[  333.614095][ T4348] Bluetooth: hci3: command 0x0406 tx timeout
[  335.792506][ T1195] ieee802154 phy0 wpan0: encryption failed: -22
[  335.799219][ T1195] ieee802154 phy1 wpan1: encryption failed: -22
[  397.225881][ T1195] ieee802154 phy0 wpan0: encryption failed: -22
[  397.233207][ T1195] ieee802154 phy1 wpan1: encryption failed: -22
[  458.693596][ T1195] ieee802154 phy0 wpan0: encryption failed: -22
[  458.700223][ T1195] ieee802154 phy1 wpan1: encryption failed: -22
[  520.106344][ T1195] ieee802154 phy0 wpan0: encryption failed: -22
[  520.113037][ T1195] ieee802154 phy1 wpan1: encryption failed: -22
[  561.884150][ T3992] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  562.775832][ T3992] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  562.894140][ T3992] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  562.999460][ T3992] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.336183][ T3992] hsr_slave_0: left promiscuous mode
[  564.345811][ T3992] hsr_slave_1: left promiscuous mode
[  564.366185][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  564.374652][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  564.396457][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  564.404387][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  564.415955][ T3992] bridge_slave_1: left allmulticast mode
[  564.421796][ T3992] bridge_slave_1: left promiscuous mode
[  564.428497][ T3992] bridge0: port 2(bridge_slave_1) entered disabled state
[  564.458084][ T3992] bridge_slave_0: left allmulticast mode
[  564.464214][ T3992] bridge_slave_0: left promiscuous mode
[  564.470663][ T3992] bridge0: port 1(bridge_slave_0) entered disabled state
[  564.500581][ T3992] veth1_macvtap: left promiscuous mode
[  564.506496][ T3992] veth0_macvtap: left promiscuous mode
[  564.512738][ T3992] veth1_vlan: left promiscuous mode
[  564.519049][ T3992] veth0_vlan: left promiscuous mode
[  565.672508][ T3992] team0 (unregistering): Port device team_slave_1 removed
[  565.743110][ T3992] team0 (unregistering): Port device team_slave_0 removed
[  565.789168][ T3992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  565.847427][ T3992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  566.199969][ T3992] bond0 (unregistering): Released all slaves
[  568.003180][ T3992] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.168744][ T3992] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
Warning: Permanently added '10.128.1.178' (ECDSA) to the list of known hosts.
[  568.317436][ T3992] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.419850][ T3992] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.783925][ T3992] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.917094][ T3992] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.034941][ T3992] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.203694][ T3992] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.489185][ T3992] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.563904][ T3992] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.729168][ T3992] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.884239][ T3992] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.289624][ T3992] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.416431][ T3992] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.575722][ T3992] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.725805][ T3992] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.333416][ T5329] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  571.341076][ T5329] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  571.353955][ T5329] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  571.366619][T17944] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  571.375637][T17944] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  571.387282][T17944] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  571.395413][T17944] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  571.403725][T17944] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  571.414060][T17946] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  571.422029][T17946] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  571.429848][T17946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  571.438748][T17946] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  571.446754][T17946] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  571.463915][T17946] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  571.476165][T17946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  571.484279][T17946] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  571.496040][T17946] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  571.505704][T17946] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  571.506484][T17948] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  571.515521][T17946] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  571.521774][T17948] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  571.527985][T17946] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  571.540390][T17948] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  571.542699][T17946] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  571.550968][T17948] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  571.561717][T17946] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  571.571056][T17948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  571.576519][ T5331] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  571.581430][T17948] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  571.594578][T17948] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  571.602649][T17948] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  571.613883][T17946] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  571.621960][T17946] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  571.639772][   T45] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  571.662632][ T4348] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  571.694223][   T45] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  573.692092][   T45] Bluetooth: hci4: command 0x0409 tx timeout
[  573.692944][ T5325] Bluetooth: hci1: command 0x0409 tx timeout
[  573.698229][   T45] Bluetooth: hci2: command 0x0409 tx timeout
[  573.772197][   T45] Bluetooth: hci3: command 0x0409 tx timeout
[  573.879292][   T45] Bluetooth: hci5: command 0x0409 tx timeout
[  573.886360][T17944] Bluetooth: hci0: command 0x0409 tx timeout
[  575.772238][   T45] Bluetooth: hci2: command 0x041b tx timeout
[  575.778592][T17944] Bluetooth: hci1: command 0x041b tx timeout
[  575.786431][T17944] Bluetooth: hci4: command 0x041b tx timeout
[  575.853035][T17944] Bluetooth: hci3: command 0x041b tx timeout
[  575.942831][T17944] Bluetooth: hci5: command 0x041b tx timeout
[  575.949089][T17944] Bluetooth: hci0: command 0x041b tx timeout
[  577.853039][ T4348] Bluetooth: hci4: command 0x040f tx timeout
[  577.859279][ T4348] Bluetooth: hci2: command 0x040f tx timeout
[  577.865749][T17944] Bluetooth: hci1: command 0x040f tx timeout
[  577.892084][    C1] hrtimer: interrupt took 277375 ns
[  577.933059][ T4348] Bluetooth: hci3: command 0x040f tx timeout
[  578.012539][T17944] Bluetooth: hci0: command 0x040f tx timeout
[  578.018952][ T4348] Bluetooth: hci5: command 0x040f tx timeout
[  579.933226][ T4348] Bluetooth: hci2: command 0x0419 tx timeout
[  579.939453][ T4348] Bluetooth: hci1: command 0x0419 tx timeout
[  579.946060][T17944] Bluetooth: hci4: command 0x0419 tx timeout
[  580.012475][T17944] Bluetooth: hci3: command 0x0419 tx timeout
[  580.093005][T17944] Bluetooth: hci5: command 0x0419 tx timeout
[  580.093399][ T4348] Bluetooth: hci0: command 0x0419 tx timeout
[  581.551508][ T1195] ieee802154 phy0 wpan0: encryption failed: -22
[  581.558187][ T1195] ieee802154 phy1 wpan1: encryption failed: -22
[  583.776252][ T3992] hsr_slave_0: left promiscuous mode
[  583.863693][ T3992] hsr_slave_1: left promiscuous mode
[  583.968841][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  583.977171][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  584.154287][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  584.162876][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  584.227246][ T3992] bridge_slave_1: left allmulticast mode
[  584.233808][ T3992] bridge_slave_1: left promiscuous mode
[  584.240270][ T3992] bridge0: port 2(bridge_slave_1) entered disabled state
[  584.323965][ T3992] bridge_slave_0: left allmulticast mode
[  584.329834][ T3992] bridge_slave_0: left promiscuous mode
[  584.337920][ T3992] bridge0: port 1(bridge_slave_0) entered disabled state
[  584.845149][ T3992] hsr_slave_0: left promiscuous mode
[  584.947489][ T3992] hsr_slave_1: left promiscuous mode
[  585.064781][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  585.072618][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  585.273925][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  585.281615][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  585.504202][ T3992] bridge_slave_1: left allmulticast mode
[  585.510074][ T3992] bridge_slave_1: left promiscuous mode
[  585.516753][ T3992] bridge0: port 2(bridge_slave_1) entered disabled state
[  585.858107][ T3992] bridge_slave_0: left allmulticast mode
[  585.864067][ T3992] bridge_slave_0: left promiscuous mode
[  585.870483][ T3992] bridge0: port 1(bridge_slave_0) entered disabled state
[  586.345711][ T3992] hsr_slave_0: left promiscuous mode
[  586.414687][ T3992] hsr_slave_1: left promiscuous mode
[  586.529034][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  586.537030][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  586.772760][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  586.780441][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  586.971808][ T3992] bridge_slave_1: left allmulticast mode
[  586.978775][ T3992] bridge_slave_1: left promiscuous mode
[  586.985337][ T3992] bridge0: port 2(bridge_slave_1) entered disabled state
[  587.133105][ T3992] bridge_slave_0: left allmulticast mode
[  587.139037][ T3992] bridge_slave_0: left promiscuous mode
[  587.145581][ T3992] bridge0: port 1(bridge_slave_0) entered disabled state
[  587.316954][ T3992] hsr_slave_0: left promiscuous mode
[  587.353079][ T3992] hsr_slave_1: left promiscuous mode
[  587.380147][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  587.388576][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  587.490572][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  587.499164][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  587.510093][ T3992] bridge_slave_1: left allmulticast mode
[  587.516147][ T3992] bridge_slave_1: left promiscuous mode
[  587.522727][ T3992] bridge0: port 2(bridge_slave_1) entered disabled state
[  587.552430][ T3992] bridge_slave_0: left allmulticast mode
[  587.558278][ T3992] bridge_slave_0: left promiscuous mode
[  587.564829][ T3992] bridge0: port 1(bridge_slave_0) entered disabled state
[  587.614651][ T3992] hsr_slave_0: left promiscuous mode
[  587.635654][ T3992] hsr_slave_1: left promiscuous mode
[  587.674024][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  587.681711][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  587.817751][ T3992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  587.825505][ T3992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  588.085236][ T3992] bridge_slave_1: left allmulticast mode
[  588.091112][ T3992] bridge_slave_1: left promiscuous mode
[  588.098231][ T3992] bridge0: port 2(bridge_slave_1) entered disabled state
[  588.461554][ T3992] bridge_slave_0: left allmulticast mode
[  588.467942][ T3992] bridge_slave_0: left promiscuous mode
[  588.474503][ T3992] bridge0: port 1(bridge_slave_0) entered disabled state
[  589.261246][ T3992] veth1_macvtap: left promiscuous mode
[  589.267305][ T3992] veth0_macvtap: left promiscuous mode
[  589.274028][ T3992] veth1_vlan: left promiscuous mode
[  589.279719][ T3992] veth0_vlan: left promiscuous mode
[  589.578751][ T3992] veth1_macvtap: left promiscuous mode
[  589.584753][ T3992] veth0_macvtap: left promiscuous mode
[  589.590658][ T3992] veth1_vlan: left promiscuous mode
[  589.596738][ T3992] veth0_vlan: left promiscuous mode
[  589.853924][ T3992] veth1_macvtap: left promiscuous mode
[  589.859793][ T3992] veth0_macvtap: left promiscuous mode
[  589.865782][ T3992] veth1_vlan: left promiscuous mode
[  589.871298][ T3992] veth0_vlan: left promiscuous mode
[  590.090936][ T3992] veth1_macvtap: left promiscuous mode
[  590.097459][ T3992] veth0_macvtap: left promiscuous mode
[  590.103455][ T3992] veth1_vlan: left promiscuous mode
[  590.108976][ T3992] veth0_vlan: left promiscuous mode
[  590.294160][ T3992] veth1_macvtap: left promiscuous mode
[  590.299897][ T3992] veth0_macvtap: left promiscuous mode
[  590.305934][ T3992] veth1_vlan: left promiscuous mode
[  590.311443][ T3992] veth0_vlan: left promiscuous mode
[  606.616710][ T3992] team0 (unregistering): Port device team_slave_1 removed
[  606.705876][ T3992] team0 (unregistering): Port device team_slave_0 removed
[  607.040679][ T3992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  607.426051][ T3992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  608.729766][ T3992] bond0 (unregistering): Released all slaves
[  611.835548][ T3992] team0 (unregistering): Port device team_slave_1 removed
[  612.171171][ T3992] team0 (unregistering): Port device team_slave_0 removed
[  612.363336][ T3992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  612.662707][ T3992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  614.602732][ T3992] bond0 (unregistering): Released all slaves
[  617.566723][ T3992] team0 (unregistering): Port device team_slave_1 removed
[  617.608479][ T3992] team0 (unregistering): Port device team_slave_0 removed
[  617.784169][ T3992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  617.959594][ T3992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  619.787341][ T3992] bond0 (unregistering): Released all slaves
[  623.405858][ T3992] team0 (unregistering): Port device team_slave_1 removed
[  623.739137][ T3992] team0 (unregistering): Port device team_slave_0 removed
[  624.118157][ T3992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  624.535742][ T3992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  626.514103][ T3992] bond0 (unregistering): Released all slaves
[  629.215740][ T3992] team0 (unregistering): Port device team_slave_1 removed
[  629.425419][ T3992] team0 (unregistering): Port device team_slave_0 removed
[  629.765157][ T3992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  630.145835][ T3992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  631.450301][ T3992] bond0 (unregistering): Released all slaves
[  642.991880][ T1195] ieee802154 phy0 wpan0: encryption failed: -22
[  642.998527][ T1195] ieee802154 phy1 wpan1: encryption failed: -22
[  694.175195][ T4348] ------------[ cut here ]------------
[  694.180861][ T4348] WARNING: CPU: 0 PID: 4348 at net/bluetooth/hci_conn.c:670 hci_conn_timeout+0xac/0x3c0
[  694.191012][ T4348] Modules linked in:
[  694.195180][ T4348] CPU: 0 PID: 4348 Comm: kworker/u5:1 Tainted: G        W          6.4.0-rc1-syzkaller-00004-g46e8b6e7cfeb #0
[  694.205073][T17944] ------------[ cut here ]------------
[  694.207100][ T4348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[  694.212607][T17944] WARNING: CPU: 1 PID: 17944 at net/bluetooth/hci_conn.c:670 hci_conn_timeout+0xac/0x3c0
[  694.223028][ T4348] Workqueue: hci5 hci_conn_timeout
[  694.223160][ T4348] RIP: 0010:hci_conn_timeout+0xac/0x3c0
[  694.233060][T17944] Modules linked in:
[  694.238142][ T4348] Code: 74 07 f7 d3 44 21 e3 74 25 45 85 e4 74 2d e8 fb ae a1 f4 e9 f7 02 00 00 44 89 ff e8 0e d2 26 f5 45 85 e4 79 bc e8 e4 ae a1 f4 <0f> 0b eb 12 44 89 ff e8 f8 d1 26 f5 45 85 e4 75 d3 e8 ce ae a1 f4
[  694.243810][T17944] 
[  694.247687][ T4348] RSP: 0018:ffff88810f9dfc70 EFLAGS: 00010293
[  694.267556][T17944] CPU: 1 PID: 17944 Comm: kworker/u5:2 Tainted: G        W          6.4.0-rc1-syzkaller-00004-g46e8b6e7cfeb #0
[  694.269851][ T4348] 
[  694.269878][ T4348] RAX: ffffffff8d07374c RBX: 0000000000000000 RCX: ffff888120eaa080
[  694.276014][T17944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[  694.287786][ T4348] RDX: 0000000000000000 RSI: 00000000fffffa4e RDI: 0000000000000000
[  694.287862][ T4348] RBP: ffff88810f9dfcb0 R08: ffffffff8d0736fa R09: 0000000000000001
[  694.290208][T17944] Workqueue: hci3 hci_conn_timeout
[  694.298243][ T4348] R10: 0000000000000000 R11: 0000000000000100 R12: 00000000fffffa4e
[  694.298316][ T4348] R13: ffff888120eaabb0 R14: ffff88811dfff230 R15: 0000000000000000
[  694.308509][T17944] 
[  694.316737][ T4348] FS:  0000000000000000(0000) GS:ffff88813fc00000(0000) knlGS:0000000000000000
[  694.316838][ T4348] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  694.324903][T17944] RIP: 0010:hci_conn_timeout+0xac/0x3c0
[  694.330015][ T4348] CR2: 00007fcba778f578 CR3: 000000010f874000 CR4: 00000000003506f0
[  694.338119][T17944] Code: 74 07 f7 d3 44 21 e3 74 25 45 85 e4 74 2d e8 fb ae a1 f4 e9 f7 02 00 00 44 89 ff e8 0e d2 26 f5 45 85 e4 79 bc e8 e4 ae a1 f4 <0f> 0b eb 12 44 89 ff e8 f8 d1 26 f5 45 85 e4 75 d3 e8 ce ae a1 f4
[  694.346132][ T4348] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  694.346211][ T4348] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  694.348700][T17944] RSP: 0018:ffff88811f453c70 EFLAGS: 00010293
[  694.357720][ T4348] Call Trace:
[  694.357754][ T4348]  <TASK>
[  694.357793][ T4348]  ? cis_cleanup+0x410/0x410
[  694.364482][T17944] 
[  694.364509][T17944] RAX: ffffffff8d07374c RBX: 0000000000000000 RCX: ffff88811dfc4100
[  694.370029][ T4348]  ? cis_cleanup+0x410/0x410
[  694.378117][T17944] RDX: 0000000000000000 RSI: 00000000fffff9fd RDI: 0000000000000000
[  694.398127][ T4348]  process_one_work+0xb0d/0x1410
[  694.406242][T17944] RBP: ffff88811f453cb0 R08: ffffffff8d0736fa R09: 0000000000000001
[  694.414304][ T4348]  worker_thread+0x107e/0x1d60
[  694.420445][T17944] R10: 0000000000000000 R11: 0000000000000100 R12: 00000000fffff9fd
[  694.423842][ T4348]  kthread+0x3e8/0x540
[  694.426817][T17944] R13: ffff88811dfc4c30 R14: ffff88811e817230 R15: 0000000000000000
[  694.431432][ T4348]  ? pr_cont_work+0xce0/0xce0
[  694.433882][T17944] FS:  0000000000000000(0000) GS:ffff88813fd00000(0000) knlGS:0000000000000000
[  694.441901][ T4348]  ? kthread_blkcg+0x120/0x120
[  694.446529][T17944] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  694.454586][ T4348]  ret_from_fork+0x1f/0x30
[  694.459614][T17944] CR2: 00007fcba7790063 CR3: 000000010f975000 CR4: 00000000003506e0
[  694.467778][ T4348]  </TASK>
[  694.467818][ T4348] ---[ end trace 0000000000000000 ]---
[  694.472694][T17944] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  694.488681][ T5325] ------------[ cut here ]------------
[  694.493642][T17944] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  694.497646][ T5325] WARNING: CPU: 0 PID: 5325 at net/bluetooth/hci_conn.c:670 hci_conn_timeout+0xac/0x3c0
[  694.506685][T17944] Call Trace:
[  694.511448][ T5325] Modules linked in:
[  694.511508][ T5325] CPU: 0 PID: 5325 Comm: kworker/u5:3 Tainted: G        W          6.4.0-rc1-syzkaller-00004-g46e8b6e7cfeb #0
[  694.518227][T17944]  <TASK>
[  694.522785][ T5325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[  694.522867][ T5325] Workqueue: hci0 hci_conn_timeout
[  694.530793][T17944]  ? cis_cleanup+0x410/0x410
[  694.533894][ T5325] 
[  694.533923][ T5325] RIP: 0010:hci_conn_timeout+0xac/0x3c0
[  694.539407][T17944]  ? cis_cleanup+0x410/0x410
[  694.547465][ T5325] Code: 74 07 f7 d3 44 21 e3 74 25 45 85 e4 74 2d e8 fb ae a1 f4 e9 f7 02 00 00 44 89 ff e8 0e d2 26 f5 45 85 e4 79 bc e8 e4 ae a1 f4 <0f> 0b eb 12 44 89 ff e8 f8 d1 26 f5 45 85 e4 75 d3 e8 ce ae a1 f4
[  694.553016][T17944]  process_one_work+0xb0d/0x1410
[  694.561016][ T5325] RSP: 0018:ffff888119793c70 EFLAGS: 00010293
[  694.570857][T17944]  worker_thread+0x107e/0x1d60
[  694.574221][ T5325] 
[  694.574250][ T5325] RAX: ffffffff8d07374c RBX: 0000000000000000 RCX: ffff88811ade0000
[  694.578166][T17944]  kthread+0x3e8/0x540
[  694.589850][ T5325] RDX: 0000000000000000 RSI: 00000000fffffa1a RDI: 0000000000000000
[  694.592901][T17944]  ? pr_cont_work+0xce0/0xce0
[  694.603028][ T5325] RBP: ffff888119793cb0 R08: ffffffff8d0736fa R09: 0000000000000000
[  694.608189][T17944]  ? kthread_blkcg+0x120/0x120
[  694.612876][ T5325] R10: ffff88810313a118 R11: 0000000000000100 R12: 00000000fffffa1a
[  694.615260][T17944]  ret_from_fork+0x1f/0x30
[  694.620820][ T5325] R13: ffff88811ade0b30 R14: ffff888015d53a30 R15: 0000000000000000
[  694.625522][T17944]  </TASK>
[  694.645184][ T5325] FS:  0000000000000000(0000) GS:ffff88813fc00000(0000) knlGS:0000000000000000
[  694.650163][T17944] ---[ end trace 0000000000000000 ]---
[  694.652802][   T45] ------------[ cut here ]------------
[  694.656317][ T5325] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  694.661043][   T45] WARNING: CPU: 1 PID: 45 at net/bluetooth/hci_conn.c:670 hci_conn_timeout+0xac/0x3c0
[  694.663444][ T5325] CR2: 00007fcba778f578 CR3: 000000010f874000 CR4: 00000000003506f0
[  694.663530][ T5325] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  694.671473][   T45] Modules linked in:
[  694.671532][   T45] CPU: 1 PID: 45 Comm: kworker/u5:0 Tainted: G        W          6.4.0-rc1-syzkaller-00004-g46e8b6e7cfeb #0
[  694.675617][ T5325] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  694.675693][ T5325] Call Trace:
[  694.683726][   T45] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[  694.688402][ T5325]  <TASK>
[  694.688445][ T5325]  ? cis_cleanup+0x410/0x410
[  694.696495][   T45] Workqueue: hci2 hci_conn_timeout
[  694.701243][ T5325]  ? cis_cleanup+0x410/0x410
[  694.709324][   T45] 
[  694.709353][   T45] RIP: 0010:hci_conn_timeout+0xac/0x3c0
[  694.713794][ T5325]  process_one_work+0xb0d/0x1410
[  694.721890][   T45] Code: 74 07 f7 d3 44 21 e3 74 25 45 85 e4 74 2d e8 fb ae a1 f4 e9 f7 02 00 00 44 89 ff e8 0e d2 26 f5 45 85 e4 79 bc e8 e4 ae a1 f4 <0f> 0b eb 12 44 89 ff e8 f8 d1 26 f5 45 85 e4 75 d3 e8 ce ae a1 f4
[  694.724949][ T5325]  worker_thread+0x107e/0x1d60
[  694.733951][   T45] RSP: 0018:ffff888103937c70 EFLAGS: 00010293
[  694.739445][ T5325]  kthread+0x3e8/0x540
[  694.744967][   T45] 
[  694.744995][   T45] RAX: ffffffff8d07374c RBX: 0000000000000000 RCX: ffff88810393a080
[  694.751568][ T5325]  ? pr_cont_work+0xce0/0xce0
[  694.761200][   T45] RDX: 0000000000000000 RSI: 00000000fffffa0b RDI: 0000000000000000
[  694.769257][ T5325]  ? kthread_blkcg+0x120/0x120
[  694.777340][   T45] RBP: ffff888103937cb0 R08: ffffffff8d0736fa R09: 0000000000000000
[  694.781239][ T5325]  ret_from_fork+0x1f/0x30
[  694.792779][   T45] R10: ffff88811d7ba118 R11: 0000000000000100 R12: 00000000fffffa0b
[  694.800874][ T5325]  </TASK>
[  694.804257][   T45] R13: ffff88810393abb0 R14: ffff88811e80a230 R15: 0000000000000000
[  694.814379][ T5325] ---[ end trace 0000000000000000 ]---
[  694.816914][ T5329] ------------[ cut here ]------------
[  694.817439][   T45] FS:  0000000000000000(0000) GS:ffff88813fd00000(0000) knlGS:0000000000000000
[  694.822125][ T5329] WARNING: CPU: 0 PID: 5329 at net/bluetooth/hci_conn.c:670 hci_conn_timeout+0xac/0x3c0
[  694.827301][   T45] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  694.831981][ T5329] Modules linked in:
[  694.832041][ T5329] CPU: 0 PID: 5329 Comm: kworker/u5:4 Tainted: G        W          6.4.0-rc1-syzkaller-00004-g46e8b6e7cfeb #0
[  694.834349][   T45] CR2: 00007fcba7790063 CR3: 000000010f975000 CR4: 00000000003506e0
[  694.839917][ T5329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[  694.844951][   T45] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  694.864648][ T5329] Workqueue: hci4 hci_conn_timeout
[  694.869433][   T45] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  694.875574][ T5329] 
[  694.875603][ T5329] RIP: 0010:hci_conn_timeout+0xac/0x3c0
[  694.879687][   T45] Call Trace:
[  694.879722][   T45]  <TASK>
[  694.882104][ T5329] Code: 74 07 f7 d3 44 21 e3 74 25 45 85 e4 74 2d e8 fb ae a1 f4 e9 f7 02 00 00 44 89 ff e8 0e d2 26 f5 45 85 e4 79 bc e8 e4 ae a1 f4 <0f> 0b eb 12 44 89 ff e8 f8 d1 26 f5 45 85 e4 75 d3 e8 ce ae a1 f4
[  694.890464][   T45]  ? cis_cleanup+0x410/0x410
[  694.895225][ T5329] RSP: 0018:ffff88811e88fc70 EFLAGS: 00010293
[  694.903312][   T45]  ? cis_cleanup+0x410/0x410
[  694.908156][ T5329] 
[  694.908190][ T5329] RAX: ffffffff8d07374c RBX: 0000000000000000 RCX: ffff88811dfba080
[  694.916246][   T45]  process_one_work+0xb0d/0x1410
[  694.920748][ T5329] RDX: 0000000000000000 RSI: 00000000fffffa5d RDI: 0000000000000000
[  694.928933][   T45]  worker_thread+0x107e/0x1d60
[  694.931987][ T5329] RBP: ffff88811e88fcb0 R08: ffffffff8d0736fa R09: 0000000000000000
[  694.940101][   T45]  kthread+0x3e8/0x540
[  694.945606][ T5329] R10: ffff888109e48098 R11: 0000000000000100 R12: 00000000fffffa5d
[  694.951207][   T45]  ? pr_cont_work+0xce0/0xce0
[  694.960297][ T5329] R13: ffff88811dfbabb0 R14: ffff888015d51230 R15: 0000000000000000
[  694.970398][   T45]  ? kthread_blkcg+0x120/0x120
[  694.977120][ T5329] FS:  0000000000000000(0000) GS:ffff88813fc00000(0000) knlGS:0000000000000000
[  694.981092][   T45]  ret_from_fork+0x1f/0x30
[  694.992887][ T5329] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  695.000924][   T45]  </TASK>
[  695.000963][   T45] ---[ end trace 0000000000000000 ]---
[  695.011075][ T5329] CR2: 00007fcba778f578 CR3: 000000010f874000 CR4: 00000000003506f0
[  695.022207][T17949] ------------[ cut here ]------------
[  695.024368][ T5329] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  695.032439][T17949] WARNING: CPU: 1 PID: 17949 at net/bluetooth/hci_conn.c:670 hci_conn_timeout+0xac/0x3c0
[  695.034746][ T5329] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  695.040334][T17949] Modules linked in:
[  695.043729][ T5329] Call Trace:
[  695.043765][ T5329]  <TASK>
[  695.046710][T17949] CPU: 1 PID: 17949 Comm: kworker/u5:8 Tainted: G        W          6.4.0-rc1-syzkaller-00004-g46e8b6e7cfeb #0
[  695.066586][ T5329]  ? cis_cleanup+0x410/0x410
[  695.071240][T17949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[  695.077389][ T5329]  ? cis_cleanup+0x410/0x410
[  695.082171][T17949] Workqueue: hci1 hci_conn_timeout
[  695.084470][ T5329]  process_one_work+0xb0d/0x1410
[  695.092629][T17949] 
[  695.092659][T17949] RIP: 0010:hci_conn_timeout+0xac/0x3c0
[  695.097607][ T5329]  worker_thread+0x107e/0x1d60
[  695.105678][T17949] Code: 74 07 f7 d3 44 21 e3 74 25 45 85 e4 74 2d e8 fb ae a1 f4 e9 f7 02 00 00 44 89 ff e8 0e d2 26 f5 45 85 e4 79 bc e8 e4 ae a1 f4 <0f> 0b eb 12 44 89 ff e8 f8 d1 26 f5 45 85 e4 75 d3 e8 ce ae a1 f4
[  695.110448][ T5329]  kthread+0x3e8/0x540
[  695.118498][T17949] RSP: 0018:ffff8881368bfc70 EFLAGS: 00010293
[  695.122807][ T5329]  ? pr_cont_work+0xce0/0xce0
[  695.130835][T17949] 
[  695.130863][T17949] RAX: ffffffff8d07374c RBX: 0000000000000000 RCX: ffff88810a648000
[  695.135626][ T5329]  ? kthread_blkcg+0x120/0x120
[  695.135770][ T5329]  ret_from_fork+0x1f/0x30
[  695.144054][T17949] RDX: 0000000000000000 RSI: 00000000fffffa31 RDI: 0000000000000000
[  695.148813][ T5329]  </TASK>
[  695.148852][ T5329] ---[ end trace 0000000000000000 ]---
[  695.157930][T17949] RBP: ffff8881368bfcb0 R08: ffffffff8d0736fa R09: 0000000000000000
[  695.374407][T17949] R10: ffff88810312d000 R11: 0000000000000100 R12: 00000000fffffa31
[  695.382700][T17949] R13: ffff88810a648b30 R14: ffff88811e80ba30 R15: 0000000000000000
[  695.390921][T17949] FS:  0000000000000000(0000) GS:ffff88813fd00000(0000) knlGS:0000000000000000
[  695.400185][T17949] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  695.407112][T17949] CR2: 00007fcba7790063 CR3: 000000000fa70000 CR4: 00000000003506e0
[  695.415384][T17949] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  695.423658][T17949] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  695.431947][T17949] Call Trace:
[  695.435392][T17949]  <TASK>
[  695.438476][T17949]  ? cis_cleanup+0x410/0x410
[  695.443420][T17949]  ? cis_cleanup+0x410/0x410
[  695.448258][T17949]  process_one_work+0xb0d/0x1410
[  695.453638][T17949]  worker_thread+0x107e/0x1d60
[  695.458635][T17949]  ? kmsan_get_shadow_origin_ptr+0x4d/0xa0
[  695.464826][T17949]  ? __kthread_parkme+0x150/0x1e0
[  695.470128][T17949]  kthread+0x3e8/0x540
[  695.474551][T17949]  ? pr_cont_work+0xce0/0xce0
[  695.479466][T17949]  ? kthread_blkcg+0x120/0x120
[  695.484596][T17949]  ret_from_fork+0x1f/0x30
[  695.489276][T17949]  </TASK>
[  695.492539][T17949] ---[ end trace 0000000000000000 ]---
[  697.212620][   T45] Bluetooth: hci4: command 0x0406 tx timeout
[  697.218851][   T45] Bluetooth: hci0: command 0x0406 tx timeout
[  697.225758][T17949] Bluetooth: hci5: command 0x0406 tx timeout
[  697.292245][   T45] Bluetooth: hci3: command 0x0406 tx timeout
[  697.373087][   T45] Bluetooth: hci2: command 0x0406 tx timeout
[  697.532524][   T45] Bluetooth: hci1: command 0x0406 tx timeout
[  704.439707][ T1195] ieee802154 phy0 wpan0: encryption failed: -22
[  704.447273][ T1195] ieee802154 phy1 wpan1: encryption failed: -22