Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:54401' (ECDSA) to the list of known hosts. 2023/08/17 19:57:47 fuzzer started 2023/08/17 19:57:47 dialing manager at localhost:38129 syzkaller login: [ 94.183205] cgroup: Unknown subsys name 'net' [ 94.376042] cgroup: Unknown subsys name 'rlimit' [ 105.750059] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2023/08/17 19:58:00 syscalls: 200 2023/08/17 19:58:00 code coverage: enabled 2023/08/17 19:58:00 comparison tracing: enabled 2023/08/17 19:58:00 extra coverage: enabled 2023/08/17 19:58:00 setuid sandbox: enabled 2023/08/17 19:58:00 namespace sandbox: enabled 2023/08/17 19:58:00 Android sandbox: enabled 2023/08/17 19:58:00 fault injection: enabled 2023/08/17 19:58:00 leak checking: enabled 2023/08/17 19:58:00 net packet injection: enabled 2023/08/17 19:58:00 net device setup: enabled 2023/08/17 19:58:00 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/08/17 19:58:00 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/08/17 19:58:00 USB emulation: enabled 2023/08/17 19:58:00 hci packet injection: enabled 2023/08/17 19:58:00 wifi device emulation: enabled 2023/08/17 19:58:00 802.15.4 emulation: enabled 2023/08/17 19:58:00 fetching corpus: 0, signal 0/0 (executing program) 2023/08/17 19:58:02 starting 8 fuzzer processes 19:58:02 executing program 0: sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x68, 0x0, 0x300, 0x70bd29, 0x25dfdbfb, {{}, {}, {0x4c, 0x18, {0x3, @media='eth\x00'}}}, ["", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x8010) r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r0, 0x800, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004c16}, 0x1) socketpair(0x10, 0xa, 0x9, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$TIPC_CMD_GET_NETID(r1, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x0, 0x200, 0x70bd2a, 0x25dfdbff, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004}, 0xc004) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) sendmsg$IPVS_CMD_SET_CONFIG(r2, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000440)={0x100, 0x0, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x60, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x4}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0xe}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xfa}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7}]}, @IPVS_CMD_ATTR_DAEMON={0x40, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x3}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xfe}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xf7f7}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7fffffff}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}]}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x80}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'dummy0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @private=0xa010100}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3780bd8d}]}, 0x100}, 0x1, 0x0, 0x0, 0x1}, 0x80000) sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x58, r0, 0x132, 0x70bd29, 0x25dfdbfe, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_DOMAIN={0xb, 0x1, 'dummy0\x00'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @dev={0xfe, 0x80, '\x00', 0x1c}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000004}, 0x4001) r3 = openat$cgroup_ro(r2, &(0x7f0000000700)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000780)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r3, &(0x7f00000008c0)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000880)={&(0x7f00000007c0)={0x9c, 0x0, 0x2, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x4, 0x24}}, @NL80211_ATTR_MESH_CONFIG={0x54, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0x2}, @NL80211_MESHCONF_TTL={0x5, 0x6, 0x81}, @NL80211_MESHCONF_AWAKE_WINDOW={0x6, 0x1b, 0x6}, @NL80211_MESHCONF_TTL={0x5, 0x6, 0x81}, @NL80211_MESHCONF_RETRY_TIMEOUT={0x6, 0x1, 0x95}, @NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT={0x8}, @NL80211_MESHCONF_MAX_RETRIES={0x5, 0x5, 0x1}, @NL80211_MESHCONF_RSSI_THRESHOLD={0x8, 0x14, 0xffffffffffffff03}, @NL80211_MESHCONF_FORWARDING={0x5}, @NL80211_MESHCONF_HWMP_RANN_INTERVAL={0x6, 0x10, 0x7fff}]}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x9, 0x5f}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x60}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x800, 0x2}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20840}, 0x4008004) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_REMOVEDEF(r5, &(0x7f0000000a40)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000a00)={&(0x7f0000000940)={0x88, r0, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xa}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @loopback}, @NLBL_MGMT_A_DOMAIN={0x7, 0x1, '\\-\x00'}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x1}, @NLBL_MGMT_A_DOMAIN={0x14, 0x1, ' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @private=0xa010100}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @loopback}}]}, 0x88}, 0x1, 0x0, 0x0, 0x6a207045860aa884}, 0x40) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000b40)={&(0x7f0000000ac0)={0x64, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x1c}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r4}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x45}, @NL80211_ATTR_MESH_CONFIG={0x1c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_ROOTMODE={0x5}, @NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x948}, @NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0x7}]}, @NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_RETRIES={0x5, 0x5, 0xa}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x70}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x52}]}, 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x4000) r6 = openat$cgroup_ro(r2, &(0x7f0000000bc0)='pids.current\x00', 0x0, 0x0) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000c40), r3) sendmsg$TIPC_CMD_SET_NODE_ADDR(r6, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x24, r7, 0x300, 0x70bd2d, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x7fff}}, ["", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x800) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_INFO(r8, &(0x7f0000000e00)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x1c, 0x0, 0x2, 0x70bd26, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x400c0) sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x10002006}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f00)={0x4c, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x401, 0x36}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8c0}, 0x40004d4) 19:58:02 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x8, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9, 0x71}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x40090}, 0x51) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r0) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x34, r1, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {}, {0x18, 0x18, {0x1a, @bearer=@l2={'eth', 0x3a, 'macvlan1\x00'}}}}, [""]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x20004001) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x30, r2, 0x200, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6, 0x33}}}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x21}]}, 0x30}, 0x1, 0x0, 0x0, 0x24008008}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x28, r3, 0x100, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x69}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x40000) sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000005c0)={&(0x7f0000000500)={0xb4, 0x0, 0x4, 0x70bd28, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffffa}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DEST={0x28, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2c}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}, @IPVS_CMD_ATTR_SERVICE={0x44, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x1}}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x16}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x80}]}, 0xb4}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), r0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000800)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f00000007c0)={&(0x7f00000006c0)={0xc8, r4, 0x322, 0x70bd27, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x17, {0x8000, 0x60, 0x7, 0x3}}}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0x4}, @NL80211_ATTR_WPA_VERSIONS={0x8}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_CONTROL_PORT={0x4}, @NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xfac07}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_SAE_PASSWORD={0x60, 0x115, "be3d3045acfe7897e848dc8e97638ee36937c40fa335cc166a827c425ca23d37caf3d761ca88ec7648c11fac32c610986c4773abd504699f0170a98595d7d02c1915fa3faf70cbb560d4fd4350d5dca947de1f4937ee4f66ebdc4650"}], @NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_MAC_HINT={0xa}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}]]}, 0xc8}, 0x1, 0x0, 0x0, 0x4}, 0x2400c844) r5 = syz_open_dev$vcsa(&(0x7f0000000840), 0x0, 0x121000) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000008c0), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000900)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r5, &(0x7f0000000a00)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x54, r6, 0x10, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x4, 0x1d}}}}, [@NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x5be}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x8, 0xbd, [0x5, 0x101]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4094}, 0x2000c010) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000000a40)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000e80), r0) sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000000f40)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x80400000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x34, r8, 0x800, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0x18, 0x17, {0x2, 0x401, @l2={'eth', 0x3a, 'bridge0\x00'}}}}}, 0x34}, 0x1, 0x0, 0x0, 0x85}, 0x800) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r9, &(0x7f0000001680)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001640)={&(0x7f00000012c0)={0x350, r6, 0x2, 0x70bd25, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x138, 0x11d, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x100000000}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x83}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x88}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xae}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x46}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xdefe}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x65}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x7d3}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1ff}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x75}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x42}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x68}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x3}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xc5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x101}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x1b}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xeb}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x34}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xd1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0x14c, 0x11d, 0x0, 0x1, [{0x148, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x5b}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xfc, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x24, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x20, 0x1, [0x36, 0x24, 0x2, 0x5, 0x9, 0x2, 0x2f899929ec338857, 0x16, 0x12, 0x9, 0x3, 0x6, 0x5, 0x9, 0x2, 0x48, 0x4, 0x3, 0x24, 0x30, 0x60, 0x5, 0x30, 0x6a, 0x18, 0x24, 0x18, 0x2]}]}, @NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x800, 0x8, 0x7, 0xfff8, 0x0, 0x770, 0x20]}}]}, @NL80211_BAND_60GHZ={0x38, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xc, 0x1, [0x48, 0x2, 0x30, 0x24, 0x60, 0x18, 0x0, 0xc]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x8001, 0x0, 0x1, 0x8, 0x4, 0x3, 0x63d]}}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0xb, 0x1b, 0x16, 0x30, 0x16, 0x6c, 0x60]}]}, @NL80211_BAND_6GHZ={0x84, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x401, 0x0, 0x3, 0x1, 0x7, 0x5, 0x6, 0x3f]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0xc, 0x24, 0x9, 0x4, 0x24, 0x12, 0xb, 0x6, 0xb, 0x16, 0xc, 0x30, 0x4, 0xb, 0x60, 0x4, 0x24, 0x12, 0x1b, 0x6c, 0x1b, 0x16, 0x1f, 0x3, 0x12, 0x9, 0x16, 0x2, 0x3, 0x18, 0x48, 0x5]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x1000, 0x7ff, 0x7800, 0x3, 0x3f, 0x2f, 0x3]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x7, 0xbfa, 0x7, 0x9, 0x4, 0xf067, 0x531]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xbb}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x93}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x47}]}]}, @NL80211_ATTR_TID_CONFIG={0x68, 0x11d, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xcf}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc0}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x7fffffff}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xce}]}]}, @NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xc6}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}]}, @NL80211_ATTR_TID_CONFIG={0x38, 0x11d, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x5e}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x3c}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xa4}]}]}]}, 0x350}, 0x1, 0x0, 0x0, 0x4048090}, 0x2) 19:58:02 executing program 2: r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_MAX_PORTS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r0, 0x100, 0x70bd25, 0x25dfdbfe}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x40000000) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x6c, r1, 0x200, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x8, 0x68}}}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "72362518abfe4aab6ca11804f99ad86c"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac}, @NL80211_ATTR_PMKID={0x14, 0x55, "c595408135a358f622c30196e1073433"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x6c}, 0x1, 0x0, 0x0, 0x10}, 0x800) r2 = accept4(0xffffffffffffffff, &(0x7f00000002c0)=@rc={0x1f, @none}, &(0x7f0000000340)=0x80, 0x0) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r2, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x40, r1, 0x4, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x44}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2d}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x27}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) sendmsg$IPVS_CMD_GET_INFO(r2, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x34, 0x0, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0xd2}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x75}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4044080}, 0x800) sendmsg$TIPC_CMD_SHOW_STATS(r2, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, r0, 0x200, 0x70bd27, 0x25dfdbff, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x8005) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), r2) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x30, r3, 0x300, 0x70bd2a, 0x25dfdbfd, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}, ["", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x24008480}, 0x600008c1) r4 = accept(r2, &(0x7f0000000c00)=@ethernet={0x0, @broadcast}, &(0x7f0000000c80)=0x80) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000d80)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x24, 0x0, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e00)={0x44, r1, 0x800, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8ff8}], @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x7ff}]}, 0x44}, 0x1, 0x0, 0x0, 0x40080}, 0x0) sendmsg$IPVS_CMD_GET_DAEMON(r4, &(0x7f0000001000)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f40)={0x60, 0x0, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x2c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xcc1f}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xfffff443}]}, 0x60}}, 0x20000000) r5 = socket$nl_generic(0x10, 0x3, 0x10) accept(r5, &(0x7f0000001040)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, &(0x7f00000010c0)=0x80) r6 = accept4(r4, &(0x7f00000017c0)=@phonet, &(0x7f0000001840)=0x80, 0xcf0baeab9d55f406) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000018c0), r5) sendmsg$NL80211_CMD_DEL_INTERFACE(r6, &(0x7f0000001980)={&(0x7f0000001880)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001940)={&(0x7f0000001900)={0x20, r7, 0x2, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x1, 0x78}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x2000c850}, 0x4000000) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000001a00)={0x0, 0x5, 0x7, 0x1}) 19:58:02 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.controllers\x00', 0x0, 0x0) sendmsg$TIPC_CMD_SHOW_STATS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x200, 0x70bd25, 0x25dfdbfb, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x20, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", ""]}, 0x14}}, 0x9000) r1 = openat$cgroup_subtree(r0, &(0x7f0000000240), 0x2, 0x0) ioctl$BTRFS_IOC_GET_DEV_STATS(r1, 0xc4089434, &(0x7f0000000280)={0x0, 0x10000, 0x1, [0x8001, 0x4, 0x401, 0x101, 0x1], [0x7, 0x1, 0x7fffffff, 0xfffffffffffff77f, 0x8c, 0x4, 0xff, 0x7bd, 0xff, 0x4, 0x6, 0x140000000000000, 0xa329, 0x1ff, 0x2, 0x6, 0x6, 0x7, 0x0, 0x32e, 0x6, 0x1, 0x7fff, 0x5e12, 0x5, 0x0, 0x1, 0x3, 0xbccd, 0x7, 0xf47, 0x3, 0x40, 0x9, 0x7fffffff, 0x1, 0x101, 0x100, 0x4, 0x7, 0x8, 0x101, 0x4, 0x8000000000000, 0x8, 0x9, 0x8, 0x7, 0x6, 0x6, 0x1, 0x7fff, 0x401, 0x1000, 0x6, 0x1, 0x0, 0x4a, 0x8, 0x1, 0x8, 0x2, 0x451, 0xd8, 0x0, 0xfffffffffffffec5, 0x2, 0x6, 0x1f54, 0x7, 0x6, 0x80, 0x10001, 0x1f, 0x6, 0x7f, 0xff, 0x7fff, 0x20000000000000, 0x1650, 0x0, 0x8, 0xc22, 0xfffffffffffffffd, 0x6, 0xfc, 0xa, 0x7f, 0x7fff, 0x4, 0x3, 0x1634, 0x20, 0x7, 0x7e, 0x100000000, 0x40, 0xfffffffffffff001, 0x4, 0x100000000, 0x7, 0x1ff, 0xffffffff, 0x6, 0x7, 0x100000000, 0x1ff, 0x4, 0x140a, 0x7fffffff, 0x0, 0x3, 0x7fffffff, 0x5a, 0x3, 0x3, 0x6, 0x4, 0x8, 0x5, 0x1ff]}) r2 = socket(0x22, 0x4, 0x4d) sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x54100040}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x0, 0x400, 0x70bd2c, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x401}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x20000001) syz_genetlink_get_family_id$tipc(&(0x7f00000007c0), r0) r3 = openat$cgroup_ro(r0, &(0x7f0000000800)='cgroup.controllers\x00', 0x0, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000840)) sendmsg$NL80211_CMD_DEAUTHENTICATE(r2, &(0x7f0000000ac0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x9e9f60af4811cf25}, 0xc, &(0x7f0000000a80)={&(0x7f00000008c0)={0x18c, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x326f}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_IE={0x139, 0x2a, [@chsw_timing={0x68, 0x4, {0x400, 0x1}}, @preq={0x82, 0x7d, @not_ext={{0x1, 0x1}, 0xb4, 0x1, 0x6, @broadcast, 0x4, "", 0x0, 0x7, 0x9, [{{0x0, 0x0, 0x1}, @broadcast, 0x4c7}, {{0x1, 0x0, 0x1}, @broadcast, 0x3}, {{0x1}, @device_b, 0x2}, {{0x0, 0x0, 0x1}, @device_b}, {{0x0, 0x0, 0x1}, @device_b, 0x2}, {{0x1}, @device_b, 0x5}, {{}, @device_a, 0x8001}, {{0x0, 0x0, 0x1}, @device_b, 0x3}, {}]}}, @tim={0x5, 0x92, {0x4, 0x76, 0x7f, "6792d23ce841355a9f9e758ca6cb85a9eac242515172b9aab754233069471c26fd05566d3a60c037959245c880dec65b53da3c9675dc195827eaf2460e674ae5583a24a92bfe3d59da4d685fbac877b3664ff0e86749cb3fdaadda1e9406fd8d00d806cf54b54fab6f33c2fe869d5ed689d7c138dc54bc35d15aa22696fb25063f3f76e726d95df28243e5c38872e6"}}, @peer_mgmt={0x75, 0x6, {0x1, 0x7fff, @void, @val=0x17, @void}}, @link_id={0x65, 0x12, {@random="de20f102f0d8"}}]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xc9e}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x18c}, 0x1, 0x0, 0x0, 0x40801}, 0x20000000) r4 = syz_io_uring_setup(0x7f4b, &(0x7f0000000b00)={0x0, 0xfb5a, 0x0, 0x1, 0x1}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000b80), &(0x7f0000000bc0)) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xa, 0x0, r5) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c40), r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000c80)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r6, &(0x7f0000000d80)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000cc0)={0x50, r7, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x5, 0x2c}}}}, [@fils_params=[@NL80211_ATTR_FILS_ERP_REALM={0xd, 0xfa, "be8939e7b9e74cab63"}, @NL80211_ATTR_FILS_ERP_REALM={0xd, 0xfa, "2d17b672964f5930a5"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6}]]}, 0x50}, 0x1, 0x0, 0x0, 0x8044000}, 0x0) r9 = accept4(0xffffffffffffffff, &(0x7f0000000dc0), &(0x7f0000000e40)=0x80, 0x0) sendmsg$NL80211_CMD_NOTIFY_RADAR(r9, &(0x7f0000000f40)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x28, r7, 0x1, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xa0, 0x4a}}}}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1702}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x40) [ 107.752207] audit: type=1400 audit(1692302282.622:6): avc: denied { execmem } for pid=271 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 19:58:02 executing program 4: sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x204}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x100, 0x70bd26, 0x25dfdbff, {{}, {}, {0x18, 0x17, {0x20, 0x7ff, @udp='udp:syz1\x00'}}}, [""]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x10080) socketpair(0x1e, 0x3, 0x8, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_PORTS(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r2, 0x400, 0x70bd2b, 0x25dfdbff, {}, ["", "", ""]}, 0x1c}}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x4c, r3, 0x124, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @void}}, [@chandef_params, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x21}, @NL80211_ATTR_CENTER_FREQ2={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}]]}, 0x4c}, 0x1, 0x0, 0x0, 0x4010}, 0x24000001) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000540), r1) sendmsg$TIPC_CMD_SET_NETID(r1, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x634ec73c7fb8574a}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, r5, 0x2, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x8, 0x2, 0x3}}, ["", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4080) ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000640)={0x0, 0x6, 0x0, [0x3, 0x5, 0x2, 0x6, 0x800], [0x321, 0x3f, 0x3ff, 0x8001, 0x0, 0x1ff, 0x3f, 0xf9d, 0x0, 0x6, 0x1, 0x8, 0x88f1, 0xd8, 0x40, 0x3, 0x4186, 0x3, 0x4, 0x3, 0x3, 0x5f7, 0x9eec, 0x1, 0x80, 0x7a7, 0x410d204a, 0xffffffff, 0xffffffffffffffff, 0xfffffffffffffffc, 0x4, 0x4, 0x400, 0xfffffffffffffffa, 0x1000, 0x4f24, 0x3, 0x7, 0x6, 0x2, 0x9, 0xe3, 0x1, 0x3, 0x0, 0x100000000, 0x5, 0x1, 0x40, 0x7ff, 0xae1, 0x4, 0x9, 0x2, 0x8, 0x2, 0x8, 0x2, 0x3ff, 0x0, 0x20, 0x2, 0x7ff, 0x9, 0x0, 0x9, 0x1f545d5, 0x8, 0xce4, 0x7e8, 0x2, 0x7, 0x0, 0x7, 0x1, 0x1000, 0x83, 0x81, 0x4, 0x4, 0x3ff, 0x1c000000000000, 0x7fff, 0x400, 0xc60c319, 0x1ff, 0x8, 0x45, 0x100, 0x8, 0x0, 0x7, 0x5, 0x7, 0x4e, 0x10001, 0xfff, 0x8001, 0x4, 0x6, 0x5, 0x3, 0x3, 0x5ac, 0x6, 0x1, 0x1000, 0x66a1, 0x0, 0x1ff, 0x8, 0xc8, 0x4, 0x20, 0x3, 0x6, 0x3, 0x6, 0x47, 0x1e60, 0x5aa]}) r6 = accept(r0, &(0x7f0000000b40)=@nl=@proc, &(0x7f0000000bc0)=0x80) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r6, &(0x7f0000000cc0)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x28, r2, 0x400, 0x70bd25, 0x25dfdbff, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4008805}, 0x8) r7 = syz_open_dev$vcsa(&(0x7f0000000d00), 0x4, 0x100) write$cgroup_pressure(r7, &(0x7f0000000d40)={'full', 0x20, 0x9, 0x20, 0x3}, 0x2f) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r1, &(0x7f0000000e40)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x1c, r2, 0x0, 0x70bd2a, 0x25dfdbfd, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8840}, 0x0) r8 = syz_open_dev$vcsa(&(0x7f0000000e80), 0xfffffffffffffff7, 0x1) r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000f00), 0xffffffffffffffff) sendmsg$IPVS_CMD_DEL_SERVICE(r8, &(0x7f0000001080)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001040)={&(0x7f0000000f40)={0xc4, r9, 0x10, 0x70bd27, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x68, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syz_tun\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5e}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xfe}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x7}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7fffffff}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x8001}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x6}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0xc004}, 0x44000814) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r7, 0x2405, r8) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r8, &(0x7f0000001180)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001140)={&(0x7f0000001100)={0x1c, r5, 0x100, 0x70bd25, 0x25dfdbfc, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x8800) 19:58:02 executing program 5: sendmsg$NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x884) r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0xf5, 0x3d}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x8}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x7f}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2b}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x5f}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x62}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x19}]}, 0x70}, 0x1, 0x0, 0x0, 0x44080}, 0x4000000) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x2, 0x70bd29, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x2004c800}, 0x8000) r3 = syz_open_dev$vcsa(&(0x7f0000000400), 0x401, 0x60000) sendmsg$TIPC_CMD_DISABLE_BEARER(r3, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x2c, r2, 0x412, 0x70bd2c, 0x25dfdbff, {{}, {}, {0x10, 0x13, @l2={'ib', 0x3a, 'netpci0\x00'}}}, ["", "", "", "", "", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000000) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r3, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, 0x0, 0x20, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x24004024) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000680), r3) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x34, r4, 0x100, 0x70bd28, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x12, 0x8, @udp='udp:syz0\x00'}}}, ["", "", "", "", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r0, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x48, 0x0, 0x20, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x6, 0x45}}}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x4}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x28, r5, 0x200, 0x70bd26, 0x25dfdbfd, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000a40), r3) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000b40)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)={0x7c, r6, 0x400, 0x70bd25, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x34, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x40880}, 0x4000) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000bc0), r3) sendmsg$IPVS_CMD_GET_DAEMON(r3, &(0x7f0000000d40)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c00)={0xdc, r7, 0x20, 0x70bd2d, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6f9bb031}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x62}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x6}}]}, @IPVS_CMD_ATTR_DAEMON={0x80, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'geneve0\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'geneve1\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'erspan0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'macsec0\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}]}, 0xdc}, 0x1, 0x0, 0x0, 0x404c040}, 0x4000000) r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000dc0), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000000e80)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000e00)={0x24, r8, 0x8, 0x70bd25, 0x25dfdbff, {{}, {}, {0x8, 0x11, 0x1}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x8000) 19:58:02 executing program 6: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000040)={0x2972, 0xfffffc00, 0x1}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f00000000c0)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0x40a85321, &(0x7f00000004c0)={{0x9, 0x3f}, 'port0\x00', 0x4d, 0x2, 0x7fff, 0x1f, 0x9, 0xc8, 0x6, 0x0, 0x6, 0x1}) r1 = openat$cgroup_ro(r0, &(0x7f0000000580)='cpuset.effective_mems\x00', 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r1, 0x40082102, &(0x7f00000005c0)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000600)={0x0}) r3 = openat$cgroup_type(r1, &(0x7f0000000680), 0x2, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000700)={0xe0000000, 0x0, &(0x7f00000006c0)=[r3, r1, r3, r0, r0]}, 0x5) r4 = openat$cgroup(r1, &(0x7f0000000740)='syz0\x00', 0x200002, 0x0) openat$cgroup_pressure(r4, &(0x7f0000000780)='cpu.pressure\x00', 0x2, 0x0) r5 = openat$cgroup_ro(r1, &(0x7f00000007c0)='rdma.current\x00', 0x0, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000008c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x34, 0x0, 0x400, 0x70bd28, 0x25dfdbfe, {{}, {}, {0x18, 0x17, {0x1c, 0x3f, @l2={'ib', 0x3a, 'ip6tnl0\x00'}}}}, ["", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0xc050) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(0xffffffffffffffff, 0x40082102, &(0x7f0000000900)=r2) r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000940), 0x400000) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r6, 0x404c534a, &(0x7f0000000980)={0x0, 0x3, 0x3}) socketpair(0x8, 0x1, 0xfffffffd, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r7, &(0x7f0000001580)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)={0x30, 0x0, 0x100, 0x70bd27, 0x25dfdbfe, {{}, {}, {0x14, 0x19, {0xb67a, 0x4ff6, 0x8, 0x400}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x8010}, 0x4000000) ioctl$EVIOCGREP(r5, 0x80084503, &(0x7f00000015c0)=""/133) mkdirat$cgroup(r5, &(0x7f0000001680)='syz1\x00', 0x1ff) 19:58:02 executing program 7: r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, &(0x7f0000000080)=0x80, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x94, 0x0, 0x300, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x2b8e, 0x29}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x5f}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2b}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x68}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x35}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x67}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x13}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x49}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x23}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x32}]}, 0x94}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) r3 = accept4(r0, 0x0, &(0x7f0000000280), 0x80800) sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x68, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {{}, {}, {0x4c, 0x18, {0x0, @media='ib\x00'}}}, ["", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x40844}, 0x20040880) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x1c, 0x0, 0x100, 0x7, 0x25dfdbfd, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10040080}, 0x0) ioctl$SIOCGSTAMP(r0, 0x8906, &(0x7f0000000500)) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r0, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x14, 0x0, 0x100, 0x70bd25, 0x25dfdbfc, {{}, {@void, @void}}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000680), r1) sendmsg$TIPC_CMD_GET_REMOTE_MNG(r4, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x1c, r5, 0x9, 0x70bd27, 0x25dfdbff, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000010}, 0x4c084) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x64, 0x0, 0x200, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x400, 0x69}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x60}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x6c}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x26}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x7f}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x4b}]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x8890) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000980)={'gretap0\x00', &(0x7f00000008c0)={'gre0\x00', 0x0, 0x80, 0x7800, 0x7fff, 0x6, {{0x1a, 0x4, 0x1, 0x0, 0x68, 0x66, 0x0, 0x7, 0x4, 0x0, @empty, @private=0xa010100, {[@generic={0x0, 0x5, "5adab1"}, @timestamp_addr={0x44, 0x4c, 0xd7, 0x1, 0x6, [{@broadcast, 0x6}, {@private=0xa010101, 0xfffffff9}, {@multicast2, 0x7}, {@private=0xa010100, 0x3f}, {@loopback, 0x1}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0xfffffffc}, {@loopback, 0xfffffffc}, {@rand_addr=0x64010100}, {@private=0xa010102, 0xfffffffe}]}]}}}}}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000a00), r3) sendmsg$TIPC_CMD_GET_LINKS(r6, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x30408030}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x24, r7, 0x20, 0x70bd26, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x800}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x44041}, 0x0) r8 = socket(0x2b, 0x5, 0x7) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), r4) sendmsg$NL80211_CMD_SET_TID_CONFIG(r8, &(0x7f0000000ec0)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x1d823200}, 0xc, &(0x7f0000000e80)={&(0x7f0000000c40)={0x230, r9, 0x10, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x3, 0x7}}}}, [@NL80211_ATTR_TID_CONFIG={0x9c, 0x11d, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x3}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xf4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x400}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x10000}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x10000}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x52}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x13}]}]}, @NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xcb}]}]}, @NL80211_ATTR_TID_CONFIG={0xb0, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x1c}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x58}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x3bab}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x24}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xf}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x7d}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x45}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x7b}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x48}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xfe}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x86}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}]}]}, @NL80211_ATTR_TID_CONFIG={0xa4, 0x11d, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x9b}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x200}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x19}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x7b}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xf6}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x5}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x4}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xef}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}]}]}]}, 0x230}, 0x1, 0x0, 0x0, 0x4040000}, 0x804) sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f0000000fc0)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x3c, r9, 0x2, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xb}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xdb}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x252}, @NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x4054) [ 109.164010] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 109.165833] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 109.168394] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 109.170933] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 109.175649] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 109.179860] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 109.182042] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 109.185094] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 109.187081] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 109.210932] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 109.233008] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 109.237407] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 109.245411] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 109.249735] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 109.267757] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 109.296104] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 109.300598] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 109.319925] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 109.327772] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 109.332502] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 109.337513] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 109.359408] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 109.363213] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 109.365714] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 109.411832] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 109.413993] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 109.416745] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 109.462721] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 109.469051] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 109.474139] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 111.242742] Bluetooth: hci1: command 0x0409 tx timeout [ 111.244318] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 111.304632] Bluetooth: hci0: command 0x0409 tx timeout [ 111.304736] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 111.306568] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 111.432349] Bluetooth: hci4: command 0x0409 tx timeout [ 111.433095] Bluetooth: hci2: command 0x0409 tx timeout [ 111.560566] Bluetooth: hci6: command 0x0409 tx timeout [ 113.289566] Bluetooth: hci1: command 0x041b tx timeout [ 113.352462] Bluetooth: hci0: command 0x041b tx timeout [ 113.480549] Bluetooth: hci2: command 0x041b tx timeout [ 113.481000] Bluetooth: hci4: command 0x041b tx timeout [ 113.608331] Bluetooth: hci6: command 0x041b tx timeout [ 114.827213] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 114.836637] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 114.839925] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 114.867176] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 114.907602] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 114.919623] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 115.338273] Bluetooth: hci1: command 0x040f tx timeout [ 115.400856] Bluetooth: hci0: command 0x040f tx timeout [ 115.528727] Bluetooth: hci2: command 0x040f tx timeout [ 115.529781] Bluetooth: hci4: command 0x040f tx timeout [ 115.656322] Bluetooth: hci6: command 0x040f tx timeout [ 116.616825] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 116.680326] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 117.000735] Bluetooth: hci7: command 0x0409 tx timeout [ 117.384668] Bluetooth: hci1: command 0x0419 tx timeout [ 117.448336] Bluetooth: hci0: command 0x0419 tx timeout [ 117.578068] Bluetooth: hci4: command 0x0419 tx timeout [ 117.578538] Bluetooth: hci2: command 0x0419 tx timeout [ 117.704470] Bluetooth: hci6: command 0x0419 tx timeout [ 119.048391] Bluetooth: hci7: command 0x041b tx timeout [ 121.096342] Bluetooth: hci7: command 0x040f tx timeout [ 121.928326] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 121.992505] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 123.145313] Bluetooth: hci7: command 0x0419 tx timeout [ 125.934940] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 125.938658] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 125.945625] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 126.004638] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 126.006960] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 126.017356] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 127.816306] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 128.072565] Bluetooth: hci5: command 0x0409 tx timeout [ 130.123374] Bluetooth: hci5: command 0x041b tx timeout [ 130.619778] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 130.645954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 130.654124] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 130.667154] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 130.694751] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 130.710980] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 132.168290] Bluetooth: hci5: command 0x040f tx timeout [ 132.808332] Bluetooth: hci3: command 0x0409 tx timeout [ 134.216431] Bluetooth: hci5: command 0x0419 tx timeout [ 134.856952] Bluetooth: hci3: command 0x041b tx timeout [ 136.904291] Bluetooth: hci3: command 0x040f tx timeout [ 138.952488] Bluetooth: hci3: command 0x0419 tx timeout [ 171.936879] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 171.939514] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 171.942056] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 171.960507] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 171.969857] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 171.970868] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 171.995113] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 171.997757] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 171.999003] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 172.008989] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 172.021562] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 172.026287] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 172.037714] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 172.040485] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 172.041788] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 172.055485] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 172.073762] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 172.078663] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 173.576434] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 173.834299] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 174.024507] Bluetooth: hci2: command 0x0409 tx timeout [ 174.088297] Bluetooth: hci4: command 0x0409 tx timeout [ 174.152356] Bluetooth: hci6: command 0x0409 tx timeout [ 175.651967] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 175.653123] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 175.654984] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 175.661034] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 175.663086] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 175.670291] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 176.074267] Bluetooth: hci2: command 0x041b tx timeout [ 176.137274] Bluetooth: hci4: command 0x041b tx timeout [ 176.201535] Bluetooth: hci6: command 0x041b tx timeout [ 176.419847] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 176.422511] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 176.436519] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 176.453592] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 176.463787] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 176.464855] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 177.800507] Bluetooth: hci0: command 0x0409 tx timeout [ 178.056363] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 178.120490] Bluetooth: hci2: command 0x040f tx timeout [ 178.184330] Bluetooth: hci4: command 0x040f tx timeout [ 178.248332] Bluetooth: hci6: command 0x040f tx timeout [ 178.504367] Bluetooth: hci7: command 0x0409 tx timeout [ 179.848329] Bluetooth: hci0: command 0x041b tx timeout [ 180.168710] Bluetooth: hci2: command 0x0419 tx timeout [ 180.232552] Bluetooth: hci4: command 0x0419 tx timeout [ 180.296513] Bluetooth: hci6: command 0x0419 tx timeout [ 180.552594] Bluetooth: hci7: command 0x041b tx timeout [ 181.105119] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 181.136450] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 181.144908] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 181.160765] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 181.163502] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 181.172032] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 181.896289] Bluetooth: hci0: command 0x040f tx timeout [ 182.602432] Bluetooth: hci7: command 0x040f tx timeout [ 183.240328] Bluetooth: hci1: command 0x0409 tx timeout [ 183.944605] Bluetooth: hci0: command 0x0419 tx timeout [ 184.648427] Bluetooth: hci7: command 0x0419 tx timeout [ 185.288601] Bluetooth: hci1: command 0x041b tx timeout [ 187.339274] Bluetooth: hci1: command 0x040f tx timeout [ 188.872357] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 189.384446] Bluetooth: hci1: command 0x0419 tx timeout [ 192.363165] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 192.369622] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 192.371089] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 192.382783] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 192.394706] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 192.396058] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 193.674509] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 194.442299] Bluetooth: hci5: command 0x0409 tx timeout [ 196.490331] Bluetooth: hci5: command 0x041b tx timeout [ 198.536397] Bluetooth: hci5: command 0x040f tx timeout [ 198.600310] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 200.584710] Bluetooth: hci5: command 0x0419 tx timeout [ 203.464999] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 206.536526] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 206.575633] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 206.582509] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 206.592535] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 206.610409] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 206.639514] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 208.712355] Bluetooth: hci3: command 0x0409 tx timeout [ 210.760504] Bluetooth: hci3: command 0x041b tx timeout [ 212.808313] Bluetooth: hci3: command 0x040f tx timeout [ 214.856488] Bluetooth: hci3: command 0x0419 tx timeout [ 233.988587] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 233.993482] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 233.999130] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 234.024326] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 234.041645] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 234.043662] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 234.315092] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 234.349185] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 234.372927] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 234.386050] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 234.405699] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 234.410567] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 236.104722] Bluetooth: hci2: command 0x0409 tx timeout [ 236.488393] Bluetooth: hci4: command 0x0409 tx timeout [ 236.617492] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 238.153217] Bluetooth: hci2: command 0x041b tx timeout [ 238.357005] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 238.364466] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 238.370505] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 238.378977] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 238.382047] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 238.397742] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 238.537371] Bluetooth: hci4: command 0x041b tx timeout [ 239.945505] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 240.047792] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 240.057977] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 240.060763] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 240.065743] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 240.070986] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 240.074422] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 240.201281] Bluetooth: hci2: command 0x040f tx timeout [ 240.456326] Bluetooth: hci6: command 0x0409 tx timeout [ 240.584515] Bluetooth: hci4: command 0x040f tx timeout [ 242.124349] Bluetooth: hci7: command 0x0409 tx timeout [ 242.248310] Bluetooth: hci2: command 0x0419 tx timeout [ 242.504749] Bluetooth: hci6: command 0x041b tx timeout [ 242.632297] Bluetooth: hci4: command 0x0419 tx timeout [ 243.369739] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 243.374653] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 243.383116] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 243.414372] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 243.456158] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 243.458131] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 243.541722] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 243.543094] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 243.564581] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 243.573662] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 243.584712] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 243.586503] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 244.168327] Bluetooth: hci7: command 0x041b tx timeout [ 244.552343] Bluetooth: hci6: command 0x040f tx timeout [ 245.512478] Bluetooth: hci0: command 0x0409 tx timeout [ 245.705486] Bluetooth: hci1: command 0x0409 tx timeout [ 246.219276] Bluetooth: hci7: command 0x040f tx timeout [ 246.601449] Bluetooth: hci6: command 0x0419 tx timeout [ 247.561577] Bluetooth: hci0: command 0x041b tx timeout [ 247.754552] Bluetooth: hci1: command 0x041b tx timeout [ 248.264321] Bluetooth: hci7: command 0x0419 tx timeout [ 249.610489] Bluetooth: hci0: command 0x040f tx timeout [ 249.801510] Bluetooth: hci1: command 0x040f tx timeout [ 251.656770] Bluetooth: hci0: command 0x0419 tx timeout [ 251.850318] Bluetooth: hci1: command 0x0419 tx timeout [ 254.446910] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 254.462795] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 254.479095] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 254.489062] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 254.491367] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 254.492218] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 256.521635] Bluetooth: hci5: command 0x0409 tx timeout [ 258.568296] Bluetooth: hci5: command 0x041b tx timeout [ 260.617279] Bluetooth: hci5: command 0x040f tx timeout [ 262.666290] Bluetooth: hci5: command 0x0419 tx timeout [ 270.218326] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 274.952372] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 280.009300] Bluetooth: hci3: Opcode 0x c03 failed: -110 2023/08/17 20:00:55 executor 4 failed 11 times: executor 4: exit status 67 SYZFAIL: wrong response packet (errno 2: No such file or directory) loop exited with status 67 VM DIAGNOSIS: 20:00:55 Registers: info registers vcpu 0 RAX=0000000080000001 RBX=ffff88802cd5f618 RCX=ffffffff8113c3c0 RDX=ffffffff8186c0e2 RSI=ffffffff81121a60 RDI=0000000000000006 RBP=ffffffff861636dc RSP=ffff88802cd5f590 R8 =0000000000000006 R9 =ffffffff81121a60 R10=ffffffff8186c0e2 R11=0000000000000001 R12=0000000000000001 R13=ffff88802cd5f848 R14=ffff88802cd5f840 R15=ffffffff861636e0 RIP=ffffffff814d8ab0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f8801bb08e0 CR3=000000002cd9c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=6461657268747062696c2f756e672d78 XMM02=00302e6f732e6461657268747062696c XMM03=2f756e672d78756e696c2d34365f3638 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=00007f0065052000 RCX=ffffffff8172b201 RDX=ffff888015419b40 RSI=0000000000000000 RDI=0000000000000001 RBP=ffffea0000b60d00 RSP=ffff888029967728 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000001 R14=ffff8880230ae288 R15=dffffc0000000000 RIP=ffffffff814d8b25 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000560cfc5da080 CR3=000000000e444000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000