a78666f282951389b1bd36a90981b455ecf9052f3c40054fab5b4e56fa8fd303535837ea2724cdc3395c48e218f6d1fdf41577c02525ffdd18f59a7bb17194ec73ffe6926ad65551a44e86707c3483bdf5637f9cade8f784b7057634b16519b917c8e22e2f8a41a3501bdd7db8cf7b65342825ace55ee9638ad6aedce60dd5d1a7019de0891e35eda4dc1184444ae0ae0dcdcb8ced414d498c5719d35aff7a0c06f898eb10e2723c9f0fc91b93c128fdda560ada26514e3e490d02db42dc5fea0ef9616374a1f173c98ff15fad9c27d5d7dc9274057dd96a38d6609e1b51551f21391cdba1719e77df8e3ca641bf3c6c85f14af3614bed22e69b13cc10f0bc3d6d0d31df183e66e7a1529f07aedddc5f54aa8590ac1225331b8b9072ae51bc1896c85b169ee9f46bf241c69dc6694eab1e23dc90322f83882dc3565e653fc33fcf02423cbfa93d8b240c15ab27567fe1b38a3ec28cfc30786fe5e8c6208e7deaca3125c90cc142ae4123380b4835e7329428d6c96e6a586f5502426a4daf5ed44b50d75ae21552713abc5bf56a1c9ac99ffd42d2fb28b07e39d1df224a3684bc5e15842784b2a05fdfb83a0674006843488740c0a3824e390ec74e8ede936715f3edaef7e0e893d8d21dd82a9ad777b7397a6efe980a9873675cb19c53b696740316b5ff1753c0ec33600080adff50d9b5829f043fb652fe6ac522f0242a0fb4d766ceb013c4bc6895ed54c3f74bfe411d37a117776d49ffa4b98e9c581f1995e1ab538bc47b762f39cc395aceaf943ebeb459cca520f4d86d4eed7a9ee63a7fed4ead9f661c9c1e04d04b6235e71d43948cb6080989577a12986daf076d892667197cc0579f85e135a58ff147d4e469e4d060610a1111ee0a8f7a329b1b383a8bcc13feed3b2d92cb9ee55a601fad53eac310fd7fe1f26b66d4380d67fe090ec9868fada9517954cdbf425c56cef4791fdeb231107b37586456edeb6c8eb97f0b2bb66f4ae4259f55ec45075e59f99b3d189a9455c94b1daf81f9bf386fa91eb8d65bf71ccef73c4f79e0f5e73464a342cfa3a240659c4d434d345a7f280b56d24d6eafe6b1f2f20d34e1b5b14d28ea0ae240f5026102067698c896a057360d3b7e9a15b868e0128e96193c3880f4f172732058089de5ae069a6a55ac23ceb677da8ffb3e4398d367a9f52f39db52bf7138410fea533e82b9179c5c52f1258a51c66ccf466f70f8cdb19f1c8ce3cdded1edaa29d37cd3a16dc6183d4304ed7b323fe6ff4bfe7c0330d02d409ce9c6575d675d452d71c35a5521fc4b9a245e7c552cffd0a7bc6d17777c805f63e6dfbd9807491ca9d9c9e83ab58662ebd3b9bfaa44a8bef3532a787c9d62352153c04ea8e2f524daa2537ba2975692b6bc2e45eb15737ca9a83a86da0b7663dcd339481bfba95620cd4c300e2f9b2b2c6bf0c3b8c6f62755e1c47c067e54a95be76b54dd130e113235eb01b95cc2bf4918621cd7b9da21de953ad5234ec2636e170e6f88aa7d322051db486e3f326df2cff5f808277337abc98a190f061a1854fcfd843916dfceb190420399899a195a498f2a253fe954d3a7bcd46f0ddb94a7513342c1f2dde33c8f6f15b25c4ef83ba679ae8924786ea44aac0c6ea620e6ecd842ab2f8b0c8c1f3fd6ea511d4bcc26d668b4a50b07c362ca90c82ba1833232b767f3080c35095afe377fafe52b87cced0d46d615c8a1bb2fbbff8ec9a7ce37cf3d9d8f0ba6b2cf04413408f6cffd50598e4b1bbce0e35f07351e1a88f1b7b1630f1909fc13f25d9c14a15b1218de61e6e102cfaba852a899221af0508bf1f920e510a16af807a28c3a28d2f36ac03715677780938258f557d440edff64201943b4a034714d30eb29b3e9571c0efbd21736c746e3a29a00178d2bc14f3519a1577237c7abcab39c4816ce6644619a406053d0d1a7c6c580a48350377a3f4b6683349a0c6635ebb6d6ad326c38a47cebdd5e6fc05c08964c1da1fdabcc9886782f97eb22a97d810c8af8b2a6d8fccc0abb8eba86be874bd0b8133d93464d85a77996daede71af117a14c49e0c7fdd6245742b8b974db7c78caf705314f01b86b99cbde34803e9b1e8ed028c5a606ebd3244b6fdc760af1b04c08710535366ce617b1ebb378020e5423628a4016d38bdb10e0654509ccbaafcbb38b1edb727cc441a3790a19c7522c71825cd077b376c5b2e090554a29eb5acc05b6c635288b13f763105975b85cfb48d376d744921add4889a0b5a8edf7d926b08df4cd7feace0b6052c2ef3ac2674d489b5a5c7a6285921a2bfebed3209460c51d4cbaedbc82acb431e3dfb8f8fa6ca63dadfa3a8864c99f0b53e7881381f0acd0812f9b1393f94de6193e8f28e72865103dde398b556d28a01395e1284a96a308b8c1f150c9083fc7d0658d38db12bbacc72d60a8cf37a3bc1ad63ced98d476bc57bb5ca527579a04ab9758180be7e0a9617f473c5ee4485402acefe3e5ca9b3ecfe58df3c315cf7afbe9022a318736598f50025d424fcc57f6ba3c65d8e4eb8d2cc44906434203e9727b1227b9e74a637149633e69d1887a8ed2ba8382e87110267745ea46024f6f9cfbfdf9f09c010dac953279e5a2437ecd3a5818643067edffc9fb447eed61929cc99b4b93edc80b9f0cace1d0af0e30fe6b42e25b8a6839ece54e73836ba2bc96f6c576adce899811b67b24d2e92334c56638ad50cfac933c111b53cc186ad47ca117733d34da03ec8f2a6e2acac193cabbd88f407453265f73f8dbe2c8a5ef4bde487e7161650a4d195b32b01cd8116f972a0edd5f62f2270679c62b03d1b0224fc2f2c44507e3f4fc37478386c65b60b32da435ade58c76f906bf6cf6d06afe7f2efb6dde7c4217cbb298ae52cf56398334d2e244c5caa0dcd6a9d7d929b93e11ac5306252ecb55299a6d5e85fbbd5e4ef78bf1b1ec7cb27202ced835afbcfbcd6ed812531036b62d63180f91722ce5a7ecad45f80d0643e3011990968df7f7cf48ad3bc6bba704d254d6545e53a79b69844a164778e6e71289702274291849c6bd6e54dde638b09f5c132663fcf707bfe22043b2854fcd39428f1c35fa7da97dc233f6234684d8ce2cf89c55b91f7c6a99f09aedc2ced16c7af97a8b1d8383047d40dd8810ad83d9d57d6efcf3a3ae1ffeddde367eb1c53bd6dddf654dbcf1278f257a839c10ec618fde90ca0e2597ab6243e370168813900fcb41d16cdf99efdc15cc9bbd236aaf845b2d9496e300e0a8789211e73503091c7ba0ed1aa0bbc7bc10e59df18cf80084a5e07a95438f7afe44277de18687b1cfc2c4f88aa654b6660372d25a4dfbf9af61b22189b269eab054a3ae91e01c4420272edf0c6e16e8d11d357c529c57454144685ded84b1333421922754e76c4dd998195847c522ad903d3161aae9304a50f242abeeb8eb034a3f57c5ee0db0f68aa31675d298f304b8d2bc44c031e5ffb327315fb4c7b7029527635d10454dd312aae6fde755e917b52cdd62f962db7d4e4ba888bb1beec5e7d9ca45c1fc93d14d58e810b98a9a7495abac68cf8f68405fa8c70299122229d4e0f42717d82107b55bf7fa9f8bc6ae1f9f78bd7403183dfe39960264379b717f1c8a20c21d97628b6724d384e2c2495e1adaf71b354f5f3ccd9879fe8938e6d5996f488f199272c7b0a8b22ab892516dc38a2f60d582bff853488b53ea5a825b9cb0585ed04602b91b57838b883197e51e331ff0a9abcedcce79fe3546f14abbb362fa47f2792def181e91162c955e873b46c0f3a91107ba381d1415a5131a3882ee1ddd5d5c32182927f167e98559db5c9267fca43a140f993489a2b83fdfb1fecbc94b0414e71844bebf56ac96ffafd1ed1f051418a2a9670939a582bf6d61cc745648e07464ed71bfd1a104e1ac343bb7b17e729befe573bbe408c0497c94d95e31b89cc9abd07cdec17f4390e55cca033babefa74d0051b0b01a1bf6609eb98d3a8c456f933679c5b385e73b18b25da59acd45f66de0f96418773302c0263d5158a9e170253d1b32e535efb0c80b501d0c587c7a2150577bb7d7c163f5955134a0b77466918b3a24b56bedda369728376e7cc980cb5ee7b0ee678b68da10772f1b55f4b3c84a7dbc949ff00dae5ba05154863ff3fed2d092b3d5a5a694a3afb927467b5ae1c97f31a8bb695c7a1dab54496bd9560b93cb4ab1a3d1d436ae7f0a244818e95a3b3d7841f8b8a011fde67b1d66a24a552c81a1ac4308dfcb2141f941067162f13ac3bf51ffc8304faa932d1f40792bc5572f1cae898c072ceb8b01a5be2f682592fce98e7dfbc4024f501e1e629e9c7cd201db93883746260cc0281480f9c2baf8e74f98050332ab8d7c1c879c67c2bededf0180cf74ac22f27ca26797611744c5c90a1da211a7986cd3a520e81122cfce051eccf8571985a8007834e57983307c47521a439e7082950d0ea8a4d0b164cb213c88ec065f5a532148f98b132c0c3282ba35d029d4c6f4ea6e4b50a453ef95e2f6ba1dd7d6e347cbe9e16d19b1baaf7b82bd6c68f714572dde19fdc93b5334120a859215ebb716ce04b31ab2db1027eb4ed63ad568b954e19efbcef4e7c529b53cae87ea025cc460e1c20fe0cf396e4a13b7d8d96766076702edeb17791c2a58d8d5f712e268d299b10b7c9cab44ee7f2183980fe6e3887ef3fe49f94377bfc7858b46bddb76011a1a69237785b5c091c1323f1f36f5f8fadf2d29989b6c220120f51bc570947801d2656810cbb02f9eb1a384b120e15ea92e21d93251fcb781ae13deec8e3b71cb045ebdb2bcf24cadc69d10893d7650ac3b23238cc784822df76c3539fe0e3c22489bed1463e8dd90d5c270281f11b7f9bc163e82800c05969a3168d2e9fb034643182dc0ca910bc8c82baace9fe23464d7415de83a01122a33597fcf5d8c658bce958e645bc78d58c8"})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r9, 0xd000943e, &(0x7f0000001540)={r10, 0x0, "f7d7d9b562a3af793184fcf3ef82bc3242e549db9e94985efd16b4670202dfa20901fee85d7e6e0a15c08f496946f8439c5b00933e538cff1427e31ce4d3a83f0f3931c5556c45946293a33b1633537eb538097d43e7ced85d7d37810b6dcdb136623d043b1fea5836f13ce69f8b8ad62fe25220bd4b151b28a52012de93d523e04b4d3a308cdd0c6c604eed504258e4f8a0102b0ea3efdd8b8fe967fc592f8ff427404fd456af493678c0bc1de647bf6bd2c5fd7068e58b8a58a9e502b0d242c8df11a4361d4a118e5a60537856c646d50fb43c430f6b56cea9662b2a4f9099962994c083c45347e3ac99bcbbe119b749644476f7ef52f39a7434726640c827", "b47dd1c7a0a42847c994a9a7b0bcb20caade3669a463a0d04c984372511438a066b27578e029e6f72280b4bd8e1d8cbe6a505593c537f3da8d12a4992d56a7e093a92a0ba2ce18dbfdcfc0e3cf2a5d0f6b9abd269a76018f722ffef87d33f1e69068464392393e404761dba73bfc491915dea285f2bf39de27fe18a8b42e07b74a329fb4e7b5d9b09caf89d7c4a202cfe549166f658b5f5e98e693ba18ac7e2b56e8ea1af0f8a6f80dde820ff020b55a806e0b4ba74316a6ea54b85369c08cc7e1c2e1fd5d8c5dbd12f6ce6101e17983955556fea9babc7b3a86c9527ec883229228d14adc21d20823dee742dc465dc7a44ac03aa4f41ed0bd4982659be440d17ab0f5fe8f15e30f2187c928a6b8be8c52dc9ce37f99603f854b14b5ac4756e3747dc8326deaa6b8fe0d62d47d19dc644b345258ac440128540bbbb6cfb851e53d3aaee1f851068968f16e6b27861e1d5301f6adebf00b9958984dfadba60412710e4a37581f72f57ef4eb303b627ccd852500a440a9eea6424a407db03cfa3277944cac9bb24f82486df65c440f2f9bf69dbf9fc90e98f6956f57c9e6fed4c724528fabd2f92e9b75cb3a127050b5fc6e3eb6c3786e2f27047aac3445525dba96a05963829980fc4575de8f824c13ac842dd7fc2503ad6f9ba5ccf1424c2eb4b32132636a0a08aacc7cdfad4b1ed8ae313617afd66b0b3a057d0d76360487ac9bfaf90a711cb4dbeda39042d16eaa3e42e3958088e7bfc811d2590cf186c963c36f27ae71d9f9b3b7dc125b8abcfb932784e81e001751d2e24d9dfb6aa6ae9de80f889a3b58debde3362572ff34fdc7dc2c8da17c6c8579efa8ba9554f168d39a25c996521437d42d013ffdb68db3aff1a878ef9af8f0bf8dc1663d457403e380fa9ee0ce27a01027f607cf9b3dfb6583cc2712e48f8cdd95ec0724b2ebf0c24521a9626ee1e995c5565326f4440d4062e2782a21d488a1cb74c3b74561364564b48249fcb7ae7789df21e7308f6c739839254b23bb78a7fb5e1e93bd8a035edf24e1bfb2ffb4491e257d9094451c14fec99198eeca68a0905f37f759c94a2f971b5008a77d641819878cfd97ec5f081ba746a14e87c29e2fa6f6fa035d358c0023e0f20de5a5d1bfe0345bed6a095eb8196ed1692e553439812e91230edf8ebbf8cfc540d31f75b1c9907a42c76d52e7a9492c8e5a299b07669cc15740067878d22b1cb75f7ca700b9d1614d137ebaaf37084830b254bd2042b6ec440c70282db9dbe6da41b1eeccf095e35721d94f18d2524a25cf4ff51ce3acd688ec22389f32ae1f64eb18f5ce03582faad00943c33bce9553797a422e12502eccf8577f4fad19d04993c90696b6a4ff1ac22fbb6b6559c2f2ea5df1c1ca5cd2242bc1e307e5e6c1fe733ec015f1ba63a3ec26fafb9ec4aace4af649b975ee638e680c40678d7564911c66de6cca72a7470ec6b96d4edec876d7a46893c5bcd250f5a6f5a8740bc93ace8408140e357947170abab9d82006f6ba5541778bd276a81c1fbc80eb7cd8db71d821b0192e7ab0fcbd10c4d3a8a6314b0e24f3be40c77eca74094de1b4ba494335163e98a86d2f027e485b0d53b30477288e7a5ac6c2e71776412ad7e57a2129660c99329d41a8409f97ac15d8dbfd2b13933c6aec008a05bfc15ea06d8ea3038d332b4155ac0b85b4ff652cd32a8cea64089d8998ac2112a3a3688cd221aa8a4da8436d1006bb80a84828c79cb4c93a5357c8fcf4ea731ea5afb6094527ea93fb85e7c899f80f1f9045b02ef7cb508b50d3ac1d166d4e93af6b1ba501328cb8e0bc9f0c9be2a89ca96f22e0b896381abe31533082b7097e542a6eef97db7f254f2d48b4aded62bc683f2ecec02f85b3767f6733a2f2034a75e9df9a98d205aa047366f41c67bbc4311d8612836aa344126981e8108844fa2b542c15db5023956427ac7fbcd7b3ddd28fb1948302420be265bc3592abcb648e7f6c3b006199a949e76eaeb5b42df1762e5b98a94ea8775da08dc8c3c14f88cf5b907bda19af1da1c45dcce42ec8f758a76ba8ccfbe8cc9e949ac702adec11fd2cd290488b8a099165c26feae6bf9fcd53db71d502d3fe486deaf95a55132ca8d50203ad76f57a2820475ee04c0b4d6dbd8209546bf739881768949f21e4325830775e4e5bb669801fd6054cc03d58d773a7ea3a54ab07fa0ecfef3b68dbff1cf81c3bb1022a022154e8f72f9c7a3839c08fc7b28ac5dd1610f7a587d21824a06f25158fbfa3c3738b71219645df29447187a345661dfcf3bee95458aad0c80498abfc77158709237f33f38f57970ab398a30bde5228c7fef7ec68520ccd5ad37a04bd5dbed1c714f774f1aed9c2d51f47588d41f61befeac17341255dd14caef61ad87185c081980eb9bb4273bd0c99942e39210c65bd4294839e9363f93c00a6891f63153e1de3dd2c423531b06a59583a25444c03b3970cbf8932d2fd35e1f72bc0ebf62c3a0ae2a0883a0396b3c454ebdbdfaba2090e648b345f6a51cb0fcc5eef97f76f846db358be40aaa79931be5c4b89db451b711ea86fb16ed3e1fc40ff7a0be4def9af3d7ce0f6f6e8834845bfb8f07a3c7d59e951dce2a3bb1fe8f0c9d5ef9c1dc062fed9919d96f1a969509e1ce0e04af39620a9878fe5d98e95601689d5d21efdb893cb85370047793727796392af30463a76afb6ab98d5ec3421883ae65d7877f547ac9a55b4c8359a0248c5ece27148467b2a16e4b22438befee2f06047a0206351b58fa8e121026a35099d4214c9d3ea1af6c944876ee861c6a90a8945a1c9e4ee143f764741cbccb23a0c22a52120839f12bfee00963feac6943a86def64d9b06ba743d5fc473643c8fd40f936e8ada97aa64498a8b650e55d0c6f48ec943cd6c3070632762aa727a742aea7fc40d18077b5b6b2dbba4c5034ea5d614e4d780348d9255710ea034d7b1d47cdee327669a36d635092390584a496d2ee5f5649ea0483128eef028dd6af91d40e6d6a6d7cb9278b282c94ad9e0afec789649cb126c25f547cc3db0013c4a51dd81d9180b888306ed1200647154632a65bcb1519a226ede5325d00facc4e93ac5ac3b8e88edec336c6ed869a5bf17d8848fa6e4d3b89dc05bc3dc69a946a228567d4394de4ca60e3a78a9259b153180b3ca1eed521e0e8621db91228104d1875db20ca0c1d157664c43a11546d06f98caf46c3617f791c199b1d6b6874253d531a2cde00e0e47dfd10eac726a7e140059d01506989453edd8069624f93d8ef2d2594c0bd7510ac4d35c646350fb9ad740299da7eb444ab18d1c9815fd002993f2dac87be340bdbf6553a7ef975f989ccba919ed09072271d9cbbde7e544262819d0ee03c929d4a79c7ab9fff43b599015b06a435a3089d323591bfa08362b39c7beb2bbeabbdcd6641bad39f101b75535bc7a895687687afdd69548aa310c53a4a23a0a3bebff50820e45b9ff759ad9d7e36c9e8c617f89ca5e1742ba43dcf7b8cf833c047d3f2ca6345271c9bfcf77fa757afc28aad1dd0e82f1e14c1479c330e310586301d4b91ef7c7c644093fb8e5d52a02e76d6bad1b15783b178f965c7a3b3cb3b2420d7573bde994b46a32b31dd1c23032c49eefc1f31117a8741c571523a3ff218f5e977446eef8eaa3481837742331faeb91800b152730158b08bd7d624a2047fe0339b2235b82db913aaf71e82763819eb5fb1f29c60c2c2634a7303933f385b36c6bfb6531cb3cb60a1ab7e214bc70fa9937ceff252c7a6866440fd9be834bd68cf501dffee1fe57db024eab9633ef784e314872bbe210a2d6343319e3e1238c5e9d832067ee93f39e3b389907d8ab831d283e72362223f893dabfae8944691fda310c93a8f1226a30558e019b96a9297287f9e3e554ae1310acf9d38e8684abb0bfef0ee66235b03edf80e234ab7bd2e027dfef07738b2d4404642063b2f0d3a1d81bf37e1efb2f671beb201f106b50036839502792db569289316166a17dd8d2d8676b19ad2cd9f4cf223311f61d2f157f7206696ffcbc2aa5ca4414e5025251dec3ad2a6d018423d2b1ea996217d8bf9cea88d9e2c52f676b523ec93672c87e870acc9c318b41278e774640cc88d8a1447192892a09cba9dc7404eeeb0d7abe6d94336275281440a76ead81a9c79587191199f5fbe128eacedd16267a73ad38b384f0625242a83fa2dd4d06ece945fe376940074d33b91cb80c269dd001802bbaa2f8722b5d7d88a88b2af2e375f2f3fe8b288eb0284ea3f71341bc85518500d7a2a71dd65665684669745ce40eed25ae96855791934203e381baec70967a22623524a806e925061ce8d1bef0146f5d6c3633353861d72720ea6f5d248dab7ca99d8bc1f052abce8dffab5d8e4c4eb5e15a584c66c2a69d25b2338c74f8f2e934773accad793b74107bf447fc526eff6cf33ce942fc97e09e0eed9d4ba4244d335ad41c8e4df8e2843d156ffbfa10b83f7a1be344a5a7993cb21b45625ce66f158b608a74cd51e3e1519735e8d69ffbca82bb63780130d1be09b8cdc8a8cbce393c6d1bd08d1cd85cb6057aa81829a858dd4bfc8e79765070dc11418ba055b1f99c9a0c44043dd3d49a20e30ecb9ab8fab9c724ec94c3c2988249ad3db901e7f4dd8a0a8d070451f2a3aa74acfd9fb749495e892e792c999c604c5680716c8aa9cefd74ea84327d3b7d889298f4b4a361d56c46ccff7c00c6ca71162710efa16affdf2558a2912cb6228605064e0033768d83e070046357c8618d32e23afc0ea5f041bb821601851e07e7de0847d81ac9237eae57dabe40d931dfa737d0f4461a60725ae47264b2ccbf2dfe099ba78d87848267f8e5df8113e5a3b7ecd3cce91faa93c9101e9977bb70c31163927266e21bf4d08630f8f7ad26657d373b287dbf77ad2965fd240383a8a31ae4a06868b9c11650e000f4882a9a7f3bed7197b0b224797c87cfa105c8b61dddc964419a238b26c5150fad1a48d8890bf1888a074c2d1c3d4c01d46a304503f275d3411af98dd286ecb5f2d22e09ca24e85a36533c39abb0cbd7b8cf77e966383fc56fa4f4ead54ba7a3a0ea8a621a5994191f6e45594897a44988258bf0bc558b1a03ed2c928e8f4da7468940f7df0b578c4fd7d61daa5a36d66daac13cbd7140cf60aaa52a47d24fc419e507d9f4587583693b50edcc85977ce1da29abefd0bba62d607d4e96aabcbc99849d3c1c528bb518512b124572baa3b36c80bf4332033b89ad4478f7f98cb7bcbf2aeffd3809567ba6dd1ce8a149c2a50873a26d62cfa63a9570fc61f026fddec2117146efbf09ee9bc38edea59dd8e379c53f0a7b35fe29d62ace08be212e68deb7e4fc7f3aafd3572583159a9367f28f6ce00d72e29084548a0891943e7dd3"})
ioctl$SG_SET_DEBUG(r6, 0x227e, &(0x7f0000002540)=0x1)
ioctl$SG_GET_TIMEOUT(r9, 0x2202, 0x0)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000025c0), 0x121000, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000002600)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000002580)={0x80000014}, r11, 0x1, 0x0, 0x1}, 0x3f)
ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000002640)={{0x1, 0x1, 0x18, <r12=>r4, {0x1000}}, './file0\x00'})
socket(0x11, 0x4, 0x1)
r13 = syz_open_dev$sg(&(0x7f0000002680), 0x10001, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r7, 0xc0189371, &(0x7f00000026c0)={{0x1, 0x1, 0x18, r13}, './file0\x00'})
ioctl$SG_SET_COMMAND_Q(r0, 0x2271, &(0x7f0000002700))
ioctl$SG_IO(r12, 0x2285, &(0x7f0000003ac0)={0x53, 0xfffffffffffffffc, 0x63, 0x7, @scatter={0x4, 0x0, &(0x7f00000038c0)=[{&(0x7f0000002740)=""/4096, 0x1000}, {&(0x7f0000003740)=""/173, 0xad}, {&(0x7f0000003800)=""/68, 0x44}, {&(0x7f0000003880)=""/49, 0x31}]}, &(0x7f0000003900)="80563b1703f76c02aa5c3c6db68aa30891b7e9086f71e4d4c1b5b2a904bd09cb48f0dfc866f4561a2f9af568540d29fd00bf4d0eb636b1af371e47434bca3700d23c66abc714cd50a7fa869d3d88d189232742f60f53e5404a80d2cce572af8c32e6f3", &(0x7f0000003980)=""/210, 0x8, 0x10005, 0x1, &(0x7f0000003a80)})
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r3, 0xc0189375, &(0x7f0000003b40)={{0x1, 0x1, 0x18, r13}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f0000003b80)={{0x1, 0x1, 0x18, r5}, './file0\x00'})

15:53:15 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000040)={0x3, 0x20, 0x3})
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001880)={&(0x7f0000000440), 0x6e, &(0x7f0000001740)=[{&(0x7f00000004c0)=""/160, 0xa0}, {&(0x7f0000000580)=""/88, 0x58}, {&(0x7f0000000600)=""/37, 0x25}, {&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/185, 0xb9}, {&(0x7f0000001700)=""/49, 0x31}], 0x6, &(0x7f00000017c0)=[@cred={{0x1c, 0x1, 0x2, {<r1=>0x0}}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [<r2=>0xffffffffffffffff, 0xffffffffffffffff, <r3=>0xffffffffffffffff]}}], 0x98}, 0x40)
r4 = syz_open_dev$vcsu(&(0x7f00000018c0), 0x401, 0x40000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000001900)={{0x1, 0x1, 0x18, <r5=>r0, {r0}}, './file0\x00'})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
kcmp$KCMP_EPOLL_TFD(r1, 0x0, 0x7, r4, &(0x7f0000001940)={r5, r6, 0x6})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000001980)={{0x1, 0x1, 0x18, <r7=>r2}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_FAIL(r5, 0xc0189377, &(0x7f00000019c0)={{0x1, 0x1, 0x18, r7, {0xbce, 0x4}}, './file0\x00'})
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r4, &(0x7f0000001b00)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001ac0)={&(0x7f0000001a40)={0x68, 0x0, 0x400, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xffffff00, 0x10}}}}, [@NL80211_ATTR_FRAME={0x14, 0x33, @ctrl_frame=@rts={{}, {}, @device_a, @broadcast}}, @NL80211_ATTR_FRAME={0x14, 0x33, @ctrl_frame=@pspoll={{}, @random=0xfffa}}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_FRAME={0x14, 0x33, @ctrl_frame=@pspoll={{}, @random, @initial, @broadcast}}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x14004800)
socketpair(0xb, 0x5, 0x3, &(0x7f0000001b40)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r8, &(0x7f0000001c40)={&(0x7f0000001b80), 0xc, &(0x7f0000001c00)={&(0x7f0000001bc0)={0x1c, 0x0, 0x20, 0x70bd26, 0x25dfdbfe, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40855}, 0xc800)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001f00)={&(0x7f0000001c80), 0x6e, &(0x7f0000001e00)=[{&(0x7f0000001d00)=""/17, 0x11}, {&(0x7f0000001d40)=""/192, 0xc0}], 0x2, &(0x7f0000001e40)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, <r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}, 0x2000)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, &(0x7f0000001f40)={{0x1, 0x1, 0x18, <r11=>r2, {0x1}}, './file0\x00'})
r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000001fc0), r4)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r11, &(0x7f0000002080)={&(0x7f0000001f80)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002040)={&(0x7f0000002000)={0x1c, r12, 0x2, 0x70bd2a, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4008000)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r8, &(0x7f00000021c0)={&(0x7f00000020c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000002180)={&(0x7f0000002140)={0x1c, r13, 0x800, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000004}, 0x4850)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r10, 0xc018937c, &(0x7f0000002200)={{0x1, 0x1, 0x18, r9}, '\x00'})
ioctl$BTRFS_IOC_INO_LOOKUP(r9, 0xd0009412, &(0x7f0000002240)={0x0, 0x400})

15:53:15 executing program 2:
ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000))
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
ioctl$CDROM_GET_CAPABILITY(r0, 0x5331)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0, {0xffffffffffffffff, 0xee00}}, './file0/file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r0, {r0}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r3=>r0, {0x8e}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x80}}, './file0\x00'})
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r4, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x4c840}, 0x20000088)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r5=>r1, {0x65fc4991}}, './file0/file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000001640)={{0x1, 0x1, 0x18, <r6=>r1}, './file0/file0\x00'})
sendmsg$NL80211_CMD_SET_CQM(r6, &(0x7f00000017c0)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001780)={&(0x7f00000016c0)={0xbc, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x191}]}, @NL80211_ATTR_CQM={0x1c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x1}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xfffff49d}]}, @NL80211_ATTR_CQM={0x4}, @NL80211_ATTR_CQM={0x7c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0xf06}, @NL80211_ATTR_CQM_RSSI_THOLD={0x14, 0x1, [0x1f, 0xca, 0x80000000, 0x3]}, @NL80211_ATTR_CQM_RSSI_THOLD={0x24, 0x1, [0x400, 0xfff, 0x10000, 0x0, 0x4, 0x48, 0x80000000, 0x627f8000]}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x20}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x101}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x2}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x81}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x853}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x80}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x461}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0xc800}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r1, 0xc0189372, &(0x7f0000001800)={{0x1, 0x1, 0x18, r1, {0x3f}}, './file1\x00'})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000001940)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000001a40)={&(0x7f0000001840)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001a00)={&(0x7f0000001980)={0x64, r4, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xff}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x10001}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x40}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1ff}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x64}, 0x1, 0x0, 0x0, 0x50008841}, 0x8001)
r8 = syz_open_dev$vcsu(&(0x7f0000001a80), 0x1, 0x90000)
r9 = openat$null(0xffffffffffffff9c, &(0x7f0000001ac0), 0x800, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r8, 0xc018937c, &(0x7f0000001b00)={{0x1, 0x1, 0x18, r9, {0x2}}, './file0/file0\x00'})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001b40)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f0000001b80)={{0x1, 0x1, 0x18, r10, {0x7f}}, './file0\x00'})

15:53:15 executing program 3:
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x4}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0x8}}, './file0\x00'})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r0)
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x800, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x2c040804)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r3=>r0}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1, {r1}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r4=>r1, {0x1}}, './file0\x00'})
sendmsg$BATADV_CMD_TP_METER_CANCEL(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r2, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10000000}, 0x2400c081)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r5, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r6, 0x8, 0x70bd25, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c054}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r7=>r0}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(r7, 0xc0189376, &(0x7f0000000500)={{0x1, 0x1, 0x18, r3, {0x84}}, './file0\x00'})
sendmsg$NL80211_CMD_SET_PMKSA(r1, &(0x7f0000000680)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000640)={&(0x7f0000000580)={0x90, 0x0, 0x20, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x8, 0x1c}}}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "4fa898c4293b7ca111c29268e61c60b0"}, @NL80211_ATTR_PMK={0x14, 0xfe, "1b77b30b93664f43ae3668d9eef89dbb"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x48}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_PMK={0x14, 0xfe, "66eba520e99dc2019217d0f18ed96e4f"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @random="a6d82954ef46"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x2}]}, 0x90}, 0x1, 0x0, 0x0, 0x8}, 0xc001)
sendmsg$TIPC_CMD_GET_LINKS(r4, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x1}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x8010)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f00000007c0)={{0x1, 0x1, 0x18, <r8=>0xffffffffffffffff}, './file0\x00'})
ioctl$KDGKBENT(r8, 0x4b46, &(0x7f0000000800)={0x9c, 0x1f})
sendmsg$IEEE802154_LLSEC_GETPARAMS(r5, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x1480a200}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x2c, r6, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x4)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000000940)={{0x1, 0x1, 0x18, r4, {<r9=>r8}}, './file0\x00'})
sendmsg$NL80211_CMD_GET_SCAN(r9, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x28, 0x0, 0x1, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x2c}}}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x44000}, 0x4048010)

15:53:15 executing program 6:
sendmsg$TIPC_CMD_DISABLE_BEARER(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x24000100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x800, 0x70bd28, 0x25dfdbff, {{}, {}, {0x10, 0x13, @udp='udp:syz0\x00'}}}, 0x2c}}, 0x40041)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000001c0)={&(0x7f0000000100), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x40)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x24, r1, 0x20, 0x70bd26, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x10}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x20008081)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r2=>0x0})
sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000480)={0x264, 0x13, 0x100, 0x70bd25, 0x25dfdbfe, {0x77839716fd53e404, 0x4, 0x1, 0x8, {0x4e20, 0x4e23, [0x19f1041b, 0x8, 0x2, 0x7], [0x800, 0x5, 0x1, 0x80000001], r2, [0x0, 0x3]}, 0xffffffff, 0x4}, [@INET_DIAG_REQ_BYTECODE={0x7a, 0x1, "b0c8d8e3a768e4ca4e785122738c7e3f8d034603d9d7d62f7b3910355ff08c79a48899904e3f8ae2a225d125f87db6be84256efbff7f2cc119af22f8e48bcd65acc24f2d2c8985ffff687d2b3e7e49b3087954968dc0b811f45d399c1c4e56f772aecb5e7849fc1728e58706dc037b4639a89153169d"}, @INET_DIAG_REQ_BYTECODE={0xd, 0x1, "ab4427157a90c7e51a"}, @INET_DIAG_REQ_BYTECODE={0x12, 0x1, "3c7b5e9e46694b452487c2b2b449"}, @INET_DIAG_REQ_BYTECODE={0xcc, 0x1, "8d95d5da1a87c55a5041440d251b4e90d29e0cac589f4c8312f52fe73632f4ae6ff3d5aa1ac5184c67788c8d1b44347375b24057ef0b244c194be853588ce56a62f366256f715279542624b0b0f4d72078dc668d22eb88b5b1b591937da08a249e74d1fda8292c063f1d49571fda274098dc71385231b93e5f634ce6680503e504f3b5f530820ee0de4fa547ecdb60c432e2dafe93e34825fb8071a6f37fae675d6dddde4c37ad5986d084c7ffab341c818313db451f48b8be3df80941684e7438de716ad00c5a45"}, @INET_DIAG_REQ_BYTECODE={0x27, 0x1, "2b85216d61a3be39e7fef4d0612849a72b0d41752169b465bca0bab15c8acb5f3685e1"}, @INET_DIAG_REQ_BYTECODE={0x82, 0x1, "b2d837d0a1789cb67fe1c91495048d92adbb97413d62e5f188bc14ce324d7bec60dde6127e1ed641d4a416c88da75e5216b13c07da917a85c4a77dd8e681303e9218104e4a859aa2aff4af98bb6d51b12053d020359c6f4b69ae1098b91cee9657c4f95baf335c0aaa251e04fead95142d52c4eeaf9f949bc248937f6a73"}]}, 0x264}, 0x1, 0x0, 0x0, 0x20004041}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000780)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {0x8, 0x385}}, './file0\x00'})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000a40)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000a00)={&(0x7f0000000840)={0x1b4, r4, 0x4, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0xe}, @void, @void}}, [@NL80211_ATTR_VENDOR_DATA={0x102, 0xc5, "c4caa119a18620c65ee99267e41c6834917eba69d4546f562c9c32a40833a154157db140b5fcdff6e569885a1eab22c445a3a218d1dd59b13be8fa6ae02dab97770389c26d195b2251870e4ca81ba44515b01fed791085d6a29a3f3745be01c91cc881f61f8bc5e438e91840f4bd4230046569f892239fa237d9ff84eab240e148e698080780cb82eddd4832ca5c9efa19262382ab25e194430bb61d3d9a308b5aaa0f396d791d2e45fbed92bce6a7bd52f02e6ad20e9aee37d3ae53811db8a32ca31f3077c345b489291b6ae559a8e9a270c5b595fab9e6983423d736d6e103b97f1934a8ff34edd4a2873d82ad283cec6376531ef82080b3eb81b73255"}, @NL80211_ATTR_VENDOR_DATA={0x6a, 0xc5, "3b3eeb98d0e28704a79bd43923bf4a12c09506cf2ebb576f453053168e184e3f30d4ffa472ad1f457f4d52ea0cd4bba94af6652e6b1e48fac5eeb77c0900e47cf1ec0185365c565b0d9e6693966cd4eaeab6c0863092fc2fb55d8060e5d0617b784570bc5c83"}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xc0000}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x401}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x2}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x2}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x2}]}, 0x1b4}, 0x1, 0x0, 0x0, 0x40}, 0x4004)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3)
sendmsg$NL80211_CMD_LEAVE_OCB(r3, &(0x7f0000000b80)={&(0x7f0000000a80), 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x28, r5, 0x8, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5d, 0x15}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x20000040)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, 0xfffffffffffffffc, 0x4)
sendmsg$NL80211_CMD_DEL_MPATH(r0, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x100020}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c00)={0x7c, r4, 0x300, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4040084}, 0xc215e6e2769f9766)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d40)={0x44, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xfffffff8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x80000)
sendmsg$TIPC_CMD_SHOW_STATS(r3, &(0x7f0000000f00)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x1c, r1, 0x20, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20006004}, 0x54)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000f40), 0x4000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f0000000f80)={{0x1, 0x1, 0x18, r3, {0x101}}, './file0\x00'})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000001080)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001040)={&(0x7f0000001000)={0x1c, 0x0, 0x300, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xab14}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x84)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f00000011c0)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001180)={&(0x7f0000001140)={0x1c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x24008000}, 0x0)

15:53:15 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_LEAVE_OCB(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r0, 0x2, 0x70bd25, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x0, 0x2c}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x20)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000140), 0x3050c0, 0x0)
r2 = syz_open_dev$vcsu(&(0x7f0000000180), 0x6, 0x40000)
sendmsg$GTP_CMD_GETPDP(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, 0x0, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_TID={0xc, 0x3, 0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x844}, 0x24000050)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, @out_args}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r4=>r3, @in_args={0x1}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r5=>r4, {0xffffffffffffffff, 0xee00}}, './file1\x00'})
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r6=>r3}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_VERSION(r6, 0xc0189371, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r7=>r3}, './file1\x00'})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000400)={{0x1, 0x1, 0x18, <r8=>r6, {0x9}}, './file1\x00'})
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r5, 0x5386, &(0x7f0000000440))
ioctl$VT_GETMODE(r7, 0x5601, &(0x7f0000000480))
ioctl$SG_SET_COMMAND_Q(r7, 0x2271, &(0x7f00000004c0)=0x1)
ioctl$SG_GET_LOW_DMA(r8, 0x227a, &(0x7f0000000500))
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x20, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x5}]}, 0x20}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
sendmsg$TCPDIAG_GETSOCK(r6, &(0x7f0000000b80)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000b40)={&(0x7f0000000680)={0x49c, 0x12, 0x300, 0x70bd29, 0x25dfdbfd, {0x26, 0x6, 0x7, 0x17, {0x4e24, 0x4e21, [0x6, 0x6, 0x20], [0x3, 0x200000, 0x4, 0x800], 0x0, [0x7]}, 0x3}, [@INET_DIAG_REQ_BYTECODE={0xcb, 0x1, "a9cb791a6c73bf78afb533dbe691d091e156a1fea4b278bb5fee30b5f4127ac2559f19c45e9f0ae47ec52a5248460f8600480edfd658c60a0bca6d505e3ad1c5c0fc6d8d58cba94296ccb131d07857d916f22033d02ac4c5e76e87d651b870778a2782084f1b8bc9a741b2ae80a8c032725ddf638cd8b8841459c1d2e18d95f844bc5b7fcbac8cbfc9e4f15c2b6417635d38658b35fe8092460a97fb6186ededa41c41ae965b76702046d4390c1c0a111c85144f780145e2a8d587a294203f780b97846057c666"}, @INET_DIAG_REQ_BYTECODE={0x58, 0x1, "f14dfdc77148128cd9f2c1464c038418c631666185310d808bb438f8b7f2e4156aae7840b2b0352e6e754621d8ee6933315da68de52d0024c892e62304ef2a4efd1009a6d394497309f2574e8a6a6eaceb3e81f3"}, @INET_DIAG_REQ_BYTECODE={0xd9, 0x1, "5551d1e7473f42e43b9422e53208cad526f9440ecc725a485bd38b6fe5ae658545baaf4b95c7e91cccacb5567d34939bdf31d8f7ef0d33d1c20230404d7fa95962a5088e399605f07144c52b87f62120306166e5f276faa4003e808bddcf1377b547300818bc6214774cf9fe25c7f0d62b29782868be00a6ca62d9c1d2fb5d4bd50edc0811deebbc99432eca3bba95e9ce898edd5c77b13aaa7f4c77c74b8c756eae4ab37442b2e96d525af9e6f725decc7936a4d07643d1f138682c55243c0add8bfbb325c2d48bab249e8f6948a8770a6afcef19"}, @INET_DIAG_REQ_BYTECODE={0xd1, 0x1, "116efc094181a127c25d3ba0d2ab30a07fa586b0d329217f8b2b1ce387f9299a60def17f7b9d4cfef4c2a725ff3a17b92aae12eb62733f3b02dc6b5b80a5f64e6cdc99983372475b289aa3b50cac2e478f78775fae05b13b834468f2b0c69726cfc3f1f30c4a9564b4dd80dec5b318a42ee4fff864b850d6bd824c11c745105d8a892600069ff58bb82e388581a4494c606235951e827fb58066528e28d474ba8656f071336df8daaaf8e016dabcbd820d91fcbf23334396b359ca4f6246c1c5361956465f90103c3c5d0537e4"}, @INET_DIAG_REQ_BYTECODE={0xa4, 0x1, "031089c86f1d9502d8aa2e29aedac59383e5a8b16b93cf358da72e2a9ef36154a5ce51e722f714abafc22fc7664d26c4be1897513f35fc35660e67de961c8a7041ece95729ca567d7b19de43b401d76bedc63388ffafe01c6ae14e6a71acecb7e441c1ea50830d89d88c61bf48c7ab39c6235a2b311f174619d4c058a6839b4a0edf544b36c45bcb015c9a925c48b4400945d109a165d24278fb57992c7042cc"}, @INET_DIAG_REQ_BYTECODE={0xd7, 0x1, "61c9bf5fb8481bda1c8ad54db58a381dfcc5304d5c67f6909254fc27ffe403582b8980e15530b8310ec7bbdbd932ca4a48506e5ad58aca37bbea8b516446efc9b82cb2d8ddedfdd08c3a5622c93bd1d0495ebac0a60cec4c2d3b7776c0f6f62eb358a938222d943d7e1817b857bad087daf71750f72728d3a1b66aaf0e21d9d451cfdb580a07eb70efbfa07add2def34d5006848055e92a107bbad8da2252e9cadae70108eb3565e6716e5af9a340b9e0d0866e86b393d9bf8fd4ab940692cd02623ed5b1ab696c7d128c1c1cdbd9d7545e214"}]}, 0x49c}, 0x1, 0x0, 0x0, 0x80}, 0x4040011)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000c00)={{0x1, 0x1, 0x18, <r9=>r2}, './file1\x00'})
syz_genetlink_get_family_id$batadv(&(0x7f0000000bc0), r9)
sendmsg$BATADV_CMD_SET_VLAN(r8, &(0x7f0000000f80)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000f40)={&(0x7f0000000ec0)={0x60, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_HOP_PENALTY={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7f}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x60}}, 0x20000011)

15:53:15 executing program 5:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x6000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r0, 0x20, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x17}, @val={0x8}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x5}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x100}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000}, 0x85)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x9, 0x5}}, './file0\x00'})
sendmsg$NL80211_CMD_GET_MPATH(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r0, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x8000)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), r1)
sendmsg$TIPC_CMD_SHOW_STATS(r1, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r2, 0x800, 0x70bd28, 0x25dfdbfe}, 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x10)
sendmsg$BATADV_CMD_TP_METER_CANCEL(r1, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x30, 0x0, 0x4, 0x70bd25, 0x4, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x11}}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8001}]}, 0x30}, 0x1, 0x0, 0x0, 0x48010}, 0x2000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r4, 0xc0709411, &(0x7f0000000500)={{0x0, 0x8, 0x8, 0x9, 0x10001, 0x1c, 0x0, 0x0, 0x7, 0x2, 0x10000, 0x6, 0x100, 0x3, 0x5}, 0x20, [0x0, 0x0, 0x0, 0x0]})
recvmsg$unix(r3, &(0x7f0000000a00)={&(0x7f00000005c0)=@abs, 0x6e, &(0x7f0000000880)=[{&(0x7f0000000640)=""/215, 0xd7}, {&(0x7f0000000740)=""/64, 0x40}, {&(0x7f0000000780)=""/233, 0xe9}], 0x3, &(0x7f00000008c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, <r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, <r6=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x138}, 0x101)
sendmsg$GTP_CMD_NEWPDP(r8, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40084}, 0x20000000)
r9 = gettid()
syz_open_procfs(r9, &(0x7f0000000b40)='net/ip_vs\x00')
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000c80)={'batadv0\x00', <r10=>0x0})
sendmsg$BATADV_CMD_SET_VLAN(r5, &(0x7f0000000d80)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000d40)={&(0x7f0000000cc0)={0x5c, 0x0, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r10}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xa756}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xfff}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc005}, 0x20004883)
r11 = openat$null(0xffffffffffffff9c, &(0x7f0000000dc0), 0x119000, 0x0)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e40), r6)
sendmsg$NL80211_CMD_SET_CQM(r11, &(0x7f0000000f80)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000e80)={0x90, r12, 0x400, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x80000001, 0x6a}}}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x211}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x206}]}, @NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x4f0}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x60}]}, @NL80211_ATTR_CQM={0x24, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x1}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x101}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0xffffff68}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x4}]}, @NL80211_ATTR_CQM={0x1c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x16}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x40}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x5b}]}]}, 0x90}}, 0x0)
r13 = socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r7, 0xc0189373, &(0x7f0000000fc0)={{0x1, 0x1, 0x18, r13, {0x7}}, './file0\x00'})

[   64.609171] audit: type=1400 audit(1763221995.617:7): avc:  denied  { execmem } for  pid=274 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
15:53:15 executing program 7:
r0 = syz_io_uring_setup(0x43dd, &(0x7f0000000000)={0x0, 0xa0cf, 0x10, 0x1, 0xfe}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0))
ioctl$CDROMEJECT_SW(0xffffffffffffffff, 0x530f, 0x1)
r1 = syz_io_uring_setup(0x14cb, &(0x7f0000000100)={0x0, 0x4bd, 0x10, 0x0, 0xa8}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000180), &(0x7f00000001c0))
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x1000004, 0x2010, r0, 0x8000000)
r2 = io_uring_setup(0x5ae0, &(0x7f0000000200)={0x0, 0x382, 0x0, 0x1, 0x35c, 0x0, r1})
sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, 0x0, 0x515, 0x70bd28, 0x25dfdbff, {{}, {}, {0x8}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x84001}, 0x4)
ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f0000000380)=0x80)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r1, &(0x7f00000003c0)={0x3})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000400)={0x8})
r3 = io_uring_setup(0x5d2d, &(0x7f0000000440)={0x0, 0xae21, 0x1, 0x2, 0x1bd, 0x0, r2})
sendmsg$TIPC_CMD_DISABLE_BEARER(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x2c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @udp='udp:syz2\x00'}}, ["", "", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4000)
ioctl$SCSI_IOCTL_DOORLOCK(0xffffffffffffffff, 0x5380)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000005c0)={{0x1, 0x1, 0x18, <r4=>r3, {0xee01}}, './file0\x00'})
r5 = io_uring_setup(0x18d8, &(0x7f0000000600)={0x0, 0x1950, 0x0, 0x3, 0x3b, 0x0, r4})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r5, 0xc0709411, &(0x7f0000000680)={{<r6=>0x0, 0x0, 0x7, 0xff, 0xef9c, 0x80000000, 0x7, 0xe71, 0x81, 0x101, 0x7, 0x200, 0x2, 0x4, 0x3ff}, 0x18, [0x0, 0x0, 0x0]})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r4, 0xc0189373, &(0x7f0000000740)={{0x1, 0x1, 0x18, r4, {0x5}}, './file0\x00'})
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000000780)={{<r7=>r6, 0xfffffffffffffff7, 0x101, 0x100000001, 0x3, 0x6, 0x80000001, 0x2, 0x13f, 0x1046f151, 0xccfd, 0x1f, 0xffffffffffffff5e, 0x1, 0x6}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f0000001780)={0x0, [{}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6, <r8=>0x0}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {}, {r6}, {}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}], 0x94, "1f3c36e1c6f8cb"})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r5, 0xc0709411, &(0x7f0000002780)={{<r9=>r6, 0x1, 0x80000000, 0x0, 0x5, 0x8000000000000000, 0x7, 0x1, 0x1ff, 0x81, 0x0, 0x92, 0x8001, 0x8, 0x800}, 0x10, [0x0, 0x0]})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f000007c100)={0x1000, [{r7}, {r6}, {r6, r8}, {r9}, {}, {}, {r6}, {r6}, {}, {}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {}, {}, {r6}, {r6}, {}, {}, {r6}, {r6}, {}, {}, {r6}, {}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {}, {}, {}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {}, {}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {}, {}, {}, {r6}, {r6}, {}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {}, {}, {}, {r6}, {r6}, {r6}, {r6}, {}, {}, {r6}, {r6}, {}, {}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {}, {r6}, {}, {}, {}, {}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {}, {}, {r6}, {}, {}, {}, {}, {r6}, {}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {r6}, {}, {}, {r6}, {}, {}, {}, {}, {r6}, {r6}, {r6}, {}, {r6}, {}, {}, {}, {}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {}, {r6}, {r6}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {}, {r6}, {r6}, {}, {}, {r6}, {r6}, {}, {}, {r6}, {}, {r6}, {}, {r6}, {}, {}, {}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {}, {}, {r6}, {r6}, {}, {r6}, {}, {r6}, {}, {}, {}, {r6}, {r6}, {}, {}, {r6}, {}, {r6}, {r6}, {}, {r6}, {r6}, {}, {}, {r6}, {r6}, {r6}, {}, {r6}, {}, {}, {r6}, {r6}, {r6}, {r6}, {}, {r6}, {}, {r6}, {}, {}, {}, {r6}, {r6}, {}, {}, {r6}, {}, {r6}, {}, {}, {r6}, {r6}, {r6}, {r6}], 0x33, "ba7511f9c62897"})

[   65.848255] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   65.850375] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   65.853744] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   65.855753] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   65.858124] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   65.862105] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   65.865332] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   65.868362] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   65.870072] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   65.875171] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   65.879985] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   65.881727] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   65.883466] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   65.887981] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   65.888266] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   65.892060] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   65.906954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   65.907612] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   65.917263] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   65.918506] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   65.927278] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   65.931927] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   65.933414] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   65.937067] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   65.938398] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   65.940490] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   65.944079] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   65.946656] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   65.946773] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   65.950117] ==================================================================
[   65.951258] BUG: KASAN: slab-use-after-free in hci_cmd_work+0x66d/0x6d0
[   65.952352] Read of size 2 at addr ffff88801edd0b78 by task kworker/u11:8/307
[   65.954099] 
[   65.954943] CPU: 0 UID: 0 PID: 307 Comm: kworker/u11:8 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) 
[   65.954974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   65.954989] Workqueue: hci4 hci_cmd_work
[   65.955020] Call Trace:
[   65.955028]  <TASK>
[   65.955037]  dump_stack_lvl+0xca/0x120
[   65.955066]  print_report+0xcb/0x610
[   65.955095]  ? __virt_addr_valid+0x100/0x5d0
[   65.955121]  ? hci_cmd_work+0x66d/0x6d0
[   65.955149]  ? hci_cmd_work+0x66d/0x6d0
[   65.955177]  kasan_report+0xca/0x100
[   65.955205]  ? hci_cmd_work+0x66d/0x6d0
[   65.955236]  hci_cmd_work+0x66d/0x6d0
[   65.955266]  process_one_work+0x8e1/0x19c0
[   65.955304]  ? __pfx_process_one_work+0x10/0x10
[   65.955335]  ? move_linked_works+0x172/0x270
[   65.955360]  ? assign_work+0x196/0x240
[   65.955391]  worker_thread+0x67e/0xe90
[   65.955422]  ? trace_irq_enable.constprop.0+0xc2/0x100
[   65.955449]  ? __pfx_worker_thread+0x10/0x10
[   65.955481]  kthread+0x3c8/0x740
[   65.955509]  ? __pfx_kthread+0x10/0x10
[   65.955537]  ? ret_from_fork+0x79/0x7a0
[   65.955559]  ? lock_release+0xc8/0x290
[   65.955593]  ? __pfx_kthread+0x10/0x10
[   65.955621]  ret_from_fork+0x67a/0x7a0
[   65.955643]  ? __pfx_ret_from_fork+0x10/0x10
[   65.955666]  ? __switch_to+0x759/0x1060
[   65.955696]  ? __pfx_kthread+0x10/0x10
[   65.955725]  ret_from_fork_asm+0x1a/0x30
[   65.955761]  </TASK>
[   65.955769] 
[   65.979176] Allocated by task 293:
[   65.979730]  kasan_save_stack+0x24/0x50
[   65.980357]  kasan_save_track+0x14/0x30
[   65.980983]  __kasan_slab_alloc+0x59/0x70
[   65.981630]  kmem_cache_alloc_node_noprof+0x228/0x6b0
[   65.982440]  __alloc_skb+0x2ab/0x370
[   65.983026]  hci_cmd_sync_alloc+0x34/0x300
[   65.983688]  __hci_cmd_sync_sk+0xf7/0x5c0
[   65.984361]  hci_read_num_supported_iac_sync+0x2c/0x170
[   65.985179]  hci_dev_open_sync+0x1874/0x1f60
[   65.985860]  hci_power_on+0xdb/0x5d0
[   65.986458]  process_one_work+0x8e1/0x19c0
[   65.987125]  worker_thread+0x67e/0xe90
[   65.987747]  kthread+0x3c8/0x740
[   65.988294]  ret_from_fork+0x67a/0x7a0
[   65.988907]  ret_from_fork_asm+0x1a/0x30
[   65.989543] 
[   65.989824] Freed by task 303:
[   65.990321]  kasan_save_stack+0x24/0x50
[   65.990943]  kasan_save_track+0x14/0x30
[   65.991557]  kasan_save_free_info+0x3a/0x60
[   65.992251]  __kasan_slab_free+0x43/0x70
[   65.992873]  kmem_cache_free+0x26f/0x500
[   65.993514]  kfree_skbmem+0x18a/0x1f0
[   65.994106]  sk_skb_reason_drop+0x10e/0x1b0
[   65.994767]  vhci_read+0x3d5/0x5d0
[   65.995323]  vfs_read+0x1eb/0xc70
[   65.995863]  ksys_read+0x121/0x240
[   65.996441]  do_syscall_64+0xbf/0x430
[   65.997033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.997826] 
[   65.998093] The buggy address belongs to the object at ffff88801edd0b40
[   65.998093]  which belongs to the cache skbuff_head_cache of size 232
[   66.000035] The buggy address is located 56 bytes inside of
[   66.000035]  freed 232-byte region [ffff88801edd0b40, ffff88801edd0c28)
[   66.001841] 
[   66.002109] The buggy address belongs to the physical page:
[   66.002961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1edd0
[   66.004163] flags: 0x100000000000000(node=0|zone=1)
[   66.004920] page_type: f5(slab)
[   66.005444] raw: 0100000000000000 ffff8880096c78c0 dead000000000122 0000000000000000
[   66.006630] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[   66.007794] page dumped because: kasan: bad access detected
[   66.008655] 
[   66.008926] Memory state around the buggy address:
[   66.009687]  ffff88801edd0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   66.010785]  ffff88801edd0a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[   66.011886] >ffff88801edd0b00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   66.012982]                                                                 ^
[   66.014056]  ffff88801edd0b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.015138]  ffff88801edd0c00: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[   66.016237] ==================================================================
[   66.017616] Disabling lock debugging due to kernel taint
[   66.020665] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   66.027170] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   66.032665] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   66.034430] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   66.054266] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   66.056117] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   66.058141] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   66.060453] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   66.088737] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   66.136950] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   66.145243] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   67.941958] Bluetooth: hci0: command tx timeout
[   67.941976] Bluetooth: hci1: command tx timeout
[   68.004585] Bluetooth: hci2: command tx timeout
[   68.067624] Bluetooth: hci5: command tx timeout
[   68.132585] Bluetooth: hci4: command tx timeout
[   68.132634] Bluetooth: hci3: command tx timeout
[   68.259603] Bluetooth: hci7: command tx timeout
[   68.323621] Bluetooth: hci6: command tx timeout
[   69.987593] Bluetooth: hci0: command tx timeout
[   69.987606] Bluetooth: hci1: command tx timeout
[   70.051634] Bluetooth: hci2: command tx timeout
[   70.116625] Bluetooth: hci5: command tx timeout
[   70.179648] Bluetooth: hci3: command tx timeout
[   70.179895] Bluetooth: hci4: command tx timeout
[   70.307822] Bluetooth: hci7: command tx timeout
[   70.371687] Bluetooth: hci6: command tx timeout
[   72.035620] Bluetooth: hci0: command tx timeout
[   72.036625] Bluetooth: hci1: command tx timeout
[   72.100576] Bluetooth: hci2: command tx timeout
[   72.163611] Bluetooth: hci5: command tx timeout
[   72.227654] Bluetooth: hci3: command tx timeout
[   72.227677] Bluetooth: hci4: command tx timeout
[   72.355628] Bluetooth: hci7: command tx timeout
[   72.419640] Bluetooth: hci6: command tx timeout
[   74.083626] Bluetooth: hci1: command tx timeout
[   74.083647] Bluetooth: hci0: command tx timeout
[   74.149571] Bluetooth: hci2: command tx timeout
[   74.211740] Bluetooth: hci5: command tx timeout
[   74.275615] Bluetooth: hci3: command tx timeout
[   74.276620] Bluetooth: hci4: command tx timeout
[   74.403616] Bluetooth: hci7: command tx timeout
[   74.468587] Bluetooth: hci6: command tx timeout

VM DIAGNOSIS:
15:53:17  Registers:
info registers vcpu 0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8293dd05 RDI=ffffffff889747c0 RBP=ffffffff88974780 RSP=ffff888013f47618
R8 =0000000000000000 R9 =ffffed100167e046 R10=0000000000000030 R11=000000003a555043
R12=0000000000000030 R13=0000000000000010 R14=ffffffff88974780 R15=ffffffff8293dcf0
RIP=ffffffff8293dd5d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e538f000 00000000 00000000
LDT=0000 fffffe1600000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000564b33f38c70 CR3=000000000c018000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffffffffffff00000000 XMM01=696e752f646d65747379732f6e75722f
XMM02=00000000000000000000000000000000 XMM03=00656369767265732e6c6c696b66722d
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=0000564b33fb13d00000564b34033c20
XMM06=0000564b33f3dae00000564b34038a70 XMM07=00000000000000000000000000000000
XMM08=696e752f646d65747379732f6e75722f XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88806ce3e9e0 RCX=ffffffff8169b13c RDX=ffff888013ef9bc0
RSI=ffffffff8169b116 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888018c5f6e8
R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000001 R11=1ffff1100d9e6c41
R12=ffffed100d9c7d3d R13=ffff88806ce3e9e8 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff8169b118 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f98aa3658c0 00000000 00000000
GS =0000 ffff8880e548f000 00000000 00000000
LDT=0000 fffffe6a00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f08334b3efc CR3=000000000cae3000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f2724c5c7c000007f2724c5c7c8
XMM02=00007f2724c5c7e000007f2724c5c7c0 XMM03=00007f2724c5c7c800007f2724c5c7c0
XMM04=ffffffffffffffffffffffffffffff00 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000