Warning: Permanently added '[localhost]:52733' (ECDSA) to the list of known hosts. 2025/04/25 13:48:57 fuzzer started 2025/04/25 13:48:57 dialing manager at localhost:46629 syzkaller login: [ 98.573038] cgroup: Unknown subsys name 'net' [ 98.673003] cgroup: Unknown subsys name 'cpuset' [ 98.718935] cgroup: Unknown subsys name 'rlimit' 2025/04/25 13:49:24 syscalls: 2214 2025/04/25 13:49:24 code coverage: enabled 2025/04/25 13:49:24 comparison tracing: enabled 2025/04/25 13:49:24 extra coverage: enabled 2025/04/25 13:49:24 setuid sandbox: enabled 2025/04/25 13:49:24 namespace sandbox: enabled 2025/04/25 13:49:24 Android sandbox: enabled 2025/04/25 13:49:24 fault injection: enabled 2025/04/25 13:49:24 leak checking: enabled 2025/04/25 13:49:24 net packet injection: enabled 2025/04/25 13:49:24 net device setup: enabled 2025/04/25 13:49:24 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/04/25 13:49:24 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/04/25 13:49:24 USB emulation: enabled 2025/04/25 13:49:24 hci packet injection: enabled 2025/04/25 13:49:24 wifi device emulation: enabled 2025/04/25 13:49:24 802.15.4 emulation: enabled 2025/04/25 13:49:24 fetching corpus: 0, signal 0/0 (executing program) 2025/04/25 13:49:26 starting 8 fuzzer processes 13:49:26 executing program 0: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'}) r1 = openat$cgroup_subtree(r0, &(0x7f0000000040), 0x2, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f0000000080)) r2 = syz_open_dev$vcsu(&(0x7f00000000c0), 0x1, 0xa0880) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, r3, 0x800, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x6, 0x63}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000040}, 0x8804) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r0, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x28, r5, 0x300, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x6b}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x4004000) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r7, 0x100, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r8}, @void}}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x800) r9 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$SO_BINDTODEVICE_wg(r9, 0x1, 0x19, &(0x7f0000000580)='wg1\x00', 0x4) r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/warn_count', 0x220000, 0x97) ioctl$TCSETS2(r10, 0x402c542b, &(0x7f0000000600)={0x8001, 0x40400, 0x4, 0x8, 0x20, "bf40e9f6efe7a5a7fe54d9e2a692ef6c7b287a", 0x1f, 0x7}) r11 = openat$cgroup_subtree(r2, &(0x7f0000000640), 0x2, 0x0) pwritev2(r11, &(0x7f0000000740)=[{&(0x7f0000000680)="7ce10faa0aec72c751464de5f370df3d1f755d64b8b0c58755f7dedf7877ef527ef03ab2b699b7626db9c6e9cc5aef141b0ff42c313a9028757737786ff2ab4ca202f1b8c912ec0d061e38b0af0c2b6154746eb7841c3ef97eeb75e5b7b41590be62bbacc8e85ebf90fffffe7b7d3cd52dbdace26b16c911d1dc58e5da446a18de80fdc4bc6425817a8865663232", 0x8e}], 0x1, 0x2, 0x63e83c2d, 0x1) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r2, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x1c, r7, 0x200, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x41}, 0x84) 13:49:26 executing program 1: ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000000)={0x3, 0x8, 0x9, 0x3, 0x7, "8e8bfd9e193c1e51cb8e149942c041b0915d35"}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000000040)={{0x0, 0x7, 0x7b27, 0x2, 0x6, 0x6, 0x10001, 0x57, 0x8d, 0x8, 0x9a4, 0x8000, 0xd71, 0x1c292313, 0x4}}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000001040)={r0, 0xee8}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000002040), 0x400040, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000002080)={r1, 0x1, 0x7fff, 0x7298}) ioctl$TCSETAW(r2, 0x5407, &(0x7f00000020c0)={0x7ff, 0x7, 0x5, 0x7ff, 0x8, "4cf5913b6eee46d9"}) sendmsg$AUDIT_USER(r1, &(0x7f00000031c0)={&(0x7f0000002100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000003180)={&(0x7f0000002140)={0x1010, 0x3ed, 0x200, 0x70bd2c, 0x25dfdbfe, "318b6cc4178d4120982febd7fadf8dac6f268e6c4a7d2f36693aadb078fe4deaed1f80684570841ff50e78eefbd03bedced260d307df0d6c2bf8056021bba6ef13d3367929f55c92586d71a9af36edde61f26c7a9aa389ddb505325d539b4394aa3b25e0ec15d2c5f62ece77bbc566c90dad39b5a7955a77fd30084accfa6335c44d0072b4f3627140814d94c53e89667768d01617281b002dbbe72b0d23e3b5ff814a56175c7441b1b6d2f844a9d3f341cbff40b133ea277120e377a1e925c9c0a3dfa8466c43459922375ae183a37cdf77de62e344be920ef4d8fc1e62d5e692f7ed02f6bba2ab2564c83c0c2464009130569b4a0c8c7163b160100866fac0fbf5d86710a829f89b20c3179c0e085af90573f269fe8fb40ad20186537db825d5226f73e7ae8dea4561468f97d6f2cea32018efb115d8f7002edf949fdee02d9e9ea6bd33fd4bfe8dccc2fe2fb2175aaaab435724eeb2d6ce6b13529e7ed44fa93beb9aaccbaea6e6439130fb6dd862e575ca3a7a2fd61376878c03c0786a416db89e13373c8a0ba15d50e9f6cd893010e3f8c563834b591b0f2c695131128ec182c59f51bea5d60d066e688dae04f10ae6af4c78fceef8d5f0cb6aa7497c70a213d3ee3103ee55dc19853504646118024260067704e8abe8953ea1639c169b9068f96cbb10a49401eb768f234ac82b5c942cc417404ea033dd5cc595fd82ce7a0827063ac246098a44dbfd45f3a65eacdbc058a6a7ab8507d0e3f02d470da7e10bd121f2bed633e40136679b7ec68ea5211801af559cd3c3afdfb47902c1fbdeb52f0083f6229fbf42a7b6b7e228d51cd7f3e2a41cd6177e8e8a878f069849e6166f5ae4660f4a06b9430e322c2b437538a73518db0117e094f4092e4857c68266de0fabfe4ecc22ee7688d4fb663914cd8ca5f244a9b503a6be71a49dbd9d03465d21babf15a4c78db9dc9f3e0f74812efd5f42db9c5adc3f63c104d143ae2c30c79b624bc1e427a368862f0d13891ddbc97a838c7bec86e564512f679a266603b415fada76292c352a04e0ed028d04607f1195d610d14fe91783b20600c8aca6ea44208b81ff5606d5a06f68f0c39a7949d93a25eab7296dbb7ce76abc67028b8306c5eaed45a83f2ac573d0c3ec1fc06db566b150e527bdfe54ca7065588693240ebc5201c1388cecebd8de02522b35507a0d106785511f53b01cb2a323caf43f048bce14723742a526969760914e5908d958731b191d0740968beb520066e5ac8fe4a5c6467926248ce02117fae69b558f2583f64efa01831566b52904d7bb8bc0a23e423782c6a5ed23bcf76749469d82106c95e40fdbe0585b748db9af6cc8a92af181839e6d705e2edc332924f66b41cb395f376cb3a728ff994f8042bbee01b70e971c49d6ce5a1fb998aa095ec8179845339138599f7b36f37bc410ca00d0cf3aad1dd7be52a532b7f70baf5cf363410f8457ef22707deaebd993d76e687add297ac7d0aea3c0e14882bfa96292fb0bad96d5dae7e18d618a6c5355182d29c50a4552d09e4c219e929cc1ecb3573b4f0bf2359f945281e95bad7d5b533c8b3c5319f1c92c1d98a4c3114ffe8b4de5ac37531c421b32d26da43f429d207afb972fa7001b536fdb15527af7227ee65be480798af659da9e8ea11cf5af169bd8864723b591a2b83bf88f8a45dccb9d30dc7955c1c50c4d34f3bc06de7db8a182e91fb69b9d52e9138486b703f257a2e1852c08621893779fa786a2b68f0206164019058226e23b7c2465d3644dce60e14561c49bc3074772f7dc579cf1678082d7aeeafb1ef2363fba4567fcf20e2943ab6c95895d3b8056767666243b76f856af03f4abfa57a99f8bfd75f66ea1e8eb07581501ac3400d2287b6fe9c25e778cd582d7c30b05ebc17a631770b3d429c2ffd6dc953be822ff279f5b4968d7f878c7d10a493b7435c1eada1f47f7a42c77b0270a425f85a80502612a13db829212d0997cfb5b6de0a6a330905e020ad5e0ace814cfbd19a7394c7bab008a468da3ade542b116e245b37c91f4482b0090a8e9eecd74d5e452d5ed9bb2553a1bcf29fef0eb8d036a32e4cc544e55378691faf60439d3a3dde974fed6871ee89ee686864b7382883c1f57c0be818951e5922b9a3768ff84a9f8a2324d69ab1fd98e03208898466169f46b2fef43a0e38fe991ee6d92fad6fe4a91b348ff1669bbb754342def34f7cd99af33a9a08a1ba6b8c38f0f3b605fa280a939db7db7b25da2a0fa9e755ed77a8f1f8cc02578478b7610d209130f1daa8021b5f627283ab3a5f9fdacf4b4538d8d54b71faa0aa65c3b39884b28fa6cacf21fadc36df6b55f1f0aa12beedbf102458a4d8520d4766d7d9ec0666e57e23dfb41300f84e67730349bebf23be46d0a3b46cce83d98b3e282ddaea01be14569642e0f290f4f9b688bcdfc02e097a0f27cf698feebb1e087017b60510d2ea8363d9f880b96eb75b28129299d05542713b8ffc778cdaa9dcffaca06ffd66adc63dbaef9dcb4319fedbd1873bdecf9a23ce4f031bc924576bd096a7c76495d52af9de82735cdc1598412d2b0a5082f4cbf11cf186b4bf26d0b9c3d813d8f08c76f6d4135d5602f8d22bdf8dd949162439a1fa40e0d3fcb85133fe802be3a39661fed87fce35c17dfc80d4dbebc05320253e93b671cf21a3664f65166933651efd3e403cb1d43e5809eb2eb3d7cf62352164b7d1d22badc979e4a2663b62c9a10f2d56d05bc6ee332eefa53209729795cceff76a5487f38bba1f23371c78877cd8f0a62e52731a56fab5a49aeb9ea56567b2a4e082e7106f4c7df3cf406453f1c49f77f57c311c633739ad114dc4d699b88dce0d0196999f64b932e123d6cc26ece4c047b727858f12b73a8b049b0ec4d21175840ed24e0322f95a7064032c2ddf512d28ce412cc6145e6085b67034dc88494693c758a0547ea7e08d7ea79ac0d363410a5a089339154912289f4bf1844e7c72d00b75fb2141f4d57304594150c3b3d51f177b85fa513165f709a049ca25a8a1d773f843fa6c959fcba50b6db314de59c8367335bd5edb92b7e56c72e1f898217ad6ba85f8c396242fa78dd55c6d2bf85589ad96c393a3f45c5d8150415a011612d2b35b66ea8fecc5d34a74624ddf0b46ccd70baec619af0e0657bdb045ae4c2829032d702abe5e294d6b35702499ad8127624266513d18067e2e2374262d3450578978834b1115b38833430a697ca0def5500e0c92ae67e214e22dacda91519edb80a2c3a73082149cc2bf656b15026814f3dc048befc92a9e6d7d3b55aecabd07796f35462c147596896ac8306241c75d36000b7c914a8a6dc3fa0bfc636fb88734b27038b1e98225f5e9c7b1f95c00ab4e8fe9fd237c1151c3e3752f02b6f0e84bd2e1cae7d92d6baf8564c4043b2524501ddc3b89b0aa1c380039b431cfe07ce59a167712b3a680d5e8e9d8ccab8ec0e9b35814a313fd68cda20f0e577cd9298665e7f79224103ff127b2303270d458a42157e7bf6bd896266aa9a0d1858d05fe7a61ee2b2018317b76aafe85eb0dfc676b276b496225f8bfa066e4ec6b7facc52bcc4b0393537947df22918d0d902745bca762e0531f361fd90fea50d6f556f8dbb81bc5d5846a9c5ef6ad80cfb411f5e79d895bcb6db3422827181005955f355328727faf199ef26f41dacda446ee23dca66ef34d624a7d2323560e6f536de6c564b4af827e6139fad6f0ccbb16d01cc3c527634cfe2d34cacbd9378d5ae2f941a2e35793e0148df1c2c64c3b85320511e7403b6d9fada07c1dbe0aa8027dc4a48c842c172f41a6f8e3acf53c19f9102eaf5f994b42f2825a27664baca6f4bc0b054cfa262846ba1e65b2e3669454bf80b7295d992db089cb4d6ae209e4dc9c9e9ded778b10d3f3e98f77faa9bbf04bbbc94d80e30574b45d7f332ff0c1b882502ebd8f6919b3ce1c0d82dd41f52d4388cf603f5fe0d4c9892923b79fd04382aca7375fb63659ba8216def59793dc629791c1cac3ebec185c94a4e9a8e8b73f66025be78508d8e8b25cb0c5912cf7a19ba4559a862d37b276957f1f2dfbc066a717b784b6c5958d778c9ff6dd64a36bf358031c9197508ee6c578425b86a772e06b05a987d9b0dc9a25d0ebaf925ecefddd92ac72325d91b9477180f932fea14a581364b104190868ac700fd1f5387dd0212dceb684f33bb2f5570cadc35eab805761491b6138ec4a1c20c25c47f584a5f838c90b77ec3a2f4d7879d44ed037a15baf028af4cd45ee8f41a6072e44ea68da27ae119748e43d9db137eb16919a5222ebf13763eb5dae364beebec1ab7bda64d1d18cd1d765dd1a54ffb67b7b933b8051944f8fe20c8bc95ba49bf88474da946693284c6cc45422f85472ad8246c485cce1d3055752c35b2a9fe7a5401256d15bce1d8dc8794fa7491c453de2137de6a7f8edff6506d508127caf55318d0e1a081aa3ece57e8d61ed66fc346d7f141f1de890fc33af85845637f66d7c8f1069c6c1173b2be8f3b235d680fec7a1e7704d31c60134bce3941515c7e766db47a95b60c6fb813c2bbeaaef533fec0de284d0a04d17beee12a3b202238de01270a7caae473895f3a82353ae2d3f414737894fdcb92005ee0ce599b3ff1643e21ee1871c9228954953ac89e9a874f2e976fcf63edd634e41d7da82fd51d426c039b1bc273429e645750471e895a38da671276ef7f9c38bf5db900dbb941b2b0c4a54edeab20009ad49f6ab559968851312c80be1a40c404643dc2d921062e93e101206aff747c9b4d2068b2b61a02790411460b4d7c15bd476d2748b1172816ad2de1607d9c2c8fe3008cfb24cf2d7de343569be40fda777855c5774fac8970510e5e9e1c48d1480443a6dff20adace2817c415bd9e023ee45a487c6f378a063463d1ad36efdb3ab5252a33301984e1df30f3e02266c78f8c8bbb58853f69bdf55e5a162479d9695b39af61d98cb00c08d7651428808153029790f03407bfe3f14ca35b20f06c1cf257e7692f6fdb79e4a32563810bb310df5d3ac5beed0f2c30a94bbacb3c0aef1372ee730c0b08fb727aafad7987d162061a5c6ce308b3833aea9f06a7fe60dbb335409e1fa6442dc57f96768ef8f55f82c9b9cb283de52fded3a662d88fce07dd4051408b8a20d4b510c134e03e29567eb1de539fd0d1c020512f5ed96bf3728fecbd23b069d05bcfb34726597cbdf54c78bad5baac167b2629ac8820aadc1fbaa7db0ca227d1f6b9addd7ccf71bdfd7eb6eda55a460cff3c3dd3a5ed9926963858ec0cd04e59c1e49fe25f8c2d40498b364cf429843254c27fb19d1ef1bdb066aa622b1ccb175bffe73ce426e7b4d2c2a09d2ec7b155a113a5447688da3e108e25f5f8002181dd5af61fbfbc343c3a5533a944e7a5dc90f4795931d33a1e75ccc90b2ff8bcaded557eb3508b472aec1a4f9211acea0c3005ee24932003e70be43c553f40d71c26fccee86a98a75c41a90dd0808f84e5661bddf05f99174d8a9a4b685453786c7c9eae3693390c73ec85866f275ecdf7236fd1d234767ea281a7c5d068add8ab39d39641affb122a512b8fc87664631995011d92f24759179195b72e146b43fe48a7a7e8c7c8e5af415d7c80fc13d1bbb2f8da17ddf14b0c0b1de669a3c05dc010118249202202566d0460a19d23f96507efc6ff60fcb9bc234a173171c457011598181b96adf86836062b22b1d8a53c686a5e86582cf730b81668808f39a1807db8d7ba02158a18236bd6a265308a28b5412b", ["", "", "", "", "", "", "", "", "", ""]}, 0x1010}, 0x1, 0x0, 0x0, 0x5}, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000003200), 0x10141, 0x0) ioctl$KDSKBENT(r3, 0x4b47, &(0x7f0000003240)={0x31, 0x0, 0x1f}) recvmmsg$unix(r1, &(0x7f0000006140)=[{{&(0x7f0000003280)=@abs, 0x6e, &(0x7f0000003440)=[{&(0x7f0000003300)=""/71, 0x47}, {&(0x7f0000003380)=""/156, 0x9c}], 0x2, &(0x7f0000003480)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa8}}, {{&(0x7f0000003540), 0x6e, &(0x7f0000003740)=[{&(0x7f00000035c0)=""/45, 0x2d}, {&(0x7f0000003600)=""/169, 0xa9}, {&(0x7f00000036c0)=""/20, 0x14}, {&(0x7f0000003700)=""/32, 0x20}], 0x4, &(0x7f0000003780)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x70}}, {{&(0x7f0000003800)=@abs, 0x6e, &(0x7f0000003980)=[{&(0x7f0000003880)=""/10, 0xa}, {&(0x7f00000038c0)=""/151, 0x97}], 0x2}}, {{&(0x7f00000039c0), 0x6e, &(0x7f0000003bc0)=[{&(0x7f0000003a40)=""/165, 0xa5}, {&(0x7f0000003b00)=""/185, 0xb9}], 0x2, &(0x7f0000003c00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}], 0x20}}, {{&(0x7f0000003c40)=@abs, 0x6e, &(0x7f0000005f80)=[{&(0x7f0000003cc0)=""/4096, 0x1000}, {&(0x7f0000004cc0)=""/98, 0x62}, {&(0x7f0000004d40)=""/34, 0x22}, {&(0x7f0000004d80)=""/116, 0x74}, {&(0x7f0000004e00)=""/4096, 0x1000}, {&(0x7f0000005e00)=""/6, 0x6}, {&(0x7f0000005e40)=""/52, 0x34}, {&(0x7f0000005e80)=""/237, 0xed}], 0x8, &(0x7f0000006000)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}], 0x68}}, {{&(0x7f0000006080), 0x6e, &(0x7f0000006100)}}], 0x6, 0x43, &(0x7f00000062c0)) fchown(r3, r9, 0x0) ftruncate(r7, 0x10001) write$binfmt_elf64(r8, &(0x7f0000006300)={{0x7f, 0x45, 0x4c, 0x46, 0xec, 0x0, 0x5, 0x5, 0x1, 0x2, 0x6, 0x0, 0xa6, 0x40, 0x19e, 0x9, 0x8, 0x38, 0x2, 0x4, 0x7fff, 0x5}, [{0x4, 0x9f, 0x0, 0xffffffffe6726717, 0x2, 0x7, 0x87, 0x480}], "0cdc368f0a9d96eb57ecbd6c020facbc04f62c3838c753e5c4a2d5cfbdcd128b52e143ccca837213f1d51bd97e57154295ee8477be9d49518e64e7e11fcaf078a3f0dc34b667a0752238e8b41f8955514c2834b2f44b43c0ca1958301c237ad0270c6a20f0ca769f5ede4b96955b94cf2d24cba1d7f51295d8a6ce379656b33f04ada0a9f2aa25b11cf5066d18913ad3548588e93f122b11591d38e75fa6596256083271d78c505b78158be498f028d812e2bfb2"}, 0x12c) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a85352, &(0x7f0000006440)={{0x7, 0xf9}, 'port1\x00', 0x80, 0x7001a, 0x2, 0xbb1, 0xb, 0x8b6e, 0x4, 0x0, 0x4, 0xb8}) r11 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000006500), 0x8001, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r11, 0x80489439, &(0x7f0000006540)) poll(&(0x7f00000065c0)=[{r5, 0x2}], 0x1, 0x8) sendmsg$AUDIT_SET(r4, &(0x7f00000066c0)={&(0x7f0000006600), 0xc, &(0x7f0000006680)={&(0x7f0000006640)={0x38, 0x3e9, 0x100, 0x70bd2b, 0x25dfdbfc, {0x43, 0x1, 0x2, r10, 0x8, 0x9eb, 0xdd, 0xfffff000, 0x0, 0x6e}, ["", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x4004000}, 0x800) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r6, &(0x7f0000006740)={0x80002006}) 13:49:26 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f0000000040)) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0) sync_file_range(r2, 0x3, 0x0, 0x4) ioctl$KDMKTONE(r0, 0x4b30, 0x7) r3 = openat2(r2, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x2000, 0x5, 0xa}, 0x18) r4 = creat(&(0x7f0000000140)='./file0\x00', 0x151) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {r4}}, './file0\x00'}) ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000001c0)=0x9) r6 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x40, 0x20) ioctl$AUTOFS_IOC_EXPIRE(r6, 0x810c9365, &(0x7f0000000240)={{0xff, 0xfff}, 0x100, './file0\x00'}) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r3, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, 0x0, 0x10, 0x70bd27, 0x25dfdbfb, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x44045}, 0x20000000) ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f0000000480)={{0x1, 0x1, 0x18, r6, {0xfffffffa}}, './file0\x00'}) getsockopt$packet_int(r7, 0x107, 0x9, &(0x7f00000004c0), &(0x7f0000000500)=0x4) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x34, 0x0, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_TX_USECS={0x8}, @ETHTOOL_A_COALESCE_STATS_BLOCK_USECS={0x8, 0xa, 0x7}, @ETHTOOL_A_COALESCE_PKT_RATE_HIGH={0x8}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x40}]}, 0x34}, 0x1, 0x0, 0x0, 0x4801}, 0x4000) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r5, &(0x7f00000007c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000780)={&(0x7f0000000680)={0xc8, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CSA_IES={0x40, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_PRESP={0x16, 0xbb, [0xa2, 0x3ff, 0x401, 0x7fff, 0x80, 0xff, 0x2, 0x4, 0x0]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x6, 0xbb, [0x400]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0xa, 0xbb, [0x8000, 0x2, 0x8]}, @NL80211_ATTR_CSA_C_OFF_BEACON={0x10, 0xba, [0x5128, 0x85, 0x7, 0x83e3, 0x8, 0x1]}]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4c84}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x316}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x64e}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_WIPHY_FREQ={0x8}], @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0xb}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x45}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x48}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}], @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4000}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7fffffff}], @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}]]}, 0xc8}}, 0x40000) r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000800), 0x101040, 0x0) ioctl$TIOCOUTQ(r8, 0x5411, &(0x7f0000000840)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) gettid() 13:49:26 executing program 3: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/sunrpc', 0x80000, 0x0) sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000280}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0xd, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x24040000}, 0x48041) write$P9_RREADLINK(r0, &(0x7f0000000140)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) r1 = signalfd(r0, &(0x7f0000000180), 0x8) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000240)=0x14) sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0xd0, 0x0, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0xc840}, 0x4000801) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), r1) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r1, &(0x7f0000000640)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000480)={0x14c, r3, 0x400, 0x5, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x80000001}, {0x6}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x6}, {0x6, 0x16, 0x2}, {0x5, 0x12, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x1000}, {0x6, 0x16, 0x8000}, {0x5, 0x12, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x8}, {0x6, 0x16, 0x200}, {0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x76d4c77e}, {0x6, 0x16, 0x7}, {0x5, 0x12, 0x1}}]}, 0x14c}, 0x1, 0x0, 0x0, 0x24008001}, 0x4001) socket$packet(0x11, 0x2, 0x300) r4 = socket$inet6(0xa, 0x1, 0x7) ioctl$sock_SIOCBRADDBR(r4, 0x89a0, &(0x7f0000000680)='veth0_to_batadv\x00') write$P9_RREADLINK(r0, &(0x7f00000006c0)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000700)={{0xa, 0x4e24, 0x3, @mcast1, 0x30ec}, {0xa, 0x4e21, 0x5, @mcast2, 0xff}, 0x97, [0xaeae, 0xfff, 0x3, 0x9, 0xae47, 0x0, 0x2dd, 0xe3f]}, 0x5c) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x2c, r5, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80) r6 = memfd_secret(0x0) ioctl$EVIOCGVERSION(r6, 0x80044501, &(0x7f00000008c0)=""/143) setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f0000000980)={0xffff, [0x9, 0x8], 0x4}, 0x10) ioctl$int_in(r6, 0x5421, &(0x7f00000009c0)=0x9) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x24, r5, 0x300, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40410}, 0x20000000) [ 127.699679] audit: type=1400 audit(1745588967.046:7): avc: denied { execmem } for pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:49:27 executing program 4: ioctl$HIDIOCSFEATURE(0xffffffffffffffff, 0xc0404806, &(0x7f0000000000)="5cac076f38b85fd81e718ce98e67452dfe7edd3b11231b3742d226f5db0d0403488a1b1999719e8ea4283f0cbbf72a121323aaadbf39ea33af97f55681dd13120b4d9777c995a066d4a67f6a59a952b0c291188236adb4ac53bd1b963cf66521c012960a25174568861ca85292061370e468eca929cc86c2db0e5415391bc0a64a0750967931172627778ab4eab072eb0e6669c3c9da26b5e1e0e98864a65fff15f73424b6e1814ce715a47f76f986") ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x80}}, './file0\x00'}) r1 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000100)='memory.pressure\x00', 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r1}}, './file0\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0x40a85323, &(0x7f0000000180)={{0xff, 0x1f}, 'port0\x00', 0xc2, 0x846, 0x401, 0x4, 0x0, 0x10001, 0xef, 0x0, 0x3, 0x8}) r4 = syz_open_dev$mouse(&(0x7f0000000240), 0x40, 0x81) fspick(r4, &(0x7f0000000280)='./file0\x00', 0x0) epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r1, &(0x7f00000002c0)={0x30000000}) r5 = accept4$bt_l2cap(r4, &(0x7f0000000300)={0x1f, 0x0, @fixed}, &(0x7f0000000340)=0xe, 0x80000) ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f0000000380)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) r6 = accept$inet(r3, 0x0, &(0x7f00000003c0)) ioctl$LOOP_SET_FD(r2, 0x4c00, r6) r7 = creat(&(0x7f0000000400)='./file0\x00', 0x24) setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000440)={@in6={{0xa, 0x4e24, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7fff}}, 0x0, 0x0, 0x0, 0x0, "d1079899770979499d1d8a7bfbbf5027d9f7674f8a489d09a243e80f66f53d1dfff8f457a954b2518612dcb9835558fc8d44af6cd42dcaf9000f7e3aa812bc5b7c08d8908f7c5ee6ecaa233edd9c118f"}, 0xd8) r8 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$FAT_IOCTL_GET_VOLUME_ID(r8, 0x80047213, &(0x7f0000000540)) ioctl$SCSI_IOCTL_GET_IDLUN(r3, 0x5382, &(0x7f0000000580)) ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, &(0x7f00000005c0)={0x2, 0x1, 0x6}) write$P9_RATTACH(r0, &(0x7f0000000600)={0x14, 0x69, 0x1, {0x20, 0x1, 0x8}}, 0x14) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000680)=0x101) 13:49:27 executing program 5: sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {{}, {}, {0x14, 0x18, {0x8, @bearer=@l2={'ib', 0x3a, 'ip6_vti0\x00'}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x40001) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000100), 0x21c0, 0x0) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r0, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0xb0, r1, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xffff}, {0x6, 0x16, 0x2}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x3}, {0x8, 0xb, 0x3}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x7f}, {0x6, 0x16, 0x1}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x1}, {0x8, 0xb, 0x1c01}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4000094}, 0x40008c0) r2 = open$dir(&(0x7f0000000300)='./file0\x00', 0x8000, 0x40) fdatasync(r2) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r0, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, 0x4, 0x8, 0x401, 0x0, 0x0, {0x0, 0x0, 0x4}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x805}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x10) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x6) fcntl$dupfd(r0, 0x53c613ad20d2aef, r3) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r0, 0x8010671f, &(0x7f00000004c0)={&(0x7f0000000440)=""/122, 0x7a}) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000500)="9557463934e9e33d9999f459d7ceab76911fc50137a259acd6ac9de2aedff90242a2c8b288b392d9b0e64aa4fc31a41194e4dcf4fd9d027903da65b7") r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder1\x00', 0x802, 0x0) ioctl$BTRFS_IOC_GET_DEV_STATS(r4, 0xc4089434, &(0x7f0000000580)={0x0, 0xd083, 0x1, [0x3, 0x81, 0x1, 0x80, 0x1], [0x80000001, 0x8c, 0x401, 0x140000000000, 0x6, 0xffff, 0xb06, 0x10000, 0x0, 0x193, 0xfffffffffffffffd, 0x2, 0x56d, 0x3, 0x0, 0x6, 0x8, 0xfffffffffffffffe, 0x6, 0xffffffffffffffff, 0x0, 0x8c1a, 0x20, 0x5, 0x6, 0x8, 0x6, 0x7, 0x81, 0x9, 0x0, 0x7, 0x7, 0x8001, 0x6, 0x800, 0x4, 0x2, 0xfffffffffffffffe, 0x8, 0x8, 0x9, 0x0, 0x6, 0x3e0, 0x100000001, 0x1, 0x7, 0x2, 0x402, 0x168e, 0x0, 0x6, 0x9, 0x0, 0x81, 0x9, 0x5, 0x1000, 0x1, 0x4, 0x82c2, 0x8, 0x3ed, 0x7fffffff, 0x7, 0x91, 0x5, 0xb491, 0x4, 0x1, 0x6, 0x7, 0x100, 0x8, 0xfffffffffffffff9, 0xffe0000000000000, 0x200, 0xffffffffffffff44, 0x7f, 0xffffffffffff1ff2, 0x4, 0x7, 0xfffffffffffffe00, 0x100, 0x2, 0x5, 0x0, 0x3f, 0xe34, 0x3ff, 0x2, 0x5, 0x80000001, 0xa5e7, 0x6, 0x7, 0xd90, 0x200000000000000, 0x4, 0x0, 0x3ff, 0x100000000, 0x3, 0x7, 0x2, 0x5, 0x3, 0x3f, 0x5, 0x6e7f, 0xdaf, 0xfff, 0x1, 0x1ff, 0xffffffffffffff01, 0x79ee, 0x8, 0x401, 0x2, 0x4]}) execveat(r0, &(0x7f00000009c0)='./file0\x00', &(0x7f0000000b40)=[&(0x7f0000000a00)='/!\x00', &(0x7f0000000a40)='ip6_vti0\x00', &(0x7f0000000a80)='\x00', &(0x7f0000000ac0)='/\x00', &(0x7f0000000b00)='netdevsim\x00'], &(0x7f0000000bc0)=[&(0x7f0000000b80)='./binderfs/binder1\x00'], 0x100) ioctl$BTRFS_IOC_DEFRAG(r0, 0x50009402, 0x0) r5 = signalfd4(r4, &(0x7f0000000c00)={[0xa800000000000000]}, 0x8, 0x800) ioctl$PERF_EVENT_IOC_QUERY_BPF(r5, 0xc008240a, &(0x7f0000000c40)={0x2, 0x0, [0x0, 0x0]}) recvmmsg$unix(r0, &(0x7f0000004200)=[{{0x0, 0x0, &(0x7f0000001fc0)=[{&(0x7f0000000c80)=""/147, 0x93}, {&(0x7f0000000d40)=""/93, 0x5d}, {&(0x7f0000000dc0)=""/125, 0x7d}, {&(0x7f0000000e40)=""/4096, 0x1000}, {&(0x7f0000001e40)=""/170, 0xaa}, {&(0x7f0000001f00)=""/24, 0x18}, {&(0x7f0000001f40)=""/70, 0x46}], 0x7}}, {{0x0, 0x0, &(0x7f0000002200)=[{&(0x7f0000002040)=""/174, 0xae}, {&(0x7f0000002100)=""/124, 0x7c}, {&(0x7f0000002180)=""/119, 0x77}], 0x3}}, {{&(0x7f0000002240), 0x6e, &(0x7f00000036c0)=[{&(0x7f00000022c0)=""/39, 0x27}, {&(0x7f0000002300)=""/175, 0xaf}, {&(0x7f00000023c0)=""/4096, 0x1000}, {&(0x7f00000033c0)=""/254, 0xfe}, {&(0x7f00000034c0)=""/88, 0x58}, {&(0x7f0000003540)=""/229, 0xe5}, {&(0x7f0000003640)=""/101, 0x65}], 0x7}}, {{&(0x7f0000003740), 0x6e, &(0x7f0000003a40)=[{&(0x7f00000037c0)=""/65, 0x41}, {&(0x7f0000003840)=""/106, 0x6a}, {&(0x7f00000038c0)=""/162, 0xa2}, {&(0x7f0000003980)=""/150, 0x96}], 0x4, &(0x7f0000003a80)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x88}}, {{&(0x7f0000003b40)=@abs, 0x6e, &(0x7f00000040c0)=[{&(0x7f0000003bc0)=""/96, 0x60}, {&(0x7f0000003c40)=""/41, 0x29}, {&(0x7f0000003c80)}, {&(0x7f0000003cc0)=""/179, 0xb3}, {&(0x7f0000003d80)=""/101, 0x65}, {&(0x7f0000003e00)=""/98, 0x62}, {&(0x7f0000003e80)=""/205, 0xcd}, {&(0x7f0000003f80)=""/235, 0xeb}, {&(0x7f0000004080)=""/24, 0x18}], 0x9, &(0x7f0000004180)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}}], 0x5, 0x40000040, &(0x7f0000004340)) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r6, 0x40082102, &(0x7f0000004380)) ioctl$BTRFS_IOC_SYNC(r7, 0x9408, 0x0) 13:49:27 executing program 6: ioctl$TIOCSWINSZ(0xffffffffffffffff, 0x5414, &(0x7f0000000000)={0x8, 0x0, 0x9, 0x4}) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x8140, 0x0) ioctl$PIO_FONTX(r0, 0x4b6c, &(0x7f0000000480)={0xda, 0x20, &(0x7f0000000080)="af3537bfda1735086df8f988c6f589861c08d4de2728a6af7aa3a5fca1915fe24df0dd4ed3f32581119e5a27c520fcf0545a16e5ed0c893a9e17233506cdd209c53de5f965ca1c65d2978bb78727935a38180c4de9df1e273ab2ff7db2deb985cbc631f57de0a6c737f4b1382f3106e3b4fab35c30461685e48e988a2f4391d4dca2a9205bf72aa7e9d7b6f7ae83f7dc867c132446d2d5627ef9161e311bd204db8cb052fc1772e3bfaecca53a974f5ef6745c66031d61120442b90f4ef768183bec9534e6e30dff37895a46b21e5a55f7fe6bda122464367bee6672d6f75c1bdfa5f181ead8b1b40b2e6db44910d48fa582cbee583ea85d28156fe3a5d12420632bb18cde41043950862c3f2876921a47fd3ecee4d250b532fb93787b6893e9c4b5a4fcdec22bd4b37b749d2a78c5040caa6848bac55f18375cea6d6b96208c1c44d4047bd8dd2f3c2e49a07c658c0abb6bd62dd7b0e32517b57bfdf8edd554a9d579aa6eac88b8841903e987d2217f0784450f80fdba18ba3a545cf8e161f26bf9de00c3097297ededb50860cbe56a60503d6a194d9a5e9737736c15714b5132a7b766c86965ad193b36b1aa4c7bc3d98711c4fce03606af7fc0b286930216b3c2f99d62841488c3783bdd56fb71d6b3427f119cc1633ce32e5114537690b19b41ed7aedd019843a922c410a997c5bad343c4bb2c07c367b1dcb14127c7bb0ab8624ff6b975e05fd637a406ac1b933a6271cede21fb545e8cd61fab97923087096a6521298129ea77f0d766f1474bf3d8160b4907100dcbfd2b866d6d27cb2aa683850154712dd69404d75996b4d9f99264730ae66c6a9338aad8ca850eb3c3ff22ab0450db8501e103d42f38274f25c7db4a1d2145b035c2915a47be7b46e6fe5d31902a67fccb71562197df5d2b54c82decb0c4c4410ae1023bbd633d5aaa8454aa33536b26df522eefa94a8cc84693ef4a045e691a05f19b9e88f64d2468a0b7d8ea4a2a86dfb60b7f0e48c76b710661f2ae47809f9165b026a21e8d04d785d63da08c6684d13992600974b53172eae65344dc333977d50b15e5ddc9d58e75e87396324a43be448c205ac62da722408ec281dccaa6348b672c937d3d9f5203c5c02d1ef1fedce4214131913ce1b06dc70b97676ce8d8c0ef1e36ecb3053652e034a8c42250b0b2d860176aa6221357556918fbea43af3d924f347be8bb0ca4ab22672b2a0163060cad5023b6a32397ec00f8395c2ea4cb189b8aa876b38a7017a9364fde80f7ed0c7401d40ebc118d82d8dde62bfb629a282ceb09e81eefa218659a3e97c803ff7b09f21623e90157f732253185cc922711fe7e869fc755ae3e8624cce9f15ba620240bbb1e3d9cbd01afe8b5fbb62a84fbdb0d1457ee1b1ef66e334560ff6e7cb6463360653319eb6c77c28a325ff8487053b72e39c85"}) r1 = dup(r0) preadv(r1, &(0x7f00000016c0)=[{&(0x7f00000004c0)=""/216, 0xd8}, {&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f00000015c0)=""/131, 0x83}, {&(0x7f0000001680)=""/42, 0x2a}], 0x4, 0x8, 0x3ff) openat$urandom(0xffffffffffffff9c, &(0x7f0000001700), 0x11001, 0x0) ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000001740)) ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f0000001780)={0x5, 0x1800, 0x1, 0x3ff, 0xffffffff}) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) sendmsg$NL80211_CMD_DEL_MPATH(r1, &(0x7f0000001880)={&(0x7f00000017c0)={0x10, 0x0, 0x0, 0xa410}, 0xc, &(0x7f0000001840)={&(0x7f0000001800)={0x20, 0x0, 0x300, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4044800) r2 = syz_open_dev$mouse(&(0x7f00000018c0), 0x9, 0x4000) ioctl$BLKFLSBUF(r2, 0x1261, &(0x7f0000001900)=0x6) ioctl$TIOCMIWAIT(r1, 0x545c, 0x0) r3 = semget(0x3, 0x3, 0x10) semctl$GETZCNT(r3, 0x1, 0xf, &(0x7f0000001940)=""/4096) ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000002940)) r4 = open_tree(0xffffffffffffff9c, &(0x7f0000002980)='./file0\x00', 0x8100) ioctl$TCSETS2(r4, 0x402c542b, &(0x7f00000029c0)={0x47, 0x42, 0x4, 0x800, 0x7, "dfeeb5b195f623e99b7956bf2c823f9b4221ef", 0x3, 0x9}) sendmsg$NFT_MSG_GETOBJ_RESET(r1, &(0x7f0000002ac0)={&(0x7f0000002a00)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000002a80)={&(0x7f0000002a40)={0x28, 0x15, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x4048490}, 0x44000) ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0x3) 13:49:27 executing program 7: r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000000)={0x4, 0xdf8, 0x9, 0x1, 0x3}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0) ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f0000000080)={0x1, 0x9, 0x7f, 0x4, 0xc0, "6befa70efb87d8f0aed38f79d1da7347bd8e0b", 0x8000, 0x7}) r2 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x404000, 0x2) ioctl$RTC_IRQP_SET(r2, 0x4008700c, 0x1df2) r3 = fcntl$dupfd(0xffffffffffffffff, 0x406, r1) ioctl$KDGETKEYCODE(r3, 0x4b4c, &(0x7f0000000100)={0x0, 0xffffff81}) ioctl$BTRFS_IOC_SCRUB(r3, 0xc400941b, &(0x7f0000000140)={0x0, 0x6, 0x1, 0x1}) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r3, 0xc400941d, &(0x7f0000000540)={r4, 0x93, 0x3}) ioctl$TIOCMSET(r1, 0x5418, &(0x7f0000000940)=0x2) openat$rtc(0xffffffffffffff9c, &(0x7f0000000980), 0x20000, 0x0) r5 = dup3(r3, r1, 0x80000) ioctl$PTP_PIN_GETFUNC(r5, 0xc0603d06, &(0x7f00000009c0)={'\x00', 0x100, 0x491766c8b011f3a3, 0x400}) signalfd(r2, &(0x7f0000000a40)={[0x7]}, 0x8) r6 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000a80), 0x800, 0x0) ioctl$TIOCEXCL(r6, 0x540c) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000ac0), &(0x7f0000000b00)='system_u:object_r:wtmp_t:s0\x00', 0x1c, 0x1) r7 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$VT_GETMODE(r7, 0x5601, &(0x7f0000000b40)) [ 129.249160] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 129.258193] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 129.265967] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 129.278747] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 129.292589] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 129.334132] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 129.337528] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 129.341790] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 129.357897] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 129.368135] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 129.445940] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 129.451591] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 129.460887] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 129.471751] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 129.485833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 129.520733] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 129.528986] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 129.533306] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 129.535186] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 129.569651] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 129.571784] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 129.579565] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 129.597479] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 129.601935] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 129.604463] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 129.607020] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 129.610891] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 129.614824] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 129.616163] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 129.633707] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 129.645797] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 129.654963] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 129.657042] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 129.661012] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 129.673696] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 129.675124] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 129.690125] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 129.716154] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 129.718455] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 129.735529] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 131.328615] Bluetooth: hci0: command tx timeout [ 131.457845] Bluetooth: hci1: command tx timeout [ 131.584309] Bluetooth: hci2: command tx timeout [ 131.776325] Bluetooth: hci5: command tx timeout [ 131.777159] Bluetooth: hci3: command tx timeout [ 131.777738] Bluetooth: hci4: command tx timeout [ 131.777824] Bluetooth: hci6: command tx timeout [ 131.905308] Bluetooth: hci7: command tx timeout [ 133.376286] Bluetooth: hci0: command tx timeout [ 133.504271] Bluetooth: hci1: command tx timeout [ 133.635240] Bluetooth: hci2: command tx timeout [ 133.824341] Bluetooth: hci4: command tx timeout [ 133.827242] Bluetooth: hci5: command tx timeout [ 133.827681] Bluetooth: hci3: command tx timeout [ 133.828100] Bluetooth: hci6: command tx timeout [ 133.952269] Bluetooth: hci7: command tx timeout [ 135.424511] Bluetooth: hci0: command tx timeout [ 135.552289] Bluetooth: hci1: command tx timeout [ 135.681450] Bluetooth: hci2: command tx timeout [ 135.872564] Bluetooth: hci6: command tx timeout [ 135.873055] Bluetooth: hci3: command tx timeout [ 135.873536] Bluetooth: hci5: command tx timeout [ 135.873960] Bluetooth: hci4: command tx timeout [ 136.002298] Bluetooth: hci7: command tx timeout [ 137.472362] Bluetooth: hci0: command tx timeout [ 137.601281] Bluetooth: hci1: command tx timeout [ 137.729478] Bluetooth: hci2: command tx timeout [ 137.921391] Bluetooth: hci6: command tx timeout [ 137.921894] Bluetooth: hci4: command tx timeout [ 137.922622] Bluetooth: hci5: command tx timeout [ 137.923044] Bluetooth: hci3: command tx timeout [ 138.048312] Bluetooth: hci7: command tx timeout [ 191.768359] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 191.771187] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 191.776428] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 191.791541] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 191.795305] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 191.962305] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 191.973084] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 191.975715] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 191.995396] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 192.004677] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 192.010706] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 192.049102] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 192.063894] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 192.092372] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 192.097821] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 192.099859] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 192.114722] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 192.117731] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 192.137108] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 192.140906] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 192.147001] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 192.175767] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 192.183499] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 192.185830] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 192.199598] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 192.214573] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 192.224031] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 192.239631] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 192.248020] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 192.249708] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 192.251820] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 192.253578] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 192.256557] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 192.264902] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 192.268849] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 192.279132] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 192.287026] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 192.294719] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 192.304803] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 192.306946] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 193.859274] Bluetooth: hci0: command tx timeout [ 194.048304] Bluetooth: hci1: command tx timeout [ 194.241303] Bluetooth: hci2: command tx timeout [ 194.305667] Bluetooth: hci4: command tx timeout [ 194.368352] Bluetooth: hci6: command tx timeout [ 194.369096] Bluetooth: hci3: command tx timeout [ 194.369718] Bluetooth: hci5: command tx timeout [ 194.432287] Bluetooth: hci7: command tx timeout [ 195.904359] Bluetooth: hci0: command tx timeout [ 196.096537] Bluetooth: hci1: command tx timeout [ 196.288350] Bluetooth: hci2: command tx timeout [ 196.353256] Bluetooth: hci4: command tx timeout [ 196.418393] Bluetooth: hci5: command tx timeout [ 196.418870] Bluetooth: hci3: command tx timeout [ 196.418911] Bluetooth: hci6: command tx timeout [ 196.480342] Bluetooth: hci7: command tx timeout [ 197.952297] Bluetooth: hci0: command tx timeout [ 198.146278] Bluetooth: hci1: command tx timeout [ 198.336523] Bluetooth: hci2: command tx timeout [ 198.400476] Bluetooth: hci4: command tx timeout [ 198.464852] Bluetooth: hci6: command tx timeout [ 198.465135] Bluetooth: hci5: command tx timeout [ 198.465512] Bluetooth: hci3: command tx timeout [ 198.529279] Bluetooth: hci7: command tx timeout [ 200.002279] Bluetooth: hci0: command tx timeout [ 200.193478] Bluetooth: hci1: command tx timeout [ 200.384574] Bluetooth: hci2: command tx timeout [ 200.449295] Bluetooth: hci4: command tx timeout [ 200.513295] Bluetooth: hci6: command tx timeout [ 200.513758] Bluetooth: hci3: command tx timeout [ 200.514174] Bluetooth: hci5: command tx timeout [ 200.576495] Bluetooth: hci7: command tx timeout [ 251.665365] syz-executor.4 (2909) used greatest stack depth: 24400 bytes left [ 253.905183] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 253.910614] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 253.917588] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 253.925060] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 253.929666] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 253.967914] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 253.974099] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 253.976164] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 253.984374] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 253.986835] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 254.032936] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 254.034980] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 254.036387] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 254.047300] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 254.049863] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 254.126529] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 254.137414] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 254.165350] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 254.171698] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 254.173987] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 254.315998] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 254.328900] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 254.357030] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 254.362372] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 254.368385] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 254.383331] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 254.390615] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 254.404906] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 254.406805] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 254.410627] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 254.419681] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 254.421161] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 254.456111] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 254.472432] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 254.481350] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 254.485778] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 254.510756] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 254.515695] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 254.620065] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 254.729897] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 256.000378] Bluetooth: hci0: command tx timeout [ 256.064411] Bluetooth: hci1: command tx timeout [ 256.128652] Bluetooth: hci2: command tx timeout [ 256.256377] Bluetooth: hci3: command tx timeout [ 256.512332] Bluetooth: hci6: command tx timeout [ 256.640830] Bluetooth: hci5: command tx timeout [ 256.770341] Bluetooth: hci7: command tx timeout [ 256.832715] Bluetooth: hci4: command tx timeout [ 258.048503] Bluetooth: hci0: command tx timeout [ 258.112627] Bluetooth: hci1: command tx timeout [ 258.176359] Bluetooth: hci2: command tx timeout [ 258.304731] Bluetooth: hci3: command tx timeout [ 258.560879] Bluetooth: hci6: command tx timeout [ 258.688452] Bluetooth: hci5: command tx timeout [ 258.817321] Bluetooth: hci7: command tx timeout [ 258.880473] Bluetooth: hci4: command tx timeout [ 260.098241] Bluetooth: hci0: command tx timeout [ 260.161284] Bluetooth: hci1: command tx timeout [ 260.224672] Bluetooth: hci2: command tx timeout [ 260.353276] Bluetooth: hci3: command tx timeout [ 260.608273] Bluetooth: hci6: command tx timeout [ 260.736272] Bluetooth: hci5: command tx timeout [ 260.865339] Bluetooth: hci7: command tx timeout [ 260.929441] Bluetooth: hci4: command tx timeout [ 262.145276] Bluetooth: hci0: command tx timeout [ 262.209333] Bluetooth: hci1: command tx timeout [ 262.272437] Bluetooth: hci2: command tx timeout [ 262.402513] Bluetooth: hci3: command tx timeout [ 262.656300] Bluetooth: hci6: command tx timeout [ 262.784285] Bluetooth: hci5: command tx timeout [ 262.912583] Bluetooth: hci7: command tx timeout [ 262.976251] Bluetooth: hci4: command tx timeout [ 316.437628] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 316.444052] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 316.447442] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 316.456663] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 316.464092] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 316.636032] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 316.640135] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 316.642990] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 316.656358] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 316.662030] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 316.770667] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 316.775721] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 316.789811] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 316.808643] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 316.813874] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 316.987143] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 316.993455] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 317.041434] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 317.053902] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 317.066743] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 317.069799] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 317.088721] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 317.092796] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 317.122096] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 317.156830] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 317.318750] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 317.325651] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 317.331466] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 317.367031] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 317.377077] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 317.380847] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 317.423677] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 317.426386] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 317.432166] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 317.440472] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 317.448752] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 317.466260] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 317.511896] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 317.591121] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 317.603150] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 318.528723] Bluetooth: hci0: command tx timeout [ 318.721263] Bluetooth: hci1: command tx timeout [ 318.912328] Bluetooth: hci2: command tx timeout [ 319.170290] Bluetooth: hci3: command tx timeout [ 319.232306] Bluetooth: hci4: command tx timeout [ 319.488325] Bluetooth: hci5: command tx timeout [ 319.552313] Bluetooth: hci7: command tx timeout [ 319.811354] Bluetooth: hci6: command tx timeout [ 320.576413] Bluetooth: hci0: command tx timeout [ 320.770237] Bluetooth: hci1: command tx timeout [ 320.960375] Bluetooth: hci2: command tx timeout [ 321.216501] Bluetooth: hci3: command tx timeout [ 321.280401] Bluetooth: hci4: command tx timeout [ 321.536498] Bluetooth: hci5: command tx timeout [ 321.600284] Bluetooth: hci7: command tx timeout [ 321.856475] Bluetooth: hci6: command tx timeout [ 322.624321] Bluetooth: hci0: command tx timeout [ 322.816416] Bluetooth: hci1: command tx timeout [ 323.008538] Bluetooth: hci2: command tx timeout [ 323.264472] Bluetooth: hci3: command tx timeout [ 323.328995] Bluetooth: hci4: command tx timeout [ 323.584297] Bluetooth: hci5: command tx timeout [ 323.648524] Bluetooth: hci7: command tx timeout [ 323.904677] Bluetooth: hci6: command tx timeout [ 324.672508] Bluetooth: hci0: command tx timeout [ 324.864335] Bluetooth: hci1: command tx timeout [ 325.056417] Bluetooth: hci2: command tx timeout [ 325.312572] Bluetooth: hci3: command tx timeout [ 325.376272] Bluetooth: hci4: command tx timeout [ 325.632403] Bluetooth: hci5: command tx timeout [ 325.697638] Bluetooth: hci7: command tx timeout [ 325.952301] Bluetooth: hci6: command tx timeout [ 378.712770] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 378.716877] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 378.722937] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 378.741684] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 378.752606] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 378.902743] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 378.906155] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 378.911127] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 378.916943] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 378.920876] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 378.968079] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 378.980724] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 379.000720] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 379.009721] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 379.029386] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 379.130078] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 379.169624] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 379.177156] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 379.190360] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 379.194783] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 379.199336] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 379.203726] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 379.208403] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 379.208800] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 379.217091] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 379.222045] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 379.226965] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 379.230022] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 379.244432] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 379.256809] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 379.418963] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 379.455178] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 379.471262] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 379.500296] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 379.506120] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 379.657082] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 379.661624] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 379.698876] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 379.765131] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 379.794184] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 380.801327] Bluetooth: hci0: command tx timeout [ 380.995344] Bluetooth: hci1: command tx timeout [ 381.121424] Bluetooth: hci2: command tx timeout [ 381.377255] Bluetooth: hci3: command tx timeout [ 381.440677] Bluetooth: hci5: command tx timeout [ 381.568485] Bluetooth: hci6: command tx timeout [ 382.144348] Bluetooth: hci7: command tx timeout [ 382.145307] Bluetooth: hci4: command tx timeout [ 382.848482] Bluetooth: hci0: command tx timeout [ 383.040259] Bluetooth: hci1: command tx timeout [ 383.168259] Bluetooth: hci2: command tx timeout [ 383.424391] Bluetooth: hci3: command tx timeout [ 383.488420] Bluetooth: hci5: command tx timeout [ 383.616475] Bluetooth: hci6: command tx timeout [ 384.192306] Bluetooth: hci4: command tx timeout [ 384.192617] Bluetooth: hci7: command tx timeout [ 384.896287] Bluetooth: hci0: command tx timeout [ 385.090244] Bluetooth: hci1: command tx timeout [ 385.216679] Bluetooth: hci2: command tx timeout [ 385.472438] Bluetooth: hci3: command tx timeout [ 385.536641] Bluetooth: hci5: command tx timeout [ 385.664637] Bluetooth: hci6: command tx timeout [ 386.240480] Bluetooth: hci4: command tx timeout [ 386.241556] Bluetooth: hci7: command tx timeout [ 386.945274] Bluetooth: hci0: command tx timeout [ 387.136291] Bluetooth: hci1: command tx timeout [ 387.265264] Bluetooth: hci2: command tx timeout [ 387.521498] Bluetooth: hci3: command tx timeout [ 387.585266] Bluetooth: hci5: command tx timeout [ 387.712520] Bluetooth: hci6: command tx timeout [ 388.288286] Bluetooth: hci7: command tx timeout [ 388.288793] Bluetooth: hci4: command tx timeout VM DIAGNOSIS: 13:54:36 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000000 RCX=ffff88802bc47394 RDX=1ffff11006a3f3f8 RSI=ffffffff85c1bac0 RDI=ffff8880351f9fc0 RBP=ffff8880351f9bc0 RSP=ffff88802bc473a0 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000003 R12=ffff8880351f9bc0 R13=0000000000000000 R14=ffffffff85c734c8 R15=ffff88800eb9f140 RIP=ffffffff815b6da4 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e564b000 00000000 00000000 LDT=0000 fffffe2500000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f4d244ec8e0 CR3=00000000338f6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=6f732e616d7a6c62696c2f756e672d78 XMM02=00352e6f732e616d7a6c62696c2f756e XMM03=672d78756e696c2d34365f3638782f62 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff84b05fde RDX=fffffbfff0ba1865 RSI=0000000000000004 RDI=ffffffff85d0c320 RBP=ffffffff85d0c320 RSP=ffff88806cf08c68 R8 =0000000000000000 R9 =fffffbfff0ba1864 R10=ffffffff85d0c323 R11=0000000000000000 R12=1ffff1100d9e118e R13=0000000000000003 R14=fffffbfff0ba1864 R15=ffff88806cf08ca0 RIP=ffffffff84b05fe2 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e574b000 00000000 00000000 LDT=0000 fffffe6d00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f7cd83708e0 CR3=0000000026058000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=0000000000ff00000000000000000000 XMM02=0000000000ff00000000000000000000 XMM03=00ff0000000000000000ff0000000000 XMM04=ff000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000