Warning: Permanently added '[localhost]:45319' (ECDSA) to the list of known hosts. 2025/06/24 19:59:54 fuzzer started 2025/06/24 19:59:54 dialing manager at localhost:42423 syzkaller login: [ 93.660414] cgroup: Unknown subsys name 'net' [ 93.800004] cgroup: Unknown subsys name 'cpuset' [ 93.840928] cgroup: Unknown subsys name 'rlimit' 2025/06/24 20:00:10 syscalls: 2214 2025/06/24 20:00:10 code coverage: enabled 2025/06/24 20:00:10 comparison tracing: enabled 2025/06/24 20:00:10 extra coverage: enabled 2025/06/24 20:00:10 setuid sandbox: enabled 2025/06/24 20:00:10 namespace sandbox: enabled 2025/06/24 20:00:10 Android sandbox: enabled 2025/06/24 20:00:10 fault injection: enabled 2025/06/24 20:00:10 leak checking: enabled 2025/06/24 20:00:10 net packet injection: enabled 2025/06/24 20:00:10 net device setup: enabled 2025/06/24 20:00:10 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/06/24 20:00:10 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/06/24 20:00:10 USB emulation: enabled 2025/06/24 20:00:10 hci packet injection: enabled 2025/06/24 20:00:10 wifi device emulation: enabled 2025/06/24 20:00:10 802.15.4 emulation: enabled 2025/06/24 20:00:10 fetching corpus: 0, signal 0/0 (executing program) 2025/06/24 20:00:10 fetching corpus: 0, signal 0/0 (executing program) 2025/06/24 20:00:13 starting 8 fuzzer processes 20:00:13 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000180), 0x4) 20:00:13 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sysvipc/sem\x00', 0x0, 0x0) vmsplice(r0, &(0x7f0000003e00)=[{&(0x7f0000003a40)="ca", 0x1}], 0x1, 0x0) 20:00:13 executing program 2: mincore(&(0x7f0000ffb000/0x4000)=nil, 0x4000, &(0x7f0000000000)) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0xffffffffffffffff) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1) 20:00:13 executing program 3: mq_notify(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x1, @thr={0x0, 0x0}}) [ 112.057303] audit: type=1400 audit(1750795213.153:7): avc: denied { execmem } for pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 20:00:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000)) 20:00:13 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000000)=0x3f, 0x4) 20:00:13 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000240008000f80100200040000000000000000000800029a0ec11f153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ffffffff078000ffffff00"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ffffffff078000ffffff00"/32, 0x20, 0x400}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000c1e670325132510000e670325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000c1e670325132510000e670325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000c1e670325132510000e670325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000c1e670325132510000e6703251090064000000", 0x120, 0x600}, {&(0x7f0000010500)="2e202020202020202020201000c1e670325132510000e67032510300000000002e2e2020202020202020201000c1e670325132510000e670325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000c1e670325132510000e670325104001a040000", 0x80, 0x1e00}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x2e00}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x3e00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7e00}], 0x0, &(0x7f0000010d00)) 20:00:13 executing program 7: openat2(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x4}, 0x18) [ 113.562756] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 113.565956] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 113.569868] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 113.571392] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 113.574413] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 113.576603] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 113.583436] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 113.590315] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 113.590332] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 113.622446] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 113.649179] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 113.667399] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 113.682078] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 113.683880] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 113.704189] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 113.714659] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 113.716299] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 113.719767] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 113.722493] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 113.726630] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 113.738707] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 113.743553] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 113.747678] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 113.750921] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 113.756334] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 113.761007] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 113.767790] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 113.768142] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 113.780939] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 113.786372] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 113.795937] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 113.806516] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 113.823865] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 113.825033] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 113.835075] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 113.835329] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 113.841255] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 113.850469] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 113.934042] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 113.955474] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 115.639016] Bluetooth: hci0: command tx timeout [ 115.701248] Bluetooth: hci1: command tx timeout [ 115.828960] Bluetooth: hci2: command tx timeout [ 115.829000] Bluetooth: hci4: command tx timeout [ 115.892900] Bluetooth: hci3: command tx timeout [ 115.957039] Bluetooth: hci5: command tx timeout [ 115.957091] Bluetooth: hci7: command tx timeout [ 116.085223] Bluetooth: hci6: command tx timeout [ 117.684897] Bluetooth: hci0: command tx timeout [ 117.749038] Bluetooth: hci1: command tx timeout [ 117.876900] Bluetooth: hci2: command tx timeout [ 117.879832] Bluetooth: hci4: command tx timeout [ 117.941982] Bluetooth: hci3: command tx timeout [ 118.005062] Bluetooth: hci7: command tx timeout [ 118.005869] Bluetooth: hci5: command tx timeout [ 118.134487] Bluetooth: hci6: command tx timeout [ 119.733137] Bluetooth: hci0: command tx timeout [ 119.797486] Bluetooth: hci1: command tx timeout [ 119.927124] Bluetooth: hci4: command tx timeout [ 119.927173] Bluetooth: hci2: command tx timeout [ 119.989023] Bluetooth: hci3: command tx timeout [ 120.053893] Bluetooth: hci5: command tx timeout [ 120.053934] Bluetooth: hci7: command tx timeout [ 120.181431] Bluetooth: hci6: command tx timeout [ 121.781003] Bluetooth: hci0: command tx timeout [ 121.845210] Bluetooth: hci1: command tx timeout [ 121.974892] Bluetooth: hci4: command tx timeout [ 121.975267] Bluetooth: hci2: command tx timeout [ 122.037880] Bluetooth: hci3: command tx timeout [ 122.101009] Bluetooth: hci7: command tx timeout [ 122.102010] Bluetooth: hci5: command tx timeout [ 122.230870] Bluetooth: hci6: command tx timeout [ 173.631734] syz-executor.2 (283) used greatest stack depth: 24992 bytes left [ 175.951438] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 175.953319] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 175.954360] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 175.957120] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 175.960273] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 176.002633] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 176.008948] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 176.011267] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 176.012156] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 176.017479] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 176.022218] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 176.024209] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 176.025685] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 176.030485] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 176.032061] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 176.075012] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 176.080554] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 176.088177] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 176.109240] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 176.117544] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 176.163317] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 176.174192] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 176.183286] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 176.202253] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 176.211476] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 176.223362] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 176.224759] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 176.233315] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 176.239223] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 176.254897] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 176.264555] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 176.269947] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 176.283147] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 176.284578] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 176.333360] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 176.334204] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 176.371382] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 176.388917] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 176.391697] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 176.433573] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 178.036902] Bluetooth: hci0: command tx timeout [ 178.100928] Bluetooth: hci1: command tx timeout [ 178.101018] Bluetooth: hci2: command tx timeout [ 178.165145] Bluetooth: hci3: command tx timeout [ 178.293636] Bluetooth: hci7: command tx timeout [ 178.293674] Bluetooth: hci4: command tx timeout [ 178.485348] Bluetooth: hci6: command tx timeout [ 178.550595] Bluetooth: hci5: command tx timeout [ 180.085630] Bluetooth: hci0: command tx timeout [ 180.149869] Bluetooth: hci2: command tx timeout [ 180.149922] Bluetooth: hci1: command tx timeout [ 180.214983] Bluetooth: hci3: command tx timeout [ 180.342876] Bluetooth: hci4: command tx timeout [ 180.342920] Bluetooth: hci7: command tx timeout [ 180.534013] Bluetooth: hci6: command tx timeout [ 180.598126] Bluetooth: hci5: command tx timeout [ 182.132935] Bluetooth: hci0: command tx timeout [ 182.196937] Bluetooth: hci1: command tx timeout [ 182.198221] Bluetooth: hci2: command tx timeout [ 182.260977] Bluetooth: hci3: command tx timeout [ 182.389888] Bluetooth: hci4: command tx timeout [ 182.390067] Bluetooth: hci7: command tx timeout [ 182.581908] Bluetooth: hci6: command tx timeout [ 182.645866] Bluetooth: hci5: command tx timeout [ 184.180918] Bluetooth: hci0: command tx timeout [ 184.245916] Bluetooth: hci2: command tx timeout [ 184.246352] Bluetooth: hci1: command tx timeout [ 184.309994] Bluetooth: hci3: command tx timeout [ 184.436923] Bluetooth: hci4: command tx timeout [ 184.437295] Bluetooth: hci7: command tx timeout [ 184.629128] Bluetooth: hci6: command tx timeout [ 184.693098] Bluetooth: hci5: command tx timeout [ 238.274656] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 238.280076] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 238.286993] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 238.295917] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 238.301127] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 238.353405] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 238.356550] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 238.361658] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 238.367348] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 238.372146] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 238.410863] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 238.420177] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 238.427387] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 238.439150] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 238.443961] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 238.458254] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 238.465280] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 238.481062] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 238.513172] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 238.522192] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 238.536327] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 238.537535] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 238.539713] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 238.543182] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 238.553483] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 238.582657] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 238.588551] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 238.591075] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 238.596628] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 238.604309] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 238.616676] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 238.620094] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 238.621337] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 238.630950] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 238.633377] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 238.709581] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 238.743259] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 238.749228] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 238.761952] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 238.770536] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 240.374188] Bluetooth: hci0: command tx timeout [ 240.437846] Bluetooth: hci1: command tx timeout [ 240.565122] Bluetooth: hci2: command tx timeout [ 240.628906] Bluetooth: hci3: command tx timeout [ 240.692919] Bluetooth: hci6: command tx timeout [ 240.694009] Bluetooth: hci7: command tx timeout [ 240.694529] Bluetooth: hci4: command tx timeout [ 240.884910] Bluetooth: hci5: command tx timeout [ 242.420913] Bluetooth: hci0: command tx timeout [ 242.484880] Bluetooth: hci1: command tx timeout [ 242.613082] Bluetooth: hci2: command tx timeout [ 242.679976] Bluetooth: hci3: command tx timeout [ 242.742612] Bluetooth: hci7: command tx timeout [ 242.743064] Bluetooth: hci4: command tx timeout [ 242.743470] Bluetooth: hci6: command tx timeout [ 242.933860] Bluetooth: hci5: command tx timeout [ 244.470154] Bluetooth: hci0: command tx timeout [ 244.533875] Bluetooth: hci1: command tx timeout [ 244.660872] Bluetooth: hci2: command tx timeout [ 244.726222] Bluetooth: hci3: command tx timeout [ 244.790970] Bluetooth: hci6: command tx timeout [ 244.791754] Bluetooth: hci4: command tx timeout [ 244.793060] Bluetooth: hci7: command tx timeout [ 244.981303] Bluetooth: hci5: command tx timeout [ 246.517036] Bluetooth: hci0: command tx timeout [ 246.581899] Bluetooth: hci1: command tx timeout [ 246.709289] Bluetooth: hci2: command tx timeout [ 246.772919] Bluetooth: hci3: command tx timeout [ 246.836920] Bluetooth: hci7: command tx timeout [ 246.837472] Bluetooth: hci4: command tx timeout [ 246.839050] Bluetooth: hci6: command tx timeout [ 247.030175] Bluetooth: hci5: command tx timeout [ 300.493291] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 300.498050] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 300.505476] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 300.519688] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 300.529218] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 300.642354] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 300.647052] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 300.650649] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 300.659467] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 300.667376] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 300.759224] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 300.763268] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 300.765393] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 300.772236] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 300.775628] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 300.919179] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 300.953545] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 300.956723] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 300.959564] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 300.967593] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 300.977349] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 300.983211] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 300.998290] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 301.004595] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 301.006589] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 301.008690] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 301.023601] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 301.032351] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 301.039515] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 301.042740] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 301.049052] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 301.065550] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 301.069288] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 301.071543] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 301.075348] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 301.079502] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 301.089831] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 301.104631] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 301.121487] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 301.133508] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 302.581875] Bluetooth: hci0: command tx timeout [ 302.709900] Bluetooth: hci1: command tx timeout [ 302.837877] Bluetooth: hci2: command tx timeout [ 303.092868] Bluetooth: hci4: command tx timeout [ 303.156916] Bluetooth: hci3: command tx timeout [ 303.158282] Bluetooth: hci5: command tx timeout [ 303.221125] Bluetooth: hci7: command tx timeout [ 303.222414] Bluetooth: hci6: command tx timeout [ 304.629121] Bluetooth: hci0: command tx timeout [ 304.758463] Bluetooth: hci1: command tx timeout [ 304.885176] Bluetooth: hci2: command tx timeout [ 305.141883] Bluetooth: hci4: command tx timeout [ 305.205865] Bluetooth: hci5: command tx timeout [ 305.206757] Bluetooth: hci3: command tx timeout [ 305.269073] Bluetooth: hci7: command tx timeout [ 305.270022] Bluetooth: hci6: command tx timeout [ 306.678816] Bluetooth: hci0: command tx timeout [ 306.804890] Bluetooth: hci1: command tx timeout [ 306.934033] Bluetooth: hci2: command tx timeout [ 307.189834] Bluetooth: hci4: command tx timeout [ 307.253998] Bluetooth: hci5: command tx timeout [ 307.254485] Bluetooth: hci3: command tx timeout [ 307.317918] Bluetooth: hci7: command tx timeout [ 307.318396] Bluetooth: hci6: command tx timeout [ 308.725869] Bluetooth: hci0: command tx timeout [ 308.853866] Bluetooth: hci1: command tx timeout [ 308.982016] Bluetooth: hci2: command tx timeout [ 309.238845] Bluetooth: hci4: command tx timeout [ 309.300869] Bluetooth: hci3: command tx timeout [ 309.301336] Bluetooth: hci5: command tx timeout [ 309.364899] Bluetooth: hci7: command tx timeout [ 309.365365] Bluetooth: hci6: command tx timeout [ 361.070102] syz-executor.3 (7532) used greatest stack depth: 24544 bytes left [ 363.275649] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 363.284532] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 363.288077] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 363.302141] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 363.311156] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 363.535105] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 363.537913] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 363.541155] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 363.542643] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 363.549378] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 363.550550] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 363.557356] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 363.558644] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 363.569021] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 363.575623] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 363.626659] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 363.645407] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 363.650337] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 363.690960] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 363.694573] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 363.699162] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 363.707765] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 363.720375] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 363.736284] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 363.746541] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 363.759522] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 363.761709] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 363.799116] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 363.801399] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 363.805738] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 363.834336] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 363.836574] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 363.838369] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 363.843366] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 363.871176] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 363.877750] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 363.877779] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 363.886955] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 363.901192] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 363.907296] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 365.365283] Bluetooth: hci0: command tx timeout [ 365.621777] Bluetooth: hci2: command tx timeout [ 365.685853] Bluetooth: hci1: command tx timeout [ 365.812892] Bluetooth: hci3: command tx timeout [ 365.940947] Bluetooth: hci5: command tx timeout [ 366.005390] Bluetooth: hci7: command tx timeout [ 366.006162] Bluetooth: hci6: command tx timeout [ 366.006741] Bluetooth: hci4: command tx timeout [ 367.413062] Bluetooth: hci0: command tx timeout [ 367.669153] Bluetooth: hci2: command tx timeout [ 367.732856] Bluetooth: hci1: command tx timeout [ 367.861855] Bluetooth: hci3: command tx timeout [ 367.990279] Bluetooth: hci5: command tx timeout [ 368.052871] Bluetooth: hci6: command tx timeout [ 368.053310] Bluetooth: hci7: command tx timeout [ 368.054050] Bluetooth: hci4: command tx timeout [ 369.461222] Bluetooth: hci0: command tx timeout [ 369.718150] Bluetooth: hci2: command tx timeout [ 369.781841] Bluetooth: hci1: command tx timeout [ 369.909025] Bluetooth: hci3: command tx timeout [ 370.036866] Bluetooth: hci5: command tx timeout [ 370.101007] Bluetooth: hci4: command tx timeout [ 370.101173] Bluetooth: hci6: command tx timeout [ 370.101647] Bluetooth: hci7: command tx timeout [ 371.510910] Bluetooth: hci0: command tx timeout [ 371.765946] Bluetooth: hci2: command tx timeout [ 371.829144] Bluetooth: hci1: command tx timeout [ 371.957205] Bluetooth: hci3: command tx timeout [ 372.085011] Bluetooth: hci5: command tx timeout [ 372.149037] Bluetooth: hci6: command tx timeout [ 372.149486] Bluetooth: hci4: command tx timeout [ 372.150123] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 20:05:22 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=00007f3ab35f8e27 RCX=f038391266f9419b RDX=0000000000000000 RSI=00000000c0c1d7e8 RDI=00007f3ab35f8e27 RBP=00007f3ab35f8e27 RSP=ffff8880375c72b0 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffff8880375c7300 R13=0000000000000000 R14=ffff88802aff5280 R15=0000000000092cc0 RIP=ffffffff815f9cd2 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f3ab30c5540 00000000 00000000 GS =0000 ffff8880e5630000 00000000 00000000 LDT=0000 fffffe5000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f3ab31828b0 CR3=0000000031a44000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000ff0000000000000000000000ff XMM01=ffffff0000ff00ffffffffffffffff00 XMM02=494c4700362e322e325f4342494c4700 XMM03=00000000000000000000000000004700 XMM04=4342494c4700362e322e325f4342494c XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff86855410 RDX=0000000000000001 RSI=0000000000000000 RDI=0000000000000001 RBP=ffff88802c55f940 RSP=ffff88802c55f878 R8 =ffffffff86855414 R9 =ffff88802c55f928 R10=000000000003b53d R11=000000000002178a R12=ffff88802c55f948 R13=ffff88802c55f930 R14=ffff88802c55fdd8 R15=ffff88802c55f8e8 RIP=ffffffff8135492f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e5730000 00000000 00000000 LDT=0000 fffffe3300000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f05c3ff5620 CR3=0000000031a63000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00ffffffffffff0000000000000000 XMM01=0100010001000000ffffffffffffffff XMM02=0500050005000000455441564952505f XMM03=0000000000000000000000564952505f XMM04=00030005000500050005000000455441 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000