Bluetooth: hci3: command 0x0c1a tx timeout
Bluetooth: hci5: command 0x0c1a tx timeout
Bluetooth: hci4: command 0x0c1a tx timeout
Bluetooth: hci2: command 0x0c1a tx timeout
Bluetooth: hci1: command 0x0c1a tx timeout
BUG: Bad rss-counter state mm:000000000355b475 type:MM_ANONPAGES val:8 Comm:systemd-udevd Pid:3975
journal-offline (3980) used greatest stack depth: 23800 bytes left
BUG: Bad rss-counter state mm:00000000f75b784c type:MM_FILEPAGES val:-8 Comm:syz-fuzzer Pid:259
BUG: Bad rss-counter state mm:00000000f75b784c type:MM_ANONPAGES val:-34 Comm:syz-fuzzer Pid:259
kmemleak: Found object by alias at 0x607f1a639b44
CPU: 0 UID: 0 PID: 3987 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xca/0x120
 __lookup_object+0x94/0xb0
 delete_object_full+0x27/0x70
 free_percpu+0x30/0x1160
 futex_hash_free+0x38/0xc0
 mmput+0x2d3/0x390
 do_exit+0x79d/0x2970
 do_group_exit+0xd3/0x2a0
 get_signal+0x2315/0x2340
 arch_do_signal_or_restart+0x80/0x790
 exit_to_user_mode_loop+0x8b/0x110
 do_syscall_64+0x2f7/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff0ec326b19
Code: Unable to access opcode bytes at 0x7ff0ec326aef.
RSP: 002b:00007ff0e989c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: 0000000000000001 RBX: 00007ff0ec439f68 RCX: 00007ff0ec326b19
RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff0ec439f6c
RBP: 00007ff0ec439f60 R08: 000000000000000e R09: 0000000000000000
R10: 0000000000000009 R11: 0000000000000246 R12: 00007ff0ec439f6c
R13: 00007ffc1680915f R14: 00007ff0e989c300 R15: 0000000000022000
 </TASK>
kmemleak: Object (percpu) 0x607f1a639b40 (size 16):
kmemleak:   comm "syz-executor.3", pid 289, jiffies 4294804014
kmemleak:   min_count = 1
kmemleak:   count = 0
kmemleak:   flags = 0x21
kmemleak:   checksum = 0
kmemleak:   backtrace:
 pcpu_alloc_noprof+0x87a/0x1170
 mm_init+0x99b/0x1170
 copy_process+0x3ab7/0x73c0
 kernel_clone+0xea/0x7f0
 __do_sys_clone+0xce/0x120
 do_syscall_64+0xbf/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
kmemleak: Found object by alias at 0x607f1a639b44
CPU: 0 UID: 0 PID: 4007 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xca/0x120
 __lookup_object+0x94/0xb0
 delete_object_full+0x27/0x70
 free_percpu+0x30/0x1160
 futex_hash_free+0x38/0xc0
 mmput+0x2d3/0x390
 do_exit+0x79d/0x2970
 do_group_exit+0xd3/0x2a0
 get_signal+0x2315/0x2340
 arch_do_signal_or_restart+0x80/0x790
 exit_to_user_mode_loop+0x8b/0x110
 do_syscall_64+0x2f7/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff0ec326b19
Code: Unable to access opcode bytes at 0x7ff0ec326aef.
RSP: 002b:00007ff0e989c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007ff0ec439f68 RCX: 00007ff0ec326b19
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff0ec439f68
RBP: 00007ff0ec439f60 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff0ec439f6c
R13: 00007ffc1680915f R14: 00007ff0e989c300 R15: 0000000000022000
 </TASK>
kmemleak: Object (percpu) 0x607f1a639b40 (size 16):
kmemleak:   comm "syz-executor.3", pid 289, jiffies 4294804014
kmemleak:   min_count = 1
kmemleak:   count = 0
kmemleak:   flags = 0x21
kmemleak:   checksum = 0
kmemleak:   backtrace:
 pcpu_alloc_noprof+0x87a/0x1170
 mm_init+0x99b/0x1170
 copy_process+0x3ab7/0x73c0
 kernel_clone+0xea/0x7f0
 __do_sys_clone+0xce/0x120
 do_syscall_64+0xbf/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
kmemleak: Found object by alias at 0x607f1a639b44
CPU: 0 UID: 0 PID: 4013 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xca/0x120
 __lookup_object+0x94/0xb0
 delete_object_full+0x27/0x70
 free_percpu+0x30/0x1160
 futex_hash_free+0x38/0xc0
 mmput+0x2d3/0x390
 do_exit+0x79d/0x2970
 do_group_exit+0xd3/0x2a0
 get_signal+0x2315/0x2340
 arch_do_signal_or_restart+0x80/0x790
 exit_to_user_mode_loop+0x8b/0x110
 do_syscall_64+0x2f7/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff0ec326b19
Code: Unable to access opcode bytes at 0x7ff0ec326aef.
RSP: 002b:00007ff0e989c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: 0000000000000001 RBX: 00007ff0ec439f68 RCX: 00007ff0ec326b19
RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff0ec439f6c
RBP: 00007ff0ec439f60 R08: 000000000000000e R09: 0000000000000000
R10: 0000000000000008 R11: 0000000000000246 R12: 00007ff0ec439f6c
R13: 00007ffc1680915f R14: 00007ff0e989c300 R15: 0000000000022000
 </TASK>
kmemleak: Object (percpu) 0x607f1a639b40 (size 16):
kmemleak:   comm "syz-executor.3", pid 289, jiffies 4294804014
kmemleak:   min_count = 1
kmemleak:   count = 0
kmemleak:   flags = 0x21
kmemleak:   checksum = 0
kmemleak:   backtrace:
 pcpu_alloc_noprof+0x87a/0x1170
 mm_init+0x99b/0x1170
 copy_process+0x3ab7/0x73c0
 kernel_clone+0xea/0x7f0
 __do_sys_clone+0xce/0x120
 do_syscall_64+0xbf/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
Bluetooth: hci0: Opcode 0x0c1a failed: -4
Bluetooth: hci1: Opcode 0x0c1a failed: -4
Bluetooth: hci2: Opcode 0x0c1a failed: -4
Bluetooth: hci4: Opcode 0x0c1a failed: -4
Bluetooth: hci5: Opcode 0x0c1a failed: -4
Bluetooth: hci3: Opcode 0x0c1a failed: -4
Bluetooth: hci6: Opcode 0x0c1a failed: -4
Bluetooth: hci7: Opcode 0x0c1a failed: -4
kmemleak: Found object by alias at 0x607f1a639b48
CPU: 1 UID: 0 PID: 4010 Comm: syz-executor.7 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xca/0x120
 __lookup_object+0x94/0xb0
 delete_object_full+0x27/0x70
 free_percpu+0x30/0x1160
 futex_hash_free+0x38/0xc0
 mmput+0x2d3/0x390
 do_exit+0x79d/0x2970
 do_group_exit+0xd3/0x2a0
 get_signal+0x2315/0x2340
 arch_do_signal_or_restart+0x80/0x790
 exit_to_user_mode_loop+0x8b/0x110
 do_syscall_64+0x2f7/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f57512bab19
Code: Unable to access opcode bytes at 0x7f57512baaef.
RSP: 002b:00007f574e80f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007f57513ce028 RCX: 00007f57512bab19
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f57513ce028
RBP: 00007f57513ce020 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f57513ce02c
R13: 00007fff7881722f R14: 00007f574e80f300 R15: 0000000000022000
 </TASK>
kmemleak: Object (percpu) 0x607f1a639b40 (size 16):
kmemleak:   comm "syz-executor.3", pid 289, jiffies 4294804014
kmemleak:   min_count = 1
kmemleak:   count = 0
kmemleak:   flags = 0x21
kmemleak:   checksum = 0
kmemleak:   backtrace:
 pcpu_alloc_noprof+0x87a/0x1170
 mm_init+0x99b/0x1170
 copy_process+0x3ab7/0x73c0
 kernel_clone+0xea/0x7f0
 __do_sys_clone+0xce/0x120
 do_syscall_64+0xbf/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
kmemleak: Found object by alias at 0x607f1a639b4c
CPU: 0 UID: 0 PID: 3991 Comm: syz-executor.3 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xca/0x120
 __lookup_object+0x94/0xb0
 delete_object_full+0x27/0x70
 free_percpu+0x30/0x1160
 futex_hash_free+0x38/0xc0
 mmput+0x2d3/0x390
 do_exit+0x79d/0x2970
 do_group_exit+0xd3/0x2a0
 get_signal+0x2315/0x2340
 arch_do_signal_or_restart+0x80/0x790
 exit_to_user_mode_loop+0x8b/0x110
 do_syscall_64+0x2f7/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f0f97067b19
Code: Unable to access opcode bytes at 0x7f0f97067aef.
RSP: 002b:00007f0f945dd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007f0f9717af68 RCX: 00007f0f97067b19
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0f9717af68
RBP: 00007f0f9717af60 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0f9717af6c
R13: 00007ffc4a71ed8f R14: 00007f0f945dd300 R15: 0000000000022000
 </TASK>
kmemleak: Object (percpu) 0x607f1a639b40 (size 16):
kmemleak:   comm "syz-executor.3", pid 289, jiffies 4294804014
kmemleak:   min_count = 1
kmemleak:   count = 0
kmemleak:   flags = 0x21
kmemleak:   checksum = 0
kmemleak:   backtrace:
 pcpu_alloc_noprof+0x87a/0x1170
 mm_init+0x99b/0x1170
 copy_process+0x3ab7/0x73c0
 kernel_clone+0xea/0x7f0
 __do_sys_clone+0xce/0x120
 do_syscall_64+0xbf/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
Bluetooth: hci0: command 0x0c1a tx timeout
Bluetooth: hci3: command 0x0c1a tx timeout
Bluetooth: hci5: command 0x0c1a tx timeout
Bluetooth: hci4: command 0x0c1a tx timeout
Bluetooth: hci2: command 0x0c1a tx timeout
Bluetooth: hci1: command 0x0c1a tx timeout
Bluetooth: hci7: command 0x0c1a tx timeout
Bluetooth: hci6: command 0x0c1a tx timeout