Warning: Permanently added '[localhost]:54185' (ECDSA) to the list of known hosts. 2023/08/20 13:16:22 fuzzer started 2023/08/20 13:16:23 dialing manager at localhost:46849 syzkaller login: [ 97.252001] cgroup: Unknown subsys name 'net' [ 97.434540] cgroup: Unknown subsys name 'rlimit' [ 108.913328] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2023/08/20 13:16:36 syscalls: 200 2023/08/20 13:16:36 code coverage: enabled 2023/08/20 13:16:36 comparison tracing: enabled 2023/08/20 13:16:36 extra coverage: enabled 2023/08/20 13:16:36 setuid sandbox: enabled 2023/08/20 13:16:36 namespace sandbox: enabled 2023/08/20 13:16:36 Android sandbox: enabled 2023/08/20 13:16:36 fault injection: enabled 2023/08/20 13:16:36 leak checking: enabled 2023/08/20 13:16:36 net packet injection: enabled 2023/08/20 13:16:36 net device setup: enabled 2023/08/20 13:16:36 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/08/20 13:16:36 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/08/20 13:16:36 USB emulation: enabled 2023/08/20 13:16:36 hci packet injection: enabled 2023/08/20 13:16:36 wifi device emulation: enabled 2023/08/20 13:16:36 802.15.4 emulation: enabled 2023/08/20 13:16:36 fetching corpus: 0, signal 0/0 (executing program) 2023/08/20 13:16:36 starting 8 fuzzer processes 13:16:36 executing program 0: mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3000008, 0x2010, 0xffffffffffffffff, 0x10000000) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x2, 0x0) r0 = syz_io_uring_setup(0x3244, &(0x7f0000000040)={0x0, 0x1, 0x8, 0x0, 0x33e}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, 0x0, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x9}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xfffffffffffffffa}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4008004) ioctl$MON_IOCH_MFLUSH(0xffffffffffffffff, 0x9208, 0x169) ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000280)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x8}) shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffd000/0x3000)=nil) shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x0) mmap$usbmon(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000000, 0x80010, 0xffffffffffffffff, 0x2) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000000, 0x10, r0, 0x10000000) io_uring_setup(0x7773, &(0x7f00000002c0)={0x0, 0x4843, 0x1, 0x0, 0x239, 0x0, r0}) r1 = syz_open_dev$usbmon(&(0x7f0000000340), 0x1, 0x200482) ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x9) ioctl$sock_inet_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000380)) syz_open_dev$usbmon(&(0x7f00000003c0), 0x2, 0x240800) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4) semget(0x1, 0x1, 0x91) fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0) r2 = syz_io_uring_setup(0x414a, &(0x7f0000000440)={0x0, 0x9a26, 0x0, 0x2, 0x3b5}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000004c0), &(0x7f0000000500)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000004, 0x80010, r2, 0x8000000) 13:16:36 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x40101, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000040)='\x00', 0x0, r1) r2 = fsmount(r0, 0x0, 0x1) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4, 0x0, &(0x7f00000000c0)=[@enter_looper], 0xa8, 0x0, &(0x7f0000000100)="0096a0cbfc600774ddc563d9c2d36c61a27fa42eaa0af9d1dd9261bdfa45ec7c962b4861d95d266ab76ad766b21e429c7b6dffc6d1ebaea8030e6f6852f15d129bcb6bab1853035661c382b8c8ed14a4137bb4d0db8eb4a7d781aba45e25873442d2c696d14c45a54437ced45411cfaaac7863ec0bb071b1912844a5fc8b0fa8e1724f53084e11c8c05aa76514c53afd1a7f654972c46e00759bccd4441a56bfaebc98f2ca72744f"}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000300)={0x8, 0x0, &(0x7f0000000200)=[@release={0x40046306, 0x3}], 0xb6, 0x0, &(0x7f0000000240)="d184a1a70c8a2dace7aa4c9d310ac0dc2a0c83d28305c75f3078af65b28eb0a95e22b59e39cf5adeb6cc220f9b09740d2a4b005fb6f4cba813dd8b4a4bf87ff7669a0abb3acd0b4e5cfdc55f0d5d53e77258035a3b54bc62a80da8719957d650135d53a63f4ed05441f54e7a6f4f7df9e19f2bc4a04a3c6e992f6f3df729515a27caa6cfb351890795d0a0e3c8d20fe9d4ca006f913c30b7c9017d698b2ab6b72822c09021066e8c89fda708ec2e6172e5596701c5ce"}) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000340), 0x240580, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000380)='illinois\x00', 0x9) ioctl$BLKSECTGET(r2, 0x1267, &(0x7f00000003c0)) fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f0000000400)='^^\\-\x00', 0x0, r3) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nbd(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$NBD_CMD_STATUS(r4, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x820000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x44, r5, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x1}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040040}, 0x10) r6 = socket$packet(0x11, 0x2, 0x300) getpeername$packet(r6, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000600)=0x14) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000640), 0x400, 0x0) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r7, 0x6, 0x15, &(0x7f0000000680)=0x8, 0x4) sendmsg$NBD_CMD_STATUS(r4, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x20, 0x0, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}]}, 0x20}}, 0x10) ioctl$RNDADDENTROPY(r3, 0x40085203, &(0x7f00000007c0)={0xcd, 0xb2, "6ca9c7a9e4fe223dc8217f3ca3b299f949818ed7a5d3585cb4799dc5f4413e0860a2f83e3b8ea1bcb6bb9a377321b3d9667bcd84076e17c581fa9964f0c00d054b92de56a9ca9f3432dd5f2aa032769a1b4f8592e487f7e38e81e91181d61e90ee016cab5b3940e8bcea50742c9d6be5ce6cda3511db5570e42c59cb8fc30327dc18fff306a73ba67b9a60b285a67d437997a7b072f4d6d668a68153fdb98d90848271fbb42ea17f8d8207f3f4b5fb585f81"}) 13:16:36 executing program 2: setsockopt$inet_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f0000000000)=0x8, 0x4) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x5, &(0x7f0000000040), 0x4) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000080), &(0x7f00000000c0)=0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000100)=0x4, 0x4) r1 = socket(0x10, 0x40004, 0x2) ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000140)) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) ioctl$sock_inet_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000200)) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x100000c, 0x108090, 0xffffffffffffffff, 0x10000000) syz_io_uring_submit(0x0, r2, &(0x7f0000000240)=@IORING_OP_NOP={0x0, 0x2}, 0x0) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000280), 0x628400, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r3, 0x541b, &(0x7f00000002c0)) setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000300)=@gcm_128={{0x303}, "49930e0d3a80d530", "dad82ea1d2716b08557fadf92108bd55", "74fe4591", "3ed9899f74c0158a"}, 0x28) ioctl$sock_inet_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000340)) r4 = socket(0x27, 0x4, 0x9) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r4, 0x6, 0x15, &(0x7f0000000380)=0x80, 0x4) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f00000003c0), 0x200000, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000400)=0xffffffffffffffff, 0x4) 13:16:36 executing program 3: r0 = fsmount(0xffffffffffffffff, 0x0, 0x8) ioctl$PTP_EXTTS_REQUEST2(r0, 0x40103d0b, &(0x7f0000000000)={0xaf, 0x8}) ioctl$PTP_PIN_GETFUNC(r0, 0xc0603d06, &(0x7f0000000040)={'\x00', 0x0, 0xfe61e8d981d8abb, 0x1}) getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000100)={@ipv4={""/10, ""/2, @initdev}, 0x0}, &(0x7f0000000140)=0x14) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x800, 0x70bd25, 0x5f, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x810) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x282000, 0x0) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_DEV(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x20, r2, 0x4, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x20}, 0x1, 0x0, 0x0, 0x4008810}, 0x8010) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f00000003c0)=@gcm_128={{0x303}, "a763f61b5c09b1a9", "92d9d27bab1221818572fdca9d792425", "0d688d66", "986406d82e0b6122"}, 0x28) r4 = syz_open_dev$loop(&(0x7f0000000400), 0x0, 0x400000) ioctl$BLKPG(r4, 0x1269, &(0x7f0000000480)={0x7ff, 0x0, 0x3f, &(0x7f0000000440)="b13d28724fb00db34a018a93766aae61eee8f50632134dcd42e1c2cf0109f7f3dc201ded752610aa5933edef9fdd55a5e0d57bec37e52264513044bc88ec89"}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000004c0)={'wpan0\x00'}) r6 = fsmount(r0, 0x0, 0xf0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000500)=0x1, 0x4) add_key$keyring(&(0x7f0000000540), &(0x7f0000000580)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000600), r6) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, r7, 0x4, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x20008080) get_robust_list(0x0, &(0x7f00000007c0)=&(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)}}, &(0x7f0000000800)=0x18) [ 110.052951] audit: type=1400 audit(1692537396.997:6): avc: denied { execmem } for pid=268 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:16:37 executing program 4: r0 = msgget(0x1, 0x28) msgctl$MSG_STAT_ANY(r0, 0xd, &(0x7f0000000000)=""/22) msgctl$IPC_INFO(0xffffffffffffffff, 0x3, &(0x7f0000000040)=""/45) r1 = msgget(0x1, 0x300) msgctl$IPC_RMID(r1, 0x0) r2 = fsopen(&(0x7f0000000080)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000000c0)='cgroup\x00', 0x0, r2) r3 = msgget$private(0x0, 0x100) msgctl$IPC_STAT(r3, 0x2, &(0x7f0000000100)=""/114) ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0) r4 = msgget(0x3, 0x10) msgctl$MSG_STAT(r4, 0xb, &(0x7f0000000180)=""/165) r5 = fsopen(&(0x7f0000000240)='overlay\x00', 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r5, 0x4, &(0x7f0000000280)='cgroup\x00', &(0x7f00000002c0)='./file0\x00', 0xffffffffffffff9c) msgctl$IPC_STAT(r0, 0x2, &(0x7f0000000300)=""/105) fsconfig$FSCONFIG_SET_FLAG(r2, 0x0, &(0x7f0000000380)='silent\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f00000003c0)=[@mss={0x2, 0x1c8}, @window={0x3, 0x0, 0x2}], 0x2) keyctl$reject(0x13, 0x0, 0x2, 0x7, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) 13:16:37 executing program 5: r0 = fsmount(0xffffffffffffffff, 0x1, 0x80) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', 0x0}) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_ADD(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x44, r2, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x44001}, 0x20040850) write$rfkill(r0, &(0x7f00000001c0)={0x401, 0x5, 0x3, 0x1, 0x1}, 0x8) sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, 0x0, 0x4, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x79}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x8084}, 0x8c0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000340), 0x4) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000380), 0xffffffffffffffff) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000440)={@mcast2, 0x0}, &(0x7f0000000480)=0x14) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x34, r4, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xbd}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xef}]}, 0x34}, 0x1, 0x0, 0x0, 0x8020}, 0x48800) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000580)) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder1\x00', 0x2, 0x0) r7 = fork() ioctl$BINDER_GET_FROZEN_INFO(r6, 0xc00c620f, &(0x7f0000000600)={r7}) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000640)='nv\x00', 0x3) r8 = syz_genetlink_get_family_id$batadv(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, r8, 0x300, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x2}]}, 0x24}}, 0xc1) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000900)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x48, 0x0, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x25e}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7f}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x6}]}, 0x48}}, 0x40) 13:16:37 executing program 6: r0 = fsmount(0xffffffffffffffff, 0x1, 0x0) mmap$usbmon(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4, 0x30, r0, 0x9) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(r1, 0x5201) ioctl$BINDER_CTL_ADD(r0, 0xc1086201, &(0x7f0000000040)={'custom1\x00'}) io_uring_setup(0x29a1, &(0x7f0000000180)={0x0, 0x2193, 0x10, 0x1, 0x21, 0x0, r0}) syz_io_uring_setup(0x792c, &(0x7f0000000200)={0x0, 0xbc41, 0x8, 0x1, 0x105}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) getgroups(0x6, &(0x7f0000000480)=[0xee00, 0xee01, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0]) getgroups(0x6, &(0x7f00000004c0)=[r2, 0xffffffffffffffff, 0xee01, 0xee00, 0xffffffffffffffff, 0xffffffffffffffff]) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000640)={&(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000540)=""/224, 0xe0}) r7 = openat$random(0xffffffffffffff9c, &(0x7f0000000680), 0x400, 0x0) ioctl$RNDADDENTROPY(r7, 0x40085203, &(0x7f00000006c0)={0x9, 0xc7, "d989dddf7b5ca5fdab70873c5c9452210ea5172fd9e5549746599e521cb2d8a07fad89ae336bfa048c39d9c297c92d2e08986d6313b5440aa6406ec93ad862136a49523cc59910abb7c041947e588477a4541b9e50f0a8a1499119df340cd5ebc5fd283e8112ff95e802cc4130c492a88e7d50a7aaa3fdc6114c0f6c78278832b48494e7299ef0ee8467d877595cade267024edec5b595949619fe0508e4c9544fc7438238133525c9bea7203b61565b56202be1d83ce0f52c2afe000c03a25e7363035a84e1ee"}) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nbd(&(0x7f0000000800), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r8, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x38, r9, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x4}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x101}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4004) r10 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000900), 0x101000, 0x0) ioctl$BLKALIGNOFF(r10, 0x127a, &(0x7f0000000940)) sendmsg$NL802154_CMD_SET_CCA_MODE(r8, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x4c, 0x0, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_CCA_OPT={0x8}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x1}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x0) getgroups(0x3, &(0x7f0000000b80)=[0xee01, r3, 0xffffffffffffffff]) getgroups(0x6, &(0x7f0000000cc0)=[r4, r6, r11, 0x0, 0xee01, r5]) 13:16:37 executing program 7: r0 = fork() fork() r1 = gettid() ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f0000000000)={r1}) ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f0000000040)={r1}) r2 = shmget(0x3, 0x2000, 0x80, &(0x7f0000ffd000/0x2000)=nil) getgroups(0x7, &(0x7f0000000600)=[0x0, 0xee01, 0x0, 0xee00, 0xee00, 0xee00, 0xffffffffffffffff]) getresuid(&(0x7f0000000680), &(0x7f00000006c0), &(0x7f0000000700)=0x0) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000740)={{0x3, 0xffffffffffffffff, r3, r4, 0xee01, 0x40, 0x101}, 0x6, 0xffff, 0x100000000000000, 0x0, 0xffffffffffffffff, r0, 0x1000}) getresuid(&(0x7f00000007c0), &(0x7f0000000800), &(0x7f0000000840)) rt_sigprocmask(0x1, &(0x7f0000000880)={[0x2]}, &(0x7f00000008c0), 0x8) mq_open(&(0x7f0000000900)='$[\\%^\x00', 0x40, 0x0, &(0x7f0000000940)={0x1, 0x1, 0x2, 0x3}) shmget$private(0x0, 0x3000, 0x100a, &(0x7f0000ffa000/0x3000)=nil) r5 = syz_open_dev$usbmon(&(0x7f0000000980), 0x4, 0x101c00) ioctl$MON_IOCX_GET(r5, 0x40189206, &(0x7f0000000ac0)={&(0x7f00000009c0), &(0x7f0000000a00)=""/172, 0xac}) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000b00), 0x200000, 0x0) mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0) openat$cgroup_subtree(r6, &(0x7f0000000b40), 0x2, 0x0) openat$cgroup_subtree(r6, &(0x7f0000000b80), 0x2, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) [ 111.323735] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 111.329703] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 111.334536] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 111.340689] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 111.349809] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 111.351983] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 111.387849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 111.392640] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 111.397504] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 111.402696] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 111.406504] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 111.408560] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 111.492341] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 111.497669] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 111.507499] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 111.525940] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 111.547748] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 111.553413] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 111.629936] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 111.637851] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 111.648304] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 111.658447] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 111.666759] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 111.669309] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 113.411626] Bluetooth: hci0: command 0x0409 tx timeout [ 113.476329] Bluetooth: hci1: command 0x0409 tx timeout [ 113.476853] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 113.539292] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 113.603924] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 113.605600] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 113.667336] Bluetooth: hci3: command 0x0409 tx timeout [ 113.731119] Bluetooth: hci5: command 0x0409 tx timeout [ 115.459127] Bluetooth: hci0: command 0x041b tx timeout [ 115.523121] Bluetooth: hci1: command 0x041b tx timeout [ 115.715234] Bluetooth: hci3: command 0x041b tx timeout [ 115.780996] Bluetooth: hci5: command 0x041b tx timeout [ 116.886560] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 116.897298] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 116.904788] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 116.909249] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 116.930654] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 116.937517] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 116.996618] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 117.009363] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 117.065910] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 117.069149] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 117.070931] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 117.071847] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 117.507525] Bluetooth: hci0: command 0x040f tx timeout [ 117.571580] Bluetooth: hci1: command 0x040f tx timeout [ 117.764074] Bluetooth: hci3: command 0x040f tx timeout [ 117.827414] Bluetooth: hci5: command 0x040f tx timeout [ 118.915109] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 118.980123] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 119.043113] Bluetooth: hci4: command 0x0409 tx timeout [ 119.171189] Bluetooth: hci7: command 0x0409 tx timeout [ 119.555112] Bluetooth: hci0: command 0x0419 tx timeout [ 119.622069] Bluetooth: hci1: command 0x0419 tx timeout [ 119.811293] Bluetooth: hci3: command 0x0419 tx timeout [ 119.875185] Bluetooth: hci5: command 0x0419 tx timeout [ 121.091142] Bluetooth: hci4: command 0x041b tx timeout [ 121.219464] Bluetooth: hci7: command 0x041b tx timeout [ 121.956334] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 121.967417] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 121.988833] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 122.037991] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 122.048623] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 122.061435] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 123.140095] Bluetooth: hci4: command 0x040f tx timeout [ 123.269099] Bluetooth: hci7: command 0x040f tx timeout [ 123.843125] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 124.164141] Bluetooth: hci6: command 0x0409 tx timeout [ 125.190117] Bluetooth: hci4: command 0x0419 tx timeout [ 125.317299] Bluetooth: hci7: command 0x0419 tx timeout [ 126.211475] Bluetooth: hci6: command 0x041b tx timeout [ 128.259139] Bluetooth: hci6: command 0x040f tx timeout [ 129.094135] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 130.309366] Bluetooth: hci6: command 0x0419 tx timeout [ 131.822761] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 131.847193] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 131.855876] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 131.905902] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 131.907555] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 131.921615] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 134.019846] Bluetooth: hci2: command 0x0409 tx timeout [ 136.068079] Bluetooth: hci2: command 0x041b tx timeout [ 138.116094] Bluetooth: hci2: command 0x040f tx timeout [ 140.163498] Bluetooth: hci2: command 0x0419 tx timeout [ 171.557032] syz-executor.3 (279) used greatest stack depth: 24008 bytes left [ 174.890609] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 174.893564] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 174.895578] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 174.905288] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 174.913630] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 174.915780] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 176.068160] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 176.515289] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 176.643219] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 176.963607] Bluetooth: hci5: command 0x0409 tx timeout [ 178.267673] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 178.280890] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 178.284000] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 178.303509] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 178.306763] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 178.308509] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 178.652039] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 178.671759] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 178.678774] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 178.701322] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 178.712456] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 178.714191] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 179.013088] Bluetooth: hci5: command 0x041b tx timeout [ 179.051390] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 179.055006] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 179.056829] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 179.064364] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 179.073674] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 179.075469] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 180.355136] Bluetooth: hci0: command 0x0409 tx timeout [ 180.485135] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 180.803105] Bluetooth: hci3: command 0x0409 tx timeout [ 181.059292] Bluetooth: hci5: command 0x040f tx timeout [ 181.123143] Bluetooth: hci4: command 0x0409 tx timeout [ 181.187143] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 182.404086] Bluetooth: hci0: command 0x041b tx timeout [ 182.851086] Bluetooth: hci3: command 0x041b tx timeout [ 183.107084] Bluetooth: hci5: command 0x0419 tx timeout [ 183.172380] Bluetooth: hci4: command 0x041b tx timeout [ 183.776500] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 183.784421] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 183.794469] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 183.803845] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 183.813730] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 183.828363] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 184.451317] Bluetooth: hci0: command 0x040f tx timeout [ 184.899147] Bluetooth: hci3: command 0x040f tx timeout [ 185.219271] Bluetooth: hci4: command 0x040f tx timeout [ 185.539276] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 185.603348] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 185.924213] Bluetooth: hci7: command 0x0409 tx timeout [ 186.500304] Bluetooth: hci0: command 0x0419 tx timeout [ 186.950104] Bluetooth: hci3: command 0x0419 tx timeout [ 187.268337] Bluetooth: hci4: command 0x0419 tx timeout [ 187.971116] Bluetooth: hci7: command 0x041b tx timeout [ 188.937890] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 188.940966] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 188.957324] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 188.997391] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 188.998857] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 189.000542] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 190.021169] Bluetooth: hci7: command 0x040f tx timeout [ 190.851107] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 191.107154] Bluetooth: hci6: command 0x0409 tx timeout [ 192.067199] Bluetooth: hci7: command 0x0419 tx timeout [ 193.155112] Bluetooth: hci6: command 0x041b tx timeout [ 193.582511] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 193.588284] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 193.593346] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 193.618389] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 193.635359] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 193.650422] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 195.203392] Bluetooth: hci6: command 0x040f tx timeout [ 195.717128] Bluetooth: hci1: command 0x0409 tx timeout [ 195.845088] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 197.251284] Bluetooth: hci6: command 0x0419 tx timeout [ 197.763125] Bluetooth: hci1: command 0x041b tx timeout [ 199.126985] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 199.134385] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 199.135956] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 199.170782] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 199.174024] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 199.176382] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 199.813082] Bluetooth: hci1: command 0x040f tx timeout [ 201.285108] Bluetooth: hci2: command 0x0409 tx timeout [ 201.859090] Bluetooth: hci1: command 0x0419 tx timeout [ 203.331874] Bluetooth: hci2: command 0x041b tx timeout [ 205.379113] Bluetooth: hci2: command 0x040f tx timeout [ 207.427143] Bluetooth: hci2: command 0x0419 tx timeout [ 238.467162] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 241.307772] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 241.319522] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 241.330367] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 241.338899] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 241.361348] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 241.366300] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 241.987284] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 242.371106] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 243.139506] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 243.404674] Bluetooth: hci5: command 0x0409 tx timeout [ 244.899699] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 244.900856] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 244.913299] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 244.918003] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 244.932748] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 244.936002] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 245.398521] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 245.400141] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 245.401900] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 245.417869] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 245.420431] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 245.422355] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 245.443143] Bluetooth: hci5: command 0x041b tx timeout [ 245.880919] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 245.885350] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 245.887528] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 245.919327] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 245.928769] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 245.940902] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 246.981280] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 247.043333] Bluetooth: hci0: command 0x0409 tx timeout [ 247.491276] Bluetooth: hci4: command 0x0409 tx timeout [ 247.491585] Bluetooth: hci5: command 0x040f tx timeout [ 248.004110] Bluetooth: hci7: command 0x0409 tx timeout [ 249.091130] Bluetooth: hci0: command 0x041b tx timeout [ 249.540171] Bluetooth: hci4: command 0x041b tx timeout [ 249.540260] Bluetooth: hci5: command 0x0419 tx timeout [ 249.742375] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 249.764000] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 249.772510] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 249.813519] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 249.821764] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 249.825083] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 250.051251] Bluetooth: hci7: command 0x041b tx timeout [ 250.299787] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 250.308828] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 250.310840] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 250.317811] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 250.326275] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 250.329270] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 251.139300] Bluetooth: hci0: command 0x040f tx timeout [ 251.588282] Bluetooth: hci4: command 0x040f tx timeout [ 251.907239] Bluetooth: hci3: command 0x0409 tx timeout [ 252.100098] Bluetooth: hci7: command 0x040f tx timeout [ 252.420121] Bluetooth: hci6: command 0x0409 tx timeout [ 253.188222] Bluetooth: hci0: command 0x0419 tx timeout [ 253.636240] Bluetooth: hci4: command 0x0419 tx timeout [ 253.957076] Bluetooth: hci3: command 0x041b tx timeout [ 254.147913] Bluetooth: hci7: command 0x0419 tx timeout [ 254.468120] Bluetooth: hci6: command 0x041b tx timeout [ 255.257004] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 255.259045] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 255.260424] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 255.269814] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 255.281977] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 255.304904] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 256.007079] Bluetooth: hci3: command 0x040f tx timeout [ 256.515084] Bluetooth: hci6: command 0x040f tx timeout [ 257.347690] Bluetooth: hci1: command 0x0409 tx timeout [ 258.051402] Bluetooth: hci3: command 0x0419 tx timeout [ 258.563132] Bluetooth: hci6: command 0x0419 tx timeout [ 259.396728] Bluetooth: hci1: command 0x041b tx timeout [ 260.518655] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 260.548832] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 260.552130] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 260.581853] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 260.585294] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 260.596322] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 261.445228] Bluetooth: hci1: command 0x040f tx timeout [ 262.723134] Bluetooth: hci2: command 0x0409 tx timeout [ 263.491281] Bluetooth: hci1: command 0x0419 tx timeout [ 264.772442] Bluetooth: hci2: command 0x041b tx timeout [ 266.819202] Bluetooth: hci2: command 0x040f tx timeout [ 268.867116] Bluetooth: hci2: command 0x0419 tx timeout [ 304.963550] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 306.306520] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 306.307979] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 306.316610] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 306.338166] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 306.341032] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 306.342149] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 306.757830] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 306.760004] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 306.764393] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 306.769488] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 306.773676] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 306.779449] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 307.302022] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 307.305548] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 307.309121] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 307.325906] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 307.330912] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 307.331817] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 308.046760] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 308.058659] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 308.085337] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 308.117884] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 308.126407] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 308.149397] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 308.419146] Bluetooth: hci0: command 0x0409 tx timeout [ 308.867502] Bluetooth: hci4: command 0x0409 tx timeout [ 309.380189] Bluetooth: hci5: command 0x0409 tx timeout [ 310.211167] Bluetooth: hci7: command 0x0409 tx timeout [ 310.467091] Bluetooth: hci0: command 0x041b tx timeout [ 310.915186] Bluetooth: hci4: command 0x041b tx timeout [ 311.427124] Bluetooth: hci5: command 0x041b tx timeout [ 311.914626] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 311.917584] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 311.923889] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 311.956314] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 311.959460] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 311.966289] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 312.259230] Bluetooth: hci7: command 0x041b tx timeout [ 312.515100] Bluetooth: hci0: command 0x040f tx timeout [ 312.963152] Bluetooth: hci4: command 0x040f tx timeout [ 313.283483] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 313.476174] Bluetooth: hci5: command 0x040f tx timeout [ 314.052146] Bluetooth: hci6: command 0x0409 tx timeout [ 314.307667] Bluetooth: hci7: command 0x040f tx timeout [ 314.564095] Bluetooth: hci0: command 0x0419 tx timeout [ 315.011133] Bluetooth: hci4: command 0x0419 tx timeout [ 315.523107] Bluetooth: hci5: command 0x0419 tx timeout [ 316.090559] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 316.096421] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 316.099083] Bluetooth: hci6: command 0x041b tx timeout [ 316.103658] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 316.132293] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 316.134561] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 316.136171] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 316.356084] Bluetooth: hci7: command 0x0419 tx timeout [ 318.147096] Bluetooth: hci6: command 0x040f tx timeout [ 318.211136] Bluetooth: hci1: command 0x0409 tx timeout [ 318.659489] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 320.196100] Bluetooth: hci6: command 0x0419 tx timeout [ 320.260108] Bluetooth: hci1: command 0x041b tx timeout [ 321.329572] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 321.335852] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 321.343697] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 321.390670] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 321.433404] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 321.441741] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 322.307772] Bluetooth: hci1: command 0x040f tx timeout [ 323.523319] Bluetooth: hci2: command 0x0409 tx timeout [ 323.971601] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 324.355136] Bluetooth: hci1: command 0x0419 tx timeout [ 325.571411] Bluetooth: hci2: command 0x041b tx timeout [ 327.619109] Bluetooth: hci2: command 0x040f tx timeout [ 329.411099] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 329.667097] Bluetooth: hci2: command 0x0419 tx timeout [ 334.213815] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 339.267234] Bluetooth: hci3: Opcode 0x c03 failed: -110 2023/08/20 13:20:26 executor 5 failed 11 times: executor 5: exit status 67 SYZFAIL: wrong response packet (errno 2: No such file or directory) loop exited with status 67 VM DIAGNOSIS: 13:20:26 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=ffffffff87758090 RCX=ffffffff812e4acc RDX=1ffffffff0eeb01a RSI=0000000000000008 RDI=ffffffff877580d0 RBP=ffff8880135551c0 RSP=ffff88800a4bf8f8 R8 =0000000000000000 R9 =fffffbfff0ee9f6a R10=ffffffff8774fb57 R11=0000000000000001 R12=ffff888013555bd8 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff812e4b06 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff336290260 CR3=000000000b9ec000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=2e6f747079726362696c2f756e672d78 XMM02=00312e312e6f732e6f74707972636269 XMM03=6c2f756e672d78756e696c2d34365f36 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffffffff813c0e50 RCX=ffffffff8113e279 RDX=ffff8880294f9b40 RSI=0000000000000000 RDI=0000000000000006 RBP=ffff888022f9f7b0 RSP=ffff888022f9f780 R8 =0000000000000006 R9 =ffff888022f9f860 R10=ffff888022f9f850 R11=0000000000000001 R12=dffffc0000000000 R13=ffffed10045f3ef7 R14=ffff888022f9f7f8 R15=ffff888022f9f860 RIP=ffffffff8113df56 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fff03737c70 CR3=000000002a800000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=25252525252525252525252525252525 XMM01=00ff0000000000000000000000ff0000 XMM02=00000000000000000000000000000000 XMM03=756e20796d6d756420736e6f6974706f XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=73253d656d616e6c6165722073253d73 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000