Warning: Permanently added '[localhost]:7002' (ECDSA) to the list of known hosts.
2025/11/15 21:34:51 fuzzer started
2025/11/15 21:34:51 dialing manager at localhost:37161
syzkaller login: [   48.612889] cgroup: Unknown subsys name 'net'
[   48.667187] cgroup: Unknown subsys name 'cpuset'
[   48.678434] cgroup: Unknown subsys name 'rlimit'
2025/11/15 21:35:01 syscalls: 2214
2025/11/15 21:35:01 code coverage: enabled
2025/11/15 21:35:01 comparison tracing: enabled
2025/11/15 21:35:01 extra coverage: enabled
2025/11/15 21:35:01 setuid sandbox: enabled
2025/11/15 21:35:01 namespace sandbox: enabled
2025/11/15 21:35:01 Android sandbox: enabled
2025/11/15 21:35:01 fault injection: enabled
2025/11/15 21:35:01 leak checking: enabled
2025/11/15 21:35:01 net packet injection: enabled
2025/11/15 21:35:01 net device setup: enabled
2025/11/15 21:35:01 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/11/15 21:35:01 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/11/15 21:35:01 USB emulation: enabled
2025/11/15 21:35:01 hci packet injection: enabled
2025/11/15 21:35:01 wifi device emulation: enabled
2025/11/15 21:35:01 802.15.4 emulation: enabled
2025/11/15 21:35:01 fetching corpus: 50, signal 28171/29954 (executing program)
2025/11/15 21:35:01 fetching corpus: 100, signal 38943/42369 (executing program)
2025/11/15 21:35:01 fetching corpus: 150, signal 47653/52617 (executing program)
2025/11/15 21:35:01 fetching corpus: 200, signal 56761/63095 (executing program)
2025/11/15 21:35:02 fetching corpus: 250, signal 60903/68702 (executing program)
2025/11/15 21:35:02 fetching corpus: 300, signal 67514/76571 (executing program)
2025/11/15 21:35:02 fetching corpus: 350, signal 71061/81454 (executing program)
2025/11/15 21:35:02 fetching corpus: 400, signal 75790/87395 (executing program)
2025/11/15 21:35:02 fetching corpus: 450, signal 78130/91060 (executing program)
2025/11/15 21:35:02 fetching corpus: 500, signal 80538/94728 (executing program)
2025/11/15 21:35:02 fetching corpus: 550, signal 82098/97568 (executing program)
2025/11/15 21:35:02 fetching corpus: 600, signal 85876/102470 (executing program)
2025/11/15 21:35:02 fetching corpus: 650, signal 87720/105555 (executing program)
2025/11/15 21:35:02 fetching corpus: 700, signal 89324/108378 (executing program)
2025/11/15 21:35:03 fetching corpus: 750, signal 91203/111435 (executing program)
2025/11/15 21:35:03 fetching corpus: 800, signal 94038/115257 (executing program)
2025/11/15 21:35:03 fetching corpus: 850, signal 96108/118427 (executing program)
2025/11/15 21:35:03 fetching corpus: 900, signal 99253/122456 (executing program)
2025/11/15 21:35:03 fetching corpus: 950, signal 101047/125272 (executing program)
2025/11/15 21:35:03 fetching corpus: 1000, signal 102814/128019 (executing program)
2025/11/15 21:35:03 fetching corpus: 1050, signal 104136/130406 (executing program)
2025/11/15 21:35:03 fetching corpus: 1100, signal 106310/133488 (executing program)
2025/11/15 21:35:03 fetching corpus: 1150, signal 107829/136011 (executing program)
2025/11/15 21:35:04 fetching corpus: 1200, signal 110257/139273 (executing program)
2025/11/15 21:35:04 fetching corpus: 1250, signal 111815/141740 (executing program)
2025/11/15 21:35:04 fetching corpus: 1300, signal 114869/145395 (executing program)
2025/11/15 21:35:04 fetching corpus: 1350, signal 116197/147587 (executing program)
2025/11/15 21:35:04 fetching corpus: 1400, signal 117719/149971 (executing program)
2025/11/15 21:35:04 fetching corpus: 1450, signal 118548/151742 (executing program)
2025/11/15 21:35:04 fetching corpus: 1500, signal 119732/153787 (executing program)
2025/11/15 21:35:04 fetching corpus: 1550, signal 121072/156007 (executing program)
2025/11/15 21:35:04 fetching corpus: 1600, signal 122256/158069 (executing program)
2025/11/15 21:35:04 fetching corpus: 1650, signal 123652/160250 (executing program)
2025/11/15 21:35:04 fetching corpus: 1700, signal 125129/162467 (executing program)
2025/11/15 21:35:05 fetching corpus: 1750, signal 126603/164738 (executing program)
2025/11/15 21:35:05 fetching corpus: 1800, signal 128036/166865 (executing program)
2025/11/15 21:35:05 fetching corpus: 1850, signal 129419/168943 (executing program)
2025/11/15 21:35:05 fetching corpus: 1900, signal 130864/171068 (executing program)
2025/11/15 21:35:05 fetching corpus: 1950, signal 131902/172911 (executing program)
2025/11/15 21:35:05 fetching corpus: 2000, signal 133268/174937 (executing program)
2025/11/15 21:35:05 fetching corpus: 2050, signal 134522/176874 (executing program)
2025/11/15 21:35:05 fetching corpus: 2100, signal 135633/178740 (executing program)
2025/11/15 21:35:05 fetching corpus: 2150, signal 136631/180452 (executing program)
2025/11/15 21:35:05 fetching corpus: 2200, signal 137773/182260 (executing program)
2025/11/15 21:35:06 fetching corpus: 2250, signal 138902/184025 (executing program)
2025/11/15 21:35:06 fetching corpus: 2300, signal 140187/185905 (executing program)
2025/11/15 21:35:06 fetching corpus: 2350, signal 141294/187645 (executing program)
2025/11/15 21:35:06 fetching corpus: 2400, signal 142274/189255 (executing program)
2025/11/15 21:35:06 fetching corpus: 2450, signal 143309/190878 (executing program)
2025/11/15 21:35:06 fetching corpus: 2500, signal 144181/192412 (executing program)
2025/11/15 21:35:06 fetching corpus: 2550, signal 144975/193875 (executing program)
2025/11/15 21:35:06 fetching corpus: 2600, signal 146071/195511 (executing program)
2025/11/15 21:35:06 fetching corpus: 2650, signal 147187/197101 (executing program)
2025/11/15 21:35:06 fetching corpus: 2700, signal 148065/198555 (executing program)
2025/11/15 21:35:07 fetching corpus: 2750, signal 148923/200024 (executing program)
2025/11/15 21:35:07 fetching corpus: 2800, signal 149442/201280 (executing program)
2025/11/15 21:35:07 fetching corpus: 2850, signal 150117/202641 (executing program)
2025/11/15 21:35:07 fetching corpus: 2900, signal 150723/203927 (executing program)
2025/11/15 21:35:07 fetching corpus: 2950, signal 151676/205325 (executing program)
2025/11/15 21:35:07 fetching corpus: 3000, signal 152776/206835 (executing program)
2025/11/15 21:35:07 fetching corpus: 3050, signal 153537/208099 (executing program)
2025/11/15 21:35:07 fetching corpus: 3100, signal 154362/209459 (executing program)
2025/11/15 21:35:07 fetching corpus: 3150, signal 155116/210744 (executing program)
2025/11/15 21:35:08 fetching corpus: 3200, signal 156077/212167 (executing program)
2025/11/15 21:35:08 fetching corpus: 3250, signal 156922/213454 (executing program)
2025/11/15 21:35:08 fetching corpus: 3300, signal 157346/214556 (executing program)
2025/11/15 21:35:08 fetching corpus: 3350, signal 157865/215757 (executing program)
2025/11/15 21:35:08 fetching corpus: 3400, signal 158416/216858 (executing program)
2025/11/15 21:35:08 fetching corpus: 3450, signal 159091/218066 (executing program)
2025/11/15 21:35:08 fetching corpus: 3500, signal 160098/219419 (executing program)
2025/11/15 21:35:08 fetching corpus: 3550, signal 160805/220594 (executing program)
2025/11/15 21:35:08 fetching corpus: 3600, signal 161380/221737 (executing program)
2025/11/15 21:35:08 fetching corpus: 3650, signal 161956/222853 (executing program)
2025/11/15 21:35:09 fetching corpus: 3700, signal 162839/224099 (executing program)
2025/11/15 21:35:09 fetching corpus: 3750, signal 163360/225221 (executing program)
2025/11/15 21:35:09 fetching corpus: 3800, signal 163970/226350 (executing program)
2025/11/15 21:35:09 fetching corpus: 3850, signal 164483/227395 (executing program)
2025/11/15 21:35:09 fetching corpus: 3900, signal 164957/228384 (executing program)
2025/11/15 21:35:09 fetching corpus: 3950, signal 165733/229561 (executing program)
2025/11/15 21:35:09 fetching corpus: 4000, signal 166153/230548 (executing program)
2025/11/15 21:35:09 fetching corpus: 4050, signal 167113/231734 (executing program)
2025/11/15 21:35:09 fetching corpus: 4100, signal 167586/232741 (executing program)
2025/11/15 21:35:09 fetching corpus: 4150, signal 168305/233778 (executing program)
2025/11/15 21:35:10 fetching corpus: 4200, signal 168712/234767 (executing program)
2025/11/15 21:35:10 fetching corpus: 4250, signal 169083/235740 (executing program)
2025/11/15 21:35:10 fetching corpus: 4300, signal 169634/236718 (executing program)
2025/11/15 21:35:10 fetching corpus: 4350, signal 170238/237694 (executing program)
2025/11/15 21:35:10 fetching corpus: 4400, signal 170877/238713 (executing program)
2025/11/15 21:35:10 fetching corpus: 4450, signal 171268/239646 (executing program)
2025/11/15 21:35:10 fetching corpus: 4500, signal 171834/240601 (executing program)
2025/11/15 21:35:10 fetching corpus: 4550, signal 172212/241494 (executing program)
2025/11/15 21:35:10 fetching corpus: 4600, signal 172704/242410 (executing program)
2025/11/15 21:35:10 fetching corpus: 4650, signal 173122/243277 (executing program)
2025/11/15 21:35:11 fetching corpus: 4700, signal 173599/244193 (executing program)
2025/11/15 21:35:11 fetching corpus: 4750, signal 174335/245134 (executing program)
2025/11/15 21:35:11 fetching corpus: 4800, signal 174685/246002 (executing program)
2025/11/15 21:35:11 fetching corpus: 4850, signal 175315/246931 (executing program)
2025/11/15 21:35:11 fetching corpus: 4900, signal 175919/247799 (executing program)
2025/11/15 21:35:11 fetching corpus: 4950, signal 176415/248687 (executing program)
2025/11/15 21:35:11 fetching corpus: 5000, signal 177040/249628 (executing program)
2025/11/15 21:35:11 fetching corpus: 5050, signal 177391/250449 (executing program)
2025/11/15 21:35:11 fetching corpus: 5100, signal 177931/251310 (executing program)
2025/11/15 21:35:11 fetching corpus: 5150, signal 178374/252115 (executing program)
2025/11/15 21:35:12 fetching corpus: 5200, signal 178786/252898 (executing program)
2025/11/15 21:35:12 fetching corpus: 5250, signal 180056/253907 (executing program)
2025/11/15 21:35:12 fetching corpus: 5300, signal 180539/254727 (executing program)
2025/11/15 21:35:12 fetching corpus: 5350, signal 181005/255533 (executing program)
2025/11/15 21:35:12 fetching corpus: 5400, signal 181587/256360 (executing program)
2025/11/15 21:35:12 fetching corpus: 5450, signal 182009/257126 (executing program)
2025/11/15 21:35:12 fetching corpus: 5500, signal 182407/257897 (executing program)
2025/11/15 21:35:12 fetching corpus: 5550, signal 182763/258689 (executing program)
2025/11/15 21:35:12 fetching corpus: 5600, signal 183084/259479 (executing program)
2025/11/15 21:35:13 fetching corpus: 5650, signal 183791/260265 (executing program)
2025/11/15 21:35:13 fetching corpus: 5700, signal 184297/261060 (executing program)
2025/11/15 21:35:13 fetching corpus: 5750, signal 184594/261802 (executing program)
2025/11/15 21:35:13 fetching corpus: 5800, signal 184895/262519 (executing program)
2025/11/15 21:35:13 fetching corpus: 5850, signal 185403/263272 (executing program)
2025/11/15 21:35:13 fetching corpus: 5900, signal 185759/263966 (executing program)
2025/11/15 21:35:13 fetching corpus: 5950, signal 186148/264629 (executing program)
2025/11/15 21:35:13 fetching corpus: 6000, signal 186487/265304 (executing program)
2025/11/15 21:35:13 fetching corpus: 6050, signal 186770/265986 (executing program)
2025/11/15 21:35:13 fetching corpus: 6100, signal 187075/266668 (executing program)
2025/11/15 21:35:13 fetching corpus: 6150, signal 187392/267330 (executing program)
2025/11/15 21:35:14 fetching corpus: 6200, signal 187878/268063 (executing program)
2025/11/15 21:35:14 fetching corpus: 6250, signal 188149/268723 (executing program)
2025/11/15 21:35:14 fetching corpus: 6300, signal 188522/269360 (executing program)
2025/11/15 21:35:14 fetching corpus: 6350, signal 189130/270060 (executing program)
2025/11/15 21:35:14 fetching corpus: 6400, signal 189521/270720 (executing program)
2025/11/15 21:35:14 fetching corpus: 6450, signal 189824/271376 (executing program)
2025/11/15 21:35:14 fetching corpus: 6500, signal 190429/272023 (executing program)
2025/11/15 21:35:14 fetching corpus: 6550, signal 190771/272642 (executing program)
2025/11/15 21:35:14 fetching corpus: 6600, signal 191050/273251 (executing program)
2025/11/15 21:35:14 fetching corpus: 6650, signal 191446/273904 (executing program)
2025/11/15 21:35:14 fetching corpus: 6700, signal 191719/274545 (executing program)
2025/11/15 21:35:15 fetching corpus: 6750, signal 192102/275180 (executing program)
2025/11/15 21:35:15 fetching corpus: 6800, signal 192431/275804 (executing program)
2025/11/15 21:35:15 fetching corpus: 6850, signal 192670/276394 (executing program)
2025/11/15 21:35:15 fetching corpus: 6900, signal 192972/277014 (executing program)
2025/11/15 21:35:15 fetching corpus: 6950, signal 194083/277409 (executing program)
2025/11/15 21:35:15 fetching corpus: 7000, signal 194393/277409 (executing program)
2025/11/15 21:35:15 fetching corpus: 7050, signal 194614/277409 (executing program)
2025/11/15 21:35:15 fetching corpus: 7100, signal 195052/277409 (executing program)
2025/11/15 21:35:15 fetching corpus: 7150, signal 195335/277409 (executing program)
2025/11/15 21:35:15 fetching corpus: 7200, signal 195765/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7250, signal 195953/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7300, signal 196133/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7350, signal 196468/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7400, signal 196948/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7450, signal 197258/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7500, signal 197715/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7550, signal 198131/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7600, signal 198460/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7650, signal 198718/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7700, signal 199044/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7750, signal 199405/277409 (executing program)
2025/11/15 21:35:16 fetching corpus: 7800, signal 199759/277409 (executing program)
2025/11/15 21:35:17 fetching corpus: 7850, signal 199996/277409 (executing program)
2025/11/15 21:35:17 fetching corpus: 7900, signal 200332/277409 (executing program)
2025/11/15 21:35:17 fetching corpus: 7950, signal 200714/277410 (executing program)
2025/11/15 21:35:17 fetching corpus: 8000, signal 200910/277410 (executing program)
2025/11/15 21:35:17 fetching corpus: 8050, signal 201231/277410 (executing program)
2025/11/15 21:35:17 fetching corpus: 8100, signal 201447/277410 (executing program)
2025/11/15 21:35:17 fetching corpus: 8150, signal 201759/277410 (executing program)
2025/11/15 21:35:17 fetching corpus: 8200, signal 201977/277410 (executing program)
2025/11/15 21:35:17 fetching corpus: 8250, signal 202244/277410 (executing program)
2025/11/15 21:35:17 fetching corpus: 8300, signal 202535/277410 (executing program)
2025/11/15 21:35:17 fetching corpus: 8350, signal 202760/277410 (executing program)
2025/11/15 21:35:18 fetching corpus: 8400, signal 203005/277413 (executing program)
2025/11/15 21:35:18 fetching corpus: 8450, signal 203355/277413 (executing program)
2025/11/15 21:35:18 fetching corpus: 8500, signal 203660/277413 (executing program)
2025/11/15 21:35:18 fetching corpus: 8550, signal 204067/277413 (executing program)
2025/11/15 21:35:18 fetching corpus: 8600, signal 204377/277413 (executing program)
2025/11/15 21:35:18 fetching corpus: 8650, signal 204677/277413 (executing program)
2025/11/15 21:35:18 fetching corpus: 8700, signal 204980/277413 (executing program)
2025/11/15 21:35:18 fetching corpus: 8750, signal 205264/277413 (executing program)
2025/11/15 21:35:18 fetching corpus: 8800, signal 205668/277413 (executing program)
2025/11/15 21:35:19 fetching corpus: 8850, signal 206240/277413 (executing program)
2025/11/15 21:35:19 fetching corpus: 8900, signal 206634/277413 (executing program)
2025/11/15 21:35:19 fetching corpus: 8950, signal 207014/277413 (executing program)
2025/11/15 21:35:19 fetching corpus: 9000, signal 207374/277413 (executing program)
2025/11/15 21:35:19 fetching corpus: 9050, signal 207641/277413 (executing program)
2025/11/15 21:35:19 fetching corpus: 9100, signal 207937/277413 (executing program)
2025/11/15 21:35:19 fetching corpus: 9150, signal 208249/277413 (executing program)
2025/11/15 21:35:19 fetching corpus: 9200, signal 208504/277413 (executing program)
2025/11/15 21:35:19 fetching corpus: 9250, signal 208782/277413 (executing program)
2025/11/15 21:35:19 fetching corpus: 9300, signal 209090/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9350, signal 209418/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9400, signal 209687/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9450, signal 209934/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9500, signal 210156/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9550, signal 210467/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9600, signal 210655/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9650, signal 210966/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9700, signal 211231/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9750, signal 211513/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9800, signal 211800/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9850, signal 212089/277413 (executing program)
2025/11/15 21:35:20 fetching corpus: 9900, signal 212324/277413 (executing program)
2025/11/15 21:35:21 fetching corpus: 9950, signal 212566/277413 (executing program)
2025/11/15 21:35:21 fetching corpus: 10000, signal 212932/277413 (executing program)
2025/11/15 21:35:21 fetching corpus: 10050, signal 213268/277413 (executing program)
2025/11/15 21:35:21 fetching corpus: 10100, signal 213448/277413 (executing program)
2025/11/15 21:35:21 fetching corpus: 10150, signal 213653/277413 (executing program)
2025/11/15 21:35:21 fetching corpus: 10200, signal 213941/277413 (executing program)
2025/11/15 21:35:21 fetching corpus: 10250, signal 214205/277413 (executing program)
2025/11/15 21:35:21 fetching corpus: 10300, signal 214383/277413 (executing program)
2025/11/15 21:35:21 fetching corpus: 10350, signal 214726/277413 (executing program)
2025/11/15 21:35:21 fetching corpus: 10400, signal 214951/277413 (executing program)
2025/11/15 21:35:22 fetching corpus: 10450, signal 215160/277413 (executing program)
2025/11/15 21:35:22 fetching corpus: 10500, signal 215378/277413 (executing program)
2025/11/15 21:35:22 fetching corpus: 10550, signal 215595/277413 (executing program)
2025/11/15 21:35:22 fetching corpus: 10600, signal 215882/277413 (executing program)
2025/11/15 21:35:22 fetching corpus: 10650, signal 216113/277413 (executing program)
2025/11/15 21:35:22 fetching corpus: 10700, signal 216375/277413 (executing program)
2025/11/15 21:35:22 fetching corpus: 10750, signal 216718/277413 (executing program)
2025/11/15 21:35:22 fetching corpus: 10800, signal 216929/277413 (executing program)
2025/11/15 21:35:22 fetching corpus: 10850, signal 217181/277413 (executing program)
2025/11/15 21:35:22 fetching corpus: 10900, signal 217415/277413 (executing program)
2025/11/15 21:35:22 fetching corpus: 10950, signal 217625/277413 (executing program)
2025/11/15 21:35:23 fetching corpus: 11000, signal 217842/277413 (executing program)
2025/11/15 21:35:23 fetching corpus: 11050, signal 218127/277413 (executing program)
2025/11/15 21:35:23 fetching corpus: 11100, signal 218332/277413 (executing program)
2025/11/15 21:35:23 fetching corpus: 11150, signal 218561/277413 (executing program)
2025/11/15 21:35:23 fetching corpus: 11200, signal 218885/277423 (executing program)
2025/11/15 21:35:23 fetching corpus: 11250, signal 219083/277423 (executing program)
2025/11/15 21:35:23 fetching corpus: 11300, signal 219346/277423 (executing program)
2025/11/15 21:35:23 fetching corpus: 11350, signal 219551/277425 (executing program)
2025/11/15 21:35:23 fetching corpus: 11400, signal 219760/277425 (executing program)
2025/11/15 21:35:23 fetching corpus: 11450, signal 219953/277425 (executing program)
2025/11/15 21:35:23 fetching corpus: 11500, signal 220148/277425 (executing program)
2025/11/15 21:35:24 fetching corpus: 11550, signal 220362/277425 (executing program)
2025/11/15 21:35:24 fetching corpus: 11600, signal 220663/277425 (executing program)
2025/11/15 21:35:24 fetching corpus: 11650, signal 220874/277425 (executing program)
2025/11/15 21:35:24 fetching corpus: 11700, signal 221132/277425 (executing program)
2025/11/15 21:35:24 fetching corpus: 11750, signal 221290/277425 (executing program)
2025/11/15 21:35:24 fetching corpus: 11800, signal 221576/277425 (executing program)
2025/11/15 21:35:24 fetching corpus: 11850, signal 221703/277425 (executing program)
2025/11/15 21:35:24 fetching corpus: 11900, signal 221916/277425 (executing program)
2025/11/15 21:35:24 fetching corpus: 11950, signal 222078/277425 (executing program)
2025/11/15 21:35:24 fetching corpus: 12000, signal 222221/277425 (executing program)
2025/11/15 21:35:24 fetching corpus: 12050, signal 222391/277425 (executing program)
2025/11/15 21:35:25 fetching corpus: 12100, signal 222576/277425 (executing program)
2025/11/15 21:35:25 fetching corpus: 12150, signal 222858/277425 (executing program)
2025/11/15 21:35:25 fetching corpus: 12200, signal 223048/277432 (executing program)
2025/11/15 21:35:25 fetching corpus: 12250, signal 223424/277432 (executing program)
2025/11/15 21:35:25 fetching corpus: 12300, signal 223799/277432 (executing program)
2025/11/15 21:35:25 fetching corpus: 12350, signal 224061/277432 (executing program)
2025/11/15 21:35:25 fetching corpus: 12400, signal 224366/277432 (executing program)
2025/11/15 21:35:25 fetching corpus: 12450, signal 224606/277432 (executing program)
2025/11/15 21:35:25 fetching corpus: 12500, signal 224774/277432 (executing program)
2025/11/15 21:35:25 fetching corpus: 12550, signal 224983/277432 (executing program)
2025/11/15 21:35:25 fetching corpus: 12600, signal 225335/277432 (executing program)
2025/11/15 21:35:26 fetching corpus: 12650, signal 225853/277432 (executing program)
2025/11/15 21:35:26 fetching corpus: 12700, signal 226006/277432 (executing program)
2025/11/15 21:35:26 fetching corpus: 12750, signal 226183/277432 (executing program)
2025/11/15 21:35:26 fetching corpus: 12800, signal 226409/277432 (executing program)
2025/11/15 21:35:26 fetching corpus: 12850, signal 226675/277432 (executing program)
2025/11/15 21:35:26 fetching corpus: 12900, signal 226809/277432 (executing program)
2025/11/15 21:35:26 fetching corpus: 12950, signal 227015/277432 (executing program)
2025/11/15 21:35:26 fetching corpus: 13000, signal 227364/277432 (executing program)
2025/11/15 21:35:26 fetching corpus: 13050, signal 227643/277433 (executing program)
2025/11/15 21:35:26 fetching corpus: 13100, signal 227859/277433 (executing program)
2025/11/15 21:35:26 fetching corpus: 13150, signal 228008/277433 (executing program)
2025/11/15 21:35:27 fetching corpus: 13200, signal 228233/277433 (executing program)
2025/11/15 21:35:27 fetching corpus: 13250, signal 228477/277433 (executing program)
2025/11/15 21:35:27 fetching corpus: 13300, signal 228714/277433 (executing program)
2025/11/15 21:35:27 fetching corpus: 13350, signal 229142/277433 (executing program)
2025/11/15 21:35:27 fetching corpus: 13400, signal 229296/277433 (executing program)
2025/11/15 21:35:27 fetching corpus: 13450, signal 229532/277433 (executing program)
2025/11/15 21:35:27 fetching corpus: 13500, signal 229742/277433 (executing program)
2025/11/15 21:35:27 fetching corpus: 13550, signal 229946/277433 (executing program)
2025/11/15 21:35:27 fetching corpus: 13600, signal 230086/277433 (executing program)
2025/11/15 21:35:27 fetching corpus: 13650, signal 230321/277433 (executing program)
2025/11/15 21:35:28 fetching corpus: 13700, signal 230506/277433 (executing program)
2025/11/15 21:35:28 fetching corpus: 13750, signal 230667/277433 (executing program)
2025/11/15 21:35:28 fetching corpus: 13800, signal 230859/277433 (executing program)
2025/11/15 21:35:28 fetching corpus: 13850, signal 231062/277433 (executing program)
2025/11/15 21:35:28 fetching corpus: 13900, signal 231223/277433 (executing program)
2025/11/15 21:35:28 fetching corpus: 13950, signal 231436/277433 (executing program)
2025/11/15 21:35:28 fetching corpus: 14000, signal 231600/277433 (executing program)
2025/11/15 21:35:28 fetching corpus: 14050, signal 231816/277433 (executing program)
2025/11/15 21:35:28 fetching corpus: 14100, signal 231964/277433 (executing program)
2025/11/15 21:35:28 fetching corpus: 14150, signal 232202/277433 (executing program)
2025/11/15 21:35:29 fetching corpus: 14200, signal 232392/277433 (executing program)
2025/11/15 21:35:29 fetching corpus: 14250, signal 232581/277433 (executing program)
2025/11/15 21:35:29 fetching corpus: 14300, signal 232721/277433 (executing program)
2025/11/15 21:35:29 fetching corpus: 14350, signal 232887/277433 (executing program)
2025/11/15 21:35:29 fetching corpus: 14400, signal 233077/277433 (executing program)
2025/11/15 21:35:29 fetching corpus: 14450, signal 233244/277433 (executing program)
2025/11/15 21:35:29 fetching corpus: 14500, signal 233414/277434 (executing program)
2025/11/15 21:35:29 fetching corpus: 14550, signal 233617/277434 (executing program)
2025/11/15 21:35:29 fetching corpus: 14600, signal 233761/277434 (executing program)
2025/11/15 21:35:29 fetching corpus: 14650, signal 233986/277434 (executing program)
2025/11/15 21:35:30 fetching corpus: 14700, signal 234152/277434 (executing program)
2025/11/15 21:35:30 fetching corpus: 14750, signal 234260/277434 (executing program)
2025/11/15 21:35:30 fetching corpus: 14800, signal 234453/277434 (executing program)
2025/11/15 21:35:30 fetching corpus: 14850, signal 234587/277434 (executing program)
2025/11/15 21:35:30 fetching corpus: 14900, signal 234717/277435 (executing program)
2025/11/15 21:35:30 fetching corpus: 14950, signal 234965/277435 (executing program)
2025/11/15 21:35:30 fetching corpus: 15000, signal 235100/277435 (executing program)
2025/11/15 21:35:30 fetching corpus: 15050, signal 235307/277435 (executing program)
2025/11/15 21:35:30 fetching corpus: 15100, signal 235576/277435 (executing program)
2025/11/15 21:35:30 fetching corpus: 15150, signal 235767/277435 (executing program)
2025/11/15 21:35:30 fetching corpus: 15200, signal 235955/277435 (executing program)
2025/11/15 21:35:30 fetching corpus: 15250, signal 236088/277435 (executing program)
2025/11/15 21:35:31 fetching corpus: 15300, signal 236230/277435 (executing program)
2025/11/15 21:35:31 fetching corpus: 15350, signal 236401/277435 (executing program)
2025/11/15 21:35:31 fetching corpus: 15400, signal 236575/277435 (executing program)
2025/11/15 21:35:31 fetching corpus: 15450, signal 236782/277435 (executing program)
2025/11/15 21:35:31 fetching corpus: 15500, signal 236964/277435 (executing program)
2025/11/15 21:35:31 fetching corpus: 15550, signal 237124/277435 (executing program)
2025/11/15 21:35:31 fetching corpus: 15600, signal 237293/277435 (executing program)
2025/11/15 21:35:31 fetching corpus: 15650, signal 237434/277435 (executing program)
2025/11/15 21:35:31 fetching corpus: 15700, signal 237637/277435 (executing program)
2025/11/15 21:35:31 fetching corpus: 15750, signal 237761/277435 (executing program)
2025/11/15 21:35:31 fetching corpus: 15800, signal 237958/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 15850, signal 238104/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 15900, signal 238295/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 15950, signal 238566/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 16000, signal 239183/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 16050, signal 239347/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 16100, signal 239510/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 16150, signal 239698/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 16200, signal 240051/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 16250, signal 240200/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 16300, signal 240356/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 16350, signal 240557/277435 (executing program)
2025/11/15 21:35:32 fetching corpus: 16400, signal 240736/277435 (executing program)
2025/11/15 21:35:33 fetching corpus: 16450, signal 240896/277435 (executing program)
2025/11/15 21:35:33 fetching corpus: 16472, signal 240937/277435 (executing program)
2025/11/15 21:35:33 fetching corpus: 16472, signal 240937/277435 (executing program)
2025/11/15 21:35:34 starting 8 fuzzer processes
21:35:34 executing program 0:
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x8, 0x7, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x8}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x80}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x800)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, @in_args={0x2}}, './file0\x00'})
sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x48, 0x0, 0x4, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x27}}}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0xfffd}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x81}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x81}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x3}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x4040844}, 0x4000)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1080}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x34, r1, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0xe0}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x8e}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0xff}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x10}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000810}, 0x80)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x2c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x8000, 0x17}}}}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40845)
sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x68, r1, 0x4, 0x70bd2d, 0x25dfdbff, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa1}]}, 0x68}, 0x1, 0x0, 0x0, 0x40000}, 0x8040)
sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x100408}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x1c, 0x0, 0x220, 0x70bd26, 0x25dfdbff, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4048080}, 0x10)
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000780), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f00000007c0)={{0x1, 0x1, 0x18, <r5=>r4, {0x100}}, './file0\x00'})
openat$dir(0xffffffffffffff9c, &(0x7f0000000800)='./file0\x00', 0x800, 0x42)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r5, 0xc0189374, &(0x7f0000000840)={{0x1, 0x1, 0x18, <r6=>r0, {0x3}}, './file0\x00'})
recvmsg(r6, &(0x7f0000001d00)={0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000880)=""/87, 0x57}, {&(0x7f0000000900)=""/178, 0xb2}, {&(0x7f00000009c0)=""/22, 0x16}, {&(0x7f0000000a00)=""/25, 0x19}, {&(0x7f0000000a40)=""/204, 0xcc}, {&(0x7f0000000b40)=""/138, 0x8a}, {&(0x7f0000000c00)=""/4096, 0x1000}], 0x7, &(0x7f0000001c80)=""/85, 0x55}, 0x20)
sendmsg$NL80211_CMD_START_NAN(r6, &(0x7f0000001e40)={&(0x7f0000001d40), 0xc, &(0x7f0000001e00)={&(0x7f0000001d80)={0x44, r2, 0x8, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x6}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xb}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x6}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0xff}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}]}, 0x44}}, 0x20004820)
r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001e80), 0x103600, 0x0)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000001f00), r0)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r7, &(0x7f0000001fc0)={&(0x7f0000001ec0)={0x10, 0x0, 0x0, 0x55ec5497d0b664e8}, 0xc, &(0x7f0000001f80)={&(0x7f0000001f40)={0x24, r8, 0x8, 0x70bd29, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x1ff}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x40000)
io_submit(0x0, 0x4, &(0x7f0000002500)=[&(0x7f0000002180)={0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000002040)="5acdfecc24821695943a25e3fc98d56f30fe0035831fe4a011bbfba8b9fa014f25d549612a8332dd1932c1fa939fea13caa6be0ea06bef83b4158cd7e83b4bc09f8fcd0cf092511babbbfa2840ce02ff87bdb63c5fd63146ce8a1b619b18d8c6b88349801b842b96f8ea7676173226458f80ecade2d6a3c2e6295028bef6b7f33edbbbe2c611f3f038b325a063b783cf1bb7066760d22c9c07a045965c36c3d4afcdecfc8dcf0bf5807cb6685eb0ccfc0597a320e7b280bad5c9a49086ecbd14219eff7d", 0xc4, 0x1f, 0x0, 0x2}, &(0x7f0000002200)={0x0, 0x0, 0x0, 0x0, 0xcafa, r7, &(0x7f00000021c0)="893876", 0x3, 0x1ff, 0x0, 0x3, r5}, &(0x7f0000002340)={0x0, 0x0, 0x0, 0x5, 0xe837, r6, &(0x7f0000002240)="d3eac32fd81bc579fa021baa7fe0566511ff92204bd25eed316af581a3c3ecaa1a4f0c4c075e742bc23ef79675f8b966449065990f9659f557149a92d3ae198d4bd9c83462b89a456f7cc7e79a822b3533b92f2aae2a56f1118fba805c189399ebb8b686792008db30a7e3850b5c30ab9abec557ddcc2addf7a59689036cb4754b2b5b8548c31cb47034b331a391c395b57fad185c21e6849a714f145ee5d1bd7bb4e124330fbf21341c4d502b455a5305676e449526c8690dc7d0cf96161c4ed8327433ba688856fa2b0e244b5c1e7ecc418efccc7093e2a8440e4ee7775fe728c0a49cfcb00ab5f42f17e25d", 0xed, 0x5, 0x0, 0x0, r5}, &(0x7f00000024c0)={0x0, 0x0, 0x0, 0x3, 0x7f, 0xffffffffffffffff, &(0x7f00000023c0)="931627b485f841eaca3f64b2a1c3212e3933ad5ec25a1ce4bd3f47bc4b421b91c7c242b241585488f7ffad5d7a6d272db6c94be97845712eabc8888729503826c50a4bd669257f31df91ba071acecff8c1e9fd55033b69764980aa3d8ea5b0c71fe95b50c742a1f42acbdc188459615722cf1e6c7114457267eba7707f4da65bc7739e50104686e752", 0x89, 0x1, 0x0, 0x2}])

21:35:34 executing program 1:
ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000000))
r0 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, &(0x7f0000000080)=0x6, &(0x7f00000000c0)=0x2)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000100)={0x7, 'geneve0\x00', {0x7}, 0x6})
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000140)='syz0\x00', 0x1ff)
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x10cc3, 0x0)
ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f00000001c0)={{}, {@void, @actul_num={@val=0x2d, 0x5, 0x70}}})
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000200)={0x7, 0xfffff000})
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000240)={0x0, 'vcan0\x00', {}, 0x1f})
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000280))
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0xc)
fsetxattr$trusted_overlay_upper(r1, &(0x7f00000002c0), &(0x7f0000000300)={0x0, 0xfb, 0xc6, 0x0, 0x5, "c65697297636e4adb7f447de3e909cc6", "e0ecd5e6b54aeb63a96bfbb64f75769861475becf532ecd69f1b758f1bbaae8aaa33007ad2752f1924e636651bf53af662c09b9fb64976ca595a1a3b6ba1da994190ef35565e94cabaa4f79e124b54c8cf3cbf82fddef1c90409bcc6f75ee4f268888573ed54771db0dc9d2a21e023b026053e4b0e963bedbc6a6ae71760831a5acd709b8fd461af241a65f5c56a35fb35d889a8d05ad67906f4f580803a70e70bd09047030da1158c3900ca606fd1ebe3"}, 0xc6, 0x2)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000003440)=[{{&(0x7f0000003180)=@abs, 0x6e, &(0x7f0000003300)=[{&(0x7f0000003200)=""/222, 0xde}], 0x1, &(0x7f0000003340)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r3=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xf0}}], 0x1, 0x41, &(0x7f0000003480)={0x0, 0x3938700})
ioctl$sock_inet_SIOCGIFPFLAGS(r4, 0x8935, &(0x7f00000034c0)={'veth0_to_batadv\x00'})
open(&(0x7f0000003500)='./file0\x00', 0x240000, 0x40)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000003540)={{0x1, 0x1, 0x18, <r6=>r5, {0xfffffffb}}, './file0\x00'})
fcntl$setown(r6, 0x8, r2)
openat$cgroup_type(0xffffffffffffffff, &(0x7f00000035c0), 0x2, 0x0)

21:35:34 executing program 7:
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x88900)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x4, 0x8, 0x4})
r1 = openat2(r0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x1a000, 0x10, 0x1f}, 0x18)
write$binfmt_script(r1, &(0x7f0000000100)={'#! ', './file0', [{0x20, ':#$:^'}, {0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}, {0x20, '$+'}], 0xa, "bc1cac895f615173aaec395ce5569c7514870fd48c3051485e1295447ddd6c"}, 0x39)
statfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/4096)
r2 = accept(r0, &(0x7f0000001180)=@in={0x2, 0x0, @private}, &(0x7f0000001200)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(r2, &(0x7f0000001300)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000012c0)={&(0x7f0000001280)={0x28, 0x3f7, 0x2, 0x70bd2d, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000)
r3 = socket$inet(0x2, 0x3, 0x100)
sendfile(r2, r3, &(0x7f0000001340)=0x2b0, 0x8001)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000001380)={{0x1, 0x1, 0x18, <r4=>r1, {0x200000}}, './file0\x00'})
sendmsg$AUDIT_USER(r4, &(0x7f00000014c0)={&(0x7f00000013c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001480)={&(0x7f0000001400)={0x50, 0x3ed, 0x16, 0x70bd2a, 0x25dfdbfd, "1acea445882c9d8c784a9b857eacba808cd331f4998b134b74cc707141eec9059d726f4996735046a83c51c8618e9bb1216acc4edf17a549c48b494882c4", ["", ""]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x20000001)
getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000001500)={@remote, @multicast1}, &(0x7f0000001540)=0xc)
lchown(&(0x7f0000001580)='.\x00', 0x0, 0xee00)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f00000015c0)={0x0, {{0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
truncate(&(0x7f0000001680)='./file0/file0\x00', 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000016c0)='/proc/sysvipc/shm\x00', 0x0, 0x0)
sendmsg$DEVLINK_CMD_GET(r5, &(0x7f0000001880)={&(0x7f0000001700)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001840)={&(0x7f0000001740)={0xe8, 0x0, 0x800, 0x70bd26, 0x25dfdbff, {}, [@pci={{0x8}, {0x11}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0xe8}, 0x1, 0x0, 0x0, 0x8081}, 0x20008000)
connect$unix(r4, &(0x7f00000018c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
openat$nvram(0xffffffffffffff9c, &(0x7f0000001940), 0x80c0, 0x0)
unlinkat(r0, &(0x7f0000001980)='./file0\x00', 0x200)

21:35:34 executing program 2:
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0xc00, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}, ["", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4e011}, 0x1)
sendmsg$NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8}, @void}}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000004)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_LEAVE_OCB(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, r0, 0x4, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1000, 0x74}}}}, ["", "", "", ""]}, 0x20}}, 0x2804c088)
sendmsg$NFT_MSG_GETOBJ(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, 0x13, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}}, 0x80)
r1 = memfd_secret(0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000540)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_DELSET={0x2c, 0xb, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1e}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x801, 0x0, 0x0, {0xc, 0x0, 0x3}}, @NFT_MSG_DELOBJ={0x58, 0x14, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x6}]}], {0x14}}, 0xc0}, 0x1, 0x0, 0x0, 0x100}, 0x4040)
sendmsg$NL80211_CMD_ABORT_SCAN(r1, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x20, r0, 0x0, 0x70bd2b, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x7, 0x6}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x14)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001cc0), 0x202, 0x0)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000001d40), r1)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000001e00)={'erspan0\x00', &(0x7f0000001d80)={'syztnl2\x00', <r4=>0x0, 0x80, 0x700, 0xdb1, 0x80000000, {{0x14, 0x4, 0x0, 0x9, 0x50, 0x66, 0x0, 0xf8, 0x29, 0x0, @private=0xa010100, @loopback, {[@ssrr={0x89, 0x27, 0x80, [@empty, @private=0xa010100, @dev={0xac, 0x14, 0x14, 0x12}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @private=0xa010102, @multicast1, @local, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @lsrr={0x83, 0x13, 0xcb, [@multicast2, @empty, @multicast1, @broadcast]}, @end]}}}}})
getsockopt$inet_mreqn(r1, 0x0, 0x0, &(0x7f0000001e40)={@private, @multicast1, <r5=>0x0}, &(0x7f0000001e80)=0xc)
sendmsg$BATADV_CMD_GET_HARDIF(r2, &(0x7f0000001f80)={&(0x7f0000001d00)={0x10, 0x0, 0x0, 0x10000c}, 0xc, &(0x7f0000001f40)={&(0x7f0000001ec0)={0x4c, r3, 0x20, 0x4000, 0x25dfdbff, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x400}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20080041}, 0x4005041)
sendmsg$NL80211_CMD_GET_MPATH(r1, &(0x7f0000002080)={&(0x7f0000001fc0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000002040)={&(0x7f0000002000)={0x40, r0, 0x300, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x20, 0x4d}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x40}, 0x1, 0x0, 0x0, 0xd4}, 0x890)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f00000020c0)={{0x1, 0x1, 0x18, <r6=>r1}, './file0\x00'})
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r6, &(0x7f0000002240)={&(0x7f0000002100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000002200)={&(0x7f0000002140)={0x84, 0x0, 0x800, 0x70bd2c, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffe0000}}, {@pci={{0x8}, {0x11}}, {0x8}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x20}}]}, 0x84}, 0x1, 0x0, 0x0, 0x40001}, 0x4000071)
pwritev(r2, &(0x7f0000003680)=[{&(0x7f0000002280)="3858cc42c67d087b63615d2c66924c5ca7ed8bac8c883ce29da3a74baf0e7845aaa14c727469cdc4f88f8de480e2d162de712364f47c9f34eeed5ed3d9878898b2685162c15ecb581c0046e65f08cc06e7cb9af39388048a696511dcccbaf726e586640f35cb4317ade066f0794a96635c502cada1252e96e7cce21e04cec4e2b7018ca630250af353a07dce761fce9da3b94a184372dc0d9d4bb91f878eada3f68034", 0xa3}, {&(0x7f0000002340)="4b3a81032a1f9ce3a67fab7f76b0ead1259d6cff7fa96027ed4df12a0bd787", 0x1f}, {&(0x7f0000002380)="4127b7ccec44765ba7008e184f482fffedcd137b935487a9e026cd5042c7cd70d0164b0bbb041cd92dc2035af01ef2fa11e7da6b5b33e763006ffdabfdc239c0d47c0880ff818b5ae061154b46f2f47b0708bdcf6b57f5ff2cb32305b2f1d1f9cc1dd9411ea200390b119753c56674b57213d80a0f2bdf2ea2e1bf7825390110cbc82c0f8307476ba4fa8ab4eccf2772427191798c9b336e58bcc14293e6f0254039a14f9ea137fabb7204d9c5cd2ce164aaf9bb4dd8f10cd65e82c40ac193ebd1a54da1617c074d5e43e1c89fff6ae97137fe7c080b96946f0e68eeca9eefa252170606", 0xe4}, {&(0x7f0000002480)="60449af894bcb277d0606ef47960d990dff4c714ef679d113db8f1ddb2226286515ab10179fbb489e2930117e473112ac06e22b95315df97712e6b2e7548dfa12dd128ba41ca57f7a7e19faea8b6512b2a1be695c41be1b54a1b0274ff84a37f42a798d4a2513795b970ace69708de56ad384d6423f9dc173528", 0x7a}, {&(0x7f0000002500)="00dc04a87b229bc03739b17d4912b17ff6a4a25669f00cf72712e275affbcb155a7ddf54f69bc8f8a7961c3b72b3c9ea339cab7fc4713c5031f54b8bd39f9ef80cd8f8db5ce4694dcbd0c88dc8e885505d16e6e19b08e4794392912470f18e7a9e1e3ad07df9c277", 0x68}, {&(0x7f0000002580)="82d930792628ea14b9b6afa5a2276a5786eab81d5e85d5117d600901fc76cf28580864f3d3c0922c5fe7a8a92d5f00c925b0c75e6dc3f63cec302175b5159633f80a9b0fe281e6443d53e658319f05a7dd8210cf8e0342afce7ab93afdc5f1ed34bde88ab504f58297ae05b3f261169278aa0bbe4a8b5cd0d7a992978096407f224a9bacd52771f0706db36f5b26541cd7e02779d2db7e3afdaec765b46b29db04023c57bfbc8885e5cf4972de8805a98193951d6c84127dcf186d4afd15190cf35c8967274942e1dfc3f346c6bae156f1b87a34c86bbff78be1d9bc824226705294916e094f02d8248f7fea1b3f9cc994aba129a3f3", 0xf6}, {&(0x7f0000002680)="f3335baadfb848043849fb9ea57d4cddb13c72e7b043b9c14a063ffc2e6f56b9b4406492724edd99f87c31a9f9b8446a3a224c95e266f46992aab39174f88ce8d2ec826efb8ce12dcfaa82ab46b503124bb3e57f77a982059e573c715e8934a28034aef73009ee1914808dd89999d71edce2a7059bb4933f4bc4ee25bb7e56c631a69a70a5d8e6f3e79f841f241b3cc59fbd81ff1da77e3814274ece37adc24b226f2d6a10af36afd8f80cece4063fa91f671a7a93029b0a7031b29f9e5db5560d8a8a3d367fac8a20423dd4beb03d98b6ae3166dfcb6328f6d189ebcac8848977989697fd509ac69e9f123da7c26d30d845fdb65e595b992ec0fa6ee554aa53462a402154f01913a75c20204896b3b9e2002a83bcc22df700035f561b85d2437979351a7ecd7e2c7414f07399d9ef1b2af1909587bddab13896743d82f294a04ea46f1766abf4bd5118fb11a85bda28f1b765c5018db1521e5e2420ca8185800c0d2a27286d2b5c35187e645c7343ea5226d7d5628890d9d132de12adaa173728dede1dd4c40c9ba33f97afb7e8de3d6fdbd3f9706efe97ba450d481661086de61473979650a089d3230acfb57cea16317aa0cc6fb88cb8c0a7860f2f94d5b9625a64df6b803659f2fae6b69520f5635cc07dec53c8f85795df8cc9308f87e62b4e2ec8a65eedaec3a2a6b05dba39f23ce7f3bceb1a277bee1771eebbe1bf1bf73df968df3a5e5ed58580b6f76b3a7a9db909c826fd72ada9c5c9a433c566cc262dfd409cc8b68a80672aa898fd649636c03ff0fbd5bf36a6a9dd5c339165d0f5e673d3bbf8106e43a7a0c43f5b16232038bfafb3303fa05e7bbbee6ff74ecd5c4d61457d4991e99b1afcc99d175e37bd7ef5db6ae22e76627514add4b22cf72bb6b849243f22895503dcd8caf214525a7474c084c92d9f4557d00ca844d0b029f14acf86529ccd413cf153fd19745320cc94ea4018553fe10f956858ea1e6b4ae072d1d55ed1a1394d801fa906b2b29b0a5f0093ffc0821de11fa234ebe7260af63122c539bbdff61afeb1e46d5426a3ad4d4b70259601d61171dd5d1f055c616952036b22caff74fa0456f5fb8adf8311b88d6b7b44ce8f87251e14adc2470427f63f48d38792efe7998754705e1c7a5894dc0b00f0ac5b0a53f4711d86dc2ecc573d40969b5dd6b9e6851ea0c13d16f29cd22d17913e2f3d168519eaaf5c4e615a13a0cd44e7fd7f9c038523b131cd87d01d07ab4191edfa71184e705ad8b1f29973a8e90ea38a52e8ae87c3ce57e8bc4c3f07fff15b20ca405eca5f9263f6ca8cda6b79867fb740687968826dc2688fb74b5c37a4bb2c655dbbd4839980614bf3bc576b758b575f74f1db9bd4719122b6d45a6638a3d3185f2ecac03eda907a2834c4a09b64c1b491d78a13295601def0a191c3d0752504621413eddb3a3b1644e39c11ae6925e0e02759483637d70236c2bcf8db8aa7fa0a33eacab4ed3ae8f1240ea2d437c9763eba3f09101e0881144a07402a1d717cb0ca16dc56896aa9203b3bf8afb44f01bab0afaa0fc3c42188435867128a7447a7a266debbb87b0f5b7c0c8c7667c4aff30df053654c16572a8111127aedacc624d0c9ebefd75fcac76de6bd35c1f918a30915b3069098f1e295486820b54c68af1b3fec93c33d5c8f0737176d3403c08e80bae183b39bb5793f0aab19e4fa732fd870b64fc90fcad43595ed2140d6282ffbd333ba56ff57265e9f85e2d7006c0d48a3089200284a6cda147cef8da6aff02a20de13984f043bacfdf140e1bb92c1391c5bc453484cad76f42d9112b216575f2d8740fb07cf0084fcf2508f79ba48381178b4811749d30c208d9a14d8271ab3399d7c4ff79ae88423cf25f118e91973a6272f1b1439a4d984c3202137702d95386b02fa36b8f59160d1fa85c5c1df18d0b507702c1625f46522668685799e9d9df1bd3eca339dc6f7515b06efe9ce07bab39b69740d97725499a569d4454e794027086a2ff3a7d26ed76a91cc4d0d14279c90345def2e222be4c5f66f33edcdbb0129a9b5da2fbc1fc9569d711945a86a693dd114f5c91a0d4f9316649776b5fb21e81c50dfe7dbe1d67f0e3b47407e6b2d0b6b4998cacf47ae296d2ae91b940b715f7bbc748973d905d80f58e60ebb89b3410a62dbdfa7268370f722240b29bb891e2ce2009809ae98e9bd7810d22ce3c708a246fa8c58ef717da8efedab24d4e6ea46a3cd1e2e7259306e2c3755e47477780dca1fcead25bf33e6a6a9c1a486cf7e31f904db359d553945259a84418213a63d117a9b91a20f3b2065a5e8396107ecdf7363d8e1ed41ad0d808fac896851dff726bb57ac69cc88247c2da30e10cbd1a3eb88579eb37fb717e58510655597b17314502fe2cb1d8bba9386febcbf365f5456e53386893e6f3a3e17d554ab77baa5b911573c4895301a4d642736fbcfb654293e77db2c873c3fdd886740a0eaf947e6174dce9917987926de50563171bea35d2c2d1337686475d5d9045b819f359dd84b7bc18a4739dbcfe667c89c0c66ddc0dc1bea5340686b6a52fd7ce00a522df6b6362ef7cfd8bfe6a70ba6609d1e08f96d592cddd2497d14fd354f2c67e612900fa832aa61e7d61d1d6276c38810c81205cccc9f65a0ef7967e3dd004a23c77ea67bcf632e67ec5c7dfab2c8c30ead0c12fe9883f29fb5daaedefab116880428476ff96f885585359b43e626e5a1d6920f407a7b8ebda00e96a1493640e6e6dd9062db62d3a0ef87131a48d05892e72c09e28fb4c5a2507b729fcf71c6a78c6b7bda99a9f0c4f5b3ddb4734569b584d857d84f8da49b1f031c6ce2ea96392a61c0b1cb74d2f111852b01a868a955293b8de9bba504a964c733f278f2c2a61b938b4e59f8fc5ed3a9c2a6c05cab48eb7807089b8ae1e5abf4158ed132dade7ad389f62839e656cc03e107f89ec926a20dde92170477dd1306262577d36b0967a0c43ca1da063f7366309241c18ce2a2861a83823883703fbd2bd9ec29059272a3f1adf24f105dc31485919e661e7705c716b029684cebdffc2fa9dd79d16555a8996aee0a019b8fa286d2b2e09c5c2cd14775e1529ff682bd8b7fb85e9ff26cf660bc653aae75634acf3a2719b472e0eab8c5ff319b18c5890b559c5b7695a362c89b849ff0e507f663ac01d65ea51aef435dc8da56fe45855f661cc42460dc402f03411b15c8184da62a7daebb3a25b3b95f644a2be9d79795905740191d697a6a70b4d931be3cebc5f0b2ae5217fc01c712d89768369dea7e165238165002fccf435130bafb320f1c4c8aa1e82e07b94a6523b0762534546a22a8e298110dba5bac2b2f9df004f2577d57e9910f6693ced873093e7c144d6b8b13e0f629bbee02db0ec9725e402524f476f98fe2524ebfdb0032b87bc815110272a9b84b6dbbfe44a7f8410bd28708d5097b98d95ec201c548c0537eaf8dd8d5ff19c7aeed3b7a7a2042397613a01f0142406e670471c32c5bcbda9eeecb2eac3a723c7bf0866688292d9887754283be1d606a23a2b561601f773fa5c0b6d45e5e175e62ce615e3dcc5030db33e0c8468d0266fbf2eb80aa7ecfd9b6d7aeeff060bd95a117b51594c138ea1a70eab2dd60afd20149725cfa247a7b8239af8b94617856de8278db60bcc95c5dea7a9ef15cbbee9b2859d41fd0f5ccdafe4e7cfe3621db1390c76a16d9f5a188ab6056138a5138c14d9ba4165230d802b737e4cf701a8fada2f2e228d170681225d7f42ce7bf29e1a1c2f69d65efaf1d5255b4f62650d70ab6dc44e814e689847eaa1c09a03bd05b594c4e16491ed65411f8ac7fa87584007a22ffa39f4f00c7e5e01f19968bfc6a3407befcb2a3b379333f7a0b2a48d2e10bf51eb67c6b299db2745dcd1258e9414306378ff075197883a4ec6038eec5c0cc3c1f4f6a2012ce484689873ffa748a3415d73f906c46b399bf6080a42cf4d2f253a7e6e42d443d01a6e91609152f758ccf7b14c65c51b0a47c404e38d7457663110ee09a146083789d5b8c6ac01e70cdc6d5a43b12c7a1e249e0bbb6811ccadb585c153ae6bee528a579f9adf25b00c64927cf6005df781f40f0ad53a36fa13bb70b59ef84ee14ee7d27977ec2318bae6905bbc039a705fca4ee4664fe0f2bde710548ce20eae12d6fa23f980f7fdfc4004167988a0cbed9e9ccc4ec384ddd16b4f87945e60fda47697604683a84eb9449fb73acdecc1515516b33fa8db5b75837e3cdc62501f39e5834f004ba2a252fcbd11fe934e7f1b3c476cf76cba457fd414ade873180ebff8b79f6dbd0c82482cd016810be9fc25b201b89a106a861c6ae90f781cae35a53b8c0a2c11294f944b68003b2bfcb33082f522389469120fcf258a4425ee4c6f3273b5daea3fae82bc5712d57d9b920394dfbb9a4c922edd22b03a2f46beefb82ab906ebd1d7d0fb55c02dbe5139d95941796dab6429372b6dcdee8084b204f63d11d515c25a5b81497b22fd36b0627c47911890fd4a0b30389cac1841c97917f9b964b01529a3885b390d63d9bfbe930a96ed860732210a72f161b5d3a12b71e30fc561624fa9a79bacb4ba91ee9c7112c38e61ef7e727de7771cce315f1f1ed097d53f2236f567a4fd549bc75425449534f5b41dcc5e00174b3e50573b9669bcfcd170b4726fea34b5893fd5d8692e4ac0b226b60d142478271a1b7118684a27b3ab2159e71dd6985ab429b3543179acdc4ebea93f39fef636cfc6fdb5d7da766fc657c7387d4263381491a5cd7686ae088734c7463c7244b15dc4e69a80166c3d43ab319535703aa6a940f3b1e87bae22c349bb2ef70625d43e70829509e3c7d2ea0efe6b8204232f1a44559fcc4cca3205629a29b08c922784d4433ef7ec51f067c4a2e456d79d92e05d44cbe79db60564ccd1d1d7590e2c8cabdfb80248faaa21bcabb74e959cefe77213cb232f70fdd50fa85c635528413bbd09832d74439c3b6a950839591e33231058b1bed96db4fe251024f4dc78097a369a6576fc3eb93e76ac0bb8ae143dc4c701231934f6793ba5058253cb39cc59d7a0c38cdfc5bb1735cf04c658b42f51d8083269bd60dae3440ca56c9144c5272679c28e26fcebdc9a615b9236ac082553156cd10411e36733021ca85167112097b9b48d6f4e3d664441498e69425b3259bed2c0422824c76415c7b1a0693a2ec5ef29572407b85ed472fab3426e261f5a7d35d59ce8fa1b8e68106b4129ad633032a1fefec0701cffa248ac7cd3b50d027fe5429cbc0d9aa456c1b18997d7c2271c24740256bcf14694a2cd3d293bdadde5a91143b2584595d5e2e2bc538b606c2418c150415603a759f3ddacd04b4e726d6c0f65156c3d38b4903871f5ba5b64e9c1d9b882c275035eb3ad5005757d43f6590881931c3f35a8dd162b9f85f398683c94fc34cbdaade4af39ef77ee86fbb64d449f93542cf6b44172adcfc0ed933717513a45360a158af20d019ea950ee8aaf17135be29fea66cf6bb981ea688c8ebbc68df0f3542ba571f6ed16e051067012e2d82ff0642c41557df6806c76a372272ce805d356114b23ae49fb1d63d21a1092f3f056670813bce9b9892dfd0d1045105bfcbf41d2b6e552ce894e3f190da928acf757b4e435debae13e3189e3acf00bbeca0fa8dc399c41fc203118b5e8f4a022251a06ac659ba8f30157bc6d72ef9cd916ac5743f157e705db6dcfc60be0659b9246c89dc11a707fd4652f91b1655851657d30d01d0b77d604e6179030c16f8fbdf79f46e5261cbb7", 0x1000}], 0x7, 0x8, 0x7ff)
sendmsg$IEEE802154_ASSOCIATE_REQ(0xffffffffffffffff, &(0x7f00000037c0)={&(0x7f0000003700), 0xc, &(0x7f0000003780)={&(0x7f0000003740)={0x1c, 0x0, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x84)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000003800)={{0x1, 0x1, 0x18, <r7=>r1}, './file0\x00'})
ioctl$PTP_CLOCK_GETCAPS(r7, 0x80503d01, &(0x7f0000003840))

21:35:34 executing program 6:
semget(0x2, 0x0, 0x440)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000000)=@abs, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/243, 0xf3}, {&(0x7f0000000180)}, {&(0x7f00000001c0)=""/64, 0x40}, {&(0x7f0000000200)=""/213, 0xd5}, {&(0x7f0000000300)=""/155, 0x9b}, {&(0x7f00000003c0)=""/240, 0xf0}], 0x6, &(0x7f0000000540)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}, 0x2)
r0 = semget(0x3, 0x3, 0x10)
semtimedop(r0, &(0x7f00000005c0), 0x0, &(0x7f0000000600))
semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000640)=""/164)
semop(0xffffffffffffffff, &(0x7f0000000700)=[{0x0, 0x0, 0xc00}, {0x3, 0x30, 0x800}, {0x5, 0x9}], 0x3)
semctl$GETNCNT(r0, 0x1, 0xe, &(0x7f0000000740)=""/235)
openat$sr(0xffffffffffffff9c, &(0x7f0000000840), 0x208000, 0x0)
r1 = semget$private(0x0, 0x4, 0x6)
r2 = semget$private(0x0, 0x3, 0x1a0)
semctl$IPC_RMID(r2, 0x0, 0x0)
semget$private(0x0, 0x3, 0x621)
semtimedop(r1, &(0x7f0000000880)=[{0x2, 0x9, 0x1800}, {0x0, 0x3f6, 0x800}, {0x1, 0x4, 0x1000}, {0x3, 0x0, 0x1000}, {0x4, 0x6, 0x1800}, {0x0, 0x5}, {0x6, 0xffff}], 0x7, &(0x7f00000008c0))
r3 = semget$private(0x0, 0x1, 0x230)
semop(r3, &(0x7f0000000900)=[{0x2, 0x8, 0x1000}, {0x0, 0x5, 0x1000}, {0x2, 0xb3d2, 0x1800}, {0x4, 0x400}, {0x2, 0x1}, {0x0, 0x1, 0x1000}, {0x4, 0x1, 0x3000}, {0x0, 0x2, 0x800}, {0x1, 0xf9, 0x1000}, {0x3, 0x6}], 0xa)
semctl$IPC_RMID(r1, 0x0, 0x0)
semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000940)=[0x64, 0xff77])
r4 = semget$private(0x0, 0x4, 0x20)
semctl$IPC_RMID(r4, 0x0, 0x0)
semctl$SEM_STAT_ANY(r4, 0x2, 0x14, &(0x7f0000000980)=""/149)

21:35:34 executing program 3:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0xa, &(0x7f0000000000)=[{0x81, 0x7f, 0x3f, 0x7f}, {0x5, 0x4, 0xf9, 0x8506}, {0x13f, 0xa3, 0x0, 0x10000}, {0x8000, 0x8, 0x1, 0xffffffff}, {0x9, 0x1, 0x6, 0x10001}, {0xf000, 0x9, 0x8, 0x672}, {0x1f, 0xff, 0x7, 0x8}, {0x3a0, 0x57, 0x8, 0x100}, {0xe87d, 0x1f, 0x48, 0x3}, {0x7ff, 0x5, 0x5}]})
ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f00000000c0)=0x1)
r1 = dup(r0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000100))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000180)={<r2=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000200)={r2, 0x1, r0, 0x6, 0x80000})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{0xd3c, 0x1, 0x5b}, {0x9, 0x4, 0x9, 0xa889}, {0x7, 0xff, 0xfd, 0x7}]})
r4 = signalfd4(r1, &(0x7f00000002c0)={[0x4]}, 0x8, 0x800)
ioctl$KDDELIO(r4, 0x4b35, 0x401)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000440)={'syztnl2\x00', &(0x7f0000000340)={'gretap0\x00', <r5=>0x0, 0x7, 0x1, 0x2, 0x5, {{0x38, 0x4, 0x1, 0x3, 0xe0, 0x64, 0x0, 0x5, 0x4, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x18}, {[@rr={0x7, 0x1b, 0x7c, [@initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x62, 0x0}, @remote, @rand_addr=0x64010102]}, @timestamp_prespec={0x44, 0x1c, 0xc1, 0x3, 0xb, [{@empty}, {@rand_addr=0x7fff, 0x5}, {@loopback, 0x3ff}]}, @cipso={0x86, 0x5c, 0x2, [{0x5, 0xb, "a6ce7f0febfa63ecfb"}, {0x6, 0x2}, {0x1, 0xa, "49f71022357ea08f"}, {0x2, 0xe, "378af84f27a9060e0897c69b"}, {0x2, 0xd, "1cf6c7b957e44941b71680"}, {0x0, 0xe, "99b8e994094d4d393db9cdad"}, {0x2, 0x8, "2addd3da3cba"}, {0x2, 0xe, "0216425236e2dcc48f694ec3"}]}, @cipso={0x86, 0x17, 0x0, [{0x0, 0x6, "8ef04579"}, {0x0, 0x5, "d25fa1"}, {0x0, 0x6, "85c8390a"}]}, @ra={0x94, 0x4}, @end, @generic={0x88, 0xd, "3230ce79538aef9c6dbb28"}, @rr={0x7, 0xf, 0x54, [@initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x2d}, @private=0xa010102]}, @noop]}}}}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000540)={'syztnl2\x00', &(0x7f0000000480)={'syztnl1\x00', <r6=>0x0, 0x40, 0xd6ce83bf2f01138b, 0xbae0, 0x80000001, {{0x1d, 0x4, 0x3, 0x1c, 0x74, 0x65, 0x0, 0x2, 0x2f, 0x0, @broadcast, @local, {[@ra={0x94, 0x4, 0x1}, @rr={0x7, 0x1f, 0x55, [@loopback, @rand_addr=0x64010102, @multicast1, @local, @empty, @broadcast, @local]}, @timestamp_addr={0x44, 0x3c, 0x50, 0x1, 0x6, [{@local, 0xfffffffa}, {@multicast2, 0x8}, {@multicast1, 0x6}, {@remote, 0x4}, {@multicast2, 0x54fc}, {@remote, 0x6}, {@loopback}]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000c00)={'ip6tnl0\x00', &(0x7f0000000b80)={'ip6tnl0\x00', <r7=>0x0, 0x4, 0x20, 0x80, 0x4, 0x44, @dev={0xfe, 0x80, '\x00', 0x20}, @empty, 0x700, 0x7800, 0x3, 0x2}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f0000000cc0)={'syztnl1\x00', &(0x7f0000000c40)={'gre0\x00', <r8=>0x0, 0x700, 0x7, 0x3fab, 0xfffffe00, {{0x10, 0x4, 0x3, 0x4, 0x40, 0x7028, 0x0, 0x0, 0x29, 0x0, @broadcast, @local, {[@generic={0x82, 0xd, "653318ec79175d1dd28b8e"}, @timestamp={0x44, 0x8, 0x7b, 0x0, 0x7, [0x8]}, @timestamp={0x44, 0x14, 0x73, 0x0, 0x4, [0x2cea, 0x9, 0x99, 0x100]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000d80)={'syztnl2\x00', &(0x7f0000000d00)={'syztnl1\x00', <r9=>0x0, 0x29, 0x53, 0x0, 0x7, 0x1, @mcast2, @dev={0xfe, 0x80, '\x00', 0x15}, 0x8, 0x80, 0x1000, 0x2}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000001340)={'syztnl2\x00', &(0x7f00000012c0)={'syztnl2\x00', <r10=>0x0, 0x700, 0x20, 0x6, 0x834, {{0x13, 0x4, 0x2, 0x4, 0x4c, 0x65, 0x0, 0x8, 0xa8ebbe654f85e57b, 0x0, @remote, @broadcast, {[@ssrr={0x89, 0x1f, 0xd1, [@local, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @private=0xa010102, @local, @rand_addr=0x64010101]}, @ra={0x94, 0x4, 0x1}, @rr={0x7, 0x7, 0x69, [@loopback]}, @cipso={0x86, 0xa, 0x1, [{0x1, 0x4, "a7b8"}]}, @end]}}}}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000001500)={'erspan0\x00', &(0x7f0000001440)={'ip_vti0\x00', <r11=>0x0, 0x8000, 0x40, 0x7, 0x2, {{0x25, 0x4, 0x2, 0x5, 0x94, 0x66, 0x0, 0x3, 0x0, 0x0, @loopback, @loopback, {[@timestamp={0x44, 0x24, 0xa1, 0x0, 0x5, [0x1a6060df, 0xf88, 0x7, 0x2, 0x33, 0xfffffffc, 0xfffff599, 0x1000]}, @cipso={0x86, 0x5a, 0x3, [{0x1, 0x7, "6eae91974c"}, {0x7, 0x9, "f3d88b5347ef9c"}, {0x5, 0xe, "780c3c6fb95c9b23ba7ee411"}, {0x6, 0xb, "ea1cb8106dcf9aea4f"}, {0x6, 0x5, "d7ce2a"}, {0x2, 0x3, ')'}, {0x1, 0x11, "a36663383d1e6ed0f0328528bc48a9"}, {0x5, 0x12, "ae1aa69b0191d69094e22d93ca6c3220"}]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000001600)={'wg0\x00', <r12=>0x0})
sendmsg$ETHTOOL_MSG_EEE_GET(r4, &(0x7f00000018c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001880)={&(0x7f0000001640)={0x22c, 0x0, 0x800, 0x70bd28, 0x25dfdbff, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x22c}, 0x1, 0x0, 0x0, 0x40040}, 0x20000010)
bind$bt_hci(r4, &(0x7f0000001900)={0x1f, 0x1, 0x2}, 0x6)
fcntl$dupfd(r3, 0x0, 0xffffffffffffffff)

21:35:34 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x410001, 0x0)
ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, @l2tp={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, @ax25={0x3, @default, 0x3}, @ethernet={0x6, @random="229f3dfb4bd3"}, 0x6, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000040), 0x7ff, 0xd6, 0xa9cd})
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
lseek(r1, 0x8, 0x2)
r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x111000, 0x0)
ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000180)=@get={0x1, &(0x7f0000000140)=""/1, 0x800})
r3 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$NL80211_CMD_DEL_PMK(r3, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x50, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x0, 0x5}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x50}, 0x1, 0x0, 0x0, 0x10040}, 0x4004)
write$binfmt_misc(r3, &(0x7f0000000300)={'syz0', "44ade059308f8b9a19d7b40a5919b1dac327cf8c3a2b957e39ad1e353502fce2b1a366919c22108821a223e302dbebf5e15615d038ebe5261995f220a3175889ae451f585946610f03f548cb0901a78ee9d1037e1487cfc70be6f1e0933dfa628179ab68de0ea9075dc9735d520c5cb0d855fa1d26f47e0b5f8773f32626068cd1ab992adf272b189ca1e744500701"}, 0x93)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000003c0), 0x200001, 0x0)
ioctl$CDROMRESET(r4, 0x5312)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
ioctl$sock_SIOCBRADDBR(r4, 0x89a0, &(0x7f0000000440)='bond_slave_0\x00')
r5 = memfd_secret(0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x2c, 0x0, 0x1, 0x70bd25, 0x25dfdbff, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xf, 0xa9, @name2}]}, 0x2c}}, 0x4000044)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0), r3)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r5, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x20, r6, 0x2, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x3ff, 0x1c}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4091}, 0x200080c0)
perf_event_open(&(0x7f0000000700)={0x0, 0x80, 0x0, 0x8, 0x0, 0x20, 0x0, 0x8, 0x19de0c800799ef90, 0x7, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_bp={&(0x7f00000006c0), 0x4}, 0x4002c, 0x7, 0x5, 0x7, 0x2a, 0x7f, 0x7bf, 0x0, 0x3f, 0x0, 0x7}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x3)
epoll_pwait(r1, &(0x7f0000000780)=[{}], 0x1, 0x5, &(0x7f00000007c0)={[0x10000]}, 0x8)
ioctl$BLKROSET(0xffffffffffffffff, 0x125d, &(0x7f0000000840)=0x5)

21:35:34 executing program 5:
exit_group(0x7f)
exit_group(0x0)
exit_group(0x892)
exit_group(0x10479cba)
exit_group(0x5)
exit_group(0x3)
exit_group(0x20)
exit_group(0x4)
exit_group(0x3)
exit_group(0xea89)
exit_group(0x2)
exit_group(0x2)
exit_group(0x100)
exit_group(0x9)
exit_group(0xd3a)
exit_group(0x7b32)
exit_group(0x5)
exit_group(0x7)
exit_group(0x1)
exit_group(0xfffffffffffffffe)

[   91.591795] audit: type=1400 audit(1763242534.697:7): avc:  denied  { execmem } for  pid=272 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   92.758129] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   92.761420] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   92.762431] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   92.768692] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   92.773474] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   92.811211] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   92.816764] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   92.817890] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   92.823062] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   92.823913] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   92.825719] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   92.826676] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   92.829544] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   92.832732] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   92.833553] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   92.834887] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   92.837425] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   92.838725] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   92.839799] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   92.849178] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   92.878547] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   92.891534] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   92.891875] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   92.894124] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   92.896509] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   92.899167] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   92.903898] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   92.911920] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   92.928461] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   92.934300] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   92.953633] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   92.981772] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   92.983620] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   92.984873] ==================================================================
[   92.985988] BUG: KASAN: slab-use-after-free in hci_cmd_work+0x66d/0x6d0
[   92.987040] Read of size 2 at addr ffff88801cdc4b78 by task kworker/u11:0/288
[   92.988476] 
[   92.989204] CPU: 0 UID: 0 PID: 288 Comm: kworker/u11:0 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) 
[   92.989235] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   92.989250] Workqueue: hci7 hci_cmd_work
[   92.989280] Call Trace:
[   92.989288]  <TASK>
[   92.989296]  dump_stack_lvl+0xca/0x120
[   92.989325]  print_report+0xcb/0x610
[   92.989353]  ? __virt_addr_valid+0x100/0x5d0
[   92.989380]  ? hci_cmd_work+0x66d/0x6d0
[   92.989408]  ? hci_cmd_work+0x66d/0x6d0
[   92.989436]  kasan_report+0xca/0x100
[   92.989464]  ? hci_cmd_work+0x66d/0x6d0
[   92.989496]  hci_cmd_work+0x66d/0x6d0
[   92.989526]  process_one_work+0x8e1/0x19c0
[   92.989564]  ? __pfx_process_one_work+0x10/0x10
[   92.989595]  ? move_linked_works+0x172/0x270
[   92.989620]  ? assign_work+0x196/0x240
[   92.989652]  worker_thread+0x67e/0xe90
[   92.989683]  ? trace_irq_enable.constprop.0+0xc2/0x100
[   92.989710]  ? __pfx_worker_thread+0x10/0x10
[   92.989742]  kthread+0x3c8/0x740
[   92.989771]  ? __pfx_kthread+0x10/0x10
[   92.989799]  ? ret_from_fork+0x79/0x7a0
[   92.989821]  ? lock_release+0xc8/0x290
[   92.989856]  ? __pfx_kthread+0x10/0x10
[   92.989885]  ret_from_fork+0x67a/0x7a0
[   92.989907]  ? __pfx_ret_from_fork+0x10/0x10
[   92.989930]  ? __switch_to+0x759/0x1060
[   92.989961]  ? __pfx_kthread+0x10/0x10
[   92.989990]  ret_from_fork_asm+0x1a/0x30
[   92.990027]  </TASK>
[   92.990034] 
[   93.014742] Allocated by task 298:
[   93.015286]  kasan_save_stack+0x24/0x50
[   93.015911]  kasan_save_track+0x14/0x30
[   93.016529]  __kasan_slab_alloc+0x59/0x70
[   93.017172]  kmem_cache_alloc_node_noprof+0x228/0x6b0
[   93.017972]  __alloc_skb+0x2ab/0x370
[   93.018558]  hci_cmd_sync_alloc+0x34/0x300
[   93.019218]  __hci_cmd_sync_sk+0xf7/0x5c0
[   93.019873]  hci_read_local_version_sync+0x2c/0x170
[   93.020640]  hci_dev_open_sync+0x145c/0x1f60
[   93.021320]  hci_power_on+0xdb/0x5d0
[   93.021910]  process_one_work+0x8e1/0x19c0
[   93.022567]  worker_thread+0x67e/0xe90
[   93.023175]  kthread+0x3c8/0x740
[   93.023710]  ret_from_fork+0x67a/0x7a0
[   93.024322]  ret_from_fork_asm+0x1a/0x30
[   93.024951] 
[   93.025217] Freed by task 313:
[   93.025718]  kasan_save_stack+0x24/0x50
[   93.026333]  kasan_save_track+0x14/0x30
[   93.026944]  kasan_save_free_info+0x3a/0x60
[   93.027617]  __kasan_slab_free+0x43/0x70
[   93.028268]  kmem_cache_free+0x26f/0x500
[   93.028904]  kfree_skbmem+0x18a/0x1f0
[   93.029497]  sk_skb_reason_drop+0x10e/0x1b0
[   93.030153]  vhci_read+0x3d5/0x5d0
[   93.030708]  vfs_read+0x1eb/0xc70
[   93.031249]  ksys_read+0x121/0x240
[   93.031800]  do_syscall_64+0xbf/0x430
[   93.032400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.033184] 
[   93.033448] The buggy address belongs to the object at ffff88801cdc4b40
[   93.033448]  which belongs to the cache skbuff_head_cache of size 232
[   93.035375] The buggy address is located 56 bytes inside of
[   93.035375]  freed 232-byte region [ffff88801cdc4b40, ffff88801cdc4c28)
[   93.037191] 
[   93.037456] The buggy address belongs to the physical page:
[   93.038301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1cdc4
[   93.039503] anon flags: 0x100000000000000(node=0|zone=1)
[   93.040331] page_type: f5(slab)
[   93.040858] raw: 0100000000000000 ffff8880096c78c0 ffffea0000288780 dead000000000003
[   93.042038] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000
[   93.043202] page dumped because: kasan: bad access detected
[   93.044056] 
[   93.044323] Memory state around the buggy address:
[   93.045055]  ffff88801cdc4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   93.046158]  ffff88801cdc4a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[   93.047247] >ffff88801cdc4b00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   93.048342]                                                                 ^
[   93.049425]  ffff88801cdc4b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   93.050529]  ffff88801cdc4c00: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[   93.051618] ==================================================================
[   93.052777] Disabling lock debugging due to kernel taint
[   93.053693] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   93.065690] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   93.098045] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   93.120331] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   93.123336] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   93.142303] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   93.153431] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   94.791006] Bluetooth: hci0: command tx timeout
[   94.854418] Bluetooth: hci1: command tx timeout
[   94.855174] Bluetooth: hci3: command tx timeout
[   94.918382] Bluetooth: hci2: command tx timeout
[   94.981275] Bluetooth: hci4: command tx timeout
[   95.112275] Bluetooth: hci5: command tx timeout
[   95.237699] Bluetooth: hci6: command tx timeout
[   95.238492] Bluetooth: hci7: command tx timeout
[   96.837387] Bluetooth: hci0: command tx timeout
[   96.901366] Bluetooth: hci3: command tx timeout
[   96.902153] Bluetooth: hci1: command tx timeout
[   96.965388] Bluetooth: hci2: command tx timeout
[   97.030343] Bluetooth: hci4: command tx timeout
[   97.157319] Bluetooth: hci5: command tx timeout
[   97.285378] Bluetooth: hci7: command tx timeout
[   97.286167] Bluetooth: hci6: command tx timeout
[   98.887246] Bluetooth: hci0: command tx timeout
[   98.950248] Bluetooth: hci1: command tx timeout
[   98.950630] Bluetooth: hci3: command tx timeout
[   99.013299] Bluetooth: hci2: command tx timeout
[   99.077261] Bluetooth: hci4: command tx timeout
[   99.205262] Bluetooth: hci5: command tx timeout
[   99.333653] Bluetooth: hci6: command tx timeout
[   99.334069] Bluetooth: hci7: command tx timeout
[  100.933271] Bluetooth: hci0: command tx timeout
[  100.998161] Bluetooth: hci3: command tx timeout
[  100.998670] Bluetooth: hci1: command tx timeout
[  101.062280] Bluetooth: hci2: command tx timeout
[  101.125302] Bluetooth: hci4: command tx timeout
[  101.254253] Bluetooth: hci5: command tx timeout
[  101.381384] Bluetooth: hci6: command tx timeout
[  101.381796] Bluetooth: hci7: command tx timeout

VM DIAGNOSIS:
21:35:36  Registers:
info registers vcpu 0
RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8293dd05 RDI=ffffffff889747c0 RBP=ffffffff88974780 RSP=ffff888013eb7618
R8 =0000000000000000 R9 =ffffed100167a046 R10=000000000000005b R11=6572617764726148
R12=000000000000005b R13=0000000000000010 R14=ffffffff88974780 R15=ffffffff8293dcf0
RIP=ffffffff8293dd5d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e538f000 00000000 00000000
LDT=0000 fffffe3d00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055558bd476e8 CR3=000000000d34c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=756e696c2d34365f3638782f62696c2f XMM01=2e6f747079726362696c2f756e672d78
XMM02=00312e312e6f732e6f74707972636269 XMM03=6c2f756e672d78756e696c2d34365f36
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000007 RBX=ffff888009f69bc0 RCX=ffffffff8144334a RDX=0000000000000000
RSI=0000000000200000 RDI=0000000000000000 RBP=0000000000200000 RSP=ffff88800b3dfd38
R8 =0000000000000000 R9 =ffffed1001df8980 R10=ffff88800efc4c07 R11=0000000000000001
R12=ffffc9000feabff9 R13=ffff88800ba32cb8 R14=ffff888009f69bc0 R15=0000000000000086
RIP=ffffffff81752f10 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e548f000 00000000 00000000
LDT=0000 fffffe2500000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f2079941e20 CR3=0000000009c09000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f207bcb27c000007f207bcb27c8
XMM02=00007f207bcb27e000007f207bcb27c0 XMM03=00007f207bcb27c800007f207bcb27c0
XMM04=ffffffffffffffffffffffffffffff00 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000