Warning: Permanently added '[localhost]:43469' (ECDSA) to the list of known hosts. 2025/04/30 02:14:42 fuzzer started 2025/04/30 02:14:43 dialing manager at localhost:46073 syzkaller login: [ 94.884045] cgroup: Unknown subsys name 'net' [ 95.033248] cgroup: Unknown subsys name 'cpuset' [ 95.070522] cgroup: Unknown subsys name 'rlimit' 2025/04/30 02:15:09 syscalls: 200 2025/04/30 02:15:09 code coverage: enabled 2025/04/30 02:15:09 comparison tracing: enabled 2025/04/30 02:15:09 extra coverage: enabled 2025/04/30 02:15:09 setuid sandbox: enabled 2025/04/30 02:15:09 namespace sandbox: enabled 2025/04/30 02:15:09 Android sandbox: enabled 2025/04/30 02:15:09 fault injection: enabled 2025/04/30 02:15:09 leak checking: enabled 2025/04/30 02:15:09 net packet injection: enabled 2025/04/30 02:15:09 net device setup: enabled 2025/04/30 02:15:09 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/04/30 02:15:09 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/04/30 02:15:09 USB emulation: enabled 2025/04/30 02:15:09 hci packet injection: enabled 2025/04/30 02:15:09 wifi device emulation: enabled 2025/04/30 02:15:09 802.15.4 emulation: enabled 2025/04/30 02:15:09 fetching corpus: 0, signal 0/0 (executing program) 2025/04/30 02:15:10 starting 8 fuzzer processes 02:15:10 executing program 0: r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) process_mrelease(r0, 0x0) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x68, 0x3, 0x1, 0x201, 0x0, 0x0, {0xa, 0x0, 0x4}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x2}, @CTA_MARK_MASK={0x8}, @CTA_MARK_MASK={0x8}, @CTA_HELP={0x14, 0x5, 0x0, 0x1, {0xf, 0x1, 'netbios-ns\x00'}}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x3}, @CTA_LABELS={0x18, 0x16, 0x1, 0x0, [0x100, 0x7c02, 0x10000, 0x80, 0x0]}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x2}]}, 0x68}}, 0x1) r1 = syz_open_dev$sg(&(0x7f0000000140), 0x2, 0x161400) ioctl$SG_EMULATED_HOST(r1, 0x2203, &(0x7f0000000180)) pidfd_send_signal(r0, 0x3, &(0x7f00000001c0)={0x3a, 0xff, 0x8b1}, 0x0) ioctl$SG_GET_ACCESS_COUNT(0xffffffffffffffff, 0x2289, &(0x7f0000000240)) r2 = pidfd_getfd(r0, 0xffffffffffffffff, 0x0) r3 = syz_io_uring_complete(0x0) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000280), 0x282000, 0x0) r5 = pidfd_getfd(r3, r4, 0x0) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r6) r7 = syz_open_dev$usbmon(&(0x7f00000002c0), 0x7, 0x40) ioctl$MON_IOCX_GET(r7, 0x40189206, &(0x7f00000003c0)={&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000340)=""/91, 0x5b}) r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) ioctl$SG_GET_TIMEOUT(r8, 0x2202, 0x0) syz_open_dev$sg(&(0x7f0000000440), 0x20, 0x40) ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000480)={{0x2, 0x4e22, @broadcast}, {0x6, @link_local}, 0x52, {0x2, 0x4e22, @remote}, 'vlan0\x00'}) sendmsg$IPSET_CMD_RENAME(r3, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x2c, 0x5, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x6d5374adb8a6be04) 02:15:10 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000004480)=[{{0x0, 0x0, &(0x7f00000000c0)=[{}, {&(0x7f0000000040)=""/36, 0x24}, {&(0x7f0000000080)=""/19, 0x13}], 0x3, &(0x7f0000000100)=""/86, 0x56}, 0xfffff800}, {{&(0x7f0000000180)=@pptp, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/151, 0x97}, {&(0x7f00000002c0)=""/131, 0x83}, {&(0x7f0000000380)=""/2, 0x2}, {&(0x7f00000003c0)=""/151, 0x97}, {&(0x7f0000000480)=""/7, 0x7}], 0x5, &(0x7f0000000540)=""/49, 0x31}, 0x20}, {{&(0x7f0000000580)=@ax25={{0x3, @null}, [@rose, @rose, @bcast, @bcast, @bcast, @remote, @netrom, @rose]}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000600)=""/83, 0x53}], 0x1, &(0x7f00000006c0)=""/248, 0xf8}, 0x1000}, {{&(0x7f00000007c0)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, 0x80, &(0x7f0000001980)=[{&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000001840)=""/78, 0x4e}, {&(0x7f00000018c0)=""/162, 0xa2}], 0x3, &(0x7f00000019c0)=""/71, 0x47}, 0x64}, {{&(0x7f0000001a40)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000001ac0)=""/123, 0x7b}, {&(0x7f0000001b40)=""/159, 0x9f}, {&(0x7f0000001c00)=""/187, 0xbb}], 0x3, &(0x7f0000001d00)=""/4096, 0x1000}, 0xfffffff8}, {{&(0x7f0000002d00)=@un=@abs, 0x80, &(0x7f0000004380)=[{&(0x7f0000002d80)=""/7, 0x7}, {&(0x7f0000002dc0)=""/213, 0xd5}, {&(0x7f0000002ec0)=""/233, 0xe9}, {&(0x7f0000002fc0)=""/4096, 0x1000}, {&(0x7f0000003fc0)}, {&(0x7f0000004000)=""/159, 0x9f}, {&(0x7f00000040c0)=""/243, 0xf3}, {&(0x7f00000041c0)=""/215, 0xd7}, {&(0x7f00000042c0)=""/168, 0xa8}], 0x9, &(0x7f0000004440)=""/39, 0x27}, 0x78}], 0x6, 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000004600), 0x300, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000004700)={&(0x7f0000004640)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000046c0)={&(0x7f0000004680)={0x24, 0x0, 0x100, 0x6, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x6}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x4) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000048c0)={&(0x7f0000004740)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000004880)={&(0x7f0000004780)={0xe4, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2, 0x0, 0x6}, [@CTA_TUPLE_REPLY={0x4c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private1}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x19}}, {0x8, 0x2, @local}}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_NAT_SRC={0x20, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @private1}, @CTA_NAT_V4_MINIP={0x8, 0x1, @local}]}, @CTA_HELP={0x14, 0x5, 0x0, 0x1, {0xe, 0x1, 'snmp_trap\x00'}}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0xffffffff}, @CTA_NAT_DST={0x18, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0x14, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e22}]}]}, @CTA_LABELS={0x18, 0x16, 0x1, 0x0, [0x1000, 0x7fffffff, 0x200, 0x0, 0x8000]}, @CTA_LABELS={0x18, 0x16, 0x1, 0x0, [0x0, 0x9, 0x1000, 0x3, 0xff]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x80}, 0x80000) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000004940), r1) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000004a40)={&(0x7f0000004900)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000004a00)={&(0x7f0000004980)={0x60, r2, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e22}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e21}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e23}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}]}, 0x60}, 0x1, 0x0, 0x0, 0x14}, 0x10) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f0000004b40)={&(0x7f0000004a80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000004b00)={&(0x7f0000004ac0)={0x24, 0x0, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_MAX_FRAME_RETRIES={0x5}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0xc900) r3 = syz_io_uring_complete(0x0) write$vga_arbiter(r3, &(0x7f0000004b80)=@other={'trylock', ' ', 'mem'}, 0xc) pidfd_send_signal(r3, 0x0, &(0x7f0000004bc0)={0x18, 0x7, 0x162}, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xa, 0x0, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000004d00)={&(0x7f0000004c40)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000004cc0)={&(0x7f0000004c80)={0x24, 0x0, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5ae}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x22000000}, 0x44840) r4 = accept$inet(r1, &(0x7f0000004d40)={0x2, 0x0, @remote}, &(0x7f0000004d80)=0x10) getsockopt$sock_buf(r4, 0x1, 0x3d, &(0x7f0000004dc0)=""/156, &(0x7f0000004e80)=0x9c) r5 = syz_io_uring_complete(0x0) setsockopt$IP_VS_SO_SET_EDITDEST(r5, 0x0, 0x489, &(0x7f0000004ec0)={{0x1d, @broadcast, 0x4e24, 0x3, 'fo\x00', 0x12, 0xffffff81, 0x39}, {@remote, 0x4e23, 0x2000, 0xd8, 0x1, 0x20}}, 0x44) r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x10010, r5, 0x8000000) syz_io_uring_complete(r6) r7 = pidfd_getfd(r3, r5, 0x0) write$cgroup_pressure(r7, &(0x7f0000004f40)={'full', 0x20, 0x7ab, 0x20, 0x323fb882}, 0x2f) 02:15:10 executing program 2: ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000040)={0x0, {0x2, 0x4e24, @rand_addr=0x64010101}, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x42}}, {0x2, 0x4e24, @loopback}, 0x20, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000000)='rose0\x00', 0xfffffffffffffc00, 0xf11, 0x5}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r0) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r1, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040440}, 0x2404c814) syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/nf_conntrack\x00') ioctl$SG_SET_COMMAND_Q(r2, 0x2271, &(0x7f0000000280)=0x1) waitid$P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f00000002c0), 0x8, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2f, &(0x7f0000000340)={0xffffffff, {{0x2, 0x4e24, @broadcast}}, {{0x2, 0x4e22, @broadcast}}}, 0x108) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), r2) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000500)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x3c, r3, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x9}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x4}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4000800) accept4(r0, &(0x7f0000000600)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, &(0x7f0000000680)=0x80, 0x100800) accept$inet(0xffffffffffffffff, &(0x7f00000006c0)={0x2, 0x0, @private}, &(0x7f0000000700)=0x10) r5 = syz_io_uring_complete(0x0) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f0000000880)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000840)={&(0x7f0000000780)={0x88, 0x3, 0x1, 0x301, 0x0, 0x0, {0xa, 0x0, 0x2}, [@CTA_SEQ_ADJ_ORIG={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xd93c}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x40}]}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x2}, @CTA_TUPLE_ORIG={0x58, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010101}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0xbe}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x10) r6 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x2c, r6, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x2c}}, 0x20000014) write$cgroup_pressure(r2, &(0x7f0000000a00)={'some', 0x20, 0x101, 0x20, 0x1}, 0x2f) sendmsg$NFNL_MSG_ACCT_GET(r2, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x20, 0x1, 0x7, 0x0, 0x0, 0x0, {}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x9}]}, 0x20}, 0x1, 0x0, 0x0, 0x2044805}, 0x14) [ 122.253303] audit: type=1400 audit(1745979310.939:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 02:15:10 executing program 3: setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000040)={'filter\x00', 0x7, 0x4, 0x3f0, 0x1f8, 0x1f8, 0x110, 0x308, 0x308, 0x308, 0x4, &(0x7f0000000000), {[{{@arp={@dev={0xac, 0x14, 0x14, 0x24}, @rand_addr=0x64010102, 0xff, 0xffffffff, 0x0, 0xc, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, {[0xff, 0x0, 0x0, 0xff]}}, {@empty, {[0x0, 0x0, 0xff, 0x0, 0xff, 0xff]}}, 0x7, 0x9, 0x6, 0x0, 0x5, 0x0, 'gretap0\x00', 'macvlan1\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @broadcast, @private=0xa010102, 0x8}}}, {{@arp={@private=0xa010102, @broadcast, 0xffffff00, 0xffffffff, 0xa, 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}, {[0x0, 0xff, 0xff, 0x0, 0x0, 0xff]}}, {@mac=@link_local, {[0xff, 0x0, 0x0, 0xff]}}, 0x400, 0x401, 0x3, 0xc92, 0x280f, 0x579, 'gre0\x00', 'veth0_macvtap\x00', {}, {0xff}, 0x0, 0x61}, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x135, 0xdd}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @remote, @rand_addr=0x64010101, 0xf, 0xffffffff}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) syz_io_uring_setup(0x1cbe, &(0x7f0000000480)={0x0, 0x4507, 0x20, 0x2, 0x347}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000500), &(0x7f0000000540)) r0 = socket(0x25, 0x80000, 0x10000) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000003580)={0x9, 0x1000, 0x40}, 0xc) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000003600)={0x0, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e23, @private=0xa010101}, {0x2, 0x6, @rand_addr=0x64010102}, 0x4a, 0x0, 0x0, 0x0, 0x6, &(0x7f00000035c0)='tunl0\x00', 0x9842, 0x8000, 0xfffa}) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000036c0), r0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000003780)={&(0x7f0000003680)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000003740)={&(0x7f0000003700)={0x24, r1, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008841) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f00000037c0)={{0x3b, @multicast2, 0x4e23, 0x0, 'dh\x00', 0x10, 0x5, 0x38}, {@dev={0xac, 0x14, 0x14, 0x44}, 0x4e24, 0x3, 0x0, 0x7fffffff, 0x8d}}, 0x44) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003840)) read$snapshot(0xffffffffffffffff, &(0x7f0000003880)=""/19, 0x13) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000038c0), 0x40, 0x0) setsockopt$inet_group_source_req(r2, 0x0, 0x2c, &(0x7f0000003900)={0x80000001, {{0x2, 0x4e23, @local}}, {{0x2, 0x4e24, @broadcast}}}, 0x108) r3 = accept$inet(0xffffffffffffffff, &(0x7f0000003a40)={0x2, 0x0, @private}, &(0x7f0000003a80)=0x10) ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8983, &(0x7f0000003ac0)={0x2, 'veth0_macvtap\x00', {0x3911}}) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000003b00), 0x20040, 0x0) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000003b40)={0x0, {0x2, 0x4e22, @loopback}, {0x2, 0x4e23, @loopback}, {0x2, 0x4e22, @multicast2}, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1000, 0x3, 0x2}) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000003c80)={&(0x7f0000003bc0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000003c40)={&(0x7f0000003c00)={0x24, 0x0, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_NETNS_FD={0x8, 0x1d, r4}, @NL802154_ATTR_PID={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0) connect(0xffffffffffffffff, &(0x7f0000003cc0)=@l2={0x1f, 0x7, @any, 0x800, 0x2}, 0x80) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000003d40), 0x542, 0x0) ioctl$SG_GET_SCSI_ID(r5, 0x2276, &(0x7f0000003d80)) 02:15:11 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, r1, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000000}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x8000000) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x0, 0x70d, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40840}, 0x5) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x4c, 0x0, 0x10, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_LBT_MODE={0x5, 0x13, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400}, 0x40091) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), r3) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r3, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x54, r4, 0x900, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_LEVEL={0x2c, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x2}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x3f}]}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x14040080}, 0x8000) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000006c0), r3) sendmsg$NLBL_CALIPSO_C_REMOVE(r5, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0xc000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, r6, 0x800, 0x70bd26, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x40) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LISTALL(r7, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x1c, r6, 0x400, 0x70bd28, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x5b4eef86b15ccbcb) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000900)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r3, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x3c, r1, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000004}, 0x0) sendmsg$NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x68, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x21, 0xb11}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x10, 0x20, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x8}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x1f, 0x2}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x28, 0x20, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x8}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x9}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x3}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x20008000) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000b80)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000c80)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x6c, 0x0, 0x500, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r9}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="493c718004eb"}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xffffffff}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xff}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) 02:15:11 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x54, 0x0, 0x410, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x802) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x5c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x2000c840}, 0x2000c000) r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CALIPSO_C_LISTALL(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x7ab62c005f53bd38}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x34, r1, 0x400, 0x70bd28, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1ef7d96a662ad076}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1c0543f7cc550bd8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x4004800) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), r0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x1c, 0x0, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008800}, 0x0) sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000680)={&(0x7f0000000540)={0x124, 0x7, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@payload={{0xc}, @void}, @counter={{0xc}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x9}]}}]}]}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_RULE_USERDATA={0xa4, 0x7, 0x1, 0x0, "a39fb0ed556bfaad0473c0b6cf4119382fc991242a2b76f7848fac14f71af494af61ce88bece482d27860ca4fa3610f0d0fe8846a69f5b29176bbe1fd6b9b6b55f61f284e6896c9754872c72363c4fd81eae6cdac58cecd6acbcad990aa9e90ad3936d813e651751c2436765307f8cd1034a03d882e0693c7081e3cd2ed09479447c26c75b1867e0018b06371690430f4111746648daf51d9f79bd9ad1d6d095"}, @NFTA_RULE_COMPAT={0x24, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x2e}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x2c}]}]}, 0x124}, 0x1, 0x0, 0x0, 0x20000000}, 0x11) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_SCAN_REQ(r4, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x34, r2, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DURATION={0x5, 0x15, 0x4}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x19}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0xd8}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x4) ioctl$sock_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000800)) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r3, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x1000200}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x20, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040000) sendmsg$NLBL_CALIPSO_C_LISTALL(r4, &(0x7f0000000a00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x3c, r1, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x400c006}, 0x800) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) getpeername$inet(0xffffffffffffffff, &(0x7f0000000a40)={0x2, 0x0, @loopback}, &(0x7f0000000a80)=0x10) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r5, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x2c, 0x0, 0x10, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_LEVEL={0xc, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x2c}}, 0x20040811) sendmsg$IEEE802154_LLSEC_DEL_KEY(r3, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x1c, r2, 0x300, 0x70bd28, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x80) r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000d00), r4) sendmsg$IEEE802154_SCAN_REQ(r0, &(0x7f0000000dc0)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d40)={0x1c, r6, 0x4, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_PAGE={0x5, 0x1d, 0xa}]}, 0x1c}, 0x1, 0x0, 0x0, 0x76a59fb7d4670dd8}, 0x4000804) 02:15:11 executing program 6: r0 = socket(0x27, 0x6, 0x80) bind(r0, &(0x7f0000000000)=@qipcrtr={0x2a, 0x3, 0x7ffe}, 0x80) ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000080)) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x25128221}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000801}, 0x40000) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, 0x7, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}, @NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x8000) sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r0, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x3, 0x2, 0x401, 0x0, 0x0, {0x3, 0x0, 0x8}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x800) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f00000003c0)='gretap0\x00') r1 = socket(0x18, 0x4, 0x6) ioctl$SIOCGSTAMPNS(r1, 0x8907, &(0x7f0000000400)) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f0000000540)=@buf={0xdb, &(0x7f0000000440)="b95340e5f8bea44c0804c06353ad6674bedad9b053aeed582529f6c57c5f59e419d5b89220b2eb744d6d09a448150b3a4ca7d744264cc517fac933c60e95196d95394fbb35b1002276fda547fa04ef0be103270851f24acb0efbee1e86dbe1d097d3d7540a951d4e916dd9bf88bee6bf86b4ebc598b584287c3e7fddeb1ae979b236db6c827a8c86e7f5f7fb85464c0eed287dd154024a62d130d0a8376f715437932e9ff9584f62e16bebe9483ea5b2c1bf3a35843b42a37c22fa2d17d6181b3a58349720fd20f8a826e9006b5b001ed8010d1209ad5bc9d69875"}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x44, 0x0, 0x20, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xfffffffe}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000000}, 0x10) ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f00000006c0)) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wpan4\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000780)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_GETPARAMS(r2, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x30, 0x0, 0x200, 0x70bd25, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x30}, 0x1, 0x0, 0x0, 0x4044010}, 0x80) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000880), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000900)={'wpan4\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000940)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r2, &(0x7f0000000a40)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x44, 0x0, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x40854) 02:15:11 executing program 7: r0 = syz_io_uring_complete(0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x64dfe1f931eff4a}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000100)) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0xd8, 0x3, 0x1, 0x5, 0x0, 0x0, {0x0, 0x0, 0x5}, [@CTA_HELP={0x10, 0x5, 0x0, 0x1, {0x9, 0x1, 'pptp\x00'}}, @CTA_SYNPROXY={0x1c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x1ff}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0xfffffffe}]}, @CTA_SYNPROXY={0x44, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x420}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x5}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0xc55}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x30568b80}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x8}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x4}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x7c64}]}, @CTA_TUPLE_ORIG={0x4c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0xf}}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x2402}]}, 0xd8}, 0x1, 0x0, 0x0, 0x4000}, 0x20000014) sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x100, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x9800}, 0x2000c006) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_GETPARAMS(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x4c, 0x0, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2004c021}, 0x40000) prctl$PR_SET_NAME(0xf, &(0x7f0000000580)='wpan4\x00') r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r2, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x50, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}]}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000740)={'wpan4\x00', 0x0}) sendmsg$IEEE802154_LLSEC_SETPARAMS(r3, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, 0x0, 0x400, 0x70bd2d, 0x1, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2000}, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LIST(r5, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x3c, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4044040}, 0x40400d0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000940), 0xffffffffffffffff) r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000009c0), r5) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000a00)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_GETPARAMS(r2, &(0x7f0000000ac0)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x24, r6, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r7}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004}, 0x1) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000c00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x44, 0x0, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xffffffff}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x200}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0) [ 123.665102] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 123.669435] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 123.672210] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 123.681174] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 123.687031] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 123.740604] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 123.745503] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 123.753698] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 123.760442] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 123.772523] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 123.773500] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 123.775592] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 123.776868] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 123.783979] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 123.787445] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 123.851536] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 123.860379] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 123.863366] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 123.883824] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 123.886495] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 123.888701] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 123.902650] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 123.905603] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 123.906411] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 123.907191] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 123.910308] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 123.911242] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 123.916021] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 123.922399] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 123.924365] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 123.931087] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 123.937463] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 123.941258] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 123.946203] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 123.958473] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 123.958991] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 123.960378] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 123.977085] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 124.031167] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 124.088635] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 125.743377] Bluetooth: hci0: command tx timeout [ 125.871448] Bluetooth: hci2: command tx timeout [ 125.871489] Bluetooth: hci1: command tx timeout [ 125.999197] Bluetooth: hci3: command tx timeout [ 126.063016] Bluetooth: hci4: command tx timeout [ 126.064174] Bluetooth: hci6: command tx timeout [ 126.127303] Bluetooth: hci5: command tx timeout [ 126.190855] Bluetooth: hci7: command tx timeout [ 127.792080] Bluetooth: hci0: command tx timeout [ 127.919905] Bluetooth: hci1: command tx timeout [ 127.920065] Bluetooth: hci2: command tx timeout [ 128.047047] Bluetooth: hci3: command tx timeout [ 128.111671] Bluetooth: hci4: command tx timeout [ 128.111694] Bluetooth: hci6: command tx timeout [ 128.175954] Bluetooth: hci5: command tx timeout [ 128.240201] Bluetooth: hci7: command tx timeout [ 129.839394] Bluetooth: hci0: command tx timeout [ 129.966962] Bluetooth: hci2: command tx timeout [ 129.969791] Bluetooth: hci1: command tx timeout [ 130.095144] Bluetooth: hci3: command tx timeout [ 130.158900] Bluetooth: hci6: command tx timeout [ 130.160212] Bluetooth: hci4: command tx timeout [ 130.223293] Bluetooth: hci5: command tx timeout [ 130.287819] Bluetooth: hci7: command tx timeout [ 131.887316] Bluetooth: hci0: command tx timeout [ 132.016274] Bluetooth: hci1: command tx timeout [ 132.016879] Bluetooth: hci2: command tx timeout [ 132.142897] Bluetooth: hci3: command tx timeout [ 132.208846] Bluetooth: hci4: command tx timeout [ 132.209301] Bluetooth: hci6: command tx timeout [ 132.271077] Bluetooth: hci5: command tx timeout [ 132.335037] Bluetooth: hci7: command tx timeout [ 186.242551] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 186.247979] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 186.255380] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 186.268601] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 186.279609] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 186.409586] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 186.432605] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 186.440069] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 186.460379] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 186.464450] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 186.468434] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 186.481396] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 186.488183] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 186.505402] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 186.523351] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 186.573076] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 186.578454] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 186.581297] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 186.581707] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 186.589598] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 186.595319] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 186.629008] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 186.650407] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 186.659652] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 186.664070] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 186.681481] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 186.688632] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 186.700137] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 186.709601] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 186.712398] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 186.739147] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 186.747031] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 186.756344] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 186.758935] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 186.774920] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 186.780305] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 186.787018] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 186.802377] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 186.836041] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 186.864496] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 188.336101] Bluetooth: hci0: command tx timeout [ 188.526870] Bluetooth: hci1: command tx timeout [ 188.719007] Bluetooth: hci2: command tx timeout [ 188.719946] Bluetooth: hci5: command tx timeout [ 188.847785] Bluetooth: hci3: command tx timeout [ 188.911051] Bluetooth: hci4: command tx timeout [ 188.912254] Bluetooth: hci6: command tx timeout [ 188.975827] Bluetooth: hci7: command tx timeout [ 190.383124] Bluetooth: hci0: command tx timeout [ 190.575068] Bluetooth: hci1: command tx timeout [ 190.766878] Bluetooth: hci5: command tx timeout [ 190.767368] Bluetooth: hci2: command tx timeout [ 190.895379] Bluetooth: hci3: command tx timeout [ 190.960523] Bluetooth: hci6: command tx timeout [ 190.961040] Bluetooth: hci4: command tx timeout [ 191.023063] Bluetooth: hci7: command tx timeout [ 192.430858] Bluetooth: hci0: command tx timeout [ 192.622998] Bluetooth: hci1: command tx timeout [ 192.815151] Bluetooth: hci2: command tx timeout [ 192.815644] Bluetooth: hci5: command tx timeout [ 192.944984] Bluetooth: hci3: command tx timeout [ 193.007017] Bluetooth: hci4: command tx timeout [ 193.007501] Bluetooth: hci6: command tx timeout [ 193.070871] Bluetooth: hci7: command tx timeout [ 194.478811] Bluetooth: hci0: command tx timeout [ 194.671781] Bluetooth: hci1: command tx timeout [ 194.863120] Bluetooth: hci5: command tx timeout [ 194.863614] Bluetooth: hci2: command tx timeout [ 194.991163] Bluetooth: hci3: command tx timeout [ 195.055970] Bluetooth: hci4: command tx timeout [ 195.056447] Bluetooth: hci6: command tx timeout [ 195.119457] Bluetooth: hci7: command tx timeout [ 246.501009] syz-executor.4 (2787) used greatest stack depth: 24392 bytes left [ 248.452935] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 248.459098] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 248.463087] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 248.470562] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 248.477515] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 248.709246] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 248.718041] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 248.720641] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 248.728697] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 248.737361] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 248.780161] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 248.812239] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 248.819210] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 248.847336] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 248.852215] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 248.900371] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 248.906286] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 248.908348] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 248.919030] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 248.924221] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 248.928270] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 248.928420] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 248.930409] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 248.933249] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 248.936417] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 248.941188] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 248.946365] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 248.946679] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 248.953298] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 248.968190] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 248.972457] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 248.978465] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 248.981549] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 248.984275] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 248.995616] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 248.998951] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 249.004896] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 249.005521] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 249.036030] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 249.093907] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 250.542933] Bluetooth: hci0: command tx timeout [ 250.798918] Bluetooth: hci1: command tx timeout [ 250.991672] Bluetooth: hci2: command tx timeout [ 251.054826] Bluetooth: hci6: command tx timeout [ 251.055567] Bluetooth: hci4: command tx timeout [ 251.119820] Bluetooth: hci7: command tx timeout [ 251.184099] Bluetooth: hci3: command tx timeout [ 251.184910] Bluetooth: hci5: command tx timeout [ 252.592802] Bluetooth: hci0: command tx timeout [ 252.846813] Bluetooth: hci1: command tx timeout [ 253.039825] Bluetooth: hci2: command tx timeout [ 253.103177] Bluetooth: hci6: command tx timeout [ 253.103627] Bluetooth: hci4: command tx timeout [ 253.169020] Bluetooth: hci7: command tx timeout [ 253.231476] Bluetooth: hci3: command tx timeout [ 253.232378] Bluetooth: hci5: command tx timeout [ 254.640128] Bluetooth: hci0: command tx timeout [ 254.896084] Bluetooth: hci1: command tx timeout [ 255.088797] Bluetooth: hci2: command tx timeout [ 255.151848] Bluetooth: hci6: command tx timeout [ 255.152360] Bluetooth: hci4: command tx timeout [ 255.216022] Bluetooth: hci7: command tx timeout [ 255.279837] Bluetooth: hci5: command tx timeout [ 255.280332] Bluetooth: hci3: command tx timeout [ 256.688786] Bluetooth: hci0: command tx timeout [ 256.944181] Bluetooth: hci1: command tx timeout [ 257.135842] Bluetooth: hci2: command tx timeout [ 257.199973] Bluetooth: hci4: command tx timeout [ 257.200451] Bluetooth: hci6: command tx timeout [ 257.265103] Bluetooth: hci7: command tx timeout [ 257.327867] Bluetooth: hci5: command tx timeout [ 257.328332] Bluetooth: hci3: command tx timeout [ 310.797357] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 310.801103] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 310.804446] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 310.822260] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 310.834081] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 310.860485] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 310.870412] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 310.877696] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 310.886364] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 310.892915] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 311.066453] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 311.069353] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 311.072321] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 311.084004] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 311.088398] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 311.147737] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 311.154208] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 311.158353] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 311.165330] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 311.169282] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 311.262065] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 311.271639] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 311.281273] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 311.291091] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 311.305811] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 311.311049] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 311.319448] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 311.339272] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 311.351053] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 311.353170] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 311.362695] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 311.389411] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 311.396610] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 311.403478] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 311.428328] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 311.440187] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 311.452880] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 311.460381] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 311.477365] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 311.486149] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 312.879853] Bluetooth: hci0: command tx timeout [ 312.944071] Bluetooth: hci1: command tx timeout [ 313.200818] Bluetooth: hci2: command tx timeout [ 313.262978] Bluetooth: hci3: command tx timeout [ 313.518912] Bluetooth: hci4: command tx timeout [ 313.583021] Bluetooth: hci7: command tx timeout [ 313.646841] Bluetooth: hci6: command tx timeout [ 313.647850] Bluetooth: hci5: command tx timeout [ 314.927021] Bluetooth: hci0: command tx timeout [ 314.990824] Bluetooth: hci1: command tx timeout [ 315.247061] Bluetooth: hci2: command tx timeout [ 315.312795] Bluetooth: hci3: command tx timeout [ 315.566964] Bluetooth: hci4: command tx timeout [ 315.630869] Bluetooth: hci7: command tx timeout [ 315.695779] Bluetooth: hci5: command tx timeout [ 315.695917] Bluetooth: hci6: command tx timeout [ 316.975655] Bluetooth: hci0: command tx timeout [ 317.040817] Bluetooth: hci1: command tx timeout [ 317.294951] Bluetooth: hci2: command tx timeout [ 317.358802] Bluetooth: hci3: command tx timeout [ 317.615467] Bluetooth: hci4: command tx timeout [ 317.678951] Bluetooth: hci7: command tx timeout [ 317.743355] Bluetooth: hci6: command tx timeout [ 317.743383] Bluetooth: hci5: command tx timeout [ 319.023061] Bluetooth: hci0: command tx timeout [ 319.088214] Bluetooth: hci1: command tx timeout [ 319.343866] Bluetooth: hci2: command tx timeout [ 319.407002] Bluetooth: hci3: command tx timeout [ 319.664313] Bluetooth: hci4: command tx timeout [ 319.729774] Bluetooth: hci7: command tx timeout [ 319.790952] Bluetooth: hci5: command tx timeout [ 319.793288] Bluetooth: hci6: command tx timeout [ 373.131364] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 373.136711] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 373.150025] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 373.155435] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 373.167569] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 373.175612] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 373.178947] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 373.181681] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 373.210361] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 373.218188] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 373.372691] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 373.381184] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 373.385450] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 373.431917] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 373.438432] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 373.490362] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 373.494272] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 373.515933] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 373.518055] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 373.551542] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 373.556810] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 373.576540] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 373.586698] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 373.590451] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 373.593644] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 373.596308] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 373.600519] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 373.603470] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 373.607306] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 373.610922] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 373.626294] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 373.629076] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 373.632547] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 373.639394] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 373.648022] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 373.648081] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 373.649653] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 373.658400] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 373.671280] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 373.675930] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 375.216047] Bluetooth: hci1: command tx timeout [ 375.280819] Bluetooth: hci0: command tx timeout [ 375.534831] Bluetooth: hci2: command tx timeout [ 375.727307] Bluetooth: hci7: command tx timeout [ 375.727601] Bluetooth: hci4: command tx timeout [ 375.728707] Bluetooth: hci5: command tx timeout [ 375.790852] Bluetooth: hci6: command tx timeout [ 375.790930] Bluetooth: hci3: command tx timeout [ 377.263232] Bluetooth: hci1: command tx timeout [ 377.326934] Bluetooth: hci0: command tx timeout [ 377.583110] Bluetooth: hci2: command tx timeout [ 377.775111] Bluetooth: hci5: command tx timeout [ 377.777775] Bluetooth: hci4: command tx timeout [ 377.777834] Bluetooth: hci7: command tx timeout [ 377.839089] Bluetooth: hci6: command tx timeout [ 377.839175] Bluetooth: hci3: command tx timeout [ 379.311080] Bluetooth: hci1: command tx timeout [ 379.374852] Bluetooth: hci0: command tx timeout [ 379.630954] Bluetooth: hci2: command tx timeout [ 379.823200] Bluetooth: hci7: command tx timeout [ 379.823614] Bluetooth: hci4: command tx timeout [ 379.823686] Bluetooth: hci5: command tx timeout [ 379.887246] Bluetooth: hci6: command tx timeout [ 379.887675] Bluetooth: hci3: command tx timeout [ 381.358928] Bluetooth: hci1: command tx timeout [ 381.422865] Bluetooth: hci0: command tx timeout [ 381.679009] Bluetooth: hci2: command tx timeout [ 381.870826] Bluetooth: hci5: command tx timeout [ 381.872096] Bluetooth: hci4: command tx timeout [ 381.872494] Bluetooth: hci7: command tx timeout [ 381.937001] Bluetooth: hci3: command tx timeout [ 381.937040] Bluetooth: hci6: command tx timeout VM DIAGNOSIS: 02:20:11 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=ffff88806ce08e68 RCX=0000000000000002 RDX=0000000000000000 RSI=ffffffff81350bc2 RDI=ffff88806ce31850 RBP=ffffffff85c1bac0 RSP=ffff88806ce08998 R8 =0000000000000001 R9 =ffff88806ce08a90 R10=000000000003b124 R11=00000000000231c7 R12=ffffffff81350bc2 R13=ffff88806ce08a98 R14=ffff88806ce08e58 R15=ffff88806ce08a50 RIP=ffffffff815183d9 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e5648000 00000000 00000000 LDT=0000 fffffe5800000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007feb9544d1f0 CR3=0000000035b68000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=6461657268747062696c2f756e672d78 XMM02=00302e6f732e6461657268747062696c XMM03=2f756e672d78756e696c2d34365f3638 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff813508c9 RBX=0000000000000001 RCX=ffff88806cf089cc RDX=0000000000000000 RSI=ffffffff8142fbdd RDI=ffff8880154cbb7c RBP=ffff88806cf08ad0 RSP=ffff88806cf08a08 R8 =0000000000000000 R9 =0000000000000000 R10=000000000003b124 R11=000000000000a7a1 R12=0000000000000000 R13=ffff88806cf08ac0 R14=ffff8880154cb780 R15=ffff88806cf08a78 RIP=ffffffff813508c9 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e5748000 00000000 00000000 LDT=0000 fffffe7400000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f9f0ff5d1f0 CR3=000000002a868000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=6461657268747062696c2f756e672d78 XMM02=00302e6f732e6461657268747062696c XMM03=2f756e672d78756e696c2d34365f3638 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000