Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:54008' (ECDSA) to the list of known hosts. 2023/08/19 10:28:26 fuzzer started 2023/08/19 10:28:26 dialing manager at localhost:46849 syzkaller login: [ 109.459000] cgroup: Unknown subsys name 'net' [ 109.584657] cgroup: Unknown subsys name 'rlimit' [ 121.621491] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2023/08/19 10:28:40 syscalls: 214 2023/08/19 10:28:40 code coverage: enabled 2023/08/19 10:28:40 comparison tracing: enabled 2023/08/19 10:28:40 extra coverage: enabled 2023/08/19 10:28:40 setuid sandbox: enabled 2023/08/19 10:28:40 namespace sandbox: enabled 2023/08/19 10:28:40 Android sandbox: enabled 2023/08/19 10:28:40 fault injection: enabled 2023/08/19 10:28:40 leak checking: enabled 2023/08/19 10:28:40 net packet injection: enabled 2023/08/19 10:28:40 net device setup: enabled 2023/08/19 10:28:40 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/08/19 10:28:40 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/08/19 10:28:40 USB emulation: enabled 2023/08/19 10:28:40 hci packet injection: enabled 2023/08/19 10:28:40 wifi device emulation: enabled 2023/08/19 10:28:40 802.15.4 emulation: enabled 2023/08/19 10:28:40 fetching corpus: 0, signal 0/0 (executing program) 2023/08/19 10:28:41 starting 8 fuzzer processes 10:28:41 executing program 0: r0 = syz_io_uring_complete(0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000000)=':#+-\x00', 0x0, 0xffffffffffffffff) r1 = fspick(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000080)='silent\x00', 0x0, 0x0) r2 = fsopen(&(0x7f00000000c0)='hpfs\x00', 0x0) r3 = fsmount(r2, 0x0, 0x6) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r3, 0xc0406618, &(0x7f0000000100)={@desc={0x1, 0x0, @desc2}}) fsconfig$FSCONFIG_SET_PATH(r1, 0x3, &(0x7f0000000140)='\x00', &(0x7f0000000180)='./file0\x00', 0xffffffffffffff9c) r4 = io_uring_setup(0x79fd, &(0x7f0000000200)={0x0, 0x3150, 0x8, 0x0, 0x2c8, 0x0, r3}) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000001c0)='.\x00', 0x0, r4) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x28, 0x0, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x8}, @SEG6_ATTR_SECRET={0xc, 0x4, [0x82d, 0x9]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4010}, 0x20054) sendmsg$BATADV_CMD_GET_VLAN(r3, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x3c, 0x0, 0x300, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x9e1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x3ff}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xd}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004000}, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000004c0)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x44, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xfe1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x1f}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4b}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000090}, 0x880) ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000680)={'ip6gre0\x00', &(0x7f0000000600)={'ip6gre0\x00', r5, 0x2f, 0x6, 0x2, 0x8, 0x4a, @rand_addr=' \x01\x00', @private2, 0x7800, 0x80, 0x9, 0x74e9}}) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000700), r1) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r3, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x28, r6, 0x300, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r7 = open$dir(&(0x7f0000000800)='./file0\x00', 0x100c0, 0x105) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r7, 0xc0406619, &(0x7f0000000840)={@desc={0x1, 0x0, @desc1}}) mknodat(0xffffffffffffff9c, &(0x7f0000000880)='./file0\x00', 0x2, 0x6) 10:28:41 executing program 1: r0 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000004, 0x110, 0xffffffffffffffff, 0x10000000) syz_io_uring_submit(0x0, r0, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0xffffffff) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, 0x100010, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r0, &(0x7f0000000100)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x6, 0x0, 0x8, 0x1, &(0x7f0000000040)="1a89700f2301e1725a61c96d1b47668a329408336b21cfeca546d028df107a6dc759e3a2cc8fa3e1b9d4860887ba0cd3b87eaf83282398cd4add7c37a64538ccd27e063aed0913d69133cfc2ec60ef716442a9237714c3f4687b01d99abafcdc592f4d3b09f901bf9c5794ead40f5816c30f100190b0599502ef40783db5ec94a7d170d67db8abac4efb813b31b1be2cd73df25dade132e89488ee5891c4edd9d68c44", 0x2, 0x0, 0x1}, 0x2) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/schedstat\x00', 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8, 0x2010, r2, 0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000180), &(0x7f00000001c0)=0x14) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r2, 0xc0406618, &(0x7f0000000200)={@id={0x2, 0x0, @c}}) fsopen(&(0x7f0000000240)='ramfs\x00', 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xb, 0x8010, r2, 0x0) r4 = syz_io_uring_complete(r3) mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000008, 0x4004010, r4, 0x10000000) r5 = eventfd2(0x7ff, 0x0) r6 = openat$cgroup_subtree(r2, &(0x7f0000000280), 0x2, 0x0) socketpair(0x2b, 0x3, 0x3, &(0x7f00000002c0)={0xffffffffffffffff}) io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000300)=[r5, r6, r7], 0x3) r8 = openat$incfs(0xffffffffffffffff, &(0x7f0000000340)='.log\x00', 0x2c80, 0xc0) getdents64(r8, &(0x7f0000000380)=""/214, 0xd6) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_DEL_SEC_KEY(r9, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, 0x0, 0x200, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20004001) 10:28:41 executing program 2: r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000005, 0x50, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x512f, &(0x7f0000000000)={0x0, 0x74f7, 0x0, 0x1, 0x2b4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_submit(r0, r2, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x1, 0x2000, @fd_index=0x5, 0xfffffffffffffffc, &(0x7f0000000100)=""/255, 0xff, 0x18}, 0x41ce) io_uring_enter(r1, 0x3ac8, 0x5e7f, 0x3, &(0x7f0000000240)={[0x4]}, 0x8) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x4000004, 0x40010, r1, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x11, r1, 0x10000000) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/diskstats\x00', 0x0, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x2000004, 0x10, r4, 0x10000000) syz_memcpy_off$IO_URING_METADATA_FLAGS(r3, 0x118, &(0x7f00000002c0), 0x0, 0x4) r5 = syz_io_uring_setup(0x5f22, &(0x7f0000000300)={0x0, 0xc8e2, 0x4, 0x1, 0x185, 0x0, r1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000eaa000/0x2000)=nil, &(0x7f0000000380), &(0x7f00000003c0)) io_uring_register$IORING_UNREGISTER_FILES(r5, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(r5, 0x1, 0x0, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ec1000/0x2000)=nil, 0x2000, 0x300000e, 0x30, r4, 0x10000000) io_uring_setup(0x147d, &(0x7f0000000400)={0x0, 0xb511, 0x2, 0x1, 0x113, 0x0, r5}) r6 = io_uring_setup(0x62f9, &(0x7f0000000480)={0x0, 0x54f5, 0x20, 0x2, 0x38b, 0x0, r5}) io_uring_enter(r4, 0x3ec4, 0x6ed1, 0x1, &(0x7f0000000500)={[0x7]}, 0x8) r7 = fsopen(&(0x7f0000000540)='efivarfs\x00', 0x1) fsmount(r7, 0x1, 0xa) syz_io_uring_setup(0xdb2, &(0x7f0000000580)={0x0, 0xa12b, 0x8, 0x2, 0xfc}, &(0x7f0000ea4000/0x1000)=nil, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000000600)=0x0, &(0x7f0000000640)) syz_io_uring_submit(r8, 0x0, &(0x7f0000000780)=@IORING_OP_WRITE={0x17, 0x0, 0x4007, @fd=r6, 0x7, &(0x7f0000000680)="e86dbf1292326749d8c5880a91872d86a11f7aa2adf23bb8311f51f4827639e4f2be16ae2554848aaa2ed2fb233d9745abcf18f0ade717070d8ade70d57319aa1a0076687fdedafc0cb47e700faeb863fca4eb4027af47920d6ce746ce45666663382b8f42c1b79054c455a031e120c5b88e5b75c1c2f6ba3416ab579d7875b3c630d6fe01ace4a0937489538c251dddd87f223b1b1d57350cc22e3204a9efcee1d1370e5463605f174ca9c818a25ec06cc688ce776df273dadfa9fc53c9ee9c40fa3d313dcffe440ae3306bc6590c7c357f72af0aa054856fcd2c6ad77bf3dff81122c95d4795b4e5e3151095838f0b45e9f4ef8e3aed", 0xf7, 0x8}, 0x5) [ 123.143293] audit: type=1400 audit(1692440921.523:6): avc: denied { execmem } for pid=267 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 10:28:41 executing program 3: r0 = fsmount(0xffffffffffffffff, 0x0, 0x8) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x8004) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x44000) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r1, 0xf4352e0b86e8069b, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x24000050}, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000340)={0x7ff000, 0xfffffff8, 0xfffffeff, 0x3, 0x7304}, 0x14) r2 = syz_genetlink_get_family_id$nbd(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x22000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x2c, r2, 0x300, 0x70bd29, 0x25dfdbff, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8d4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8c1}, 0x400c044) sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x28, 0x0, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, '{\x00'}, @NLBL_MGMT_A_DOMAIN={0xa, 0x1, '-#%^|\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x880}, 0x4040080) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x3c, r1, 0x4, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x9d9}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8a094}, 0x400c0c1) socketpair(0x1, 0xa, 0x1000, &(0x7f00000006c0)={0xffffffffffffffff}) sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x30, 0x0, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}]}, 0x30}, 0x1, 0x0, 0x0, 0x100040c0}, 0x4) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_STATUS(r4, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x44, r2, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x122}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x29}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000980)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_KEY(r5, &(0x7f0000000a80)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x50, 0x0, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x50}}, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000b00)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_PAN_ID(r7, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x38, 0x0, 0x45052e24bdd72684, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0xffff}]}, 0x38}, 0x1, 0x0, 0x0, 0x133fb0e272557b6e}, 0x44010) 10:28:41 executing program 4: sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x1f}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000004}, 0x44) sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, 0x0, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80c5}, 0x800) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x4c, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_MIN_BE={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x4}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x9eb1fdb94fcdf9ba) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000480)={&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/108, 0x6c, 0x0, &(0x7f00000003c0)=""/153, 0x99}, &(0x7f00000004c0)=0x40) syz_genetlink_get_family_id$nbd(&(0x7f0000000500), 0xffffffffffffffff) openat$dir(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xd8000, 0xa) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000580), r0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0406618, &(0x7f00000005c0)={@id={0x2, 0x0, @d}}) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), r2) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_SETPARAMS(r3, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x1c, r1, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8885}, 0x8000) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nbd(&(0x7f0000000780), r3) sendmsg$NBD_CMD_STATUS(r4, &(0x7f0000000880)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x54, r5, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x5}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x62800000000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x4800) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f00000008c0), &(0x7f0000000900)=0x14) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000980)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r4, &(0x7f0000000a80)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x6c, r1, 0x300, 0x70bd28, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x9}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x8d}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x2}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0xff}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x6c}, 0x1, 0x0, 0x0, 0x8055}, 0x8085) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000b00)=@v1={0x0, @aes256, 0x1, @desc2}) 10:28:41 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x22, &(0x7f0000000040)=0xffffce2a, 0x4) mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000009, 0x1010, r0, 0x10000000) r1 = socket(0x15, 0x2, 0x10000) ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000080)) ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f00000000c0)) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x50, r2, 0x50a, 0x70bd28, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x26}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x23}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x200480c0}, 0x800) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x94, 0x0, 0x300, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_SEC_DEVKEY={0x18, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xfffffffffffe0006}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}]}, @NL802154_ATTR_SEC_DEVKEY={0x48, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x1c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x10001}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x800}, @NL802154_DEVKEY_ATTR_ID={0x14, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x94}, 0x1, 0x0, 0x0, 0x81}, 0x80) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x2c, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) ioctl$CDROMVOLREAD(r0, 0x5313, &(0x7f0000000540)) openat$cgroup_subtree(r0, &(0x7f0000000580), 0x2, 0x0) r4 = syz_io_uring_complete(0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r4, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x4c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xa5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x2}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4800}, 0xc040) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000700)='/proc/consoles\x00', 0x0, 0x0) ioctl$CDROM_SET_OPTIONS(r5, 0x5320, 0xd) fspick(r5, &(0x7f0000000740)='./file0\x00', 0x1) socket$inet6_tcp(0xa, 0x1, 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f0000000780)='posixacl\x00', 0x0, 0x0) 10:28:41 executing program 6: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, r1, 0x300, 0x70bd28, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0xc1}, 0x41) sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, r1, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x100}, 0x20000000) sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x68, 0x0, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @dev={0xfe, 0x80, '\x00', 0x25}}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_DOMAIN={0xf, 0x1, '+ &/.q\'\'[[\x00'}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x1}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback}]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x81) sendmsg$NL802154_CMD_GET_SEC_KEY(r0, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x38, r1, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x38}, 0x1, 0x0, 0x0, 0x4005}, 0x40001) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000540)={'wpan1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000580)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f0000000680)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x64, r1, 0x810, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_PID={0x8, 0x1c, 0xffffffffffffffff}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000800}, 0x8050) sendmsg$NL802154_CMD_SET_PAN_ID(r0, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r1, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_PAN_ID={0x6, 0x9, 0xffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x1400c800) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r3, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x34, 0x0, 0xc04, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0302}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x8810) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000900), r3) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000940)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r3, &(0x7f0000000a00)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x40, r6, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xb}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048091) sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r3, &(0x7f0000000b40)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)={0x58, r6, 0x600, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x0) syz_genetlink_get_family_id$nbd(&(0x7f0000000b80), r3) sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c00)={0x4c, 0x0, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRET={0x14, 0x4, [0x5, 0x10001, 0x4f32, 0x0]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20004091}, 0x20000040) sendmsg$NL802154_CMD_NEW_SEC_DEV(r3, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d40)={0x4c, r6, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x11}, 0x80) 10:28:41 executing program 7: ioctl$CDROM_SEND_PACKET(0xffffffffffffffff, 0x5393, &(0x7f0000000100)={"15943cb69e5b694eb45559db", &(0x7f0000000000)="18daa5100881be97b60fade5bb6816777b577a8d939e8c76ee071269c4d8ceb7efc7f11e1f6d7c0b0977db307f81f531bf992510d8fc4f7b7746f206fd84709e69b423b075ff1427d7af60c70cb4fa896089f8f773b13154cd6aa0af34dfe5e4135c1ef8e071d8f0653d84d84d3951fec8", 0x71, 0x7, &(0x7f0000000080)={0x1, 0x1, 0x2, 0x9, 0x0, 0x0, 0x0, "0c322497", 0xe2, "05836656", 0xfb, 0x85, 0xff, "08b447", "40d9eff3247b5a4d46c5c007e297dfc2e50e1a961b4fd187b7c81d8c5beeb7d2705e35d5e4a94acf94a78876b74e"}, 0x3, 0x7fff, 0xfffffff0, &(0x7f00000000c0)}) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x20, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x80d5}, 0x4000800) r0 = openat$incfs(0xffffffffffffffff, &(0x7f0000000240)='.pending_reads\x00', 0x400000, 0x1) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f9, &(0x7f0000000300)={'ip6gre0\x00', &(0x7f0000000280)={'sit0\x00', 0x0, 0x29, 0x0, 0x3, 0x80, 0x14, @private1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8000, 0x8, 0x4, 0x3}}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000480)={'ip6_vti0\x00', &(0x7f0000000400)={'ip6tnl0\x00', r1, 0x2f, 0x9, 0x3f, 0x0, 0x18, @private2={0xfc, 0x2, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @local}, 0x20, 0x10, 0x3, 0xfffffffa}}) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r2, 0x89f6, &(0x7f0000000540)={'syztnl1\x00', &(0x7f00000004c0)={'ip6gre0\x00', r3, 0x29, 0x28, 0x5a, 0x7, 0x12, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7800, 0x8, 0xfffffffa, 0x7fff}}) r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000005c0), r0) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x15000041}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x1c, r4, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x240000c4}, 0x20000000) r5 = fsmount(r0, 0x1, 0x3) ioctl$PTP_PIN_SETFUNC(r5, 0x40603d07, &(0x7f00000006c0)={'\x00', 0x6, 0x0, 0x8a9}) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r0, 0x89f6, &(0x7f00000007c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl0\x00', r1, 0x4, 0x0, 0x4, 0x7fffffff, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @broadcast}, 0x1, 0x1, 0x7f, 0x200}}) ioctl$CDROMPLAYBLK(r5, 0x5317, &(0x7f0000000800)={0x7fff, 0xbad}) fspick(r0, &(0x7f0000000840)='./file0\x00', 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nbd(&(0x7f00000008c0), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000900)={0xffffffffffffffff}) r9 = syz_io_uring_complete(0x0) sendmsg$NBD_CMD_RECONFIGURE(r6, &(0x7f0000000a80)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000980)={0xa0, r7, 0x300, 0x70bd28, 0x25dfdbfc, {}, [@NBD_ATTR_SOCKETS={0x24, 0x7, 0x0, 0x1, [{0x8, 0x1, r8}, {0x8, 0x1, r0}, {0x8, 0x1, r9}, {0x8, 0x1, r2}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xe3}, @NBD_ATTR_SOCKETS={0x44, 0x7, 0x0, 0x1, [{0x8, 0x1, r0}, {0x8, 0x1, r0}, {0x8}, {0x8, 0x1, r0}, {0x8, 0x1, r0}, {0x8, 0x1, r5}, {0x8, 0x1, r5}, {0x8, 0x1, r5}]}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}]}, 0xa0}, 0x1, 0x0, 0x0, 0x20040000}, 0x8054) [ 124.621438] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 124.627253] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 124.630066] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 124.632241] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 124.639947] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 124.643948] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 124.645589] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 124.647707] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 124.651074] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 124.670809] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 124.677097] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 124.678432] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 124.683028] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 124.706149] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 124.709938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 124.722235] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 124.733970] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 124.735791] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 124.811695] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 124.815342] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 124.817662] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 124.824601] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 124.830144] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 124.833233] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 126.690606] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 126.754888] Bluetooth: hci0: command 0x0409 tx timeout [ 126.755108] Bluetooth: hci1: command 0x0409 tx timeout [ 126.758474] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 126.818856] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 126.819117] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 126.820094] Bluetooth: hci2: command 0x0409 tx timeout [ 126.883069] Bluetooth: hci7: command 0x0409 tx timeout [ 128.803818] Bluetooth: hci0: command 0x041b tx timeout [ 128.804251] Bluetooth: hci1: command 0x041b tx timeout [ 128.866577] Bluetooth: hci2: command 0x041b tx timeout [ 128.930717] Bluetooth: hci7: command 0x041b tx timeout [ 129.789030] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 129.808129] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 129.809889] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 129.816985] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 129.824688] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 129.844413] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 129.891325] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 129.911452] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 129.935175] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 129.949864] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 129.978868] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 129.980752] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 130.850835] Bluetooth: hci0: command 0x040f tx timeout [ 130.851264] Bluetooth: hci1: command 0x040f tx timeout [ 130.915781] Bluetooth: hci2: command 0x040f tx timeout [ 130.978746] Bluetooth: hci7: command 0x040f tx timeout [ 131.490664] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 131.682743] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 131.875308] Bluetooth: hci5: command 0x0409 tx timeout [ 132.068010] Bluetooth: hci6: command 0x0409 tx timeout [ 132.898776] Bluetooth: hci1: command 0x0419 tx timeout [ 132.899595] Bluetooth: hci0: command 0x0419 tx timeout [ 132.965496] Bluetooth: hci2: command 0x0419 tx timeout [ 133.026587] Bluetooth: hci7: command 0x0419 tx timeout [ 133.922675] Bluetooth: hci5: command 0x041b tx timeout [ 134.114761] Bluetooth: hci6: command 0x041b tx timeout [ 135.180758] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 135.182193] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 135.186371] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 135.227767] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 135.231770] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 135.232676] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 135.972798] Bluetooth: hci5: command 0x040f tx timeout [ 136.163555] Bluetooth: hci6: command 0x040f tx timeout [ 137.124736] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 137.315596] Bluetooth: hci4: command 0x0409 tx timeout [ 138.020253] Bluetooth: hci5: command 0x0419 tx timeout [ 138.211718] Bluetooth: hci6: command 0x0419 tx timeout [ 139.363827] Bluetooth: hci4: command 0x041b tx timeout [ 139.971070] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 139.977662] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 139.983071] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 140.014186] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 140.036454] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 140.041062] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 141.411574] Bluetooth: hci4: command 0x040f tx timeout [ 142.115603] Bluetooth: hci3: command 0x0409 tx timeout [ 143.458794] Bluetooth: hci4: command 0x0419 tx timeout [ 144.164083] Bluetooth: hci3: command 0x041b tx timeout [ 146.210710] Bluetooth: hci3: command 0x040f tx timeout [ 148.260815] Bluetooth: hci3: command 0x0419 tx timeout [ 186.841966] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 186.844768] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 186.845772] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 186.864729] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 186.866307] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 186.868493] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 186.875800] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 186.881940] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 186.884795] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 186.884842] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 186.890724] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 186.910725] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 186.964983] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 186.988774] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 186.996999] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 187.054423] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 187.065112] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 187.071685] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 188.770825] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 188.963074] Bluetooth: hci2: command 0x0409 tx timeout [ 189.096717] Bluetooth: hci1: command 0x0409 tx timeout [ 189.155579] Bluetooth: hci7: command 0x0409 tx timeout [ 191.010746] Bluetooth: hci2: command 0x041b tx timeout [ 191.138581] Bluetooth: hci1: command 0x041b tx timeout [ 191.202726] Bluetooth: hci7: command 0x041b tx timeout [ 191.672076] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 191.675238] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 191.676805] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 191.687773] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 191.690601] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 191.702946] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 191.855395] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 191.864473] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 191.883797] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 191.899483] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 191.902277] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 191.908769] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 193.058581] Bluetooth: hci2: command 0x040f tx timeout [ 193.186578] Bluetooth: hci1: command 0x040f tx timeout [ 193.250542] Bluetooth: hci7: command 0x040f tx timeout [ 193.442601] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 193.764501] Bluetooth: hci5: command 0x0409 tx timeout [ 194.018607] Bluetooth: hci6: command 0x0409 tx timeout [ 195.106733] Bluetooth: hci2: command 0x0419 tx timeout [ 195.235005] Bluetooth: hci1: command 0x0419 tx timeout [ 195.299751] Bluetooth: hci7: command 0x0419 tx timeout [ 195.810722] Bluetooth: hci5: command 0x041b tx timeout [ 196.066799] Bluetooth: hci6: command 0x041b tx timeout [ 197.859322] Bluetooth: hci5: command 0x040f tx timeout [ 198.114795] Bluetooth: hci6: command 0x040f tx timeout [ 198.562580] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 198.563946] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 199.908287] Bluetooth: hci5: command 0x0419 tx timeout [ 200.162700] Bluetooth: hci6: command 0x0419 tx timeout [ 202.176044] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 202.192771] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 202.194553] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 202.222085] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 202.234780] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 202.240073] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 202.314767] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 202.350796] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 202.363901] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 202.376337] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 202.398949] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 202.410011] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 204.067662] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 204.386633] Bluetooth: hci3: command 0x0409 tx timeout [ 204.514601] Bluetooth: hci4: command 0x0409 tx timeout [ 206.435812] Bluetooth: hci3: command 0x041b tx timeout [ 206.564542] Bluetooth: hci4: command 0x041b tx timeout [ 208.482785] Bluetooth: hci3: command 0x040f tx timeout [ 208.610573] Bluetooth: hci4: command 0x040f tx timeout [ 208.932559] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 210.530604] Bluetooth: hci3: command 0x0419 tx timeout [ 210.659011] Bluetooth: hci4: command 0x0419 tx timeout [ 211.854373] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 211.857895] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 211.863898] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 211.875040] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 211.885903] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 211.903965] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 213.987620] Bluetooth: hci0: command 0x0409 tx timeout [ 216.034648] Bluetooth: hci0: command 0x041b tx timeout [ 218.082807] Bluetooth: hci0: command 0x040f tx timeout [ 220.130833] Bluetooth: hci0: command 0x0419 tx timeout [ 249.351104] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 249.352385] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 249.358193] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 249.364145] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 249.368896] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 249.371189] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 249.469960] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 249.477701] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 249.481278] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 249.487595] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 249.493740] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 249.496160] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 251.362708] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 251.493055] Bluetooth: hci1: command 0x0409 tx timeout [ 251.555388] Bluetooth: hci7: command 0x0409 tx timeout [ 253.538643] Bluetooth: hci1: command 0x041b tx timeout [ 253.603076] Bluetooth: hci7: command 0x041b tx timeout [ 255.586925] Bluetooth: hci1: command 0x040f tx timeout [ 255.650607] Bluetooth: hci7: command 0x040f tx timeout [ 255.778792] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 256.164774] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 256.421563] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 257.635388] Bluetooth: hci1: command 0x0419 tx timeout [ 257.698589] Bluetooth: hci7: command 0x0419 tx timeout [ 258.442670] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 258.448005] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 258.449446] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 258.456675] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 258.469046] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 258.472800] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 258.814039] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 258.822429] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 258.846482] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 258.887639] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 258.893564] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 258.897663] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 260.514588] Bluetooth: hci2: command 0x0409 tx timeout [ 260.963025] Bluetooth: hci5: command 0x0409 tx timeout [ 261.026955] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 262.564210] Bluetooth: hci2: command 0x041b tx timeout [ 263.011573] Bluetooth: hci5: command 0x041b tx timeout [ 263.498165] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 263.505247] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 263.510351] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 263.519787] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 263.523102] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 263.528728] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 264.220818] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 264.223866] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 264.231331] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 264.277976] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 264.287023] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 264.290012] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 264.611124] Bluetooth: hci2: command 0x040f tx timeout [ 265.059535] Bluetooth: hci5: command 0x040f tx timeout [ 265.570610] Bluetooth: hci3: command 0x0409 tx timeout [ 266.146863] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 266.339588] Bluetooth: hci6: command 0x0409 tx timeout [ 266.658677] Bluetooth: hci2: command 0x0419 tx timeout [ 267.107570] Bluetooth: hci5: command 0x0419 tx timeout [ 267.622571] Bluetooth: hci3: command 0x041b tx timeout [ 268.387024] Bluetooth: hci6: command 0x041b tx timeout [ 269.055664] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 269.059947] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 269.072638] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 269.088347] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 269.096890] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 269.100379] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 269.666582] Bluetooth: hci3: command 0x040f tx timeout [ 270.434715] Bluetooth: hci6: command 0x040f tx timeout [ 271.139136] Bluetooth: hci4: command 0x0409 tx timeout [ 271.715216] Bluetooth: hci3: command 0x0419 tx timeout [ 272.484096] Bluetooth: hci6: command 0x0419 tx timeout [ 273.187644] Bluetooth: hci4: command 0x041b tx timeout [ 274.212313] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 274.213823] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 274.218299] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 274.251258] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 274.280896] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 274.294778] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 275.235788] Bluetooth: hci4: command 0x040f tx timeout [ 276.387677] Bluetooth: hci0: command 0x0409 tx timeout [ 277.284708] Bluetooth: hci4: command 0x0419 tx timeout [ 278.434568] Bluetooth: hci0: command 0x041b tx timeout [ 280.482568] Bluetooth: hci0: command 0x040f tx timeout [ 282.530565] Bluetooth: hci0: command 0x0419 tx timeout [ 310.973022] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 310.976758] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 310.979956] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 310.985207] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 310.994747] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 311.007497] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 311.288234] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 311.300782] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 311.301687] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 311.317794] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 311.321551] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 311.325058] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 313.060104] Bluetooth: hci1: command 0x0409 tx timeout [ 313.378786] Bluetooth: hci7: command 0x0409 tx timeout [ 315.106618] Bluetooth: hci1: command 0x041b tx timeout [ 315.426769] Bluetooth: hci7: command 0x041b tx timeout [ 317.157562] Bluetooth: hci1: command 0x040f tx timeout [ 317.474599] Bluetooth: hci7: command 0x040f tx timeout [ 319.202559] Bluetooth: hci1: command 0x0419 tx timeout [ 319.522822] Bluetooth: hci7: command 0x0419 tx timeout [ 320.733372] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 320.747879] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 320.758634] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 320.785301] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 320.787060] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 320.800757] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 322.850610] Bluetooth: hci2: command 0x0409 tx timeout [ 323.362748] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 324.898595] Bluetooth: hci2: command 0x041b tx timeout [ 325.547963] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 325.565803] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 325.575826] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 325.593294] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 325.597075] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 325.599198] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 326.091262] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 326.102970] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 326.122104] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 326.137990] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 326.142980] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 326.149097] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 326.946676] Bluetooth: hci2: command 0x040f tx timeout [ 327.651064] Bluetooth: hci3: command 0x0409 tx timeout [ 328.226764] Bluetooth: hci5: command 0x0409 tx timeout [ 328.354595] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 328.994602] Bluetooth: hci2: command 0x0419 tx timeout [ 329.701761] Bluetooth: hci3: command 0x041b tx timeout [ 330.274591] Bluetooth: hci5: command 0x041b tx timeout [ 331.748278] Bluetooth: hci3: command 0x040f tx timeout [ 332.322567] Bluetooth: hci5: command 0x040f tx timeout [ 332.770572] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 333.282644] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 333.794651] Bluetooth: hci3: command 0x0419 tx timeout [ 334.370636] Bluetooth: hci5: command 0x0419 tx timeout [ 336.300041] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 336.339493] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 336.359951] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 336.386496] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 336.396395] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 336.412303] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 338.402779] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 338.469587] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 338.531591] Bluetooth: hci0: command 0x0409 tx timeout [ 340.578887] Bluetooth: hci0: command 0x041b tx timeout [ 341.457979] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 341.462010] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 341.463551] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 341.486797] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 341.498955] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 341.523787] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 342.626716] Bluetooth: hci0: command 0x040f tx timeout [ 343.330616] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 343.588585] Bluetooth: hci6: command 0x0409 tx timeout [ 344.674715] Bluetooth: hci0: command 0x0419 tx timeout [ 345.634911] Bluetooth: hci6: command 0x041b tx timeout [ 346.073175] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 346.078040] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 346.090748] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 346.134588] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 346.146658] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 346.158992] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 347.682766] Bluetooth: hci6: command 0x040f tx timeout [ 348.258780] Bluetooth: hci4: command 0x0409 tx timeout [ 349.730557] Bluetooth: hci6: command 0x0419 tx timeout [ 350.306565] Bluetooth: hci4: command 0x041b tx timeout [ 352.354559] Bluetooth: hci4: command 0x040f tx timeout [ 354.403548] Bluetooth: hci4: command 0x0419 tx timeout [ 373.424192] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 373.433067] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 373.437963] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 373.452352] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 373.459030] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 373.509664] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 374.192108] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 374.227055] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 374.240870] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 374.314877] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 374.324024] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 374.346529] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 375.586746] Bluetooth: hci1: command 0x0409 tx timeout [ 376.483072] Bluetooth: hci7: command 0x0409 tx timeout [ 377.635104] Bluetooth: hci1: command 0x041b tx timeout [ 378.530584] Bluetooth: hci7: command 0x041b tx timeout [ 379.682969] Bluetooth: hci1: command 0x040f tx timeout [ 380.579378] Bluetooth: hci7: command 0x040f tx timeout [ 381.730556] Bluetooth: hci1: command 0x0419 tx timeout [ 382.626952] Bluetooth: hci7: command 0x0419 tx timeout [ 383.414146] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 383.424140] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 383.457679] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 383.493066] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 383.513042] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 383.521409] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 385.635154] Bluetooth: hci2: command 0x0409 tx timeout [ 387.682565] Bluetooth: hci2: command 0x041b tx timeout [ 389.412579] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 389.730662] Bluetooth: hci2: command 0x040f tx timeout [ 389.795559] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 391.779544] Bluetooth: hci2: command 0x0419 tx timeout [ 392.431327] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 392.457903] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 392.459195] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 392.501106] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 392.507482] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 392.519865] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 394.596813] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 394.659882] Bluetooth: hci3: command 0x0409 tx timeout [ 396.706570] Bluetooth: hci3: command 0x041b tx timeout [ 397.781963] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 397.787813] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 397.791771] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 397.798790] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 397.807813] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 397.814912] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 398.754562] Bluetooth: hci3: command 0x040f tx timeout [ 399.778666] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 399.906798] Bluetooth: hci5: command 0x0409 tx timeout [ 400.803167] Bluetooth: hci3: command 0x0419 tx timeout [ 401.954800] Bluetooth: hci5: command 0x041b tx timeout [ 402.697777] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 402.705066] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 402.709058] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 402.726781] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 402.749776] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 402.760852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 404.002839] Bluetooth: hci5: command 0x040f tx timeout [ 404.834611] Bluetooth: hci0: command 0x0409 tx timeout [ 404.898567] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 406.052545] Bluetooth: hci5: command 0x0419 tx timeout [ 406.882615] Bluetooth: hci0: command 0x041b tx timeout [ 408.202750] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 408.208650] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 408.220405] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 408.234027] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 408.236930] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 408.240277] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 408.930563] Bluetooth: hci0: command 0x040f tx timeout [ 410.338629] Bluetooth: hci4: command 0x0409 tx timeout [ 410.468862] Bluetooth: hci6: Opcode 0x c03 failed: -110 2023/08/19 10:33:29 executor 7 failed 11 times: executor 7: exit status 67 SYZFAIL: wrong response packet (errno 2: No such file or directory) loop exited with status 67 [ 410.978877] Bluetooth: hci0: command 0x0419 tx timeout VM DIAGNOSIS: 10:33:29 Registers: info registers vcpu 0 RAX=00000000000215dd RBX=ffff8880346af808 RCX=0000000000000000 RDX=0000000000000000 RSI=ffffffff8113b883 RDI=ffffffff8653bbd8 RBP=00000000000082e9 RSP=ffff8880346af788 R8 =0000000000000004 R9 =00000000000082e9 R10=0000000000038000 R11=0000000000000001 R12=0000000000000001 R13=ffffffff8182e93e R14=ffff8880346af849 R15=00000000000082e9 RIP=ffffffff8113b8c1 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fc38c6ba540 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fc38c78b710 CR3=000000002dd98000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000ff0000000000000000000000ff XMM01=ffffff0000ff00ffffffffffffffff00 XMM02=494c4700362e322e325f4342494c4700 XMM03=00000000000000000000000000004700 XMM04=4342494c4700362e322e325f4342494c XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000001 RCX=0000000000000100 RDX=ffff88800d3e0000 RSI=ffffffff8113b5a6 RDI=0000000000000005 RBP=ffff88802b477668 RSP=ffff88806cf099c8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000008 R13=0000000000000000 R14=ffff88802b470000 R15=ffff88802b478000 RIP=ffffffff814d9134 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007efc84ef0540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007efc84fc1710 CR3=0000000014f48000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000ff0000000000000000000000ff00 XMM01=ffff00ffffffffffffffffffffff00ff XMM02=4c4700362e322e325f4342494c470035 XMM03=00000000000000000000000000470035 XMM04=4342494c4700362e322e325f4342494c XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000