Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:22891' (ECDSA) to the list of known hosts. 2025/06/23 01:09:34 fuzzer started 2025/06/23 01:09:34 dialing manager at localhost:33119 syzkaller login: [ 101.430464] cgroup: Unknown subsys name 'net' [ 101.586783] cgroup: Unknown subsys name 'cpuset' [ 101.625271] cgroup: Unknown subsys name 'rlimit' 2025/06/23 01:09:49 syscalls: 200 2025/06/23 01:09:49 code coverage: enabled 2025/06/23 01:09:49 comparison tracing: enabled 2025/06/23 01:09:49 extra coverage: enabled 2025/06/23 01:09:49 setuid sandbox: enabled 2025/06/23 01:09:49 namespace sandbox: enabled 2025/06/23 01:09:49 Android sandbox: enabled 2025/06/23 01:09:49 fault injection: enabled 2025/06/23 01:09:49 leak checking: enabled 2025/06/23 01:09:49 net packet injection: enabled 2025/06/23 01:09:49 net device setup: enabled 2025/06/23 01:09:49 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/06/23 01:09:49 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/06/23 01:09:49 USB emulation: enabled 2025/06/23 01:09:49 hci packet injection: enabled 2025/06/23 01:09:49 wifi device emulation: enabled 2025/06/23 01:09:49 802.15.4 emulation: enabled 2025/06/23 01:09:49 fetching corpus: 0, signal 0/0 (executing program) 2025/06/23 01:09:50 starting 8 fuzzer processes 01:09:50 executing program 0: getsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, &(0x7f0000000000), &(0x7f0000000040)=0x4) socketpair(0xa, 0xa, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f00000000c0)=0x5, &(0x7f0000000100)=0x2) ioctl$SCSI_IOCTL_SYNC(0xffffffffffffffff, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) ioctl$SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x2272, &(0x7f0000000180)) socketpair(0x18, 0x4, 0x9, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$bt_hci_HCI_FILTER(r2, 0x0, 0x2, &(0x7f0000000200)={0x3, [0x5, 0xff], 0xfe}, 0x10) r3 = syz_open_dev$vcsn(&(0x7f0000000240), 0x9, 0x62082) setsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f0000000280)=0x1, 0x4) fsmount(r3, 0x0, 0x3) socket$inet6_udp(0xa, 0x2, 0x0) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_RCVMTU(r4, 0x112, 0xd, &(0x7f00000002c0)=0x7c00, 0x2) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000008}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x3c, r5, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x81}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44050}, 0x20000014) ioctl$BINDER_SET_CONTEXT_MGR(r3, 0x40046207, 0x0) r6 = syz_open_dev$vcsn(&(0x7f0000000440), 0x2, 0x204801) ioctl$CDROMREADMODE1(r6, 0x530d, &(0x7f0000000480)={0x7f, 0x4, 0x1, 0x0, 0x0, 0xf7}) 01:09:50 executing program 1: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, &(0x7f0000000000)={0x7, 0x40, 0x1, 0x8, 0x8, 0x6d}) ioctl$CDROMEJECT_SW(0xffffffffffffffff, 0x530f, 0x0) r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000a80), 0x212602, 0x0) ioctl$CDROMRESET(r0, 0x5312) ioctl$CDROMPAUSE(r0, 0x5301) ioctl$CDROMREADRAW(r0, 0x5314, &(0x7f0000000ac0)={0x9, 0x0, 0x6, 0x5, 0x9, 0x8}) ioctl$CDROMPLAYBLK(r0, 0x5317, &(0x7f0000001540)={0x4, 0x8}) ioctl$CDROMPLAYMSF(r0, 0x5303, &(0x7f0000001580)={0x0, 0x4, 0x3f, 0x3f, 0x92, 0x38}) r1 = openat$null(0xffffffffffffff9c, &(0x7f00000015c0), 0x200000, 0x0) ioctl$CDROMEJECT(r1, 0x5309) ioctl$CDROMGETSPINDOWN(r1, 0x531d, &(0x7f0000001600)) ioctl$CDROMPAUSE(r1, 0x5301) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000001640), 0x501080, 0x0) ioctl$CDROMEJECT_SW(r0, 0x530f, 0x1) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000001680)={0xde, 0x1f, 0x8, "51dda3842455f619b3b3107121b00bdbec23acef18f160ab570789de025101b433a573212cd438ec147e765a747cd24b53deeca9a64aa1ce352e5fbda547e44d1d89a9b8c463a8721fb362cc49753da5bec1ba1486069346b1e31297345ee72ee6bb053796f1dae9887d34fed76ebc114fcdec9d971b0172b9e83b7de0735a9fbe7a3b5b22aec99f382b87c424dd763a0f0234ec86a0d0e43f5d183c5d3c4fbaeb6f7035e711536c5435eb3f19f01943ace92ce198ea90ae8a24d04ef1a0886726d1d5b5f8a542b33d5ae4493537e33aa0e57edec4ef958cf5deadb55b99"}) ioctl$CDROM_SELECT_DISK(r2, 0x5322, 0x9) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r1, 0x2) ioctl$SCSI_IOCTL_SYNC(r1, 0x4) r3 = fsmount(r1, 0x0, 0x8e) ioctl$DVD_WRITE_STRUCT(r3, 0x5390, &(0x7f0000001780)) 01:09:50 executing program 2: ioctl$SCSI_IOCTL_DOORLOCK(0xffffffffffffffff, 0x5380) ioctl$SCSI_IOCTL_TEST_UNIT_READY(0xffffffffffffffff, 0x2) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0) ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r0, 0x5386, &(0x7f0000000040)) r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) ioctl$SG_GET_SCSI_ID(r1, 0x2276, &(0x7f00000000c0)) ioctl$SG_SET_COMMAND_Q(r0, 0x2271, &(0x7f0000000100)) socketpair(0x21, 0x2, 0x177ac00, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000000180), 0x2) ioctl$SG_NEXT_CMD_LEN(r1, 0x2283, &(0x7f00000001c0)=0x5f) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000240)={{{@in=@dev, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@remote}}, &(0x7f0000000340)=0xe8) sendmsg$GTP_CMD_NEWPDP(r2, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_I_TEI={0x8, 0x8, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x20044181) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$gtp(&(0x7f0000000480), r2) r7 = openat$null(0xffffffffffffff9c, &(0x7f00000004c0), 0x28000, 0x0) sendmsg$GTP_CMD_NEWPDP(r5, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x2c, r6, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_NET_NS_FD={0x8, 0x7, r7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80c0}, 0x240088c0) r8 = syz_open_dev$vcsn(&(0x7f00000005c0), 0x2, 0x1) ioctl$SG_IO(r8, 0x2285, &(0x7f0000000c40)={0x0, 0xfffffffffffffffc, 0xbc, 0x9, @scatter={0x7, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000600)=""/121, 0x79}, {&(0x7f0000000680)=""/243, 0xf3}, {&(0x7f0000000780)=""/77, 0x4d}, {&(0x7f0000000800)=""/244, 0xf4}, {&(0x7f0000000900)=""/5, 0x5}, {&(0x7f0000000940)=""/58, 0x3a}, {&(0x7f0000000980)=""/143, 0x8f}]}, &(0x7f0000000ac0)="ea24a67976968f1080e401eda05aa81535075ef0a8d00f2709544980db9911d3837bbc1167f527a99cadc525192ca411eb9fbd4ae887009f4ce099e687b1ae92321988a42834d68ec0f50b91fd892f0ea520a515a07a5678e058ababe004b0ce791c935dde8c76e5fda0be68a90c38b16704c292dd7233cbcdd48317bf0d4488bea5a2958505d9335af4235009de4360cb1ee6c81e256aa4b9643e07a36ed5d4bfe117728f7741f87e0db8024eebab19848704aca3efe41971d33484", &(0x7f0000000b80)=""/66, 0x3, 0x0, 0x1, &(0x7f0000000c00)}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000cc0)={'batadv_slave_1\x00'}) [ 117.289991] audit: type=1400 audit(1750640990.931:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 01:09:50 executing program 3: ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, &(0x7f0000000000)) r0 = syz_open_dev$sg(&(0x7f0000000040), 0x6, 0x40000) ioctl$SG_IO(r0, 0x2285, &(0x7f0000001200)={0x53, 0xecd082ff4657d199, 0xdd, 0xf6, @buffer={0x0, 0x35, &(0x7f0000000080)=""/53}, &(0x7f00000000c0)="1a18df20f51ab6b2b58d1b8d7f0dc3dc43c7c46f591321848f6b79bfcac279c377dc4af00ed2995c8729c8e371c5674dc641f5cf974d1ce0b122baf27fbbed428b4851a1d4eba41e74c4c8fdd2036ba45ab3ca86636b905e16c7ea0988f4ecae4b8a620a9d54e853d64691010ecf00dc80d86a71f8806342e5604550b70bcf1133e064722bd524f67424efb5e0eada8ca9f6a6b6ab44aadc4cf29c5f41bb514212bb6267411fe8f82271026294e7c7da438e7f24bd3ec44c58e2424c2683f9c0565f99eb366c45d0c5a95510e4915e7c7710ad7605e685248e1e7e76e4", &(0x7f00000001c0)=""/4096, 0x7, 0x2, 0x0, &(0x7f00000011c0)}) ioctl$SG_GET_KEEP_ORPHAN(r0, 0x2288, &(0x7f0000001280)) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000012c0)) ioctl$SG_GET_KEEP_ORPHAN(r0, 0x2288, &(0x7f0000001300)) r1 = syz_open_dev$vcsn(&(0x7f0000001340), 0x0, 0x4000) ioctl$SG_GET_PACK_ID(r1, 0x227c, &(0x7f0000001380)) ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x5380) ioctl$SG_EMULATED_HOST(r1, 0x2203, &(0x7f00000013c0)) ioctl$SG_SET_DEBUG(r1, 0x227e, &(0x7f0000001400)=0x1) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000001440)='/dev/sg#\x00', 0x0, r0) ioctl$SG_NEXT_CMD_LEN(r0, 0x2283, &(0x7f0000001480)=0xf) r2 = socket$inet(0x2, 0xa, 0xcbb) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000014c0)='\x18\x00', 0x0, r2) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r1, 0x1, 0x2) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000001600)={0x10, 0x0, &(0x7f0000001500)=[@acquire={0x40046305, 0x1}, @acquire], 0xbf, 0x0, &(0x7f0000001540)="bd62fd2f72c2bd8b6d2d8c0cfeb385218afcf3eed6a1c9f70297e86ebbdc548ff06f8212776dd7e133651a0afd7cecc62b4dc1dcd14005f226730a00319c3cac99ab827630db8c71aa186620364aff2a804293d94d23752e081e98fbd335d811af0cf7ac2092553d7bd5a7db5b29beba7f773d65618487c61dbbdc466a001c93b740ad78caa442207cc226742aff3a7c015718ccb2efc8d9f9819f069d71938cb9e082de52fb7b6e62964deca44bafd75a536d8b524d6bec255867e5716c9d"}) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r0, 0x2) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000001740)={0x0, 0x3, 0xffffffffffffffff, 0x5}) 01:09:51 executing program 4: setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, &(0x7f0000000000), 0x4) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) ioctl$sock_bt_hci(r0, 0x400448de, &(0x7f0000000080)="1c1a27200abd220e5346fa519c6a54347c1a70dd76abf72a955fa4ef352ff44493c58811e8faa402410d0a82ef360bc4c42554791de57437e755e7a02c2d87c7959bb9976136d1b6855ffa9857ac0b6b8654b62267983fff7ca8fecb0415636db135edb1f67e584ede9884f734fbbac529c28fcf5c0f69690583c7714f1651d1b5d32282e45da9e19d5d0e8e7f") fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000140)='\x00', &(0x7f0000000180)="ea7f24f3265efa887cb6180f21b5aad08478d0d7e8b5c650cc466e6b4974ba5ade873d5df64b261dbcde57c5ec9f9cbc27cf2c91572b080f81b9cc02a47e446592945772c938dca6f22b0e914c7391ce3f16946e8e0df4f5e85209f40efd16748c2d3ae193a34efb74aca786dc9a297adc5b2784b3d93f5d08907e35aaae64b7063d06e58f9ccdfe7756a22fe3634fccb1972453a58d55a36758346225a0c576b409b1a961fbb71b8bfaad300ad1bae0f8a1167beb56db23f4d8bd58337170e048d6f5a5099a972470c886385d64f5e177e9f3922d70fad3894561218d1d044ea24e3efc45", 0xe5) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_NEWPDP(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x38, 0x0, 0x8, 0x70bd28, 0x25dfdbfe, {}, [@GTPA_FLOW={0x6}, @GTPA_O_TEI={0x8, 0x9, 0x3}, @GTPA_I_TEI={0x8}, @GTPA_TID={0xc, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x20008040}, 0x24000040) r2 = syz_open_dev$vcsn(&(0x7f00000003c0), 0x243f356a, 0x420) r3 = syz_genetlink_get_family_id$gtp(&(0x7f0000000380), r2) ioctl$CDROMGETSPINDOWN(r2, 0x531d, &(0x7f0000000400)) r4 = syz_open_dev$sg(&(0x7f0000000440), 0x6, 0x24b00) ioctl$SG_GET_TIMEOUT(r4, 0x2202, 0x0) r5 = open$dir(&(0x7f0000000480)='./file0\x00', 0x8c01, 0x4) statx(r5, &(0x7f00000004c0)='./file0\x00', 0x2000, 0x200, &(0x7f0000000500)) r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000600), 0x224940, 0x0) sendmsg$GTP_CMD_DELPDP(r6, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x48, r3, 0x100, 0x70bd2b, 0x25dfdbfd, {}, [@GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_MS_ADDRESS={0x8, 0x5, @empty}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_O_TEI={0x8, 0x9, 0x3}, @GTPA_TID={0xc, 0x3, 0x1}, @GTPA_LINK={0x8}]}, 0x48}, 0x1, 0x0, 0x0, 0x20040844}, 0x20040044) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$l2tp(&(0x7f0000000780), r7) openat$null(0xffffffffffffff9c, &(0x7f00000007c0), 0x80080, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r6, 0x4, &(0x7f0000000800)='/dev/vcs#\x00', &(0x7f0000000840)='./file0\x00', 0xffffffffffffff9c) io_uring_setup(0x1431, &(0x7f0000000980)={0x0, 0xd36d, 0x4, 0x2, 0x34c}) 01:09:51 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x8800, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x40100, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x8010, r1, 0x0) setsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000080)=0x8, 0x2) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f00000000c0)=0x6, 0x4) setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000100)=0x3, 0x2) setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000140)=0x2, 0x4) r2 = fsmount(0xffffffffffffffff, 0x0, 0x6) getsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f0000000180)=0x2, &(0x7f00000001c0)=0x2) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_BT_RCVMTU(r3, 0x112, 0xd, &(0x7f0000000200)=0x1, 0x2) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$CDROMRESET(r2, 0x5312) ioctl$DVD_WRITE_STRUCT(r1, 0x5390, &(0x7f0000000240)=@bca={0x3, 0xbc, "5d35c2f2a333d2a747a01fb74e6e2eb4ed5a84b67c5af58f33313ce96448f060a505cf995027623d8bcbe9c7a600a9115d8e2f63b590e402208b30a18362fb91ff68394536e59d1a11895941552fd80d727c609fb867408ded3dc3992eb8fb273da8c1269b4225bf11010ab229d1c4c39fae626cd267cc55f49bc95c16773fb523676d8a53569c568e87165c73a44a2b8d61eb1e8226653afea0194d63ae8b568ce9c23b87a25f1e7a54216288f0ccdfb9e0a8231966e34eb14cd2b0"}) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000a80)='./binderfs2/binder1\x00', 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000ac0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000b00)={'batadv_slave_1\x00'}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000b40)={'batadv_slave_0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r2, 0x89f6, &(0x7f0000000c00)={'sit0\x00', &(0x7f0000000b80)={'ip6gre0\x00', r4, 0x4, 0x20, 0x3, 0x5, 0x0, @rand_addr=' \x01\x00', @remote, 0x8000, 0x1, 0x3537, 0x3ff}}) 01:09:51 executing program 6: write$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000000)={'veth0_to_hsr', 0x32, 0x37}, 0xf) ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, &(0x7f0000000040)) ioctl$SG_GET_ACCESS_COUNT(0xffffffffffffffff, 0x2289, &(0x7f0000000080)) ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, &(0x7f00000000c0)) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000240), 0x8101, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000280)={'geneve0\x00'}) ioctl$SG_SET_TIMEOUT(r0, 0x2201, &(0x7f00000002c0)=0x2b23) r1 = fsmount(r0, 0x1, 0x78) ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f0000000300)=0x2c6e) ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, &(0x7f0000000340)) r2 = fspick(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0) fsmount(r2, 0x0, 0xf2) ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f00000003c0)=0x67) open$dir(&(0x7f0000000400)='./file0\x00', 0x200801, 0x2) socketpair(0x22, 0x800, 0x1, &(0x7f0000000440)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000500)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000480)="92fa345666d7acf3bdf084f9e1f077fdfe9603f7cbd36950b894cba3edf50c5bb3557f3429d48e10c3a1d133f12d922dd1fee1f937c04a6e78e1ec0039ebcf6ff1825580dd4936f029671593", 0x4c, r0}, 0x68) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r1, 0x2) ioctl$SG_GET_ACCESS_COUNT(r1, 0x2289, &(0x7f0000000580)) ioctl$SG_GET_SG_TABLESIZE(r1, 0x227f, &(0x7f00000005c0)) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000600)='geneve0\x00', 0x0, r0) 01:09:51 executing program 7: r0 = fsmount(0xffffffffffffffff, 0x0, 0x7b) r1 = fsmount(r0, 0x0, 0xf2) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x78040, 0x0) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000000)='\x00', 0x0, r2) ioctl$CDROM_DEBUG(r1, 0x5330, 0x1) r3 = syz_open_dev$sg(&(0x7f0000000080), 0x5, 0x200) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000300)={0x0, 0x3, 0xa8, 0x7, @buffer={0x0, 0x89, &(0x7f00000000c0)=""/137}, &(0x7f0000000180)="a533691c802d927a73841a1291f5b0a7583f563965c455a4a28099187af4e0f0a8235180e81b09e265013b448914072a41e8db2165cb3464e63f8e98053a4e5ab0419f747f2600bfaf79e797bff6f4b4314c34effed53dd418946bfea2c066cad93ca804147af272f5277b726aabebf047ef47a30348dd299a0d2d337aea70913b5766614e5a8d073efe34648a75a01c86ac463300ea7657d57e4c43fd0fead0fcfcc8763dfd4830", &(0x7f0000000240)=""/86, 0x4, 0x10001, 0x0, &(0x7f00000002c0)}) ioctl$SCSI_IOCTL_DOORUNLOCK(r3, 0x5381) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000380)='/%\x00', &(0x7f00000003c0)='+,+/##*\x00', 0x0) ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000400)={'batadv0\x00'}) ioctl$CDROM_SELECT_DISK(r1, 0x5322, 0x7ff) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000440), 0x280040, 0x0) write$tun(r4, &(0x7f0000000480)={@void, @void, @mpls={[{0x8}, {0x1f}, {0x4, 0x0, 0x1}, {0x7}], @ipv6=@dccp_packet={0x0, 0x6, "9436aa", 0x6c, 0x21, 0xff, @private1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[@srh={0x11, 0x6, 0x4, 0x3, 0x7, 0x10, 0xff7f, [@mcast2, @private1, @loopback]}], {{0x4e22, 0x4e24, 0x4, 0x1, 0x3, 0x0, 0x0, 0xc, 0x7, "567ca8", 0x6, '=9f'}, "f63ce72b2837ac4cd5f030b8488baa68d6d4c5fa1d535b06ddae1a180e1e77dd819d601a"}}}}}, 0xa4) r5 = fsmount(r1, 0x1, 0x4) ioctl$CDROM_DEBUG(r5, 0x5330, 0x1) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000000600)={&(0x7f0000000540), 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x840}, 0x40094) ioctl$CDROMEJECT(r1, 0x5309) ioctl$SG_NEXT_CMD_LEN(r0, 0x2283, &(0x7f0000000640)=0xc0) r6 = fsmount(0xffffffffffffffff, 0x1, 0x72) ioctl$TUNSETQUEUE(r6, 0x400454d9, &(0x7f0000000680)={'gre0\x00'}) [ 118.618704] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 118.630787] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 118.634990] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 118.643426] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 118.649673] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 118.676401] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 118.679630] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 118.683431] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 118.691783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 118.698802] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 118.814569] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 118.818811] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 118.832623] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 118.834866] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 118.842012] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 118.849404] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 118.861541] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 118.863315] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 118.868725] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 118.882702] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 118.899417] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 118.926637] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 118.963692] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 118.991023] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 119.000012] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 119.006578] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 119.010628] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 119.023812] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 119.029751] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 119.037009] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 119.039186] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 119.049195] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 119.054551] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 119.069366] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 119.076795] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 119.085693] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 119.125752] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 119.127973] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 119.159186] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 119.174972] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 120.700918] Bluetooth: hci0: command tx timeout [ 120.764308] Bluetooth: hci1: command tx timeout [ 120.956247] Bluetooth: hci2: command tx timeout [ 121.020184] Bluetooth: hci3: command tx timeout [ 121.148345] Bluetooth: hci6: command tx timeout [ 121.148676] Bluetooth: hci4: command tx timeout [ 121.213279] Bluetooth: hci7: command tx timeout [ 121.276289] Bluetooth: hci5: command tx timeout [ 122.750104] Bluetooth: hci0: command tx timeout [ 122.812222] Bluetooth: hci1: command tx timeout [ 123.005829] Bluetooth: hci2: command tx timeout [ 123.071184] Bluetooth: hci3: command tx timeout [ 123.196260] Bluetooth: hci4: command tx timeout [ 123.199405] Bluetooth: hci6: command tx timeout [ 123.260304] Bluetooth: hci7: command tx timeout [ 123.324367] Bluetooth: hci5: command tx timeout [ 124.797268] Bluetooth: hci0: command tx timeout [ 124.860229] Bluetooth: hci1: command tx timeout [ 125.052865] Bluetooth: hci2: command tx timeout [ 125.116216] Bluetooth: hci3: command tx timeout [ 125.244631] Bluetooth: hci6: command tx timeout [ 125.244685] Bluetooth: hci4: command tx timeout [ 125.308257] Bluetooth: hci7: command tx timeout [ 125.372159] Bluetooth: hci5: command tx timeout [ 126.846126] Bluetooth: hci0: command tx timeout [ 126.908225] Bluetooth: hci1: command tx timeout [ 127.101246] Bluetooth: hci2: command tx timeout [ 127.164475] Bluetooth: hci3: command tx timeout [ 127.292300] Bluetooth: hci6: command tx timeout [ 127.293375] Bluetooth: hci4: command tx timeout [ 127.356272] Bluetooth: hci7: command tx timeout [ 127.421170] Bluetooth: hci5: command tx timeout [ 181.406182] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 181.409879] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 181.417464] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 181.427609] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 181.432828] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 181.468167] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 181.474937] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 181.477501] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 181.482597] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 181.485682] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 181.491132] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 181.496620] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 181.499044] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 181.518666] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 181.533559] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 181.654279] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 181.657855] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 181.669398] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 181.682942] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 181.698563] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 181.792251] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 181.803275] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 181.804156] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 181.807931] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 181.812261] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 181.816975] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 181.823237] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 181.827048] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 181.828021] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 181.833584] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 181.836967] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 181.840887] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 181.843647] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 181.849625] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 181.853491] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 181.856482] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 181.869557] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 181.889845] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 181.894615] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 181.934933] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 183.484626] Bluetooth: hci0: command tx timeout [ 183.548201] Bluetooth: hci1: command tx timeout [ 183.612190] Bluetooth: hci2: command tx timeout [ 183.805164] Bluetooth: hci4: command tx timeout [ 183.868361] Bluetooth: hci7: command tx timeout [ 183.932316] Bluetooth: hci5: command tx timeout [ 183.997149] Bluetooth: hci6: command tx timeout [ 183.998134] Bluetooth: hci3: command tx timeout [ 185.532428] Bluetooth: hci0: command tx timeout [ 185.596187] Bluetooth: hci1: command tx timeout [ 185.660269] Bluetooth: hci2: command tx timeout [ 185.852147] Bluetooth: hci4: command tx timeout [ 185.916233] Bluetooth: hci7: command tx timeout [ 185.980247] Bluetooth: hci5: command tx timeout [ 186.044259] Bluetooth: hci3: command tx timeout [ 186.044733] Bluetooth: hci6: command tx timeout [ 187.580255] Bluetooth: hci0: command tx timeout [ 187.644158] Bluetooth: hci1: command tx timeout [ 187.708190] Bluetooth: hci2: command tx timeout [ 187.900167] Bluetooth: hci4: command tx timeout [ 187.965480] Bluetooth: hci7: command tx timeout [ 188.029116] Bluetooth: hci5: command tx timeout [ 188.092192] Bluetooth: hci6: command tx timeout [ 188.092658] Bluetooth: hci3: command tx timeout [ 189.628175] Bluetooth: hci0: command tx timeout [ 189.692173] Bluetooth: hci1: command tx timeout [ 189.756205] Bluetooth: hci2: command tx timeout [ 189.948601] Bluetooth: hci4: command tx timeout [ 190.012454] Bluetooth: hci7: command tx timeout [ 190.076655] Bluetooth: hci5: command tx timeout [ 190.140582] Bluetooth: hci6: command tx timeout [ 190.141339] Bluetooth: hci3: command tx timeout [ 243.339717] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 243.342483] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 243.346453] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 243.356555] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 243.362816] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 243.479169] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 243.489991] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 243.491275] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 243.493404] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 243.506451] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 243.508147] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 243.523473] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 243.528567] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 243.530361] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 243.531664] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 243.533548] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 243.544899] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 243.547888] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 243.564923] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 243.569984] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 243.651763] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 243.657404] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 243.658671] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 243.662930] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 243.666900] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 243.989278] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 244.005549] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 244.021545] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 244.025095] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 244.028933] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 244.030847] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 244.038053] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 244.041495] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 244.060147] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 244.075452] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 244.081546] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 244.108307] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 244.124487] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 244.132471] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 244.163499] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 245.436195] Bluetooth: hci0: command tx timeout [ 245.564398] Bluetooth: hci1: command tx timeout [ 245.564709] Bluetooth: hci2: command tx timeout [ 245.628181] Bluetooth: hci3: command tx timeout [ 245.757323] Bluetooth: hci4: command tx timeout [ 246.076281] Bluetooth: hci5: command tx timeout [ 246.140261] Bluetooth: hci6: command tx timeout [ 246.271133] Bluetooth: hci7: command tx timeout [ 247.486095] Bluetooth: hci0: command tx timeout [ 247.612634] Bluetooth: hci1: command tx timeout [ 247.612663] Bluetooth: hci2: command tx timeout [ 247.676653] Bluetooth: hci3: command tx timeout [ 247.806235] Bluetooth: hci4: command tx timeout [ 248.124154] Bluetooth: hci5: command tx timeout [ 248.188178] Bluetooth: hci6: command tx timeout [ 248.316162] Bluetooth: hci7: command tx timeout [ 249.532242] Bluetooth: hci0: command tx timeout [ 249.660331] Bluetooth: hci1: command tx timeout [ 249.661170] Bluetooth: hci2: command tx timeout [ 249.725128] Bluetooth: hci3: command tx timeout [ 249.853138] Bluetooth: hci4: command tx timeout [ 250.172339] Bluetooth: hci5: command tx timeout [ 250.236306] Bluetooth: hci6: command tx timeout [ 250.364218] Bluetooth: hci7: command tx timeout [ 251.580432] Bluetooth: hci0: command tx timeout [ 251.709841] Bluetooth: hci2: command tx timeout [ 251.710161] Bluetooth: hci1: command tx timeout [ 251.772288] Bluetooth: hci3: command tx timeout [ 251.904105] Bluetooth: hci4: command tx timeout [ 252.221151] Bluetooth: hci5: command tx timeout [ 252.284408] Bluetooth: hci6: command tx timeout [ 252.413218] Bluetooth: hci7: command tx timeout [ 305.745690] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 305.752694] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 305.757428] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 305.771607] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 305.777212] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 305.878760] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 305.881964] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 305.884915] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 305.901594] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 305.912024] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 306.082264] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 306.085624] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 306.091587] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 306.122794] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 306.128777] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 306.132878] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 306.135754] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 306.141611] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 306.143440] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 306.148573] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 306.322865] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 306.350345] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 306.367676] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 306.402864] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 306.475552] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 306.557451] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 306.575659] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 306.622584] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 306.626680] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 306.631755] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 306.634202] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 306.634711] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 306.640412] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 306.644266] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 306.658559] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 306.669724] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 306.672595] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 306.688290] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 306.715164] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 306.820512] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 307.836443] Bluetooth: hci0: command tx timeout [ 307.965156] Bluetooth: hci1: command tx timeout [ 308.221422] Bluetooth: hci3: command tx timeout [ 308.287102] Bluetooth: hci2: command tx timeout [ 308.604153] Bluetooth: hci4: command tx timeout [ 308.796170] Bluetooth: hci6: command tx timeout [ 308.796203] Bluetooth: hci7: command tx timeout [ 308.925539] Bluetooth: hci5: command tx timeout [ 309.885432] Bluetooth: hci0: command tx timeout [ 310.013238] Bluetooth: hci1: command tx timeout [ 310.269131] Bluetooth: hci3: command tx timeout [ 310.332231] Bluetooth: hci2: command tx timeout [ 310.652247] Bluetooth: hci4: command tx timeout [ 310.844342] Bluetooth: hci7: command tx timeout [ 310.845338] Bluetooth: hci6: command tx timeout [ 310.973110] Bluetooth: hci5: command tx timeout [ 311.932141] Bluetooth: hci0: command tx timeout [ 312.060154] Bluetooth: hci1: command tx timeout [ 312.317230] Bluetooth: hci3: command tx timeout [ 312.380746] Bluetooth: hci2: command tx timeout [ 312.700371] Bluetooth: hci4: command tx timeout [ 312.892177] Bluetooth: hci6: command tx timeout [ 312.892665] Bluetooth: hci7: command tx timeout [ 313.020178] Bluetooth: hci5: command tx timeout [ 313.980231] Bluetooth: hci0: command tx timeout [ 314.108495] Bluetooth: hci1: command tx timeout [ 314.366133] Bluetooth: hci3: command tx timeout [ 314.428144] Bluetooth: hci2: command tx timeout [ 314.748189] Bluetooth: hci4: command tx timeout [ 314.940170] Bluetooth: hci7: command tx timeout [ 314.940651] Bluetooth: hci6: command tx timeout [ 315.068143] Bluetooth: hci5: command tx timeout [ 368.279845] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 368.286500] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 368.290809] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 368.299026] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 368.305560] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 368.402382] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 368.412338] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 368.420576] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 368.429820] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 368.439357] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 368.500027] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 368.503643] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 368.506887] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 368.514700] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 368.526645] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 368.616987] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 368.627864] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 368.629837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 368.635353] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 368.639845] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 368.658594] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 368.667170] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 368.671393] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 368.677879] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 368.685669] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 368.934252] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 368.937670] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 368.943355] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 368.953623] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 368.968649] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 369.097712] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 369.115642] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 369.127336] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 369.143016] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 369.149859] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 369.154788] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 369.161927] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 369.166349] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 369.224897] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 369.232562] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 370.365237] Bluetooth: hci0: command tx timeout [ 370.493139] Bluetooth: hci1: command tx timeout [ 370.621449] Bluetooth: hci2: command tx timeout [ 370.748169] Bluetooth: hci3: command tx timeout [ 370.877978] Bluetooth: hci4: command tx timeout [ 371.069911] Bluetooth: hci5: command tx timeout [ 371.260230] Bluetooth: hci7: command tx timeout [ 371.388607] Bluetooth: hci6: command tx timeout [ 372.412501] Bluetooth: hci0: command tx timeout [ 372.542714] Bluetooth: hci1: command tx timeout [ 372.670153] Bluetooth: hci2: command tx timeout [ 372.797216] Bluetooth: hci3: command tx timeout [ 372.925299] Bluetooth: hci4: command tx timeout [ 373.117094] Bluetooth: hci5: command tx timeout [ 373.310105] Bluetooth: hci7: command tx timeout [ 373.438125] Bluetooth: hci6: command tx timeout [ 374.460302] Bluetooth: hci0: command tx timeout [ 374.588644] Bluetooth: hci1: command tx timeout [ 374.717372] Bluetooth: hci2: command tx timeout [ 374.844266] Bluetooth: hci3: command tx timeout [ 374.973142] Bluetooth: hci4: command tx timeout [ 375.166163] Bluetooth: hci5: command tx timeout [ 375.356184] Bluetooth: hci7: command tx timeout [ 375.485305] Bluetooth: hci6: command tx timeout [ 376.509482] Bluetooth: hci0: command tx timeout [ 376.636129] Bluetooth: hci1: command tx timeout [ 376.765203] Bluetooth: hci2: command tx timeout [ 376.892199] Bluetooth: hci3: command tx timeout [ 377.021117] Bluetooth: hci4: command tx timeout [ 377.212521] Bluetooth: hci5: command tx timeout [ 377.404157] Bluetooth: hci7: command tx timeout [ 377.533165] Bluetooth: hci6: command tx timeout VM DIAGNOSIS: 01:14:53 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=0000000000000000 RCX=0000000000000002 RDX=0000000000000000 RSI=0000000000000001 RDI=ffff88806ce31850 RBP=ffffffff85c1cc40 RSP=ffff8880326b78d0 R8 =0000000000000000 R9 =0000000000000000 R10=000000000003b53d R11=00000000000083e3 R12=0000000000000002 R13=0000000000000000 R14=0000000000000000 R15=ffff8880326b79b8 RIP=ffffffff8151af53 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e5630000 00000000 00000000 LDT=0000 fffffe5a00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe65fa1a6f4 CR3=000000002fe7a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fe65fa2947000007fe65fa28f20 XMM02=00000000000000000000000000000000 XMM03=756e20796d6d756420736e6f6974706f XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=73253d656d616e6c6165722073253d73 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffff88800b9c0ac0 RBX=0000000000089008 RCX=ffff88800f0cab50 RDX=0000000000002827 RSI=ffff88800b9c0ac0 RDI=ffff888008c41780 RBP=ffff888008c41780 RSP=ffff88806cf08d80 R8 =0000000014335301 R9 =ffff88806beec350 R10=0000000000000001 R11=0000000000000000 R12=ffff888008c41780 R13=0000000000000000 R14=ffffea00002e7000 R15=ffff88800b9c0ac0 RIP=ffffffff81af1367 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555581271400 00000000 00000000 GS =0000 ffff8880e5730000 00000000 00000000 LDT=0000 fffffe1600000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f9345544368 CR3=000000002b543000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=000000000000000000ff0000000000ff XMM02=000000ff000000ff000000ff000000ff XMM03=ff00000000000000ff0000000000ff00 XMM04=000000000000000000ff000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000