Warning: Permanently added '[localhost]:18734' (ECDSA) to the list of known hosts.
2024/12/22 11:52:31 fuzzer started
2024/12/22 11:52:31 dialing manager at localhost:34561
syzkaller login: [   63.159411] cgroup: Unknown subsys name 'net'
[   63.232736] cgroup: Unknown subsys name 'cpuset'
[   63.262939] cgroup: Unknown subsys name 'rlimit'
2024/12/22 11:52:53 syscalls: 200
2024/12/22 11:52:53 code coverage: enabled
2024/12/22 11:52:53 comparison tracing: enabled
2024/12/22 11:52:53 extra coverage: enabled
2024/12/22 11:52:53 setuid sandbox: enabled
2024/12/22 11:52:53 namespace sandbox: enabled
2024/12/22 11:52:53 Android sandbox: enabled
2024/12/22 11:52:53 fault injection: enabled
2024/12/22 11:52:53 leak checking: enabled
2024/12/22 11:52:53 net packet injection: enabled
2024/12/22 11:52:53 net device setup: enabled
2024/12/22 11:52:53 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2024/12/22 11:52:53 devlink PCI setup: PCI device 0000:00:10.0 is not available
2024/12/22 11:52:53 USB emulation: enabled
2024/12/22 11:52:53 hci packet injection: enabled
2024/12/22 11:52:53 wifi device emulation: enabled
2024/12/22 11:52:53 802.15.4 emulation: enabled
2024/12/22 11:52:53 fetching corpus: 0, signal 0/0 (executing program)
2024/12/22 11:52:55 starting 8 fuzzer processes
11:52:55 executing program 0:
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
mkdirat$cgroup(r0, &(0x7f0000000040)='syz1\x00', 0x1ff)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x9)
setfsgid(0xffffffffffffffff)
getgroups(0x6, &(0x7f00000000c0)=[<r1=>0xee00, 0xee01, <r2=>0xffffffffffffffff, <r3=>0xee01, <r4=>0xffffffffffffffff, <r5=>0x0])
setgroups(0x6, &(0x7f0000000100)=[0xee01, 0xee00, 0xee01, r4, 0xee01, 0xee00])
r6 = syz_open_dev$hidraw(&(0x7f00000003c0), 0x1000, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r6, 0x81f8943c, &(0x7f0000000400))
pkey_alloc(0x0, 0x2)
syz_open_dev$hidraw(&(0x7f0000000600), 0x16c, 0xa801)
syz_open_dev$hidraw(&(0x7f0000000640), 0x80000000, 0x361000)
getresgid(&(0x7f0000000680)=<r7=>0x0, &(0x7f00000006c0), &(0x7f0000000700)=<r8=>0x0)
getresgid(&(0x7f0000000740), &(0x7f0000000780)=<r9=>0x0, &(0x7f00000007c0)=<r10=>0x0)
setgroups(0x9, &(0x7f0000000800)=[r1, r4, r3, r7, r1, r5, 0x0, 0x0, r9])
openat$cgroup(r0, &(0x7f0000000840)='syz0\x00', 0x200002, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000880))
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$batadv(&(0x7f0000000940), r0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r11, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x28, r12, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x80010}, 0x8001)
getgroups(0x6, &(0x7f0000000b00)=[r2, 0x0, 0xee01, r8, r2, r10])

11:52:55 executing program 1:
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000040)={0x5, 0x7, 0x9, 0x20, 0xeb, 0x4})
ioctl$CDROMPLAYMSF(0xffffffffffffffff, 0x5303, &(0x7f0000000ac0)={0x5, 0xfb, 0x1, 0x7, 0xff, 0x9d})
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000b80)='net/ip_mr_cache\x00')
perf_event_open$cgroup(&(0x7f0000000b00)={0x2, 0x80, 0x1f, 0xff, 0x2, 0x2, 0x0, 0x7f, 0x10000, 0x5, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x5, 0x2, @perf_config_ext={0x3, 0x97f}, 0x300, 0x6, 0x799, 0x1, 0x200, 0x8, 0x8000, 0x0, 0x8, 0x0, 0x8}, r0, 0x0, r1, 0x8)
r2 = openat$cgroup_ro(r1, &(0x7f0000000bc0)='pids.events\x00', 0x0, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000c00), 0x2, 0x0)
write$vga_arbiter(r1, &(0x7f0000000c40)=@other={'trylock', ' ', 'io+mem'}, 0xf)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000c80), 0x10d200, 0x0)
ioctl$CDROM_CHANGER_NSLOTS(r3, 0x5328)
r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000cc0), 0x280, 0x0)
ioctl$CDROMSEEK(r4, 0x5316, &(0x7f0000000d00)={0x9, 0x1, 0xf9, 0x9, 0x7f, 0x5})
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000d40), 0x400000, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000d80), 0x402101, 0x0)
ioctl$CDROM_CLEAR_OPTIONS(r5, 0x5321, 0x1)
pipe2(&(0x7f0000001300)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x84800)
ioctl$BTRFS_IOC_START_SYNC(r7, 0x80089418, &(0x7f0000001340))
pipe2$9p(&(0x7f0000001380)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r8, 0x81f8943c, &(0x7f00000013c0))
write$P9_RCLUNK(r6, &(0x7f00000015c0)={0x7, 0x79, 0x2}, 0x7)

11:52:55 executing program 2:
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
perf_event_open$cgroup(&(0x7f0000000080)={0x0, 0x80, 0xf9, 0x0, 0xff, 0x1, 0x0, 0x65c5bdcd, 0x88000, 0x465090846d746f82, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7, 0x1, @perf_bp={&(0x7f0000000040), 0x1}, 0x504, 0x0, 0x1, 0x7, 0x6d, 0x4, 0x6, 0x0, 0xc2d, 0x0, 0x2}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x1)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r1 = openat$cgroup(r0, &(0x7f0000000140)='syz1\x00', 0x200002, 0x0)
mkdirat$cgroup(r1, &(0x7f0000000180)='syz1\x00', 0x1ff)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x82800, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000200)='cgroup.threads\x00', 0x2, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$cgroup_procs(r3, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000002c0))
syz_open_dev$hidraw(&(0x7f0000000300), 0x4, 0x42480)
openat$cgroup_type(r2, &(0x7f0000000340), 0x2, 0x0)
r4 = openat$cgroup(r0, &(0x7f0000000400)='syz1\x00', 0x200002, 0x0)
perf_event_open$cgroup(&(0x7f0000000380)={0x0, 0x80, 0x9, 0x0, 0x40, 0x6, 0x0, 0xfffffffffffffffd, 0x800, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x80, 0x2, @perf_config_ext={0x7, 0x2}, 0x1a0, 0x6, 0x1f, 0x4, 0x9, 0x0, 0x2, 0x0, 0x3, 0x0, 0x4}, r4, 0xf, 0xffffffffffffffff, 0x8)
ioctl$CDROMREADCOOKED(r3, 0x5315, &(0x7f0000000440))
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000ec0)='devices.list\x00', 0x0, 0x0)
openat$cgroup_freezer_state(r3, &(0x7f0000000f00), 0x2, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000f40)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r5, &(0x7f0000000f80)='cgroup.threads\x00', 0x2, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000fc0)='cgroup.threads\x00', 0x2, 0x0)

11:52:55 executing program 3:
ioctl$CDROMPAUSE(0xffffffffffffffff, 0x5301)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_vs\x00')
ioctl$CDROMPAUSE(r0, 0x5301)
ioctl$BINDER_CTL_ADD(r0, 0xc1086201, &(0x7f0000000040)={'binder0\x00'})
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
ioctl$CDROMVOLCTRL(r1, 0x530a, &(0x7f00000001c0)={0x40, 0x3, 0x1f, 0x8})
ioctl$CDROMPLAYBLK(0xffffffffffffffff, 0x5317, &(0x7f0000000200)={0xfffffff8, 0xda})
ioctl$CDROMREADTOCENTRY(r1, 0x5306, &(0x7f0000000240)={0x0, 0x8, 0xa, 0x3, @msf={0x1, 0x2, 0x40}, 0x4})
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000280)=0x1, 0x4)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000003c0)={'tunl0\x00', &(0x7f00000002c0)={'tunl0\x00', 0x0, 0x780f, 0x3b20, 0x4, 0x9, {{0x2d, 0x4, 0x1, 0x9, 0xb4, 0x66, 0x0, 0x4, 0x4, 0x0, @private=0xa010101, @empty, {[@ssrr={0x89, 0x13, 0xf6, [@broadcast, @broadcast, @multicast1, @local]}, @timestamp_addr={0x44, 0x14, 0xb3, 0x1, 0xe, [{@broadcast, 0x4}, {@dev={0xac, 0x14, 0x14, 0xa}, 0x20}]}, @timestamp_addr={0x44, 0xc, 0xa9, 0x1, 0x3, [{@local, 0x400}]}, @timestamp={0x44, 0x2c, 0x19, 0x0, 0x3, [0x5b6, 0x6, 0x400, 0x6, 0x8001, 0x1000000, 0xfffffffb, 0xfff, 0x1bf9, 0x7fffffff]}, @generic={0x83, 0x12, "80c802133e7403f7448517bc347fc973"}, @noop, @cipso={0x86, 0x1f, 0x2, [{0x6, 0x11, "dfc8c2f2181cd27e1cd96fc53e00eb"}, {0x2, 0x8, "15358823e706"}]}, @ssrr={0x89, 0xb, 0xc9, [@multicast2, @broadcast]}, @end]}}}}})
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000400), 0x200, 0x0)
ioctl$CDROM_GET_CAPABILITY(r2, 0x5331)
r3 = perf_event_open$cgroup(&(0x7f0000000480)={0x2, 0x80, 0x5, 0x0, 0x3f, 0x1, 0x0, 0x3ff, 0x90003, 0x9, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000440), 0xb}, 0x4000, 0x80, 0xffffdf0a, 0x0, 0x0, 0x1ff, 0x101, 0x0, 0x800, 0x0, 0x1}, r0, 0xc, r0, 0x2)
ioctl$BTRFS_IOC_WAIT_SYNC(r3, 0x40089416, &(0x7f0000000500))
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, 0x0, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xc000)
pipe2(&(0x7f0000000640), 0x4800)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000680), 0x1a700, 0x0)
pipe2(&(0x7f00000006c0)={<r4=>0xffffffffffffffff}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000008c0)={'gre0\x00', &(0x7f0000000880)={'gretap0\x00', 0x0, 0x8, 0x40, 0x100, 0x1000, {{0x7, 0x4, 0x0, 0x28, 0x1c, 0x66, 0x0, 0x7, 0x4, 0x0, @multicast1, @local, {[@lsrr={0x83, 0x7, 0xa1, [@broadcast]}]}}}}})

[   85.432520] audit: type=1400 audit(1734868375.289:7): avc:  denied  { execmem } for  pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:52:55 executing program 4:
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/113}, 0x79, 0x0, 0x2000)
r0 = msgget$private(0x0, 0x10)
r1 = msgget$private(0x0, 0x40)
msgctl$IPC_STAT(r1, 0x2, &(0x7f0000000080)=""/155)
msgrcv(r1, &(0x7f0000000140)={0x0, ""/31}, 0x27, 0x3, 0x2000)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x301000, 0x0)
write$P9_RCLUNK(r2, &(0x7f00000001c0)={0x7, 0x79, 0x1}, 0x7)
r3 = msgget$private(0x0, 0x5326cf06e466d9c2)
msgctl$IPC_STAT(r0, 0x2, &(0x7f0000000200)=""/168)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
ioctl$CDROMREADMODE1(r4, 0x530d, &(0x7f0000000300)={0x2, 0xe1, 0x2, 0x0, 0x1, 0x9})
msgrcv(r0, &(0x7f0000000d80)={0x0, ""/226}, 0xea, 0x2, 0x2800)
semctl$GETZCNT(0x0, 0x2, 0xf, &(0x7f0000000e80)=""/250)
prctl$PR_SET_NAME(0xf, &(0x7f0000000f80)='\x00')
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000fc0)='environ\x00')
pipe2(&(0x7f0000001000)={<r5=>0xffffffffffffffff}, 0x4000)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r5, &(0x7f0000001100)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001080)={0x3c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x83ab}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7ff}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8}]}, 0x3c}}, 0x40000)
msgctl$IPC_STAT(r3, 0x2, &(0x7f0000001140)=""/144)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r6, &(0x7f00000012c0)={&(0x7f0000001200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)={0x2c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xff}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x14006800}, 0x40c4)

11:52:55 executing program 7:
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, r0, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xcc}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x8000}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008840}, 0x4)
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x50, r0, 0x1, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x6}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1b3d1c28}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x68bf}]}, 0x50}, 0x1, 0x0, 0x0, 0x140080d5}, 0x11)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x24, r1, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x3}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x8040)
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x40, r0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xa0}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x40050)
sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x24, r0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008001}, 0xc0)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000700), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x34, r2, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x6}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x401}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x8010)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'batadv_slave_0\x00'})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000880)={'wpan0\x00', <r4=>0x0})
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x24, 0x0, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000004}, 0x40)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000009c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x38, r5, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x74}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x1ff}]}, 0x38}}, 0x44050)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b00)={0x44, r2, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x8000}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x400c004)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000c00)={'wpan4\x00'})
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x24, r0, 0x100, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x44000)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000d80)={'syztnl1\x00', &(0x7f0000000d40)={'syztnl1\x00', 0x0, 0x10, 0x1, 0x80000001, 0x3ff, {{0x6, 0x4, 0x1, 0x37, 0x18, 0x66, 0x0, 0x5b, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, {[@timestamp_prespec={0x44, 0x4, 0xc7, 0x3, 0xf}]}}}}})

11:52:55 executing program 6:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
ioctl$CDROMREADMODE1(r0, 0x530d, &(0x7f0000000040)={0x6, 0x3f, 0x0, 0x5, 0x9, 0x5})
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000ac0), 0x16100, 0x0)
ioctl$CDROM_GET_MCN(r1, 0x5311, &(0x7f0000000b00))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000b40))
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x1c, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_SEQ={0x6, 0xa, "64fe"}]}, 0x1c}}, 0x4048800)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000cc0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
ioctl$BTRFS_IOC_START_SYNC(r2, 0x80089418, &(0x7f0000000d00))
r3 = accept4(r1, &(0x7f0000000d40)=@rc={0x1f, @fixed}, &(0x7f0000000dc0)=0x80, 0x80000)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000ec0)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x24, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}]}, 0x24}}, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000f00)='.#^{\x00')
write$P9_RWRITE(r1, &(0x7f0000000f40)={0xb, 0x77, 0x1, 0x3}, 0xb)
r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000f80), 0x84100, 0x0)
ioctl$CDROMSTART(r4, 0x5308)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000001080)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001040)={&(0x7f0000001000)={0x30, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x42}}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x0)
pipe2(&(0x7f00000010c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80000)
write$P9_RCLUNK(r5, &(0x7f0000001100)={0x7, 0x79, 0x2}, 0x7)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001140)='./cgroup/syz0\x00', 0x200002, 0x0)
openat$cgroup_pressure(r6, &(0x7f0000001180)='memory.pressure\x00', 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000001200)={0x5, &(0x7f00000011c0)=[{0x8, 0x6, 0x1, 0x5}, {0xf9bd, 0x0, 0xea, 0x9}, {0x7ff, 0x20, 0x1, 0x55a}, {0x5, 0x5, 0x3, 0x6}, {0x1, 0x7, 0x5, 0x1ff}]})

11:52:55 executing program 5:
r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan0\x00', <r1=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000220}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x60, r0, 0x400, 0x70bd25, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x76}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa2}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x9}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x2a67}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x14}, 0x40044)
syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000780)='setgroups\x00')
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r2)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000007c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000840)={'wpan3\x00', <r4=>0x0})
sendmsg$IEEE802154_LIST_IFACE(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000900)={&(0x7f0000000880)={0x4c, r0, 0x20, 0x70bd2a, 0x7fff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x20000000)
r5 = accept4(r2, &(0x7f0000000980)=@qipcrtr, &(0x7f0000000a00)=0x80, 0x80800)
sendmsg$BATADV_CMD_GET_MESH(r5, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x8000802}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14, r3, 0x20, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4008041}, 0x200000d5)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000b80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000bc0)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, &(0x7f0000000c80)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x3c, r6, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x25}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040800}, 0x40)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000cc0), 0xffffffffffffffff)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000d00)={0x0, ""/256, 0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f0000000f00)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r9=>0x0}], 0x8, "6cbf01dc33a31d"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f0000001f00)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r10=>0x0}], 0x9, "99840b76a4f53f"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000002f00)={0x0, ""/256, <r11=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f0000088900)={0x5, [{0x0, r8}, {}, {r9, r10}, {}, {r11}], 0x1, "907d633eea4a84"})

[   86.786765] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   86.791677] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   86.794926] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   86.798158] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   86.802477] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   86.808391] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   86.811010] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   86.815247] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   86.819641] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   86.846405] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   86.859359] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   86.862508] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   86.864636] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   86.866536] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   86.872483] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   86.875501] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   86.879368] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   86.886345] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   86.888721] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   86.901188] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   86.906444] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   86.914687] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   86.921208] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   86.927337] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   86.932515] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   86.939453] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   86.942695] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   86.946328] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   86.949213] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   86.954170] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   86.957309] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   86.961628] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   86.965201] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   86.967924] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   86.969499] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   86.971451] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   86.980396] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   86.984136] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   86.992673] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   87.000610] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   87.006417] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   87.019207] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   87.123167] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   87.126456] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   87.131115] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   87.142294] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   87.146022] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   87.149544] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   88.865303] Bluetooth: hci1: command tx timeout
[   88.928962] Bluetooth: hci3: command tx timeout
[   88.993223] Bluetooth: hci2: command tx timeout
[   89.056910] Bluetooth: hci0: command tx timeout
[   89.119941] Bluetooth: hci5: command tx timeout
[   89.119991] Bluetooth: hci4: command tx timeout
[   89.120555] Bluetooth: hci6: command tx timeout
[   89.249017] Bluetooth: hci7: command tx timeout
[   90.912861] Bluetooth: hci1: command tx timeout
[   90.978917] Bluetooth: hci3: command tx timeout
[   91.041027] Bluetooth: hci2: command tx timeout
[   91.105117] Bluetooth: hci0: command tx timeout
[   91.167916] Bluetooth: hci4: command tx timeout
[   91.168079] Bluetooth: hci5: command tx timeout
[   91.168937] Bluetooth: hci6: command tx timeout
[   91.297093] Bluetooth: hci7: command tx timeout
[   92.960530] Bluetooth: hci1: command tx timeout
[   93.023876] Bluetooth: hci3: command tx timeout
[   93.087863] Bluetooth: hci2: command tx timeout
[   93.152913] Bluetooth: hci0: command tx timeout
[   93.215973] Bluetooth: hci6: command tx timeout
[   93.216192] Bluetooth: hci5: command tx timeout
[   93.217062] Bluetooth: hci4: command tx timeout
[   93.343943] Bluetooth: hci7: command tx timeout
[   95.008948] Bluetooth: hci1: command tx timeout
[   95.071998] Bluetooth: hci3: command tx timeout
[   95.136906] Bluetooth: hci2: command tx timeout
[   95.199891] Bluetooth: hci0: command tx timeout
[   95.263882] Bluetooth: hci5: command tx timeout
[   95.264969] Bluetooth: hci4: command tx timeout
[   95.265414] Bluetooth: hci6: command tx timeout
[   95.391922] Bluetooth: hci7: command tx timeout
[  146.581215] syz-executor.1 (293) used greatest stack depth: 23664 bytes left
[  148.974544] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  148.982108] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  148.984705] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  148.992403] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  148.999044] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  149.002570] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  149.094116] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  149.097223] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  149.101341] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  149.106448] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  149.113101] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  149.114625] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  149.166122] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  149.168477] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  149.177112] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  149.189191] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  149.193564] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  149.197127] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  149.256570] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  149.260127] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  149.262621] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  149.266925] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  149.275589] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  149.277584] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  149.279474] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  149.280569] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  149.289009] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  149.292090] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  149.292636] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  149.305052] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  149.313225] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  149.316331] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  149.318678] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  149.321649] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  149.333098] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  149.336208] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  149.338216] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  149.342097] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  149.342286] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  149.345121] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  149.352214] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  149.358077] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  149.360912] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  149.365229] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  149.365237] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  149.370644] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  149.372985] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  149.375981] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  151.072891] Bluetooth: hci0: command tx timeout
[  151.135890] Bluetooth: hci1: command tx timeout
[  151.264865] Bluetooth: hci2: command tx timeout
[  151.456954] Bluetooth: hci6: command tx timeout
[  151.457985] Bluetooth: hci7: command tx timeout
[  151.458532] Bluetooth: hci5: command tx timeout
[  151.459107] Bluetooth: hci4: command tx timeout
[  151.519854] Bluetooth: hci3: command tx timeout
[  153.119917] Bluetooth: hci0: command tx timeout
[  153.184977] Bluetooth: hci1: command tx timeout
[  153.311988] Bluetooth: hci2: command tx timeout
[  153.505821] Bluetooth: hci5: command tx timeout
[  153.506278] Bluetooth: hci4: command tx timeout
[  153.506683] Bluetooth: hci7: command tx timeout
[  153.507175] Bluetooth: hci6: command tx timeout
[  153.568930] Bluetooth: hci3: command tx timeout
[  155.168327] Bluetooth: hci0: command tx timeout
[  155.232039] Bluetooth: hci1: command tx timeout
[  155.361015] Bluetooth: hci2: command tx timeout
[  155.552341] Bluetooth: hci5: command tx timeout
[  155.553406] Bluetooth: hci6: command tx timeout
[  155.555087] Bluetooth: hci7: command tx timeout
[  155.556125] Bluetooth: hci4: command tx timeout
[  155.615896] Bluetooth: hci3: command tx timeout
[  157.216809] Bluetooth: hci0: command tx timeout
[  157.281849] Bluetooth: hci1: command tx timeout
[  157.408126] Bluetooth: hci2: command tx timeout
[  157.599885] Bluetooth: hci5: command tx timeout
[  157.600345] Bluetooth: hci4: command tx timeout
[  157.600951] Bluetooth: hci7: command tx timeout
[  157.601374] Bluetooth: hci6: command tx timeout
[  157.665004] Bluetooth: hci3: command tx timeout
[  211.116455] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  211.120540] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  211.123112] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  211.132053] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  211.136342] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  211.139037] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  211.183220] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  211.188435] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  211.191984] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  211.197194] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  211.201062] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  211.204239] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  211.240339] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  211.250127] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  211.270987] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  211.281707] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  211.285069] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  211.292009] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  211.346327] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  211.359391] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  211.366558] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  211.369221] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  211.384373] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  211.389062] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  211.391514] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  211.398090] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  211.412332] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  211.415275] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  211.417366] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  211.419165] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  211.422306] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  211.424107] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  211.427419] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  211.437194] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  211.438738] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  211.439951] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  211.442181] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  211.444020] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  211.445187] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  211.448097] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  211.450090] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  211.450084] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  211.450989] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  211.469169] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  211.472994] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  211.481944] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  211.489660] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  211.494253] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  213.216860] Bluetooth: hci0: command tx timeout
[  213.279991] Bluetooth: hci1: command tx timeout
[  213.344846] Bluetooth: hci2: command tx timeout
[  213.472920] Bluetooth: hci7: command tx timeout
[  213.536048] Bluetooth: hci4: command tx timeout
[  213.536071] Bluetooth: hci5: command tx timeout
[  213.600063] Bluetooth: hci3: command tx timeout
[  213.600083] Bluetooth: hci6: command tx timeout
[  215.266805] Bluetooth: hci0: command tx timeout
[  215.328884] Bluetooth: hci1: command tx timeout
[  215.392979] Bluetooth: hci2: command tx timeout
[  215.519927] Bluetooth: hci7: command tx timeout
[  215.584037] Bluetooth: hci5: command tx timeout
[  215.584145] Bluetooth: hci4: command tx timeout
[  215.647989] Bluetooth: hci6: command tx timeout
[  215.649510] Bluetooth: hci3: command tx timeout
[  217.311996] Bluetooth: hci0: command tx timeout
[  217.376021] Bluetooth: hci1: command tx timeout
[  217.441970] Bluetooth: hci2: command tx timeout
[  217.567942] Bluetooth: hci7: command tx timeout
[  217.632024] Bluetooth: hci4: command tx timeout
[  217.632463] Bluetooth: hci5: command tx timeout
[  217.695989] Bluetooth: hci3: command tx timeout
[  217.696140] Bluetooth: hci6: command tx timeout
[  219.359911] Bluetooth: hci0: command tx timeout
[  219.423957] Bluetooth: hci1: command tx timeout
[  219.487843] Bluetooth: hci2: command tx timeout
[  219.615902] Bluetooth: hci7: command tx timeout
[  219.680038] Bluetooth: hci5: command tx timeout
[  219.680065] Bluetooth: hci4: command tx timeout
[  219.744842] Bluetooth: hci6: command tx timeout
[  219.745328] Bluetooth: hci3: command tx timeout
[  273.649917] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  273.659215] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  273.664171] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  273.675145] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  273.678714] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  273.683396] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  273.778272] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  273.783298] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  273.786613] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  273.789372] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  273.794858] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  273.797291] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  273.798686] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  273.808937] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  273.811595] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  273.813664] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  273.817608] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  273.823115] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  273.847635] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  273.864283] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  273.875169] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  273.904119] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  273.908803] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  273.915045] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  273.919085] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  273.927730] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  273.932933] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  273.934944] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  273.936700] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  273.937054] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  273.943335] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  273.947011] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  273.955150] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  273.970592] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  273.977360] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  273.982989] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  273.991491] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  273.996334] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  273.998028] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  274.007466] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  274.019882] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  274.029490] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  274.039210] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  274.043977] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  274.064121] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  274.123001] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  274.142523] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  274.156194] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  275.745841] Bluetooth: hci0: command tx timeout
[  275.872000] Bluetooth: hci1: command tx timeout
[  275.935905] Bluetooth: hci2: command tx timeout
[  275.999900] Bluetooth: hci3: command tx timeout
[  276.065200] Bluetooth: hci4: command tx timeout
[  276.127953] Bluetooth: hci6: command tx timeout
[  276.129222] Bluetooth: hci5: command tx timeout
[  276.255919] Bluetooth: hci7: command tx timeout
[  277.791927] Bluetooth: hci0: command tx timeout
[  277.919923] Bluetooth: hci1: command tx timeout
[  277.984116] Bluetooth: hci2: command tx timeout
[  278.048011] Bluetooth: hci3: command tx timeout
[  278.112802] Bluetooth: hci4: command tx timeout
[  278.176258] Bluetooth: hci5: command tx timeout
[  278.177305] Bluetooth: hci6: command tx timeout
[  278.303908] Bluetooth: hci7: command tx timeout
[  279.840157] Bluetooth: hci0: command tx timeout
[  279.969068] Bluetooth: hci1: command tx timeout
[  280.032077] Bluetooth: hci2: command tx timeout
[  280.095900] Bluetooth: hci3: command tx timeout
[  280.160420] Bluetooth: hci4: command tx timeout
[  280.223883] Bluetooth: hci5: command tx timeout
[  280.224685] Bluetooth: hci6: command tx timeout
[  280.352019] Bluetooth: hci7: command tx timeout
[  281.887865] Bluetooth: hci0: command tx timeout
[  282.015866] Bluetooth: hci1: command tx timeout
[  282.079862] Bluetooth: hci2: command tx timeout
[  282.143846] Bluetooth: hci3: command tx timeout
[  282.207919] Bluetooth: hci4: command tx timeout
[  282.272298] Bluetooth: hci6: command tx timeout
[  282.272930] Bluetooth: hci5: command tx timeout
[  282.399872] Bluetooth: hci7: command tx timeout
[  335.852527] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  335.854443] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  335.859133] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  335.863581] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  335.868619] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  335.872998] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  335.981427] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  335.986038] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  335.988579] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  335.995605] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  336.007456] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  336.009977] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  336.012278] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  336.014938] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  336.035089] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  336.051828] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  336.063452] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  336.066503] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  336.135655] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  336.147914] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  336.163193] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  336.195225] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  336.222261] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  336.224361] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  336.226445] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  336.235232] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  336.244317] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  336.289522] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  336.305033] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  336.312078] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  336.313925] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  336.314059] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  336.319417] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  336.322599] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  336.324440] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  336.326441] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  336.328260] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  336.343354] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  336.352067] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  336.354026] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  336.375337] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  336.395967] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  336.396836] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  336.447119] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  336.461295] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  336.465494] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  336.488488] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  336.492931] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  337.952871] Bluetooth: hci0: command tx timeout
[  338.080897] Bluetooth: hci1: command tx timeout
[  338.143891] Bluetooth: hci2: command tx timeout
[  338.337887] Bluetooth: hci3: command tx timeout
[  338.463924] Bluetooth: hci5: command tx timeout
[  338.465524] Bluetooth: hci4: command tx timeout
[  338.528497] Bluetooth: hci7: command tx timeout
[  338.720055] Bluetooth: hci6: command tx timeout
[  339.999806] Bluetooth: hci0: command tx timeout
[  340.127857] Bluetooth: hci1: command tx timeout
[  340.191877] Bluetooth: hci2: command tx timeout
[  340.385773] Bluetooth: hci3: command tx timeout
[  340.511961] Bluetooth: hci4: command tx timeout
[  340.512472] Bluetooth: hci5: command tx timeout
[  340.575820] Bluetooth: hci7: command tx timeout
[  340.767951] Bluetooth: hci6: command tx timeout
[  342.047926] Bluetooth: hci0: command tx timeout
[  342.176225] Bluetooth: hci1: command tx timeout
[  342.239866] Bluetooth: hci2: command tx timeout
[  342.431872] Bluetooth: hci3: command tx timeout
[  342.559954] Bluetooth: hci5: command tx timeout
[  342.560927] Bluetooth: hci4: command tx timeout
[  342.624800] Bluetooth: hci7: command tx timeout
[  342.816801] Bluetooth: hci6: command tx timeout
[  344.095948] Bluetooth: hci0: command tx timeout
[  344.225773] Bluetooth: hci1: command tx timeout
[  344.287795] Bluetooth: hci2: command tx timeout
[  344.479883] Bluetooth: hci3: command tx timeout
[  344.607814] Bluetooth: hci4: command tx timeout
[  344.608286] Bluetooth: hci5: command tx timeout
[  344.671790] Bluetooth: hci7: command tx timeout
[  344.863934] Bluetooth: hci6: command tx timeout

VM DIAGNOSIS:
11:58:00  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=ffff88802344fb38 RCX=ffffffff81a182d9 RDX=ffff8880370e0000
RSI=0000000000000000 RDI=0000000000000005 RBP=ffff888036e701ec RSP=ffff88802344f860
R8 =0000000000000001 R9 =ffffed1001251a9a R10=0000000000000000 R11=0000000000000003
R12=0000000000000000 R13=ffff888036e701c0 R14=ffff88802344fab8 R15=dffffc0000000000
RIP=ffffffff81a182dc RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f350ddb68e0 CR3=0000000028fe2000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=756e696c2d34365f3638782f62696c2f XMM01=322e6f732e6c6462696c2f756e672d78
XMM02=00322e6f732e6c6462696c2f756e672d XMM03=78756e696c2d34365f3638782f62696c
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=ffff888010b23be0 RBX=0000000000089008 RCX=ffffffff8150a934 RDX=ffffffff882bc500
RSI=0000000000000000 RDI=ffff888035279800 RBP=ffff888035279800 RSP=ffff8880293cfbb0
R8 =0000000000000001 R9 =ffffed1005279f66 R10=0000000000000003 R11=0000000000000000
R12=ffff888010b29190 R13=0000000000000246 R14=ffffea0000d49e00 R15=ffff888035279800
RIP=ffffffff81aef4f0 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055bffa3ee080 CR3=000000000e10e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=756e696c2d34365f3638782f62696c2f XMM01=322e6f732e6c6462696c2f756e672d78
XMM02=00322e6f732e6c6462696c2f756e672d XMM03=78756e696c2d34365f3638782f62696c
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000