Warning: Permanently added '[localhost]:41643' (ECDSA) to the list of known hosts.
2025/01/19 21:54:39 fuzzer started
2025/01/19 21:54:39 dialing manager at localhost:44245
syzkaller login: [   65.810001] cgroup: Unknown subsys name 'net'
[   65.917861] cgroup: Unknown subsys name 'cpuset'
[   65.954345] cgroup: Unknown subsys name 'rlimit'
[   72.711233] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
[   83.157032] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
2025/01/19 21:54:57 syscalls: 205
2025/01/19 21:54:57 code coverage: enabled
2025/01/19 21:54:57 comparison tracing: enabled
2025/01/19 21:54:57 extra coverage: enabled
2025/01/19 21:54:57 setuid sandbox: enabled
2025/01/19 21:54:57 namespace sandbox: enabled
2025/01/19 21:54:57 Android sandbox: enabled
2025/01/19 21:54:57 fault injection: enabled
2025/01/19 21:54:57 leak checking: enabled
2025/01/19 21:54:57 net packet injection: enabled
2025/01/19 21:54:57 net device setup: enabled
2025/01/19 21:54:57 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/01/19 21:54:57 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/01/19 21:54:57 USB emulation: enabled
2025/01/19 21:54:57 hci packet injection: enabled
2025/01/19 21:54:57 wifi device emulation: enabled
2025/01/19 21:54:57 802.15.4 emulation: enabled
2025/01/19 21:54:57 fetching corpus: 0, signal 0/0 (executing program)
2025/01/19 21:54:59 starting 8 fuzzer processes
21:54:59 executing program 0:
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000000)=0x80b)
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x4, 0x0)
sendmsg$NL80211_CMD_LEAVE_IBSS(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, 0x0, 0x308, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0x18}}}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x9)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000001c0), 0x80000, 0x0)
ioctl$RNDADDENTROPY(r2, 0x40085203, &(0x7f0000000200)={0x4b1, 0x79, "09211fdd49a93e5e10c3976bbc9d1efc972e3ee97c018e401ce828ddc8a613528c8d7a5a03792ea6b16c33ed5d97f0143ad14c90efe847047897821686bb9a31442866e45af6dabed4bf449fbe55248830b7866e4aac2af42770857bd532e9a18fef871a64f7935e7291564fada7a21c725909baae9b61ba28"})
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000002c0), 0xa082, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r4=>r2}, './file0\x00'})
ioctl$RNDZAPENTCNT(r0, 0x5204, &(0x7f0000000340)=0x7fff)
ioctl$AUTOFS_DEV_IOCTL_READY(r4, 0xc0189376, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r5=>r1, {0x1}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r4, 0xc0189378, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r5, {<r6=>r3}}, './file0\x00'})
ioctl$PERF_EVENT_IOC_REFRESH(r4, 0x2402, 0x8)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc018937e, &(0x7f0000000400)={{0x1, 0x1, 0x18, <r7=>r6, @out_args}, './file0\x00'})
fstat(r7, &(0x7f0000000440))
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r2, 0x80045301, &(0x7f00000004c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockname(r8, &(0x7f0000000540)=@nfc_llcp, &(0x7f00000005c0)=0x80)
sendmsg$NL80211_CMD_NOTIFY_RADAR(r1, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x64, 0x0, 0x2, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xffffffff}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xc9}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3c5}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x45}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x800}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}]}, 0x64}, 0x1, 0x0, 0x0, 0xc004}, 0x40000)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f0000000740)={{0x1, 0x1, 0x18, <r9=>0xffffffffffffffff}, './file0\x00'})
ioctl$TUNSETLINK(r9, 0x400454cd, 0x118)

21:54:59 executing program 1:
sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x200, 0x70bd27, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x1)
r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x68, r0, 0x800, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x4c, 0x18, {0x67f, @media='ib\x00'}}}, ["", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x20044080}, 0x168fb9202dc24a03)
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000002c0), 0x4800, 0x0)
r2 = memfd_secret(0x0)
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000300), 0x311500, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x6aa8f5cb15cdc9d2}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x74, 0x0, 0xc01, 0x70bd28, 0x25dfdbfc, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x4}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0xfffffffffffffff7}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_SOCKETS={0x24, 0x7, 0x0, 0x1, [{0x8}, {0x8, 0x1, r1}, {0x8, 0x1, r2}, {0x8, 0x1, r3}]}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xe8}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x3}]}, 0x74}, 0x1, 0x0, 0x0, 0x400c0}, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r1)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r3, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x34, r4, 0x2, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x3349cce3, 0x7f}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040804}, 0x4080)
ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000000580)={{0x1, 0x1, 0x18, <r5=>0xffffffffffffffff, {0x2}}, './file0\x00'})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), r2)
sendmsg$NL80211_CMD_DEL_TX_TS(r5, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x14, r6, 0x10, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4008014)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r1, &(0x7f0000000880)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000840)={&(0x7f0000000740)={0xec, r4, 0x800, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6, 0x54}}}}, [@NL80211_ATTR_REKEY_DATA={0x18, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="adb952f7fbc2d5fc40b80c8a46c3897c"}]}, @NL80211_ATTR_REKEY_DATA={0x10, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "024e809a120253ce"}]}, @NL80211_ATTR_REKEY_DATA={0x9c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="3579edbba7597175d765fa337e5bf870b2f0aa8f4225add8"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="b909c4ec0ec6eb0e9513b6c13db6dd48"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="f1ef038350061267f6868fb2b2df032159190c1ceb6143f836712490f27c1389"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="b625eb25a777e5c105290efe58ac38c342be7ce4f97fbea3"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x80}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="f0f9fa4c629e0668096602af61192c42"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "f32a79e6772b5b3a"}]}]}, 0xec}}, 0x800)
getsockname(r2, &(0x7f00000008c0)=@pppol2tpin6={0x18, 0x1, {0x0, <r7=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, &(0x7f0000000940)=0x80)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r7, 0x40049366, &(0x7f0000000980)=0x1)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f00000009c0)={{0x1, 0x1, 0x18, <r8=>r7, {0x6, 0x2}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f0000000a00)={{0x1, 0x1, 0x18, r8, {0x1f}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_FAIL(r8, 0xc0189377, &(0x7f0000000a40)={{0x1, 0x1, 0x18, <r9=>0xffffffffffffffff, {0x6, 0xfff}}, './file0\x00'})
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r9, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000b40)={&(0x7f0000000ac0)={0x44, r6, 0x800, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x7f}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xa}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x62}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x57}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000001}, 0x20000001)
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c40)={0x68, 0x0, 0x20, 0x70bd2a, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x5}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2b76}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x12c}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x100}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)

21:54:59 executing program 2:
ioctl$TUNGETIFF(0xffffffffffffffff, 0x800454d2, &(0x7f0000000000)={'vcan0\x00'})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000040)={'veth1_virt_wifi\x00'})
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000080))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x349000, 0x0)
r1 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc3}, &(0x7f0000000180)={0x0, "de14fceccf73e1621f5c462f28f531a3ce0edccbb8edfb240beea297fbeeba93de78574e1308539f1947a5ae8f020fef99d3c722d2304e53658e44adf26d59f1", 0x39}, 0x48, 0xffffffffffffffff)
keyctl$search(0xa, r1, &(0x7f0000000200)='ceph\x00', &(0x7f0000000240)={'syz', 0x2}, 0xfffffffffffffffe)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x7)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000280), 0x2000, 0x0)
ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f00000002c0)={0x0, 0x5, [@multicast, @link_local, @remote, @multicast, @random="c55f0dd03cb4"]})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TUNSETTXFILTER(r3, 0x400454d1, &(0x7f0000000340)={0x1, 0x3, [@remote, @remote, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x24}]})
ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000380)={'netdevsim0\x00'})
ioctl$TUNGETDEVNETNS(r3, 0x54e3, 0x0)
keyctl$KEYCTL_MOVE(0x1e, r1, r1, r1, 0x0)
r4 = add_key(&(0x7f00000003c0)='pkcs7_test\x00', &(0x7f0000000400)={'syz', 0x1}, &(0x7f0000000440)="a743d849d35e1cca31e51937a1972b48ce894e73d04f14faccf865a3955ef499c201b1be0f7757de36f6a97a47fd9c64d230fa38342e7511219b720e2f4bd247dc0eaab53ba38a591a4062017f7b7a362b07c87866542b8fce1c71af3ca6fe05bb7e40357d4ca9d954122db4d4c4ccde8e3d77cec87b2b961e11e61277da05f056f68c47c79c026a58e11005243861d1de7437dc1beeb7597cec893ddf448e706c788eff708481bcc56d8ca9a7b703f69c223bd73d876dcc7688ad330a6b180aee6c32f4323980ec483cdc7ed32faedac9b5505370ebfef2ff3a74def165b1a5455a219d77ff7ab3c312c3926dd116ecc3f094a5d0fef734ece7d6c522ab37d781144f66582ffde1e169119b9314bafa78ef118a0e68efea0215de0ee211b02f9f1ac434092da48371d816872971d8831f2b24da58bd9e172472022bf90f1de1f75f8fed8a701215c8e63b567cd98ed180a62e49cdcf89910fb6ef24a76ba7b5b5fcc7ec437f97e826ff0c23a7883bdc19b76a0fa95eafc9369a4155aa06679aec6a0830bcc49f3785c0a8e100326ee469ad45a04f1a3b1bb1fd909f083328faa5a696090c6a421ce7c09a7baa393637fd426176a2b171e33bdf7e766a06ae88a5c905de23e5a250e31180f2679d26274d2627bcf27fc30c55e6fdc51b422ef0e7734a3fc2362e24155f0b9811b5ba72d438156f63d70d4bef78fce3144a043393c58335e7a4461635e84361ae2c1afb9705e7d714a71b57db59ea8cc690c41b1734223fa6fa29904eed59fb5ea9b6616cd5fdfe205b0843cb039926c9e4a76f902d54dff5c1d62c1aac5a8354cb22e5b81c4d3695bfef2ce4e6e873b1e7d4361558ef01a8ea9aba7728ee91bbd3b3763e036f983b587a64e18ca3a1829c21feddcb757a86013de6bfe0158853466a3acbe6a33c5f31d5c0d2f7cfd72dd3794af214628043da73565c14ff0f1b826a54026d1efd5e38fa10395870d622a83ef2b53e77dfc34c8bc5f66894533b36e43cc51c97cd594e7cc062c923f8cd6c8e7d1eda6def58f4ea1bed66ec21fe7c130d641e50662d7a8faa109e9ceadd9f2526ea633786f4e493d2b97b22a39a1840a056cf9dc0bd5470bd9fe21c4dccc7370968caf91a1095946494b7d8bebc756a8ed06887922aa4ec29cbc3cc4a610f4ffbbc8e7274fe9b0fcc558e9607f7dfd06b6024d224ddedf6c314f0717d2f8ca2a3fa0883a66692a0d195f5827b876ce24d2526e3fe6a98d49cd05537d0a26b025290033779c5e0dbec3cf813cd125a1f412901a6ce3725186158c10b0e98702862995ad42dad71469ea70e4e4bb1bca4faf1205e2f50cd6c830d4c39a77ac3381f51c959627df5202010457c175f5e8558aa204e213e7315c15f37bd3f59a2d0d1a7cd4d5492f98601810bab232a3b51f72a647abc0994109c187e06f4552777b8b3fb275dd06f96776baa19472414d723694cd9da3765c8cfb237f28caa49a0e56a5baec0a65fa554ce1fd484eaf3ef842f8f86ec99d3a1e94b927cf300ea6551021ba74ac858c80188d75cdd001b812334d2fdd64b0ce6fe445272aa51fc126430e35abac924032bac575220a94a883aa9e1df974d81ea7b2a8082490c4c88fa81476589f8932922892951957a59cd6f278d0258d5cd24a6efd51eddb1bacaaf6f7ee19b900e52330db3455fdabb56e17fe6906aed9c9d2b858f81003386f2ba53e0220719ea87e3acfbddf47a2e397622c16295bbf75a02acb4e6ffb3805c6323209bd4227b59d5a174c01086c4dc9bb74b0aac8667ba59f950e2d9f6a486430c8de5be977dea6cb0178d2177bf7b7926d1f88595ca80cfd0db813cf062068d62e12b9d27c32abe37478b2dc28f8565020129080f2220081df217a1f178710d5f9c7edfe083ee8e5037b47b7014f7ca705282d5c45803d89f25c2397d26426c866c58f1badfdea07a67f50cc2929d6833cea4170f39e1a20ec8a51fe8e053f004a3fbef2ce1e57e33023e3ebe76da586208d9902ee4bcf4e65574b2a5c9548afd9a0201f3e49a793586dd15bc81252bd442a2be8986d166247f3075ec7c5f50e9028df6fd8d6d3320070b096d16d318e037df8d9fee865839e3cc80607d80c97a5a3a277597e496fac081f95ad3c28665c9eed2f93adcb197ac835881ae2776f58c79b71ecc066168479c94959b9e77636abd358b0301f7b8eabe08e4afdfcc427f34767bb6eb91144df2e09a76bab1aeb00269103d848af5f486e5d093602d335056bb019624a113c81542dd42709c71d9598873f01f070d562c09a2e7ccaac597af53455acf6e83b96de64e544aabb86047905682ae91d86df3a056637707c3e18f4a77b58db0c1e24c9013d76582808b8f95c3cecb3010b0f53e2824c8dc740a53a2e9f6e645cc423374ce26ed885dfb704e0ddae3dfcba8312e12cfe6560e2efc6be38cb27dbe76a0d9bf75b70831c99ada78e70997b3a2511756f510555f46c1d720c81110818a7946d92eeca8577cb210f5993ed46c199d33b42583310446657fe04c6eea64dd0c5d14d790a65d86f66653bcf88bf1ea48d01b8855f2588671d72013e7adf296de39361d26018da514ef6dd6b89746fb4ca661f7d9ded1498524e4691326feb5050ca9ad2f17793dfcdc22bcf01df2f5a20ce663857c295698f0065e5cd01f9a77a3c91d60f27cbe1d451dc62a9f4905f65d4854e2ac8de4fe6f538140e6d8639ab62fdcc97a09edea9f6d97bdaba2d9843d0984e5c41fff6a6f18b25d1b68c42b65521fee392ff7df17faeccf866a8e7cb09a119373f4b6ec2b2eec7b5d46c1b5f4c0af371a25b3460ca5c52fc046649588ba1265bbab2db9c7bc5e663c9af2e00f8e304e735e39d6efbcddbcf766f53d1e102eb9ea425a7da6f48f13745a492e5ab5d9505773a605ee05b1b3926a9552f9da732879a9ea7df3f4c1ef1993fcf3b5e6eea03629371310c5a76b2090bf163fb6b6e7a05bc8cc8a86516cb357c8f5a77a247d3ea8c01b7f5fc11baad2820e86bbd12425a4f3f51ba9291e58658f8a37a885dbe9e7e78c23f4085515badda35c53a8eaa372b13499fb09583eed3ce590d40305905c8f4d0eacd80b35db5f486b498f09fccb5fa8eb369139d074b81b617f7a20579e7888de5f38b96a7195cecd4d1fcab4d0de4a2572ca5a523fd874ca05e4bd4cd43c4643addd7d53ca39610b5738b6fbfcb4fdbdc13375f1a393f4a8601f95e6473ac27c95878f76ed8f310934570dc37db1dbbfe5a222893a996a0c45fdb616e5b3a88b81d86edf1c8b7840299b2f5f867011e87bb82f71080b6e116e917b5a4243c5f5dbfe58a3bbe4134aabf744ff7cea0f34d8d7b8ecab0a05f06ea25e3f1d0ed8c124c425d9ccf5fba9ccfd5581850d3ffccbcdac8088dfe0225e4b7781ab9a5949d7a1b40f43ad5fa5bffe78336f59bead36dcb548ab9916d97a79aa784887a1a26fb4a09e3a3ae34787ade1d7d9e1b43278c0fe0aebe06bf11979a7833ac83bcba826ae2bc616c502c505f74aae36698f3cbc09d804e93997eaad124772ee2368eb9c6aa4583635bd1fe7914a30d2ab9ac4eec356b665ef90e720b3bfe8e6546a557ede18ca27d0fe2d45e3b4e5b2aadb2ef2a3f83b18f5842922903cba5dc9d6abb4288d17b64a041dd871abccd2ded677fc35b5a1d18039f060b55512cc7cb7adaa7876d69e932824d44d2787fb0b8154413bf2959cf4a17bf96aa23852dacb1195ce1ee2e928161e278da1999bb5cd5137388023fb4fb0821d55c9278afc45ae7e5f1715dad8ba9587c5216b288e4e0ac6ba480b376345946035a16b83698454a2fd4607c2d9cd9062190640141127f4dc67f8662fe15d6b04ec8997f56013f4946ad18cfa6727c33d9e4b762fe3e5f4c67f13ba504e6e88a0eede313a595e9792d1c3b6a8468c40d55185f8a7881f7144db57e03dc609c02478edd97de15773cf249eb5fed13920f11c7e1e91d18bfc8e4f53d1e68950784d9c822c6d900a13e85c158d0ae543a3f3d6611b04833ba0060768658b804fe9da2446e712158bb3f54f00ee02dcd771a65cb10a0f8a3eea239b1b09cb47f348b9ba95624a78a009e3b72882c6a628f888bde8541412c06e341f08b84cf56d13d53d7254412636a5c017550c9b3c784bb27cdb39397377fdddef682284eb474c11e10765301e694c626a762c1e810e3cd85fb18c7ab7425b0d8ea8500db34770efa1371419d635ec1ab633ed61d9ae5bc1867297d6f22be0a014f2b06c1cc5723abf4ae6d078ba87a9d6c2c119f60d6d00d45e37efe8903a4cda7d5dcd81c005ea4d990c9949f8d312e21591c4854eb7a2fc52ce8db05a1771d90f7e21f0eab2c77457465a5c7ab1aab9156996e84e556f974ab896fccdc61cc161ffc6a2d0f0b63a494f3f6d6ed80aab5f9e9b499f377a25541892adda7a764b0665de93c4f7256545975e7adfbdc93c6543dac974392c6d9f470c25a792addbf340784acf4b88c577451eeabe7596c236bf025113458481094532189d33db75b8268cd42cd901078ea7b6f121217553c607b6ac0f1b9a39690370b272ab8855ff1321c0fc08a77b98046746c9d8292b71917823d16efd903bd2cae6286d259ad92e3d115ccbb08aadfc931ba0a940b72acd8927b24c375c2b72751f838141f1e1f9245f8a6da2a13fe1a1743c323892e13f369a12221ff08eae1dc13dd43a0a49457222f053a42b93482fa1a4ee82436609e648b3285112eb872a40504031be7466b70570ef444ec98512f4935f98e077094553e2a6413b33f0d85edeb3b3618b9d65a50ac4af68fed2faea20aa9e1501043718b3b514a484d669e9766d0c1c0d4bcc2b42c2d5ae9a0cd817388fefc269fd26bbeec322e9e07cc95a8ac47cff28c23f523bed6aca681c5abecb9283db64bb036346d235b2119e31f5db45bc915d914fa9f5c9d52f9bb37b10bb5662b0d8c6b94ab984c58fd0ac1627b4fdf732e4be87e636a7ab70e57cf8008ce9847ba7756bb55d0f478bc4e76f0b197e99a9d9aeb8d074c42e3fc15c91de6be6ebb81e007a339c63cd532eba98e4cf4ac1e0e3eff27d0a01c45705a78553ae578a6ef8ab1f217db1d916c3693a5a81440275f3d326abbbeee79bf9bb00e4c7f916f4808e5cc57270c3a286b96da22fdf39163e448b0658cdf3db47cc3ad032f095c9f25023b35dacc001368c8354029284ad9422f521cb7b2a6ceadf32e39b21272286a4341b80b25a20663109a5de555050c22f9ff7aca4fe6b3920e93732956fdc9ec30bdf89b513bfe3fbca353842de8941434ec85b6c387b4a701811b2a48122d4375bc3e221367577a8d823a3683256f151108995424a3cd5ee97d49c4bc02ef1e70f9a2cbb28b4b518959634675e3ca23349978e5e16d6337bd8902c8ed25fb18f5bc8eb0ffd9743310e0489f43beacb3fc1773b43df6657950061bdf97633725c12c4ec0792ff29cf8eaec0d3f2649d35bc7bec2d3c87135685da04c2fc2d427cfbd9f8f34a120e6edb836508ebf8eea4ede73314120283272daad568721b5675de9d2978bd8189658e77a56cfbdf0f6572130702d85349662d274285d5eab77a6ba94a1c8d15f3151f8324cddf9b883ea9a40ac50023a578269c047736c75a0882829deee0315c127ec8ebe6f6fb7a046915a4391d1192dee6eadfd658df8e785b027d7010bc51b35a8f7ebfc18f6ea1629d86b8cfd1824fbf11b2922b9b54170dfe4cb72c2ab99e492298194ae8f031394a88968691d010d76029b743c2f7a5979069c4102874", 0x1000, 0x0)
keyctl$search(0xa, r4, &(0x7f0000001440)='syzkaller\x00', &(0x7f0000001480)={'syz', 0x1}, r1)
keyctl$restrict_keyring(0x1d, r1, &(0x7f00000014c0)='.dead\x00', &(0x7f0000001500)='vcan0\x00')
keyctl$reject(0x13, r4, 0xc444, 0x5, r1)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000001600), &(0x7f0000001640)={0x0, 0xfb, 0xa2, 0x2, 0x7, "ebae0abdf0bdef59e3e9eb8337540d12", "8c0e871db460c04fbeb1bfc99ab984bacc3c756d534e3c666e2de4430bbdd010bb07bcc390416a86dd47c6a850047eae2828f9149ccb3df64e76aba8847c8077ca6bc162ae0470ed1512b5fc1eade848738525e6fbe7d0fd6148eb630d5f910ff31cf5e31ae67a95c9ea4ad54099b805003394785f2897ad73c05bd7e871f646e8ccdb724a08d44f7b4c1d058b"}, 0xa2, 0x1)

[   84.747569] audit: type=1400 audit(1737323699.100:7): avc:  denied  { execmem } for  pid=274 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
21:54:59 executing program 4:
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x68, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {{}, {}, {0x4c, 0x18, {0x32, @link='syz1\x00'}}}, [""]}, 0x68}, 0x1, 0x0, 0x0, 0xc871}, 0x800)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0xd0, 0x0, 0x0, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x81, 0x2e}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x18}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x384}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1f}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x26e}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x15}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x63}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x9663a617ac6e5bb9}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x28}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1c4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a8}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x89b4}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x312}], @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0xd0}, 0x1, 0x0, 0x0, 0x10}, 0x800)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x38, 0x0, 0x808, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x5}, 0x8040)
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x30, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {{}, {}, {0x14, 0x18, {0x400, @bearer=@udp='udp:syz1\x00'}}}, ["", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x8801)
r0 = memfd_secret(0x80000)
ioctl$sock_ifreq(r0, 0x8946, &(0x7f00000005c0)={'virt_wifi0\x00', @ifru_ivalue})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000800)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000007c0)={&(0x7f0000000640)={0x15c, 0x0, 0x4, 0x70bd28, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="fd5b49f901f0"}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x4}, @NL80211_ATTR_IE={0x11e, 0x2a, [@sec_chan_ofs={0x3e, 0x1, 0x2}, @tim={0x5, 0xe0, {0xff, 0x55, 0x0, "0c3a71fb3b4c994f68c5667acd9367c3dffa5b888ec5c5c04d89d4517ba70cc4383cbe1ebb7ea283e0816860c57c0e5b7b0cd850233ed5ad32546393813d00e297e1107a467526da46bbc910382a7ee8d0323a7d1e9c8fa6eae7c81f2932f724409ea0091f6bbf5ca40a9c6f13d0855772077e1e6ac7c29c0f21ad404429b3320910757d09ce2bbc4e23ab95e390bdd1c7899402df512368fd729e21af2c0d99500c1fe29bdb0719aa49b8a123c1a950cc5ba210009a85511eedeb3542876c20064545c1208466fb20a44d2c9dd6b711178258eec7e2f88c971e179a7f"}}, @rann={0x7e, 0x15, {{0x0, 0x20}, 0x0, 0x1, @device_a, 0x1, 0x8, 0x1ff}}, @chsw_timing={0x68, 0x4, {0x2, 0x7ff}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x8, 0x7, 0x3f}}, @mesh_config={0x71, 0x7, {0x1, 0x1, 0x1, 0xffffffffffffffff, 0x1, 0x3, 0x40}}, @chsw_timing={0x68, 0x4, {0x8c, 0x800}}, @dsss={0x3, 0x1, 0x8c}]}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0xc}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x80}]}, 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x801)
ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000840)={'team_slave_0\x00', @ifru_mtu})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000880)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x2c, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xb5}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2f1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x41}, 0x4044090)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f00000009c0)={{0x1, 0x1, 0x18, <r2=>r1, {0x5}}, './file0\x00'})
sendmsg$NL80211_CMD_RADAR_DETECT(r2, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x4c, 0x0, 0x10, 0x70bd28, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x197}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xc81}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x971}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x19}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4004090)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFCONF(r3, 0x8912, &(0x7f0000000c00)=@buf={0xbe, &(0x7f0000000b40)="e4525b728fe5d714a31a161402e0bd648a62f501b3530e9a08bbcd194dfbcf811771f33f9280644954a59cd65ea6a7822392aad751ad4001da5e3e7c7132bb56d509a5f243dc61e95d20a9a78c5541d5a0129e1da550b79829f54f87d1843eb84dd1a4f651516cae521a1ac98f6a5ffa6db4613a7e31c25ce920b18907e3a5a5cc006c1012c5c6d120fea0d2f768933d943c8aa3ec9fadbebe4b4c5f9e99bd7111bc7e0649f0e1a360572c375c97d013e628ebecc674dfa2eb07ddfe9003"})
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000c80), r1)
sendmsg$BATADV_CMD_SET_VLAN(r1, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x3c, r4, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x99ef}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000020)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000dc0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000000e80)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000e00)={0x1c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, ["", "", ""]}, 0x1c}}, 0x1)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), r3)
sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000001140)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001100)={&(0x7f0000000f40)={0x198, r6, 0x400, 0x70bd26, 0x25dfdbfe, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}]}, 0x198}, 0x1, 0x0, 0x0, 0x400c5}, 0x4000041)

21:54:59 executing program 3:
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x0, @generic={0x2c, "d9639ae96969bfa40524a02aab83"}, @ethernet={0x6, @remote}, @tipc=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x0, 0x3}}, 0x2177, 0x0, 0x0, 0x0, 0x259, 0x0, 0x0, 0x2, 0x3})
sendmsg$DEVLINK_CMD_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xac, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@pci={{0x8}, {0x11}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0xac}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
r0 = socket(0x1a, 0xa, 0x7)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x20, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x4008000)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000340), r0)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), r0)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r2, 0x10, 0x70bd25, 0x25dfdbfe, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0xb6857d0fb3cbabaa}, 0x24000090)
socketpair(0x1d, 0x3, 0x75c9, &(0x7f00000004c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$DEVLINK_CMD_SB_POOL_GET(r3, &(0x7f0000000680)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x112}, 0xc, &(0x7f0000000640)={&(0x7f0000000540)={0xfc, 0x0, 0x208, 0x70bd2a, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0x6, 0x11, 0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0xdf}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x1}}]}, 0xfc}, 0x1, 0x0, 0x0, 0x40004}, 0x11876caa538516ba)
sendmsg$BATADV_CMD_SET_HARDIF(r3, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x64, r1, 0x10, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x7}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="ae40f609e917"}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x6}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_HOP_PENALTY={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x8000)
r5 = openat$null(0xffffffffffffff9c, &(0x7f00000008c0), 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000900)={'batadv_slave_1\x00'})
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000980), r4)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x24, r6, 0x0, 0x70bd2c, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x7}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x20000000)
r7 = memfd_secret(0x80000)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r5)
sendmsg$NL80211_CMD_REQ_SET_REG(r7, &(0x7f0000000dc0)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000d80)={&(0x7f0000000b00)={0x258, r8, 0x8, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0xc0}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x23}, @NL80211_ATTR_REG_RULES={0x6c, 0x22, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x4951}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x3}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x80000001}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x5}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xfffffeff}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x401}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x60c}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x8}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x10001}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x2}]}]}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'b\x00'}, @NL80211_ATTR_REG_RULES={0x1a4, 0x22, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x200}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x99}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x1}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xd0}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x101}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x2}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x6}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x4}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x80000001}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x5}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x400}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x6}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x2}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x80000001}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x5}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x1}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x2}, @NL80211_ATTR_DFS_CAC_TIME={0x8}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x10001}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3ad}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x101}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3}, @NL80211_ATTR_REG_RULE_FLAGS={0x8}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x80}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x6}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x5}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x562}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x9f89}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x5}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xff}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x8000}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0xfffffffb}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x100}, @NL80211_ATTR_FREQ_RANGE_END={0x8}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x6}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x9}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x800}, @NL80211_ATTR_DFS_CAC_TIME={0x8}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x6}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0xff}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8}]}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x51}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x258}, 0x1, 0x0, 0x0, 0x804}, 0x20000000)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000e00)={{0x1, 0x1, 0x18, <r9=>r3, @out_args}, './file0\x00'})
sendmsg$NL80211_CMD_DEL_INTERFACE(r9, &(0x7f0000000f40)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x1c, 0x0, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x400c084)

21:54:59 executing program 5:
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000000)={<r0=>0x0})
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, 0x6169, 0x8f, 0x1})
ioctl$RNDZAPENTCNT(r1, 0x5204, &(0x7f0000000100)=0x6)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r3=>r2}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r4=>r1, {0x2}}, './file0\x00'})
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000200)={0x5, &(0x7f00000001c0)=[{0x9, 0x1, 0xbe, 0x2}, {0x400, 0xff, 0x0, 0x7}, {0xf15, 0x0, 0x81}, {0x2, 0x0, 0x6, 0x2}, {0x5, 0x6b, 0x3, 0x8}]})
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r6=>r5, {0xffff1879}}, './file0\x00'})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, &(0x7f0000000280)={r0, 0x0, 0x6c60})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r7=>r4, {0x8}}, './file0\x00'})
ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc020f509, &(0x7f0000000300)={<r8=>r7, 0x1, 0x3, 0x8001})
r9 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r7, 0x40182103, &(0x7f0000000380)={r0, 0x1, r9, 0x8, 0x80000})
r10 = dup3(r8, r1, 0x80000)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r10, 0x40089413, &(0x7f00000003c0)=0x1f0d)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r4, 0xc018937a, &(0x7f0000000400)={{0x1, 0x1, 0x18, r4, {0x7ff}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000440)={{0x1, 0x1, 0x18, <r11=>0xffffffffffffffff, {0x7f}}, './file0\x00'})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480)={<r12=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_FAIL(r11, 0xc0189377, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r12, {0xffff}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r6, 0xc0189378, &(0x7f0000000500)={{0x1, 0x1, 0x18, r10, {r1}}, './file0\x00'})

21:54:59 executing program 6:
sendmsg$NL80211_CMD_LEAVE_IBSS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x4, 0x70bd26, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xffff0001, 0x65}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000040}, 0x20004054)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xffffffffffffffff, 0xffffffffffffffff}}, './file0\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_NOTIFY_RADAR(r0, &(0x7f0000000240)={&(0x7f0000000140), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x4, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x16}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x401}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}]}, 0x34}}, 0x4008000)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={<r2=>r0, 0x10000, 0x5, 0x29e8763c})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_PMK(r2, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0xb4, 0x0, 0x1, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "d56ef9b5eca3bfb7bc5c76e117185973"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "54437d6e0f79c9901d28026ee08daddc"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "fcf593c61cff5c3f58e8679608da3a96"}, @NL80211_ATTR_PMK={0x14, 0xfe, "7712143a98e01a5e3b7016fa2a715042"}, @NL80211_ATTR_PMK={0x14, 0xfe, "e33d6e7f0e3c2dd97c856f2e7a53d3db"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "6329b97da75c39bd5eab0ef82e43471d"}, @NL80211_ATTR_PMK={0x14, 0xfe, "2a16bc53ffcedbd5c5505bc199927b8b"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0xb4}, 0x1, 0x0, 0x0, 0x40}, 0x10)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x2c, 0x0, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0xa6}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xd}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4084}, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000580), 0x228040, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f00000005c0)={{0x1, 0x1, 0x18, r4, {0x7331}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000600)={{0x1, 0x1, 0x18, <r5=>r0}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_IBSS(r5, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x14, 0x0, 0x200, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void}}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x20000004)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), r5)
sendmsg$NL80211_CMD_START_AP(r5, &(0x7f0000000880)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x58, r6, 0x2, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x7fff, 0x7e}}}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_HIDDEN_SSID={0x8}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_HE_OBSS_PD={0x1c, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x3}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x4}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x9}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
r7 = memfd_secret(0x27a645031c8f8fd)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000900), r2)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r7, &(0x7f00000009c0)={&(0x7f00000008c0), 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x28, r8, 0x8, 0x70bd25, 0x25dfdbfe, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x44044}, 0x4000)
sendmsg$NL80211_CMD_GET_WIPHY(r5, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x24, 0x0, 0x200, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x27}, @val={0x8, 0x3, r1}, @void}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x20000800)
r9 = socket(0x8, 0xa, 0xffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000b00)={'batadv_slave_1\x00'})

21:54:59 executing program 7:
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x120, r0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x120}, 0x1, 0x0, 0x0, 0x40000000}, 0x4c040)
sendmsg$NL80211_CMD_SET_PMK(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x3c, 0x0, 0x8, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7f, 0x5}}}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "8e0820e7c3c35ca55775ca17da76825d"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24008890}, 0x4000810)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x40, r1, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x3f, 0x65}}}}, [@NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0xae6}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x2}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x749}, @NL80211_ATTR_CRIT_PROT_ID={0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x11}, 0xc808)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x40, r2, 0x611, 0x7f80, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x6}, @NL80211_ATTR_STA_WME={0x14, 0x81, [@NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x1}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x9}]}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x6ea}]}, 0x40}, 0x1, 0x0, 0x0, 0x4044000}, 0x40000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r3, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x14, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0x20000001)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000700), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r3, &(0x7f0000000800)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, r4, 0x100, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0x8, 0x3, r5}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x4001)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000880), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000008c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f0000000980)={&(0x7f0000000840), 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x1c, r6, 0x300, 0x6c4b, 0x25dfdbfc, {{}, {@void, @val={0x8, 0x3, r7}, @void}}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x4)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r3)
sendmsg$NL80211_CMD_SET_BSS(r3, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x3c, r8, 0x1, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x7}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x5}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x7}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x3f}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008851}, 0x400d1)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b40), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000b80)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_NOTIFY_RADAR(r3, &(0x7f0000000c80)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x4c, r9, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x31}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_CENTER_FREQ2={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x29}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

[   86.150001] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   86.154274] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   86.157393] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   86.166410] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   86.175293] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   86.177997] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   86.214851] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   86.229097] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   86.242179] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   86.249439] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   86.250280] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   86.257328] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   86.262099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   86.263423] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   86.269027] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   86.274343] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   86.277545] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   86.282745] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   86.285378] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   86.293118] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   86.303271] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   86.347075] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   86.362123] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   86.382036] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   86.387191] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   86.392140] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   86.394167] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   86.395587] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   86.398477] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   86.401721] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   86.405618] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   86.410292] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   86.412353] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   86.428975] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   86.434152] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   86.445212] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   86.450003] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   86.452265] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   86.466963] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   86.469010] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   86.471024] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   86.476050] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   86.495019] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   86.497183] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   86.507720] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   86.513729] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   86.520243] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   86.522560] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   88.280675] Bluetooth: hci0: command tx timeout
[   88.407887] Bluetooth: hci1: command tx timeout
[   88.408082] Bluetooth: hci2: command tx timeout
[   88.473165] Bluetooth: hci6: command tx timeout
[   88.473389] Bluetooth: hci3: command tx timeout
[   88.600002] Bluetooth: hci4: command tx timeout
[   88.600356] Bluetooth: hci5: command tx timeout
[   88.664899] Bluetooth: hci7: command tx timeout
[   90.327849] Bluetooth: hci0: command tx timeout
[   90.455937] Bluetooth: hci1: command tx timeout
[   90.456056] Bluetooth: hci2: command tx timeout
[   90.519886] Bluetooth: hci6: command tx timeout
[   90.519978] Bluetooth: hci3: command tx timeout
[   90.647995] Bluetooth: hci4: command tx timeout
[   90.648259] Bluetooth: hci5: command tx timeout
[   90.711827] Bluetooth: hci7: command tx timeout
[   92.375951] Bluetooth: hci0: command tx timeout
[   92.503890] Bluetooth: hci2: command tx timeout
[   92.503978] Bluetooth: hci1: command tx timeout
[   92.568394] Bluetooth: hci3: command tx timeout
[   92.568480] Bluetooth: hci6: command tx timeout
[   92.696023] Bluetooth: hci5: command tx timeout
[   92.696258] Bluetooth: hci4: command tx timeout
[   92.759919] Bluetooth: hci7: command tx timeout
[   94.423865] Bluetooth: hci0: command tx timeout
[   94.551854] Bluetooth: hci1: command tx timeout
[   94.551954] Bluetooth: hci2: command tx timeout
[   94.615901] Bluetooth: hci6: command tx timeout
[   94.615994] Bluetooth: hci3: command tx timeout
[   94.743886] Bluetooth: hci4: command tx timeout
[   94.743982] Bluetooth: hci5: command tx timeout
[   94.807851] Bluetooth: hci7: command tx timeout
[  146.701455] syz-executor.6 (286) used greatest stack depth: 23584 bytes left
[  149.165026] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  149.169990] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  149.174885] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  149.193466] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  149.202476] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  149.204608] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  149.223156] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  149.239346] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  149.245192] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  149.253833] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  149.258409] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  149.260658] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  149.330054] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  149.333370] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  149.339275] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  149.350260] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  149.354197] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  149.364973] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  149.372338] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  149.375890] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  149.377831] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  149.380388] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  149.386279] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  149.396415] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  149.407038] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  149.409031] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  149.419085] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  149.426717] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  149.429907] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  149.449894] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  149.465317] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  149.477312] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  149.479951] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  149.508609] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  149.523356] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  149.526988] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  149.660142] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  149.665205] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  149.667125] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  149.668577] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  149.673464] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  149.676018] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  149.678187] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  149.715524] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  149.719277] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  149.729224] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  149.734474] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  149.738409] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  151.256258] Bluetooth: hci0: command tx timeout
[  151.319865] Bluetooth: hci1: command tx timeout
[  151.448073] Bluetooth: hci3: command tx timeout
[  151.511972] Bluetooth: hci2: command tx timeout
[  151.576083] Bluetooth: hci5: command tx timeout
[  151.832899] Bluetooth: hci7: command tx timeout
[  151.895895] Bluetooth: hci4: command tx timeout
[  152.151860] Bluetooth: hci6: command tx timeout
[  153.304007] Bluetooth: hci0: command tx timeout
[  153.368961] Bluetooth: hci1: command tx timeout
[  153.497845] Bluetooth: hci3: command tx timeout
[  153.560028] Bluetooth: hci2: command tx timeout
[  153.624082] Bluetooth: hci5: command tx timeout
[  153.882149] Bluetooth: hci7: command tx timeout
[  153.945301] Bluetooth: hci4: command tx timeout
[  154.200343] Bluetooth: hci6: command tx timeout
[  155.352830] Bluetooth: hci0: command tx timeout
[  155.415931] Bluetooth: hci1: command tx timeout
[  155.543883] Bluetooth: hci3: command tx timeout
[  155.608910] Bluetooth: hci2: command tx timeout
[  155.672849] Bluetooth: hci5: command tx timeout
[  155.928018] Bluetooth: hci7: command tx timeout
[  155.991943] Bluetooth: hci4: command tx timeout
[  156.247814] Bluetooth: hci6: command tx timeout
[  157.400539] Bluetooth: hci0: command tx timeout
[  157.464074] Bluetooth: hci1: command tx timeout
[  157.591888] Bluetooth: hci3: command tx timeout
[  157.657782] Bluetooth: hci2: command tx timeout
[  157.720833] Bluetooth: hci5: command tx timeout
[  157.976778] Bluetooth: hci7: command tx timeout
[  158.039846] Bluetooth: hci4: command tx timeout
[  158.296686] Bluetooth: hci6: command tx timeout
[  210.787924] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  210.789566] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  210.793188] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  210.796704] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  210.798979] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  210.799919] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  210.850452] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  210.852964] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  210.856474] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  210.861082] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  210.863367] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  210.864917] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  210.981379] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  210.986112] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  210.989171] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  210.996468] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  210.998612] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  211.003530] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  211.044152] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  211.049438] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  211.054353] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  211.058127] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  211.072077] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  211.076179] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  211.130938] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  211.149212] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  211.156972] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  211.169309] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  211.181922] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  211.195256] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  211.201191] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  211.205129] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  211.205320] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  211.213462] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  211.218579] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  211.221451] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  211.222695] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  211.234237] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  211.247312] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  211.336321] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  211.355875] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  211.367191] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  211.367299] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  211.398521] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  211.401970] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  211.421573] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  211.429254] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  211.436439] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  212.823893] Bluetooth: hci0: command tx timeout
[  212.952869] Bluetooth: hci1: command tx timeout
[  213.080833] Bluetooth: hci2: command tx timeout
[  213.144952] Bluetooth: hci3: command tx timeout
[  213.336067] Bluetooth: hci5: command tx timeout
[  213.400259] Bluetooth: hci4: command tx timeout
[  213.527918] Bluetooth: hci7: command tx timeout
[  213.528007] Bluetooth: hci6: command tx timeout
[  214.871871] Bluetooth: hci0: command tx timeout
[  214.999969] Bluetooth: hci1: command tx timeout
[  215.127878] Bluetooth: hci2: command tx timeout
[  215.192112] Bluetooth: hci3: command tx timeout
[  215.383978] Bluetooth: hci5: command tx timeout
[  215.448814] Bluetooth: hci4: command tx timeout
[  215.577272] Bluetooth: hci7: command tx timeout
[  215.577304] Bluetooth: hci6: command tx timeout
[  216.920823] Bluetooth: hci0: command tx timeout
[  217.047988] Bluetooth: hci1: command tx timeout
[  217.176333] Bluetooth: hci2: command tx timeout
[  217.241791] Bluetooth: hci3: command tx timeout
[  217.433778] Bluetooth: hci5: command tx timeout
[  217.495795] Bluetooth: hci4: command tx timeout
[  217.623822] Bluetooth: hci7: command tx timeout
[  217.624893] Bluetooth: hci6: command tx timeout
[  218.968823] Bluetooth: hci0: command tx timeout
[  219.096788] Bluetooth: hci1: command tx timeout
[  219.224022] Bluetooth: hci2: command tx timeout
[  219.288822] Bluetooth: hci3: command tx timeout
[  219.480882] Bluetooth: hci5: command tx timeout
[  219.543785] Bluetooth: hci4: command tx timeout
[  219.672863] Bluetooth: hci6: command tx timeout
[  219.672963] Bluetooth: hci7: command tx timeout
[  272.936635] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  272.942179] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  272.947665] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  272.953343] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  272.958452] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  272.961420] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  273.005242] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  273.008488] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  273.012125] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  273.018127] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  273.022931] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  273.027135] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  273.068095] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  273.076150] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  273.083145] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  273.101833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  273.111185] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  273.115936] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  273.131016] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  273.147135] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  273.149364] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  273.157149] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  273.171632] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  273.178979] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  273.202171] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  273.216467] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  273.226232] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  273.227545] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  273.228901] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  273.264536] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  273.265646] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  273.270014] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  273.272162] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  273.275960] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  273.288390] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  273.301882] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  273.305077] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  273.308148] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  273.315098] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  273.320625] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  273.327400] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  273.335021] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  273.350075] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  273.353603] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  273.367524] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  273.369365] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  273.380985] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  273.392144] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  275.031938] Bluetooth: hci0: command tx timeout
[  275.095857] Bluetooth: hci1: command tx timeout
[  275.223824] Bluetooth: hci2: command tx timeout
[  275.289135] Bluetooth: hci3: command tx timeout
[  275.351809] Bluetooth: hci4: command tx timeout
[  275.416751] Bluetooth: hci5: command tx timeout
[  275.416932] Bluetooth: hci7: command tx timeout
[  275.480921] Bluetooth: hci6: command tx timeout
[  277.080160] Bluetooth: hci0: command tx timeout
[  277.145858] Bluetooth: hci1: command tx timeout
[  277.271779] Bluetooth: hci2: command tx timeout
[  277.335815] Bluetooth: hci3: command tx timeout
[  277.399811] Bluetooth: hci4: command tx timeout
[  277.465875] Bluetooth: hci7: command tx timeout
[  277.465967] Bluetooth: hci5: command tx timeout
[  277.527923] Bluetooth: hci6: command tx timeout
[  279.128785] Bluetooth: hci0: command tx timeout
[  279.191789] Bluetooth: hci1: command tx timeout
[  279.320825] Bluetooth: hci2: command tx timeout
[  279.383845] Bluetooth: hci3: command tx timeout
[  279.448287] Bluetooth: hci4: command tx timeout
[  279.512017] Bluetooth: hci5: command tx timeout
[  279.512153] Bluetooth: hci7: command tx timeout
[  279.576004] Bluetooth: hci6: command tx timeout
[  281.176753] Bluetooth: hci0: command tx timeout
[  281.239872] Bluetooth: hci1: command tx timeout
[  281.367804] Bluetooth: hci2: command tx timeout
[  281.432747] Bluetooth: hci3: command tx timeout
[  281.495843] Bluetooth: hci4: command tx timeout
[  281.560749] Bluetooth: hci5: command tx timeout
[  281.560836] Bluetooth: hci7: command tx timeout
[  281.623974] Bluetooth: hci6: command tx timeout
[  335.340064] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  335.343570] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  335.344579] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  335.347140] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  335.349343] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  335.353181] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  335.359135] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  335.364133] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  335.364518] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  335.368194] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  335.373333] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  335.375851] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  335.672934] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  335.679459] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  335.681571] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  335.688434] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  335.691309] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  335.693180] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  335.699450] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  335.718193] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  335.750133] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  335.755074] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  335.761081] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  335.761746] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  335.766112] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  335.766447] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  335.773353] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  335.776901] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  335.777301] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  335.780450] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  335.781386] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  335.784079] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  335.788033] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  335.792144] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  335.795228] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  335.798644] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  335.799446] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  335.807425] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  335.808236] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  335.834323] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  335.840291] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  335.841229] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  335.846551] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  335.865163] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  335.910300] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  335.910648] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  335.922003] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  335.928404] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  337.432254] Bluetooth: hci1: command tx timeout
[  337.433183] Bluetooth: hci0: command tx timeout
[  337.751805] Bluetooth: hci2: command tx timeout
[  337.881877] Bluetooth: hci4: command tx timeout
[  337.882465] Bluetooth: hci3: command tx timeout
[  337.944858] Bluetooth: hci5: command tx timeout
[  338.072864] Bluetooth: hci6: command tx timeout
[  338.073353] Bluetooth: hci7: command tx timeout
[  339.480002] Bluetooth: hci1: command tx timeout
[  339.480209] Bluetooth: hci0: command tx timeout
[  339.800554] Bluetooth: hci2: command tx timeout
[  339.928776] Bluetooth: hci3: command tx timeout
[  339.928960] Bluetooth: hci4: command tx timeout
[  339.991930] Bluetooth: hci5: command tx timeout
[  340.120134] Bluetooth: hci7: command tx timeout
[  340.120429] Bluetooth: hci6: command tx timeout
[  341.528143] Bluetooth: hci0: command tx timeout
[  341.528244] Bluetooth: hci1: command tx timeout
[  341.847761] Bluetooth: hci2: command tx timeout
[  341.975765] Bluetooth: hci4: command tx timeout
[  341.975848] Bluetooth: hci3: command tx timeout
[  342.040208] Bluetooth: hci5: command tx timeout
[  342.167886] Bluetooth: hci7: command tx timeout
[  342.167968] Bluetooth: hci6: command tx timeout
[  343.575795] Bluetooth: hci0: command tx timeout
[  343.575888] Bluetooth: hci1: command tx timeout
[  343.895836] Bluetooth: hci2: command tx timeout
[  344.023831] Bluetooth: hci3: command tx timeout
[  344.023919] Bluetooth: hci4: command tx timeout
[  344.087776] Bluetooth: hci5: command tx timeout
[  344.215815] Bluetooth: hci6: command tx timeout
[  344.215899] Bluetooth: hci7: command tx timeout

VM DIAGNOSIS:
22:00:08  Registers:
info registers vcpu 0
RAX=ffffffff81a49468 RBX=ffffffff864c9ecc RCX=ffffffff81a4959c RDX=0000000000000000
RSI=ffffffff868408e4 RDI=ffffffff864c9ecc RBP=ffffffff864c9ecc RSP=ffff88806ce099c0
R8 =ffffffff868408e4 R9 =ffff88806ce09ab8 R10=000000000003ab4d R11=0000000000022a6a
R12=ffffffff864c9ecc R13=ffffffff864c9ecc R14=ffffffff864c9ecc R15=dffffc0000000000
RIP=ffffffff81348519 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007feae4d8d368 CR3=00000000167dc000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=756e696c2d34365f3638782f62696c2f XMM01=322e6f732e6c6462696c2f756e672d78
XMM02=00322e6f732e6c6462696c2f756e672d XMM03=78756e696c2d34365f3638782f62696c
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000400 RBX=00000000000000fb RCX=ffffffff81663ce0 RDX=0000000000000000
RSI=00000000000000fb RDI=ffffffff857f3ba0 RBP=0000000000000000 RSP=ffff888009747b58
R8 =0000000000000000 R9 =fffffbfff0c8043a R10=0000000000000001 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=ffff888009618000 R15=0000000000000000
RIP=ffffffff81320572 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe5900000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000562f49747080 CR3=0000000029c88000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffffffffffffffffffff XMM01=2f7273752f3a6e6962732f3d48544150
XMM02=000000000000000000ff000000000000 XMM03=00000000000000000000ff00000000ff
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=5f45424f5250444f4d0068563a623a6b XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000