Warning: Permanently added '[localhost]:36798' (ECDSA) to the list of known hosts. 2025/06/27 14:42:33 fuzzer started 2025/06/27 14:42:33 dialing manager at localhost:45637 syzkaller login: [ 119.509067] cgroup: Unknown subsys name 'net' [ 119.639630] cgroup: Unknown subsys name 'cpuset' [ 119.670106] cgroup: Unknown subsys name 'rlimit' 2025/06/27 14:42:53 syscalls: 205 2025/06/27 14:42:53 code coverage: enabled 2025/06/27 14:42:53 comparison tracing: enabled 2025/06/27 14:42:53 extra coverage: enabled 2025/06/27 14:42:53 setuid sandbox: enabled 2025/06/27 14:42:53 namespace sandbox: enabled 2025/06/27 14:42:53 Android sandbox: enabled 2025/06/27 14:42:53 fault injection: enabled 2025/06/27 14:42:53 leak checking: enabled 2025/06/27 14:42:53 net packet injection: enabled 2025/06/27 14:42:53 net device setup: enabled 2025/06/27 14:42:53 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/06/27 14:42:53 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/06/27 14:42:53 USB emulation: enabled 2025/06/27 14:42:53 hci packet injection: enabled 2025/06/27 14:42:53 wifi device emulation: enabled 2025/06/27 14:42:53 802.15.4 emulation: enabled 2025/06/27 14:42:53 fetching corpus: 0, signal 0/0 (executing program) 2025/06/27 14:42:55 starting 8 fuzzer processes 14:42:55 executing program 0: ioctl$HIDIOCGRAWNAME(0xffffffffffffffff, 0x80404804, &(0x7f0000000000)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000040)) pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) ioctl$HIDIOCSFEATURE(r0, 0xc0404806, &(0x7f0000000280)="b0d1bbb7ead97d9bf272b6b3a3f462e82f804bc4a3a23383b5a8171a6c04a8a10fd2cc5887264766a6322c6052453185c68b49f41aecbb33654adba01cf95d2cb680f6c654fe5d79665dda0711fe77ee616950f3f456885f7f0488c6e22da26ec65a50db0ecb747f84b1a6c42217c8d66fad9a65005a3f18917a0e9dd2654e94879716529328746d1fc4c0ef0015614b9e43b08064f883f38f8cc9e9f02491af37e7b1415b092cafd812005ed5") ioctl$EVIOCGABS2F(0xffffffffffffffff, 0x8018456f, &(0x7f0000000340)=""/8) ioctl$HIDIOCGRAWPHYS(r1, 0x80404805, &(0x7f0000000380)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f00000003c0)) pipe2(&(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) read$hidraw(r2, &(0x7f0000000600)=""/119, 0x77) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) clock_gettime(0x0, &(0x7f00000006c0)={0x0, 0x0}) write$evdev(r1, &(0x7f0000000700)=[{{0x0, 0x2710}}, {{r4, r5/1000+60000}, 0x12, 0x100, 0x7fff}, {{0x77359400}, 0x16, 0x8000, 0x100}, {{r6, r7/1000+60000}, 0x14, 0x1df3, 0x40}, {{0x0, 0x2710}, 0x3, 0xfe00}, {{0x0, 0x2710}, 0x5, 0xfff7, 0x101}, {{0x0, 0xea60}, 0x15, 0x1, 0x4c7}], 0xa8) clock_gettime(0x1, &(0x7f00000007c0)) clock_gettime(0x1, &(0x7f0000000800)) ioctl$HIDIOCGFEATURE(r0, 0xc0404807, &(0x7f0000000840)={0x7, "301473ec1f1f566ff5b402381b79d4d5cde3efb2f9b929488d9f74454fcfea4a4bb14f25206916ba662219244519708bb6ea19151291044160cc53af188c89f0"}) clock_gettime(0x6, &(0x7f00000008c0)) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000900), 0x800) clock_getres(0x0, &(0x7f0000000940)) r8 = fsmount(r3, 0x1, 0x88) ioctl$EVIOCGBITSW(r8, 0x80404525, &(0x7f0000000980)=""/239) 14:42:55 executing program 1: r0 = semget$private(0x0, 0x3, 0x9) semop(r0, &(0x7f0000000000)=[{0x3, 0x7fff}, {0x3, 0xfffc, 0x1800}, {0x2, 0x1, 0x1000}, {0x0, 0x3f, 0x1000}], 0x4) prctl$PR_SET_UNALIGN(0x6, 0x2) semctl$GETNCNT(r0, 0x4, 0xe, &(0x7f0000000040)=""/35) semctl$GETVAL(r0, 0x2, 0xc, &(0x7f0000000080)=""/30) prctl$PR_SET_UNALIGN(0x6, 0x0) write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f00000000c0)='THAWED\x00', 0x7) ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, &(0x7f0000000100)=0xe6) semctl$IPC_INFO(r0, 0x4, 0x3, &(0x7f0000000140)=""/131) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/bus/cpu', 0x414600, 0x100) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000240)='*\x00', &(0x7f0000000280)='THAWED\x00', 0x0) ioctl$EVIOCRMFF(r1, 0x40044581, &(0x7f00000002c0)=0x1) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000300)={'veth1_to_bridge\x00'}) r2 = syz_open_dev$rtc(&(0x7f0000000340), 0x4, 0x80000) ioctl$BTRFS_IOC_WAIT_SYNC(r2, 0x40089416, &(0x7f0000000380)) ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f00000003c0)=0x1) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000400)=0x3) r3 = semget$private(0x0, 0x1, 0x20) semctl$GETALL(r3, 0x0, 0xd, &(0x7f0000000440)=""/139) semctl$SETVAL(r3, 0x4, 0x10, &(0x7f0000000500)=0xd0c7c6a0) 14:42:55 executing program 2: r0 = syz_open_dev$rtc(&(0x7f0000000000), 0x1, 0x200) ioctl$HIDIOCSFEATURE(r0, 0xc0404806, &(0x7f0000000040)="26a2a865676e098daef906c51af9691234c8748eafc703ff8191e757d223a0c4586d83de8ba8539575bfc16cb84b44507877079e885bf1aa094d1dae5bba8e29ac629a0e7bec3d854c9a8c3751436fb6befcb3c7e06fcda4c39fcf73af0649801c92e095d9f3c826d2e4bf3af2d742953ea501c745f347e04482de0f2fc162f14b4e5e0bb4494efbaf0d1187e9d13105f1bd51b42a01097a1e1a6e696083906c12136d21") openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x4080, 0x0) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x44, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1, 0x4a}}}}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x245}]]}, 0x44}, 0x1, 0x0, 0x0, 0x4008004}, 0x8040) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f0000000280)=0x4) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000300)=0x7) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$HIDIOCGRDESCSIZE(r3, 0x80044801, &(0x7f0000000380)) ioctl$EVIOCGABS2F(r1, 0x8018456f, &(0x7f00000003c0)=""/40) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume_offset', 0x400, 0x20) openat$tun(0xffffffffffffff9c, &(0x7f0000000440), 0x541040, 0x0) r5 = syz_genetlink_get_family_id$gtp(&(0x7f00000004c0), r4) sendmsg$GTP_CMD_DELPDP(r2, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x1c, r5, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@GTPA_FLOW={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40080c1) pipe(&(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$SMC_PNETID_ADD(r6, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x20, 0x0, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x400c011}, 0x4000000) r7 = syz_open_dev$char_usb(0xc, 0xb4, 0xc000000000000000) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r7) pipe(&(0x7f0000000700)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$802154_raw(r8, &(0x7f0000000800)={&(0x7f0000000740)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f00000007c0)={&(0x7f0000000780)="bae32e137ebeaf80127cbbb4ba46b5616d8d493401c085684a311a0e697859d8b4603b569f0d4413", 0x28}, 0x1, 0x0, 0x0, 0x4040000}, 0x4004045) 14:42:55 executing program 3: r0 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0xf8, 0xff, 0x3f, 0x13, 0x0, 0x5, 0x400, 0xa, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x481, 0x4857, 0x0, 0x7, 0xab8, 0x2, 0x8, 0x0, 0x3, 0x0, 0x9}, 0x0, 0xc, 0xffffffffffffffff, 0x1) ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f00000000c0)={0x4, 0x0, [0x0, 0x0, 0x0, 0x0]}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x0, 0x47, 0x8, 0x67, 0x0, 0xfffffffffffffff8, 0x800, 0xd, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0xb387, 0x0, @perf_bp={&(0x7f0000000100), 0x1}, 0x0, 0x6e9, 0xfff, 0x3, 0x0, 0x200, 0xfff9, 0x0, 0x5}, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0x2) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_freezer_state(r3, &(0x7f0000000240), 0x2, 0x0) r4 = fsmount(r2, 0x1, 0x84) ioctl$HIDIOCGFEATURE(r4, 0xc0404807, &(0x7f0000000280)={0xed, "25907ee6db3eb237a289e45355442861bc338db4d86a2d66ce801f35546e4211a7578b60fbe8d4adaa797c45425a09346e8fd2c90522d0c0f0fd752652c96e96"}) ioctl$EVIOCSKEYCODE_V2(r1, 0x40284504, &(0x7f0000000300)={0x91, 0x1c, 0xfcd3, 0x400, "a96667caabd7188ec2a39da1cf79285f83202557dae5786c3ddf1713e48e77fd"}) ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000000340)={'veth0_macvtap\x00'}) r5 = syz_genetlink_get_family_id$smc(&(0x7f00000003c0), r2) sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x44, r5, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'team_slave_0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x44}, 0x1, 0x0, 0x0, 0x200000c4}, 0x4008000) r6 = syz_open_dev$hidraw(&(0x7f0000000500), 0x0, 0x414000) ioctl$HIDIOCGRAWPHYS(r6, 0x80404805, &(0x7f0000000540)) ioctl$HIDIOCGRDESCSIZE(r1, 0x80044801, &(0x7f0000000580)) pipe(&(0x7f00000005c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x1) semget(0x3, 0x4, 0x1d4) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000600)='/dev/hidraw#\x00', &(0x7f0000000640)='@#\x00', 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x800) 14:42:55 executing program 4: sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x58, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x8084) r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, r0, 0x300, 0x70bd25, 0x25dfdbfe, {}, [@GTPA_TID={0xc}, @GTPA_PEER_ADDRESS={0x8, 0x4, @empty}, @GTPA_PEER_ADDRESS={0x8, 0x4, @private=0xa010101}, @GTPA_PEER_ADDRESS={0x8, 0x4, @remote}]}, 0x38}, 0x1, 0x0, 0x0, 0x8880}, 0x4000080) sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x90, 0x0, 0x300, 0x70bd29, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'erspan0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'netdevsim0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, 0x90}, 0x1, 0x0, 0x0, 0xc0}, 0x40080) sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x494004}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x4c, 0x0, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'dummy0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40100}, 0x20000081) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000580), 0xffffffffffffffff) getpeername$packet(0xffffffffffffffff, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000600)=0x14) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f00000006c0)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x24, r2, 0x4, 0x70bd2a, 0x25dfdbfd, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010100}, @GTPA_LINK={0x8, 0x1, r3}]}, 0x24}, 0x1, 0x0, 0x0, 0x4800}, 0x5e55551072b66962) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$smc(&(0x7f0000000700), r4) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000740), 0xffffffffffffffff) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000780)=0x1) sendmsg$FOU_CMD_GET(r1, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x3c, 0x0, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e24}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e23}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e20}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @rand_addr=0x64010100}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000010}, 0x1) fsopen(&(0x7f00000008c0)='sysv\x00', 0x1) syz_genetlink_get_family_id$l2tp(&(0x7f0000000900), 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000980), r4) getpeername$packet(0xffffffffffffffff, &(0x7f00000009c0)={0x11, 0x0, 0x0}, &(0x7f0000000a00)=0x14) sendmsg$FOU_CMD_GET(r4, &(0x7f0000000b00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x44, r5, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_IFINDEX={0x8, 0xb, r6}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PEER_V4={0x8, 0x8, @dev={0xac, 0x14, 0x14, 0x2f}}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000001}, 0x20004080) [ 141.191936] audit: type=1400 audit(1751035375.518:7): avc: denied { execmem } for pid=283 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 14:42:55 executing program 6: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) sendmsg$802154_raw(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0x14, &(0x7f0000000180)={&(0x7f0000000080)="1ab5d98a51a4abbf988a31a6c3e4f1a0776ec005bc7fe3b7c0685ae2da1887e36e57edfb89263b547ee456f22251a7621acaf4684341abac185ec08852c8d886e02b0b960e524413a9307df935034f7f5b3b2bd2e33d0c649bf13141cd963df0b20fc0b6b290acbeb477e7574fa56209c3ef3cf5f4ad735cd5680dad9cb74afbe3371e965d68661c8d441d0acdca82e7e4a498e49d90c061773714afc620a223b5e8ad175473a1297797968ba7703efbc1e94f5421ac7e66ecd32812c6f00db20220d7a193b89958363a18e2648351acd2b1f0e5e9283365255049caf9146da2b61327c76a987aeaf360c95a8fcb88286a93c83fa229b7eaeba36c1a", 0xfc}, 0x1, 0x0, 0x0, 0x24004881}, 0x80) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000200)) r1 = fsmount(0xffffffffffffffff, 0x1, 0x80) socketpair(0x8, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0x8c, r4, 0x800, 0x70bd2b, 0x25dfdbfe, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'tunl0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'ip6gre0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000004}, 0x10000) r5 = syz_genetlink_get_family_id$smc(&(0x7f0000000640), r1) sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x28, r5, 0x4, 0x70bd28, 0x25dfdbfb, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_to_bridge\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) r6 = fsmount(r1, 0x0, 0x80) syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), r6) r7 = add_key$keyring(&(0x7f0000000880), &(0x7f00000008c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8) add_key$fscrypt_v1(&(0x7f0000000780), &(0x7f00000007c0)={'fscrypt:', @desc2}, &(0x7f0000000800)={0x0, "c9c8f04b1438158a6a7edd6d7ba9444f004767f5f4119a6e83130793c27d15f02dc3b624940e3770582cf34e57f4fd70a6dd28816de0de53769809dbd728f631", 0x2e}, 0x48, r7) sendmsg$FOU_CMD_GET(r6, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x6c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @local}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @loopback}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e23}, @FOU_ATTR_PEER_V4={0x8, 0x8, @local}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @mcast2}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x5, 0x4, 0x3}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) keyctl$clear(0x7, r7) sendmsg$802154_raw(r3, &(0x7f0000000b00)={&(0x7f0000000a40)={0x24, @none={0x0, 0xffff}}, 0x14, &(0x7f0000000ac0)={&(0x7f0000000a80)}, 0x1, 0x0, 0x0, 0x40008011}, 0x40000) sendmsg$GTP_CMD_DELPDP(r6, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x1c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@GTPA_VERSION={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40880}, 0x8000) r8 = socket(0x2b, 0x4, 0x3ff) ioctl$HIDIOCSFEATURE(r6, 0xc0404806, &(0x7f0000000c40)="655559b2d49155a082742e2da838ac05d51a92a1fed1cd748cd0c360978060d0bb8d6b3c4b3dd06a92c5123b599e1b0dab94cf600a37532ec4717efc4ad0ad0ce807fb4f736e9d1d75bb7f2242a93d141247d58d5e82d5d7c03045196d9b047d2bd27fb10f6c35f24e68a673a37e2850a4201c311179c1468560aa54c7db134a704ca1bb004eb175a39c0c2543fc2c14027765c9d7d41592eed9684325c3dc12932edcdb0ca1eae14e9a0a3b2ae20806c24a77670da6d821f36124606110e1dba3bba3b29684ee8df25f3726efed936d415bb365ab8ce269e19fb4679e1805f45569c483a1f5af353d959419c877cf038a") connect$bt_sco(r8, &(0x7f0000000d40)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) 14:42:55 executing program 5: semctl$SEM_STAT(0xffffffffffffffff, 0x3, 0x12, &(0x7f0000000000)=""/9) r0 = semget(0x1, 0x4, 0x408) semctl$SEM_INFO(r0, 0x0, 0x13, &(0x7f0000000040)=""/26) semctl$SEM_STAT(r0, 0x5, 0x12, &(0x7f0000000080)=""/4096) semctl$GETVAL(r0, 0x4, 0xc, &(0x7f0000001080)=""/4096) r1 = semget$private(0x0, 0x0, 0x401) semctl$IPC_STAT(r1, 0x0, 0x2, &(0x7f0000002080)=""/223) semctl$SEM_STAT_ANY(r0, 0x0, 0x14, &(0x7f0000002180)=""/221) semtimedop(r1, &(0x7f0000002280)=[{0x3, 0x5, 0x800}, {0x2, 0x6}, {0x0, 0x5e, 0x800}, {}], 0x4, &(0x7f00000022c0)) semctl$IPC_INFO(0xffffffffffffffff, 0x4, 0x3, &(0x7f0000002300)=""/121) r2 = semget$private(0x0, 0x1, 0x764) semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000002380)=[0x797b, 0x1, 0x3, 0xff]) semctl$IPC_STAT(r1, 0x0, 0x2, &(0x7f00000023c0)=""/32) r3 = semget$private(0x0, 0x4, 0xaa) getresuid(&(0x7f0000002400), &(0x7f0000002440)=0x0, &(0x7f0000002480)) semctl$IPC_SET(r3, 0x0, 0x1, &(0x7f00000024c0)={{0x1, 0x0, 0xee00, r4, 0xee00, 0x10, 0x6}, 0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x6}) semctl$GETNCNT(r1, 0x3, 0xe, &(0x7f0000002540)=""/85) keyctl$link(0x8, 0x0, 0xfffffffffffffffd) r5 = semget$private(0x0, 0x1, 0x200) semctl$SETALL(r5, 0x0, 0x11, &(0x7f00000025c0)=[0x9]) 14:42:55 executing program 7: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$unlink(0x9, r0, 0xfffffffffffffffd) keyctl$unlink(0x9, r0, 0xfffffffffffffff8) ioctl$EVIOCGABS2F(0xffffffffffffffff, 0x8018456f, &(0x7f0000000080)=""/4096) r1 = add_key$fscrypt_v1(&(0x7f0000001080), &(0x7f00000010c0)={'fscrypt:', @desc4}, &(0x7f0000001100)={0x0, "3669da9fe39b563f7e63fc32ab883430c1a87b293919c01b5971521477e2f8f1c94997d4755b379e80e496819343559ba0cad188f21e27e7a731f39639177737", 0x29}, 0x48, 0xfffffffffffffffc) keyctl$negate(0xd, r1, 0x4b, r0) r2 = add_key$keyring(&(0x7f0000001180), &(0x7f00000011c0)={'syz', 0x2}, 0x0, 0x0, r1) r3 = add_key$fscrypt_v1(&(0x7f0000001200), &(0x7f0000001240)={'fscrypt:', @desc4}, &(0x7f0000001280)={0x0, "7c989c3443dbd2f9542fe3df4fc66793ebd4fda03c1968f3db0b3caeea463986768d6d3fc3010d10e050666778a1a1cabdc466c1a86b33a8b2278245b7c6dfd3", 0x3d}, 0x48, r1) keyctl$link(0x8, r2, r3) r4 = add_key$keyring(&(0x7f0000001300), &(0x7f0000001340)={'syz', 0x0}, 0x0, 0x0, r2) keyctl$search(0xa, r4, &(0x7f0000001380)='cifs.idmap\x00', &(0x7f00000013c0)={'syz', 0x3}, r1) prctl$PR_CAPBSET_DROP(0x18, 0x27) pipe2(&(0x7f0000001400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) ioctl$EVIOCGNAME(r6, 0x80404506, &(0x7f0000001440)=""/30) keyctl$clear(0x7, r1) add_key$fscrypt_v1(&(0x7f0000001480), &(0x7f00000014c0)={'fscrypt:', @desc1}, &(0x7f0000001500)={0x0, "687496742aaafa99abc337cf8400bcd815d61d665905aebcafd917991bf3d979b36d5ae43dff5d910d7d074d1b00eb7155cc68af27e85c907a4e132aa1772dda", 0x16}, 0x48, r4) ioctl$HIDIOCGRDESCSIZE(r5, 0x80044801, &(0x7f0000001580)) r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000015c0), 0x10000) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r7, 0x40485404, &(0x7f0000001600)={{0x2, 0x2, 0x5, 0x1, 0x400}, 0x5, 0x9}) keyctl$search(0xa, r4, &(0x7f0000001680)='cifs.spnego\x00', &(0x7f00000016c0)={'syz', 0x2}, r3) [ 142.618779] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 142.620461] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 142.622291] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 142.627497] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 142.630636] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 142.632222] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 142.635372] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 142.636749] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 142.643048] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 142.649093] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 142.650878] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 142.658342] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 142.664841] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 142.679796] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 142.686587] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 142.699302] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 142.702836] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 142.736219] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 142.742670] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 142.745273] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 142.747901] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 142.749491] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 142.751480] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 142.753606] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 142.758172] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 142.769126] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 142.772218] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 142.775455] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 142.779181] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 142.786723] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 142.792365] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 142.796092] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 142.797983] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 142.801508] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 142.804458] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 142.805647] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 142.815190] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 142.815993] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 142.832424] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 142.833508] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 144.763811] Bluetooth: hci1: command tx timeout [ 144.765709] Bluetooth: hci0: command tx timeout [ 144.766386] Bluetooth: hci2: command tx timeout [ 144.826592] Bluetooth: hci3: command tx timeout [ 144.826624] Bluetooth: hci5: command tx timeout [ 144.890171] Bluetooth: hci7: command tx timeout [ 144.890220] Bluetooth: hci4: command tx timeout [ 144.890848] Bluetooth: hci6: command tx timeout [ 146.810279] Bluetooth: hci0: command tx timeout [ 146.810840] Bluetooth: hci2: command tx timeout [ 146.811414] Bluetooth: hci1: command tx timeout [ 146.874386] Bluetooth: hci5: command tx timeout [ 146.875551] Bluetooth: hci3: command tx timeout [ 146.939473] Bluetooth: hci7: command tx timeout [ 146.939936] Bluetooth: hci4: command tx timeout [ 146.940312] Bluetooth: hci6: command tx timeout [ 148.860108] Bluetooth: hci2: command tx timeout [ 148.860689] Bluetooth: hci1: command tx timeout [ 148.861209] Bluetooth: hci0: command tx timeout [ 148.922231] Bluetooth: hci3: command tx timeout [ 148.922826] Bluetooth: hci5: command tx timeout [ 148.986144] Bluetooth: hci4: command tx timeout [ 148.986731] Bluetooth: hci6: command tx timeout [ 148.987270] Bluetooth: hci7: command tx timeout [ 150.908497] Bluetooth: hci0: command tx timeout [ 150.910327] Bluetooth: hci1: command tx timeout [ 150.911693] Bluetooth: hci2: command tx timeout [ 150.970133] Bluetooth: hci5: command tx timeout [ 150.971585] Bluetooth: hci3: command tx timeout [ 151.034336] Bluetooth: hci7: command tx timeout [ 151.036140] Bluetooth: hci6: command tx timeout [ 151.036178] Bluetooth: hci4: command tx timeout [ 205.710488] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 205.712627] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 205.715237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 205.718476] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 205.721300] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 205.769807] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 205.777883] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 205.781482] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 205.786824] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 205.791214] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 205.804893] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 205.807508] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 205.812367] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 205.815786] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 205.819331] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 205.829423] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 205.833362] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 205.834926] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 205.842654] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 205.844678] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 205.855391] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 205.857216] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 205.858521] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 205.863293] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 205.874843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 205.902656] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 205.905695] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 205.918354] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 205.928666] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 205.938410] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 205.941144] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 205.962171] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 205.966461] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 205.987802] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 205.992091] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 205.996371] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 206.003554] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 206.007628] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 206.010703] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 206.012932] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 207.738296] Bluetooth: hci0: command tx timeout [ 207.866455] Bluetooth: hci1: command tx timeout [ 207.932199] Bluetooth: hci4: command tx timeout [ 207.995129] Bluetooth: hci2: command tx timeout [ 207.995161] Bluetooth: hci3: command tx timeout [ 208.058507] Bluetooth: hci6: command tx timeout [ 208.122655] Bluetooth: hci5: command tx timeout [ 208.123721] Bluetooth: hci7: command tx timeout [ 209.786168] Bluetooth: hci0: command tx timeout [ 209.914512] Bluetooth: hci1: command tx timeout [ 209.978625] Bluetooth: hci4: command tx timeout [ 210.042107] Bluetooth: hci3: command tx timeout [ 210.042170] Bluetooth: hci2: command tx timeout [ 210.106413] Bluetooth: hci6: command tx timeout [ 210.170283] Bluetooth: hci7: command tx timeout [ 210.170753] Bluetooth: hci5: command tx timeout [ 211.834123] Bluetooth: hci0: command tx timeout [ 211.963232] Bluetooth: hci1: command tx timeout [ 212.026443] Bluetooth: hci4: command tx timeout [ 212.090366] Bluetooth: hci2: command tx timeout [ 212.091432] Bluetooth: hci3: command tx timeout [ 212.154262] Bluetooth: hci6: command tx timeout [ 212.218385] Bluetooth: hci5: command tx timeout [ 212.218598] Bluetooth: hci7: command tx timeout [ 213.882400] Bluetooth: hci0: command tx timeout [ 214.010107] Bluetooth: hci1: command tx timeout [ 214.074327] Bluetooth: hci4: command tx timeout [ 214.138117] Bluetooth: hci3: command tx timeout [ 214.138143] Bluetooth: hci2: command tx timeout [ 214.203075] Bluetooth: hci6: command tx timeout [ 214.266881] Bluetooth: hci5: command tx timeout [ 214.267042] Bluetooth: hci7: command tx timeout [ 268.263236] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 268.264941] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 268.266256] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 268.269114] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 268.271201] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 268.306591] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 268.309459] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 268.315370] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 268.322501] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 268.324541] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 268.373957] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 268.377641] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 268.383631] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 268.388598] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 268.393139] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 268.420523] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 268.422688] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 268.426373] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 268.432270] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 268.434531] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 268.470287] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 268.473538] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 268.485647] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 268.500894] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 268.513892] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 268.644165] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 268.651932] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 268.684264] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 268.694695] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 268.715637] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 268.737358] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 268.745314] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 268.773453] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 268.798513] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 268.799726] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 268.819464] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 268.825388] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 268.826377] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 268.870221] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 268.876190] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 270.330118] Bluetooth: hci0: command tx timeout [ 270.394415] Bluetooth: hci1: command tx timeout [ 270.458369] Bluetooth: hci2: command tx timeout [ 270.522246] Bluetooth: hci4: command tx timeout [ 270.587293] Bluetooth: hci3: command tx timeout [ 270.872677] Bluetooth: hci6: command tx timeout [ 270.906145] Bluetooth: hci7: command tx timeout [ 271.034117] Bluetooth: hci5: command tx timeout [ 272.379054] Bluetooth: hci0: command tx timeout [ 272.442298] Bluetooth: hci1: command tx timeout [ 272.506838] Bluetooth: hci2: command tx timeout [ 272.570086] Bluetooth: hci4: command tx timeout [ 272.634808] Bluetooth: hci3: command tx timeout [ 272.890284] Bluetooth: hci6: command tx timeout [ 272.955100] Bluetooth: hci7: command tx timeout [ 273.082794] Bluetooth: hci5: command tx timeout [ 274.426284] Bluetooth: hci0: command tx timeout [ 274.490362] Bluetooth: hci1: command tx timeout [ 274.554509] Bluetooth: hci2: command tx timeout [ 274.619604] Bluetooth: hci4: command tx timeout [ 274.684340] Bluetooth: hci3: command tx timeout [ 274.940327] Bluetooth: hci6: command tx timeout [ 275.002151] Bluetooth: hci7: command tx timeout [ 275.130106] Bluetooth: hci5: command tx timeout [ 276.474260] Bluetooth: hci0: command tx timeout [ 276.538115] Bluetooth: hci1: command tx timeout [ 276.602313] Bluetooth: hci2: command tx timeout [ 276.666461] Bluetooth: hci4: command tx timeout [ 276.731215] Bluetooth: hci3: command tx timeout [ 276.986088] Bluetooth: hci6: command tx timeout [ 277.050218] Bluetooth: hci7: command tx timeout [ 277.178271] Bluetooth: hci5: command tx timeout [ 330.837266] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 330.843489] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 330.849443] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 330.856731] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 330.860838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 331.164604] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 331.168369] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 331.173976] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 331.178802] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 331.181649] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 331.277454] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 331.281787] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 331.287335] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 331.305994] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 331.309674] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 331.330934] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 331.340623] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 331.343903] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 331.349176] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 331.364956] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 331.374199] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 331.374704] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 331.376050] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 331.380187] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 331.380276] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 331.383015] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 331.384715] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 331.388348] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 331.393962] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 331.407818] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 331.410557] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 331.412306] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 331.414572] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 331.442698] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 331.447442] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 331.450715] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 331.451970] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 331.452920] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 331.569228] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 331.575517] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 332.923516] Bluetooth: hci0: command tx timeout [ 333.242126] Bluetooth: hci1: command tx timeout [ 333.370368] Bluetooth: hci2: command tx timeout [ 333.498320] Bluetooth: hci3: command tx timeout [ 333.564053] Bluetooth: hci6: command tx timeout [ 333.564098] Bluetooth: hci4: command tx timeout [ 333.564698] Bluetooth: hci5: command tx timeout [ 333.690113] Bluetooth: hci7: command tx timeout [ 334.971083] Bluetooth: hci0: command tx timeout [ 335.290181] Bluetooth: hci1: command tx timeout [ 335.421202] Bluetooth: hci2: command tx timeout [ 335.546110] Bluetooth: hci3: command tx timeout [ 335.610084] Bluetooth: hci5: command tx timeout [ 335.613063] Bluetooth: hci4: command tx timeout [ 335.613577] Bluetooth: hci6: command tx timeout [ 335.738083] Bluetooth: hci7: command tx timeout [ 337.019309] Bluetooth: hci0: command tx timeout [ 337.338589] Bluetooth: hci1: command tx timeout [ 337.467349] Bluetooth: hci2: command tx timeout [ 337.596065] Bluetooth: hci3: command tx timeout [ 337.660046] Bluetooth: hci6: command tx timeout [ 337.660552] Bluetooth: hci4: command tx timeout [ 337.661049] Bluetooth: hci5: command tx timeout [ 337.786265] Bluetooth: hci7: command tx timeout [ 339.067140] Bluetooth: hci0: command tx timeout [ 339.387506] Bluetooth: hci1: command tx timeout [ 339.517257] Bluetooth: hci2: command tx timeout [ 339.643164] Bluetooth: hci3: command tx timeout [ 339.707042] Bluetooth: hci5: command tx timeout [ 339.707526] Bluetooth: hci4: command tx timeout [ 339.707986] Bluetooth: hci6: command tx timeout [ 339.834302] Bluetooth: hci7: command tx timeout [ 393.682612] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 393.685593] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 393.696401] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 393.700755] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 393.708137] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 393.927590] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 393.931726] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 393.934329] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 393.940688] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 393.946662] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 394.080144] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 394.083986] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 394.092620] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 394.095229] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 394.111707] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 394.111775] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 394.116190] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 394.120953] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 394.134655] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 394.150252] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 394.152449] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 394.157640] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 394.176362] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 394.177058] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 394.183181] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 394.186910] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 394.200450] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 394.207365] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 394.237692] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 394.245622] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 394.251172] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 394.265319] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 394.269842] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 394.278231] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 394.279932] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 394.281790] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 394.285162] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 394.287069] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 394.317715] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 394.319726] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 395.773684] Bluetooth: hci0: command tx timeout [ 395.964424] Bluetooth: hci1: command tx timeout [ 396.282182] Bluetooth: hci5: command tx timeout [ 396.282874] Bluetooth: hci3: command tx timeout [ 396.283136] Bluetooth: hci2: command tx timeout [ 396.355698] Bluetooth: hci6: command tx timeout [ 396.355737] Bluetooth: hci7: command tx timeout [ 396.356434] Bluetooth: hci4: command tx timeout [ 397.818476] Bluetooth: hci0: command tx timeout [ 398.011096] Bluetooth: hci1: command tx timeout [ 398.330522] Bluetooth: hci3: command tx timeout [ 398.331267] Bluetooth: hci2: command tx timeout [ 398.331739] Bluetooth: hci5: command tx timeout [ 398.394434] Bluetooth: hci4: command tx timeout [ 398.396220] Bluetooth: hci7: command tx timeout [ 398.396583] Bluetooth: hci6: command tx timeout [ 399.868039] Bluetooth: hci0: command tx timeout [ 400.058403] Bluetooth: hci1: command tx timeout [ 400.378117] Bluetooth: hci5: command tx timeout [ 400.379619] Bluetooth: hci2: command tx timeout [ 400.380458] Bluetooth: hci3: command tx timeout [ 400.442084] Bluetooth: hci6: command tx timeout [ 400.442648] Bluetooth: hci7: command tx timeout [ 400.442719] Bluetooth: hci4: command tx timeout [ 401.915300] Bluetooth: hci0: command tx timeout [ 402.107424] Bluetooth: hci1: command tx timeout [ 402.428058] Bluetooth: hci2: command tx timeout [ 402.428343] Bluetooth: hci3: command tx timeout [ 402.428566] Bluetooth: hci5: command tx timeout [ 402.490132] Bluetooth: hci4: command tx timeout [ 402.491279] Bluetooth: hci6: command tx timeout [ 402.491622] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 14:48:02 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000001 RCX=477692e02590e7d2 RDX=0000000000000001 RSI=00000000dec6061c RDI=ffff88806ce31850 RBP=ffff888027f0f8f0 RSP=ffff888027f0f828 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffff888027f0f8f8 R13=ffff888027f0f8e0 R14=ffff888027f0f8d9 R15=ffff888027f0f898 RIP=ffffffff81353dbc RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e55f6000 00000000 00000000 LDT=0000 fffffe2300000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fc86fdad610 CR3=0000000023187000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00362e6f732e6362696c2f756e672d78 XMM02=ffff0000000000ffffffffffffffffff XMM03=ffffffffffffffffffffffffffffffff XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=00000000dead4ead RBX=ffff88800d8106f0 RCX=0000000000000000 RDX=0000000000000000 RSI=00000000f9d33c56 RDI=ffff88800d8106f4 RBP=1ffff110012e8f66 RSP=ffff888009747b28 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000202 R13=ffffea0000b3c180 R14=0000000000000000 R15=ffff88802cf06960 RIP=ffffffff8151f4c9 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e56f6000 00000000 00000000 LDT=0000 fffffe2300000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f55081b76f4 CR3=0000000024962000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f55081c647000007f55081c5f20 XMM02=00000000000000000000000000000000 XMM03=756e20796d6d756420736e6f6974706f XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=73253d656d616e6c6165722073253d73 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000