Warning: Permanently added '[localhost]:59957' (ECDSA) to the list of known hosts. 2022/10/04 11:59:15 fuzzer started 2022/10/04 11:59:15 dialing manager at localhost:35095 syzkaller login: [ 42.127367] cgroup: Unknown subsys name 'net' [ 42.206606] cgroup: Unknown subsys name 'rlimit' 2022/10/04 11:59:30 syscalls: 200 2022/10/04 11:59:30 code coverage: enabled 2022/10/04 11:59:30 comparison tracing: enabled 2022/10/04 11:59:30 extra coverage: enabled 2022/10/04 11:59:30 setuid sandbox: enabled 2022/10/04 11:59:30 namespace sandbox: enabled 2022/10/04 11:59:30 Android sandbox: enabled 2022/10/04 11:59:30 fault injection: enabled 2022/10/04 11:59:30 leak checking: enabled 2022/10/04 11:59:30 net packet injection: enabled 2022/10/04 11:59:30 net device setup: enabled 2022/10/04 11:59:30 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/04 11:59:30 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/04 11:59:30 USB emulation: enabled 2022/10/04 11:59:30 hci packet injection: enabled 2022/10/04 11:59:30 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/04 11:59:30 802.15.4 emulation: enabled 2022/10/04 11:59:30 fetching corpus: 0, signal 0/0 (executing program) 2022/10/04 11:59:31 starting 8 fuzzer processes 11:59:31 executing program 0: r0 = getpid() r1 = geteuid() msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3, 0xee00, 0xffffffffffffffff, r1, 0x0, 0x21, 0x5}, 0x0, 0x0, 0x1000, 0x9, 0x1, 0x9a46, 0x7, 0xdb6, 0x3, 0x6, r0, r0}) getresuid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)=0x0) r3 = getpgrp(r0) msgctl$IPC_SET(0xffffffffffffffff, 0x1, &(0x7f0000000140)={{0x2, r2, 0x0, r1, 0x0, 0xc, 0x7}, 0x0, 0x0, 0x1ff, 0x5, 0x100000000, 0x48, 0x8, 0x5b83, 0x8, 0x9, r0, r3}) r4 = getpgrp(r0) syz_open_procfs$namespace(r4, &(0x7f00000001c0)='ns/pid\x00') read$rfkill(0xffffffffffffffff, &(0x7f0000000200), 0x8) r5 = getpgrp(r3) r6 = syz_open_procfs$namespace(r5, &(0x7f0000000240)='ns/cgroup\x00') r7 = fsmount(0xffffffffffffffff, 0x1, 0x0) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x84, 0x0, 0x10, 0x70bd2a, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r3}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r7}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r6}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000000}, 0x44000) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f0000000400)={0x0, 0x0}) ptrace$getregs(0xe, r8, 0x5, &(0x7f0000000480)=""/35) get_robust_list(r5, &(0x7f0000000600)=&(0x7f00000005c0)={&(0x7f0000000500)={&(0x7f00000004c0)}, 0x0, &(0x7f0000000580)={&(0x7f0000000540)}}, &(0x7f0000000640)=0x18) r9 = socket(0x78f7ecb28dc846ee, 0x5, 0x4) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r9, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x1c, 0x0, 0x20, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1fc}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000810}, 0x24004009) msgctl$MSG_INFO(0xffffffffffffffff, 0xc, &(0x7f0000000780)=""/69) getpgrp(r4) 11:59:31 executing program 2: sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x8, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xce}], @NL80211_ATTR_DURATION={0x8}, @NL80211_ATTR_DURATION={0x8, 0x57, 0xffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44840}, 0x40000) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0x0, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vcan0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000240), r0) sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x54, r1, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private=0xa010101}, @NLBL_UNLABEL_A_SECCTX={0x25, 0x7, 'system_u:object_r:dbusd_etc_t:s0\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x4000004) sendmsg$NLBL_UNLABEL_C_ACCEPT(r0, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, 0x0, 0x800, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICLIST(r2, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x2c, r1, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @broadcast}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000000}, 0x4000000) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000580), r3) sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000005c0), 0xc, &(0x7f00000006c0)={&(0x7f0000000600)={0xa8, 0x0, 0x8, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x3}, @NL80211_ATTR_AUTH_TYPE={0x8}, @key_params=[@NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x5}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "bab0fa5a3a"}, @NL80211_ATTR_KEY={0x2c, 0x50, 0x0, 0x1, [@NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "ee94a94d00"}, @NL80211_KEY_TYPE={0x8}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "7fa553613e"}]}], @key_params=[@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "17295c7a68f6bc95858d6beb66"}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x4}], @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20004800}, 0x40) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_LIST(r4, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x44, r1, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:crack_exec_t:s0\x00'}]}, 0x44}}, 0x891) setgroups(0x2, &(0x7f0000000880)=[0xffffffffffffffff, 0xee00]) r5 = syz_genetlink_get_family_id$nbd(&(0x7f0000000900), r0) sendmsg$NBD_CMD_CONNECT(r3, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x20, r5, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x9}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x40010) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x3c, 0x0, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x9}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x4000010) r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000b40), r3) sendmsg$NLBL_UNLABEL_C_LIST(r3, &(0x7f0000000c00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x28, r6, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x0) 11:59:31 executing program 1: ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x6) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffffffffff8, 0xffffffffffffffe0, 0x0, 0x0, 0x1, 0x10, "46cc6dd4f6053b8aebaf83713e105931fdcfdfd8f85a1b60661361b155ea0d7a8e1e5cf2974118436684a0e28f3116a044ffe006102662c662ba053826b415d8", "145c920a62c1125a21b280182b1a9703722eac7980cbd68fd9b11f0c9249e7d733eb4fc3a5baf37bea79a0489590867481186125a0b4d6c98da0de1550cd0f4c", "4da2a21e82043bc3a83049638c455e841f286bcaacd4a323b5b9a3386145de99", [0x1, 0x80]}) r0 = syz_open_dev$loop(&(0x7f0000000100), 0x100, 0x111000) r1 = syz_open_dev$loop(&(0x7f0000000140), 0xffffffff, 0x80000) write$rfkill(0xffffffffffffffff, &(0x7f0000000180)={0x41f2, 0x4, 0x1, 0x1, 0x1}, 0x8) r2 = syz_open_dev$loop(&(0x7f00000001c0), 0xd5d, 0x800) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) r3 = syz_open_dev$loop(&(0x7f0000000200), 0x6, 0x84480) ioctl$LOOP_GET_STATUS64(r3, 0x4c05, &(0x7f0000000240)) read$rfkill(0xffffffffffffffff, &(0x7f0000000340), 0x8) r4 = memfd_secret(0x0) r5 = fsmount(0xffffffffffffffff, 0x0, 0x8) ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r5) ioctl$RTC_SET_TIME(r4, 0x4024700a, &(0x7f0000000380)={0x2f, 0x1a, 0x10, 0x1, 0x4, 0x0, 0x4, 0xb, 0xffffffffffffffff}) r6 = fsopen(&(0x7f00000003c0)='jffs2\x00', 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r6, 0x4, &(0x7f0000000400)='/dev/loop#\x00', &(0x7f0000000440)='./file0\x00', r5) r7 = memfd_secret(0x80000) fsmount(r7, 0x1, 0x78) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r1) ioctl$LOOP_GET_STATUS(r4, 0x4c03, &(0x7f0000000480)) [ 56.746446] audit: type=1400 audit(1664884771.257:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:59:31 executing program 3: shmctl$SHM_INFO(0xffffffffffffffff, 0xe, &(0x7f0000000000)=""/181) shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000000c0)=""/44) shmctl$SHM_STAT_ANY(0xffffffffffffffff, 0xf, &(0x7f0000000100)=""/130) shmget$private(0x0, 0x2000, 0x200, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x4000) r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) r2 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffb000/0x4000)=nil) r3 = shmat(r2, &(0x7f0000ffb000/0x1000)=nil, 0x3000) shmctl$SHM_INFO(r1, 0xe, &(0x7f00000001c0)=""/58) clock_gettime(0x1, &(0x7f0000000200)) shmdt(r3) shmat(r0, &(0x7f0000ffa000/0x2000)=nil, 0x0) r4 = shmget$private(0x0, 0x4000, 0x100, &(0x7f0000ffa000/0x4000)=nil) r5 = getgid() r6 = getpid() shmctl$IPC_SET(r4, 0x1, &(0x7f0000000240)={{0x0, 0xee00, 0xffffffffffffffff, 0xee00, r5, 0x2c, 0x5}, 0x7f, 0x1ff, 0x1f, 0xe23, 0x0, r6, 0x8}) setgroups(0x1, &(0x7f00000002c0)=[0xee01]) 11:59:31 executing program 4: write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @write_eir={{0xc52, 0xf1}, {0x5, "14563181d240f40c7d94403dcc92997a435b9fe9b659705e70bee6c5b91e61b9b8e5badf846493f7c2ccf76bfa984b6841e7bad6a338acec234159d6c6a7fea2dd22a5475ea36fe7df11278e83870b1f9aa346f268c2f1b18e6d633980a17dd4ac1e3d1c10d60e2a34164e844a1762bd73e5ac260f202de6ff77f04681c2a014ef8eda609c279902556b12d0875a1294e44a03ccfec935d0dba22e335ef55e8296cc9886881ff10447642cfd5f0bd9beafee7b1d19fb01a0ae564dfd02d5c6f3e069c3ce5c6e0edaca9ce0c9308b16be48c39446efc918393e6a8a38c7c0ac2d133d3c803cbed44b69f169bd398a4026"}}}, 0xf5) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40001}, 0x4000) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, r1, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x3}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x1ff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2004c841}, 0x14) r2 = fsmount(0xffffffffffffffff, 0x0, 0x88) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r2, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x3c, 0x0, 0x4, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x0, 0x1c}}}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x810) sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0xa0, 0x0, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x9}]}, @NL80211_ATTR_CQM={0x40, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x200}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x21}, @NL80211_ATTR_CQM_RSSI_THOLD={0x2c, 0x1, [0x3, 0x3, 0x2, 0xfffffa49, 0x16a2, 0x1, 0xcf, 0x0, 0x6, 0x8]}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_LEVEL={0x8}]}, @NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0xf}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x9bb}]}, @NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x3}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x495}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x1}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x2400c851}, 0x4) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x14001800}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x3c, r1, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xffffffff}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x140f4e38}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x90) sendmsg$NL80211_CMD_AUTHENTICATE(r2, &(0x7f0000000800)={&(0x7f0000000700), 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x74, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0xff, 0x80}}}}, [@key_params=[@NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "48c1841be64367b76498454cfa"}], @NL80211_ATTR_SSID={0x23, 0x34, @random="fd16accddd9023fc9cb5c154bab0c5de103e2a363167a3c3837ddcbc107c1b"}, @NL80211_ATTR_SSID={0x9, 0x34, @random="81764bb306"}]}, 0x74}, 0x1, 0x0, 0x0, 0x40004}, 0x4800) msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000840)=""/6) setsockopt$bt_hci_HCI_FILTER(r2, 0x0, 0x2, &(0x7f0000000880)={0x7, [0x8, 0x4], 0x3}, 0x10) r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000008c0), 0x6801) ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000900)={{0x3, 0x1, 0xffff, 0x3, 0x7fff}}) getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, &(0x7f0000000940), &(0x7f0000000980)=0x10) sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000c80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000a00)={0x23c, 0x0, 0x20, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x5a}, @void, @void}}, [@NL80211_ATTR_VENDOR_DATA={0x6b, 0xc5, "13a0ddc4be1cd185d09c85862769de7c6e791347b00a99cc96206fbf544b10a82120514637ce0e88d8c84275d62232d3b490f63c44901977f9e78c95a93557eb5b725cdf207af697d94ee292d96240f3b923bd5ac04b38408b02a5eec3a9a9b582a41bca2d5130"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x200000}, @NL80211_ATTR_VENDOR_DATA={0xc2, 0xc5, "daf19ecf0da7063873ed20b5a9ffc8731b57743cd4ad1e5f4b6161301edb5448bcf4deb95011f0328b9f483da15fdd4d90f045a4e1322ccfec0d94a2968de2e84469603aaf9c2a594b2a1c096f676a3f1a20848d56772673347eeee3da3f5d4596699108aca00b5a3928105ed9f0678f4012fb37b1808b267088ee5f4061fe03a9de4bdd0cc2335f571ad18502ea9765034d4f223d7f0b3fa1190cbf8b0e7b6c7264acd407fc8acd7f214ef8dbbdc574b29631853c418bc2b3c1595056d8"}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x4}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x4}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x9}, @NL80211_ATTR_VENDOR_DATA={0x37, 0xc5, "e0fa07bd5e4f3de727dfd3e22db2c421928936484eed58e03511bf455f77d65fcb8f0c616e398237945619221f1071be204fb1"}, @NL80211_ATTR_VENDOR_DATA={0x97, 0xc5, "0f287d8327f413cc489d3f8cf6315d1e6cb547955407713ce897db4a8957e539de0cb5877f09f644525c699041b245c1e644b141a48ec9d4b7370af0bd848b81c5a6ded98fde8841e296a8b95655bfc56e6ac1afa45f2cf051a90bc81e7cc5100e2f165cfd50c2dd615cbb10104dd38610d80a483a86c5a6364782df10315722c803136291415b6838384c838d1cc149c7477b"}]}, 0x23c}, 0x1, 0x0, 0x0, 0x4000090}, 0x40000) sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f0000000e40)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000e00)={&(0x7f0000000d00)={0xcc, 0x0, 0x200, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x76}}}}, [@NL80211_ATTR_CQM={0x4}, @NL80211_ATTR_CQM={0x1c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x378}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x48}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x8001}]}, @NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x4}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x8001}]}, @NL80211_ATTR_CQM={0x34, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x80000000}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x24}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x90b}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x193}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x12}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x2}]}, @NL80211_ATTR_CQM={0x3c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x2]}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x7ff}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x7fff]}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x100}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0xffffff80}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x400}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0xffff}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x90}, 0x8c0) syz_genetlink_get_family_id$batadv(&(0x7f0000000e80), r2) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000ec0)={0x1, 0x5, "29c0d0", 0x2, 0x1}) 11:59:31 executing program 7: sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x4}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x4c000) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x20, 0x0, 0x8, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x10001, 0x1e}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x800) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, 0x0, 0x8, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x3}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}]}, 0x28}}, 0x2400c8d0) sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x80000001}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x34, 0x0, 0x4, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xfffffc00}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x401}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1f}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000080}, 0x40c0010) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000600)={&(0x7f0000000540)={0x98, 0x0, 0x400, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_IE={0x2e, 0x2a, [@erp={0x2a, 0x1, {0x1, 0x1, 0x1}}, @prep={0x83, 0x25, @ext={{}, 0x2, 0x60, @broadcast, 0x1, @broadcast, 0x9, 0x100, @device_a, 0xb8f}}]}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_SSID={0xf, 0x34, @random="cec9e05ccfe0b079373bfe"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x98}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x60, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'batadv_slave_1\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_virt_wifi\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'erspan0\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x10) syz_genetlink_get_family_id$l2tp(&(0x7f00000007c0), r0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000840), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x1c, r2, 0x408, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4800) r3 = fsmount(0xffffffffffffffff, 0x1, 0x1) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r3, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x48, 0x0, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1f0d8000}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x4}, @BATADV_ATTR_ISOLATION_MARK={0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x20040081) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000a80)={'wlan0\x00'}) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_ACCEPT(r4, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x800408}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x28, r2, 0x10, 0x70bd25, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}]}, 0x28}, 0x1, 0x0, 0x0, 0x801}, 0x1000) r5 = socket(0x2a, 0x800, 0xffffee3c) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), r0) sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r5, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x20, r6, 0x800, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x65}}}}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x5090}, 0x10) 11:59:31 executing program 5: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x81}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x10040) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, r0, 0x20, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x4e}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3f}]}, 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x4000800) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x0, 0x2, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000804}, 0x40040) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x2c, r2, 0x0, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3f}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x4}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x4000040) r3 = socket(0x10, 0x6, 0x5) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000500), r1) sendmsg$BATADV_CMD_SET_VLAN(r3, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x34, r4, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x11}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x400c005}, 0x40000f0) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000640), r3) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r3, &(0x7f0000000740)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x64, r5, 0x630, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x9}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x800}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7fffffff}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xfff}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x64}, 0x1, 0x0, 0x0, 0x8010}, 0x24000110) sendmsg$NL80211_CMD_DEAUTHENTICATE(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x1c, 0x0, 0x2, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x801) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f00000009c0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x7c, 0x0, 0x100, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xcc9d}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x114297bd}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x1}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x7}]}, 0x7c}, 0x1, 0x0, 0x0, 0x80}, 0x4041814) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000a40)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000000b40)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0xa0090c20}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)={0x4c, r4, 0x300, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3ff}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x100}, @BATADV_ATTR_GW_SEL_CLASS={0x8}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xfab}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x4c}}, 0x1) r8 = fsmount(0xffffffffffffffff, 0x1, 0x74) ioctl$SNDRV_TIMER_IOCTL_SELECT(r8, 0x40345410, &(0x7f0000000b80)={{0x1, 0x3, 0x9, 0x3, 0x4}}) fsmount(0xffffffffffffffff, 0x1, 0x80) 11:59:31 executing program 6: r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000080)={0x0, 0x0}) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xac, r0, 0x8, 0x70bd27, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x2}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0xac}, 0x1, 0x0, 0x0, 0x54}, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000240)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(0xffffffffffffffff, 0x40082102, &(0x7f00000002c0)=r2) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000300)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000380)={r3, 0x1, 0xffffffff}) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, 0x0, 0x2, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7f}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}]}, 0x34}}, 0x4004001) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000004c0)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(0xffffffffffffffff, 0x40082102, &(0x7f0000000540)=r4) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40002000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x4c, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xffffffff}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x398}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xc991}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xfffffffe}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x80) r5 = fsmount(0xffffffffffffffff, 0x1, 0x80) sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x54, 0x0, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x9}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x11d}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x9}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x1) ioctl$LOOP_GET_STATUS(r5, 0x4c03, &(0x7f0000000800)) sendmsg$BATADV_CMD_GET_MESH(r5, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x24, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7ff}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000a00), r5) sendmsg$BATADV_CMD_TP_METER(r5, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x24, r6, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x8810}, 0xc085) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000000b40), 0xffffffffffffffff) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f0000000c00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x38, r8, 0xf08, 0x70bd2b, 0x25dfdbfd, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x67}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x400}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x1) [ 58.061007] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.063320] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.065366] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.067917] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.069361] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 58.070233] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 58.073971] Bluetooth: hci0: HCI_REQ-0x0c1a [ 58.139058] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 58.140469] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 58.142261] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 58.143850] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 58.145206] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 58.146172] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 58.147019] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 58.148061] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 58.149037] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 58.149875] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 58.150836] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 58.151570] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 58.152503] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 58.159881] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 58.161253] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 58.162222] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 58.163003] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 58.164459] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 58.165334] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 58.166017] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 58.166693] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 58.167438] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 58.169184] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 58.169891] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 58.170548] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 58.176958] Bluetooth: hci5: HCI_REQ-0x0c1a [ 58.178103] Bluetooth: hci1: HCI_REQ-0x0c1a [ 58.178816] Bluetooth: hci7: HCI_REQ-0x0c1a [ 58.182446] Bluetooth: hci3: HCI_REQ-0x0c1a [ 58.212021] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 58.214244] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 58.216052] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 58.216336] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 58.218224] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 58.218386] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 58.220513] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 58.222131] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 58.223513] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 58.223680] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 58.225340] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 58.229407] Bluetooth: hci6: HCI_REQ-0x0c1a [ 58.230216] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 58.231374] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 58.232440] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 58.237678] Bluetooth: hci2: HCI_REQ-0x0c1a [ 58.257511] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 58.262963] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 58.265903] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 58.283162] Bluetooth: hci4: HCI_REQ-0x0c1a [ 60.083352] Bluetooth: hci0: command 0x0409 tx timeout [ 60.209863] Bluetooth: hci3: command 0x0409 tx timeout [ 60.211481] Bluetooth: hci1: command 0x0409 tx timeout [ 60.211522] Bluetooth: hci5: command 0x0409 tx timeout [ 60.212659] Bluetooth: hci7: command 0x0409 tx timeout [ 60.273870] Bluetooth: hci2: command 0x0409 tx timeout [ 60.274695] Bluetooth: hci6: command 0x0409 tx timeout [ 60.337963] Bluetooth: hci4: command 0x0409 tx timeout [ 62.130928] Bluetooth: hci0: command 0x041b tx timeout [ 62.258011] Bluetooth: hci7: command 0x041b tx timeout [ 62.258648] Bluetooth: hci3: command 0x041b tx timeout [ 62.259359] Bluetooth: hci5: command 0x041b tx timeout [ 62.259910] Bluetooth: hci1: command 0x041b tx timeout [ 62.321886] Bluetooth: hci6: command 0x041b tx timeout [ 62.322442] Bluetooth: hci2: command 0x041b tx timeout [ 62.385796] Bluetooth: hci4: command 0x041b tx timeout [ 64.177777] Bluetooth: hci0: command 0x040f tx timeout [ 64.305823] Bluetooth: hci1: command 0x040f tx timeout [ 64.306435] Bluetooth: hci5: command 0x040f tx timeout [ 64.307247] Bluetooth: hci3: command 0x040f tx timeout [ 64.307778] Bluetooth: hci7: command 0x040f tx timeout [ 64.369909] Bluetooth: hci2: command 0x040f tx timeout [ 64.370504] Bluetooth: hci6: command 0x040f tx timeout [ 64.434454] Bluetooth: hci4: command 0x040f tx timeout [ 66.225842] Bluetooth: hci0: command 0x0419 tx timeout [ 66.353895] Bluetooth: hci7: command 0x0419 tx timeout [ 66.354479] Bluetooth: hci3: command 0x0419 tx timeout [ 66.355015] Bluetooth: hci5: command 0x0419 tx timeout [ 66.355643] Bluetooth: hci1: command 0x0419 tx timeout [ 66.417782] Bluetooth: hci6: command 0x0419 tx timeout [ 66.417800] Bluetooth: hci2: command 0x0419 tx timeout [ 66.481787] Bluetooth: hci4: command 0x0419 tx timeout [ 119.974510] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 119.977109] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 119.978398] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 119.978905] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 119.981508] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 119.981624] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 119.983795] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 119.985118] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 119.989892] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 119.991584] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 119.994619] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 119.996172] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 119.997217] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 119.999981] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 120.001092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 120.002344] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 120.023572] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 120.025441] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 120.027538] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 120.028007] Bluetooth: hci1: HCI_REQ-0x0c1a [ 120.029103] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 120.030898] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 120.031147] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 120.035695] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 120.035811] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 120.042469] Bluetooth: hci0: HCI_REQ-0x0c1a [ 120.043403] Bluetooth: hci3: HCI_REQ-0x0c1a [ 120.044103] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 120.053668] Bluetooth: hci2: HCI_REQ-0x0c1a [ 120.054310] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 120.056319] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 120.057460] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 120.058096] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 120.060175] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 120.062147] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 120.066562] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 120.067694] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 120.068109] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 120.074528] Bluetooth: hci7: HCI_REQ-0x0c1a [ 120.075493] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 120.077323] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 120.084553] Bluetooth: hci5: HCI_REQ-0x0c1a [ 120.099565] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 120.102676] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 120.127196] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 120.130670] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 120.133208] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 120.134942] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 120.147814] Bluetooth: hci6: HCI_REQ-0x0c1a [ 122.033849] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 122.036119] Bluetooth: hci1: command 0x0409 tx timeout [ 122.097933] Bluetooth: hci2: command 0x0409 tx timeout [ 122.099150] Bluetooth: hci0: command 0x0409 tx timeout [ 122.100115] Bluetooth: hci5: command 0x0409 tx timeout [ 122.101105] Bluetooth: hci7: command 0x0409 tx timeout [ 122.102092] Bluetooth: hci3: command 0x0409 tx timeout [ 122.162186] Bluetooth: hci6: command 0x0409 tx timeout [ 124.081774] Bluetooth: hci1: command 0x041b tx timeout [ 124.145816] Bluetooth: hci3: command 0x041b tx timeout [ 124.146280] Bluetooth: hci7: command 0x041b tx timeout [ 124.146701] Bluetooth: hci5: command 0x041b tx timeout [ 124.147167] Bluetooth: hci0: command 0x041b tx timeout [ 124.147584] Bluetooth: hci2: command 0x041b tx timeout [ 124.209857] Bluetooth: hci6: command 0x041b tx timeout [ 126.129833] Bluetooth: hci1: command 0x040f tx timeout [ 126.193916] Bluetooth: hci2: command 0x040f tx timeout [ 126.194082] Bluetooth: hci0: command 0x040f tx timeout [ 126.194648] Bluetooth: hci5: command 0x040f tx timeout [ 126.195417] Bluetooth: hci7: command 0x040f tx timeout [ 126.195445] Bluetooth: hci3: command 0x040f tx timeout [ 126.257801] Bluetooth: hci6: command 0x040f tx timeout [ 126.513786] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 128.177823] Bluetooth: hci1: command 0x0419 tx timeout [ 128.241881] Bluetooth: hci5: command 0x0419 tx timeout [ 128.243044] Bluetooth: hci3: command 0x0419 tx timeout [ 128.243581] Bluetooth: hci7: command 0x0419 tx timeout [ 128.244143] Bluetooth: hci0: command 0x0419 tx timeout [ 128.244680] Bluetooth: hci2: command 0x0419 tx timeout [ 128.305804] Bluetooth: hci6: command 0x0419 tx timeout [ 129.058525] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 129.066866] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 129.077194] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 129.089965] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 129.093983] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 129.096408] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 129.102825] Bluetooth: hci4: HCI_REQ-0x0c1a [ 131.121916] Bluetooth: hci4: command 0x0409 tx timeout [ 133.169839] Bluetooth: hci4: command 0x041b tx timeout [ 135.217795] Bluetooth: hci4: command 0x040f tx timeout [ 137.265903] Bluetooth: hci4: command 0x0419 tx timeout 12:01:30 executing program 3: shmctl$SHM_INFO(0xffffffffffffffff, 0xe, &(0x7f0000000000)=""/181) shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000000c0)=""/44) shmctl$SHM_STAT_ANY(0xffffffffffffffff, 0xf, &(0x7f0000000100)=""/130) shmget$private(0x0, 0x2000, 0x200, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x4000) r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) r2 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffb000/0x4000)=nil) r3 = shmat(r2, &(0x7f0000ffb000/0x1000)=nil, 0x3000) shmctl$SHM_INFO(r1, 0xe, &(0x7f00000001c0)=""/58) clock_gettime(0x1, &(0x7f0000000200)) shmdt(r3) shmat(r0, &(0x7f0000ffa000/0x2000)=nil, 0x0) r4 = shmget$private(0x0, 0x4000, 0x100, &(0x7f0000ffa000/0x4000)=nil) r5 = getgid() r6 = getpid() shmctl$IPC_SET(r4, 0x1, &(0x7f0000000240)={{0x0, 0xee00, 0xffffffffffffffff, 0xee00, r5, 0x2c, 0x5}, 0x7f, 0x1ff, 0x1f, 0xe23, 0x0, r6, 0x8}) setgroups(0x1, &(0x7f00000002c0)=[0xee01]) 12:01:30 executing program 3: shmctl$SHM_INFO(0xffffffffffffffff, 0xe, &(0x7f0000000000)=""/181) shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000000c0)=""/44) shmctl$SHM_STAT_ANY(0xffffffffffffffff, 0xf, &(0x7f0000000100)=""/130) shmget$private(0x0, 0x2000, 0x200, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x4000) r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) r2 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffb000/0x4000)=nil) r3 = shmat(r2, &(0x7f0000ffb000/0x1000)=nil, 0x3000) shmctl$SHM_INFO(r1, 0xe, &(0x7f00000001c0)=""/58) clock_gettime(0x1, &(0x7f0000000200)) shmdt(r3) shmat(r0, &(0x7f0000ffa000/0x2000)=nil, 0x0) r4 = shmget$private(0x0, 0x4000, 0x100, &(0x7f0000ffa000/0x4000)=nil) r5 = getgid() r6 = getpid() shmctl$IPC_SET(r4, 0x1, &(0x7f0000000240)={{0x0, 0xee00, 0xffffffffffffffff, 0xee00, r5, 0x2c, 0x5}, 0x7f, 0x1ff, 0x1f, 0xe23, 0x0, r6, 0x8}) setgroups(0x1, &(0x7f00000002c0)=[0xee01]) 12:01:30 executing program 3: shmctl$SHM_INFO(0xffffffffffffffff, 0xe, &(0x7f0000000000)=""/181) shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000000c0)=""/44) shmctl$SHM_STAT_ANY(0xffffffffffffffff, 0xf, &(0x7f0000000100)=""/130) shmget$private(0x0, 0x2000, 0x200, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x4000) r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) r2 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffb000/0x4000)=nil) r3 = shmat(r2, &(0x7f0000ffb000/0x1000)=nil, 0x3000) shmctl$SHM_INFO(r1, 0xe, &(0x7f00000001c0)=""/58) clock_gettime(0x1, &(0x7f0000000200)) shmdt(r3) shmat(r0, &(0x7f0000ffa000/0x2000)=nil, 0x0) r4 = shmget$private(0x0, 0x4000, 0x100, &(0x7f0000ffa000/0x4000)=nil) r5 = getgid() r6 = getpid() shmctl$IPC_SET(r4, 0x1, &(0x7f0000000240)={{0x0, 0xee00, 0xffffffffffffffff, 0xee00, r5, 0x2c, 0x5}, 0x7f, 0x1ff, 0x1f, 0xe23, 0x0, r6, 0x8}) setgroups(0x1, &(0x7f00000002c0)=[0xee01]) 12:01:30 executing program 3: shmctl$SHM_INFO(0xffffffffffffffff, 0xe, &(0x7f0000000000)=""/181) shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000000c0)=""/44) shmctl$SHM_STAT_ANY(0xffffffffffffffff, 0xf, &(0x7f0000000100)=""/130) shmget$private(0x0, 0x2000, 0x200, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x4000) r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) r2 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffb000/0x4000)=nil) r3 = shmat(r2, &(0x7f0000ffb000/0x1000)=nil, 0x3000) shmctl$SHM_INFO(r1, 0xe, &(0x7f00000001c0)=""/58) clock_gettime(0x1, &(0x7f0000000200)) shmdt(r3) shmat(r0, &(0x7f0000ffa000/0x2000)=nil, 0x0) shmget$private(0x0, 0x4000, 0x100, &(0x7f0000ffa000/0x4000)=nil) getgid() getpid() setgroups(0x1, &(0x7f00000002c0)=[0xee01]) 12:01:30 executing program 3: shmctl$SHM_INFO(0xffffffffffffffff, 0xe, &(0x7f0000000000)=""/181) shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000000c0)=""/44) shmctl$SHM_STAT_ANY(0xffffffffffffffff, 0xf, &(0x7f0000000100)=""/130) shmget$private(0x0, 0x2000, 0x200, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x4000) r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) r2 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffb000/0x4000)=nil) r3 = shmat(r2, &(0x7f0000ffb000/0x1000)=nil, 0x3000) shmctl$SHM_INFO(r1, 0xe, &(0x7f00000001c0)=""/58) clock_gettime(0x1, &(0x7f0000000200)) shmdt(r3) shmat(r0, &(0x7f0000ffa000/0x2000)=nil, 0x0) shmget$private(0x0, 0x4000, 0x100, &(0x7f0000ffa000/0x4000)=nil) getgid() setgroups(0x1, &(0x7f00000002c0)=[0xee01]) 12:01:30 executing program 3: shmctl$SHM_INFO(0xffffffffffffffff, 0xe, &(0x7f0000000000)=""/181) shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000000c0)=""/44) shmctl$SHM_STAT_ANY(0xffffffffffffffff, 0xf, &(0x7f0000000100)=""/130) shmget$private(0x0, 0x2000, 0x200, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x4000) r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) r2 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffb000/0x4000)=nil) r3 = shmat(r2, &(0x7f0000ffb000/0x1000)=nil, 0x3000) shmctl$SHM_INFO(r1, 0xe, &(0x7f00000001c0)=""/58) clock_gettime(0x1, &(0x7f0000000200)) shmdt(r3) shmat(r0, &(0x7f0000ffa000/0x2000)=nil, 0x0) shmget$private(0x0, 0x4000, 0x100, &(0x7f0000ffa000/0x4000)=nil) setgroups(0x1, &(0x7f00000002c0)=[0xee01]) 12:01:30 executing program 3: shmctl$SHM_INFO(0xffffffffffffffff, 0xe, &(0x7f0000000000)=""/181) shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000000c0)=""/44) shmctl$SHM_STAT_ANY(0xffffffffffffffff, 0xf, &(0x7f0000000100)=""/130) shmget$private(0x0, 0x2000, 0x200, &(0x7f0000ffe000/0x2000)=nil) r0 = shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x4000) r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) r2 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffb000/0x4000)=nil) r3 = shmat(r2, &(0x7f0000ffb000/0x1000)=nil, 0x3000) shmctl$SHM_INFO(r1, 0xe, &(0x7f00000001c0)=""/58) clock_gettime(0x1, &(0x7f0000000200)) shmdt(r3) shmat(r0, &(0x7f0000ffa000/0x2000)=nil, 0x0) setgroups(0x1, &(0x7f00000002c0)=[0xee01]) 12:01:31 executing program 3: shmctl$SHM_INFO(0xffffffffffffffff, 0xe, &(0x7f0000000000)=""/181) shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000000c0)=""/44) shmctl$SHM_STAT_ANY(0xffffffffffffffff, 0xf, &(0x7f0000000100)=""/130) shmget$private(0x0, 0x2000, 0x200, &(0x7f0000ffe000/0x2000)=nil) shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_RMID(0xffffffffffffffff, 0x0) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x4000) r0 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) r1 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffb000/0x4000)=nil) r2 = shmat(r1, &(0x7f0000ffb000/0x1000)=nil, 0x3000) shmctl$SHM_INFO(r0, 0xe, &(0x7f00000001c0)=""/58) clock_gettime(0x1, &(0x7f0000000200)) shmdt(r2) setgroups(0x1, &(0x7f00000002c0)=[0xee01]) [ 181.258371] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 181.262022] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 181.263502] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 181.269494] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 181.274538] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 181.276272] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 181.278304] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 181.283476] Bluetooth: hci1: HCI_REQ-0x0c1a [ 181.284572] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 181.292995] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 181.300000] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 181.308202] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 181.309618] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 181.315650] Bluetooth: hci3: HCI_REQ-0x0c1a [ 181.338859] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 181.340833] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 181.343860] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 181.352516] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 181.356113] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 181.357588] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 181.369805] Bluetooth: hci6: HCI_REQ-0x0c1a [ 183.281771] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 183.345807] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 183.345818] Bluetooth: hci3: command 0x0409 tx timeout [ 183.347322] Bluetooth: hci1: command 0x0409 tx timeout [ 183.409784] Bluetooth: hci6: command 0x0409 tx timeout [ 185.073751] INFO: task rcu_gp:3 blocked for more than 142 seconds. [ 185.074376] Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.075138] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 185.075764] task:rcu_gp state:I stack:30328 pid:3 ppid:2 flags:0x00004000 [ 185.076539] Call Trace: [ 185.076764] [ 185.076947] __schedule+0x893/0x2470 [ 185.077648] ? io_schedule_timeout+0x150/0x150 [ 185.078020] ? do_raw_spin_lock+0x121/0x260 [ 185.078370] ? rwlock_bug.part.0+0x90/0x90 [ 185.079049] schedule+0xda/0x1b0 [ 185.079323] rescuer_thread+0x851/0xdb0 [ 185.079644] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.080058] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.080449] ? lockdep_hardirqs_on+0x79/0x100 [ 185.080830] ? worker_thread+0x1260/0x1260 [ 185.081167] kthread+0x2ed/0x3a0 [ 185.081440] ? kthread_complete_and_exit+0x40/0x40 [ 185.081850] ret_from_fork+0x22/0x30 [ 185.082166] [ 185.082361] INFO: task rcu_par_gp:4 blocked for more than 143 seconds. [ 185.082873] Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.083286] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 185.083881] task:rcu_par_gp state:I stack:30944 pid:4 ppid:2 flags:0x00004000 [ 185.084514] Call Trace: [ 185.084731] [ 185.084911] __schedule+0x893/0x2470 [ 185.085207] ? io_schedule_timeout+0x150/0x150 [ 185.085557] ? do_raw_spin_lock+0x121/0x260 [ 185.085912] ? rwlock_bug.part.0+0x90/0x90 [ 185.086256] schedule+0xda/0x1b0 [ 185.086526] rescuer_thread+0x851/0xdb0 [ 185.086862] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.087256] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.087638] ? lockdep_hardirqs_on+0x79/0x100 [ 185.088014] ? worker_thread+0x1260/0x1260 [ 185.088346] kthread+0x2ed/0x3a0 [ 185.088609] ? kthread_complete_and_exit+0x40/0x40 [ 185.089009] ret_from_fork+0x22/0x30 [ 185.089316] [ 185.089499] INFO: task slub_flushwq:5 blocked for more than 143 seconds. [ 185.090018] Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.090445] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 185.091042] task:slub_flushwq state:I stack:30944 pid:5 ppid:2 flags:0x00004000 [ 185.091665] Call Trace: [ 185.091886] [ 185.092075] __schedule+0x893/0x2470 [ 185.092370] ? io_schedule_timeout+0x150/0x150 [ 185.092749] ? do_raw_spin_lock+0x121/0x260 [ 185.093091] ? rwlock_bug.part.0+0x90/0x90 [ 185.093429] schedule+0xda/0x1b0 [ 185.093725] rescuer_thread+0x851/0xdb0 [ 185.094042] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.094427] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.094837] ? lockdep_hardirqs_on+0x79/0x100 [ 185.095191] ? worker_thread+0x1260/0x1260 [ 185.095516] kthread+0x2ed/0x3a0 [ 185.095799] ? kthread_complete_and_exit+0x40/0x40 [ 185.096171] ret_from_fork+0x22/0x30 [ 185.096472] [ 185.096652] INFO: task netns:6 blocked for more than 143 seconds. [ 185.097137] Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.097543] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 185.098136] task:netns state:I stack:30944 pid:6 ppid:2 flags:0x00004000 [ 185.098798] Call Trace: [ 185.098997] [ 185.099176] __schedule+0x893/0x2470 [ 185.099472] ? io_schedule_timeout+0x150/0x150 [ 185.099858] ? do_raw_spin_lock+0x121/0x260 [ 185.100195] ? rwlock_bug.part.0+0x90/0x90 [ 185.100530] schedule+0xda/0x1b0 [ 185.100827] rescuer_thread+0x851/0xdb0 [ 185.101140] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.101524] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.101930] ? lockdep_hardirqs_on+0x79/0x100 [ 185.102296] ? worker_thread+0x1260/0x1260 [ 185.102627] kthread+0x2ed/0x3a0 [ 185.102923] ? kthread_complete_and_exit+0x40/0x40 [ 185.103309] ret_from_fork+0x22/0x30 [ 185.103615] [ 185.103814] INFO: task kworker/0:0H:8 blocked for more than 143 seconds. [ 185.104319] Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.104741] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 185.105317] task:kworker/0:0H state:I stack:29464 pid:8 ppid:2 flags:0x00004000 [ 185.105966] Workqueue: 0x0 (kblockd) [ 185.106278] Call Trace: [ 185.106476] [ 185.106657] __schedule+0x893/0x2470 [ 185.106988] ? io_schedule_timeout+0x150/0x150 [ 185.107355] schedule+0xda/0x1b0 [ 185.107629] worker_thread+0x15f/0x1260 [ 185.107979] ? process_one_work+0x16a0/0x16a0 [ 185.108343] kthread+0x2ed/0x3a0 [ 185.108612] ? kthread_complete_and_exit+0x40/0x40 [ 185.109020] ret_from_fork+0x22/0x30 [ 185.109333] [ 185.109525] INFO: task mm_percpu_wq:10 blocked for more than 143 seconds. [ 185.110060] Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.110480] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 185.111085] task:mm_percpu_wq state:I stack:30944 pid:10 ppid:2 flags:0x00004000 [ 185.111734] Call Trace: [ 185.111932] [ 185.112113] __schedule+0x893/0x2470 [ 185.112415] ? io_schedule_timeout+0x150/0x150 [ 185.112790] ? do_raw_spin_lock+0x121/0x260 [ 185.113129] ? rwlock_bug.part.0+0x90/0x90 [ 185.113468] schedule+0xda/0x1b0 [ 185.113761] rescuer_thread+0x851/0xdb0 [ 185.114074] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.114469] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.114884] ? lockdep_hardirqs_on+0x79/0x100 [ 185.115238] ? worker_thread+0x1260/0x1260 [ 185.115571] kthread+0x2ed/0x3a0 [ 185.115861] ? kthread_complete_and_exit+0x40/0x40 [ 185.116240] ret_from_fork+0x22/0x30 [ 185.116543] [ 185.116751] INFO: task rcu_tasks_kthre:11 blocked for more than 143 seconds. [ 185.117278] Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.117679] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 185.118287] task:rcu_tasks_kthre state:I stack:29272 pid:11 ppid:2 flags:0x00004000 [ 185.118930] Call Trace: [ 185.119131] [ 185.119315] __schedule+0x893/0x2470 [ 185.119616] ? io_schedule_timeout+0x150/0x150 [ 185.119993] ? mark_held_locks+0x9e/0xe0 [ 185.120317] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.120723] schedule+0xda/0x1b0 [ 185.120996] rcu_tasks_one_gp+0x3db/0xc10 [ 185.121341] rcu_tasks_kthread+0x80/0xa0 [ 185.121653] ? rcu_tasks_postscan+0x10/0x10 [ 185.122029] kthread+0x2ed/0x3a0 [ 185.122300] ? kthread_complete_and_exit+0x40/0x40 [ 185.122685] ret_from_fork+0x22/0x30 [ 185.123013] [ 185.123204] INFO: task kworker/1:0H:21 blocked for more than 143 seconds. [ 185.123727] Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.124129] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 185.124725] task:kworker/1:0H state:I stack:29760 pid:21 ppid:2 flags:0x00004000 [ 185.125350] Workqueue: 0x0 (events_highpri) [ 185.125692] Call Trace: [ 185.125906] [ 185.126089] __schedule+0x893/0x2470 [ 185.126404] ? io_schedule_timeout+0x150/0x150 [ 185.126791] schedule+0xda/0x1b0 [ 185.127060] worker_thread+0x15f/0x1260 [ 185.127381] ? process_one_work+0x16a0/0x16a0 [ 185.127752] kthread+0x2ed/0x3a0 [ 185.128018] ? kthread_complete_and_exit+0x40/0x40 [ 185.128402] ret_from_fork+0x22/0x30 [ 185.128729] [ 185.128916] INFO: task inet_frag_wq:23 blocked for more than 143 seconds. [ 185.129423] Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.129841] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 185.130424] task:inet_frag_wq state:I stack:30704 pid:23 ppid:2 flags:0x00004000 [ 185.131072] Call Trace: [ 185.131277] [ 185.131457] __schedule+0x893/0x2470 [ 185.131772] ? io_schedule_timeout+0x150/0x150 [ 185.132124] ? do_raw_spin_lock+0x121/0x260 [ 185.132460] ? rwlock_bug.part.0+0x90/0x90 [ 185.132818] schedule+0xda/0x1b0 [ 185.133090] rescuer_thread+0x851/0xdb0 [ 185.133401] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.133801] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.134195] ? lockdep_hardirqs_on+0x79/0x100 [ 185.134551] ? worker_thread+0x1260/0x1260 [ 185.134904] kthread+0x2ed/0x3a0 [ 185.135173] ? kthread_complete_and_exit+0x40/0x40 [ 185.135549] ret_from_fork+0x22/0x30 [ 185.135871] [ 185.136057] INFO: task writeback:28 blocked for more than 143 seconds. [ 185.136548] Not tainted 6.0.0-rc7-next-20220930 #1 [ 185.136966] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 185.137546] task:writeback state:I stack:30176 pid:28 ppid:2 flags:0x00004000 [ 185.138212] Call Trace: [ 185.138416] [ 185.138599] __schedule+0x893/0x2470 [ 185.138923] ? io_schedule_timeout+0x150/0x150 [ 185.139278] ? do_raw_spin_lock+0x121/0x260 [ 185.139613] ? rwlock_bug.part.0+0x90/0x90 [ 185.139965] schedule+0xda/0x1b0 [ 185.140235] rescuer_thread+0x851/0xdb0 [ 185.140551] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.140959] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 185.141349] ? lockdep_hardirqs_on+0x79/0x100 [ 185.141718] ? worker_thread+0x1260/0x1260 [ 185.142055] kthread+0x2ed/0x3a0 [ 185.142332] ? kthread_complete_and_exit+0x40/0x40 [ 185.142733] ret_from_fork+0x22/0x30 [ 185.143036] [ 185.143277] [ 185.143277] Showing all locks held in the system: [ 185.143773] 2 locks held by kworker/u4:0/9: [ 185.144099] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 185.144913] #1: ffff88800861fdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 185.145759] 1 lock held by rcu_tasks_kthre/11: [ 185.146113] #0: ffffffff85406850 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc10 [ 185.146895] 1 lock held by khungtaskd/25: [ 185.147214] #0: ffffffff85407320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 185.147939] 2 locks held by kworker/u4:3/47: [ 185.148273] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 185.149089] #1: ffff88800f7b7db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 185.149929] 1 lock held by in:imklog/193: [ 185.150258] 2 locks held by kworker/u4:5/332: [ 185.150597] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 185.151401] #1: ffff888036a2fdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 185.152239] 1 lock held by modprobe/7643: [ 185.152552] 1 lock held by modprobe/7644: [ 185.152879] 1 lock held by modprobe/7646: [ 185.153195] [ 185.153330] ============================================= [ 185.153330] [ 185.394241] Bluetooth: hci1: command 0x041b tx timeout [ 185.394426] Bluetooth: hci3: command 0x041b tx timeout [ 185.457788] Bluetooth: hci6: command 0x041b tx timeout [ 187.441786] Bluetooth: hci1: command 0x040f tx timeout [ 187.443213] Bluetooth: hci3: command 0x040f tx timeout [ 187.506758] Bluetooth: hci6: command 0x040f tx timeout [ 187.569816] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 187.634770] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 189.489902] Bluetooth: hci3: command 0x0419 tx timeout [ 189.490577] Bluetooth: hci1: command 0x0419 tx timeout [ 189.553804] Bluetooth: hci6: command 0x0419 tx timeout [ 189.949173] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 189.951090] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 189.953347] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 189.962746] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 189.963640] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 189.966158] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 189.968945] Bluetooth: hci7: HCI_REQ-0x0c1a [ 191.858779] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 191.985804] Bluetooth: hci7: command 0x0409 tx timeout [ 194.034841] Bluetooth: hci7: command 0x041b tx timeout [ 194.122426] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 194.125007] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 194.125679] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 194.127962] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 194.129410] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 194.130091] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 194.141625] Bluetooth: hci5: HCI_REQ-0x0c1a VM DIAGNOSIS: 12:01:39 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=ffffffff8181fc26 RCX=0000000000000000 RDX=1ffff1100307de65 RSI=ffff8880183efbd0 RDI=ffffffff8181fc26 RBP=ffffffff8181fc26 RSP=ffff8880183ef288 R8 =ffffffff85eef85e R9 =ffffffff85eef862 R10=ffffed100307de67 R11=ffff8880183ef310 R12=ffff8880183ef398 R13=0000000000000000 R14=ffff88800ff19ac0 R15=ffff8880154f5080 RIP=ffffffff811d5f23 RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa20d393900 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffd87274fe0 CR3=000000000efb8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM01=0000000000000000 0000000000000000 3030623438613630 3638616663356134 YMM02=0000000000000000 0000000000000000 3830306234386136 3036386166633561 YMM03=0000000000000000 0000000000000000 2f6c616e72756f6a 2f676f6c2f6e7572 YMM04=0000000000000000 0000000000000000 9671d59936f4ea8d 0000000000141158 YMM05=0000000000000000 0000000000000000 d3fdd5f48436fbd7 00000000000aead0 YMM06=0000000000000000 0000000000000000 a5c35cebc7402924 00000000000ae988 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 44495f474f4c5359 530069253d595449 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0020000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88800902f898 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000030 R11=0000000000000001 R12=0000000000000030 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f91249b3610 CR3=000000002d91a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00362e6f732e6362 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 ffff0000000000ff ffffffffffffffff YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000