Warning: Permanently added '[localhost]:46653' (ECDSA) to the list of known hosts.
2025/11/16 08:03:42 fuzzer started
2025/11/16 08:03:42 dialing manager at localhost:37161
syzkaller login: [   50.394760] cgroup: Unknown subsys name 'net'
[   50.462171] cgroup: Unknown subsys name 'cpuset'
[   50.476772] cgroup: Unknown subsys name 'rlimit'
2025/11/16 08:03:53 syscalls: 2214
2025/11/16 08:03:53 code coverage: enabled
2025/11/16 08:03:53 comparison tracing: enabled
2025/11/16 08:03:53 extra coverage: enabled
2025/11/16 08:03:53 setuid sandbox: enabled
2025/11/16 08:03:53 namespace sandbox: enabled
2025/11/16 08:03:53 Android sandbox: enabled
2025/11/16 08:03:53 fault injection: enabled
2025/11/16 08:03:53 leak checking: enabled
2025/11/16 08:03:53 net packet injection: enabled
2025/11/16 08:03:53 net device setup: enabled
2025/11/16 08:03:53 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/11/16 08:03:53 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/11/16 08:03:53 USB emulation: enabled
2025/11/16 08:03:53 hci packet injection: enabled
2025/11/16 08:03:53 wifi device emulation: enabled
2025/11/16 08:03:53 802.15.4 emulation: enabled
2025/11/16 08:03:54 fetching corpus: 50, signal 27034/28852 (executing program)
2025/11/16 08:03:54 fetching corpus: 100, signal 37559/41046 (executing program)
2025/11/16 08:03:54 fetching corpus: 150, signal 49157/54144 (executing program)
2025/11/16 08:03:54 fetching corpus: 200, signal 54208/60696 (executing program)
2025/11/16 08:03:54 fetching corpus: 250, signal 58573/66522 (executing program)
2025/11/16 08:03:55 fetching corpus: 300, signal 60939/70349 (executing program)
2025/11/16 08:03:55 fetching corpus: 350, signal 63792/74631 (executing program)
2025/11/16 08:03:55 fetching corpus: 400, signal 70153/82184 (executing program)
2025/11/16 08:03:55 fetching corpus: 450, signal 73013/86359 (executing program)
2025/11/16 08:03:55 fetching corpus: 500, signal 78115/92590 (executing program)
2025/11/16 08:03:55 fetching corpus: 550, signal 84409/99809 (executing program)
2025/11/16 08:03:55 fetching corpus: 600, signal 86624/103211 (executing program)
2025/11/16 08:03:55 fetching corpus: 650, signal 89798/107489 (executing program)
2025/11/16 08:03:55 fetching corpus: 700, signal 91934/110741 (executing program)
2025/11/16 08:03:55 fetching corpus: 750, signal 93606/113604 (executing program)
2025/11/16 08:03:56 fetching corpus: 800, signal 95228/116383 (executing program)
2025/11/16 08:03:56 fetching corpus: 850, signal 97354/119580 (executing program)
2025/11/16 08:03:56 fetching corpus: 900, signal 100207/123398 (executing program)
2025/11/16 08:03:56 fetching corpus: 950, signal 101600/125891 (executing program)
2025/11/16 08:03:56 fetching corpus: 1000, signal 103691/128973 (executing program)
2025/11/16 08:03:56 fetching corpus: 1050, signal 105309/131638 (executing program)
2025/11/16 08:03:56 fetching corpus: 1100, signal 107119/134431 (executing program)
2025/11/16 08:03:56 fetching corpus: 1150, signal 108776/137088 (executing program)
2025/11/16 08:03:56 fetching corpus: 1200, signal 112332/141272 (executing program)
2025/11/16 08:03:57 fetching corpus: 1250, signal 114132/143961 (executing program)
2025/11/16 08:03:57 fetching corpus: 1300, signal 115253/146072 (executing program)
2025/11/16 08:03:57 fetching corpus: 1350, signal 116790/148507 (executing program)
2025/11/16 08:03:57 fetching corpus: 1400, signal 118036/150683 (executing program)
2025/11/16 08:03:57 fetching corpus: 1450, signal 119071/152675 (executing program)
2025/11/16 08:03:57 fetching corpus: 1500, signal 121063/155445 (executing program)
2025/11/16 08:03:57 fetching corpus: 1550, signal 122935/158043 (executing program)
2025/11/16 08:03:57 fetching corpus: 1600, signal 124267/160203 (executing program)
2025/11/16 08:03:57 fetching corpus: 1650, signal 125732/162405 (executing program)
2025/11/16 08:03:58 fetching corpus: 1700, signal 127190/164615 (executing program)
2025/11/16 08:03:58 fetching corpus: 1750, signal 128358/166606 (executing program)
2025/11/16 08:03:58 fetching corpus: 1800, signal 129641/168624 (executing program)
2025/11/16 08:03:58 fetching corpus: 1850, signal 130970/170666 (executing program)
2025/11/16 08:03:58 fetching corpus: 1900, signal 132170/172629 (executing program)
2025/11/16 08:03:58 fetching corpus: 1950, signal 133154/174401 (executing program)
2025/11/16 08:03:58 fetching corpus: 2000, signal 134240/176200 (executing program)
2025/11/16 08:03:58 fetching corpus: 2050, signal 135767/178354 (executing program)
2025/11/16 08:03:58 fetching corpus: 2100, signal 137064/180296 (executing program)
2025/11/16 08:03:58 fetching corpus: 2150, signal 138041/182003 (executing program)
2025/11/16 08:03:58 fetching corpus: 2200, signal 138680/183487 (executing program)
2025/11/16 08:03:59 fetching corpus: 2250, signal 139580/185114 (executing program)
2025/11/16 08:03:59 fetching corpus: 2300, signal 140875/186996 (executing program)
2025/11/16 08:03:59 fetching corpus: 2350, signal 141758/188597 (executing program)
2025/11/16 08:03:59 fetching corpus: 2400, signal 142632/190170 (executing program)
2025/11/16 08:03:59 fetching corpus: 2450, signal 143432/191651 (executing program)
2025/11/16 08:03:59 fetching corpus: 2500, signal 144923/193582 (executing program)
2025/11/16 08:03:59 fetching corpus: 2550, signal 145641/195019 (executing program)
2025/11/16 08:03:59 fetching corpus: 2600, signal 146547/196558 (executing program)
2025/11/16 08:04:00 fetching corpus: 2650, signal 147645/198189 (executing program)
2025/11/16 08:04:00 fetching corpus: 2700, signal 148352/199593 (executing program)
2025/11/16 08:04:00 fetching corpus: 2750, signal 149450/201197 (executing program)
2025/11/16 08:04:00 fetching corpus: 2800, signal 150274/202591 (executing program)
2025/11/16 08:04:00 fetching corpus: 2850, signal 150877/203883 (executing program)
2025/11/16 08:04:00 fetching corpus: 2900, signal 151570/205242 (executing program)
2025/11/16 08:04:00 fetching corpus: 2950, signal 152369/206647 (executing program)
2025/11/16 08:04:00 fetching corpus: 3000, signal 153055/207951 (executing program)
2025/11/16 08:04:00 fetching corpus: 3050, signal 153656/209202 (executing program)
2025/11/16 08:04:00 fetching corpus: 3100, signal 154095/210353 (executing program)
2025/11/16 08:04:00 fetching corpus: 3150, signal 154882/211692 (executing program)
2025/11/16 08:04:01 fetching corpus: 3200, signal 155672/212972 (executing program)
2025/11/16 08:04:01 fetching corpus: 3250, signal 156231/214155 (executing program)
2025/11/16 08:04:01 fetching corpus: 3300, signal 156923/215423 (executing program)
2025/11/16 08:04:01 fetching corpus: 3350, signal 157703/216688 (executing program)
2025/11/16 08:04:01 fetching corpus: 3400, signal 158386/217938 (executing program)
2025/11/16 08:04:01 fetching corpus: 3450, signal 159027/219139 (executing program)
2025/11/16 08:04:01 fetching corpus: 3500, signal 159416/220217 (executing program)
2025/11/16 08:04:01 fetching corpus: 3550, signal 160138/221436 (executing program)
2025/11/16 08:04:01 fetching corpus: 3600, signal 160819/222620 (executing program)
2025/11/16 08:04:01 fetching corpus: 3650, signal 161497/223839 (executing program)
2025/11/16 08:04:02 fetching corpus: 3700, signal 162028/224988 (executing program)
2025/11/16 08:04:02 fetching corpus: 3750, signal 162572/226060 (executing program)
2025/11/16 08:04:02 fetching corpus: 3800, signal 163317/227280 (executing program)
2025/11/16 08:04:02 fetching corpus: 3850, signal 164241/228519 (executing program)
2025/11/16 08:04:02 fetching corpus: 3900, signal 164980/229691 (executing program)
2025/11/16 08:04:02 fetching corpus: 3950, signal 165577/230750 (executing program)
2025/11/16 08:04:02 fetching corpus: 4000, signal 166148/231869 (executing program)
2025/11/16 08:04:02 fetching corpus: 4050, signal 166796/232958 (executing program)
2025/11/16 08:04:02 fetching corpus: 4100, signal 167403/233993 (executing program)
2025/11/16 08:04:03 fetching corpus: 4150, signal 167943/234980 (executing program)
2025/11/16 08:04:03 fetching corpus: 4200, signal 168573/236081 (executing program)
2025/11/16 08:04:03 fetching corpus: 4250, signal 169151/237096 (executing program)
2025/11/16 08:04:03 fetching corpus: 4300, signal 169876/238195 (executing program)
2025/11/16 08:04:03 fetching corpus: 4350, signal 170486/239211 (executing program)
2025/11/16 08:04:03 fetching corpus: 4400, signal 170936/240147 (executing program)
2025/11/16 08:04:03 fetching corpus: 4450, signal 171571/241209 (executing program)
2025/11/16 08:04:03 fetching corpus: 4500, signal 172174/242216 (executing program)
2025/11/16 08:04:03 fetching corpus: 4550, signal 172669/243160 (executing program)
2025/11/16 08:04:03 fetching corpus: 4600, signal 173204/244164 (executing program)
2025/11/16 08:04:04 fetching corpus: 4650, signal 173894/245159 (executing program)
2025/11/16 08:04:04 fetching corpus: 4700, signal 174397/246109 (executing program)
2025/11/16 08:04:04 fetching corpus: 4750, signal 175099/247086 (executing program)
2025/11/16 08:04:04 fetching corpus: 4800, signal 175619/247987 (executing program)
2025/11/16 08:04:04 fetching corpus: 4850, signal 176358/248994 (executing program)
2025/11/16 08:04:04 fetching corpus: 4900, signal 177169/250030 (executing program)
2025/11/16 08:04:04 fetching corpus: 4950, signal 177506/250875 (executing program)
2025/11/16 08:04:05 fetching corpus: 5000, signal 178004/251749 (executing program)
2025/11/16 08:04:05 fetching corpus: 5050, signal 178292/252593 (executing program)
2025/11/16 08:04:05 fetching corpus: 5100, signal 178751/253452 (executing program)
2025/11/16 08:04:05 fetching corpus: 5150, signal 179535/254377 (executing program)
2025/11/16 08:04:06 fetching corpus: 5200, signal 180169/255273 (executing program)
2025/11/16 08:04:06 fetching corpus: 5250, signal 180629/256083 (executing program)
2025/11/16 08:04:06 fetching corpus: 5300, signal 181460/256995 (executing program)
2025/11/16 08:04:06 fetching corpus: 5350, signal 182078/257862 (executing program)
2025/11/16 08:04:06 fetching corpus: 5400, signal 182439/258594 (executing program)
2025/11/16 08:04:06 fetching corpus: 5450, signal 182799/259354 (executing program)
2025/11/16 08:04:06 fetching corpus: 5500, signal 183100/260117 (executing program)
2025/11/16 08:04:06 fetching corpus: 5550, signal 183947/260990 (executing program)
2025/11/16 08:04:06 fetching corpus: 5600, signal 184294/261769 (executing program)
2025/11/16 08:04:06 fetching corpus: 5650, signal 184835/262578 (executing program)
2025/11/16 08:04:06 fetching corpus: 5700, signal 185328/263311 (executing program)
2025/11/16 08:04:07 fetching corpus: 5750, signal 185877/264097 (executing program)
2025/11/16 08:04:07 fetching corpus: 5800, signal 186484/264892 (executing program)
2025/11/16 08:04:07 fetching corpus: 5850, signal 186939/265669 (executing program)
2025/11/16 08:04:07 fetching corpus: 5900, signal 187185/266421 (executing program)
2025/11/16 08:04:07 fetching corpus: 5950, signal 187508/267131 (executing program)
2025/11/16 08:04:07 fetching corpus: 6000, signal 188001/267905 (executing program)
2025/11/16 08:04:07 fetching corpus: 6050, signal 188362/268646 (executing program)
2025/11/16 08:04:07 fetching corpus: 6100, signal 188699/269368 (executing program)
2025/11/16 08:04:07 fetching corpus: 6150, signal 188972/270036 (executing program)
2025/11/16 08:04:07 fetching corpus: 6200, signal 189316/270765 (executing program)
2025/11/16 08:04:08 fetching corpus: 6250, signal 189642/271456 (executing program)
2025/11/16 08:04:08 fetching corpus: 6300, signal 190019/272144 (executing program)
2025/11/16 08:04:08 fetching corpus: 6350, signal 190526/272851 (executing program)
2025/11/16 08:04:08 fetching corpus: 6400, signal 190923/273546 (executing program)
2025/11/16 08:04:08 fetching corpus: 6450, signal 191348/274260 (executing program)
2025/11/16 08:04:08 fetching corpus: 6500, signal 191682/274883 (executing program)
2025/11/16 08:04:08 fetching corpus: 6550, signal 192613/275588 (executing program)
2025/11/16 08:04:08 fetching corpus: 6600, signal 193073/276213 (executing program)
2025/11/16 08:04:08 fetching corpus: 6650, signal 193405/276829 (executing program)
2025/11/16 08:04:09 fetching corpus: 6700, signal 193745/277457 (executing program)
2025/11/16 08:04:09 fetching corpus: 6750, signal 194261/278103 (executing program)
2025/11/16 08:04:09 fetching corpus: 6800, signal 194615/278738 (executing program)
2025/11/16 08:04:09 fetching corpus: 6850, signal 194874/279334 (executing program)
2025/11/16 08:04:09 fetching corpus: 6900, signal 195155/279967 (executing program)
2025/11/16 08:04:09 fetching corpus: 6950, signal 195671/280586 (executing program)
2025/11/16 08:04:09 fetching corpus: 7000, signal 196117/281198 (executing program)
2025/11/16 08:04:09 fetching corpus: 7050, signal 196567/281702 (executing program)
2025/11/16 08:04:09 fetching corpus: 7100, signal 196888/281702 (executing program)
2025/11/16 08:04:09 fetching corpus: 7150, signal 197220/281702 (executing program)
2025/11/16 08:04:10 fetching corpus: 7200, signal 197631/281702 (executing program)
2025/11/16 08:04:10 fetching corpus: 7250, signal 198025/281704 (executing program)
2025/11/16 08:04:10 fetching corpus: 7300, signal 198279/281705 (executing program)
2025/11/16 08:04:10 fetching corpus: 7350, signal 198706/281711 (executing program)
2025/11/16 08:04:10 fetching corpus: 7400, signal 199211/281711 (executing program)
2025/11/16 08:04:10 fetching corpus: 7450, signal 199475/281711 (executing program)
2025/11/16 08:04:10 fetching corpus: 7500, signal 199830/281711 (executing program)
2025/11/16 08:04:10 fetching corpus: 7550, signal 200186/281711 (executing program)
2025/11/16 08:04:10 fetching corpus: 7600, signal 200559/281713 (executing program)
2025/11/16 08:04:10 fetching corpus: 7650, signal 200819/281713 (executing program)
2025/11/16 08:04:11 fetching corpus: 7700, signal 201192/281713 (executing program)
2025/11/16 08:04:11 fetching corpus: 7750, signal 201452/281713 (executing program)
2025/11/16 08:04:11 fetching corpus: 7800, signal 201896/281717 (executing program)
2025/11/16 08:04:11 fetching corpus: 7850, signal 202195/281717 (executing program)
2025/11/16 08:04:11 fetching corpus: 7900, signal 202537/281717 (executing program)
2025/11/16 08:04:11 fetching corpus: 7950, signal 202756/281717 (executing program)
2025/11/16 08:04:11 fetching corpus: 8000, signal 203144/281717 (executing program)
2025/11/16 08:04:11 fetching corpus: 8050, signal 203407/281717 (executing program)
2025/11/16 08:04:11 fetching corpus: 8100, signal 203671/281717 (executing program)
2025/11/16 08:04:11 fetching corpus: 8150, signal 204040/281717 (executing program)
2025/11/16 08:04:11 fetching corpus: 8200, signal 204279/281717 (executing program)
2025/11/16 08:04:11 fetching corpus: 8250, signal 204481/281717 (executing program)
2025/11/16 08:04:12 fetching corpus: 8300, signal 204773/281717 (executing program)
2025/11/16 08:04:12 fetching corpus: 8350, signal 205068/281717 (executing program)
2025/11/16 08:04:12 fetching corpus: 8400, signal 205318/281717 (executing program)
2025/11/16 08:04:12 fetching corpus: 8450, signal 205618/281717 (executing program)
2025/11/16 08:04:12 fetching corpus: 8500, signal 205882/281717 (executing program)
2025/11/16 08:04:12 fetching corpus: 8550, signal 206184/281717 (executing program)
2025/11/16 08:04:12 fetching corpus: 8600, signal 206413/281717 (executing program)
2025/11/16 08:04:12 fetching corpus: 8650, signal 206616/281717 (executing program)
2025/11/16 08:04:12 fetching corpus: 8700, signal 207079/281717 (executing program)
2025/11/16 08:04:12 fetching corpus: 8750, signal 207342/281717 (executing program)
2025/11/16 08:04:12 fetching corpus: 8800, signal 207783/281718 (executing program)
2025/11/16 08:04:13 fetching corpus: 8850, signal 208085/281718 (executing program)
2025/11/16 08:04:13 fetching corpus: 8900, signal 208409/281734 (executing program)
2025/11/16 08:04:13 fetching corpus: 8950, signal 208691/281734 (executing program)
2025/11/16 08:04:13 fetching corpus: 9000, signal 208943/281734 (executing program)
2025/11/16 08:04:13 fetching corpus: 9050, signal 209139/281737 (executing program)
2025/11/16 08:04:13 fetching corpus: 9100, signal 209403/281737 (executing program)
2025/11/16 08:04:13 fetching corpus: 9150, signal 209609/281737 (executing program)
2025/11/16 08:04:13 fetching corpus: 9200, signal 209901/281737 (executing program)
2025/11/16 08:04:13 fetching corpus: 9250, signal 210182/281737 (executing program)
2025/11/16 08:04:13 fetching corpus: 9300, signal 210421/281737 (executing program)
2025/11/16 08:04:14 fetching corpus: 9350, signal 210660/281737 (executing program)
2025/11/16 08:04:14 fetching corpus: 9400, signal 210949/281737 (executing program)
2025/11/16 08:04:14 fetching corpus: 9450, signal 211309/281737 (executing program)
2025/11/16 08:04:14 fetching corpus: 9500, signal 211487/281737 (executing program)
2025/11/16 08:04:14 fetching corpus: 9550, signal 211854/281737 (executing program)
2025/11/16 08:04:14 fetching corpus: 9600, signal 212119/281737 (executing program)
2025/11/16 08:04:14 fetching corpus: 9650, signal 212413/281737 (executing program)
2025/11/16 08:04:14 fetching corpus: 9700, signal 212583/281737 (executing program)
2025/11/16 08:04:14 fetching corpus: 9750, signal 212870/281737 (executing program)
2025/11/16 08:04:15 fetching corpus: 9800, signal 213107/281737 (executing program)
2025/11/16 08:04:15 fetching corpus: 9850, signal 213329/281737 (executing program)
2025/11/16 08:04:15 fetching corpus: 9900, signal 213509/281737 (executing program)
2025/11/16 08:04:15 fetching corpus: 9950, signal 213696/281737 (executing program)
2025/11/16 08:04:15 fetching corpus: 10000, signal 213919/281737 (executing program)
2025/11/16 08:04:15 fetching corpus: 10050, signal 214147/281737 (executing program)
2025/11/16 08:04:15 fetching corpus: 10100, signal 214357/281737 (executing program)
2025/11/16 08:04:15 fetching corpus: 10150, signal 214608/281737 (executing program)
2025/11/16 08:04:15 fetching corpus: 10200, signal 214918/281737 (executing program)
2025/11/16 08:04:15 fetching corpus: 10250, signal 215118/281737 (executing program)
2025/11/16 08:04:15 fetching corpus: 10300, signal 215434/281737 (executing program)
2025/11/16 08:04:16 fetching corpus: 10350, signal 215908/281737 (executing program)
2025/11/16 08:04:16 fetching corpus: 10400, signal 216064/281739 (executing program)
2025/11/16 08:04:16 fetching corpus: 10450, signal 216289/281739 (executing program)
2025/11/16 08:04:16 fetching corpus: 10500, signal 216486/281739 (executing program)
2025/11/16 08:04:16 fetching corpus: 10550, signal 217200/281739 (executing program)
2025/11/16 08:04:16 fetching corpus: 10600, signal 217623/281739 (executing program)
2025/11/16 08:04:16 fetching corpus: 10650, signal 217868/281739 (executing program)
2025/11/16 08:04:16 fetching corpus: 10700, signal 218063/281739 (executing program)
2025/11/16 08:04:16 fetching corpus: 10750, signal 218330/281739 (executing program)
2025/11/16 08:04:16 fetching corpus: 10800, signal 218483/281739 (executing program)
2025/11/16 08:04:17 fetching corpus: 10850, signal 218752/281739 (executing program)
2025/11/16 08:04:17 fetching corpus: 10900, signal 219080/281739 (executing program)
2025/11/16 08:04:17 fetching corpus: 10950, signal 219244/281739 (executing program)
2025/11/16 08:04:17 fetching corpus: 11000, signal 219495/281739 (executing program)
2025/11/16 08:04:17 fetching corpus: 11050, signal 219758/281739 (executing program)
2025/11/16 08:04:17 fetching corpus: 11100, signal 219961/281739 (executing program)
2025/11/16 08:04:17 fetching corpus: 11150, signal 220160/281739 (executing program)
2025/11/16 08:04:17 fetching corpus: 11200, signal 220439/281739 (executing program)
2025/11/16 08:04:17 fetching corpus: 11250, signal 220733/281739 (executing program)
2025/11/16 08:04:18 fetching corpus: 11300, signal 220987/281739 (executing program)
2025/11/16 08:04:18 fetching corpus: 11350, signal 221199/281739 (executing program)
2025/11/16 08:04:18 fetching corpus: 11400, signal 221380/281739 (executing program)
2025/11/16 08:04:18 fetching corpus: 11450, signal 221652/281739 (executing program)
2025/11/16 08:04:18 fetching corpus: 11500, signal 221848/281739 (executing program)
2025/11/16 08:04:18 fetching corpus: 11550, signal 222043/281739 (executing program)
2025/11/16 08:04:18 fetching corpus: 11600, signal 222306/281739 (executing program)
2025/11/16 08:04:18 fetching corpus: 11650, signal 222592/281739 (executing program)
2025/11/16 08:04:18 fetching corpus: 11700, signal 222860/281739 (executing program)
2025/11/16 08:04:18 fetching corpus: 11750, signal 223084/281739 (executing program)
2025/11/16 08:04:18 fetching corpus: 11800, signal 223300/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 11850, signal 223506/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 11900, signal 223732/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 11950, signal 223912/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 12000, signal 224249/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 12050, signal 224459/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 12100, signal 224641/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 12150, signal 224819/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 12200, signal 225054/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 12250, signal 225203/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 12300, signal 225482/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 12350, signal 225746/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 12400, signal 225887/281739 (executing program)
2025/11/16 08:04:19 fetching corpus: 12450, signal 226167/281739 (executing program)
2025/11/16 08:04:20 fetching corpus: 12500, signal 226332/281739 (executing program)
2025/11/16 08:04:20 fetching corpus: 12550, signal 226487/281739 (executing program)
2025/11/16 08:04:20 fetching corpus: 12600, signal 226705/281739 (executing program)
2025/11/16 08:04:20 fetching corpus: 12650, signal 227027/281740 (executing program)
2025/11/16 08:04:20 fetching corpus: 12700, signal 227189/281740 (executing program)
2025/11/16 08:04:20 fetching corpus: 12750, signal 227371/281740 (executing program)
2025/11/16 08:04:20 fetching corpus: 12800, signal 227593/281740 (executing program)
2025/11/16 08:04:20 fetching corpus: 12850, signal 227778/281740 (executing program)
2025/11/16 08:04:20 fetching corpus: 12900, signal 227997/281740 (executing program)
2025/11/16 08:04:20 fetching corpus: 12950, signal 228174/281740 (executing program)
2025/11/16 08:04:21 fetching corpus: 13000, signal 228415/281740 (executing program)
2025/11/16 08:04:21 fetching corpus: 13050, signal 228622/281740 (executing program)
2025/11/16 08:04:21 fetching corpus: 13100, signal 228808/281740 (executing program)
2025/11/16 08:04:21 fetching corpus: 13150, signal 229046/281740 (executing program)
2025/11/16 08:04:21 fetching corpus: 13200, signal 229237/281747 (executing program)
2025/11/16 08:04:21 fetching corpus: 13250, signal 229406/281747 (executing program)
2025/11/16 08:04:21 fetching corpus: 13300, signal 229600/281747 (executing program)
2025/11/16 08:04:21 fetching corpus: 13350, signal 229860/281747 (executing program)
2025/11/16 08:04:21 fetching corpus: 13400, signal 229995/281747 (executing program)
2025/11/16 08:04:21 fetching corpus: 13450, signal 230200/281747 (executing program)
2025/11/16 08:04:21 fetching corpus: 13500, signal 230532/281747 (executing program)
2025/11/16 08:04:21 fetching corpus: 13550, signal 230716/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 13600, signal 230906/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 13650, signal 231098/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 13700, signal 231252/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 13750, signal 231477/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 13800, signal 231633/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 13850, signal 231813/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 13900, signal 232008/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 13950, signal 232188/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 14000, signal 232352/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 14050, signal 232513/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 14100, signal 232713/281747 (executing program)
2025/11/16 08:04:22 fetching corpus: 14150, signal 232827/281747 (executing program)
2025/11/16 08:04:23 fetching corpus: 14200, signal 233018/281747 (executing program)
2025/11/16 08:04:23 fetching corpus: 14250, signal 233154/281747 (executing program)
2025/11/16 08:04:23 fetching corpus: 14300, signal 233307/281747 (executing program)
2025/11/16 08:04:23 fetching corpus: 14350, signal 233503/281747 (executing program)
2025/11/16 08:04:23 fetching corpus: 14400, signal 233667/281747 (executing program)
2025/11/16 08:04:23 fetching corpus: 14450, signal 233847/281747 (executing program)
2025/11/16 08:04:23 fetching corpus: 14500, signal 233997/281747 (executing program)
2025/11/16 08:04:23 fetching corpus: 14550, signal 234202/281747 (executing program)
2025/11/16 08:04:23 fetching corpus: 14600, signal 234374/281747 (executing program)
2025/11/16 08:04:23 fetching corpus: 14650, signal 234615/281747 (executing program)
2025/11/16 08:04:24 fetching corpus: 14700, signal 234813/281747 (executing program)
2025/11/16 08:04:24 fetching corpus: 14750, signal 234983/281747 (executing program)
2025/11/16 08:04:24 fetching corpus: 14800, signal 235133/281747 (executing program)
2025/11/16 08:04:24 fetching corpus: 14850, signal 235347/281747 (executing program)
2025/11/16 08:04:24 fetching corpus: 14900, signal 235482/281747 (executing program)
2025/11/16 08:04:24 fetching corpus: 14950, signal 235648/281747 (executing program)
2025/11/16 08:04:24 fetching corpus: 15000, signal 235894/281747 (executing program)
2025/11/16 08:04:24 fetching corpus: 15050, signal 236102/281747 (executing program)
2025/11/16 08:04:24 fetching corpus: 15100, signal 236305/281747 (executing program)
2025/11/16 08:04:24 fetching corpus: 15150, signal 236443/281747 (executing program)
2025/11/16 08:04:25 fetching corpus: 15200, signal 236613/281747 (executing program)
2025/11/16 08:04:25 fetching corpus: 15250, signal 236869/281747 (executing program)
2025/11/16 08:04:25 fetching corpus: 15300, signal 237170/281747 (executing program)
2025/11/16 08:04:25 fetching corpus: 15350, signal 237391/281747 (executing program)
2025/11/16 08:04:25 fetching corpus: 15400, signal 238312/281747 (executing program)
2025/11/16 08:04:25 fetching corpus: 15450, signal 238497/281747 (executing program)
2025/11/16 08:04:25 fetching corpus: 15500, signal 238624/281747 (executing program)
2025/11/16 08:04:25 fetching corpus: 15550, signal 238774/281748 (executing program)
2025/11/16 08:04:25 fetching corpus: 15600, signal 238996/281748 (executing program)
2025/11/16 08:04:25 fetching corpus: 15650, signal 239156/281748 (executing program)
2025/11/16 08:04:25 fetching corpus: 15700, signal 239330/281748 (executing program)
2025/11/16 08:04:25 fetching corpus: 15750, signal 239576/281748 (executing program)
2025/11/16 08:04:26 fetching corpus: 15800, signal 239715/281749 (executing program)
2025/11/16 08:04:26 fetching corpus: 15850, signal 239895/281749 (executing program)
2025/11/16 08:04:26 fetching corpus: 15900, signal 240139/281749 (executing program)
2025/11/16 08:04:26 fetching corpus: 15950, signal 240277/281749 (executing program)
2025/11/16 08:04:26 fetching corpus: 16000, signal 240436/281749 (executing program)
2025/11/16 08:04:26 fetching corpus: 16050, signal 240582/281749 (executing program)
2025/11/16 08:04:26 fetching corpus: 16100, signal 240714/281749 (executing program)
2025/11/16 08:04:26 fetching corpus: 16150, signal 240931/281749 (executing program)
2025/11/16 08:04:26 fetching corpus: 16200, signal 241110/281749 (executing program)
2025/11/16 08:04:27 fetching corpus: 16250, signal 241247/281749 (executing program)
2025/11/16 08:04:27 fetching corpus: 16300, signal 241431/281749 (executing program)
2025/11/16 08:04:27 fetching corpus: 16350, signal 241583/281749 (executing program)
2025/11/16 08:04:27 fetching corpus: 16358, signal 241609/281749 (executing program)
2025/11/16 08:04:27 fetching corpus: 16358, signal 241609/281749 (executing program)
2025/11/16 08:04:29 starting 8 fuzzer processes
08:04:29 executing program 0:
r0 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
pread64(r0, &(0x7f0000000040)=""/60, 0x3c, 0x77)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x20, 0x7, 0x2ef, 0xff, 0x1})
fallocate(0xffffffffffffffff, 0x68, 0xbc03, 0x4832)
r1 = fork()
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f00000000c0)="60a5b20179567a9a55835294e8eb660c03849be21e8c18dc6342cc6e073ff1a7f3875a7fcc0c40a8ffaf1ab0390079447013f26763938c73b984997f506d458b8ce594b6c1cccfec749a19aee51f86d05d0f9bac3283658a723b5112ae29fb658f9d17f239062d81b3802b910b9b531175a4f9eb2da8a1c7c114588ebc12e5de3c7593cba218d3bb164257d1e6d9d01e0d5fd848e156b2396bddb04a47541d57596aff26b51a6b33c80114d14247e2da2eb86fbb4ba9558621ba41a71929e5e86f18c077a58deecca2210f778cdbbd5952c92715f2bf4a78a58b81465145f40e086adea22aa66e63d0942f1eea752bc6ab9e1156fa67507b3f56be42be9a5dd5")
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r2=>r0, {0x1}}, './file0\x00'})
r3 = accept4(0xffffffffffffffff, &(0x7f0000000280)=@nfc_llcp, &(0x7f0000000300)=0x80, 0x800)
r4 = syz_open_procfs(r1, &(0x7f0000000340)='net/llc/socket\x00')
r5 = open$dir(&(0x7f0000000380)='./file0\x00', 0x101080, 0x2)
sendmsg$netlink(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000200)={0x18, 0x3f, 0x304, 0x70bd27, 0x25dfdbff, "", [@typed={0x8, 0x3a, 0x0, 0x0, @uid=0xffffffffffffffff}]}, 0x18}], 0x1, &(0x7f00000003c0)=[@rights={{0x28, 0x1, 0x1, [r0, r3, r0, r0, r0, r4]}}, @cred={{0x1c, 0x1, 0x2, {r1, 0xee01}}}, @rights={{0x1c, 0x1, 0x1, [r0, r0, r0]}}, @rights={{0x20, 0x1, 0x1, [r0, r0, r0, r0]}}, @rights={{0x14, 0x1, 0x1, [r5]}}, @cred={{0x1c, 0x1, 0x2, {r1, 0xee01, 0xee00}}}], 0xc0, 0x4800}, 0x80)
r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000004c0), 0x10040, 0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(r6, &(0x7f0000000880)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000840)={&(0x7f0000000540)={0x2d4, 0x0, 0x610, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0x8c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fffffff}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_NET={0x40, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x42}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7fff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x80000000}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x43a}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}]}, @TIPC_NLA_BEARER={0x84, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff8001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}]}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1068}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x61}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'erspan0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x791aeffb}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_BEARER={0x158, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0xdaa, @mcast1, 0x7}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x1, @private0, 0x2}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x8, @remote, 0x9}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @local}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x6580, @dev={0xfe, 0x80, '\x00', 0xf}}}}}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1134}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x40}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x529}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}]}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x81}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe9d0}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10001}]}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffff5ee}]}]}, 0x2d4}, 0x1, 0x0, 0x0, 0x40}, 0x11)
r7 = fsmount(r4, 0x0, 0x88)
ioctl$EVIOCRMFF(r7, 0x40044581, &(0x7f00000008c0)=0x400)
r8 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000900), 0x8000, 0x0)
signalfd(r8, &(0x7f0000000940)={[0x9]}, 0x8)
ptrace$peeksig(0x4209, r1, &(0x7f0000000980)={0x6, 0x1, 0x1}, &(0x7f00000009c0)=[{}])
fcntl$setflags(r4, 0x2, 0x1)

08:04:29 executing program 1:
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {<r1=>0xffffffffffffffff}}, './file0\x00'})
sendmsg$AUDIT_USER_TTY(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xdc, 0x464, 0x200, 0x70bd29, 0x25dfdbfb, "2415079e7bbad4e4069047c2a889c834aa6eaa2b90a85c96c3a1af9bf033565c8e6b6fb7d7a8419824e2a397ad3a0cb69c1245de048ad1325c075305bcfc915448e6f8e9bac1fbc27a79e087e25bfc41b9f10afb132ca83bfadf040961dcd51b0a257d9a8537b9ab4fb1303d9c1ae60a07f43b389f62adb156e7cf9cdf17b48d67d582ae97e67677e59bc54913797bd05b537f02052583804a99df55d9ccb40a17da27100ee9eff1f0a4723742812f74a6dcd6e1aeb3b93b02c961ca615aabc1179187bb1882ea4aab77", ["", "", "", "", ""]}, 0xdc}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
r2 = accept$packet(r0, 0x0, &(0x7f0000000200))
copy_file_range(r2, &(0x7f0000000240)=0x8, r1, 0x0, 0x4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x80087601, &(0x7f0000000280))
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000380)={'syztnl2\x00', &(0x7f0000000300)={'syztnl0\x00', <r3=>0x0, 0x7, 0x20, 0x5, 0x38, {{0xa, 0x4, 0x2, 0xc, 0x28, 0x64, 0x0, 0x9, 0x29, 0x0, @broadcast, @multicast1, {[@lsrr={0x83, 0xf, 0x51, [@private=0xa010100, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @generic={0x82, 0x4, "2211"}, @noop]}}}}})
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000800)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000007c0)={&(0x7f00000003c0)={0x3c8, 0x12, 0x200, 0x70bd26, 0x25dfdbfd, {0x10, 0x7c, 0x2, 0x35, {0x4e24, 0x4e24, [0x2, 0x4, 0x7fff, 0x80000001], [0x7, 0x2, 0x80000000, 0xb81], r3, [0x4, 0x5]}, 0x3f, 0x7}, [@INET_DIAG_REQ_BYTECODE={0xbb, 0x1, "1910fcaff19c3ee04da878ba94da1629194f387a4b67cdaebb16ff674e193a59e57c538fec3bf8f529e7911d8f71663036e6816a72cf658dc096c97e374841d746ee4eb8516b229cda3184d01db64840e558ef37b06382b0fe28f12a40a833e2d345c45b4e9286ed0e5c322f82ff44f50ddd21906eea973e27f0b4953cf1cab1b3bff7a93c59c5e81f5bae0e8ace31400baa4e5448b4ae51d0392a2a684d50a29325888fbd0fbc3d144b2b1ec5ca41a59ebfce58b5ae5e"}, @INET_DIAG_REQ_BYTECODE={0x6c, 0x1, "cce5253dbb09ec1f40e53136ab392b9cc91eb1ccfb32f72ee12ed5e23b911a562c82f6faab43874f3fb941f6281dd72508d5c9b6970ca5923c436e57e7ab156e2b35a7bdc7cdcef8946815e468b0a9c053201c99c8c3b6ebf465a0aaaf02237bab6c9de532d223c4"}, @INET_DIAG_REQ_BYTECODE={0xc9, 0x1, "c4430c2617bcf6bb060cc03feabeb9a40b1e5729d860f83e30de05a2e7f3101bb5f6acb85986a04bccd262d3e7c1f50e751ca39244762507b181d2ee92fc22d6824e882eb9edbfcd3f87835ddfe5882e625f213e333141ddaf8ac5260b6341a289bd501f2c46809c8edd84f6e983323a84d7ff0bdf5957c3fd77909f0efb4ab0ae4843821aab1a901484635a70e67b9a80f40fac8e1ed297f54e453a5edecdfde008aac9ce74a55e3ecf64c894a5387f6b4a96f5c4754f118a9e2cacab037b4f968300d6ed"}, @INET_DIAG_REQ_BYTECODE={0xb0, 0x1, "cc231118ac2f28c1ab826b6611c024ebc1000e2b336dd516cd6b7aef3bbe02fa8d773429fa73d336e77cece3454efcf23ac21a0f79c6cfeff780faf50a2d4141a4f5ecef4372468dc0b8fede07adb19ac34dc91f1db7669e04e3bc3f00e2f481b2c9176c5cc7f83c64d26983503d691142208f39afa25032cdac94afa052194f81a9a8fb8a249c89e21435414eb97b7f7886c776a5bed3c6527519b2ab507fef52e7a22dbfdad1ff28651a95"}, @INET_DIAG_REQ_BYTECODE={0xd5, 0x1, "1a0702583b2040f038488f7361f9419d36ec75f1577c26565f6f76dfa60a5069cd19ab1d7f3804b96b3f6206dfe684624e93633ad2d35c7c8e6c4f9a97954ce8ef5347093a7cd6006ec3a45a3f4c7d7ce52da5b7e3d4a26913461d63e787e9e06f3c3671f969674a4239bec76f83494f1d8cd59b3abb3c0a2684db5afee82bc3226d55963cf1e7b4771fda74302bc71dfeac2acff251e5f12b3d7c5a6cfb829b1e0ac7697b1b57774f0b849aeaf4091a3475348ce29c45c2aa8a0ef9775d969631c8151d1b1958fe9a2c393b32ceb1ecd0"}]}, 0x3c8}, 0x1, 0x0, 0x0, 0x805}, 0x20000801)
ioctl$sock_ipv6_tunnel_SIOCADDPRL(r0, 0x89f5, &(0x7f00000008c0)={'ip6gre0\x00', &(0x7f0000000840)={'ip6tnl0\x00', <r4=>0x0, 0x4, 0x5f, 0x81, 0x1, 0xe, @dev={0xfe, 0x80, '\x00', 0x2b}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7, 0x10, 0xff, 0x3}})
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000900)='/sys/module/module', 0x400240, 0xa8)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000a80)={'ip6_vti0\x00', &(0x7f0000000a00)={'ip6gre0\x00', <r6=>r4, 0x29, 0xee, 0x1f, 0x6, 0x10, @local, @loopback, 0x1, 0x8, 0xfff, 0x7c7a6ebe}})
ioctl$TUNSETIFINDEX(r5, 0x400454da, &(0x7f0000000ac0)=r6)
r7 = openat2(0xffffffffffffff9c, &(0x7f0000000b00)='./file0\x00', &(0x7f0000000b40)={0x440001, 0x39b4f6535a3ac9d0, 0x1c}, 0x18)
sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000000c40)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x14, 0x1, 0x4, 0x101, 0x0, 0x0, {0xa, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20004000}, 0x81)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000cc0)={{0x1, 0x1, 0x18, <r8=>r1}, './file1\x00'})
r9 = socket(0x11, 0x800, 0x7f)
r10 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000d00), 0x200000, 0x0)
r11 = syz_open_procfs(0x0, &(0x7f0000000d40)='attr\x00')
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000e80)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000d80)={0xbc, 0x0, 0x8, 0x70bd2c, 0x25dfdbff, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x101}, @NBD_ATTR_SOCKETS={0x24, 0x7, 0x0, 0x1, [{0x8, 0x1, r8}, {0x8, 0x1, r9}, {0x8, 0x1, r7}, {0x8, 0x1, r0}]}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x1}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x2}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0x2c, 0x7, 0x0, 0x1, [{0x8, 0x1, r10}, {0x8, 0x1, r1}, {0x8, 0x1, r5}, {0x8, 0x1, r11}, {0x8, 0x1, r7}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xd4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc}]}, 0xbc}, 0x1, 0x0, 0x0, 0x10}, 0x20000000)
ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80087601, &(0x7f0000000ec0))
sendmsg$TIPC_NL_BEARER_DISABLE(r1, &(0x7f0000001080)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001040)={&(0x7f0000000f40)={0xf8, 0x0, 0x20, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc}]}, @TIPC_NLA_BEARER={0xd4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x9a5, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4}}, {0x14, 0x2, @in={0x2, 0x4e24, @local}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1e5}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @local}}, {0x14, 0x2, @in={0x2, 0x4e20, @remote}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x87e}]}]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x4008844}, 0x4040000)

08:04:29 executing program 4:
r0 = socket$inet(0x2, 0x3, 0x3)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000000)=0x2300, 0x4)
sendto$inet(r0, &(0x7f0000000040)="85be1b34b539601d079e74342e62d2700e37bcb8f15a8ee7d9bbf317db70dabe21a2f10ee10e3d26a272b938f0c8f54ae94711d542637163dd808679c6ff6de8253191b35db1d3898bec752fed49bb60d2a5302f69d5b4ca48cb70ed92a93db562b0f18bdd508db26cbe68ac04f77ee6e7fb", 0x72, 0x24000014, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
r2 = fsopen(&(0x7f0000000100)='securityfs\x00', 0x0)
read(r2, &(0x7f0000000140)=""/18, 0x12)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000280)={{'\x00', 0x2}, {0x6e1f}, 0x2, 0x0, 0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x32, {0x0, 0xc, 0x0, "", 0x25, "7b4e55db90fac594546327f2b504483c84e1bca7663795afc4a0faa19aec9f20cdf5a2b47b"}, 0xb, "35709bdc09d6642e3bd162"}, 0x49})
ioctl$TIOCSLCKTRMIOS(0xffffffffffffffff, 0x5457, &(0x7f0000000300))
getsockopt$IPT_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x0, 0x42, &(0x7f0000000340)={'IDLETIMER\x00'}, &(0x7f0000000380)=0x1e)
write$binfmt_elf32(r0, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x8, 0x2, 0x6, 0x6, 0xa30f, 0x3, 0x6, 0x7, 0x15a, 0x38, 0xf4, 0x1, 0x3, 0x20, 0x2, 0x0, 0x3, 0x6}, [{0x6, 0x740, 0xb800, 0x0, 0x5, 0x6, 0x2186}, {0x1, 0x0, 0x7, 0x1, 0x1, 0x40, 0xafb3, 0x7}]}, 0x78)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = accept4(r1, &(0x7f0000000440)=@ethernet={0x0, @multicast}, &(0x7f00000004c0)=0x80, 0x80800)
close(r3)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000500), 0x80000, 0x0)
sendto$inet(r4, &(0x7f0000000540)="1cfb6974b72eaf051d5c820527f7dd66d81a0357da28e9e0b0f3f49725b77563c023535c41bd2cd53985eee642f88add0d73a6b5bec35e22c400c0d53b25db5a1c429b8d309fb9e3d9c0c5ea99d89829cef3454cfce58071478479abd2d3323a6092dbff9cfe8e445e1220f00a106924d0d781138fe2ac675467b946b082f13b3cae094e55d7e58c114b763d00223173b88b2c923e693d8c50db18cfdd597283a22eef30e6591b254ef97835c45a221900e35aaf5481b95e6b995ecef66bcc0d39ff2f8599f2ee4aa1ddf037922b63a3b891cb0aed1dec16a5e651ee8eed3f32199aa53a", 0xe4, 0x800, &(0x7f0000000640)={0x2, 0x4e22, @loopback}, 0x10)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000680)={0x0, @empty, @rand_addr=0x64010101}, 0xc)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f00000006c0)='**)-]-+\'\\)\x00', &(0x7f0000000700)=']+(&}\xb1@&-\x00', 0x0)
splice(0xffffffffffffffff, &(0x7f0000000780)=0x10000, r0, &(0x7f00000007c0)=0x1, 0x80000001, 0x1)

08:04:29 executing program 2:
write$snapshot(0xffffffffffffffff, &(0x7f0000000000)="446a5019a86320589529b52e8ccae1242425266350062b2aaa0216638bc0ce29c2f10d7f59554a2bbad1d4feb38eccbc46e710c72c296c8919f18a2ba54ed8f81f192f637cf9d882d73b5478d6e9f6d937f27f6907204a0e125e2afdf67fea5e37ecd08b43986d4d2b5706b867533a915dbd0fde8a1de93263802a5933f5", 0x7e)
r0 = dup(0xffffffffffffffff)
write$snapshot(r0, &(0x7f0000000080), 0x0)
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x14200, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x3, 0x2, 0x301, 0x0, 0x0, {0x5, 0x0, 0x6}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
read(r0, &(0x7f0000000200)=""/112, 0x70)
ioctl$SNAPSHOT_FREE(r0, 0x3305)
write$snapshot(r1, &(0x7f0000000280)="845056ec6943ef25ad38003d36e5d37780a16fce3a607a01a5f2adcbc91ef339f9874d73d5ee88af3e9737a8efef76f57fb75a468a949f0e2be0246c8d58eebcbf4f667aa6212c3a7d6e77fc765c1ca68f94447a078f71a9cce7b4", 0x5b)
write$snapshot(r1, &(0x7f0000000300)="0ab33278dd163666c299117b3167f7c282dc9e45778ae9a967b38656a6e0c5934979411ce076bee6125801e84b812561294affe475178b780229f4c8327b09127b6a3fa641851c73d456b5783e1fe24f410e1dac6459607a19b324d6916955aef85f45252b0253644bbb32bcca12fac511218f240cbd3d0845db034698724ca4b28c9ddee47f185bbf9b9879748e4200ca4a94346ac5ec6b1cf72f63e2f0d2114848920829", 0xa5)
setsockopt$sock_timeval(r1, 0x1, 0x43, &(0x7f00000003c0)={0x77359400}, 0x10)
sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, 0x6, 0x1, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x8080)
r2 = open_tree(r1, &(0x7f0000000500)='./file0\x00', 0x8000)
ioctl$SNAPSHOT_FREE(r2, 0x3305)
fcntl$setflags(r0, 0x2, 0x1)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r0, 0xc038943b, &(0x7f0000000580)={0x9, 0x28, '\x00', 0x0, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0]})
readahead(r2, 0x7f, 0xff)
close(r1)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), r1)
sendmsg$NL80211_CMD_STOP_NAN(r1, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x14, r3, 0x1, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, ["", ""]}, 0x14}}, 0x4004801)
fgetxattr(r2, &(0x7f0000000700)=@known='security.apparmor\x00', &(0x7f0000000740)=""/165, 0xa5)

08:04:29 executing program 3:
r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x4, 0x30d400)
ioctl(r0, 0x0, &(0x7f0000000040)="22e71aa8fa8d959dceed2fe92c37136f6d7ff596bfaae08badf0c7d2a32b747e2469d796ef79324c447d068b8a40c2e55ea4ff5344bde8edeaa4adaf3b2ec9b9d6078e6537fc555132a45287f7edb2c402f144e87ade9a2ad0e582a778bc009c119a38d00261349f2ef39b93bb97e9372c1939d6b240faa05ede1331713e1c5e090ebefda4ec31df41a0a467f8bf8b7ecced78")
ioctl$HIDIOCGRAWINFO(r0, 0x80084803, &(0x7f0000000100)=""/111)
fstatfs(r0, &(0x7f0000000180)=""/61)
r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x200)
r2 = ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(r1, 0xc4089434, &(0x7f00000001c0)={<r3=>0x0, 0x9, 0x0, [0xffffffff, 0x6, 0x8, 0x1, 0x49ca5598], [0x672, 0x4, 0x10, 0x8, 0x0, 0x0, 0x2, 0x7, 0x7, 0x6, 0x0, 0x0, 0x0, 0x80000001, 0x8, 0x10001, 0x7ff, 0xff, 0xfff, 0x7fffffff, 0x20, 0xfffffffffffffff9, 0x80, 0x7634, 0x7, 0x8, 0x53, 0x8000000000000000, 0x1, 0x7, 0x2, 0xfffffffffffffffb, 0xffffffffffffff0f, 0x1357a000000000, 0x531, 0x3, 0xfffffffffffff88f, 0x6, 0xfffffffffffffff8, 0x0, 0x81, 0x7fffffff, 0x6, 0x2, 0x80000001, 0x9, 0xfff, 0x101, 0x8, 0x9, 0x5, 0x0, 0x7, 0x4, 0x8000, 0xfffffffffffff3a1, 0x8, 0x10000, 0x3000000000000000, 0x5, 0x957, 0x4, 0x1, 0x8, 0xffffffffffffffff, 0x1, 0x7, 0xffff, 0x2, 0x9, 0x0, 0x1, 0x5, 0x4, 0xffffffffffffff81, 0x1, 0x7a, 0x0, 0x1f, 0xfffffffffffffffe, 0xffffffffffffffff, 0x4, 0x3f, 0xfffffffffffffffa, 0x9, 0x40, 0x8, 0x0, 0x8000, 0x7, 0x4, 0x3ff, 0x8, 0x1ff, 0x101, 0x6, 0x9, 0x0, 0x6, 0xcb, 0x9, 0x2, 0x7, 0x1f, 0x8, 0x4, 0x7ab6ee63, 0x100000001, 0xbb5, 0xf8, 0x3f, 0x8, 0x6, 0x5, 0x7, 0xdfd, 0x5, 0x8, 0xfff, 0x9, 0x2]})
ioctl$BTRFS_IOC_DEV_INFO(r2, 0xd000941e, &(0x7f0000000600)={<r4=>r3, "9547331c072a95084b6c34277d93521c"})
r5 = accept$inet6(r1, 0x0, &(0x7f0000001600))
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000001640)={'batadv_slave_1\x00'})
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000001680)={0x0, 0x1, {0x100, @usage=0x1, r4, 0x5bf, 0xfffffffffffffffd, 0x0, 0x1, 0x2, 0x14, @usage=0x6, 0x401, 0xf5, [0x50, 0x7, 0x2, 0x9, 0x3c, 0xffffffffffffff2f]}, {0x9, @usage=0x401, r4, 0x5, 0x2, 0x3, 0xb5, 0xfdd, 0x4, @struct={0xbcc, 0xf600}, 0x7, 0x8, [0x4, 0xfffffffffffffc00, 0x6, 0x3, 0x100000000, 0x1f]}, {0xff, @usage=0x80000000, r4, 0x7, 0x100000001, 0x5, 0xfffffffffffffff9, 0x4, 0x2, @struct={0x68, 0x57a}, 0x1, 0x5, [0x3, 0x5, 0xdb0, 0x6, 0xe000000000000, 0xbb]}, {0x2, 0x73c, 0x1000}})
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000001a80)={0x3, [0x0, 0x0, 0x0]})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r5, 0xc018937a, &(0x7f0000001ac0)={{0x1, 0x1, 0x18, <r6=>r0, {0x2}}, './file0\x00'})
dup2(r6, r0)
write$P9_RLERRORu(r6, &(0x7f0000001b00)={0xe, 0x7, 0x1, {{0x1, '\x00'}, 0x1fc}}, 0xe)
truncate(&(0x7f0000001b40)='./file1\x00', 0x1)
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x228b)
r7 = openat$cgroup_devices(r6, &(0x7f0000001b80)='devices.allow\x00', 0x2, 0x0)
signalfd4(r7, &(0x7f0000001bc0)={[0x100000001]}, 0x8, 0x80000)

08:04:29 executing program 7:
vmsplice(0xffffffffffffffff, &(0x7f0000000040)=[{}], 0x1, 0x0)
r0 = eventfd2(0x1b, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000180)={'veth0\x00', &(0x7f00000000c0)=@ethtool_flash={0x33, 0x8, './file0\x00'}})
r2 = openat$cgroup_int(r1, &(0x7f00000001c0)='memory.swap.max\x00', 0x2, 0x0)
ppoll(&(0x7f0000000200)=[{r1, 0xc222}, {r1, 0x20a8}, {r2, 0x2}, {r1, 0x200d}], 0x4, &(0x7f0000000240)={0x0, 0x989680}, &(0x7f0000000280)={[0x6]}, 0x8)
r3 = syz_open_dev$vcsa(&(0x7f00000002c0), 0x5, 0x0)
r4 = eventfd(0x7)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r3, 0x7, &(0x7f0000000300)=r4, 0x1)
sendfile(r2, r3, 0x0, 0x534)
io_setup(0x2, &(0x7f0000000340)=<r5=>0x0)
r6 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000680)='./file0\x00', 0x541001, 0x1c0)
r8 = syz_mount_image$msdos(&(0x7f0000000900), &(0x7f0000000940)='./file0\x00', 0x8, 0x1, &(0x7f0000000a40)=[{&(0x7f0000000980)="477ab79beb28d3b1e1c3f1dfc2e9dc6e66d9ad59a63ecf9a6445f3021ac6cd7824c18ef59d9c41430da6ecd7557d9835f991b52a71ce960ff8ceb94c8c2771fd50d4a5788e7fe0309cebbb568b6b24fec6d25b22c333d483174eccc5123991efee21de904aa75e508f3ac762f8cd5532492b46e933c76999b85a6ddf5892b5d4c999b18645796699", 0x88, 0x1}], 0x40, &(0x7f0000000a80)={[{@dots}, {@fat=@fmask={'fmask', 0x3d, 0x3}}, {@dots}, {@dots}, {@fat=@dos1xfloppy}, {@fat=@time_offset={'time_offset', 0x3d, 0x571}}, {@fat=@tz_utc}, {@dots}], [{@fscontext={'fscontext', 0x3d, 'system_u'}}, {@fowner_gt={'fowner>', 0xee01}}, {@euid_eq={'euid', 0x3d, 0xee01}}]})
io_submit(r5, 0x8, &(0x7f0000000d80)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x5, 0x0, r0, &(0x7f0000000380)="3dbdd46888dd96674293c9fcc2a0a761809cc9546c5aaa2f69005bd96942f7abb1e0c7ebbb34721e199c7e3f75e3b3f03137027500c251c1db39d4dc380f43046ab9de23de16c3b6c45394181477891207226732b6f76e3277775ec427e040ce12269ea5cb9437a1c7311dce6101dfd301b08be3232dbc3cfd620b6db44eb2c94ad9b187fa71224563eefb90348281731f5f682688eff63e", 0x98, 0x1a, 0x0, 0x0, r4}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x8001, r6, &(0x7f00000004c0), 0x0, 0x100000000, 0x0, 0x1, r1}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x5, r2, &(0x7f0000000540)="d0a4ac52cd4cb061233a3cc897c4679478123a9616f92402f968ce49bbf9dbb583b318c4e0a5ef3e54ad6bac775a0b92f9ebbb3849ca02ba19cbf5da6f85fc4003e93aa2505acf68e20eba3c98e8a98643494c2fdc34e38c86da779a5840bd80166bc466bda239522a3b6f69d4d536f9a4b7b1f3e1b38c9383defce9afd671079f74b389f22f67aa79f8c4677841a696eebb5a4fef3924f84b58a3c9ca3657f075781248d89461b0f81ad2683113e54a910dc92adb1fe595cdb330610cbcb31a32dc4827886b0770fabcb83b80009e3ae4de295002eee8df2f92a1764ac9ec275c62b711a9725eea2b210b1dceb64f6658037b1f98", 0xf5, 0x1, 0x0, 0x2}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, r7, &(0x7f00000006c0)="af4a952be8082c6a36ce528215d1177723790b7026b1b15eee945787dd50865995286845404150abf3c86b18a1603b1fff84daf99e1f48ba1a752a2106028b1f62c5fc1091e175865b699023fbc672c5e6717619681f107dde5f8911d9e3f81f40e2849e429f9b223aaa6e961764f422093f190be0a7af14bed957b271d353a7456923294ffbc7a74eba35a94b9107c57921", 0x92, 0x2, 0x0, 0x0, r1}, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x8, 0x4, r3, &(0x7f00000007c0)="be45accbcbfa5d1342f4cd9f1a272984168b8305012fa3dd2ca792a3491f7399bbdb64ad5354c332ea84fa2a410e97da2224f8efa5eefdcad7295a615c4dab94c65e8001edd8281ef099e329103e0e7832e46111953d3ad5ac31b7a529094e815a7299c3c563669ddcfbc5932e80761ea457ae6edc14d2037fab9ff57bc11a191d1dfcbde1587ad767a417cb65806fa9f719db3a5eadb7e428600ab47fcf71af02796d58f5fc4c19bf505e24aaeff0a0e24be2b27a03a3c161d7adc76b1f94209007ea", 0xc3, 0x0, 0x0, 0x2}, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x6, 0x4, r8, &(0x7f0000000b40)="b7508da3e0397c0667c35b5652d92bb501b0f52f35a5bca5edb5b97030a909383bc240c236d855ac", 0x28, 0x400, 0x0, 0x1, r3}, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x5, 0x3ff, r3, &(0x7f0000000bc0)="a25068d3c3c066861a8fdd44816e3686809e70b1dd326d46cace0fa87ce8f32164c52f08ef6c88a1d61f4d9a1d91d69f1c738136730205154dc7accbad192e4c46fab9010e9633ded10304a23dca88e0449a4832ba88b2ad678a5b16a2bb64", 0x5f, 0x401, 0x0, 0x0, r3}, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x5, 0x7, 0xffffffffffffffff, &(0x7f0000000c80)="a3be856a0fada99d871248f17efc0a8c46065d1bbefdb1c147ea2fbe5391aaac8747e9d39a72040f5d46ff81c67e987ed50c5fd677f810d5fca79b05b31620d260af9babbf72ca3367ac2f34ad4febaaf6c0d6c30bb177518923e1a0e0d90b28b747fea4c6d90c9c6e1534e7bf329761e8a3347b790d456f8840c315d8a73696ee391fdd5842db8c", 0x88, 0xdd6, 0x0, 0x2}])
getsockopt$bt_sco_SCO_CONNINFO(r3, 0x11, 0x2, &(0x7f0000000dc0)=""/145, &(0x7f0000000e80)=0x91)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x80010, r3, 0x8000000)
r10 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x300000c, 0x4000010, r3, 0x10000000)
syz_io_uring_submit(r9, r10, &(0x7f0000000ec0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x2, 0x0, 0x0, 0x0, 0x12344, 0x0, 0x0, 0x1}, 0x20)
sendfile(r3, r3, 0x0, 0x1)

08:04:29 executing program 5:
ioctl$AUTOFS_IOC_READY(0xffffffffffffffff, 0x9360, 0x9)
r0 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)='cpu.pressure\x00', 0x2, 0x0)
preadv2(r0, &(0x7f0000001300)=[{&(0x7f0000000040)=""/98, 0x62}, {&(0x7f00000000c0)=""/122, 0x7a}, {&(0x7f0000000140)=""/145, 0x91}, {&(0x7f0000000200)=""/243, 0xf3}, {&(0x7f0000000300)=""/4096, 0x1000}], 0x5, 0x7, 0x1000, 0x11)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001380), 0x9a241, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x3)
readv(r1, &(0x7f0000001880)=[{&(0x7f00000013c0)=""/132, 0x84}, {&(0x7f0000001480)=""/250, 0xfa}, {&(0x7f0000001580)=""/70, 0x46}, {&(0x7f0000001600)=""/58, 0x3a}, {&(0x7f0000001640)=""/84, 0x54}, {&(0x7f00000016c0)=""/181, 0xb5}, {&(0x7f0000001780)=""/209, 0xd1}], 0x7)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r1, 0xf504, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000001900)={0x8, 0x8})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001940)='/proc/locks\x00', 0x0, 0x0)
ioctl$EVIOCGREP(r2, 0x80084503, &(0x7f0000001980)=""/107)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000001a80)={<r3=>r1, 0x0, 0x7, 0x4})
r4 = perf_event_open$cgroup(&(0x7f0000001a00)={0x4, 0x80, 0x81, 0x3, 0x5, 0x3, 0x0, 0x100, 0x1000, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x33, 0x2, @perf_config_ext={0x9, 0x40}, 0x4000, 0x0, 0x3, 0x6, 0x20, 0x79, 0x8001, 0x0, 0x7, 0x0, 0x1}, r1, 0x10, r3, 0x3)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000001bc0)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001b80)={&(0x7f0000001b00)={0x68, 0x2, 0x3, 0x5, 0x0, 0x0, {0xc, 0x0, 0xa}, [@NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x8}, @NFQA_CFG_CMD={0x8, 0x1, {0x4, 0x0, 0x25}}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x4}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x8001}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x3}, @NFQA_CFG_CMD={0x8, 0x1, {0x2, 0x0, 0x2b}}, @NFQA_CFG_PARAMS={0x9}, @NFQA_CFG_CMD={0x8, 0x1, {0x3, 0x0, 0x6}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x101}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0xe}]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x10)
r5 = socket(0x1f, 0x1, 0x0)
readv(r5, &(0x7f0000001fc0)=[{&(0x7f0000001c00)=""/151, 0x97}, {&(0x7f0000001cc0)}, {&(0x7f0000001d00)=""/189, 0xbd}, {&(0x7f0000001dc0)=""/236, 0xec}, {&(0x7f0000001ec0)=""/229, 0xe5}], 0x5)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000002040)={{0x1, 0x1, 0x18, <r6=>0xffffffffffffffff}, './file0\x00'})
getpeername(0xffffffffffffffff, &(0x7f0000002080)=@xdp, &(0x7f0000002100)=0x80)
ioctl$FIOCLEX(r4, 0x5451)
write(r4, &(0x7f0000002140)="7c793cc4d46b1af7ad586619b80dc421b444e998f85dbc8e1c714b847447b7f9789a2296a74f1a39b933d0954e5dc390f6ec8426e5604a5f09b01b2ad96897505ed44ba6b0f333dc3e74dcdbe201716a9d592d328f713533a4eddb9726f7d8861e4f8591239db68c20a977929271f920911e7baebe4bd2e4f74ae8df711c80d13f8a5e35ccb96adbe3ebce285d420e9317eff932a0e0a114e9537a17e840a02a802071c1ec5bc7664721d54aad958f7f1eabff7e99e754d0ca43", 0xba)
copy_file_range(r6, &(0x7f0000002200)=0x5, r5, &(0x7f0000002240)=0x7, 0x3, 0x0)

[   96.620926] audit: type=1400 audit(1763280269.229:7): avc:  denied  { execmem } for  pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
08:04:29 executing program 6:
syz_usb_ep_write$ath9k_ep2(0xffffffffffffffff, 0x83, 0x12, &(0x7f0000000000)=@conn_svc_rsp={0x0, 0x0, 0xa, '\nIx5', {0x3, 0x103, 0x0, 0x6, 0x6, 0x40, 0x4}})
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r0, 0x2, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x80)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(r2, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x6c, r3, 0x8, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, {0xaaaaaaaaaaaa0002}}, @NL802154_ATTR_EXTENDED_ADDR={0xc}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan1\x00'}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4800}, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), r2)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000400)={'wpan1\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000440)={'wpan1\x00', <r6=>0x0})
sendmsg$NL802154_CMD_NEW_INTERFACE(r2, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x5c, r4, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0xf94140cd2b290364}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x4}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan4\x00'}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_IFTYPE={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4050}, 0x80)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x58, r1, 0x300, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_DEVKEY={0x44, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x38, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x80000001}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xcf}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x9}, @NL802154_KEY_ID_ATTR_INDEX={0x5}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x6}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x20040001}, 0xc004)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r7, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x4c, r4, 0x8, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x40004)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000800), r8)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000840), r9)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x2c, 0x0, 0x1400, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000002}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x2c}}, 0x4010)

[   97.764105] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   97.766735] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   97.768470] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   97.773000] ==================================================================
[   97.774264] BUG: KASAN: slab-use-after-free in hci_cmd_work+0x66d/0x6d0
[   97.775452] Read of size 2 at addr ffff88801da9fb78 by task kworker/u11:2/291
[   97.780053] 
[   97.782621] CPU: 0 UID: 0 PID: 291 Comm: kworker/u11:2 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) 
[   97.782656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   97.782673] Workqueue: hci0 hci_cmd_work
[   97.782707] Call Trace:
[   97.782716]  <TASK>
[   97.782725]  dump_stack_lvl+0xca/0x120
[   97.782758]  print_report+0xcb/0x610
[   97.782790]  ? __virt_addr_valid+0x100/0x5d0
[   97.782820]  ? hci_cmd_work+0x66d/0x6d0
[   97.782850]  ? hci_cmd_work+0x66d/0x6d0
[   97.782882]  kasan_report+0xca/0x100
[   97.782914]  ? hci_cmd_work+0x66d/0x6d0
[   97.782949]  hci_cmd_work+0x66d/0x6d0
[   97.782982]  process_one_work+0x8e1/0x19c0
[   97.783024]  ? __pfx_process_one_work+0x10/0x10
[   97.783059]  ? move_linked_works+0x172/0x270
[   97.783087]  ? assign_work+0x196/0x240
[   97.783122]  worker_thread+0x67e/0xe90
[   97.783156]  ? trace_irq_enable.constprop.0+0xc2/0x100
[   97.783187]  ? __pfx_worker_thread+0x10/0x10
[   97.783223]  kthread+0x3c8/0x740
[   97.783255]  ? __pfx_kthread+0x10/0x10
[   97.783285]  ? ret_from_fork+0x79/0x7a0
[   97.783310]  ? lock_release+0xc8/0x290
[   97.783348]  ? __pfx_kthread+0x10/0x10
[   97.783380]  ret_from_fork+0x67a/0x7a0
[   97.783404]  ? __pfx_ret_from_fork+0x10/0x10
[   97.783431]  ? __switch_to+0x759/0x1060
[   97.783465]  ? __pfx_kthread+0x10/0x10
[   97.783497]  ret_from_fork_asm+0x1a/0x30
[   97.783538]  </TASK>
[   97.783546] 
[   97.806258] Allocated by task 289:
[   97.806884]  kasan_save_stack+0x24/0x50
[   97.807589]  kasan_save_track+0x14/0x30
[   97.808288]  __kasan_slab_alloc+0x59/0x70
[   97.809039]  kmem_cache_alloc_node_noprof+0x228/0x6b0
[   97.809946]  __alloc_skb+0x2ab/0x370
[   97.810620]  hci_cmd_sync_alloc+0x34/0x300
[   97.811377]  __hci_cmd_sync_sk+0xf7/0x5c0
[   97.812125]  hci_read_dev_class_sync+0x2c/0x170
[   97.812952]  hci_dev_open_sync+0x1874/0x1f60
[   97.813764]  hci_power_on+0xdb/0x5d0
[   97.814433]  process_one_work+0x8e1/0x19c0
[   97.815192]  worker_thread+0x67e/0xe90
[   97.815886]  kthread+0x3c8/0x740
[   97.816492]  ret_from_fork+0x67a/0x7a0
[   97.817188]  ret_from_fork_asm+0x1a/0x30
[   97.817903] 
[   97.818209] Freed by task 292:
[   97.818775]  kasan_save_stack+0x24/0x50
[   97.819475]  kasan_save_track+0x14/0x30
[   97.820179]  kasan_save_free_info+0x3a/0x60
[   97.820949]  __kasan_slab_free+0x43/0x70
[   97.821676]  kmem_cache_free+0x26f/0x500
[   97.822401]  kfree_skbmem+0x18a/0x1f0
[   97.823074]  sk_skb_reason_drop+0x10e/0x1b0
[   97.823831]  vhci_read+0x3d5/0x5d0
[   97.824467]  vfs_read+0x1eb/0xc70
[   97.825088]  ksys_read+0x121/0x240
[   97.825666]  do_syscall_64+0xbf/0x430
[   97.826235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.826988] 
[   97.827249] The buggy address belongs to the object at ffff88801da9fb40
[   97.827249]  which belongs to the cache skbuff_head_cache of size 232
[   97.829112] The buggy address is located 56 bytes inside of
[   97.829112]  freed 232-byte region [ffff88801da9fb40, ffff88801da9fc28)
[   97.830811] 
[   97.831066] The buggy address belongs to the physical page:
[   97.831875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1da9f
[   97.833070] flags: 0x100000000000000(node=0|zone=1)
[   97.833796] page_type: f5(slab)
[   97.834284] raw: 0100000000000000 ffff8880096c78c0 ffffea000076b7c0 0000000000000004
[   97.835399] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[   97.836510] page dumped because: kasan: bad access detected
[   97.837339] 
[   97.837593] Memory state around the buggy address:
[   97.838308]  ffff88801da9fa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   97.839344]  ffff88801da9fa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[   97.840387] >ffff88801da9fb00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   97.841455]                                                                 ^
[   97.842494]  ffff88801da9fb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   97.843562]  ffff88801da9fc00: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[   97.844605] ==================================================================
[   97.845816] Disabling lock debugging due to kernel taint
[   97.855485] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   97.859204] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   97.860524] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   97.862002] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   97.863149] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   97.864213] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   97.865276] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   97.866891] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   97.867990] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   97.869075] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   97.870280] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   97.873309] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   97.873354] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   97.875299] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   97.876003] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   97.880202] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   97.884793] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   97.886380] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   97.886856] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   97.888931] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   97.890183] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   97.892773] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   97.894726] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   97.895997] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   97.898450] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   97.900750] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   97.902817] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   97.904347] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   97.905992] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   97.909905] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   97.911444] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   97.915016] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   97.917892] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   97.935841] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   97.937320] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   97.951286] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   97.957330] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   99.924618] Bluetooth: hci0: command tx timeout
[   99.988635] Bluetooth: hci7: command tx timeout
[   99.989098] Bluetooth: hci5: command tx timeout
[   99.989493] Bluetooth: hci6: command tx timeout
[   99.989929] Bluetooth: hci2: command tx timeout
[   99.990326] Bluetooth: hci3: command tx timeout
[   99.990745] Bluetooth: hci1: command tx timeout
[   99.990782] Bluetooth: hci4: command tx timeout
[  101.972760] Bluetooth: hci0: command tx timeout
[  102.036701] Bluetooth: hci3: command tx timeout
[  102.036741] Bluetooth: hci4: command tx timeout
[  102.037179] Bluetooth: hci1: command tx timeout
[  102.038543] Bluetooth: hci2: command tx timeout
[  102.038546] Bluetooth: hci6: command tx timeout
[  102.039257] Bluetooth: hci5: command tx timeout
[  102.039710] Bluetooth: hci7: command tx timeout
[  104.020601] Bluetooth: hci0: command tx timeout
[  104.085004] Bluetooth: hci6: command tx timeout
[  104.085451] Bluetooth: hci3: command tx timeout
[  104.085913] Bluetooth: hci5: command tx timeout
[  104.086276] Bluetooth: hci7: command tx timeout
[  104.086796] Bluetooth: hci2: command tx timeout
[  104.087159] Bluetooth: hci1: command tx timeout
[  104.087516] Bluetooth: hci4: command tx timeout
[  106.068725] Bluetooth: hci0: command tx timeout
[  106.132681] Bluetooth: hci6: command tx timeout
[  106.132732] Bluetooth: hci3: command tx timeout
[  106.133451] Bluetooth: hci4: command tx timeout
[  106.133939] Bluetooth: hci1: command tx timeout
[  106.133955] Bluetooth: hci2: command tx timeout
[  106.133965] Bluetooth: hci7: command tx timeout
[  106.133974] Bluetooth: hci5: command tx timeout

VM DIAGNOSIS:
08:04:30  Registers:
info registers vcpu 0
RAX=000000000000000d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8293dd05 RDI=ffffffff889747c0 RBP=ffffffff88974780 RSP=ffff88801393f618
R8 =0000000000000000 R9 =ffffed1001676046 R10=0000000000000000 R11=6431303838386652
R12=000000000000000d R13=0000000000000010 R14=ffffffff88974780 R15=ffffffff8293dcf0
RIP=ffffffff8293dd5d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e538f000 00000000 00000000
LDT=0000 fffffe5e00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f5d74fc4000 CR3=000000000dcca000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=5837fe9dc1c91f3200000000000ae618 XMM01=f4c8c69f3dc6a690344d3ce1bf5ed8f2
XMM02=6b1e99b806172e3b00000000000aea28 XMM03=ac8bc31478ec851100000000000aefa0
XMM04=5fcfa3a6b6e3d6a2000000000012ef08 XMM05=d3fdd5f48436fbd700000000000aead0
XMM06=2bdd9d2128719e7500000000000ae988 XMM07=a1fcdcf819d7e1e500000000000ae728
XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=1ffff11001398032 RBX=dffffc0000000000 RCX=ffffffff8152e363 RDX=1ffff11001398034
RSI=ffffffff885b6e50 RDI=ffff888009cc0198 RBP=ffff88800cc93bf8 RSP=ffff8880095576f0
R8 =0000000000000001 R9 =ffffed10012aaed8 R10=0000000000000003 R11=0000000000000001
R12=ffff888009cc0190 R13=fffffbfff10b6dca R14=0000000000000000 R15=ffffffff885b6e50
RIP=ffffffff84c33859 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007ff2334ef900 00000000 00000000
GS =0000 ffff8880e548f000 00000000 00000000
LDT=0000 fffffe7c00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fe889191070 CR3=000000000f3d5000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007fe8892547c000007fe8892547c8
XMM02=00007fe8892547e000007fe8892547c0 XMM03=00007fe8892547c800007fe8892547c0
XMM04=ffffffffffffffffffffffffffffff00 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000