Warning: Permanently added '[localhost]:39540' (ECDSA) to the list of known hosts. 2025/06/02 01:11:58 fuzzer started 2025/06/02 01:11:59 dialing manager at localhost:34361 syzkaller login: [ 100.130351] cgroup: Unknown subsys name 'net' [ 100.200315] cgroup: Unknown subsys name 'cpuset' [ 100.221860] cgroup: Unknown subsys name 'rlimit' 2025/06/02 01:12:15 syscalls: 205 2025/06/02 01:12:15 code coverage: enabled 2025/06/02 01:12:15 comparison tracing: enabled 2025/06/02 01:12:15 extra coverage: enabled 2025/06/02 01:12:15 setuid sandbox: enabled 2025/06/02 01:12:15 namespace sandbox: enabled 2025/06/02 01:12:15 Android sandbox: enabled 2025/06/02 01:12:15 fault injection: enabled 2025/06/02 01:12:15 leak checking: enabled 2025/06/02 01:12:15 net packet injection: enabled 2025/06/02 01:12:15 net device setup: enabled 2025/06/02 01:12:15 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/06/02 01:12:15 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/06/02 01:12:15 USB emulation: enabled 2025/06/02 01:12:15 hci packet injection: enabled 2025/06/02 01:12:15 wifi device emulation: enabled 2025/06/02 01:12:15 802.15.4 emulation: enabled 2025/06/02 01:12:15 fetching corpus: 0, signal 0/0 (executing program) 2025/06/02 01:12:16 starting 8 fuzzer processes 01:12:16 executing program 0: getsockname$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, &(0x7f0000000040)=0x10) r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @broadcast}, &(0x7f00000000c0)=0x10, 0x800) r1 = accept4$inet(r0, &(0x7f0000000100)={0x2, 0x0, @broadcast}, &(0x7f0000000140)=0x10, 0x800) ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, &(0x7f0000000180)) bind$inet(r1, &(0x7f0000000300)={0x2, 0x4e20, @private=0x1}, 0x10) r2 = accept4$inet(r0, &(0x7f0000000340)={0x2, 0x0, @empty}, &(0x7f0000000380)=0x10, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f00000003c0)={'mangle\x00', 0x7b, "937d756d3195c122b3873ec07adfcfc7a0f5c8b824c1cda24b5d749191e7243bc20fc6a4322103007c761dc8f825f89a09b27a0021df2f39a5f3f0ff4de64fa34c304c56f4aee3c988516083cbc6d04b77fac6157097d508be938e43a352ac2a5fa534f4de461265942f1f9cef9e2dc3d311a337530750a5111bd3"}, &(0x7f0000000480)=0x9f) setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f00000004c0)={0x40, 0x0, 0x3f, 0x8, 0x1}, 0xc) setsockopt$IP_VS_SO_SET_EDITDEST(r0, 0x0, 0x489, &(0x7f0000000500)={{0x32, @remote, 0x4e20, 0x0, 'none\x00', 0x29, 0xc5, 0x54}, {@multicast2, 0x4e22, 0x10000, 0x5, 0x3, 0x8}}, 0x44) setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000580)={{{@in6=@mcast2, @in6=@loopback, 0x4e23, 0x3, 0x4e20, 0x81, 0x2, 0x0, 0x20, 0x2d, 0x0, 0xffffffffffffffff}, {0x5, 0x2, 0x7, 0x8, 0x3f, 0x1, 0x3, 0x2bc3b2e8}, {0x4, 0x8, 0x9, 0x17}, 0x2, 0x6e6bb9, 0x2, 0x0, 0x1}, {{@in6=@private0, 0x4d6, 0x2b}, 0x2, @in6=@mcast2, 0x0, 0x3, 0x2, 0x80, 0x4, 0x8, 0xffff}}, 0xe8) getsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, &(0x7f0000000680), &(0x7f00000006c0)=0x4) getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000700)={'security\x00', 0xcc, "ea57e44856199574931d1074113b9c1f3a50efde5689b5bab21d3221289a4c5178f5243e036c62f8db40be1b705c043e023f68851811b4f769faa96d7145333c7c6021e9f73b747ec21597190496ba881e7acf5cf18e588e93703353687fe7d0e0979ccfc6e803714edb519121806f6a2ecdadaaf6c96ebad20d19aa160ced6844a939856e91a9c76dafaa732405cc54d24485f9d39af08dcc6d8e4c810671cac14cb1a4760acc9d6e9e57fd87c6c954cabb8c31177753d7ff377d6108485bfd3318fba24a50a8902c8b5131"}, &(0x7f0000000800)=0xf0) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000840)={0x0, @initdev}, &(0x7f0000000880)=0xc) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000940)={'ip6tnl0\x00', &(0x7f00000008c0)={'syztnl0\x00', r3, 0x2f, 0x40, 0x2, 0x20, 0x10, @ipv4={'\x00', '\xff\xff', @loopback}, @remote, 0x8000, 0x8, 0x0, 0x1}}) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000980)={{{@in6=@dev, @in6=@loopback}}, {{@in=@empty}, 0x0, @in6=@empty}}, &(0x7f0000000a80)=0xe8) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x34, 0x0, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @empty}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_LINK={0x8}]}, 0x34}}, 0x4800) setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000bc0)={0x3b, 0xc, 0x0, 0x4, 0x0, [@empty, @ipv4={'\x00', '\xff\xff', @remote}, @local, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local]}, 0x68) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2f, &(0x7f0000000c40)={0x3, {{0xa, 0x4e23, 0x6, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3}}, {{0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, '\x00', 0x1e}, 0x1}}}, 0x108) r4 = socket$inet(0x2, 0xa, 0x5) getsockopt$IPT_SO_GET_REVISION_MATCH(r4, 0x0, 0x42, &(0x7f0000000d80)={'HL\x00'}, &(0x7f0000000dc0)=0x1e) 01:12:16 executing program 1: getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x46, &(0x7f0000000000), &(0x7f0000000040)=0x4) r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) accept4$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private1}, &(0x7f00000000c0)=0x1c, 0x80000) r1 = socket(0x6, 0x4, 0xffffffff) setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000100)=0x2, 0x4) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e24, 0x5, @remote, 0x8000}, 0x1c) inotify_rm_watch(r1, 0x0) r2 = inotify_init1(0x80000) inotify_add_watch(r2, &(0x7f0000000180)='./file0\x00', 0x100) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000001c0)={'wlan1\x00'}) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r4, 0x3304) setsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f0000000240)={@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast}, 0x8) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000280), r5) r6 = accept4$inet(r1, &(0x7f00000002c0), &(0x7f0000000300)=0x10, 0x80000) getsockopt$EBT_SO_GET_INIT_INFO(r6, 0x0, 0x82, &(0x7f0000000340)={'filter\x00', 0x0, 0x0, 0x0, [0x32, 0x1, 0x80, 0x80, 0x9, 0x10000]}, &(0x7f00000003c0)=0x78) getsockopt$inet6_int(r2, 0x29, 0x84, &(0x7f0000000400), &(0x7f0000000440)=0x4) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r4, 0x80083313, &(0x7f0000000480)) 01:12:16 executing program 2: setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2c, &(0x7f0000000000)={0x4, {{0xa, 0x4e24, 0xffffffff, @mcast1, 0x7}}, {{0xa, 0x4e20, 0x9, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x4}}}, 0x108) setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in=@local, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4e22, 0x4, 0x4e22, 0x88f2, 0xa, 0xa0, 0x80, 0x1, 0x0, 0xffffffffffffffff}, {0x2, 0x7fffffff, 0x200, 0x1, 0x4, 0x5, 0x1, 0x6}, {0x94f, 0x8, 0x3, 0x1a25}, 0x93, 0x6e6bb6, 0x2, 0x0, 0x3, 0x1}, {{@in=@multicast1, 0x4d2, 0x32}, 0x2, @in6=@local, 0x3501, 0x4, 0x1, 0x4, 0x0, 0x2, 0x1acb}}, 0xe8) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000240)={@mcast2, 0x2b}) setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000280)={{0xa, 0x4e24, 0x8001, @private2={0xfc, 0x2, '\x00', 0x1}, 0x400}, {0xa, 0x4e21, 0xc09, @mcast2, 0x4}, 0x8e, [0x8, 0x80000001, 0x8, 0x9c, 0x7, 0x30000000, 0x3, 0x5]}, 0x5c) ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0) r0 = syz_open_dev$rtc(&(0x7f0000000300), 0x1f5, 0x201) ioctl$RTC_AIE_ON(r0, 0x7001) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000340)={0x0, @loopback, @initdev}, &(0x7f0000000380)=0xc) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000003c0)={@mcast2, 0x35, r2}) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000400)={'raw\x00', 0x0, [0xff, 0x7fffffff, 0x4, 0x0, 0x80000001]}, &(0x7f0000000480)=0x54) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f00000004c0)={0x88, 0x24, '\x00', [@ra={0x5, 0x2, 0x2}, @hao={0xc9, 0x10, @remote}, @calipso={0x7, 0x18, {0x0, 0x4, 0x3, 0xdb, [0x4, 0x5]}}, @ra={0x5, 0x2, 0x6}, @pad1, @generic={0x6, 0xe9, "0261cd51dbf7fc1673c8be622dc81e4fd8c9e25b5b3241ef235af2ee669adbee735586a75e290a3d84c7c3c0eff3ac25fabb0d20ff9e5e977d1532523ebdc9886d5db2a504eff00b2b8db0489b1300d526d35a021b712069818a1195ad5aece2bcf45d0ed86a861ce5358e9e15bc2788f898b0908799860f92a97fa62cfab6d43e310d94e509de96c67d7581252707b1d27f58854f4c58a00e527964b07d1731b118881a111374db4c4d1e465184ef9623f8b5467e7903a8c3acd5272669ddb741795691c462702cad9a4f9117c5781769cb67c1a951208f0b440b7d251754130bb57f526548338286"}, @ra={0x5, 0x2, 0x7}]}, 0x130) ioctl$RTC_VL_CLR(0xffffffffffffffff, 0x7014) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000600)={'\x00', 0xa554, 0x101, 0x4, 0x8}) getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, &(0x7f0000000680)={'HL\x00'}, &(0x7f00000006c0)=0x1e) accept4$inet6(r3, &(0x7f0000000700)={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @remote}}, &(0x7f0000000740)=0x1c, 0x800) r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000780), 0xc2200) ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000007c0)={{0x3, 0x3, 0x8001, 0x3, 0x1}}) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x40, 0x0, 0x800, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x200, 0x1a}}}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x8}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x62}, @NL80211_ATTR_IFINDEX={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x6}, 0x400080d) [ 117.601441] audit: type=1400 audit(1748826736.631:7): avc: denied { execmem } for pid=280 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 01:12:16 executing program 3: r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x10, 0x80800) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) r1 = socket$inet(0x2, 0x80000, 0x6b52) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000000c0)={0x0, @multicast1, @broadcast}, &(0x7f0000000100)=0xc) r2 = socket$inet(0x2, 0x1, 0x3ff) setsockopt$IP_VS_SO_SET_EDITDEST(r2, 0x0, 0x489, &(0x7f0000000140)={{0x1d, @loopback, 0x4e20, 0x4, 'wrr\x00', 0x4, 0x2, 0x29}, {@multicast2, 0x4e23, 0x3, 0x8, 0x2, 0x9}}, 0x44) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000200), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x90, r3, 0x8, 0x70bd2c, 0x25dfdbff, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x401}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x4}, @NBD_ATTR_SOCKETS={0x34, 0x7, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}, {0x8, 0x1, r4}, {0x8, 0x1, r5}]}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x100}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8000}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x9}]}, 0x90}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff}) sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x54, r3, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x8a98}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0x8, 0x1, r5}, {0x8, 0x1, r4}, {0x8, 0x1, r6}]}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}]}, 0x54}, 0x1, 0x0, 0x0, 0x81}, 0x4000) r7 = syz_genetlink_get_family_id$nbd(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x20, r7, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x100}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x4000800) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f00000006c0), 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x20, r7, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x1) setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f00000007c0)={0x9, 0x0, 0x0, 0x2, 0x7ff}, 0xc) ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, &(0x7f0000000800)) r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000000880), 0xffffffffffffffff) r9 = socket(0x1f, 0xb6060841ac2676c, 0x9) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000980)={&(0x7f00000008c0)={0x84, r8, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x34, 0x7, 0x0, 0x1, [{0x8, 0x1, r5}, {0x8, 0x1, r6}, {0x8, 0x1, r6}, {0x8, 0x1, r5}, {0x8, 0x1, r9}, {0x8, 0x1, r4}]}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_SOCKETS={0xc, 0x7, 0x0, 0x1, [{0x8, 0x1, r5}]}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x2}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x101}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x1}]}, 0x84}}, 0xc041) 01:12:16 executing program 4: r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IEEE802154_SCAN_REQ(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0xf7}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000040) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r1) sendmsg$IEEE802154_LLSEC_ADD_DEV(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r0, 0x20, 0x70bd2a, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0xffffffe0}]}, 0x1c}}, 0x4000) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r1) sendmsg$IEEE802154_LIST_PHY(r1, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r3, 0x400, 0x70bd26, 0x25dfdbfe, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4810}, 0x4000) r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000400), r1) r5 = socket(0x1e, 0x4, 0x100) r6 = socket(0x25, 0x805, 0x0) r7 = socket(0xa, 0x1, 0x3) r8 = socket(0xf, 0x3, 0x4) sendmsg$NBD_CMD_STATUS(r1, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0xb8, r4, 0x300, 0x70bd25, 0x25dfdbfb, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_SOCKETS={0x2c, 0x7, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}, {0x8}]}, @NBD_ATTR_SOCKETS={0x3c, 0x7, 0x0, 0x1, [{0x8, 0x1, r5}, {0x8}, {0x8, 0x1, r6}, {0x8}, {0x8, 0x1, r7}, {0x8}, {0x8, 0x1, r8}]}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x100}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x4}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xee}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4040000}, 0x50) syz_genetlink_get_family_id$nbd(&(0x7f0000000580), r1) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r9, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x38, r2, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x6f}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c840}, 0x85) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000700)={'wpan3\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_KEY(r9, &(0x7f0000000800)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x80, r3, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa2}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "ab40d99ae8d2e73aa75b22a543ac5798"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0xb5}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x2}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x400}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "5f3a0b38c7c58f74bac1be84ea6c1db7"}]}, 0x80}, 0x1, 0x0, 0x0, 0x20044000}, 0x24008080) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r8, 0x6, 0x21, &(0x7f0000000840)="457572740247dbf1ee5b06a459bae9fc", 0x10) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x24, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010102}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x1) 01:12:16 executing program 6: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x108, 0x70bd2c, 0x25dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8841}, 0x44804) sendmsg$IEEE802154_SCAN_REQ(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x5c, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x1a}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x9}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0xb}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x18}, @IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x40}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x4}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0xf}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x16}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x7}]}, 0x5c}, 0x1, 0x0, 0x0, 0x880}, 0x44000) sendmsg$IEEE802154_START_REQ(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, 0x0, 0x416, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_COORD_REALIGN={0x5, 0x1b, 0x2b}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x3}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x6}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0xffff}, @IEEE802154_ATTR_PAN_COORD={0x5, 0x19, 0x5}, @IEEE802154_ATTR_SF_ORD={0x5, 0x18, 0x2}]}, 0x44}, 0x1, 0x0, 0x0, 0x24010080}, 0x4004) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000380), r0) sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x20, 0x0, 0x2, 0x70bd29, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x20040085) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x30, r1, 0x800, 0x70bd2c, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x80000000}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x5000}, 0x80) accept4$inet(0xffffffffffffffff, &(0x7f00000005c0)={0x2, 0x0, @dev}, &(0x7f0000000600)=0x10, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x38, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x41}, 0x40004) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000740)) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r2) sendmsg$IEEE802154_START_REQ(r2, &(0x7f00000008c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x54, r3, 0x800, 0x70bd29, 0x25dfdbfc, {}, [@IEEE802154_ATTR_SF_ORD={0x5, 0x18, 0x4}, @IEEE802154_ATTR_BCN_ORD={0x5, 0x17, 0x2}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x15}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x11}, @IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0x6}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x2}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x81}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x84f1b2e61b1f3b4a) ioctl$RTC_WKALM_RD(0xffffffffffffffff, 0x80287010, &(0x7f0000000900)) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000980), r0) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x2c, r4, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x4}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x94) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000b40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x28, 0x0, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xfffffffffffffe01}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x28}, 0x1, 0x0, 0x0, 0x48000}, 0x4) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r6, &(0x7f0000000c40)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x14, r4, 0x800, 0x70bd25, 0x25dfdbfb, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x84041) 01:12:16 executing program 5: ioctl$RTC_VL_CLR(0xffffffffffffffff, 0x7014) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000000)={0x8, {{0x2, 0x4e20, @remote}}, 0x1, 0x1, [{{0x2, 0x4e20, @local}}]}, 0x110) syz_open_dev$rtc(&(0x7f0000000140), 0x6, 0x1) r0 = syz_open_dev$rtc(&(0x7f0000000180), 0xf4, 0x200000) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x8ed) setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f00000001c0)={{0xa, 0x4e23, 0xfffffff8, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x710}, {0xa, 0x4e24, 0x9, @empty, 0xcd}, 0x2, [0x2, 0x7, 0xf1a, 0x3, 0xcd, 0xfff, 0x80000001, 0x8]}, 0x5c) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000240)={{0x29, @local, 0x4e20, 0x2, 'rr\x00', 0x2, 0x7f, 0x7f}, {@remote, 0x4e24, 0x10000, 0x1ff, 0x8001, 0x5}}, 0x44) sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20800008}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x38, 0x0, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x48884) syz_genetlink_get_family_id$smc(&(0x7f00000003c0), 0xffffffffffffffff) r1 = syz_open_dev$rtc(&(0x7f0000000400), 0x7ff, 0x2000) ioctl$RTC_WIE_OFF(r1, 0x7010) getsockname$inet6(0xffffffffffffffff, &(0x7f0000000440)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000480)=0x1c) r2 = accept4$inet(0xffffffffffffffff, &(0x7f00000004c0)={0x2, 0x0, @remote}, &(0x7f0000000500)=0x10, 0x80000) getsockopt$EBT_SO_GET_INIT_INFO(r2, 0x0, 0x82, &(0x7f0000000540)={'filter\x00', 0x0, 0x0, 0x0, [0x49, 0xffffffff, 0x1, 0xe62, 0x2, 0x96]}, &(0x7f00000005c0)=0x78) r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x20, r3, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x80) r4 = socket(0x15, 0xa, 0x0) getsockopt$bt_sco_SCO_CONNINFO(r4, 0x11, 0x2, &(0x7f0000000740)=""/108, &(0x7f00000007c0)=0x6c) socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000880)={0x33, 0x6, 0x1, 0x1f, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @empty, @mcast1]}, 0x38) 01:12:16 executing program 7: r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan4\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x44, r0, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x40}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x6}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0xc0}]}, 0x44}, 0x1, 0x0, 0x0, 0x8010}, 0x4000) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x12000002}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r0, 0x10, 0x70bd27, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x19}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x7}]}, 0x34}}, 0x24044004) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, r0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x7f}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x9}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x845}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wpan3\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x78, r0, 0x214, 0x70bd28, 0x25dfdbfe, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "873e14378f22265b947d76257b42c503ca43dd892da0da4a5b6044968853dda2"}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r2}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xfffe}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}]}, 0x78}, 0x1, 0x0, 0x0, 0x44}, 0x20000044) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_GETPARAMS(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x58, r0, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r2}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r2}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008091}, 0x4000) sendmsg$IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x14, 0x0, 0x200, 0x70bd2b, 0x25dfdbfc}, 0x14}}, 0x4008054) sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r0, 0x10, 0x70bd28, 0x25dfdbfc, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x400c040}, 0x4008007) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r4) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r4, &(0x7f0000000a00)={&(0x7f0000000940), 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x24, r5, 0x704, 0x70bd28, 0x8001, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) sendmsg$IEEE802154_LIST_PHY(r4, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14, r5, 0x2, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4008001}, 0x4004040) sendmsg$IEEE802154_SET_MACPARAMS(r4, &(0x7f0000000c40)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b80)={0x5c, r5, 0x800, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_CSMA_RETRIES={0x5, 0x25, 0xe4}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x42}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x7}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x3f}, @IEEE802154_ATTR_CSMA_RETRIES={0x5, 0x25, 0xd4}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r2}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0xd4}, @IEEE802154_ATTR_CSMA_RETRIES={0x5, 0x25, 0x1}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x20044081) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r6, &(0x7f0000000d40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x38, r0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x2}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x4}, @IEEE802154_ATTR_SHORT_ADDR={0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004000}, 0x4000080) sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000e80)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x4c, r5, 0x300, 0x70bd25, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x3f}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x6}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x9}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x8001}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0xe1}, @IEEE802154_ATTR_CSMA_RETRIES={0x5, 0x25, 0x9b}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x10) [ 119.109679] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 119.113554] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 119.123776] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 119.132867] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 119.140110] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 119.189407] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 119.193173] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 119.195505] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 119.198781] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 119.203422] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 119.207611] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 119.212789] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 119.222125] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 119.229250] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 119.232645] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 119.238656] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 119.243950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 119.256581] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 119.271591] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 119.295073] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 119.356293] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 119.364604] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 119.371681] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 119.378611] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 119.381532] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 119.385388] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 119.387377] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 119.392762] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 119.394331] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 119.395735] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 119.400702] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 119.403981] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 119.409305] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 119.411168] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 119.419260] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 119.424815] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 119.427511] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 119.445114] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 119.448262] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 119.452870] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 121.194188] Bluetooth: hci0: command tx timeout [ 121.256260] Bluetooth: hci1: command tx timeout [ 121.320557] Bluetooth: hci2: command tx timeout [ 121.383694] Bluetooth: hci3: command tx timeout [ 121.511327] Bluetooth: hci5: command tx timeout [ 121.512274] Bluetooth: hci7: command tx timeout [ 121.575201] Bluetooth: hci6: command tx timeout [ 121.575881] Bluetooth: hci4: command tx timeout [ 123.239228] Bluetooth: hci0: command tx timeout [ 123.303091] Bluetooth: hci1: command tx timeout [ 123.367120] Bluetooth: hci2: command tx timeout [ 123.432199] Bluetooth: hci3: command tx timeout [ 123.559254] Bluetooth: hci7: command tx timeout [ 123.559703] Bluetooth: hci5: command tx timeout [ 123.624261] Bluetooth: hci4: command tx timeout [ 123.624753] Bluetooth: hci6: command tx timeout [ 125.288812] Bluetooth: hci0: command tx timeout [ 125.351171] Bluetooth: hci1: command tx timeout [ 125.416424] Bluetooth: hci2: command tx timeout [ 125.479374] Bluetooth: hci3: command tx timeout [ 125.607881] Bluetooth: hci5: command tx timeout [ 125.608962] Bluetooth: hci7: command tx timeout [ 125.672129] Bluetooth: hci6: command tx timeout [ 125.673466] Bluetooth: hci4: command tx timeout [ 127.335128] Bluetooth: hci0: command tx timeout [ 127.400808] Bluetooth: hci1: command tx timeout [ 127.463493] Bluetooth: hci2: command tx timeout [ 127.527582] Bluetooth: hci3: command tx timeout [ 127.656634] Bluetooth: hci5: command tx timeout [ 127.657802] Bluetooth: hci7: command tx timeout [ 127.719232] Bluetooth: hci4: command tx timeout [ 127.720419] Bluetooth: hci6: command tx timeout [ 179.026855] syz-executor.1 (292) used greatest stack depth: 24576 bytes left [ 181.701646] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 181.703707] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 181.712630] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 181.715185] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 181.722824] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 181.727253] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 181.730495] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 181.739628] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 181.747836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 181.750849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 181.752436] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 181.754532] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 181.781512] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 181.789432] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 181.794967] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 181.882914] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 181.887463] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 181.889832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 181.894937] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 181.900768] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 181.967863] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 182.003318] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 182.007751] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 182.011311] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 182.021401] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 182.029257] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 182.029572] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 182.035512] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 182.051135] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 182.077259] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 182.081217] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 182.083575] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 182.085067] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 182.087710] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 182.092721] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 182.095786] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 182.129234] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 182.134183] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 182.176213] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 182.178191] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 183.783085] Bluetooth: hci0: command tx timeout [ 183.783163] Bluetooth: hci1: command tx timeout [ 183.847492] Bluetooth: hci2: command tx timeout [ 183.977286] Bluetooth: hci3: command tx timeout [ 184.106032] Bluetooth: hci4: command tx timeout [ 184.167064] Bluetooth: hci6: command tx timeout [ 184.231095] Bluetooth: hci5: command tx timeout [ 184.295058] Bluetooth: hci7: command tx timeout [ 185.831079] Bluetooth: hci1: command tx timeout [ 185.831328] Bluetooth: hci0: command tx timeout [ 185.896155] Bluetooth: hci2: command tx timeout [ 186.024054] Bluetooth: hci3: command tx timeout [ 186.151186] Bluetooth: hci4: command tx timeout [ 186.216114] Bluetooth: hci6: command tx timeout [ 186.281275] Bluetooth: hci5: command tx timeout [ 186.343364] Bluetooth: hci7: command tx timeout [ 187.879090] Bluetooth: hci1: command tx timeout [ 187.879575] Bluetooth: hci0: command tx timeout [ 187.943240] Bluetooth: hci2: command tx timeout [ 188.071093] Bluetooth: hci3: command tx timeout [ 188.199053] Bluetooth: hci4: command tx timeout [ 188.263048] Bluetooth: hci6: command tx timeout [ 188.327258] Bluetooth: hci5: command tx timeout [ 188.391098] Bluetooth: hci7: command tx timeout [ 189.928066] Bluetooth: hci0: command tx timeout [ 189.928280] Bluetooth: hci1: command tx timeout [ 189.993059] Bluetooth: hci2: command tx timeout [ 190.119167] Bluetooth: hci3: command tx timeout [ 190.249328] Bluetooth: hci4: command tx timeout [ 190.312207] Bluetooth: hci6: command tx timeout [ 190.376225] Bluetooth: hci5: command tx timeout [ 190.439060] Bluetooth: hci7: command tx timeout [ 243.832375] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 243.835756] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 243.837131] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 243.842274] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 243.845411] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 243.963828] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 243.971311] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 243.976448] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 243.995297] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 243.997330] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 244.038822] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 244.061601] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 244.065703] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 244.077446] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 244.098914] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 244.173196] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 244.183950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 244.217901] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 244.229265] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 244.236542] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 244.240651] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 244.249847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 244.252348] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 244.256332] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 244.272803] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 244.277687] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 244.306544] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 244.323509] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 244.339356] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 244.346304] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 244.395787] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 244.417525] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 244.425155] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 244.425621] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 244.435477] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 244.436533] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 244.494518] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 244.502505] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 244.504446] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 244.526519] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 245.927256] Bluetooth: hci0: command tx timeout [ 246.056028] Bluetooth: hci1: command tx timeout [ 246.183245] Bluetooth: hci2: command tx timeout [ 246.375109] Bluetooth: hci3: command tx timeout [ 246.439120] Bluetooth: hci5: command tx timeout [ 246.439209] Bluetooth: hci4: command tx timeout [ 246.632509] Bluetooth: hci6: command tx timeout [ 246.632562] Bluetooth: hci7: command tx timeout [ 247.976068] Bluetooth: hci0: command tx timeout [ 248.103419] Bluetooth: hci1: command tx timeout [ 248.233061] Bluetooth: hci2: command tx timeout [ 248.423121] Bluetooth: hci3: command tx timeout [ 248.487254] Bluetooth: hci4: command tx timeout [ 248.487340] Bluetooth: hci5: command tx timeout [ 248.679119] Bluetooth: hci7: command tx timeout [ 248.679232] Bluetooth: hci6: command tx timeout [ 250.024284] Bluetooth: hci0: command tx timeout [ 250.152141] Bluetooth: hci1: command tx timeout [ 250.280123] Bluetooth: hci2: command tx timeout [ 250.472147] Bluetooth: hci3: command tx timeout [ 250.535102] Bluetooth: hci5: command tx timeout [ 250.536232] Bluetooth: hci4: command tx timeout [ 250.727221] Bluetooth: hci7: command tx timeout [ 250.728660] Bluetooth: hci6: command tx timeout [ 252.072257] Bluetooth: hci0: command tx timeout [ 252.201076] Bluetooth: hci1: command tx timeout [ 252.327203] Bluetooth: hci2: command tx timeout [ 252.521094] Bluetooth: hci3: command tx timeout [ 252.583128] Bluetooth: hci4: command tx timeout [ 252.583168] Bluetooth: hci5: command tx timeout [ 252.775179] Bluetooth: hci7: command tx timeout [ 252.775691] Bluetooth: hci6: command tx timeout [ 306.116419] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 306.119327] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 306.124665] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 306.145240] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 306.157340] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 306.494782] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 306.506433] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 306.509325] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 306.519518] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 306.529692] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 306.535555] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 306.537815] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 306.548697] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 306.562664] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 306.577790] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 306.641205] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 306.647626] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 306.652501] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 306.676425] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 306.686576] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 306.795473] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 306.808804] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 306.816523] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 306.820143] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 306.829737] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 306.831625] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 306.837204] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 306.839259] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 306.849149] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 306.856466] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 306.866488] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 306.869881] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 306.882417] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 306.888371] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 306.890726] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 306.898799] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 306.901322] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 306.904598] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 306.914898] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 306.933782] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 308.201073] Bluetooth: hci0: command tx timeout [ 308.647652] Bluetooth: hci2: command tx timeout [ 308.647679] Bluetooth: hci1: command tx timeout [ 308.775571] Bluetooth: hci3: command tx timeout [ 308.967141] Bluetooth: hci4: command tx timeout [ 309.031177] Bluetooth: hci5: command tx timeout [ 309.031202] Bluetooth: hci7: command tx timeout [ 309.031502] Bluetooth: hci6: command tx timeout [ 310.247086] Bluetooth: hci0: command tx timeout [ 310.695104] Bluetooth: hci1: command tx timeout [ 310.695752] Bluetooth: hci2: command tx timeout [ 310.826048] Bluetooth: hci3: command tx timeout [ 311.018037] Bluetooth: hci4: command tx timeout [ 311.079274] Bluetooth: hci7: command tx timeout [ 311.079726] Bluetooth: hci5: command tx timeout [ 311.081298] Bluetooth: hci6: command tx timeout [ 312.295311] Bluetooth: hci0: command tx timeout [ 312.744231] Bluetooth: hci1: command tx timeout [ 312.746093] Bluetooth: hci2: command tx timeout [ 312.872053] Bluetooth: hci3: command tx timeout [ 313.064213] Bluetooth: hci4: command tx timeout [ 313.127315] Bluetooth: hci7: command tx timeout [ 313.127771] Bluetooth: hci6: command tx timeout [ 313.127811] Bluetooth: hci5: command tx timeout [ 314.344548] Bluetooth: hci0: command tx timeout [ 314.794167] Bluetooth: hci1: command tx timeout [ 314.794674] Bluetooth: hci2: command tx timeout [ 314.920140] Bluetooth: hci3: command tx timeout [ 315.111270] Bluetooth: hci4: command tx timeout [ 315.176043] Bluetooth: hci5: command tx timeout [ 315.176164] Bluetooth: hci6: command tx timeout [ 315.176525] Bluetooth: hci7: command tx timeout [ 366.551686] syz-executor.2 (7899) used greatest stack depth: 24544 bytes left [ 368.825342] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 368.831762] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 368.835890] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 368.850731] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 368.858852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 368.903788] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 368.908642] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 368.914359] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 368.921751] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 368.928708] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 368.969405] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 368.975912] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 368.985328] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 368.988075] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 368.995773] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 368.998746] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 368.999638] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 369.020685] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 369.037559] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 369.075450] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 369.080559] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 369.093340] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 369.095348] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 369.098666] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 369.100506] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 369.103155] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 369.110267] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 369.120539] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 369.125308] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 369.128605] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 369.139769] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 369.150942] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 369.152768] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 369.160793] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 369.168800] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 369.186960] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 369.192233] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 369.203468] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 369.219178] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 369.233604] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 370.921025] Bluetooth: hci0: command tx timeout [ 370.983103] Bluetooth: hci1: command tx timeout [ 371.111078] Bluetooth: hci2: command tx timeout [ 371.177244] Bluetooth: hci3: command tx timeout [ 371.240366] Bluetooth: hci4: command tx timeout [ 371.240409] Bluetooth: hci5: command tx timeout [ 371.303326] Bluetooth: hci6: command tx timeout [ 371.367155] Bluetooth: hci7: command tx timeout [ 372.967097] Bluetooth: hci0: command tx timeout [ 373.031414] Bluetooth: hci1: command tx timeout [ 373.159064] Bluetooth: hci2: command tx timeout [ 373.223543] Bluetooth: hci3: command tx timeout [ 373.287422] Bluetooth: hci5: command tx timeout [ 373.287525] Bluetooth: hci4: command tx timeout [ 373.351223] Bluetooth: hci6: command tx timeout [ 373.416201] Bluetooth: hci7: command tx timeout [ 375.016021] Bluetooth: hci0: command tx timeout [ 375.080123] Bluetooth: hci1: command tx timeout [ 375.208257] Bluetooth: hci2: command tx timeout [ 375.271288] Bluetooth: hci3: command tx timeout [ 375.335185] Bluetooth: hci4: command tx timeout [ 375.336187] Bluetooth: hci5: command tx timeout [ 375.399069] Bluetooth: hci6: command tx timeout [ 375.463388] Bluetooth: hci7: command tx timeout [ 377.064419] Bluetooth: hci0: command tx timeout [ 377.127242] Bluetooth: hci1: command tx timeout [ 377.255068] Bluetooth: hci2: command tx timeout [ 377.319433] Bluetooth: hci3: command tx timeout [ 377.383100] Bluetooth: hci5: command tx timeout [ 377.383601] Bluetooth: hci4: command tx timeout [ 377.447152] Bluetooth: hci6: command tx timeout [ 377.513024] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 01:17:18 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff867b3aaa RDX=0000000000000001 RSI=0000000000000000 RDI=ffffffff867b3aac RBP=ffff88802637f0f0 RSP=ffff88802637efd8 R8 =0000000000000001 R9 =ffff88802637f0d8 R10=000000000003b6bd R11=0000000000004424 R12=ffff88802637f0f8 R13=ffff88802637f0e0 R14=ffff88802637f140 R15=ffff88802637f098 RIP=ffffffff81355466 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e561b000 00000000 00000000 LDT=0000 fffffe5100000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f90762a0368 CR3=000000002f4b7000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=322e6f732e6c6462696c2f756e672d78 XMM02=00322e6f732e6c6462696c2f756e672d XMM03=78756e696c2d34365f3638782f62696c XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff8688518f RBX=0000000000000001 RCX=ffffffff8688518c RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff8688518e RBP=ffff88802579fa20 RSP=ffff88802579f958 R8 =0000000000000001 R9 =ffff88802579fa08 R10=000000000003b6bd R11=00000000000272a4 R12=ffff88802579fa28 R13=ffff88802579fa10 R14=ffff88802579fe78 R15=ffff88802579f9c8 RIP=ffffffff81355447 RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f7dfb2f6540 00000000 00000000 GS =0000 ffff8880e571b000 00000000 00000000 LDT=0000 fffffe4400000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fc5e17eef00 CR3=000000001c6e1000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=2e7473696c6b63616c622d7665646266 XMM01=00666e6f632e7473696c6b63616c622d XMM02=00000000000000000000ffffffffffff XMM03=00000000000000000000ff00000000ff XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=676f6c206d6f74737563000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000