Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:47387' (ECDSA) to the list of known hosts. 2025/04/25 18:46:47 fuzzer started 2025/04/25 18:46:48 dialing manager at localhost:46629 syzkaller login: [ 84.785606] cgroup: Unknown subsys name 'net' [ 84.937786] cgroup: Unknown subsys name 'cpuset' [ 84.986569] cgroup: Unknown subsys name 'rlimit' 2025/04/25 18:47:02 syscalls: 211 2025/04/25 18:47:02 code coverage: enabled 2025/04/25 18:47:02 comparison tracing: enabled 2025/04/25 18:47:02 extra coverage: enabled 2025/04/25 18:47:02 setuid sandbox: enabled 2025/04/25 18:47:02 namespace sandbox: enabled 2025/04/25 18:47:02 Android sandbox: enabled 2025/04/25 18:47:02 fault injection: enabled 2025/04/25 18:47:02 leak checking: enabled 2025/04/25 18:47:02 net packet injection: enabled 2025/04/25 18:47:02 net device setup: enabled 2025/04/25 18:47:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/04/25 18:47:02 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/04/25 18:47:02 USB emulation: enabled 2025/04/25 18:47:02 hci packet injection: enabled 2025/04/25 18:47:02 wifi device emulation: enabled 2025/04/25 18:47:02 802.15.4 emulation: enabled 2025/04/25 18:47:02 fetching corpus: 0, signal 0/0 (executing program) 2025/04/25 18:47:03 starting 8 fuzzer processes 18:47:03 executing program 0: sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x84, 0x0, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xc8}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0xfffffffffffffffe}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x100}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x2}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xeb52}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x10b}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x84}, 0x1, 0x0, 0x0, 0x8010}, 0x24048804) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x3c, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xffff}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x2}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x3}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040c4}, 0x40000) sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r1, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_ENABLED={0x5, 0x29, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000001}, 0x4000800) sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x44, 0x0, 0x300, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x4}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x28}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000000}, 0x2004c885) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000540)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_KEY(r0, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x44, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000040}, 0x8000) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000006c0), r0) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x14, r3, 0x100, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x1) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r4, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x28, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004}, 0x881) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000900), r0) sendmsg$NL802154_CMD_GET_SEC_KEY(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x81000}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x20, r5, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000040}, 0x40000) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x74, r3, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_DEVKEY={0x4c, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0xf5d}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_ID={0x1c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}]}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x80}, 0x8000810) arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x0) r6 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000b40), 0x40000, 0x0) ioctl$CDROMRESUME(r6, 0x5302) syz_genetlink_get_family_id$gtp(&(0x7f0000000b80), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f0000000d00)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c40)={0x50, 0x0, 0x2, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000010}, 0x800) 18:47:03 executing program 1: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x348}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x4008800) sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@GTPA_I_TEI={0x8, 0x8, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000004}, 0x4) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r1, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x4) sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, 0x0, 0xd, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004000}, 0x80) sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x34, 0x0, 0x2, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000001}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x8000) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r2, &(0x7f0000000a80)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000a40)={&(0x7f0000000700)={0x310, r3, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_DEVKEY={0x34, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x5}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x3}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x8}]}, @NL802154_ATTR_SEC_DEVKEY={0x1f0, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x3f}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x9}, @NL802154_DEVKEY_ATTR_ID={0x144, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x2c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x34, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xd09cda0fe905961d}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x800}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x30, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0x555c}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0x300}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x2c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x5c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xfffe}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x7fff}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}, @NL802154_DEVKEY_ATTR_ID={0x80, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x8}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x93c4}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x38, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}]}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}, @NL802154_ATTR_SEC_DEVKEY={0xcc, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x7c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x3f}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x38, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x10000}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x6}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0x100}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x6}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x2}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x2}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x5}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x4}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x310}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000b00)={'wpan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000b40)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r2, &(0x7f0000000c40)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b80)={0x74, r3, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000005}, 0x40000) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000cc0)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f0000000d80)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x34, 0x0, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x7cb}]}, 0x34}, 0x1, 0x0, 0x0, 0x240088c0}, 0x880) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r2, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e00)={0x48, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x4b}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x2}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x7}]}, 0x48}}, 0x4000000) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f40), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000f80)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000001080)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001040)={&(0x7f0000000fc0)={0x44, r7, 0x100, 0x70bd25, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x1}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x8000845) 18:47:03 executing program 2: r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x630440, 0x0) ioctl$DVD_AUTH(r0, 0x5390, &(0x7f0000000040)=@lstk={0x7, 0x1, "f80faebfbe", 0x8, 0x1, 0x1, 0x1}) r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) ioctl$DVD_WRITE_STRUCT(r1, 0x5390, &(0x7f0000000080)=@bca={0x3, 0xbc, "887542a466cbbc71c610b60b89c27917f656378a02fde3b78ed2a2b08a6c4820efeb72dead71712cb07b3174d6c80e6c69da69dc768ebdaedc30638a9ba1b266db7d66394c9d1d00a2827ed30cd9412c653db0252acd05fbcd31b7d99b9682fc062821fe82c96126830a430feda645327e9d6fe0f107ebbb2ee91c6de5a628856af4fa89be9a0fbb491c40d65c04091789bc726ac2c3d5c8e7d62556058579c4e398dbc7837cb084482e27a119e76ddda8b3c69a12c6e94f4dd3a29c"}) r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000008c0), 0x40200, 0x0) ioctl$CDROMPLAYTRKIND(r2, 0x5304, &(0x7f0000000900)={0xfe, 0x5, 0x0, 0x6}) shmget$private(0x0, 0x2000, 0x100, &(0x7f0000ffc000/0x2000)=nil) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000980), r1) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x2c, r3, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x400}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) shmget$private(0x0, 0x1000, 0x2c000000, &(0x7f0000ffd000/0x1000)=nil) ioctl$DVD_AUTH(r1, 0x5390, &(0x7f0000000a80)=@lsc={0x3, 0x0, "c75676f7bcdcc8396b00"}) setsockopt$inet_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000ac0), 0x4) sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x1c, 0x0, 0x4, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0x8}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4890}, 0x4008000) sendmsg$BATADV_CMD_SET_VLAN(r1, &(0x7f0000000cc0)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x1c, r3, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x4000004) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r4, &(0x7f0000000dc0)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d40)={0x28, 0x0, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4044) ioctl$CDROM_SET_OPTIONS(r0, 0x5320, 0x4) ioctl$CDROMPLAYTRKIND(r0, 0x5304, &(0x7f0000000e00)={0x7d, 0x0, 0x7, 0x1}) ioctl$CDROMVOLREAD(r1, 0x5313, &(0x7f0000000e40)) ioctl$CDROM_GET_CAPABILITY(r1, 0x5331) 18:47:03 executing program 3: ioctl$CDROM_CHANGER_NSLOTS(0xffffffffffffffff, 0x5328) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/pcmcia_core', 0x105844, 0x2b) ioctl$CDROMGETSPINDOWN(r0, 0x531d, &(0x7f0000000040)) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x300, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x4) ioctl$CDROMPLAYTRKIND(r0, 0x5304, &(0x7f0000000180)={0xff, 0x80, 0x36, 0x7f}) socketpair(0x2a, 0x800, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000640)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000600)={&(0x7f0000000240)={0x3a0, 0x0, 0x10, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x100, 0x3e}}}}, [@NL80211_ATTR_TX_RATES={0x35c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xf4, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x50, 0x2, [{0x7, 0x1}, {0x0, 0x8}, {0x1}, {0x1, 0x2}, {0x4}, {0x5, 0x4}, {0x0, 0x6}, {0x3, 0x7}, {0x0, 0x8}, {0x5}, {0x1, 0xa}, {0x3, 0xa}, {0x1, 0x8}, {0x1, 0x8}, {0x6, 0x4}, {0x4, 0xa}, {0x6, 0x7}, {0x5, 0x6}, {0x5, 0x5}, {0x4, 0x2}, {0x6, 0x7}, {0x3, 0xa}, {0x6, 0x9}, {0x2, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x6, 0x7}, {0x3, 0xa}, {0x3, 0x9}, {0x1, 0x6}, {0x0, 0x2}, {0x4, 0x3}, {0x0, 0x2}, {0x5, 0x8}, {0x4, 0x1}, {0x4, 0x1}, {0x7, 0x8}, {0x7}, {0x5, 0x6}, {0x1, 0x9}, {0x2, 0x7}, {0x4, 0x7}, {0x1, 0x8}, {0x1}, {0x5, 0x6}, {0x4, 0x5}, {0x1, 0x8}, {0x0, 0x8}, {0x0, 0x9}, {0x0, 0x1}, {0x4, 0x4}, {0x7, 0xa}, {0x7, 0x8}, {0x4, 0x5}, {0x7, 0x5}, {0x6, 0x7}, {0x1, 0x5}, {0x3}, {0x5, 0x6}, {0x3, 0xa}, {0x2, 0x8}, {0x5, 0x1}, {0x6, 0x5}, {0x5, 0x6}, {0x0, 0x2}, {0x5, 0x6}, {0x6, 0x4}, {0x5, 0x5}, {0x0, 0x3}, {0x6, 0x4}, {0x4, 0x2}, {0x0, 0x9}, {0x0, 0x6}, {0x6, 0x9}, {0x0, 0x4}, {0x6, 0x4}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xb60, 0x9, 0x0, 0x4, 0x75, 0x8001, 0x5, 0x100]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x5f, 0x6e, 0x20, 0x81, 0xfa28, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7ff, 0xd76, 0x7, 0x8, 0xc98, 0x3, 0xa6d, 0x7]}}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0xc, 0x30, 0x23, 0x6, 0x5, 0x2, 0x16, 0x36, 0x16, 0x1, 0x12, 0x2, 0x1b, 0x2, 0x6c, 0x3, 0x9, 0x18, 0x18, 0xc, 0x6, 0x18, 0x2, 0x6c, 0x6, 0x48, 0x1, 0x18, 0xc, 0xb]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x7ff, 0xf49, 0x5, 0x0, 0x100, 0x8ff, 0xc7c]}}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x30, 0x4, 0x1b, 0xe51ba0b11e946f92, 0x1, 0x32, 0x53, 0x30, 0x2, 0x0, 0x1b, 0x30, 0xb, 0xc, 0x4, 0x48, 0x24, 0x2, 0x24, 0x48, 0x11, 0x66, 0x24, 0x12, 0x48, 0x1, 0x33, 0x48, 0x1b, 0x6c, 0x5, 0xc]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0x60, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0x20, 0x2, [{0x1, 0x7}, {0x0, 0x4}, {0x0, 0x8}, {0x5, 0x1}, {0x4, 0x1}, {0x3, 0x7}, {0x0, 0x8}, {0x0, 0xa}, {0x1, 0x9}, {0x0, 0x2}, {0x4, 0x4}, {0x6, 0x7}, {0x7, 0x5}, {0x3, 0x9}, {0x3, 0x5}, {0x7, 0x6}, {0x7, 0x3}, {0x2, 0x5}, {0x1}, {0x5, 0x4}, {0x0, 0xa}, {0x0, 0x7}, {0x5}, {0x4, 0x2}, {}, {0x5, 0x5}, {0x1}, {0x1, 0xa}]}, @NL80211_TXRATE_HT={0x34, 0x2, [{0x1, 0x1}, {0x5, 0x4}, {0x1, 0x6}, {0x4, 0x1}, {0x3, 0x2}, {0x0, 0xa}, {0x5, 0x1}, {0x5, 0x5}, {0x5, 0x9}, {0x0, 0x6}, {0x0, 0x6}, {0x0, 0x7}, {0x0, 0x1}, {0x6, 0x7}, {}, {0x2, 0x1}, {0x3, 0x1}, {0x2, 0x2}, {0x0, 0x4}, {0x7, 0x7}, {0x7, 0x3}, {0x2}, {0x0, 0x9}, {0x7, 0x7}, {0x3, 0x2}, {0x3, 0x7}, {0x5, 0x7}, {0x1, 0x3}, {0x1, 0x4}, {0x5, 0x4}, {0x6, 0x5}, {0x2, 0xa}, {0x3, 0x5}, {0x0, 0x6}, {0x1, 0x3}, {0x6, 0x5}, {0x2, 0x9}, {0x3, 0x6}, {0x0, 0x6}, {0x5, 0x2}, {0x1, 0x8}, {0x2, 0x6}, {0x0, 0x1}, {0x5, 0x7}, {0x0, 0x6}, {0x3, 0x3}, {0x7, 0x5}, {0x5, 0x9}]}]}, @NL80211_BAND_60GHZ={0x80, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x2, 0xa7, 0x3, 0x0, 0x8, 0xfff7, 0x5]}}, @NL80211_TXRATE_HT={0x38, 0x2, [{0x1, 0x1}, {0x7, 0x7}, {0x3, 0x6}, {0x0, 0x2}, {0x2, 0x2}, {0x6, 0x1}, {0x0, 0xa}, {0x1, 0x2}, {0x6, 0x3}, {0x5, 0x2}, {0x7, 0x8}, {0x1, 0x7}, {0x2}, {0x7, 0x6}, {0x4, 0x4}, {0x1, 0xa}, {0x0, 0x3}, {0x0, 0x6}, {0x6, 0x9}, {0x3, 0x5}, {0x0, 0x3}, {0x5}, {0x1, 0x8}, {0x1, 0x5}, {0x4, 0x9}, {0x2, 0x9}, {0x2, 0xa}, {0x0, 0x2}, {0x4, 0xa}, {0x4, 0x4}, {0x7, 0xa}, {0x0, 0x2}, {0x7, 0x2}, {0x1, 0x6}, {0x6}, {0x6, 0xa}, {0x0, 0x8}, {0x1, 0xa}, {0x4, 0x4}, {0x1, 0x2}, {0x5, 0x2}, {0x5, 0x7}, {0x1, 0x6}, {0x1, 0x3}, {0x1}, {0x1, 0x3}, {0x2, 0xa}, {0x3, 0x3}, {0x0, 0xa}, {0x6, 0xa}, {0x1}, {0x4, 0xa}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x3c, 0x5, 0x1, 0xc, 0xb, 0xb, 0x9]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x9, 0x6, 0x60, 0x4, 0x2, 0x9, 0x59, 0x18, 0x4, 0x48, 0x4, 0xc095edc9f3e5cf45, 0x1b, 0x16]}]}, @NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x6}, {0x3, 0x1}, {0x0, 0x7}, {0x5, 0x6}, {0x2, 0x2}, {0x0, 0x3}, {0x3, 0x2}]}, @NL80211_TXRATE_HT={0x1b, 0x2, [{0x1, 0x8}, {0x1, 0x2}, {0x5, 0x8}, {0x3, 0x5}, {0x4, 0x3}, {0x0, 0x6}, {0x0, 0x3}, {0x0, 0x9}, {0x6, 0x6}, {0x3}, {0x0, 0x9}, {0x4, 0x1}, {0x0, 0x1}, {0x7, 0x6}, {0x3, 0x3}, {0x4, 0x8}, {0x1, 0x7}, {0x1, 0x4}, {0x4, 0x1}, {0x3, 0x6}, {0x6, 0x7}, {0x6, 0x7}, {0x5}]}]}, @NL80211_BAND_2GHZ={0x4c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x30, 0x2, [{0x4, 0x7}, {0x7, 0x6}, {0x4, 0x7}, {0x0, 0x2}, {0x2, 0x5}, {0x6, 0x2}, {0x7, 0x6}, {0x0, 0x1}, {0x5, 0x3}, {0x7, 0xa}, {0x3}, {0x7, 0x3}, {0x6, 0x7}, {0x0, 0x9}, {0x7, 0x7}, {0x7, 0x9}, {0x3, 0x3}, {0x0, 0x1}, {0x2, 0x2}, {0x2, 0x7}, {0x6, 0x7}, {0x4, 0x2}, {0x1, 0x5}, {0x6, 0x4}, {0x4, 0x6}, {0x3, 0x7}, {0x1, 0x1}, {0x4, 0x1}, {0x5, 0x3}, {0x1, 0x8}, {0x3}, {0x0, 0x4}, {0x1, 0x9}, {0x5, 0x1}, {0x3, 0x4}, {0x0, 0x7}, {0x0, 0x7}, {0x6, 0x9}, {0x6, 0x3}, {}, {0x0, 0x8}, {0x2, 0x4}, {0x0, 0x4}, {0x2, 0x7}]}]}, @NL80211_BAND_2GHZ={0xf8, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x43, 0x2, [{0x2, 0x2}, {0x6, 0x6}, {0x3, 0x1}, {0x3, 0x5}, {0x1, 0x8}, {0x5, 0x2}, {0x5, 0x1}, {0x2, 0x3}, {0x1}, {0x7, 0x2}, {0x2, 0x5}, {0x4, 0x4}, {0x5, 0x6}, {0x0, 0x8}, {0x5}, {0x6, 0x6}, {0x0, 0xa}, {}, {0x3, 0x8}, {0x0, 0x9}, {0x6, 0xa}, {0x5, 0x5}, {0x5, 0x7}, {0x3, 0x5}, {0x2, 0x1}, {0x6, 0x5}, {0x3, 0xa}, {0x4, 0x7}, {0x3, 0x7}, {0x2, 0x7}, {0x0, 0x4}, {0x2, 0x6}, {0x0, 0x4}, {0x1, 0x7}, {0x0, 0xa}, {0x2, 0x5}, {0x3, 0x4}, {0x6, 0x5}, {0x5, 0xa}, {0x5, 0x6}, {0x7}, {0x4, 0x6}, {0x5, 0xa}, {0x0, 0x9}, {0x4, 0x5}, {0x2, 0x4}, {0x1, 0x5}, {0x3, 0x2}, {0x0, 0xa}, {0x2, 0x3}, {0x0, 0xa}, {0x6, 0x4}, {0x0, 0x6}, {0x6, 0x7}, {0x0, 0xa}, {0x3, 0x9}, {0x5, 0x5}, {0x6, 0x7}, {0x0, 0x7}, {0x3, 0x1}, {0x6, 0x2}, {0x7, 0x8}, {0x3, 0x7}]}, @NL80211_TXRATE_HT={0x4c, 0x2, [{0x2, 0x5}, {0x0, 0x1}, {0x3, 0x9}, {0x2, 0x8}, {0x1, 0x9}, {0x4, 0x6}, {0x2, 0x3}, {0x7, 0xa}, {0x5, 0x6}, {0x7, 0x1}, {0x2, 0x8}, {0x7, 0x9}, {0x7, 0xa}, {0x1, 0x5}, {0x6, 0x3}, {0x7, 0x4}, {0x4, 0xa}, {0x7, 0x1}, {0x1, 0x1}, {0x7, 0x1}, {0x2, 0x9}, {0x4}, {0x3, 0x5}, {0x4, 0x9}, {0x5, 0x8}, {0x1, 0x8}, {0x0, 0x3}, {0x6, 0x9}, {0x5, 0x9}, {0x7, 0x1}, {0x2, 0x2}, {0x0, 0x6}, {0x1, 0x5}, {0x5, 0x5}, {0x4, 0x7}, {0x5, 0x8}, {0x2, 0x4}, {0x0, 0x4}, {0x2, 0x5}, {0x0, 0x3}, {0x2, 0x5}, {0x0, 0x9}, {0x5, 0x5}, {0x0, 0x6}, {0x1, 0x9}, {0x1}, {0x3, 0xa}, {0x2, 0x3}, {0x3}, {0x1, 0x4}, {0x6, 0x3}, {0x4}, {0x6, 0x1}, {0x6, 0x6}, {0x6}, {0x3, 0x1}, {0x4, 0x3}, {0x3}, {0x0, 0x7}, {0x0, 0x5}, {0x6}, {0x2, 0xa}, {0x4, 0x7}, {0x1}, {0x2, 0x7}, {0x5, 0x2}, {0x7, 0xa}, {0x1, 0x2}, {0x3, 0x6}, {0x0, 0x3}, {0x1, 0x4}, {0x5, 0x5}]}, @NL80211_TXRATE_HT={0x3d, 0x2, [{0x4}, {0x3, 0x3}, {0x0, 0x2}, {0x1, 0x1}, {0x6, 0x1}, {0x1, 0x4}, {0x4, 0xa}, {0x7, 0x4}, {0x1, 0x1}, {0x1, 0x9}, {0x5, 0x3}, {0x3, 0xa}, {0x1, 0x8}, {0x1, 0x2}, {0x4, 0x6}, {0x6, 0x4}, {0x1}, {0x0, 0x9}, {0x0, 0x6}, {0x4, 0x3}, {0x0, 0x3}, {0x7, 0x6}, {0x1}, {0x3, 0x5}, {0x7}, {0x5, 0x5}, {0x1, 0x4}, {0x1, 0xa}, {0x4, 0x7}, {0x0, 0x5}, {0x3, 0x7}, {0x7, 0x6}, {0x3, 0x6}, {0x1, 0x5}, {0x3, 0x9}, {0x3, 0x6}, {0x7, 0x8}, {0x4, 0x1}, {0x5, 0x5}, {0x4, 0x9}, {0x1, 0x4}, {0x4}, {0x0, 0x9}, {0x0, 0x6}, {0x5, 0x1}, {0x7, 0x3}, {0x5, 0x8}, {0x5, 0x6}, {0x3, 0x6}, {0x4, 0x6}, {0x1, 0xa}, {0x1, 0x8}, {0x6, 0x4}, {0x3, 0x4}, {0x2, 0x7}, {0x0, 0x9}, {0x5}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1bc, 0x9, 0x13b, 0x7ff, 0x8, 0x5, 0x1, 0x4]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x7ff}, @NL80211_ATTR_BSS_BASIC_RATES={0x8, 0x24, [{0x30, 0x1}, {0x5}, {0x2, 0x1}, {}]}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x9}, @NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x3a0}, 0x1, 0x0, 0x0, 0x48004}, 0x80c) sendmsg$BATADV_CMD_SET_VLAN(r1, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x44, 0x0, 0x2, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x9}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000804) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), r0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000008c0)={&(0x7f00000007c0), 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x34, r2, 0x10, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5}, @NL80211_ATTR_BSS_BASIC_RATES={0xc, 0x24, [{0x60, 0x1}, {0xc}, {0x4, 0x1}, {0x1b, 0x1}, {0x4}, {0x3, 0x1}, {0x4, 0x1}, {0x16, 0x1}]}, @NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_RETRIES={0x5, 0x5, 0xb}]}]}, 0x34}}, 0x90) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f00000009c0)={'syztnl1\x00', &(0x7f0000000940)={'syztnl1\x00', 0x0, 0x2f, 0x1, 0xe1, 0x20, 0x2, @remote, @private2, 0x10, 0x10, 0x7fffffff, 0x5}}) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f0000000ac0)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x54, 0x0, 0x300, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x6ea}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x4804) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x38, 0x0, 0x20, 0x70bd27, 0x25dfdbfb, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x6}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x4}, @NBD_ATTR_CLIENT_FLAGS={0xc}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4048000) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c40), r1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000c80)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x1c, r4, 0x800, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4810) getsockopt$inet6_udp_int(r0, 0x11, 0x69aa30543fc55d6d, &(0x7f0000000d80), &(0x7f0000000dc0)=0x4) bind$802154_raw(r0, &(0x7f0000000e00)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0302}}}, 0x14) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r0, 0x89f6, &(0x7f0000000f80)={'syztnl2\x00', &(0x7f0000000f00)={'syztnl2\x00', 0x0, 0x29, 0x1, 0x7, 0x0, 0x20, @private1={0xfc, 0x1, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1, 0x1, 0x5, 0x1ff}}) 18:47:03 executing program 4: r0 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/bus/i2c', 0x40000, 0x1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x9c, r0, 0x2, 0x70bd27, 0x25dfdbfd, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x200}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x10000}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xfffffffffffffff7}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x2}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x3}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xdb}, @NBD_ATTR_SOCKETS={0x34, 0x7, 0x0, 0x1, [{0x8, 0x1, r1}, {0x8}, {0x8}, {0x8, 0x1, r2}, {0x8}, {0x8, 0x1, r3}]}, @NBD_ATTR_CLIENT_FLAGS={0xc}]}, 0x9c}, 0x1, 0x0, 0x0, 0x2402c010}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wpan3\x00', 0x0}) sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x24, 0x0, 0x200, 0x70bd2a, 0x25dfdbfe, {}, [@IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0xe0}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4080) sendmsg$NL80211_CMD_GET_REG(r2, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x40, 0x0, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x7}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'b\x00'}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x1f}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x5c}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x4808) sendmsg$NL80211_CMD_GET_MPP(r2, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x28, 0x0, 0x400, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x20004040}, 0x8000) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000600), r2) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x48, r5, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xfffff801}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xfffeffff}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x3f}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}]}, 0x48}}, 0x800) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, r0, 0x8, 0x70bd27, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x60040}, 0x408d5) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000880), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x2c, r6, 0x20, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x200008e1}, 0x4002) sendmsg$NL80211_CMD_PROBE_CLIENT(r2, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x74, 0x0, 0x200, 0x70bd29, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x7, 0x23}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}]}, 0x74}, 0x1, 0x0, 0x0, 0x102a7f8b7e82c1ee}, 0x4080000) sendmsg$NL80211_CMD_GET_MPP(r2, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b00)={0x70, 0x0, 0x8, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7fff, 0x36}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x70}, 0x1, 0x0, 0x0, 0x44880}, 0x8804) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000c40), r2) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000c80)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r7, &(0x7f0000000d40)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x2c, r8, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r9}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}]}, 0x2c}}, 0x8) [ 99.885685] audit: type=1400 audit(1745606823.406:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 18:47:03 executing program 5: r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x9}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x804}, 0x40080) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/class/hidraw', 0x10000, 0x0) sendmsg$NL80211_CMD_ABORT_SCAN(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x400, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40810}, 0x0) sendmsg$NL802154_CMD_SET_LBT_MODE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, 0x0, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_LBT_MODE={0x5, 0x13, 0x1}]}, 0x34}}, 0x84) r2 = fork() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x30000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x54, 0x0, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_PID={0x8, 0x1c, r2}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_PID={0x8, 0x1c, 0xffffffffffffffff}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x54}, 0x1, 0x0, 0x0, 0x5}, 0x20008000) pselect6(0x40, &(0x7f00000004c0)={0x6, 0xffffffff, 0x800, 0x20, 0x2, 0x4, 0x935, 0x8000}, &(0x7f0000000500)={0x4, 0x800000, 0x0, 0x6, 0x100000000, 0x3, 0x5, 0x8}, &(0x7f0000000540)={0x1, 0x7f, 0x7fffffff, 0x0, 0x101, 0x3, 0x7, 0x5}, &(0x7f0000000580)={0x0, 0x3938700}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x10001]}, 0x8}) sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x60, 0x0, 0x300, 0x70bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x1}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x20}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x6}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) r3 = getpgrp(r2) r4 = accept4$unix(r1, &(0x7f00000009c0), &(0x7f0000000a40)=0x6e, 0x80000) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000a80), 0x2000, 0x0) r6 = socket$inet6_udp(0xa, 0x2, 0x0) r7 = getuid() r8 = pidfd_getfd(r1, r1, 0x0) r9 = socket$inet_icmp(0x2, 0x2, 0x1) r10 = pidfd_open(r2, 0x0) sendmsg$unix(r1, &(0x7f0000000b80)={&(0x7f0000000780)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000800)="4abd510eb968060a426ba3a55491ff80646a223ce51fb91c476a75650d42e569e315a68cca6d41598c6d73cf1b991f98c3ba90c98d78591047a8b66895ecc84593107527369864b92e5750ae1b220c46a8e3d9318128adf0192c4a2cce42f861f6e045f6557cc2533bc36a733983c4c076a30f9a5ff4561fbc82a9c457356e7bf627e46d1fe6961c4d9973873c2c30ea0de3b8146e0df9f964cdcf8196b8f21e5f4869438424f9f7215a60a4d1d6fb866f34fb60c812b2c0c121483d1a3a47437ecb6440cdd164dba8c832d69185720981faf9cfc891dd50b142e6f5b65f51a9b3db9cdd3b02d97a22e5155384df7be2c27fd801", 0xf4}, {&(0x7f0000000900)="1daeb3feed6f12a583a819f0dfdab41fe6bbc34c445eac8fd9f8a4f64ce4aea80f64917ec9b0e138b57b7b75042b04660fac1e815809ed586e80963a526ff197e1cc1800eefdba4823eae3890bfbeb015bbf", 0x52}], 0x2, &(0x7f0000000ac0)=[@cred={{0x1c, 0x1, 0x2, {r3, 0xffffffffffffffff, 0xee00}}}, @rights={{0x20, 0x1, 0x1, [r4, r1, r1, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [r5, r6, r1]}}, @cred={{0x1c, 0x1, 0x2, {r2, r7, 0xffffffffffffffff}}}, @rights={{0x30, 0x1, 0x1, [r1, r8, r1, r9, r1, r1, r10, r1]}}], 0xb0, 0x80}, 0x20048000) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000bc0)={'wpan0\x00'}) sendmsg$NL80211_CMD_START_AP(r8, &(0x7f0000000d40)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x5c, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x7fff, 0x2b}}}}, [@NL80211_ATTR_HE_OBSS_PD={0xc, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0xe}]}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x40}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x2}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x1}, @NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_TWT_RESPONDER={0x4}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4004040}, 0x10) 18:47:03 executing program 6: sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x4, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xfffffffffffffffc}]}, 0x20}, 0x1, 0x0, 0x0, 0x20008804}, 0x4000000) syz_genetlink_get_family_id$nbd(&(0x7f0000000100), 0xffffffffffffffff) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x4c, r1, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x4008000) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x34, r1, 0x2, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x20008000) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_ADD_DEV(r3, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x40, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xffff}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xffff}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x3}, @IEEE802154_ATTR_SHORT_ADDR={0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x844}, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000500)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_SET_LBT_MODE(r4, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x28, r1, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000000}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x28}}, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r6, &(0x7f00000006c0)={&(0x7f0000000600), 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x28, r1, 0x8, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4122d68715ddd520) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000700), r7) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r7, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x58, 0x0, 0x8, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x58}, 0x1, 0x0, 0x0, 0x40880}, 0x10) r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000008c0), r6) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000900)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LIST_IFACE(r2, &(0x7f0000000a80)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x50, r8, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004041) 18:47:03 executing program 7: r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = clone3(&(0x7f0000001380)={0x800, &(0x7f0000001180), &(0x7f00000011c0)=0x0, &(0x7f0000001200), {0x7}, &(0x7f0000001240)=""/184, 0xb8, &(0x7f0000001300)=""/54, &(0x7f0000001340)=[0xffffffffffffffff], 0x1, {r0}}, 0x58) r3 = getpgrp(0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001440)='./cgroup/syz0\x00', 0x200002, 0x0) clone3(&(0x7f0000001480)={0x22000, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)=0x0, {0x7}, &(0x7f00000000c0)=""/159, 0x9f, &(0x7f0000000180)=""/4096, &(0x7f0000001400)=[0x0, 0x0, 0x0, r2, 0x0, r3, 0xffffffffffffffff], 0x7, {r4}}, 0x58) set_robust_list(&(0x7f0000001580)={&(0x7f0000001540)={&(0x7f0000001500)}, 0x359}, 0x18) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$FOU_CMD_GET(r6, &(0x7f0000001680)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x38, 0x0, 0x300, 0x70bd27, 0x25dfdbfc, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @local}, @FOU_ATTR_PEER_V4={0x8, 0x8, @multicast1}, @FOU_ATTR_PEER_V4={0x8, 0x8, @private=0xa010102}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000014}, 0x4041) r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000016c0)='/sys/kernel/slab', 0x80000, 0x90) setsockopt$inet_icmp_ICMP_FILTER(r7, 0x1, 0x1, &(0x7f0000001700), 0x4) r8 = pidfd_getfd(r0, r4, 0x0) ioctl$TUNSETPERSIST(r8, 0x400454cb, 0x1) add_key$fscrypt_provisioning(&(0x7f0000001740), &(0x7f0000001780)={'syz', 0x3}, &(0x7f00000017c0)={0x1, 0x0, @b}, 0x48, 0xffffffffffffffff) clone3(&(0x7f0000002a40)={0x40008400, &(0x7f0000001840), &(0x7f0000001880), &(0x7f00000018c0)=0x0, {0x25}, &(0x7f0000001900)=""/4096, 0x1000, &(0x7f0000002900)=""/227, &(0x7f0000002a00)=[r1, r5, r2, 0xffffffffffffffff, r1, r3], 0x6, {r0}}, 0x58) pidfd_open(r9, 0x0) r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000002ac0)='/sys/module/hid_monterey', 0x100, 0x2) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002b40), r7) sendmsg$NL80211_CMD_GET_REG(r10, &(0x7f0000002c00)={&(0x7f0000002b00)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000002bc0)={&(0x7f0000002b80)={0x1c, r11, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24008840}, 0x24040081) r12 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_TP_METER_CANCEL(r12, &(0x7f0000002d00)={&(0x7f0000002c40)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000002cc0)={&(0x7f0000002c80)={0x24, 0x0, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x804}, 0x44000) [ 101.263798] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 101.269539] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 101.272190] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 101.278730] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 101.284723] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 101.339916] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 101.342538] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 101.347124] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 101.350785] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 101.353420] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 101.357183] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 101.364525] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 101.369397] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 101.372347] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 101.377575] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 101.383876] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 101.385360] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 101.398627] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 101.410676] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 101.435292] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 101.486450] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 101.493833] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 101.497469] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 101.506518] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 101.514757] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 101.533989] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 101.547208] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 101.549049] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 101.553753] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 101.559506] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 101.561533] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 101.574197] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 101.581551] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 101.585423] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 101.591562] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 101.593768] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 101.597839] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 101.607179] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 101.623934] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 101.628284] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 103.337818] Bluetooth: hci0: command tx timeout [ 103.402098] Bluetooth: hci1: command tx timeout [ 103.465516] Bluetooth: hci2: command tx timeout [ 103.529122] Bluetooth: hci3: command tx timeout [ 103.657042] Bluetooth: hci4: command tx timeout [ 103.657100] Bluetooth: hci5: command tx timeout [ 103.721063] Bluetooth: hci6: command tx timeout [ 103.721236] Bluetooth: hci7: command tx timeout [ 105.385533] Bluetooth: hci0: command tx timeout [ 105.449044] Bluetooth: hci1: command tx timeout [ 105.514212] Bluetooth: hci2: command tx timeout [ 105.577370] Bluetooth: hci3: command tx timeout [ 105.705037] Bluetooth: hci4: command tx timeout [ 105.706306] Bluetooth: hci5: command tx timeout [ 105.771145] Bluetooth: hci7: command tx timeout [ 105.771294] Bluetooth: hci6: command tx timeout [ 107.433051] Bluetooth: hci0: command tx timeout [ 107.497621] Bluetooth: hci1: command tx timeout [ 107.561248] Bluetooth: hci2: command tx timeout [ 107.626324] Bluetooth: hci3: command tx timeout [ 107.754016] Bluetooth: hci5: command tx timeout [ 107.754086] Bluetooth: hci4: command tx timeout [ 107.817047] Bluetooth: hci7: command tx timeout [ 107.819018] Bluetooth: hci6: command tx timeout [ 109.481230] Bluetooth: hci0: command tx timeout [ 109.546032] Bluetooth: hci1: command tx timeout [ 109.612013] Bluetooth: hci2: command tx timeout [ 109.674066] Bluetooth: hci3: command tx timeout [ 109.801033] Bluetooth: hci4: command tx timeout [ 109.802041] Bluetooth: hci5: command tx timeout [ 109.865344] Bluetooth: hci6: command tx timeout [ 109.865852] Bluetooth: hci7: command tx timeout [ 161.538188] syz-executor.4 (283) used greatest stack depth: 24008 bytes left [ 163.900376] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 163.903764] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 163.907238] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 163.916694] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 163.920783] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 164.021522] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 164.025895] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 164.030832] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 164.040404] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 164.053495] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 164.058542] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 164.060919] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 164.075606] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 164.078386] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 164.085434] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 164.094042] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 164.100677] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 164.100797] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 164.105407] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 164.105581] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 164.116650] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 164.128122] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 164.132590] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 164.134367] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 164.151555] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 164.165235] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 164.173560] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 164.192268] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 164.208279] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 164.214033] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 164.266405] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 164.274623] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 164.284573] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 164.312090] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 164.346761] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 164.364348] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 164.398659] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 164.402542] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 164.422189] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 164.456007] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 165.993605] Bluetooth: hci0: command tx timeout [ 166.121065] Bluetooth: hci1: command tx timeout [ 166.185072] Bluetooth: hci2: command tx timeout [ 166.186465] Bluetooth: hci4: command tx timeout [ 166.188373] Bluetooth: hci3: command tx timeout [ 166.313057] Bluetooth: hci5: command tx timeout [ 166.377130] Bluetooth: hci6: command tx timeout [ 166.569170] Bluetooth: hci7: command tx timeout [ 168.042335] Bluetooth: hci0: command tx timeout [ 168.169029] Bluetooth: hci1: command tx timeout [ 168.233265] Bluetooth: hci4: command tx timeout [ 168.233733] Bluetooth: hci3: command tx timeout [ 168.234215] Bluetooth: hci2: command tx timeout [ 168.361240] Bluetooth: hci5: command tx timeout [ 168.425973] Bluetooth: hci6: command tx timeout [ 168.617040] Bluetooth: hci7: command tx timeout [ 170.089105] Bluetooth: hci0: command tx timeout [ 170.217361] Bluetooth: hci1: command tx timeout [ 170.281189] Bluetooth: hci2: command tx timeout [ 170.282247] Bluetooth: hci3: command tx timeout [ 170.283165] Bluetooth: hci4: command tx timeout [ 170.409398] Bluetooth: hci5: command tx timeout [ 170.473056] Bluetooth: hci6: command tx timeout [ 170.666071] Bluetooth: hci7: command tx timeout [ 172.138271] Bluetooth: hci0: command tx timeout [ 172.265710] Bluetooth: hci1: command tx timeout [ 172.329353] Bluetooth: hci3: command tx timeout [ 172.330540] Bluetooth: hci4: command tx timeout [ 172.331007] Bluetooth: hci2: command tx timeout [ 172.457249] Bluetooth: hci5: command tx timeout [ 172.521041] Bluetooth: hci6: command tx timeout [ 172.713044] Bluetooth: hci7: command tx timeout [ 227.124183] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 227.126625] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 227.127844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 227.130612] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 227.132648] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 227.189926] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 227.192421] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 227.195317] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 227.202903] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 227.206370] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 227.256507] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 227.261073] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 227.263886] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 227.273892] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 227.277614] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 227.382986] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 227.396568] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 227.405303] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 227.430207] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 227.437209] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 227.444799] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 227.447318] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 227.455327] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 227.461191] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 227.464662] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 227.466075] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 227.470201] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 227.483215] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 227.501141] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 227.505437] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 227.506806] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 227.518634] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 227.560815] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 227.569486] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 227.592135] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 227.660880] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 227.731317] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 227.739547] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 227.758496] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 227.766064] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 229.163055] Bluetooth: hci0: command tx timeout [ 229.289048] Bluetooth: hci1: command tx timeout [ 229.353187] Bluetooth: hci2: command tx timeout [ 229.481111] Bluetooth: hci3: command tx timeout [ 229.609289] Bluetooth: hci4: command tx timeout [ 229.609717] Bluetooth: hci6: command tx timeout [ 229.741148] Bluetooth: hci5: command tx timeout [ 229.865466] Bluetooth: hci7: command tx timeout [ 231.209081] Bluetooth: hci0: command tx timeout [ 231.339030] Bluetooth: hci1: command tx timeout [ 231.401152] Bluetooth: hci2: command tx timeout [ 231.529505] Bluetooth: hci3: command tx timeout [ 231.659167] Bluetooth: hci4: command tx timeout [ 231.659260] Bluetooth: hci6: command tx timeout [ 231.787063] Bluetooth: hci5: command tx timeout [ 231.915006] Bluetooth: hci7: command tx timeout [ 233.257320] Bluetooth: hci0: command tx timeout [ 233.385200] Bluetooth: hci1: command tx timeout [ 233.449025] Bluetooth: hci2: command tx timeout [ 233.577996] Bluetooth: hci3: command tx timeout [ 233.706125] Bluetooth: hci6: command tx timeout [ 233.706240] Bluetooth: hci4: command tx timeout [ 233.834978] Bluetooth: hci5: command tx timeout [ 233.961059] Bluetooth: hci7: command tx timeout [ 235.306047] Bluetooth: hci0: command tx timeout [ 235.434014] Bluetooth: hci1: command tx timeout [ 235.497022] Bluetooth: hci2: command tx timeout [ 235.626076] Bluetooth: hci3: command tx timeout [ 235.753162] Bluetooth: hci4: command tx timeout [ 235.754234] Bluetooth: hci6: command tx timeout [ 235.881065] Bluetooth: hci5: command tx timeout [ 236.009032] Bluetooth: hci7: command tx timeout [ 289.600023] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 289.607793] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 289.611801] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 289.621810] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 289.626436] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 289.673826] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 289.676588] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 289.679107] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 289.686304] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 289.689682] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 289.942302] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 289.950818] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 289.957195] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 289.963328] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 289.983433] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 290.007264] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 290.021461] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 290.026388] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 290.049470] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 290.069436] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 290.072983] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 290.087857] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 290.095510] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 290.131892] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 290.137382] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 290.141235] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 290.150696] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 290.154574] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 290.160528] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 290.164407] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 290.166538] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 290.192473] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 290.210118] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 290.212882] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 290.216165] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 290.227802] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 290.237148] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 290.243651] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 290.264663] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 290.278788] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 291.689172] Bluetooth: hci0: command tx timeout [ 291.753364] Bluetooth: hci1: command tx timeout [ 292.073682] Bluetooth: hci2: command tx timeout [ 292.201390] Bluetooth: hci3: command tx timeout [ 292.329717] Bluetooth: hci4: command tx timeout [ 292.393548] Bluetooth: hci7: command tx timeout [ 292.393599] Bluetooth: hci6: command tx timeout [ 292.521100] Bluetooth: hci5: command tx timeout [ 293.737371] Bluetooth: hci0: command tx timeout [ 293.802984] Bluetooth: hci1: command tx timeout [ 294.121200] Bluetooth: hci2: command tx timeout [ 294.249160] Bluetooth: hci3: command tx timeout [ 294.377117] Bluetooth: hci4: command tx timeout [ 294.441795] Bluetooth: hci6: command tx timeout [ 294.442289] Bluetooth: hci7: command tx timeout [ 294.569314] Bluetooth: hci5: command tx timeout [ 295.785257] Bluetooth: hci0: command tx timeout [ 295.849015] Bluetooth: hci1: command tx timeout [ 296.169171] Bluetooth: hci2: command tx timeout [ 296.298164] Bluetooth: hci3: command tx timeout [ 296.425312] Bluetooth: hci4: command tx timeout [ 296.489071] Bluetooth: hci6: command tx timeout [ 296.489205] Bluetooth: hci7: command tx timeout [ 296.617143] Bluetooth: hci5: command tx timeout [ 297.833178] Bluetooth: hci0: command tx timeout [ 297.897112] Bluetooth: hci1: command tx timeout [ 298.217022] Bluetooth: hci2: command tx timeout [ 298.345188] Bluetooth: hci3: command tx timeout [ 298.473239] Bluetooth: hci4: command tx timeout [ 298.538382] Bluetooth: hci7: command tx timeout [ 298.538430] Bluetooth: hci6: command tx timeout [ 298.667990] Bluetooth: hci5: command tx timeout [ 351.994708] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 351.998190] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 352.009108] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 352.019485] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 352.026129] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 352.180728] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 352.183888] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 352.188056] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 352.203488] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 352.209658] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 352.257374] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 352.269503] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 352.269807] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 352.273407] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 352.276537] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 352.279215] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 352.300644] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 352.305347] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 352.312487] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 352.316400] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 352.326329] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 352.347420] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 352.354870] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 352.407577] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 352.410328] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 352.427371] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 352.443426] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 352.444254] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 352.446103] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 352.458428] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 352.459392] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 352.466347] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 352.474521] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 352.490855] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 352.495551] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 352.504250] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 352.553483] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 352.561471] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 352.563816] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 352.592202] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 354.090999] Bluetooth: hci0: command tx timeout [ 354.281134] Bluetooth: hci1: command tx timeout [ 354.409090] Bluetooth: hci3: command tx timeout [ 354.409310] Bluetooth: hci2: command tx timeout [ 354.537162] Bluetooth: hci4: command tx timeout [ 354.601377] Bluetooth: hci6: command tx timeout [ 354.665307] Bluetooth: hci5: command tx timeout [ 354.666047] Bluetooth: hci7: command tx timeout [ 356.138269] Bluetooth: hci0: command tx timeout [ 356.329020] Bluetooth: hci1: command tx timeout [ 356.457016] Bluetooth: hci3: command tx timeout [ 356.457040] Bluetooth: hci2: command tx timeout [ 356.585006] Bluetooth: hci4: command tx timeout [ 356.649280] Bluetooth: hci6: command tx timeout [ 356.713023] Bluetooth: hci5: command tx timeout [ 356.713995] Bluetooth: hci7: command tx timeout [ 358.187016] Bluetooth: hci0: command tx timeout [ 358.377007] Bluetooth: hci1: command tx timeout [ 358.506079] Bluetooth: hci3: command tx timeout [ 358.506566] Bluetooth: hci2: command tx timeout [ 358.633512] Bluetooth: hci4: command tx timeout [ 358.697219] Bluetooth: hci6: command tx timeout [ 358.761311] Bluetooth: hci7: command tx timeout [ 358.761616] Bluetooth: hci5: command tx timeout [ 360.233028] Bluetooth: hci0: command tx timeout [ 360.425005] Bluetooth: hci1: command tx timeout [ 360.554005] Bluetooth: hci3: command tx timeout [ 360.554499] Bluetooth: hci2: command tx timeout [ 360.681040] Bluetooth: hci4: command tx timeout [ 360.746115] Bluetooth: hci6: command tx timeout [ 360.809210] Bluetooth: hci5: command tx timeout [ 360.810145] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 18:52:06 Registers: info registers vcpu 0 RAX=00000000000000d7 RBX=ffff888035248000 RCX=7494740b90282a90 RDX=000000007f413ee8 RSI=0000000080879a8c RDI=ffff888035248a58 RBP=0000000000000000 RSP=ffff88802e5ffda8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffff888035248a58 R13=0000000000000001 R14=7494740b90282a90 R15=ffff888035248a58 RIP=ffffffff81511bd3 RFL=00000007 [-----PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e564b000 00000000 00000000 LDT=0000 fffffe2c00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f8285ff0e28 CR3=000000000c56e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=322e6f732e6c6462696c2f756e672d78 XMM02=00322e6f732e6c6462696c2f756e672d XMM03=78756e696c2d34365f3638782f62696c XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88800956bc00 RCX=ffffffff8165ba82 RDX=ffff888036160000 RSI=0000000000000001 RDI=0000000000000000 RBP=dffffc0000000000 RSP=ffff88806cf08c60 R8 =0000000000000000 R9 =ffffed10012ad791 R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=ffff88806cf08cf8 R14=0000000000000001 R15=0000000000000000 RIP=ffffffff8172e634 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e574b000 00000000 00000000 LDT=0000 fffffe0100000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2e2f7f4260 CR3=0000000027150000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=2e6f747079726362696c2f756e672d78 XMM02=00312e312e6f732e6f74707972636269 XMM03=6c2f756e672d78756e696c2d34365f36 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000