Warning: Permanently added '[localhost]:45309' (ECDSA) to the list of known hosts. 2025/01/06 03:39:57 fuzzer started 2025/01/06 03:39:58 dialing manager at localhost:34561 syzkaller login: [ 62.125084] cgroup: Unknown subsys name 'net' [ 62.240557] cgroup: Unknown subsys name 'cpuset' [ 62.271995] cgroup: Unknown subsys name 'rlimit' 2025/01/06 03:40:18 syscalls: 211 2025/01/06 03:40:18 code coverage: enabled 2025/01/06 03:40:18 comparison tracing: enabled 2025/01/06 03:40:18 extra coverage: enabled 2025/01/06 03:40:18 setuid sandbox: enabled 2025/01/06 03:40:18 namespace sandbox: enabled 2025/01/06 03:40:18 Android sandbox: enabled 2025/01/06 03:40:18 fault injection: enabled 2025/01/06 03:40:18 leak checking: enabled 2025/01/06 03:40:18 net packet injection: enabled 2025/01/06 03:40:18 net device setup: enabled 2025/01/06 03:40:18 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/06 03:40:18 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/06 03:40:18 USB emulation: enabled 2025/01/06 03:40:18 hci packet injection: enabled 2025/01/06 03:40:18 wifi device emulation: enabled 2025/01/06 03:40:18 802.15.4 emulation: enabled 2025/01/06 03:40:18 fetching corpus: 0, signal 0/0 (executing program) 2025/01/06 03:40:19 starting 8 fuzzer processes 03:40:19 executing program 0: semop(0xffffffffffffffff, &(0x7f0000000000)=[{0x2, 0x3ff}, {0x1, 0x2}], 0x2) semop(0x0, &(0x7f0000000040)=[{0x4, 0x4c2b, 0x1000}], 0x1) shmget(0x0, 0x2000, 0x200, &(0x7f0000ffb000/0x2000)=nil) r0 = semget$private(0x0, 0x7, 0x2) semctl$IPC_INFO(r0, 0x4, 0x3, &(0x7f0000000080)=""/44) semctl$GETZCNT(r0, 0x0, 0xf, &(0x7f00000000c0)=""/90) semctl$IPC_RMID(0xffffffffffffffff, 0x0, 0x0) semctl$IPC_INFO(r0, 0x1, 0x3, &(0x7f0000000140)=""/48) r1 = syz_io_uring_setup(0x6f04, &(0x7f0000000180)={0x0, 0x9ead, 0x3, 0x1, 0x15c}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000240)) syz_io_uring_setup(0x306e, &(0x7f0000000280)={0x0, 0x4563, 0x0, 0x3, 0x2fd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000300), &(0x7f0000000340)=0x0) r4 = socket$nl_sock_diag(0x10, 0x3, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_CLOSE={0x13, 0x3, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5) syz_io_uring_setup(0x4f88, &(0x7f00000003c0)={0x0, 0x272f, 0x0, 0x3, 0xc6}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000480)) syz_io_uring_setup(0x6011, &(0x7f00000004c0)={0x0, 0xa65e, 0x10, 0x0, 0x10e, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000580)=0x0) r7 = socket(0x25, 0xa, 0x1) syz_io_uring_submit(r5, r6, &(0x7f00000005c0)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x3, 0x0, 0xffffffffffffffff, 0x0, r7}, 0x8) recvmmsg(r4, &(0x7f0000002580)=[{{&(0x7f0000000780)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000000800), 0x0, &(0x7f0000000840)=""/4096, 0x1000}, 0xffffffff}, {{&(0x7f0000001840)=@in6={0xa, 0x0, 0x0, @empty}, 0x80, &(0x7f0000001e40)=[{&(0x7f00000018c0)=""/75, 0x4b}, {&(0x7f0000001940)=""/22, 0x16}, {&(0x7f0000001980)=""/10, 0xa}, {&(0x7f00000019c0)=""/246, 0xf6}, {&(0x7f0000001ac0)=""/152, 0x98}, {&(0x7f0000001b80)=""/174, 0xae}, {&(0x7f0000001c40)=""/53, 0x35}, {&(0x7f0000001c80)=""/240, 0xf0}, {&(0x7f0000001d80)=""/159, 0x9f}], 0x9, &(0x7f0000001f00)=""/220, 0xdc}, 0x80000000}, {{&(0x7f0000002000)=@sco={0x1f, @none}, 0x80, &(0x7f00000023c0)=[{&(0x7f0000002080)=""/154, 0x9a}, {&(0x7f0000002140)=""/146, 0x92}, {&(0x7f0000002200)=""/24, 0x18}, {&(0x7f0000002240)=""/103, 0x67}, {&(0x7f00000022c0)=""/198, 0xc6}], 0x5, &(0x7f0000002440)=""/121, 0x79}, 0x8}, {{&(0x7f00000024c0)=@rc, 0x80, 0x0, 0x0, &(0x7f0000002540)=""/52, 0x34}, 0x8}], 0x4, 0x2040, &(0x7f0000002680)={0x77359400}) bind$802154_raw(r8, &(0x7f00000026c0)={0x24, @none={0x0, 0x3}}, 0x14) r9 = semget(0x0, 0x3, 0x184) semctl$IPC_SET(r9, 0x0, 0x1, &(0x7f0000002700)={{0x3, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x1f}, 0x89, 0x7, 0x0, 0x0, 0x0, 0x0, 0x7}) 03:40:19 executing program 1: ioctl$SIOCGIFHWADDR(0xffffffffffffffff, 0x8927, &(0x7f0000000000)={'ip6erspan0\x00'}) r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{0x7, 0x1, 0x40, 0x80000000}, {0x9, 0x5, 0x20, 0x2}, {0x5, 0x1f, 0x2}]}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'}) write$P9_RMKDIR(r0, &(0x7f0000000140)={0x14, 0x49, 0x1, {0x20, 0x0, 0x6}}, 0x14) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0) sendmsg$NL80211_CMD_SET_WDS_PEER(r0, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x94, r1, 0x400, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8001, 0x4e}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="a2f4ee20f83b"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="8d46705a8451"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000044}, 0x0) ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000340)={'ip6_vti0\x00'}) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000380), 0x4000c0, 0x0) sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x2c, r1, 0x426, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x7f}, @void, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x7ff}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x1}]}, 0x2c}}, 0x20000000) epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r2) ioctl$TUNSETCARRIER(r2, 0x400454e2, &(0x7f00000004c0)) write$P9_RXATTRCREATE(r0, &(0x7f0000000500)={0x7, 0x21, 0x2}, 0x7) syz_genetlink_get_family_id$SEG6(&(0x7f0000000540), r0) r3 = fork() kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, r3, 0x7, r0, &(0x7f0000000580)={r2, r2, 0x5}) pipe2$9p(&(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x104800) write$P9_RMKDIR(r4, &(0x7f0000000600)={0x14, 0x49, 0x2, {0x1, 0x3}}, 0x14) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) 03:40:20 executing program 2: ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000000)=0x1) ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x10002, 0x0) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{0x6, 0x1, 0x0, 0xfffffff8}, {0xc74, 0x80, 0x0, 0x8}, {0x3, 0x0, 0x0, 0x7fffffff}]}) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000100)) write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000140)={0x7, 0x21, 0x1}, 0x7) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, 0x0, 0x800, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40084}, 0x44840) r2 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000002640)={&(0x7f00000024c0)={0x10, 0x0, 0x0, 0x18}, 0xc, &(0x7f0000002600)={&(0x7f0000002500)={0x100, 0x12, 0x400, 0x70bd27, 0x25dfdbfd, {0x1a, 0x7f, 0x8, 0x80, {0x4e22, 0x4e22, [0x2, 0x3c1b2a93, 0xf2a, 0x200], [0x6, 0x7, 0xff, 0x5], 0x0, [0x1, 0x3]}, 0x8, 0xe9}, [@INET_DIAG_REQ_BYTECODE={0xb3, 0x1, "9c241668dc76a28da3f353d0287acff6f5c8c523dda21295d560461d29c4937a85005d199cee08204d055919c3d8850e7bd88214db0311ae3c8da76c4c183383fcc8b104c109099b3c913890a3f80867e0a7f4c1a9ac67c41eec4d42526ff95f64a3300bdaa48a8270130bb4952450f76324b91febf7bbb075e52789d532fd1733b47be8a5f286d1862413a143022f5d8b1c01243ff1cb1a8b13425c8768b45e0c43de332e93483080ea6f607605ba"}]}, 0x100}, 0x1, 0x0, 0x0, 0x20000011}, 0x40041) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000002680)=0x8) sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f00000027c0)={&(0x7f00000026c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000002780)={&(0x7f0000002700)={0x54, 0x0, 0xb497d47335bc1eff, 0x70bd2b, 0x25dfdbfb, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'batadv0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'ip_vti0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000004}, 0x40004800) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000002800), 0x40081, 0x0) ioctl$TUNSETGROUP(r3, 0x400454ce, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000002880)={'batadv0\x00', 0x0}) sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000002a40)={&(0x7f0000002840)={0x10, 0x0, 0x0, 0x21808008}, 0xc, &(0x7f0000002a00)={&(0x7f00000028c0)={0x108, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @broadcast}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00'}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @remote}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x4}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7f}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}]}, 0x108}}, 0x20004880) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000002a80), 0x0, 0x0) ioctl$TUNSETTXFILTER(r5, 0x400454d1, &(0x7f0000002ac0)={0x0, 0x2, [@remote, @random="9082d5165691"]}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000002b00)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x9, 0x3, {0x0, 0x0, 0x4}, 0x249d0000, 0x9, 0xfffffeff, 0x6, 0x8, 'batadv0\x00', 0x1, '\x00', 0xd, '(:&>:!%@,-(^&', 0x3, ' \x01\x00'}}, 0x53) syz_genetlink_get_family_id$devlink(&(0x7f0000002b80), 0xffffffffffffffff) 03:40:20 executing program 3: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x610002, 0x0) write$P9_RMKDIR(r0, &(0x7f0000000040)={0x14, 0x49, 0x1, {0x40, 0x4, 0x3}}, 0x14) sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RFSYNC(r1, &(0x7f00000001c0)={0x7, 0x33, 0x1}, 0x7) syz_genetlink_get_family_id$tipc(&(0x7f0000000200), r0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0xc00) write$9p(r2, &(0x7f0000000280)="1b007c30ce0aa14661221822dcda24cb47145e2afe8836ebbdc20772cdd22f211fb84589ae6d3f679db03cac635f4299ddface6d085d6c2636a732ad55cae1cf1aca39668131fea453812a8d001596e3a5fced5a1bf81d8f60398e1e7a01e9a06fc9461cc275ff92391204a34aa8643f5b397340e22d414f8b8700a18bc246503c7b3a3d56d648c9a26c6319b834b7fa5a7900870f2b2c8c6fa7fa517181084950af1eb075107ac2924bb14203a2535e8492d4828d5a48a8", 0xb8) r3 = accept(r0, &(0x7f0000000340)=@pptp={0x18, 0x2, {0x0, @multicast2}}, &(0x7f00000003c0)=0x80) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x40000) write$P9_RCREATE(r4, &(0x7f0000000440)={0x18, 0x73, 0x1, {{0x80, 0x4, 0x4}, 0x9}}, 0x18) accept(r0, &(0x7f0000000480)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @initdev}}}}, &(0x7f0000000500)=0x80) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x58, 0x0, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_AF={0x5, 0x2, 0x2}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @loopback}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @broadcast}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, 0x58}, 0x1, 0x0, 0x0, 0x2000c801}, 0x40) ioctl$TUNSETOWNER(r0, 0x400454cc, 0xffffffffffffffff) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f00000006c0)={0x0, @nl=@kern={0x10, 0x0, 0x0, 0x800}, @in={0x2, 0x4e23, @loopback}, @isdn={0x22, 0x0, 0x7, 0x4, 0x5f}, 0xf6, 0x0, 0x0, 0x0, 0x39e0, &(0x7f0000000680)='veth0_to_batadv\x00', 0x8, 0x0, 0x5}) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0) write$P9_RWRITE(r6, &(0x7f0000000780)={0xb, 0x77, 0x1, 0x7fff}, 0xb) r7 = fork() kcmp$KCMP_EPOLL_TFD(r7, 0x0, 0x7, r1, &(0x7f00000007c0)={r0, r3}) recvmmsg(r5, &(0x7f0000002100)=[{{&(0x7f0000000800)=@ax25={{0x3, @bcast}, [@null, @remote, @rose, @netrom, @remote, @bcast, @netrom]}, 0x80, &(0x7f0000000980)=[{&(0x7f0000000880)=""/205, 0xcd}], 0x1}, 0x8}, {{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f00000009c0)=""/189, 0xbd}, {&(0x7f0000000a80)=""/4096, 0x1000}, {&(0x7f0000001a80)=""/212, 0xd4}], 0x3, &(0x7f0000001bc0)=""/179, 0xb3}, 0x9}, {{&(0x7f0000001c80)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000001fc0)=[{&(0x7f0000001d00)=""/241, 0xf1}, {&(0x7f0000001e00)=""/168, 0xa8}, {&(0x7f0000001ec0)=""/163, 0xa3}, {&(0x7f0000001f80)=""/14, 0xe}], 0x4, &(0x7f0000002000)=""/227, 0xe3}, 0x1f}], 0x3, 0x10103, &(0x7f00000021c0)) [ 83.162024] audit: type=1400 audit(1736134820.057:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 03:40:20 executing program 4: sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x7c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x44, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4008014}, 0x4010) r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, r0, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0xc801}, 0x4044040) sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x44, 0x0, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'ip_vti0\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000084}, 0x8004) sendmsg$NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x5c, 0x0, 0x300, 0x70bd27, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xe}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000001}, 0x40480c0) r1 = socket(0x3, 0x2, 0x40) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, 0x0, 0x800, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1000}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x440c1) r2 = accept(r1, 0x0, &(0x7f0000000600)) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000680), r1) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r2, &(0x7f00000007c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000780)={&(0x7f00000006c0)={0xb0, r3, 0x4, 0x70bd26, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x3}, {0x6, 0x16, 0x4afb}, {0x5}, {0x6, 0x11, 0x7ae4}, {0x8, 0xb, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x6}, {0x6, 0x16, 0xe}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x4f}, {0x8, 0xb, 0x7f}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4000}, 0x48021) syz_genetlink_get_family_id$batadv(&(0x7f0000000800), r2) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000880), r1) sendmsg$TIPC_NL_NET_SET(r1, &(0x7f0000000980)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x58, r4, 0xb04, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7be0}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffffffff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3f}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8001}]}]}, 0x58}}, 0x800) sendmsg$MPTCP_PM_CMD_GET_ADDR(r1, &(0x7f0000000a80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x1c, 0x0, 0x2, 0x70bd26, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4) r5 = accept(r1, &(0x7f0000000ac0)=@sco, &(0x7f0000000b40)=0x80) sendmsg$SMC_PNETID_FLUSH(r5, &(0x7f0000000c80)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x4c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_to_bond\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c010}, 0x20000840) sendmsg$NL80211_CMD_VENDOR(r5, &(0x7f0000000ec0)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000e80)={&(0x7f0000000d00)={0x168, 0x0, 0x8, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @void, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x7}, @NL80211_ATTR_VENDOR_DATA={0xb4, 0xc5, "3e37d83de074d09a9f34ebfdad55ef9920d6a6b6ae8540bf1924f23a7d224e18794980def90b5f58d47991eed893110b0546a120bb99f5f5d57983528967b69a5312e848ac4db8120fa144daa21062c25b897dc5b0ec050d0ab93c83430565cdf6048efef88cf6a3cd0d4286a7d25b95404d3a6f5abe0c5fe6c9a66ea921fc3ceec800cfefade3daf2cf2140b119fdd73626beba09aa52d4b7953b6f9611220be61a1945353641c4bde1872440428234"}, @NL80211_ATTR_VENDOR_DATA={0x96, 0xc5, "11a05d86a2508ffbb5ff1909a15f4ab2ac3fa4e781bf69f3b9307321a9c7415364549261976794059a5f46189dcef1ee7699a543a59ac6464edc5a3a1990894c4e1bab63c8acb4d912d81ef6c5f8a234c153ca704a34368e5cb7f5655a907650980b9c0c6a8c45dc0231d70057b5268b8f608512f563d5792ada5003a31bcebfe0e0e17381677014bdd5605c013a4d4d167f"}]}, 0x168}, 0x1, 0x0, 0x0, 0x4}, 0x890) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000f00)={'wlan1\x00', @local}) r6 = socket(0x2b, 0x801, 0x5) sendmsg$IPVS_CMD_SET_DEST(r6, &(0x7f0000001100)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000010c0)={&(0x7f0000001040)={0x54, 0x0, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x100}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x800}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x4) 03:40:20 executing program 5: write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x6d, 0x1}, 0x7) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000040)={0x23, 0x6f, 0x1, {0x2, [{0x20, 0x4, 0x2}, {0x0, 0x3, 0x6}]}}, 0x23) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RXATTRWALK(r0, &(0x7f0000000100)={0xf, 0x1f, 0x2, 0x5}, 0xf) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RWALK(r1, &(0x7f0000000180)={0x3d, 0x6f, 0x2, {0x4, [{0x80, 0x3}, {0x2, 0x3, 0x4}, {0x2, 0x0, 0x81}, {0x4, 0x0, 0x2}]}}, 0x3d) epoll_wait(0xffffffffffffffff, &(0x7f00000001c0)=[{}, {}, {}, {}, {}], 0x5, 0xc7) mq_timedsend(0xffffffffffffffff, &(0x7f0000000200)="9ade36b6c443b3ede63a3cd621734339c80dba8d505d865bad8439314e057251bf5cbf1d75e620152613291faf3b694920ce0b7f7da7e306933fe4c70649", 0x3e, 0xffffffffffffffff, &(0x7f0000000240)) write$P9_RVERSION(r1, &(0x7f0000000280)={0x13, 0x65, 0xffff, 0x3, 0x6, '9P2000'}, 0x13) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000002c0), 0x141000, 0x0) write$P9_RGETLOCK(r2, &(0x7f0000000300)={0x24, 0x37, 0x2, {0x2, 0x1, 0x100000001, 0xffffffffffffffff, 0x6, '9P2000'}}, 0x24) r3 = accept(r0, &(0x7f0000000380)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x80) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r3) write$P9_RVERSION(r2, &(0x7f0000000440)={0x15, 0x65, 0xffff, 0xfffffff7, 0x8, '9P2000.L'}, 0x15) write$P9_RATTACH(r0, &(0x7f0000000480)={0x14, 0x69, 0x1, {0x40, 0x4, 0x1}}, 0x14) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x8881, 0x0) ioctl$TUNGETFEATURES(r4, 0x800454cf, &(0x7f0000000500)) write$P9_RLOCK(r2, &(0x7f0000000540)={0x8, 0x35, 0x2, 0x1}, 0x8) write$P9_RLOCK(0xffffffffffffffff, &(0x7f0000000580)={0x8, 0x35, 0x1, 0x1}, 0x8) 03:40:20 executing program 7: ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x4) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000000)={0x0, 0x2, [@remote, @broadcast]}) ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000040)) r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0) ioctl$TUNSETGROUP(r0, 0x400454ce, 0xee00) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x133081, 0x0) ioctl$TUNSETVNETBE(r1, 0x400454de, &(0x7f0000000100)) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0) ioctl$TUNSETPERSIST(r2, 0x400454cb, 0x0) sendmsg$FOU_CMD_GET(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x30, 0x0, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, 0x30}, 0x1, 0x0, 0x0, 0x40800}, 0x4002001) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000280)) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x4800, 0x0) ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f0000000300)) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl$TUNSETVNETBE(r4, 0x400454de, &(0x7f0000000380)=0x1) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f00000003c0)={'veth1_to_bridge\x00'}) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RFLUSH(r5, &(0x7f0000000440)={0x7, 0x6d, 0x1}, 0x7) 03:40:20 executing program 6: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x184400) write$P9_RWRITE(r0, &(0x7f0000000040)={0xb, 0x77, 0x1, 0x1}, 0xb) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) r3 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, 0xffffffffffffffff) r4 = gettid() r5 = fork() r6 = epoll_create(0x79) r7 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/pid_for_children\x00') kcmp$KCMP_EPOLL_TFD(r4, r5, 0x7, 0xffffffffffffffff, &(0x7f0000000100)={r6, r7, 0x3}) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r7, 0x89f5, &(0x7f00000001c0)={'ip6tnl0\x00', &(0x7f0000000140)={'ip6tnl0\x00', 0x0, 0x29, 0xff, 0x75, 0x8, 0x8, @mcast2, @private2, 0x700, 0x1, 0x7, 0x6}}) ptrace$peeksig(0x4209, r5, &(0x7f0000000200)={0x9, 0x1, 0x8}, &(0x7f0000000240)=[{}, {}, {}, {}, {}, {}, {}, {}]) write$P9_RWRITE(r2, &(0x7f0000000640)={0xb, 0x77, 0x2, 0xfffffffd}, 0xb) r8 = epoll_create(0x200) kcmp$KCMP_EPOLL_TFD(r5, r5, 0x7, r6, &(0x7f0000000680)={r8, r2, 0x99a}) ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f00000006c0)) kcmp$KCMP_EPOLL_TFD(r5, r5, 0x7, 0xffffffffffffffff, &(0x7f0000000700)={r3, r1, 0x5}) epoll_wait(r8, &(0x7f0000000740)=[{}], 0x1, 0x801) semtimedop(0x0, &(0x7f0000000780)=[{0x1, 0x37f, 0x800}, {0x4, 0xffe0, 0x800}, {0x3, 0x100, 0x1000}, {0x1, 0x9, 0x1400}], 0x4, &(0x7f0000000800)) [ 84.656219] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.660066] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.666154] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.668477] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.680974] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.685371] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 84.687621] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.725638] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.730190] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.732225] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.738260] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.741358] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 84.743420] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.766669] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.781008] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.782670] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.787015] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 84.789390] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.799593] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 84.801115] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 84.802998] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.803589] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 84.807010] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.813441] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 84.817800] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.820152] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 84.822624] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 84.825626] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 84.831335] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 84.833044] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 84.834651] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.837214] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 84.840918] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 84.843402] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 84.845387] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 84.846890] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 84.849290] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.849579] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 84.851271] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 84.852562] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 84.855157] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 84.862385] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 84.865675] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 84.869090] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 84.872279] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 84.881404] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 84.883315] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 84.886103] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 86.734268] Bluetooth: hci0: command tx timeout [ 86.797788] Bluetooth: hci2: command tx timeout [ 86.862763] Bluetooth: hci1: command tx timeout [ 86.925851] Bluetooth: hci6: command tx timeout [ 86.926590] Bluetooth: hci7: command tx timeout [ 86.927199] Bluetooth: hci3: command tx timeout [ 86.989867] Bluetooth: hci4: command tx timeout [ 86.989916] Bluetooth: hci5: command tx timeout [ 88.781962] Bluetooth: hci0: command tx timeout [ 88.845844] Bluetooth: hci2: command tx timeout [ 88.911929] Bluetooth: hci1: command tx timeout [ 88.973845] Bluetooth: hci3: command tx timeout [ 88.973934] Bluetooth: hci6: command tx timeout [ 88.975372] Bluetooth: hci7: command tx timeout [ 89.037831] Bluetooth: hci4: command tx timeout [ 89.037891] Bluetooth: hci5: command tx timeout [ 90.831035] Bluetooth: hci0: command tx timeout [ 90.894806] Bluetooth: hci2: command tx timeout [ 90.959201] Bluetooth: hci1: command tx timeout [ 91.023749] Bluetooth: hci7: command tx timeout [ 91.023789] Bluetooth: hci6: command tx timeout [ 91.024225] Bluetooth: hci3: command tx timeout [ 91.086930] Bluetooth: hci4: command tx timeout [ 91.087141] Bluetooth: hci5: command tx timeout [ 92.877819] Bluetooth: hci0: command tx timeout [ 92.942754] Bluetooth: hci2: command tx timeout [ 93.005818] Bluetooth: hci1: command tx timeout [ 93.069941] Bluetooth: hci6: command tx timeout [ 93.070617] Bluetooth: hci7: command tx timeout [ 93.071096] Bluetooth: hci3: command tx timeout [ 93.133766] Bluetooth: hci5: command tx timeout [ 93.134834] Bluetooth: hci4: command tx timeout [ 144.512481] syz-executor.4 (286) used greatest stack depth: 23648 bytes left [ 147.059381] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 147.062507] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 147.065219] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 147.076753] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 147.081243] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 147.083641] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 147.135029] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 147.140058] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 147.144066] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 147.146253] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 147.148812] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 147.151107] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 147.156112] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 147.163762] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 147.171930] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 147.178204] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 147.182321] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 147.184331] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 147.188421] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 147.190312] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 147.190447] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 147.194113] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 147.196893] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 147.199441] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 147.203425] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 147.205259] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 147.208251] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 147.214574] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 147.216189] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 147.217932] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 147.219630] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 147.223157] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 147.224331] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 147.226045] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 147.228891] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 147.229170] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 147.233584] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 147.236244] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 147.252408] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 147.264450] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 147.269919] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 147.293426] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 147.308241] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 147.327061] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 147.329095] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 147.356260] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 147.364223] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 147.368253] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 149.134777] Bluetooth: hci0: command tx timeout [ 149.261835] Bluetooth: hci1: command tx timeout [ 149.325936] Bluetooth: hci2: command tx timeout [ 149.326904] Bluetooth: hci6: command tx timeout [ 149.327588] Bluetooth: hci7: command tx timeout [ 149.389759] Bluetooth: hci3: command tx timeout [ 149.453805] Bluetooth: hci4: command tx timeout [ 149.517764] Bluetooth: hci5: command tx timeout [ 151.181837] Bluetooth: hci0: command tx timeout [ 151.310773] Bluetooth: hci1: command tx timeout [ 151.374765] Bluetooth: hci7: command tx timeout [ 151.374789] Bluetooth: hci6: command tx timeout [ 151.375283] Bluetooth: hci2: command tx timeout [ 151.439742] Bluetooth: hci3: command tx timeout [ 151.501895] Bluetooth: hci4: command tx timeout [ 151.566710] Bluetooth: hci5: command tx timeout [ 153.229898] Bluetooth: hci0: command tx timeout [ 153.357832] Bluetooth: hci1: command tx timeout [ 153.421776] Bluetooth: hci2: command tx timeout [ 153.421975] Bluetooth: hci6: command tx timeout [ 153.422252] Bluetooth: hci7: command tx timeout [ 153.485790] Bluetooth: hci3: command tx timeout [ 153.549754] Bluetooth: hci4: command tx timeout [ 153.614927] Bluetooth: hci5: command tx timeout [ 155.278783] Bluetooth: hci0: command tx timeout [ 155.405802] Bluetooth: hci1: command tx timeout [ 155.470844] Bluetooth: hci6: command tx timeout [ 155.471651] Bluetooth: hci7: command tx timeout [ 155.471957] Bluetooth: hci2: command tx timeout [ 155.533960] Bluetooth: hci3: command tx timeout [ 155.597834] Bluetooth: hci4: command tx timeout [ 155.661824] Bluetooth: hci5: command tx timeout [ 209.056032] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 209.057563] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 209.059105] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 209.063130] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 209.066104] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 209.067583] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 209.118131] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 209.120516] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 209.122397] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 209.127335] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 209.129290] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 209.130356] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 209.236911] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 209.240835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 209.242981] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 209.244621] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 209.248559] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 209.253098] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 209.254571] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 209.274250] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 209.278122] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 209.281176] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 209.283856] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 209.296524] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 209.328323] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 209.342767] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 209.374354] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 209.380017] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 209.382010] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 209.383561] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 209.443623] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 209.461337] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 209.463031] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 209.474129] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 209.480883] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 209.481926] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 209.482799] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 209.488850] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 209.491055] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 209.499919] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 209.518936] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 209.527084] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 209.531957] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 209.535616] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 209.537880] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 209.592277] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 209.619032] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 209.633513] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 211.149787] Bluetooth: hci0: command tx timeout [ 211.214740] Bluetooth: hci1: command tx timeout [ 211.277950] Bluetooth: hci3: command tx timeout [ 211.405820] Bluetooth: hci4: command tx timeout [ 211.406717] Bluetooth: hci2: command tx timeout [ 211.598007] Bluetooth: hci5: command tx timeout [ 211.599247] Bluetooth: hci6: command tx timeout [ 211.789762] Bluetooth: hci7: command tx timeout [ 213.198828] Bluetooth: hci0: command tx timeout [ 213.262914] Bluetooth: hci1: command tx timeout [ 213.326123] Bluetooth: hci3: command tx timeout [ 213.454791] Bluetooth: hci2: command tx timeout [ 213.455282] Bluetooth: hci4: command tx timeout [ 213.645735] Bluetooth: hci6: command tx timeout [ 213.646214] Bluetooth: hci5: command tx timeout [ 213.839791] Bluetooth: hci7: command tx timeout [ 215.246016] Bluetooth: hci0: command tx timeout [ 215.309828] Bluetooth: hci1: command tx timeout [ 215.374124] Bluetooth: hci3: command tx timeout [ 215.502107] Bluetooth: hci4: command tx timeout [ 215.503404] Bluetooth: hci2: command tx timeout [ 215.695101] Bluetooth: hci5: command tx timeout [ 215.696010] Bluetooth: hci6: command tx timeout [ 215.885803] Bluetooth: hci7: command tx timeout [ 217.293728] Bluetooth: hci0: command tx timeout [ 217.357719] Bluetooth: hci1: command tx timeout [ 217.423776] Bluetooth: hci3: command tx timeout [ 217.549776] Bluetooth: hci2: command tx timeout [ 217.550220] Bluetooth: hci4: command tx timeout [ 217.741746] Bluetooth: hci6: command tx timeout [ 217.742179] Bluetooth: hci5: command tx timeout [ 217.935071] Bluetooth: hci7: command tx timeout [ 271.704621] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 271.706914] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 271.713132] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 271.722289] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 271.727810] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 271.733122] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 271.958620] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 271.961926] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 271.965598] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 271.971161] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 271.982138] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 271.984682] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 272.039604] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 272.044016] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 272.050025] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 272.059980] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 272.062427] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 272.064629] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 272.113907] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 272.125448] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 272.126347] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 272.133278] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 272.135968] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 272.138072] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 272.162967] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 272.190582] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 272.192130] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 272.193939] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 272.206145] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 272.212381] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 272.226795] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 272.232801] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 272.242313] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 272.248572] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 272.251244] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 272.252417] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 272.255340] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 272.266152] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 272.266316] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 272.272176] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 272.274504] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 272.276724] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 272.281296] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 272.288532] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 272.298369] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 272.308998] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 272.312179] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 272.314963] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 273.806099] Bluetooth: hci0: command tx timeout [ 273.998316] Bluetooth: hci1: command tx timeout [ 274.125902] Bluetooth: hci2: command tx timeout [ 274.255112] Bluetooth: hci3: command tx timeout [ 274.318921] Bluetooth: hci6: command tx timeout [ 274.320194] Bluetooth: hci4: command tx timeout [ 274.382548] Bluetooth: hci5: command tx timeout [ 274.383948] Bluetooth: hci7: command tx timeout [ 275.854728] Bluetooth: hci0: command tx timeout [ 276.045959] Bluetooth: hci1: command tx timeout [ 276.173798] Bluetooth: hci2: command tx timeout [ 276.302074] Bluetooth: hci3: command tx timeout [ 276.365838] Bluetooth: hci6: command tx timeout [ 276.367005] Bluetooth: hci4: command tx timeout [ 276.430436] Bluetooth: hci7: command tx timeout [ 276.431414] Bluetooth: hci5: command tx timeout [ 277.902738] Bluetooth: hci0: command tx timeout [ 278.093840] Bluetooth: hci1: command tx timeout [ 278.221987] Bluetooth: hci2: command tx timeout [ 278.349937] Bluetooth: hci3: command tx timeout [ 278.414834] Bluetooth: hci4: command tx timeout [ 278.415374] Bluetooth: hci6: command tx timeout [ 278.479366] Bluetooth: hci7: command tx timeout [ 278.479940] Bluetooth: hci5: command tx timeout [ 279.949790] Bluetooth: hci0: command tx timeout [ 280.142702] Bluetooth: hci1: command tx timeout [ 280.269765] Bluetooth: hci2: command tx timeout [ 280.397850] Bluetooth: hci3: command tx timeout [ 280.462201] Bluetooth: hci6: command tx timeout [ 280.462724] Bluetooth: hci4: command tx timeout [ 280.525725] Bluetooth: hci7: command tx timeout [ 280.526182] Bluetooth: hci5: command tx timeout [ 330.310005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 330.311039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 330.772073] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 330.772822] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 333.657226] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 333.663242] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 333.665960] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 333.675606] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 333.682293] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 333.686052] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 333.786693] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 333.792837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 333.802021] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 333.808401] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 333.813299] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 333.815212] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 333.865612] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 333.874821] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 333.891006] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 333.913509] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 333.920284] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 333.925528] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 333.937032] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 333.956430] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 333.987104] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 333.993095] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 333.999075] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 334.002197] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 334.006548] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 334.012885] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 334.015580] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 334.019553] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 334.021905] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 334.040778] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 334.044121] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 334.050962] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 334.054053] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 334.056292] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 334.060046] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 334.077140] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 334.131002] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 334.183392] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 334.197391] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 334.291547] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 334.297086] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 334.301092] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 334.310053] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 334.324992] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 334.326228] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 334.351893] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 334.360836] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 334.364286] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 335.757765] Bluetooth: hci0: command tx timeout [ 335.885808] Bluetooth: hci1: command tx timeout [ 336.013825] Bluetooth: hci2: command tx timeout [ 336.205793] Bluetooth: hci5: command tx timeout [ 336.397841] Bluetooth: hci4: command tx timeout [ 336.589775] Bluetooth: hci7: command tx timeout [ 336.590529] Bluetooth: hci3: command tx timeout [ 336.653695] Bluetooth: hci6: command tx timeout [ 337.806026] Bluetooth: hci0: command tx timeout [ 337.933675] Bluetooth: hci1: command tx timeout [ 338.061712] Bluetooth: hci2: command tx timeout [ 338.253879] Bluetooth: hci5: command tx timeout [ 338.445698] Bluetooth: hci4: command tx timeout [ 338.638120] Bluetooth: hci7: command tx timeout [ 338.638611] Bluetooth: hci3: command tx timeout [ 338.701693] Bluetooth: hci6: command tx timeout [ 339.853757] Bluetooth: hci0: command tx timeout [ 339.981732] Bluetooth: hci1: command tx timeout [ 340.109844] Bluetooth: hci2: command tx timeout [ 340.301908] Bluetooth: hci5: command tx timeout [ 340.494881] Bluetooth: hci4: command tx timeout [ 340.685870] Bluetooth: hci7: command tx timeout [ 340.686361] Bluetooth: hci3: command tx timeout [ 340.749859] Bluetooth: hci6: command tx timeout [ 341.901705] Bluetooth: hci0: command tx timeout [ 342.029887] Bluetooth: hci1: command tx timeout [ 342.157685] Bluetooth: hci2: command tx timeout [ 342.349996] Bluetooth: hci5: command tx timeout [ 342.542705] Bluetooth: hci4: command tx timeout [ 342.733889] Bluetooth: hci3: command tx timeout [ 342.734435] Bluetooth: hci7: command tx timeout [ 342.797744] Bluetooth: hci6: command tx timeout VM DIAGNOSIS: 03:45:26 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=ffffffff84a05b56 RCX=0000000000000001 RDX=1ffff11005ad3e8c RSI=ffff88802d69f848 RDI=ffffffff84a05b56 RBP=ffffffff84a05b56 RSP=ffff88802d69f3c8 R8 =0000000000000001 R9 =ffff88802d69f448 R10=000000000003aab6 R11=00000000000c0d91 R12=ffff88802d69f4d0 R13=0000000000000000 R14=ffff88800f6b9bc0 R15=0000000000000002 RIP=ffffffff81422e13 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fed63464540 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fed6364f620 CR3=000000002cd38000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00ffffffffffff0000000000000000 XMM01=0100010001000000ffffffffffffffff XMM02=0500050005000000455441564952505f XMM03=0000000000000000000000564952505f XMM04=00030005000500050005000000455441 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=ffff88806cf41c00 RCX=0000000000000000 RDX=1ffff110067a5baf RSI=ffff88806cf41c20 RDI=ffffffff81a457a1 RBP=ffff88800a587910 RSP=ffff88800a587828 R8 =0000000000000001 R9 =ffff888033d2dd80 R10=ffffffff863fcc97 R11=0000000000000000 R12=0000000000000286 R13=ffff88806cf41c20 R14=ffff888008feedc0 R15=ffff888034620bd0 RIP=ffffffff8179c242 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007feb30c54260 CR3=0000000025d42000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=2e6f747079726362696c2f756e672d78 XMM02=00312e312e6f732e6f74707972636269 XMM03=6c2f756e672d78756e696c2d34365f36 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000