Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:9894' (ECDSA) to the list of known hosts. 2024/12/19 23:08:22 fuzzer started 2024/12/19 23:08:22 dialing manager at localhost:37257 syzkaller login: [ 63.705036] cgroup: Unknown subsys name 'net' [ 63.843038] cgroup: Unknown subsys name 'cpuset' [ 63.886737] cgroup: Unknown subsys name 'rlimit' 2024/12/19 23:08:45 syscalls: 200 2024/12/19 23:08:45 code coverage: enabled 2024/12/19 23:08:45 comparison tracing: enabled 2024/12/19 23:08:45 extra coverage: enabled 2024/12/19 23:08:45 setuid sandbox: enabled 2024/12/19 23:08:45 namespace sandbox: enabled 2024/12/19 23:08:45 Android sandbox: enabled 2024/12/19 23:08:45 fault injection: enabled 2024/12/19 23:08:45 leak checking: enabled 2024/12/19 23:08:45 net packet injection: enabled 2024/12/19 23:08:45 net device setup: enabled 2024/12/19 23:08:45 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/12/19 23:08:45 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/12/19 23:08:45 USB emulation: enabled 2024/12/19 23:08:45 hci packet injection: enabled 2024/12/19 23:08:45 wifi device emulation: enabled 2024/12/19 23:08:45 802.15.4 emulation: enabled 2024/12/19 23:08:45 fetching corpus: 0, signal 0/0 (executing program) 2024/12/19 23:08:46 starting 8 fuzzer processes 23:08:46 executing program 0: ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000040)={0x5, 0x2, &(0x7f0000000000)="ec40"}) ioctl$EVIOCSABS2F(0xffffffffffffffff, 0x401845ef, &(0x7f0000000080)={0x401, 0x80, 0x7ff, 0x0, 0x5, 0x1000}) ioctl$EVIOCSABS2F(0xffffffffffffffff, 0x401845ef, &(0x7f00000000c0)={0x400, 0x8, 0xd53, 0x75d, 0x80000001, 0x1}) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x240800, 0x0) ioctl$SNAPSHOT_S2RAM(r0, 0x330b) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x300, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x80}]}, 0x2c}, 0x1, 0x0, 0x0, 0x90}, 0x0) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r0, 0x80083313, &(0x7f0000000240)) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1100090}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80d0}, 0x8080) setsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x65, &(0x7f0000000380)=0x1179, 0x4) ioctl$EVIOCSABS3F(0xffffffffffffffff, 0x401845ff, &(0x7f00000003c0)={0x1, 0x10000, 0x4, 0x80000000, 0x4, 0xff}) ioctl$EVIOCSABS2F(0xffffffffffffffff, 0x401845ef, &(0x7f0000000400)={0x87c, 0xffff8001, 0x7, 0x6, 0x5, 0xca}) ioctl$EVIOCSABS2F(0xffffffffffffffff, 0x401845ef, &(0x7f0000000440)={0x3ff, 0x200, 0x534b708b, 0x7, 0x20, 0x8001}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_SET_HARDIF(r1, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x4c, 0x0, 0x300, 0x7, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x7}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xffffffff}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x1000}, @BATADV_ATTR_HOP_PENALTY={0x5}]}, 0x4c}}, 0x4004800) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000600), r1) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000640)={{{@in=@loopback, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@mcast1}}, &(0x7f0000000740)=0xe8) sendmsg$MPTCP_PM_CMD_GET_ADDR(r1, &(0x7f0000000880)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000780)={0x8c, r2, 0xc08, 0x70bd26, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010101}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}]}, 0x8c}}, 0x0) ioctl$EVIOCSABS2F(0xffffffffffffffff, 0x401845ef, &(0x7f00000008c0)={0x7fff, 0x100, 0x81, 0x10001, 0x30, 0x8}) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000940), r1) sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000a40)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x64, r4, 0x800, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3f}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x2}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x3}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x6}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x2a7f}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x81}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xfc}]}, 0x64}, 0x1, 0x0, 0x0, 0x200048c0}, 0x50) 23:08:46 executing program 1: getuid() r0 = getuid() prctl$PR_SET_SECUREBITS(0x1c, 0x3) prctl$PR_SET_SECUREBITS(0x1c, 0x1) prctl$PR_SET_SECUREBITS(0x1c, 0x52) munlockall() getresuid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, 0x0) r1 = getuid() r2 = getuid() getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000000c0)={{{@in6=@ipv4={""/10, ""/2, @private}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xe8) setresuid(r1, r2, r3) setresuid(r2, r1, r0) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200), 0x4000, 0x0) write$snapshot(r4, &(0x7f0000000240)="801df103ab6ae903a9190c30250174493635bab832524dc45fba1a383951534f12f1cab197a58a740a67ef831e73b3bb7a3be72262616196380e22540f3abd57f6dedcad9d342c7db2383c0a2e", 0x4d) munlockall() r5 = inotify_init() ioctl$INOTIFY_IOC_SETNEXTWD(r5, 0x40044900, 0x12000000000) getresuid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)) ioctl$EVIOCGSND(r4, 0x8040451a, &(0x7f0000000380)=""/24) 23:08:46 executing program 2: r0 = epoll_create1(0x0) r1 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x40000018}) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, r2, 0x8, 0x70bd2d, 0x8, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x20}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xe2}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x2}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x54}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x34d}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x10000}]}, 0x64}}, 0x44000) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0) r4 = openat$cgroup_pressure(r3, &(0x7f0000000240)='io.pressure\x00', 0x2, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x0, 0x800, 0x70bd2b, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10000) ioctl$BTRFS_IOC_TREE_SEARCH(r4, 0xd0009411, &(0x7f0000000380)={{0x0, 0xc2, 0x0, 0x1800000, 0x2, 0x10000, 0x4, 0x7, 0x1000, 0x4, 0xcd, 0x3, 0x3, 0x0, 0x1}}) ioctl$BTRFS_IOC_TREE_SEARCH(r5, 0xd0009411, &(0x7f0000001380)={{r6, 0x4, 0x1, 0x7fff, 0x80000000, 0x80000001, 0x7ff, 0x1f, 0x6a, 0x9, 0x101, 0x3, 0x8001, 0x3, 0xabee}}) setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000002380)={0x6c, 0xa, 0x2, 0x7, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2, @mcast2, @mcast2, @dev={0xfe, 0x80, '\x00', 0x3e}]}, 0x58) r7 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000002400)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r7, 0xc0c89425, &(0x7f0000002600)={"4b834e3664aa9db630f6ddd11d2231ea", r8, 0x0, {0x2, 0xc8f8}, {0x625, 0x9}, 0xffe0000000000000, [0xfb7, 0xfffffffffffffffa, 0x5, 0x5, 0x10000, 0x4, 0x9, 0x4, 0xfffffffffffff001, 0x0, 0x1, 0x9, 0x1, 0x20, 0x4, 0xffffffff]}) openat$pidfd(0xffffffffffffff9c, &(0x7f0000002700), 0x680402, 0x0) ioctl$KDDELIO(r7, 0x4b35, 0x101) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000002780), r5) sendmsg$BATADV_CMD_TP_METER_CANCEL(r9, &(0x7f0000002840)={&(0x7f0000002740)={0x10, 0x0, 0x0, 0x400020}, 0xc, &(0x7f0000002800)={&(0x7f00000027c0)={0x1c, r10, 0x308, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8804}, 0x800) 23:08:46 executing program 3: r0 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x50000040) inotify_rm_watch(0xffffffffffffffff, r0) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x20) getresgid(&(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) setregid(r2, 0xee00) r3 = inotify_init() inotify_add_watch(r3, &(0x7f0000000100)='./file0\x00', 0x100) r4 = getegid() setresgid(r1, r4, r2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv_slave_0\x00'}) r5 = inotify_init() ioctl$INOTIFY_IOC_SETNEXTWD(r5, 0x40044900, 0x8) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x6) getgroups(0x0, &(0x7f0000000180)) epoll_wait(0xffffffffffffffff, &(0x7f00000001c0)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x295d30b1) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x34, 0x0, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000024}, 0x4000085) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, 0x0, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7334}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x40051) r6 = epoll_create1(0x80000) r7 = syz_open_dev$evdev(&(0x7f0000000440), 0x400, 0x4280) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000480)={0x1}) 23:08:46 executing program 4: r0 = inotify_init1(0x0) ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x5208) r1 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x20000000) inotify_rm_watch(r0, r1) inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x44) inotify_add_watch(r0, &(0x7f0000000080)='./file0\x00', 0x4) r2 = epoll_create1(0x80000) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r2) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r3, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1b}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x2) r4 = syz_io_uring_setup(0xbd2, &(0x7f0000000200)={0x0, 0xf0fd, 0x4, 0x3, 0x30f}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000002c0)=0x0) r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r5, &(0x7f0000000340)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x0, 0x0, r2, 0x0, r6, 0x2, 0x0, 0x1, {0x0, r7}}, 0x7263) r8 = syz_io_uring_setup(0xdd8, &(0x7f0000000380)={0x0, 0xb626, 0x20, 0x2, 0x18, 0x0, r4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fef000/0x11000)=nil, &(0x7f0000000400), &(0x7f0000000440)) syz_io_uring_setup(0x1114, &(0x7f0000000480)={0x0, 0xc30, 0x2, 0x3, 0xb2, 0x0, r8}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000500), &(0x7f0000000540)) r9 = epoll_create1(0x80000) r10 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) epoll_ctl$EPOLL_CTL_MOD(r9, 0x3, r10, &(0x7f0000000580)={0x20000010}) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x1) [ 84.555217] audit: type=1400 audit(1734649726.512:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 23:08:46 executing program 5: ioctl$TIOCEXCL(0xffffffffffffffff, 0x540c) ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f0000000000)={0xffffffff, 0x400, 0x3}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000002}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000080)={"80ad3d4d579a1837095ee7f343b9abc6", 0x0, 0x0, {0x10000, 0xfffffffa}, {0x1, 0x6}, 0x800, [0x7, 0x1, 0x2, 0x4000000000, 0x6, 0x20, 0x2, 0x9, 0x0, 0x4, 0xc0, 0x6, 0x40, 0xffffffff, 0x8000, 0x5]}) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, &(0x7f0000000180)) r0 = memfd_secret(0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000004, 0x1010, r0, 0x8000000) syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), r0) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000001, 0x10, r0, 0x10000000) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r0) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x58, r1, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xe1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffff9}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x80000001}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x58}}, 0x20000804) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000380)=""/94) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000440)={{{@in=@multicast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000000540)=0xe8) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000640)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x60, r1, 0x10, 0x70bd29, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x8001}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x401}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x3}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x60}}, 0x4040090) ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000680)={0xc4, 0x0, 0x20, 0x13d, "024c2ccc838daf341d43dd3b9e9af307a85beb805a459bae6f28094f9881d7f9"}) ioctl$EVIOCREVOKE(r0, 0x40044591, &(0x7f00000006c0)=0x7) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f0000000700)) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000740)='./file0\x00', 0x840) ioctl$EVIOCSABS0(r0, 0x401845c0, &(0x7f0000000780)={0x8, 0x7, 0x1, 0x3, 0x51, 0x20}) 23:08:46 executing program 6: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r0, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xe5e7}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x40000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_GET_LIMITS(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}]}, 0x70}, 0x1, 0x0, 0x0, 0x20004000}, 0x8811) r3 = epoll_create1(0x80000) epoll_pwait2(r3, &(0x7f00000002c0)=[{}, {}, {}], 0x3, &(0x7f0000000300), &(0x7f0000000340)={[0x9]}, 0x8) sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x24, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x20000000) epoll_pwait(r3, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x8, 0xfe14, &(0x7f0000000500)={[0xdc3]}, 0x8) sendmsg$BATADV_CMD_TP_METER_CANCEL(r1, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x2c, r0, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x6aaf}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x40}]}, 0x2c}, 0x1, 0x0, 0x0, 0x61}, 0x4) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000640), 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x44, 0x0, 0x20, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xfffffffe}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x8004}, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_PROTOCOLS(r4, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x1c, 0x0, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x2b}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x811) r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000008c0), r1) sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f00000009c0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x44, r5, 0x2, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x60000}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040}, 0x48000) r6 = perf_event_open(&(0x7f0000000a00)={0x2, 0x80, 0x1, 0x1, 0x7f, 0xc0, 0x0, 0x5, 0x9000, 0x6, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x8, 0x2, @perf_config_ext={0x6, 0x7}, 0x4, 0x401, 0x200, 0x6, 0xbb, 0x2, 0xfff8, 0x0, 0x7, 0x0, 0x2}, 0x0, 0x6, 0xffffffffffffffff, 0x4) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000a80)='&*]^,\x00') getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000b00)={{{@in6=@loopback, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@private}, 0x0, @in=@initdev}}, &(0x7f0000000c00)=0xe8) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r1, &(0x7f0000000d00)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c40)={0x64, r0, 0x400, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x4}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xfffffffa}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xff}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x3f}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x4}]}, 0x64}, 0x1, 0x0, 0x0, 0x891}, 0x40000) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000e00)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x28, r2, 0x800, 0x70bd27, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_ADDR={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x85) 23:08:46 executing program 7: ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x2, 0x80, 0x9, 0x1f, 0x3f, 0x3, 0x0, 0x3, 0x80400, 0x5, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x6, 0x400}, 0x4400, 0x8, 0x4, 0x2, 0x5, 0x7fff, 0x5, 0x0, 0x2, 0x0, 0x8001}) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, &(0x7f0000000080)) r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, r0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x21}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x9}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x9}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @dev={0xac, 0x14, 0x14, 0x20}}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x40884) sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x34, r0, 0x300, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x3e}}, @NLBL_MGMT_A_DOMAIN={0x7, 0x1, '.I\x00'}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0x4804}, 0x4010) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x6c, r1, 0x11, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x15}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_DOMAIN={0x7, 0x1, '.I\x00'}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}, @NLBL_MGMT_A_DOMAIN={0x9, 0x1, '-%@{\x00'}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x21}]}, 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x4080) r2 = perf_event_open$cgroup(&(0x7f0000000500)={0x0, 0x80, 0x2, 0x3f, 0x8, 0x3f, 0x0, 0x4000000000000000, 0x20012, 0x4, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f00000004c0), 0x3}, 0x0, 0x3f, 0x200, 0x2, 0x1ff, 0x8, 0x8, 0x0, 0x7, 0x0, 0x3}, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x4) ioctl$PERF_EVENT_IOC_REFRESH(r2, 0x2402, 0xfffffffeffffffff) epoll_wait(0xffffffffffffffff, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x8, 0x20) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x2c, r3, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x4000084) sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x24, r1, 0x400, 0x70bd26, 0x25dfdbff, {}, [@NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @broadcast}]}, 0x24}, 0x1, 0x0, 0x0, 0x24004811}, 0x4010) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADDDEF(r4, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000900)={&(0x7f0000000880)={0x48, r1, 0x400, 0x70bd26, 0x6, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x1}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '*[\x1d\x00'}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xa}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private2}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in=@multicast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}}}, &(0x7f0000000ac0)=0xe8) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x84, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x8}]}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0x84}, 0x1, 0x0, 0x0, 0x8884}, 0x20000010) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x44, r3, 0x20, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x6}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x8001}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x84}, 0x0) sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f0000000e40)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x24, r0, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @local}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x40) [ 85.827218] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.830032] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.835281] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.835439] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.840250] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.840690] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.849169] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.853478] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.853691] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.860100] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.867595] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 85.870064] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.895889] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.904368] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.906619] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.928144] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.935164] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 85.939146] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.995747] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 86.000211] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 86.002174] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 86.007076] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 86.012082] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 86.014072] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 86.061446] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 86.068168] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 86.070524] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 86.074908] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 86.077636] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 86.079561] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 86.086645] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 86.100175] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 86.109224] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 86.119252] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 86.122640] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 86.124673] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 86.136643] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 86.140189] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 86.140209] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 86.142198] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 86.145902] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 86.157091] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 86.158762] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 86.166162] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 86.175750] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 86.183207] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 86.201112] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 86.203110] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 87.905416] Bluetooth: hci0: command tx timeout [ 87.969216] Bluetooth: hci1: command tx timeout [ 88.033106] Bluetooth: hci2: command tx timeout [ 88.096901] Bluetooth: hci3: command tx timeout [ 88.161329] Bluetooth: hci5: command tx timeout [ 88.162027] Bluetooth: hci4: command tx timeout [ 88.225197] Bluetooth: hci7: command tx timeout [ 88.225232] Bluetooth: hci6: command tx timeout [ 89.953600] Bluetooth: hci0: command tx timeout [ 90.017054] Bluetooth: hci1: command tx timeout [ 90.081408] Bluetooth: hci2: command tx timeout [ 90.144969] Bluetooth: hci3: command tx timeout [ 90.208877] Bluetooth: hci5: command tx timeout [ 90.208975] Bluetooth: hci4: command tx timeout [ 90.273334] Bluetooth: hci6: command tx timeout [ 90.273414] Bluetooth: hci7: command tx timeout [ 92.000915] Bluetooth: hci0: command tx timeout [ 92.064969] Bluetooth: hci1: command tx timeout [ 92.128979] Bluetooth: hci2: command tx timeout [ 92.193073] Bluetooth: hci3: command tx timeout [ 92.257111] Bluetooth: hci5: command tx timeout [ 92.257944] Bluetooth: hci4: command tx timeout [ 92.322908] Bluetooth: hci7: command tx timeout [ 92.323408] Bluetooth: hci6: command tx timeout [ 94.049324] Bluetooth: hci0: command tx timeout [ 94.112906] Bluetooth: hci1: command tx timeout [ 94.176892] Bluetooth: hci2: command tx timeout [ 94.240967] Bluetooth: hci3: command tx timeout [ 94.305243] Bluetooth: hci4: command tx timeout [ 94.305999] Bluetooth: hci5: command tx timeout [ 94.368893] Bluetooth: hci6: command tx timeout [ 94.369406] Bluetooth: hci7: command tx timeout [ 148.524715] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 148.528008] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 148.529724] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 148.535916] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 148.538799] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 148.540471] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 148.652223] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 148.657237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 148.657446] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 148.661696] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 148.662707] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 148.669619] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 148.674003] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 148.677485] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 148.678660] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 148.680280] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 148.681681] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 148.686976] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 148.714739] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 148.753096] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 148.755119] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 148.756145] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 148.757123] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 148.759685] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 148.760647] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 148.764336] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 148.765469] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 148.766620] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 148.768735] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 148.769972] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 148.771064] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 148.777992] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 148.783015] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 148.784040] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 148.784688] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 148.785530] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 148.787839] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 148.790919] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 148.803040] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 148.822043] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 148.822711] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 148.823679] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 148.831030] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 148.839107] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 148.839847] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 148.841230] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 148.843271] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 148.852963] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 150.625951] Bluetooth: hci0: command tx timeout [ 150.752895] Bluetooth: hci1: command tx timeout [ 150.752927] Bluetooth: hci2: command tx timeout [ 150.817213] Bluetooth: hci5: command tx timeout [ 150.881134] Bluetooth: hci7: command tx timeout [ 150.882115] Bluetooth: hci3: command tx timeout [ 150.946975] Bluetooth: hci4: command tx timeout [ 150.947170] Bluetooth: hci6: command tx timeout [ 152.673414] Bluetooth: hci0: command tx timeout [ 152.800875] Bluetooth: hci2: command tx timeout [ 152.800923] Bluetooth: hci1: command tx timeout [ 152.864928] Bluetooth: hci5: command tx timeout [ 152.929853] Bluetooth: hci3: command tx timeout [ 152.929874] Bluetooth: hci7: command tx timeout [ 152.992823] Bluetooth: hci6: command tx timeout [ 152.993866] Bluetooth: hci4: command tx timeout [ 154.721097] Bluetooth: hci0: command tx timeout [ 154.848933] Bluetooth: hci2: command tx timeout [ 154.849944] Bluetooth: hci1: command tx timeout [ 154.914866] Bluetooth: hci5: command tx timeout [ 154.976949] Bluetooth: hci7: command tx timeout [ 154.978025] Bluetooth: hci3: command tx timeout [ 155.041104] Bluetooth: hci4: command tx timeout [ 155.041617] Bluetooth: hci6: command tx timeout [ 156.768858] Bluetooth: hci0: command tx timeout [ 156.897002] Bluetooth: hci1: command tx timeout [ 156.897149] Bluetooth: hci2: command tx timeout [ 156.961569] Bluetooth: hci5: command tx timeout [ 157.024923] Bluetooth: hci3: command tx timeout [ 157.025032] Bluetooth: hci7: command tx timeout [ 157.089811] Bluetooth: hci6: command tx timeout [ 157.090019] Bluetooth: hci4: command tx timeout [ 210.623868] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 210.629853] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 210.634245] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 210.643829] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 210.649102] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 210.650998] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 210.729851] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 210.732123] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 210.735410] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 210.740298] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 210.744178] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 210.745833] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 210.856375] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 210.866077] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 210.867460] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 210.880481] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 210.882506] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 210.883987] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 210.933138] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 210.946847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 210.954101] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 210.955966] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 210.972951] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 210.974033] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 210.985625] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 210.989860] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 210.991326] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 210.994317] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 211.010905] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 211.019259] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 211.022399] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 211.028175] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 211.053465] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 211.061476] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 211.071394] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 211.081614] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 211.083560] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 211.091158] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 211.094070] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 211.099301] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 211.101095] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 211.103224] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 211.125124] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 211.125985] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 211.133330] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 211.136851] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 211.138111] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 211.147966] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 212.706261] Bluetooth: hci0: command tx timeout [ 212.832959] Bluetooth: hci1: command tx timeout [ 212.961822] Bluetooth: hci2: command tx timeout [ 213.088875] Bluetooth: hci3: command tx timeout [ 213.089006] Bluetooth: hci4: command tx timeout [ 213.152932] Bluetooth: hci5: command tx timeout [ 213.281852] Bluetooth: hci7: command tx timeout [ 213.345835] Bluetooth: hci6: command tx timeout [ 214.754792] Bluetooth: hci0: command tx timeout [ 214.880823] Bluetooth: hci1: command tx timeout [ 215.009820] Bluetooth: hci2: command tx timeout [ 215.138797] Bluetooth: hci3: command tx timeout [ 215.138980] Bluetooth: hci4: command tx timeout [ 215.200821] Bluetooth: hci5: command tx timeout [ 215.330874] Bluetooth: hci7: command tx timeout [ 215.392871] Bluetooth: hci6: command tx timeout [ 216.800965] Bluetooth: hci0: command tx timeout [ 216.929782] Bluetooth: hci1: command tx timeout [ 217.056906] Bluetooth: hci2: command tx timeout [ 217.184933] Bluetooth: hci3: command tx timeout [ 217.187768] Bluetooth: hci4: command tx timeout [ 217.249812] Bluetooth: hci5: command tx timeout [ 217.377967] Bluetooth: hci7: command tx timeout [ 217.440841] Bluetooth: hci6: command tx timeout [ 218.849988] Bluetooth: hci0: command tx timeout [ 218.976796] Bluetooth: hci1: command tx timeout [ 219.105805] Bluetooth: hci2: command tx timeout [ 219.233865] Bluetooth: hci4: command tx timeout [ 219.233994] Bluetooth: hci3: command tx timeout [ 219.297841] Bluetooth: hci5: command tx timeout [ 219.426774] Bluetooth: hci7: command tx timeout [ 219.489812] Bluetooth: hci6: command tx timeout [ 269.373323] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.374207] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.882828] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.883503] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.324623] syz-executor.0 (6729) used greatest stack depth: 23536 bytes left [ 273.263654] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 273.266475] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 273.268962] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 273.281210] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 273.284993] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 273.293218] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 273.328501] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 273.332184] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 273.334824] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 273.342360] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 273.346292] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 273.349175] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 273.400545] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 273.415110] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 273.424146] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 273.462177] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 273.481183] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 273.488294] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 273.525167] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 273.550208] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 273.556303] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 273.580267] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 273.586111] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 273.595928] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 273.687177] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 273.691331] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 273.693572] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 273.738596] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 273.751410] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 273.758439] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 273.760432] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 273.764403] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 273.768328] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 273.772651] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 273.775250] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 273.777486] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 273.791960] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 273.796344] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 273.798508] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 273.822376] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 273.848368] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 273.861219] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 273.887601] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 273.889218] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 273.912503] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 273.933417] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 273.981289] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 273.992564] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 275.362064] Bluetooth: hci0: command tx timeout [ 275.425801] Bluetooth: hci1: command tx timeout [ 275.552901] Bluetooth: hci2: command tx timeout [ 275.680928] Bluetooth: hci3: command tx timeout [ 275.809935] Bluetooth: hci4: command tx timeout [ 275.873983] Bluetooth: hci5: command tx timeout [ 276.065437] Bluetooth: hci6: command tx timeout [ 276.193937] Bluetooth: hci7: command tx timeout [ 277.409863] Bluetooth: hci0: command tx timeout [ 277.474885] Bluetooth: hci1: command tx timeout [ 277.602216] Bluetooth: hci2: command tx timeout [ 277.729878] Bluetooth: hci3: command tx timeout [ 277.857910] Bluetooth: hci4: command tx timeout [ 277.923752] Bluetooth: hci5: command tx timeout [ 278.113889] Bluetooth: hci6: command tx timeout [ 278.241948] Bluetooth: hci7: command tx timeout [ 279.457780] Bluetooth: hci0: command tx timeout [ 279.520863] Bluetooth: hci1: command tx timeout [ 279.649901] Bluetooth: hci2: command tx timeout [ 279.777846] Bluetooth: hci3: command tx timeout [ 279.906879] Bluetooth: hci4: command tx timeout [ 279.969793] Bluetooth: hci5: command tx timeout [ 280.161986] Bluetooth: hci6: command tx timeout [ 280.289785] Bluetooth: hci7: command tx timeout [ 281.505820] Bluetooth: hci0: command tx timeout [ 281.571765] Bluetooth: hci1: command tx timeout [ 281.696798] Bluetooth: hci2: command tx timeout [ 281.826036] Bluetooth: hci3: command tx timeout [ 281.953791] Bluetooth: hci4: command tx timeout [ 282.016910] Bluetooth: hci5: command tx timeout [ 282.209916] Bluetooth: hci6: command tx timeout [ 282.337808] Bluetooth: hci7: command tx timeout [ 331.936758] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 331.937388] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 332.297786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 332.298432] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 335.348877] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 335.354757] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 335.358175] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 335.367186] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 335.372578] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 335.375466] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 335.597346] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 335.601674] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 335.603896] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 335.609268] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 335.612348] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 335.614841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 335.666635] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 335.687230] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 335.689607] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 335.697251] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 335.726619] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 335.732263] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 335.734899] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 335.747267] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 335.755632] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 335.759195] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 335.761319] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 335.767196] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 335.773388] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 335.775358] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 335.779440] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 335.781902] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 335.784627] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 335.803295] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 335.817191] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 335.826180] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 335.828553] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 335.830960] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 335.835268] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 335.844418] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 335.846612] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 335.852681] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 335.854223] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 335.857087] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 335.860559] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 335.866888] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 336.418253] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 336.438089] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 336.441967] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 336.462172] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 336.470350] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 336.473273] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 337.440827] Bluetooth: hci0: command tx timeout [ 337.632869] Bluetooth: hci1: command tx timeout [ 337.824795] Bluetooth: hci2: command tx timeout [ 337.888790] Bluetooth: hci3: command tx timeout [ 337.952873] Bluetooth: hci5: command tx timeout [ 337.955097] Bluetooth: hci4: command tx timeout [ 338.272825] Bluetooth: hci6: command tx timeout [ 338.528867] Bluetooth: hci7: command tx timeout [ 339.488809] Bluetooth: hci0: command tx timeout [ 339.680813] Bluetooth: hci1: command tx timeout [ 339.872842] Bluetooth: hci2: command tx timeout [ 339.936911] Bluetooth: hci3: command tx timeout [ 340.000963] Bluetooth: hci5: command tx timeout [ 340.000987] Bluetooth: hci4: command tx timeout [ 340.323819] Bluetooth: hci6: command tx timeout [ 340.576937] Bluetooth: hci7: command tx timeout [ 341.536852] Bluetooth: hci0: command tx timeout [ 341.729782] Bluetooth: hci1: command tx timeout [ 341.920860] Bluetooth: hci2: command tx timeout [ 341.985797] Bluetooth: hci3: command tx timeout [ 342.048841] Bluetooth: hci4: command tx timeout [ 342.049775] Bluetooth: hci5: command tx timeout [ 342.368993] Bluetooth: hci6: command tx timeout [ 342.624975] Bluetooth: hci7: command tx timeout [ 343.584776] Bluetooth: hci0: command tx timeout [ 343.776772] Bluetooth: hci1: command tx timeout [ 343.968947] Bluetooth: hci2: command tx timeout [ 344.032805] Bluetooth: hci3: command tx timeout [ 344.097995] Bluetooth: hci5: command tx timeout [ 344.098510] Bluetooth: hci4: command tx timeout [ 344.418023] Bluetooth: hci6: command tx timeout [ 344.672826] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 23:13:51 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffffffff85c6e0e0 RCX=1ffffffff0c7f1e8 RDX=ffff88800eac8000 RSI=ffffffff81724717 RDI=ffffffff85c6e0e0 RBP=00007fb11db8f699 RSP=ffff88806ce09a00 R8 =0000000000000000 R9 =ffff88806ce09ab8 R10=00007fb11db8f000 R11=0000000000000003 R12=00007fb11db8f699 R13=0000000000000000 R14=ffff88800eac8000 R15=ffff88800dea6de0 RIP=ffffffff815952b0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb745238570 CR3=000000002edf0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000ff0000000000000000000000 XMM01=ffffffff00ffffffffffffffffffffff XMM02=42494c4700342e332e325f4342494c47 XMM03=00000000000000000000000000006f72 XMM04=6f6c77725f646165726874705f5f0079 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=dffffc0000000000 RBX=ffff88806cf00000 RCX=ffffffff8172481b RDX=0000000000000000 RSI=ffffffff817248d7 RDI=ffff88806cf36250 RBP=0000000000000001 RSP=ffff88806cf09970 R8 =0000000000000000 R9 =fffffbfff0fdfbdc R10=0000000000000001 R11=0000000000000003 R12=0000000000000000 R13=0000000000000000 R14=ffffffff85c6e288 R15=ffff88802edf8a80 RIP=ffffffff81594e40 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f32e3ed0000 CR3=000000002fdd0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=6461657268747062696c2f756e672d78 XMM02=00302e6f732e6461657268747062696c XMM03=2f756e672d78756e696c2d34365f3638 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000