Warning: Permanently added '[localhost]:3210' (ECDSA) to the list of known hosts.
2025/11/16 04:32:37 fuzzer started
2025/11/16 04:32:38 dialing manager at localhost:37161
syzkaller login: [   49.132073] cgroup: Unknown subsys name 'net'
[   49.200008] cgroup: Unknown subsys name 'cpuset'
[   49.220165] cgroup: Unknown subsys name 'rlimit'
2025/11/16 04:32:47 syscalls: 2214
2025/11/16 04:32:47 code coverage: enabled
2025/11/16 04:32:47 comparison tracing: enabled
2025/11/16 04:32:47 extra coverage: enabled
2025/11/16 04:32:47 setuid sandbox: enabled
2025/11/16 04:32:47 namespace sandbox: enabled
2025/11/16 04:32:47 Android sandbox: enabled
2025/11/16 04:32:47 fault injection: enabled
2025/11/16 04:32:47 leak checking: enabled
2025/11/16 04:32:47 net packet injection: enabled
2025/11/16 04:32:47 net device setup: enabled
2025/11/16 04:32:47 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/11/16 04:32:47 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/11/16 04:32:47 USB emulation: enabled
2025/11/16 04:32:47 hci packet injection: enabled
2025/11/16 04:32:47 wifi device emulation: enabled
2025/11/16 04:32:47 802.15.4 emulation: enabled
2025/11/16 04:32:47 fetching corpus: 50, signal 21610/23469 (executing program)
2025/11/16 04:32:48 fetching corpus: 100, signal 35614/39133 (executing program)
2025/11/16 04:32:48 fetching corpus: 150, signal 46459/51513 (executing program)
2025/11/16 04:32:48 fetching corpus: 200, signal 51503/58100 (executing program)
2025/11/16 04:32:48 fetching corpus: 250, signal 55529/63606 (executing program)
2025/11/16 04:32:48 fetching corpus: 300, signal 58775/68292 (executing program)
2025/11/16 04:32:48 fetching corpus: 350, signal 63666/74506 (executing program)
2025/11/16 04:32:48 fetching corpus: 400, signal 67473/79646 (executing program)
2025/11/16 04:32:48 fetching corpus: 450, signal 72701/86025 (executing program)
2025/11/16 04:32:48 fetching corpus: 500, signal 76084/90659 (executing program)
2025/11/16 04:32:48 fetching corpus: 550, signal 78370/94197 (executing program)
2025/11/16 04:32:49 fetching corpus: 600, signal 81340/98365 (executing program)
2025/11/16 04:32:49 fetching corpus: 650, signal 86086/104087 (executing program)
2025/11/16 04:32:49 fetching corpus: 700, signal 89831/108831 (executing program)
2025/11/16 04:32:49 fetching corpus: 750, signal 93097/113071 (executing program)
2025/11/16 04:32:49 fetching corpus: 800, signal 95000/116123 (executing program)
2025/11/16 04:32:49 fetching corpus: 850, signal 96498/118769 (executing program)
2025/11/16 04:32:49 fetching corpus: 900, signal 99098/122353 (executing program)
2025/11/16 04:32:49 fetching corpus: 950, signal 100373/124742 (executing program)
2025/11/16 04:32:49 fetching corpus: 1000, signal 101439/126952 (executing program)
2025/11/16 04:32:49 fetching corpus: 1050, signal 102793/129363 (executing program)
2025/11/16 04:32:50 fetching corpus: 1100, signal 104074/131666 (executing program)
2025/11/16 04:32:50 fetching corpus: 1150, signal 106508/134970 (executing program)
2025/11/16 04:32:50 fetching corpus: 1200, signal 108147/137574 (executing program)
2025/11/16 04:32:50 fetching corpus: 1250, signal 109423/139842 (executing program)
2025/11/16 04:32:50 fetching corpus: 1300, signal 111451/142691 (executing program)
2025/11/16 04:32:50 fetching corpus: 1350, signal 112411/144652 (executing program)
2025/11/16 04:32:50 fetching corpus: 1400, signal 113769/146905 (executing program)
2025/11/16 04:32:50 fetching corpus: 1450, signal 115982/149839 (executing program)
2025/11/16 04:32:50 fetching corpus: 1500, signal 119917/154131 (executing program)
2025/11/16 04:32:50 fetching corpus: 1550, signal 121162/156278 (executing program)
2025/11/16 04:32:51 fetching corpus: 1600, signal 122697/158569 (executing program)
2025/11/16 04:32:51 fetching corpus: 1650, signal 124133/160812 (executing program)
2025/11/16 04:32:51 fetching corpus: 1700, signal 125345/162887 (executing program)
2025/11/16 04:32:51 fetching corpus: 1750, signal 126772/165052 (executing program)
2025/11/16 04:32:51 fetching corpus: 1800, signal 127666/166811 (executing program)
2025/11/16 04:32:51 fetching corpus: 1850, signal 128608/168647 (executing program)
2025/11/16 04:32:51 fetching corpus: 1900, signal 129831/170627 (executing program)
2025/11/16 04:32:51 fetching corpus: 1950, signal 130836/172368 (executing program)
2025/11/16 04:32:51 fetching corpus: 2000, signal 131931/174209 (executing program)
2025/11/16 04:32:51 fetching corpus: 2050, signal 134287/176981 (executing program)
2025/11/16 04:32:52 fetching corpus: 2100, signal 135422/178798 (executing program)
2025/11/16 04:32:52 fetching corpus: 2150, signal 136078/180285 (executing program)
2025/11/16 04:32:52 fetching corpus: 2200, signal 137064/182032 (executing program)
2025/11/16 04:32:52 fetching corpus: 2250, signal 137824/183569 (executing program)
2025/11/16 04:32:52 fetching corpus: 2300, signal 138679/185189 (executing program)
2025/11/16 04:32:52 fetching corpus: 2350, signal 139796/186935 (executing program)
2025/11/16 04:32:52 fetching corpus: 2400, signal 140763/188570 (executing program)
2025/11/16 04:32:52 fetching corpus: 2450, signal 141490/190006 (executing program)
2025/11/16 04:32:52 fetching corpus: 2500, signal 142934/191975 (executing program)
2025/11/16 04:32:53 fetching corpus: 2550, signal 143835/193499 (executing program)
2025/11/16 04:32:53 fetching corpus: 2600, signal 144617/194983 (executing program)
2025/11/16 04:32:53 fetching corpus: 2650, signal 145955/196809 (executing program)
2025/11/16 04:32:53 fetching corpus: 2700, signal 146588/198165 (executing program)
2025/11/16 04:32:53 fetching corpus: 2750, signal 147559/199641 (executing program)
2025/11/16 04:32:53 fetching corpus: 2800, signal 148887/201393 (executing program)
2025/11/16 04:32:53 fetching corpus: 2850, signal 149665/202813 (executing program)
2025/11/16 04:32:53 fetching corpus: 2900, signal 150395/204172 (executing program)
2025/11/16 04:32:53 fetching corpus: 2950, signal 151265/205592 (executing program)
2025/11/16 04:32:53 fetching corpus: 3000, signal 152477/207203 (executing program)
2025/11/16 04:32:54 fetching corpus: 3050, signal 153048/208462 (executing program)
2025/11/16 04:32:54 fetching corpus: 3100, signal 153785/209801 (executing program)
2025/11/16 04:32:54 fetching corpus: 3150, signal 154491/211092 (executing program)
2025/11/16 04:32:54 fetching corpus: 3200, signal 155160/212341 (executing program)
2025/11/16 04:32:54 fetching corpus: 3250, signal 155962/213647 (executing program)
2025/11/16 04:32:54 fetching corpus: 3300, signal 156469/214841 (executing program)
2025/11/16 04:32:54 fetching corpus: 3350, signal 156977/215995 (executing program)
2025/11/16 04:32:54 fetching corpus: 3400, signal 157516/217161 (executing program)
2025/11/16 04:32:54 fetching corpus: 3450, signal 158096/218316 (executing program)
2025/11/16 04:32:54 fetching corpus: 3500, signal 159152/219672 (executing program)
2025/11/16 04:32:55 fetching corpus: 3550, signal 160242/221098 (executing program)
2025/11/16 04:32:55 fetching corpus: 3600, signal 160833/222227 (executing program)
2025/11/16 04:32:55 fetching corpus: 3650, signal 161474/223349 (executing program)
2025/11/16 04:32:55 fetching corpus: 3700, signal 162012/224448 (executing program)
2025/11/16 04:32:55 fetching corpus: 3750, signal 163220/225828 (executing program)
2025/11/16 04:32:55 fetching corpus: 3800, signal 163952/226953 (executing program)
2025/11/16 04:32:55 fetching corpus: 3850, signal 164648/228126 (executing program)
2025/11/16 04:32:55 fetching corpus: 3900, signal 165669/229387 (executing program)
2025/11/16 04:32:55 fetching corpus: 3950, signal 166216/230438 (executing program)
2025/11/16 04:32:56 fetching corpus: 4000, signal 167043/231643 (executing program)
2025/11/16 04:32:56 fetching corpus: 4050, signal 167903/232807 (executing program)
2025/11/16 04:32:56 fetching corpus: 4100, signal 168599/233889 (executing program)
2025/11/16 04:32:56 fetching corpus: 4150, signal 169318/234971 (executing program)
2025/11/16 04:32:56 fetching corpus: 4200, signal 169858/236001 (executing program)
2025/11/16 04:32:56 fetching corpus: 4250, signal 170400/237010 (executing program)
2025/11/16 04:32:56 fetching corpus: 4300, signal 170913/238011 (executing program)
2025/11/16 04:32:56 fetching corpus: 4350, signal 171292/238945 (executing program)
2025/11/16 04:32:56 fetching corpus: 4400, signal 172042/240000 (executing program)
2025/11/16 04:32:56 fetching corpus: 4450, signal 172519/240990 (executing program)
2025/11/16 04:32:56 fetching corpus: 4500, signal 173036/241951 (executing program)
2025/11/16 04:32:57 fetching corpus: 4550, signal 173523/242904 (executing program)
2025/11/16 04:32:57 fetching corpus: 4600, signal 173990/243864 (executing program)
2025/11/16 04:32:57 fetching corpus: 4650, signal 174406/244747 (executing program)
2025/11/16 04:32:57 fetching corpus: 4700, signal 174766/245596 (executing program)
2025/11/16 04:32:57 fetching corpus: 4750, signal 175299/246523 (executing program)
2025/11/16 04:32:57 fetching corpus: 4800, signal 175819/247419 (executing program)
2025/11/16 04:32:57 fetching corpus: 4850, signal 176278/248322 (executing program)
2025/11/16 04:32:57 fetching corpus: 4900, signal 176594/249147 (executing program)
2025/11/16 04:32:57 fetching corpus: 4950, signal 177610/250206 (executing program)
2025/11/16 04:32:58 fetching corpus: 5000, signal 177967/251063 (executing program)
2025/11/16 04:32:58 fetching corpus: 5050, signal 178601/251942 (executing program)
2025/11/16 04:32:58 fetching corpus: 5100, signal 178951/252759 (executing program)
2025/11/16 04:32:58 fetching corpus: 5150, signal 179455/253616 (executing program)
2025/11/16 04:32:58 fetching corpus: 5200, signal 179981/254484 (executing program)
2025/11/16 04:32:58 fetching corpus: 5250, signal 180419/255326 (executing program)
2025/11/16 04:32:58 fetching corpus: 5300, signal 180766/256106 (executing program)
2025/11/16 04:32:58 fetching corpus: 5350, signal 181162/256903 (executing program)
2025/11/16 04:32:58 fetching corpus: 5400, signal 181633/257723 (executing program)
2025/11/16 04:32:58 fetching corpus: 5450, signal 182149/258545 (executing program)
2025/11/16 04:32:59 fetching corpus: 5500, signal 182718/259346 (executing program)
2025/11/16 04:32:59 fetching corpus: 5550, signal 182974/260076 (executing program)
2025/11/16 04:32:59 fetching corpus: 5600, signal 183389/260841 (executing program)
2025/11/16 04:32:59 fetching corpus: 5650, signal 183762/261592 (executing program)
2025/11/16 04:32:59 fetching corpus: 5700, signal 184184/262374 (executing program)
2025/11/16 04:32:59 fetching corpus: 5750, signal 184690/263147 (executing program)
2025/11/16 04:32:59 fetching corpus: 5800, signal 185187/263917 (executing program)
2025/11/16 04:32:59 fetching corpus: 5850, signal 185514/264655 (executing program)
2025/11/16 04:32:59 fetching corpus: 5900, signal 185853/265379 (executing program)
2025/11/16 04:32:59 fetching corpus: 5950, signal 186234/266140 (executing program)
2025/11/16 04:33:00 fetching corpus: 6000, signal 186631/266871 (executing program)
2025/11/16 04:33:00 fetching corpus: 6050, signal 187106/267611 (executing program)
2025/11/16 04:33:00 fetching corpus: 6100, signal 187622/268331 (executing program)
2025/11/16 04:33:00 fetching corpus: 6150, signal 188172/269043 (executing program)
2025/11/16 04:33:00 fetching corpus: 6200, signal 188726/269784 (executing program)
2025/11/16 04:33:00 fetching corpus: 6250, signal 189041/270484 (executing program)
2025/11/16 04:33:00 fetching corpus: 6300, signal 189359/271164 (executing program)
2025/11/16 04:33:00 fetching corpus: 6350, signal 189704/271866 (executing program)
2025/11/16 04:33:00 fetching corpus: 6400, signal 190054/272555 (executing program)
2025/11/16 04:33:01 fetching corpus: 6450, signal 191039/273270 (executing program)
2025/11/16 04:33:01 fetching corpus: 6500, signal 191639/273946 (executing program)
2025/11/16 04:33:01 fetching corpus: 6550, signal 192007/274595 (executing program)
2025/11/16 04:33:01 fetching corpus: 6600, signal 192394/275230 (executing program)
2025/11/16 04:33:01 fetching corpus: 6650, signal 192768/275857 (executing program)
2025/11/16 04:33:01 fetching corpus: 6700, signal 193300/276501 (executing program)
2025/11/16 04:33:01 fetching corpus: 6750, signal 193738/277146 (executing program)
2025/11/16 04:33:01 fetching corpus: 6800, signal 194036/277793 (executing program)
2025/11/16 04:33:01 fetching corpus: 6850, signal 194396/278439 (executing program)
2025/11/16 04:33:01 fetching corpus: 6900, signal 194726/279071 (executing program)
2025/11/16 04:33:02 fetching corpus: 6950, signal 195115/279704 (executing program)
2025/11/16 04:33:02 fetching corpus: 7000, signal 195489/280285 (executing program)
2025/11/16 04:33:02 fetching corpus: 7050, signal 195860/280383 (executing program)
2025/11/16 04:33:02 fetching corpus: 7100, signal 196199/280383 (executing program)
2025/11/16 04:33:02 fetching corpus: 7150, signal 196591/280383 (executing program)
2025/11/16 04:33:02 fetching corpus: 7200, signal 196923/280386 (executing program)
2025/11/16 04:33:02 fetching corpus: 7250, signal 197212/280386 (executing program)
2025/11/16 04:33:02 fetching corpus: 7300, signal 197532/280386 (executing program)
2025/11/16 04:33:02 fetching corpus: 7350, signal 197912/280386 (executing program)
2025/11/16 04:33:02 fetching corpus: 7400, signal 198291/280386 (executing program)
2025/11/16 04:33:03 fetching corpus: 7450, signal 198627/280389 (executing program)
2025/11/16 04:33:03 fetching corpus: 7500, signal 198872/280389 (executing program)
2025/11/16 04:33:03 fetching corpus: 7550, signal 199078/280391 (executing program)
2025/11/16 04:33:03 fetching corpus: 7600, signal 199405/280391 (executing program)
2025/11/16 04:33:03 fetching corpus: 7650, signal 199701/280391 (executing program)
2025/11/16 04:33:03 fetching corpus: 7700, signal 200007/280391 (executing program)
2025/11/16 04:33:03 fetching corpus: 7750, signal 200478/280420 (executing program)
2025/11/16 04:33:03 fetching corpus: 7800, signal 200821/280420 (executing program)
2025/11/16 04:33:03 fetching corpus: 7850, signal 201154/280420 (executing program)
2025/11/16 04:33:03 fetching corpus: 7900, signal 201409/280421 (executing program)
2025/11/16 04:33:04 fetching corpus: 7950, signal 201684/280421 (executing program)
2025/11/16 04:33:04 fetching corpus: 8000, signal 202043/280421 (executing program)
2025/11/16 04:33:04 fetching corpus: 8050, signal 202425/280421 (executing program)
2025/11/16 04:33:04 fetching corpus: 8100, signal 202743/280421 (executing program)
2025/11/16 04:33:04 fetching corpus: 8150, signal 203134/280421 (executing program)
2025/11/16 04:33:04 fetching corpus: 8200, signal 203475/280421 (executing program)
2025/11/16 04:33:04 fetching corpus: 8250, signal 203773/280421 (executing program)
2025/11/16 04:33:04 fetching corpus: 8300, signal 204141/280421 (executing program)
2025/11/16 04:33:04 fetching corpus: 8350, signal 204377/280421 (executing program)
2025/11/16 04:33:04 fetching corpus: 8400, signal 204689/280421 (executing program)
2025/11/16 04:33:04 fetching corpus: 8450, signal 205021/280421 (executing program)
2025/11/16 04:33:05 fetching corpus: 8500, signal 205300/280421 (executing program)
2025/11/16 04:33:05 fetching corpus: 8550, signal 205507/280421 (executing program)
2025/11/16 04:33:05 fetching corpus: 8600, signal 205760/280421 (executing program)
2025/11/16 04:33:05 fetching corpus: 8650, signal 206567/280434 (executing program)
2025/11/16 04:33:05 fetching corpus: 8700, signal 206836/280434 (executing program)
2025/11/16 04:33:05 fetching corpus: 8750, signal 207164/280434 (executing program)
2025/11/16 04:33:05 fetching corpus: 8800, signal 207542/280443 (executing program)
2025/11/16 04:33:05 fetching corpus: 8850, signal 207832/280443 (executing program)
2025/11/16 04:33:05 fetching corpus: 8900, signal 208170/280443 (executing program)
2025/11/16 04:33:05 fetching corpus: 8950, signal 208431/280443 (executing program)
2025/11/16 04:33:06 fetching corpus: 9000, signal 208648/280443 (executing program)
2025/11/16 04:33:06 fetching corpus: 9050, signal 208918/280443 (executing program)
2025/11/16 04:33:06 fetching corpus: 9100, signal 209206/280443 (executing program)
2025/11/16 04:33:06 fetching corpus: 9150, signal 209423/280443 (executing program)
2025/11/16 04:33:06 fetching corpus: 9200, signal 209655/280443 (executing program)
2025/11/16 04:33:06 fetching corpus: 9250, signal 209922/280443 (executing program)
2025/11/16 04:33:06 fetching corpus: 9300, signal 210227/280445 (executing program)
2025/11/16 04:33:06 fetching corpus: 9350, signal 210844/280445 (executing program)
2025/11/16 04:33:06 fetching corpus: 9400, signal 211082/280445 (executing program)
2025/11/16 04:33:06 fetching corpus: 9450, signal 211400/280445 (executing program)
2025/11/16 04:33:06 fetching corpus: 9500, signal 211672/280445 (executing program)
2025/11/16 04:33:07 fetching corpus: 9550, signal 211992/280445 (executing program)
2025/11/16 04:33:07 fetching corpus: 9600, signal 212250/280445 (executing program)
2025/11/16 04:33:07 fetching corpus: 9650, signal 212474/280445 (executing program)
2025/11/16 04:33:07 fetching corpus: 9700, signal 212771/280445 (executing program)
2025/11/16 04:33:07 fetching corpus: 9750, signal 213095/280445 (executing program)
2025/11/16 04:33:07 fetching corpus: 9800, signal 213295/280445 (executing program)
2025/11/16 04:33:07 fetching corpus: 9850, signal 213521/280445 (executing program)
2025/11/16 04:33:07 fetching corpus: 9900, signal 213762/280445 (executing program)
2025/11/16 04:33:07 fetching corpus: 9950, signal 213945/280445 (executing program)
2025/11/16 04:33:07 fetching corpus: 10000, signal 214138/280445 (executing program)
2025/11/16 04:33:07 fetching corpus: 10050, signal 214319/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10100, signal 214818/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10150, signal 215050/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10200, signal 215335/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10250, signal 215552/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10300, signal 215770/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10350, signal 216026/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10400, signal 216305/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10450, signal 216585/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10500, signal 216827/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10550, signal 217060/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10600, signal 217268/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10650, signal 217623/280445 (executing program)
2025/11/16 04:33:08 fetching corpus: 10700, signal 217870/280445 (executing program)
2025/11/16 04:33:09 fetching corpus: 10750, signal 218394/280445 (executing program)
2025/11/16 04:33:09 fetching corpus: 10800, signal 218604/280445 (executing program)
2025/11/16 04:33:09 fetching corpus: 10850, signal 218933/280445 (executing program)
2025/11/16 04:33:09 fetching corpus: 10900, signal 219172/280445 (executing program)
2025/11/16 04:33:09 fetching corpus: 10950, signal 219402/280445 (executing program)
2025/11/16 04:33:09 fetching corpus: 11000, signal 219628/280445 (executing program)
2025/11/16 04:33:09 fetching corpus: 11050, signal 219853/280445 (executing program)
2025/11/16 04:33:09 fetching corpus: 11100, signal 220058/280445 (executing program)
2025/11/16 04:33:09 fetching corpus: 11150, signal 220294/280445 (executing program)
2025/11/16 04:33:09 fetching corpus: 11200, signal 220483/280445 (executing program)
2025/11/16 04:33:09 fetching corpus: 11250, signal 220688/280446 (executing program)
2025/11/16 04:33:09 fetching corpus: 11300, signal 220887/280446 (executing program)
2025/11/16 04:33:09 fetching corpus: 11350, signal 221072/280446 (executing program)
2025/11/16 04:33:10 fetching corpus: 11400, signal 221289/280446 (executing program)
2025/11/16 04:33:10 fetching corpus: 11450, signal 221531/280446 (executing program)
2025/11/16 04:33:10 fetching corpus: 11500, signal 221800/280448 (executing program)
2025/11/16 04:33:10 fetching corpus: 11550, signal 222030/280448 (executing program)
2025/11/16 04:33:10 fetching corpus: 11600, signal 222286/280448 (executing program)
2025/11/16 04:33:10 fetching corpus: 11650, signal 222462/280448 (executing program)
2025/11/16 04:33:10 fetching corpus: 11700, signal 222663/280448 (executing program)
2025/11/16 04:33:10 fetching corpus: 11750, signal 222831/280448 (executing program)
2025/11/16 04:33:10 fetching corpus: 11800, signal 223000/280448 (executing program)
2025/11/16 04:33:10 fetching corpus: 11850, signal 223195/280448 (executing program)
2025/11/16 04:33:11 fetching corpus: 11900, signal 223419/280448 (executing program)
2025/11/16 04:33:11 fetching corpus: 11950, signal 223632/280448 (executing program)
2025/11/16 04:33:11 fetching corpus: 12000, signal 223946/280448 (executing program)
2025/11/16 04:33:11 fetching corpus: 12050, signal 224297/280448 (executing program)
2025/11/16 04:33:11 fetching corpus: 12100, signal 224481/280448 (executing program)
2025/11/16 04:33:11 fetching corpus: 12150, signal 224631/280448 (executing program)
2025/11/16 04:33:11 fetching corpus: 12200, signal 224814/280448 (executing program)
2025/11/16 04:33:11 fetching corpus: 12250, signal 225104/280448 (executing program)
2025/11/16 04:33:11 fetching corpus: 12300, signal 225335/280448 (executing program)
2025/11/16 04:33:12 fetching corpus: 12350, signal 225487/280448 (executing program)
2025/11/16 04:33:12 fetching corpus: 12400, signal 225673/280448 (executing program)
2025/11/16 04:33:12 fetching corpus: 12450, signal 225983/280448 (executing program)
2025/11/16 04:33:12 fetching corpus: 12500, signal 226233/280448 (executing program)
2025/11/16 04:33:12 fetching corpus: 12550, signal 226388/280448 (executing program)
2025/11/16 04:33:12 fetching corpus: 12600, signal 226566/280448 (executing program)
2025/11/16 04:33:12 fetching corpus: 12650, signal 226788/280448 (executing program)
2025/11/16 04:33:12 fetching corpus: 12700, signal 226998/280448 (executing program)
2025/11/16 04:33:12 fetching corpus: 12750, signal 227162/280448 (executing program)
2025/11/16 04:33:12 fetching corpus: 12800, signal 227321/280448 (executing program)
2025/11/16 04:33:12 fetching corpus: 12850, signal 227517/280448 (executing program)
2025/11/16 04:33:13 fetching corpus: 12900, signal 227758/280448 (executing program)
2025/11/16 04:33:13 fetching corpus: 12950, signal 227957/280448 (executing program)
2025/11/16 04:33:13 fetching corpus: 13000, signal 228202/280448 (executing program)
2025/11/16 04:33:13 fetching corpus: 13050, signal 228410/280448 (executing program)
2025/11/16 04:33:13 fetching corpus: 13100, signal 228608/280448 (executing program)
2025/11/16 04:33:13 fetching corpus: 13150, signal 228809/280448 (executing program)
2025/11/16 04:33:13 fetching corpus: 13200, signal 228961/280448 (executing program)
2025/11/16 04:33:13 fetching corpus: 13250, signal 229108/280448 (executing program)
2025/11/16 04:33:13 fetching corpus: 13300, signal 229328/280448 (executing program)
2025/11/16 04:33:13 fetching corpus: 13350, signal 229542/280448 (executing program)
2025/11/16 04:33:14 fetching corpus: 13400, signal 229739/280448 (executing program)
2025/11/16 04:33:14 fetching corpus: 13450, signal 229940/280448 (executing program)
2025/11/16 04:33:14 fetching corpus: 13500, signal 230099/280448 (executing program)
2025/11/16 04:33:14 fetching corpus: 13550, signal 230291/280448 (executing program)
2025/11/16 04:33:14 fetching corpus: 13600, signal 230444/280448 (executing program)
2025/11/16 04:33:14 fetching corpus: 13650, signal 230635/280448 (executing program)
2025/11/16 04:33:14 fetching corpus: 13700, signal 230997/280449 (executing program)
2025/11/16 04:33:14 fetching corpus: 13750, signal 231215/280449 (executing program)
2025/11/16 04:33:14 fetching corpus: 13800, signal 231466/280449 (executing program)
2025/11/16 04:33:14 fetching corpus: 13850, signal 231713/280449 (executing program)
2025/11/16 04:33:15 fetching corpus: 13900, signal 231943/280449 (executing program)
2025/11/16 04:33:15 fetching corpus: 13950, signal 232152/280449 (executing program)
2025/11/16 04:33:15 fetching corpus: 14000, signal 232312/280449 (executing program)
2025/11/16 04:33:15 fetching corpus: 14050, signal 232467/280449 (executing program)
2025/11/16 04:33:15 fetching corpus: 14100, signal 232693/280450 (executing program)
2025/11/16 04:33:15 fetching corpus: 14150, signal 232887/280450 (executing program)
2025/11/16 04:33:15 fetching corpus: 14200, signal 233015/280450 (executing program)
2025/11/16 04:33:15 fetching corpus: 14250, signal 233255/280450 (executing program)
2025/11/16 04:33:15 fetching corpus: 14300, signal 233408/280450 (executing program)
2025/11/16 04:33:15 fetching corpus: 14350, signal 233615/280450 (executing program)
2025/11/16 04:33:15 fetching corpus: 14400, signal 233809/280450 (executing program)
2025/11/16 04:33:16 fetching corpus: 14450, signal 233989/280450 (executing program)
2025/11/16 04:33:16 fetching corpus: 14500, signal 234140/280450 (executing program)
2025/11/16 04:33:16 fetching corpus: 14550, signal 234304/280450 (executing program)
2025/11/16 04:33:16 fetching corpus: 14600, signal 234519/280450 (executing program)
2025/11/16 04:33:16 fetching corpus: 14650, signal 234673/280450 (executing program)
2025/11/16 04:33:16 fetching corpus: 14700, signal 234809/280450 (executing program)
2025/11/16 04:33:16 fetching corpus: 14750, signal 234967/280450 (executing program)
2025/11/16 04:33:16 fetching corpus: 14800, signal 235217/280450 (executing program)
2025/11/16 04:33:16 fetching corpus: 14850, signal 235490/280450 (executing program)
2025/11/16 04:33:17 fetching corpus: 14900, signal 235633/280450 (executing program)
2025/11/16 04:33:17 fetching corpus: 14950, signal 235815/280450 (executing program)
2025/11/16 04:33:17 fetching corpus: 15000, signal 236053/280450 (executing program)
2025/11/16 04:33:17 fetching corpus: 15050, signal 236229/280450 (executing program)
2025/11/16 04:33:17 fetching corpus: 15100, signal 236373/280450 (executing program)
2025/11/16 04:33:17 fetching corpus: 15150, signal 236520/280450 (executing program)
2025/11/16 04:33:17 fetching corpus: 15200, signal 236684/280450 (executing program)
2025/11/16 04:33:17 fetching corpus: 15250, signal 236893/280450 (executing program)
2025/11/16 04:33:17 fetching corpus: 15300, signal 237014/280450 (executing program)
2025/11/16 04:33:17 fetching corpus: 15350, signal 237238/280450 (executing program)
2025/11/16 04:33:17 fetching corpus: 15400, signal 237408/280450 (executing program)
2025/11/16 04:33:18 fetching corpus: 15450, signal 237557/280450 (executing program)
2025/11/16 04:33:18 fetching corpus: 15500, signal 237701/280450 (executing program)
2025/11/16 04:33:18 fetching corpus: 15550, signal 237903/280450 (executing program)
2025/11/16 04:33:18 fetching corpus: 15600, signal 238104/280450 (executing program)
2025/11/16 04:33:18 fetching corpus: 15650, signal 238298/280450 (executing program)
2025/11/16 04:33:18 fetching corpus: 15700, signal 238474/280450 (executing program)
2025/11/16 04:33:18 fetching corpus: 15750, signal 238692/280450 (executing program)
2025/11/16 04:33:18 fetching corpus: 15800, signal 238867/280450 (executing program)
2025/11/16 04:33:18 fetching corpus: 15850, signal 239010/280450 (executing program)
2025/11/16 04:33:18 fetching corpus: 15900, signal 239168/280450 (executing program)
2025/11/16 04:33:18 fetching corpus: 15950, signal 239344/280450 (executing program)
2025/11/16 04:33:19 fetching corpus: 16000, signal 240261/280450 (executing program)
2025/11/16 04:33:19 fetching corpus: 16050, signal 240408/280450 (executing program)
2025/11/16 04:33:19 fetching corpus: 16100, signal 240577/280450 (executing program)
2025/11/16 04:33:19 fetching corpus: 16150, signal 240768/280457 (executing program)
2025/11/16 04:33:19 fetching corpus: 16200, signal 240947/280457 (executing program)
2025/11/16 04:33:19 fetching corpus: 16250, signal 241089/280457 (executing program)
2025/11/16 04:33:19 fetching corpus: 16300, signal 241256/280457 (executing program)
2025/11/16 04:33:19 fetching corpus: 16350, signal 241416/280457 (executing program)
2025/11/16 04:33:19 fetching corpus: 16351, signal 241418/280457 (executing program)
2025/11/16 04:33:19 fetching corpus: 16351, signal 241418/280457 (executing program)
2025/11/16 04:33:21 starting 8 fuzzer processes
04:33:21 executing program 0:
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @loopback}})
getsockopt$IP_VS_SO_GET_SERVICE(0xffffffffffffffff, 0x0, 0x483, &(0x7f0000000040), &(0x7f00000000c0)=0x68)
sendmsg$sock(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e24, @local}, 0x1, 0x3, 0x4}}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000180)="487f44777ddcca7df2644b9381c2209f0d4921ac8bc0ed96d85a35ff466cc2c33831865da90262553333e4f7a56fbea525d66d36ce9702fb6137b993becabfa4ca9911bd9712bf7a0fcbad8ba80195a867875dea2b484282329198ea9c6e21b922a9e41f1a77d3c6fba67bf95fa2d466a3fbe7", 0x73}, {&(0x7f0000000200)="1e765fb3fa5cc6621e2e6c81ab25bd26fb5f74a9ff66eab2f9581a01b89c768311cf201d267c33d64c1e9318f7bffac30e8b9d52cfdbcce51de3a06f1b0b4c1c08f13f6ad842083c41c931fda1513970444c23f5670240439de196f2d08d537e63475fd200dc1056fd2bdee4c9713fffc4202bf56a62eed18c5a2be3beb8cb386867f8f09338bffad83c8fae822921d732230f6ad7da34beb05c1f4b984f02b9ab5852a73e03ac4b37b25ea0f1b08eb67989f8ded0fe4654644f94109853a146a0918345aa1e42a72e236faf02f458523da596", 0xd3}, {&(0x7f0000000300)="a66227bbb2106af9011b8c275e3a984e8829b442c315c9db7377a120fb802840f5fb1515e604593b9361eadb394b01efe9c8c0fa3d918db2a9a0933b3ab5b57b529346c44cfe6a71c5036aab63dae30239c2693c968dbb76996a26f30f5bbe7e8cb6987f3dc42dc26fea1fb8b4acbea0c9ddf45a7770ec630b1abbaf7fd44252921de90d920ae9b361b6557477706e8cc07e199cbfed53ad884d6444d9c17ffd9e959a252e6005af0989f6be2b80cb58ca295549f1d50137d3938ae29410bb2f2d753173fd602e57c8feee3344d402ae33be339e419488623e6941b144d398ee69cd843f11316e", 0xe7}, {&(0x7f0000000400)="eede6ccc748236e63116a202b67f46f9764eca", 0x13}, {&(0x7f0000000440)="d5b1478dd77de59623cd580656d0390b3771d6703bf687e7d5cc997e8baace1911a8c8c28be4c2549b600e7a7a307f6eadb7bf4e466d62023df6b71e0e1d43a75ea76ee5d0aac75b49ab9bf572f44973451237115e5ebb0284847d797711658b03ce6bd0c3f478e6bfdced5885a8465aedad6fba2922e3483942b11a5f30a61d429e4497565efa793729901a63793009b4b04b558f3e2fa6", 0x98}, {&(0x7f0000000500)="ca1e77d7583fbad7339e778ac9319a1c8561ff3eb2d3", 0x16}, {&(0x7f0000000540)="3d2620007218159310fb5c973de70cf5b80de04e54db85c94d6d53c36c6e3e63709eb267c80c4b1228acd643f1d1", 0x2e}, {&(0x7f0000000580)="1122dce0a1b1a08344afa94567f96323dba3aeb10d3319d4d62f6353c2405dfa61ba81b7af606f3e5d002b92adeed63b59a6066e55f168712daa6dc9e7cdf5bbd3468aa18024eb26c9ad7b65495b27627d95510a14e906594a2ec6c31107535fdec10349de873a64b93c854e8dcadd95d39f20ae875132a4d8dbf0d66dcde921c957bd1e10abdcb40f60eeb5b8112ee68d", 0x91}, {&(0x7f0000000640)="61fce8d8ade93c5602c256be835d77a9241eeb66601f90e603988129e310a419cb65cbd018f4839cfb759853faaff4aa44087aa4027a101aa8f76ec159ee2433578e2be0207eca686b6bf1f26be890eb92d0c940cf9b267432428365a471", 0x5e}, {&(0x7f00000006c0)="8b049d90c0e5e0557cd16d5951141e", 0xf}], 0xa}, 0x88000)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000800), 0xc, &(0x7f0000000900)={&(0x7f0000000840)={0xa8, 0x2, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x1}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e23}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x3}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x80}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20000040}, 0x200000c0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xff)
pipe2(&(0x7f0000000980)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x45000)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0)
getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f00000009c0), &(0x7f0000000a00)=0x2)
sendmsg$ETHTOOL_MSG_EEE_SET(r2, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x1c, 0x0, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@ETHTOOL_A_EEE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x8800)
sendfile(r0, r1, &(0x7f0000000b40)=0xfffffffffffffff8, 0x5)
connect$bt_sco(r1, &(0x7f0000000b80), 0x8)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), r1)
sendmsg$NL80211_CMD_DEL_KEY(r2, &(0x7f0000000d40)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c40)={0x98, r3, 0x800, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0xc, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "3352aeaea2"}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "a5dd1ba8f9ed80367235c2471f"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x20, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "c1bd63d16e"}, @NL80211_ATTR_KEY={0x2c, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_TYPE={0x8, 0x7, 0x2}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}, @NL80211_KEY_DEFAULT_TYPES={0x8, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x800}, 0x4040840)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000d80), 0x40, 0x0)
ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f0000000dc0))
getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000e00), 0x10)
creat(&(0x7f0000000e40)='./file0\x00', 0x2)
r5 = syz_open_dev$loop(&(0x7f0000000e80), 0x10001, 0x240001)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r5, 0xc0709411, &(0x7f0000000ec0)={{0x0, 0x1, 0x8, 0x400, 0x1, 0x9, 0x4, 0x3, 0x1, 0x2, 0x8, 0xfffffffffffffffa, 0x5, 0x9, 0x6}, 0x20, [0x0, 0x0, 0x0, 0x0]})
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000f80)={'#! ', './file0', [{}, {0x20, ':'}, {0x20, 'hash:net,net\x00'}, {0x20, '\\\'#]]'}, {0x20, '\n'}], 0xa, "dd5357e7bf44f3059d0ebbbe8a1e90bd9897ae29cac566e3bb4d55eb3552831593ace60a7ddfba0e03f30bd22ff83b963033498f9b056a39a6736603f6e746d3e273e3f5a839f9d6e85948b13cc5106299d4e16469bdfe65875915ac28e31d7609974fc9fa25c032ea076e26819b4f4c3692fc13172a01beaad09d902853b8866d06f699ecd4b8f7ffcf6d06c49351a39ec8df5568f76098699208486227b4822236cd7ad16f9a8c9228ebd8a550f5bf2a7f3c4170975fd9fd2ad1ccb896c5d0dcb7c98ac7efa5fb2e2d72f5f83bba4934afd3b927f2b1d05d5c447ebe11f6a1"}, 0x104)

04:33:21 executing program 1:
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000040)="e094a53a4a9e56b84d34a35487112314b1ddef7b79a20bbab88c4ce4a72319ecf598fe56da6b0feea8db49c2b37dfb7f9acf9dfc66d9049cd259e1eb2522ee4483365c7706e70040116be83e6d6da325039fc24cdea4885957d13e71dc5cc171fa81eba779e246d961974e58588b0c029da8768888bbc79db0abbb9f85ee7502b7e3e6c66daa0494ae32dab1c612a41130e0696b5384580faa8e188e3cb6ee64d9a8932ecd094977513b30e4267462d66719a5824345613e3269940cf9a9e85a6c744f33ae8990116a88f42c54fa64133459c85784f1cfce422111488dc0f49fffcba5b93aa0dda7e82242695eec2c4859ea6cbf7db3e19911a33742d19c9cf52798f67dfe880277260fc594d9069e9a3686911ca98b94829056651c0c048eddc38e4c79f0926c89ddd5f513d84764fbe20cc635b05bd7678148502cafb134cd1b59819c450938ea40078f408cb3ab5d9148dd5e837330ee770a394214274fc893aa532b8f6eb105d1cb28342084333661915cf916186a5f2810ae08c7f661108a9dc6ffc49544d66a03a4bb6e6089322d08f2330ea24214d98685ee3fd948dadfa92543b06771bc7c587e82f5aaee5a2f1721f3fdacfb064c3da8d6fbe1510905aa1fe6bde66bdc185287ef184c247a8afc76024df6c81712d3d05bce8ea144c9387186bacdc5dc6be4c8c334eca3a7efa133d555410bd2700d670bb270ce8e30d0a236b3be51b58e40ece43ee3db6819121880337323d5866db794d59a79b6dd1dcd7fd72a49cc4a617ca65f60c24d6a98830ac8286324979e1ca5be66da1c1bc392799cd43fdadf4a2e6e379cefc1017a3135111b29d9e16368c7339f458cf2378328fdda2c7e221b5ec053383c00a58226cdce9b2869911dafcf58397129ce5fe736652607133a71d36285c376fbe0279a2dd9c831162f4ceec9de5da40d698a7ff91a0ee25480c2c4f25be2ff4b79a1f604e838c0c88ebaca5adfb61be8dc1bbe9bd544865d9d9a95006108e3eeb27c32a8a284831c88d3f10dde8e4fdb5e70c3e4ad528b7649ed85976d72a0d22432a4c50a12dd6f6a8472057a23517d4f83d000df9fb95d0da0f18e80154635a8d653e57c15fc841f234de68d263d47dc6846c709c3858d5e7a9a0b8f3aadad10a5745270a7f98cee5caa096753ffc1190f52beaba5cf4c46da087b92eaaf33068883102c7d6e507e178cff0bd3921759f8f830bd14934fe8a7f842cdd13a7b1283532cb3915dbcd488386ac4e116ff8ff1fb165f3b24063f87318817bc345336959497923d8d885c8a9e8214b990915461c4df3611b3711ebf8c7a7d8abb365547e8036d4bfc5a5eb904d91aabab92f6cdcd86729a3d9194b7efeade12ec7c793814d5b440a3ae6e4ca35df6c2196d8c787bf63de75aee1f2d8f606d67c17ce351a3d186f06664fccfdbc470b54d7f7c4a76542d7bcf59c8e80768af687d80947176ceaddba5059ab576ed6fd11e4be0c8bc10cce7f215d6a7126633b1a1c743526b93bdd1db97612ed66999317e76e6822b2f1f36836470b61fdff60afbef634ce5a700b6773f59aee6bbeb6079df04a8bf37cf7e33fc916bfbcae3e63bac2972782ba3e0e919bd9f3ccedc47881799df032b57fd5ea71e502e97ca872f809813fcc33ec35fbba55c2defeff1d95016c90e316cd2176dd38af9d51f037b910b8697d5fb5feb95d58687bf1ac216ae6dd86fe6de99c91f76bd7a581156ab50151c9a9c219b04cfaf438647244f3cbbdc616f79fcbb53dd2041af28206cbefa9526a654bf6ffe8a3a0df76dbe11752b06634abde06945e726c0c236a76f01c721724e5e8ced445e149243e61fcb515a9b530c4b12333842a02fb5d8f653c0d1c812705f954f037ae8c8b4f1f4828cff38073618e549482584e6c543dc3903a3a98a473642fda6eee8e2bb9a0247884a72344dc447b91385e04b3d66d0319621b5578e3b4ccc02521fde5289f1212d17146f3982ef296e479458abcb088af498bc0d3174d350894c03c95a96ebca48488fead1a7690d0fa696aed7bfd99e25dfd999d93aafda2296845f8a04a9b21ad58a03b655e98eafd33ccdc85591543e2931c10523773b569ea7ae273f3927563b421132fad746a24356e0cc9e0459a3725071f901b68a44b068bfc3c3e1b0fd135c5906dc6673e11c4ac68874f77947ca72ef67b709ddc3a3a02b99dce25202f794eef9c1f8ca7fd815047d22f90c48cb92b028c08cb5e2a68f438cac9b0fc04c4a4309ad46ef3e23a878292159b5fe7050dbd9bc084bae44f45fab36f829b880ed1fde74b112576ed7f04b6b0280c81cbce802fb9fecbfad3b5639ad37ef7d77e972685a233ee1d9f93244853b92e971697f02f754cac0cf766ac144fd8700da1ae83d51aa56b5f90323a850a0e6b9ab957492d25ee14d69557c69c220527e298898d0a9b9e2d7b40180296deae45e4447032e5a36d2a86d73799ca59c196bd70835ec5c21d6e375efd645f2c669a8ee4e3fd570be3602479f83cfbb90dda9b93b5ea365d3cef7173b6194e3c75d420999f32f023b5108b6a2d186a2370e27b4a3e2d64551d2fd39611b83ab338da318142f8b1a5cfc992f1c9c4ca17135c7242c012a257ce09303e73e6cad1859095673f098c91c447a78309fe5e733cee005d49b99b9254d33d405b79653a6faf0daf33c7e6b62f6706c011ad66a3653da646fc834142ed82e60ddf02f2f00f7c0458959d2fdaa27b9caa1ad233907c8922178a098e7409cf044b53cae9e7e002baa64621e7f4f51459edcbfbeaa9728312cdfe339da8c71672db592e239f4b774348117d41c75bc34f793530a1a8f18fc73b481851d83a41a3dc51e44a52f90b228e53aaac0adab23e73e496c31bc0eb137d920e73f7ecedd98f57743a95ab6bd835315995240f6647c76c5663d95e132cc0c4f481890eb2544846b2617f776375975a9064d81a871a5e8895abdd389c9e629462a6260ff40f00fe83a51fa15a817962603e1afc090fbc2ab014e5d166c66b07accfe3cfd61c43fb914dd607a9953f53b53a297e9f1d3009f9378a5a8f185c9ecfd7736e2ce86707f3ccf767f1e6c149889c1ca107ebda46a9dca3fc1440a89930719ede84a6242cbce7dee0638e2fd515ca033eee0e5a46172a7c7378018ca43d7d091a6bf1c8e272ac02a6045ed15e2ded9c64b1fa284ee3f1a28722e5da7e972f75b57962e29d8d845ad788a66f3b779d9e8437391a88763412c306acd11228c551762a5260be6990d1876ba46ac6cf24520cb3732145f3963fcd9df461b23be523517aa66fca0335122f3267ad03baa7eeb385999bd2010c231634d408f62062724641d607b2e7b20267b781725ffb7e8996246df74dfa4cb2fa4cee375398bd7afa6d8cc5d568ec8aba01f0659df7c084f44b40395c55c4ceb882f3d36cb80a475942352ef834bc60649c106b554065a74d011ea22bd20ae053da34b6e3ebd06a15d1366fc1017b5244918b7fa215c245e67617b0128b2014bcf0c0d7e960b82ee66c3e69c3bb418a1b811735548ae3ac60212c1366492611404c4b4b649f70cb1f5acfc93b31e4012e9b8b7b77ae71d1f152238db4d11e00d3f9a02068b9fba76d88829cd5626e14258dbcf2f30a2dba65c0081e6c990313649a29929e5467eb787f9ecc4f7992e1a700e615eef40340f690f3db906bbc3691f66dafb56592d2305751fb702c54052e38c337a3923b3d2474c5ca9e85f382ed7b351380c3e35b676fa3c57b889ff81ec2721f90e8ccccd14234f91c39423aadd6d2c55a2f80cf47489396fbbdd53c222e1a5e63c19014ce6390bdc49401e50cf2fea4cdfb66759b4c021d25d0e1bc3ad553a7171206dc73259d512fd5e75cc91afc831c61f9922bf2ba0341605137ce4230248d138a26ce03ac3852fb35ac1933eda6052c0e41c95888340733308e03371d94c3f0ac11d30b25067307e5e0156f3414bbf93d50669776403aacb00e746229754632cd3a857bd2d8b40fded18c371a5120700348166788ea9118abb917b37b77c08be0ccad62a7edb0411c2a049ceb64bd0e79c8ca5973915914c693bf3855991742f427196961ea61b44f271bdb19d56068e3a15776e574342f677afe81e60be2b525e01eea90f9c911b85d861334345b861c1e4787a20efc514b717d0573d680021e3454d0d475a807e0fb610637008ec633d666a46b53a5769669ac8e755e904c850caa094350077283dc09291ca74fd49d0149ffeb62ca1c60a15ec9709a8aecf6fddd6c3c1669163f19bac2159cdc876ae3790332947d0f6baa48299f32e66ac34b42d7fab4161213946847fdf180a45ac1f3096ae617ee6a2a7190eed62a8e3f23c67e5798db5ac16cff353a02d60e51b3a6c3d59683f589fa62937c6eec141c7379427aff33b729ebf5630ed0173146f0176d3bd31fa4424ab5801863033ee06b1aedd7387277259a8d5f68be5312ea61afac06474ccfd874b4c8de1cdf8e1349616f95420d4732cc15282484504aa09e6fbdb6e0735bf36f6e7c2923386ec702bf3b63327ab887dd67dab5393c22d44e9bb6cc54a1fc0d1f34243dda92b9f3685b2c6ef9e9990983e4e1a2062273a7fc7c4dcebed8976a92ae7b48ad800ca17e437ee907ac1c570e78218ecaba0bac3e4670f327c43e425147c510895e7cac294719c0f7387ef478ad46de6d3e5ce06e8754f52084f7de5e69bbff05138770dde7906a9acc0f3b23357e240b4824105b168071a8f93c829fbf3f59b72660352fb7430c3891c9a1a32e5039718aea65d5cc0186823274453d2312f7d2d0c3532a0b4c73aeeb058467a9e9a4c45c408f4702913e11d522759a0ca6d4aef1104d7fdd8274ba472ba154abcf1a0e8ce2d639a0fa5a265aa8f05a8f809ff50041174df1179b67219f7607fc49d0e631b227916c32cccc57314c4715bd73dc8c3049fdb80d912e18f12318fa4e09ae43865b5adf309093294113f815daed84bb4863b6d70d4797c090f4f0a5e2bf9433ac1ae905f57de558e78dc403fbf81eccc840010f2af6ab2fb539b3677ed5af5f925302ddb27d667dcee8a0f712956ea9b3598a67daa4fc9318d3d77786633ee9a088bacdc30334a72ca099eca608aee84f11fdc74296eabf28463d51d4cc364e8143ae22e9e779380d63f9dcbd832fec5e25b8bdc6b59ca45608bd85110478873b85562376329b9d4520060888cfdf429b6445b55a2a096ca68f74df36b9aabd52c3e443a32908bfd11613f8282e062299664f8c2bf98ded7494f5bd8e60b72657412ebb3cfabb1b73da2b9804bcd415122d427f436b3f338cdbd9a67e7bc6ef7691f999be44edfde165d7e1c85ad93c66cfccca6472adea6c1d39103a6f4dcf5bd6d3748dedbae3c3f0536cdf05f802fabeca246937e8ade0c4e5aec9252431a116ebc7cb7f98973cc46de7a549785952faae2f4cbc570f7752dd829918b7e241afc5d836897d940dab7252b033f33b8b1edc39b6caaf40fe2b28bb7b70b2ba847d586eca6a6b2901899e02625e1aa2eaba9ac7e3e12ff83c860130ab2ab17cccbcbd0da2e74a9472a472797426180ff8096ce69e010eaad87865742c8417f362f67ad636f32345ff363ea438fde01ae2727b375fdbcac2517434643199b8f0887f224112be2bf232b1b808a561418a79714c7b3edbd5b09feb74153cd9192494592fd3ad554061a916d8807b2d6ce72cf66f8c1e689c09af4611970bd6d7cc02a070b7149acd56dac69cc9b02f7f8ed6a9c7eb0ff51f4a59cbfcad4db53", 0x1000, 0x20000001, &(0x7f0000001040)=@pptp={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x20}}}, 0x80)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000010c0)={[0x6]}, 0x8)
mknodat$null(r0, &(0x7f0000001100)='./file0\x00', 0x400, 0x103)
mkdirat(r0, &(0x7f0000001140)='./file0\x00', 0x18)
mkdirat(r0, &(0x7f0000001180)='./file0\x00', 0x74)
getsockname(r0, &(0x7f00000011c0)=@tipc=@id, &(0x7f0000001240)=0x80)
r1 = openat2(0xffffffffffffffff, &(0x7f0000001280)='./file0\x00', &(0x7f00000012c0)={0xc000, 0x182, 0x1}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000001300)={{0x1, 0x1, 0x18, <r2=>r1, {0x2}}, './file0\x00'})
renameat(r2, &(0x7f0000001340)='./file0\x00', r2, &(0x7f0000001380)='./file0\x00')
stat(&(0x7f0000001440)='\x00', &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
stat(&(0x7f0000001500)='./file0\x00', &(0x7f0000001540)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
fstat(r0, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
fstat(r1, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
newfstatat(0xffffffffffffff9c, &(0x7f00000016c0)='./file1\x00', &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x1000)
setxattr$system_posix_acl(&(0x7f00000013c0)='./file0\x00', &(0x7f0000001400)='system.posix_acl_default\x00', &(0x7f0000001780)={{}, {0x1, 0x6}, [{0x2, 0x0, r3}, {0x2, 0x1, 0xee01}, {0x2, 0x1, 0xffffffffffffffff}, {0x2, 0x3}, {0x2, 0x1, 0xffffffffffffffff}, {0x2, 0x0, 0xee01}, {0x2, 0x1, 0xee01}, {0x2, 0x4, r4}, {0x2, 0x5, 0xffffffffffffffff}, {0x2, 0x3, r5}], {0x4, 0x4}, [{0x8, 0x3, r6}, {0x8, 0x1, r7}], {0x10, 0x5}, {0x20, 0x1}}, 0x84, 0x1)
r8 = open(&(0x7f0000001840)='./file1\x00', 0x40001, 0x42)
mknodat$null(r8, &(0x7f0000001880)='./file0\x00', 0x2000, 0x103)
ioctl$int_out(r8, 0x5460, &(0x7f00000018c0))
openat2(0xffffffffffffff9c, &(0x7f0000001900)='./file1\x00', &(0x7f0000001940)={0x141000, 0x160, 0xd}, 0x18)

04:33:21 executing program 2:
msgsnd(0xffffffffffffffff, &(0x7f0000000000)={0x2}, 0x8, 0x0)
msgrcv(0x0, &(0x7f0000000040)={0x0, ""/228}, 0xec, 0x3, 0x2000)
msgrcv(0xffffffffffffffff, &(0x7f0000000140)={0x0, ""/135}, 0x8f, 0x2, 0x3000)
msgrcv(0xffffffffffffffff, &(0x7f0000000200)={0x0, ""/146}, 0x9a, 0x1, 0x2800)
r0 = msgget$private(0x0, 0x400)
msgctl$IPC_RMID(r0, 0x0)
r1 = msgget$private(0x0, 0x1)
msgrcv(r1, &(0x7f00000002c0)={0x0, ""/181}, 0xbd, 0x2, 0x3800)
msgctl$IPC_RMID(r0, 0x0)
msgrcv(0xffffffffffffffff, &(0x7f0000000380)={0x0, ""/95}, 0x67, 0x2, 0x0)
msgsnd(r0, &(0x7f0000000400)={0x0, "5c26db187cf43aef56614caa84ac63c8f83fa3ebd81c8d6dc767c284a0a52b49591647858466768ecd5c54402e4a559dd54868dfc9078a0d19fb48d8805cc90cff20f482049449ef384b6d61a5ccd6a1353bbfb78de1716cd3819af057fc34106acb4c"}, 0x6b, 0x0)
msgsnd(0x0, &(0x7f0000000480)={0x1, "841de03eff12e2aace969817"}, 0x14, 0x800)
msgrcv(r0, &(0x7f00000004c0)={0x0, ""/5}, 0xd, 0x3, 0x1000)
msgctl$IPC_RMID(r1, 0x0)
r2 = msgget(0x3, 0x1)
msgctl$IPC_RMID(r2, 0x0)
r3 = msgget$private(0x0, 0xa0)
statx(0xffffffffffffffff, &(0x7f0000000500)='./file0\x00', 0x100, 0x7ff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
r5 = fork()
msgctl$IPC_SET(r3, 0x1, &(0x7f0000000640)={{0x0, r4, 0xee01, 0xee00, 0xffffffffffffffff, 0x2, 0x70}, 0x0, 0x0, 0x461b71b, 0x5631, 0x8c, 0x8000, 0x0, 0x0, 0x8f, 0x745, r5, 0xffffffffffffffff})

04:33:21 executing program 7:
ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000000)={'vlan0\x00', {0x2, 0x0, @local}})
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@rc={0x1f, @any, 0x2}, 0x80)
sendmsg$NL80211_CMD_DEL_PMK(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x8, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x7ff, 0x1}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000810)
sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x4c, r1, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRET={0x18, 0x4, [0x5e2c411e, 0x800, 0x8, 0x3, 0x9f]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000004}, 0x4044041)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000380), 0x2002, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000400)={'veth0_macvtap\x00', &(0x7f00000003c0)=@ethtool_test={0x1a, 0x0, 0x34f4, 0x2, [0xcca2, 0xde]}})
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x44, 0x0, 0x10, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa3}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa1}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000880}, 0x40000)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r2, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(r2, &(0x7f0000000940)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000900)={&(0x7f00000006c0)={0x218, 0x0, 0x4, 0x70bd2c, 0x9, {}, [@TIPC_NLA_MEDIA={0x7c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8c5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7bae}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}]}, @TIPC_NLA_BEARER={0xdc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x78}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xcef}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'veth1_vlan\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf467}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x400}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xb8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2a}]}, @TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'bond0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x480}]}, @TIPC_NLA_MEDIA={0x80, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xd3ed}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xff}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xe8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}]}]}, 0x218}, 0x1, 0x0, 0x0, 0x40000}, 0x1)
sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000bc0)={&(0x7f0000000980), 0xc, &(0x7f0000000b80)={&(0x7f00000009c0)={0x1a8, 0x0, 0x20, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0xe8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb14}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}, 0xf0000000}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x4014c2d5, @mcast1, 0x3}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x101}]}, @TIPC_NLA_BEARER={0xac, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xea7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_PROP={0x4}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3e0}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2c226821}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xca}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}]}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x4000090}, 0x20000010)
r3 = inotify_init1(0x80800)
fsetxattr$security_selinux(r3, &(0x7f0000000c00), &(0x7f0000000c40)='system_u:object_r:vmware_device_t:s0\x00', 0x25, 0x2)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000cc0), r0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000d00)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_POWER_SAVE(r0, &(0x7f0000000e00)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d40)={0x58, r4, 0x100, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x1, 0x5a}}}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000040}, 0x40000)
r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000e80), r0)
sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000f40)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x24, r6, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x4}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}]}, 0x24}}, 0x40804)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0)

04:33:21 executing program 4:
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, &(0x7f0000000000)=0xe6e, 0x4)
setsockopt$netlink_NETLINK_RX_RING(0xffffffffffffffff, 0x10e, 0x6, &(0x7f0000000040)={0x1, 0x7, 0x10001, 0x6}, 0x10)
ioctl$AUTOFS_IOC_CATATONIC(0xffffffffffffffff, 0x9362, 0x0)
r0 = eventfd2(0x4, 0x40800)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0, {0x1}}, './file0\x00'})
r2 = pidfd_getfd(r1, r1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xc)
io_submit(0x0, 0x5, &(0x7f0000000500)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f00000000c0)="575e29a97e4fbedbe3681868bbcdae87c8e9834bbf6bc712dd6081b489c1a350f0a832e77830f6cb4ef5149cf5f753efb792b50ebe74124c7220e7b4e335751754784a117208ab372b11cdef86a9c3e118535b1dde00ccc22cd0afebe86cb201d3addbd47fe2ef6b55e0e9c27207247c9fa1c93ab52ffe997e6dc7d5d05a1fe632d20b9809db15aaf969821f7cf10306e96be480", 0x94, 0xffffffffffff8f4a}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x2, 0x400, r2, &(0x7f00000001c0)="6005a16748eb18ed0983e15e2bbcd2a5796e0fade4adaf55be98643112e8f798bb372f2d30fefd013fd928e3ca36c36681dccd5f3fb6905c80793638fca1407e2f8926be18517832f90e63c4204c156ad33d920256d4e17ec140537d2a44fc7dd72960f70b9c3614d1be4ca4dd7896cbc7cc94ee082b54f88ff7604c34d3", 0x7e, 0x7, 0x0, 0x1, r1}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x2, 0x80, r3, &(0x7f0000000280)="bc4c7baefa903a0835fcd7b2a78b856b3556802e26b82a5d72032d593d5dbd86dae6d7d19075bf37caaabf476af12f1d4f5271fc80bf92d4544fa0d0d4f6b89a159157929970e626b1f402a3da08ca42363707a772a0083caa324aa910d8dfaf78cc4aeec8969a4a97f2e77663cf2cf0345641d3b24e406cea81bfe6736106893aca38ffc7cd5be0fcbae1ad91a81febcfe47ac2dbf54d7e6110a5291d571c394730cde795ae4dfa3f3b01e9c1ad8fa6f8d6834104", 0xb5, 0x1}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x8, 0x2a, r0, &(0x7f0000000380)="ef46fa1001f45fe7fc1bb0cfea70ac91e7c66a2f0c444d325291df0fdf37962dfc3f9d6950bcaae5034114e3519fae05f33a7a446877600620346655507528148d8b5b12ef91f79f27a350bd6de3664d4b7d1bcdc65369561d11cf12cc444ef92443b15c731bff1fd69be33b409057fda827918d815bfe1381e92752d678165d19bf6920d10e1ea7037688e4", 0x8c, 0x10001, 0x0, 0x3}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2, 0x0, r0, &(0x7f0000000480)="d05fe8db85c6d0de46866b9841e56cc84fa40f2fd46299aca8ab3157", 0x1c, 0xffffffffffff690b, 0x0, 0x2}])
io_setup(0x9, &(0x7f0000000540)=<r4=>0x0)
io_destroy(r4)
r5 = openat$cgroup_devices(r1, &(0x7f0000000640)='devices.allow\x00', 0x2, 0x0)
close_range(r5, r2, 0x2)
r6 = openat$cgroup_ro(r1, &(0x7f0000000680)='cgroup.events\x00', 0x0, 0x0)
r7 = openat$zero(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
bind$netlink(r7, &(0x7f0000000700)={0x10, 0x0, 0x25dfdbfe, 0x8000}, 0xc)
io_setup(0x8, &(0x7f0000000740))
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0), r6)
sendmsg$NL80211_CMD_SET_MPATH(r6, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x34, r8, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x44810}, 0x8000)
r9 = pidfd_getfd(r1, r2, 0x0)
openat$cgroup_int(r9, &(0x7f00000008c0)='cpuset.mems\x00', 0x2, 0x0)

04:33:21 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000000)={'gre0\x00', <r1=>0x0, 0x700, 0x8, 0xf6ec, 0xfffffff9, {{0x28, 0x4, 0x0, 0x33, 0xa0, 0x65, 0x0, 0x5, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x11}, @multicast1, {[@end, @lsrr={0x83, 0x7, 0x93, [@multicast1]}, @end, @rr={0x7, 0x23, 0x6, [@empty, @private=0xa010101, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @remote, @broadcast, @broadcast]}, @timestamp_addr={0x44, 0x14, 0x8, 0x1, 0x6, [{@remote, 0x7}, {@broadcast, 0x8}]}, @ssrr={0x89, 0xb, 0xc1, [@multicast2, @broadcast]}, @timestamp={0x44, 0x10, 0x62, 0x0, 0x8, [0x5, 0x4, 0x7ff]}, @lsrr={0x83, 0xf, 0x19, [@multicast1, @private=0xa010100, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp={0x44, 0x20, 0x27, 0x0, 0x5, [0x6, 0x97, 0x1, 0x0, 0x6137, 0x80000000, 0x4]}]}}}}})
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000100)={0x5, {{0x2, 0x4e21, @broadcast}}, 0x0, 0x7, [{{0x2, 0x4e24, @empty}}, {{0x2, 0x4e22, @rand_addr=0x64010102}}, {{0x2, 0x4e20, @multicast2}}, {{0x2, 0x4e24, @broadcast}}, {{0x2, 0x4e23, @local}}, {{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xd}}}, {{0x2, 0x4e20, @remote}}]}, 0x410)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000540)={0xffffd7d7, {{0x2, 0x4e23, @multicast1}}, 0x0, 0x2, [{{0x2, 0x4e23, @private=0xa010100}}, {{0x2, 0x4e20, @remote}}]}, 0x190)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f0000000780)={'ip6tnl0\x00', &(0x7f0000000700)={'ip6tnl0\x00', <r2=>r1, 0x2d, 0x6, 0x2f, 0x3, 0x53, @empty, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8000, 0x40, 0x7, 0x5}})
getsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f00000007c0), &(0x7f0000000800)=0x4)
openat$random(0xffffffffffffff9c, &(0x7f0000000840), 0x300, 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000880)={0x3, {{0x2, 0x4e23, @private=0xa010102}}, 0x0, 0x2, [{{0x2, 0x4e23, @multicast2}}, {{0x2, 0x4e22, @multicast1}}]}, 0x190)
r3 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000c00)='.pending_reads\x00', 0x8002, 0xc8)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000e00)={'syztnl0\x00', &(0x7f0000000c80)={'gretap0\x00', <r4=>0x0, 0x8000, 0x8, 0x40, 0x5, {{0x4d, 0x4, 0x0, 0x6, 0x134, 0x68, 0x0, 0x81, 0x4, 0x0, @private=0xa010102, @remote, {[@timestamp_prespec={0x44, 0x54, 0x57, 0x3, 0xd, [{@loopback, 0x7}, {@rand_addr=0x64010101, 0xfc5}, {@broadcast, 0x6}, {@broadcast, 0x2}, {@multicast1, 0x8}, {@dev={0xac, 0x14, 0x14, 0x35}, 0x5}, {@private=0xa010101, 0x7}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@private=0xa010100}, {@private=0xa010101, 0x8000}]}, @timestamp={0x44, 0xc, 0x95, 0x0, 0x9, [0x3, 0xffffffe0]}, @generic={0x2d3251d97a4f9630, 0x4, "73c1"}, @cipso={0x86, 0x36, 0xffffffffffffffff, [{0x1, 0xb, "7351e122c7f1fd015d"}, {0x0, 0x2}, {0x2, 0x6, "0574faa8"}, {0x1, 0xc, "f765b3b4b115aa65a6ff"}, {0x0, 0x11, "725a32d333d04d1aef9cf34c38ad63"}]}, @rr={0x7, 0x13, 0x71, [@empty, @broadcast, @multicast2, @multicast1]}, @timestamp_addr={0x44, 0x4c, 0x8f, 0x1, 0xa, [{@multicast2, 0x2}, {@broadcast, 0x1}, {@private=0xa010102, 0x80}, {@multicast2, 0x9}, {@empty, 0x7c}, {@empty, 0x4}, {@empty, 0x318230dd}, {@private=0xa010100, 0x200}, {@multicast2, 0x803}]}, @lsrr={0x83, 0xb, 0x4a, [@rand_addr=0x64010101, @empty]}, @timestamp_addr={0x44, 0x1c, 0xa7, 0x1, 0x0, [{@multicast2, 0x8}, {@empty, 0x3}, {@local, 0x80000001}]}]}}}}})
r5 = accept4$packet(0xffffffffffffffff, &(0x7f0000000e40)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000e80)=0x14, 0x80000)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000f40)={'syztnl2\x00', &(0x7f0000000ec0)={'syztnl1\x00', <r7=>r2, 0x29, 0xff, 0x9, 0x200000, 0x20, @loopback, @local, 0x7, 0x80, 0x3, 0x1715}})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000001840)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001800)={&(0x7f0000000f80)={0x844, 0x0, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x80}, @ETHTOOL_A_LINKMODES_HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0xfffffffe}, @ETHTOOL_A_LINKMODES_OURS={0x94, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x8d, 0x5, "62058e1a230bd4a8e577e209aba712aa27ed061ede8f6195dc508b872516a99ec1de5fa5f501333e1c6ecf0d2ac6014cb0737784eeb85c181533f6e23b9d28b27804eb0eaf8a87c17b14eece18adb552f42acc84aaf489d4fb9e7282dbeab65acacaf111a2f334b6ac7b36ab816d5751bc7e6fd9608b5378d1fbcbc231218c5476a1ad79cbbe23c3be"}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x8}, @ETHTOOL_A_LINKMODES_OURS={0x2ac, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x94, 0x3, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '$\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x286f550a}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xd20}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x401}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xfffffe01}, @ETHTOOL_A_BITSET_VALUE={0x54, 0x4, "3ac86afdf424e0be494ad773d43f8625d6527e47b87ff33ca01ece3e82b7dba772fe50798109145dc44ea1f24febec383ea4fcabfc53f63ab1ab21d81f3dd8b4c2b08bfc1a8d83cca326b78ac058e5b4"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0xc7, 0x4, "999af08de335a109a939551289dc285638e3249b02e5a2225f56a9340f28d0617d857b4eaa8caf37f9023b30daeb55c328acdf98bdc6d867183a081eb0b8caada482cd815b51af94b9b2159c34bd8ba03954b903fc27aa7c8d7d6a3638f4b5c34fbd15d96c5ce20f16b8d250bebc886fa34794084859e4161a56ce1f6849475b8d0acd764f1a036a2b73ca4540821e7da916665b4aa535609a38a464b48109cd47eaa17d517119692899dea83fcadc1e99700724e2aee1e0fed088d0f472c47af31e15"}, @ETHTOOL_A_BITSET_BITS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}]}, @ETHTOOL_A_BITSET_VALUE={0xd8, 0x4, "daa59557b92fa2df8f9363632426c42eec633b842ca0eae8a63082f61be2574502da3d2450e665f222a284e776c064d43c8d244490b0d8b52ba7ac63465a982f986e7713d4e06de49177368985ca7dda49439e1268c19ea4b0ad0226ea93c9cb6c3ef0af66661020311b5f96d4c3de1761f3bc6c5c048997e63757bbdaacf045d3d1e0b7de40977ed784284c521460126796feda1720918e3a08603981186c74364e15bdf1be3be6e896b306bfc27e48351c944007e30b6fcc8987e0fdf0eb3fdcde82f2bbeaed85324cedc10bdbb5ec1dae96a5"}]}, @ETHTOOL_A_LINKMODES_OURS={0x468, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xd6, 0x4, "ff881571acd183b5839cbf71f85abe703451cb11e878ba7e53bd1ac088d7c8571ac0bb0ea6070d7f97e2caaf21616690493428b7f836461d818144fb3af3a373c07e262ba68221c4caa7ef7a5a69f022dd6ad92dbb6c0965592ec3c15326f9783f7caf8b75be11baec13eff54d5595468568d71274bfd034631f42235861a508558e0cf42a0e834f217054d4bab1abecaf7fbd9438a2d5acc8eebdc75509985d7907efd6f10e66aec3ecf8c134e430e5d3696ed3c65900a0ee280c94511cb491e58db6408b8a4f1a93c96ae34b8e44411954"}, @ETHTOOL_A_BITSET_BITS={0x90, 0x3, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'syztnl2\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '.l(}){+\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, 'gre0\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '},\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '.]:#}@\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x5}, @ETHTOOL_A_BITSET_VALUE={0xd8, 0x4, "f4b8ca9120caf86cf551f24bf09c08f0ee89bce2e51e08c7cf6b72a53e166d6d99062c3367a2e61bd96a995c078f7d607e42e182a8a7c6e531655e951a1b9a8eda282bc8a94d28f3cb41cc91cddf5710ad58457e7241a57a07914e9d1c2faf85c8f4d122d4ea793384f5dc2398f15ce3fd11d997b8ea34b650f018b4d7f7d7e1920800d13214194896ae0b7fa7744e4dbe68a84e4f89ccce86a305c2e87dbdfd81969509230ff652b27ba5e3583392944f4b030ec19ecaecda0329088b0ce01bca298258246eff77651ffe83ecaaea10c4f9394f"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x3a, 0x5, "0c04d8bd1708940625249dd96958e0e2e12aff68b3b49e82b87694615bf2099e49e3f66512c1e23109f2bc99ebf2e6521be47014428f"}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0xc9, 0x5, "cb388eadea4892a2f2795cd22fc860e6b29dd502c85555564179dc2a047389b7f7c023f01de71c56d62c9c49642016864378cb068f6aed7e2148ee6e68c559a3a6b48c298cb7cbc3313a983c1f7db61008c8d7304d6ce4a0f1b98b22df5c8469d18b88bc6e48488c5c812ead120091570eecb667a18d7483e3a96042bd8dea719355e3be13370e7cf9beadb4d71b39ea4ff75cd28c2f26adaaf91735dc42880b7f5a37521cc14475e0decba422ac465b65c43204a3555703e0c2fc4938787c7faff3f70919"}, @ETHTOOL_A_BITSET_VALUE={0x102, 0x4, "fbb20a8166442ddcc561fee7dedbcf5b6bd9ca38a7bf90086ef551c30c09058279425b8db8d4aa28d6aef624bff7776223168bc7b96c99c5ffda4b0c14038f388fc50a94cdc6915ab4c942a938d7f8194a99a2c955487207f62ec68422faa329a0218619d1351d9418a9e7783d21cf98929b576b07234c69ba904c4cd29c2910bdd9da6a98ba1422262fb9eb3265175672a7b9d9be9f852855732fee8c47b89ebc883df19e856b1963e49a10f2da8475f9efde925f3666fc64c0e70be6c4892367d40b2a07a143daacb2e55ae26672f132aab33ed1dcacdb5ae366c7de98deb06725f5f75f02563cca5b1d93778af92661532d2beed0b312f16d4ba4a78d"}]}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x1}]}, 0x844}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
r8 = signalfd4(r0, &(0x7f0000001880), 0x8, 0x1800)
getsockopt$ARPT_SO_GET_ENTRIES(r8, 0x0, 0x61, &(0x7f00000018c0)={'filter\x00', 0x3d, "95f44111eb8b979c0210372ab13b7ca53f12bdea34bb855aa91343b3bd2704e6338e578c7fb092ac7667a420e8e232c48247c59bc1218b065006a036d1"}, &(0x7f0000001940)=0x61)
setsockopt$inet_group_source_req(r0, 0x0, 0x2f, &(0x7f0000001980)={0x9, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e22, @private=0xa010100}}}, 0x108)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x32)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r8, 0xc0189375, &(0x7f0000001ac0)={{0x1, 0x1, 0x18, <r9=>r5}, './file0\x00'})
setsockopt$inet_IP_XFRM_POLICY(r9, 0x0, 0x11, &(0x7f0000001b80)={{{@in=@rand_addr=0x64010102, @in6=@dev={0xfe, 0x80, '\x00', 0x2e}, 0x4e24, 0x0, 0x4e23, 0x3, 0x2, 0x80, 0x80, 0x2e}, {0xe01, 0x6, 0x3ff, 0x4, 0x4, 0x6, 0x6, 0x4}, {0x0, 0x0, 0xe09, 0xfffffffffffffffa}, 0x4, 0x6e6bb9, 0x1, 0x0, 0x3}, {{@in6=@mcast2, 0x4d3, 0x3c}, 0xa, @in=@multicast2, 0x3507, 0x2, 0x0, 0x1f, 0x1, 0x800000, 0x1}}, 0xe8)

04:33:21 executing program 5:
r0 = mmap$IORING_OFF_SQES(&(0x7f0000ff1000/0xe000)=nil, 0xe000, 0x2000004, 0x11, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r0, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xf62efeeb18cbbe35}, 0x7)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='io.stat\x00', 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)=""/115, 0x73}, {&(0x7f0000000100)=""/110, 0x6e}, {&(0x7f0000000180)=""/10, 0xa}, {&(0x7f00000001c0)=""/236, 0xec}, {&(0x7f00000002c0)=""/141, 0x8d}], 0x5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r3, 0x8040942d, &(0x7f0000000440))
read$hiddev(r1, &(0x7f0000000480)=""/98, 0x62)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)={<r4=>0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, <r5=>0x0})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000700)={"ab4e2d10a890bac10dce0c5eb0787cea", 0x0, r5, {0x6}, {0xffff, 0x4}, 0x200, [0x101, 0xffffffff, 0x3, 0x1, 0xe8, 0xfd4c, 0x1cee, 0x4, 0x8001, 0x0, 0x2, 0x81, 0x5, 0xfffffffffffffff8, 0xc924, 0x3]})
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x800002, 0x4010, r2, 0x8000000)
syz_io_uring_submit(r6, 0x0, &(0x7f0000000840)=@IORING_OP_LINK_TIMEOUT={0xf, 0x5, 0x0, 0x0, 0x0, &(0x7f0000000800)={0x77359400}, 0x1, 0x0, 0x1}, 0x1)
r7 = pidfd_open(0xffffffffffffffff, 0x0)
write(r7, &(0x7f0000000880)="7d2015b72563b5175d7de8f6f4f01d713b104a35f9843e5589f24940e94425e258fb9fe54fa18edb49fe018d9171df22b73575a36b30d42fd4a02474ac33f530f1c36abfe086e5f63aa8cd8e898ff84f7d855b1dbbd1c47f239a173d071f2c6b54be656cb2f22510769236cc65707dd1f5707da7082ffb7c19d77b007874b029f6487da79ecf561a4d8174e7cddb5b89a68323857cbce2c865de2f29142ba720b098bba31e545234fadf3900c83f9de2", 0xb0)
ioctl$BTRFS_IOC_INO_LOOKUP(r3, 0xd0009412, &(0x7f0000000940)={r4, 0x8})
sendfile(r7, r3, 0x0, 0x8)
ioctl$BTRFS_IOC_DEFRAG(r7, 0x50009402, 0x0)
r8 = io_uring_setup(0x382c, &(0x7f0000001940)={0x0, 0x94e3, 0x2, 0x3, 0x208, 0x0, r1})
sendfile(r1, r8, &(0x7f00000019c0)=0x5, 0x101)
ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205)
ioctl$FS_IOC_ENABLE_VERITY(r3, 0x40806685, &(0x7f0000001b00)={0x1, 0x1, 0x1000, 0x71, &(0x7f0000001a00)="1ebddccc76dd5984053aff53b8ea99198ca204b2f6bd1134d5d76ff31b763d6622a12eb7b66dcd125e3b6b9564055841f0bd85a194db344085295c43142ec6c1156dbc80aab7751b07e9b91e4611356fd4d3e6a8234d028478a1600b42e74b54f8b2dc166a4699796c42b62f42868ba54d", 0x7c, 0x0, &(0x7f0000001a80)="500d7fb531a79effe08db323e6e514917e72dfe317a5d97913ecee2d15c3441f47e69b9e32cbdb8777d5f21cf9827824ab388958cbb8cf5c5bb0ef11f0e028a5f657dce3900f2f0ad8593d921089e7c74b1d8c6b75fc23b59b9f8efc9ad396fe73785ed40621f8a3f64e805e20a9ba2a40f92bb824eb0034f0d5d7fb"})

04:33:21 executing program 6:
r0 = syz_mount_image$nfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4, 0x3, &(0x7f0000000200)=[{&(0x7f0000000080)="1bcf6b72caff630734fcdec901407100de83af8f783776ee03d389a92581f65dd061bbea523aa88ebbacf922eda3ad1ba76484eab93fad98c7bcae", 0x3b, 0x3}, {&(0x7f00000000c0)="4b4be45bbd35b70b191204d48fa46a6b803172888123d0ca0388bf7895ecb5b92c13b41b23a25f0400d46320096dfb9166d84b7e2971959d6a7a4d67e6d7830c3ed569896ff62deff088a26ccb631c0a706baaf455cd6036f7ebd79205ea20d5242121f49fb884d281da03175560c575b9d6b542e4ee9f00a07f2d05b483071e43be6c8755f43c5d3449a28aff2c5959f976316eba561d67fc96c58b405b6a6173d5d5c0aecf379eb203ad5917fd3175934af00a0481114c1ff0ca2eafafc0ffd650df099adc4014ebe90f2874d20ae2c50a193eae", 0xd5, 0xbb20}, {&(0x7f00000001c0)="43ee0233de15875a144a64940695c9f3ac600b7498", 0x15, 0x2}], 0x1000000, &(0x7f0000000280)={[{'/&\\&@$(]'}, {'.'}, {'-%}.'}, {}, {'#*'}, {}, {}, {')^B}-.^+)]}\x89'}, {}, {'\'\x03$$(\xd2))}'}], [{@dont_measure}, {@euid_lt}, {@measure}, {@subj_user}, {@obj_type={'obj_type', 0x3d, '*%!'}}, {@dont_hash}, {@hash}, {@seclabel}, {@defcontext={'defcontext', 0x3d, 'root'}}]})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x101000, 0x123)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, &(0x7f0000000380)={@id={0x2, 0x0, @c}, 0x10, 0x0, '\x00', @d})
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000480), 0x400, 0x0)
fstat(r1, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000540)={{{@in6=@dev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@broadcast}, 0x0, @in=@initdev}}, &(0x7f0000000640)=0xe8)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x1001021, &(0x7f0000000680)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'dont_measure'}}, {@access_uid={'access', 0x3d, r3}}, {@cache_mmap}, {@access_user}, {@version_u}, {@dfltgid={'dfltgid', 0x3d, 0xee00}}], [{@dont_appraise}, {@smackfsfloor={'smackfsfloor', 0x3d, 'hash'}}, {@uid_eq={'uid', 0x3d, r4}}, {@dont_appraise}, {@smackfstransmute={'smackfstransmute', 0x3d, '-%}.'}}]}})
name_to_handle_at(r0, &(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)=@FILEID_BTRFS_WITH_PARENT_ROOT={0x28, 0x4e, {0xcf, 0x66aa, 0x1ff, 0x80000000, 0x7, 0x40}}, &(0x7f0000000840), 0x1000)
r5 = syz_mount_image$tmpfs(&(0x7f0000000880), &(0x7f00000008c0)='./file0/../file0\x00', 0xfffffffffffffffb, 0x7, &(0x7f0000000bc0)=[{&(0x7f0000000900)="02f9f584a8e008cf55588db58108b3", 0xf, 0x4}, {&(0x7f0000000940)="7f2257eae100c70129cc11d5b634d4bc7a16ef64d0c0953040896784902210e8a67b28b51e6573", 0x27, 0x9}, {&(0x7f0000000980)="20e2c480c2c6d8f7b545ba7814421b59d8a9fa425838df998b05a70bb9616ea0385e270e236019c6a1118f7a66c4484eee87f3ba8e66638e97e9520ab8eaa3811b43a33238aa16a966ecc6980980435f88573890b387", 0x56, 0x3}, {&(0x7f0000000a00)="601f6962ead7ada641fbce06d57f21519dca71cf99d6be593fd580c5861ed32d4598aa7ecb1336102fe809813c22b8f92c707e3a4db830b3f7d06135e494c8a1ff930eebb703962f2403280f61a46ac5ff83cd77ef8f4ad7f1e68e5956e263feda24b339f386b959eb6c68b5fa0dbf58617bce0526aa610ad2e62099cadad84808c8f57c8dd9", 0x86, 0x2}, {&(0x7f0000000ac0)="b5162b14e335e9398ecc95", 0xb, 0x3}, {&(0x7f0000000b00)="ed08809d0b750239fb1c087b1ae5e16bb281075adbe3fa47a4", 0x19, 0x3e2}, {&(0x7f0000000b40)="dfbbf18f7a7964aa1363212091e95a3040fa7a296abdef55928258f73907717fcf2ff4f6d223b1f4bedba1ad172e0857023e7ec2ab9ea80b672680ccbf11d759c00172b6f93edf582bf433de21719b5822250e9a61f1ac343e26e28940bc4774543314", 0x63, 0x7}], 0x2000400, &(0x7f0000000c80)={[{@huge_within_size}], [{@measure}, {@obj_type={'obj_type', 0x3d, 'subj_user'}}]})
newfstatat(0xffffffffffffff9c, &(0x7f0000000cc0)='./file0/../file0\x00', &(0x7f0000000d00), 0x400)
ioctl$BTRFS_IOC_GET_DEV_STATS(r5, 0xc4089434, &(0x7f0000000d80)={0x0, 0x0, 0x1, [0x8, 0x8f14, 0x7fffffff, 0x7, 0x76c6], [0xe3d, 0x4, 0x5, 0x5, 0x8000, 0x3ff, 0x5093d3c4, 0x311d, 0x1, 0x1, 0x200, 0x2, 0x4, 0x4, 0x8, 0x1, 0x5, 0x0, 0x7fff, 0xff, 0x5, 0x60, 0x81, 0x9, 0x3, 0x80000000, 0x7fff, 0x58c5, 0x9, 0xa4, 0xab2, 0x72, 0x0, 0x800, 0x2270, 0x81, 0x9, 0x6, 0x10000, 0x100000001, 0x9, 0xd8, 0x1, 0x6, 0x5, 0xfffffffffffffffa, 0x8, 0xffffffffffffe3b3, 0x100, 0xae6, 0xbf58, 0x7, 0x2, 0x6, 0x1, 0x3, 0x8, 0x2, 0x0, 0x8, 0x1, 0x7, 0xce, 0x401, 0xc4, 0x7, 0x3, 0x601c, 0x4, 0x101, 0xffff, 0x34a, 0x10001, 0x2, 0xffff, 0x7, 0x10000, 0xffff, 0x10001, 0xdd, 0x100000000, 0xbc, 0x546a, 0x2, 0x4, 0x9, 0x0, 0x7ff, 0x2, 0xff, 0x6, 0x5, 0x1f, 0x1, 0x3, 0x0, 0x8, 0x5987, 0xe00, 0xffffffff, 0xfffffffffffffffe, 0x7, 0x9, 0x8, 0x6, 0x6, 0x3, 0x349, 0x4, 0x10001, 0x5, 0x9, 0x20, 0xf0, 0x4, 0x4, 0x7, 0x101, 0x0, 0x625df6ce, 0x6]})
r6 = dup(r2)
fcntl$setownex(r6, 0xf, &(0x7f00000011c0)={0x2})
renameat2(r1, &(0x7f0000001200)='./file0/../file0\x00', r0, &(0x7f0000001240)='./file0/../file0\x00', 0x2)
r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001280), 0x40, 0x0)
ioctl$SNAPSHOT_FREE_SWAP_PAGES(r7, 0x3309)
fremovexattr(r2, &(0x7f00000012c0)=@known='trusted.overlay.nlink\x00')
ioctl$FICLONE(r7, 0x40049409, r6)
r8 = syz_open_dev$mouse(&(0x7f0000001300), 0xffffffff, 0x0)
fsync(r8)

[   91.984034] audit: type=1400 audit(1763267601.292:7): avc:  denied  { execmem } for  pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   93.190120] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   93.194438] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   93.196652] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   93.200217] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   93.206877] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   93.208894] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   93.208921] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   93.214525] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   93.216503] ==================================================================
[   93.217830] BUG: KASAN: slab-use-after-free in hci_cmd_work+0x66d/0x6d0
[   93.219050] Read of size 2 at addr ffff88800e8d8df8 by task kworker/u11:1/291
[   93.220991] 
[   93.222684] CPU: 0 UID: 0 PID: 291 Comm: kworker/u11:1 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) 
[   93.222720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   93.222738] Workqueue: hci1 hci_cmd_work
[   93.222772] Call Trace:
[   93.222781]  <TASK>
[   93.222791]  dump_stack_lvl+0xca/0x120
[   93.222823]  print_report+0xcb/0x610
[   93.222856]  ? __virt_addr_valid+0x100/0x5d0
[   93.222886]  ? hci_cmd_work+0x66d/0x6d0
[   93.222917]  ? hci_cmd_work+0x66d/0x6d0
[   93.222950]  kasan_report+0xca/0x100
[   93.222982]  ? hci_cmd_work+0x66d/0x6d0
[   93.223017]  hci_cmd_work+0x66d/0x6d0
[   93.223051]  process_one_work+0x8e1/0x19c0
[   93.223095]  ? __pfx_process_one_work+0x10/0x10
[   93.223131]  ? move_linked_works+0x172/0x270
[   93.223160]  ? assign_work+0x196/0x240
[   93.223195]  worker_thread+0x67e/0xe90
[   93.223231]  ? trace_irq_enable.constprop.0+0xc2/0x100
[   93.223262]  ? __pfx_worker_thread+0x10/0x10
[   93.223298]  kthread+0x3c8/0x740
[   93.223331]  ? __pfx_kthread+0x10/0x10
[   93.223362]  ? ret_from_fork+0x79/0x7a0
[   93.223388]  ? lock_release+0xc8/0x290
[   93.223427]  ? __pfx_kthread+0x10/0x10
[   93.223459]  ret_from_fork+0x67a/0x7a0
[   93.223484]  ? __pfx_ret_from_fork+0x10/0x10
[   93.223511]  ? __switch_to+0x759/0x1060
[   93.223546]  ? __pfx_kthread+0x10/0x10
[   93.223579]  ret_from_fork_asm+0x1a/0x30
[   93.223621]  </TASK>
[   93.223630] 
[   93.246431] Allocated by task 293:
[   93.247056]  kasan_save_stack+0x24/0x50
[   93.247773]  kasan_save_track+0x14/0x30
[   93.248483]  __kasan_slab_alloc+0x59/0x70
[   93.249219]  kmem_cache_alloc_node_noprof+0x228/0x6b0
[   93.250128]  __alloc_skb+0x2ab/0x370
[   93.250816]  hci_cmd_sync_alloc+0x34/0x300
[   93.251615]  __hci_cmd_sync_sk+0xf7/0x5c0
[   93.252450]  hci_read_dev_class_sync+0x2c/0x170
[   93.253378]  hci_dev_open_sync+0x1874/0x1f60
[   93.254262]  hci_power_on+0xdb/0x5d0
[   93.255014]  process_one_work+0x8e1/0x19c0
[   93.255707]  worker_thread+0x67e/0xe90
[   93.256289]  kthread+0x3c8/0x740
[   93.256802]  ret_from_fork+0x67a/0x7a0
[   93.257380]  ret_from_fork_asm+0x1a/0x30
[   93.258004] 
[   93.258271] Freed by task 295:
[   93.258746]  kasan_save_stack+0x24/0x50
[   93.259344]  kasan_save_track+0x14/0x30
[   93.259930]  kasan_save_free_info+0x3a/0x60
[   93.260578]  __kasan_slab_free+0x43/0x70
[   93.261177]  kmem_cache_free+0x26f/0x500
[   93.261797]  kfree_skbmem+0x18a/0x1f0
[   93.262373]  sk_skb_reason_drop+0x10e/0x1b0
[   93.263007]  vhci_read+0x3d5/0x5d0
[   93.263545]  vfs_read+0x1eb/0xc70
[   93.264056]  ksys_read+0x121/0x240
[   93.264587]  do_syscall_64+0xbf/0x430
[   93.265152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.265913] 
[   93.266176] The buggy address belongs to the object at ffff88800e8d8dc0
[   93.266176]  which belongs to the cache skbuff_head_cache of size 232
[   93.268024] The buggy address is located 56 bytes inside of
[   93.268024]  freed 232-byte region [ffff88800e8d8dc0, ffff88800e8d8ea8)
[   93.269737] 
[   93.269992] The buggy address belongs to the physical page:
[   93.270810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe8d8
[   93.271943] flags: 0x100000000000000(node=0|zone=1)
[   93.272661] page_type: f5(slab)
[   93.273158] raw: 0100000000000000 ffff8880096c78c0 ffffea00007bef00 dead000000000004
[   93.274280] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[   93.275384] page dumped because: kasan: bad access detected
[   93.276199] 
[   93.276456] Memory state around the buggy address:
[   93.277156]  ffff88800e8d8c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   93.278205]  ffff88800e8d8d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[   93.279241] >ffff88800e8d8d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   93.280285]                                                                 ^
[   93.281309]  ffff88800e8d8e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   93.282359]  ffff88800e8d8e80: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[   93.283394] ==================================================================
[   93.284589] Disabling lock debugging due to kernel taint
[   93.285788] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   93.288644] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   93.292294] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   93.294518] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   93.296460] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   93.307473] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   93.310294] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   93.310546] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   93.320679] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   93.322103] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   93.328508] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   93.329730] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   93.331216] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   93.334621] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   93.335827] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   93.337235] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   93.342318] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   93.345210] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   93.347937] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   93.348058] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   93.350236] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   93.351029] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   93.354307] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   93.355754] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   93.357034] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   93.358917] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   93.362617] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   93.365106] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   93.368918] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   93.374781] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   93.382660] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   93.391007] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   95.348144] Bluetooth: hci1: command tx timeout
[   95.348409] Bluetooth: hci2: command tx timeout
[   95.348641] Bluetooth: hci0: command tx timeout
[   95.412158] Bluetooth: hci6: command tx timeout
[   95.412582] Bluetooth: hci4: command tx timeout
[   95.412985] Bluetooth: hci5: command tx timeout
[   95.413422] Bluetooth: hci7: command tx timeout
[   95.413820] Bluetooth: hci3: command tx timeout
[   97.396156] Bluetooth: hci0: command tx timeout
[   97.396610] Bluetooth: hci2: command tx timeout
[   97.396994] Bluetooth: hci1: command tx timeout
[   97.460179] Bluetooth: hci3: command tx timeout
[   97.460227] Bluetooth: hci7: command tx timeout
[   97.460849] Bluetooth: hci5: command tx timeout
[   97.461049] Bluetooth: hci4: command tx timeout
[   97.461447] Bluetooth: hci6: command tx timeout
[   99.444190] Bluetooth: hci1: command tx timeout
[   99.444926] Bluetooth: hci2: command tx timeout
[   99.445645] Bluetooth: hci0: command tx timeout
[   99.508283] Bluetooth: hci4: command tx timeout
[   99.509557] Bluetooth: hci6: command tx timeout
[   99.509585] Bluetooth: hci5: command tx timeout
[   99.511132] Bluetooth: hci7: command tx timeout
[   99.511365] Bluetooth: hci3: command tx timeout
[  101.492145] Bluetooth: hci2: command tx timeout
[  101.493188] Bluetooth: hci0: command tx timeout
[  101.493591] Bluetooth: hci1: command tx timeout
[  101.556193] Bluetooth: hci7: command tx timeout
[  101.556606] Bluetooth: hci6: command tx timeout
[  101.556990] Bluetooth: hci4: command tx timeout
[  101.557985] Bluetooth: hci5: command tx timeout
[  101.558453] Bluetooth: hci3: command tx timeout

VM DIAGNOSIS:
04:33:22  Registers:
info registers vcpu 0
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8293dd05 RDI=ffffffff889747c0 RBP=ffffffff88974780 RSP=ffff88801c0b7618
R8 =0000000000000000 R9 =ffffed10016c5046 R10=0000000000000039 R11=fffffffffffc9878
R12=0000000000000039 R13=0000000000000010 R14=ffffffff88974780 R15=ffffffff8293dcf0
RIP=ffffffff8293dd5d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e538f000 00000000 00000000
LDT=0000 fffffe2300000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055555f34b6e8 CR3=000000000b85a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=2032323a33333a343020363120766f4e XMM01=5d3132393830322e33392020205b203a
XMM02=20333263307830206363206465746365 XMM03=6f7465756c42205d3132393830322e33
XMM04=2031323a33333a343020363120766f4e XMM05=65636f72703d7373616c63742030733a
XMM06=733a755f6d65747379733d747865746e XMM07=725f6d65747379733a755f6d65747379
XMM08=7475636578652d7a7973223d6d6d6f63 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000001 RBX=0000000000000001 RCX=ffffffff819eb31d RDX=ffff888013f18000
RSI=ffffffff819eb2b4 RDI=ffffffff85e1fd40 RBP=ffffffff85e1fd40 RSP=ffff888013f17ae0
R8 =0000000000000000 R9 =ffffed100118cb50 R10=0000000000000001 R11=0000000000000001
R12=ffffffff819eb2b4 R13=0000000000000002 R14=0000000000015690 R15=0000000000007aba
RIP=ffffffff81529b3c RFL=00000247 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 00000000 00000000
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f9afdedd900 00000000 00000000
GS =0000 ffff8880e548f000 00000000 00000000
LDT=0000 fffffe4000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9afd2dd700 CR3=000000000b6cb000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=494e4f544f4e4f4d5f454352554f535f XMM01=49545f43494e4f544f4e4f4d5f454352
XMM02=38303062343861363036386166633561 XMM03=2f6c616e72756f6a2f676f6c2f6e7572
XMM04=03492a1565553d510000000000130368 XMM05=d3fdd5f48436fbd700000000000aead0
XMM06=548def5562c9b88d00000000000ae988 XMM07=00000000000000000000000000000000
XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000
XMM10=20200000000020202020202020200000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000