Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:57067' (ECDSA) to the list of known hosts. 2024/11/07 07:14:36 fuzzer started 2024/11/07 07:14:37 dialing manager at localhost:46317 syzkaller login: [ 63.755792] cgroup: Unknown subsys name 'net' [ 63.859061] cgroup: Unknown subsys name 'cpuset' [ 63.878027] cgroup: Unknown subsys name 'rlimit' 2024/11/07 07:14:54 syscalls: 202 2024/11/07 07:14:54 code coverage: enabled 2024/11/07 07:14:54 comparison tracing: enabled 2024/11/07 07:14:54 extra coverage: enabled 2024/11/07 07:14:54 setuid sandbox: enabled 2024/11/07 07:14:54 namespace sandbox: enabled 2024/11/07 07:14:54 Android sandbox: enabled 2024/11/07 07:14:54 fault injection: enabled 2024/11/07 07:14:54 leak checking: enabled 2024/11/07 07:14:54 net packet injection: enabled 2024/11/07 07:14:54 net device setup: enabled 2024/11/07 07:14:54 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/11/07 07:14:54 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/11/07 07:14:54 USB emulation: enabled 2024/11/07 07:14:54 hci packet injection: enabled 2024/11/07 07:14:54 wifi device emulation: enabled 2024/11/07 07:14:54 802.15.4 emulation: enabled 2024/11/07 07:14:54 fetching corpus: 0, signal 0/0 (executing program) 2024/11/07 07:14:56 starting 8 fuzzer processes 07:14:56 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x20102, 0x0) ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000040)={0x0, 0x7, 0x0, 0x5, 0x0, [0x800, 0x7fffffff, 0x69, 0x5]}) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x428280, 0x0) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r0, 0x89fa, &(0x7f0000000140)={'sit0\x00', &(0x7f00000000c0)={'sit0\x00', 0x0, 0x2f, 0x6, 0xdc, 0xfffffffe, 0x3, @local, @dev={0xfe, 0x80, '\x00', 0xc}, 0x20, 0x700, 0x8, 0xfffffc01}}) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000180)='\x00', 0x0, r0) fadvise64(r0, 0x6, 0x80000000, 0xd) r2 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) r3 = io_uring_setup(0x8, &(0x7f00000001c0)={0x0, 0x883a, 0x8, 0x3, 0x363, 0x0, r1}) io_uring_register$IORING_REGISTER_EVENTFD(r3, 0x4, &(0x7f0000000240)=r1, 0x1) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$BTRFS_IOC_DEFRAG_RANGE(r4, 0x40309410, 0x0) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000280), 0x90000, 0x0) r6 = openat2$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x2400, 0x2}, 0x18) r7 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x441, 0x0, 0x8}, 0x18) r8 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000003c0), 0x280000, 0x0) io_uring_register$IORING_REGISTER_FILES(r5, 0x2, &(0x7f0000000400)=[r6, r7, r8, r0, r4, r2, r2, r4], 0x8) openat2$dir(0xffffffffffffff9c, &(0x7f0000000440)='.\x00', &(0x7f0000000480)={0x0, 0x0, 0x6}, 0x18) r9 = openat$full(0xffffffffffffff9c, &(0x7f00000004c0), 0x193000, 0x0) fsmount(r9, 0x0, 0x0) 07:14:56 executing program 3: ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x201e, 0x3}) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder0\x00', 0x800, 0x0) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x20) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/fscaps', 0x84280, 0x136) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x10a, 0x2}) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/vt', 0x210040, 0x0) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r3, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0xc000}, 0x8000) mmap$binder(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000280), 0x404000, 0x0) timerfd_gettime(r4, &(0x7f00000002c0)) getrusage(0xffffffffffffffff, &(0x7f0000000300)) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r4, 0xc018620c, &(0x7f00000003c0)={0x3}) clock_gettime(0x2, &(0x7f0000000400)) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r1, 0x40046210, &(0x7f0000000440)) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000480)=[r0, r1, r5, r2], 0x4) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x30, 0xffffffffffffffff, 0x8000000) ioctl$F2FS_IOC_GARBAGE_COLLECT(r1, 0x4004f506, &(0x7f00000004c0)) 07:14:56 executing program 1: ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x9361, 0x81) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x8, 0x70bd27, 0x1000, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x2c}}, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000000300)={r0, 0x1ff}) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$BTRFS_IOC_DEFRAG_RANGE(r1, 0x40309410, &(0x7f0000001300)={0x4, 0x0, 0x2, 0x7, 0x3, [0x1f, 0xffff1554, 0x70, 0x7]}) r2 = memfd_secret(0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000001340)='./binderfs2/binder1\x00', 0x2, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r3, 0xc0709411, &(0x7f0000001380)={{r0, 0x100, 0x8001, 0x800, 0x80, 0x7fff, 0xffff, 0x1, 0x6, 0x8, 0x0, 0xfffffffffffffff8, 0x6, 0x0, 0x1}, 0x8, [0x0]}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001400)) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001a40)={0x100, 0x0, &(0x7f0000001880)=[@request_death={0x400c630e, 0x2}, @acquire_done, @acquire_done={0x40106309, 0x1}, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x60, 0x18, &(0x7f0000001700)={@ptr={0x70742a85, 0x0, &(0x7f0000001600)=""/245, 0xf5, 0x1, 0x25}, @flat=@binder={0x73622a85, 0x110b, 0x1}, @fda={0x66646185, 0x0, 0x2}}, &(0x7f0000001780)={0x0, 0x28, 0x40}}}, @enter_looper, @increfs_done={0x40106308, 0x1}, @reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x50, 0x18, &(0x7f00000017c0)={@flat=@handle={0x73682a85, 0x0, 0x2}, @fda={0x66646185, 0x5, 0x2, 0x13}, @fd={0x66642a85, 0x0, r1}}, &(0x7f0000001840)={0x0, 0x18, 0x38}}, 0x1000}, @dead_binder_done, @acquire_done={0x40106309, 0x1}], 0xb0, 0x0, &(0x7f0000001980)="6629644bb77cd74509edc79cc143ef4bd88d2b46c76f2e0e0f1b97cafb766132c77e03124013be40fc33ea3088a73c761e3a0e34adee39358b0d82fb5cae5909350f31beb513bd09d67bdfd85d1eb623ccad804a65d91434867309d2fbe79be0ae375934f7a6209eb2820e9510aa685a172736a67ff1998f9f516fd488906175f0426e8eeebddd5c9216f9b97626c1a8a1da95747c7953db2cd40ca18b1fd9079f7ca45602eed5fa46386699f20fe1bd"}) r4 = fsmount(r2, 0x0, 0x0) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000001ac0), r2) sendmsg$BATADV_CMD_GET_VLAN(r4, &(0x7f0000001bc0)={&(0x7f0000001a80)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001b80)={&(0x7f0000001b00)={0x5c, r5, 0x0, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x200}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x2}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x6b795d77}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x400}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x80000001}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x81}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40080}, 0x4000800) r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000001c40), 0xffffffffffffffff) sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000001d00)={&(0x7f0000001c00)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001c80)={0x40, r6, 0x800, 0x70bd2a, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x400}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x6540ff18}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xfffffffffffff801}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x800) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r2, 0xc018620c, &(0x7f0000001d40)={0x3}) r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000001d80), 0x80100, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f0000001dc0)) sendmsg$GTP_CMD_GETPDP(r4, &(0x7f0000002100)={&(0x7f0000001fc0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000020c0)={&(0x7f0000002040)={0x64, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @broadcast}, @GTPA_TID={0xc, 0x3, 0x2}, @GTPA_FLOW={0x6}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_FLOW={0x6}, @GTPA_O_TEI={0x8, 0x9, 0x3}, @GTPA_MS_ADDRESS={0x8, 0x5, @local}, @GTPA_NET_NS_FD={0x8, 0x7, r2}, @GTPA_TID={0xc, 0x3, 0x1}]}, 0x64}, 0x1, 0x0, 0x0, 0x2008800}, 0x10) 07:14:56 executing program 2: ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f0000000000)={0x3}) r0 = syz_open_dev$loop(&(0x7f0000000040), 0x0, 0x8000) r1 = fsmount(0xffffffffffffffff, 0x0, 0x7a) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000080)={0x3}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f00000000c0)={{0x0, 0x4, 0x800, 0x6, 0x1, 0x2, 0x7ff, 0x2, 0x3, 0x5, 0xe481, 0x2000000000, 0xb9, 0x46ac, 0x7fff}}) ioctl$BTRFS_IOC_INO_LOOKUP(r0, 0xd0009412, &(0x7f00000010c0)={r2, 0x6}) socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$BINDER_FREEZE(r1, 0x400c620e, &(0x7f00000020c0)={0x0, 0x1, 0x8}) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000002100)='./binderfs/binder0\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000021c0)={0xc, 0x0, &(0x7f0000002140)=[@exit_looper, @release={0x40046306, 0x3}], 0xc, 0x0, &(0x7f0000002180)="7c76c23119f29880e027873f"}) ioctl$BINDER_FREEZE(r3, 0x400c620e, &(0x7f0000002200)={0xffffffffffffffff, 0x1, 0x4}) r4 = fsopen(&(0x7f0000002240)='fuseblk\x00', 0x1) fsmount(r4, 0x1, 0x1) openat2$dir(0xffffffffffffff9c, &(0x7f0000002280)='./file0\x00', &(0x7f00000022c0)={0x501000, 0x108, 0x1}, 0x18) ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r1, 0x40046210, &(0x7f0000002300)) syz_genetlink_get_family_id$gtp(&(0x7f0000002340), 0xffffffffffffffff) 07:14:56 executing program 4: r0 = request_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='@\x00', 0xfffffffffffffff9) r1 = add_key(&(0x7f00000000c0)='dns_resolver\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)='1', 0x1, 0x0) keyctl$search(0xa, r1, &(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x2}, r0) keyctl$search(0xa, r0, &(0x7f0000000200)='cifs.idmap\x00', &(0x7f0000000240)={'syz', 0x0}, r0) r2 = eventfd2(0x3ff, 0x80400) r3 = add_key(&(0x7f0000000300)='big_key\x00', &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000380)="617d8c532a41cd71f186c1bb87a47ad15207c221fe53750cec8338962acc611ac479aabbad918bccc96db1bd61720ec213b7574bcbbb92fb6378cbb41b6a9f5dee482db113ab662fd75938c44f182a0abf57cf1e99eed068fe2a0396e1fdf6d78878b50f1c766fe89ee7b1bae3e29d31f5fae3299f23c00a6ce993d04fa653865388f1156f8380bdd7760ee1b97c996e9d0f523673d3ecc98c4262a5ba0be8741ed044af0e7dfe34538791031310b86a73cada5133f20724be534cb1abf31c1f2ebedfb1ce5a6655a40561f5d0a69a93bd4176894194e5e9c7b270362af5ea7e44471704168bbc06b038c7f190104cffd68a60dc5aed62e2e8", 0xf9, r1) keyctl$search(0xa, r0, &(0x7f0000000280)='rxrpc\x00', &(0x7f00000002c0)={'syz', 0x1}, r3) keyctl$negate(0xd, 0x0, 0x4, r1) keyctl$KEYCTL_MOVE(0x1e, 0x0, r0, r1, 0x1) keyctl$KEYCTL_MOVE(0x1e, r0, r0, r3, 0x1) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r2, 0xc0709411, &(0x7f0000000480)={{0x0, 0x101, 0x8, 0x1000, 0x8b57, 0x1ff, 0x1, 0x1f, 0xc56, 0x1, 0x9, 0x0, 0x2, 0x5, 0x7f}, 0x8, [0x0]}) keyctl$search(0xa, 0x0, &(0x7f0000000500)='.request_key_auth\x00', &(0x7f0000000540)={'syz', 0x2}, r3) write$rfkill(0xffffffffffffffff, &(0x7f0000000580)={0x8, 0x0, 0x3}, 0x8) keyctl$clear(0x7, r1) r4 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x1}, 0x0, 0x0, r1) r5 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x1}, 0x0, 0x0, r1) keyctl$negate(0xd, r4, 0x80, r5) r6 = request_key(&(0x7f00000006c0)='keyring\x00', &(0x7f0000000700)={'syz', 0x1}, &(0x7f0000000740)='+^],\':\x1e{*\x00', r5) r7 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x3}, 0x0, 0x0, r0) keyctl$KEYCTL_MOVE(0x1e, r6, r1, r7, 0x1) 07:14:56 executing program 5: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, 0xffffffffffffffff) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000040)) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000100)) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x80642, 0x0) fchdir(r1) syz_open_dev$loop(&(0x7f0000000200), 0x40, 0x400140) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000240)={0x0, ""/256, 0x0}) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000440), 0x200000, 0x0) read$rfkill(r4, &(0x7f0000000480), 0x8) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f00000004c0)={{r2, 0x5, 0xf800000000000000, 0x6, 0xff, 0xd8f, 0x6, 0x8, 0xffff0000, 0x0, 0x3f, 0x100, 0x7, 0x89, 0x1}}) ioctl$BTRFS_IOC_INO_LOOKUP(r1, 0xd0009412, &(0x7f00000014c0)={r5, 0x3}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000024c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000002500)={'wlan1\x00'}) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0) r7 = fsmount(r1, 0x1, 0x81) ioctl$LOOP_SET_DIRECT_IO(r7, 0x4c08, 0x7fff) ioctl$BTRFS_IOC_INO_LOOKUP(r1, 0xd0009412, &(0x7f0000002540)={r3, 0x1000}) fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, &(0x7f0000003580)='/dev/hwrng\x00', &(0x7f00000035c0)='./file0\x00', 0xffffffffffffffff) [ 82.063332] audit: type=1400 audit(1730963696.291:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 07:14:56 executing program 6: mknodat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xc000, 0x6) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc0, 0x100) keyctl$clear(0x7, 0xfffffffffffffffa) fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f0000000080)='.^@%/%#@\x00', &(0x7f00000000c0)='./file0\x00', r0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000100), r1) keyctl$link(0x8, 0x0, 0xfffffffffffffffb) fsconfig$FSCONFIG_SET_PATH(r1, 0x3, &(0x7f0000000180)='\'\\\x00', &(0x7f00000001c0)='./file1\x00', 0xffffffffffffffff) getgid() fsconfig$FSCONFIG_SET_PATH_EMPTY(r1, 0x4, &(0x7f0000000200)='%\x00', &(0x7f0000000240)='./file0\x00', 0xffffffffffffffff) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000280)={{0x0, 0xf2, 0x6, 0x7ff, 0x1, 0x401, 0x40, 0xcd, 0x6, 0x3ff, 0x10001, 0x401, 0x0, 0x9, 0x8}}) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f00000012c0)={0x400, 0x0, &(0x7f0000001280)=[r0, r1, r1, r0, r1, r2, r0, r1]}, 0x8) r3 = request_key(&(0x7f0000001300)='rxrpc\x00', &(0x7f0000001340)={'syz', 0x3}, &(0x7f0000001380)='!\'\x00', 0xfffffffffffffffa) r4 = add_key$keyring(&(0x7f00000013c0), &(0x7f0000001400)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) r5 = request_key(&(0x7f0000001440)='asymmetric\x00', &(0x7f0000001480)={'syz', 0x1}, &(0x7f00000014c0)='.^@%/%#@\x00', 0xfffffffffffffff8) keyctl$KEYCTL_MOVE(0x1e, r3, r4, r5, 0x1) r6 = memfd_secret(0x80000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000006, 0x140010, r6, 0x0) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000015c0)={&(0x7f0000001540)={0x64, 0x0, 0x8, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x81}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x2}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x4}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x6}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1f}]}, 0x64}, 0x1, 0x0, 0x0, 0xc4}, 0x14801) 07:14:56 executing program 7: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x10040, 0x0) fsconfig$FSCONFIG_SET_PATH(r0, 0x3, &(0x7f0000000040)='\xfd{)\x00', &(0x7f0000000080)='./file0\x00', 0xffffffffffffffff) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x440800, 0x0) open$dir(&(0x7f0000000100)='./file0/file0\x00', 0x40200, 0x20) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x501401, 0x0) mount_setattr(r2, &(0x7f0000000180)='./file0\x00', 0x1100, &(0x7f00000001c0)={0x0, 0x100076, 0xa0000, {r0}}, 0x20) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000280), 0x2080, 0x0) fsconfig$FSCONFIG_SET_PATH(r0, 0x3, &(0x7f0000000200)='\x00', &(0x7f0000000240)='./file0/file0\x00', r3) sendto(r3, &(0x7f00000002c0)="5357b905de012090596139d74ee07eb3017c05fc8cc0b9f2032b180869d4bf5c7aea0037c20af260c64b66160dba39e6ce41703c8b6cda665bd725146ab752fc29a64b1fcae25fb96df72e54182604656868f46f7df14879f3ec61064675cb5c19f9a33ebb5a4ae77f45918e844529a22b56ae344b291a48e1a0342fb485006fad4d2e787791d5124ab2e72ce830038932ced750027c40f952c42a056359b2b34189524d197ae2b80d19c1f11a602b24edcb42c88c082826b337646eb3e639bca66f16df9ade242ba8cb0303ecf8dcd9aaab95f8157e7c755f0dd58dc93825", 0xdf, 0x20000042, &(0x7f00000003c0)=@nl=@kern={0x10, 0x0, 0x0, 0x2000000}, 0x80) r4 = fsmount(r2, 0x0, 0x80) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000440)='./binderfs/binder0\x00', 0x800, 0x0) open$dir(&(0x7f0000000480)='./file0\x00', 0x240000, 0x4) getresgid(&(0x7f00000004c0), &(0x7f0000000500), &(0x7f0000000540)) fsconfig$FSCONFIG_SET_PATH_EMPTY(r4, 0x4, &(0x7f0000000580)='/dev/vcs\x00', &(0x7f00000005c0)='./file0/file0\x00', r1) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000000600)={0x0, 0xc52d}) ioctl$LOOP_GET_STATUS64(r2, 0x4c05, &(0x7f0000001600)) getsockopt$sock_timeval(r3, 0x1, 0x15, &(0x7f0000001700), &(0x7f0000001740)=0x10) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r3, 0xc018620c, &(0x7f0000001780)={0x1}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f00000017c0)={{0x0, 0x1ff, 0x4, 0x61, 0x160c, 0x1567, 0xffffffff, 0x5, 0x5, 0x4, 0x7468, 0xfffffffffffffffb, 0x100000000, 0x0, 0x40}, 0x20, [0x0, 0x0, 0x0, 0x0]}) syz_genetlink_get_family_id$gtp(&(0x7f0000001880), 0xffffffffffffffff) [ 83.344124] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.345738] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.348753] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.355866] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.358016] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 83.360746] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.531421] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 83.537743] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 83.540750] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 83.542098] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 83.549027] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.550215] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 83.551976] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 83.553127] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 83.554042] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 83.557122] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 83.558219] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 83.560904] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 83.561977] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 83.564914] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 83.569988] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 83.572706] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 83.574188] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 83.575549] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.578713] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 83.601096] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 83.603080] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.606641] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 83.622504] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 83.631582] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 83.636138] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 83.638029] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 83.642905] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.644928] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 83.653860] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 83.657710] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 83.659324] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 83.661081] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 83.663858] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 83.667148] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 83.685726] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 83.689671] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 83.691956] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 83.702038] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 83.706842] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 83.706906] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 83.714204] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 83.716767] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 85.435098] Bluetooth: hci0: command tx timeout [ 85.626809] Bluetooth: hci2: command tx timeout [ 85.627561] Bluetooth: hci4: command tx timeout [ 85.755724] Bluetooth: hci6: command tx timeout [ 85.755749] Bluetooth: hci3: command tx timeout [ 85.756103] Bluetooth: hci1: command tx timeout [ 85.819541] Bluetooth: hci5: command tx timeout [ 85.821219] Bluetooth: hci7: command tx timeout [ 87.483511] Bluetooth: hci0: command tx timeout [ 87.676522] Bluetooth: hci4: command tx timeout [ 87.677994] Bluetooth: hci2: command tx timeout [ 87.802669] Bluetooth: hci1: command tx timeout [ 87.804323] Bluetooth: hci6: command tx timeout [ 87.804363] Bluetooth: hci3: command tx timeout [ 87.867506] Bluetooth: hci7: command tx timeout [ 87.867536] Bluetooth: hci5: command tx timeout [ 89.530565] Bluetooth: hci0: command tx timeout [ 89.722609] Bluetooth: hci2: command tx timeout [ 89.722633] Bluetooth: hci4: command tx timeout [ 89.850759] Bluetooth: hci1: command tx timeout [ 89.850824] Bluetooth: hci6: command tx timeout [ 89.852258] Bluetooth: hci3: command tx timeout [ 89.914558] Bluetooth: hci7: command tx timeout [ 89.915924] Bluetooth: hci5: command tx timeout [ 91.578566] Bluetooth: hci0: command tx timeout [ 91.770548] Bluetooth: hci2: command tx timeout [ 91.772025] Bluetooth: hci4: command tx timeout [ 91.898608] Bluetooth: hci3: command tx timeout [ 91.899163] Bluetooth: hci6: command tx timeout [ 91.899851] Bluetooth: hci1: command tx timeout [ 91.964658] Bluetooth: hci7: command tx timeout [ 91.965182] Bluetooth: hci5: command tx timeout [ 145.950871] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 145.956328] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 145.958421] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 145.965499] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 145.969343] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 145.972392] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 146.049558] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 146.051856] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 146.058667] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 146.061220] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 146.064180] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 146.067719] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 146.072026] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 146.072930] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 146.076285] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 146.077911] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 146.085909] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 146.087156] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 146.127722] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 146.129410] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 146.133316] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 146.137046] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 146.140429] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 146.142918] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 146.234108] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 146.256478] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 146.269859] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 146.272098] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 146.277008] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 146.278999] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 146.281129] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 146.286884] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 146.298766] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 146.314752] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 146.318720] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 146.322985] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 146.336844] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 146.352823] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 146.352856] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 146.357875] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 146.360229] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 146.374668] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 146.381501] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 146.388819] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 146.392301] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 146.398763] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 146.408668] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 146.436580] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 148.026600] Bluetooth: hci0: command tx timeout [ 148.091002] Bluetooth: hci2: command tx timeout [ 148.154692] Bluetooth: hci1: command tx timeout [ 148.218709] Bluetooth: hci3: command tx timeout [ 148.474567] Bluetooth: hci6: command tx timeout [ 148.475414] Bluetooth: hci7: command tx timeout [ 148.538750] Bluetooth: hci5: command tx timeout [ 148.539428] Bluetooth: hci4: command tx timeout [ 150.074558] Bluetooth: hci0: command tx timeout [ 150.138660] Bluetooth: hci2: command tx timeout [ 150.202751] Bluetooth: hci1: command tx timeout [ 150.266568] Bluetooth: hci3: command tx timeout [ 150.522766] Bluetooth: hci7: command tx timeout [ 150.523310] Bluetooth: hci6: command tx timeout [ 150.587633] Bluetooth: hci4: command tx timeout [ 150.588133] Bluetooth: hci5: command tx timeout [ 152.122575] Bluetooth: hci0: command tx timeout [ 152.187490] Bluetooth: hci2: command tx timeout [ 152.250565] Bluetooth: hci1: command tx timeout [ 152.314507] Bluetooth: hci3: command tx timeout [ 152.570839] Bluetooth: hci6: command tx timeout [ 152.571378] Bluetooth: hci7: command tx timeout [ 152.635213] Bluetooth: hci5: command tx timeout [ 152.635814] Bluetooth: hci4: command tx timeout [ 154.170607] Bluetooth: hci0: command tx timeout [ 154.234567] Bluetooth: hci2: command tx timeout [ 154.299679] Bluetooth: hci1: command tx timeout [ 154.362560] Bluetooth: hci3: command tx timeout [ 154.618565] Bluetooth: hci6: command tx timeout [ 154.620115] Bluetooth: hci7: command tx timeout [ 154.682664] Bluetooth: hci5: command tx timeout [ 154.684295] Bluetooth: hci4: command tx timeout [ 208.267907] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 208.273666] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 208.276487] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 208.289932] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 208.292074] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 208.293847] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 208.522475] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 208.527789] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 208.528702] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 208.531660] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 208.533595] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 208.535331] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 208.537197] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 208.538964] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 208.540222] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 208.559637] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 208.564770] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 208.574053] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 208.579889] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 208.582703] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 208.584634] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 208.588727] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 208.592162] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 208.593768] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 208.678233] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 208.681007] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 208.683620] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 208.688656] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 208.692188] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 208.693559] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 208.732293] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 208.732702] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 208.745964] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 208.753133] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 208.753157] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 208.758042] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 208.779768] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 208.795734] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 208.796222] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 208.839740] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 208.840746] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 208.843121] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 208.845642] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 208.865054] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 208.867853] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 208.868002] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 208.880317] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 208.889644] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 210.363628] Bluetooth: hci0: command tx timeout [ 210.619646] Bluetooth: hci1: command tx timeout [ 210.620612] Bluetooth: hci2: command tx timeout [ 210.621207] Bluetooth: hci3: command tx timeout [ 210.811716] Bluetooth: hci4: command tx timeout [ 210.939713] Bluetooth: hci5: command tx timeout [ 210.941228] Bluetooth: hci6: command tx timeout [ 210.943081] Bluetooth: hci7: command tx timeout [ 212.411562] Bluetooth: hci0: command tx timeout [ 212.666674] Bluetooth: hci3: command tx timeout [ 212.667194] Bluetooth: hci2: command tx timeout [ 212.667856] Bluetooth: hci1: command tx timeout [ 212.859619] Bluetooth: hci4: command tx timeout [ 212.989490] Bluetooth: hci5: command tx timeout [ 212.990004] Bluetooth: hci7: command tx timeout [ 212.990542] Bluetooth: hci6: command tx timeout [ 214.458642] Bluetooth: hci0: command tx timeout [ 214.715572] Bluetooth: hci1: command tx timeout [ 214.716112] Bluetooth: hci2: command tx timeout [ 214.716813] Bluetooth: hci3: command tx timeout [ 214.907538] Bluetooth: hci4: command tx timeout [ 215.035725] Bluetooth: hci6: command tx timeout [ 215.036246] Bluetooth: hci7: command tx timeout [ 215.037051] Bluetooth: hci5: command tx timeout [ 216.508708] Bluetooth: hci0: command tx timeout [ 216.764523] Bluetooth: hci2: command tx timeout [ 216.765044] Bluetooth: hci1: command tx timeout [ 216.766585] Bluetooth: hci3: command tx timeout [ 216.954972] Bluetooth: hci4: command tx timeout [ 217.082715] Bluetooth: hci5: command tx timeout [ 217.083236] Bluetooth: hci7: command tx timeout [ 217.083841] Bluetooth: hci6: command tx timeout [ 270.817852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 270.820816] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 270.822226] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 270.826166] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 270.829334] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 270.831244] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 270.833202] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 270.834713] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 270.842339] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 270.852326] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 270.858700] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 270.862146] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 271.046024] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 271.049741] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 271.052054] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 271.060370] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 271.063362] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 271.065226] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 271.070697] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 271.074152] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 271.078832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 271.085090] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 271.096913] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 271.101604] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 271.129477] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 271.139772] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 271.150988] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 271.161563] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 271.170889] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 271.183685] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 271.187284] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 271.193547] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 271.197050] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 271.201653] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 271.202875] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 271.204674] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 271.218072] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 271.222780] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 271.224966] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 271.228792] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 271.234483] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 271.252364] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 271.278178] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 271.295814] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 271.300998] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 271.324159] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 271.381698] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 271.388710] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 272.890644] Bluetooth: hci1: command tx timeout [ 272.890681] Bluetooth: hci0: command tx timeout [ 273.146576] Bluetooth: hci3: command tx timeout [ 273.147944] Bluetooth: hci2: command tx timeout [ 273.274606] Bluetooth: hci5: command tx timeout [ 273.338520] Bluetooth: hci4: command tx timeout [ 273.338531] Bluetooth: hci6: command tx timeout [ 273.466806] Bluetooth: hci7: command tx timeout [ 274.938497] Bluetooth: hci1: command tx timeout [ 274.938724] Bluetooth: hci0: command tx timeout [ 275.196614] Bluetooth: hci2: command tx timeout [ 275.196850] Bluetooth: hci3: command tx timeout [ 275.322554] Bluetooth: hci5: command tx timeout [ 275.386572] Bluetooth: hci6: command tx timeout [ 275.388213] Bluetooth: hci4: command tx timeout [ 275.514599] Bluetooth: hci7: command tx timeout [ 276.986549] Bluetooth: hci0: command tx timeout [ 276.987508] Bluetooth: hci1: command tx timeout [ 277.244539] Bluetooth: hci2: command tx timeout [ 277.245607] Bluetooth: hci3: command tx timeout [ 277.370500] Bluetooth: hci5: command tx timeout [ 277.434630] Bluetooth: hci4: command tx timeout [ 277.436130] Bluetooth: hci6: command tx timeout [ 277.562687] Bluetooth: hci7: command tx timeout [ 279.034528] Bluetooth: hci0: command tx timeout [ 279.035504] Bluetooth: hci1: command tx timeout [ 279.290641] Bluetooth: hci3: command tx timeout [ 279.291184] Bluetooth: hci2: command tx timeout [ 279.418615] Bluetooth: hci5: command tx timeout [ 279.482739] Bluetooth: hci4: command tx timeout [ 279.482765] Bluetooth: hci6: command tx timeout [ 279.612567] Bluetooth: hci7: command tx timeout [ 333.225113] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 333.230282] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 333.232519] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 333.234787] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 333.236271] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 333.238751] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 333.481735] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 333.484523] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 333.487007] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 333.494956] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 333.495950] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 333.503111] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 333.505181] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 333.507605] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 333.509625] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 333.515362] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 333.526043] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 333.527907] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 333.530008] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 333.532311] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 333.534824] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 333.557567] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 333.562270] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 333.563688] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 333.570875] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 333.572361] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 333.574085] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 333.575106] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 333.588938] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 333.601063] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 333.609680] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 333.635873] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 333.637914] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 333.639065] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 333.660805] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 333.662844] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 333.694609] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 333.699184] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 333.701232] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 333.704764] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 333.706996] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 333.708159] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 334.071357] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 334.102511] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 334.118783] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 334.141599] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 334.143946] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 334.145511] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 335.291515] Bluetooth: hci0: command tx timeout [ 335.546613] Bluetooth: hci2: command tx timeout [ 335.611487] Bluetooth: hci1: command tx timeout [ 335.740563] Bluetooth: hci3: command tx timeout [ 335.740684] Bluetooth: hci4: command tx timeout [ 335.741316] Bluetooth: hci5: command tx timeout [ 335.803583] Bluetooth: hci6: command tx timeout [ 336.250553] Bluetooth: hci7: command tx timeout [ 337.338485] Bluetooth: hci0: command tx timeout [ 337.595522] Bluetooth: hci2: command tx timeout [ 337.659477] Bluetooth: hci1: command tx timeout [ 337.786656] Bluetooth: hci5: command tx timeout [ 337.787157] Bluetooth: hci4: command tx timeout [ 337.787672] Bluetooth: hci3: command tx timeout [ 337.852427] Bluetooth: hci6: command tx timeout [ 338.298483] Bluetooth: hci7: command tx timeout [ 339.386637] Bluetooth: hci0: command tx timeout [ 339.642610] Bluetooth: hci2: command tx timeout [ 339.707579] Bluetooth: hci1: command tx timeout [ 339.834665] Bluetooth: hci3: command tx timeout [ 339.836327] Bluetooth: hci4: command tx timeout [ 339.836836] Bluetooth: hci5: command tx timeout [ 339.898694] Bluetooth: hci6: command tx timeout [ 340.347488] Bluetooth: hci7: command tx timeout [ 341.434514] Bluetooth: hci0: command tx timeout [ 341.690470] Bluetooth: hci2: command tx timeout [ 341.754660] Bluetooth: hci1: command tx timeout [ 341.882563] Bluetooth: hci5: command tx timeout [ 341.883068] Bluetooth: hci4: command tx timeout [ 341.883088] Bluetooth: hci3: command tx timeout [ 341.946764] Bluetooth: hci6: command tx timeout [ 342.394498] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 07:20:06 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000006 RCX=ffffffff847ec09d RDX=ffff88802aea9b80 RSI=0000000000000006 RDI=0000000000000005 RBP=ffffffff852c8b60 RSP=ffff88802e677730 R8 =0000000000000001 R9 =ffffed100121533e R10=0000000000000002 R11=00000000000c33ea R12=0000000000000002 R13=0000000000000005 R14=0000000000000009 R15=ffff88802e677bb0 RIP=ffffffff8151dd34 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6f59bf61f0 CR3=0000000024f98000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=6461657268747062696c2f756e672d78 XMM02=00302e6f732e6461657268747062696c XMM03=2f756e672d78756e696c2d34365f3638 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=0000000000000016 RCX=ffffffff812f079e RDX=fffffbfff0fdc5e5 RSI=0000000000000008 RDI=ffffffff87ee2f20 RBP=ffff888015ab3700 RSP=ffff88802e747208 R8 =0000000000000000 R9 =fffffbfff0fdc5e4 R10=ffffffff87ee2f27 R11=00000000000c33ea R12=0000000000000009 R13=ffff888015ab4140 R14=0000000000000200 R15=ffff888015ab4140 RIP=ffffffff812f07a6 RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0c00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdaadd0c8e0 CR3=0000000031b4e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=00362e6f732e6362696c2f756e672d78 XMM02=ffff000000000000ffffffffffff0000 XMM03=ffffffffff0000ffffffffff00000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000