Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:14614' (ECDSA) to the list of known hosts. 2025/05/25 16:09:57 fuzzer started 2025/05/25 16:09:58 dialing manager at localhost:46087 syzkaller login: [ 100.293143] cgroup: Unknown subsys name 'net' [ 100.441252] cgroup: Unknown subsys name 'cpuset' [ 100.487817] cgroup: Unknown subsys name 'rlimit' 2025/05/25 16:10:14 syscalls: 202 2025/05/25 16:10:14 code coverage: enabled 2025/05/25 16:10:14 comparison tracing: enabled 2025/05/25 16:10:14 extra coverage: enabled 2025/05/25 16:10:14 setuid sandbox: enabled 2025/05/25 16:10:14 namespace sandbox: enabled 2025/05/25 16:10:14 Android sandbox: enabled 2025/05/25 16:10:14 fault injection: enabled 2025/05/25 16:10:14 leak checking: enabled 2025/05/25 16:10:14 net packet injection: enabled 2025/05/25 16:10:14 net device setup: enabled 2025/05/25 16:10:14 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/05/25 16:10:14 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/05/25 16:10:14 USB emulation: enabled 2025/05/25 16:10:14 hci packet injection: enabled 2025/05/25 16:10:14 wifi device emulation: enabled 2025/05/25 16:10:14 802.15.4 emulation: enabled 2025/05/25 16:10:14 fetching corpus: 0, signal 0/0 (executing program) 2025/05/25 16:10:16 starting 8 fuzzer processes 16:10:16 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), r0) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r0) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), r0) sendmsg$NL802154_CMD_SET_TX_POWER(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_TX_POWER={0x8, 0xb, 0xbd}]}, 0x1c}, 0x1, 0x0, 0x0, 0x240400c0}, 0x20010800) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x8c, 0x0, 0x4, 0x70bd28, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_SECCTX={0x28, 0x7, 'system_u:object_r:crontab_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @rand_addr=' \x01\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bond_slave_0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00'}]}, 0x8c}, 0x1, 0x0, 0x0, 0x24004800}, 0x18085) r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000380), r0) sendmsg$NLBL_UNLABEL_C_STATICLIST(r0, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r3, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8001}, 0x8010) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0xb8, r3, 0x20, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:cron_spool_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @loopback}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:dhcpc_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'wlan0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast2}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0xb8}}, 0x60004) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'wpan4\x00'}) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_TX_POWER(r4, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x20, r1, 0x10, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x80) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000780), r0) sendmsg$NLBL_UNLABEL_C_LIST(r5, &(0x7f0000000880)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x4c, r6, 0xe23, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private=0xa010102}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x804) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_SCAN_REQ(r7, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x24, 0x0, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DURATION={0x5, 0x15, 0x6c}, @IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x81}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0x20000800) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r7, &(0x7f0000000a80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x28, r3, 0x800, 0x70bd28, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000081}, 0x4004001) sendmsg$NLBL_UNLABEL_C_STATICLIST(r5, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b00)={0x4c, r2, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @loopback}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vxcan1\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010101}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x4004881) 16:10:16 executing program 1: sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xa4, 0x0, 0x4, 0x70bd28, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'batadv0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'gretap0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'caif0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @ipv4={'\x00', '\xff\xff', @empty}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x1a}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'macvlan0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010102}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4000}, 0x20040000) sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x302, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24004000}, 0x8000) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_ACCEPT(r0, &(0x7f0000000400)={&(0x7f0000000280), 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x88, r1, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @local}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @remote}]}, 0x88}, 0x1, 0x0, 0x0, 0x841}, 0x4000) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x78, r1, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast2}, @NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x800) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000580), r2) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x2c, 0x0, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x8}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xffff}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa1}]}, 0x2c}}, 0x14) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000006c0), r2) syz_emit_vhci(&(0x7f0000000700)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000740), r0) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000780), r2) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), r3) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r3, &(0x7f00000008c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x20, r4, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c000) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000900), r5) unshare(0x16010500) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x8180}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x2c, r4, 0x2, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x3f}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x3f}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x24008084) 16:10:16 executing program 2: r0 = msgget$private(0x0, 0x1b4) msgsnd(r0, &(0x7f0000000000)={0x0, "5948602cff40b36f962d7f17eb7ab1102790bba48880"}, 0x1e, 0x0) msgctl$IPC_STAT(r0, 0x2, &(0x7f0000000040)=""/187) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x58, r1, 0x400, 0x70bd28, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vlan0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast1}]}, 0x58}, 0x1, 0x0, 0x0, 0x50}, 0x0) sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x48, 0x0, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @rand_addr=' \x01\x00'}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x17055c2d89de0553}]}, 0x48}, 0x1, 0x0, 0x0, 0x4800}, 0x810) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r2, &(0x7f0000000500)={&(0x7f00000003c0), 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x48, r3, 0x10, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xfffe}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x8040) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADD(r4, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, 0x0, 0x4, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x1010) sendmsg$IEEE802154_SCAN_REQ(r2, &(0x7f00000006c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000680)={0xfffffffffffffffd}, 0x1, 0x0, 0x0, 0x20009000}, 0x60000000) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000740), r2) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000780)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(r5, &(0x7f0000000880)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x4c, r6, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x400000004}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x6cd4}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x80}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4001}, 0x48000) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADD(r8, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x54, r1, 0x300, 0x70bd2a, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private1}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private=0xa010101}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}]}, 0x54}, 0x1, 0x0, 0x0, 0x44015}, 0x8001) msgget$private(0x0, 0x600) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r8, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x50, r3, 0x60a, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x50}, 0x1, 0x0, 0x0, 0x14009000}, 0x8004) [ 118.408238] audit: type=1400 audit(1748189416.555:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 16:10:16 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000000)={0x0, 0x6, 0xfffffffffffffffb}) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000400)='\x00', 0x0, r0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sysvipc/sem\x00', 0x0, 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000480)='async\x00', 0x0, 0x0) pipe2(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) inotify_add_watch(r2, &(0x7f0000000500)='./file0\x00', 0x44000000) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r3, 0x7, &(0x7f0000000540)=r2, 0x1) r4 = eventfd2(0x9, 0x80800) ioctl$BTRFS_IOC_TREE_SEARCH(r4, 0xd0009411, &(0x7f0000000580)={{0x0, 0x101, 0x9, 0x0, 0x80, 0x8, 0x9, 0x1, 0x1, 0xfff, 0x63, 0x5, 0xfffffffffffffff8, 0x9f3, 0x5}}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001580)={0x0, ""/256, 0x0}) ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000001780)) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000001800)={0x4, &(0x7f00000017c0)=[{0x100, 0xeb, 0x0, 0x2}, {0x3ff, 0x5, 0x80, 0xff}, {0x1, 0x9, 0x7f, 0xff}, {0x20, 0x9, 0x1, 0x20}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000001840)) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(0xffffffffffffffff, 0x80083313, &(0x7f00000018c0)) r7 = fsmount(r3, 0x0, 0x4) sendmsg$GTP_CMD_DELPDP(r7, &(0x7f00000019c0)={&(0x7f0000001900)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001980)={&(0x7f0000001940)={0x38, 0x0, 0x4, 0x70bd29, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_TID={0xc, 0x3, 0x3}, @GTPA_O_TEI={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @multicast1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008000}, 0x48840) ioctl$BTRFS_IOC_INO_LOOKUP(r6, 0xd0009412, &(0x7f0000001a00)={r5, 0x8f7}) bind$bt_hci(r2, &(0x7f0000002a00)={0x1f, 0x1, 0x1}, 0x6) 16:10:16 executing program 4: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x8000, 0xe0, 0x4, 0xfffffffd}, {0x0, 0x3, 0x20, 0x7}, {0x6, 0xe6, 0x40, 0x1}, {0xfe01, 0x81, 0x3, 0x69}, {0x8e, 0xf8, 0x4, 0x1000}, {0x1ea, 0x9, 0x1, 0x10001}, {0x3, 0x0, 0xd, 0xff}]}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000080)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r3, 0xc400941d, &(0x7f0000000280)={0x0, 0x1ff, 0x9, 0x1}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000700)={0xa, &(0x7f0000000680)=[{0x800, 0x80, 0x55, 0x1}, {0xc2b1, 0x1f, 0x7c, 0xffffffff}, {0x1ff, 0x8, 0x9a, 0x4f}, {0x8001, 0x7, 0x9, 0x400}, {0x9, 0x1, 0x8, 0x7}, {0x4, 0x1, 0x40, 0x7ff}, {0x81, 0x81, 0x1, 0x10001}, {0x3, 0x8, 0x9, 0xfdab}, {0x5, 0x3, 0x20, 0x4}, {0x200, 0x60, 0x0, 0x6}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)={0x0, 0x0}) r5 = syz_genetlink_get_family_id$gtp(&(0x7f0000000800), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x34, r5, 0x129, 0x70bd27, 0x25dfdbff, {}, [@GTPA_NET_NS_FD={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x32}}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_VERSION={0x8, 0x2, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4044040}, 0x44001) r6 = perf_event_open(&(0x7f0000000940)={0x5, 0x80, 0x20, 0x3, 0x1, 0x7f, 0x0, 0x0, 0x2200, 0x6, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x8000, 0x2, @perf_bp={&(0x7f0000000900)}, 0x42, 0x200, 0x40, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x1, 0x0, 0xffffffff}, r4, 0xa, r3, 0x1) ioctl$BTRFS_IOC_RM_DEV_V2(r6, 0x5000943a, &(0x7f0000000a40)={{r0}, r2, 0x4, @inherit={0x68, &(0x7f00000009c0)={0x1, 0x4, 0x0, 0x7, {0x8, 0x17, 0x5, 0x4, 0x100000001}, [0x9, 0xff, 0x1f, 0x1]}}, @subvolid=0x9}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000001c40)=@IORING_OP_WRITEV={0x2, 0x4, 0x0, @fd=r0, 0x1, &(0x7f0000001c00)=[{&(0x7f0000001a40)="20141c23f902718b52211f7c0032c58e5f5ffd777dd2cb6c93947013a2a69cfb52688ff664e4287a4b6f48e772d42af39b86d09c02dc80ff61259f805d75354328e0e471efd93b0baf079aa8389f09b6c75bf0db3f788d488f0a9d8d17f3e64df3c88cc4a3ef4c39bfb8fcf7d31d3d0f76108260256bc75099789062bf49b0aecf413be6546f2c386808f382a5def2c2f595e333db2b420ed5045943ec65432e1411aa2a4eb49e7ef9842e4c42d4154c75aac88442d574519b82c72d5aa0", 0xbe}, {&(0x7f0000001b00)="8fd77cc0c3e5ff3140e4d583b380304ec6562bf95bc6571f370d6407aa56d84be9d657921005a373acdc55edea06225d52af19193a063b08dd", 0x39}, {&(0x7f0000001b40)="7d4a3c0affa2c6061b82305ffde6a373b301ab33a5de8136aa3f2d84964d9a915145f9e5be2352851b02ae3b7b6de300327a82f706d1d7dd3cfd85941ba022d54f66fb5eac44d0e85e7fcf9f1563992d51d670ef6a3e3751da8086a33a50d223be19e03c51b3f190d4a00ccf23683bbe534af89f29a3718865a1ed819d5b04113c5a7e4ff84b8d929f", 0x89}], 0x3, 0x11, 0x1, {0x2}}, 0x4) pipe2(&(0x7f0000001d00)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, &(0x7f0000001c80)=',]*$#\x00', &(0x7f0000001cc0)='./file0\x00', r8) r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001d40)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r9, 0xc0c89425, &(0x7f0000001d80)={"551f655b30720ab85d2b0c6f6270238b", r1, r2, {0xffff, 0x2}, {0x2, 0x8}, 0xb8, [0x8000, 0xb75, 0x7, 0x5ad, 0x1ff, 0x5, 0x3, 0x8, 0x1, 0x5, 0x1f, 0x100, 0x3, 0x4, 0xffffffffffff0000, 0x102]}) r10 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$BTRFS_IOC_START_SYNC(r10, 0x80089418, &(0x7f0000001e80)) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r7, 0x80083313, &(0x7f0000001ec0)) socketpair(0x9, 0xa, 0x3, &(0x7f0000001f00)={0xffffffffffffffff}) sendmsg$NL80211_CMD_RELOAD_REGDB(r11, &(0x7f0000001fc0)={&(0x7f0000001f40)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001f80)={0x0}, 0x1, 0x0, 0x0, 0x2004c080}, 0x1) 16:10:16 executing program 5: syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan0\x00', 0x0}) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r1, 0x4, 0x70bd29, 0xad, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}]}, 0x4c}}, 0x4000) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_TX_POWER(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x48, 0x0, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000380), r2) sendmsg$NLBL_UNLABEL_C_LIST(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x44, r3, 0x509, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010100}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004}, 0x8000) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000500), r2) sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r4, 0x200, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20008004}, 0x41) sendmsg$NLBL_UNLABEL_C_STATICLIST(r2, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, r3, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0xd0) sendmsg$NLBL_MGMT_C_REMOVE(r2, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x38, 0x0, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @rand_addr=0x64010101}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x1f}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40010}, 0x0) sendmsg$NLBL_UNLABEL_C_LIST(r2, &(0x7f0000000900)={&(0x7f0000000800), 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x70, r4, 0x8, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @ipv4={'\x00', '\xff\xff', @local}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}, @NLBL_UNLABEL_A_SECCTX={0x22, 0x7, 'system_u:system_r:kernel_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private=0xa010101}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000800}, 0x4000000) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000980), r2) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r2, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x40, r5, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xffff}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x40}, 0x1, 0x0, 0x0, 0x4800}, 0x4000041) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a80), r6) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000b00)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r2, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x30, r5, 0x20, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_SHORT_ADDR={0x6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x800) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r2, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x30, r5, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x30}, 0x1, 0x0, 0x0, 0x40080}, 0x20000015) 16:10:16 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000000)) ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000040)={0x0, 0xff, 0x1, [0x4, 0x10000, 0x5, 0x7fff, 0x58], [0x100, 0x1ff, 0x800, 0x1000, 0x100000000, 0xe42c, 0x6, 0x9, 0x20, 0x5, 0x6, 0x7ff, 0x0, 0x10000, 0x20, 0x8, 0x20, 0x6, 0x4, 0x0, 0x3ff, 0x5, 0x100, 0xa912, 0x6, 0x47a, 0xfffffffffffffff7, 0x9, 0x265, 0x8, 0x0, 0x6, 0x9288, 0x6, 0x1, 0x5b00000000000, 0x8, 0x1, 0x7f, 0x7ff, 0x9, 0x4, 0xeecb, 0x5, 0xcb, 0x8000, 0x3, 0x4b4, 0x6, 0x1, 0x0, 0x4, 0x5, 0xcb8, 0x3, 0xa3, 0x6b, 0x1000, 0x4, 0x4, 0x4, 0x100000000, 0x9, 0x2, 0x2, 0x6, 0xfffffffffffffffb, 0x5, 0x5ae, 0x77d0, 0x445, 0x1, 0x1, 0x28, 0xff, 0x7, 0x1, 0x53fee27c, 0xffffffffffffffd3, 0x3ff, 0x6, 0x7000000, 0x9, 0xffffffff, 0x9b, 0xc4, 0x4, 0x600, 0xf77f, 0x36c1, 0x401, 0x1f, 0x4, 0x0, 0xfffffffffffffff8, 0x1014, 0x10001, 0x6, 0xfff, 0x5, 0x0, 0x0, 0x3f, 0x0, 0x7fff, 0x0, 0x0, 0x9, 0x7fff, 0x400, 0x8001, 0x7fff, 0x8, 0x8, 0x7, 0x0, 0xdff2, 0x93, 0xffff, 0x2]}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000480)={0x1, 0x4, {0x3, @usage=0x9, 0x0, 0x3, 0x4, 0x2, 0x3, 0xa3, 0x0, @struct={0x8001, 0x7e}, 0x5, 0x4, [0x6, 0x69f, 0x41195efd, 0x4, 0x20000000000, 0x9]}, {0x7, @usage=0x150c, r1, 0x3, 0x8000, 0x0, 0xeb, 0x8, 0x60, @usage=0x1, 0x9, 0x1, [0x81, 0x5, 0x4, 0x8, 0x800, 0x1f]}, {0x4c, @usage=0x213f, 0x0, 0x8a3b, 0x7, 0x400, 0x8000, 0x20, 0x0, @struct={0xfffffffc, 0xfffffe00}, 0x6, 0x0, [0x40, 0x80000000, 0x9, 0xa1, 0x0, 0x7]}, {0x2, 0xfffffffffffffffa, 0xffffffff80000000}}) ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000000880)={{r0}, {@val={r3}, @max}}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000a00)={&(0x7f0000000940)={0xa0, r4, 0x2, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "431b177d5857e611b493596d9393043b"}, @NL80211_ATTR_SSID={0xf, 0x34, @random="3d495bb6a3e95039e5e588"}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x6b}, @NL80211_ATTR_SSID={0x24, 0x34, @random="0620c02a2af67d876ef5ff01ce393a4949bdcdcb0f2cd9f29cc48ceb9ec2d00b"}, @NL80211_ATTR_SSID={0x1a, 0x34, @random="bde8144a3f0199d4880ffadc484645fdfe725f91a53f"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x26}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40040}, 0x1) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000a80)='/proc/locks\x00', 0x0, 0x0) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r5, 0x8008330e, &(0x7f0000000ac0)) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b40), r5) sendmsg$NL80211_CMD_LEAVE_MESH(r5, &(0x7f0000000c00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x28, r6, 0x400, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7f, 0x34}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4081}, 0x804) r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000c40), 0x80080) ioctl$BTRFS_IOC_RESIZE(r5, 0x50009403, &(0x7f0000000c80)={{r7}, {@void, @actul_num={@void, 0x1000, 0x50}}}) ioctl$BTRFS_IOC_SCRUB(r7, 0xc400941b, &(0x7f0000000cc0)={r2, 0x4, 0x401}) pipe2(&(0x7f00000010c0), 0x4000) pipe2(&(0x7f0000001100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r8, 0xc400941d, &(0x7f0000001140)={r2, 0x3d, 0x50}) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000001540)) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r8, 0x330f, 0x7) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r8, &(0x7f0000001680)={&(0x7f0000001580)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x38, 0x0, 0x300, 0x70bd26, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xfffff242, 0x1}}}}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x22f0}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x72f4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000004}, 0x40000) 16:10:16 executing program 6: ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000180)={'tunl0\x00', &(0x7f0000000100)={'syztnl1\x00', 0x0, 0x40, 0x20, 0x8, 0xffffffff, {{0x10, 0x4, 0x0, 0x31, 0x40, 0x64, 0x0, 0x5, 0x29, 0x0, @private=0xa010101, @remote, {[@timestamp={0x44, 0x28, 0x3f, 0x0, 0x6, [0xeb, 0x1, 0xc8a, 0x8000, 0x8001, 0x7f, 0x8, 0x4, 0x6]}, @end]}}}}}) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100008}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x58, 0x0, 0x8, 0x70bd26, 0x25dfdbfe, {}, [@GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_TID={0xc}, @GTPA_O_TEI={0x8}, @GTPA_LINK={0x8, 0x1, r0}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_O_TEI={0x8, 0x9, 0x4}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000800}, 0x810) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/asound/timers\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x48, r2, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_O_TEI={0x8}, @GTPA_LINK={0x8, 0x1, r0}, @GTPA_TID={0xc, 0x3, 0x1}]}, 0x48}, 0x1, 0x0, 0x0, 0x24004881}, 0x8000) mq_timedsend(r1, &(0x7f0000000480)="7def9bb64d36aa758f9c6f7b4bd8e7bc672580673fca8bc1fdee81b8a55931e715011c96670c744446921575fb54a1ac3c3e407fdd2a3a9aca650043d7085101a2f13a5a955d9eac192da517aea4b7c345e367d6c96c6f3ea913639e0ab9ff42a0100729e7d675378d948bef4465579e67a874673c1ecfbaf5620a4fc27f33bcb738c52203ead34854092dfc6cc184d5932e678a79545c75dbdfe0cfbcb72efd2257c15df0f1f380ae95bf7c3bd5dfe37f1fcafcbcdd26461384d0f7b5eed62b0d997948f15d342ada7032c4448dc1829e131a27190b39b5e40e13fea4469430f9fc78b4", 0xe4, 0x10001, &(0x7f0000000580)={0x0, 0x989680}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), r1) sendmsg$NL80211_CMD_EXTERNAL_AUTH(r1, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x11410210}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x48, r3, 0x1, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8001, 0x5a}}}}, [@NL80211_ATTR_BSSID={0xa, 0xf5, @random="efa5b4932278"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x19}]}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x20048001) sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, r3, 0x4, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x54}, 0x1) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000880), r1) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000bc0)={&(0x7f00000008c0)={0x300, r4, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0x2b9, 0x33, @assoc_req={@with_ht={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x1}, @device_a, @broadcast, @initial, {0x5, 0x4}}, @ver_80211n={0x0, 0x9, 0x2, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1}}, 0x40, 0x1, {0x0, 0x6, @default_ibss_ssid}, @val={0x1, 0x3, [{0x2}, {0x5bb576beafb89ae8, 0x1}, {0x2}]}, @void, [{0xdd, 0xb3, "38f4b47e9a730096cd219a402e32e3d58e22bed87b1025cabf6fec868f21769f2017045f3645661f9b0ad9209976bc9c8a80e89622c3e9e799dd158d54cb9fb33db0544ffe6d7880f043c1acc9708fd9746f521fdb9198a5c6c4541c155e87dff71f2778ba4f99e0b72dceda3ab73d6841aadada75c4dfe0257410fa9187e102c4622c93b9a95637d7c8e3ca2c2645a873dab6f5e2e27e93ffcf76624247b4c67fb4bed79818fdf847760a2a895d2a0d8245bf"}, {0xdd, 0xe3, "ef81be7d8d2cf90d0537439db14d49cb92e059f37f6c9e3c4b2a7fbb9a05382224cb17b3b098ef84c5d1d46216d5f3aa3a1a3c7fb3c724542be8ea0c266021f2b7814f726b0253ee98c8260a545af9a79be0a07b54623bac13acb6ec87d7f6706ec2c027e4d688cd8c9259f6b556c3acd73290ba18ac5da9f2c6754029043ff94794bb831d469b043165cfe318a6f9ef014fad330b89efd0a6f5bba21d2239e696e257ec8e8bbad5924259a4d700a69c97084fac436d6acda829abcac2e1f095854c1b701ed0309923ee96e26994739ade8938fb90167841dbbe0ec0566d0fcdd81523"}, {0xdd, 0xec, "ce8c475785b7d667beccf114eaf98e148c314ee06d49d94ef43efa4be3a291f86b35c1afa14937b3f40fbf8d66ab759bc509753339fde727e03d159941850c8b8a2da4ed2c9090688627dc5f1280fa7f98f97125805c132e3e7d933b9f738c3d07f67e173d06b2ef143959cca9705395de2b7429156e6d9805e96e13fd802ee098f285ad46d130b768ea92416ca6e9cd9337abb2cd9e5b366f6782f76f3dcbc289ca2ad08a91a6cd1a94b89d6403a86ef4954c15489d081465a0944708746f2b38abe2dfe97021b796397c6403f22dbcbe9daa2065187c5210cc6657783c33d38ee06cc941b02af82756b521"}]}}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x12c7}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}], @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x223}]}, 0x300}, 0x1, 0x0, 0x0, 0x20000080}, 0x4000000) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_udp_int(r5, 0x11, 0x1, &(0x7f0000000c40), &(0x7f0000000c80)=0x4) r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000cc0), 0x80) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r6, 0x40505412, &(0x7f0000000d00)={0x1, 0x9, 0x2, 0x0, 0xe}) r7 = fsmount(r1, 0x0, 0x2) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000dc0), r1) sendmsg$NL80211_CMD_TDLS_MGMT(r7, &(0x7f0000000ec0)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e00)={0x64, r8, 0x800, 0x70bd25, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x5}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_IE={0x31, 0x2a, [@mic={0x8c, 0x18, {0x222, "eb70a5743b2c", @long="928726727a59ac2eab72d779b5880daf"}}, @mesh_chsw={0x76, 0x6, {0x7, 0x4, 0x27, 0x7}}, @supported_rates={0x1, 0x6, [{0x36, 0x1}, {}, {0x30}, {0x16}, {0x48, 0x1}, {0x2}]}, @sec_chan_ofs={0x3e, 0x1, 0x1}]}, @NL80211_ATTR_TDLS_INITIATOR={0x4}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004881}, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP(r6, 0xd0009412, &(0x7f0000000f00)) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(0xffffffffffffffff, &(0x7f00000021c0)={&(0x7f0000001f40)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002180)={&(0x7f0000001f80)={0x1e0, r4, 0x100, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0xd5c, 0x3d}}}}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0xa01}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_FRAME={0x36, 0x33, @mgmt_frame=@action={@wo_ht={{0x0, 0x0, 0xd, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x6}, @device_b, @device_a, @initial, {0x1, 0x5}}, @vht_group_id={0x15, 0x1, {0xff, "98ef3a61dee57f6c3aba9d09df43322e"}}}}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_FRAME={0x15f, 0x33, @mgmt_frame=@probe_request={@with_ht={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x4}, @device_b, @broadcast, @initial, {0x2, 0x6}}, @ver_80211n={0x0, 0x5, 0x3, 0x0, 0x0, 0x2, 0x1}}, @void, @void, @void, @val={0x2d, 0x1a, {0x80, 0x1, 0x4, 0x0, {0xffff, 0x6, 0x0, 0x1f, 0x0, 0x1, 0x1}, 0x400, 0x8, 0xdb}}, @void, [{0xdd, 0xaa, "023cb8643c85214f07b5f6b611e315c032882a41559238cd69270dbd2ee36778f9a213b21b1f794940bc1f7dae389b9b598c954364117bc4745a7c30336767f46b207ff3625661982e7927b02721471df0d048acf968e8296dbb09c1eeeb21a4ad0cf550e8a66adf0d41eea1138fdbd0c9c1a0f779364ee32df742ecd36101547c229260278deed4f45f1cea168d0b239fd3fb74590e916dd32cc13a6cef37af714c914316998ca97325"}, {0xdd, 0x32, "fd3104877c3abffc2725860ef36f7c4d9ad8e7bd672101435842bc10b3702ca9397761abd07cf369daee7c997950c0ee0b56"}, {0xdd, 0x41, "779bcdda6ed764591f8fdfbd9c36cd4e9edef3a9c8770620e0273f2c273a3810c7c0402d021bbb1b2702f75bc89ef7b92a808e2b21f823ca33809239f7c88ca76d"}]}}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_MAC={0xa}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x4000001}, 0x40081) [ 120.065828] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 120.070812] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 120.073571] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 120.077609] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 120.082805] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 120.087407] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 120.096236] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 120.103113] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 120.112050] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 120.116660] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 120.118886] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 120.126923] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 120.141087] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 120.166015] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 120.168668] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 120.181509] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 120.192728] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 120.212614] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 120.214067] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 120.217354] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 120.223623] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 120.225773] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 120.232658] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 120.236525] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 120.238081] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 120.243767] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 120.252761] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 120.259457] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 120.264411] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 120.268866] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 120.268884] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 120.274671] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 120.277372] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 120.283863] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 120.286893] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 120.292649] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 120.294539] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 120.309740] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 120.325360] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 120.334399] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 122.202060] Bluetooth: hci0: command tx timeout [ 122.203833] Bluetooth: hci1: command tx timeout [ 122.265529] Bluetooth: hci2: command tx timeout [ 122.393572] Bluetooth: hci5: command tx timeout [ 122.394501] Bluetooth: hci4: command tx timeout [ 122.394589] Bluetooth: hci7: command tx timeout [ 122.394981] Bluetooth: hci6: command tx timeout [ 122.457551] Bluetooth: hci3: command tx timeout [ 124.249332] Bluetooth: hci0: command tx timeout [ 124.249856] Bluetooth: hci1: command tx timeout [ 124.314330] Bluetooth: hci2: command tx timeout [ 124.441348] Bluetooth: hci7: command tx timeout [ 124.441864] Bluetooth: hci4: command tx timeout [ 124.443093] Bluetooth: hci5: command tx timeout [ 124.443545] Bluetooth: hci6: command tx timeout [ 124.505362] Bluetooth: hci3: command tx timeout [ 126.298346] Bluetooth: hci1: command tx timeout [ 126.298850] Bluetooth: hci0: command tx timeout [ 126.362242] Bluetooth: hci2: command tx timeout [ 126.490329] Bluetooth: hci6: command tx timeout [ 126.490781] Bluetooth: hci5: command tx timeout [ 126.490849] Bluetooth: hci4: command tx timeout [ 126.491243] Bluetooth: hci7: command tx timeout [ 126.554307] Bluetooth: hci3: command tx timeout [ 128.347263] Bluetooth: hci0: command tx timeout [ 128.347764] Bluetooth: hci1: command tx timeout [ 128.409482] Bluetooth: hci2: command tx timeout [ 128.537411] Bluetooth: hci6: command tx timeout [ 128.537894] Bluetooth: hci4: command tx timeout [ 128.538632] Bluetooth: hci7: command tx timeout [ 128.539049] Bluetooth: hci5: command tx timeout [ 128.601271] Bluetooth: hci3: command tx timeout [ 180.173750] syz-executor.1 (283) used greatest stack depth: 24944 bytes left [ 182.905723] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 182.909443] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 182.911728] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 182.912946] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 182.920340] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 182.924591] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 182.934547] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 182.945020] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 182.956336] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 182.962476] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 183.086622] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 183.094174] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 183.096673] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 183.101642] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 183.103305] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 183.110516] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 183.112807] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 183.117030] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 183.118753] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 183.123610] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 183.126025] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 183.132903] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 183.134496] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 183.138872] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 183.144352] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 183.146656] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 183.150474] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 183.171676] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 183.174411] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 183.184072] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 183.190818] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 183.208518] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 183.212582] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 183.213353] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 183.223884] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 183.225650] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 183.237666] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 183.250843] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 183.273614] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 183.279525] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 184.985328] Bluetooth: hci1: command tx timeout [ 184.985947] Bluetooth: hci0: command tx timeout [ 185.241422] Bluetooth: hci4: command tx timeout [ 185.305293] Bluetooth: hci3: command tx timeout [ 185.310497] Bluetooth: hci2: command tx timeout [ 185.369344] Bluetooth: hci6: command tx timeout [ 185.369389] Bluetooth: hci5: command tx timeout [ 185.433355] Bluetooth: hci7: command tx timeout [ 187.033260] Bluetooth: hci1: command tx timeout [ 187.033318] Bluetooth: hci0: command tx timeout [ 187.289597] Bluetooth: hci4: command tx timeout [ 187.353266] Bluetooth: hci2: command tx timeout [ 187.353300] Bluetooth: hci3: command tx timeout [ 187.417424] Bluetooth: hci6: command tx timeout [ 187.418516] Bluetooth: hci5: command tx timeout [ 187.481264] Bluetooth: hci7: command tx timeout [ 189.081316] Bluetooth: hci1: command tx timeout [ 189.081775] Bluetooth: hci0: command tx timeout [ 189.337436] Bluetooth: hci4: command tx timeout [ 189.403383] Bluetooth: hci3: command tx timeout [ 189.403502] Bluetooth: hci2: command tx timeout [ 189.465258] Bluetooth: hci5: command tx timeout [ 189.465557] Bluetooth: hci6: command tx timeout [ 189.529287] Bluetooth: hci7: command tx timeout [ 191.130252] Bluetooth: hci0: command tx timeout [ 191.130519] Bluetooth: hci1: command tx timeout [ 191.385245] Bluetooth: hci4: command tx timeout [ 191.449264] Bluetooth: hci3: command tx timeout [ 191.451230] Bluetooth: hci2: command tx timeout [ 191.514562] Bluetooth: hci5: command tx timeout [ 191.514602] Bluetooth: hci6: command tx timeout [ 191.577418] Bluetooth: hci7: command tx timeout [ 245.059142] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 245.061548] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 245.062632] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 245.065222] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 245.067064] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 245.157428] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 245.163602] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 245.164821] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 245.175341] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 245.182349] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 245.228696] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 245.230042] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 245.231715] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 245.232908] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 245.233921] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 245.240606] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 245.252654] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 245.257766] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 245.266593] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 245.270899] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 245.302605] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 245.350624] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 245.372520] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 245.374251] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 245.377157] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 245.394890] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 245.396822] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 245.414670] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 245.416704] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 245.420545] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 245.421780] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 245.434483] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 245.443510] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 245.448157] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 245.449744] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 245.470489] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 245.481769] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 245.507637] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 245.515625] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 245.551301] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 247.129297] Bluetooth: hci0: command tx timeout [ 247.257301] Bluetooth: hci1: command tx timeout [ 247.321245] Bluetooth: hci3: command tx timeout [ 247.385247] Bluetooth: hci2: command tx timeout [ 247.513534] Bluetooth: hci4: command tx timeout [ 247.513559] Bluetooth: hci5: command tx timeout [ 247.578482] Bluetooth: hci6: command tx timeout [ 247.769564] Bluetooth: hci7: command tx timeout [ 249.179339] Bluetooth: hci0: command tx timeout [ 249.305405] Bluetooth: hci1: command tx timeout [ 249.369394] Bluetooth: hci3: command tx timeout [ 249.434224] Bluetooth: hci2: command tx timeout [ 249.561256] Bluetooth: hci4: command tx timeout [ 249.562476] Bluetooth: hci5: command tx timeout [ 249.626375] Bluetooth: hci6: command tx timeout [ 249.817686] Bluetooth: hci7: command tx timeout [ 251.226850] Bluetooth: hci0: command tx timeout [ 251.356229] Bluetooth: hci1: command tx timeout [ 251.418441] Bluetooth: hci3: command tx timeout [ 251.481497] Bluetooth: hci2: command tx timeout [ 251.612259] Bluetooth: hci5: command tx timeout [ 251.612743] Bluetooth: hci4: command tx timeout [ 251.674263] Bluetooth: hci6: command tx timeout [ 251.866595] Bluetooth: hci7: command tx timeout [ 253.273468] Bluetooth: hci0: command tx timeout [ 253.401331] Bluetooth: hci1: command tx timeout [ 253.466539] Bluetooth: hci3: command tx timeout [ 253.530247] Bluetooth: hci2: command tx timeout [ 253.657277] Bluetooth: hci4: command tx timeout [ 253.658276] Bluetooth: hci5: command tx timeout [ 253.722375] Bluetooth: hci6: command tx timeout [ 253.913647] Bluetooth: hci7: command tx timeout [ 305.165056] syz-executor.6 (5497) used greatest stack depth: 24808 bytes left [ 307.320453] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 307.327437] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 307.330884] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 307.338899] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 307.343555] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 307.456242] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 307.467152] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 307.471993] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 307.485855] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 307.507486] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 307.524745] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 307.529063] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 307.535799] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 307.547578] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 307.573523] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 307.665133] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 307.685948] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 307.693239] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 307.710723] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 307.720288] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 307.725042] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 307.740477] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 307.777348] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 307.806101] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 307.827098] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 307.846781] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 307.854607] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 307.871839] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 307.930455] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 307.936437] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 307.970806] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 307.981949] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 308.005786] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 308.031755] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 308.053704] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 308.205719] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 308.222153] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 308.234877] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 308.289951] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 308.300742] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 309.401298] Bluetooth: hci0: command tx timeout [ 309.593521] Bluetooth: hci1: command tx timeout [ 309.658307] Bluetooth: hci2: command tx timeout [ 309.785270] Bluetooth: hci4: command tx timeout [ 309.913465] Bluetooth: hci3: command tx timeout [ 310.041352] Bluetooth: hci5: command tx timeout [ 310.170273] Bluetooth: hci6: command tx timeout [ 310.361270] Bluetooth: hci7: command tx timeout [ 311.449541] Bluetooth: hci0: command tx timeout [ 311.642246] Bluetooth: hci1: command tx timeout [ 311.706597] Bluetooth: hci2: command tx timeout [ 311.833371] Bluetooth: hci4: command tx timeout [ 311.961277] Bluetooth: hci3: command tx timeout [ 312.089595] Bluetooth: hci5: command tx timeout [ 312.217551] Bluetooth: hci6: command tx timeout [ 312.410422] Bluetooth: hci7: command tx timeout [ 313.497247] Bluetooth: hci0: command tx timeout [ 313.689273] Bluetooth: hci1: command tx timeout [ 313.753306] Bluetooth: hci2: command tx timeout [ 313.881290] Bluetooth: hci4: command tx timeout [ 314.009263] Bluetooth: hci3: command tx timeout [ 314.137255] Bluetooth: hci5: command tx timeout [ 314.265287] Bluetooth: hci6: command tx timeout [ 314.457248] Bluetooth: hci7: command tx timeout [ 315.545278] Bluetooth: hci0: command tx timeout [ 315.737303] Bluetooth: hci1: command tx timeout [ 315.801295] Bluetooth: hci2: command tx timeout [ 315.929706] Bluetooth: hci4: command tx timeout [ 316.057264] Bluetooth: hci3: command tx timeout [ 316.186221] Bluetooth: hci5: command tx timeout [ 316.313464] Bluetooth: hci6: command tx timeout [ 316.508230] Bluetooth: hci7: command tx timeout [ 370.027415] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 370.032584] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 370.036175] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 370.042963] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 370.050335] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 370.234532] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 370.240914] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 370.247641] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 370.250275] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 370.254906] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 370.261675] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 370.263769] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 370.270940] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 370.274612] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 370.287313] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 370.307734] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 370.324814] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 370.345137] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 370.350597] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 370.356475] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 370.362099] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 370.373746] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 370.394654] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 370.409848] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 370.414689] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 370.423047] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 370.426723] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 370.437715] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 370.450855] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 370.454069] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 370.459523] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 370.461666] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 370.469902] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 370.507281] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 370.511944] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 370.551822] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 370.554788] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 370.562022] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 370.562052] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 370.587458] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 372.122254] Bluetooth: hci0: command tx timeout [ 372.379463] Bluetooth: hci1: command tx timeout [ 372.441333] Bluetooth: hci2: command tx timeout [ 372.569531] Bluetooth: hci4: command tx timeout [ 372.570286] Bluetooth: hci3: command tx timeout [ 372.633264] Bluetooth: hci5: command tx timeout [ 372.703534] Bluetooth: hci7: command tx timeout [ 372.704011] Bluetooth: hci6: command tx timeout [ 374.172248] Bluetooth: hci0: command tx timeout [ 374.426534] Bluetooth: hci1: command tx timeout [ 374.489237] Bluetooth: hci2: command tx timeout [ 374.617299] Bluetooth: hci3: command tx timeout [ 374.618548] Bluetooth: hci4: command tx timeout [ 374.681559] Bluetooth: hci5: command tx timeout [ 374.745497] Bluetooth: hci7: command tx timeout [ 374.745571] Bluetooth: hci6: command tx timeout [ 376.217458] Bluetooth: hci0: command tx timeout [ 376.474222] Bluetooth: hci1: command tx timeout [ 376.538640] Bluetooth: hci2: command tx timeout [ 376.666619] Bluetooth: hci4: command tx timeout [ 376.667136] Bluetooth: hci3: command tx timeout [ 376.729319] Bluetooth: hci5: command tx timeout [ 376.793270] Bluetooth: hci6: command tx timeout [ 376.794528] Bluetooth: hci7: command tx timeout [ 378.265322] Bluetooth: hci0: command tx timeout [ 378.521252] Bluetooth: hci1: command tx timeout [ 378.588404] Bluetooth: hci2: command tx timeout [ 378.713573] Bluetooth: hci3: command tx timeout [ 378.714117] Bluetooth: hci4: command tx timeout [ 378.777541] Bluetooth: hci5: command tx timeout [ 378.841476] Bluetooth: hci7: command tx timeout [ 378.841517] Bluetooth: hci6: command tx timeout VM DIAGNOSIS: 16:15:26 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=0000000000000000 RCX=0000000000000001 RDX=0000000000000000 RSI=ffffffff81353c4d RDI=fffffbfff0b83a38 RBP=ffffffff85c1d1c0 RSP=ffff888029d571d0 R8 =0000000000000000 R9 =0000000000000000 R10=000000000003b67d R11=0000000000020fd9 R12=0000000000000002 R13=0000000000000000 R14=0000000000000000 R15=ffff888029d572b8 RIP=ffffffff8151b002 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e561b000 00000000 00000000 LDT=0000 fffffe4900000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f775782e028 CR3=000000000f743000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=6f732e616d7a6c62696c2f756e672d78 XMM02=00352e6f732e616d7a6c62696c2f756e XMM03=672d78756e696c2d34365f3638782f62 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=0000000000000001 RCX=0000000000000000 RDX=0000000000000000 RSI=ffffffff84b60afa RDI=fffffbfff0ba1dd3 RBP=ffffffff85d0ee98 RSP=ffff888034f973f8 R8 =0000000000000001 R9 =0000000000000000 R10=ffffffff8641f657 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000cc0 RIP=ffffffff8151affc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e571b000 00000000 00000000 LDT=0000 fffffe2c00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000564b550a14c8 CR3=000000002b995000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0070656474666f732e73656c75646f6d XMM01=0070656474666f732e73656c75646f6d XMM02=00000000000000000000ffffffffffff XMM03=00000000000000000000ff00000000ff XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=676f6c206d6f74737563000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000