Warning: Permanently added '[localhost]:2246' (ECDSA) to the list of known hosts.
2025/11/16 19:35:58 fuzzer started
2025/11/16 19:35:58 dialing manager at localhost:37161
syzkaller login: [   58.575681] cgroup: Unknown subsys name 'net'
[   58.778582] cgroup: Unknown subsys name 'cpuset'
[   58.808937] cgroup: Unknown subsys name 'rlimit'
2025/11/16 19:36:09 syscalls: 2214
2025/11/16 19:36:09 code coverage: enabled
2025/11/16 19:36:09 comparison tracing: enabled
2025/11/16 19:36:09 extra coverage: enabled
2025/11/16 19:36:09 setuid sandbox: enabled
2025/11/16 19:36:09 namespace sandbox: enabled
2025/11/16 19:36:09 Android sandbox: enabled
2025/11/16 19:36:09 fault injection: enabled
2025/11/16 19:36:09 leak checking: enabled
2025/11/16 19:36:09 net packet injection: enabled
2025/11/16 19:36:09 net device setup: enabled
2025/11/16 19:36:09 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/11/16 19:36:09 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/11/16 19:36:09 USB emulation: enabled
2025/11/16 19:36:09 hci packet injection: enabled
2025/11/16 19:36:09 wifi device emulation: enabled
2025/11/16 19:36:09 802.15.4 emulation: enabled
2025/11/16 19:36:09 fetching corpus: 50, signal 23130/24989 (executing program)
2025/11/16 19:36:09 fetching corpus: 100, signal 34946/38486 (executing program)
2025/11/16 19:36:09 fetching corpus: 150, signal 44378/49486 (executing program)
2025/11/16 19:36:09 fetching corpus: 200, signal 50923/57534 (executing program)
2025/11/16 19:36:09 fetching corpus: 250, signal 57330/65390 (executing program)
2025/11/16 19:36:09 fetching corpus: 300, signal 61416/70909 (executing program)
2025/11/16 19:36:10 fetching corpus: 350, signal 64735/75632 (executing program)
2025/11/16 19:36:10 fetching corpus: 400, signal 68961/81198 (executing program)
2025/11/16 19:36:10 fetching corpus: 450, signal 72765/86313 (executing program)
2025/11/16 19:36:10 fetching corpus: 500, signal 76935/91713 (executing program)
2025/11/16 19:36:10 fetching corpus: 550, signal 79727/95758 (executing program)
2025/11/16 19:36:10 fetching corpus: 600, signal 82544/99772 (executing program)
2025/11/16 19:36:10 fetching corpus: 650, signal 84996/103432 (executing program)
2025/11/16 19:36:10 fetching corpus: 700, signal 88092/107622 (executing program)
2025/11/16 19:36:10 fetching corpus: 750, signal 89344/110116 (executing program)
2025/11/16 19:36:11 fetching corpus: 800, signal 91600/113551 (executing program)
2025/11/16 19:36:11 fetching corpus: 850, signal 93784/116796 (executing program)
2025/11/16 19:36:11 fetching corpus: 900, signal 95894/120017 (executing program)
2025/11/16 19:36:11 fetching corpus: 950, signal 98467/123588 (executing program)
2025/11/16 19:36:11 fetching corpus: 1000, signal 101922/127918 (executing program)
2025/11/16 19:36:11 fetching corpus: 1050, signal 103290/130404 (executing program)
2025/11/16 19:36:11 fetching corpus: 1100, signal 105036/133173 (executing program)
2025/11/16 19:36:11 fetching corpus: 1150, signal 106847/135960 (executing program)
2025/11/16 19:36:11 fetching corpus: 1200, signal 107973/138198 (executing program)
2025/11/16 19:36:11 fetching corpus: 1250, signal 110099/141206 (executing program)
2025/11/16 19:36:11 fetching corpus: 1300, signal 113658/145380 (executing program)
2025/11/16 19:36:12 fetching corpus: 1350, signal 115382/148022 (executing program)
2025/11/16 19:36:12 fetching corpus: 1400, signal 116567/150185 (executing program)
2025/11/16 19:36:12 fetching corpus: 1450, signal 118068/152547 (executing program)
2025/11/16 19:36:12 fetching corpus: 1500, signal 119609/154958 (executing program)
2025/11/16 19:36:12 fetching corpus: 1550, signal 120992/157202 (executing program)
2025/11/16 19:36:12 fetching corpus: 1600, signal 122056/159192 (executing program)
2025/11/16 19:36:12 fetching corpus: 1650, signal 123169/161168 (executing program)
2025/11/16 19:36:12 fetching corpus: 1700, signal 124351/163224 (executing program)
2025/11/16 19:36:12 fetching corpus: 1750, signal 125189/165023 (executing program)
2025/11/16 19:36:12 fetching corpus: 1800, signal 126445/167036 (executing program)
2025/11/16 19:36:13 fetching corpus: 1850, signal 127708/169112 (executing program)
2025/11/16 19:36:13 fetching corpus: 1900, signal 129053/171239 (executing program)
2025/11/16 19:36:13 fetching corpus: 1950, signal 129997/173034 (executing program)
2025/11/16 19:36:13 fetching corpus: 2000, signal 131451/175165 (executing program)
2025/11/16 19:36:13 fetching corpus: 2050, signal 132288/176838 (executing program)
2025/11/16 19:36:13 fetching corpus: 2100, signal 133464/178768 (executing program)
2025/11/16 19:36:13 fetching corpus: 2150, signal 134270/180436 (executing program)
2025/11/16 19:36:13 fetching corpus: 2200, signal 135307/182205 (executing program)
2025/11/16 19:36:13 fetching corpus: 2250, signal 136113/183770 (executing program)
2025/11/16 19:36:13 fetching corpus: 2300, signal 137293/185632 (executing program)
2025/11/16 19:36:13 fetching corpus: 2350, signal 138685/187597 (executing program)
2025/11/16 19:36:14 fetching corpus: 2400, signal 139718/189322 (executing program)
2025/11/16 19:36:14 fetching corpus: 2450, signal 141020/191140 (executing program)
2025/11/16 19:36:14 fetching corpus: 2500, signal 142164/192887 (executing program)
2025/11/16 19:36:14 fetching corpus: 2550, signal 143192/194566 (executing program)
2025/11/16 19:36:14 fetching corpus: 2600, signal 144126/196180 (executing program)
2025/11/16 19:36:14 fetching corpus: 2650, signal 144675/197550 (executing program)
2025/11/16 19:36:14 fetching corpus: 2700, signal 145597/199104 (executing program)
2025/11/16 19:36:14 fetching corpus: 2750, signal 146415/200586 (executing program)
2025/11/16 19:36:14 fetching corpus: 2800, signal 147390/202197 (executing program)
2025/11/16 19:36:15 fetching corpus: 2850, signal 148319/203711 (executing program)
2025/11/16 19:36:15 fetching corpus: 2900, signal 149805/205602 (executing program)
2025/11/16 19:36:15 fetching corpus: 2950, signal 150513/206964 (executing program)
2025/11/16 19:36:15 fetching corpus: 3000, signal 151308/208396 (executing program)
2025/11/16 19:36:15 fetching corpus: 3050, signal 152307/209936 (executing program)
2025/11/16 19:36:15 fetching corpus: 3100, signal 153145/211363 (executing program)
2025/11/16 19:36:15 fetching corpus: 3150, signal 153904/212759 (executing program)
2025/11/16 19:36:15 fetching corpus: 3200, signal 154467/214025 (executing program)
2025/11/16 19:36:15 fetching corpus: 3250, signal 155167/215341 (executing program)
2025/11/16 19:36:15 fetching corpus: 3300, signal 155870/216604 (executing program)
2025/11/16 19:36:16 fetching corpus: 3350, signal 156614/217892 (executing program)
2025/11/16 19:36:16 fetching corpus: 3400, signal 157100/219049 (executing program)
2025/11/16 19:36:16 fetching corpus: 3450, signal 157775/220319 (executing program)
2025/11/16 19:36:16 fetching corpus: 3500, signal 158423/221531 (executing program)
2025/11/16 19:36:16 fetching corpus: 3550, signal 158906/222676 (executing program)
2025/11/16 19:36:16 fetching corpus: 3600, signal 160279/224228 (executing program)
2025/11/16 19:36:16 fetching corpus: 3650, signal 161192/225603 (executing program)
2025/11/16 19:36:16 fetching corpus: 3700, signal 161824/226813 (executing program)
2025/11/16 19:36:16 fetching corpus: 3750, signal 162347/227939 (executing program)
2025/11/16 19:36:17 fetching corpus: 3800, signal 163281/229218 (executing program)
2025/11/16 19:36:17 fetching corpus: 3850, signal 163836/230351 (executing program)
2025/11/16 19:36:17 fetching corpus: 3900, signal 164296/231408 (executing program)
2025/11/16 19:36:17 fetching corpus: 3950, signal 164876/232568 (executing program)
2025/11/16 19:36:17 fetching corpus: 4000, signal 166215/233970 (executing program)
2025/11/16 19:36:17 fetching corpus: 4050, signal 166756/235055 (executing program)
2025/11/16 19:36:17 fetching corpus: 4100, signal 167147/236063 (executing program)
2025/11/16 19:36:17 fetching corpus: 4150, signal 167613/237069 (executing program)
2025/11/16 19:36:17 fetching corpus: 4200, signal 167944/238066 (executing program)
2025/11/16 19:36:17 fetching corpus: 4250, signal 168542/239146 (executing program)
2025/11/16 19:36:18 fetching corpus: 4300, signal 169060/240191 (executing program)
2025/11/16 19:36:18 fetching corpus: 4350, signal 169583/241209 (executing program)
2025/11/16 19:36:18 fetching corpus: 4400, signal 170209/242297 (executing program)
2025/11/16 19:36:18 fetching corpus: 4450, signal 170606/243243 (executing program)
2025/11/16 19:36:18 fetching corpus: 4500, signal 171196/244315 (executing program)
2025/11/16 19:36:18 fetching corpus: 4550, signal 171545/245288 (executing program)
2025/11/16 19:36:18 fetching corpus: 4600, signal 172212/246298 (executing program)
2025/11/16 19:36:18 fetching corpus: 4650, signal 172652/247304 (executing program)
2025/11/16 19:36:18 fetching corpus: 4700, signal 173165/248283 (executing program)
2025/11/16 19:36:18 fetching corpus: 4750, signal 173648/249273 (executing program)
2025/11/16 19:36:18 fetching corpus: 4800, signal 173982/250184 (executing program)
2025/11/16 19:36:19 fetching corpus: 4850, signal 174516/251141 (executing program)
2025/11/16 19:36:19 fetching corpus: 4900, signal 175101/252092 (executing program)
2025/11/16 19:36:19 fetching corpus: 4950, signal 175460/252998 (executing program)
2025/11/16 19:36:19 fetching corpus: 5000, signal 175937/253932 (executing program)
2025/11/16 19:36:19 fetching corpus: 5050, signal 176243/254794 (executing program)
2025/11/16 19:36:19 fetching corpus: 5100, signal 176704/255733 (executing program)
2025/11/16 19:36:19 fetching corpus: 5150, signal 177071/256638 (executing program)
2025/11/16 19:36:19 fetching corpus: 5200, signal 177601/257554 (executing program)
2025/11/16 19:36:19 fetching corpus: 5250, signal 178131/258478 (executing program)
2025/11/16 19:36:19 fetching corpus: 5300, signal 178434/259329 (executing program)
2025/11/16 19:36:20 fetching corpus: 5350, signal 178814/260205 (executing program)
2025/11/16 19:36:20 fetching corpus: 5400, signal 179190/261057 (executing program)
2025/11/16 19:36:20 fetching corpus: 5450, signal 179872/262034 (executing program)
2025/11/16 19:36:20 fetching corpus: 5500, signal 180317/262867 (executing program)
2025/11/16 19:36:20 fetching corpus: 5550, signal 180723/263680 (executing program)
2025/11/16 19:36:20 fetching corpus: 5600, signal 181034/264494 (executing program)
2025/11/16 19:36:20 fetching corpus: 5650, signal 181379/265284 (executing program)
2025/11/16 19:36:20 fetching corpus: 5700, signal 181721/266151 (executing program)
2025/11/16 19:36:20 fetching corpus: 5750, signal 182213/267029 (executing program)
2025/11/16 19:36:20 fetching corpus: 5800, signal 183253/268000 (executing program)
2025/11/16 19:36:21 fetching corpus: 5850, signal 183875/268849 (executing program)
2025/11/16 19:36:21 fetching corpus: 5900, signal 184272/269667 (executing program)
2025/11/16 19:36:21 fetching corpus: 5950, signal 184828/270532 (executing program)
2025/11/16 19:36:21 fetching corpus: 6000, signal 185517/271349 (executing program)
2025/11/16 19:36:21 fetching corpus: 6050, signal 186050/272119 (executing program)
2025/11/16 19:36:21 fetching corpus: 6100, signal 186497/272888 (executing program)
2025/11/16 19:36:21 fetching corpus: 6150, signal 186858/273640 (executing program)
2025/11/16 19:36:21 fetching corpus: 6200, signal 187278/274391 (executing program)
2025/11/16 19:36:21 fetching corpus: 6250, signal 187722/275168 (executing program)
2025/11/16 19:36:21 fetching corpus: 6300, signal 188434/275961 (executing program)
2025/11/16 19:36:21 fetching corpus: 6350, signal 188956/276684 (executing program)
2025/11/16 19:36:22 fetching corpus: 6400, signal 189170/277352 (executing program)
2025/11/16 19:36:22 fetching corpus: 6450, signal 189467/278033 (executing program)
2025/11/16 19:36:22 fetching corpus: 6500, signal 189790/278714 (executing program)
2025/11/16 19:36:22 fetching corpus: 6550, signal 190027/279368 (executing program)
2025/11/16 19:36:22 fetching corpus: 6600, signal 190349/280065 (executing program)
2025/11/16 19:36:22 fetching corpus: 6650, signal 191095/280784 (executing program)
2025/11/16 19:36:22 fetching corpus: 6700, signal 191835/281497 (executing program)
2025/11/16 19:36:22 fetching corpus: 6750, signal 192363/282164 (executing program)
2025/11/16 19:36:22 fetching corpus: 6800, signal 192636/282827 (executing program)
2025/11/16 19:36:22 fetching corpus: 6850, signal 193147/283513 (executing program)
2025/11/16 19:36:22 fetching corpus: 6900, signal 193568/284173 (executing program)
2025/11/16 19:36:23 fetching corpus: 6950, signal 193929/284823 (executing program)
2025/11/16 19:36:23 fetching corpus: 7000, signal 194265/285476 (executing program)
2025/11/16 19:36:23 fetching corpus: 7050, signal 194729/286159 (executing program)
2025/11/16 19:36:23 fetching corpus: 7100, signal 195120/286822 (executing program)
2025/11/16 19:36:23 fetching corpus: 7150, signal 195416/287474 (executing program)
2025/11/16 19:36:23 fetching corpus: 7200, signal 195771/288078 (executing program)
2025/11/16 19:36:23 fetching corpus: 7250, signal 196239/288078 (executing program)
2025/11/16 19:36:23 fetching corpus: 7300, signal 196545/288078 (executing program)
2025/11/16 19:36:23 fetching corpus: 7350, signal 196904/288078 (executing program)
2025/11/16 19:36:23 fetching corpus: 7400, signal 197337/288078 (executing program)
2025/11/16 19:36:23 fetching corpus: 7450, signal 197542/288078 (executing program)
2025/11/16 19:36:24 fetching corpus: 7500, signal 197794/288078 (executing program)
2025/11/16 19:36:24 fetching corpus: 7550, signal 198130/288078 (executing program)
2025/11/16 19:36:24 fetching corpus: 7600, signal 198352/288078 (executing program)
2025/11/16 19:36:24 fetching corpus: 7650, signal 198595/288078 (executing program)
2025/11/16 19:36:24 fetching corpus: 7700, signal 198899/288078 (executing program)
2025/11/16 19:36:24 fetching corpus: 7750, signal 199275/288078 (executing program)
2025/11/16 19:36:24 fetching corpus: 7800, signal 199640/288078 (executing program)
2025/11/16 19:36:24 fetching corpus: 7850, signal 199910/288078 (executing program)
2025/11/16 19:36:24 fetching corpus: 7900, signal 200258/288078 (executing program)
2025/11/16 19:36:24 fetching corpus: 7950, signal 200729/288078 (executing program)
2025/11/16 19:36:24 fetching corpus: 8000, signal 201013/288078 (executing program)
2025/11/16 19:36:25 fetching corpus: 8050, signal 201271/288078 (executing program)
2025/11/16 19:36:25 fetching corpus: 8100, signal 201525/288078 (executing program)
2025/11/16 19:36:25 fetching corpus: 8150, signal 201928/288078 (executing program)
2025/11/16 19:36:25 fetching corpus: 8200, signal 202264/288078 (executing program)
2025/11/16 19:36:25 fetching corpus: 8250, signal 202664/288078 (executing program)
2025/11/16 19:36:25 fetching corpus: 8300, signal 203004/288078 (executing program)
2025/11/16 19:36:25 fetching corpus: 8350, signal 203329/288078 (executing program)
2025/11/16 19:36:25 fetching corpus: 8400, signal 203564/288078 (executing program)
2025/11/16 19:36:25 fetching corpus: 8450, signal 204025/288078 (executing program)
2025/11/16 19:36:25 fetching corpus: 8500, signal 204259/288078 (executing program)
2025/11/16 19:36:25 fetching corpus: 8550, signal 204511/288078 (executing program)
2025/11/16 19:36:26 fetching corpus: 8600, signal 204841/288078 (executing program)
2025/11/16 19:36:26 fetching corpus: 8650, signal 205236/288078 (executing program)
2025/11/16 19:36:26 fetching corpus: 8700, signal 205480/288078 (executing program)
2025/11/16 19:36:26 fetching corpus: 8750, signal 205849/288078 (executing program)
2025/11/16 19:36:26 fetching corpus: 8800, signal 206284/288078 (executing program)
2025/11/16 19:36:26 fetching corpus: 8850, signal 206573/288078 (executing program)
2025/11/16 19:36:26 fetching corpus: 8900, signal 206839/288078 (executing program)
2025/11/16 19:36:26 fetching corpus: 8950, signal 207172/288078 (executing program)
2025/11/16 19:36:26 fetching corpus: 9000, signal 207368/288078 (executing program)
2025/11/16 19:36:26 fetching corpus: 9050, signal 207677/288085 (executing program)
2025/11/16 19:36:27 fetching corpus: 9100, signal 208011/288085 (executing program)
2025/11/16 19:36:27 fetching corpus: 9150, signal 208345/288085 (executing program)
2025/11/16 19:36:27 fetching corpus: 9200, signal 208578/288085 (executing program)
2025/11/16 19:36:27 fetching corpus: 9250, signal 208841/288085 (executing program)
2025/11/16 19:36:27 fetching corpus: 9300, signal 209197/288085 (executing program)
2025/11/16 19:36:27 fetching corpus: 9350, signal 209435/288085 (executing program)
2025/11/16 19:36:27 fetching corpus: 9400, signal 209733/288085 (executing program)
2025/11/16 19:36:27 fetching corpus: 9450, signal 210042/288085 (executing program)
2025/11/16 19:36:27 fetching corpus: 9500, signal 210416/288085 (executing program)
2025/11/16 19:36:27 fetching corpus: 9550, signal 210629/288085 (executing program)
2025/11/16 19:36:28 fetching corpus: 9600, signal 210969/288085 (executing program)
2025/11/16 19:36:28 fetching corpus: 9650, signal 211253/288085 (executing program)
2025/11/16 19:36:28 fetching corpus: 9700, signal 211573/288085 (executing program)
2025/11/16 19:36:28 fetching corpus: 9750, signal 211890/288085 (executing program)
2025/11/16 19:36:28 fetching corpus: 9800, signal 212117/288085 (executing program)
2025/11/16 19:36:28 fetching corpus: 9850, signal 212312/288085 (executing program)
2025/11/16 19:36:28 fetching corpus: 9900, signal 212503/288085 (executing program)
2025/11/16 19:36:28 fetching corpus: 9950, signal 212748/288085 (executing program)
2025/11/16 19:36:28 fetching corpus: 10000, signal 212998/288085 (executing program)
2025/11/16 19:36:28 fetching corpus: 10050, signal 213258/288085 (executing program)
2025/11/16 19:36:29 fetching corpus: 10100, signal 213700/288085 (executing program)
2025/11/16 19:36:29 fetching corpus: 10150, signal 213907/288085 (executing program)
2025/11/16 19:36:29 fetching corpus: 10200, signal 214690/288085 (executing program)
2025/11/16 19:36:29 fetching corpus: 10250, signal 215078/288085 (executing program)
2025/11/16 19:36:29 fetching corpus: 10300, signal 215387/288085 (executing program)
2025/11/16 19:36:29 fetching corpus: 10350, signal 215602/288085 (executing program)
2025/11/16 19:36:29 fetching corpus: 10400, signal 215773/288085 (executing program)
2025/11/16 19:36:29 fetching corpus: 10450, signal 215981/288085 (executing program)
2025/11/16 19:36:29 fetching corpus: 10500, signal 216164/288085 (executing program)
2025/11/16 19:36:29 fetching corpus: 10550, signal 216409/288085 (executing program)
2025/11/16 19:36:29 fetching corpus: 10600, signal 216649/288085 (executing program)
2025/11/16 19:36:30 fetching corpus: 10650, signal 216940/288085 (executing program)
2025/11/16 19:36:30 fetching corpus: 10700, signal 217195/288085 (executing program)
2025/11/16 19:36:30 fetching corpus: 10750, signal 217405/288087 (executing program)
2025/11/16 19:36:30 fetching corpus: 10800, signal 217581/288087 (executing program)
2025/11/16 19:36:30 fetching corpus: 10850, signal 217849/288087 (executing program)
2025/11/16 19:36:30 fetching corpus: 10900, signal 218115/288087 (executing program)
2025/11/16 19:36:30 fetching corpus: 10950, signal 218388/288087 (executing program)
2025/11/16 19:36:30 fetching corpus: 11000, signal 218615/288087 (executing program)
2025/11/16 19:36:30 fetching corpus: 11050, signal 218800/288087 (executing program)
2025/11/16 19:36:30 fetching corpus: 11100, signal 219028/288087 (executing program)
2025/11/16 19:36:30 fetching corpus: 11150, signal 219228/288087 (executing program)
2025/11/16 19:36:30 fetching corpus: 11200, signal 219596/288087 (executing program)
2025/11/16 19:36:31 fetching corpus: 11250, signal 219821/288087 (executing program)
2025/11/16 19:36:31 fetching corpus: 11300, signal 220033/288089 (executing program)
2025/11/16 19:36:31 fetching corpus: 11350, signal 220242/288089 (executing program)
2025/11/16 19:36:31 fetching corpus: 11400, signal 220411/288089 (executing program)
2025/11/16 19:36:31 fetching corpus: 11450, signal 220562/288089 (executing program)
2025/11/16 19:36:31 fetching corpus: 11500, signal 220754/288089 (executing program)
2025/11/16 19:36:31 fetching corpus: 11550, signal 221270/288089 (executing program)
2025/11/16 19:36:31 fetching corpus: 11600, signal 221499/288089 (executing program)
2025/11/16 19:36:31 fetching corpus: 11650, signal 221671/288089 (executing program)
2025/11/16 19:36:31 fetching corpus: 11700, signal 221867/288090 (executing program)
2025/11/16 19:36:31 fetching corpus: 11750, signal 222037/288090 (executing program)
2025/11/16 19:36:32 fetching corpus: 11800, signal 222328/288090 (executing program)
2025/11/16 19:36:32 fetching corpus: 11850, signal 222564/288091 (executing program)
2025/11/16 19:36:32 fetching corpus: 11900, signal 222830/288091 (executing program)
2025/11/16 19:36:32 fetching corpus: 11950, signal 223035/288092 (executing program)
2025/11/16 19:36:32 fetching corpus: 12000, signal 223288/288092 (executing program)
2025/11/16 19:36:32 fetching corpus: 12050, signal 223527/288092 (executing program)
2025/11/16 19:36:32 fetching corpus: 12100, signal 223720/288092 (executing program)
2025/11/16 19:36:32 fetching corpus: 12150, signal 223905/288092 (executing program)
2025/11/16 19:36:32 fetching corpus: 12200, signal 224042/288092 (executing program)
2025/11/16 19:36:32 fetching corpus: 12250, signal 224250/288092 (executing program)
2025/11/16 19:36:32 fetching corpus: 12300, signal 224435/288092 (executing program)
2025/11/16 19:36:33 fetching corpus: 12350, signal 224661/288092 (executing program)
2025/11/16 19:36:33 fetching corpus: 12400, signal 224818/288092 (executing program)
2025/11/16 19:36:33 fetching corpus: 12450, signal 225078/288092 (executing program)
2025/11/16 19:36:33 fetching corpus: 12500, signal 225246/288092 (executing program)
2025/11/16 19:36:33 fetching corpus: 12550, signal 225433/288092 (executing program)
2025/11/16 19:36:33 fetching corpus: 12600, signal 225630/288092 (executing program)
2025/11/16 19:36:33 fetching corpus: 12650, signal 225888/288092 (executing program)
2025/11/16 19:36:33 fetching corpus: 12700, signal 226061/288092 (executing program)
2025/11/16 19:36:33 fetching corpus: 12750, signal 226260/288092 (executing program)
2025/11/16 19:36:33 fetching corpus: 12800, signal 226521/288092 (executing program)
2025/11/16 19:36:34 fetching corpus: 12850, signal 226776/288092 (executing program)
2025/11/16 19:36:34 fetching corpus: 12900, signal 226984/288092 (executing program)
2025/11/16 19:36:34 fetching corpus: 12950, signal 227139/288092 (executing program)
2025/11/16 19:36:34 fetching corpus: 13000, signal 227542/288093 (executing program)
2025/11/16 19:36:34 fetching corpus: 13050, signal 227744/288093 (executing program)
2025/11/16 19:36:34 fetching corpus: 13100, signal 227910/288093 (executing program)
2025/11/16 19:36:34 fetching corpus: 13150, signal 228073/288093 (executing program)
2025/11/16 19:36:34 fetching corpus: 13200, signal 228786/288093 (executing program)
2025/11/16 19:36:34 fetching corpus: 13250, signal 229006/288093 (executing program)
2025/11/16 19:36:34 fetching corpus: 13300, signal 229199/288093 (executing program)
2025/11/16 19:36:34 fetching corpus: 13350, signal 229356/288093 (executing program)
2025/11/16 19:36:34 fetching corpus: 13400, signal 229638/288093 (executing program)
2025/11/16 19:36:35 fetching corpus: 13450, signal 229787/288093 (executing program)
2025/11/16 19:36:35 fetching corpus: 13500, signal 230052/288093 (executing program)
2025/11/16 19:36:35 fetching corpus: 13550, signal 230279/288093 (executing program)
2025/11/16 19:36:35 fetching corpus: 13600, signal 230447/288093 (executing program)
2025/11/16 19:36:35 fetching corpus: 13650, signal 230845/288093 (executing program)
2025/11/16 19:36:35 fetching corpus: 13700, signal 231031/288094 (executing program)
2025/11/16 19:36:35 fetching corpus: 13750, signal 231207/288094 (executing program)
2025/11/16 19:36:35 fetching corpus: 13800, signal 231416/288094 (executing program)
2025/11/16 19:36:35 fetching corpus: 13850, signal 231638/288094 (executing program)
2025/11/16 19:36:35 fetching corpus: 13900, signal 231775/288094 (executing program)
2025/11/16 19:36:35 fetching corpus: 13950, signal 232014/288094 (executing program)
2025/11/16 19:36:36 fetching corpus: 14000, signal 232177/288094 (executing program)
2025/11/16 19:36:36 fetching corpus: 14050, signal 232318/288094 (executing program)
2025/11/16 19:36:36 fetching corpus: 14100, signal 232446/288094 (executing program)
2025/11/16 19:36:36 fetching corpus: 14150, signal 232711/288094 (executing program)
2025/11/16 19:36:36 fetching corpus: 14200, signal 232856/288094 (executing program)
2025/11/16 19:36:36 fetching corpus: 14250, signal 232985/288094 (executing program)
2025/11/16 19:36:36 fetching corpus: 14300, signal 233266/288097 (executing program)
2025/11/16 19:36:36 fetching corpus: 14350, signal 233519/288097 (executing program)
2025/11/16 19:36:36 fetching corpus: 14400, signal 233703/288097 (executing program)
2025/11/16 19:36:36 fetching corpus: 14450, signal 233900/288097 (executing program)
2025/11/16 19:36:36 fetching corpus: 14500, signal 234035/288097 (executing program)
2025/11/16 19:36:36 fetching corpus: 14550, signal 234191/288097 (executing program)
2025/11/16 19:36:37 fetching corpus: 14600, signal 234481/288097 (executing program)
2025/11/16 19:36:37 fetching corpus: 14650, signal 234720/288099 (executing program)
2025/11/16 19:36:37 fetching corpus: 14700, signal 234944/288099 (executing program)
2025/11/16 19:36:37 fetching corpus: 14750, signal 235102/288099 (executing program)
2025/11/16 19:36:37 fetching corpus: 14800, signal 235242/288099 (executing program)
2025/11/16 19:36:37 fetching corpus: 14850, signal 235391/288099 (executing program)
2025/11/16 19:36:37 fetching corpus: 14900, signal 235516/288099 (executing program)
2025/11/16 19:36:37 fetching corpus: 14950, signal 235724/288099 (executing program)
2025/11/16 19:36:37 fetching corpus: 15000, signal 235993/288099 (executing program)
2025/11/16 19:36:37 fetching corpus: 15050, signal 236170/288099 (executing program)
2025/11/16 19:36:37 fetching corpus: 15100, signal 236491/288099 (executing program)
2025/11/16 19:36:37 fetching corpus: 15150, signal 236667/288099 (executing program)
2025/11/16 19:36:38 fetching corpus: 15200, signal 236855/288099 (executing program)
2025/11/16 19:36:38 fetching corpus: 15250, signal 237021/288099 (executing program)
2025/11/16 19:36:38 fetching corpus: 15300, signal 237180/288099 (executing program)
2025/11/16 19:36:38 fetching corpus: 15350, signal 237361/288099 (executing program)
2025/11/16 19:36:38 fetching corpus: 15400, signal 237525/288099 (executing program)
2025/11/16 19:36:38 fetching corpus: 15450, signal 237682/288099 (executing program)
2025/11/16 19:36:38 fetching corpus: 15500, signal 237833/288099 (executing program)
2025/11/16 19:36:38 fetching corpus: 15550, signal 237986/288099 (executing program)
2025/11/16 19:36:38 fetching corpus: 15600, signal 238136/288099 (executing program)
2025/11/16 19:36:38 fetching corpus: 15650, signal 238320/288099 (executing program)
2025/11/16 19:36:39 fetching corpus: 15700, signal 238535/288099 (executing program)
2025/11/16 19:36:39 fetching corpus: 15750, signal 238735/288099 (executing program)
2025/11/16 19:36:39 fetching corpus: 15800, signal 238880/288099 (executing program)
2025/11/16 19:36:39 fetching corpus: 15850, signal 239092/288099 (executing program)
2025/11/16 19:36:39 fetching corpus: 15900, signal 239466/288099 (executing program)
2025/11/16 19:36:39 fetching corpus: 15950, signal 239663/288099 (executing program)
2025/11/16 19:36:39 fetching corpus: 16000, signal 239785/288099 (executing program)
2025/11/16 19:36:39 fetching corpus: 16050, signal 239945/288099 (executing program)
2025/11/16 19:36:39 fetching corpus: 16100, signal 240289/288099 (executing program)
2025/11/16 19:36:40 fetching corpus: 16150, signal 240446/288099 (executing program)
2025/11/16 19:36:40 fetching corpus: 16200, signal 240566/288099 (executing program)
2025/11/16 19:36:40 fetching corpus: 16250, signal 240691/288099 (executing program)
2025/11/16 19:36:40 fetching corpus: 16300, signal 240868/288099 (executing program)
2025/11/16 19:36:40 fetching corpus: 16350, signal 240997/288099 (executing program)
2025/11/16 19:36:40 fetching corpus: 16400, signal 241211/288099 (executing program)
2025/11/16 19:36:40 fetching corpus: 16450, signal 241370/288099 (executing program)
2025/11/16 19:36:40 fetching corpus: 16500, signal 241540/288099 (executing program)
2025/11/16 19:36:40 fetching corpus: 16550, signal 241873/288099 (executing program)
2025/11/16 19:36:40 fetching corpus: 16600, signal 242003/288099 (executing program)
2025/11/16 19:36:40 fetching corpus: 16650, signal 242223/288099 (executing program)
2025/11/16 19:36:41 fetching corpus: 16688, signal 242431/288099 (executing program)
2025/11/16 19:36:41 fetching corpus: 16688, signal 242431/288099 (executing program)
2025/11/16 19:36:43 starting 8 fuzzer processes
19:36:43 executing program 0:
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x3, 'wg1\x00', 0x3}, 0x18)
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000080))
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000000c0)={{{@in=@dev={0xac, 0x14, 0x14, 0x3d}, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4e22, 0x0, 0x4e20, 0x6, 0xa, 0x0, 0x0, 0x2b}, {0x6, 0x161, 0xfffffffffffffffb, 0x2, 0x3, 0xb4a9, 0xfffffffffffffff8, 0x9}, {0x7bde, 0x400, 0x10001, 0x5}, 0x723, 0x6e6bbc, 0x2, 0x0, 0x3, 0x2}, {{@in=@broadcast, 0x4d3, 0xff}, 0x2, @in6=@private0, 0x3506, 0x2, 0x3, 0x7f, 0xffff1dc7, 0x5, 0x2}}, 0xe8)
splice(r0, &(0x7f00000001c0)=0x1, r0, &(0x7f0000000200)=0x1d, 0x80000000, 0x1)
ioctl$BTRFS_IOC_DEV_REPLACE(r0, 0xca289435, &(0x7f0000000240)={0x2, 0x60, @status={[0x4, 0x20, 0x1, 0x9c9, 0x2, 0x7]}, [0x1ff, 0x9, 0x0, 0xffffffffffffff00, 0xff, 0x9, 0x6, 0x401, 0x8, 0x8, 0x8000, 0x9, 0x78ba, 0x1000, 0xffff, 0x5, 0xda81, 0x2, 0x2, 0xe001, 0x8, 0xb9, 0x8, 0x100000000, 0x6, 0x3, 0x4, 0x1, 0x8, 0x80000001, 0x80000000000000, 0x1, 0x7016430c, 0x0, 0xa6, 0x1, 0x1f45, 0x0, 0x1, 0x3f, 0x8, 0xf9b9, 0x1, 0x8, 0x0, 0x1, 0x80, 0x0, 0x3, 0x2f, 0x0, 0x14c80220, 0x1, 0x20, 0x8, 0x1, 0x7ed, 0x1, 0xcf4f, 0x3, 0x80000000, 0x1ff, 0xfffffffffffffff7, 0xf33]})
ioctl$TCXONC(r0, 0x540a, 0x2)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000c80)={0x0, 0x3, 0x6, 0x101})
getsockname$inet(0xffffffffffffffff, &(0x7f0000000cc0)={0x2, 0x0, @empty}, &(0x7f0000000d00)=0x10)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000d40), 0x202000, 0x0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r1, &(0x7f0000000e40)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x30, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x801}, 0x0)
r2 = syz_open_dev$mouse(&(0x7f0000000e80), 0x7fff, 0xa0000)
ioctl$SCSI_IOCTL_DOORUNLOCK(r2, 0x5381)
r3 = pidfd_getfd(r1, r2, 0x0)
fcntl$setflags(r3, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000ec0)={'wg2\x00', <r5=>0x0})
ioctl$sock_SIOCDELRT(r4, 0x890c, &(0x7f0000000f40)={0x0, @xdp={0x2c, 0x4, r5, 0x29}, @l2tp={0x2, 0x0, @multicast2, 0x4}, @generic={0x1, "b9d5710e42065021437aa5a3d25a"}, 0x8001, 0x0, 0x0, 0x0, 0xd85, &(0x7f0000000f00)='netdevsim0\x00', 0x82, 0x200000000000, 0x401})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000fc0)={{0x1, 0x1, 0x18, <r6=>0xffffffffffffffff}, './file0\x00'})
setsockopt$netlink_NETLINK_NO_ENOBUFS(r6, 0x10e, 0x5, &(0x7f0000001000)=0x3, 0x4)

19:36:43 executing program 1:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x488802)
r1 = accept4$inet(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x0)
r2 = dup2(r0, r1)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r2, {0xee00}}, './file0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r3, 0xc04c5349, &(0x7f0000000100)={0x5, 0xfffffffd})
r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000180), 0x600102, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f00000001c0)={0x3, 0x2, {0xffffffffffffffff, 0x2, 0x2, 0x3, 0x3f}, 0x1ff})
r5 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x95, 0x68, 0x1, 0x5, 0x0, 0x7f, 0x204, 0x6, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_bp={&(0x7f0000000240), 0xd}, 0x0, 0x2, 0x101, 0x4, 0x8, 0x7, 0x9, 0x0, 0x200, 0x0, 0x20}, 0x0, 0x0, r2, 0xd)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000300)={0x0, 0x0, 0x401, 0x2})
socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
close_range(r6, r2, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r3, 0x2402, 0x1)
r7 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x200400, 0x0)
ioctl$sock_SIOCOUTQNSD(r7, 0x894b, &(0x7f00000003c0))
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000bc0)={<r8=>0x0}, &(0x7f0000000c00)=0xc)
r9 = openat2(r4, &(0x7f0000000c40)='./file0\x00', &(0x7f0000000c80)={0x40001, 0x3a, 0x2}, 0x18)
perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x6, 0x5, 0x1, 0x36, 0x0, 0x6103, 0x488, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x9, 0x1bb5cae53ad9d37f, @perf_bp={&(0x7f0000000400), 0x8}, 0x8, 0x8, 0x100, 0xe, 0x100000000, 0x4, 0x7, 0x0, 0xaca3, 0x0, 0x8}, r8, 0xd, r9, 0x1)
r10 = syz_open_dev$hiddev(&(0x7f0000000cc0), 0x7, 0x303d80)
ioctl$BTRFS_IOC_SCRUB(r10, 0xc400941b, &(0x7f0000000d00)={0x0, 0x7, 0x4, 0x1})

19:36:43 executing program 2:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$IP_SET_OP_VERSION(r0, 0x1, 0x53, &(0x7f0000000000), &(0x7f0000000040)=0x8)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0, {0x9, 0x7fff}}, './file0\x00'})
getsockopt$inet6_udp_int(r1, 0x11, 0x66, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000001c0)={'ip6tnl0\x00', &(0x7f0000000140)={'ip6tnl0\x00', <r2=>0x0, 0x29, 0x4, 0x6, 0x101, 0x40, @loopback, @rand_addr=' \x01\x00', 0x7, 0x78b6, 0x1, 0x9}})
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_proto_private(r3, 0x89ef, &(0x7f00000005c0)="f64157e3095647a453f96e83da6f9d0fbcc1b2d73b42e0acc91a82f7e43c6759a1850ff044613b4311785b1b716bbb06c40a9eee")
write$bt_hci(r3, &(0x7f0000000600)={0x1, @le_write_def_data_len={{0x2024, 0x4}, {0xb8, 0xffff}}}, 0x8)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r1, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x3c, 0x0, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0xc008)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000740)={{0x1, 0x1, 0x18, <r4=>r0, {0xfffffff8, 0x1}}, './file0\x00'})
bind$packet(r4, &(0x7f0000000780)={0x11, 0xf7, r2, 0x1, 0x1f, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
ioctl$BTRFS_IOC_DEV_INFO(r3, 0xd000941e, &(0x7f00000007c0)={0x0, "f17d59c3048654afeb0b344299d9ab31"})
bind$bt_hci(r3, &(0x7f00000017c0)={0x1f, 0x2, 0x1}, 0x6)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000001980)={'syztnl2\x00', &(0x7f0000001900)={'ip6_vti0\x00', <r5=>r2, 0x2f, 0x80, 0x1f, 0x0, 0x19, @remote, @empty, 0x1, 0x700, 0x2a1f, 0x1}})
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000019c0)={@loopback, 0x7d, r5})
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000001a00), 0xa000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r6, 0xc0189375, &(0x7f0000001a40)={{0x1, 0x1, 0x18, <r7=>r3}, './file0\x00'})
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000001a80))
ioctl$sock_inet_SIOCGIFNETMASK(r7, 0x891b, &(0x7f0000001ac0)={'syz_tun\x00', {0x2, 0x0, @multicast1}})
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000001b40)={{0x1, 0x1, 0x18, r6}, './file0\x00'})

19:36:43 executing program 5:
r0 = getpid()
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, r0, 0x7, 0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff, 0x80000000})
process_vm_readv(r0, &(0x7f0000000140)=[{&(0x7f0000000040)=""/219, 0xdb}], 0x1, &(0x7f0000001340)=[{&(0x7f0000000180)=""/245, 0xf5}, {&(0x7f0000000280)=""/11, 0xb}, {&(0x7f00000002c0)=""/9, 0x9}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/41, 0x29}], 0x5, 0x0)
process_vm_writev(r0, &(0x7f0000002900)=[{&(0x7f00000013c0)=""/92, 0x5c}, {&(0x7f0000001440)=""/4096, 0x1000}, {&(0x7f0000002440)=""/228, 0xe4}, {&(0x7f0000002540)=""/102, 0x66}, {&(0x7f00000025c0)=""/10, 0xa}, {&(0x7f0000002600)=""/248, 0xf8}, {&(0x7f0000002700)=""/246, 0xf6}, {&(0x7f0000002800)=""/120, 0x78}, {&(0x7f0000002880)=""/113, 0x71}], 0x9, &(0x7f0000002a40)=[{&(0x7f00000029c0)=""/116, 0x74}], 0x1, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000002a80)=<r1=>0x0)
process_vm_readv(r1, &(0x7f00000030c0)=[{&(0x7f0000002ac0)=""/152, 0x98}, {&(0x7f0000002b80)=""/240, 0xf0}, {&(0x7f0000002c80)=""/217, 0xd9}, {&(0x7f0000002d80)=""/175, 0xaf}, {&(0x7f0000002e40)}, {&(0x7f0000002e80)=""/152, 0x98}, {&(0x7f0000002f40)=""/186, 0xba}, {&(0x7f0000003000)=""/185, 0xb9}], 0x8, &(0x7f0000004140)=[{&(0x7f0000003140)=""/4096, 0x1000}], 0x1, 0x0)
process_vm_readv(r0, &(0x7f0000004280)=[{&(0x7f0000004180)=""/203, 0xcb}], 0x1, &(0x7f0000004440)=[{&(0x7f00000042c0)=""/85, 0x55}, {&(0x7f0000004340)=""/208, 0xd0}], 0x2, 0x0)
process_vm_readv(r0, &(0x7f0000005780)=[{&(0x7f0000004480)=""/37, 0x25}, {&(0x7f00000044c0)=""/83, 0x53}, {&(0x7f0000004540)=""/131, 0x83}, {&(0x7f0000004600)=""/108, 0x6c}, {&(0x7f0000004680)}, {&(0x7f00000046c0)=""/4096, 0x1000}, {&(0x7f00000056c0)=""/170, 0xaa}], 0x7, &(0x7f0000006a40)=[{&(0x7f0000005800)=""/79, 0x4f}, {&(0x7f0000005880)=""/206, 0xce}, {&(0x7f0000005980)=""/151, 0x97}, {&(0x7f0000005a40)=""/4096, 0x1000}], 0x4, 0x0)
r2 = clone3(&(0x7f0000006cc0)={0x808000, &(0x7f0000006a80)=<r3=>0xffffffffffffffff, &(0x7f0000006ac0)=<r4=>0x0, &(0x7f0000006b00)=<r5=>0x0, {0x4}, &(0x7f0000006b40)=""/19, 0x13, &(0x7f0000006b80)=""/194, &(0x7f0000006c80)=[r1, r0, r0, r0], 0x4}, 0x58)
process_vm_readv(r5, &(0x7f0000008e40)=[{&(0x7f0000006d40)=""/4096, 0x1000}, {&(0x7f0000007d40)=""/4096, 0x1000}, {&(0x7f0000008d40)=""/34, 0x22}, {&(0x7f0000008d80)=""/5, 0x5}, {&(0x7f0000008dc0)=""/106, 0x6a}], 0x5, &(0x7f0000009040)=[{&(0x7f0000008ec0)=""/146, 0x92}, {&(0x7f0000008f80)=""/83, 0x53}, {&(0x7f0000009000)=""/59, 0x3b}], 0x3, 0x0)
process_vm_readv(0x0, &(0x7f000000a080)=[{&(0x7f0000009080)=""/4096, 0x1000}], 0x1, &(0x7f000000d540)=[{&(0x7f000000a0c0)=""/73, 0x49}, {&(0x7f000000a140)=""/202, 0xca}, {&(0x7f000000a240)=""/11, 0xb}, {&(0x7f000000a280)=""/118, 0x76}, {&(0x7f000000a300)=""/156, 0x9c}, {&(0x7f000000a3c0)=""/4096, 0x1000}, {&(0x7f000000b3c0)=""/4096, 0x1000}, {&(0x7f000000c3c0)=""/4096, 0x1000}, {&(0x7f000000d3c0)=""/68, 0x44}, {&(0x7f000000d440)=""/252, 0xfc}], 0xa, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f000000d7c0)=<r6=>0x0)
clone3(&(0x7f000000da80)={0x4000, &(0x7f000000d800), &(0x7f000000d840)=<r7=>0x0, &(0x7f000000d880), {0x3d}, &(0x7f000000d8c0)=""/127, 0x7f, &(0x7f000000d940)=""/201, &(0x7f000000da40)=[r4, r2], 0x2}, 0x58)
clone3(&(0x7f000000db40)={0x24100, &(0x7f000000d600)=<r8=>0xffffffffffffffff, &(0x7f000000d640), &(0x7f000000d680), {0xa}, &(0x7f000000d6c0)=""/90, 0x5a, &(0x7f000000d740)=""/67, &(0x7f000000db00)=[r0, r5, r6, r7, r4], 0x5}, 0x58)
process_vm_readv(r1, &(0x7f000000ebc0)=[{&(0x7f000000dbc0)=""/4096, 0x1000}], 0x1, &(0x7f000000ff80)=[{&(0x7f000000ec00)=""/4096, 0x1000}, {&(0x7f000000fc00)=""/247, 0xf7}, {&(0x7f000000fd00)=""/156, 0x9c}, {&(0x7f000000fdc0)=""/42, 0x2a}, {&(0x7f000000fe00)=""/126, 0x7e}, {&(0x7f000000fe80)=""/52, 0x34}, {&(0x7f000000fec0)=""/186, 0xba}], 0x7, 0x0)
process_vm_readv(r6, &(0x7f00000101c0)=[{&(0x7f0000010000)=""/35, 0x23}, {&(0x7f0000010040)=""/127, 0x7f}, {&(0x7f00000100c0)=""/226, 0xe2}], 0x3, &(0x7f0000010380)=[{&(0x7f0000010200)=""/71, 0x47}, {&(0x7f0000010280)=""/46, 0x2e}, {&(0x7f00000102c0)=""/137, 0x89}], 0x3, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000011780)={&(0x7f00000103c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000011740)={&(0x7f0000010400)={0x1340, 0x2, 0x1, 0x5, 0x70bd2c, 0x25dfdbff, {0x3, 0x0, 0x5}, [@typed={0x4, 0x68}, @nested={0x12ee, 0x2f, 0x0, 0x1, [@typed={0x8, 0x39, 0x0, 0x0, @fd=r3}, @generic="81d44af1d331297dd05ec6fbed0bcc3d54d15791b2110208fc1b10f9801558a93ea8c715fa14f8da8d04402e828db335632357b2abb18292ca8f15d9602b481a5fceaa2136f43444d33b057796cdb71c3dcd72d53a4a35ac3cb5c09daacbd029efd7bd57687b836f2d791388ae733410be42c0720d24cb", @typed={0x8, 0x46, 0x0, 0x0, @pid=r5}, @typed={0xc, 0x6a, 0x0, 0x0, @u64=0x3}, @generic="8c9e3df4c37d1bb49a34c79f4e25016fbcb366d26ce3dab5c8252b31dfe37ce46a661e47f691c4cff00889e406cea967651321afcddd13baeded6ccf092fa03c53c657cb2726e0e6596efaef4765da3efb355335e77084929688bd75ccf8d76288dbb085a5ad1e9eb770442a3fe2231327ab0a97dfd948fa3e21b35b29f0c6654137c1796e48edff1567458d556124f19096eaf302ff91ce171f99c103c339ca69ea", @typed={0x8, 0x90, 0x0, 0x0, @ipv4=@multicast2}, @generic="e122fffad3b066004e66d032916729d361baea64ac7cb902bb59f191f8dc3c14b52539c98407aa82f3eca6bdaf9c7bccfc90b25b2cc4e4af43375c07b049154797d279adf50f30647ddd4335b1d4721618bf651e80409bbad1eeceb41ec188220229e5019f544fa4fdb6a887511406fb8cea0ff510674ae957c1dedb7d1e07216472b8ce43de3f3d06bec03c120610e479b9d16c88c31096144f6fdf83247c864f12e1f50f229bf8cb064851ff52ba297720c80b1e4ba2a5f39e2954ba7b0a6596056f1f0a7558e968fc821ab5e5418b194c9d2fa0fd5365ce310d9c6cb071f3167d8abaa1116c87f2a2796e1e04fc51b56481191ecafd0e8dc96e6f60a489fa59d3f7330e5163cc81d3e7ad5498252eb82b13d32cfd2e375f1561be3e5da57da4b84b9c75af85b51ecb5372a650867bbd7c3a33dd7de13786331a294a62d1def053425d0dae57ae3e5910bd33f964741541f3afa22954049f8255d90269f1b0e48b94a068b6edd76f918b7880efea78fac0804d7c22c37c1d113f57fa8625c43d4c5c1c1adb2c40dbf68f19bcd7153cba448e8a549c1bb02192f0b5c6603e57768bc4d1b471837d20d5e8126c2262714acc2d968f43ea3a47f108b70db2b98d965bfa7ed34477d485d71a0dbf2199525c28ca3e0f12fe3def36a6ea7fc906f158f75f571c8e69226efdd249ef33083c1a3d5e7113100b5cce577cb7695357323926e813afa68772db85a0d0f73b550f9f07f296ea7f968d0c63f7fad400a2bc0e91740e124eb18a6150dcc7ff751e1eebeda64ab2dcf4120b7ff045033c3b797dbd0e094bfd16a33b4a6ce59235d1b5191bb8e79701622f9b026bc06be0dd4596153cc7600929a36a70b5e6412b3c526acfef411c22b9a93161228354bd04a09d338a045427a5b769c4ceeef376532155efa788e1fe8b707737fe4063d21ead0f33f2839a8500998d65c7a18939775616dba945124f2c546cee8906d4f444649a30cecdebdee8e8f1ef7859cc13ae4577a5500be51d2dce9664b2982cc642fec514f60d1d4f4f04fcb072b9f090ae80aa2963e71b2d247e72dedd556e6bb9574ffb326d94af08d76217a87b0a247dcf520232075f524c7b1004d95b4b01a1eb140f26fd0c4368fe8a8e7dade0168bbb09abc1150b65b380bb6eec48777169359b76a8475c1f63e6b484ed0e49008ef0ddffd62cd4480ca36ca9bacc8a1b2f2b89104fc639fbcde30282afc058910e9671aae968c58f4089b8cc2ff344e6a9e10ab66b64f0a1d8d77584d4c9d4db38c11dd8676881365e2bea83ed1951c5544475984cb53639adc9c988f53139c84634ef02e394adef89a01ce23fca0b7be95be1ab7b12fc00279be6f7670af5be6d3f241a7e4befaf5b06f9304773e0f1d8eb91d4c26be7115e09c4267e6f6f4103fc43539f4ba939ff7197ec6539192ee7240b6efb18599eab45535af14977d1dc04247d91c1b17fea4fc86aceb62ec3b2132b4d80054bd627d1522b11997ce554fd14df4e36100a8157343078fd77e607e4b36803dda37588227d8db8dc7b80ae8372fae7bb57687b323e313c5761a132c717c61286d35bbae7280d7ab108df2bcf327ca63a45cf88d947fa7c84c0fb4e1c27e6b8fbb77719a1d995932f69630494cfb1011e40e5b4e35765cad7060f54b67e2be2b26598da997657697f4e237a6d602d7fe4b6996848cb35496112170ddd4a2bca449dd793f311d1c880f647cd542ad0ed9834b5a959fd097bbcc7f95f0a72af1fd2729466c4cac71f3ae933122ddb395ca4697281d640c366e1418eee123035d73ad0aad38cd65f8eef729085fe00b5b30e6885f31734dd61c53ebc357734f24a7da09a67db3f40c49bc9dd082ab87b58652379a5bd3504c33e5fbfe419120aec6c855f0f7d08a6e9698d2567b20e174f1e0ac8f4fa015be3274835d7fd7fa4687c6b603fde49e7ad467cdf7185c949cd72d91fd6cbeb0268c6b3a9cb3fde5979b27daece1368c5a85c9a4cb657c8e9fbc4606af7d410c5dd0ba0d298a00b77f85d3da4cc6968457313d8940032b55558b6fa713b46433024f39b7e4e047eaff3b9df847c6acb7bf5a2f220ad7f88339490d3de604cc041c50d679f29d80a9634dd3a0c8d1eddd1d2509700bb7ce3d917a109d0c05148b8e171003e7787c527ee93dd173c4b5e36f5a0aa87c2dd1513ca842a594bef6e162a996a5cec66aa7bc8af0e8f21da0e9be75784abfb5a91b23d3a2cfba1610c86b3a48ca2c89afe7be73f7682826ae3b373337f62bc276db25596a585d1a7696ddf0398754a7220092fa9bdb50e4755f2a45bf82439fb7b11661afb55b00749189ddc092ff29cd2494f184901f129f6fd9be4ac07a7df1f2d9089bdff060343e1c21f43a2306abfccc69f39e88d7562c9a1598b4e560a9bf23350c5b9d70a9aa49dd5b50a5c18f8c8dc2b12b5596454bde22cd3c64d818025e93989685ec36547ffb69d403dd565402e4b07ec7f39e153702e706b33f88a0bb475c3eef0e584a8a9d95fecb73aa8c58c7d3ae36a37a8b1382f947babd7b4440ca52c45600780a89707b7b8650c09e058685bbd4d5dc1379620e038b016379714fd65b8e81fe38957ae51e3b66e09b185b0cf92c06b282cc19cd89ecfa3d45b1f51b2f858c32d4a95b4c16e75ec5c44ed25417911a807f75d52931d734a28d418982fb1cc4325b6b8e2172e9c6eeec68e06b46230f0470db367b91259ab182baf7392eebe262dba3bfba49021bae90b9915e9cd7c0ea92d4a4f45aa543e810febd1682de38ed045f0e98e624cd6af036e9eb1059821f247eb1ab526902662c53bb64be9804466bc8395d69e062cdbf9d867e7577bc7880ea49a03549706be61058fb6ffc18fffbe5e1101080c3e6f8269f21a8f58592af8bb816e601e6d8f017c86ef752aad68cda5d3aee37f2a86a8feec2aa8b02b83764a8a286437ed409e702b46bb090d9e8645fdbf0a11bbad6c754e09f3d7c6f0b6daefaf0c5f994821538f8190e40824099dc1db502694cbc3eefc68ee43b7f922ea3f3c844c8a0026c9177f8d6880be3191c7ae7f841ec6f0842627508bdbde0c0e3c8d13892d202b01ba0255c33d76fbb2400981ad5726ff6b25f51459a2daa1eebb5e60b78e6c3fa23f9aba74e67c8930e3c5901d7548b1b8a8877775388174a0e90ec85ec8e7151e6af3610ce13a8f24f549a7c36270b1de84b73c12774101a12f9d7d7d25596b839566ed5abfa84b2de83d34be57d284013e7844742358a117ea5f5813a731a2d32facf19af2fdc8cd708cca7917366c2d8e3c48d97e6b4af9789afb65ff4f70e28754896c1573832de7ca65399d2e6fea7818c5f5ea600fb5b569f3029bc662e1383cfad85b6e9a8f3adb6647085fd49e8d72ebc78dba5c39323c8727dbd9d7691b41c8f6c35f912aa1f7a291566b588f25d4ccea29b8555171005f96bcb5daedeadf106f6e6536bb5f1f448193dfa6dcd04dc2c1ec6938988bdfd82582b245501d1d4ed887ec7055b029d34d14d35965e3b8ac627cded9dcc40139da45496049e75a54ba9aef3957b818aa364c8e761cd2cd235154efedf6dd07a252db8d1f24717375633f327dfc45c0bf386731f3816c63e3fc04ecf39b739292734066bd566a6c5bd24569498ba64dac2ec3aba041843444128d3ae9e282971cf1dbdd71227877bd8c403befe0d016a12841f927d7caded050f523171e303b626cf7ff33fea177d955f4a9bf20b7be7532721d2f55fbc8945303532a1bfd9afad3d709db5b8d039d992f5a5f2fe716bcb1ae84d7c493c4f1f47939aa1b52062f8fd1f5db84d5e1ded989b0fd52107c111a44282b29f7ddb6d760253f266a6c7fddc9b433355d6031cbe5f607fa73db056df045a142b90b6005d1aad7b09234765e4e3b9d70e471212d21ad6fa08b448557a136ce877138e52f99a7fe75e5cba1d8577890311e289060c84fa12eff5eb5f979dbf9451a85cc183de020385aa6774da4a7d4321c27d8ca788e1dd76003b007bbf11f66dde1e19453ba0a339a6eab7415d8c90a34e540254d1c5ede2b2a5a7e618cbcf5d9b58a35ce42dc1f7e4e94c781ac7cbd3db8398ff94051005b64f9b93e7c017276e5ecfdae96c0a9800fd21d6315f05f01ed638751cb219ba7c813110943366a97d5dd1c057953d8cae37cbb011e675f181d300767fd6791e5b840cdbe40df539c9bd6c93a9865b3bc047eace1a60a6365f2b51246fab47901d1b3873d9e52c1a84928bf8642303937fa02e147c8aebc838201246562d479a834c6ccc9a7cac245b05b4ae576fee1a0eadb410d7c24b86782a85495cf635e95294d35b8fd54607ee1ea7dca01e82c0dd88437acbf2b1663685e5304ae36d1612ef48b21fe0cb8ebc88a54a9516ae2d899def6511c3b07c0329b7c848d12c24c45a5f8038bf49cd7573795153b133ce5ce7d360c81b12d694f18c9674b3e22df3d86fcf8752ee82121b43e7ceddbc592edd73a20fcd36bded2b83267f72166f72c3d95c8045674934500f0c23aaea433c3b9eeef7a65aee254611d57f45a24ef6b0bbdb428f6313ee96e262b7f1b97cd482438ccf23f81cb76f0cb72fab91d723236f1ca11fb052cfa45b9667016b214fba48a9119f9dfc446e25719e6721850f3acb1651e8c428075767b5e107d267fd7c498c1a52b9fa3248ae5fbe3c90f5db2051f6a38a51b961e590879d5f5ceca150717e9ec33b1c1b0add074d1fb5b081246757c4d02e422c46e30fddc5ec905d88d43c6be6ff0290cf5ab0119f1f5275df07f2c1fa4ac3fa66234248203f78eee1efc7094bc13c568b800e5b769139a9bc7f71105c6cbb3356756aa888499c9578b2ba3cda74a10f9eb2ccc9ac43bc943f5932b3f62b14cc0660cec712bbbd5a2a1536e920e8a5ad46b4d0d2118dacf8d421b7bab703f636c89305f3414d87283328d6a31e634ea777967667c7f77fcc70262b4cd64b667b8739e6132a4392c444f9a07bb70fcf390829785870cbd7b280daecec78391b4a162e8d16dbe3cfbcdafadd0cd7ea560b07ddd78c5a163debfa483d8a1f9c83b7aedc57e61968513dc5fe6c5749c0b0d4b309f032e4ef79f7e9d45b53baddbfae96f3312a40b32560af48d3d2b09856624e8d393d15506fdcca456ea9081b5a18557db2100fa92e0029ffefb50d80b2fe7faf70488e09821db23d6fac5f43bf5afe68201cde476eb1fd274b63d1c293311896c04e159e6c8bde2ad29af8592139a4e957e377d9cd5a73946b0674723e3e83ceb99fe3477007a9aa5de622fe6e292698188205dfea84cc44f9c2cd8da8f7c35f17c9e56f316f8802b02981a08559fb5f55442421265d401225f8839428820ebda9683999b6669da189e5d300342f38144d1332c3f813516fc29347665e516bfbadd2b91ada8078b64d6c6febc8eced7a85d945c6fac02f871751822c53e2b465fc0377e09b74ace29f8c17ac8055305961019e063f344092e5eae1a7221dd41881a84bc5b2502bc59acca6e89fbdd9f46e311f8d4ddc26466fb163024d92c6a52beea105845e5210a36a06c6e2988f073ccfa56abad29f20cc32e77b6eca37f5a54fc29ec8931944fc1b8223eeda141874862aa5fbe5501a96b98a0af9f084550ae702da4fac6276666541486c9451d616d9cf6c2651e770b399b76f44f9b924e38f133f8997043d65563f78b10f7d2e07900381f4ba12423f9aae32a0141cb8290197e0b555a682d62c2398502ef2cd74cc13e6f3e07bc48abade88bd7ae408e65ea0dfbcdc45192a7", @generic="d16f461eeef1040331db95f595bcfae93307353d25dc0c5936ae65ad3fd9ce8a7db2caa7926570aa4d07e4d5e568bd6d5988ea8a1e1cd75c8b00f2d7f6e23fcf1484c512f6d8c0b828d5af8c262a6fcf3a78bb180b8574d79482463d07f5de6b9fc7f2e8b3556f2435a4cce77ed2ab79ba5a28f4a11bf1f62a4b6ea747700972a05cd791ff5f2f7ff77dbfd27bcb3e8962d675d4599d68a82b62aceb3aec4e4234f6e46650a9020da69ac423b73f5f436ec33d21e94e35179d88f572d12ed76ca3351e931c1c681f176ce4fa13728d2b9d9963d6c1d3e600dd2d", @generic="7f3df6c44fd64ab90db653b28fa11894a9e51d6e3fdac6d680383fe9d9ad9babda93cb1d412fc9afc3e8b5479114eebe807402560760c3bd45e51afcb107988eafc45088e9fd8a8067ee712e37d0c535781c57aa688c612a2c01d61328208233166c0060dacdbbbd4a5b5991a2fd1c0b6c4825e5d33ea23e878668c0b339855325e6fe9d112118ad68f420da8cf4bb552aba1d97e526b31f315e276e03cec4a8f89ab1cdbff1380e827ee53b3479cd5662e22b50e1e4f115bcba5582b3d76b9cea543a66021c58e55172466b90c8a7026a1127"]}, @nested={0x2f, 0x30, 0x0, 0x1, [@typed={0x8, 0x84, 0x0, 0x0, @pid=r5}, @generic="9072904508f151abbba5b336b07bccdf20ac386b32a456dfd7bae6742edcff0aa084ba"]}, @typed={0x8, 0x11, 0x0, 0x0, @u32=0xfffeffff}]}, 0x1340}, 0x1, 0x0, 0x0, 0x20000080}, 0x2400c000)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000117c0)=<r9=>0x0)
process_vm_readv(r9, &(0x7f0000013c00)=[{&(0x7f0000011800)=""/254, 0xfe}, {&(0x7f0000011900)=""/204, 0xcc}, {&(0x7f0000011a00)=""/4096, 0x1000}, {&(0x7f0000012a00)=""/254, 0xfe}, {&(0x7f0000012b00)=""/4096, 0x1000}, {&(0x7f0000013b00)=""/35, 0x23}, {&(0x7f0000013b40)=""/63, 0x3f}, {&(0x7f0000013b80)=""/112, 0x70}], 0x8, &(0x7f0000015180)=[{&(0x7f0000013c80)=""/67, 0x43}, {&(0x7f0000013d00)=""/105, 0x69}, {&(0x7f0000013d80)=""/203, 0xcb}, {&(0x7f0000013e80)=""/29, 0x1d}, {&(0x7f0000013ec0)=""/165, 0xa5}, {&(0x7f0000013f80)=""/70, 0x46}, {&(0x7f0000014000)=""/4096, 0x1000}, {&(0x7f0000015000)=""/148, 0x94}, {&(0x7f00000150c0)=""/184, 0xb8}], 0x9, 0x0)
write$binfmt_elf64(r8, &(0x7f0000015240)={{0x7f, 0x45, 0x4c, 0x46, 0x6, 0x2, 0x5f, 0x5, 0x6ce2, 0x2, 0x6, 0xfb, 0xce, 0x40, 0xa6, 0x9, 0x7, 0x38, 0x1, 0x200, 0x7ff, 0x2}, [{0x3, 0x6, 0x4, 0x81, 0x2, 0x10000, 0x80, 0x2}, {0x6474e551, 0x101, 0x20, 0xffffffff, 0x683, 0x3, 0x0, 0x100000001}], "150f8e73188542ac842302d2ee0a867bdbdfe1aa1e5dffa9adaaf6425e0b6ea97f80689e16689e259c5a5225d36daff9dc6d8c6c5f219d17595ba885188b6c1ba6c3e6bf85de6a19f68e818eba32d0f2262b829c21f5efaf71795e886a4bee387e079e9703045ed0aee22af0639f046fabb27b5fa05cc3b7e51967efd44fd40cca9967c7cf0673085ab03f70abe34a17dcf7bb16caeeb83362513f359763b893247b0b57a1d439c891d37b0294bd6c22fa57fe6e9515", ['\x00', '\x00']}, 0x366)

19:36:43 executing program 3:
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
fcntl$getown(r0, 0x9)
close(r0)
sendmsg$IPSET_CMD_GET_BYNAME(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0xe, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0xa}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x840)
r1 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x18100, 0x80)
r2 = open$dir(&(0x7f0000000140)='./file1\x00', 0x400001, 0x11)
close(r2)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>r1, {0x7fff}}, './file0\x00'})
getdents64(r3, &(0x7f00000001c0)=""/99, 0x63)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x426080, 0x0)
pread64(r4, &(0x7f0000000280)=""/4096, 0x1000, 0x800)
setsockopt$inet6_icmp_ICMP_FILTER(r3, 0x1, 0x1, &(0x7f0000001280)={0x81}, 0x4)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f0000001380)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x30021000}, 0xc, &(0x7f0000001340)={&(0x7f0000001300)={0x30, 0x0, 0x8, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "f7472f6af25e24ced4029741fa23e454"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000800}, 0x40044)
ioctl$TCSETAF(r4, 0x5408, &(0x7f00000013c0)={0xe79, 0x9100, 0xcf, 0x0, 0xc, "f0ef6bac24ea3863"})
r5 = syz_io_uring_complete(0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000001400)=0x2000000)
r6 = syz_open_dev$ptys(0xc, 0x3, 0x0)
write(r6, &(0x7f0000001440)="2282fc23de6365af48998f422f42423107", 0x11)
getdents64(r3, &(0x7f0000001480)=""/202, 0xca)
ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, &(0x7f00000025c0)=0x1)

19:36:43 executing program 6:
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'gretap0\x00', &(0x7f0000000000)={'gre0\x00', <r0=>0x0, 0x7800, 0x8, 0x9, 0x2, {{0x2b, 0x4, 0x1, 0x2c, 0xac, 0x64, 0x0, 0x5, 0x4, 0x0, @remote, @multicast1, {[@ssrr={0x89, 0x17, 0x49, [@local, @dev={0xac, 0x14, 0x14, 0x24}, @empty, @private=0xa010101, @multicast1]}, @timestamp_addr={0x44, 0xc, 0x15, 0x1, 0x4, [{@loopback, 0x1}]}, @generic={0x74e7e268e6738c39, 0x6, "03210967"}, @cipso={0x86, 0x3a, 0x1, [{0x5, 0x7, "c9d0543aa5"}, {0x2ab80cfda2cc9584, 0xf, "c3cf1bc33bf62f12056d4802ac"}, {0x2, 0x3, '#'}, {0x7, 0xd, "8b101e2bb45eb63c7ad74f"}, {0x0, 0xe, "4eab073ced4de0bea1119386"}]}, @rr={0x7, 0xf, 0x29, [@local, @multicast1, @remote]}, @timestamp={0x44, 0x24, 0x5b, 0x0, 0x8, [0x4, 0x7, 0x10001, 0x10000, 0x6, 0x6, 0x3, 0x8f]}]}}}}})
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r1, 0x114, 0x70bd2b, 0x25dfdbff, {}, [@ETHTOOL_A_WOL_HEADER={0x4}, @ETHTOOL_A_WOL_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}]}, @ETHTOOL_A_WOL_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000000}, 0x1)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000400)={'ip6tnl0\x00', &(0x7f0000000380)={'sit0\x00', <r2=>r0, 0x2f, 0x20, 0x3, 0x100, 0x10, @remote, @dev={0xfe, 0x80, '\x00', 0x26}, 0x8, 0x8, 0x80000000, 0x80000000}})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000440)={{{@in=@private=0xa010102, @in=@loopback, 0x4e21, 0x0, 0x4e21, 0x0, 0x2, 0x20, 0x80, 0x2f, r2, 0xffffffffffffffff}, {0x5, 0x6, 0x8, 0x80000001, 0x9, 0xf2, 0x7ff, 0x3}, {0xffff, 0x8, 0x2a, 0x6}, 0x5, 0x6e6bba, 0x1, 0x0, 0x2}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4d5, 0x2b}, 0xa, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x3506, 0x0, 0x1, 0xfb, 0x8001, 0x1, 0x1}}, 0xe8)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {0x40}}, './file0\x00'})
sendmmsg$inet6(r3, &(0x7f0000000900)=[{{&(0x7f0000000580)={0xa, 0x4e20, 0x0, @local, 0x6}, 0x1c, &(0x7f0000000880)=[{&(0x7f00000005c0)="bab44cbe70ede67c64f34a90fdc6d1226b69658d15821c35eba1c7313636de94de90832d71e5555d0125090bca764b99047ea884730ec2c5500d1231ab1864eccee99af438a99d", 0x47}, {&(0x7f0000000640)="69096436f76409bf3e68ea6b6670e32c58fbcf18adbf4006bb7fa02487c40043b0416842121fcf18ab4796bbf5bd0b0bb90f76e688075386d9a6d2f58de79906e02f8f6d8c7109b05c20503af7795a510fb4d09335626ffcfe19ec4ab94bca7b66974103594017f41221a5930b0eb4702e6d49d3ddbe92588a62539ce989b51250ff2646bc9723b650", 0x89}, {&(0x7f0000000700)="b751bd9473f49f2547f16b773def9ca1b7cdb59beed1f9e8184849707607a1ea26fa142344a0c9cd1e00d024244ec58b275716cfa4c5c46a8070730eb52364be27705fd69f417c5a14bd1ba5caf08d7a7053891e6c4d84ff4ead48e28ee6729406", 0x61}, {&(0x7f0000000780)="55b48f0407637556dd8ea7bd60689ff5eae84023b755fd952976d447c58e3e3cb2eb78e1afd0a6e81b91df6f40e0ac04456325054000c89528235a5e496ad94fc07a85c55943e794eaa876d68039279aa964727dfcfb3be05b854d46f7d0a73409862af0da566bf2117cc844f6980332f865fe4b84dd28e3041c5324ef4624e39e663bbbc2e2ce52942572d2353ac9dbb84a67a85af21091f274f87e4a6fb1f2b569ffe87af4bea934869a4ff01758c7eacd9c67126ddad1ab", 0xb9}, {&(0x7f0000000840)="b5bea203eef7ae9da8f4edde6bc01d", 0xf}], 0x5}}], 0x1, 0x20000000)
sendmsg$NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000a00)={&(0x7f0000000940), 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x34, 0x0, 0x224, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x9}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x1}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x1}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x3ff}]}, 0x34}, 0x1, 0x0, 0x0, 0x815}, 0x4)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r3, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000020}, 0x200400d4)
pipe2(&(0x7f0000000b40)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80800)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r5, &(0x7f0000000c40)={&(0x7f0000000b80), 0xc, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x38, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x5a}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x33}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x7a}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004}, 0x4000800)
r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000c80), 0x0, 0x0)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000d00), r4)
sendmsg$TIPC_NL_LINK_GET(r6, &(0x7f0000000e40)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000d40)={0x94, r7, 0xa1343d1f9b85d402, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x6c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x73}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @local}}, {0x14, 0x2, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1000}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x8010}, 0x800)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000e80)={{0x1, 0x1, 0x18, <r8=>r5}, './file0\x00'})
connect$inet6(r8, &(0x7f0000000ec0)={0xa, 0x4e21, 0xfff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x200}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000000f00)={{0x1, 0x1, 0x18, <r9=>r3, {0x1}}, './file0\x00'})
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), r3)
sendmsg$NL80211_CMD_DEL_STATION(r9, &(0x7f0000001180)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001140)={&(0x7f0000000fc0)={0x144, r10, 0x20, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x1f, 0xcac}}, @NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x4}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xef, 0xbe, "9e1ffbb076bdae0053872c0642624f360f5490d61486595666dc3e1e1da80f6cbed5d6a59ad6407c2a6153524043d9499d32e8f1a645633315f8d0c164679f70f3ceb01e56ecd46d8995f771d1b27fc17f91ef27ac294b2611a993d6c812361ba571745488e01924c64fe427ada805d972cba91a81b822fda3f5ed42ee24685c81881df80c5ad248f2233fc9022ab5c4f6d859ab09ae3def0a912d18149008f0d296645ef572f6f6f16d32f5d649124e364109aabe02592b197ec18de7b13b6719d49d2d3cd0b3dcd6c4af0f59ce98683b2709d53412f330244eea2af9f226199aa3916bde3d0e52822312"}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x1}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x709}, @NL80211_ATTR_STA_SUPPORTED_RATES={0xc, 0x13, [{0x30, 0x1}, {0x1}, {0xb, 0x1}, {0x12}, {0x24}, {0x30, 0x1}, {0x12}, {0x24, 0x1}]}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x7f}]}, 0x144}, 0x1, 0x0, 0x0, 0x40}, 0x4000)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r4, 0x40089413, &(0x7f00000011c0)=0x1f)

19:36:43 executing program 4:
pwritev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="f4ddf0709d5ec90f825ad98fb2ff30c999b3de9f8ddc57e957aa09d29b4b9414a70683ce90fd365a65ac79c45b6de9002759f8d92cb4d58c9af7ddfb372adedc2bd25397b46b3cfc50cd197390536827ff7e07ff231ef3ba0d89ff7c4ed7c9b0c5d69334fbb7660378d42eb848f523ac1fbc6de9a23420a1cb3a807bc359a20bb19e0e44597bf590045749e1bdb772902e4978d61db5892e5f020ddaf196d52f3b8c4f50527476a33a05c380ee66766c", 0xb0}, {&(0x7f00000000c0)="8e6ef3f44a4d1438de3f8eee7f3b69fb6d23cd6ac4448a5964a1e034e2da789b37e343adffb2a60443266a5c3ced18a9e621e6", 0x33}], 0x2, 0x4, 0x1)
ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000140)=0x137)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000002600)={0x53, 0xfffffffffffffffe, 0xcd, 0x80, @scatter={0x7, 0x0, &(0x7f0000002400)=[{&(0x7f0000000180)=""/81, 0x51}, {&(0x7f0000000200)=""/82, 0x52}, {&(0x7f0000000280)=""/123, 0x7b}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/4096, 0x1000}, {&(0x7f0000002300)=""/44, 0x2c}, {&(0x7f0000002340)=""/185, 0xb9}]}, &(0x7f0000002480)="b922eaadb40e9efb608a426d069046bacc7998872d39544bd9e33459e498b1ac8d2c3352074ee98c75c50ac4a91b84e66d4ded577de94a1f4af69ffed1d5b1d62a23110c01ca96632cdfa61b383cc4d368ff5a9681f33e818ff05199f9a563f8414de6891c4c6f9363fcbf2451aa3ff2d184c4f237c0e6f9e6900d2b1bddcd4cd6eb5b46fb23796e0239a1965d25c57b2cc5537dcca750cda1d67f7df4fd4ab64ef11bdd568036520a0f8f4b8be8386a0857b722c13145ed8e431c741efe5ad4d97692f05e9e4b9646de61c37b", &(0x7f0000002580)=""/37, 0x14c, 0x4, 0x2, &(0x7f00000025c0)})
ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(0xffffffffffffffff, 0xf505, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000002680), 0x5, 0x30082)
copy_file_range(r0, &(0x7f00000026c0)=0x2, r0, &(0x7f0000002700)=0x4, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000002740)='./cgroup.net/syz0\x00', 0x1ff)
fsmount(0xffffffffffffffff, 0x1, 0x1f6)
r1 = syz_open_dev$mouse(&(0x7f0000002780), 0xb3, 0x410400)
ioctl$CDROMPLAYTRKIND(r1, 0x5304, &(0x7f00000027c0)={0x3, 0x0, 0xfb, 0x6})
r2 = dup3(r0, r0, 0x80000)
r3 = openat2(0xffffffffffffffff, &(0x7f0000002800)='./file0\x00', &(0x7f0000002840)={0x100, 0xdb, 0x13}, 0x18)
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f0000002880)={0x10000, 0x9})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000028c0)='./cgroup/syz1\x00', 0x1ff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000002900)='./cgroup.cpu/syz0\x00', 0x1ff)
fsetxattr$trusted_overlay_upper(r2, &(0x7f0000002940), &(0x7f0000002980)={0x0, 0xfb, 0x10c, 0x0, 0x20, "228f550d3d95a1e6e4894211f9ddfc87", "8812934c99906a020663d164ffb187289b9b16e5fc45cc64cd4144265a51ac05c27f03877f5986eabc0b3bca7d6e23f614437e8413c0d62f6c0175c52a690dc4fff86656f39053022528347528882288fc89f5ea496ae04471aea512a251d60d7a10a9a4e50207d038894c011798a4022086c4aa1dec13b4c576788727e0ff9131c476dba82e7b0e02a8b61e8c0347f6674bdf0a58e8bc2b93a1c89b25589a532955337e115d13958a79ecfbae78f866e88887b7bde1947330928a4edcf65404f951422c14cfe6d2c9b9c731934cb118a668be26b0ec5034297cf724968293e759a3d264052543b1f3e6172e42e7377042477e5b828d3d"}, 0x10c, 0x3)
sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000002c00)={&(0x7f0000002ac0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000002bc0)={&(0x7f0000002b00)={0x84, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}]}, 0x84}}, 0x4014)
r4 = syz_open_dev$vcsn(&(0x7f0000002c40), 0xe8, 0x80040)
sendmsg$BATADV_CMD_TP_METER_CANCEL(r4, &(0x7f0000002d40)={&(0x7f0000002c80)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000002d00)={&(0x7f0000002cc0)={0x1c, 0x0, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x4040040)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000002d80)='./cgroup/syz0\x00', 0x1ff)

[  102.914671] audit: type=1400 audit(1763321803.327:7): avc:  denied  { execmem } for  pid=275 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
19:36:43 executing program 7:
execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=[&(0x7f0000000040)='.+]\'!..)\x00', &(0x7f0000000080)='&@.:/-#-^]-#(}\x00', &(0x7f00000000c0)='\x00'], &(0x7f0000000180)=[&(0x7f0000000140)='\x00'], 0x1000)
execveat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)=[&(0x7f0000000200)='\xfd!]\'\x00'], &(0x7f0000000400)=[&(0x7f0000000280)='&+/$\x00', &(0x7f00000002c0)='&@.:/-#-^]-#(}\x00', &(0x7f0000000300), &(0x7f0000000340)='&@.:/-#-^]-#(}\x00', &(0x7f0000000380)='+\\%^\\^\x00', &(0x7f00000003c0)='&@.:/-#-^]-#(}\x00'], 0x1000)
execveat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', &(0x7f00000006c0)=[&(0x7f0000000480)=':2%$/{-#\x00', &(0x7f00000004c0)='+\\%^\\^\x00', &(0x7f0000000500)='+\x00', &(0x7f0000000540)=',++((-\x00', &(0x7f0000000580)='+-\x00', &(0x7f00000005c0)='.+]\'!..)\x00', &(0x7f0000000600)='+^\x00', &(0x7f0000000640)='!\'@!\x00', &(0x7f0000000680)='*+'], &(0x7f0000000780)=[&(0x7f0000000740)='+\\%^\\^\x00'], 0x100)
fchmodat(0xffffffffffffff9c, &(0x7f00000007c0)='./file0\x00', 0x104)
execveat(0xffffffffffffff9c, &(0x7f0000000800)='./file0\x00', &(0x7f00000009c0)=[&(0x7f0000000840)='-!(*$\x00', &(0x7f0000000880)='+^\x00', &(0x7f00000008c0)='&+/$\x00', &(0x7f0000000900)='](\x00', &(0x7f0000000940)='\x00', &(0x7f0000000980)=',++((-\x00'], &(0x7f0000000a80)=[&(0x7f0000000a00)='}%\\\x00', &(0x7f0000000a40)='.]\xce)\x00'], 0x1400)
execveat(0xffffffffffffff9c, &(0x7f0000000ac0)='./file0\x00', &(0x7f0000000c00)=[&(0x7f0000000b00)='\x00', &(0x7f0000000b40)='\x00', &(0x7f0000000b80)='\x00', &(0x7f0000000bc0)='.%-}}})-:,^\\)[\x00'], &(0x7f0000000e00)=[&(0x7f0000000c40)='$)),\xbf+&\x00', &(0x7f0000000c80)='+-\x00', &(0x7f0000000cc0)='#%\\$\x00', &(0x7f0000000d00)='+^\x00', &(0x7f0000000d40)='$\\\x00', &(0x7f0000000d80)='+^\x00', &(0x7f0000000dc0)='+-\x00'], 0x1000)
setxattr$security_selinux(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80), &(0x7f0000000ec0)='system_u:object_r:dhcpd_state_t:s0\x00', 0x23, 0x3)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000f00)='./file0\x00', 0x200, 0x103)
r0 = openat(0xffffffffffffffff, &(0x7f0000000f40)='./file0\x00', 0x200080, 0x151)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000f80)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
execveat(r1, &(0x7f0000000fc0)='./file0/file0\x00', &(0x7f0000001040)=[&(0x7f0000001000)='\x00'], &(0x7f0000001180)=[&(0x7f0000001080)='$:\x00', &(0x7f00000010c0)='](\x00', &(0x7f0000001100)=']\x00', &(0x7f0000001140)='+!\x00'], 0x100)
pipe2(&(0x7f00000011c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
fspick(r2, &(0x7f0000001200)='./file0/file0\x00', 0x1)
syz_mount_image$nfs(&(0x7f0000001240), &(0x7f0000001280)='./file0/file0\x00', 0xaf2, 0x3, &(0x7f0000002440)=[{&(0x7f00000012c0)="8c127e7c9ea7b955f47d9446f85141654ed3db90aade1ba96794fcc5d03f111e79bbc281f305063f8a0ae638544ad80f186445305f35444793cae40280ede2d1cff1ee0a456b7640173bbceff99b287ef87153706488ffd3e574a8f50a239479d6a7436820c2d7589d40e446943cfbc7bb3f257ab72c856e5b655ac16d36dc15f792216bf468d6ea4075c4de25c7d2e6eac780b65309d2c6dd0fba53a133b3e5d2580c9d8af6bcfaf265d5aeb778299b541b7963a817fb22ff3d1dbd4db99e9d9490409622dc1c44e0196cb442a0b829bc2abfa03d73e3849725d071cbd21ed85e574c66acdc13de0c5d75a4f876c766fa62b33e8bd08136db87837e40f4cf2242f931d719b0484caff67c18ad15faa6dd68ed0efd7b267ffdde6ee6b686ceeaff13f805511a8daeb5dc9433ec446117642be05d5e72e10432b9ce04fcd37ae24599d5f9c198f64f509bad969d1f9c44aac7c4146fa6fc6426de0e7cd5bdcc44bc79452f683a4c1373a0b558f08520ea9026756dda58e1b64c03259a56b1e096f7ff5efbb7201973137588a3f092aeab65468c922e8bcf620a473fe0302477ef586cc9891d95f74514b37b54b34bcee00f004cfbf8fc643333d6c752b8e350f28d7b2ed8c1b0f136caf84bdc3d4c8fe4ed29cbc12c75f158cbebd4f98fa61fdac18705d9157acb44e00298f3792bf37995ac322b02513f28aa92f4bc370fcbf7ea0c26c8f5a88f2498d3743c736db28d66808d55e0e6958ff6584f3df3a59528565f21fd89d68739b6f0192159049c6019236a47aaa11b913674ee0a3e065b946c82e80a7f8a0a03a3f1b63705da24f0b5e68480abc11f29cbc14fa5769c6a2956294362bb29fcf1e1bb2506ce16221b17970aef0d84e4b3a86f66869802a39aa653a76873e0986cc1333c79e42fc1f8fb3d2fbd30fc68ac3df7770991d2647e9c5351d1fda4cce69ec736397c58a36f60abdd2d121d69ddbabca9857847c4a48752686dbed0540174171c5b8fb3aa0b31b3f5e504471e4d9c24bab813196286770e94c029035f32cd90c9fac1628c0aa1423e59e2e841a8539b553a262d10c6d1a249bd22be4c318d8040ab3560ab20126370cee0f0cb8e62b691c1f5110b461da617af32fc2a76a9620c92ddacce525215005f716d5b1f5f8662e5f377dcfab7658a1723bd8027efab19e681056c56f720c174da00c1e68b2770f62cd5fc67eae6bd9d31f30ece2047dafcbb71434791443741dee1a8fad04fa2dc8d9c01222e109d5b0a9a33998f3ca352caf91908c587b006db54e5ca259037384d5f110691d036f155274cb848eb8d14282d160f456168c178f909f2c4ac430cf6489d5fe8a6db46685e30dc7d70159a0b993255cafcbf42c59f87a00599b2730d6f4aa20a8fafad051ebb32c325c7aa4bc2c5c7cd03a0c24cf86569790d70fa1f3851e5766bcb5ceed92d565bcef00886f40d1fc71d9e42b986f17f0754d3f98e8553399c413c317fd2279587ad92ce0e84f6f86fe96843242354f5617d5c9c38fd868fda58ee16da3cb13c21f87adb10e7f072a7ea908c6963e62bbae46850f54dfc56631ee8b61c6a245ab9ff63e364de6263e8773c9e83c68204276f85cea250999aa7b342c117661b5feae971fbe029fd1a46995847fd262c690e7d47e159268d868bad912f91e65788bcdcc83c12724fc6ec1550e1b27450177a979004b193566d3988c423ea74eaeaaeeab311231964b5f7f395e9ca4d12d94ce4f6ad9caf33d8a8726532235e0b48d4411397a3ce6745df3a4de0a96dcaf9293a2e587daf40611b1fd59e6718df0430b046ec53c2a8b2915499de7958b6e812055469504a9994712f8b5c130d88659624b062ac399184ec912641799e1fc3b94266a6e7700b6d0703aa9146845522852a781dfec50728d118b1d0fe1be405d77732a10820aec214f1a7b24ab59473abfa8f9db1a16d0fbad3edc8a6e7f987104ac158f56f258009ff276f9aae3c2b673301637b70a2ecafa713b32e73857ae64cce6473bd24b580d0b07c057d4e1c152764c9e6c57c85a64c216c2f52cce3af2cd3f4120ed93aadaab381d5c143705f55944b75f5dae8b170c9a205936fba3a50c640ae243c92c6944ea084fde7a115ef37c0a6b5b7f95f58794087092931d80b7a61f6b4d5f916162ba207f52612e4b74f578693be86c383e04d98700ba4b074bc3d35f12291586c9a023daa343458289f5f0383a06490317251fc9aae8eff4997bdd1f6db9c149c3f2b5f34d0e2e881ecb169ac38d870a8c6f68aacedcf2ff625985650aa7e939d74a0aa2c7140d3c780b896154075e0b23361393c349bc87ef31e2304da0950f7046c9ace7d8034a319cfdceb67956971424c92efa49da9c3cf3a6001007c449ebdedefe0afa6726128df4c642fcb9f115d19dfeba808007d775a16e31cdfa38e023ed754ad86e2130f37d37471c1b2ea48374857c56ae0e424369c0f8f819bf432e10820f359a4ab4ca66aac3e822b1edb4bc6b167f51f5dd090e6343b42a6f1880b26df92e50ea1488cd3467bc10e66f8de17580da1a975bb00eadc01f80e87a7cbc2835ab98e6485df579aa71984ee55644f4f8380184fd53b0e365b48d7f56496af07e382cf13e03b8b393cbbd6617ce8992a2dfa1d17da6961aa0e53f846462d0e69b01e7f76e3795bfe033bd22d7ceef8601584452831d00330a9b1a46b0f476ec1a1cbbf78e0a058b489c69b77387e0aba9137c39b490140e8586e99140389d0e8112ac822e0ce00682ad295f66fbc09d4e5871ea50230fffa2644bc47c3a7ce735e5403901b28fb84f3d7b29057a926d0dbbdd1a36b05a7f8f57bc1d959e2e584832c9ee247a0a73efc3e29aea761548e9bd9a67310bf638e61be53dc9be0c914cd7c1c8326b75663b9e28fc75eb85df3c24212e1955a9bad80296bc2e8cd9f5bc96cf73ec131f5c4c4b268d82aad5e313e950954a53403932c6daed28fda6237f0996f500f7cf1c630bba15136ec9fd839bb8e4a74d7ef603252d2020484debf3c12b16c6e60fd2030d2d7d893df9d190d61923cb3196b7d8f5ca86d2fb9992d946dade4883454a3943ae317bc0be11d4fa1145735b29733519e62dba398b3db9c7ab8af4db3ae78c0c9165f0a8d35bdb84120eeba361faae6be70099619e87b14b94f9e5e98463f6f06f6f0a8fde3020f26d2f6af3e2cd58e44cfb7fcf177a3511060ea7348f00e8e5eed0426ecd28a222def6e1da8a2a8bb40dce69c974104340e3bcf525d23935901cfb1f67bcb711dcefa94dd3d9a73425d719106350c0a79a555221968cf0c6e3314b3f9302565c6aa511c745d41844660a79bba33ce528be24155fb0fe04216588c891e568bc92c10f740e0f6b02d09d6ad2a5c5dcb31be475dd7d6481e6b2241b9cae11cdceb61e6876d6c593dfe183f5a7fa35662f8d39bc5181b0ab31297134bfed27f081caeadbc821f976bb0ec6c3047ad6b13c4a01fb4f592c1ebd3ef2800dfc33cc2e0d5b9919319ae5dbdccb80f5d8d19f6e6dc38b70467163422e6b9ebecf88f7afd0059e2806f61c8f0f11472053717bf85cecf9fb39707f3b69c2abb073607ac08da14acaaecb330487d2773f08df6d5e3b4ea4fd03c1d10cc7b50374ba3a56b278b52b33d00515749d716489358c4ee2ac5205e15bcd8c18e4af5edc83a2c05e8c84b48c027c061c488300c6d96dfb5a892648c99bc1c9c3dc36f0e4ffc0ec1692c325652155e9e42006a35286ae76b594649931df736596a0f989e0be2ba508d74d028f23171f59f958e03a1988178a6585824489e621e01b18117842c0287a08eddf06a4d1f9ee08045e6dbd835b6f9b61efdccfe115d9b6b8ebd67334c444c802f6a29cd82221d25c12a0563a2fcfff38726fff416cf8d8fa391a33c2b3204486e746b1dd293c47f8e271ba691bc0f6bad3d6ab4c3055d2bd52b2e1118350f27e226d4662f3a4454ff055fa0e9e3488293c4f95e9a2bf11294877d7ec3b48d25d5d80a075bc7f78aeb5acd658b207fe1daf111d54691c650cd06f1913cc7fe5198170e53e9ae4fd219aceabab1cf56f92936bc0817cfef237534325a6869d7d682d2a9415ec4577e9f56aae63e12f6786701a8af38f1f844d01b2ba33659882740dd715a92a99bc78029a440efc5ca32c9f2425b017e64d2a942fdd2bde73e50a97499a6e0e76462581cd1b8fa551383cf32eb7a2e61b4380ccf043164fee309ad5edec2af3e667118b819c4ff7e0293dd064071ebee455edf8c0c21408d5de57af492593115e7cde92235f99e24059f0e879076d1e52bd7ca8cf99bafae6bbc28305d011f73f2c95b1dd89a24ddd52fdbd8b99651032a6c54dec99b63cab8021427dda8bb57f8aa21f1159675aa90c5ddd940203c7eaeb076d8525ddf8921d9c35a60739e3683dbc2d33d0950c295cdf04cae15469f4a798e21e2f166baaa6ba5d4226f39604c169666c229304c1ec125520fc6522b40a8b5ebf95052669e492ba401fa0781c90e8d6374ef92611fa88656994a1b21f490b54964d046d88d157b891902bcc50794df17d8dc886679a2dd4231b6421daad470a719e07a648145d92248491870621e6d353aec9cbd452c9dca56151c1a4dfe10249ad4148df2d2bcd037b2668b83d36280248e99e6e6b60ac392f57733c669e46e4f38813fb2e28f79d4b014b16571bda5652e52a86489baf52f6e5ebbdf8087c35025df705d059905a53cb86f29eb975a426b9862bd3f28141bf47749e69b3bc52e40c979f2ff3a49f713b400fd3cd7917fe41aeef4ce162e0f2379fb615806f1e5563e5fe978f4c5b2de508bf44a7eedc2cbd5af3d3e2f9f32bc9b2a72e19e14e485ddbd71f39a2f5a6b8e49b62c0283508571d247783a3d7a488bced296147ef4b1b790b2b7bf94aa83f86bf40e3d9f0315a09cd1b64c389231d2abe97dc8127241465f3cfb758784907b9a9c4a2a1b8e58f370dce84781d1803b10b5323a98d8704625e586090e25e9beb7e2ce28b4648a99dfbfbbc5fe2b3931cb5d2d155f53e275d8378f2ba46972dcdb951f86b626498d95c382157bf30211c9ea7241c2d6c92d35b211e899b7deadc52cf739a18750a4e1043b0bda76902afece0878a37b82f9f6483833bb6d4c0a5f16d0be71bfcd65cf190186cabfc8f8dfd7c8c9d12d2e9285aa1dff742f2f966cc5bd75de8c0933148fc550ae5b04e17af74928478925958db251650d47ed1493d494d2b3ab5a306e834fcdda5096ea3cfa2c0455e02f0e92ab0bd39ab1187e0fa9956a528845744d5ea3046ea9f12343e4823020916ad04a07778b6ea7cb911fc27fe38b3ba28d6421624e854ed6bbbb425135246be0be91b9088d497cd801041e4295ae886ad165cd6bdca359410ab34897178c85ab6226f53b45df01e7fe385f3c44ee3cdc49ee7b14d25c5bab9086af06c69f97a0ad0fda9da45dc50c7373e857a77baf7386726250dc3eaed3f9fac43d1cd4759cdd96b4c00b438cdd1baed130889c311569dfac53fbc6b1e47fd0c8fa3e0da9410d17b2a97a5b7ad4795d51956d2e007fd7f70e65122ee38eea75ed4c80c6046c7a911928cbf5ea14730a668ea36ab3218753cdda668001be36fa2f105901f375d3236ebd98c4ed0497e779d2be8339fa1d0361c239e3be2b14e068af8750a8c6a45ec55269b64cfa7c178d6370f2ec66190e883716bd2b43f503006094c810195fff58bc92a9f0dc2071e744d486a9dcb2060af445089108a6d49b33c18a5f40fb841d8d00872751acfec18637", 0x1000, 0x3}, {&(0x7f00000022c0)="73d810d393e7b6284fb62f833c86eaf09b57ecd6462cd1da2155f88b1189f8221f76de001c28a622f07febf5986bf96c5f01276d8bdcc9ecf2815e0e7b9d527abf", 0x41, 0x800}, {&(0x7f0000002340)="7fa7eda06fd7f765398dc014ef4eb1655737d6d09ac8246e5d8c9e63d0925744f72db48a08f6feca0c9054176d26ee0816a84d7ecc2502418614124112de311fedac18d08b0196d3cc0b1e4ccbee8119ce5944ed24f488588de6e46faf42a3ebb2cc7fc820603669135597d99edd8e1459dcdb34231600c4ba2d747361b5abfa1782f4cb5fee445daa3fd7ca98d2133f224188e34e2596e240da191b9dec9ab5b6b76f5e12de8ff72110174f69068549cfd38d592821fbaa784a949181f2a6c88572704fab68b01ba4a2f3556799b38b58bde75de93975e92ea79288", 0xdc, 0x1ff}], 0x80, &(0x7f00000024c0)={[{}, {'\xea:'}, {'&*,\\,}'}, {']\x00'}, {'$\'!^![+}z('}], [{@pcr={'pcr', 0x3d, 0x40}}, {@uid_eq={'uid', 0x3d, 0xee00}}]})
syz_mount_image$iso9660(&(0x7f0000002540), &(0x7f0000002580)='./file0\x00', 0x6, 0x1, &(0x7f0000002640)=[{&(0x7f00000025c0)="35568cc42386c847b84cdce64709fb2b5adb70f7969e4f022c064336041d71a36a89c38e2e328e1af8fdcb84261fa49280d46df45cee0cebd92e37da0104205e1c9fd5c2a6c56e461ce13a06daf1d407b5f664f6a0e7ea84e7d7c293ed5c70d4afd4bb", 0x63, 0x180}], 0x1021, &(0x7f0000002680)={[{@block={'block', 0x3d, 0xf00}}], [{@dont_appraise}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@euid_lt={'euid<', 0xee00}}, {@context={'context', 0x3d, 'user_u'}}, {@smackfsdef={'smackfsdef', 0x3d, '+^\x00'}}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@fsname={'fsname', 0x3d, '\xea:'}}, {@dont_measure}, {@obj_role={'obj_role', 0x3d, '-!(*$\x00'}}]})
lsetxattr$trusted_overlay_redirect(&(0x7f0000002740)='./file0/file0\x00', &(0x7f0000002780), &(0x7f00000027c0)='./file1\x00', 0x8, 0x3)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000002800)='./file1\x00', &(0x7f0000002840)={0x800, 0x101, 0x1}, 0x18)
fchmodat(r3, &(0x7f0000002880)='./file1\x00', 0x0)
execveat(r0, &(0x7f00000028c0)='./file0\x00', &(0x7f0000002980)=[&(0x7f0000002900)='smackfsdef', &(0x7f0000002940)='.%-}}})-:,^\\)[\x00'], &(0x7f0000002a80)=[&(0x7f00000029c0)='(b.\x00', &(0x7f0000002a00)='@\\^\x00', &(0x7f0000002a40)='security.selinux\x00'], 0x28428f9b320cc09c)
quotactl(0x10000, &(0x7f0000002ac0)='./file1\x00', 0x0, &(0x7f0000004fc0)="b00aeba8")

[  104.135947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  104.138120] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  104.142427] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  104.147369] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  104.150303] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  104.201841] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  104.207481] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  104.209874] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  104.212493] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  104.214122] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  104.215925] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  104.217942] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  104.220582] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  104.223121] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  104.224662] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  104.226761] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  104.228244] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  104.230730] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  104.234612] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  104.235966] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  104.240029] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  104.243524] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  104.244923] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  104.251878] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  104.258757] ==================================================================
[  104.259817] BUG: KASAN: slab-use-after-free in hci_cmd_work+0x66d/0x6d0
[  104.260820] Read of size 2 at addr ffff88800fc46a38 by task kworker/u11:0/291
[  104.261854] 
[  104.262855] CPU: 1 UID: 0 PID: 291 Comm: kworker/u11:0 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) 
[  104.262884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  104.262898] Workqueue: hci4 hci_cmd_work
[  104.262926] Call Trace:
[  104.262934]  <TASK>
[  104.262942]  dump_stack_lvl+0xca/0x120
[  104.262969]  print_report+0xcb/0x610
[  104.262997]  ? __virt_addr_valid+0x100/0x5d0
[  104.263021]  ? hci_cmd_work+0x66d/0x6d0
[  104.263047]  ? hci_cmd_work+0x66d/0x6d0
[  104.263074]  kasan_report+0xca/0x100
[  104.263100]  ? hci_cmd_work+0x66d/0x6d0
[  104.263130]  hci_cmd_work+0x66d/0x6d0
[  104.263158]  process_one_work+0x8e1/0x19c0
[  104.263193]  ? __pfx_process_one_work+0x10/0x10
[  104.263223]  ? move_linked_works+0x172/0x270
[  104.263246]  ? assign_work+0x196/0x240
[  104.263275]  worker_thread+0x67e/0xe90
[  104.263304]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  104.263330]  ? __pfx_worker_thread+0x10/0x10
[  104.263360]  kthread+0x3c8/0x740
[  104.263386]  ? __pfx_kthread+0x10/0x10
[  104.263412]  ? ret_from_fork+0x79/0x7a0
[  104.263433]  ? lock_release+0xc8/0x290
[  104.263465]  ? __pfx_kthread+0x10/0x10
[  104.263492]  ret_from_fork+0x67a/0x7a0
[  104.263512]  ? __pfx_ret_from_fork+0x10/0x10
[  104.263534]  ? __switch_to+0x759/0x1060
[  104.263563]  ? __pfx_kthread+0x10/0x10
[  104.263593]  ret_from_fork_asm+0x1a/0x30
[  104.263628]  </TASK>
[  104.263635] 
[  104.288980] Allocated by task 284:
[  104.289493]  kasan_save_stack+0x24/0x50
[  104.290083]  kasan_save_track+0x14/0x30
[  104.290658]  __kasan_slab_alloc+0x59/0x70
[  104.291256]  kmem_cache_alloc_node_noprof+0x228/0x6b0
[  104.292003]  __alloc_skb+0x2ab/0x370
[  104.292556]  hci_cmd_sync_alloc+0x34/0x300
[  104.293171]  __hci_cmd_sync_sk+0xf7/0x5c0
[  104.293788]  __hci_cmd_sync_status_sk+0x4d/0x1a0
[  104.294481]  hci_cmd_sync_status+0x4c/0x70
[  104.295096]  hci_dev_cmd+0x4d5/0x980
[  104.295644]  hci_sock_ioctl+0x493/0x810
[  104.296230]  sock_do_ioctl+0xd1/0x240
[  104.296780]  sock_ioctl+0x40d/0x630
[  104.297311]  __x64_sys_ioctl+0x18f/0x210
[  104.297911]  do_syscall_64+0xbf/0x430
[  104.298469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.299216] 
[  104.299467] Freed by task 304:
[  104.299927]  kasan_save_stack+0x24/0x50
[  104.300502]  kasan_save_track+0x14/0x30
[  104.301075]  kasan_save_free_info+0x3a/0x60
[  104.301717]  __kasan_slab_free+0x43/0x70
[  104.302306]  kmem_cache_free+0x26f/0x500
[  104.302907]  kfree_skbmem+0x18a/0x1f0
[  104.303462]  sk_skb_reason_drop+0x10e/0x1b0
[  104.304080]  vhci_read+0x3d5/0x5d0
[  104.304602]  vfs_read+0x1eb/0xc70
[  104.305110]  ksys_read+0x121/0x240
[  104.305625]  do_syscall_64+0xbf/0x430
[  104.306189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.306925] 
[  104.307175] The buggy address belongs to the object at ffff88800fc46a00
[  104.307175]  which belongs to the cache skbuff_head_cache of size 232
[  104.308977] The buggy address is located 56 bytes inside of
[  104.308977]  freed 232-byte region [ffff88800fc46a00, ffff88800fc46ae8)
[  104.310677] 
[  104.310930] The buggy address belongs to the physical page:
[  104.311720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xfc46
[  104.312827] memcg:ffff88800e5d9901
[  104.313334] flags: 0x100000000000000(node=0|zone=1)
[  104.314071] page_type: f5(slab)
[  104.314581] raw: 0100000000000000 ffff8880096c78c0 ffffea00003f1540 dead000000000004
[  104.315710] raw: 0000000000000000 00000000800c000c 00000000f5000000 ffff88800e5d9901
[  104.316837] page dumped because: kasan: bad access detected
[  104.317680] 
[  104.317938] Memory state around the buggy address:
[  104.318646]  ffff88800fc46900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.319707]  ffff88800fc46980: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[  104.320772] >ffff88800fc46a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.321844]                                         ^
[  104.322597]  ffff88800fc46a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[  104.323650]  ffff88800fc46b00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  104.324705] ==================================================================
[  104.325960] Disabling lock debugging due to kernel taint
[  104.328611] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  104.330265] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  104.358516] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  104.358600] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  104.361362] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  104.362767] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  104.365303] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  104.366769] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  104.366901] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  104.372343] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  104.373785] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  104.375405] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  104.377583] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  104.379413] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  104.385149] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  104.388994] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  106.166251] Bluetooth: hci0: command tx timeout
[  106.358229] Bluetooth: hci1: command tx timeout
[  106.358772] Bluetooth: hci3: command tx timeout
[  106.359630] Bluetooth: hci4: command tx timeout
[  106.421228] Bluetooth: hci2: command tx timeout
[  106.422310] Bluetooth: hci7: command tx timeout
[  106.486222] Bluetooth: hci6: command tx timeout
[  106.486677] Bluetooth: hci5: command tx timeout
[  108.213316] Bluetooth: hci0: command tx timeout
[  108.407171] Bluetooth: hci4: command tx timeout
[  108.407989] Bluetooth: hci3: command tx timeout
[  108.408853] Bluetooth: hci1: command tx timeout
[  108.469250] Bluetooth: hci7: command tx timeout
[  108.470132] Bluetooth: hci2: command tx timeout
[  108.533351] Bluetooth: hci5: command tx timeout
[  108.534067] Bluetooth: hci6: command tx timeout
[  110.261201] Bluetooth: hci0: command tx timeout
[  110.453256] Bluetooth: hci4: command tx timeout
[  110.453683] Bluetooth: hci3: command tx timeout
[  110.453700] Bluetooth: hci1: command tx timeout
[  110.518271] Bluetooth: hci7: command tx timeout
[  110.518673] Bluetooth: hci2: command tx timeout
[  110.582208] Bluetooth: hci6: command tx timeout
[  110.582220] Bluetooth: hci5: command tx timeout
[  112.311175] Bluetooth: hci0: command tx timeout
[  112.501240] Bluetooth: hci1: command tx timeout
[  112.501380] Bluetooth: hci4: command tx timeout
[  112.501692] Bluetooth: hci3: command tx timeout
[  112.565242] Bluetooth: hci7: command tx timeout
[  112.566826] Bluetooth: hci2: command tx timeout
[  112.629327] Bluetooth: hci5: command tx timeout
[  112.629361] Bluetooth: hci6: command tx timeout

VM DIAGNOSIS:
19:36:44  Registers:
info registers vcpu 0
RAX=0000000080000000 RBX=ffff888016ec7888 RCX=ffffffff84c42a87 RDX=0000000000000000
RSI=0000000000000003 RDI=0000000000000001 RBP=ffff888016ec77f8 RSP=ffff888016ec7748
R8 =000000003d4d554e R9 =ffffed1002c0804e R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=ffffffff85522207 R14=1ffff11002dd8eee R15=ffffffff85522207
RIP=ffffffff81752d4a RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e538f000 00000000 00000000
LDT=0000 fffffe0600000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9a566705b0 CR3=000000000e1f0000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=2034343a36333a393120363120766f4e XMM01=5d3837383135322e34303120205b203a
XMM02=20383363307830206363206465746365 XMM03=6f7465756c42205d3837383135322e34
XMM04=2033343a36333a393120363120766f4e XMM05=65636f72703d7373616c63742030733a
XMM06=733a755f6d65747379733d747865746e XMM07=725f6d65747379733a755f6d65747379
XMM08=7475636578652d7a7973223d6d6d6f63 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff8293dd05 RDI=ffffffff889747c0 RBP=ffffffff88974780 RSP=ffff88801473f618
R8 =0000000000000000 R9 =ffffed1001638046 R10=0000000000000000 R11=635f696368203f20
R12=0000000000000005 R13=0000000000000010 R14=ffffffff88974780 R15=ffffffff8293dcf0
RIP=ffffffff8293dd5d RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e548f000 00000000 00000000
LDT=0000 fffffe2800000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fa293a4dbf0 CR3=000000001de1b000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ebfd3a8215c2265a864c2a78139ba9d3 XMM01=331d3fbe72f56025401609ec6bc2703f
XMM02=9bc6271ce0b4352efe6cde9e7dc3daad XMM03=b4ae901f3092aabd94d78877fe8c538a
XMM04=0000000000000000000000000c072c28 XMM05=00000000000000000000004500000045
XMM06=00000000000000000000000000000045 XMM07=00000045000000450c072c2800000045
XMM08=96000000680000009e000000e2000000 XMM09=00000000000000000000000000000000
XMM10=73668fb27039eef18008eb124c6e200f XMM11=116c75342a4864554a412e9b7705547f
XMM12=0d0c0f0e09080b0a0504070601000302 XMM13=0c0f0e0d080b0a090407060500030201
XMM14=00000000000000000000000000000240 XMM15=00000000000000000000000000000040