Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:31462' (ECDSA) to the list of known hosts.
2025/11/17 04:53:46 fuzzer started
2025/11/17 04:53:46 dialing manager at localhost:37161
syzkaller login: [   43.900542] cgroup: Unknown subsys name 'net'
[   43.966324] cgroup: Unknown subsys name 'cpuset'
[   43.978214] cgroup: Unknown subsys name 'rlimit'
2025/11/17 04:53:56 syscalls: 2214
2025/11/17 04:53:56 code coverage: enabled
2025/11/17 04:53:56 comparison tracing: enabled
2025/11/17 04:53:56 extra coverage: enabled
2025/11/17 04:53:56 setuid sandbox: enabled
2025/11/17 04:53:56 namespace sandbox: enabled
2025/11/17 04:53:56 Android sandbox: enabled
2025/11/17 04:53:56 fault injection: enabled
2025/11/17 04:53:56 leak checking: enabled
2025/11/17 04:53:56 net packet injection: enabled
2025/11/17 04:53:56 net device setup: enabled
2025/11/17 04:53:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/11/17 04:53:56 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/11/17 04:53:56 USB emulation: enabled
2025/11/17 04:53:56 hci packet injection: enabled
2025/11/17 04:53:56 wifi device emulation: enabled
2025/11/17 04:53:56 802.15.4 emulation: enabled
2025/11/17 04:53:56 fetching corpus: 50, signal 27061/28865 (executing program)
2025/11/17 04:53:56 fetching corpus: 100, signal 37916/41376 (executing program)
2025/11/17 04:53:56 fetching corpus: 150, signal 44805/49846 (executing program)
2025/11/17 04:53:56 fetching corpus: 200, signal 52010/58513 (executing program)
2025/11/17 04:53:56 fetching corpus: 250, signal 55628/63663 (executing program)
2025/11/17 04:53:56 fetching corpus: 300, signal 58859/68377 (executing program)
2025/11/17 04:53:56 fetching corpus: 350, signal 64669/75507 (executing program)
2025/11/17 04:53:56 fetching corpus: 400, signal 68495/80656 (executing program)
2025/11/17 04:53:56 fetching corpus: 450, signal 73900/87270 (executing program)
2025/11/17 04:53:56 fetching corpus: 500, signal 76686/91366 (executing program)
2025/11/17 04:53:57 fetching corpus: 550, signal 79630/95564 (executing program)
2025/11/17 04:53:57 fetching corpus: 600, signal 81455/98696 (executing program)
2025/11/17 04:53:57 fetching corpus: 650, signal 83412/101906 (executing program)
2025/11/17 04:53:57 fetching corpus: 700, signal 87425/106951 (executing program)
2025/11/17 04:53:57 fetching corpus: 750, signal 89906/110505 (executing program)
2025/11/17 04:53:57 fetching corpus: 800, signal 91815/113539 (executing program)
2025/11/17 04:53:57 fetching corpus: 850, signal 94462/117251 (executing program)
2025/11/17 04:53:57 fetching corpus: 900, signal 99877/123364 (executing program)
2025/11/17 04:53:57 fetching corpus: 950, signal 102116/126638 (executing program)
2025/11/17 04:53:57 fetching corpus: 1000, signal 103764/129340 (executing program)
2025/11/17 04:53:58 fetching corpus: 1050, signal 105340/131968 (executing program)
2025/11/17 04:53:58 fetching corpus: 1100, signal 107472/135023 (executing program)
2025/11/17 04:53:58 fetching corpus: 1150, signal 109558/138025 (executing program)
2025/11/17 04:53:58 fetching corpus: 1200, signal 110711/140207 (executing program)
2025/11/17 04:53:58 fetching corpus: 1250, signal 113355/143617 (executing program)
2025/11/17 04:53:58 fetching corpus: 1300, signal 115552/146640 (executing program)
2025/11/17 04:53:58 fetching corpus: 1350, signal 119227/150881 (executing program)
2025/11/17 04:53:58 fetching corpus: 1400, signal 120953/153485 (executing program)
2025/11/17 04:53:58 fetching corpus: 1450, signal 122267/155694 (executing program)
2025/11/17 04:53:58 fetching corpus: 1500, signal 123453/157803 (executing program)
2025/11/17 04:53:58 fetching corpus: 1550, signal 124583/159841 (executing program)
2025/11/17 04:53:59 fetching corpus: 1600, signal 125736/161846 (executing program)
2025/11/17 04:53:59 fetching corpus: 1650, signal 126643/163675 (executing program)
2025/11/17 04:53:59 fetching corpus: 1700, signal 128097/165981 (executing program)
2025/11/17 04:53:59 fetching corpus: 1750, signal 129333/168031 (executing program)
2025/11/17 04:53:59 fetching corpus: 1800, signal 130266/169851 (executing program)
2025/11/17 04:53:59 fetching corpus: 1850, signal 131121/171601 (executing program)
2025/11/17 04:53:59 fetching corpus: 1900, signal 132331/173627 (executing program)
2025/11/17 04:53:59 fetching corpus: 1950, signal 133367/175483 (executing program)
2025/11/17 04:53:59 fetching corpus: 2000, signal 134868/177679 (executing program)
2025/11/17 04:53:59 fetching corpus: 2050, signal 135955/179497 (executing program)
2025/11/17 04:54:00 fetching corpus: 2100, signal 136888/181220 (executing program)
2025/11/17 04:54:00 fetching corpus: 2150, signal 137862/182974 (executing program)
2025/11/17 04:54:00 fetching corpus: 2200, signal 138829/184726 (executing program)
2025/11/17 04:54:00 fetching corpus: 2250, signal 139343/186116 (executing program)
2025/11/17 04:54:00 fetching corpus: 2300, signal 141152/188361 (executing program)
2025/11/17 04:54:00 fetching corpus: 2350, signal 142122/190034 (executing program)
2025/11/17 04:54:00 fetching corpus: 2400, signal 143008/191601 (executing program)
2025/11/17 04:54:00 fetching corpus: 2450, signal 143810/193155 (executing program)
2025/11/17 04:54:00 fetching corpus: 2500, signal 144692/194728 (executing program)
2025/11/17 04:54:00 fetching corpus: 2550, signal 145414/196227 (executing program)
2025/11/17 04:54:00 fetching corpus: 2600, signal 146022/197613 (executing program)
2025/11/17 04:54:01 fetching corpus: 2650, signal 147525/199603 (executing program)
2025/11/17 04:54:01 fetching corpus: 2700, signal 148356/201115 (executing program)
2025/11/17 04:54:01 fetching corpus: 2750, signal 149030/202516 (executing program)
2025/11/17 04:54:01 fetching corpus: 2800, signal 149875/204036 (executing program)
2025/11/17 04:54:01 fetching corpus: 2850, signal 150881/205587 (executing program)
2025/11/17 04:54:01 fetching corpus: 2900, signal 151454/206893 (executing program)
2025/11/17 04:54:01 fetching corpus: 2950, signal 152311/208337 (executing program)
2025/11/17 04:54:01 fetching corpus: 3000, signal 153345/209897 (executing program)
2025/11/17 04:54:01 fetching corpus: 3050, signal 154134/211310 (executing program)
2025/11/17 04:54:02 fetching corpus: 3100, signal 155031/212785 (executing program)
2025/11/17 04:54:02 fetching corpus: 3150, signal 155632/214107 (executing program)
2025/11/17 04:54:02 fetching corpus: 3200, signal 156238/215363 (executing program)
2025/11/17 04:54:02 fetching corpus: 3250, signal 157046/216747 (executing program)
2025/11/17 04:54:02 fetching corpus: 3300, signal 157592/217970 (executing program)
2025/11/17 04:54:02 fetching corpus: 3350, signal 158256/219240 (executing program)
2025/11/17 04:54:02 fetching corpus: 3400, signal 159132/220627 (executing program)
2025/11/17 04:54:02 fetching corpus: 3450, signal 160774/222374 (executing program)
2025/11/17 04:54:02 fetching corpus: 3500, signal 161441/223650 (executing program)
2025/11/17 04:54:02 fetching corpus: 3550, signal 162258/224971 (executing program)
2025/11/17 04:54:02 fetching corpus: 3600, signal 162981/226218 (executing program)
2025/11/17 04:54:02 fetching corpus: 3650, signal 163552/227419 (executing program)
2025/11/17 04:54:02 fetching corpus: 3700, signal 163991/228541 (executing program)
2025/11/17 04:54:03 fetching corpus: 3750, signal 164443/229624 (executing program)
2025/11/17 04:54:03 fetching corpus: 3800, signal 165200/230872 (executing program)
2025/11/17 04:54:03 fetching corpus: 3850, signal 165910/232040 (executing program)
2025/11/17 04:54:03 fetching corpus: 3900, signal 166748/233290 (executing program)
2025/11/17 04:54:03 fetching corpus: 3950, signal 167447/234459 (executing program)
2025/11/17 04:54:03 fetching corpus: 4000, signal 168004/235509 (executing program)
2025/11/17 04:54:03 fetching corpus: 4050, signal 168487/236513 (executing program)
2025/11/17 04:54:03 fetching corpus: 4100, signal 169029/237596 (executing program)
2025/11/17 04:54:03 fetching corpus: 4150, signal 169547/238660 (executing program)
2025/11/17 04:54:03 fetching corpus: 4200, signal 170000/239682 (executing program)
2025/11/17 04:54:04 fetching corpus: 4250, signal 170478/240727 (executing program)
2025/11/17 04:54:04 fetching corpus: 4300, signal 170918/241725 (executing program)
2025/11/17 04:54:04 fetching corpus: 4350, signal 171632/242840 (executing program)
2025/11/17 04:54:04 fetching corpus: 4400, signal 172299/243900 (executing program)
2025/11/17 04:54:04 fetching corpus: 4450, signal 172907/244970 (executing program)
2025/11/17 04:54:04 fetching corpus: 4500, signal 173304/245937 (executing program)
2025/11/17 04:54:04 fetching corpus: 4550, signal 173975/246951 (executing program)
2025/11/17 04:54:04 fetching corpus: 4600, signal 174452/247918 (executing program)
2025/11/17 04:54:04 fetching corpus: 4650, signal 175036/248924 (executing program)
2025/11/17 04:54:05 fetching corpus: 4700, signal 175429/249932 (executing program)
2025/11/17 04:54:05 fetching corpus: 4750, signal 175940/250950 (executing program)
2025/11/17 04:54:05 fetching corpus: 4800, signal 176405/251887 (executing program)
2025/11/17 04:54:05 fetching corpus: 4850, signal 176879/252828 (executing program)
2025/11/17 04:54:05 fetching corpus: 4900, signal 177348/253754 (executing program)
2025/11/17 04:54:05 fetching corpus: 4950, signal 178110/254799 (executing program)
2025/11/17 04:54:05 fetching corpus: 5000, signal 178717/255770 (executing program)
2025/11/17 04:54:05 fetching corpus: 5050, signal 179161/256679 (executing program)
2025/11/17 04:54:05 fetching corpus: 5100, signal 179737/257633 (executing program)
2025/11/17 04:54:05 fetching corpus: 5150, signal 180173/258551 (executing program)
2025/11/17 04:54:06 fetching corpus: 5200, signal 180674/259452 (executing program)
2025/11/17 04:54:06 fetching corpus: 5250, signal 181105/260349 (executing program)
2025/11/17 04:54:06 fetching corpus: 5300, signal 181656/261235 (executing program)
2025/11/17 04:54:06 fetching corpus: 5350, signal 182153/262144 (executing program)
2025/11/17 04:54:06 fetching corpus: 5400, signal 182436/262954 (executing program)
2025/11/17 04:54:06 fetching corpus: 5450, signal 182736/263805 (executing program)
2025/11/17 04:54:06 fetching corpus: 5500, signal 183151/264649 (executing program)
2025/11/17 04:54:06 fetching corpus: 5550, signal 183684/265448 (executing program)
2025/11/17 04:54:06 fetching corpus: 5600, signal 184211/266288 (executing program)
2025/11/17 04:54:06 fetching corpus: 5650, signal 184491/267100 (executing program)
2025/11/17 04:54:06 fetching corpus: 5700, signal 185079/267946 (executing program)
2025/11/17 04:54:07 fetching corpus: 5750, signal 185558/268790 (executing program)
2025/11/17 04:54:07 fetching corpus: 5800, signal 185982/269608 (executing program)
2025/11/17 04:54:07 fetching corpus: 5850, signal 186519/270422 (executing program)
2025/11/17 04:54:07 fetching corpus: 5900, signal 186796/271177 (executing program)
2025/11/17 04:54:07 fetching corpus: 5950, signal 187240/271952 (executing program)
2025/11/17 04:54:07 fetching corpus: 6000, signal 187606/272740 (executing program)
2025/11/17 04:54:07 fetching corpus: 6050, signal 188062/273532 (executing program)
2025/11/17 04:54:07 fetching corpus: 6100, signal 188349/274266 (executing program)
2025/11/17 04:54:07 fetching corpus: 6150, signal 188826/275050 (executing program)
2025/11/17 04:54:07 fetching corpus: 6200, signal 189362/275829 (executing program)
2025/11/17 04:54:07 fetching corpus: 6250, signal 189627/276582 (executing program)
2025/11/17 04:54:08 fetching corpus: 6300, signal 189999/277353 (executing program)
2025/11/17 04:54:08 fetching corpus: 6350, signal 190359/278085 (executing program)
2025/11/17 04:54:08 fetching corpus: 6400, signal 190694/278808 (executing program)
2025/11/17 04:54:08 fetching corpus: 6450, signal 191002/279502 (executing program)
2025/11/17 04:54:08 fetching corpus: 6500, signal 191428/280243 (executing program)
2025/11/17 04:54:08 fetching corpus: 6550, signal 191899/280987 (executing program)
2025/11/17 04:54:08 fetching corpus: 6600, signal 192294/281686 (executing program)
2025/11/17 04:54:08 fetching corpus: 6650, signal 192647/282385 (executing program)
2025/11/17 04:54:08 fetching corpus: 6700, signal 193128/283131 (executing program)
2025/11/17 04:54:08 fetching corpus: 6750, signal 193449/283828 (executing program)
2025/11/17 04:54:09 fetching corpus: 6800, signal 193713/284490 (executing program)
2025/11/17 04:54:09 fetching corpus: 6850, signal 194052/285211 (executing program)
2025/11/17 04:54:09 fetching corpus: 6900, signal 194444/285861 (executing program)
2025/11/17 04:54:09 fetching corpus: 6950, signal 194807/286541 (executing program)
2025/11/17 04:54:09 fetching corpus: 7000, signal 195111/287239 (executing program)
2025/11/17 04:54:09 fetching corpus: 7050, signal 195476/287914 (executing program)
2025/11/17 04:54:09 fetching corpus: 7100, signal 195735/288545 (executing program)
2025/11/17 04:54:09 fetching corpus: 7150, signal 196213/289192 (executing program)
2025/11/17 04:54:09 fetching corpus: 7200, signal 196601/289870 (executing program)
2025/11/17 04:54:09 fetching corpus: 7250, signal 196862/290483 (executing program)
2025/11/17 04:54:10 fetching corpus: 7300, signal 197278/290667 (executing program)
2025/11/17 04:54:10 fetching corpus: 7350, signal 197606/290667 (executing program)
2025/11/17 04:54:10 fetching corpus: 7400, signal 197942/290667 (executing program)
2025/11/17 04:54:10 fetching corpus: 7450, signal 198245/290667 (executing program)
2025/11/17 04:54:10 fetching corpus: 7500, signal 198470/290667 (executing program)
2025/11/17 04:54:10 fetching corpus: 7550, signal 198899/290667 (executing program)
2025/11/17 04:54:10 fetching corpus: 7600, signal 199415/290667 (executing program)
2025/11/17 04:54:10 fetching corpus: 7650, signal 199853/290667 (executing program)
2025/11/17 04:54:10 fetching corpus: 7700, signal 200140/290667 (executing program)
2025/11/17 04:54:10 fetching corpus: 7750, signal 200430/290667 (executing program)
2025/11/17 04:54:11 fetching corpus: 7800, signal 200741/290667 (executing program)
2025/11/17 04:54:11 fetching corpus: 7850, signal 201158/290667 (executing program)
2025/11/17 04:54:11 fetching corpus: 7900, signal 201534/290667 (executing program)
2025/11/17 04:54:11 fetching corpus: 7950, signal 201778/290667 (executing program)
2025/11/17 04:54:11 fetching corpus: 8000, signal 202104/290667 (executing program)
2025/11/17 04:54:11 fetching corpus: 8050, signal 202386/290669 (executing program)
2025/11/17 04:54:11 fetching corpus: 8100, signal 202667/290669 (executing program)
2025/11/17 04:54:11 fetching corpus: 8150, signal 202846/290669 (executing program)
2025/11/17 04:54:11 fetching corpus: 8200, signal 203214/290669 (executing program)
2025/11/17 04:54:11 fetching corpus: 8250, signal 203709/290669 (executing program)
2025/11/17 04:54:12 fetching corpus: 8300, signal 204038/290669 (executing program)
2025/11/17 04:54:12 fetching corpus: 8350, signal 204316/290669 (executing program)
2025/11/17 04:54:12 fetching corpus: 8400, signal 204686/290669 (executing program)
2025/11/17 04:54:12 fetching corpus: 8450, signal 204919/290669 (executing program)
2025/11/17 04:54:12 fetching corpus: 8500, signal 205319/290669 (executing program)
2025/11/17 04:54:12 fetching corpus: 8550, signal 205747/290669 (executing program)
2025/11/17 04:54:12 fetching corpus: 8600, signal 206098/290669 (executing program)
2025/11/17 04:54:12 fetching corpus: 8650, signal 206355/290669 (executing program)
2025/11/17 04:54:12 fetching corpus: 8700, signal 206671/290669 (executing program)
2025/11/17 04:54:12 fetching corpus: 8750, signal 206955/290669 (executing program)
2025/11/17 04:54:12 fetching corpus: 8800, signal 207253/290669 (executing program)
2025/11/17 04:54:13 fetching corpus: 8850, signal 207640/290669 (executing program)
2025/11/17 04:54:13 fetching corpus: 8900, signal 207915/290669 (executing program)
2025/11/17 04:54:13 fetching corpus: 8950, signal 208279/290669 (executing program)
2025/11/17 04:54:13 fetching corpus: 9000, signal 208518/290669 (executing program)
2025/11/17 04:54:13 fetching corpus: 9050, signal 208771/290669 (executing program)
2025/11/17 04:54:13 fetching corpus: 9100, signal 209038/290669 (executing program)
2025/11/17 04:54:13 fetching corpus: 9150, signal 209299/290669 (executing program)
2025/11/17 04:54:13 fetching corpus: 9200, signal 209510/290669 (executing program)
2025/11/17 04:54:13 fetching corpus: 9250, signal 209740/290669 (executing program)
2025/11/17 04:54:13 fetching corpus: 9300, signal 209994/290669 (executing program)
2025/11/17 04:54:14 fetching corpus: 9350, signal 210291/290669 (executing program)
2025/11/17 04:54:14 fetching corpus: 9400, signal 210533/290669 (executing program)
2025/11/17 04:54:14 fetching corpus: 9450, signal 210917/290669 (executing program)
2025/11/17 04:54:14 fetching corpus: 9500, signal 211176/290669 (executing program)
2025/11/17 04:54:14 fetching corpus: 9550, signal 211490/290669 (executing program)
2025/11/17 04:54:14 fetching corpus: 9600, signal 211919/290669 (executing program)
2025/11/17 04:54:14 fetching corpus: 9650, signal 212259/290669 (executing program)
2025/11/17 04:54:14 fetching corpus: 9700, signal 212670/290669 (executing program)
2025/11/17 04:54:14 fetching corpus: 9750, signal 212842/290669 (executing program)
2025/11/17 04:54:14 fetching corpus: 9800, signal 213079/290669 (executing program)
2025/11/17 04:54:14 fetching corpus: 9850, signal 213341/290670 (executing program)
2025/11/17 04:54:15 fetching corpus: 9900, signal 213541/290670 (executing program)
2025/11/17 04:54:15 fetching corpus: 9950, signal 213814/290670 (executing program)
2025/11/17 04:54:15 fetching corpus: 10000, signal 214157/290670 (executing program)
2025/11/17 04:54:15 fetching corpus: 10050, signal 214448/290673 (executing program)
2025/11/17 04:54:15 fetching corpus: 10100, signal 214758/290673 (executing program)
2025/11/17 04:54:15 fetching corpus: 10150, signal 214964/290673 (executing program)
2025/11/17 04:54:15 fetching corpus: 10200, signal 215249/290673 (executing program)
2025/11/17 04:54:15 fetching corpus: 10250, signal 215443/290673 (executing program)
2025/11/17 04:54:15 fetching corpus: 10300, signal 215754/290680 (executing program)
2025/11/17 04:54:15 fetching corpus: 10350, signal 215957/290680 (executing program)
2025/11/17 04:54:15 fetching corpus: 10400, signal 216235/290680 (executing program)
2025/11/17 04:54:16 fetching corpus: 10450, signal 216472/290680 (executing program)
2025/11/17 04:54:16 fetching corpus: 10500, signal 216683/290680 (executing program)
2025/11/17 04:54:16 fetching corpus: 10550, signal 216936/290680 (executing program)
2025/11/17 04:54:16 fetching corpus: 10600, signal 217214/290680 (executing program)
2025/11/17 04:54:16 fetching corpus: 10650, signal 217476/290680 (executing program)
2025/11/17 04:54:16 fetching corpus: 10700, signal 218374/290680 (executing program)
2025/11/17 04:54:16 fetching corpus: 10750, signal 218609/290680 (executing program)
2025/11/17 04:54:16 fetching corpus: 10800, signal 218749/290680 (executing program)
2025/11/17 04:54:16 fetching corpus: 10850, signal 219025/290680 (executing program)
2025/11/17 04:54:17 fetching corpus: 10900, signal 219251/290680 (executing program)
2025/11/17 04:54:17 fetching corpus: 10950, signal 219416/290680 (executing program)
2025/11/17 04:54:17 fetching corpus: 11000, signal 219592/290680 (executing program)
2025/11/17 04:54:17 fetching corpus: 11050, signal 219940/290680 (executing program)
2025/11/17 04:54:17 fetching corpus: 11100, signal 220151/290680 (executing program)
2025/11/17 04:54:17 fetching corpus: 11150, signal 220358/290680 (executing program)
2025/11/17 04:54:17 fetching corpus: 11200, signal 220544/290680 (executing program)
2025/11/17 04:54:17 fetching corpus: 11250, signal 220831/290680 (executing program)
2025/11/17 04:54:17 fetching corpus: 11300, signal 221189/290680 (executing program)
2025/11/17 04:54:18 fetching corpus: 11350, signal 221410/290680 (executing program)
2025/11/17 04:54:18 fetching corpus: 11400, signal 221608/290680 (executing program)
2025/11/17 04:54:18 fetching corpus: 11450, signal 221875/290680 (executing program)
2025/11/17 04:54:18 fetching corpus: 11500, signal 222109/290680 (executing program)
2025/11/17 04:54:18 fetching corpus: 11550, signal 222486/290680 (executing program)
2025/11/17 04:54:18 fetching corpus: 11600, signal 222722/290680 (executing program)
2025/11/17 04:54:18 fetching corpus: 11650, signal 222884/290680 (executing program)
2025/11/17 04:54:18 fetching corpus: 11700, signal 223105/290680 (executing program)
2025/11/17 04:54:18 fetching corpus: 11750, signal 223299/290681 (executing program)
2025/11/17 04:54:18 fetching corpus: 11800, signal 223567/290681 (executing program)
2025/11/17 04:54:19 fetching corpus: 11850, signal 223772/290681 (executing program)
2025/11/17 04:54:19 fetching corpus: 11900, signal 223958/290682 (executing program)
2025/11/17 04:54:19 fetching corpus: 11950, signal 224284/290682 (executing program)
2025/11/17 04:54:19 fetching corpus: 12000, signal 224544/290682 (executing program)
2025/11/17 04:54:19 fetching corpus: 12050, signal 224724/290682 (executing program)
2025/11/17 04:54:19 fetching corpus: 12100, signal 224925/290682 (executing program)
2025/11/17 04:54:19 fetching corpus: 12150, signal 225119/290682 (executing program)
2025/11/17 04:54:19 fetching corpus: 12200, signal 225290/290682 (executing program)
2025/11/17 04:54:19 fetching corpus: 12250, signal 225495/290682 (executing program)
2025/11/17 04:54:19 fetching corpus: 12300, signal 225717/290684 (executing program)
2025/11/17 04:54:19 fetching corpus: 12350, signal 225897/290684 (executing program)
2025/11/17 04:54:20 fetching corpus: 12400, signal 226121/290684 (executing program)
2025/11/17 04:54:20 fetching corpus: 12450, signal 226570/290684 (executing program)
2025/11/17 04:54:20 fetching corpus: 12500, signal 226733/290684 (executing program)
2025/11/17 04:54:20 fetching corpus: 12550, signal 226901/290684 (executing program)
2025/11/17 04:54:20 fetching corpus: 12600, signal 227065/290684 (executing program)
2025/11/17 04:54:20 fetching corpus: 12650, signal 227339/290684 (executing program)
2025/11/17 04:54:20 fetching corpus: 12700, signal 227700/290684 (executing program)
2025/11/17 04:54:20 fetching corpus: 12750, signal 227922/290684 (executing program)
2025/11/17 04:54:20 fetching corpus: 12800, signal 228151/290684 (executing program)
2025/11/17 04:54:20 fetching corpus: 12850, signal 228300/290684 (executing program)
2025/11/17 04:54:21 fetching corpus: 12900, signal 228482/290684 (executing program)
2025/11/17 04:54:21 fetching corpus: 12950, signal 228630/290684 (executing program)
2025/11/17 04:54:21 fetching corpus: 13000, signal 228804/290684 (executing program)
2025/11/17 04:54:21 fetching corpus: 13050, signal 229043/290684 (executing program)
2025/11/17 04:54:21 fetching corpus: 13100, signal 229201/290684 (executing program)
2025/11/17 04:54:21 fetching corpus: 13150, signal 229443/290684 (executing program)
2025/11/17 04:54:21 fetching corpus: 13200, signal 229713/290684 (executing program)
2025/11/17 04:54:21 fetching corpus: 13250, signal 229951/290684 (executing program)
2025/11/17 04:54:21 fetching corpus: 13300, signal 230224/290684 (executing program)
2025/11/17 04:54:21 fetching corpus: 13350, signal 230423/290684 (executing program)
2025/11/17 04:54:22 fetching corpus: 13400, signal 230587/290684 (executing program)
2025/11/17 04:54:22 fetching corpus: 13450, signal 230825/290684 (executing program)
2025/11/17 04:54:22 fetching corpus: 13500, signal 231016/290684 (executing program)
2025/11/17 04:54:22 fetching corpus: 13550, signal 231192/290684 (executing program)
2025/11/17 04:54:22 fetching corpus: 13600, signal 231377/290684 (executing program)
2025/11/17 04:54:22 fetching corpus: 13650, signal 231528/290684 (executing program)
2025/11/17 04:54:22 fetching corpus: 13700, signal 231688/290684 (executing program)
2025/11/17 04:54:22 fetching corpus: 13750, signal 231893/290684 (executing program)
2025/11/17 04:54:22 fetching corpus: 13800, signal 232127/290684 (executing program)
2025/11/17 04:54:22 fetching corpus: 13850, signal 232315/290684 (executing program)
2025/11/17 04:54:22 fetching corpus: 13900, signal 232479/290684 (executing program)
2025/11/17 04:54:23 fetching corpus: 13950, signal 232709/290684 (executing program)
2025/11/17 04:54:23 fetching corpus: 14000, signal 232902/290684 (executing program)
2025/11/17 04:54:23 fetching corpus: 14050, signal 233133/290684 (executing program)
2025/11/17 04:54:23 fetching corpus: 14100, signal 233333/290684 (executing program)
2025/11/17 04:54:23 fetching corpus: 14150, signal 233540/290684 (executing program)
2025/11/17 04:54:23 fetching corpus: 14200, signal 233708/290684 (executing program)
2025/11/17 04:54:23 fetching corpus: 14250, signal 233864/290684 (executing program)
2025/11/17 04:54:23 fetching corpus: 14300, signal 234069/290684 (executing program)
2025/11/17 04:54:23 fetching corpus: 14350, signal 234204/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14400, signal 234390/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14450, signal 234644/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14500, signal 234804/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14550, signal 234963/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14600, signal 235106/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14650, signal 235268/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14700, signal 235466/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14750, signal 235646/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14800, signal 235852/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14850, signal 236003/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14900, signal 236158/290684 (executing program)
2025/11/17 04:54:24 fetching corpus: 14950, signal 236349/290684 (executing program)
2025/11/17 04:54:25 fetching corpus: 15000, signal 236524/290684 (executing program)
2025/11/17 04:54:25 fetching corpus: 15050, signal 236777/290684 (executing program)
2025/11/17 04:54:25 fetching corpus: 15100, signal 236900/290684 (executing program)
2025/11/17 04:54:25 fetching corpus: 15150, signal 237562/290684 (executing program)
2025/11/17 04:54:25 fetching corpus: 15200, signal 237790/290684 (executing program)
2025/11/17 04:54:25 fetching corpus: 15250, signal 238010/290684 (executing program)
2025/11/17 04:54:25 fetching corpus: 15300, signal 238166/290684 (executing program)
2025/11/17 04:54:25 fetching corpus: 15350, signal 238369/290684 (executing program)
2025/11/17 04:54:25 fetching corpus: 15400, signal 238523/290684 (executing program)
2025/11/17 04:54:25 fetching corpus: 15450, signal 238713/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 15500, signal 238873/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 15550, signal 239042/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 15600, signal 239188/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 15650, signal 239321/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 15700, signal 239464/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 15750, signal 239638/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 15800, signal 239776/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 15850, signal 239965/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 15900, signal 240092/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 15950, signal 240256/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 16000, signal 240420/290684 (executing program)
2025/11/17 04:54:26 fetching corpus: 16050, signal 240603/290684 (executing program)
2025/11/17 04:54:27 fetching corpus: 16100, signal 240772/290684 (executing program)
2025/11/17 04:54:27 fetching corpus: 16150, signal 240913/290684 (executing program)
2025/11/17 04:54:27 fetching corpus: 16200, signal 241038/290684 (executing program)
2025/11/17 04:54:27 fetching corpus: 16250, signal 241240/290692 (executing program)
2025/11/17 04:54:27 fetching corpus: 16300, signal 241549/290692 (executing program)
2025/11/17 04:54:27 fetching corpus: 16350, signal 241681/290692 (executing program)
2025/11/17 04:54:27 fetching corpus: 16400, signal 241818/290692 (executing program)
2025/11/17 04:54:27 fetching corpus: 16450, signal 241949/290692 (executing program)
2025/11/17 04:54:27 fetching corpus: 16500, signal 242074/290692 (executing program)
2025/11/17 04:54:27 fetching corpus: 16550, signal 242229/290692 (executing program)
2025/11/17 04:54:28 fetching corpus: 16600, signal 242368/290692 (executing program)
2025/11/17 04:54:28 fetching corpus: 16650, signal 242598/290692 (executing program)
2025/11/17 04:54:28 fetching corpus: 16700, signal 242723/290692 (executing program)
2025/11/17 04:54:28 fetching corpus: 16740, signal 242859/290692 (executing program)
2025/11/17 04:54:28 fetching corpus: 16740, signal 242859/290692 (executing program)
2025/11/17 04:54:29 starting 8 fuzzer processes
04:54:29 executing program 0:
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x44, r0, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xa2}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x8}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x9b2}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x2000c040)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x2, 0x7, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0xf93}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x100}}, './file0\x00'})
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, r2, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffeffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000440)='virt_wifi0\x00', 0x10)
sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x48, r2, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x8001)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000600), r1)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000700)={&(0x7f0000000640)={0x98, r3, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3496d97f12a4cf38}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x8850}, 0x40000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000780)={'veth1_to_team\x00'})
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f00000007c0), 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x24, 0x0, 0x20, 0x20, 0x25dfdbff, {}, [@IEEE802154_ATTR_CCA_MODE={0x5, 0x23, 0xa1}, @IEEE802154_ATTR_CSMA_RETRIES={0x5, 0x25, 0x3f}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000001)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_SCAN_REQ(r6, 0xfffffffffffffffd, 0x1)
pread64(0xffffffffffffffff, &(0x7f00000008c0)=""/174, 0xae, 0xb486)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r4, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x28, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x20000840)
sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x2001}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b00)={0x44, 0x0, 0x2, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x6, 0x41}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000001}, 0x10)

04:54:29 executing program 1:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x10)
ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f0000000040))
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f00000000c0)={0x2c, 0x3b, 0x11, 0x16, 0xb, 0x1ff, 0x1, 0x5f})
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0x10, r0, 0x8000000)
r3 = syz_io_uring_setup(0x35d0, &(0x7f0000000100)={0x0, 0x1a32, 0x11, 0x0, 0x2b, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
r6 = accept4(r0, &(0x7f0000000200)=@generic, &(0x7f0000000280)=0x80, 0x80800)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r5, &(0x7f0000000380)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r6, &(0x7f00000002c0)=0x80, &(0x7f0000000300)=@qipcrtr, 0x0, 0x800, 0x1, {0x0, r7}}, 0x9)
syz_io_uring_submit(r4, r5, &(0x7f00000003c0)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, {0x0, r7}}, 0x4)
r8 = syz_io_uring_complete(r4)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r8, 0xc0189371, &(0x7f0000000400)={{0x1, 0x1, 0x18, <r9=>r0}, './file0\x00'})
r10 = accept4$inet(r6, &(0x7f0000000440)={0x2, 0x0, @broadcast}, &(0x7f0000000480)=0x10, 0x800)
writev(r10, &(0x7f00000006c0)=[{&(0x7f00000004c0)="13ec9d5d207150af040ca0ec039dd66a07d3264c136a7e810a9aeb9f33e4dfc881f672fed05cb6b7c811ea49691a77ed8d57e1d3948e5e1aa9857a318d30a7581351214bba9e0a73ce75b8ff672a4c7b62ead4040d2d2a7e239a0ae5eb5891be017d31e69783be347fa6f5fb2413f21b1f1f4d", 0x73}, {&(0x7f0000000540)="a6709eff73db4334c9c8e6f39a66217df655b72d67124dbe49dbdabee683b7630e3f3ff0bad9fd1dc963a0eb4b296b8c005830d5b14efb7c7e6350cbf2eef33c1ed1b4a52ade2ed2cf6e628d64d8189c118d885a1641ba81c63e9653f0d2b3e2a5b8a666f777ecb22ac4c85d2632ccc13b4c1336a53bd24e447c70f618417430011d6f176d82bc", 0x87}, {&(0x7f0000000600)="f9d7b836bfcc1cb8430db582ebb300140c85222648ea7578e4fd8381e2d533057e07f62d9762b822a78b7a6f94413178e2b8a288060902e8276d60143cc27433ff955e167b07779c9921ad3dda55b8379355c5ba6446f565e04fb48b8e3f64bdd7f71ab6fddff9342e67a7afb97ef67a886dd70b4bbce774a190d1480f217752a5f19202563beb44a348700e59e0651b26285cf34bdc8d7b8245d0b27121b510ea598e5049640e1aa755869f60fce8c5a95641", 0xb3}], 0x3)
ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000700)={0x3a, 0x35, 0x3, 0x12, 0x4, 0x6, 0x0, 0x5b, 0x1})
pipe(&(0x7f0000000740)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
ioctl$FIDEDUPERANGE(r3, 0xc0189436, &(0x7f0000000780)={0x5, 0x7, 0x3, 0x0, 0x0, [{{r9}, 0x101}, {{r12}, 0x5929}, {{r10}, 0x9}]})
r13 = openat$cgroup_ro(r1, &(0x7f0000000800)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0)
r14 = socket$nl_xfrm(0x10, 0x3, 0x6)
io_uring_register$IORING_REGISTER_FILES(r13, 0x2, &(0x7f0000000840)=[r14, r6, r1, 0xffffffffffffffff, r3, r11], 0x6)

04:54:29 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x4}}, './file0\x00'})
ioctl$HIDIOCGCOLLECTIONINDEX(r0, 0x40184810, &(0x7f0000000040)={0x2, 0x2, 0xc6, 0x100, 0xb, 0x10000})
fsopen(&(0x7f0000000080)='hostfs\x00', 0x0)
ioctl$HIDIOCGUSAGE(r0, 0xc018480b, &(0x7f00000000c0)={0x3, 0x200, 0x2, 0x0, 0x8, 0x2})
r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='rdma.current\x00', 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0)
r2 = fsmount(0xffffffffffffffff, 0x0, 0x6)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/cgroup\x00')
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r3, 0xc0096616, &(0x7f0000000180)={0x2, [0x0, 0x0]})
ioctl$TCGETS(0xffffffffffffffff, 0x5401, &(0x7f00000001c0))
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r2, 0xc038943b, &(0x7f0000000240)={0x6, 0x28, '\x00', 0x0, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r4 = syz_io_uring_setup(0x370c, &(0x7f0000000280)={0x0, 0xc95a, 0x0, 0x1, 0x5a}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff6000/0xa000)=nil, &(0x7f0000000300), &(0x7f0000000340))
ioctl$F2FS_IOC_GET_PIN_FILE(r4, 0x8004f50e, &(0x7f0000000380))
ioctl$TIOCGSERIAL(r1, 0x541e, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/4})
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000480)=0x2)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r3, 0x40089413, &(0x7f00000004c0)=0x10000)
sendmsg(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000500)="752793c49d149fad20f83dcfd3d20fc429abf63e62d4e932c1c27c843e5a9fc2b6b3fc9bba39f23158dc41917143ca69e3920dcba2e7a5d35770902b38072968323e8476470634b72a0b740caa51f4a8c0", 0x51}, {&(0x7f0000000580)="55c172fb18f0ab960c0d3b623ab57504e6ff", 0x12}], 0x2, &(0x7f0000000600)=[{0x38, 0x1, 0x5, "3ac046de466fd0b041488a268e674389c8be33261e6b442ffbf3e2b93b51e1cc93622eefd5d444"}], 0x38}, 0x41)
ioctl$KDSETMODE(r1, 0x4b3a, 0x1)
ioctl$HIDIOCGCOLLECTIONINDEX(r1, 0x40184810, &(0x7f0000000680)={0x1, 0x3, 0x4, 0x7, 0x6, 0x3})
ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f00000006c0)={0x101, 0x8, 0x560, 0x82d7, 0xffff})

04:54:29 executing program 7:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x100)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8094}, 0x4005)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000140)={0x0, 0x2, 0x9d37, 0x1})
pwritev(r0, &(0x7f0000001180)=[{&(0x7f0000000180)="733e0b8a05752b887d9a20df62f62a659b7874721d6e399db47815361b0952add70c769c276a2dbc1d4889418e47ac80493b703a4ccef8baec4576c314335d4a4302366f0fb0015fbe540802546474a2e2fc5f757077414d67f312a30f6864ecc9b22342568868dd6e30f282fafa5281bc6a381ef82bad1aae581f8cc56f678058df93a6a36959bfbfcf71dfcb4c90930a34a65b2a6ba017b1ed8f9767e5fed4c87767b6f01ccacc1d40bfd152d83a6ea24077a6333759051c253d1d6fc0254d03889aae0c1c35b4605b9d41bccacd9ce7c34587dd0fd8e0f15644e370a679e47fb31eb0275178a3367f2b0723e459630b918cf83a7cb2f79958e2086c10716c0ad0b693fcfec989c65e55540f9f23531282e3a86cca0b5e9506ccb720c695bf1a1785340e7d2c508415cf75c1ae4114e42d1d9896dc81c537682b01180b348df6f4f8b52d1415e21a7e5ed49d2503453a03e193b1a2f1dca6c7c11f6c0bd65a5d249eb87dd476d1a794e6bae382509a5d47efd212ba071fd14d3cf426b517aae9ef75862efeef23cb8b55d7880b003f94add22a7fb6472713cfaee6489ce9c6e56d39a8152388d719b786fb5bba1d11c773ca810a0090575be3fb7e45141941dc434def8aebc818519c46fd74afd31985396bb437cf41bf7c7b27fda7c3a589ec9999dfd9d66f1d118a44d3f5c60200374d55f2900ffce1ea38b5fc5de9a2eb607a489f32ea98bbf0c29f7915f6f5202b07b811c7777d0028a0f5530bd5869abaca58701619b2948e55ad2c2456e328fdacb9bf9015d071d9e8389fc9cba542a6863ee8bce1c05a042ce6504f56212037e2493ece9adb8e085af9e37b70b17683458de708dc2a6e76c6a62416967172d2d197bc27b6722b4abcca02c4363028a7d3e4173d3f7725685b8ecb3bd23661e55a2ac15526b8dc68414f6a0ae5564442cb1de1db8115057b1cd1034abd3fccc344e3aa205771efca2c5b9663bfa7e7c3eab5200972defe884e65f5799795d5ac1562461a3705767070280b6cdb2f2cf918e00e1e908f008eee5bf24a3756b0bd93f4c44b79ed200aa122abb8f39bcb779f04460f5bdc1922aa0908d59758452bd8217bd68cefb5e02ee00f393a44f9a8c5b5c52dfd2bdd5cc5e2b11ed9716e5dff52357feffaa3ebd3381ed39e3a62dc1c5de01109b807f005ef5b84232fb1d4327e79656fd959b2e6345260c0c22cf0ee75463c9823a2ec5daf08829fc4c4f867eefab1143abf75427ec6eaab558c8a5805a63a5407f64119318cb1054a1455c46c7af3bf05ae8d935ca7d6705f2c55de0f58d66a09d35ac716ec8f0d2a9048235fce83cc5dbccd3c3c3e0e21179df062fd607e96281884b1e63f19b45a052eb3bdc8db1192af4cc5428caa90417fc5219c90440a5bd002c648b0166d1ac4dacb435fc465b7a3cf3dd5a48f33fe3c1ef63c0ae7d35107d8919c7d66d505623e42210e469fb338fc1e284f1ceed9348979c7ab669ea44151272b54be0d54c9321479ec956ebca85883c38975c4625e08f7df2b0bef0c0b2e2fa62ee5d59e72b0310eedef0deba23fa6014c45270e8f2b1cd1b163fe2aca1c5260494956e1ee33a9ff3dbdb9994b43e1b1badd093a7e8f51d7051364a8c814236fa31dcdd35338431796bb0ac5e0df79b9fb575648f19b94ad285cb41909da74e3abfdf890970f9f1cdef2b1f8112d54aa925d4184aed5d50b67aaad3bd482736152d47f94ea6e881f2416f1c172d44eb4aa7549dc01d912cafa085237fa0bdb907e5ee0f227daefe3f2b7fde6c412513052966cb25d8ff7ad1ee1da6b33bfa1402062ceffc28101a05c6158c31b333428003d0ebcc84df4622b81259e3b866213a1e6b2c4854aebc0e2e36b1515b17932972fee394de11223987d246f4b97b4760dc1cc741ff2fdbb2aa5f91017ad50db5e2180a01512b4771e49cc260d4c49aed7e49d6c3a684c97a83e53b30bf8fc629a848d4f89b3e96e2d3ae897f5112593cf934f77977ee18657f40d07939c4c4142415830af6f952329a07311b6e5cfd53e1e86071d24190d1397360eccf00fc6436cc025818585e558771554e56fdc5c2c3221067d15c4cfbc7ce56db016013a4bfe2a0c1e43742e59781de7038c06da65b0c05e31c6458dbeb90d01c58d678267efbe0d4805e947b95cc0d0418b293ec060c1fdfa81eec531ea3e963870fcdf4f41796bf0257e611ff38a7047cd1a7341b49713eb7c0abd3e3c14d4eb01c9eebe32283289a7e67c04ec3f3c17dbfa2a49054ab313192472e8fd34c73e886c580541c00892162e07a3fdf600e9a949ce413327e2df5734c2bebdfc04232b7598cbc5bed2f5b430f8fe47e3940533235020a7d857819e2dd5039bf691f078d5ae0893f6ad7f8e5d0d9247011935c3427b2718dfcae0e17e8313368b16515de71b1a652d163339f6cb7011c2002a1f50590f994dae582a84c2a312106197c720973a356ca095ceedc9e32125ae82d386a45819d27e44615b0be9633dfec67c450232bcf9b1f9c5746dea72d317dc397113805f7f551ce822c83a6b55d2fd9536bb9c02e56fd3d08c5670df261219acd14eb4cfd664da7945a27810b5fc459581c5e88b9099edfd4605c591740edfc691474d9f25500c798bd83402d3034e690c4cc0b6b7a7420ac64353c2696887dfc98cbad441828993b68b69fcc012331dd1490b50f0ef30d3ba5f44e35c388b863f177f7e8a441ce17412dc695cf8467f65bb800fe1263894c1c552280b4228a4eee36fd507159f7c4a87b38c5718c6869ea09ca7b8f5dd94599cccdf5c99639a0cbe00b8d1677f80d19e09c4c4cdf92681eadd9de8d6624199b1fd8ca90573bc5af02a89ad041e775544bdf028b94acf15c8e5b04a82eeda8584ac5d75f4e495518420b9c416d513d287052080a007ebffb47f408400daa2ce7b3f4fbf3a42daf163edbe086285979f49d3554cd6291ae71d4ddedbf4a74fa79e1a95f8b8894b70e675a8e9c260328b05bfd392399c4748f8360bad6d55f6c14535f5d2148f77a7cdad81b4b12931d0f72d9258a2d883be18ce344032a808f5d67ef46c07df4e9112fea264db6c3a91f89c58b847395474fe4aa7b114eb035d79ff1ca674d440a9afc0cac3f53f5d06a9c387ef49ca95fcf4242fde9a2bce84ed85a98c41c11054e0d4c48a984d1157185ac9e47fc5d832d784be8ac71baf79cfe6ec59c9001c77a292b6f46a758f179d4df41d997e486a638321372d937b85e88cbe0a5e7c8c4a3ce0c47b2a636d5d98ba3773c651cbb16ce94dd0f750cbde4398c721abbf57440f4eccefdd2b5f64718d4fb1570162712c985a5e9e317260836af803ceaaafbe3f371f5d1f56035b90025894be35cf4da3a26f5ae387d4a0767893ea6e720d5bc958b660ca5678bffbb08bc7d0a9c53343cf92f18781b58840d654a5714eaad272e7a5991babedaa6de634f0b29d6013799d8f3c51d9b240578a1067980eca9cc29d6ff7be8d77dc917bd220f5dde18d6a667872050005a05a6b2df076299322b7c865b2672ee259eeea46bcc05e92595f30c5b3ba6c07719cfcb7016f0505efb2560e03a7a88fc1563942e4a04966d7f7b273dc2dfe36556ac55836463d6c2cda388b36d7a9dd033874e3d7d0e41a2ce7e499ba58bfbd0a2a7816d1d7615d8ab224bbb55078226ae7075d951ad2414221ad37a3521fc41061fd375524145c539cb6465e7c1586b71e7393b14e9dc078a3f081a14bf9db8707ee774c785486536e5d67852ff65a5ba596f933f15a71c2da09dcb73a6c24f3fe4a70c50aab9b282102d8f5761e21ff5b96232acf8c36c81f51c29a416a528cc403dfec79fd0e47882287519c8465b7002a1c4903e057c3d3cd4bdd4db54fbc11864de7af6c85ae3beb1a2a9b37d0fdceedc4cfc8fae7acf1ec09985b6f23b8d8e2574e9b0eefa5580294a01ff5fd000df4b4ff3ac47a033a590723efab0608c172e0b7b9e1f21698c275681b8b05df19f1b5a200dc3a61500a172662a62ecb89e2012598e039fa01ab6e31076a16d564f35c9696af94350f71af83d0fff1f250d46027963749e3d4d7a1a118e236625e551bd0d36d7fbfd6bdee73f2f89a6e43dc7ef12ddae7fd59686bab04b95773413e623e9e4406f33dbc2d5ed5fbd49df46db8a4f3499e8110a7f9bae399d095804efcc8c76d1cc7c17b607626e87ea46a539af1d57f4a76ff3fafe2f044c5e38e1d979d22494bb1eaf77c6ad87124db2f93158bbb103b201b892e1533c5744a6d9c4e1e9075a0c97ecedca1ac51bf11d42292361e73cd5a9396852443481a919f0dd309ebfc226943e73fe67ad235548a1e5b4d0d05603ca1a951c6b0668797839392d5949a6e5c7c11347b68212c604b46e12ccb94fff22ab6bc7f5444001db5cf9ec2832b3a992ac65f289e0edbb2d11bf4cc9c9b9f468b1e74562b60c1472b93b90070fd0f419548b4cfa04f37a027b78c610e409959f862f4c51dcffcd2e326b44ed64807cfe1f222c36ac2c381ec580f39a0fbceb817f9717ed6f865bca55102d376348cc02e484b4bd9a8aa3292b7a420dc24c0b97e07dadd8bad9f9c18fd05e88f95f7ee6680e0fbdccccbccd1066910f2a99cb90e517dac6133cdca7229c707e52dd2162af741688157b87395de6258c92c9ec1cb57c453bfce511ba7f74d61c2543becac5630c78e95d4df957efa4d07f944aa8cca38dc6adf8a357fa7675f2d64c8340aec879f7b0023991ed17a42411949aa48963bd0b2391ffa4d1016aa26b340f0de334e17ef78fdd8ff0c1e39d173d0929cbf677f1d9b0fe9a7861a2f90169fd9a093416301316982b90c4a72e16213a7030ab1cf5ba62e5192dd598c3e49a1ea630f88566b4b9b86b4e44c4c2f0f43087a4f242a2e8197277548eea6e93430dd29c67c427dc8eab6900579990ac0176097d0ea632d0f0a0988ae88778e5be497776c7bccd6261ce27997ee33c277925057d12ce5b433400d0b33450754f89cd9763cb053a836d0c1382bcdba5183afe3bd23b2240252ed39c291a62ac5e6f4603d2ccdea3b3e73bb6f42e922e00dca3b2b5c38210b547963fc2d1c1c9652ab2fa20935114d8fbbbac99432236f6984e3be3801ba64f04a90366df00bb7e2e2c8792538e822724af31ddf46341ef30ed4876457916009099de6d3160936f3dd147adba5e15153f09a0703d32834f1534083f159f2c989c9ed164ce1df0d50bf90b937851af187067a98730925213d3bcba0208fdc9b6b69515652a6cf786aa86dcfd977c338093468436a158a42887bbcfc9e1da8a33f1016494906e9961901ada94ca08ab265b032c0141096b727b4ddf96b31989cd3f9ff092de6c57bca4673437a9597a777b52c651b6de50323b0b4d3e7ba874b0df275133afe44efdd43de2b086f8bccad8580f166b2824f869f7268170a5998dadb8cb8742a79b8d8fb31bc0c5714edd7214a69653d0fc5330cba8020b596441a592de3909c1851427faedbffa183121d63e06e98c6b93756a3ae1f3d78f7b6738ef2eb6b4109895ae0bb2ab82ce62735e89e1ce0201d037a9d6adeb2b70fc1dc896f416f62018cfc255d2d0a90d5f2ed22e8bf918e23f957fb0826f40838531082538aae1e2fd8622e1afeef377e559844685e748c774349fd442d3658945e48f2dbee5e99a6a1e2621b503d011fda0cc2ca2293bce84caac105b85a1bfb30e1b7420f1aa14ee0591218ed82c19de43759ade4557a15d4bed2c1c268a4c3183e9f2b7554c2561a3400da7b4f2a385035", 0x1000}], 0x1, 0x3, 0x9)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000011c0), 0x200102, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000001200)={0x180, 0x6, 0x6, 0x1ff, 0xffff, 0xc022})
r2 = pidfd_getfd(r1, r1, 0x0)
r3 = creat(&(0x7f0000001240)='./file0\x00', 0x20)
mknodat(r0, &(0x7f0000001280)='./file0/file0\x00', 0x10, 0x6)
renameat(r2, &(0x7f00000012c0)='./file0/file0\x00', 0xffffffffffffffff, &(0x7f0000001300)='./file0/file0\x00')
r4 = syz_mount_image$iso9660(&(0x7f0000001380), &(0x7f00000013c0)='./file0\x00', 0x7fffffff, 0x3, &(0x7f0000001680)=[{&(0x7f0000001400)="04a033d1e33c23e736b67f568098875e362a3c747ec36b215d7720d218aae84ee2f9dfc287ce97f423e50ca92fcba8a3fad8160372c9390c3a7a3d3d750d82375b50b6183fc28c1c24b2387c5f5d094d89af008b25f2807d2ca29a3a2bddcc4da7e3958adf04de95f0fc7898f7cd78604b0dcc82766a2307b4e7274ea01e024b0977223e10966893101782107b80b378b5c683096c24b737be6dcc978098", 0x9e, 0x6}, {&(0x7f00000014c0)="70b4b816e06ab1b9be6bbf8af0cc57f53acae0df52454118f1515b7f488c23981212409d1ef9e446c08e12b6e7725f4e46fb118551186e78c70f5ceb024a0948c2ea7c692b6029ab081ff9aa7ae3a18ce414eabfbae337b2d812281decf11b69d49ca98a3fb1a656949d3991f00b74da6c9604a2616fab3ca8cd6ffd520b5c92823e098b3c2ad7e2da8671be236941c313cabd52", 0x94, 0x7}, {&(0x7f0000001580)="8cb969a4266c213414616f4576c91e048ae6ffd4471824ba3622a170fab4f64eb6e8238d03693b7dc15ad8f3cf8a25bf2895422f3080e741b0403a7ab8d1da3a2a6da0896ac215e40c6c424349d100ba8e1891c48cf0ef7aabfd9944ad60b80d26991cfe1f41e38af881d6715a99d72329ce9f0941aea4b593912f94ea09f42f43067ca160fa4109bc8d68b2deb4c80869adc16b6376462f577c01ddc5c5764c68d98f1a4d3f902464873a0a7ac0f5f48869b0b79b4f24f7fe605cd486781dfc8b032b2e8e29e53a2792", 0xca, 0xe70}], 0x400, &(0x7f0000001700)={[{}, {@gid={'gid', 0x3d, 0xee00}}], [{@subj_type={'subj_type', 0x3d, '-\':'}}, {@mask={'mask', 0x3d, '^MAY_EXEC'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/proc/self\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x1}}, {@euid_eq}, {@dont_measure}]})
renameat(r0, &(0x7f0000001340)='./file0\x00', r4, &(0x7f00000017c0)='./file0\x00')
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r2, 0x6612)
pidfd_send_signal(r3, 0x3c, &(0x7f0000001800)={0x15, 0xd1d, 0xff}, 0x0)
fadvise64(r3, 0x5, 0x6, 0x5)
ioctl$FS_IOC_GETFSLABEL(r4, 0x81009431, &(0x7f0000001880))
close(r3)
sendmsg$NL80211_CMD_ABORT_SCAN(r2, &(0x7f0000001a40)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001a00)={&(0x7f00000019c0)={0x20, 0x0, 0x10, 0x70bd26, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x20, 0x64}}}}, ["", "", "", "", ""]}, 0x20}}, 0x8800)
mount_setattr(0xffffffffffffff9c, &(0x7f0000001a80)='./file0/file0\x00', 0x800, &(0x7f0000001ac0)={0x70, 0x100006, 0x0, {r3}}, 0x20)
sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f0000001d00)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001b80)={0x128, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x114, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb24}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe32}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x96}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb0a9bf5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3ff}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x81}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffff17}]}]}]}, 0x128}}, 0x44044080)

04:54:29 executing program 3:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$FIOCLEX(r0, 0x5451)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000080)={0x785c851f, 0x75, 0x1, 0x5, 0x3f, "1f791406b6ca6835e0b4469462db6d76cecb7f", 0x5, 0x6})
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x40)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f00000000c0)={0x5, 0x2, 0x1, 0x6c4, 0x101, 0x3})
ioctl$TIOCGPKT(r0, 0x80045438, &(0x7f0000000100))
socketpair(0x10, 0x3, 0x6, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000180)=0x100000)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000001c0)=0xed)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000200), 0x10000, 0x0)
r4 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000240), 0x2, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, &(0x7f0000000280)={0x0, @adiantum, 0x0, @desc3})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000003c0)={0x0, <r5=>0x0})
statx(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0x1000, 0x7ff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = socket(0xb, 0x80000, 0x10000)
sendmmsg$unix(r3, &(0x7f0000000600)=[{{&(0x7f00000002c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000380)=[{&(0x7f0000000340)="a669a14e69651e5d078d3398aedac415002cf3c246bfd7fca0041421b4145534da29997e5c8c9a10edf0498342894faef9094790ff860a", 0x37}], 0x1, &(0x7f0000000580)=[@cred={{0x1c, 0x1, 0x2, {r5, r6, 0xee01}}}, @rights={{0x18, 0x1, 0x1, [r1, r4]}}, @rights={{0x14, 0x1, 0x1, [r7]}}], 0x50}}], 0x1, 0x20004841)
fspick(0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x1)
openat(0xffffffffffffffff, &(0x7f0000000680)='./file0\x00', 0x189802, 0x180)
dup2(r2, 0xffffffffffffffff)

04:54:29 executing program 5:
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x200, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000140)={0x1fc, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x84, 0x8, 0x0, 0x1, [{0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x569cc194}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1294d194}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xbc}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x178c38dd}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x8e}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x57}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x625e4f83}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1b15e2cb}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xca2d130}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x7f}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6de546e2}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4d}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x1}, @NLBL_CIPSOV4_A_MLSCATLST={0xcc, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4ebb}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6e549e42}]}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x69da}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4b70}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x591a885}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3e50}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1572}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xe1bc5e8}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe6ed}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6903e488}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x391c5a66}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5ea}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x46b6}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x18b0cba2}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x65f3c992}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x67ecd145}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x790b30ce}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x58e533fd}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xacbe}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6b78}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x966b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7eff}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x28, 0x8, 0x0, 0x1, [{0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2f02bb7}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x372a1cf7}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4ec9ad07}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x8}]}]}]}, 0x1fc}}, 0x8000)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4091c}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000044}, 0x80)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x2c, 0x4, 0x8, 0x801, 0x0, 0x0, {0x5, 0x0, 0x8}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8884}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x400)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$IEEE802154_SCAN_REQ(r0, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x24, r1, 0x100, 0x70bd26, 0x25dfdbff, {}, [@IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x10}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x90)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wpan3\x00', <r3=>0x0})
sendmsg$NL802154_CMD_GET_SEC_KEY(r2, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, 0x0, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040}, 0x2)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000880), r2)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000008c0)={'wpan4\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000900)={'wpan0\x00', <r6=>0x0})
sendmsg$IEEE802154_LIST_IFACE(r0, &(0x7f0000000a00)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x5c, r4, 0x300, 0x70bd26, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}]}, 0x5c}, 0x1, 0x0, 0x0, 0x24000010}, 0x4048090)
sendmsg$NL80211_CMD_SET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x34, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x20000020)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r2, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4008)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r7, &(0x7f0000000d00)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x24, r4, 0x1000, 0x70bd2a, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x7f}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000000)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000d40), r8)

04:54:29 executing program 4:
sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x98, 0x0, 0x224, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7fff}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x149}, @IPVS_CMD_ATTR_DAEMON={0x60, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x98}}, 0x8000)
r0 = syz_open_dev$vcsa(&(0x7f0000000180), 0x1f, 0x8000)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, 0x0, 0x10, 0x70bd25, 0x25dfdbff, {{}, {}, {0x14, 0x19, {0x6, 0x2, 0xfffffffb, 0x6cfa5d2f}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x10)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8491000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x88, 0x3, 0x7, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFACCT_FILTER={0x2c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xaf4}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x20}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xa771}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x401}]}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x80000001}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x1000}, @NFACCT_QUOTA={0xc}, @NFACCT_QUOTA={0xc}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x3}, @NFACCT_PKTS={0xc}]}, 0x88}, 0x1, 0x0, 0x0, 0x48040}, 0x404c048)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), r0)
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40841000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0xb0, r1, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x5c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x10000}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xc1f}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x157}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x101}]}, @TIPC_NLA_MEDIA={0x40, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x88}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10000}]}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x804}, 0x4000)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000001900)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000018c0)={&(0x7f0000000640)={0x1264, 0x0, 0x2, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x4, 0x48}}}}, [@NL80211_ATTR_FRAME={0x5f7, 0x33, @data_frame={@no_qos=@type11={{0x0, 0x2, 0x4, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x7f}, @device_b, @device_a, @device_b, {0x4, 0x6}}, @random="a08512aed12bc466ecf45fc28a09d28c62610f4bf3f870eec5c85fc557b920f8a1a6db499d3e24d1e9c30dd90e7ed7bf57811a4546886db67da9927254611b96b7aebbcbc5deb2596622dd37f2012ce8def05487944551028a3f1ff82e8d47c62fa8a6f7a93400df93608849fc2c317a71fe537516b09c295477f860a4eab51a76b53de4532e388f4ed413901df192b3eba714e5deb4d15e47eeda5d0aecffe7cfd84ca2e0291ff11394088b9c5e4fa7994f390b3d356fae5677ec8a5810510171550907b6b95d133313e3621440544c8676a6d38f9c9f64924d44dbfcd6fe574a01f815c15b04c3bb9073b278e1c0a9edf27bf026d82139937b2a7d668d588658bba5241711d8e749f5d60a8cdea89f52de47ec8ca41c3b5024896dd1f483e9e4d2628149b81f7ec0124bf8e2c59934e625fef348156d8ff87d158867bfe58f5d90f69fd62a8a6473ad9bdb3c2fbdfb43aa9575ee06ca488dee4c27629bbbbf63dca4aaa0b9cf5115c7be4f9790e6ee2b44e32899ac9e4ec789507dca3a5c064ccefb2381f5dde096befd3563c8d620a20468cd44f8014e65e9863a46c34c4c8cb15c51d0b4deedbf49e4a16f53c6544e16954d79393db99cb59334120aa24739ac24ccb4de5ab3b5ad36b56455d4ebd218509f249e163b49abaf32cfb3abe2cbd9a9f73772896cce2a671ced556d4b22c515be0a9abc38eda7a4c9b5e0c494438bd749206452246f6f95fca7672329f0f09e68dbc6d8c7c150a69b05be7865eed68d9e7401374effbceb33e12d8c1d89d974ff06c288e51160ed631226be246e39175e785b2902774b865e942855d3432545e986a842c9d7c3a53ac3f65b5d81565966a0b26db63cedb0d63135271d21722898a311a7941a748d1509b8898894078e8066bd7e8812d5625efca2f9b487661442abefab5a8a283051967e5e8dce5ed02eabf75167704321783b72ab2b3de139f09721b7682cdf41122eb71af5fcf50d3e827919d01924ff8f61438514458d213a7d5108af2aad0ddba0196f4ba00ffda3cd5d2e640f5c3bcd246267968adfbf88ab08d1d15ba9887108ed3c3d246e67f6e82a8bd0cdf533402804885ee37c96147e9012a89c5bf9ee0cf869957ff9f8552139da0bdaa4b2bbdc590affdc95a91c3a1365ca9b4498e80adf84d71f82ee365a0b85437684126645d2cfac16ea2a3d369a94bc7da2c8edebedafad8fe84a5dfa5f908bbeaece31186b96ae3bc843e50bbdeebedbc65b81cbb51e0cef84f47250c28f68a7656d6fdba2ec70ad93fbd796d34d7705275eca1ee13256447d05ea6d36531e0825046d81547aa23864d4be35763fdf55bd6a8313f6320f08e28cd9aa6673cc30ea2ed9a315a5453ae01da6eb21c8e15a6aa2cac9bd49d1e241b1a2305a329f6d27e270a37639124f09dd419bcfac944e9696829071aff448e6318f3d89f5901b3f4bf8c5cf418b53b9bce02f25e32785602a454bca4bc10a08494bf3d943c755d2115d43e0e33badcf991cf4377423b78ad7826e873cd5d9868ce08fc48034f50360853d772ba79c3540f9d0164373eb1a4ec74709671337ee334ba188be042c139e6f550f169f9d2d502624d32751dc654ad3ef91d18484c966b7e6430bee7ac6fa3cae58d3a8e56483fa34d9a7a1c994c87f959ac75ba9c4f17333bfd6c5c28c85f3f373b4757c89678c93af002be2ad5fc764ddb1fbf991cb7571a22c7bcc05949cb93b145482307a30ea52fb8d41bdff38922c9d394dc861846469a9dab6bcc99e6dc271d037f7845c92dbb5bcc79e7979ef0204087120388838ed361cd76f0fd2f53c9cedd681d7c9b1f4f221705d5279afdfc53e8060f73f5a48f6fd4c84f08b88d0df914f2b43c79dfb886d7563aeb177b32b844bab72677a239c8480f258fce4d61ec6b5980e37e86096dbde7d7569737ab44f16032c28235be611681e5b76ccd0674a90ce03b2dbb4315a602501aa68bea4959996827260fedf02f68f20262dfa91ad192ee6a1cb4c0da73212af041b332ff32ad49ade05ba1c1d25dbfb0d526546dd45d402270dc77c53678b7a71e0a220435ec7e662eb243abfd9b0df7833fa8bedc33c77d632"}}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_FRAME={0x360, 0x33, @mgmt_frame=@probe_request={@wo_ht={{0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0xfcb}, @device_b, @device_a, @initial, {0x4, 0x3}}, @void, @void, @val={0x3, 0x1, 0xa1}, @val={0x2d, 0x1a, {0x40, 0x2, 0x0, 0x0, {0x6, 0x20, 0x0, 0x86, 0x0, 0x0, 0x1, 0x2}, 0x6, 0x5}}, @val={0x72, 0x6}, [{0xdd, 0x14, "ade7274cc1ddf1b21b29763b38b4060808d3e45b"}, {0xdd, 0x7d, "6c719263a64118917252d919f68b1e7c862d7183458b4cfa526533b377a9d521968cce118fad69d06a34a50e76664b8003ab9298ed7c46dbcc296acd6af4492d073874a34317b9787dcc791fa3b0cccca86705fbcf80f742be70afed0a36137517242384ce0a047e10b72af35d193d4edbce3b6436b824802d695c71d7"}, {0xdd, 0xe3, "8437bb2ec275a2da4610bdbcd3b72e77a33b88087a5a33159540b5c976a09311dc6b429370d87f649ecf38ba50102bf398926edfac5edd7ccdd5499245d42bb101e00bd7ca222d8d73c880236b4c09fde00d318cbc7cbaa3d9b9575d604ed78c62950ed1c3542dba379bc7b126fb6d438f5a29e96a250a80a0e885b0d840b3ff620f6ea2251bfdf3876800123ea44504cff1621eec7720a9e09d95a1b7f1148cf1e9dc23fbf8b6d145fed79a2d9a455aa189e5caf565cc30850242ddf7d7fd275f8020fb0c683196f1d05593f1c6db5b962693eb70137f03094ccf2bfa58e2272ccd68"}, {0xdd, 0x1e, "258ddb54f3214e0915156ba6444ab1c99bb2983e9eccbfaa27e580ee7e3f"}, {0xdd, 0xbc, "18aa01043a7792c0b8416032c98128bc80201a12e5ca9a3382de2eb5f9e91d7b76735c2718b59adb53eb8c4abbc76a646d28da460fecb1703334c019ce3084a7e25444781585c090cea4b00de6b24abf785abc68787b1d2db8fff695180c5b9571f1169b48f04647956f2ea1099e2cf96a277c7a35b09ec7f91dd24d4cb29271ae50034307e0fc00d60b014763327941fd12256fe37260ce966cbe401c67be19e27ce16c08c3878c0b2149bd2e4cacbe325f6eebe6d153523074b8fe"}, {0xdd, 0xc3, "2f32dd6d2a8e9ed4c9af4388f75b34c06e399ec5b4b0e2f84a47cd298a3a2c88a4f156e365c6b619d468549e51ad3baf8978f20e076bca232baca239b7d3f81a9905e63e4d14320b2b2a9013876bbbc645b44115cf6f2ec1c0c8f1b50375e03aa13a4c9939b6969667dbeae42a857ae05f3ae7224a324ec90ff2770f1119c5cce9742452cea4282a004c0270254f865505d44bb0b550b920db14055fded05c5425058918783b2faa94d0f488fe10733f702bb1a7e011e984572401b2c211e21d91973a"}]}}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_FRAME={0x8bc, 0x33, @data_frame={@qos_ht={{{@type01={{0x0, 0x2, 0xc, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x3}, @broadcast, @initial, @device_a, {0x0, 0xffc}}, {0x9, 0x1, 0x3, 0x0, 0x20}}, {@type11={{0x0, 0x2, 0x9, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1}, {0x2}, @device_a, @broadcast, @from_mac=@broadcast, {0x5, 0x7}}, {0x5, 0x1, 0x1, 0x1, 0x2}}}, @ver_80211n={0x0, 0x2, 0x3, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}}, @random="8fdb43993b63de7a98bb59c2e2617e82b3c31e8d4e4f10813a80afa5b96e6dafd64feb2ce27ad81c7438285ff918d5451f9bfe43d6622d73ffa981e82defb6e488d8c096abc4d842b14c6d8a7c468ab972816f247cb50fc621a55ae27f52726383fbaf1b496cda52b2c5fd8a5b45d862702e0ac4f85d355da538b657582f925409361c2f139e30831e423ab8ad7ce48f72485ccfb0a939b4b4d8eb54fa64f05bd35e6bfeffd028df2c07155d95b82fc51b1182495423bd69d8794baf35cb2fae67fbf447a444d7c70f105f0ef96423e03d61b07b895841f28533553b3768f7298c32b8ba18b5df7612a20d43544125fbfc39478bb87f52e98079bfcdfc2d51948dece27b4de2e11233fa00cf3d9d18604997460ebc661080b4508e51dc7c6765c000d851987979a094c1eb6b6cff23afc4a6be1aeea342c9d178ae099a9a5221de595194d93d3e1757292ffcc88d299e06d30a0e5fbbb74f51c266335666bbaf0c4025984f7c01113746f5e0388427be13384b683b2481e0b191965adf804b617ae9693a6f8d2e29e5a4482997c95a44fce94805b46ac33135e1531cd63f141eefa913a1ab420ac54066d397e408a374f568e8470aadd2e0f504189bbd9d6cf55864ecb2c6b2d261072476e5d198becb82a5c84be1b83377f82991e2886059f1085d7392ba203acc91279c497e4238128caa35870cece09f273dbe84750837c79bd32d9cb3b59a8a19c8f0721a2eb3e08011099a47f3a83444f546a7c0be6c8f2af3cc4c1f3a334508b7fec716289b6f8fdc44c481cb032552a455bf58c936a7456e66f4240afa324e72ec3769d944d83ea38d5f0d97d2e76aebb7439c36c8b8794a6c45723d35500aab844994d4e86e722ace73e75ffe3c92e6ebae4fa634fe0eff652ee21441f518daf18f72b4c66bfc782c409c9d012dd3678c76194dade21cbc7ff4ca8cad747ea26bd06361f8869f5ece9057ba092b6a9a4953ea576b266fa48431b4e40085a5f38f74e195ffdd236329e50ffb10789abd7bce1463ecc7029ed5dbea123b52b932e23f5e6cefcb39642d243cf4d4eea57d7b96ae6e9d0b70f7a8345735cb0ca63c9b543ca5ce53d81d1d81c0711f72046578253d4add1adb7458addf1ebab844a3043f0be49faaf1db6f55a4602cb9795df3352f0d5128a147975d79604116c75fe8a9017ec532e18cf91f7476f47bab0e3fe965ba6dd1c5201edb42efaa05e16bbaf4e1b5961250bf5928ac82bee9a199fd61c5fb3aa96e4a7c67ed610092fe7d5257ad7255f9a4cc1953d225dd136ec7e48c29c5d6a5c44e0d067ddbb458570264540343ebb4b527cadfaf82dbff36e4d5c1361e1004c6c5f61d0d59cb40715f7b81d811157f5fbb0dbf5635c5b1173b4d6ff52cf77ac68d9d99723d24f51ce3e712976ea8e8b14aa38945ad4370330d4fb87e728bdf754c05d86646b915557914609f51e29274593eb3e22a15c111bfd858f1a99a26b8c4cfe33493d326977a4a49befc155fc0a3bf39651396b2e1d6858ca065d5a707646e2a76de2dbee015a67277671fddd3d6cfa44a5a00685485e35eb1384560050e28add50e010e449b805a18199beee2cebb66ceeb23eefb28127bb34d44c0051c0c7862dfc8c6a19f601389616ac986b30ffd32f1875237533daa20e41a9a670bc13d5ecd572c855bfe4d656d9e144852ae1b9e4fc21f440f46018bcbfc65ff216d3d1ce4d2e6aabb2d6a951e8d832f9539de7d0b955e275c0eca270c10237ec5eaefd3972bdd8c08cac024bc98f4f3f3cd3a36746bf75da85900604551c4a4313e6d16f321c2139eddb21a76f82b3e43dd5c93707124af9eccffb70a785237f88af398e3b0bbb4a034b9eef186bd8ae2a9dfde440b6de312485fadaac317fe967faa4ba1654fe5c415e3f890300f0b3489aa1e4acdd23b5cab54e0147390d47b0b27d91666a6a5efda1f037f8c1e7d2390e81ff4810573bcc1bea4f53477623a7c9a8489a36892ff681e6053f7359c7572b0d98f99412495d48f20da890c101d10885e74074eb11ffc3e28e616fb27612a36b45348023bc5446408d23f6335672ef00a4855a48aff0427b621dd4c24584a19c0dbce737fa71cf365cfc8fcceabfc26407e9e93dc79b4bc3c7d05b5f09718bd14b1aa99a57094f486fa615d4200fa4b15ebcdc3fac2fd5d434cf907ec6f10edeff2f257a6e95f13d12a7bbff03461eab55fb0e2842b20a411cd8ad80e44b8e1285d94c7f602102ae6e56b4d4b277b1c1c023a2751ca25e0cd55927562a11fc5578f11985d347d9456846fa65b110df0f0d860224b50bd4aa6c3a7e7e9132fee51efd778667d47ccc89ea644e34d06c57bf21a187fbe057fbbba55f41b2274e2ad1a3c853f178c088335faff9a0a9fe88e064e7a56ca084cf73fb85ce3e0c15be35edc5bd4957ead776e461c0a4f0fff44b5618d9ebc1f5d7da3c02132f0cdfddc2e3750cc9d7ab775fbe2e36830d0adf988a17013dfbba654d0994eafdda92e17c7d0d5e61923d5a056176dc0b2d5778a6cde30f4a4befa61240fa9aff01c989bd80a11d240c388283fb1f82959ac2dd2c2d89d12d453f5325eaeab542913def54bbdd73f92f548b121f1099df9338b78533b21d0c1c234e67fd95e401862b19188fa98d0aacb85261f1a37a6a00f36b8785224363ae7970b4eafadea386ea06062fc0fc1184f74551f16dee07306c7d101aa8c199a3736bd4f5c30268d2ce5098760fd2bc81db2297ed2538b9accc083126a214955fb8599b445063423b4be335cd98ad6021fe8616ad08cd8ef079b714a05824aaeb5812d038cc33f9b382ef3c6bad54a607bc453b11b235cae8b51868097c95034bbda0a6c307e59dbe1aa3d92c9c506e76fdb80deddaa6bc06607a21e1682f5e3574cbbb7523ecfebe889cad26e19f63908c6cca1884511dee127e1f07c9510d6687aaa068bd65174736d08a13657452fc7b9c5fa5a7c57514f545c93de9950f44f32c5b7d6e1a0b5b6483d23ede09165b5492f47dc1b5f3a63789c5e4bf45acd070ed2202706a6b68eff28aad0f80e95"}}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x1264}, 0x1, 0x0, 0x0, 0xc004}, 0x40)
pipe2(&(0x7f0000001940)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x6c00)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000019c0), r0)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000001e00)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001dc0)={&(0x7f0000001a00)={0x3b0, r4, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7fffffff, 0x48}}}}, [@NL80211_ATTR_BSS_BASIC_RATES={0xb, 0x24, [{0x12, 0x1}, {0x4, 0x1}, {0x5}, {0x6, 0x1}, {0x60}, {0x4, 0x1}, {0x4, 0x1}]}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_TX_RATES={0x344, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x5c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x80, 0x6, 0xa000, 0x7, 0x6, 0x6, 0x3e1f]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xba4, 0x1000, 0xf526, 0x17, 0x7, 0x6, 0x7, 0x7f]}}, @NL80211_TXRATE_HT={0x2e, 0x2, [{0x1, 0x6}, {0x7, 0x2}, {0x4}, {0x4, 0x6}, {0x2, 0x2}, {0x7, 0x8}, {0x5}, {0x7, 0x3}, {0x7, 0x7}, {0x2, 0x9}, {0x2, 0x8}, {0x1, 0x8}, {0x0, 0x2}, {0x4, 0xa}, {0x1, 0x8}, {0x7, 0x4}, {0x2, 0x7}, {0x0, 0x9}, {0x0, 0x4}, {0x1, 0x6}, {0x6, 0x6}, {}, {0x5, 0x5}, {0x3, 0x5}, {0x3, 0x6}, {0x1, 0x7}, {0x5}, {0x4, 0x6}, {0x2, 0x8}, {0x5, 0x3}, {0x1, 0x4}, {0x0, 0x1}, {0x5, 0x2}, {0x3, 0x9}, {0x1, 0x7}, {0x3}, {0x6, 0x5}, {0x3, 0x3}, {0x4, 0x9}, {0x3, 0x2}, {0x1, 0x2}, {0x5, 0x1}]}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0x9c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x17, 0x2, [{0x4, 0x3}, {0x2, 0x6}, {0x2, 0x6}, {0x5, 0x5}, {0x1, 0x9}, {0x6, 0x6}, {0x6, 0x4}, {0x1, 0x8}, {0x7, 0x4}, {0x6, 0x9}, {0x5, 0x5}, {0x5, 0x2}, {0x2, 0x8}, {0x1, 0x3}, {0x3, 0x1}, {0x4, 0x9}, {0x0, 0x4}, {0x3, 0x4}, {0x5}]}, @NL80211_TXRATE_HT={0x13, 0x2, [{0x1, 0xa}, {0x0, 0x2}, {0x7, 0x4}, {0x1, 0x6}, {0x5, 0x7}, {0x2, 0x8}, {0x4, 0x9}, {0x5, 0x3}, {0x0, 0x6}, {0x0, 0x1}, {0x1}, {0x6, 0x9}, {0x3, 0x3}, {0x0, 0x9}, {0x7, 0x8}]}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x3, 0x1}, {0x0, 0xa}, {0x4, 0x5}, {0x2, 0x9}, {0x6, 0x1}, {0x6, 0x1}, {0x4, 0x6}, {0x1, 0x2}, {0x0, 0x3}, {0x6, 0x4}, {0x0, 0x9}, {0x2, 0xa}, {0x7, 0x1}, {0x7, 0x9}, {0x4, 0x4}, {0x2, 0x9}, {0x7, 0x5}, {0x0, 0x3}, {0x7, 0x6}, {0x6, 0xa}, {0x1, 0x5}, {0x0, 0x7}, {0x0, 0xa}, {0x3, 0x6}, {0x4, 0x6}, {0x4}, {0x1, 0x8}, {0x5, 0xa}, {0x3, 0x8}, {0x1, 0xa}, {0x5, 0xa}, {0x7, 0x9}, {0x6, 0x9}, {0x5, 0x1}, {0x1, 0x7}, {0x0, 0x9}, {0x3, 0x3}, {0x5, 0x4}, {0x6, 0x7}, {0x2, 0x7}, {0x2, 0x4}, {0x3, 0xa}, {0x0, 0x3}, {0x4, 0x4}, {0x5, 0x4}, {0x5}, {0x3, 0x8}, {0x0, 0x3}, {0x5, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x5, 0x7}, {0x7, 0x1}, {0x1, 0xa}, {0x7, 0xa}, {0x4, 0x1}, {0x1, 0xa}, {0x6, 0x9}, {0x3, 0x9}, {0x2, 0xa}, {0x7, 0x8}, {0x3}, {0x7, 0x2}, {0x3, 0x8}]}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x5, 0x1b, 0x1b, 0x70, 0x3, 0x3, 0x4, 0x30, 0x54, 0x24, 0x1b, 0x5, 0x1b, 0x18, 0x9, 0x48, 0xb, 0x6c, 0x48, 0x6c, 0x6c, 0x9, 0xb, 0x12, 0x76, 0x6c, 0x18]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0xec, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x15, 0x2, [{0x4, 0x3}, {0x4, 0x3}, {0x0, 0x8}, {0x0, 0x9}, {0x1, 0x2}, {0x1, 0x7}, {0x4, 0x1}, {0x3, 0x6}, {0x2, 0x8}, {0x7}, {0x4, 0x7}, {0x0, 0x6}, {}, {0x4, 0x8}, {0x2, 0x9}, {0x6, 0x4}, {0x4, 0x9}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x36, 0x2, [{0x6, 0x3}, {0x2, 0x4}, {0x1, 0xa}, {0x2, 0x3}, {0x1, 0x6}, {0x7, 0x3}, {0x3, 0x9}, {0x0, 0x5}, {0x1, 0x1}, {0x2}, {0x3, 0x9}, {0x0, 0x1}, {0x0, 0x9}, {0x1, 0x6}, {0x5, 0x7}, {0x5, 0x1}, {}, {0x1, 0xa}, {0x4, 0xa}, {0x4}, {0x5, 0x9}, {0x4, 0x2}, {0x2, 0x9}, {0x4, 0x2}, {0x3, 0xa}, {0x1, 0x9}, {0x3, 0x6}, {0x0, 0x6}, {0x1, 0x5}, {0x2, 0x4}, {0x2, 0x3}, {0x0, 0x4}, {0x0, 0x3}, {0x4, 0x4}, {0x3, 0x8}, {0x5, 0x2}, {0x5, 0x4}, {0x6, 0x3}, {0x5, 0x4}, {0x7}, {0x1, 0x4}, {}, {0x2, 0x8}, {0x3, 0x6}, {0x3, 0x1}, {0x2, 0x6}, {0x3}, {0x3, 0x3}, {0x0, 0x3}, {0x3, 0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x8000, 0x200, 0x1, 0xf50d, 0x954, 0xc761, 0x3f]}}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x48, 0x60, 0x48, 0x18, 0x12, 0x12, 0x36, 0xb, 0x48, 0x36, 0xc, 0x12, 0x1, 0x9, 0x30, 0x16, 0x24, 0x2, 0x1, 0x6c, 0x30, 0x16, 0x6, 0x30, 0xb, 0x48, 0x60]}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x24, 0x36, 0x9, 0x1, 0x69, 0x1b, 0x5, 0x48, 0x6, 0x2, 0x16, 0x36, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x9, 0x3, 0x4, 0x8, 0xfffa, 0x7, 0x8]}}, @NL80211_TXRATE_HT={0x31, 0x2, [{0x1, 0xa}, {0x3, 0xa}, {0x5, 0x1}, {0x5, 0x8}, {0x7, 0x5}, {0x4, 0x1}, {0x4, 0x5}, {0x2, 0x6}, {0x7, 0x5}, {0x1, 0xa}, {0x3, 0x4}, {0x6, 0xa}, {0x4}, {0x2, 0x6}, {0x0, 0x6}, {0x5, 0x6}, {0x6, 0xa}, {0x0, 0x5}, {0x1, 0x4}, {0x4, 0xa}, {0x7, 0x1}, {0x4, 0x5}, {0x4, 0x1}, {0x2, 0x8}, {0x1}, {0x0, 0x8}, {0x1, 0xa}, {0x5}, {0x1, 0x6}, {0x5, 0x9}, {0x1, 0x9}, {0x7, 0x3}, {0x2, 0x2}, {0x4, 0x9}, {0x7, 0x4}, {0x4}, {0x6, 0x6}, {0x6, 0x5}, {0x5}, {0x2, 0x9}, {0x0, 0x3}, {0x6, 0x2}, {0x5, 0x8}, {0x7, 0x5}, {0x2, 0xa}]}]}, @NL80211_BAND_2GHZ={0x150, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x49, 0x2, [{0x1, 0x7}, {0x2, 0xa}, {0x5, 0x4}, {0x0, 0x4}, {0x4, 0xa}, {0x6, 0x9}, {0x7, 0x4}, {0x2, 0x3}, {0x1}, {0x2, 0x7}, {0x3, 0x7}, {0x2, 0x8}, {0x7, 0x3}, {0x5, 0x1}, {0x5, 0x5}, {0x0, 0x2}, {0x6, 0x8}, {0x0, 0x8}, {0x0, 0x6}, {0x0, 0x7}, {0x5, 0x8}, {0x6, 0x2}, {0x4, 0x4}, {0x7, 0x1c}, {0x0, 0x3}, {0x1, 0x1}, {}, {0x1, 0xa}, {0x1, 0x6}, {0x7, 0x3}, {0x1, 0x8}, {0x4, 0xa}, {0x5, 0x8}, {0x1, 0x9}, {0x3, 0xa}, {0x6, 0x3}, {0x0, 0x2}, {0x2, 0x6}, {0x0, 0x2}, {0x2, 0x9}, {0x4, 0x6}, {0x6, 0x8}, {0x7, 0x8}, {0x1, 0x4}, {0x0, 0x4}, {0x3, 0x7}, {0x1, 0x9}, {0x1, 0x1}, {0x0, 0x9}, {0x7, 0x6}, {0x6, 0x9}, {0x7, 0x2}, {0x4, 0x2}, {0x7, 0x3}, {0x6, 0x8}, {0x0, 0x1}, {0x6, 0x3}, {0x0, 0xa}, {0x4}, {0x3, 0x4}, {0x6, 0x6}, {0x3}, {0x0, 0x8}, {}, {0x2, 0x2}, {0x3, 0x4}, {0x2, 0xa}, {0x0, 0x2}, {0x0, 0x7}]}, @NL80211_TXRATE_HT={0x23, 0x2, [{0x0, 0xa}, {0x7, 0x1}, {0x3, 0x2}, {0x5, 0x9}, {0x3, 0xa}, {0x3, 0x8}, {0x0, 0x5}, {0x0, 0xa}, {0x0, 0x7}, {0x3, 0x4}, {0x2, 0x5}, {0x4, 0x1}, {0x1, 0x9}, {0x7, 0x8}, {0x6, 0x6}, {0x6, 0xa}, {0x1, 0x2}, {0x7, 0x6}, {0x4, 0x5}, {0x1, 0x4}, {0x6, 0x1}, {0x6, 0x4}, {0x6, 0x4}, {0x3, 0x3}, {0x0, 0x9}, {0x6, 0x7}, {0x7, 0x9}, {0x1, 0xa}, {0x2, 0x6}, {0x6}, {0x7, 0x6}]}, @NL80211_TXRATE_HT={0x46, 0x2, [{0x4, 0x4}, {0x0, 0x4}, {0x4, 0x9}, {0x4, 0x8}, {0x0, 0x6}, {0x4, 0x9}, {0x7, 0x2}, {0x3, 0x8}, {0x3, 0x4}, {0x4, 0x2}, {0x5, 0xa}, {0x0, 0x2}, {0x7, 0x7}, {0x1, 0x8}, {0x5, 0x9}, {0x6, 0x8}, {0x0, 0x6}, {0x3, 0x1}, {0x1, 0x2}, {}, {0x7, 0x4}, {0x7}, {0x3, 0x3}, {0x3, 0x9}, {0x2, 0x8}, {0x0, 0x7}, {0x7, 0x5}, {0x1, 0x5}, {0x4, 0x1}, {0x0, 0x7}, {0x7, 0xa}, {0x3, 0x8}, {0x7}, {0x1, 0x6}, {0x3, 0x4}, {0x3, 0x1}, {0x5, 0xa}, {0x5, 0x2}, {0x6, 0x5}, {0x0, 0x1}, {0x1, 0x2}, {0x6, 0x5}, {0x7, 0x3}, {0x6, 0x6}, {0x3, 0x8}, {0x1, 0x7}, {0x5, 0x4}, {0x4, 0x1}, {0x0, 0x7}, {0x6, 0x6}, {0x1, 0x9}, {0x1, 0xa}, {0x7, 0x2}, {0x6, 0x1}, {0x1, 0x8}, {0x5, 0x8}, {0x0, 0x3}, {0x4, 0x1}, {0x7, 0x3}, {0x4, 0x2}, {0x1, 0x2}, {0x3, 0x2}, {0x5, 0x4}, {0x0, 0x1}, {0x0, 0x3}, {0x1, 0x4}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x401, 0x8, 0xa, 0x3, 0x81, 0xea9b, 0x2, 0x2]}}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x9, 0x25, 0x1b, 0x6c]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x3, 0xc5, 0x9, 0x8, 0x1, 0x0, 0x1]}}, @NL80211_TXRATE_HT={0x33, 0x2, [{0x6, 0x8}, {0x0, 0x5}, {0x3, 0x2}, {0x2, 0x2}, {0x6, 0x1}, {0x3, 0x5}, {0x3, 0x8}, {0x1, 0x9}, {0x2, 0x9}, {0x5, 0x6}, {0x3, 0x1}, {0x3, 0x1}, {0x0, 0x2}, {0x7, 0x2}, {0x0, 0x5}, {0x5, 0x6}, {0x7, 0x5}, {0x6, 0x4}, {0x5, 0x1}, {0x6, 0x9}, {0x4, 0x4}, {0x7, 0x7}, {}, {0x4, 0x6}, {0x2, 0xa}, {0x7, 0x2}, {0x5, 0x1}, {0x6, 0x8}, {0x1, 0xa}, {0x1, 0x8}, {0x0, 0xa}, {0x4, 0x2}, {0x6, 0x6}, {0x1, 0x9}, {0x7, 0x3}, {0x1, 0x6}, {0x5, 0x9}, {0x7, 0x1}, {0x0, 0xa}, {0x5, 0x5}, {0x6, 0x9}, {0x3, 0x7}, {0x5, 0x4}, {0x5, 0x8}, {0x3, 0x6}, {0x7, 0x6}, {0x0, 0xa}]}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x6c, 0x9, 0x36, 0x6, 0x6c, 0x9, 0x36, 0x36, 0xb, 0x36, 0xc07689297ec5310d, 0xb, 0x6d, 0xc, 0x36, 0x30, 0x6c, 0x4b, 0x3, 0x6c, 0x24, 0x4, 0x24, 0x6c, 0x5]}, @NL80211_TXRATE_GI={0x5}]}]}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x12b}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14c8}], @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x8}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x3b0}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001e80), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000001fc0)={&(0x7f0000001e40)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001f80)={&(0x7f0000001ec0)={0x98, r5, 0x800, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x5}, @ETHTOOL_A_LINKINFO_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x3}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5}, @ETHTOOL_A_LINKINFO_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x6}]}, 0x98}, 0x1, 0x0, 0x0, 0x40008c4}, 0x8024)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r6, &(0x7f00000020c0)={&(0x7f0000002000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000002080)={&(0x7f0000002040)={0x38, 0x0, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x2095}, 0x44000)
fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000002100)=0x2)
sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f0000002200)={&(0x7f0000002140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000021c0)={&(0x7f0000002180)={0x2c, r4, 0x100, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2c}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x18}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0xa4541ef8890cc763}, 0x40000)
r7 = fsmount(0xffffffffffffffff, 0x1, 0x70)
syz_genetlink_get_family_id$tipc2(&(0x7f0000002240), r7)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000008, 0x2010, r8, 0xf571c000)

04:54:29 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan3\x00', <r1=>0x0})
sendmsg$NL802154_CMD_GET_INTERFACE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x48, 0x0, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40480d0}, 0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_NEW_INTERFACE(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x6c, 0x0, 0x20, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_EXTENDED_ADDR={0xc}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0xffffffffffffffff}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}, @NL802154_ATTR_IFTYPE={0x8}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan1\x00'}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x44, 0x0, 0x300, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x40c}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffff69}]}, @TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000010}, 0x800)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000400), r0)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r2)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, r4, 0x2, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20000004}, 0x20040050)
r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000005c0), r0)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r2, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x28, r5, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000780)={&(0x7f00000006c0), 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x34, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x101}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x20000844)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(r2, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x40, 0x0, 0x2, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa2}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x961d1c5feb7e725b}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x0)
clock_gettime(0x0, &(0x7f0000001840)={<r6=>0x0, <r7=>0x0})
recvmmsg$unix(r3, &(0x7f0000001780)=[{{&(0x7f0000000980), 0x6e, &(0x7f0000000e00)=[{&(0x7f0000000a00)=""/18, 0x12}, {&(0x7f0000000a40)=""/230, 0xe6}, {&(0x7f0000000b40)=""/201, 0xc9}, {&(0x7f0000000c40)=""/11, 0xb}, {&(0x7f0000000c80)=""/153, 0x99}, {&(0x7f0000000d40)=""/137, 0x89}], 0x6, &(0x7f0000000e80)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x100}}, {{&(0x7f0000000f80), 0x6e, &(0x7f0000001380)=[{&(0x7f0000001000)=""/222, 0xde}, {&(0x7f0000001100)=""/9, 0x9}, {&(0x7f0000001140)=""/157, 0x9d}, {&(0x7f0000001200)=""/156, 0x9c}, {&(0x7f00000012c0)=""/143, 0x8f}], 0x5, &(0x7f0000001400)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}, {{&(0x7f0000001480), 0x6e, &(0x7f0000001640)=[{&(0x7f0000001500)=""/71, 0x47}, {&(0x7f0000001580)=""/191, 0xbf}], 0x2, &(0x7f0000001680)=[@rights={{0x10}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [<r9=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe8}}], 0x3, 0x2100, &(0x7f0000001880)={r6, r7+60000000})
sendmsg$NL80211_CMD_DEL_MPATH(r8, &(0x7f00000019c0)={&(0x7f00000018c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001980)={&(0x7f0000001900)={0x58, 0x0, 0x300, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000008}, 0x10)
r10 = accept4$unix(r9, 0x0, &(0x7f0000001a00), 0x800)
getsockname(r10, &(0x7f0000001a40)=@hci, &(0x7f0000001ac0)=0x80)
sendmsg$IEEE802154_LIST_IFACE(r0, &(0x7f0000001c00)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001bc0)={&(0x7f0000001b80)={0x34, 0x0, 0x4, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x34}}, 0x20004080)

[   86.750416] audit: type=1400 audit(1763355269.812:7): avc:  denied  { execmem } for  pid=272 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   87.924869] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   87.926640] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   87.928291] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   87.931465] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   87.933657] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   87.984605] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   87.986653] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   87.988671] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   87.992981] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   87.995344] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   88.001088] ==================================================================
[   88.002216] BUG: KASAN: slab-use-after-free in hci_cmd_work+0x66d/0x6d0
[   88.003285] Read of size 2 at addr ffff88801e046df8 by task kworker/u11:2/291
[   88.006888] 
[   88.008229] CPU: 1 UID: 0 PID: 291 Comm: kworker/u11:2 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary) 
[   88.008260] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   88.008275] Workqueue: hci2 hci_cmd_work
[   88.008306] Call Trace:
[   88.008314]  <TASK>
[   88.008322]  dump_stack_lvl+0xca/0x120
[   88.008351]  print_report+0xcb/0x610
[   88.008379]  ? __virt_addr_valid+0x100/0x5d0
[   88.008405]  ? hci_cmd_work+0x66d/0x6d0
[   88.008433]  ? hci_cmd_work+0x66d/0x6d0
[   88.008462]  kasan_report+0xca/0x100
[   88.008490]  ? hci_cmd_work+0x66d/0x6d0
[   88.008521]  hci_cmd_work+0x66d/0x6d0
[   88.008551]  process_one_work+0x8e1/0x19c0
[   88.008589]  ? __pfx_process_one_work+0x10/0x10
[   88.008621]  ? move_linked_works+0x172/0x270
[   88.008646]  ? assign_work+0x196/0x240
[   88.008677]  worker_thread+0x67e/0xe90
[   88.008708]  ? trace_irq_enable.constprop.0+0xc2/0x100
[   88.008736]  ? __pfx_worker_thread+0x10/0x10
[   88.008769]  kthread+0x3c8/0x740
[   88.008797]  ? __pfx_kthread+0x10/0x10
[   88.008824]  ? ret_from_fork+0x79/0x7a0
[   88.008847]  ? lock_release+0xc8/0x290
[   88.008882]  ? __pfx_kthread+0x10/0x10
[   88.008911]  ret_from_fork+0x67a/0x7a0
[   88.008932]  ? __pfx_ret_from_fork+0x10/0x10
[   88.008956]  ? __switch_to+0x759/0x1060
[   88.008986]  ? __pfx_kthread+0x10/0x10
[   88.009015]  ret_from_fork_asm+0x1a/0x30
[   88.009052]  </TASK>
[   88.009060] 
[   88.030201] Allocated by task 283:
[   88.030755]  kasan_save_stack+0x24/0x50
[   88.031384]  kasan_save_track+0x14/0x30
[   88.032010]  __kasan_slab_alloc+0x59/0x70
[   88.032696]  kmem_cache_alloc_node_noprof+0x228/0x6b0
[   88.033512]  __alloc_skb+0x2ab/0x370
[   88.034121]  hci_cmd_sync_alloc+0x34/0x300
[   88.034792]  __hci_cmd_sync_sk+0xf7/0x5c0
[   88.035459]  __hci_cmd_sync_status_sk+0x4d/0x1a0
[   88.036262]  hci_cmd_sync_status+0x4c/0x70
[   88.036931]  hci_dev_cmd+0x4d5/0x980
[   88.037524]  hci_sock_ioctl+0x493/0x810
[   88.038153]  sock_do_ioctl+0xd1/0x240
[   88.038771]  sock_ioctl+0x40d/0x630
[   88.039352]  __x64_sys_ioctl+0x18f/0x210
[   88.039994]  do_syscall_64+0xbf/0x430
[   88.040635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.041455] 
[   88.041728] Freed by task 296:
[   88.042242]  kasan_save_stack+0x24/0x50
[   88.042873]  kasan_save_track+0x14/0x30
[   88.043500]  kasan_save_free_info+0x3a/0x60
[   88.044211]  __kasan_slab_free+0x43/0x70
[   88.044854]  kmem_cache_free+0x26f/0x500
[   88.045498]  kfree_skbmem+0x18a/0x1f0
[   88.046096]  sk_skb_reason_drop+0x10e/0x1b0
[   88.046775]  vhci_read+0x3d5/0x5d0
[   88.047343]  vfs_read+0x1eb/0xc70
[   88.047894]  ksys_read+0x121/0x240
[   88.048482]  do_syscall_64+0xbf/0x430
[   88.049091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.049886] 
[   88.050157] The buggy address belongs to the object at ffff88801e046dc0
[   88.050157]  which belongs to the cache skbuff_head_cache of size 232
[   88.052141] The buggy address is located 56 bytes inside of
[   88.052141]  freed 232-byte region [ffff88801e046dc0, ffff88801e046ea8)
[   88.053995] 
[   88.054267] The buggy address belongs to the physical page:
[   88.055141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e046
[   88.056411] flags: 0x100000000000000(node=0|zone=1)
[   88.057197] page_type: f5(slab)
[   88.057736] raw: 0100000000000000 ffff8880096c78c0 dead000000000100 dead000000000122
[   88.058926] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[   88.060133] page dumped because: kasan: bad access detected
[   88.061011] 
[   88.061282] Memory state around the buggy address:
[   88.062040]  ffff88801e046c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   88.063168]  ffff88801e046d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[   88.064328] >ffff88801e046d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   88.065446]                                                                 ^
[   88.066564]  ffff88801e046e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   88.067679]  ffff88801e046e80: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[   88.068814] ==================================================================
[   88.070109] Disabling lock debugging due to kernel taint
[   88.071084] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   88.086030] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   88.087478] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   88.088929] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   88.092244] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   88.095952] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   88.107803] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   88.108976] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   88.109888] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   88.115645] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   88.116479] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   88.123550] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   88.123603] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   88.124294] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   88.125468] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   88.126571] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   88.127305] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   88.128282] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   88.129075] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   88.131556] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   88.131674] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   88.133749] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   88.134757] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   88.136286] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   88.137400] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   88.139600] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   88.146697] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   88.150411] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   88.157325] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   88.158557] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   89.958678] Bluetooth: hci0: command tx timeout
[   90.151604] Bluetooth: hci2: command tx timeout
[   90.152405] Bluetooth: hci7: command tx timeout
[   90.213734] Bluetooth: hci5: command tx timeout
[   90.215309] Bluetooth: hci1: command tx timeout
[   90.216117] Bluetooth: hci4: command tx timeout
[   90.216251] Bluetooth: hci3: command tx timeout
[   90.277980] Bluetooth: hci6: command tx timeout
[   92.006579] Bluetooth: hci0: command tx timeout
[   92.198574] Bluetooth: hci7: command tx timeout
[   92.199403] Bluetooth: hci2: command tx timeout
[   92.261580] Bluetooth: hci3: command tx timeout
[   92.263950] Bluetooth: hci1: command tx timeout
[   92.264814] Bluetooth: hci4: command tx timeout
[   92.264837] Bluetooth: hci5: command tx timeout
[   92.325580] Bluetooth: hci6: command tx timeout
[   94.054785] Bluetooth: hci0: command tx timeout
[   94.245550] Bluetooth: hci2: command tx timeout
[   94.245563] Bluetooth: hci7: command tx timeout
[   94.309643] Bluetooth: hci1: command tx timeout
[   94.310089] Bluetooth: hci4: command tx timeout
[   94.310462] Bluetooth: hci5: command tx timeout
[   94.310531] Bluetooth: hci3: command tx timeout
[   94.374589] Bluetooth: hci6: command tx timeout
[   96.102558] Bluetooth: hci0: command tx timeout
[   96.293583] Bluetooth: hci7: command tx timeout
[   96.294573] Bluetooth: hci2: command tx timeout
[   96.357567] Bluetooth: hci5: command tx timeout
[   96.358049] Bluetooth: hci4: command tx timeout
[   96.358984] Bluetooth: hci1: command tx timeout
[   96.359273] Bluetooth: hci3: command tx timeout
[   96.423521] Bluetooth: hci6: command tx timeout

VM DIAGNOSIS:
04:54:31  Registers:
info registers vcpu 0
RAX=ffffffff88596101 RBX=ffff888009761bc0 RCX=0000000000000002 RDX=0000000000000001
RSI=0000000000000000 RDI=ffffffff85e1fd40 RBP=ffffffff85e1fd40 RSP=ffff88800977f150
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000002 R13=0000000000000000 R14=0000000000000000 R15=0000000000000002
RIP=ffffffff81527b9b RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e538f000 00000000 00000000
LDT=0000 fffffe2300000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f1bd89ef320 CR3=000000001ea0f000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=000000000000000041415843086f2fd4 XMM01=00000000000000003f847ae147ae147b
XMM02=00000000000000000000000000000000 XMM03=00000000000000003f73e45253bfa0a2
XMM04=000000c000082f00000000c000082d80 XMM05=000000c000000f00000000c000083080
XMM06=000000c000001500000000c000001080 XMM07=000000c000001800000000c000001680
XMM08=000000c000001c80000000c000001b00 XMM09=000000c000083800000000c000001e00
XMM10=000000c000083c80000000c000083980 XMM11=000000c000b42180000000c000083e00
XMM12=000000c000b42600000000c000b42300 XMM13=000000c0007c0480000000c0007c0300
XMM14=000000c000b42c00000000c000b42900 XMM15=000000c000b42f00000000c000b42d80
info registers vcpu 1
RAX=0000000000000000 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff8293dd05 RDI=ffffffff889747c0 RBP=ffffffff88974780 RSP=ffff8880138ef5f8
R8 =00000000ffffffff R9 =ffffed100271deb5 R10=0000000000000000 R11=000000003a555043
R12=0000000000000000 R13=ffffffff889747d0 R14=ffffffff88974780 R15=ffffffff88974a40
RIP=ffffffff8293dd5d RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e548f000 00000000 00000000
LDT=0000 fffffe4f00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f24ea7cdb60 CR3=000000000c557000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000ff000000ff00
XMM02=00000000000000310000000065636976 XMM03=79732f6563696c732e6d65747379732f
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=000055dd00afa9b0000055dd00bec400
XMM06=000055dd00afbae0000055dd00bef690 XMM07=00000000000000000000000000000000
XMM08=66656463626139383736353433323130 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000