Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:10751' (ECDSA) to the list of known hosts.
2025/11/15 19:20:36 fuzzer started
2025/11/15 19:20:36 dialing manager at localhost:37161
syzkaller login: [   50.905447] cgroup: Unknown subsys name 'net'
[   50.954140] cgroup: Unknown subsys name 'cpuset'
[   50.965392] cgroup: Unknown subsys name 'rlimit'
2025/11/15 19:20:46 syscalls: 2214
2025/11/15 19:20:46 code coverage: enabled
2025/11/15 19:20:46 comparison tracing: enabled
2025/11/15 19:20:46 extra coverage: enabled
2025/11/15 19:20:46 setuid sandbox: enabled
2025/11/15 19:20:46 namespace sandbox: enabled
2025/11/15 19:20:46 Android sandbox: enabled
2025/11/15 19:20:46 fault injection: enabled
2025/11/15 19:20:46 leak checking: enabled
2025/11/15 19:20:46 net packet injection: enabled
2025/11/15 19:20:46 net device setup: enabled
2025/11/15 19:20:46 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/11/15 19:20:46 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/11/15 19:20:46 USB emulation: enabled
2025/11/15 19:20:46 hci packet injection: enabled
2025/11/15 19:20:46 wifi device emulation: enabled
2025/11/15 19:20:46 802.15.4 emulation: enabled
2025/11/15 19:20:46 fetching corpus: 50, signal 28158/29936 (executing program)
2025/11/15 19:20:46 fetching corpus: 100, signal 41616/45012 (executing program)
2025/11/15 19:20:46 fetching corpus: 150, signal 48662/53596 (executing program)
2025/11/15 19:20:46 fetching corpus: 200, signal 55845/62266 (executing program)
2025/11/15 19:20:47 fetching corpus: 250, signal 59328/67225 (executing program)
2025/11/15 19:20:47 fetching corpus: 300, signal 62973/72290 (executing program)
2025/11/15 19:20:47 fetching corpus: 350, signal 67626/78255 (executing program)
2025/11/15 19:20:47 fetching corpus: 400, signal 70065/82041 (executing program)
2025/11/15 19:20:47 fetching corpus: 450, signal 75684/88780 (executing program)
2025/11/15 19:20:47 fetching corpus: 500, signal 77796/92199 (executing program)
2025/11/15 19:20:47 fetching corpus: 550, signal 82534/97999 (executing program)
2025/11/15 19:20:47 fetching corpus: 600, signal 84530/101208 (executing program)
2025/11/15 19:20:47 fetching corpus: 650, signal 88119/105846 (executing program)
2025/11/15 19:20:48 fetching corpus: 700, signal 89869/108780 (executing program)
2025/11/15 19:20:48 fetching corpus: 750, signal 91993/112011 (executing program)
2025/11/15 19:20:48 fetching corpus: 800, signal 94772/115845 (executing program)
2025/11/15 19:20:48 fetching corpus: 850, signal 96741/118848 (executing program)
2025/11/15 19:20:48 fetching corpus: 900, signal 98517/121686 (executing program)
2025/11/15 19:20:48 fetching corpus: 950, signal 100123/124367 (executing program)
2025/11/15 19:20:48 fetching corpus: 1000, signal 103270/128307 (executing program)
2025/11/15 19:20:48 fetching corpus: 1050, signal 105093/131090 (executing program)
2025/11/15 19:20:48 fetching corpus: 1100, signal 106197/133239 (executing program)
2025/11/15 19:20:49 fetching corpus: 1150, signal 108197/136088 (executing program)
2025/11/15 19:20:49 fetching corpus: 1200, signal 110377/139090 (executing program)
2025/11/15 19:20:49 fetching corpus: 1250, signal 111775/141440 (executing program)
2025/11/15 19:20:49 fetching corpus: 1300, signal 113759/144276 (executing program)
2025/11/15 19:20:49 fetching corpus: 1350, signal 115317/146688 (executing program)
2025/11/15 19:20:49 fetching corpus: 1400, signal 116430/148736 (executing program)
2025/11/15 19:20:49 fetching corpus: 1450, signal 117557/150751 (executing program)
2025/11/15 19:20:49 fetching corpus: 1500, signal 119150/153114 (executing program)
2025/11/15 19:20:50 fetching corpus: 1550, signal 120213/155032 (executing program)
2025/11/15 19:20:50 fetching corpus: 1600, signal 122190/157686 (executing program)
2025/11/15 19:20:50 fetching corpus: 1650, signal 124032/160213 (executing program)
2025/11/15 19:20:50 fetching corpus: 1700, signal 125957/162712 (executing program)
2025/11/15 19:20:50 fetching corpus: 1750, signal 127118/164737 (executing program)
2025/11/15 19:20:50 fetching corpus: 1800, signal 129090/167310 (executing program)
2025/11/15 19:20:50 fetching corpus: 1850, signal 130634/169521 (executing program)
2025/11/15 19:20:50 fetching corpus: 1900, signal 131665/171374 (executing program)
2025/11/15 19:20:50 fetching corpus: 1950, signal 133174/173472 (executing program)
2025/11/15 19:20:50 fetching corpus: 2000, signal 134612/175504 (executing program)
2025/11/15 19:20:51 fetching corpus: 2050, signal 135949/177449 (executing program)
2025/11/15 19:20:51 fetching corpus: 2100, signal 137201/179306 (executing program)
2025/11/15 19:20:51 fetching corpus: 2150, signal 138172/180954 (executing program)
2025/11/15 19:20:51 fetching corpus: 2200, signal 139132/182600 (executing program)
2025/11/15 19:20:51 fetching corpus: 2250, signal 140368/184410 (executing program)
2025/11/15 19:20:51 fetching corpus: 2300, signal 141708/186270 (executing program)
2025/11/15 19:20:51 fetching corpus: 2350, signal 142346/187681 (executing program)
2025/11/15 19:20:51 fetching corpus: 2400, signal 143015/189119 (executing program)
2025/11/15 19:20:51 fetching corpus: 2450, signal 143839/190600 (executing program)
2025/11/15 19:20:51 fetching corpus: 2500, signal 144617/192084 (executing program)
2025/11/15 19:20:52 fetching corpus: 2550, signal 146107/194006 (executing program)
2025/11/15 19:20:52 fetching corpus: 2600, signal 146904/195454 (executing program)
2025/11/15 19:20:52 fetching corpus: 2650, signal 147628/196874 (executing program)
2025/11/15 19:20:52 fetching corpus: 2700, signal 148587/198446 (executing program)
2025/11/15 19:20:52 fetching corpus: 2750, signal 149375/199843 (executing program)
2025/11/15 19:20:52 fetching corpus: 2800, signal 150182/201245 (executing program)
2025/11/15 19:20:52 fetching corpus: 2850, signal 151247/202800 (executing program)
2025/11/15 19:20:52 fetching corpus: 2900, signal 152081/204158 (executing program)
2025/11/15 19:20:52 fetching corpus: 2950, signal 152532/205287 (executing program)
2025/11/15 19:20:52 fetching corpus: 3000, signal 153413/206678 (executing program)
2025/11/15 19:20:52 fetching corpus: 3050, signal 154106/207930 (executing program)
2025/11/15 19:20:53 fetching corpus: 3100, signal 154835/209225 (executing program)
2025/11/15 19:20:53 fetching corpus: 3150, signal 155358/210379 (executing program)
2025/11/15 19:20:53 fetching corpus: 3200, signal 155867/211491 (executing program)
2025/11/15 19:20:53 fetching corpus: 3250, signal 156656/212792 (executing program)
2025/11/15 19:20:53 fetching corpus: 3300, signal 157463/214045 (executing program)
2025/11/15 19:20:53 fetching corpus: 3350, signal 158037/215223 (executing program)
2025/11/15 19:20:53 fetching corpus: 3400, signal 158634/216422 (executing program)
2025/11/15 19:20:53 fetching corpus: 3450, signal 159232/217555 (executing program)
2025/11/15 19:20:53 fetching corpus: 3500, signal 160066/218813 (executing program)
2025/11/15 19:20:53 fetching corpus: 3550, signal 160679/219925 (executing program)
2025/11/15 19:20:54 fetching corpus: 3600, signal 161216/221025 (executing program)
2025/11/15 19:20:54 fetching corpus: 3650, signal 162416/222433 (executing program)
2025/11/15 19:20:54 fetching corpus: 3700, signal 163181/223579 (executing program)
2025/11/15 19:20:54 fetching corpus: 3750, signal 163779/224687 (executing program)
2025/11/15 19:20:54 fetching corpus: 3800, signal 164373/225749 (executing program)
2025/11/15 19:20:54 fetching corpus: 3850, signal 164921/226804 (executing program)
2025/11/15 19:20:54 fetching corpus: 3900, signal 165367/227806 (executing program)
2025/11/15 19:20:54 fetching corpus: 3950, signal 166206/228967 (executing program)
2025/11/15 19:20:54 fetching corpus: 4000, signal 167161/230130 (executing program)
2025/11/15 19:20:54 fetching corpus: 4050, signal 168137/231338 (executing program)
2025/11/15 19:20:55 fetching corpus: 4100, signal 168739/232344 (executing program)
2025/11/15 19:20:55 fetching corpus: 4150, signal 169280/233312 (executing program)
2025/11/15 19:20:55 fetching corpus: 4200, signal 169672/234270 (executing program)
2025/11/15 19:20:55 fetching corpus: 4250, signal 170143/235225 (executing program)
2025/11/15 19:20:55 fetching corpus: 4300, signal 170573/236207 (executing program)
2025/11/15 19:20:55 fetching corpus: 4350, signal 171052/237142 (executing program)
2025/11/15 19:20:55 fetching corpus: 4400, signal 171840/238191 (executing program)
2025/11/15 19:20:55 fetching corpus: 4450, signal 172949/239331 (executing program)
2025/11/15 19:20:55 fetching corpus: 4500, signal 173493/240278 (executing program)
2025/11/15 19:20:55 fetching corpus: 4550, signal 173870/241160 (executing program)
2025/11/15 19:20:55 fetching corpus: 4600, signal 174234/242026 (executing program)
2025/11/15 19:20:56 fetching corpus: 4650, signal 174841/242989 (executing program)
2025/11/15 19:20:56 fetching corpus: 4700, signal 175464/243938 (executing program)
2025/11/15 19:20:56 fetching corpus: 4750, signal 175920/244820 (executing program)
2025/11/15 19:20:56 fetching corpus: 4800, signal 176284/245648 (executing program)
2025/11/15 19:20:56 fetching corpus: 4850, signal 176702/246538 (executing program)
2025/11/15 19:20:56 fetching corpus: 4900, signal 177255/247391 (executing program)
2025/11/15 19:20:56 fetching corpus: 4950, signal 178207/248456 (executing program)
2025/11/15 19:20:56 fetching corpus: 5000, signal 178592/249304 (executing program)
2025/11/15 19:20:56 fetching corpus: 5050, signal 178972/250107 (executing program)
2025/11/15 19:20:56 fetching corpus: 5100, signal 179523/250957 (executing program)
2025/11/15 19:20:57 fetching corpus: 5150, signal 180056/251848 (executing program)
2025/11/15 19:20:57 fetching corpus: 5200, signal 180390/252625 (executing program)
2025/11/15 19:20:57 fetching corpus: 5250, signal 180739/253398 (executing program)
2025/11/15 19:20:57 fetching corpus: 5300, signal 181385/254220 (executing program)
2025/11/15 19:20:57 fetching corpus: 5350, signal 181830/255002 (executing program)
2025/11/15 19:20:57 fetching corpus: 5400, signal 182229/255727 (executing program)
2025/11/15 19:20:57 fetching corpus: 5450, signal 182859/256562 (executing program)
2025/11/15 19:20:57 fetching corpus: 5500, signal 183280/257343 (executing program)
2025/11/15 19:20:57 fetching corpus: 5550, signal 183672/258112 (executing program)
2025/11/15 19:20:57 fetching corpus: 5600, signal 184179/258872 (executing program)
2025/11/15 19:20:58 fetching corpus: 5650, signal 184639/259591 (executing program)
2025/11/15 19:20:58 fetching corpus: 5700, signal 185101/260314 (executing program)
2025/11/15 19:20:58 fetching corpus: 5750, signal 185634/261042 (executing program)
2025/11/15 19:20:58 fetching corpus: 5800, signal 185966/261752 (executing program)
2025/11/15 19:20:58 fetching corpus: 5850, signal 186320/262443 (executing program)
2025/11/15 19:20:58 fetching corpus: 5900, signal 186631/263150 (executing program)
2025/11/15 19:20:58 fetching corpus: 5950, signal 186979/263823 (executing program)
2025/11/15 19:20:58 fetching corpus: 6000, signal 187661/264556 (executing program)
2025/11/15 19:20:58 fetching corpus: 6050, signal 187919/265200 (executing program)
2025/11/15 19:20:58 fetching corpus: 6100, signal 188338/265912 (executing program)
2025/11/15 19:20:59 fetching corpus: 6150, signal 188722/266617 (executing program)
2025/11/15 19:20:59 fetching corpus: 6200, signal 189086/267270 (executing program)
2025/11/15 19:20:59 fetching corpus: 6250, signal 189418/267930 (executing program)
2025/11/15 19:20:59 fetching corpus: 6300, signal 189768/268604 (executing program)
2025/11/15 19:20:59 fetching corpus: 6350, signal 190034/269263 (executing program)
2025/11/15 19:20:59 fetching corpus: 6400, signal 190425/269895 (executing program)
2025/11/15 19:20:59 fetching corpus: 6450, signal 191226/270557 (executing program)
2025/11/15 19:20:59 fetching corpus: 6500, signal 191696/271242 (executing program)
2025/11/15 19:20:59 fetching corpus: 6550, signal 192139/271877 (executing program)
2025/11/15 19:20:59 fetching corpus: 6600, signal 192471/272509 (executing program)
2025/11/15 19:21:00 fetching corpus: 6650, signal 192815/273112 (executing program)
2025/11/15 19:21:00 fetching corpus: 6700, signal 193194/273748 (executing program)
2025/11/15 19:21:00 fetching corpus: 6750, signal 193548/274354 (executing program)
2025/11/15 19:21:00 fetching corpus: 6800, signal 193960/274951 (executing program)
2025/11/15 19:21:00 fetching corpus: 6850, signal 194241/275533 (executing program)
2025/11/15 19:21:00 fetching corpus: 6900, signal 194589/276123 (executing program)
2025/11/15 19:21:00 fetching corpus: 6950, signal 195000/276149 (executing program)
2025/11/15 19:21:00 fetching corpus: 7000, signal 195335/276151 (executing program)
2025/11/15 19:21:00 fetching corpus: 7050, signal 195502/276151 (executing program)
2025/11/15 19:21:00 fetching corpus: 7100, signal 195763/276151 (executing program)
2025/11/15 19:21:00 fetching corpus: 7150, signal 196218/276151 (executing program)
2025/11/15 19:21:00 fetching corpus: 7200, signal 196535/276151 (executing program)
2025/11/15 19:21:01 fetching corpus: 7250, signal 196854/276151 (executing program)
2025/11/15 19:21:01 fetching corpus: 7300, signal 197093/276151 (executing program)
2025/11/15 19:21:01 fetching corpus: 7350, signal 197336/276151 (executing program)
2025/11/15 19:21:01 fetching corpus: 7400, signal 198364/276151 (executing program)
2025/11/15 19:21:01 fetching corpus: 7450, signal 198837/276151 (executing program)
2025/11/15 19:21:01 fetching corpus: 7500, signal 199314/276151 (executing program)
2025/11/15 19:21:01 fetching corpus: 7550, signal 199584/276151 (executing program)
2025/11/15 19:21:01 fetching corpus: 7600, signal 199867/276152 (executing program)
2025/11/15 19:21:01 fetching corpus: 7650, signal 200205/276152 (executing program)
2025/11/15 19:21:01 fetching corpus: 7700, signal 200637/276152 (executing program)
2025/11/15 19:21:02 fetching corpus: 7750, signal 200919/276152 (executing program)
2025/11/15 19:21:02 fetching corpus: 7800, signal 201149/276152 (executing program)
2025/11/15 19:21:02 fetching corpus: 7850, signal 201520/276153 (executing program)
2025/11/15 19:21:02 fetching corpus: 7900, signal 201905/276153 (executing program)
2025/11/15 19:21:02 fetching corpus: 7950, signal 202150/276153 (executing program)
2025/11/15 19:21:02 fetching corpus: 8000, signal 202444/276153 (executing program)
2025/11/15 19:21:02 fetching corpus: 8050, signal 202796/276161 (executing program)
2025/11/15 19:21:02 fetching corpus: 8100, signal 203124/276161 (executing program)
2025/11/15 19:21:02 fetching corpus: 8150, signal 203485/276161 (executing program)
2025/11/15 19:21:02 fetching corpus: 8200, signal 203695/276162 (executing program)
2025/11/15 19:21:02 fetching corpus: 8250, signal 204060/276162 (executing program)
2025/11/15 19:21:02 fetching corpus: 8300, signal 204466/276184 (executing program)
2025/11/15 19:21:03 fetching corpus: 8350, signal 204804/276184 (executing program)
2025/11/15 19:21:03 fetching corpus: 8400, signal 205134/276184 (executing program)
2025/11/15 19:21:03 fetching corpus: 8450, signal 205511/276184 (executing program)
2025/11/15 19:21:03 fetching corpus: 8500, signal 205776/276184 (executing program)
2025/11/15 19:21:03 fetching corpus: 8550, signal 206068/276184 (executing program)
2025/11/15 19:21:03 fetching corpus: 8600, signal 206260/276184 (executing program)
2025/11/15 19:21:03 fetching corpus: 8650, signal 206579/276184 (executing program)
2025/11/15 19:21:03 fetching corpus: 8700, signal 206802/276184 (executing program)
2025/11/15 19:21:03 fetching corpus: 8750, signal 207138/276184 (executing program)
2025/11/15 19:21:03 fetching corpus: 8800, signal 207616/276189 (executing program)
2025/11/15 19:21:03 fetching corpus: 8850, signal 207845/276190 (executing program)
2025/11/15 19:21:04 fetching corpus: 8900, signal 208177/276190 (executing program)
2025/11/15 19:21:04 fetching corpus: 8950, signal 208809/276190 (executing program)
2025/11/15 19:21:04 fetching corpus: 9000, signal 209092/276190 (executing program)
2025/11/15 19:21:04 fetching corpus: 9050, signal 209463/276201 (executing program)
2025/11/15 19:21:04 fetching corpus: 9100, signal 209812/276201 (executing program)
2025/11/15 19:21:04 fetching corpus: 9150, signal 210066/276201 (executing program)
2025/11/15 19:21:04 fetching corpus: 9200, signal 210418/276201 (executing program)
2025/11/15 19:21:04 fetching corpus: 9250, signal 210677/276204 (executing program)
2025/11/15 19:21:04 fetching corpus: 9300, signal 210877/276204 (executing program)
2025/11/15 19:21:04 fetching corpus: 9350, signal 211200/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9400, signal 211376/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9450, signal 211575/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9500, signal 211801/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9550, signal 212077/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9600, signal 212306/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9650, signal 212649/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9700, signal 212978/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9750, signal 213193/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9800, signal 213635/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9850, signal 213862/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9900, signal 214224/276204 (executing program)
2025/11/15 19:21:05 fetching corpus: 9950, signal 214382/276204 (executing program)
2025/11/15 19:21:06 fetching corpus: 10000, signal 214720/276204 (executing program)
2025/11/15 19:21:06 fetching corpus: 10050, signal 214937/276204 (executing program)
2025/11/15 19:21:06 fetching corpus: 10100, signal 215351/276204 (executing program)
2025/11/15 19:21:06 fetching corpus: 10150, signal 215794/276204 (executing program)
2025/11/15 19:21:06 fetching corpus: 10200, signal 216017/276204 (executing program)
2025/11/15 19:21:06 fetching corpus: 10250, signal 216318/276204 (executing program)
2025/11/15 19:21:06 fetching corpus: 10300, signal 216516/276204 (executing program)
2025/11/15 19:21:06 fetching corpus: 10350, signal 216709/276204 (executing program)
2025/11/15 19:21:06 fetching corpus: 10400, signal 216927/276204 (executing program)
2025/11/15 19:21:06 fetching corpus: 10450, signal 217550/276204 (executing program)
2025/11/15 19:21:07 fetching corpus: 10500, signal 217736/276204 (executing program)
2025/11/15 19:21:07 fetching corpus: 10550, signal 217924/276204 (executing program)
2025/11/15 19:21:07 fetching corpus: 10600, signal 218210/276204 (executing program)
2025/11/15 19:21:07 fetching corpus: 10650, signal 218399/276204 (executing program)
2025/11/15 19:21:07 fetching corpus: 10700, signal 218619/276204 (executing program)
2025/11/15 19:21:07 fetching corpus: 10750, signal 218811/276204 (executing program)
2025/11/15 19:21:07 fetching corpus: 10800, signal 219085/276204 (executing program)
2025/11/15 19:21:07 fetching corpus: 10850, signal 219288/276204 (executing program)
2025/11/15 19:21:07 fetching corpus: 10900, signal 219524/276204 (executing program)
2025/11/15 19:21:07 fetching corpus: 10950, signal 219819/276204 (executing program)
2025/11/15 19:21:08 fetching corpus: 11000, signal 220088/276204 (executing program)
2025/11/15 19:21:08 fetching corpus: 11050, signal 220279/276204 (executing program)
2025/11/15 19:21:08 fetching corpus: 11100, signal 220469/276204 (executing program)
2025/11/15 19:21:08 fetching corpus: 11150, signal 220650/276204 (executing program)
2025/11/15 19:21:08 fetching corpus: 11200, signal 220931/276204 (executing program)
2025/11/15 19:21:08 fetching corpus: 11250, signal 221159/276204 (executing program)
2025/11/15 19:21:08 fetching corpus: 11300, signal 221346/276204 (executing program)
2025/11/15 19:21:08 fetching corpus: 11350, signal 221567/276204 (executing program)
2025/11/15 19:21:08 fetching corpus: 11400, signal 221734/276204 (executing program)
2025/11/15 19:21:08 fetching corpus: 11450, signal 221958/276204 (executing program)
2025/11/15 19:21:08 fetching corpus: 11500, signal 222184/276204 (executing program)
2025/11/15 19:21:09 fetching corpus: 11550, signal 222340/276204 (executing program)
2025/11/15 19:21:09 fetching corpus: 11600, signal 222464/276204 (executing program)
2025/11/15 19:21:09 fetching corpus: 11650, signal 222695/276204 (executing program)
2025/11/15 19:21:09 fetching corpus: 11700, signal 222862/276204 (executing program)
2025/11/15 19:21:09 fetching corpus: 11750, signal 223087/276204 (executing program)
2025/11/15 19:21:09 fetching corpus: 11800, signal 223345/276204 (executing program)
2025/11/15 19:21:09 fetching corpus: 11850, signal 223522/276204 (executing program)
2025/11/15 19:21:09 fetching corpus: 11900, signal 223742/276204 (executing program)
2025/11/15 19:21:09 fetching corpus: 11950, signal 224097/276204 (executing program)
2025/11/15 19:21:09 fetching corpus: 12000, signal 224364/276204 (executing program)
2025/11/15 19:21:09 fetching corpus: 12050, signal 224560/276204 (executing program)
2025/11/15 19:21:10 fetching corpus: 12100, signal 224732/276204 (executing program)
2025/11/15 19:21:10 fetching corpus: 12150, signal 224997/276206 (executing program)
2025/11/15 19:21:10 fetching corpus: 12200, signal 225270/276206 (executing program)
2025/11/15 19:21:10 fetching corpus: 12250, signal 225493/276206 (executing program)
2025/11/15 19:21:10 fetching corpus: 12300, signal 225731/276206 (executing program)
2025/11/15 19:21:10 fetching corpus: 12350, signal 225944/276206 (executing program)
2025/11/15 19:21:10 fetching corpus: 12400, signal 226138/276206 (executing program)
2025/11/15 19:21:10 fetching corpus: 12450, signal 226297/276206 (executing program)
2025/11/15 19:21:10 fetching corpus: 12500, signal 226499/276206 (executing program)
2025/11/15 19:21:11 fetching corpus: 12550, signal 226707/276206 (executing program)
2025/11/15 19:21:11 fetching corpus: 12600, signal 226898/276206 (executing program)
2025/11/15 19:21:11 fetching corpus: 12650, signal 227098/276206 (executing program)
2025/11/15 19:21:11 fetching corpus: 12700, signal 227332/276206 (executing program)
2025/11/15 19:21:11 fetching corpus: 12750, signal 227559/276206 (executing program)
2025/11/15 19:21:11 fetching corpus: 12800, signal 227746/276206 (executing program)
2025/11/15 19:21:11 fetching corpus: 12850, signal 227859/276206 (executing program)
2025/11/15 19:21:11 fetching corpus: 12900, signal 228059/276206 (executing program)
2025/11/15 19:21:11 fetching corpus: 12950, signal 228312/276206 (executing program)
2025/11/15 19:21:11 fetching corpus: 13000, signal 228486/276206 (executing program)
2025/11/15 19:21:11 fetching corpus: 13050, signal 228671/276206 (executing program)
2025/11/15 19:21:12 fetching corpus: 13100, signal 228807/276209 (executing program)
2025/11/15 19:21:12 fetching corpus: 13150, signal 228983/276209 (executing program)
2025/11/15 19:21:12 fetching corpus: 13200, signal 229255/276209 (executing program)
2025/11/15 19:21:12 fetching corpus: 13250, signal 229530/276209 (executing program)
2025/11/15 19:21:12 fetching corpus: 13300, signal 229753/276209 (executing program)
2025/11/15 19:21:12 fetching corpus: 13350, signal 229910/276209 (executing program)
2025/11/15 19:21:12 fetching corpus: 13400, signal 230072/276209 (executing program)
2025/11/15 19:21:12 fetching corpus: 13450, signal 230266/276209 (executing program)
2025/11/15 19:21:12 fetching corpus: 13500, signal 230443/276209 (executing program)
2025/11/15 19:21:12 fetching corpus: 13550, signal 230696/276209 (executing program)
2025/11/15 19:21:13 fetching corpus: 13600, signal 230889/276209 (executing program)
2025/11/15 19:21:13 fetching corpus: 13650, signal 231020/276209 (executing program)
2025/11/15 19:21:13 fetching corpus: 13700, signal 231190/276209 (executing program)
2025/11/15 19:21:13 fetching corpus: 13750, signal 231442/276209 (executing program)
2025/11/15 19:21:13 fetching corpus: 13800, signal 231647/276209 (executing program)
2025/11/15 19:21:13 fetching corpus: 13850, signal 231838/276209 (executing program)
2025/11/15 19:21:13 fetching corpus: 13900, signal 232022/276209 (executing program)
2025/11/15 19:21:13 fetching corpus: 13950, signal 232217/276209 (executing program)
2025/11/15 19:21:13 fetching corpus: 14000, signal 232440/276209 (executing program)
2025/11/15 19:21:13 fetching corpus: 14050, signal 232587/276209 (executing program)
2025/11/15 19:21:13 fetching corpus: 14100, signal 232840/276209 (executing program)
2025/11/15 19:21:14 fetching corpus: 14150, signal 233105/276209 (executing program)
2025/11/15 19:21:14 fetching corpus: 14200, signal 233246/276209 (executing program)
2025/11/15 19:21:14 fetching corpus: 14250, signal 233455/276209 (executing program)
2025/11/15 19:21:14 fetching corpus: 14300, signal 233658/276209 (executing program)
2025/11/15 19:21:14 fetching corpus: 14350, signal 233864/276209 (executing program)
2025/11/15 19:21:14 fetching corpus: 14400, signal 234075/276209 (executing program)
2025/11/15 19:21:14 fetching corpus: 14450, signal 234317/276209 (executing program)
2025/11/15 19:21:14 fetching corpus: 14500, signal 234444/276209 (executing program)
2025/11/15 19:21:14 fetching corpus: 14550, signal 234563/276209 (executing program)
2025/11/15 19:21:14 fetching corpus: 14600, signal 234740/276209 (executing program)
2025/11/15 19:21:14 fetching corpus: 14650, signal 234950/276209 (executing program)
2025/11/15 19:21:15 fetching corpus: 14700, signal 235108/276209 (executing program)
2025/11/15 19:21:15 fetching corpus: 14750, signal 235301/276209 (executing program)
2025/11/15 19:21:15 fetching corpus: 14800, signal 235480/276209 (executing program)
2025/11/15 19:21:15 fetching corpus: 14850, signal 235635/276209 (executing program)
2025/11/15 19:21:15 fetching corpus: 14900, signal 235852/276209 (executing program)
2025/11/15 19:21:15 fetching corpus: 14950, signal 235988/276209 (executing program)
2025/11/15 19:21:15 fetching corpus: 15000, signal 236120/276209 (executing program)
2025/11/15 19:21:15 fetching corpus: 15050, signal 236307/276209 (executing program)
2025/11/15 19:21:15 fetching corpus: 15100, signal 236468/276209 (executing program)
2025/11/15 19:21:16 fetching corpus: 15150, signal 236635/276209 (executing program)
2025/11/15 19:21:16 fetching corpus: 15200, signal 236858/276209 (executing program)
2025/11/15 19:21:16 fetching corpus: 15250, signal 237090/276209 (executing program)
2025/11/15 19:21:16 fetching corpus: 15300, signal 237254/276209 (executing program)
2025/11/15 19:21:16 fetching corpus: 15350, signal 237427/276209 (executing program)
2025/11/15 19:21:16 fetching corpus: 15400, signal 237607/276209 (executing program)
2025/11/15 19:21:16 fetching corpus: 15450, signal 237756/276209 (executing program)
2025/11/15 19:21:16 fetching corpus: 15500, signal 237940/276209 (executing program)
2025/11/15 19:21:16 fetching corpus: 15550, signal 238128/276209 (executing program)
2025/11/15 19:21:16 fetching corpus: 15600, signal 238281/276209 (executing program)
2025/11/15 19:21:16 fetching corpus: 15650, signal 238517/276209 (executing program)
2025/11/15 19:21:17 fetching corpus: 15700, signal 238667/276209 (executing program)
2025/11/15 19:21:17 fetching corpus: 15750, signal 238796/276209 (executing program)
2025/11/15 19:21:17 fetching corpus: 15800, signal 238975/276209 (executing program)
2025/11/15 19:21:17 fetching corpus: 15850, signal 239120/276209 (executing program)
2025/11/15 19:21:17 fetching corpus: 15900, signal 239240/276209 (executing program)
2025/11/15 19:21:17 fetching corpus: 15950, signal 239388/276209 (executing program)
2025/11/15 19:21:17 fetching corpus: 16000, signal 239557/276209 (executing program)
2025/11/15 19:21:17 fetching corpus: 16050, signal 239752/276209 (executing program)
2025/11/15 19:21:17 fetching corpus: 16100, signal 239920/276209 (executing program)
2025/11/15 19:21:17 fetching corpus: 16150, signal 240056/276209 (executing program)
2025/11/15 19:21:17 fetching corpus: 16200, signal 240316/276209 (executing program)
2025/11/15 19:21:18 fetching corpus: 16250, signal 240448/276209 (executing program)
2025/11/15 19:21:18 fetching corpus: 16300, signal 240582/276209 (executing program)
2025/11/15 19:21:18 fetching corpus: 16348, signal 240737/276209 (executing program)
2025/11/15 19:21:18 fetching corpus: 16348, signal 240737/276209 (executing program)
2025/11/15 19:21:19 starting 8 fuzzer processes
19:21:19 executing program 0:
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x4d423e07ef7fa3e5, &(0x7f0000000000)={0x8, {{0xa, 0x4e20, 0x6, @local, 0x1ff}}, {{0xa, 0x4e22, 0xfffffffe, @ipv4={'\x00', '\xff\xff', @remote}, 0x5ac4}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000140)={0x2, {{0xa, 0x4e21, 0x1, @empty, 0x1}}, {{0xa, 0x4e22, 0x8, @remote, 0x3}}}, 0x108)
ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8936, &(0x7f0000000280)={@loopback, 0x43})
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000002c0), 0x8400, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000300)={0x6731, {{0xa, 0x4e20, 0x9, @local, 0x9}}, {{0xa, 0x4e22, 0xaf2a, @local, 0xffffffff}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2c, &(0x7f0000000440)={0x9, {{0xa, 0x4e22, 0x8, @dev={0xfe, 0x80, '\x00', 0x1c}, 0x3f}}, {{0xa, 0x4e22, 0x101, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3f}}}, 0x108)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000580), 0x16802, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000680)={'syztnl0\x00', &(0x7f0000000600)={'syztnl0\x00', <r2=>0x0, 0x2f, 0x1, 0x60, 0x0, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @broadcast}, 0x8, 0x80, 0x7644, 0xea0}})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000006c0)={'vcan0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r1, &(0x7f0000000880)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)={0x138, 0x0, 0x20, 0x70bd2a, 0x25dfdbfe, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x4}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
lseek(0xffffffffffffffff, 0x0, 0x6)
r4 = fsmount(r0, 0x0, 0x4)
setsockopt$inet6_group_source_req(r4, 0x29, 0x0, &(0x7f00000008c0)={0x0, {{0xa, 0x4e21, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8}}, {{0xa, 0x4e20, 0x73e3, @loopback, 0x1}}}, 0x108)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a40), r1)
sendmsg$NL80211_CMD_RADAR_DETECT(r4, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x24, r5, 0x300, 0x70bd28, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008001}, 0xc000)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, &(0x7f0000000b40)={0x4, {{0xa, 0x4e21, 0x80000001, @dev={0xfe, 0x80, '\x00', 0x3d}, 0x7fff}}, {{0xa, 0x4e23, 0x2, @local}}}, 0x108)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r6)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x7, &(0x7f0000000c80)={0xff, 0x4, 0x5, 0x9}, 0x10)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000cc0)={0x8001, {{0xa, 0x4e23, 0x7d, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x5e1cf52c}}, {{0xa, 0x4e20, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3}}}, 0x108)

19:21:19 executing program 7:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000))
r1 = syz_open_dev$vcsn(&(0x7f0000000040), 0x100000001, 0x200001)
ioctl$sock_bt_hci(r1, 0x400448cb, &(0x7f0000000080)="d88ffabe4ed4a90f322ca85b3ea6108ae002360583a9862db7c32f95e3131d30184ff30aeabf252b44e9936e")
ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff}, './file0\x00'})
io_submit(0x0, 0x4, &(0x7f00000004c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0xb, 0x2, r1, &(0x7f00000000c0)="797fe99a2acd940a56935c80751581843bbeaa8df5cd66a275c6e08abfb24f38203c868f35e3bd164c9c92db2ef040c1b30c1c5656fdb5b5afc56d37542916f24b8956cfd09c7cdc152036103f4b7e5646fa30a375586a269dd8bc037acbd276f60a6c12aa52a77e29757968fd72f06fb5d47fbb76851130feeb1e077e491181987f524c9e52748b512674d7ccebcc4838d0f734351b37", 0x97, 0xbe9, 0x0, 0x2}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x1000, r0, &(0x7f00000001c0)="c474139efb686cd3ee548b668a6f35d6b0d3d9d84fb9fcddb592fa133d0216dd4fe08cc5c6d600f77e20861b8bf129c47b12db97e823a101bce0f54b41c9f756b43a781ef63b67f5226b306e5157169e61c528856e4c5e73c245b5313a2e01b57f5862260bf3089fe1758f01ec427c7c1f71c83b769f02b6e06db5413423f8972679287d3e6eab40740bc79b7cf207b82ebf62c44d25ead932df00", 0x9b, 0x3, 0x0, 0x3}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x3, 0x6, r2, &(0x7f0000000300)="94594ff0fd1dc3e6b656e5e44ad9760ed86f27cb74d9d67415ed7abf42360a1a544ebd6e0f6aa648183c032a6762b61e4c50fed257658b5b14f6466f7ec0e9b9bef3cb20897b07fbb13e59b56e36d9b2aa1dae7101d8cb1f14c1b6ab2c4918b82bf68f8ed376f179460c8e8792fb16b7c3f39ebb5858646968e521de71e698bb4cb032c2678eda8b414bceca61b3713fda7e8484bff99f6b380f4f4e947846ee3c5ef1f1304b626b80572343fba9cc34b42c312b10eaa6580d13c736cdf4b5f625e9e6b95bd21f2d4288983f12e11a1ef31ba3fc39654a27b6a4e49e6ac3cd09ce03149b85ab9f0b40e1", 0xea, 0xfffffffffffffff7, 0x0, 0x2, r1}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x5, 0x4, r0, &(0x7f0000000440)="feb56a551710cc48316da0a946aa54", 0xf, 0x4, 0x0, 0x3}])
r3 = dup(r2)
accept4$inet(r3, &(0x7f0000000500)={0x2, 0x0, @private}, &(0x7f0000000540)=0x10, 0x400)
ioctl$HIDIOCGFEATURE(r3, 0xc0404807, &(0x7f0000000580)={0x83, "c0f134c18278051fa8009775b0980be109ef7b237d4dd3631b2d23b5041575198dcc81aa5b5a37d73ac39dc4da4f78c76b9f525baaa42dcf68cd87dca17987a9"})
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r1, &(0x7f0000000800)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000007c0)={&(0x7f0000000640)={0x144, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc, 0x8f, 0x2}, {0xc, 0x90, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x8}, {0xc, 0x90, 0x1000}}, {@pci={{0x8}, {0x11}}, {0x8}, {0xc, 0x8f, 0x4}, {0xc, 0x90, 0x3ff}}, {@pci={{0x8}, {0x11}}, {0x8}, {0xc, 0x8f, 0xfffffffffffffc00}, {0xc, 0x90, 0x2}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}, {0xc}, {0xc, 0x90, 0x9}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8000}, 0xc010)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000900)={&(0x7f0000000880)={0x80, 0x0, 0x8, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast2}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x2d}}, @NLBL_UNLABEL_A_SECCTX={0x30, 0x7, 'system_u:object_r:system_dbusd_var_lib_t:s0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @ipv4={'\x00', '\xff\xff', @local}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x80}, 0x1, 0x0, 0x0, 0x40048d0}, 0x20008040)
r4 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000980)='.pending_reads\x00', 0x2, 0x100)
r5 = eventfd2(0x5, 0x801)
ioctl$FIDEDUPERANGE(r3, 0xc0189436, &(0x7f00000009c0)={0x401, 0xb8e1, 0x4, 0x0, 0x0, [{{r4}, 0xfff}, {{r1}, 0x8}, {{r5}, 0x81}, {{r2}, 0x8ae3}]})
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), r4)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r2, &(0x7f0000000e80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000e40)={&(0x7f0000000b00)={0x31c, r6, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x4}, {0x6, 0x16, 0x3}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x8000}, {0x8, 0xb, 0x2}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xfffffff7}, {0x6, 0x16, 0x1f}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x9}, {0x8, 0xb, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8}, {0x6, 0x16, 0x4}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x5}, {0x8, 0xb, 0x2}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x7fffffff}, {0x6, 0x16, 0x80}, {0x5}, {0x6, 0x11, 0x9}, {0x8, 0xb, 0x9}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x8}, {0x6, 0x16, 0x2}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x4}, {0x8, 0xb, 0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x101}, {0x6, 0x16, 0x1}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x1}, {0x8, 0xb, 0xffff8a9b}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x7fff}, {0x6, 0x16, 0x2}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x81}, {0x8, 0xb, 0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x96}, {0x6, 0x16, 0x5481}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0xdab8}, {0x8, 0xb, 0x7}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x1}, {0x6, 0x16, 0x3}, {0x5}, {0x6, 0x11, 0x12}, {0x8, 0xb, 0x2}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xfffffff9}, {0x6, 0x16, 0xfffc}, {0x5}, {0x6, 0x11, 0x4}, {0x8, 0xb, 0x100}}]}, 0x31c}, 0x1, 0x0, 0x0, 0x800}, 0x4)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_CALIPSO_C_ADD(r7, &(0x7f0000000f80)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000f00)={0x34, 0x0, 0x20, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x40010)
pwritev2(r3, &(0x7f00000010c0)=[{&(0x7f0000000fc0)="fbce2a6781080578f99c46c642bd6022f993e9c85b8fa746ae7b3ace7ba403bdbf43c50217116ab2c27679b764d63bddb08d1f5428c8d89b6866818dfc51ab1990c074213432eb6c5cd2d7146ca298af20a3f245960e07612a72cf68b08ec4bf300a1b2146f7ae2a55c33e0098c65d65327c9e729b5af5c7251f254f6d6aba744ee889ac3cc9edcc5e5e5f040e155e1c06074690622a6674efd97ce70706b883f52e2c91cdf263fcbdcd4ecd638f78f867087d947667facc01ad12ba392984810d1947df94b757ee7114fe444bc15187bb52f7221ca6af6ae1a1125495a472b84a21a713c4546aaa0fcde89fc88c254024ea0ab737d9cd6d5137", 0xfa}], 0x1, 0x4, 0x6, 0x1e)
creat(&(0x7f0000001100)='./file0\x00', 0x18)

19:21:19 executing program 1:
sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@SEG6_ATTR_SECRET={0x10, 0x4, [0x1, 0x8001, 0x401]}]}, 0x24}, 0x1, 0x0, 0x0, 0x40040}, 0x41)
r0 = syz_open_dev$vcsn(&(0x7f0000000100), 0x9, 0x22000)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x40000041}, 0x41)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x60, r1, 0x300, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}]}, 0x60}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r2 = accept4(r0, &(0x7f0000000400)=@tipc, &(0x7f0000000480)=0x80, 0x80800)
sendmsg$BATADV_CMD_TP_METER_CANCEL(r2, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x58, 0x0, 0x700, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x9}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xcb}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2716ff56}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x50}, 0x24000800)
write$binfmt_elf32(r2, &(0x7f0000000600)={{0x7f, 0x45, 0x4c, 0x46, 0x2, 0xd2, 0x1, 0x3f, 0xfffffffffffffff7, 0x3, 0x6, 0xd13, 0x385, 0x38, 0xe0, 0x5, 0x40, 0x20, 0x1, 0x80, 0x4, 0x3b}, [{0x1, 0x1, 0x87, 0xfff, 0x6, 0x3, 0x81, 0xe816}], "ca319f99360769eb1c359c178d9402b33e8c72c7610c5ee9a99521804f227f63a4f401ac0e4547616ae887e725372e727e265f8987111d27a2e1aa129a58f16a78387d197e67797d5bdf921aab7cf6c4171b3db8fd2b5e27184ba9e3d1f669784c505f9bdc530c715424a261a4e5848bb533e18c0eb165f7f2fb455510c5a279b06135c173c636bc75535e431b056398ded3b6af1f54783ac62079fba378baa3657f857240a1bb33a983c9990cf390ab46b32265132d6fc93d2422da17b3ffdfebb68a802f30ed62ad7f06f04c646f0345", ['\x00', '\x00', '\x00']}, 0x429)
r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000a80), r0)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x30, r3, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000800}, 0x80)
close_range(r2, r0, 0x0)
r4 = open(&(0x7f0000000b80)='./file0\x00', 0x105383, 0x180)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), r2)
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000f80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000c40)={0x2e0, r5, 0x800, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x40}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x24a}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x15}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7f}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}], @NL80211_ATTR_MESH_CONFIG={0x1c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_TTL={0x5, 0x6, 0xa6}, @NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL={0x6, 0x19, 0x7fff}, @NL80211_MESHCONF_CONFIRM_TIMEOUT={0x6, 0x2, 0xe3}]}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_TX_RATES={0x21c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x90, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8001, 0x6, 0x5, 0x1, 0x9, 0xa1eb, 0xa235, 0x762]}}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x6e, 0x36, 0x5, 0x36, 0x4, 0x1b, 0x26, 0x18, 0x2]}, @NL80211_TXRATE_HT={0x49, 0x2, [{0x5, 0x3}, {0x0, 0x9}, {0x4, 0xa}, {0x5}, {0x0, 0x6}, {0x3, 0x2}, {0x1, 0x8}, {0x6, 0x2}, {0x5, 0x3}, {0x5, 0x1}, {0x5, 0x7}, {0x5, 0xa}, {0x2, 0x4}, {0x0, 0x2}, {0x5, 0x1}, {0x7, 0x1}, {0x3, 0x1}, {0x0, 0x4}, {0x7, 0x6}, {0x0, 0x2}, {0x0, 0x1}, {0x1, 0x5}, {0x0, 0xa}, {0x7}, {0x7, 0x2}, {0x6, 0xa}, {0x6}, {0x5, 0x6}, {}, {0x2, 0x8}, {0x1, 0x4}, {0x3, 0xa}, {0x1, 0xa}, {0x3, 0x5}, {0x4, 0x1}, {0x0, 0x4}, {0x0, 0x9}, {}, {0x1, 0x8}, {0x0, 0x4}, {0x7}, {0x0, 0x4}, {0x6, 0xa}, {0x7, 0x4}, {0x1, 0x1}, {0x1}, {0x6, 0x7}, {0x5, 0xa}, {0x2, 0x2}, {0x7, 0x9}, {0x0, 0x6}, {0x2, 0x7}, {0x1, 0xa}, {0x6, 0x4}, {0x6, 0x1}, {0x3}, {0x5}, {0x0, 0x8}, {0x4}, {0x0, 0x6}, {0x0, 0x8}, {0x4, 0x3}, {0x4, 0x2}, {0x0, 0x1}, {0x2, 0x1}, {0x1, 0x8}, {0x1}, {0x7, 0x2}, {0x7, 0x1}]}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x9, 0x6]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x4, 0xc9d, 0x2, 0xf4, 0x1ff, 0x9, 0x3]}}]}, @NL80211_BAND_5GHZ={0x80, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xfff9, 0x2, 0x6, 0x3, 0x3ff, 0xfff, 0xfff, 0xc584]}}, @NL80211_TXRATE_HT={0x6, 0x2, [{0x7, 0x1}, {0x0, 0x2}]}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x18, 0x1b, 0x36, 0x30, 0x4, 0x16, 0x9, 0x6, 0x2, 0x6, 0x2, 0x1, 0x18, 0x3, 0x5, 0x0, 0x5]}, @NL80211_TXRATE_LEGACY={0xf, 0x1, [0x6, 0x2, 0x60, 0x18, 0xc, 0x37, 0x2, 0x18, 0xb, 0xb, 0x2]}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_GI={0x5, 0x4, 0xd758420a413ce903}, @NL80211_TXRATE_HT={0x29, 0x2, [{0x7, 0x8}, {0x1, 0x5}, {0x0, 0x3}, {0x6, 0x7}, {0x3}, {0x1, 0x7}, {0x0, 0x8}, {0x4, 0x2}, {0x6, 0x4}, {0x0, 0x7}, {}, {0x6, 0x7}, {0x6, 0xa}, {0x5, 0x1}, {0x6, 0xa}, {0x3, 0x9}, {0x4}, {0x4, 0x5}, {0x0, 0x6}, {0x6}, {0x5}, {0x0, 0x5}, {0x1, 0x3}, {0x5, 0x1}, {0x6, 0x1}, {0x6}, {0x7, 0x8}, {0x1, 0x6}, {0x3, 0x9}, {0x5, 0x2}, {0x0, 0x7}, {0x1, 0x1}, {0x1, 0x2}, {0x4, 0x1}, {0x3, 0x3}, {0x0, 0xa}, {0x7, 0x6}]}]}, @NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2d, 0x2, [{0x0, 0x9}, {0x0, 0x9}, {0x0, 0x3}, {0x7, 0x5}, {0x7, 0x7}, {0x4, 0x3}, {0x0, 0x8}, {0x6, 0x1}, {0x1, 0x7}, {0x3, 0x5}, {0x1, 0xa}, {0x0, 0x3}, {0x7, 0x2}, {0x5, 0x4}, {0x7, 0x4}, {0x6, 0x6}, {0x3, 0xa}, {0x0, 0x4}, {0x2, 0x7}, {}, {0x7, 0x7}, {0x3, 0xa}, {0x7, 0x3}, {0x6, 0x1}, {0x1, 0x3}, {0x4, 0x8}, {0x4, 0x7}, {0x7, 0x5}, {0x0, 0xd}, {0x5, 0x4}, {0x3, 0x9}, {0x3, 0x8}, {0x7, 0x8}, {0x5, 0x2}, {0x1, 0x6}, {0x2, 0x1}, {0x1, 0xa}, {0x1, 0x4}, {0x2, 0x8}, {0x1, 0x7}, {0x4, 0x9}]}]}, @NL80211_BAND_5GHZ={0x78, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x0, 0x36, 0x24, 0x6, 0x48, 0x5, 0xb, 0x2, 0x24, 0x6c, 0x1b, 0x24, 0x6, 0x12, 0x5, 0x4, 0x30, 0x30, 0x60, 0x2, 0xb]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x3, 0x5, 0x9, 0xccf, 0x101, 0x7f, 0x4]}}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x5, 0x1b, 0x0, 0x6c, 0x4, 0x2]}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x60, 0xc, 0x1, 0x2, 0x48, 0x60, 0xb, 0x12, 0x4, 0xc, 0x6c, 0x7, 0x48, 0xc, 0x1b, 0x18, 0x16, 0x12]}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x1, 0x200, 0x4, 0x3, 0x101, 0x7, 0x6]}}]}, @NL80211_BAND_60GHZ={0x5c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7020, 0xfff9, 0x8000, 0xe92b, 0x0, 0x6, 0x8, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x5, 0x5, 0x3, 0x3, 0x2, 0x1762, 0x7ff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xc6, 0x2, 0x6, 0x8, 0xffc0, 0x9f, 0x0, 0x8]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x882, 0xffff, 0x5, 0x2, 0x1ff, 0xfbff, 0x1ff, 0xdba2]}}]}]}, @NL80211_ATTR_MCAST_RATE={0x8}]}, 0x2e0}}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000fc0)={{0x1, 0x1, 0x18, r4}, './file0\x00'})
sendmsg$NL80211_CMD_SET_QOS_MAP(r4, &(0x7f0000001140)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001100)={&(0x7f0000001040)={0xbc, r1, 0x200, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x580, 0x65}}}}, [@NL80211_ATTR_QOS_MAP={0x2c, 0xc7, {[{0x2, 0x5}, {0x40, 0x3}, {0x2, 0x5}, {0x5, 0x1}, {0xf, 0x6}, {0x3, 0x5}, {0x4, 0x6}, {0xfd}, {0x20, 0x3}, {0x5, 0x6}, {0x7}, {0xc9, 0x5}, {0x3f, 0x2}, {0x2, 0x4}, {0x3, 0x5}, {0x2, 0x1}], "645fabe9f9c67557"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0xfa, 0x1}, {0x4, 0x6}, {0xd9, 0x4}, {0x4, 0x7}, {0x5, 0x6}, {0x0, 0x2}, {0x1, 0x1}, {0x7, 0x6}, {0x7e, 0x4}, {0x3f, 0x2}, {0x3, 0x1}, {0x1, 0x6}, {0x1, 0x5}, {0x7, 0x2}, {0x80, 0x5}, {0x5, 0x3}, {0xf9, 0x5}, {0x3, 0x4}, {0x80, 0x6}, {0x32}], "88a8a05f8be204ac"}}, @NL80211_ATTR_QOS_MAP={0x32, 0xc7, {[{0x7, 0x1}, {0x9, 0x4}, {0x3f, 0x2}, {0x5, 0x4}, {0x9, 0x1}, {0x4, 0x2}, {0x80, 0x2}, {0x9e, 0x5}, {0x7, 0x1}, {0x9, 0x4}, {0x3f, 0x6}, {0xbf, 0x4}, {0xff, 0x5}, {0x2, 0x5}, {0x1, 0x4}, {0x5, 0x2}, {0xfa, 0x3}, {0x7f, 0x6}, {0xac, 0x4}], "3d7db82fa1860566"}}]}, 0xbc}, 0x1, 0x0, 0x0, 0x85}, 0x8801)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001180), r0)
r7 = openat$null(0xffffffffffffff9c, &(0x7f00000011c0), 0x200000, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f00000012c0)={&(0x7f0000001200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)={0x30, r6, 0x2, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x10000, 0x19}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000010}, 0x40080)
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001400)={&(0x7f0000001380)={0x50, 0x0, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x1c}}}}, [@NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x3}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x84}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

19:21:19 executing program 2:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000040)={0x1})
r1 = syz_open_dev$vcsn(&(0x7f0000000140), 0x7, 0x900)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x8})
readv(r1, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/40, 0x28}, {&(0x7f0000000200)=""/9, 0x9}, {&(0x7f0000000240)=""/112, 0x70}, {&(0x7f00000002c0)=""/254, 0xfe}], 0x4)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000400)=<r2=>0x0)
kcmp$KCMP_EPOLL_TFD(r2, 0xffffffffffffffff, 0x7, r1, &(0x7f0000000440)={r1, r1, 0x4})
r3 = syz_open_dev$mouse(&(0x7f0000000480), 0x5, 0x48800)
r4 = dup2(r1, r3)
setsockopt$IP_VS_SO_SET_TIMEOUT(r4, 0x0, 0x48a, &(0x7f00000004c0)={0x2, 0x0, 0x4}, 0xc)
write$binfmt_script(r0, &(0x7f0000000500)={'#! ', './file0', [{0x20, '*]+%'}, {0x20, '/dev/input/mouse#\x00'}], 0xa, "37768faf10abb8ddf4a99a4e3cca1a115a35ab2ae89355b98be77b6472000c13b1d435ff8ffb2df2e9b25870c67e20b1339733be0204245ab7b9b229"}, 0x5f)
ioctl$BTRFS_IOC_QGROUP_CREATE(r1, 0x4010942a, &(0x7f0000000580)={0x0, 0x4})
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
accept4$inet(r5, &(0x7f00000005c0)={0x2, 0x0, @broadcast}, &(0x7f0000000600)=0x10, 0x80800)
close_range(0xffffffffffffffff, r3, 0x0)
ioctl$SIOCGSTAMPNS(r1, 0x8907, 0xfffffffffffffffe)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
splice(r0, &(0x7f0000000640)=0x81, r6, &(0x7f0000000680), 0xff, 0x0)
recvmmsg$unix(r3, &(0x7f0000003280)=[{{&(0x7f00000006c0), 0x6e, &(0x7f0000002a80)=[{&(0x7f0000000740)=""/150, 0x96}, {&(0x7f0000000800)=""/4096, 0x1000}, {&(0x7f0000001800)=""/116, 0x74}, {&(0x7f0000001880)=""/4096, 0x1000}, {&(0x7f0000002880)=""/35, 0x23}, {&(0x7f00000028c0)=""/232, 0xe8}, {&(0x7f00000029c0)=""/111, 0x6f}, {&(0x7f0000002a40)=""/58, 0x3a}], 0x8, &(0x7f0000002b00)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}}, {{&(0x7f0000002b80)=@abs, 0x6e, &(0x7f0000003140)=[{&(0x7f0000002c00)=""/64, 0x40}, {&(0x7f0000002c40)=""/184, 0xb8}, {&(0x7f0000002d00)=""/14, 0xe}, {&(0x7f0000002d40)=""/196, 0xc4}, {&(0x7f0000002e40)=""/84, 0x54}, {&(0x7f0000002ec0)=""/223, 0xdf}, {&(0x7f0000002fc0)=""/66, 0x42}, {&(0x7f0000003040)=""/74, 0x4a}, {&(0x7f00000030c0)=""/92, 0x5c}], 0x9, &(0x7f0000003200)=[@cred={{0x1c, 0x1, 0x2, {<r7=>0x0}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}], 0x50}}], 0x2, 0x40010123, &(0x7f0000003300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000003340)={0x2, 0x2, 0x6, 0xfffffffffffffff9, r7})

[   94.039481] audit: type=1400 audit(1763234479.753:7): avc:  denied  { execmem } for  pid=271 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
19:21:19 executing program 3:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xf0, 0x0, 0x4, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xd1, 0xbe, "cabf694c5175a207da1645030dce1fe9f99da87c80c76c2934087eeebfcc6ad1ba459f0f7ae1b744fc148833f2fef9e2b81cf1514ecdb87e91be774ef3db313b332c5fcebfb82493e80634469733f82a30ce4d997c92201e6128f95166e73e0b496ae9135cacc6051227cd33fc6cec7e024c389d0718751e66a331fc6b8024ef3b6bc4b11d35a13c74e92377d86778b7f5ea96f402d47e3206c6a7b7c7422cbc04f925ba502abdaf648d390598f908026aaf5899781dead13eaebd7463228dcaa94ec26e523ecaa4c4751f4931"}]}, 0xf0}, 0x1, 0x0, 0x0, 0x8040}, 0x4000000)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x34, 0x0, 0x2, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0xe}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x34}}, 0x10)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x6c, 0x0, 0x4, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_CQM={0x4c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x95d7}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x46f}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x2}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x2}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x5}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x3ff}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x7f}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x4}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x3}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x336}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20040040}, 0x20004014)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), r1)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x34, r3, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x6}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x6}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0xc5)
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000005c0), 0x20003, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r1)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000b00)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000680)={0x424, r5, 0x2, 0x70bd29, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x410, 0x11d, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xd}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xdf9}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x394, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x380, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x64, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0xc, 0xc41093f74a0497f, 0x1b, 0x36, 0x15, 0x1e, 0x1b, 0x24, 0x18, 0x6c, 0x9, 0x2, 0x1, 0x4, 0x36, 0x16, 0xb, 0x60, 0x36, 0x48, 0x1b, 0x9, 0x1, 0x36]}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x6, 0x6, 0xc, 0x48, 0x1b, 0x6, 0x60, 0x30, 0xc, 0x3, 0x60, 0x4, 0x3, 0x16, 0x4, 0x24, 0x30, 0x9, 0x7, 0x30, 0x1b, 0x18, 0x9, 0x12, 0xb, 0x2, 0x18, 0x12, 0x12, 0x60]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x88, 0x5, 0x7b8, 0x4, 0x0, 0x3, 0xff]}}]}, @NL80211_BAND_2GHZ={0x40, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x9, 0xfd, 0x8, 0x7fff, 0x1ff, 0xd549, 0x7]}}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0xc, 0x60, 0x9, 0x1b, 0x24, 0xb, 0x5, 0x60]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0x13, 0x2, [{0x0, 0x7}, {0x3, 0x5}, {0x2, 0x8}, {0x5, 0x5}, {0x4, 0x1}, {0x4, 0x2}, {0x1, 0x5}, {0x0, 0x2}, {0x4, 0x1}, {0x7, 0x5}, {0x7, 0x8}, {0x0, 0x7}, {0x7, 0x3}, {0x7, 0x2}, {0x0, 0x5}]}]}, @NL80211_BAND_6GHZ={0x40, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0x9, 0x2, [{0x5, 0x5}, {0x6, 0xa}, {0x3, 0x9}, {0x7, 0x6}, {0x2, 0x9}]}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x1b, 0x30, 0x2, 0x6c, 0x3, 0x12, 0x12, 0x60, 0x4, 0x24, 0x2, 0x2, 0x5]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x364, 0x0, 0xb0e5, 0x3, 0x7, 0x800, 0x8]}}]}, @NL80211_BAND_5GHZ={0x28, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x1c, 0x2, [{0x6, 0x6}, {0x1, 0x6}, {0x0, 0x7}, {0x1, 0x6}, {0x3, 0x6}, {0x1, 0xa}, {0x1, 0x2}, {0x0, 0x2}, {0x0, 0x8}, {0x3, 0x6}, {0x5, 0x9}, {0x2, 0x1}, {0x3, 0x4}, {0x1, 0x7}, {0x7, 0x2}, {0x6, 0x2}, {0x5, 0x5}, {0x4, 0x7}, {0x2}, {0x0, 0x7}, {0x3, 0x9}, {0x0, 0x1}, {}, {0x0, 0x7}]}]}, @NL80211_BAND_6GHZ={0x68, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x14, 0x1, [0x60, 0x36, 0x6, 0x36, 0x5a, 0x36, 0x6, 0x36, 0x1b, 0x3, 0x4, 0x5, 0xdfa6247cc16682cb, 0x1b, 0x1b8369fd96812493, 0x3]}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x6c, 0x36, 0x1f, 0xb, 0x12, 0x24, 0xc, 0xb, 0x3, 0x16, 0x3a75e64d4c221bcf, 0x1b, 0x7e, 0x5, 0xb, 0x6c, 0x6, 0x1b, 0x9, 0x1b, 0x30, 0x3, 0x30, 0x1b, 0x5]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x7f, 0x1, 0x7ff, 0xfff, 0x7, 0x3, 0x2ba]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffc, 0x40, 0xfff, 0x8, 0x9, 0x2, 0x4, 0x6a1]}}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x2, 0x1, 0x4, 0x1, 0x6, 0x2, 0x3]}}]}, @NL80211_BAND_5GHZ={0x44, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2e, 0x2, [{0x6, 0x1}, {0x2, 0x2}, {0x5}, {0x4, 0xa}, {0x7, 0x5}, {0x0, 0x7}, {0x1, 0x6}, {0x3, 0x4}, {0x0, 0x4}, {0x1}, {0x4, 0x8}, {0x6, 0xa}, {0x0, 0x5}, {0x2, 0xa}, {0x2, 0x5}, {0x4, 0xa}, {0x6, 0x6}, {0x4, 0x7}, {0x5, 0x5}, {0x2, 0x7}, {0x0, 0x6}, {0x1}, {0x4, 0x7}, {0x1, 0x4}, {0x7, 0x4}, {0x2, 0x1}, {0x0, 0x7}, {0x5, 0x9}, {0x5, 0x1}, {0x0, 0x8}, {0x6, 0x2}, {0x3, 0x9}, {0x5, 0x8}, {0x3, 0x2}, {0x0, 0x2}, {0x2, 0x4}, {0x4, 0x9}, {0x6, 0x2}, {0x7, 0x3}, {0x3, 0x8}, {0x4, 0x9}, {0x7, 0x5}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0x68, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x18, 0x1, [0x55d156d8d82b6d26, 0x6, 0x5, 0x30, 0x3, 0x16, 0x1, 0x36, 0x1b, 0x6c, 0x12, 0x1, 0x1b, 0x1b, 0x6c, 0x18, 0x6c, 0x30, 0x53f0617fc4037767, 0x48]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x5, 0x1}, {0x5, 0x1}, {0x7, 0xa}, {0x5, 0x7}, {0x0, 0x7}, {0x6, 0x3}, {0x6, 0x4}, {0x4, 0x9}, {0x0, 0x3}, {0x0, 0xa}, {0x1, 0x2}, {0x6, 0x4}, {0x4, 0x9}, {0x0, 0x8}, {0x1, 0x9}, {0x7, 0x7}, {0x6, 0x5}, {0x6, 0x4}, {0x2, 0xa}, {0x4, 0x6}, {0x7, 0xa}, {0x4, 0x9}, {0x1, 0x9}, {0x6, 0x4}, {0x2}, {0x1, 0x3}, {0x6, 0x6}, {0x2, 0x8}, {0x5, 0x1}, {0x3, 0x4}, {0x5, 0x9}, {0x1}, {0x4, 0x7}, {0x4, 0x3}, {0x6, 0x1}, {0x5, 0x6}, {0x2, 0x9}, {0x3, 0xa}, {0x0, 0x9}, {0x7, 0x4}, {0x6, 0x7}, {0x1, 0x6}, {0x5, 0x6}, {0x0, 0x4}, {0x0, 0xa}, {0x7, 0xa}, {0x4, 0x8}, {0x7, 0x7}, {0x1}, {0x4, 0x3}, {0x2, 0x6}, {0x4, 0x7}, {0x2, 0x3}, {0x0, 0x3}, {0x0, 0x8}, {0x1, 0x5}, {0x4}, {0x1, 0x7}, {0x6, 0xa}, {0x4, 0x1}, {0x1, 0x5}, {0x5, 0x9}, {0x1, 0x3}, {0x2, 0x5}]}]}, @NL80211_BAND_5GHZ={0x144, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x14, 0x1, [0x6c, 0x48, 0x1b, 0x6, 0x60, 0x1b, 0x30, 0x4, 0x30, 0x39, 0x48, 0x4, 0x6c, 0x3, 0x6c, 0x16]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x5f, 0x3, 0x2a, 0x1b, 0x3, 0x0, 0xc, 0x30]}, @NL80211_TXRATE_HT={0x3c, 0x2, [{0x5, 0xa}, {0x3, 0x1}, {0x5, 0x2}, {0x3, 0x4}, {0x0, 0x3}, {0x2}, {0x1, 0x7}, {0x0, 0x1}, {0x1}, {0x0, 0x8}, {0x1, 0x6}, {}, {0x3, 0xa}, {0x0, 0x6}, {0x4, 0x9}, {0x1, 0x17}, {0x1, 0x2}, {0x7, 0x5}, {0x4, 0x1}, {0x2, 0x5}, {0x5, 0xa}, {0x3, 0x4}, {0x4, 0x8}, {0x1, 0x14}, {0x3, 0x6}, {0x6, 0x5}, {0x1, 0x3}, {0x5, 0x3}, {0x4, 0x8}, {0x4, 0xa}, {0x5, 0x8}, {0x5, 0xa}, {0x6, 0x8}, {0x0, 0x3}, {0x7, 0x9}, {0x1}, {0x0, 0x1}, {0x1, 0x4}, {0x5, 0x4}, {0x6, 0x8}, {0x3}, {0x5, 0xa}, {0x4, 0x1}, {0x0, 0x6}, {0x1, 0x3}, {}, {0x7, 0x7}, {0x4, 0x8}, {0x1, 0x1}, {0x0, 0x2}, {0x2, 0x8}, {0x3, 0x9}, {0x4, 0x2}, {0x5, 0x6}, {0x3, 0x2}, {0x6, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7fff, 0x80, 0x92, 0x7b0, 0x2, 0x100, 0x6]}}, @NL80211_TXRATE_HT={0x45, 0x2, [{0x6}, {0x3, 0x3}, {0x1, 0x4}, {0x1, 0x9}, {0x4, 0x9}, {0x1, 0x7}, {0x5, 0xa}, {0x5}, {0x1, 0x6}, {0x1, 0x9}, {0x6, 0x6}, {0x2, 0x5}, {0x3, 0xa}, {0x0, 0x7}, {0x3, 0x6}, {0x4}, {0x3}, {0x4}, {0x3, 0x9}, {0x2, 0x6}, {0x1, 0x2}, {0x1, 0x3}, {0x7, 0xa}, {0x2, 0x9}, {0x3, 0x4}, {0x3, 0x3}, {0x6, 0x3}, {0x1, 0x6}, {0x3, 0xa}, {0x6, 0x2}, {0x0, 0x7}, {0x5, 0x2}, {0x4, 0x8}, {0x0, 0x5}, {0x4, 0x1}, {0x0, 0x4}, {0x3, 0x6}, {0x1, 0x6}, {0x7, 0xa}, {0x5, 0xa}, {0x3}, {0x2, 0xa}, {0x5, 0xa}, {0x0, 0x9}, {0x3}, {0x2}, {0x0, 0x7}, {0x6, 0x6}, {0x0, 0x1}, {0x2, 0x3}, {0x0, 0x1}, {0x0, 0x4}, {0x6, 0x5}, {0x0, 0x4}, {0x1, 0x5}, {0x6, 0x2}, {0x5, 0x6}, {0x2, 0x2}, {0x2, 0x6}, {0x6, 0x2}, {0x5, 0x5}, {0x7, 0x4}, {0x2, 0x5}, {0x0, 0x3}, {0x0, 0x2}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x401, 0xf7ec, 0x8a, 0x1, 0x3, 0x2b3e]}}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x1, 0xd0f, 0x40, 0x8, 0x9, 0x9, 0x6]}}, @NL80211_TXRATE_HT={0x4d, 0x2, [{0x3, 0x1}, {0x0, 0x1}, {0x1, 0x6}, {0x5, 0x1}, {0x0, 0x3}, {0x3, 0x3}, {0x1, 0x4}, {0x2, 0x3}, {0x1, 0xa}, {0x5, 0x2}, {0x3, 0x2}, {0x5, 0x3}, {0x0, 0xa}, {0x5, 0x7}, {0x0, 0x9}, {0x1, 0x2}, {0x2}, {0x0, 0x9}, {0x4, 0x2}, {0x1, 0x1}, {0x1, 0x4}, {0x1, 0x2}, {0x7, 0xa}, {0x4, 0x9}, {0x0, 0x3}, {0x3, 0x7}, {0x3, 0x1}, {0x1, 0x6}, {0x4, 0x2}, {0x4, 0xa}, {0x5, 0x5}, {0x1, 0x5}, {0x1, 0x4}, {0x4, 0x7}, {0x7, 0x3}, {0x5}, {0x0, 0xa}, {0x2, 0x2}, {0x1, 0x5}, {0x6, 0x7}, {}, {0x6, 0x1}, {0x1, 0x3}, {0x6, 0x6}, {0x0, 0x3}, {0x4, 0x8}, {0x1, 0x9}, {0x5, 0x5}, {0x0, 0x4}, {0x5, 0x4}, {0x1, 0x3}, {0x4, 0x2}, {0x7, 0x5}, {0x0, 0x5}, {0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x6, 0x1}, {0x5, 0xa}, {0x5, 0xa}, {0x7, 0x1}, {0x7, 0x1}, {0x7, 0x9}, {0x3, 0x5}, {0x6, 0x5}, {0x5, 0x2}, {0x7, 0x6}, {0x4, 0x2}, {0x7, 0x4}, {0x6, 0x9}, {0x0, 0x2}, {0x2, 0x6}, {0x4, 0xa}]}]}]}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x81}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xa1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}]}]}, 0x424}, 0x1, 0x0, 0x0, 0x40080}, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x28, r5, 0x10, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x69}, @void, @val={0xc, 0x99, {0x3, 0x68}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x2000c084}, 0x1)
r6 = syz_open_dev$vcsa(&(0x7f0000000c40), 0x0, 0x4a000)
sendmsg$NL80211_CMD_START_AP(r6, &(0x7f0000001280)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001240)={&(0x7f0000000cc0)={0x54c, r5, 0x100, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x7, 0x6c}}}}, [@beacon=[@NL80211_ATTR_IE_PROBE_RESP={0x1e, 0x7f, [@mic={0x8c, 0x18, {0xb94, "75fe5718b511", @long="7bbd85fba7188312ed4c52b55425b642"}}]}, @NL80211_ATTR_FTM_RESPONDER={0x1b0, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0xfe, 0x2, "5d18ac7824d06b5285de6454b8752d4eb734bfc175f0bfbf94dd1bf2b6480612cd601d940da8fab872b7db4b4a883ac67d9c8d56e38213f3069457adcfc07816835b87da27ad6f3e7a1c1607789aa92a3e856b361c1d176701d3501e6f882d828d961389b2b9471c82d97c8deb2670bbe3ef9af6728655a36b30bfeab5996c9aa54ece4a2aee43d90ea54074fe812a42c275057d4c7e064e37442b23bb266a18cb90ef2e2849f74547db2805958187a89933340992d798e49feac0c4228e9b1a4cfabefeb386cab2df33ac5727a8e32e66c796cb9cd52b75b655cf1918a868b511860c0daebc243f8c34d47aaf920f39e944435b26d1050e5773"}, @NL80211_FTM_RESP_ATTR_LCI={0xac, 0x2, "2fb69d2ad6efc484b58a073942b1770622797ec9ca9e3ed70f5382b293382f20dcb350bb001ec774e3f943fcd645eab0c027dc0ea5d8ba4e93178bba7175c7c8f008be3eb01779f01998749b047e1838bc634c36b48651c578473c82267d5103baf8eb565dd4f5556a9b2d39dfcf999f3b0fee866c616adca524bd69adf90bca4d53dc3ca97239cb692fb662925b7ffdb83962de00a3d0e77e5ef47e66629cb5c37a3e6aae062f51"}]}, @NL80211_ATTR_IE={0x13, 0x2a, [@erp={0x2a, 0x1, {0x1, 0x1}}, @mesh_config={0x71, 0x7, {0x0, 0x1, 0xffffffffffffffff, 0x1, 0x0, 0x4, 0x40}}, @sec_chan_ofs={0x3e, 0x1, 0x3}]}, @NL80211_ATTR_PROBE_RESP={0x333, 0x91, "684c8fba92b268e4b199f015de064df9b8e2b4efb76b3779cb7e820c688cfefbef64449921b825c8bf6bd9e9f83c78fc896e49d6caf840efac3df888b6074b4441c975398cda897d360c181232d3f587b41443bd12636659b503a6e0004f2878765069db700720d8d7a4dc9cf5f854cb083879ba61471d938933868ee481e6e166ff59a4fb2e661adc94806f08f2e8bf8967dba9bfbebc66405fc0dd85220a72035940148a8b70e24b0494656c18108ddb3a2eb05b87c56d3125ef2d78008552925c1b15399aee9815f67f24afb2aa2ae37d22136393c769416a908592ebc8ea54867813f0fe1edff22e2c336cde6f365d7daa06db4ddd02e2ec5c4a1f6490e5a49a862ffd53bc24cc2027355d40505e3f9b80984d694b4c839b59b4376da16846b2a1b2a33d36ea59ff2ad93310702c61b6fa0f36f6e39b7f153bf201a1a42d0e107a5684861c7f7ce01273374916852d860cd0605de098d4a9875249d8e49db76bb16e940127ea0f400be023b2c62f9af0ce32a60e46f7e82b278f2f2d2774a7bc8934ba7f0f9177827682642a6c96a28edc6749d3e8b5adf41f3be17db9b0b09125195ad738ad7fd8d35ce2033a422f67a577c810dd365a9241168ce96a1347d326850e2f7d1bd8cc53280c489a248ea24aa1819b04cb3d39b3e9d2a9bd7577365a5ebdd5cd92d27021f218ed6ac5a38ee8571493ce065e5122aa9acf7b24f9d8bb15b4e17d2fa0f0f5d5a2ef6956ed302167d679e6d92664e5b36fcb40dee65c8c8d0b123e851d1f78ab10871cd8110e79b18da922bed6186d861e27ac77d1ea45c9e7eaa18bcca6797918ce79adc40ee5851b640b617daca8d13cedf07fd1bd409f83c8429131c4be665896d29d806c5b69dacb7bf368914c736c21adb593df89f0ebcbd70663c11420cba829b1e3f092532cfb6fbbce6f0b2d8ab06eae6018c86841d3501fc1c607520ed7056dc4f44f377cc031eeb026b8d4ab0a7cb1939842157ee8e9b5db372f360ee1b5734cc18d88cc2bc2064e5f5a37a9f32a0123e74746cfe8b5e15fbea9bcdbba6946dc53e01a1d7a3b0df2934da61423606e1ee3a272e284751a0af2b78fc3aa5c565f2889179c7a4fae548f1d6ed52842fcb208455a02c511fbcfa689956519f6"}], @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_SMPS_MODE={0x5}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x201}]]}, 0x54c}, 0x1, 0x0, 0x0, 0x20008805}, 0x40004)
r7 = openat$incfs(r0, &(0x7f0000001300)='.pending_reads\x00', 0x248100, 0x101)
splice(r6, &(0x7f00000012c0)=0xffffffffffffff43, r7, &(0x7f0000001340)=0x7ff, 0x1f, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000013c0), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICLIST(r8, &(0x7f00000014c0)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001480)={&(0x7f0000001400)={0x7c, r9, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f00000015c0)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001580)={&(0x7f0000001540)={0x1c, r9, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000004}, 0x10)
sendmsg$NLBL_UNLABEL_C_LIST(r8, &(0x7f0000001700)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x84220802}, 0xc, &(0x7f00000016c0)={&(0x7f0000001640)={0x68, r9, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @empty}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x22004080)

19:21:19 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x0, 0x800, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_LEVEL={0x24, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x4}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x49}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x3}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x2}, 0x40)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0xf5b0a7458f6c8433}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x20, 0x0, 0x702, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1000, 0x5b}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x1adbde020237e593}, 0x40080d4)
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000680)={&(0x7f0000000240)={0x434, 0x3f3, 0x830, 0x70bd2d, 0x25dfdbfd, {0x0, 0x1, 0x5, [0x2, 0xb36, 0xffffffff, 0x4, 0x1ff, 0x9, 0x0, 0x2, 0x965, 0x3, 0x7fff, 0x9, 0x7, 0x9, 0x7, 0x3, 0x3, 0x8, 0x4, 0x3ff, 0x5, 0x8, 0x8a0a, 0x46c, 0x6, 0x5, 0x7cd03663, 0x2, 0x5, 0x8, 0x40, 0x75, 0x9, 0x8, 0x2, 0xff, 0x5, 0x1, 0x2, 0x2, 0x6, 0x40, 0xb74b, 0x3, 0x8, 0x1, 0x75, 0x3, 0x200, 0x401, 0xfffffff9, 0x8ab, 0x127, 0x4, 0x1000, 0x6, 0x7f, 0x9, 0x7, 0x7, 0x6, 0x3, 0x1ff, 0x9], [0x7, 0x8, 0x1ff, 0x40, 0x1000, 0xee6c, 0x4, 0x5, 0x7460c0bb, 0x80000000, 0xfff, 0x7f4, 0x9, 0x3, 0x1ff, 0xfe6, 0x72a01b19, 0x6a, 0x1000, 0x80000001, 0xffff0000, 0x3, 0xfffffffb, 0x3, 0x20000, 0x4, 0x1, 0x4, 0x5, 0x80000001, 0x6, 0x3, 0x9, 0x800, 0x0, 0x81, 0x9, 0x9, 0x9a0b, 0x0, 0x8000, 0xfffffffe, 0x7, 0xa805, 0x8ed5, 0x4, 0x5, 0x6, 0x9, 0x621f, 0x2, 0x6, 0x48, 0x5, 0x1f, 0x4, 0x400, 0x9, 0x34b, 0xc87, 0x0, 0xa99, 0x80000001, 0x9], [0x1, 0x80000000, 0xb9, 0x80000001, 0xbf, 0x3, 0x2, 0x0, 0x3, 0x8, 0xffff8001, 0x80, 0x20, 0xf19, 0x3, 0x4, 0x2, 0x3, 0x1f, 0x1, 0x72, 0x0, 0x74, 0x2, 0xffffffff, 0x0, 0x8001, 0xa6, 0xd79e7800, 0x9, 0x8c, 0x3, 0x8, 0x10000, 0x1, 0x9, 0x80000000, 0xff, 0x7d72, 0x1, 0x400, 0x10, 0x3a, 0x1, 0x8, 0x401, 0xffff, 0x401, 0x6, 0x99a, 0x0, 0x5, 0x0, 0x0, 0x81, 0x81, 0x8, 0x7, 0x0, 0x2, 0xffffffff, 0xfff, 0xf7db, 0x7], [0x3, 0x200, 0xfffffe01, 0x9, 0x8001, 0x7, 0x1, 0x7, 0x2, 0x2af, 0x100, 0x7f, 0x1ff, 0x10000, 0x101, 0x0, 0x0, 0x794, 0x4, 0x3, 0x2, 0x1, 0x3, 0x9, 0xd95, 0x1000, 0xef, 0x800, 0x2, 0x5, 0x8, 0xfffffffe, 0x9, 0x0, 0x6, 0x9, 0x1, 0x9108, 0x0, 0x2, 0xe1, 0x9a, 0x10001, 0x9, 0x8, 0xfbd, 0x56a, 0x7, 0x3, 0x1ff, 0x14, 0x6, 0xb0, 0x3f, 0x400, 0xfff, 0xcef, 0x2, 0x1, 0xdd500000, 0x8, 0x2, 0x212, 0x50], 0x11, ['@:%\'@\'\'\x00', '\x00', '^\x00', '\\!1,\\\x00']}, ["", "", "", ""]}, 0x434}, 0x1, 0x0, 0x0, 0x4040084}, 0x4)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0xc436805d6446f415}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x5c, r1, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000004}, 0x40801)
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f0000000880), 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x4c, 0x0, 0x643, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "69d7222eba2f8a31ade794231ed584f7"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x4}, @NL80211_ATTR_PMKID={0x14, 0x55, "21582285f8b55f120393106e2392f3f9"}]}, 0x4c}}, 0x4000000)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_PMK(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a40)={0xac, r2, 0x300, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_PMK={0x14, 0xfe, "34e8a57d54fb80db569616dfe10576b8"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "65b4c4ff867ce1b2d3ac6864b9b59e5c"}, @NL80211_ATTR_PMK={0x14, 0xfe, "f82df72b3010fc8fee2ce5c8b0b4ac21"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "9460cf6b1b2a5df0b30b7e5a017402dc"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0xac}, 0x1, 0x0, 0x0, 0xc0c0}, 0x40)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r3, &(0x7f0000000cc0)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x88, 0x0, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_SECCTX={0x1f, 0x7, 'system_u:object_r:var_t:s0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x23, 0x7, 'u:r:untrusted_app:s0:c512,c768\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'xfrm0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1}]}, 0x88}, 0x1, 0x0, 0x0, 0x80}, 0x20000001)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000d00), r3)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000d40), r0)
r4 = socket$nl_audit(0x10, 0x3, 0x9)
lseek(r4, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$smc(&(0x7f0000000dc0), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000ec0)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e00)={0x58, r5, 0x20, 0x70bd2b, 0x25dfdbff, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_macvtap\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000050}, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f40), 0xffffffffffffffff)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r4, &(0x7f0000001000)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x14, r6, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x200000b0)
sendmsg$NLBL_CALIPSO_C_REMOVE(r3, &(0x7f0000001140)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001100)={&(0x7f0000001080)={0x44, 0x0, 0x2, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x2044841}, 0x80)

19:21:19 executing program 5:
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000000)={0x89, 0x13, '\x00', [@ra={0x5, 0x2, 0xfff}, @pad1, @ra={0x5, 0x2, 0x40}, @ra={0x5, 0x2, 0x5}, @generic={0x0, 0x1c, "2bba32856ef469c69ed70a9c114b4e689c80058475aaaca90d5394d9"}, @calipso={0x7, 0x50, {0x1, 0x12, 0x6, 0x7, [0x6, 0xb8f, 0x4, 0xfff, 0x4, 0x7f, 0x4, 0x6, 0x5]}}, @calipso={0x7, 0x18, {0x3, 0x4, 0x4, 0x5, [0x6, 0xfffffffffffff800]}}]}, 0xa8)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/rfcomm\x00')
r1 = accept$packet(r0, 0x0, &(0x7f0000000100))
close(r1)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r1, 0xc038943b, &(0x7f0000000180)={0x4, 0x10, '\x00', 0x1, &(0x7f0000000140)=[0x0, 0x0]})
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0x5}}, './file0\x00'})
execveat(r2, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480)=[&(0x7f0000000240)='$].]-^+\x00', &(0x7f0000000280)='net/rfcomm\x00', &(0x7f00000002c0)='\x00', &(0x7f0000000300)='\'..+\x00', &(0x7f0000000340)='\x00', &(0x7f0000000380)='\x00', &(0x7f00000003c0)='net/rfcomm\x00', &(0x7f0000000400)='@$*%]\x00', &(0x7f0000000440)='net/rfcomm\x00'], &(0x7f0000000780)=[&(0x7f0000000500)='net/rfcomm\x00', &(0x7f0000000540)='\x00', &(0x7f0000000580)='\xf8)@)\x00', &(0x7f00000005c0)='net/rfcomm\x00', &(0x7f0000000600)='\x00', &(0x7f0000000640)='net/rfcomm\x00', &(0x7f0000000680)='&\x00', &(0x7f00000006c0)='\x00', &(0x7f0000000700)='\x00', &(0x7f0000000740)='net/rfcomm\x00'], 0x1000)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c)
flistxattr(r2, &(0x7f0000000800)=""/44, 0x2c)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, &(0x7f0000000840)={0xa, 0x4e21, 0x8000, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x8000}, 0x1c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f00000008c0), r2)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000980)={'ip6gre0\x00', &(0x7f0000000900)={'syztnl2\x00', <r6=>0x0, 0x4, 0x20, 0x5, 0x2, 0x3, @local, @private1, 0x40, 0x7800, 0x81}})
sendmsg$ETHTOOL_MSG_WOL_SET(r4, &(0x7f0000000b80)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000b40)={&(0x7f00000009c0)={0x14c, r5, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_WOL_SOPASS={0x23, 0x3, "c75f260bec317368d2beb38039f53ca28c9dfab5d81ae91ee3ca7f8ee0cddb"}, @ETHTOOL_A_WOL_HEADER={0x88, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}]}, @ETHTOOL_A_WOL_SOPASS={0x8b, 0x3, "458d65ff7d2374c64b92a847038b761a934debeaff7c53b1cb56153fba9161788357c34573af379bd560114b3bdd56c3814eab1e24bf2581bc27ac7733adcadbd58c665a749940c6058a30ad13250cfffec4a62c7b2049f07765dee579c9e79b87f9b535a27d85cf86dabf7d5908ae4eb275df175f2351d6c706d10f7c2653f79c89554984ed3a"}]}, 0x14c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000bc0), r4)
write(r2, &(0x7f0000000c00)="0c91bf6b04aca5cd4f74b18b9df8b5f8a82fbfc4a4ec0f1386e15297969c7826c0e75d11b06e5da575d0f663cf91fe4d2bb6ddd370b1b31d21cb2cfa344cc8a8c28ef5ca5a1e4bb31b6f53b402efae9b4ea259d69e742a275a835c48a3a85585687b5d2ab878de78513e4b8145295bdcd634f4f4a188e7fb6b8b25591f9f23cee3f9ca0fe901d2b478fa3f56eeed7ff501b82458bd484d96dd91fdc1d1b0", 0x9e)
fcntl$addseals(r2, 0x409, 0x8)
write(r2, &(0x7f0000000cc0)="b8f0d7039ecd664749cf86c734379c84778426edf52e8d4b9f25", 0x1a)
recvfrom$packet(r0, &(0x7f0000000d00)=""/6, 0x6, 0x40, 0x0, 0x0)

19:21:19 executing program 6:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
sendmsg$IPVS_CMD_FLUSH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xbc, 0x0, 0x20, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_DEST={0x58, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x401}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x40}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x7}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@empty}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e22}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xb4}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x78e}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e23}]}, @IPVS_CMD_ATTR_DAEMON={0x48, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}]}]}, 0xbc}}, 0x4004000)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000580)={{0x1, 0x1, 0x18, <r1=>r0}, '.\x00'})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x30, r2, 0x4, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x19}, @val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x101, 0x53}}}}, ["", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
r4 = socket(0x2, 0xa, 0x9)
setsockopt$sock_void(r4, 0x1, 0x1b, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000780), r1)
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x34, r5, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xe7}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x8d0}, 0x24008080)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r4, &(0x7f0000000940)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x30, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}, 0x1, 0x0, 0x0, 0x24048004}, 0x200098c1)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000009c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r1, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x14, r6, 0x200, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x2400c800)
io_destroy(0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000ac0)={{0x1, 0x1, 0x18, <r7=>r1, {0x20}}, './file0\x00'})
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b40), r4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000b80)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r7, &(0x7f0000000cc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x94, r8, 0x200, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r9}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x36a}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x3f}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xfffffffb}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98f}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xe73}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a9}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x30}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3c0}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x94}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000000)
newfstatat(0xffffffffffffff9c, &(0x7f0000000d00)='./file0\x00', &(0x7f0000000d40), 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x3c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0xfffffff9, 0x35}}}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "0a19b031575c75c175b334d65dcca080"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x50}, 0x800)

[   95.137713] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   95.140483] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   95.142283] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   95.145465] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   95.147602] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   95.199275] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   95.201298] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   95.204325] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   95.208803] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   95.211009] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   95.217580] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   95.219795] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   95.221594] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   95.227658] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   95.231766] ==================================================================
[   95.232780] BUG: KASAN: slab-use-after-free in hci_cmd_work+0x66d/0x6d0
[   95.233742] Read of size 2 at addr ffff88800c1603f8 by task kworker/u11:1/288
[   95.235160] 
[   95.235657] CPU: 0 UID: 0 PID: 288 Comm: kworker/u11:1 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) 
[   95.235687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   95.235700] Workqueue: hci1 hci_cmd_work
[   95.235729] Call Trace:
[   95.235737]  <TASK>
[   95.235745]  dump_stack_lvl+0xca/0x120
[   95.235773]  print_report+0xcb/0x610
[   95.235801]  ? __virt_addr_valid+0x100/0x5d0
[   95.235826]  ? hci_cmd_work+0x66d/0x6d0
[   95.235852]  ? hci_cmd_work+0x66d/0x6d0
[   95.235878]  kasan_report+0xca/0x100
[   95.235904]  ? hci_cmd_work+0x66d/0x6d0
[   95.235933]  hci_cmd_work+0x66d/0x6d0
[   95.235961]  process_one_work+0x8e1/0x19c0
[   95.235997]  ? __pfx_process_one_work+0x10/0x10
[   95.236027]  ? move_linked_works+0x172/0x270
[   95.236051]  ? assign_work+0x196/0x240
[   95.236080]  worker_thread+0x67e/0xe90
[   95.236109]  ? trace_irq_enable.constprop.0+0xc2/0x100
[   95.236135]  ? __pfx_worker_thread+0x10/0x10
[   95.236165]  kthread+0x3c8/0x740
[   95.236192]  ? __pfx_kthread+0x10/0x10
[   95.236218]  ? ret_from_fork+0x79/0x7a0
[   95.236239]  ? lock_release+0xc8/0x290
[   95.236272]  ? __pfx_kthread+0x10/0x10
[   95.236298]  ret_from_fork+0x67a/0x7a0
[   95.236319]  ? __pfx_ret_from_fork+0x10/0x10
[   95.236340]  ? __switch_to+0x759/0x1060
[   95.236369]  ? __pfx_kthread+0x10/0x10
[   95.236396]  ret_from_fork_asm+0x1a/0x30
[   95.236431]  </TASK>
[   95.236438] 
[   95.259093] Allocated by task 287:
[   95.259612]  kasan_save_stack+0x24/0x50
[   95.260192]  kasan_save_track+0x14/0x30
[   95.260771]  __kasan_slab_alloc+0x59/0x70
[   95.261374]  kmem_cache_alloc_node_noprof+0x228/0x6b0
[   95.262095]  __alloc_skb+0x2ab/0x370
[   95.262675]  hci_cmd_sync_alloc+0x34/0x300
[   95.263295]  __hci_cmd_sync_sk+0xf7/0x5c0
[   95.263876]  hci_read_num_supported_iac_sync+0x2c/0x170
[   95.264609]  hci_dev_open_sync+0x1874/0x1f60
[   95.265216]  hci_power_on+0xdb/0x5d0
[   95.265747]  process_one_work+0x8e1/0x19c0
[   95.266345]  worker_thread+0x67e/0xe90
[   95.266901]  kthread+0x3c8/0x740
[   95.267447]  ret_from_fork+0x67a/0x7a0
[   95.268093]  ret_from_fork_asm+0x1a/0x30
[   95.268704] 
[   95.268947] Freed by task 295:
[   95.269408]  kasan_save_stack+0x24/0x50
[   95.269967]  kasan_save_track+0x14/0x30
[   95.270529]  kasan_save_free_info+0x3a/0x60
[   95.271160]  __kasan_slab_free+0x43/0x70
[   95.271727]  kmem_cache_free+0x26f/0x500
[   95.272322]  kfree_skbmem+0x18a/0x1f0
[   95.272858]  sk_skb_reason_drop+0x10e/0x1b0
[   95.273476]  vhci_read+0x3d5/0x5d0
[   95.273980]  vfs_read+0x1eb/0xc70
[   95.274467]  ksys_read+0x121/0x240
[   95.274979]  do_syscall_64+0xbf/0x430
[   95.275518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.276225] 
[   95.276471] The buggy address belongs to the object at ffff88800c1603c0
[   95.276471]  which belongs to the cache skbuff_head_cache of size 232
[   95.278224] The buggy address is located 56 bytes inside of
[   95.278224]  freed 232-byte region [ffff88800c1603c0, ffff88800c1604a8)
[   95.279878] 
[   95.280130] The buggy address belongs to the physical page:
[   95.280907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc160
[   95.281983] anon flags: 0x100000000000000(node=0|zone=1)
[   95.282759] page_type: f5(slab)
[   95.283266] raw: 0100000000000000 ffff8880096c78c0 ffffea000032d340 dead000000000003
[   95.284339] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000
[   95.285399] page dumped because: kasan: bad access detected
[   95.286172] 
[   95.286414] Memory state around the buggy address:
[   95.287102]  ffff88800c160280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   95.288104]  ffff88800c160300: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[   95.289114] >ffff88800c160380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   95.290115]                                                                 ^
[   95.291093]  ffff88800c160400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   95.292075]  ffff88800c160480: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[   95.293046] ==================================================================
[   95.294146] Disabling lock debugging due to kernel taint
[   95.298679] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   95.326167] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   95.335182] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   95.335852] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   95.336835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   95.337493] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   95.338476] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   95.339271] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   95.342138] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   95.342791] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   95.343615] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   95.344518] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   95.345731] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   95.346383] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   95.347636] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   95.348324] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   95.348914] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   95.350272] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   95.351257] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   95.354685] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   95.355947] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   95.380652] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   95.383212] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   95.385260] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   95.389455] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   95.391113] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   97.170115] Bluetooth: hci0: command tx timeout
[   97.360070] Bluetooth: hci6: command tx timeout
[   97.362121] Bluetooth: hci4: command tx timeout
[   97.362144] Bluetooth: hci1: command tx timeout
[   97.362944] Bluetooth: hci2: command tx timeout
[   97.424058] Bluetooth: hci5: command tx timeout
[   97.424084] Bluetooth: hci3: command tx timeout
[   97.424456] Bluetooth: hci7: command tx timeout
[   99.216035] Bluetooth: hci0: command tx timeout
[   99.408095] Bluetooth: hci2: command tx timeout
[   99.408531] Bluetooth: hci4: command tx timeout
[   99.408903] Bluetooth: hci1: command tx timeout
[   99.409629] Bluetooth: hci6: command tx timeout
[   99.472073] Bluetooth: hci3: command tx timeout
[   99.472098] Bluetooth: hci5: command tx timeout
[   99.472474] Bluetooth: hci7: command tx timeout
[  101.264048] Bluetooth: hci0: command tx timeout
[  101.456095] Bluetooth: hci1: command tx timeout
[  101.456124] Bluetooth: hci4: command tx timeout
[  101.456525] Bluetooth: hci6: command tx timeout
[  101.456953] Bluetooth: hci2: command tx timeout
[  101.520034] Bluetooth: hci7: command tx timeout
[  101.521030] Bluetooth: hci5: command tx timeout
[  101.521409] Bluetooth: hci3: command tx timeout
[  103.313806] Bluetooth: hci0: command tx timeout
[  103.504056] Bluetooth: hci1: command tx timeout
[  103.504487] Bluetooth: hci4: command tx timeout
[  103.504862] Bluetooth: hci2: command tx timeout
[  103.505868] Bluetooth: hci6: command tx timeout
[  103.568075] Bluetooth: hci5: command tx timeout
[  103.568471] Bluetooth: hci3: command tx timeout
[  103.568849] Bluetooth: hci7: command tx timeout

VM DIAGNOSIS:
19:21:21  Registers:
info registers vcpu 0
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8293dd05 RDI=ffffffff889747c0 RBP=ffffffff88974780 RSP=ffff8880162ef618
R8 =0000000000000000 R9 =ffffed10016fa046 R10=0000000000000039 R11=6572617764726148
R12=0000000000000039 R13=0000000000000010 R14=ffffffff88974780 R15=ffffffff8293dcf0
RIP=ffffffff8293dd5d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e538f000 00000000 00000000
LDT=0000 fffffe1900000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f8cc9349000 CR3=0000000009c48000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f5da8cb47c000007f5da8cb47c8
XMM02=00007f5da8cb47e000007f5da8cb47c0 XMM03=00007f5da8cb47c800007f5da8cb47c0
XMM04=ffffffffffffffffffffffffffffff00 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88806ce3e9e0 RCX=ffffffff8169b13c RDX=ffff888009548000
RSI=ffffffff8169b116 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff8880095576e8
R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000001 R11=1ffff1100d9e6c41
R12=ffffed100d9c7d3d R13=ffff88806ce3e9e8 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff8169b118 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f29f6d32900 00000000 00000000
GS =0000 ffff8880e548f000 00000000 00000000
LDT=0000 fffffe2400000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055c89ce0e2b8 CR3=000000000bd73000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000004133fc2fe5b1481c XMM01=00000000000000003f847ae147ae147b
XMM02=00000000000000000000000000000000 XMM03=00000000000000003f717777740b74a0
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=000000000000000a000000c000014016 XMM09=000000000000002a000000c000016000
XMM10=0000000000000009000000c000014040 XMM11=0000000000000007000000c000014049
XMM12=000000000000001c000000c000018000 XMM13=0000000000000041000000c00001a000
XMM14=000000000000000c000000c000014050 XMM15=000000000000000d000000c000014060