Warning: Permanently added '[localhost]:24642' (ECDSA) to the list of known hosts. 2025/01/23 07:26:12 fuzzer started 2025/01/23 07:26:13 dialing manager at localhost:38529 syzkaller login: [ 62.599699] cgroup: Unknown subsys name 'net' [ 62.687448] cgroup: Unknown subsys name 'cpuset' [ 62.729544] cgroup: Unknown subsys name 'rlimit' [ 69.160590] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/23 07:26:33 syscalls: 200 2025/01/23 07:26:33 code coverage: enabled 2025/01/23 07:26:33 comparison tracing: enabled 2025/01/23 07:26:33 extra coverage: enabled 2025/01/23 07:26:33 setuid sandbox: enabled 2025/01/23 07:26:33 namespace sandbox: enabled 2025/01/23 07:26:33 Android sandbox: enabled 2025/01/23 07:26:33 fault injection: enabled 2025/01/23 07:26:33 leak checking: enabled 2025/01/23 07:26:33 net packet injection: enabled 2025/01/23 07:26:33 net device setup: enabled 2025/01/23 07:26:33 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/23 07:26:33 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/23 07:26:33 USB emulation: enabled 2025/01/23 07:26:33 hci packet injection: enabled 2025/01/23 07:26:33 wifi device emulation: enabled 2025/01/23 07:26:33 802.15.4 emulation: enabled 2025/01/23 07:26:33 fetching corpus: 0, signal 0/0 (executing program) 2025/01/23 07:26:35 starting 8 fuzzer processes 07:26:35 executing program 0: sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x88000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0xa1c7}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000100), 0xffffffffffffffff) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x82}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, r1, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x8080) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0) sendmsg$NL802154_CMD_SET_CCA_MODE(r0, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x48, r2, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_CCA_OPT={0x8}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x3}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x810}, 0x800) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000480), r0) sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x40, r4, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast1}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast1}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x88c4) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r5, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, r4, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8a4}, 0x4041) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000680), r6) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000700), r5) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000740)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(r7, &(0x7f0000000800)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x2c, r8, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@NL802154_ATTR_TX_POWER={0x8, 0xb, 0x40}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x4040) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_START(r10, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x14, 0x0, 0x100, 0x70bd27, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20004040}, 0x20008000) 07:26:35 executing program 1: r0 = semget$private(0x0, 0x3, 0x1) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/196) r1 = semget$private(0x0, 0x2, 0x400) semctl$GETPID(r1, 0x2, 0xb, &(0x7f0000000100)=""/78) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000180)=[0xf32, 0x5, 0x4, 0x7, 0x20, 0x7fff, 0x0]) semop(r0, &(0x7f00000001c0)=[{0x2, 0xd15, 0x1800}, {0x2, 0x7}, {0x1, 0x81, 0x1000}, {}], 0x4) r2 = semget$private(0x0, 0x0, 0x6) semctl$SEM_STAT(r2, 0x0, 0x12, &(0x7f0000000200)=""/126) r3 = semget$private(0x0, 0x2, 0x0) semctl$IPC_INFO(r3, 0x3, 0x3, &(0x7f0000000280)=""/132) semctl$SEM_STAT(r3, 0x2, 0x12, &(0x7f0000000340)=""/168) r4 = semget$private(0x0, 0x4, 0x39a) semctl$IPC_INFO(r4, 0x3, 0x3, &(0x7f0000000400)=""/4096) semctl$GETPID(0x0, 0x2, 0xb, &(0x7f0000001400)=""/4096) r5 = accept(0xffffffffffffffff, &(0x7f0000002400)=@sco, &(0x7f0000002480)=0x80) accept$inet(r5, &(0x7f00000024c0)={0x2, 0x0, @loopback}, &(0x7f0000002500)=0x10) r6 = semget$private(0x0, 0x2, 0x151) semctl$GETPID(r6, 0x2, 0xb, &(0x7f0000002540)=""/32) semop(r0, &(0x7f0000002580)=[{0x3, 0x80, 0x800}], 0x1) semctl$GETPID(r2, 0x1, 0xb, &(0x7f00000025c0)=""/229) 07:26:35 executing program 2: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000000)={0x7, 0x6, 0x5, 0xc8f1, 0x2, 0x8ec9, 0xe9c7, 0x7}, &(0x7f0000000040)={0x80, 0x551a5804, 0x1, 0x5, 0x6, 0xffffffffffffffff, 0xfffffffffffffff8, 0x3}, &(0x7f0000000080)={0x7fff, 0x1, 0x10000, 0x0, 0x9, 0xd2, 0xffff, 0x1}, &(0x7f0000000100)={r0, r1+10000000}, &(0x7f0000000180)={&(0x7f0000000140)={[0x2]}, 0x8}) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@FOU_ATTR_IPPROTO={0x5, 0x3, 0x2f}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20044801}, 0x40440c5) semtimedop(0x0, &(0x7f00000002c0)=[{0x1, 0x1, 0x1800}, {0x4, 0x7ff, 0x1800}, {0x4, 0x8001, 0x1000}], 0x3, &(0x7f0000000300)={0x77359400}) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(r2, &(0x7f0000000500)={&(0x7f0000000340), 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x5c, r3, 0x400, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44}, 0x4) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), r2) sendmsg$NL802154_CMD_NEW_SEC_KEY(r2, &(0x7f0000000700)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xd8, r6, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x64, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "eaeb5032565ae3077d0cc2ec9c30dc84"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "b0022255f19b94029a30e6ce95289bf4"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "cfcc1804f70d237dd548ed9270ed40b32dfbfc1de7ced69972ffe2b5f4a564cc"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "3795a3b1f0525237b7af65b6c2e4c31b"}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_KEY={0x44, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x14, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}]}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "c2d59c9de7e0639a89cdffb51b303267093fe171facd7abdb620d15dbe565af1"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xa2}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) setpgid(0xffffffffffffffff, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000740), r7) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), r7) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000800)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r8, &(0x7f0000000a40)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000840)={0x1ac, r9, 0x4, 0x70bd28, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_SEC_KEY={0x118, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "532e1d236c263bf253c2e4e08c1a910e43fb86f20efe20d8ff8f5f09d5b9354a"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "56fbc69a3ffc2af586483160de483316b76de006da6e95932844d1156a90a93a"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "3fb4147a19a7187f6b348be217ecf0df"}, @NL802154_KEY_ATTR_ID={0x6c, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xfff}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x58, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0x100}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x2}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "456bdc7694719ee1af715432a8b512480c5551007bb1a9cc0971a86102b06496"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x63}, @NL802154_KEY_ATTR_ID={0x10, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xc039}]}]}, @NL802154_ATTR_SEC_KEY={0x48, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x44, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x10000}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x800}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xd6a}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x40}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}]}]}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x1ac}}, 0x20040000) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000a80), r11) 07:26:35 executing program 3: getrusage(0xffffffffffffffff, &(0x7f0000000000)) waitid(0x1, 0xffffffffffffffff, &(0x7f00000000c0), 0x0, &(0x7f0000000140)) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x84, 0x3, 0x1, 0x201, 0x0, 0x0, {0x2, 0x0, 0xa}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x3402}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @private0}]}, @CTA_SYNPROXY={0x14, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x1555fb10}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x8000}]}, @CTA_SYNPROXY={0x2c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x3a42c52}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x101}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x81}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0xb05f}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x1406}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x3}]}, 0x84}, 0x1, 0x0, 0x0, 0x4}, 0x80) getrusage(0xffffffffffffffff, &(0x7f0000000380)) ioctl$CDROMSTART(0xffffffffffffffff, 0x5308) waitid(0x1, 0xffffffffffffffff, &(0x7f0000000440), 0x8, &(0x7f00000004c0)) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000580), 0x1, 0x0) write$rfkill(r0, &(0x7f00000005c0)={0x49, 0x3, 0x2, 0x1}, 0x8) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x2c, r1, 0x300, 0x70bd2b, 0x25dfdbfc, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xfffffffffffffff9}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xc}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) ioctl$CDROMREADAUDIO(0xffffffffffffffff, 0x530e, &(0x7f0000000780)={@lba=0x7f, 0x3, 0x28, &(0x7f0000000740)=""/40}) read$rfkill(r0, &(0x7f00000007c0), 0x8) pipe(&(0x7f0000000800)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = mmap$binder(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x1, 0x11, 0xffffffffffffffff, 0x2) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000d80)={0xf8, 0x0, &(0x7f0000000c00)=[@reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000840)={@flat=@weak_handle={0x77682a85, 0x0, 0x1}, @fda={0x66646185, 0x3, 0x1, 0x1}, @fd={0x66642a85, 0x0, r0}}, &(0x7f00000008c0)={0x0, 0x18, 0x38}}}, @clear_death={0x400c630f, 0x1}, @free_buffer={0x40086303, r4}, @transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000009c0)={@flat=@weak_handle={0x77682a85, 0x1000, 0x1}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000900)=""/159, 0x9f, 0x2, 0x17}}, &(0x7f0000000a40)={0x0, 0x18, 0x30}}, 0x400}, @reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000b40)={@ptr={0x70742a85, 0x1, &(0x7f0000000a80)=""/49, 0x31, 0x2, 0x37}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000ac0)=""/100, 0x64, 0x1, 0x40}}, &(0x7f0000000bc0)={0x0, 0x28, 0x40}}, 0x40}], 0x5b, 0x0, &(0x7f0000000d00)="03ceddf1bd99184914949dd3e44eb51700b8f590d4149d687fa2b1b634d53481ea1e768f6ac80f2ad1b13e8265ba7d602677cb0d4687326ff89334e05135f2154c0d525c7b55294493f88cc26b15d835e71fe0ba48c72b186a51e9"}) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000dc0)='ns/cgroup\x00') r5 = fork() waitid(0x1, r5, &(0x7f0000000e00), 0x1, &(0x7f0000000e80)) ioctl$HIDIOCGRDESC(r2, 0x90044802, &(0x7f0000000f40)={0x21c, "eaee04b9fab86baae595fc1d74906523fba92ffa7704ff7fa30dacd65c7ff7114653c2d492300f69425e83814851dd0b8e83f7e9080d1d39e2b7d527ade511905369db7a9bc561aca653134aaf9f2a21e1939096f2146e87597b51658368a591bd057a57d1ba652d79364a274f4531c9418d501de9fb93c433db8a1f81c63602d4f73041f48b8158ea24abbac384e54e36f0e06a1ce08ba537547d04523acdd9fb2346401fa4257ccf13db4cb31ca9d551e7720972c2704a8754a8a3688532a4d9e67cdd75ce0fae1eb1c505711e43e9aea031e89996bbda1ed5f013489b50a87e24c19f486d3fe59334043e879422573036faad48d2a37ef93d8714e0a8233fb865b6cbd844ba98b1aeb12104537ed4a35590e6b0d7184470a9ada3a064a8cfde08164642cb8c16c3826302cf7a0b8a769f3ffddaa1597074db3a5ffd1a3fea7e417a855a08a92450402317d86e994714e28a5b1a47411cd082aec9ea26a0e9a9ea6953c5304ccb6f73731e625ad7e6d3f5d8b4880d9b9a7ba1f5d884930b801f0f26d004780d3181f1c8fe584d3061f1a1ec1f51c858d37c195c1cdd6b8eceb2686ffca992511c97c8f6a8a20a57363fe44a4c090bab07401ebd010052db009cb626faa2faa5ffa8d0ede266847c45427a0aa8ca97716bb2ec8fb6c30b378dfe433e05cde74bd3dbd7cb81e75d38b92720d678d41ea2c0d0b1aa94a94fa34c28e1757c12034f04a57109955a67da93374b99971c0d37d0e5be010d"}) [ 84.599041] audit: type=1400 audit(1737617195.497:7): avc: denied { execmem } for pid=275 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 07:26:35 executing program 4: semctl$GETPID(0x0, 0x3, 0xb, &(0x7f0000000000)=""/147) r0 = semget$private(0x0, 0x1, 0x851) semctl$SEM_STAT(r0, 0x0, 0x12, &(0x7f00000000c0)=""/96) semctl$SEM_STAT(r0, 0x3, 0x12, &(0x7f0000000140)=""/125) r1 = accept(0xffffffffffffffff, &(0x7f00000001c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x80) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r1, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x28, r2, 0x300, 0x70bd25, 0x25dfdbfe, {{}, {}, {0xc, 0x14, 'syz0\x00'}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4051) semctl$GETVAL(r0, 0x3, 0xc, &(0x7f00000003c0)=""/39) semctl$GETPID(r0, 0x2, 0xb, &(0x7f0000000400)=""/137) semget$private(0x0, 0x2, 0x70) r3 = semget$private(0x0, 0x2, 0x40) semop(r3, &(0x7f00000004c0)=[{0x0, 0x2, 0x1000}], 0x1) r4 = getpid() setpgid(0xffffffffffffffff, r4) r5 = semget$private(0x0, 0x0, 0x3d1) semctl$GETVAL(r5, 0x3, 0xc, &(0x7f0000000500)=""/208) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x30, r6, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8, 0x1c, r4}]}, 0x30}}, 0x4801) semop(r3, &(0x7f0000000740)=[{0x4, 0x3}, {0x1, 0x9}], 0x2) semctl$SEM_STAT(r5, 0x6, 0x12, &(0x7f0000000780)=""/83) 07:26:35 executing program 6: sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x24004811}, 0x840) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x400}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r0}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x6}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3ff}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x6}]}, 0x54}, 0x1, 0x0, 0x0, 0x60000000}, 0x44) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) semtimedop(0x0, &(0x7f0000000280)=[{0x3, 0x6c1, 0x1800}, {0x4, 0x7, 0x1800}, {0x2, 0x5, 0x41f479ff5dc19ac4}, {0x0, 0x8c, 0x800}, {0x0, 0x0, 0x800}, {0x4, 0x3, 0x1000}, {0x2, 0x1}, {0x3, 0x6, 0x1000}], 0x8, &(0x7f0000000300)={r1, r2+60000000}) semctl$SETVAL(0x0, 0x0, 0x10, &(0x7f0000000340)=0x1) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, 0x0, 0xfb93c5a0d6dcae19, 0x70bd29, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x34}, 0x1, 0x0, 0x0, 0x3d5613dc22737aad}, 0x4000481) semctl$GETNCNT(0x0, 0x4, 0xe, &(0x7f00000004c0)=""/19) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000540), r3) sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, r5, 0x100, 0x70bd2c, 0xfffffff9, {{}, {}, {0x8, 0x11, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008001}, 0x20000041) sendmsg$TIPC_CMD_SET_NETID(r3, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x24, r5, 0x800, 0x70bd27, 0x25dfdbfd, {{}, {}, {0x8, 0x2, 0x8}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x24}}, 0x800) socketpair(0x29, 0x2, 0xf3b, &(0x7f0000000740)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = syz_genetlink_get_family_id$batadv(&(0x7f00000007c0), r3) sendmsg$BATADV_CMD_GET_VLAN(r7, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x34, r8, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xb9}]}, 0x34}, 0x1, 0x0, 0x0, 0x20004080}, 0xc000) r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000900), r6) sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x38, r9, 0x100, 0x70bd27, 0x25dfdbfe, {{}, {}, {0x1c, 0x17, {0x0, 0xe1e, @l2={'ib', 0x3a, 'team_slave_1\x00'}}}}}, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x40) r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000a40), r3) sendmsg$TIPC_CMD_GET_MAX_PORTS(r3, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x141000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x1c, r10, 0x10, 0x70bd26, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) 07:26:35 executing program 5: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x101140, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x8, &(0x7f00000000c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@dfltgid}, {@posixacl}, {@uname={'uname', 0x3d, '('}}, {@loose}, {@cache_loose}, {@noextend}], [{@dont_measure}, {@dont_appraise}, {@smackfshat={'smackfshat', 0x3d, '+'}}, {@measure}]}}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x78, 0x3, 0x6, 0x5, 0x0, 0x0, {0x7, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x4008000}, 0x24000000) sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x64, 0x3, 0x6, 0x900, 0x0, 0x0, {0x7, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x64}, 0x1, 0x0, 0x0, 0x200400c0}, 0x20000000) getsockopt$EBT_SO_GET_INFO(r1, 0x0, 0x80, &(0x7f0000000440)={'filter\x00', 0x0, 0x0, 0x0, [0x80, 0x20000, 0x10001, 0x5, 0xffffffffffffffff, 0x40]}, &(0x7f00000004c0)=0x78) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000540)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f00000005c0)={'batadv_slave_0\x00', 0x0}) sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000840)={&(0x7f0000000600)={0x240, 0x0, 0x800, 0x70bd28, 0x25dfdbfe, {}, [{{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfff}}}]}}, {{0x8, 0x1, r3}, {0x4}}, {{0x8}, {0x9c, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r4}, {0x130, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x558}}}]}}]}, 0x240}, 0x1, 0x0, 0x0, 0x40}, 0x4000080) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000900)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000940)={'batadv0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000b00)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000b40)={'batadv_slave_1\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000b80)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000bc0)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r6, &(0x7f0000001280)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001240)={&(0x7f0000000c00)={0x61c, 0x0, 0x800, 0x70bd2c, 0x25dfdbfd, {}, [{{0x8, 0x1, r7}, {0x190, 0x2, 0x0, 0x1, [{0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x3, 0x1f, 0x7}, {0x8, 0xf5, 0x5, 0xc}, {0x5, 0x2, 0x7f, 0x800}, {0x2, 0x20, 0x4, 0x2}, {0x1, 0x5, 0xe5, 0x8b6}, {0x3, 0x1, 0x7, 0x10000}]}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xc7}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xc0}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}, {{0x8, 0x1, r3}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xfffffffb}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}}]}}, {{0x8, 0x1, r9}, {0x16c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3f}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8}}}]}}, {{0x8, 0x1, r11}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x190b}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6e}}}]}}, {{0x8, 0x1, r12}, {0xb4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1d4}}}]}}, {{0x8, 0x1, r4}, {0xf8, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x800}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x10001}}}]}}]}, 0x61c}, 0x1, 0x0, 0x0, 0x8011}, 0x800) r13 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_TP_METER_CANCEL(r13, &(0x7f0000001400)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000013c0)={&(0x7f0000001340)={0x54, 0x0, 0x2, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x9}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x6}, @BATADV_ATTR_MULTICAST_FANOUT={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8828}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000004}, 0x4) 07:26:35 executing program 7: r0 = socket(0x28, 0x1, 0xfffffe01) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x8, 0x9, 0x0, 0x1, 0x3, 0x8f, 0xc5c}, 0xc) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r0) socketpair(0x12, 0x1, 0x140, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r1, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x10000}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x4}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x880}, 0x10) r3 = accept$inet(r0, &(0x7f0000000200), &(0x7f0000000240)=0x10) accept(r3, &(0x7f0000000280)=@qipcrtr, &(0x7f0000000300)=0x80) ioctl$CDROMSETSPINDOWN(0xffffffffffffffff, 0x531e, &(0x7f0000000340)=0xb) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x4c, r1, 0x2, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x9}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc00c004}, 0x4080) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000004c0), 0x1, 0x0) r4 = accept$inet(r0, &(0x7f0000000500)={0x2, 0x0, @remote}, &(0x7f0000000540)=0x10) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000580)={0x0, @loopback, 0x4e24, 0x1, 'lblc\x00', 0x1, 0x6, 0x39}, 0x2c) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000600), r2) sendmsg$TIPC_CMD_GET_NETID(r0, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, r5, 0x4, 0x70bd25, 0x25dfdbfd, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000090}, 0x10) ioctl$CDROMRESET(0xffffffffffffffff, 0x5312) recvfrom$inet(r4, &(0x7f0000000700)=""/106, 0x6a, 0x40000000, 0x0, 0x0) read$hidraw(0xffffffffffffffff, &(0x7f0000000780)=""/235, 0xeb) r6 = socket(0x23, 0x80000, 0x8) setsockopt$bt_l2cap_L2CAP_OPTIONS(r6, 0x6, 0x1, &(0x7f0000000880)={0x2, 0x8, 0x7, 0x3, 0x0, 0x18, 0x401}, 0xc) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000008c0)) [ 85.873685] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.881236] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.883280] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.887267] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.894175] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.898312] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 86.123227] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 86.126063] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 86.131368] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 86.140032] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 86.141050] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 86.146223] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 86.148370] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 86.150385] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 86.154501] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 86.162234] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 86.165517] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 86.168162] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 86.197142] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 86.206195] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 86.208262] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 86.210603] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 86.225709] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 86.235508] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 86.238013] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 86.240557] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 86.246506] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 86.250256] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 86.252869] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 86.255183] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 86.255942] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 86.260044] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 86.260380] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 86.264314] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 86.264625] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 86.269053] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 86.274402] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 86.279929] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 86.283121] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 86.283926] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 86.286438] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 86.287452] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 86.289821] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 86.293264] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 86.295996] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 86.297477] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 86.298248] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 86.309120] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 87.963229] Bluetooth: hci0: command tx timeout [ 88.217934] Bluetooth: hci2: command tx timeout [ 88.282867] Bluetooth: hci1: command tx timeout [ 88.345925] Bluetooth: hci5: command tx timeout [ 88.346852] Bluetooth: hci6: command tx timeout [ 88.346897] Bluetooth: hci7: command tx timeout [ 88.409842] Bluetooth: hci3: command tx timeout [ 88.410848] Bluetooth: hci4: command tx timeout [ 90.010013] Bluetooth: hci0: command tx timeout [ 90.265952] Bluetooth: hci2: command tx timeout [ 90.330089] Bluetooth: hci1: command tx timeout [ 90.394035] Bluetooth: hci7: command tx timeout [ 90.396822] Bluetooth: hci6: command tx timeout [ 90.396856] Bluetooth: hci5: command tx timeout [ 90.458814] Bluetooth: hci4: command tx timeout [ 90.458991] Bluetooth: hci3: command tx timeout [ 92.058909] Bluetooth: hci0: command tx timeout [ 92.314037] Bluetooth: hci2: command tx timeout [ 92.377822] Bluetooth: hci1: command tx timeout [ 92.442208] Bluetooth: hci6: command tx timeout [ 92.442302] Bluetooth: hci7: command tx timeout [ 92.444756] Bluetooth: hci5: command tx timeout [ 92.506979] Bluetooth: hci3: command tx timeout [ 92.507342] Bluetooth: hci4: command tx timeout [ 94.106477] Bluetooth: hci0: command tx timeout [ 94.361878] Bluetooth: hci2: command tx timeout [ 94.426763] Bluetooth: hci1: command tx timeout [ 94.489966] Bluetooth: hci6: command tx timeout [ 94.491781] Bluetooth: hci5: command tx timeout [ 94.491856] Bluetooth: hci7: command tx timeout [ 94.554817] Bluetooth: hci4: command tx timeout [ 94.554853] Bluetooth: hci3: command tx timeout [ 144.795501] modprobe (3388) used greatest stack depth: 23424 bytes left [ 148.329311] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 148.331418] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 148.334749] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 148.348577] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 148.352400] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 148.353498] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 148.543286] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 148.546105] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 148.548397] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 148.555451] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 148.558333] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 148.560499] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 148.620628] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 148.625978] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 148.629951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 148.646960] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 148.651312] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 148.654223] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 148.655957] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 148.662433] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 148.665410] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 148.673251] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 148.679415] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 148.687230] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 148.688087] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 148.689902] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 148.698962] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 148.699153] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 148.699324] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 148.712059] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 148.719354] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 148.720355] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 148.720834] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 148.734763] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 148.746249] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 148.750161] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 148.752365] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 148.754484] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 148.756199] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 148.761539] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 148.764591] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 148.766576] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 148.781591] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 148.794379] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 148.812293] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 148.813843] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 148.832279] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 148.840491] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 150.425819] Bluetooth: hci0: command tx timeout [ 150.618265] Bluetooth: hci1: command tx timeout [ 150.746408] Bluetooth: hci2: command tx timeout [ 150.809819] Bluetooth: hci3: command tx timeout [ 150.874271] Bluetooth: hci5: command tx timeout [ 150.875636] Bluetooth: hci6: command tx timeout [ 150.938798] Bluetooth: hci4: command tx timeout [ 150.938837] Bluetooth: hci7: command tx timeout [ 152.474813] Bluetooth: hci0: command tx timeout [ 152.667778] Bluetooth: hci1: command tx timeout [ 152.794097] Bluetooth: hci2: command tx timeout [ 152.859748] Bluetooth: hci3: command tx timeout [ 152.923243] Bluetooth: hci6: command tx timeout [ 152.923344] Bluetooth: hci5: command tx timeout [ 152.985974] Bluetooth: hci7: command tx timeout [ 152.987958] Bluetooth: hci4: command tx timeout [ 154.524819] Bluetooth: hci0: command tx timeout [ 154.716891] Bluetooth: hci1: command tx timeout [ 154.842870] Bluetooth: hci2: command tx timeout [ 154.907053] Bluetooth: hci3: command tx timeout [ 154.970909] Bluetooth: hci5: command tx timeout [ 154.971109] Bluetooth: hci6: command tx timeout [ 155.035335] Bluetooth: hci4: command tx timeout [ 155.035440] Bluetooth: hci7: command tx timeout [ 156.570035] Bluetooth: hci0: command tx timeout [ 156.762328] Bluetooth: hci1: command tx timeout [ 156.889898] Bluetooth: hci2: command tx timeout [ 156.953772] Bluetooth: hci3: command tx timeout [ 157.017933] Bluetooth: hci5: command tx timeout [ 157.018239] Bluetooth: hci6: command tx timeout [ 157.083054] Bluetooth: hci7: command tx timeout [ 157.083628] Bluetooth: hci4: command tx timeout [ 210.347293] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 210.349317] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 210.352220] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 210.353964] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 210.355494] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 210.357318] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 210.363078] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 210.367257] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 210.368471] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 210.372017] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 210.376183] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 210.379326] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 210.421563] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 210.432415] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 210.434386] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 210.438435] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 210.444940] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 210.447235] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 210.466118] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 210.469437] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 210.470796] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 210.484253] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 210.501976] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 210.503462] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 210.623032] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 210.627779] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 210.639031] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 210.657673] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 210.672060] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 210.673640] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 210.690971] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 210.699293] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 210.705201] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 210.728051] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 210.731648] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 210.734615] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 210.741255] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 210.748143] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 210.753202] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 210.762614] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 210.765426] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 210.767881] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 210.772519] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 210.774882] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 210.775350] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 210.777135] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 210.785407] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 210.791722] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 212.443529] Bluetooth: hci1: command tx timeout [ 212.444175] Bluetooth: hci0: command tx timeout [ 212.506867] Bluetooth: hci2: command tx timeout [ 212.571321] Bluetooth: hci3: command tx timeout [ 212.825854] Bluetooth: hci4: command tx timeout [ 212.953853] Bluetooth: hci7: command tx timeout [ 212.954867] Bluetooth: hci6: command tx timeout [ 212.955006] Bluetooth: hci5: command tx timeout [ 214.489855] Bluetooth: hci1: command tx timeout [ 214.489971] Bluetooth: hci0: command tx timeout [ 214.555715] Bluetooth: hci2: command tx timeout [ 214.619545] Bluetooth: hci3: command tx timeout [ 214.875769] Bluetooth: hci4: command tx timeout [ 215.003023] Bluetooth: hci6: command tx timeout [ 215.003129] Bluetooth: hci5: command tx timeout [ 215.003234] Bluetooth: hci7: command tx timeout [ 216.537906] Bluetooth: hci1: command tx timeout [ 216.538268] Bluetooth: hci0: command tx timeout [ 216.603869] Bluetooth: hci2: command tx timeout [ 216.666937] Bluetooth: hci3: command tx timeout [ 216.923740] Bluetooth: hci4: command tx timeout [ 217.050826] Bluetooth: hci7: command tx timeout [ 217.050926] Bluetooth: hci5: command tx timeout [ 217.051013] Bluetooth: hci6: command tx timeout [ 218.585784] Bluetooth: hci0: command tx timeout [ 218.585881] Bluetooth: hci1: command tx timeout [ 218.651539] Bluetooth: hci2: command tx timeout [ 218.714853] Bluetooth: hci3: command tx timeout [ 218.970902] Bluetooth: hci4: command tx timeout [ 219.097973] Bluetooth: hci6: command tx timeout [ 219.098219] Bluetooth: hci5: command tx timeout [ 219.098281] Bluetooth: hci7: command tx timeout [ 272.820599] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 272.829479] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 272.837238] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 272.842485] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 272.849240] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 272.854288] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 272.900474] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 272.904102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 272.912760] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 272.938621] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 272.942244] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 272.944480] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 272.951994] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 272.954468] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 272.956146] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 272.957235] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 272.959652] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 272.970202] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 273.056929] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 273.122899] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 273.125917] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 273.129575] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 273.137402] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 273.142054] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 273.143300] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 273.143993] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 273.167509] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 273.168008] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 273.198800] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 273.210101] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 273.214981] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 273.218289] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 273.234796] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 273.243669] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 273.256352] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 273.259846] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 273.270562] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 273.290495] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 273.298360] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 273.305963] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 273.314051] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 273.331271] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 273.332366] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 273.343601] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 273.352418] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 273.353874] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 273.367985] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 273.369946] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 274.907104] Bluetooth: hci0: command tx timeout [ 275.034926] Bluetooth: hci2: command tx timeout [ 275.035433] Bluetooth: hci1: command tx timeout [ 275.225865] Bluetooth: hci3: command tx timeout [ 275.353820] Bluetooth: hci6: command tx timeout [ 275.418934] Bluetooth: hci7: command tx timeout [ 275.419408] Bluetooth: hci5: command tx timeout [ 275.545820] Bluetooth: hci4: command tx timeout [ 276.953978] Bluetooth: hci0: command tx timeout [ 277.081956] Bluetooth: hci2: command tx timeout [ 277.082157] Bluetooth: hci1: command tx timeout [ 277.273893] Bluetooth: hci3: command tx timeout [ 277.403013] Bluetooth: hci6: command tx timeout [ 277.466049] Bluetooth: hci5: command tx timeout [ 277.466258] Bluetooth: hci7: command tx timeout [ 277.594656] Bluetooth: hci4: command tx timeout [ 279.001876] Bluetooth: hci0: command tx timeout [ 279.130587] Bluetooth: hci1: command tx timeout [ 279.130738] Bluetooth: hci2: command tx timeout [ 279.321817] Bluetooth: hci3: command tx timeout [ 279.450736] Bluetooth: hci6: command tx timeout [ 279.513791] Bluetooth: hci7: command tx timeout [ 279.513883] Bluetooth: hci5: command tx timeout [ 279.641788] Bluetooth: hci4: command tx timeout [ 281.050744] Bluetooth: hci0: command tx timeout [ 281.177769] Bluetooth: hci2: command tx timeout [ 281.177877] Bluetooth: hci1: command tx timeout [ 281.369983] Bluetooth: hci3: command tx timeout [ 281.498750] Bluetooth: hci6: command tx timeout [ 281.561958] Bluetooth: hci5: command tx timeout [ 281.562403] Bluetooth: hci7: command tx timeout [ 281.689784] Bluetooth: hci4: command tx timeout [ 335.150790] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 335.153056] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 335.157703] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 335.164807] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 335.169008] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 335.171098] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 335.206873] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 335.212336] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 335.214368] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 335.226407] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 335.230952] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 335.234222] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 335.275944] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 335.281450] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 335.289256] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 335.292571] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 335.294878] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 335.297232] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 335.376187] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 335.406580] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 335.427803] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 335.480155] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 335.499029] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 335.508110] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 335.510391] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 335.513337] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 335.515244] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 335.549868] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 335.559913] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 335.561945] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 335.565516] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 335.568276] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 335.571102] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 335.574960] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 335.586531] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 335.588619] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 335.591243] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 335.596907] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 335.599010] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 335.600363] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 335.614107] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 335.614130] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 335.630474] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 335.634220] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 335.634360] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 335.636791] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 335.641620] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 335.643052] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 337.241818] Bluetooth: hci0: command tx timeout [ 337.369874] Bluetooth: hci1: command tx timeout [ 337.369951] Bluetooth: hci2: command tx timeout [ 337.625801] Bluetooth: hci3: command tx timeout [ 337.625931] Bluetooth: hci5: command tx timeout [ 337.753849] Bluetooth: hci7: command tx timeout [ 337.753909] Bluetooth: hci6: command tx timeout [ 337.754616] Bluetooth: hci4: command tx timeout [ 339.290899] Bluetooth: hci0: command tx timeout [ 339.417860] Bluetooth: hci1: command tx timeout [ 339.418101] Bluetooth: hci2: command tx timeout [ 339.675713] Bluetooth: hci3: command tx timeout [ 339.678432] Bluetooth: hci5: command tx timeout [ 339.801770] Bluetooth: hci4: command tx timeout [ 339.802188] Bluetooth: hci6: command tx timeout [ 339.802344] Bluetooth: hci7: command tx timeout [ 341.337897] Bluetooth: hci0: command tx timeout [ 341.466076] Bluetooth: hci1: command tx timeout [ 341.466716] Bluetooth: hci2: command tx timeout [ 341.721774] Bluetooth: hci5: command tx timeout [ 341.721813] Bluetooth: hci3: command tx timeout [ 341.849757] Bluetooth: hci7: command tx timeout [ 341.849787] Bluetooth: hci6: command tx timeout [ 341.849885] Bluetooth: hci4: command tx timeout [ 343.385826] Bluetooth: hci0: command tx timeout [ 343.513769] Bluetooth: hci2: command tx timeout [ 343.513803] Bluetooth: hci1: command tx timeout [ 343.769799] Bluetooth: hci3: command tx timeout [ 343.769825] Bluetooth: hci5: command tx timeout [ 343.897786] Bluetooth: hci4: command tx timeout [ 343.898339] Bluetooth: hci6: command tx timeout [ 343.898899] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 07:31:42 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=0000000000000016 RCX=ffffffff814f3e3e RDX=fffffbfff0fe19e5 RSI=0000000000000008 RDI=ffffffff87f0cf20 RBP=ffff888013065db8 RSP=ffff88803128fa48 R8 =0000000000000000 R9 =fffffbfff0fe19e4 R10=ffffffff87f0cf27 R11=0000000000000001 R12=ffff888013065340 R13=ffffffff85c18d00 R14=0000000000000000 R15=0000000000020000 RIP=ffffffff814f3e46 RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f413864e540 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f4138b10008 CR3=000000003541a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffff00ffffffffffffffffffffff00ff XMM02=4c4700362e322e325f4342494c470035 XMM03=00000000000000000000000000470035 XMM04=4342494c4700362e322e325f4342494c XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=00007fafec6113a6 RCX=ffffffff81209c92 RDX=ffff8880313dd340 RSI=ffffffff81209c9c RDI=0000000000000005 RBP=0000000000000001 RSP=ffff8880282df8e0 R8 =ffffffff8677428a R9 =ffff8880282df9a0 R10=0000000000000001 R11=0000000000000003 R12=ffff8880282dfa28 R13=0000000000000000 R14=ffff8880313dd340 R15=ffff888035743300 RIP=ffffffff8171a348 RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fafec4fa540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000562eeec024c8 CR3=0000000034e06000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00642e65626f7270646f6d2f6374652f XMM01=00642e65626f7270646f6d2f6374652f XMM02=00000000000000000000ffffffffffff XMM03=00000000000000000000ff00000000ff XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=676f6c206d6f74737563000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000