Warning: Permanently added '[localhost]:8262' (ECDSA) to the list of known hosts.
2025/11/14 10:13:22 fuzzer started
2025/11/14 10:13:23 dialing manager at localhost:37161
syzkaller login: [   50.983405] cgroup: Unknown subsys name 'net'
[   51.059087] cgroup: Unknown subsys name 'cpuset'
[   51.081719] cgroup: Unknown subsys name 'rlimit'
2025/11/14 10:13:33 syscalls: 2214
2025/11/14 10:13:33 code coverage: enabled
2025/11/14 10:13:33 comparison tracing: enabled
2025/11/14 10:13:33 extra coverage: enabled
2025/11/14 10:13:33 setuid sandbox: enabled
2025/11/14 10:13:33 namespace sandbox: enabled
2025/11/14 10:13:33 Android sandbox: enabled
2025/11/14 10:13:33 fault injection: enabled
2025/11/14 10:13:33 leak checking: enabled
2025/11/14 10:13:33 net packet injection: enabled
2025/11/14 10:13:33 net device setup: enabled
2025/11/14 10:13:33 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/11/14 10:13:33 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/11/14 10:13:33 USB emulation: enabled
2025/11/14 10:13:33 hci packet injection: enabled
2025/11/14 10:13:33 wifi device emulation: enabled
2025/11/14 10:13:33 802.15.4 emulation: enabled
2025/11/14 10:13:33 fetching corpus: 50, signal 21712/23520 (executing program)
2025/11/14 10:13:33 fetching corpus: 100, signal 33781/37216 (executing program)
2025/11/14 10:13:33 fetching corpus: 150, signal 47138/51939 (executing program)
2025/11/14 10:13:34 fetching corpus: 200, signal 54738/60912 (executing program)
2025/11/14 10:13:34 fetching corpus: 250, signal 60112/67641 (executing program)
2025/11/14 10:13:34 fetching corpus: 300, signal 64872/73698 (executing program)
2025/11/14 10:13:34 fetching corpus: 350, signal 69663/79679 (executing program)
2025/11/14 10:13:34 fetching corpus: 400, signal 73381/84594 (executing program)
2025/11/14 10:13:34 fetching corpus: 450, signal 76778/89169 (executing program)
2025/11/14 10:13:34 fetching corpus: 500, signal 81298/94693 (executing program)
2025/11/14 10:13:34 fetching corpus: 550, signal 84446/98915 (executing program)
2025/11/14 10:13:34 fetching corpus: 600, signal 86831/102375 (executing program)
2025/11/14 10:13:35 fetching corpus: 650, signal 92782/109013 (executing program)
2025/11/14 10:13:35 fetching corpus: 700, signal 95745/112855 (executing program)
2025/11/14 10:13:35 fetching corpus: 750, signal 98151/116150 (executing program)
2025/11/14 10:13:35 fetching corpus: 800, signal 100328/119207 (executing program)
2025/11/14 10:13:35 fetching corpus: 850, signal 102635/122346 (executing program)
2025/11/14 10:13:35 fetching corpus: 900, signal 104433/124998 (executing program)
2025/11/14 10:13:35 fetching corpus: 950, signal 105617/127167 (executing program)
2025/11/14 10:13:35 fetching corpus: 1000, signal 107667/130004 (executing program)
2025/11/14 10:13:35 fetching corpus: 1050, signal 109225/132410 (executing program)
2025/11/14 10:13:35 fetching corpus: 1100, signal 110756/134771 (executing program)
2025/11/14 10:13:36 fetching corpus: 1150, signal 112371/137178 (executing program)
2025/11/14 10:13:36 fetching corpus: 1200, signal 113887/139453 (executing program)
2025/11/14 10:13:36 fetching corpus: 1250, signal 115376/141653 (executing program)
2025/11/14 10:13:36 fetching corpus: 1300, signal 116830/143852 (executing program)
2025/11/14 10:13:36 fetching corpus: 1350, signal 119779/147177 (executing program)
2025/11/14 10:13:36 fetching corpus: 1400, signal 121649/149600 (executing program)
2025/11/14 10:13:36 fetching corpus: 1450, signal 122572/151287 (executing program)
2025/11/14 10:13:36 fetching corpus: 1500, signal 123900/153321 (executing program)
2025/11/14 10:13:37 fetching corpus: 1550, signal 125172/155256 (executing program)
2025/11/14 10:13:37 fetching corpus: 1600, signal 126854/157470 (executing program)
2025/11/14 10:13:37 fetching corpus: 1650, signal 128438/159550 (executing program)
2025/11/14 10:13:37 fetching corpus: 1700, signal 129706/161446 (executing program)
2025/11/14 10:13:37 fetching corpus: 1750, signal 130352/162841 (executing program)
2025/11/14 10:13:37 fetching corpus: 1800, signal 132163/165033 (executing program)
2025/11/14 10:13:37 fetching corpus: 1850, signal 133096/166579 (executing program)
2025/11/14 10:13:37 fetching corpus: 1900, signal 134059/168172 (executing program)
2025/11/14 10:13:37 fetching corpus: 1950, signal 135185/169814 (executing program)
2025/11/14 10:13:37 fetching corpus: 2000, signal 135995/171251 (executing program)
2025/11/14 10:13:37 fetching corpus: 2050, signal 137616/173223 (executing program)
2025/11/14 10:13:38 fetching corpus: 2100, signal 138129/174404 (executing program)
2025/11/14 10:13:38 fetching corpus: 2150, signal 138837/175713 (executing program)
2025/11/14 10:13:38 fetching corpus: 2200, signal 139625/177068 (executing program)
2025/11/14 10:13:38 fetching corpus: 2250, signal 140255/178269 (executing program)
2025/11/14 10:13:38 fetching corpus: 2300, signal 141080/179605 (executing program)
2025/11/14 10:13:38 fetching corpus: 2350, signal 142156/181121 (executing program)
2025/11/14 10:13:38 fetching corpus: 2400, signal 143105/182508 (executing program)
2025/11/14 10:13:38 fetching corpus: 2450, signal 144233/183991 (executing program)
2025/11/14 10:13:38 fetching corpus: 2500, signal 145099/185344 (executing program)
2025/11/14 10:13:38 fetching corpus: 2550, signal 145967/186632 (executing program)
2025/11/14 10:13:39 fetching corpus: 2600, signal 146668/187772 (executing program)
2025/11/14 10:13:39 fetching corpus: 2650, signal 147475/188997 (executing program)
2025/11/14 10:13:39 fetching corpus: 2700, signal 148653/190470 (executing program)
2025/11/14 10:13:39 fetching corpus: 2750, signal 149357/191559 (executing program)
2025/11/14 10:13:39 fetching corpus: 2800, signal 149997/192643 (executing program)
2025/11/14 10:13:39 fetching corpus: 2850, signal 150479/193632 (executing program)
2025/11/14 10:13:39 fetching corpus: 2900, signal 151305/194833 (executing program)
2025/11/14 10:13:39 fetching corpus: 2950, signal 152193/196002 (executing program)
2025/11/14 10:13:39 fetching corpus: 3000, signal 152990/197106 (executing program)
2025/11/14 10:13:40 fetching corpus: 3050, signal 153719/198168 (executing program)
2025/11/14 10:13:40 fetching corpus: 3100, signal 154269/199195 (executing program)
2025/11/14 10:13:40 fetching corpus: 3150, signal 154820/200192 (executing program)
2025/11/14 10:13:40 fetching corpus: 3200, signal 155484/201229 (executing program)
2025/11/14 10:13:40 fetching corpus: 3250, signal 156513/202447 (executing program)
2025/11/14 10:13:40 fetching corpus: 3300, signal 157008/203403 (executing program)
2025/11/14 10:13:40 fetching corpus: 3350, signal 158467/204754 (executing program)
2025/11/14 10:13:40 fetching corpus: 3400, signal 159010/205656 (executing program)
2025/11/14 10:13:40 fetching corpus: 3450, signal 159887/206711 (executing program)
2025/11/14 10:13:40 fetching corpus: 3500, signal 160555/207668 (executing program)
2025/11/14 10:13:41 fetching corpus: 3550, signal 161398/208675 (executing program)
2025/11/14 10:13:41 fetching corpus: 3600, signal 162140/209662 (executing program)
2025/11/14 10:13:41 fetching corpus: 3650, signal 162638/210541 (executing program)
2025/11/14 10:13:41 fetching corpus: 3700, signal 163288/211424 (executing program)
2025/11/14 10:13:41 fetching corpus: 3750, signal 163881/212313 (executing program)
2025/11/14 10:13:41 fetching corpus: 3800, signal 164381/213170 (executing program)
2025/11/14 10:13:41 fetching corpus: 3850, signal 164969/214021 (executing program)
2025/11/14 10:13:41 fetching corpus: 3900, signal 165755/214965 (executing program)
2025/11/14 10:13:41 fetching corpus: 3950, signal 166294/215777 (executing program)
2025/11/14 10:13:42 fetching corpus: 4000, signal 167079/216625 (executing program)
2025/11/14 10:13:42 fetching corpus: 4050, signal 167691/217439 (executing program)
2025/11/14 10:13:42 fetching corpus: 4100, signal 168163/218184 (executing program)
2025/11/14 10:13:42 fetching corpus: 4150, signal 168651/218947 (executing program)
2025/11/14 10:13:42 fetching corpus: 4200, signal 169134/219727 (executing program)
2025/11/14 10:13:42 fetching corpus: 4250, signal 169534/220485 (executing program)
2025/11/14 10:13:42 fetching corpus: 4300, signal 169986/221193 (executing program)
2025/11/14 10:13:42 fetching corpus: 4350, signal 170451/221936 (executing program)
2025/11/14 10:13:42 fetching corpus: 4400, signal 171145/222709 (executing program)
2025/11/14 10:13:42 fetching corpus: 4450, signal 171745/223432 (executing program)
2025/11/14 10:13:42 fetching corpus: 4500, signal 172322/224128 (executing program)
2025/11/14 10:13:43 fetching corpus: 4550, signal 173053/224862 (executing program)
2025/11/14 10:13:43 fetching corpus: 4600, signal 173513/225537 (executing program)
2025/11/14 10:13:43 fetching corpus: 4650, signal 174032/226226 (executing program)
2025/11/14 10:13:44 fetching corpus: 4700, signal 174434/226906 (executing program)
2025/11/14 10:13:44 fetching corpus: 4750, signal 174730/227512 (executing program)
2025/11/14 10:13:44 fetching corpus: 4800, signal 175439/228251 (executing program)
2025/11/14 10:13:44 fetching corpus: 4850, signal 176148/228928 (executing program)
2025/11/14 10:13:44 fetching corpus: 4900, signal 176746/229594 (executing program)
2025/11/14 10:13:44 fetching corpus: 4950, signal 177522/230249 (executing program)
2025/11/14 10:13:44 fetching corpus: 5000, signal 178075/230890 (executing program)
2025/11/14 10:13:44 fetching corpus: 5050, signal 178514/231466 (executing program)
2025/11/14 10:13:45 fetching corpus: 5100, signal 179081/232099 (executing program)
2025/11/14 10:13:45 fetching corpus: 5150, signal 179522/232679 (executing program)
2025/11/14 10:13:45 fetching corpus: 5200, signal 179848/233253 (executing program)
2025/11/14 10:13:45 fetching corpus: 5250, signal 180647/233903 (executing program)
2025/11/14 10:13:45 fetching corpus: 5300, signal 181276/234492 (executing program)
2025/11/14 10:13:45 fetching corpus: 5350, signal 181751/235059 (executing program)
2025/11/14 10:13:45 fetching corpus: 5400, signal 182121/235600 (executing program)
2025/11/14 10:13:45 fetching corpus: 5450, signal 182561/236166 (executing program)
2025/11/14 10:13:45 fetching corpus: 5500, signal 182985/236690 (executing program)
2025/11/14 10:13:46 fetching corpus: 5550, signal 183476/237190 (executing program)
2025/11/14 10:13:46 fetching corpus: 5600, signal 184045/237706 (executing program)
2025/11/14 10:13:46 fetching corpus: 5650, signal 184474/238206 (executing program)
2025/11/14 10:13:46 fetching corpus: 5700, signal 184857/238715 (executing program)
2025/11/14 10:13:46 fetching corpus: 5750, signal 185318/239233 (executing program)
2025/11/14 10:13:46 fetching corpus: 5800, signal 185739/239747 (executing program)
2025/11/14 10:13:46 fetching corpus: 5850, signal 186018/240209 (executing program)
2025/11/14 10:13:46 fetching corpus: 5900, signal 186447/240660 (executing program)
2025/11/14 10:13:46 fetching corpus: 5950, signal 186987/241094 (executing program)
2025/11/14 10:13:47 fetching corpus: 6000, signal 187708/241538 (executing program)
2025/11/14 10:13:47 fetching corpus: 6050, signal 188190/241956 (executing program)
2025/11/14 10:13:47 fetching corpus: 6100, signal 188730/241956 (executing program)
2025/11/14 10:13:47 fetching corpus: 6150, signal 189459/241956 (executing program)
2025/11/14 10:13:47 fetching corpus: 6200, signal 189757/241956 (executing program)
2025/11/14 10:13:47 fetching corpus: 6250, signal 190116/241956 (executing program)
2025/11/14 10:13:47 fetching corpus: 6300, signal 190600/241956 (executing program)
2025/11/14 10:13:47 fetching corpus: 6350, signal 190930/241956 (executing program)
2025/11/14 10:13:47 fetching corpus: 6400, signal 191379/241956 (executing program)
2025/11/14 10:13:47 fetching corpus: 6450, signal 191799/241956 (executing program)
2025/11/14 10:13:47 fetching corpus: 6500, signal 192191/241957 (executing program)
2025/11/14 10:13:48 fetching corpus: 6550, signal 192575/241958 (executing program)
2025/11/14 10:13:48 fetching corpus: 6600, signal 192827/241958 (executing program)
2025/11/14 10:13:48 fetching corpus: 6650, signal 193903/241958 (executing program)
2025/11/14 10:13:48 fetching corpus: 6700, signal 194295/241958 (executing program)
2025/11/14 10:13:48 fetching corpus: 6750, signal 194734/241958 (executing program)
2025/11/14 10:13:48 fetching corpus: 6800, signal 195168/241958 (executing program)
2025/11/14 10:13:48 fetching corpus: 6850, signal 195698/241958 (executing program)
2025/11/14 10:13:48 fetching corpus: 6900, signal 196033/241958 (executing program)
2025/11/14 10:13:48 fetching corpus: 6950, signal 196368/241958 (executing program)
2025/11/14 10:13:48 fetching corpus: 7000, signal 196733/241958 (executing program)
2025/11/14 10:13:48 fetching corpus: 7050, signal 197034/241958 (executing program)
2025/11/14 10:13:48 fetching corpus: 7100, signal 197317/241958 (executing program)
2025/11/14 10:13:49 fetching corpus: 7150, signal 197853/241958 (executing program)
2025/11/14 10:13:49 fetching corpus: 7200, signal 198320/241958 (executing program)
2025/11/14 10:13:49 fetching corpus: 7250, signal 198589/241958 (executing program)
2025/11/14 10:13:49 fetching corpus: 7300, signal 199042/241958 (executing program)
2025/11/14 10:13:49 fetching corpus: 7350, signal 199404/241962 (executing program)
2025/11/14 10:13:49 fetching corpus: 7400, signal 199670/241962 (executing program)
2025/11/14 10:13:49 fetching corpus: 7450, signal 199920/241962 (executing program)
2025/11/14 10:13:49 fetching corpus: 7500, signal 200229/241962 (executing program)
2025/11/14 10:13:49 fetching corpus: 7550, signal 200553/241962 (executing program)
2025/11/14 10:13:49 fetching corpus: 7600, signal 200728/241962 (executing program)
2025/11/14 10:13:50 fetching corpus: 7650, signal 200978/241962 (executing program)
2025/11/14 10:13:50 fetching corpus: 7700, signal 201398/241962 (executing program)
2025/11/14 10:13:50 fetching corpus: 7750, signal 201897/241962 (executing program)
2025/11/14 10:13:50 fetching corpus: 7800, signal 202243/241962 (executing program)
2025/11/14 10:13:50 fetching corpus: 7850, signal 202710/241962 (executing program)
2025/11/14 10:13:50 fetching corpus: 7900, signal 203035/241962 (executing program)
2025/11/14 10:13:50 fetching corpus: 7950, signal 203331/241962 (executing program)
2025/11/14 10:13:50 fetching corpus: 8000, signal 203750/241962 (executing program)
2025/11/14 10:13:50 fetching corpus: 8050, signal 203994/241962 (executing program)
2025/11/14 10:13:50 fetching corpus: 8100, signal 204268/241962 (executing program)
2025/11/14 10:13:51 fetching corpus: 8150, signal 204453/241962 (executing program)
2025/11/14 10:13:51 fetching corpus: 8200, signal 204698/241962 (executing program)
2025/11/14 10:13:51 fetching corpus: 8250, signal 205019/241962 (executing program)
2025/11/14 10:13:51 fetching corpus: 8300, signal 205311/241962 (executing program)
2025/11/14 10:13:51 fetching corpus: 8350, signal 205570/241962 (executing program)
2025/11/14 10:13:51 fetching corpus: 8400, signal 205915/241962 (executing program)
2025/11/14 10:13:51 fetching corpus: 8450, signal 206130/241962 (executing program)
2025/11/14 10:13:51 fetching corpus: 8500, signal 206453/241962 (executing program)
2025/11/14 10:13:51 fetching corpus: 8550, signal 206726/241962 (executing program)
2025/11/14 10:13:51 fetching corpus: 8600, signal 206990/241964 (executing program)
2025/11/14 10:13:52 fetching corpus: 8650, signal 207227/241970 (executing program)
2025/11/14 10:13:52 fetching corpus: 8700, signal 207598/241971 (executing program)
2025/11/14 10:13:52 fetching corpus: 8750, signal 207909/241971 (executing program)
2025/11/14 10:13:52 fetching corpus: 8800, signal 208157/241971 (executing program)
2025/11/14 10:13:52 fetching corpus: 8850, signal 208453/241971 (executing program)
2025/11/14 10:13:52 fetching corpus: 8900, signal 208691/241971 (executing program)
2025/11/14 10:13:52 fetching corpus: 8950, signal 208977/241971 (executing program)
2025/11/14 10:13:52 fetching corpus: 9000, signal 209259/241971 (executing program)
2025/11/14 10:13:52 fetching corpus: 9050, signal 209526/241971 (executing program)
2025/11/14 10:13:52 fetching corpus: 9100, signal 209756/241971 (executing program)
2025/11/14 10:13:53 fetching corpus: 9150, signal 210061/241971 (executing program)
2025/11/14 10:13:53 fetching corpus: 9200, signal 210310/241971 (executing program)
2025/11/14 10:13:53 fetching corpus: 9250, signal 210550/241971 (executing program)
2025/11/14 10:13:53 fetching corpus: 9300, signal 210769/241971 (executing program)
2025/11/14 10:13:53 fetching corpus: 9350, signal 211117/241973 (executing program)
2025/11/14 10:13:53 fetching corpus: 9400, signal 211402/241973 (executing program)
2025/11/14 10:13:53 fetching corpus: 9450, signal 211686/241973 (executing program)
2025/11/14 10:13:53 fetching corpus: 9500, signal 211852/241973 (executing program)
2025/11/14 10:13:53 fetching corpus: 9550, signal 212233/241973 (executing program)
2025/11/14 10:13:53 fetching corpus: 9600, signal 212553/241973 (executing program)
2025/11/14 10:13:53 fetching corpus: 9650, signal 212824/241973 (executing program)
2025/11/14 10:13:54 fetching corpus: 9700, signal 213065/241973 (executing program)
2025/11/14 10:13:54 fetching corpus: 9750, signal 213346/241973 (executing program)
2025/11/14 10:13:54 fetching corpus: 9800, signal 213586/241973 (executing program)
2025/11/14 10:13:54 fetching corpus: 9850, signal 213829/241975 (executing program)
2025/11/14 10:13:54 fetching corpus: 9900, signal 214108/241975 (executing program)
2025/11/14 10:13:54 fetching corpus: 9950, signal 214336/241975 (executing program)
2025/11/14 10:13:54 fetching corpus: 10000, signal 214613/241975 (executing program)
2025/11/14 10:13:54 fetching corpus: 10050, signal 214893/241975 (executing program)
2025/11/14 10:13:54 fetching corpus: 10100, signal 215154/241975 (executing program)
2025/11/14 10:13:54 fetching corpus: 10150, signal 215358/241975 (executing program)
2025/11/14 10:13:55 fetching corpus: 10200, signal 215591/241975 (executing program)
2025/11/14 10:13:55 fetching corpus: 10250, signal 215793/241975 (executing program)
2025/11/14 10:13:55 fetching corpus: 10300, signal 215963/241975 (executing program)
2025/11/14 10:13:55 fetching corpus: 10350, signal 216166/241975 (executing program)
2025/11/14 10:13:55 fetching corpus: 10400, signal 216439/241975 (executing program)
2025/11/14 10:13:55 fetching corpus: 10450, signal 216643/241975 (executing program)
2025/11/14 10:13:55 fetching corpus: 10500, signal 216872/241975 (executing program)
2025/11/14 10:13:55 fetching corpus: 10550, signal 217192/241975 (executing program)
2025/11/14 10:13:55 fetching corpus: 10600, signal 217482/241975 (executing program)
2025/11/14 10:13:55 fetching corpus: 10650, signal 217751/241975 (executing program)
2025/11/14 10:13:55 fetching corpus: 10700, signal 217965/241975 (executing program)
2025/11/14 10:13:56 fetching corpus: 10750, signal 218158/241975 (executing program)
2025/11/14 10:13:56 fetching corpus: 10800, signal 218396/241975 (executing program)
2025/11/14 10:13:56 fetching corpus: 10850, signal 218631/241975 (executing program)
2025/11/14 10:13:56 fetching corpus: 10900, signal 218887/241975 (executing program)
2025/11/14 10:13:56 fetching corpus: 10950, signal 219131/241975 (executing program)
2025/11/14 10:13:56 fetching corpus: 11000, signal 219286/241995 (executing program)
2025/11/14 10:13:56 fetching corpus: 11050, signal 219529/241995 (executing program)
2025/11/14 10:13:56 fetching corpus: 11100, signal 219754/241995 (executing program)
2025/11/14 10:13:56 fetching corpus: 11150, signal 220028/241995 (executing program)
2025/11/14 10:13:56 fetching corpus: 11200, signal 220217/241995 (executing program)
2025/11/14 10:13:56 fetching corpus: 11250, signal 220526/241995 (executing program)
2025/11/14 10:13:56 fetching corpus: 11300, signal 220732/241995 (executing program)
2025/11/14 10:13:57 fetching corpus: 11350, signal 220931/241995 (executing program)
2025/11/14 10:13:57 fetching corpus: 11400, signal 221089/241995 (executing program)
2025/11/14 10:13:57 fetching corpus: 11450, signal 221382/241995 (executing program)
2025/11/14 10:13:57 fetching corpus: 11500, signal 221561/241995 (executing program)
2025/11/14 10:13:57 fetching corpus: 11550, signal 221813/241995 (executing program)
2025/11/14 10:13:57 fetching corpus: 11600, signal 222032/241995 (executing program)
2025/11/14 10:13:57 fetching corpus: 11650, signal 222207/241995 (executing program)
2025/11/14 10:13:57 fetching corpus: 11700, signal 222529/241995 (executing program)
2025/11/14 10:13:57 fetching corpus: 11750, signal 222710/241995 (executing program)
2025/11/14 10:13:57 fetching corpus: 11800, signal 222933/241995 (executing program)
2025/11/14 10:13:57 fetching corpus: 11850, signal 223121/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 11900, signal 223372/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 11950, signal 223552/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 12000, signal 223807/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 12050, signal 224058/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 12100, signal 224303/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 12150, signal 224588/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 12200, signal 224801/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 12250, signal 225012/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 12300, signal 225260/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 12350, signal 225448/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 12400, signal 225657/241995 (executing program)
2025/11/14 10:13:58 fetching corpus: 12450, signal 225887/241995 (executing program)
2025/11/14 10:13:59 fetching corpus: 12500, signal 226085/241995 (executing program)
2025/11/14 10:13:59 fetching corpus: 12550, signal 226221/241995 (executing program)
2025/11/14 10:13:59 fetching corpus: 12600, signal 226502/241995 (executing program)
2025/11/14 10:13:59 fetching corpus: 12650, signal 226666/241995 (executing program)
2025/11/14 10:13:59 fetching corpus: 12700, signal 226866/241995 (executing program)
2025/11/14 10:13:59 fetching corpus: 12750, signal 227099/241995 (executing program)
2025/11/14 10:13:59 fetching corpus: 12800, signal 227367/241995 (executing program)
2025/11/14 10:13:59 fetching corpus: 12850, signal 227536/241995 (executing program)
2025/11/14 10:13:59 fetching corpus: 12900, signal 227715/241995 (executing program)
2025/11/14 10:13:59 fetching corpus: 12950, signal 227887/241995 (executing program)
2025/11/14 10:13:59 fetching corpus: 13000, signal 228072/241995 (executing program)
2025/11/14 10:14:00 fetching corpus: 13050, signal 228286/241995 (executing program)
2025/11/14 10:14:00 fetching corpus: 13100, signal 228450/241995 (executing program)
2025/11/14 10:14:00 fetching corpus: 13150, signal 228661/241995 (executing program)
2025/11/14 10:14:00 fetching corpus: 13200, signal 228839/241995 (executing program)
2025/11/14 10:14:00 fetching corpus: 13250, signal 229012/241995 (executing program)
2025/11/14 10:14:00 fetching corpus: 13300, signal 229292/241995 (executing program)
2025/11/14 10:14:00 fetching corpus: 13350, signal 229602/241995 (executing program)
2025/11/14 10:14:00 fetching corpus: 13400, signal 229800/241997 (executing program)
2025/11/14 10:14:00 fetching corpus: 13450, signal 229953/241997 (executing program)
2025/11/14 10:14:00 fetching corpus: 13500, signal 230113/241997 (executing program)
2025/11/14 10:14:00 fetching corpus: 13550, signal 230315/241997 (executing program)
2025/11/14 10:14:01 fetching corpus: 13600, signal 230584/241997 (executing program)
2025/11/14 10:14:01 fetching corpus: 13650, signal 230763/241997 (executing program)
2025/11/14 10:14:01 fetching corpus: 13700, signal 230955/241997 (executing program)
2025/11/14 10:14:01 fetching corpus: 13750, signal 231148/241997 (executing program)
2025/11/14 10:14:01 fetching corpus: 13800, signal 231293/241997 (executing program)
2025/11/14 10:14:01 fetching corpus: 13850, signal 231535/241997 (executing program)
2025/11/14 10:14:01 fetching corpus: 13900, signal 231698/241997 (executing program)
2025/11/14 10:14:01 fetching corpus: 13950, signal 231837/241997 (executing program)
2025/11/14 10:14:01 fetching corpus: 14000, signal 232045/241997 (executing program)
2025/11/14 10:14:01 fetching corpus: 14050, signal 232282/241997 (executing program)
2025/11/14 10:14:01 fetching corpus: 14100, signal 232414/241997 (executing program)
2025/11/14 10:14:02 fetching corpus: 14150, signal 232609/241997 (executing program)
2025/11/14 10:14:02 fetching corpus: 14200, signal 232841/241997 (executing program)
2025/11/14 10:14:02 fetching corpus: 14250, signal 232966/241997 (executing program)
2025/11/14 10:14:02 fetching corpus: 14300, signal 233610/241997 (executing program)
2025/11/14 10:14:02 fetching corpus: 14350, signal 233786/241997 (executing program)
2025/11/14 10:14:02 fetching corpus: 14400, signal 233980/241997 (executing program)
2025/11/14 10:14:02 fetching corpus: 14450, signal 234133/241997 (executing program)
2025/11/14 10:14:02 fetching corpus: 14500, signal 234331/241997 (executing program)
2025/11/14 10:14:02 fetching corpus: 14550, signal 234515/241998 (executing program)
2025/11/14 10:14:02 fetching corpus: 14600, signal 234674/241998 (executing program)
2025/11/14 10:14:03 fetching corpus: 14650, signal 234802/241998 (executing program)
2025/11/14 10:14:03 fetching corpus: 14700, signal 235020/241998 (executing program)
2025/11/14 10:14:03 fetching corpus: 14750, signal 235198/241998 (executing program)
2025/11/14 10:14:03 fetching corpus: 14800, signal 235399/241998 (executing program)
2025/11/14 10:14:03 fetching corpus: 14803, signal 235407/241998 (executing program)
2025/11/14 10:14:03 fetching corpus: 14803, signal 235407/241998 (executing program)
2025/11/14 10:14:05 starting 8 fuzzer processes
10:14:05 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x50, r1, 0x800, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "11ebb3c060aa5fba2b5f1de7a9e02016"}, @NL80211_ATTR_PMKID={0x14, 0x55, "0319188a7562cc7d6c4f3cd433f51ebb"}, @NL80211_ATTR_PMKID={0x14, 0x55, "f2c2ea9738f17ca1feb24c9ee916a0cd"}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x4040)
r2 = creat(&(0x7f00000001c0)='./file0\x00', 0x262)
r3 = openat$incfs(r2, &(0x7f0000000200)='.pending_reads\x00', 0x22000, 0x8)
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r1, 0x2, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x8, 0x2}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x8001}, 0x48000)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_SET_MAC_ACL(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x74, r4, 0x400, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0x2040010)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f00000004c0)={0x2, {0xc, 0x6, 0x7fff, 0x8, 0x3}})
sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x24, 0x0, 0x2, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x8090)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r2, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x28, r1, 0x200, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x0, 0x41}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20004880}, 0x10)
r6 = fcntl$dupfd(r0, 0x0, r3)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'vxcan1\x00', <r7=>0x0})
sendmsg$GTP_CMD_GETPDP(r6, &(0x7f0000000880)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x50, 0x0, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @loopback}, @GTPA_TID={0xc, 0x3, 0x9}, @GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x2}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_LINK={0x8, 0x1, r7}, @GTPA_FLOW={0x6, 0x6, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x40080}, 0x8000001)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r2, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x14, 0x0, 0x100, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4080000}, 0x1)
pipe(&(0x7f00000009c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$TIPC_NL_KEY_FLUSH(r9, &(0x7f0000000d00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000a40)={0x26c, 0x0, 0x10, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x101}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x200}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2269}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1000}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7ff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x59}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfee}]}, @TIPC_NLA_LINK={0x2c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xcb3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_NODE={0x14, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x101}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xd7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x20}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x200}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8001}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7a}]}, @TIPC_NLA_LINK={0x74, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xcf43}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}]}, @TIPC_NLA_NODE={0xd0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0xc6, 0x3, "f2eb9093f410db7c6d4b184f68681c3b119ad38e85a1ff785999f7924f28045e82140aa52ca2179300c7df3d77cd20f21971ac0e5084282722cc249589f35bd271778b1e8adbdb87ce0344aaac28ecdb078b1fb2d3e5fab2d90a2f8c092e83a34b56d1632bdab4d8cfd86d1fe245e11435baf05ee8f870a9c726a861323efef0f3165cec8b36de237999d3442e2c63ed064317ab0657113d693751edda275f7b9a20b414ca0cef236f02015f0d45c933948eec903d0084d922b3566fde502c582144"}]}, @TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7fffffff}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6aa}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x821}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x81}]}]}, 0x26c}, 0x1, 0x0, 0x0, 0x40004}, 0x4000000)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000d80), r2)
sendmsg$TIPC_NL_LINK_RESET_STATS(r8, &(0x7f0000001080)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001040)={&(0x7f0000000dc0)={0x280, r10, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffff7}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK={0x5c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100}]}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xfffffffc}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x81}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x39}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffffffb}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8000}]}, @TIPC_NLA_MEDIA={0xe0, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x981e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xafe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x44, 0x4, {'gcm(aes)\x00', 0x1c, "0cd72204f4808c8c46167cc8feced9e25c26b3ead80d278e5a84390a"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8}]}, @TIPC_NLA_MEDIA={0x50, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xc190}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x400}]}]}, 0x280}, 0x1, 0x0, 0x0, 0x48000}, 0x4004891)

10:14:05 executing program 1:
r0 = signalfd(0xffffffffffffffff, &(0x7f00000006c0)={[0xe4c0]}, 0x8)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r1=>0x0})
sendmsg$NL80211_CMD_SET_MESH_CONFIG(r0, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x44, 0x0, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x1c}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r1}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x9, 0x45}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x7b}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x8, 0xf}}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000008c0), r0)
getsockname$packet(r0, &(0x7f0000000900)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000940)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000980)={'batadv0\x00', <r4=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000009c0)={'batadv0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000b40)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a00)={0xe8, r2, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x4080}, 0x24004800)
r6 = syz_io_uring_complete(0x0)
pread64(r6, &(0x7f0000000b80)=""/85, 0x55, 0x10000)
io_setup(0x0, &(0x7f0000000c00)=<r7=>0x0)
r8 = syz_open_dev$rtc(&(0x7f0000000c40), 0x2, 0x101640)
r9 = eventfd2(0x2, 0x80000)
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000f00)={{0x1, 0x1, 0x18, <r10=>0xffffffffffffffff, {0x3}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x18, <r11=>r6, @in_args={0x2}}, './file0\x00'})
r12 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000001240), 0x208c0, 0x0)
r13 = openat$bsg(0xffffffffffffff9c, &(0x7f00000014c0), 0x8000, 0x0)
io_submit(r7, 0x9, &(0x7f0000001540)=[&(0x7f0000000d40)={0x0, 0x0, 0x0, 0x3, 0x800, r8, &(0x7f0000000c80)="558fd1fda8b9c2679ce1bec3fd843f3b6daee40c3bb4301b4d6d85540bfaec36e38015ba01fd9bb4163b18a96f9f48ba55b6724b023ffd13b2be7cd939332da4be4aad188d4c29922ece591822dfb508900d19a5656d1c622a0f8c39c0a02e92e4601494f8d226207a504e2ae59e3157c9043fd77e0fdd4c2627ed340ff61586ecc65293646cbd4ea3f9f17825", 0x8d, 0x5e49, 0x0, 0x2, r6}, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x3, 0x81, r0, &(0x7f0000000d80)="bbb71b6cdbaa527d90a8816a97260409da4c44181d4dca16d7c2222c60824174466befacc19b2a68027584381b54f4a1ad6e22f4385e665870dae75613181a2f380f64da9c9ac309be614dc7cfbf7f5c0113f451d61f80979b4009525fb1d85b79c717c15e6f9d6b3059972d16e615d052c6e405c304cd1dd4534830dbffef4cf4986ecd56f958a3977319d8c72b67556b208c19d6838f5ed84f2f7c43c68862c8986f6e25dff6", 0xa7, 0xc91, 0x0, 0x3, r9}, &(0x7f0000000ec0)={0x0, 0x0, 0x0, 0x3, 0x74e3, r0, &(0x7f0000000e80)="5d75946becb650b60eff2f4f189197f98f901e", 0x13, 0x2, 0x0, 0x1, r0}, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x8, 0x6, r10, &(0x7f0000000f40)="ab3262f6a6621de92f87db2f2249619463913216bfaad74c55330d5702a6dd819efb3d50e11631fad9cc04cd986e300450c3498248a398a358b1739ba4abd8fbe463da6b9c053c2639b7bfa8375e8de6329b6bb1cb6d7843a8ecc6b01456baa14a6c5df4817722a5067dda5b1e56f4aafbf189c29046f7fab90ef379c705c3d0777c7ca9d91011a2c55839fc7ea8f8b2bf4fe98df61bc45c72653d10aefcacd25493cfcc4ef9287b6598d8ace11a8caefd3af51c3bb7c5e2b5a9689813c746d93dbfdc041a7735bcf5a0963635997e9bb0cba2f70275390ce848ba75bce02796d801c1a41b4de5d558e83bc18764609d4bd6dd3326", 0xf5, 0x400000000000, 0x0, 0x2, r11}, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x8, r0, &(0x7f00000010c0)="d97c44642ad1a1497d4869e0964c5f7a5ac68512f6dd18f243ea912576960408b1aa71d3149dd90bfc0826d3ca1724dd522bff00dfcb448fca062508f8b88a3683f3ce4d99da7b57089e4dc8a94227e138040b6ea551227f8be739daeb4645406b3af26e20114efbbe97c513ee5b13ef18a5a3413cfffbf0454121eac824f2919c953e6003133686ac3a161179ac9a90151132ec2e207590de49abe5bcfa70cf07a1e62452f8", 0xa6, 0x149e63f1, 0x0, 0x1}, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x7, 0x84e1, r6, &(0x7f00000011c0)="d4c7e42f6843df80098adddbc60c7ded4a97412dc1b5f5db98aa006536cef74735103325f0b712a6c539277b3e", 0x2d, 0x43, 0x0, 0x2, r6}, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x1, 0x4, r12, &(0x7f0000001280)="8539560286a9c52dc64376ea0ee9850f4ff89ce5080b7fa8cbe8cf104cdbca3ae977a71251291e64efc2a476f1826b7a22fa9b", 0x33, 0x1ff, 0x0, 0x2, r6}, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, 0x7, r0, &(0x7f0000001300)="c0a395492305abb334e446085ac555becc0c12945fdbe2a3fbf0b79907b4cabc3dcca41eecdd99056b150bd2dceb6f5fb7e2605b9bac7777433625142870f501232cbbf26efbec707b68071187c13383ba143cfe2a7411fba6fb88fa62e424c32b2fe881f3badbf3ae1ede0e12f5ca0b05f87b1e22623dc6bca5a379bcbb9febc387822308a31e9bb11fed6a9ffedfa026f802575ec5b2a6ccce093b30dc2ad2cc89", 0xa2, 0x4, 0x0, 0x1}, &(0x7f0000001500)={0x0, 0x0, 0x0, 0x3, 0x200, r0, &(0x7f0000001400)="bffc6d842a436d09f514393b7bf93415ebf50e387f8a9a3d542dcd8d0339268397054b1f9a2285a361ba97cef676ca8b67670874fab1107fcf666d1bcaa2db995491aafdd6b36f2e4235b19b040d774d87cdfcf3f1f7af4e5e1aa325cf2de449c22e1999005c5a4cf3c7b49451487ef599fcaf8badc9e25f2b3ae9a19bb341cd245b290de50c4651bd6c7d2ef3891bdee4", 0x91, 0x0, 0x0, 0x2, r13}])
ioctl(r12, 0x80000001, &(0x7f00000015c0)="004d147865573fc885e6d2990841be203083e03224d12f9416654b68f1921fae653425288527a4628dbc7c92448dc7d9eded35b51fe5eab1dbce1dcdfd0b3d598e94c53b0bc221ae62359e9ac4af009d61f45ab230cf5b5b38e2e2567ddf12ee69306d9a8cec6c37edf8277891c0427c746dacbcee07d1c860504be7d7a5a5b87c861a83034d117f795adb689e77baf794dcc510fca4fb27f4175ff0e7aca31e6f879a4722737a9226240a51d4f9fef927c6e9b51685ac539d970ceb0933f4dbe9e19865")
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001700)={'vlan0\x00'})

10:14:05 executing program 7:
r0 = shmget$private(0x0, 0x2000, 0x10, &(0x7f0000ffe000/0x2000)=nil)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000000)={{{@in6=@mcast1, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0, <r2=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@private2}}, &(0x7f0000000100)=0xe8)
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
shmctl$IPC_SET(r0, 0x1, &(0x7f0000000200)={{0x0, r2, 0x0, r3, 0xffffffffffffffff, 0x0, 0x107d}, 0x2, 0x9, 0xf60d, 0x6, 0xffffffffffffffff})
r4 = syz_open_procfs(0x0, &(0x7f0000000280)='attr/current\x00')
setsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f00000002c0)={{{@in=@empty, @in=@local, 0x4e20, 0x0, 0x4e21, 0x1, 0xa, 0xa0, 0x80, 0x62, r1, 0xee00}, {0x8, 0x7, 0x5, 0x439d4eaa, 0x9, 0x5, 0x0, 0x80000000}, {0x7399, 0x81, 0x17, 0x294b}, 0x97d, 0x6e6bb2, 0x0, 0x1, 0x7de9475f47af7cf9, 0x2}, {{@in=@multicast2, 0x4d5, 0x3c}, 0xa, @in=@empty, 0x3502, 0x2, 0x0, 0xff, 0x8, 0x8, 0x3}}, 0xe8)
getsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f00000003c0)={@empty, <r5=>0x0}, &(0x7f0000000400)=0x14)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r4, 0x89f4, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000440)={'ip6tnl0\x00', <r6=>r5, 0x4, 0x1, 0x1e, 0x80000001, 0x50, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @dev={0xfe, 0x80, '\x00', 0x37}, 0x1, 0x8, 0x4, 0x1d7}})
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000500)={r6, 0x1, 0x6, @remote}, 0x10)
r7 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f00000005c0)={'erspan0\x00', &(0x7f0000000540)={'ip_vti0\x00', <r8=>r1, 0x80, 0x20, 0x8000, 0x0, {{0xc, 0x4, 0x0, 0x7, 0x30, 0x64, 0x0, 0x4, 0x29, 0x0, @rand_addr=0x64010101, @loopback, {[@timestamp={0x44, 0x10, 0x52, 0x0, 0x6, [0xe1e2, 0x6, 0x3]}, @lsrr={0x83, 0xb, 0x6e, [@broadcast, @multicast1]}]}}}}})
r9 = geteuid()
setsockopt$inet_IP_IPSEC_POLICY(r7, 0x0, 0x10, &(0x7f0000000600)={{{@in6=@mcast2, @in=@dev={0xac, 0x14, 0x14, 0x23}, 0x4e21, 0x1, 0x4e20, 0x0, 0xa, 0x0, 0x0, 0x127, r8, r9}, {0x0, 0x2, 0x727b, 0x5, 0x3, 0x3, 0x2, 0x1}, {0x0, 0x1, 0x100000000, 0xffffffff}, 0x1, 0x6e6bbd, 0x1, 0x0, 0x2, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4d4, 0x3c}, 0x2, @in=@private=0xa010101, 0x3503, 0x2, 0x0, 0x6, 0x8, 0x5, 0x7}}, 0xe8)
shmget(0x1, 0x3000, 0x100, &(0x7f0000ffd000/0x3000)=nil)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r4, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000800)={&(0x7f0000000740)={0xa4, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@HEADER={0x90, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x44810}, 0x80)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r4, 0x89f6, &(0x7f0000000940)={'syztnl1\x00', &(0x7f00000008c0)={'syztnl2\x00', <r10=>r5, 0x29, 0x3, 0x20, 0x1, 0x24, @rand_addr=' \x01\x00', @remote, 0x20, 0x0, 0xe50f, 0x2}})
sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x60, 0x13, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x1f, 0x3, 0x0, {0x4e23, 0x4e23, [0x3, 0x5, 0x1, 0xff], [0x73, 0x1ff, 0x8, 0x7], r10, [0x3f89, 0xa8d]}, 0x9, 0x9}, [@INET_DIAG_REQ_BYTECODE={0x11, 0x1, "9211313f499fcad379c806a2b7"}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000b00)={'ip_vti0\x00', &(0x7f0000000a80)={'syztnl2\x00', r1, 0x700, 0x7800, 0xa7d, 0x4, {{0x12, 0x4, 0x0, 0x6, 0x48, 0xfffb, 0x0, 0x1f, 0x4, 0x0, @rand_addr=0x64010101, @local, {[@timestamp={0x44, 0x24, 0xf, 0x0, 0x8, [0x8a8, 0x1ff, 0xffff0001, 0x4, 0x2, 0x7, 0xb8c8, 0x401]}, @ra={0x94, 0x4}, @ssrr={0x89, 0xb, 0x65, [@multicast1, @local]}]}}}}})
r11 = accept4(r7, &(0x7f0000000b40)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, &(0x7f0000000bc0)=0x80, 0x800)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r11, &(0x7f0000000d40)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x64, 0x0, 0x10, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x64}}, 0x4044850)

10:14:05 executing program 2:
rt_sigqueueinfo(0x0, 0x1f, &(0x7f0000000000)={0x9, 0x8, 0x5d25})
ptrace$peeksig(0x4209, 0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x5}, &(0x7f00000000c0)=[{}, {}, {}, {}, {}])
rt_sigtimedwait(&(0x7f0000000340)={[0x100000001]}, &(0x7f0000000380), &(0x7f0000000400), 0x8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000440)={0x0, <r0=>0x0})
ptrace$peeksig(0x4209, r0, &(0x7f00000004c0)={0x2, 0x0, 0xa}, &(0x7f0000000500)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}])
rt_sigtimedwait(&(0x7f0000000a00)={[0x5]}, 0x0, &(0x7f0000000a40)={0x77359400}, 0x8)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f0000000a80)={0x7fff, 0x800, 0x0, 0x80000001, 0x3f7, 0x4})
rt_sigtimedwait(&(0x7f0000000ac0)={[0x578]}, &(0x7f0000000b00), &(0x7f0000000b80)={0x77359400}, 0x8)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000000, 0x5f65597008a203da, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000e80)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000e40)={&(0x7f0000000bc0)=@rc={0x1f, @none}, 0x80, &(0x7f0000000e00)=[{&(0x7f0000000c40)=""/210, 0xd2}, {&(0x7f0000000d40)=""/27, 0x1b}, {&(0x7f0000000d80)=""/114, 0x72}], 0x3}, 0x0, 0x2, 0x1, {0x2}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000ec0)={0x40002002})
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000002300)=@IORING_OP_SENDMSG={0x9, 0x1, 0x0, r2, 0x0, &(0x7f00000022c0)={&(0x7f0000000f00)=@xdp={0x2c, 0x1, 0x0, 0x33}, 0x80, &(0x7f0000001140)=[{&(0x7f0000000f80)="73cab7cb52fece87232364a7d9d3aafe59fd3fd1462f0797d06de8126ff45de0e2d7b2f5d1ea5cafe0c1f0af44265441215965c0f5f1260e25251b567d0b2fc2a2e80c8bad0b3e514b12317fec64eff33b30797579a839", 0x57}, {&(0x7f0000001000)="052a2c9d87c51c7c877a87f296aa42ecfda8e9dd70604b1a09673393b10cc115ed495d6eb8dacc2a73cf0390cd77a0e13f3e239e253a49e2fa58d2698b84be880e1b11395032ae7461706285626a55f803f969bbce1eb14eab70836d90ca552583bc1d2ea630914209b9757ead8d370b94a8271eb880254bab02e834814dc696d20c8e27753b6d04a5427fc9450816ccee7e28216176fb33c4ccefee37ea8879de836db9c766f9b02ca40094dd9bd43b8c5c3ab767cab159db06bfe7", 0xbc}, {&(0x7f00000010c0)="6f48fbe12a109e5de8a96e3c48877dadcd5b8dbee8cd71f18eb742f8d499f3564c9ecd97654783551e2236d334390d8831e15c94ba8ea00b2b2a2abf843e419695d7b0149fbdaebcdaf134e55a7c9159eb", 0x51}], 0x3, &(0x7f0000001180)=[{0x1010, 0x10f, 0x200, "1f18d66a1b5f767c79a78012133ae66864552b22fb19c066194defbdfa639fc852671e23159d67ef2d5cd2544298ac2ca6228896d94efc5355f7c1905019f6ac8f4443df38783e4d672896a68f4e4f3c17e397c39f90db505a56544263740719c401e56af47b2a52bba2c773aba73009a71db888f7f00059dbc52b57a984a05be904b1ae30e560c80ceb3881db6fdb34572d06aa3724430f1c6b214a8f388458cd9a607bccc75c504a810f8e2470bc989201cf7f09e5ef2cf08ab3b4177ceb4fb3fab6b1225f1022375cb70dbf2ffd0b4ffe755399640c8df361eb31c9cb2f7690fceab5c011026bc2f67d288d0c6164fa3db184be9e17abfcab3864ecf24dfe42fe248699bd17e2d746a8dd2f7b8ae98dce5cfcbe5d80cfe2399c723921600b83bad33751bebca873a5fafbfc4cafb2fad154821209d99769a3d67a8e17a16932d14f261d9f6b79dad07fb426fa5be2a9382d215099c35857cf5b29589c10652a6141067c795c05c32a59e50fdb14e8580324838f2fc40c4d147430fe2f66b918c32ff1d82a9f74ba4c27b1b914da985fe26e6c7d4e96ae747d6ea511a6c400b7134b355068b68619d5e09ff81d7090ed76c17e334deda8fc4d69440f7236526b9f90f7f54553f4d132097dfa1f92b73d3123d713985b43e6044ca645a9b777e9d26c2e1aff5dbcb998617f0e65a06b02ed36a11d8bc35b46c9b6652bd85dd1adf61edc945cfc00556be780eb6a9f1a5ad0bc0d540bafa59a193f7c7722d1d6885b66c24341b29ff2180dd1ab46a991ede04e8dc5f2c9e7d39e657f393ee2458aabe5f440c1c5b3899d8830f71f718d1ec40d2d5a28c4bc4fcda34c5e4d977bfa7fa34981c6163dffd7e26e633e0474ba55833c1f3ce07652b3e75449afa4665077263921f71ff2692069b7c8aa5c0ddba0590940d57df46c7bdc77cbafc069dda2c2a7e5bb9cfed70a23fef361e2dce44fd6eac52cb810dd6d184413ff363491d2e0b6fa5d9fa84bc3c114eb407cde70232788e8f69e2fb9fc8ab3019a7a7bbceee053bd7361672f1f85271620dd0ea4f07ca4535e0f7a27dbe3f1b893bd6e06626803697adb0edd5657dad5e870f0d27d7628c28488ec8b091ffffcd7b952151081df6d642de7025127feac742e21d5fdaeff274fcfa600dd49d69ddbbc398dd8950f9ec75e8cde50c7f28c9ba3dd823b2fa393586dc15fc1017523451eb38b424ba6ea710b9c02f8abd2c7e8372449577c61a60296f8779c491b8fc449882e8e8cd5fbdce5531c4daee4a1f9619f37a4f93943fa8e88963f9af7ce6a148ede2ac777a9ab4e58c4eb300271269269a20bc31240a813f3ce32347b9b03c70c3d2555526322317b3a3653281f27e78f37b5556fe5bf6aedbdbff3bf4452f994a2a01400b2876b587be1ae44c7db33da5e2b5b5da15422d5e49ec497cedb219522ef26cd0c09e52850087adb0e2823aae4c7e19c505622d75b469a674d0c3bdb8f63746c6d15785a1f95861a1e8f8ff78438e89577c8a814eb4ef86ca863ec17f3422cc9ff850c893e625d583c3d46bf26c47ab29a6123a55595b6f3cae96c50d4a018c3008f58c32c4642ede0c25f78834850a0b19a17a5b6417422f599bfbf7fb01ac0a358a18811856df461395537687d1b52c8c4c4b8f181cde722843eeb4a1d993afa08ae18261f70921640f73253eb58229f6d679d2667388e5009a28de9455444d856e612cab0a098b99f778262c062758f4399832f228b9dd8c48e37065eef776604b2d30d2677bc6aa15fd535fba954d5307cd7d4575879f48845117c20d240183d52f9e0089cb8f8b1b706e4f9d9ecf9c41ac296694d8eda455cb57dc47edcf9f0ff6e9b1d5b86a7c9ebacfeb6eb5d620c453257aa4887b4990b4be5658ba508d930d73371760e8d8572900870e680270e003464225315ecf9ab4c228fc7e32c766f00fbad708cdb3bd93fce4ac9da47897ce4cc4c463ec59a1574890527be04de811af7dd3f209723ba95bd2eaf411072ffa1665b5c0ad01e73e30ffe8cb91a2651a309b9745983c562c12779c12c9268ca0dd9289493d735f383749f914294ab0a6a96d23a0077872eece565a7fa466e4e5dae13cc305c0327a610ef955e517597b6d1de072c973963c6dcff973271f58d4812a81d46267e303d00fc725200238940c3045acaa086f2e81c403212e92c31212c148337bcbfbdf42c394c3d0f2b4055f9ea916db6c2d4946bd334649b64ddbc2e8edca0d8a15d8d4c13b69de4ce64c01305ee1063e873697741c32df92baf1575f80844e9af1b94802f3ef38a0d37503cdffd613d10a49014032b183a4f4ecb479614bd99171669a243b637f0c0e39c79526665ce54919aad729a9f86adf36d68f04ae884833baed7e9f7afc61cfb3e03c3b3984816dd9aa789b0271a3dcca738c0ac3f43f01636623f3dc1bceb2bf6541b16755637ad77cbc53f43ddab51c0ab0af52f9a3747ae9cff254a53e8f75fe31c082d69b13a90232b415d23152d89379ec529b0d525ade37639923b200eb467833b34861eb08329581e12c067c1afa8fb93aad44214db2e70850b68d03ffbd2cdad3dd7344220b48eafdb81a8af707784876a3144fadaf25b4a9b694d37ebe2a54a474137769389f6688cce60a539176c7fe299a8faf0894982db6b4c258f1d12b100f6a0b5ff8d5a1b38b8a4cfcdba896dd7a69ac5215592df250839bde9e8a31dbc8785c3151f8ea0194335f23b46c2da1bfed9a077ff3917a378b78526dedfffd86df714441ebe6a1fbec650606056d9a091f463ff296e6ddd9e8a3ec754a84c877a1c2fe4802b1a854b38cff7439a5adb0f6bac377cf28344225ec6499eeb2b8c5354cc05dc4c4036bc52895eba3f27d94bdc944a8eb0e45b8474b93742acf749ef12974d27a5a3ccfa052de7ddfc16126979a22523bb9ab2becbd25781e3fc0a32022ef941d56bcc79b72dee0f9efd0940ffda520f4aed0150195e804e7eb11fa4940ad7da8a8dbc91f6964a94ffeb71c67175768ffc4868af57a1693e71371f698b911631bc5b6c089c6e51a4a04a6dc0b495e139da972a63f8f9c9b74cf7239a7a2e30f489f67b89e6f6eb78c543f65de5120f28d62c85e7a7f5064134d33e04724317b9c26711ce27ccfb1fe624e987888c94735db1f42cf5178d3f5db816b0368478035486a72dec55855e6965e59e9186d22837620a452fd4484aaaff282fa00559aa16920af215cc2e39e9d3b0108f03a4efd3fb0752b8918c226ed76fef29773cd43ed8ff99501bf1f7eeeb3a390648f98d65665fb725fc8103f3716c4917f06dea63fe775e0f8b7d62771396417ab0cbf9671fbeb47117100a18cb67bb7b8ffe7d50a710177ea2961f14a861f5c942ee4d141cc9dc9fabfdcdcf34719077f59eceae0e09d071074a65d11c0b627e67bf87b7c7c43c4798401e51dd21a202d44970e8b519d31369714d3fb628679455218b3f2560c9c0d2d891c30d852ed4789c059062fae68de10d72c0176ce7fe63cd603b9ed25df4b7e90ed1e71a8a3d881aee8f956998fcc2d117ac355fb07658d90ae37a8fe1ebd53e297b25ec6a62a6a561c850a540386a1b0b25c5fe02d0180593c1b90ac1773caa0e38c141a724d3226259f2b9cea318f1e2fb0e69645329a0aa411c768ad71870994476665769ebc924a7eab298861d401c5ecf80d8f64e6d606ea721d6245829698e0466eb0e7f8d17399ddc113ecfd25032f117444fc51dae62ac2c84d0b5e543175d97748c176993f1e016cf098788f9e3e29deb329c185a6960ccd4a2c9882d61db4e0d9077a894f284417b6a35a7de1c5b1e217c55e4945dea06333293b7effe5e5abd726b2fab19fbb6575f0a66d87c34d3f7a34b07984ef9125288f71f7eaadf80f778159589bca7a66fcb455c89583ea8ce1f1fc2f486b9f86292c57a1d0ed0cfdadea64d63015e0375d7d74e046d7283d17d71cf7c8d4e384d353fab50de63ca7145e7d1c7fad288318d735c91332149ca34b9467f134d1fafe531574f9b11bf9fe8cb2cf531e94962df5d76d9ff2915f7de3c130087b230e16dcf67ea1c87ff21de50f883f2789a36a25392133d3f14f5eeb26e601341f094a2caf24027a2e141bb8b9a5c8761467ca0c1add32e52979ebd85a4cffa51973ccc8b8b7b6a502cb4dba0877c59e1bfdc60202b0041f71dc9be5c7010b4b139b2937a40bfaa841699b07bd2343b6d0185d5c8b3cc98605324ff60b943c7e3d756025dd8360cedc54aed4219b5a658c98359d25cf09bb542ff5f379c4c5080e3ed070c64ad677ae1aba3698fabaa9f8d0ccb0313b9d33738642f00328c886227c448b0681111f2a057491a775fdf8734c52f43b26b674a4ac9d413470c65cc307ce976812d794dab86534ea7d6147ce61b71b6480384fac235f7c2d60f6fc1ca35381e86f2feec94779d839ddc512df2694b88da8cb01a89cf39e3e3ba3dfd3912734d61cad47ee639c91115c753cd0f93ac94aded4f9006346a5c36dc78fdeb1d94105af14a94a9008987a94bb9acea1e590ca8e94beb2922034901f5237ab8e3348a89ba04a7e32b484b73aaae90c2778265ca72b1c2c8665fcd2a34e168f2d13bba0cca2930d5e03b69f4ab23deb2e1de8a56bc18a9d8f8e7069c8316732d6b4ce200becceac2d37608cc8ed191fc4d23afea8109859b5d0087fded95b0d2bf9f83f311182df4aacf5eab4c873fb987cfae88e446e4ea43a251b2c659f1dabdbc4ec15c4be842c3de699c04b40c3cfcc24500da6c211ccba515422d900dde78e1ecd457d354d4a1dc4425d86e7337a20c8722f36482bd12e96c002a2a897a27a8f7d9b8ef7a8bcfb60aabdd8dc62fc785cfde95ec1e491af20f902815737cf4c503e348fe0f2fee00965168c5c260cb7b0bea5a1b608c873c9c8731fde98d57edc0f6c4704a0c0772fbccf46ebeb05a37c69dc6f9189dd1deb7ab86eb9e24654274a6f214920384f2f92ab19627e49392e88e3b1cc1ce9265df38eefcbb1b7e6d6906c10c445eb4996e82f565d54f8d8b78e242b6eab3812fe718803f0b448fc8636f95051f1f4bd9d2bc385b9636a888524f8b726c51f30b89a2732f5f95bbe4a7e495d20b2fd786bc06591e2275338f193f5d118ee7a1fa7ab6ed8498fa440827f368544dcdbf3435c0eccd1d19aa7cf4a6a78e0cb803a10ed1ad3a96377f52749834e604da072c61ccdfb25f4ea96a5b6340023a4460e2fe1711aabe42183d06fc58e298a49c699ae6a5a5fb8eeeab0d076842c04427b0d6a6c12990f799ea02fde846b0d7290bd979d95ef053d9e0c74da7dffa1946ea55b60af1a8d023a899917145e05266e2f37eff53fa32d0f9ef61f6821ac66de029d5a3ae824579a3edd9d9cfc6c157190f2bf29be6d9748b165251ad356661fd9a64a66f1db984171532e6e99916fbcca292c6100282c7f493d52058cd867e1903079da14d677163941d78bb484c8d5c0034c652e24174463b63fc3fab0416dd22401dcc4c8ec21590d70c47d4615ea9c709887e80e61df3f3a8fcedf0abcd463122559da0ddb92d6f06bed582b688624c5b59ecf31e072ddb58de19d1487c59df2725d18c1c0bf82cb7af2945fd22ca7f02cc1de6ba055d3ee1687aff634ab1abc876b384736fda7f65dbbc1661206cd5af1534603203200df6626b04c3c1960c04a362d817fbd0b9803c226bcacf51953343d0206f55f2872e7e908efb4576731c9372d0eff7d4dd376005b209c70431919a650f4ec1848d47f5395c4efef4a140"}, {0x50, 0x105, 0xe, "d95cca8ed3642078f04bb4dc2cff876bf4b278297e653568c43c9a85e9b25b51787743b49ec585e0fa59f2cf393a8adbb16c95ef31826d60aedd4dfd70"}, {0x30, 0x117, 0x0, "d91a3bf7d28ef6fa559046c2474893c310af806389ad1c0d3b84a003"}, {0x88, 0x10f, 0x2, "2a2775c21105c08ab882ae02ae12712be948a8ce396038464847bfac24378ac93d10e6f89c816c8764172ac22d51a635b647bf977f72989593cd2eef638027f3e7751a032f3d83e9ac6cdf8578b841dd66450bef2263ecb603b182825633fa837666cbacce68a6dd011339ad5cefdf1117342a64df5c18c2"}], 0x1118}, 0x0, 0xc000, 0x1}, 0x3)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000002340)=<r3=>0x0)
ptrace$peeksig(0x4209, r3, &(0x7f0000002380)={0x6, 0x1, 0x2}, &(0x7f00000023c0)=[{}, {}])
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000024c0)={{0x1, 0x1, 0x18, <r4=>r2, @out_args}, './file0\x00'})
io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000025c0)={<r5=>0x0, <r6=>0x0})
rt_sigtimedwait(&(0x7f0000002500)={[0x100]}, &(0x7f0000002540), &(0x7f0000002600)={r5, r6+10000000}, 0x8)
rt_sigtimedwait(&(0x7f0000002640)={[0x2]}, &(0x7f0000002680), &(0x7f0000002700), 0x8)

10:14:05 executing program 3:
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)={'full', 0x20, 0x427, 0x20, 0xfff}, 0x2f)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='loginuid\x00')
sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x3c}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008010}, 0x10)
r1 = openat$cgroup_devices(r0, &(0x7f0000000180)='devices.deny\x00', 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r2=>r1}, './file0\x00'})
sendmsg$NL80211_CMD_NEW_KEY(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x50, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY_SEQ={0x7, 0xa, "a7e721"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_TYPE={0x8}, @NL80211_ATTR_MAC={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x4040004}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000340)='memory.events\x00', 0x0, 0x0)
openat$cgroup_subtree(r3, &(0x7f0000000380), 0x2, 0x0)
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, &(0x7f00000003c0))
ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f0000000400)={0x3, 0x1ff})
r4 = dup(r0)
perf_event_open$cgroup(&(0x7f0000000440)={0x1, 0x80, 0x7f, 0x4, 0x3f, 0x81, 0x0, 0x2, 0x44021, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x8, 0x81}, 0x802, 0x2, 0x5, 0x2, 0x10001, 0xffffffc0, 0x3ff, 0x0, 0x40, 0x0, 0x80000001}, r2, 0xb, r0, 0xb)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000004c0)={0x0, 0x0, 0x1, 0x0, '\x00', [{0x0, 0x1, 0x79, 0x6, 0x7, 0x40}, {0x4a2, 0xa1, 0x9, 0xb0c0, 0xfffffffffffff000, 0x7}], ['\x00']})
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f00000007c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x2100000}, 0xc, &(0x7f0000000780)={&(0x7f0000000600)={0x170, 0x0, 0x200, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_QOS_MAP={0x1c, 0xc7, {[{0x8, 0x7}, {0x40}, {0x64, 0x3}, {0x8}, {0x1f, 0x5}, {0x0, 0x6}, {0x7, 0x5}, {0x7f, 0x5}], "5c8bc02bc6f2face"}}, @NL80211_ATTR_QOS_MAP={0x16, 0xc7, {[{0x0, 0x5}, {0x8}, {0x0, 0x2}, {0x40, 0x2}, {0x2}], "b8bbaa1833ad7fff"}}, @NL80211_ATTR_QOS_MAP={0x16, 0xc7, {[{0x9}, {0xff, 0x6}, {0x4, 0x6}, {0x1, 0x5}, {0x1, 0x1}], "966219209d2cc6eb"}}, @NL80211_ATTR_QOS_MAP={0x24, 0xc7, {[{0x3f, 0x6}, {}, {0x3, 0x6}, {0xee, 0x6}, {0x4, 0x2}, {0x3, 0x2}, {0xd9, 0x3}, {0x81, 0x6}, {0x5, 0x6}, {0x8a, 0x5}, {0xfa, 0x1}, {0x5, 0x3}], "513e68ca19764d91"}}, @NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x81, 0x2}, {0xfb, 0x4}, {0x3, 0x6}, {0x7f, 0x4}, {0x41, 0x5}, {0x40, 0x4}, {0x8, 0x6}, {0x7}, {0x0, 0x3}, {0x1, 0x1}, {0x9, 0x5}, {0x4, 0x3}, {0x8, 0x6}], "390e923ca4ef5c39"}}, @NL80211_ATTR_QOS_MAP={0x24, 0xc7, {[{0xdc}, {0x8f}, {0x4c, 0x6}, {0x3f, 0x6}, {0x7, 0x6}, {0x3f, 0x2}, {0x22, 0x6}, {0x9, 0x7}, {0xc7, 0x4}, {0x8, 0x7}, {0x12}, {0x3f, 0x2}], "efdb36953a1dd4cf"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0x1f, 0x4}, {0x0, 0x3}, {0x6, 0x4}, {0xff}, {0xfd, 0x1}, {0xbf, 0x6}, {0x0, 0x6}, {0xb1, 0x4}, {0x8, 0x6}, {0x3, 0x6}, {0x2, 0x7}, {0x5, 0x3}, {0x40, 0x6}, {0x8c, 0x5}, {0x81, 0x1}, {0x3f, 0x5}, {0x51, 0x1}, {0x20, 0x7}, {0x8, 0x4}, {0x1f}], "5b18258af54bb089"}}, @NL80211_ATTR_QOS_MAP={0x1c, 0xc7, {[{0x3, 0x1}, {0x7, 0x3}, {0x0, 0x3}, {0x80, 0x3}, {0x8, 0x3}, {0x5, 0x3}, {0x0, 0x2}, {0x7, 0x4}], "40b396f1eade8706"}}, @NL80211_ATTR_QOS_MAP={0x20, 0xc7, {[{0x4, 0x6}, {0xc1, 0x7}, {0xc1}, {0x0, 0x7}, {0x18, 0x4}, {0xc9, 0x4}, {0x8, 0x3}, {0x4, 0x6}, {0x94, 0x1}, {0x9, 0x3}], "0054979fb51cda6b"}}, @NL80211_ATTR_QOS_MAP={0x30, 0xc7, {[{0x9, 0x2}, {0x6, 0x1}, {0x20, 0x7}, {0x0, 0x3}, {0x1, 0x4}, {0x0, 0x6}, {0x0, 0x7}, {0x0, 0x2}, {0x20, 0x7}, {0x7, 0x2}, {0x6}, {0x0, 0x4}, {0xf8, 0x5}, {0x3f, 0x6}, {0x4, 0x4}, {0xff, 0x6}, {0x40}, {0x80, 0x1}], "746fbc7d332d55db"}}]}, 0x170}, 0x1, 0x0, 0x0, 0x40000004}, 0x8c0)
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000800)={0x2, 0x9a40000000000, 0x6})
clone3(&(0x7f0000000ac0)={0x80, &(0x7f0000000840)=<r5=>0xffffffffffffffff, &(0x7f0000000880), &(0x7f00000008c0), {0x11}, &(0x7f0000000900)=""/189, 0xbd, &(0x7f00000009c0)=""/160, &(0x7f0000000a80)=[0xffffffffffffffff], 0x1, {r4}}, 0x58)
close_range(0xffffffffffffffff, r5, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x80489439, &(0x7f0000000b40))
r6 = creat(&(0x7f0000000bc0)='./file0\x00', 0x80)
ioctl$BTRFS_IOC_DEFRAG(r6, 0x50009402, 0x0)

10:14:05 executing program 4:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
setsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000000)={@private=0xa010100, @multicast2, @empty}, 0xc)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@private=0xa010101, @multicast2, @broadcast}, 0xc)
r1 = socket$unix(0x1, 0x2, 0x0)
fsetxattr(r1, &(0x7f0000000080)=@random={'osx.', '\\-$--\x00'}, &(0x7f00000000c0)='$#&^^!\x00', 0x7, 0x3)
setsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000100)={@rand_addr=0x64010101, @multicast1, @broadcast}, 0xc)
setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000000140)={0x87, @private=0xa010100, 0x4e23, 0x3, 'dh\x00', 0x19, 0xce8f, 0x6e}, 0x2c)
r2 = fcntl$getown(r1, 0x9)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f00000001c0)={0x1, 0xfff}, 0x8)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000200)={@local, 0x0, 0x1, 0x2, 0xa, 0x4db1, 0x81}, &(0x7f0000000240)=0x20)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r3, 0x8008f511, &(0x7f0000000280))
ioctl$SG_GET_PACK_ID(0xffffffffffffffff, 0x227c, &(0x7f00000002c0))
r4 = perf_event_open(&(0x7f00000003c0)={0x5, 0x80, 0x7f, 0x0, 0x11, 0x7, 0x0, 0x3f, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0xbb, 0x4, @perf_config_ext={0x9, 0x90}, 0x2002, 0x800, 0x4, 0x9, 0x4919064d, 0x81, 0xcb, 0x0, 0x20, 0x0, 0x3e9}, r2, 0x1, r0, 0x8)
perf_event_open(&(0x7f0000000340)={0x3, 0x80, 0x0, 0xcc, 0x2, 0x3, 0x0, 0x1, 0x82, 0x7, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xe3, 0x26d7d6276b700da5, @perf_bp={&(0x7f0000000300), 0x7}, 0x10, 0x6, 0x2, 0x0, 0x6, 0x1, 0x6, 0x0, 0x3, 0x0, 0x6}, r2, 0xffffffffffffffff, r4, 0x9)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000440))
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000480)={{{@in=@initdev, @in6=@private2}}, {{@in6=@ipv4={""/10, ""/2, @dev}}, 0x0, @in6=@local}}, &(0x7f0000000580)=0xe8)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f00000005c0)={{0x1, 0x1, 0x18, <r6=>r3, {0x2}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r6, 0xc018937e, &(0x7f0000000600)={{0x1, 0x1, 0x18, r5, @out_args}, './file0\x00'})

[   93.375439] audit: type=1400 audit(1763115245.639:7): avc:  denied  { execmem } for  pid=274 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
10:14:05 executing program 5:
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'veth0_to_bond\x00'})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x2}}, './file0\x00'})
ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000000080)={0x1, 0x1, 0x2db4b016ad86caec})
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendto$unix(r2, &(0x7f0000000100)="475ec6c3ebc1cbb413c181968f937bb90e3f8939b21bc013a21e5d91481e787c442a1b4a0eeccc095cc3ba019eca8f21ba4fb054e3e252046eb7d0cc53bfef345f179b5990621989ce5163d65960e9c21b4537f1ba06d5be51dd88a40f0034c6567f6a86ed828cbfcd6468863e8a", 0x6e, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
ioctl$BTRFS_IOC_SPACE_INFO(r1, 0xc0109414, &(0x7f0000000200)={0xb6b, 0x6, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
r3 = syz_open_procfs(0x0, &(0x7f0000011440)='net/ip6_flowlabel\x00')
fchmod(r3, 0x101)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x98c4eaa0147940e5, 0x810, r1, 0x8000000)
r5 = syz_io_uring_setup(0x9e4, &(0x7f0000011480)={0x0, 0xb51b, 0x8, 0x0, 0x2ca, 0x0, r2}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000011500), &(0x7f0000011540)=<r6=>0x0)
syz_io_uring_submit(r4, r6, &(0x7f0000011580)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x1}, 0x80000000)
read(r2, &(0x7f00000115c0)=""/182, 0xb6)
fcntl$setsig(r0, 0xa, 0x16)
r7 = pidfd_getfd(r1, r5, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r7, 0x10e, 0x8, &(0x7f0000011680)=0xfff, 0x4)
r8 = signalfd4(r0, &(0x7f00000116c0)={[0x7]}, 0x8, 0x80800)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r8, 0xf501, 0x0)
ioctl$INCFS_IOC_FILL_BLOCKS(r3, 0x80106720, &(0x7f0000011780)={0x1, &(0x7f0000011740)=[{0x2, 0x2b, &(0x7f0000011700)="ab505faafaa2356e53e045b07dfc802621d5ef210bdb7fc5d1a1777794698e013114bc3f9e4d40523195a1", 0x0, 0x1}]})
syz_genetlink_get_family_id$nl80211(&(0x7f00000117c0), r8)
signalfd(0xffffffffffffffff, &(0x7f00000118c0)={[0x558b00000000000]}, 0x8)

10:14:05 executing program 6:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x6ea242, 0x0)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x3)
r1 = syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x4, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="335f8c5365ba5d5eede4d1c037e4d1bf6458d2e4d5f9d2873026dff1843c1d4a18f4", 0x22, 0x6}, {&(0x7f0000000180)="ce3d0a7515503c36930192da92239a02d7a4cbbb08a607c663f9e1dd3eaacbd7d20624406b95d0611465a8a9ba8b", 0x2e, 0x6}], 0x4000, &(0x7f0000000200)={[{@dots}, {@dots}, {@nodots}, {@nodots}, {@fat=@debug}], [{@fsuuid={'fsuuid', 0x3d, {[0x66, 0x34, 0x67, 0x65, 0x37, 0x39, 0x60, 0x38], 0x2d, [0x31, 0x37, 0x33, 0x33], 0x2d, [0x36, 0x30, 0x37, 0x61], 0x2d, [0x32, 0x37, 0x61, 0x66], 0x2d, [0x38, 0x3, 0xc7, 0x36, 0x36, 0x32, 0x62, 0x62]}}}]})
fcntl$notify(r1, 0x402, 0x80000020)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000380)={'broute\x00', 0x0, 0x3, 0x1d, [0x1, 0x0, 0x40, 0x9, 0x8001, 0x45], 0x9, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000340)=""/29}, &(0x7f0000000400)=0x78)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
close_range(r2, 0xffffffffffffffff, 0x2)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='net/fib_triestat\x00')
setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f00000004c0)={'filter\x00', 0x7, 0x4, 0x3f0, 0x110, 0x308, 0x0, 0x308, 0x308, 0x308, 0x4, &(0x7f0000000480), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @empty, @multicast2, @multicast1, 0x2}}}, {{@arp={@broadcast, @rand_addr=0x64010101, 0xffffffff, 0x0, 0xd, 0x1, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, {[0x0, 0xff, 0x0, 0xff]}}, {@empty, {[0xff, 0x0, 0x0, 0xff, 0xff]}}, 0x1f, 0x5, 0x75f, 0x4, 0x1f, 0xfd, 'veth1_vlan\x00', 'veth0_to_batadv\x00', {0xff}, {}, 0x0, 0x8}, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x2, 0x0, 0x3}}}, {{@arp={@initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, 0x0, 0xffffff00, 0x5, 0xa, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, {[0x0, 0x0, 0xff, 0x0, 0xff, 0xff]}}, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}, {[0xff, 0x0, 0x0, 0x0, 0xff, 0xff]}}, 0x3, 0x3, 0x7ff, 0x0, 0x364, 0x5, 'veth1_vlan\x00', 'bridge_slave_0\x00', {}, {0xff}, 0x0, 0x8}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="c7e252b148eb", @multicast1, @multicast1, 0x9, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
getsockopt$IPT_SO_GET_REVISION_TARGET(r3, 0x0, 0x43, &(0x7f0000000900)={'ah\x00'}, &(0x7f0000000940)=0x1e)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000980)={{0x1, 0x1, 0x18, <r4=>r0}, './file0\x00'})
getsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000a80)={@private, @rand_addr, <r5=>0x0}, &(0x7f0000000ac0)=0xc)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000b00)={@remote, 0x53, r5})
ioctl$BTRFS_IOC_INO_PATHS(r2, 0xc0389423, &(0x7f0000000b80)={0x80000001, 0x30, [0x20, 0x1f, 0xfff, 0xffffffff], &(0x7f0000000b40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r3, 0xc018937e, &(0x7f0000000bc0)={{0x1, 0x1, 0x18, <r6=>r0, @out_args}, './file0\x00'})
ioctl$BTRFS_IOC_SEND(r6, 0x40489426, &(0x7f0000000c40)={{r3}, 0x3, &(0x7f0000000c00)=[0x3, 0x6, 0x6], 0xfff, 0x5, [0x1ff, 0x8, 0x7f, 0x3]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000cc0)='./file0\x00', 0x111000, 0x0)
pipe2(&(0x7f0000000d00)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80000)
mknodat(r7, &(0x7f0000000d40)='./file0\x00', 0x80, 0xfffffffa)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000d80)={{0x1, 0x1, 0x18, r2}, './file0\x00'})

[   94.566605] ==================================================================
[   94.567250] BUG: KASAN: slab-use-after-free in hci_cmd_work+0x66d/0x6d0
[   94.567813] Read of size 2 at addr ffff88800d1edb78 by task kworker/u11:2/294
[   94.568389] 
[   94.568520] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   94.568531] CPU: 0 UID: 0 PID: 294 Comm: kworker/u11:2 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) 
[   94.568549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   94.568559] Workqueue: hci0 hci_cmd_work
[   94.568576] Call Trace:
[   94.568581]  <TASK>
[   94.568585]  dump_stack_lvl+0xca/0x120
[   94.568603]  print_report+0xcb/0x610
[   94.568620]  ? __virt_addr_valid+0x100/0x5d0
[   94.568635]  ? hci_cmd_work+0x66d/0x6d0
[   94.568649]  ? hci_cmd_work+0x66d/0x6d0
[   94.568664]  kasan_report+0xca/0x100
[   94.568678]  ? hci_cmd_work+0x66d/0x6d0
[   94.568695]  hci_cmd_work+0x66d/0x6d0
[   94.568710]  process_one_work+0x8e1/0x19c0
[   94.568731]  ? __pfx_process_one_work+0x10/0x10
[   94.568747]  ? rcuwait_wake_up+0x27/0x290
[   94.568764]  ? move_linked_works+0x172/0x270
[   94.568777]  ? assign_work+0x196/0x240
[   94.568794]  worker_thread+0x67e/0xe90
[   94.568810]  ? trace_irq_enable.constprop.0+0xc2/0x100
[   94.568825]  ? __pfx_worker_thread+0x10/0x10
[   94.568842]  kthread+0x3c8/0x740
[   94.568858]  ? __pfx_kthread+0x10/0x10
[   94.568872]  ? ret_from_fork+0x79/0x7a0
[   94.568884]  ? lock_release+0xc8/0x290
[   94.568903]  ? __pfx_kthread+0x10/0x10
[   94.568918]  ret_from_fork+0x67a/0x7a0
[   94.568929]  ? __pfx_ret_from_fork+0x10/0x10
[   94.568942]  ? __switch_to+0x759/0x1060
[   94.568958]  ? __pfx_kthread+0x10/0x10
[   94.568973]  ret_from_fork_asm+0x1a/0x30
[   94.568992]  </TASK>
[   94.568997] 
[   94.579011] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   94.579211] Allocated by task 291:
[   94.579220]  kasan_save_stack+0x24/0x50
[   94.587728]  kasan_save_track+0x14/0x30
[   94.588060]  __kasan_slab_alloc+0x59/0x70
[   94.588399]  kmem_cache_alloc_node_noprof+0x228/0x6b0
[   94.588504] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   94.588819]  __alloc_skb+0x2ab/0x370
[   94.588838]  hci_cmd_sync_alloc+0x34/0x300
[   94.588857]  __hci_cmd_sync_sk+0xf7/0x5c0
[   94.590914]  __hci_cmd_sync_status_sk+0x4d/0x1a0
[   94.591306]  hci_dev_open_sync+0x10ef/0x1f60
[   94.591672]  hci_power_on+0xdb/0x5d0
[   94.591981]  process_one_work+0x8e1/0x19c0
[   94.592335]  worker_thread+0x67e/0xe90
[   94.592654]  kthread+0x3c8/0x740
[   94.592937]  ret_from_fork+0x67a/0x7a0
[   94.593256]  ret_from_fork_asm+0x1a/0x30
[   94.593591] 
[   94.593734] Freed by task 293:
[   94.593995]  kasan_save_stack+0x24/0x50
[   94.594259] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   94.594321]  kasan_save_track+0x14/0x30
[   94.594334]  kasan_save_free_info+0x3a/0x60
[   94.594351]  __kasan_slab_free+0x43/0x70
[   94.594365]  kmem_cache_free+0x26f/0x500
[   94.596739]  kfree_skbmem+0x18a/0x1f0
[   94.597043]  sk_skb_reason_drop+0x10e/0x1b0
[   94.597388]  vhci_read+0x3d5/0x5d0
[   94.597547] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   94.597678]  vfs_read+0x1eb/0xc70
[   94.599044]  ksys_read+0x121/0x240
[   94.599331]  do_syscall_64+0xbf/0x430
[   94.599638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.600051] 
[   94.600195] The buggy address belongs to the object at ffff88800d1edb40
[   94.600195]  which belongs to the cache skbuff_head_cache of size 232
[   94.601191] The buggy address is located 56 bytes inside of
[   94.601191]  freed 232-byte region [ffff88800d1edb40, ffff88800d1edc28)
[   94.602118] 
[   94.602260] The buggy address belongs to the physical page:
[   94.602697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xd1ed
[   94.603305] memcg:ffff88800dd12e01
[   94.603584] anon flags: 0x100000000000000(node=0|zone=1)
[   94.604003] page_type: f5(slab)
[   94.604281] raw: 0100000000000000 ffff8880096c78c0 0000000000000000 dead000000000001
[   94.604884] raw: 0000000000000000 00000000000c000c 00000000f5000000 ffff88800dd12e01
[   94.605479] page dumped because: kasan: bad access detected
[   94.605912] 
[   94.606049] Memory state around the buggy address:
[   94.606430]  ffff88800d1eda00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.606991]  ffff88800d1eda80: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[   94.607552] >ffff88800d1edb00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   94.608116]                                                                 ^
[   94.608674]  ffff88800d1edb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.609232]  ffff88800d1edc00: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[   94.609790] ==================================================================
[   94.610469] Disabling lock debugging due to kernel taint
[   94.612220] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   94.613758] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   94.618779] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   94.621042] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   94.624038] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   94.625301] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   94.628768] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   94.630121] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   94.632230] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   94.637845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   94.640477] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   94.643017] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   94.644453] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   94.645905] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   94.647546] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   94.651057] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   94.652408] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   94.653872] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   94.659237] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   94.666130] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   94.688777] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   94.695611] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   94.696680] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   94.699895] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   94.701262] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   94.702809] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   94.705142] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   94.706473] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   94.709985] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   94.712240] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   94.713399] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   94.717791] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   94.723985] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   94.771671] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   94.781856] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   96.664506] Bluetooth: hci0: command tx timeout
[   96.665286] Bluetooth: hci1: command tx timeout
[   96.728409] Bluetooth: hci2: command tx timeout
[   96.729462] Bluetooth: hci4: command tx timeout
[   96.730187] Bluetooth: hci3: command tx timeout
[   96.793440] Bluetooth: hci5: command tx timeout
[   96.793927] Bluetooth: hci6: command tx timeout
[   96.857430] Bluetooth: hci7: command tx timeout
[   98.712431] Bluetooth: hci1: command tx timeout
[   98.713834] Bluetooth: hci0: command tx timeout
[   98.777366] Bluetooth: hci4: command tx timeout
[   98.777486] Bluetooth: hci2: command tx timeout
[   98.778731] Bluetooth: hci3: command tx timeout
[   98.840455] Bluetooth: hci5: command tx timeout
[   98.841497] Bluetooth: hci6: command tx timeout
[   98.905735] Bluetooth: hci7: command tx timeout
[  100.760442] Bluetooth: hci0: command tx timeout
[  100.760899] Bluetooth: hci1: command tx timeout
[  100.824402] Bluetooth: hci2: command tx timeout
[  100.824967] Bluetooth: hci4: command tx timeout
[  100.825488] Bluetooth: hci3: command tx timeout
[  100.888416] Bluetooth: hci6: command tx timeout
[  100.888882] Bluetooth: hci5: command tx timeout
[  100.952368] Bluetooth: hci7: command tx timeout
[  102.808414] Bluetooth: hci0: command tx timeout
[  102.808934] Bluetooth: hci1: command tx timeout
[  102.872375] Bluetooth: hci3: command tx timeout
[  102.872927] Bluetooth: hci4: command tx timeout
[  102.873589] Bluetooth: hci2: command tx timeout
[  102.936489] Bluetooth: hci5: command tx timeout
[  102.936914] Bluetooth: hci6: command tx timeout
[  103.000378] Bluetooth: hci7: command tx timeout

VM DIAGNOSIS:
10:14:06  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=1ffff110027a6f29 RCX=ffffffff815592bf RDX=ffff888016575340
RSI=ffffffff815592ad RDI=0000000000000001 RBP=0000000000000001 RSP=ffff888013d37938
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=ffff88800a391bc0 R15=ffff888013d37a20
RIP=ffffffff817533e8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e538f000 00000000 00000000
LDT=0000 fffffe7c00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f53422b9070 CR3=000000000f646000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f534237c7c000007f534237c7c8
XMM02=00007f534237c7e000007f534237c7c0 XMM03=00007f534237c7c800007f534237c7c0
XMM04=ffffffffffffffffffffffffffffff00 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8293dd05 RDI=ffffffff889747c0 RBP=ffffffff88974780 RSP=ffff8880166df468
R8 =0000000000000000 R9 =ffffed1001408046 R10=0000000000000074 R11=0000000000000001
R12=0000000000000074 R13=0000000000000010 R14=ffffffff88974780 R15=ffffffff8293dcf0
RIP=ffffffff8293dd5d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e548f000 00000000 00000000
LDT=0000 fffffe6300000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f2c4ea01070 CR3=000000000f64d000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f2c4eac47c000007f2c4eac47c8
XMM02=00007f2c4eac47e000007f2c4eac47c0 XMM03=00007f2c4eac47c800007f2c4eac47c0
XMM04=ffffffffffffffffffffffffffffff00 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000