Warning: Permanently added '[localhost]:14669' (ECDSA) to the list of known hosts. 2025/04/24 02:28:23 fuzzer started 2025/04/24 02:28:24 dialing manager at localhost:37747 syzkaller login: [ 108.641784] cgroup: Unknown subsys name 'net' [ 108.801036] cgroup: Unknown subsys name 'cpuset' [ 108.854302] cgroup: Unknown subsys name 'rlimit' 2025/04/24 02:28:45 syscalls: 202 2025/04/24 02:28:45 code coverage: enabled 2025/04/24 02:28:45 comparison tracing: enabled 2025/04/24 02:28:45 extra coverage: enabled 2025/04/24 02:28:45 setuid sandbox: enabled 2025/04/24 02:28:45 namespace sandbox: enabled 2025/04/24 02:28:45 Android sandbox: enabled 2025/04/24 02:28:45 fault injection: enabled 2025/04/24 02:28:45 leak checking: enabled 2025/04/24 02:28:45 net packet injection: enabled 2025/04/24 02:28:45 net device setup: enabled 2025/04/24 02:28:45 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/04/24 02:28:45 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/04/24 02:28:45 USB emulation: enabled 2025/04/24 02:28:45 hci packet injection: enabled 2025/04/24 02:28:45 wifi device emulation: enabled 2025/04/24 02:28:45 802.15.4 emulation: enabled 2025/04/24 02:28:45 fetching corpus: 0, signal 0/0 (executing program) 2025/04/24 02:28:47 starting 8 fuzzer processes 02:28:47 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x361902, 0x0) write$P9_RFSYNC(r0, &(0x7f0000000040)={0x7, 0x33, 0x1}, 0x7) write$P9_ROPEN(r0, &(0x7f0000000080)={0x18, 0x71, 0x2, {{0x40, 0x1, 0x1}, 0x8}}, 0x18) r1 = geteuid() mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x21b6020, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@access_user}, {@mmap}, {@version_L}], [{@euid_eq={'euid', 0x3d, 0xee01}}, {@euid_lt={'euid<', r1}}, {@fsuuid={'fsuuid', 0x3d, {[0x63, 0x34, 0x34, 0x32, 0x64, 0x36, 0x65, 0x3f], 0x2d, [0x34, 0x37, 0x38, 0x37], 0x2d, [0x64, 0x37, 0x61, 0x36], 0x2d, [0x63, 0x5e, 0x34, 0x64], 0x2d, [0x34, 0x35, 0x54228056e66e623d, 0x66, 0x63, 0x31, 0x39, 0x38]}}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/zero\x00'}}]}}) write$P9_RWSTAT(r0, &(0x7f0000000340)={0x7, 0x7f, 0x1}, 0x7) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000006, 0x10010, r0, 0x10000000) syz_io_uring_submit(0x0, r2, &(0x7f0000000440)=@IORING_OP_WRITEV={0x2, 0x0, 0x2007, @fd_index=0x5, 0x3, &(0x7f0000000400)=[{&(0x7f0000000380)="7e17a8b61b759e72baa2d30048662bb2fe5a17f0fda789966c8548c3a340f7d639ea00cb7d9381526cc28a6c2d5cd8137691d9bd4b9f4df8d6dfc7dd303f76611872365e687ab8e0f64adf3750de1b347845269889eeaa40216736d8f5708bd57328e5", 0x63}], 0x1, 0x2, 0x1}, 0x401) write$P9_RMKDIR(r0, &(0x7f0000000480)={0x14, 0x49, 0x2, {0x8, 0x4, 0x3}}, 0x14) keyctl$describe(0x6, 0x0, &(0x7f00000004c0)=""/96, 0x60) getsockopt$packet_int(r0, 0x107, 0x13, &(0x7f0000000540), &(0x7f0000000580)=0x4) write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f00000005c0)={0xf, 0x1f, 0x1}, 0xf) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r3, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x24, 0x0, 0x0, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x10) pipe2$9p(&(0x7f0000000700)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RVERSION(r4, &(0x7f0000000740)={0x15, 0x65, 0xffff, 0x0, 0x8, '9P2000.u'}, 0x15) write$P9_RWSTAT(r0, &(0x7f0000000780)={0x7, 0x7f, 0x2}, 0x7) setsockopt$packet_buf(r0, 0x107, 0x6, &(0x7f00000007c0)="b71ddbf172ecdb7e13a245e44cf12d00420e1b3de5f4df7ab4b805f8e7545981dc4d9e22ec8999ede718b83c57d29967d3ddd7b15a30d1930197e4f4b9a36e8de9a428513cc75584eb2941dcaa2b2459e4edee3637aa621d14958a26c11fa40105e1c7e6d30309a4d90b7910f5f98732632be3a53c4738434f3defbe9ceb318fbcb965b7972ac434b1c2a2ff5de3bc7c2a88e83261e20f5d0543d4ee4a995b562987fe465876e605d61c958658b3bff2a03845413d18cdfc3fa94a9a2cda675489a474bf23969b6030a9bba7c027e45552eba4deccecb0771963facb3e5f1bb005098f86e77cf24a39877ca3445d8879c49d0fbfcacc7e3eecd3e42a9ba855b3f27af73ffc026758711a31fa815748b767b577f3e2709464147f278da7ef3224d67bf91c09628860cc207b8f6514b1329552df77e03729e7e5bdf77f1988110fc9ec500e0fc3aa8a74f7e2c42b09818ac161e94ee9c6b6ffc40c9177b59f9cb02e5715d3567c18727b162d52cfdc0bd4b67165935f849b1d0f60127a965dd8801909a2dfdc3c4e7304356d9fb2e9bd923447591226bedac87b95a583dade594a4acb622b61aa9f03f4df4ace4bc3a84fed0c13e57e6cfb469f29fea899430810ec72f628d52558bf66bec47796c3031a8c12de9b3a911c31eb155c505ffbb4269864f6b45988d1643f0517d769b305c1fa75acfc8563ae378e31ce95c4ec00a46ae84455fa4e4af9bccd80254605baec49738f48c32be6e94a6a684fa6ddba855ef65a2424323e564cdd42b4d337f84c381784516cc1fdecf9ed8252e4c1754f0c78221146c128ba4247d3bfd55d170eef603136ffc9c20a199b79f1a5b7be39a89d535c3bc444c9a109f0dd69e3a0debe4a95fac835f6cc2b800f15a6295ee7225494521df8718235c79c6a4c2fc5ab5df1bafd0faecf4f0be82927422176a6365c9996d97b42c5f1bd724faffe383d3738019ad6c4c7b3997f060beef0c4ae31b5f3e7e98811d4521939f4a121756b3ccf1733700d69a8fc557d6062c753bfd3f1c976c6ffc6cef38d14b9331c77dfae8097579768e6d7a713f36170c50a2f49f9bc04736b69845424b8264884dfa0dcb029816ec84a8aa30668ad00ae5a4390be33b2de5f8b1792051229768b320c7102d52711d5aa58b946a98013eee8fd55c79e6bce5f0c37747691c7b06c3b39ec1c38edddc500148e26726e682b100a89e69f2e39662133254b96fa49ed6f25ef209135cdcf295848c99798cd9c08775ab7669e5d5096c3eda6107429575cf33901cc748946df573f2c47b6f25e3f8f98adffc9c0ba384446edad5531c4ab380720aa825c907a06d1823428ee4bae66954d0c5817ee3643cac6d1d6e8f9c47b1f9649526b85a521346494d05179a18e74deaff46fbe816ddd6af530491f5987072d03f034a0c742649911ee988d67c2aa11acf801366cdab6f1e23f241815f73c5ddf3a716eb109ae53cc51695195cc12d3d8fea6c787b049677dfe7104c8e6566f596d44fb90772cee5672242bb1ca7167b72eb0e339e95dd11d133419b0e37302c423cf7c969a69420b55b4b011a5213072323b28bebce20f4cb87422175a7d182f6259204f6b9e8d9b3dd80373ce1c4945b5680c2675368a7e6acfc5e8408ede09d35f5b3c90b170f8f5369fa6696c5c131236b201229e13ec1d130a6c2eefcae4ff9283c552e0bfdf520ceffd54d65a7de547a1591c0fc2609e0b8f2a6db12b48d48e0ebb61c3dadc780047e0e7d0b3e9664adc07dae8d1cfe1ff1725ff802edcbea23f0d8c5607913751bfc590e4a0c4dd6b7666b8ffd6e8c0edd0cb9ffbacab82bdc9ea055abdfdd130e9c746ad2f44c8c283420322e7476d72dfbcd19b2a07480c106f8306c6c7e0c5c4c39bd820e5206c0bc9840440a88a8e9c0a5f4b08be4e9796bae0fc51328ed93f49fadc2f07378e3801ebbf216854d99451ee554bb2e0fa85b361c34abc4c66cf66a718b1cb0ec2e537e271b1b711c80a10e4d1f171568b1264e0bce00b9259b8c33d072c4ad7326b92b0064237a96171d99385a449f0d737c68f48118254482414f5158ef81e65b4b6ea9d77ba28407c15ec7467904ab570f9a1e5a75b2d3a1406842518c9a62424d1a808d44f05cf5c3a1ae99d2873ac2a3347072f88c23f3ea6bead7ff89d79db83537a035cc2fcfdf8cdb08e23216de67d373b34ffd70c9c3761ec0704c371f30db5cc2b93e5caf565e6ddf681af4d68a47768b7b799e7146e30b04a1e77078d7d4deefbf610ff1f4ccbc9dc101ac0344d2d1d152f4117f65eb470f701c085037171d2de9157a6ee378557bb6a79a53f41af3e8b72d2a56f6064c12e4a59a78236fcc840482e502fb6bc17711e1009535c64d1c723db3d79d5814c88202139c4fbc2b1daf340ab0a9b3640cb4f1a53c906fbf21298ec597317fac4f7d7841996f3a89f94caf7775f7e920e44f1523eb51f557838b4922cb34a3136b91df856dbe6302b63122bf2225494632eeb290161b5821801c985a576c5a776fcaf5f25ae4cd25bf34d9cccac6d9688917e8b203e2d6313595669b2fa51ce272d746ac2c7028dfa9bd20b66360ae88c34dc92d12c55d08fa8a3932cabdc359ac65dcc8c55428d493898b7b00d13ee5e8c09c1b6141ad3557f3348d0c5af306b8db97b9126ec4d0406d61d12e29559611c7abe8a7009cb2ecfafc1406e35e4b49b842dfce843649785f9e5b16140fc8ec877566917063dc28f210ef214cb8edcfd918b1cd3d761a57a51b27747d9208a0bd7b7b8f3a5f814e368cd7ff50477654703dd5355b4c51d5b677281ab616d4676d8d20accf7b6f35ce130c6de079743da52b437769791062f4a7c9c3c981b22a70fa80abbbca21037f66be3b5605cc0ae061e959412bcc450aa2bf77e094b4cc0ed8796ec3e95e3dd4895c1e0a1822481afe43fd629cadbcd8296e5c7e6c635b7782adbbc68e83455c80d1f6cbb2f0155da01b7a2d55da5dfae73f067c6c5d3c23909f6c09d49bdd1fad7f657cbc06e5729829c3a6894d6b2423045c99260be8eae27620e5e288103dde3ba4a43816165dfecb29725d6f7c2b57ab7a55413db364bd295a15fac1b4f1ee1f92092f047ad3f7ee4e664f438b9a0202e3edf946aed1752bf6a00f577d4bc69a8d5fc4a188bcb5dbb296578d7a53a0fbcb67a5b33d0c0a81d9504f2518f2d0ce1e10f239c90d07f5441c8c0f73c8a32607c9b1f0962eb5c0794da6958290b87f671bee5a443c9496c057e6d7c0477a1757eeba0280fc859e79b9005ce5d3d039e0e79cd432445061d8995dd2aadd4c0f54072b0c716d3ee9a5f2ca2038f60af4a30f81d7f52afce05c1ec944c4680bb2f74011f5eec7fdc626c25ee5e6e6553e9b50f3dc282225fb84392f83d0a6ec68363ed5352ede24ac0ca9e7cee2c1bf52a9797ba8d33f971ee649b59c4540e441ac433d0b63df8b0180868b57e9a55e22693dbefda3802d827d72ea9e4b306cfee0d0ff17d506ef693febaba746c0171e5dd6f4b222468a879acb705fb4df2ce4b3e2f5d66934a56cdc5f5934787677b7df19a2ff7b7fdbd9161f99b784a75df6e21de9eec13e739975b7e8b4f184a7c462b0a781c9bee072fdff57fe3aadc82cfcf9248f07bfb813d12fd9251e5d1f6967af651e82ced1bae9c61ad6035cfbeafff7cbf441bf650d2153f88390bde9a9efdd7b58b19ca0a6431f032d14d0cfcece34b1bc58ffaba8ac264fdcb42b2647090d1c1cd640a14707429ea3f09995cd2f3015bfdaf0ab84bf6d876d5869f2fa625e512d502d12120e995794971c301bc115dcd71065dd42d574dd0ae8c612db1d5f43425903eb053ee660d942d0e464aec59aeb11342f898c521ec7ade8bfd26b9cd7d48a7d30b31fc93906cb79c463a783e2edad14ccab6d7d53908d931ac198fbf90c3467ffcedf39bec55fd011f21d10576654389925ef10d15ea962b6f000012254b2c92cc20fc4fb744f03978bb26c0756533edad7230d46c549f138558cb1aabd4bcd9b6aba28ad5388cf48ead11d52921a9d50bb0b38fb23d8e42b0a0be231850149b4b919bd537c4c33e3e173a1ce0177676d29f3f9b495cddd5026eaac8ef5e8ed967c0082fe10143e428e25c31fad196bef2af0179f8477c0c386b4bc0448042b52841e0d30224a946956f19d6ac28a8f06c804d8b9809a9200e31b52edd1f21d463961aec9a172f4891a2b3f55220a56da11d78dcc57bf981f7fb59291b31d373fa3c2bbd5ff6e9a40f60130c206b2af194d5d07881bd87acc6ded132cb61d3423b2f5231998d161d4b714c5f76cebbf7980555a91a87abe028b2fcc0dfae671bb16a8d9af2c9f065197c0ff19076ba2226cbdab6c42345611f562b72e29acddb665a2935cfba476e5fc38729803e1f12a77ba035d25ca00771804840cde01f66666caa4e07fdb26db0d27f5c0f2b384e32a71026254f0e40856a22b2387b057ea6b194bf7ef3385fa4d201f3b96b590f1679bd9b81c6d3397ba2d8ae1a26bfb26d8f11aeda2d163bbc38e70b05607693883d81680d0e0344e59246ce61c6f3b3559d717f5de615a60cf17dd0f46c1adb5f25fa17b8ddca93b9227374c3b72bb9de1546621bce155653ebfcb527cb3b8cbef014a193e596184b344625e1223d4b127e6a49c2f3818969d73b9ea4d2bfa870927d23e026ef44cf21668085070d6b4a866b633e4795f12a150cab72f3f060b4768c7915d055ee8cd34a8d393749c554225e6b227bbf8c9b9794594cb3e698923e30623ea8ebf387ee8318ecc7be1b009a178d8bcf5dbf294385bea5116ab1c5577ac0389e29216db1e5a4a83bbe046e2ef6c86b158887fcab2a97176c69b3f0d68501131d06bdb870ecacc8754510bab80492d30eba61e68c7802d0c3fbca62201ec4ec6870c7dc7a5b005c19fbc2252412b82dd14c425b1fae27e6d83dc6529439badc3bbb1815b7ba6c2f8245829c6855dc19fbc1f27615536e4659751e69df8f3ea998db4dc29fac41356a8164cd9fc417c53d2c2b87640bf34e8a13a9cc5f0a03526c138fba1e0618bec5a6223e8a7f173b0f6e80e78216b9a12a74ae88c36330de37c88ded843e28dc4666eb9cdf34eb70fe75644e9fe06af86329dd9b249be029aa28866a6dc960bb20f622c8e570c9f055c63665d34ef9e7a7be56215644311537af86722504646c0d2d1b1c52f26c892904439e7da2751a635ee4cf49e4bbebb076a7de281d0d31e547d00e1a0c54bb5a8c65813f996deae788ec8c5beed6ef73162be12ecd45e2ef2a61370d6e26c29ed621995bd76a2b94672e69354a37083c11d1ac7dd2e7a2ec56e377e753b7ae149a60ea16ab74d889925bfb5903d6a2ec353d944fc36d94060ce2ad7a8e696cc0d39786a9aab1a1acfd09a14f08d225c88212bece336cba423d68473edf68e96812208137effb85d9a1064839a237f505a327a25bf7da70cde452c4cf257ffff48e1b79ea3a65f318d225dcb180c8d10616c19995c5c28c35af3b5c066e5dd3aa33925ea60c6d327ac866b4450850f0df9a9557cc54d400f41308dd8cb98278aa28da9b7ed076575d6de192a8cc073ddf179016e80adcad6429b2072eb50737ab3d113f72816ac1187eda0f3f7c4afca74e135404588535a9038887a3e879a64d333f6f66ed73574da0efb9b2cda7c5ebc044d27f0080a5ea99d65c60fdb54d91c30e7dd715e9530ba047bafce867d5b4d252d0d7c373ea1d9a4d1400ecd7e55d4e1cc90c5194318fd16f03cb3f7ad2dc87b012e1a906ca", 0x1000) r5 = syz_open_dev$vcsu(&(0x7f00000017c0), 0x0, 0x10903) sendmsg$BATADV_CMD_GET_ORIGINATORS(r5, &(0x7f0000001900)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000018c0)={&(0x7f0000001880)={0x34, 0x0, 0x300, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xadd}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}]}, 0x34}}, 0x24000000) 02:28:47 executing program 1: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r0, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x890}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x4}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1ff}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008801}, 0x40) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$BATADV_CMD_TP_METER_CANCEL(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r2, 0x200, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x1) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r1) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x54, r3, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x8000}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x4024084) syz_genetlink_get_family_id$batadv(&(0x7f0000000400), r1) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000480), r1) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x54, r4, 0x324, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x81}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x800}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x1f}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000010}, 0x4008000) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000600), r1) sendmsg$BATADV_CMD_SET_VLAN(r1, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, r5, 0x42ebb56ecb350eb9, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x40}]}, 0x1c}}, 0x0) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000700)) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ORIGINATORS(r6, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, r2, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x0) r7 = syz_io_uring_complete(0x0) write$snapshot(r7, &(0x7f0000000840)="3793d7c23605df77020c6c362d5f7dd9351a124ebb4299c64069ab6441895a92bb099b4150b3f2a5e8dcaffc4ada0edb09398191a157bcbf81c157a6881ad98986121ecb0d054bdf902e40e2bbd1", 0x4e) r8 = accept4(r7, &(0x7f00000008c0), &(0x7f0000000940)=0x80, 0x800) sendmsg$SMC_PNETID_GET(r8, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x74, 0x0, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'bridge_slave_1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'erspan0\x00'}]}, 0x74}, 0x1, 0x0, 0x0, 0x200480c1}, 0x40004) ioctl$SNAPSHOT_S2RAM(r7, 0x330b) 02:28:47 executing program 2: ioctl$SNAPSHOT_PLATFORM_SUPPORT(0xffffffffffffffff, 0x330f, 0x4) ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, &(0x7f0000000000)) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0xff) ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, &(0x7f0000000040)) read$snapshot(0xffffffffffffffff, &(0x7f0000000080)=""/244, 0xf4) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000180)) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x103200, 0x0) ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, &(0x7f0000000200)) read$snapshot(r0, &(0x7f0000000240)=""/255, 0xff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000340), 0x8c948cc953f97b23, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x8) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, &(0x7f0000000380)) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r0, 0x3312, 0x8) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x3c040, 0x0) sendmsg$BATADV_CMD_TP_METER(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x3c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x800}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000044}, 0x400c000) r3 = syz_io_uring_complete(0x0) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r3, 0x80083313, &(0x7f0000000500)) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x7d, 0x1, {0x0, 0x50, 0xfffb, 0x4, {0x20, 0x2, 0x2}, 0x3000000, 0x0, 0x8, 0x0, 0xe, '/dev/snapshot\x00', 0x3, '\x1d])', 0xa, '/dev/zero\x00', 0x2, '\\!'}}, 0x57) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(0xffffffffffffffff, 0x80083313, &(0x7f00000005c0)) [ 132.277210] audit: type=1400 audit(1745461728.006:7): avc: denied { execmem } for pid=284 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 02:28:48 executing program 3: r0 = semget(0x2, 0x4, 0x40) semctl$SEM_STAT_ANY(r0, 0x0, 0x14, &(0x7f0000000000)=""/55) semctl$SEM_STAT(r0, 0x1, 0x12, &(0x7f0000000040)=""/166) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000100)=""/111) r1 = semget(0x0, 0x2, 0xa0) semctl$SEM_STAT(r1, 0x0, 0x12, &(0x7f0000000180)=""/4096) semctl$GETVAL(r0, 0x2, 0xc, &(0x7f0000001180)=""/4096) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40485404, &(0x7f0000002180)={{0x2, 0x1, 0x7fff, 0x3, 0x3}, 0x3, 0x5}) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000002200)=""/185) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000022c0)=[0xfffa, 0x1f, 0xffff, 0xb3, 0xfffe]) semctl$GETNCNT(r1, 0x0, 0xe, &(0x7f0000002300)=""/235) semctl$IPC_INFO(r1, 0x4, 0x3, &(0x7f0000002400)=""/27) semctl$GETNCNT(r1, 0x5, 0xe, &(0x7f0000002440)=""/6) accept$packet(0xffffffffffffffff, &(0x7f0000002600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000002640)=0x14) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000002680)={r2, 0x1, 0x6, @multicast}, 0x10) r3 = semget(0x1, 0x1, 0x0) semctl$SEM_STAT(r3, 0x2, 0x12, &(0x7f00000026c0)=""/218) semget(0x1, 0x1, 0x1c0) ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0) semget(0x3, 0x3, 0x4) 02:28:48 executing program 4: write$P9_RSTATFS(0xffffffffffffffff, &(0x7f0000000000)={0x43, 0x9, 0x2, {0x3, 0x3, 0x7, 0x0, 0x5, 0x4, 0x3, 0x4, 0x9}}, 0x43) r0 = syz_io_uring_complete(0x0) write$P9_RREMOVE(r0, &(0x7f0000000080)={0x7, 0x7b, 0x1}, 0x7) write$P9_RMKDIR(r0, &(0x7f00000000c0)={0x14, 0x49, 0x1, {0x8, 0x1, 0x6}}, 0x14) r1 = syz_open_dev$vcsu(&(0x7f0000000100), 0x8, 0x0) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r0) sendmsg$BATADV_CMD_SET_HARDIF(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x3c, r2, 0x0, 0x70bd2a, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x7}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x80d4) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0x208000, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, 0x0, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x4000010) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x64, r2, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1ff}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x8001}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x64}}, 0x0) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000500), 0x2001, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000640)={'batadv_slave_0\x00', 0x0}) sendmsg$BATADV_CMD_SET_HARDIF(r4, &(0x7f0000000700)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x3c, r2, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x86cf}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x60}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44}, 0x4040000) accept4$packet(r3, &(0x7f0000000840)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000880)=0x14, 0x80800) sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f0000000980)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x4c, r2, 0x4, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x8}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r6}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x80) ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r3, 0x40046210, &(0x7f00000009c0)) syz_genetlink_get_family_id$batadv(&(0x7f0000000a00), r0) recvfrom$packet(r4, &(0x7f0000000a40)=""/4096, 0x1000, 0x10000, &(0x7f0000001a40)={0x11, 0xd, r6, 0x1, 0xc, 0x6, @random="67a39999b7b5"}, 0x14) r7 = syz_io_uring_complete(0x0) write$P9_RLERROR(r7, &(0x7f0000001a80)={0xc, 0x7, 0x2, {0x3, '$)^'}}, 0xc) 02:28:48 executing program 5: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x100000) write$P9_RSTAT(r1, &(0x7f0000000040)={0x46, 0x7d, 0x2, {0x0, 0x3f, 0x9969, 0xb7f5, {0xa4, 0x1, 0x7}, 0x40000, 0xd5, 0x5, 0x8, 0x0, '', 0x0, '', 0xa, '(/,]}-#{\\@', 0x2, '@\xb8'}}, 0x46) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x2}, 0x7) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000100)={0x13, 0x7, 0x1, {0xa, '(/,]}-#{\\@'}}, 0x13) write$P9_ROPEN(r1, &(0x7f0000000140)={0x18, 0x71, 0x1, {{0x4, 0x4, 0x5}, 0x4}}, 0x18) write$P9_RVERSION(r1, &(0x7f0000000180)={0x15, 0x65, 0xffff, 0x0, 0x8, '9P2000.u'}, 0x15) write$P9_RFSYNC(r1, &(0x7f00000001c0)={0x7, 0x33, 0x2}, 0x7) r2 = syz_open_dev$vcsu(&(0x7f0000000200), 0x100000001, 0x20240) r3 = accept4$packet(r2, 0x0, &(0x7f0000000240), 0x80800) write$P9_RREADLINK(r1, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) write$P9_RFLUSH(r1, &(0x7f00000002c0)={0x7, 0x6d, 0x1}, 0x7) setsockopt$packet_drop_memb(r3, 0x107, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6, @random="bf513337587d"}, 0x10) r4 = syz_io_uring_complete(0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r4, 0xc018620b, &(0x7f0000000340)) r5 = syz_open_dev$vcsu(&(0x7f0000000380), 0x0, 0x3c5020) write$P9_RGETATTR(r5, &(0x7f00000003c0)={0xa0, 0x19, 0x2, {0x2800, {0x0, 0x4}, 0x1, 0xee01, 0x0, 0x401, 0x3ff, 0x0, 0x0, 0x5, 0x0, 0x80000000, 0x9, 0x9, 0xcbb, 0x5, 0xb6a1, 0x2, 0x8, 0x400}}, 0xa0) write$P9_RREMOVE(r5, &(0x7f0000000480)={0x7, 0x7b, 0x1}, 0x7) write$P9_RSTATu(r0, &(0x7f00000004c0)={0x5a, 0x7d, 0x2, {{0x0, 0x41, 0xff8f, 0x1, {0x2, 0x2, 0x4}, 0x14300000, 0x5, 0x3, 0x1b, 0x1, '\x00', 0x1, '!', 0x2, '$@', 0xa, '(/,]}-#{\\@'}, 0x4, '+()^', 0x0, 0xffffffffffffffff, 0xffffffffffffffff}}, 0x5a) ioctl$SNAPSHOT_CREATE_IMAGE(r5, 0x40043311, &(0x7f0000000540)) ioctl$BINDER_GET_NODE_DEBUG_INFO(r4, 0xc018620b, &(0x7f0000000580)={0x3}) 02:28:48 executing program 6: semctl$SEM_STAT(0xffffffffffffffff, 0x3, 0x12, &(0x7f0000000000)=""/76) r0 = geteuid() semctl$IPC_SET(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)={{0x2, r0, 0xee00, 0xee00, 0xee01, 0x0, 0x8}, 0x7f, 0x6, 0x0, 0x0, 0x0, 0x0, 0x9}) r1 = semget(0x3, 0x0, 0x100) semctl$GETVAL(r1, 0x4, 0xc, &(0x7f0000000180)=""/195) ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1) write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f0000000280)={0xf, 0x1f, 0x1, 0x42337e51}, 0xf) write$P9_RLINK(0xffffffffffffffff, &(0x7f00000002c0)={0x7, 0x47, 0x1}, 0x7) semctl$SEM_STAT(r1, 0x1, 0x12, &(0x7f0000000300)=""/206) r2 = semget(0x0, 0x3, 0x20) semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000400)=[0x9ac, 0x2, 0x80, 0x8, 0xfff8]) r3 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r3, &(0x7f0000000440)=""/103, 0x67, 0x3, &(0x7f00000004c0)={0x11, 0x1c, 0x0, 0x1, 0x7, 0x6, @remote}, 0x14) semctl$IPC_INFO(r1, 0x0, 0x3, &(0x7f0000000500)=""/116) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xb, 0x10010, 0xffffffffffffffff, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x118, &(0x7f0000000580)=0xdd1, 0x0, 0x4) r5 = semget(0x3, 0x3, 0x300) semctl$GETALL(r5, 0x0, 0xd, &(0x7f00000005c0)=""/97) semctl$SEM_STAT(r5, 0x3, 0x12, &(0x7f0000000640)=""/4096) semget(0x1, 0x0, 0x400) 02:28:48 executing program 7: r0 = syz_io_uring_complete(0x0) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000000)={0x1, 0x9}) r1 = fork() wait4(r1, &(0x7f0000000040), 0x1, 0x0) r2 = syz_io_uring_complete(0x0) r3 = getpgrp(r1) wait4(r3, &(0x7f0000000080), 0x8, &(0x7f00000000c0)) r4 = syz_open_dev$vcsu(&(0x7f0000000180), 0x739, 0x220000) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r4, 0x54a3) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x8800) write$P9_RREMOVE(r5, &(0x7f0000000200)={0x7, 0x7b, 0x1}, 0x7) r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000280), r0) sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x58, r6, 0x400, 0x70bd26, 0x25dfdbff, {}, [@SEG6_ATTR_SECRET={0xc, 0x4, [0x7fff, 0x50a]}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x2, 0x9, 0xffff, 0x7]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x80}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x1f}, @SEG6_ATTR_SECRET={0x4}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x0) fork() r7 = add_key$fscrypt_v1(&(0x7f00000003c0), &(0x7f0000000400)={'fscrypt:', @desc2}, &(0x7f0000000440)={0x0, "b4dc1a2a8af094291ff13eb6c7e76b29191ad5f1464c48ce4dcaa879fc29cf8e70a0227b089fd5c4341ea25e78459c98df5e3ce0ec03c3faa96e44f77b19d9f0", 0x18}, 0x48, 0xfffffffffffffffb) keyctl$update(0x2, r7, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x3) request_key(&(0x7f00000004c0)='id_resolver\x00', &(0x7f0000000500)={'syz', 0x0}, &(0x7f0000000540)='SEG6\x00', 0xfffffffffffffffe) r8 = syz_io_uring_complete(0x0) sendmsg$SEG6_CMD_DUMPHMAC(r8, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x38, 0x0, 0x2, 0x70bd27, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DST={0x14, 0x1, @loopback}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x9}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) [ 133.724272] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 133.735007] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 133.737719] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 133.741053] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 133.744058] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 133.751888] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 133.759519] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 133.768152] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 133.770056] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 133.776116] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 133.831524] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 133.838954] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 133.853232] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 133.862856] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 133.871669] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 133.874110] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 133.877226] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 133.879744] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 133.881973] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 133.890642] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 133.893297] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 133.897602] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 133.900165] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 133.906015] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 133.907470] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 133.908914] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 133.910735] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 133.914407] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 133.926674] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 133.932164] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 133.949852] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 133.953463] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 133.966692] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 133.967372] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 133.979841] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 133.990535] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 133.995950] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 134.022001] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 134.055891] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 134.060811] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 135.861372] Bluetooth: hci1: command tx timeout [ 135.862408] Bluetooth: hci0: command tx timeout [ 135.988715] Bluetooth: hci5: command tx timeout [ 135.989336] Bluetooth: hci2: command tx timeout [ 136.053620] Bluetooth: hci3: command tx timeout [ 136.054195] Bluetooth: hci4: command tx timeout [ 136.116722] Bluetooth: hci7: command tx timeout [ 136.117311] Bluetooth: hci6: command tx timeout [ 137.908677] Bluetooth: hci0: command tx timeout [ 137.909136] Bluetooth: hci1: command tx timeout [ 138.036722] Bluetooth: hci5: command tx timeout [ 138.037141] Bluetooth: hci2: command tx timeout [ 138.100682] Bluetooth: hci4: command tx timeout [ 138.101093] Bluetooth: hci3: command tx timeout [ 138.164679] Bluetooth: hci6: command tx timeout [ 138.165092] Bluetooth: hci7: command tx timeout [ 139.956753] Bluetooth: hci1: command tx timeout [ 139.957232] Bluetooth: hci0: command tx timeout [ 140.085539] Bluetooth: hci2: command tx timeout [ 140.086012] Bluetooth: hci5: command tx timeout [ 140.148931] Bluetooth: hci3: command tx timeout [ 140.149371] Bluetooth: hci4: command tx timeout [ 140.213111] Bluetooth: hci7: command tx timeout [ 140.213548] Bluetooth: hci6: command tx timeout [ 142.006634] Bluetooth: hci1: command tx timeout [ 142.007123] Bluetooth: hci0: command tx timeout [ 142.132807] Bluetooth: hci5: command tx timeout [ 142.133281] Bluetooth: hci2: command tx timeout [ 142.197057] Bluetooth: hci4: command tx timeout [ 142.197521] Bluetooth: hci3: command tx timeout [ 142.261209] Bluetooth: hci6: command tx timeout [ 142.261692] Bluetooth: hci7: command tx timeout [ 194.004959] syz-executor.6 (298) used greatest stack depth: 24008 bytes left [ 196.238421] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 196.248614] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 196.253953] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 196.262092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 196.269079] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 196.377084] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 196.385622] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 196.390164] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 196.400955] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 196.408460] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 196.416136] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 196.428521] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 196.432904] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 196.459131] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 196.467192] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 196.584008] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 196.618097] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 196.625812] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 196.642680] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 196.649991] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 196.692699] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 196.711515] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 196.727379] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 196.747976] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 196.754169] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 196.761290] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 196.766269] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 196.769813] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 196.774038] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 196.774323] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 196.778543] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 196.805188] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 196.816244] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 196.818082] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 196.825945] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 196.841195] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 196.848098] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 196.858386] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 196.861343] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 196.897347] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 198.324687] Bluetooth: hci0: command tx timeout [ 198.517621] Bluetooth: hci1: command tx timeout [ 198.580719] Bluetooth: hci2: command tx timeout [ 198.708981] Bluetooth: hci3: command tx timeout [ 198.900719] Bluetooth: hci4: command tx timeout [ 198.964853] Bluetooth: hci6: command tx timeout [ 198.965776] Bluetooth: hci5: command tx timeout [ 199.028696] Bluetooth: hci7: command tx timeout [ 200.372757] Bluetooth: hci0: command tx timeout [ 200.564688] Bluetooth: hci1: command tx timeout [ 200.628674] Bluetooth: hci2: command tx timeout [ 200.756686] Bluetooth: hci3: command tx timeout [ 200.948961] Bluetooth: hci4: command tx timeout [ 201.014606] Bluetooth: hci6: command tx timeout [ 201.015096] Bluetooth: hci5: command tx timeout [ 201.076802] Bluetooth: hci7: command tx timeout [ 202.420847] Bluetooth: hci0: command tx timeout [ 202.612901] Bluetooth: hci1: command tx timeout [ 202.676847] Bluetooth: hci2: command tx timeout [ 202.804663] Bluetooth: hci3: command tx timeout [ 202.996741] Bluetooth: hci4: command tx timeout [ 203.060806] Bluetooth: hci5: command tx timeout [ 203.061287] Bluetooth: hci6: command tx timeout [ 203.124805] Bluetooth: hci7: command tx timeout [ 204.469733] Bluetooth: hci0: command tx timeout [ 204.660683] Bluetooth: hci1: command tx timeout [ 204.724663] Bluetooth: hci2: command tx timeout [ 204.853612] Bluetooth: hci3: command tx timeout [ 205.045663] Bluetooth: hci4: command tx timeout [ 205.108810] Bluetooth: hci6: command tx timeout [ 205.109291] Bluetooth: hci5: command tx timeout [ 205.172667] Bluetooth: hci7: command tx timeout [ 258.769225] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 258.777304] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 258.781854] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 258.789516] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 258.797198] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 258.892848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 258.898195] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 258.913848] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 258.925480] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 258.928063] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 258.933808] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 258.951054] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 258.961394] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 258.978970] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 258.990618] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 259.038992] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 259.042808] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 259.045267] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 259.050545] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 259.059123] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 259.065540] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 259.092776] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 259.110099] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 259.116866] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 259.124148] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 259.138400] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 259.141242] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 259.160100] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 259.162349] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 259.165775] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 259.170835] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 259.181705] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 259.196067] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 259.258066] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 259.263052] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 259.338165] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 259.358002] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 259.373348] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 259.407015] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 259.410439] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 260.853029] Bluetooth: hci0: command tx timeout [ 261.044745] Bluetooth: hci2: command tx timeout [ 261.045648] Bluetooth: hci1: command tx timeout [ 261.300655] Bluetooth: hci3: command tx timeout [ 261.428667] Bluetooth: hci6: command tx timeout [ 261.492659] Bluetooth: hci7: command tx timeout [ 261.556869] Bluetooth: hci5: command tx timeout [ 261.557501] Bluetooth: hci4: command tx timeout [ 262.902083] Bluetooth: hci0: command tx timeout [ 263.093640] Bluetooth: hci1: command tx timeout [ 263.094134] Bluetooth: hci2: command tx timeout [ 263.348634] Bluetooth: hci3: command tx timeout [ 263.478684] Bluetooth: hci6: command tx timeout [ 263.541682] Bluetooth: hci7: command tx timeout [ 263.605955] Bluetooth: hci4: command tx timeout [ 263.606429] Bluetooth: hci5: command tx timeout [ 264.949815] Bluetooth: hci0: command tx timeout [ 265.140682] Bluetooth: hci2: command tx timeout [ 265.141187] Bluetooth: hci1: command tx timeout [ 265.396688] Bluetooth: hci3: command tx timeout [ 265.524629] Bluetooth: hci6: command tx timeout [ 265.588933] Bluetooth: hci7: command tx timeout [ 265.652719] Bluetooth: hci5: command tx timeout [ 265.653284] Bluetooth: hci4: command tx timeout [ 266.996658] Bluetooth: hci0: command tx timeout [ 267.189672] Bluetooth: hci1: command tx timeout [ 267.190526] Bluetooth: hci2: command tx timeout [ 267.444707] Bluetooth: hci3: command tx timeout [ 267.574631] Bluetooth: hci6: command tx timeout [ 267.636724] Bluetooth: hci7: command tx timeout [ 267.703113] Bluetooth: hci4: command tx timeout [ 267.704093] Bluetooth: hci5: command tx timeout [ 322.187092] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 322.193890] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 322.200400] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 322.217192] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 322.222445] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 322.317992] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 322.321037] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 322.331141] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 322.346315] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 322.354437] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 322.403856] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 322.407874] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 322.412790] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 322.419059] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 322.432702] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 322.446408] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 322.451199] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 322.455185] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 322.466137] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 322.473213] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 322.541287] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 322.568731] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 322.615513] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 322.625390] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 322.629461] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 322.635121] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 322.647441] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 322.653099] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 322.674249] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 322.681873] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 322.785783] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 322.791295] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 322.810971] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 322.823099] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 322.842122] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 323.733750] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 323.755154] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 323.763148] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 323.812948] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 323.840895] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 324.276746] Bluetooth: hci0: command tx timeout [ 324.405251] Bluetooth: hci1: command tx timeout [ 324.598615] Bluetooth: hci2: command tx timeout [ 324.598860] Bluetooth: hci3: command tx timeout [ 324.788662] Bluetooth: hci5: command tx timeout [ 324.852650] Bluetooth: hci4: command tx timeout [ 324.917645] Bluetooth: hci6: command tx timeout [ 325.940919] Bluetooth: hci7: command tx timeout [ 326.324638] Bluetooth: hci0: command tx timeout [ 326.453793] Bluetooth: hci1: command tx timeout [ 326.644653] Bluetooth: hci3: command tx timeout [ 326.647616] Bluetooth: hci2: command tx timeout [ 326.836645] Bluetooth: hci5: command tx timeout [ 326.901270] Bluetooth: hci4: command tx timeout [ 326.964666] Bluetooth: hci6: command tx timeout [ 327.990608] Bluetooth: hci7: command tx timeout [ 328.372710] Bluetooth: hci0: command tx timeout [ 328.500897] Bluetooth: hci1: command tx timeout [ 328.692794] Bluetooth: hci2: command tx timeout [ 328.693101] Bluetooth: hci3: command tx timeout [ 328.884810] Bluetooth: hci5: command tx timeout [ 328.948778] Bluetooth: hci4: command tx timeout [ 329.012665] Bluetooth: hci6: command tx timeout [ 330.036938] Bluetooth: hci7: command tx timeout [ 330.422590] Bluetooth: hci0: command tx timeout [ 330.548940] Bluetooth: hci1: command tx timeout [ 330.740918] Bluetooth: hci3: command tx timeout [ 330.742590] Bluetooth: hci2: command tx timeout [ 330.932686] Bluetooth: hci5: command tx timeout [ 330.996849] Bluetooth: hci4: command tx timeout [ 331.062669] Bluetooth: hci6: command tx timeout [ 332.086612] Bluetooth: hci7: command tx timeout [ 384.460354] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 384.470219] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 384.473059] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 384.497439] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 384.504214] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 384.649181] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 384.654244] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 384.657292] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 384.666952] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 384.673148] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 384.737050] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 384.754918] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 384.761058] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 384.787255] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 384.790499] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 384.798081] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 384.803041] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 384.809294] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 384.811055] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 384.821349] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 384.851040] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 384.863439] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 384.868151] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 384.897854] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 384.904470] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 384.907247] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 384.915001] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 384.931306] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 384.955372] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 384.982267] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 385.131915] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 385.159841] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 385.202972] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 385.207890] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 385.211692] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 385.409040] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 385.457217] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 385.555241] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 385.595440] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 385.683814] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 386.548984] Bluetooth: hci0: command tx timeout [ 386.740669] Bluetooth: hci1: command tx timeout [ 386.932667] Bluetooth: hci2: command tx timeout [ 386.933953] Bluetooth: hci3: command tx timeout [ 386.996913] Bluetooth: hci4: command tx timeout [ 387.124815] Bluetooth: hci5: command tx timeout [ 387.252895] Bluetooth: hci6: command tx timeout [ 387.765645] Bluetooth: hci7: command tx timeout [ 388.596736] Bluetooth: hci0: command tx timeout [ 388.788643] Bluetooth: hci1: command tx timeout [ 388.980704] Bluetooth: hci3: command tx timeout [ 388.981181] Bluetooth: hci2: command tx timeout [ 389.044807] Bluetooth: hci4: command tx timeout [ 389.172653] Bluetooth: hci5: command tx timeout [ 389.300666] Bluetooth: hci6: command tx timeout [ 389.813300] Bluetooth: hci7: command tx timeout [ 390.644749] Bluetooth: hci0: command tx timeout [ 390.836628] Bluetooth: hci1: command tx timeout [ 391.028877] Bluetooth: hci3: command tx timeout [ 391.029355] Bluetooth: hci2: command tx timeout [ 391.093588] Bluetooth: hci4: command tx timeout [ 391.222687] Bluetooth: hci5: command tx timeout [ 391.348875] Bluetooth: hci6: command tx timeout [ 391.860669] Bluetooth: hci7: command tx timeout [ 392.692656] Bluetooth: hci0: command tx timeout [ 392.885009] Bluetooth: hci1: command tx timeout [ 393.077611] Bluetooth: hci3: command tx timeout [ 393.078083] Bluetooth: hci2: command tx timeout [ 393.140790] Bluetooth: hci4: command tx timeout [ 393.269628] Bluetooth: hci5: command tx timeout [ 393.396630] Bluetooth: hci6: command tx timeout [ 393.908636] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 02:33:52 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=00007fa24e5ca000 RCX=ffffffff84a84904 RDX=1ffff11005fa9f4a RSI=00007fa24e5ca000 RDI=000055f823971000 RBP=ffff88802fd4f910 RSP=ffff88802fd4f818 R8 =0000000000000000 R9 =fffffbfff0c81dc2 R10=0000000000000001 R11=0000000000000000 R12=ffff88802fd4f934 R13=000055f823971000 R14=ffff88802fd4fa87 R15=ffff88802fd4fa48 RIP=ffffffff8172e7d8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e564e000 00000000 00000000 LDT=0000 fffffe5e00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007efd75b618b0 CR3=0000000032006000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000ff0000000000000000000000ff00 XMM01=ffff00ffffffffffffffffffffff00ff XMM02=4c4700362e322e325f4342494c470035 XMM03=00000000000000000000000000470035 XMM04=4342494c4700362e322e325f4342494c XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000005 RBX=ffff88802fcd9bc0 RCX=0000000000000200 RDX=c9c2742b0cf03f0b RSI=ffff88802fcda668 RDI=ffff88802fcda668 RBP=0000000000000000 RSP=ffff888027e17850 R8 =0000000000000002 R9 =0000000000000000 R10=0000000000000000 R11=00000000000c3c42 R12=ffff88802fcda668 R13=0000000000000000 R14=0000000000000002 R15=ffff88802fcda618 RIP=ffffffff81511da3 RFL=00000007 [-----PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e574e000 00000000 00000000 LDT=0000 fffffe2400000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f637874c288 CR3=0000000028204000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=6f732e616d7a6c62696c2f756e672d78 XMM02=00352e6f732e616d7a6c62696c2f756e XMM03=672d78756e696c2d34365f3638782f62 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000