syzkaller login: [ 57.057212] sshd (237) used greatest stack depth: 23712 bytes left [ 60.430414] systemd-udevd (124) used greatest stack depth: 22960 bytes left Warning: Permanently added '[localhost]:60167' (ECDSA) to the list of known hosts. 2025/01/21 02:33:12 fuzzer started 2025/01/21 02:33:12 dialing manager at localhost:44833 [ 62.448441] cgroup: Unknown subsys name 'net' [ 62.541847] cgroup: Unknown subsys name 'cpuset' [ 62.580902] cgroup: Unknown subsys name 'rlimit' [ 68.436294] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 79.811222] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/21 02:33:30 syscalls: 200 2025/01/21 02:33:30 code coverage: enabled 2025/01/21 02:33:30 comparison tracing: enabled 2025/01/21 02:33:30 extra coverage: enabled 2025/01/21 02:33:30 setuid sandbox: enabled 2025/01/21 02:33:30 namespace sandbox: enabled 2025/01/21 02:33:30 Android sandbox: enabled 2025/01/21 02:33:30 fault injection: enabled 2025/01/21 02:33:30 leak checking: enabled 2025/01/21 02:33:30 net packet injection: enabled 2025/01/21 02:33:30 net device setup: enabled 2025/01/21 02:33:30 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/21 02:33:30 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/21 02:33:30 USB emulation: enabled 2025/01/21 02:33:30 hci packet injection: enabled 2025/01/21 02:33:30 wifi device emulation: enabled 2025/01/21 02:33:30 802.15.4 emulation: enabled 2025/01/21 02:33:30 fetching corpus: 0, signal 0/0 (executing program) 2025/01/21 02:33:31 starting 8 fuzzer processes 02:33:31 executing program 0: ioctl$INCFS_IOC_CREATE_FILE(0xffffffffffffffff, 0xc058671e, &(0x7f0000000200)={{'\x00', 0x1}, {0xffffffff}, 0x2, 0x0, 0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)="378bd4ebe49a42f4b2c3319aef640fde2b86bb0d641b861f9b1805e450e9f322db33058379fb8aa63d43abd11dc3ef5b6933102b0e9265e54ee2bb00b0ff1571c9a4f2667aa5879c96d304ff01faac4d51269a0ba3b9badda89bec734827265af0fa85f02f731134c41ed7", 0x6b, 0x0, &(0x7f0000000100)={0x2, 0x7d, {0x1, 0xc, 0x10, "475fcfb528efa04b57b10d5cb5dfd4ea", 0x60, "5b17dfdb9f6ba65e69aae3bbe0e41a9cb5e21b4a8ba468e587324116e78a88ae65799c2ec07bd6c9fb65da7245cf22fc67c9b40fe4d1da395adf4d7b515944221a67ed737ba7a9101cdc97c040eae10c619f7d797522f69ba43b8daa7e890011"}, 0x5e, "92af63278a98cb03fc9f2a8f580c39b401781f1509421cae3c796b36ad93434b65d2a3f57242d24002814c51fbdcb6857a1191cbbadf3d2c2dcf9a324104373d02c497e61370386ca4100d0ad98fe6856605f99cc3b002cfbcaffd07b977"}, 0xe7}) bind(0xffffffffffffffff, &(0x7f0000000280)=@ll={0x11, 0x16, 0x0, 0x1, 0x2, 0x6, @remote}, 0x80) io_uring_setup(0x779, &(0x7f0000000300)={0x0, 0x29a5, 0x20, 0x0, 0x388}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004804}, 0x1) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000500), r1) sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x24, r2, 0x800, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x24}}, 0x80) r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000640), r1) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x24, r3, 0x2, 0x70bd2c, 0x8, {}, [@FOU_ATTR_IPPROTO={0x5, 0x3, 0x87}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f00000008c0)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000780)={0x100, 0x7, 0xa, 0x5, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_RULE_USERDATA={0xd8, 0x7, 0x1, 0x0, "5d7670fbcacfae287235c0c2e7a842fda878254b9bc20569092fd93d9ba7c2a302a361b081f72cee029b4da857703ada82d5392980688e686527d3b130034d22afdeb5063c882445ab24bc425b3fca376882d07bd1b97d7493680d619a6841aeb6c82a10ddf46858be534d92ae07fdd6da3a5f2664b6d0bc7376dd592972c33e2c13d6d21d2b74d046753d4145883aa9b426f818ba8d98031e372a623d3151ea16da1f42c69cfff04cf54bc1fa232d22a9d17a822f883f36a0d3540adecc05e9ca1110c6814e9d67b30dbeca3ba9a2588ca5e501"}]}, 0x100}, 0x1, 0x0, 0x0, 0x4000041}, 0x4040004) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000900)={0x81, 0x2, 0x0, 0x1}, 0x10) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) getpeername$netlink(r4, &(0x7f0000000940), &(0x7f0000000980)=0xc) sendmsg$OSF_MSG_REMOVE(r4, &(0x7f0000001880)={&(0x7f00000009c0), 0xc, &(0x7f0000001840)={&(0x7f0000000a00)={0xe0c, 0x1, 0x5, 0x101, 0x0, 0x0, {0x1, 0x0, 0x1}, [{{0x254, 0x1, {{0x3, 0x3b}, 0x4, 0x6, 0x1, 0x1, 0x20, 'syz0\x00', "c1cb9e0a99c2c6a94a591469bc524b1285b02c3520f18f3045f307fb33951f4c", "9a32c5ac09ba58183b23a5e246868f6c4601888cf1f64d7f1cb7a86e34c62961", [{0x7f, 0xff7f, {0x1}}, {0x63, 0x5, {0x2, 0x2}}, {0x100, 0xee10, {0x3, 0x80000001}}, {0xf97, 0x2, {0x3, 0x6}}, {0x2, 0x2000, {0x3, 0x5}}, {0xcd6e, 0xfe3, {0x0, 0xfffffff8}}, {0x61, 0x9, {0x2, 0xfffffffa}}, {0x1828, 0xc3cf, {0x1, 0x100}}, {0x6, 0x3, {0x1, 0x2}}, {0xe000, 0x8, {0x2, 0x4}}, {0x8, 0x6, {0x0, 0x3}}, {0xfff9, 0x1, {0x2, 0x5}}, {0x9cb6, 0x3f, {0x0, 0x4}}, {0x9, 0x7, {0x2, 0xf34}}, {0x1, 0x8, {0x2, 0x7}}, {0x1ff, 0x8dc, {0x3, 0x9}}, {0x9, 0x4, {0x1, 0x9}}, {0x5, 0x9aa6, {0x1, 0x2}}, {0xe1c, 0x8, {0x2, 0x4}}, {0x83f, 0xfbff, {0x3}}, {0xcf, 0x101, {0x0, 0xffffffff}}, {0x1, 0x240, {0x2, 0x3}}, {0x8001, 0x11e, {0x2, 0x9}}, {0x6, 0x0, {0x0, 0x9}}, {0x3, 0x80, {0x3, 0x40d}}, {0x9e1a, 0x1, {0x0, 0x4}}, {0x8, 0x40, {0x3, 0x800}}, {0x401, 0x2, {0x3, 0xffffffff}}, {0x2, 0x4e10, {0x3, 0xffffffff}}, {0x2, 0xb2, {0x2, 0x3}}, {0x42ae, 0x0, {0x2, 0xfffffe01}}, {0xb, 0xb5e8, {0x2, 0x81}}, {0x8, 0x40, {0x2, 0xee}}, {0x7fff, 0x8001, {0x0, 0x6}}, {0xffc0, 0x8, {0x2, 0x9}}, {0x7, 0xc, {0x3, 0x10000}}, {0x6, 0x2, {0x1, 0x4}}, {0xfff, 0xe7f, {0x2, 0x9}}, {0xc1, 0x8, {0x3, 0x81}}, {0x4a, 0xffff, {0x1, 0x81}}]}}}, {{0x254, 0x1, {{0x1, 0x7f}, 0xc1, 0x40, 0x3f, 0x4a2c, 0x7, 'syz1\x00', "0bcd06906c64e964867ad7cc72d1aefdc422b3c522e75917a76f55690a76913b", "495710f272d40a96f187fb6df81ee4d2e115b5947882b868b3e56c94dbf5a6e5", [{0xffff, 0x9, {0x2, 0xfa00}}, {0x7, 0x8000, {0x3}}, {0x8001, 0x1, {0x0, 0x10000}}, {0x7c, 0x81, {0x1, 0x401}}, {0x5, 0x8001, {0x1}}, {0x4, 0x101, {0x0, 0x3f}}, {0x401, 0x1, {0x1, 0x1}}, {0xc4b2, 0x3, {0x1, 0x9}}, {0x1ff, 0x1, {0x2, 0x7}}, {0x7ff, 0xeb, {0x2, 0x40}}, {0x4, 0x9, {0x1, 0x1}}, {0x8000, 0xfc, {0x3, 0xe470}}, {0x1, 0x101, {0x0, 0x3ff}}, {0x8, 0x9b, {0x3, 0x3ff}}, {0xd0, 0x7f, {0x3, 0x9}}, {0x7fff, 0x4, {0x3, 0xfffffff7}}, {0x5, 0x100, {0x2, 0x1d}}, {0x2caf, 0x0, {0x2, 0x1}}, {0x9, 0x1ff, {0x2, 0x5}}, {0xd6aa, 0x1618, {0x3, 0x4}}, {0x800, 0x4, {0x1}}, {0x1, 0x5, {0x1, 0xcc31}}, {0xa9b8, 0x5, {0x1, 0x101}}, {0x101, 0x7, {0x3, 0x101}}, {0x5c5d, 0x7, {0x3, 0xdf01}}, {0x7ff, 0x5, {0x2, 0x9}}, {0x1, 0xa00, {0x0, 0x9}}, {0x4, 0xde, {0x0, 0x401}}, {0x20, 0x2, {0x1, 0x7}}, {0xbe42, 0x7fff, {0x2, 0x100}}, {0x1181, 0x3ff, {0x1, 0xfffffff9}}, {0x49, 0x2acc, {0x3, 0xffffffff}}, {0x8, 0x7, {0x0, 0x1}}, {0x100, 0xfffe, {0x1, 0x20}}, {0x2, 0xe4, {0x2, 0x7}}, {0x7, 0x7fff, {0x1, 0x3}}, {0x0, 0x0, {0x3, 0x4}}, {0x1000, 0x8000, {0x1}}, {0x20, 0x5, {0x1, 0xee}}, {0xefa, 0x1, {0x1, 0x9}}]}}}, {{0x254, 0x1, {{0x2}, 0x8, 0xc9, 0x2, 0xe2, 0x7, 'syz0\x00', "24cb96b06ce82a922d21ab0d09646e18eb134d626d7bb1d72073411b516fac50", "53a57a6b5697322532b2b7c58ddc29072bc0ca5a9c97d5fb75ce18abdbde06cc", [{0x0, 0x8000, {0x2, 0x7f2}}, {0x0, 0x941f, {0x2, 0x4}}, {0x2a63, 0xca, {0x3}}, {0x0, 0x6, {0x0, 0x3ff}}, {0x101, 0x400, {0x3, 0xfff}}, {0x8, 0x4, {0x3, 0x1f}}, {0x4, 0x0, {0x2, 0x1}}, {0x3, 0x1, {0x1, 0x3ff}}, {0x5, 0xfff, {0x3, 0x8}}, {0x81, 0x0, {0x3, 0x7}}, {0x2, 0x7ff, {0x2, 0xc7}}, {0x1000, 0x2, {0x3, 0x4}}, {0xfff8, 0x6, {0x3, 0x9}}, {0xe23d, 0x6, {0x2, 0x3}}, {0x68e4, 0x1, {0x2, 0x5}}, {0x0, 0xff, {0x2, 0x5}}, {0x1, 0x4, {0x0, 0x4}}, {0x7, 0x8, {0x2, 0x85c}}, {0x800, 0x8000, {0x1}}, {0x2, 0x6, {0x1, 0x3}}, {0x6, 0x100, {0x1, 0x9}}, {0x1ff, 0x20, {0x3, 0x1}}, {0x4e, 0x6}, {0x5, 0x9, {0x3, 0x7d}}, {0xc3, 0x7ff, {0x3, 0x4}}, {0x8001, 0x6, {0x1, 0x6}}, {0xd4, 0xfffc, {0x1, 0x6}}, {0x4, 0x3ff, {0x0, 0x2}}, {0xbd, 0xe6, {0x0, 0x2}}, {0x100, 0x5, {0x3, 0x3}}, {0x81, 0x7, {0x1, 0x90}}, {0x1, 0x0, {0x0, 0x8000}}, {0x4, 0x2, {0x1, 0x943}}, {0x101, 0x6, {0x2, 0x3f}}, {0x9, 0x2, {0x0, 0x8}}, {0x8, 0x6, {0x2, 0x5}}, {0x4, 0x5, {0x3}}, {0x4, 0x7f, {0x0, 0x800}}, {0x401, 0x1, {0x2}}, {0x101, 0xf49e, {0x3, 0x7}}]}}}, {{0x254, 0x1, {{0x1}, 0x0, 0x1, 0x7fff, 0x7, 0x22, 'syz0\x00', "0c9862af69422036fe46011b6c667948906bbae925e6ed93bb54b293f5385125", "4d59543ac8ceacef858364e49e40455008a31ff0c3d55defd99cf8a25b77101d", [{0x57, 0x8, {0x0, 0x4}}, {0x7, 0x401, {0x3, 0x79}}, {0x5, 0x2}, {0x9, 0x81, {0x0, 0xe1}}, {0x101, 0x20, {0x0, 0x6}}, {0xf000, 0x3, {0x3, 0x3}}, {0x0, 0x400, {0x2, 0xffff}}, {0xc18, 0x9, {0x0, 0x8}}, {0x0, 0x1, {0x1, 0x9}}, {0x5, 0x4, {0x1, 0x60}}, {0x3, 0x400, {0x0, 0x7}}, {0x3, 0xb525, {0x2, 0x3d50}}, {0x3, 0x401, {0x1, 0x6}}, {0x3f, 0x4, {0x2, 0x63b}}, {0x81, 0x7, {0x1, 0x2706}}, {0x3ff, 0xfffc, {0x3, 0x1ff}}, {0x56, 0x1, {0x1, 0x5}}, {0x9, 0x46f1, {0x0, 0x6}}, {0x3, 0x7, {0x2, 0x7f}}, {0x80, 0xc6bc, {0x1, 0x44ec}}, {0x2ecb, 0x4, {0x3, 0x1}}, {0x1, 0x5, {0x3, 0x4}}, {0x0, 0x400, {0x0, 0x9}}, {0x4, 0x3, {0x2, 0x7fff}}, {0x80, 0x5, {0x1, 0x9}}, {0xfff, 0x8, {0x0, 0xc9}}, {0x20, 0xb1, {0x1, 0x30000000}}, {0x3, 0x1, {0x7, 0x1}}, {0x6, 0x4, {0x2, 0x6}}, {0x2, 0x5, {0x2, 0xfffffff7}}, {0x1ff, 0x800, {0x3, 0x8}}, {0x9, 0x7e0, {0x1, 0x8}}, {0xfff, 0x0, {0x1, 0x3}}, {0x6, 0x3, {0x2, 0x8}}, {0xff73, 0x8000, {0x0, 0x1000}}, {0x100, 0x8000, {0x0, 0x7}}, {0xfff9, 0x9, {0x0, 0x200}}, {0x4, 0x3, {0x3, 0x400}}, {0x1, 0x488b, {0x0, 0x7}}, {0x3, 0x5, {0x0, 0xacb6}}]}}}, {{0x254, 0x1, {{0x1, 0x3ff}, 0x20, 0x5, 0x8, 0x5, 0x21, 'syz0\x00', "4d6cb552e83c34f6926a27041c08ec1bc8153bceef5c326510e0459d9acf3afd", "53336b3d15a586046dea23b92c5becd34f2e332388a1de26a4e4b80c91fe5237", [{0x7fff, 0xffff, {0x2, 0x2}}, {0x0, 0x151, {0x0, 0x5}}, {0xfffb, 0x7ff, {0x1, 0x40}}, {0x3, 0x942b, {0x2, 0x2}}, {0x8, 0x6, {0x0, 0x72cc46ac}}, {0xfffe, 0x1, {0x3, 0x4}}, {0x880, 0x81, {0x1, 0x4}}, {0x6, 0x81, {0x3, 0x4}}, {0x5, 0xffff, {0x1, 0x3}}, {0x0, 0x3ff, {0x3, 0xfffff801}}, {0x42, 0x2, {0x1, 0x7f}}, {0x7e96, 0x3, {0x1, 0x1f8000}}, {0xe05, 0x1, {0x3, 0xfffffff7}}, {0x7, 0x7, {0x3, 0x3ff}}, {0xd2e4, 0x8, {0x2, 0x79}}, {0x5, 0x7f, {0x2, 0xfffffffc}}, {0x80, 0x9, {0x3, 0x5}}, {0x1, 0x401, {0x1, 0x5}}, {0x2, 0x2, {0x2, 0x7}}, {0x4, 0x7, {0x1, 0x401}}, {0x8, 0x0, {0x2, 0xfff}}, {0x101, 0x8001, {0x2, 0x6}}, {0x800, 0xffff, {0x1, 0x928}}, {0x1f, 0x74e, {0x2, 0x8}}, {0x4, 0x3, {0x3, 0x6}}, {0x0, 0x5a9, {0x1, 0x6}}, {0x5, 0x4, {0x2, 0x9}}, {0x5, 0x5, {0x2, 0x7}}, {0x4, 0x1, {0x3, 0x6}}, {0x7, 0x9, {0x3, 0x5}}, {0x9, 0x0, {0x0, 0x7ff}}, {0x1, 0x4, {0x1, 0x7f}}, {0x7, 0x710, {0x0, 0x3ff}}, {0x8, 0x2, {0x0, 0x7}}, {0x4, 0x401, {0x3, 0x28860913}}, {0x5, 0x8, {0x2, 0x40}}, {0x9, 0x3, {0x2, 0xfff}}, {0x8, 0x101, {0x1}}, {0x200, 0x6, {0x3, 0x1000}}, {0x3, 0x100, {0x2, 0x7}}]}}}, {{0x254, 0x1, {{0x2, 0x4}, 0x3, 0x9, 0x8, 0x40, 0x20, 'syz1\x00', "872c50323b75e6cdb7327bd67bbe71887a3ab87db51f18f65a368e4623081362", "1d9ab28aeb0410418a7abbed4e8fe7c149f3aa2f500d9308a40afc37d97f84c9", [{0x4, 0x800}, {0x401, 0x5, {0x3, 0x80000001}}, {0x1, 0x200, {0x2, 0x80000001}}, {0x7fff, 0xb180, {0x1, 0x15}}, {0x7, 0xfff, {0x3, 0x8a3}}, {0x53, 0x5, {0x3, 0x7}}, {0x7f, 0xfff8, {0x3, 0x9}}, {0x3, 0x1, {0x1, 0x5}}, {0x8, 0xffff, {0x1, 0x7fffffff}}, {0x94, 0x200, {0x2, 0x9}}, {0x8, 0x3, {0x2, 0x11}}, {0x9, 0xfffd, {0x2, 0x4}}, {0x2, 0x8, {0x2, 0x7}}, {0x8, 0x4, {0x1, 0x80}}, {0x8, 0x2, {0x3, 0xb805}}, {0xf800, 0x7, {0x2, 0x100}}, {0xff, 0x1, {0x1, 0x173f}}, {0x4, 0xfffd, {0x0, 0x6}}, {0x2, 0x2, {0x0, 0x191}}, {0x0, 0xfffd, {0x3, 0xf3}}, {0x9, 0x0, {0x3, 0xff}}, {0x1, 0x5, {0x2}}, {0x8, 0x80, {0x3, 0x81}}, {0x100, 0x1, {0x2, 0x3}}, {0x9, 0x20, {0x2, 0x4}}, {0x1, 0xa97b, {0x0, 0x7}}, {0x40, 0xffff, {0x3, 0x6}}, {0x2, 0x8, {0x0, 0x81}}, {0x7, 0x8, {0x2, 0x3f}}, {0xbf22, 0x3f}, {0x3e6, 0x1800, {0x0, 0x6}}, {0x6, 0x200, {0x0, 0xe0000000}}, {0xbaa, 0xff, {0x0, 0x10000}}, {0x1ff, 0x101, {0x2, 0x2}}, {0x2, 0x6a, {0x0, 0x7fff}}, {0x9, 0xfff, {0x2, 0xe2}}, {0xfffe, 0xffff, {0x0, 0xc6b}}, {0x1, 0x1000, {0x2}}, {0x0, 0x2, {0x3, 0x400}}, {0x6, 0x1, {0x1, 0x1}}]}}}]}, 0xe0c}, 0x1, 0x0, 0x0, 0x280c8}, 0x4008000) syz_io_uring_submit(0x0, 0x0, &(0x7f00000018c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xdc8) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r1, &(0x7f00000019c0)={&(0x7f0000001900)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001980)={&(0x7f0000001940)={0x28, r2, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) r5 = socket(0x1, 0x4, 0x10000) ioctl$SIOCGSTAMPNS(r5, 0x8907, &(0x7f0000001a00)) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r6, &(0x7f0000001b40)={&(0x7f0000001a40)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001b00)={&(0x7f0000001a80)={0x4c, r2, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7f}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x39e}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x511}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x10000}, @BATADV_ATTR_VLANID={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x4) 02:33:31 executing program 2: sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20048014}, 0x45) sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x5c, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000240), 0xffffffffffffffff) r0 = syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'batadv_slave_0\x00', 0x0}) sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r0, 0x300, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x24004004}, 0x4040000) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000400), 0xffffffffffffffff) r2 = socket$netlink(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETFLOWTABLE(r2, &(0x7f00000006c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000680)={&(0x7f0000000480)={0x1e8, 0x17, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_FLOWTABLE_HOOK={0x144, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x68, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_to_batadv\x00'}, {0x14, 0x1, 'vlan1\x00'}, {0x14, 0x1, 'ip6gre0\x00'}, {0x14}, {0x14, 0x1, 'virt_wifi0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'caif0\x00'}, {0x14, 0x1, 'wg1\x00'}, {0x14, 0x1, 'ip6erspan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ipvlan0\x00'}, {0x14, 0x1, 'ipvlan1\x00'}, {0x14, 0x1, 'batadv0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'virt_wifi0\x00'}, {0x14, 0x1, 'team_slave_1\x00'}, {0x14, 0x1, 'bond_slave_0\x00'}]}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HOOK={0x64, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip6gre0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'xfrm0\x00'}, {0x14, 0x1, 'dummy0\x00'}, {0x14, 0x1, 'veth0_to_batadv\x00'}]}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_FLAGS={0x8}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x8080}, 0x24004084) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x34, r0, 0x8, 0x200, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x6}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x9}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004}, 0x4040884) socket$inet_udp(0x2, 0x2, 0x0) pipe(&(0x7f0000000800)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$IPSET_CMD_GET_BYNAME(r4, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x1c, 0xe, 0x6, 0x0, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40090}, 0x20004000) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000980), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_REMOVE(r5, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x3c, r6, 0x320, 0x70bd2b, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) get_thread_area(&(0x7f0000000a80)={0x7ff, 0x0, 0x1000, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1}) r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000b00), r2) sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x1c, r7, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xfe}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24010800}, 0x40081) sendmsg$BATADV_CMD_SET_VLAN(r4, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x3c, 0x0, 0x10, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xffffffff}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40004}, 0x4040) 02:33:31 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x100, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000880}, 0x24008014) sendmsg$OSF_MSG_REMOVE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000140)={0x268, 0x1, 0x5, 0x801, 0x0, 0x0, {0xc, 0x0, 0x1}, [{{0x254, 0x1, {{0x0, 0x7}, 0x2, 0xe2, 0x8, 0x1, 0x5, 'syz0\x00', "e02b7a0eb75f13fef3f08b6fe82a6ff8ed00d7212a4a4ed1558c4698f7bad85b", "c6c66319a383519ee534b30b8b3ccb264903dbff7246f5f5a27a18c139966385", [{0x3, 0x5, {0x0, 0x7fff}}, {0x7, 0x7, {0x0, 0x783}}, {0x7, 0x2, {0x2, 0x1}}, {0x1, 0x9, {0x1}}, {0x7, 0x6, {0x0, 0x1f}}, {0x3, 0x400, {0x1, 0x401}}, {0x1, 0x1, {0x0, 0x1f}}, {0x3, 0x515, {0x2, 0x898}}, {0x8, 0x9, {0x0, 0x3}}, {0x5, 0x1, {0x2, 0x9}}, {0x3, 0xff8a, {0x1, 0x8}}, {0x20, 0xffff, {0x3, 0x4db3}}, {0x40, 0x2, {0x2, 0x8}}, {0x7, 0x7ff, {0x0, 0x7f}}, {0x400, 0xaa66, {0x2, 0x20}}, {0x850, 0x5, {0x0, 0x9}}, {0x206, 0x7ff, {0x0, 0x10000}}, {0x3f, 0x1000, {0x1, 0x20000000}}, {0x81, 0xe6d9, {0x3}}, {0x3, 0x2, {0x1, 0x5}}, {0x1, 0x92, {0x0, 0xfde9}}, {0x2, 0x15, {0x0, 0x200}}, {0xa9c2, 0x9, {0x0, 0x3}}, {0x6, 0x30b0, {0x3, 0x3}}, {0x6, 0x8, {0x3, 0x10000}}, {0x4, 0x8, {0x1, 0x9}}, {0x7, 0x3, {0x3, 0x6}}, {0x11e, 0x9, {0x0, 0x3f}}, {0x3, 0x9, {0x0, 0x8000}}, {0x7, 0xc9f, {0x1, 0x4}}, {0x7fff, 0x8, {0x3, 0x2}}, {0x7, 0x20, {0x1, 0x9}}, {0x1f, 0xe0, {0x0, 0x3383}}, {0x5, 0x7ff, {0x2, 0x2}}, {0xf000, 0x0, {0x3, 0x4}}, {0x3ff, 0x1f, {0x2, 0x2635}}, {0x1, 0x5, {0x1, 0x31a}}, {0x0, 0x3, {0x2, 0x2}}, {0x80, 0x3, {0x3, 0x7}}, {0xfff, 0x8, {0x1, 0x40}}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000000) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, 0x0, 0x10, 0x9, 0x25dfdbfc, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4048000) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000580), r0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000680)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x4c, r1, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1f}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x10000}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x41}, 0x20040800) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x2c, r1, 0x400, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40001}, 0x8100) r2 = accept(r0, &(0x7f00000007c0)=@l2={0x1f, 0x0, @fixed}, &(0x7f0000000840)=0x80) sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x50, 0x0, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'wg2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'ip_vti0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x4000) sendmsg$NFT_MSG_GETFLOWTABLE(r2, &(0x7f0000000a80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x4000400}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x40, 0x17, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000011}, 0x1) syz_genetlink_get_family_id$fou(&(0x7f0000000ac0), r0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r2, 0x89fb, &(0x7f0000000bc0)={'ip6_vti0\x00', &(0x7f0000000b40)={'syztnl1\x00', 0x0, 0x29, 0x3, 0x8, 0x1, 0x46, @rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @empty}, 0x1, 0x40, 0x5}}) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000cc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c00)={0x64, r1, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x20}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xf9}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x6b}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x80000001}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000810}, 0x20040840) r4 = socket(0x27, 0xa, 0x40) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r4, 0x89f8, &(0x7f0000000d80)={'ip6_vti0\x00', &(0x7f0000000d00)={'sit0\x00', r3, 0x2f, 0x3, 0xb9, 0x8, 0x17, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x1, 0x8, 0x4800000, 0x1}}) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e00)={0x4c, r1, 0x400, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x81}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x200000a0}, 0x10000) r5 = accept4(r2, &(0x7f0000000f00)=@un=@abs, &(0x7f0000000f80)=0x80, 0x180000) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r5, &(0x7f0000001080)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001040)={&(0x7f0000001000)={0x1c, r1, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xc7}]}, 0x1c}}, 0x4000) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000001100), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f00000011c0)={&(0x7f00000010c0), 0xc, &(0x7f0000001180)={&(0x7f0000001140)={0x24, r6, 0xa11, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000080}, 0x8004) 02:33:31 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x401, 0xc0, 0x7, 0x1ff}, {0x4, 0x6, 0xe6, 0x8}]}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000080)={0x0, 0x0, 0x3}) ioctl$BTRFS_IOC_WAIT_SYNC(r0, 0x40089416, &(0x7f00000000c0)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000180)={r1, 0x0, r0, 0x1}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000001c0)={0x0}) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{0x38f, 0x4, 0x1, 0x1f}, {0x5, 0x7, 0x80, 0x7}, {0x3c7f, 0x8, 0x63, 0x401}]}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f00000002c0)={r2, 0x2, r3, 0xe930}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000300)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000380)={r4, 0x1, r0, 0x8000}) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, 0x0, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40050}, 0x2400c000) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f00000004c0)={r1, 0x0, r3, 0x16056000, 0x80000}) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000540)={r2, 0x1, r6, 0x9}) sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x5, 0x0, 0x9}, [@NFQA_CFG_MASK={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x20008004) r7 = socket$netlink(0x10, 0x3, 0xe) sendmsg$NFT_MSG_GETRULE(r7, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x28, 0x7, 0xa, 0x801, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r0, 0x40082102, &(0x7f0000000780)=r1) ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000880)={0x0, 0x9e1, 0x4}) 02:33:31 executing program 4: semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000000000)=""/77) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) semtimedop(0xffffffffffffffff, &(0x7f0000000080)=[{0x4, 0xf27, 0x1000}, {0x3, 0xc03, 0x800}, {0x2, 0x3, 0x1000}, {0x2, 0xfff, 0x1000}], 0x4, &(0x7f0000000100)={r0, r1+60000000}) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) io_getevents(0x0, 0x3, 0x6, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000240)={r2, r3+60000000}) setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000280), 0x4) clock_getres(0x7, &(0x7f00000002c0)) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x34, r4, 0x300, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x4}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x401}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xfffffff7}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040840}, 0x0) clock_getres(0x3, &(0x7f0000000440)) io_setup(0x2, &(0x7f0000000480)=0x0) io_pgetevents(r5, 0x200, 0x6, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}], 0x0, &(0x7f00000005c0)={&(0x7f0000000580)={[0x3]}, 0x8}) clock_getres(0x1, &(0x7f0000000600)) sched_rr_get_interval(0x0, &(0x7f0000000640)) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), r6) io_destroy(r5) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f00000006c0), 0x60002, 0x0) ioctl$LOOP_SET_STATUS(r7, 0x4c02, &(0x7f0000000700)={0x0, {}, 0x0, {}, 0x4, 0xa, 0x1a, 0x46f3613476b13dbf, "70e280acd8549b7c0ea353caba994d35912e1dd54c4dd39cd37af738b2a42aacc9f566777a1c403bf379ae1404353a2dc27605c648c5fe2626b6acd1edd15212", "072a4b6fa5b76e8271d98eedf83ea30f73a928ae9d3b0903aa51184962954e37", [0x3, 0xd2]}) [ 81.549702] audit: type=1400 audit(1737426811.935:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 02:33:32 executing program 5: ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000000)={0x0, 0x0}) sched_rr_get_interval(r0, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) io_pgetevents(0x0, 0x20, 0x4, &(0x7f00000000c0)=[{}, {}, {}, {}], &(0x7f0000000180)={r1, r2+10000000}, 0x0) r3 = syz_io_uring_setup(0x560e, &(0x7f00000001c0)={0x0, 0xccd2, 0x20, 0x0, 0xec}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x7000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(0x0, r5, &(0x7f00000002c0)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2, 0x2004, @fd_index=0x5, 0x1, 0x0, 0x0, 0x3, 0x1, {0x1}}, 0x3) clock_gettime(0x5, &(0x7f0000000300)) r6 = syz_io_uring_setup(0x3958, &(0x7f0000000340)={0x0, 0xbcd3, 0x0, 0x2, 0xf5}, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000003c0), &(0x7f0000000400)=0x0) syz_io_uring_submit(r4, r7, &(0x7f0000000440)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ff6000/0x4000)=nil, 0x4000, 0x9}, 0x8) r8 = semget(0x3, 0x2, 0xb0) semtimedop(r8, &(0x7f0000000480)=[{0x4, 0x1, 0x400}, {0x2, 0x8, 0x1000}, {0x2, 0x8, 0x1800}], 0x3, &(0x7f00000004c0)={0x0, 0x3938700}) socket(0x1e, 0x5, 0x400) r9 = semget(0x1, 0x4, 0x0) semctl$GETVAL(r9, 0x4, 0xc, &(0x7f0000000500)=""/216) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000600)='./cgroup/syz0\x00', 0x200002, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) io_getevents(0x0, 0x1, 0x5, &(0x7f0000000640)=[{}, {}, {}, {}, {}], &(0x7f0000000700)={0x77359400}) r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x4010, r3, 0x0) syz_io_uring_setup(0x496b, &(0x7f0000000740)={0x0, 0x6610, 0x0, 0x0, 0xa, 0x0, r3}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000007c0), &(0x7f0000000800)=0x0) syz_io_uring_submit(r10, r11, &(0x7f0000000840)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd=r6, 0xfffffffeffffffff, 0x0, 0x200, 0x4, 0x1}, 0x6) 02:33:32 executing program 7: sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x400}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x9}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x10) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r0, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x4000880) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x38, r1, 0x2, 0x70bd2a, 0x25dfdbfe, {}, [@HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x40010) r2 = accept(0xffffffffffffffff, &(0x7f0000000380)=@alg, &(0x7f0000000400)=0x80) setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000440)=0x1, 0x4) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_VLAN(r2, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x2c, r3, 0x8, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xffffffff}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x240000c1) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000600), r2) sendmsg$SMC_PNETID_DEL(r2, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x28, r4, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0xc00c040) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000740), r2) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x34, r5, 0x400, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x48800) sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x28, r4, 0x200, 0x70bd26, 0x25dfdbff, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x20000810) r6 = timerfd_create(0x2, 0x400) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r6, 0x81f8943c, &(0x7f0000000940)) r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000b80), r2) sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f0000000c40)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x20, r7, 0x7644b92521324c0d, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}]}, 0x20}}, 0x8051) syz_io_uring_setup(0x1729, &(0x7f0000000c80)={0x0, 0x29d1, 0x4, 0x0, 0x27b}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000d00), &(0x7f0000000d40)=0x0) syz_io_uring_submit(0x0, r8, &(0x7f0000000d80)=@IORING_OP_MADVISE={0x19, 0x3, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xb}, 0x2) 02:33:32 executing program 6: sendmsg$NLBL_CALIPSO_C_ADD(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x5c, 0x0, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4480}, 0x4040000) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x200, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x240080d6}, 0x4000000) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x9}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20048040}, 0x4814) sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, 0x0, 0x8, 0x70bd27, 0x25dfdbfe, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004004}, 0x0) r0 = accept$packet(0xffffffffffffffff, &(0x7f0000000480)={0x11, 0x0, 0x0}, &(0x7f00000004c0)=0x14) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x64, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7f}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x89}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xfffffffb}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x7376}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x64}, 0x1, 0x0, 0x0, 0x801}, 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TYPE(r2, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x24, 0xd, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0x7}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x10) ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000700)) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000780)={'batadv_slave_0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x40000100}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x34, 0x0, 0x100, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xffff}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xff}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4000010) r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000008c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x3c, r4, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x2}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x80}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008805}, 0x4000000) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x68, r4, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xff}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x17}}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @link_local}]}, 0x68}, 0x1, 0x0, 0x0, 0x4004}, 0x20040000) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000cc0)={'batadv_slave_0\x00', 0x0}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000d80)={'syztnl0\x00', &(0x7f0000000d00)={'gre0\x00', r1, 0x10, 0x8, 0x80000000, 0x81, {{0x14, 0x4, 0x1, 0x2, 0x50, 0x65, 0x0, 0x3, 0x4, 0x0, @rand_addr=0x64010100, @multicast1, {[@ssrr={0x89, 0xb, 0x81, [@empty, @dev={0xac, 0x14, 0x14, 0x30}]}, @cipso={0x86, 0x30, 0x2, [{0x1, 0xb, "dd8caa3c19eade4435"}, {0x5, 0x2}, {0x7, 0xd, "36b6253372186f38a9f135"}, {0x6, 0x10, "b199933b950b18cd627df4e38c7c"}]}]}}}}}) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000ec0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000e80)={&(0x7f0000000dc0)={0xb8, 0x0, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20004094}, 0x800) r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000f40), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000001040)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001000)={&(0x7f0000000f80)={0x58, r7, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vcan0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4008000}, 0x4885) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000001100)={'ip6gre0\x00', &(0x7f0000001080)={'syztnl2\x00', r1, 0x0, 0x4, 0xff, 0x4, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x5}}, 0x7, 0x700, 0x3, 0x453}}) [ 82.993631] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.000105] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 83.001743] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.005688] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.009730] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.011056] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 83.013434] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 83.020904] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 83.024794] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 83.026892] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.027981] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 83.032264] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 83.037220] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 83.037731] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 83.040781] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.045428] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 83.066806] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 83.067161] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.074153] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 83.077155] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 83.079114] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 83.084507] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.084565] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 83.089679] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.104496] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 83.131496] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 83.135738] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 83.135953] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 83.139111] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 83.140639] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 83.142787] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 83.145279] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 83.162497] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 83.166220] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 83.176693] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 83.187092] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 83.192656] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 83.195525] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 83.200069] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 83.205376] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 83.207120] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 83.207968] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 83.213157] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 83.213697] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 83.217757] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 83.240184] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 83.263715] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 83.279100] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 85.077416] Bluetooth: hci0: command tx timeout [ 85.139835] Bluetooth: hci1: command tx timeout [ 85.203398] Bluetooth: hci2: command tx timeout [ 85.204423] Bluetooth: hci3: command tx timeout [ 85.268426] Bluetooth: hci4: command tx timeout [ 85.331415] Bluetooth: hci5: command tx timeout [ 85.331708] Bluetooth: hci6: command tx timeout [ 85.396046] Bluetooth: hci7: command tx timeout [ 87.125045] Bluetooth: hci0: command tx timeout [ 87.187482] Bluetooth: hci1: command tx timeout [ 87.251642] Bluetooth: hci3: command tx timeout [ 87.251866] Bluetooth: hci2: command tx timeout [ 87.316424] Bluetooth: hci4: command tx timeout [ 87.380952] Bluetooth: hci5: command tx timeout [ 87.381028] Bluetooth: hci6: command tx timeout [ 87.443362] Bluetooth: hci7: command tx timeout [ 89.172426] Bluetooth: hci0: command tx timeout [ 89.236574] Bluetooth: hci1: command tx timeout [ 89.300339] Bluetooth: hci3: command tx timeout [ 89.300419] Bluetooth: hci2: command tx timeout [ 89.365333] Bluetooth: hci4: command tx timeout [ 89.428345] Bluetooth: hci6: command tx timeout [ 89.428431] Bluetooth: hci5: command tx timeout [ 89.491413] Bluetooth: hci7: command tx timeout [ 91.221365] Bluetooth: hci0: command tx timeout [ 91.285355] Bluetooth: hci1: command tx timeout [ 91.347473] Bluetooth: hci2: command tx timeout [ 91.348893] Bluetooth: hci3: command tx timeout [ 91.412366] Bluetooth: hci4: command tx timeout [ 91.475382] Bluetooth: hci5: command tx timeout [ 91.475475] Bluetooth: hci6: command tx timeout [ 91.540278] Bluetooth: hci7: command tx timeout [ 141.531506] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.531622] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.583646] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.583720] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.283318] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.283406] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.744729] [ 143.745025] ====================================================== [ 143.745778] WARNING: possible circular locking dependency detected [ 143.746497] 6.13.0-rc7-next-20250120 #1 Not tainted [ 143.747094] ------------------------------------------------------ [ 143.748434] kworker/u8:0/11 is trying to acquire lock: [ 143.749406] ffffffff8621eb28 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 143.751108] [ 143.751108] but task is already holding lock: [ 143.752131] ffff88801c8a8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 143.753853] [ 143.753853] which lock already depends on the new lock. [ 143.753853] [ 143.755335] [ 143.755335] the existing dependency chain (in reverse order) is: [ 143.756993] [ 143.756993] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 143.758199] __mutex_lock+0x13d/0xb50 [ 143.759074] wiphy_register+0x1b2e/0x25d0 [ 143.759958] ieee80211_register_hw+0x23a4/0x3d60 [ 143.760908] mac80211_hwsim_new_radio+0x2759/0x4d60 [ 143.762003] init_mac80211_hwsim+0x389/0x870 [ 143.762984] do_one_initcall+0xf9/0x640 [ 143.763578] kernel_init_freeable+0x53d/0x7a0 [ 143.764224] kernel_init+0x1e/0x2d0 [ 143.764759] ret_from_fork+0x48/0x80 [ 143.765308] ret_from_fork_asm+0x1a/0x30 [ 143.765921] [ 143.765921] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 143.766685] __lock_acquire+0x29fd/0x4580 [ 143.767275] lock_acquire+0x19b/0x520 [ 143.767824] __mutex_lock+0x13d/0xb50 [ 143.768397] unregister_netdevice_many_notify+0x1612/0x1c80 [ 143.769163] unregister_netdevice_queue+0x224/0x2e0 [ 143.769862] _cfg80211_unregister_wdev+0x57b/0x700 [ 143.770559] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 143.771248] ieee80211_unregister_hw+0x55/0x3a0 [ 143.771893] hwsim_exit_net+0x3a0/0x730 [ 143.772479] ops_exit_list+0xb3/0x180 [ 143.773026] cleanup_net+0x546/0xad0 [ 143.773591] process_one_work+0x8ee/0x1a10 [ 143.774213] worker_thread+0x674/0xe70 [ 143.774793] kthread+0x3ab/0x720 [ 143.775324] ret_from_fork+0x48/0x80 [ 143.775857] ret_from_fork_asm+0x1a/0x30 [ 143.776458] [ 143.776458] other info that might help us debug this: [ 143.776458] [ 143.777392] Possible unsafe locking scenario: [ 143.777392] [ 143.778096] CPU0 CPU1 [ 143.778647] ---- ---- [ 143.779198] lock(&rdev->wiphy.mtx); [ 143.779693] lock(rtnl_mutex); [ 143.780409] lock(&rdev->wiphy.mtx); [ 143.781177] lock(rtnl_mutex); [ 143.781633] [ 143.781633] *** DEADLOCK *** [ 143.781633] [ 143.782331] 4 locks held by kworker/u8:0/11: [ 143.782872] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 143.784134] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 143.785355] #2: ffffffff86212b50 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 143.786477] #3: ffff88801c8a8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 143.787733] [ 143.787733] stack backtrace: [ 143.788280] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250120 #1 [ 143.789279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 143.790233] Workqueue: netns cleanup_net [ 143.790746] Call Trace: [ 143.791061] [ 143.791340] dump_stack_lvl+0xca/0x120 [ 143.791854] print_circular_bug+0x47b/0x750 [ 143.792394] check_noncircular+0x2e9/0x3c0 [ 143.792920] ? timerqueue_del+0x83/0x150 [ 143.793460] ? __pfx_check_noncircular+0x10/0x10 [ 143.794057] ? hlock_class+0x4e/0x130 [ 143.794527] ? mark_lock+0xac/0xed0 [ 143.794989] ? srso_return_thunk+0x5/0x5f [ 143.795532] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 143.796167] ? lockdep_lock+0xba/0x1b0 [ 143.796681] ? __pfx_lockdep_lock+0x10/0x10 [ 143.797261] __lock_acquire+0x29fd/0x4580 [ 143.797815] ? __pfx___lock_acquire+0x10/0x10 [ 143.798384] ? lock_release+0x20f/0x6f0 [ 143.798883] ? __pfx_lock_release+0x10/0x10 [ 143.799428] lock_acquire+0x19b/0x520 [ 143.799914] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 143.800628] ? __pfx_lock_acquire+0x10/0x10 [ 143.801165] ? srso_return_thunk+0x5/0x5f [ 143.801735] ? lock_release+0x20f/0x6f0 [ 143.802237] ? srso_return_thunk+0x5/0x5f [ 143.802775] ? lock_is_held_type+0x9e/0x120 [ 143.803330] ? srso_return_thunk+0x5/0x5f [ 143.803870] __mutex_lock+0x13d/0xb50 [ 143.804367] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 143.805092] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 143.805823] ? srso_return_thunk+0x5/0x5f [ 143.806371] ? synchronize_rcu_expedited+0x38a/0x420 [ 143.806994] ? __pfx___mutex_lock+0x10/0x10 [ 143.807550] ? __pfx_autoremove_wake_function+0x10/0x10 [ 143.808214] ? srso_return_thunk+0x5/0x5f [ 143.808748] ? kasan_quarantine_put+0x84/0x1e0 [ 143.809370] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 143.809939] ? srso_return_thunk+0x5/0x5f [ 143.810483] unregister_netdevice_many_notify+0x1612/0x1c80 [ 143.811170] ? __virt_addr_valid+0x2e8/0x5d0 [ 143.811735] ? __pfx_lock_release+0x10/0x10 [ 143.812275] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 143.813010] ? find_held_lock+0x2c/0x110 [ 143.813559] ? srso_return_thunk+0x5/0x5f [ 143.814103] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 143.814732] ? srso_return_thunk+0x5/0x5f [ 143.815267] ? lock_release+0x20f/0x6f0 [ 143.815770] ? __pfx_lock_release+0x10/0x10 [ 143.816308] ? srso_return_thunk+0x5/0x5f [ 143.816845] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 143.817507] ? srso_return_thunk+0x5/0x5f [ 143.818053] unregister_netdevice_queue+0x224/0x2e0 [ 143.818674] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 143.819355] ? up_write+0x195/0x520 [ 143.819840] _cfg80211_unregister_wdev+0x57b/0x700 [ 143.820467] ? srso_return_thunk+0x5/0x5f [ 143.821003] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 143.821640] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 143.822309] ? srso_return_thunk+0x5/0x5f [ 143.822846] ? srso_return_thunk+0x5/0x5f [ 143.823380] ? synchronize_rcu+0x1ff/0x260 [ 143.823908] ieee80211_unregister_hw+0x55/0x3a0 [ 143.824486] hwsim_exit_net+0x3a0/0x730 [ 143.824983] ? __pfx_hwsim_exit_net+0x10/0x10 [ 143.825551] ? srso_return_thunk+0x5/0x5f [ 143.826085] ? netdev_run_todo+0x788/0x1040 [ 143.826632] ? __pfx_hwsim_exit_net+0x10/0x10 [ 143.827192] ops_exit_list+0xb3/0x180 [ 143.827676] cleanup_net+0x546/0xad0 [ 143.828153] ? __pfx_cleanup_net+0x10/0x10 [ 143.828699] process_one_work+0x8ee/0x1a10 [ 143.829267] ? __pfx_process_one_work+0x10/0x10 [ 143.829864] ? srso_return_thunk+0x5/0x5f [ 143.830400] ? srso_return_thunk+0x5/0x5f [ 143.830939] ? move_linked_works+0x172/0x270 [ 143.831491] ? srso_return_thunk+0x5/0x5f [ 143.832025] ? assign_work+0x196/0x240 [ 143.832539] worker_thread+0x674/0xe70 [ 143.833059] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 143.833741] ? __pfx_worker_thread+0x10/0x10 [ 143.834318] kthread+0x3ab/0x720 [ 143.834770] ? __pfx_kthread+0x10/0x10 [ 143.835274] ? srso_return_thunk+0x5/0x5f [ 143.835813] ? finish_task_switch.isra.0+0x206/0x840 [ 143.836443] ? __pfx_kthread+0x10/0x10 [ 143.836944] ret_from_fork+0x48/0x80 [ 143.837421] ? __pfx_kthread+0x10/0x10 [ 143.837927] ret_from_fork_asm+0x1a/0x30 [ 143.838468] [ 145.562542] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 145.565780] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 145.568088] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 145.573118] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 145.576361] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 145.578838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 145.623195] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 145.626191] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 145.628193] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 145.636067] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 145.638462] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 145.640054] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 145.668054] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 145.675570] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 145.705527] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 145.711927] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 145.714149] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 145.716135] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 145.726021] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 145.728332] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 145.730803] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 145.736558] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 145.739106] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 145.741538] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 145.772579] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 145.775843] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 145.779260] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 145.781169] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 145.798604] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 145.800155] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 145.819948] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 145.837124] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 145.837473] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 145.838327] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 145.838855] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 145.839144] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 145.847789] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 145.863793] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 145.912772] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 145.931878] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 145.946649] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 145.953454] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 145.954000] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 145.963340] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 145.983990] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 146.067620] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 146.071599] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 146.073828] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 147.604447] Bluetooth: hci0: command tx timeout [ 147.667350] Bluetooth: hci1: command tx timeout [ 147.796378] Bluetooth: hci2: command tx timeout [ 147.862320] Bluetooth: hci3: command tx timeout [ 147.987504] Bluetooth: hci4: command tx timeout [ 148.052498] Bluetooth: hci5: command tx timeout [ 148.117935] Bluetooth: hci6: command tx timeout [ 148.180804] Bluetooth: hci7: command tx timeout [ 149.652390] Bluetooth: hci0: command tx timeout [ 149.716355] Bluetooth: hci1: command tx timeout [ 149.844391] Bluetooth: hci2: command tx timeout [ 149.908329] Bluetooth: hci3: command tx timeout [ 150.037382] Bluetooth: hci4: command tx timeout [ 150.100337] Bluetooth: hci5: command tx timeout [ 150.166292] Bluetooth: hci6: command tx timeout [ 150.229157] Bluetooth: hci7: command tx timeout [ 151.699347] Bluetooth: hci0: command tx timeout [ 151.765139] Bluetooth: hci1: command tx timeout [ 151.891374] Bluetooth: hci2: command tx timeout [ 151.956337] Bluetooth: hci3: command tx timeout [ 152.084366] Bluetooth: hci4: command tx timeout [ 152.147347] Bluetooth: hci5: command tx timeout [ 152.212600] Bluetooth: hci6: command tx timeout [ 152.279314] Bluetooth: hci7: command tx timeout [ 153.748333] Bluetooth: hci0: command tx timeout VM DIAGNOSIS: 02:34:34 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283e2e5 RDI=ffffffff886990a0 RBP=ffffffff88699060 RSP=ffff8880095debb8 R8 =0000000000000001 R9 =ffffed10012bbd67 R10=0000000000000020 R11=7369786520656874 R12=0000000000000020 R13=0000000000000001 R14=ffff888008fea050 R15=ffff8880095deeb8 RIP=ffffffff8283e33d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffff774a000 CR3=000000001b57c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000004132142000000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88800efd1bc0 RCX=ffffffff81429a0f RDX=ffff88800efd1bc0 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000200000 RSP=ffff88800f64fdb8 R8 =0000000000000000 R9 =ffffed1001df4a80 R10=0000000000200000 R11=ffff88800efd2078 R12=ffff88807cfe1ff9 R13=ffffffff88654bc8 R14=ffff88800efd1bc0 R15=0000000000000086 RIP=ffffffff81429a11 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdb89a12a38 CR3=000000001b57c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=000000c0002a6b40000000c0002a6b70 XMM02=000000000000000041149a4000000000 XMM03=000000c000588000000000c0004fb000 XMM04=000000c000616800000000c000612800 XMM05=000000c000304f20000000c000619800 XMM06=000000c0005a8400000000c00049e800 XMM07=000000c0005aaa00000000c00001d620 XMM08=000000c0004e7640000000c0004f2000 XMM09=000000c00059e000000000c0004a5000 XMM10=000000c0004ee800000000c00001c5d0 XMM11=000000c000599e80000000c0004e7480 XMM12=000000c000593000000000c0002ad440 XMM13=000000c0004f9800000000c0004e60c0 XMM14=000000c0004a0000000000c0004fa400 XMM15=000000c0005a4380000000c000593c00