Warning: Permanently added '[localhost]:16834' (ECDSA) to the list of known hosts. 2025/01/18 06:58:22 fuzzer started 2025/01/18 06:58:22 dialing manager at localhost:44245 syzkaller login: [ 70.567657] cgroup: Unknown subsys name 'net' [ 70.681247] cgroup: Unknown subsys name 'cpuset' [ 70.715610] cgroup: Unknown subsys name 'rlimit' [ 78.500168] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 89.888018] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 06:58:42 syscalls: 2217 2025/01/18 06:58:42 code coverage: enabled 2025/01/18 06:58:42 comparison tracing: enabled 2025/01/18 06:58:42 extra coverage: enabled 2025/01/18 06:58:42 setuid sandbox: enabled 2025/01/18 06:58:42 namespace sandbox: enabled 2025/01/18 06:58:42 Android sandbox: enabled 2025/01/18 06:58:42 fault injection: enabled 2025/01/18 06:58:42 leak checking: enabled 2025/01/18 06:58:42 net packet injection: enabled 2025/01/18 06:58:42 net device setup: enabled 2025/01/18 06:58:42 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 06:58:42 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 06:58:42 USB emulation: enabled 2025/01/18 06:58:42 hci packet injection: enabled 2025/01/18 06:58:42 wifi device emulation: enabled 2025/01/18 06:58:42 802.15.4 emulation: enabled 2025/01/18 06:58:42 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 06:58:42 fetching corpus: 50, signal 27766/30348 (executing program) 2025/01/18 06:58:43 fetching corpus: 100, signal 40227/43166 (executing program) 2025/01/18 06:58:43 fetching corpus: 150, signal 47943/51112 (executing program) 2025/01/18 06:58:43 fetching corpus: 200, signal 52424/55852 (executing program) 2025/01/18 06:58:43 fetching corpus: 250, signal 56398/59898 (executing program) 2025/01/18 06:58:43 fetching corpus: 300, signal 60372/63822 (executing program) 2025/01/18 06:58:44 fetching corpus: 350, signal 65754/68677 (executing program) 2025/01/18 06:58:44 fetching corpus: 400, signal 68630/71265 (executing program) 2025/01/18 06:58:44 fetching corpus: 450, signal 73191/75025 (executing program) 2025/01/18 06:58:44 fetching corpus: 500, signal 77866/78647 (executing program) 2025/01/18 06:58:44 fetching corpus: 529, signal 79062/79616 (executing program) 2025/01/18 06:58:44 fetching corpus: 529, signal 79062/79655 (executing program) 2025/01/18 06:58:44 fetching corpus: 529, signal 79062/79701 (executing program) 2025/01/18 06:58:44 fetching corpus: 529, signal 79062/79741 (executing program) 2025/01/18 06:58:44 fetching corpus: 529, signal 79062/79788 (executing program) 2025/01/18 06:58:44 fetching corpus: 529, signal 79062/79834 (executing program) 2025/01/18 06:58:44 fetching corpus: 529, signal 79062/79893 (executing program) 2025/01/18 06:58:44 fetching corpus: 529, signal 79062/79943 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/79997 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80051 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80106 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80154 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80190 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80238 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80294 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80342 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80395 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80445 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80504 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80549 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80588 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80618 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80660 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80703 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80755 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80798 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80826 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80881 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80937 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80964 (executing program) 2025/01/18 06:58:45 fetching corpus: 529, signal 79062/80964 (executing program) 2025/01/18 06:58:49 starting 8 fuzzer processes 06:58:49 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDFONTOP_SET(r0, 0x4b4b, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 06:58:49 executing program 1: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0) ioctl$PTP_PIN_GETFUNC2(r0, 0x40043d0d, 0x0) 06:58:49 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x20000, 0xb, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73665df41100080120000200004000f80000200040000000000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60}, {&(0x7f0000010100)='RRaA\x00'/32, 0x20, 0x800}, {&(0x7f0000010200)="0000000072724161140000000b000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010300)="601c6d6b646f73665df41100080120000200004000f80000200040000000000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60, 0x3000}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f0700000008000000090000000a000000ffffff0fffffff0f00"/64, 0x40, 0x10000}, {&(0x7f0000010500)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f0700000008000000090000000a000000ffffff0fffffff0f00"/64, 0x40, 0x10800}, {&(0x7f0000010600)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000bde670325132510000e670325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000bde670325132510000e670325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000bde670325132510000e670325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000bde670325132510000e67032510b0064000000", 0x120, 0x11000}, {&(0x7f0000010800)="2e202020202020202020201000bde670325132510000e67032510300000000002e2e2020202020202020201000bde670325132510000e670325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000bde670325132510000e670325104001a040000", 0x80, 0x11800}, {&(0x7f0000010900)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x12000}, {&(0x7f0000010e00)='syzkallers\x00'/32, 0x20, 0x12800}, {&(0x7f0000010f00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x15800}], 0x0, &(0x7f0000011000)) [ 97.417961] audit: type=1400 audit(1737183529.653:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 06:58:49 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000002140), 0x0, 0x0) preadv(r0, &(0x7f0000003180)=[{&(0x7f0000002180)=""/4096, 0x1000}], 0x1, 0x0, 0x0) 06:58:49 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) r1 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000040)={@multicast2, @private, r2}, 0xc) 06:58:49 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000a940)=[{&(0x7f0000000080)={0x18, 0x76, 0x1, 0x0, 0x0, "", [@generic="3488be399d"]}, 0x18}], 0x1}, 0x0) 06:58:49 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) fcntl$lock(r0, 0x6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) fcntl$lock(r0, 0x26, &(0x7f0000000180)) close_range(r0, 0xffffffffffffffff, 0x0) 06:58:49 executing program 7: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000740)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000700)={&(0x7f0000000240)={0x144, 0x0, 0x4, 0xb01, 0x0, 0x0, {}, [@generic="618cf88c3c853d78731a10580a0946988b0571ad0ad13c0e3376c3e69fa31c3fd8e25bc6facdf503672a5073462caaa49799b1bc6aec9d1ad5c491ee0d6ee4847cb6ab99e05520cb8c05e8e2381d5d72e2e21bedb0d70a3ce8e5ff3cf12d9ab149adebf9ce9e37a5e9e9742c4928cedbfa68347cc7c4e23a4a0e8df536", @nested={0xad, 0x0, 0x0, 0x1, [@generic="112b49ac648165a112114389dd1efabc5469ee0b73dd886eba2c0e", @typed={0x65, 0x0, 0x0, 0x0, @binary="18b0ceac6cffc39ae7204bd885c80f5277cd927a9c758a7fc8df7f6caef9fe4e7774719016c443f5283c89d7e9c420ccb8480674965fa1ca8612c94b7c07be2f54e43b8d1ff5d75ae7262f149edb7be14652c641b0afe6b6bfd8cd918ad72498df"}, @generic="47b6906f2e9d527f18c51c738f78fa5bc57be0a264dc4f0af6f2a6d73ec738afd2ae95e30c0f"]}]}, 0x144}}, 0x0) [ 98.880647] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 98.884376] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 98.889756] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 98.890572] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 98.893167] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 98.897500] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 98.901885] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 98.907623] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 98.908223] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 98.917545] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 98.917969] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 98.918394] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 98.923807] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 98.930963] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 98.939768] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 98.942974] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 98.943483] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 98.943780] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 98.949600] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 98.950656] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 98.953751] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 98.976426] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 98.981482] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 98.985443] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 99.041810] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 99.045648] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 99.051733] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 99.064679] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 99.070845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 99.073686] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 99.075876] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 99.078562] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 99.081749] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 99.113540] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 99.117133] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 99.119591] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 99.141423] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 99.143711] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 99.145009] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 99.149099] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 99.151673] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 99.152943] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 99.177733] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 99.179108] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 99.179974] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 99.183131] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 99.185006] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 99.186899] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 101.017082] Bluetooth: hci1: command tx timeout [ 101.017747] Bluetooth: hci0: command tx timeout [ 101.017977] Bluetooth: hci3: command tx timeout [ 101.018054] Bluetooth: hci2: command tx timeout [ 101.145624] Bluetooth: hci4: command tx timeout [ 101.210406] Bluetooth: hci7: command tx timeout [ 101.211334] Bluetooth: hci5: command tx timeout [ 101.273373] Bluetooth: hci6: command tx timeout [ 103.064639] Bluetooth: hci1: command tx timeout [ 103.065116] Bluetooth: hci3: command tx timeout [ 103.065212] Bluetooth: hci2: command tx timeout [ 103.065312] Bluetooth: hci0: command tx timeout [ 103.194329] Bluetooth: hci4: command tx timeout [ 103.257374] Bluetooth: hci5: command tx timeout [ 103.257461] Bluetooth: hci7: command tx timeout [ 103.320320] Bluetooth: hci6: command tx timeout [ 105.112504] Bluetooth: hci0: command tx timeout [ 105.113823] Bluetooth: hci2: command tx timeout [ 105.113874] Bluetooth: hci3: command tx timeout [ 105.113921] Bluetooth: hci1: command tx timeout [ 105.241491] Bluetooth: hci4: command tx timeout [ 105.305622] Bluetooth: hci7: command tx timeout [ 105.305927] Bluetooth: hci5: command tx timeout [ 105.368609] Bluetooth: hci6: command tx timeout [ 107.160581] Bluetooth: hci0: command tx timeout [ 107.161708] Bluetooth: hci2: command tx timeout [ 107.161816] Bluetooth: hci3: command tx timeout [ 107.161902] Bluetooth: hci1: command tx timeout [ 107.288575] Bluetooth: hci4: command tx timeout [ 107.352504] Bluetooth: hci7: command tx timeout [ 107.352913] Bluetooth: hci5: command tx timeout [ 107.416370] Bluetooth: hci6: command tx timeout [ 161.209740] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 161.216126] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 161.218803] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 161.225559] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 161.227190] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 161.231166] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 161.314878] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 161.326102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 161.328814] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 161.336457] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 161.340907] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 161.345554] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 161.348804] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 161.351642] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 161.365859] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 161.383768] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 161.387034] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 161.389481] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 161.393504] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 161.395040] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 161.396709] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 161.404525] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 161.406766] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 161.413518] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 161.415140] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 161.415669] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 161.419624] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 161.420112] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 161.422789] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 161.423325] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 161.467610] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 161.473627] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 161.474620] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 161.486937] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 161.490615] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 161.490859] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 161.495001] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 161.495277] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 161.499001] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 161.525700] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 161.526071] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 161.541459] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 161.563484] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 161.583015] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 161.583755] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 161.585985] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 161.587130] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 161.587696] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 163.288720] Bluetooth: hci0: command tx timeout [ 163.417408] Bluetooth: hci1: command tx timeout [ 163.480581] Bluetooth: hci4: command tx timeout [ 163.481349] Bluetooth: hci2: command tx timeout [ 163.544932] Bluetooth: hci5: command tx timeout [ 163.608743] Bluetooth: hci7: command tx timeout [ 163.609656] Bluetooth: hci6: command tx timeout [ 163.609905] Bluetooth: hci3: command tx timeout [ 165.336399] Bluetooth: hci0: command tx timeout [ 165.465044] Bluetooth: hci1: command tx timeout [ 165.530426] Bluetooth: hci2: command tx timeout [ 165.530908] Bluetooth: hci4: command tx timeout [ 165.592387] Bluetooth: hci5: command tx timeout [ 165.658363] Bluetooth: hci7: command tx timeout [ 165.658574] Bluetooth: hci6: command tx timeout [ 165.658636] Bluetooth: hci3: command tx timeout [ 167.384388] Bluetooth: hci0: command tx timeout [ 167.512327] Bluetooth: hci1: command tx timeout [ 167.576440] Bluetooth: hci4: command tx timeout [ 167.576557] Bluetooth: hci2: command tx timeout [ 167.641640] Bluetooth: hci5: command tx timeout [ 167.704467] Bluetooth: hci3: command tx timeout [ 167.704628] Bluetooth: hci6: command tx timeout [ 167.704728] Bluetooth: hci7: command tx timeout [ 169.432524] Bluetooth: hci0: command tx timeout [ 169.560519] Bluetooth: hci1: command tx timeout [ 169.624638] Bluetooth: hci2: command tx timeout [ 169.624793] Bluetooth: hci4: command tx timeout [ 169.688423] Bluetooth: hci5: command tx timeout [ 169.752941] Bluetooth: hci7: command tx timeout [ 169.753117] Bluetooth: hci6: command tx timeout [ 169.753221] Bluetooth: hci3: command tx timeout [ 223.148605] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 223.151100] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 223.158024] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 223.164477] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 223.170712] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 223.172993] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 223.331372] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 223.335736] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 223.343489] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 223.349692] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 223.353194] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 223.356109] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 223.360334] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 223.372947] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 223.380122] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 223.403495] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 223.406537] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 223.409509] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 223.413678] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 223.415691] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 223.420533] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 223.422411] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 223.422762] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 223.425592] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 223.427968] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 223.429908] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 223.435014] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 223.437792] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 223.452581] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 223.454422] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 223.492022] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 223.496938] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 223.506755] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 223.513969] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 223.525178] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 223.533729] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 223.541396] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 223.542162] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 223.546939] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 223.549733] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 223.565752] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 223.579483] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 223.589806] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 223.608439] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 223.614752] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 223.616115] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 223.622804] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 223.625401] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 225.241352] Bluetooth: hci0: command tx timeout [ 225.432298] Bluetooth: hci1: command tx timeout [ 225.496352] Bluetooth: hci2: command tx timeout [ 225.560354] Bluetooth: hci4: command tx timeout [ 225.560806] Bluetooth: hci3: command tx timeout [ 225.688437] Bluetooth: hci5: command tx timeout [ 225.688506] Bluetooth: hci7: command tx timeout [ 225.754315] Bluetooth: hci6: command tx timeout [ 227.289269] Bluetooth: hci0: command tx timeout [ 227.480994] Bluetooth: hci1: command tx timeout [ 227.544363] Bluetooth: hci2: command tx timeout [ 227.609364] Bluetooth: hci3: command tx timeout [ 227.609423] Bluetooth: hci4: command tx timeout [ 227.736310] Bluetooth: hci7: command tx timeout [ 227.737382] Bluetooth: hci5: command tx timeout [ 227.802273] Bluetooth: hci6: command tx timeout [ 229.336340] Bluetooth: hci0: command tx timeout [ 229.528305] Bluetooth: hci1: command tx timeout [ 229.592293] Bluetooth: hci2: command tx timeout [ 229.656300] Bluetooth: hci4: command tx timeout [ 229.656388] Bluetooth: hci3: command tx timeout [ 229.784311] Bluetooth: hci5: command tx timeout [ 229.784339] Bluetooth: hci7: command tx timeout [ 229.850337] Bluetooth: hci6: command tx timeout [ 231.384478] Bluetooth: hci0: command tx timeout [ 231.577780] Bluetooth: hci1: command tx timeout [ 231.640565] Bluetooth: hci2: command tx timeout [ 231.706444] Bluetooth: hci3: command tx timeout [ 231.706469] Bluetooth: hci4: command tx timeout [ 231.832342] Bluetooth: hci7: command tx timeout [ 231.832929] Bluetooth: hci5: command tx timeout [ 231.899281] Bluetooth: hci6: command tx timeout [ 281.892549] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 281.892669] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 282.615608] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 282.615689] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 282.943851] syz-executor.6 (6621) used greatest stack depth: 23680 bytes left [ 283.305491] [ 283.305745] ====================================================== [ 283.306352] WARNING: possible circular locking dependency detected [ 283.306951] 6.13.0-rc7-next-20250117 #1 Not tainted [ 283.307443] ------------------------------------------------------ [ 283.309015] kworker/u8:2/10022 is trying to acquire lock: [ 283.310169] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 283.312672] [ 283.312672] but task is already holding lock: [ 283.313828] ffff88802ddd0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 283.315581] [ 283.315581] which lock already depends on the new lock. [ 283.315581] [ 283.317189] [ 283.317189] the existing dependency chain (in reverse order) is: [ 283.317896] [ 283.317896] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 283.318560] __mutex_lock+0x13d/0xb50 [ 283.319022] wiphy_register+0x1b2e/0x25d0 [ 283.319521] ieee80211_register_hw+0x23a4/0x3d60 [ 283.320067] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 283.320640] init_mac80211_hwsim+0x389/0x870 [ 283.321163] do_one_initcall+0xf9/0x640 [ 283.321649] kernel_init_freeable+0x53d/0x7a0 [ 283.322179] kernel_init+0x1e/0x2d0 [ 283.322608] ret_from_fork+0x48/0x80 [ 283.323043] ret_from_fork_asm+0x1a/0x30 [ 283.323535] [ 283.323535] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 283.324166] __lock_acquire+0x29fd/0x4580 [ 283.324654] lock_acquire+0x19b/0x520 [ 283.325107] __mutex_lock+0x13d/0xb50 [ 283.325567] unregister_netdevice_many_notify+0x1612/0x1c80 [ 283.326189] unregister_netdevice_queue+0x224/0x2e0 [ 283.326744] _cfg80211_unregister_wdev+0x57b/0x700 [ 283.327307] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 283.327862] ieee80211_unregister_hw+0x55/0x3a0 [ 283.328394] hwsim_exit_net+0x3a0/0x730 [ 283.328859] ops_exit_list+0xb3/0x180 [ 283.329307] cleanup_net+0x546/0xad0 [ 283.329749] process_one_work+0x8ee/0x1a10 [ 283.330254] worker_thread+0x674/0xe70 [ 283.330735] kthread+0x3ab/0x720 [ 283.331161] ret_from_fork+0x48/0x80 [ 283.331595] ret_from_fork_asm+0x1a/0x30 [ 283.332100] [ 283.332100] other info that might help us debug this: [ 283.332100] [ 283.332850] Possible unsafe locking scenario: [ 283.332850] [ 283.333431] CPU0 CPU1 [ 283.333882] ---- ---- [ 283.334332] lock(&rdev->wiphy.mtx); [ 283.334732] lock(rtnl_mutex); [ 283.335324] lock(&rdev->wiphy.mtx); [ 283.335952] lock(rtnl_mutex); [ 283.336322] [ 283.336322] *** DEADLOCK *** [ 283.336322] [ 283.336898] 4 locks held by kworker/u8:2/10022: [ 283.337365] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 283.338396] #1: ffff88803a9f7d30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 283.339356] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 283.340253] #3: ffff88802ddd0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 283.341259] [ 283.341259] stack backtrace: [ 283.341696] CPU: 0 UID: 0 PID: 10022 Comm: kworker/u8:2 Not tainted 6.13.0-rc7-next-20250117 #1 [ 283.342532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 283.343312] Workqueue: netns cleanup_net [ 283.343728] Call Trace: [ 283.343991] [ 283.344218] dump_stack_lvl+0xca/0x120 [ 283.344642] print_circular_bug+0x47b/0x750 [ 283.345086] check_noncircular+0x2e9/0x3c0 [ 283.345516] ? __pfx_check_noncircular+0x10/0x10 [ 283.345996] ? hlock_class+0x4e/0x130 [ 283.346376] ? srso_return_thunk+0x5/0x5f [ 283.346814] ? mark_lock+0xac/0xed0 [ 283.347195] ? lockdep_lock+0xba/0x1b0 [ 283.347612] ? __pfx_lockdep_lock+0x10/0x10 [ 283.348077] __lock_acquire+0x29fd/0x4580 [ 283.348527] ? __pfx___lock_acquire+0x10/0x10 [ 283.348983] ? lock_release+0x20f/0x6f0 [ 283.349394] ? __pfx_lock_release+0x10/0x10 [ 283.349833] ? srso_return_thunk+0x5/0x5f [ 283.350273] lock_acquire+0x19b/0x520 [ 283.350680] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 283.351267] ? __pfx_lock_acquire+0x10/0x10 [ 283.351713] ? __pfx_lock_release+0x10/0x10 [ 283.352167] ? __pfx_try_to_wake_up+0x10/0x10 [ 283.352624] ? srso_return_thunk+0x5/0x5f [ 283.353063] ? lock_is_held_type+0x9e/0x120 [ 283.353516] ? srso_return_thunk+0x5/0x5f [ 283.353962] __mutex_lock+0x13d/0xb50 [ 283.354363] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 283.354926] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 283.355508] ? srso_return_thunk+0x5/0x5f [ 283.355943] ? synchronize_rcu_expedited+0x38a/0x420 [ 283.356462] ? __pfx___mutex_lock+0x10/0x10 [ 283.356907] ? srso_return_thunk+0x5/0x5f [ 283.357347] ? srso_return_thunk+0x5/0x5f [ 283.357782] ? kasan_quarantine_put+0x84/0x1e0 [ 283.358269] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 283.358726] ? srso_return_thunk+0x5/0x5f [ 283.359165] unregister_netdevice_many_notify+0x1612/0x1c80 [ 283.359711] ? __virt_addr_valid+0x2e8/0x5d0 [ 283.360172] ? __pfx_lock_release+0x10/0x10 [ 283.360602] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 283.361178] ? find_held_lock+0x2c/0x110 [ 283.361602] ? srso_return_thunk+0x5/0x5f [ 283.362041] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 283.362564] ? srso_return_thunk+0x5/0x5f [ 283.362990] ? lock_release+0x20f/0x6f0 [ 283.363389] ? __pfx_lock_release+0x10/0x10 [ 283.363814] ? srso_return_thunk+0x5/0x5f [ 283.364256] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 283.364792] ? srso_return_thunk+0x5/0x5f [ 283.365242] unregister_netdevice_queue+0x224/0x2e0 [ 283.365741] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 283.366289] ? up_write+0x195/0x520 [ 283.366682] _cfg80211_unregister_wdev+0x57b/0x700 [ 283.367180] ? srso_return_thunk+0x5/0x5f [ 283.367621] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 283.368135] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 283.368696] ? srso_return_thunk+0x5/0x5f [ 283.369135] ? srso_return_thunk+0x5/0x5f [ 283.369570] ? synchronize_rcu+0x1ff/0x260 [ 283.370003] ieee80211_unregister_hw+0x55/0x3a0 [ 283.370476] hwsim_exit_net+0x3a0/0x730 [ 283.370885] ? __pfx_hwsim_exit_net+0x10/0x10 [ 283.371337] ? srso_return_thunk+0x5/0x5f [ 283.371773] ? netdev_run_todo+0x788/0x1040 [ 283.372223] ? __pfx_hwsim_exit_net+0x10/0x10 [ 283.372684] ops_exit_list+0xb3/0x180 [ 283.373079] cleanup_net+0x546/0xad0 [ 283.373473] ? __pfx_cleanup_net+0x10/0x10 [ 283.373913] process_one_work+0x8ee/0x1a10 [ 283.374371] ? __pfx_lock_acquire+0x10/0x10 [ 283.374812] ? __pfx_process_one_work+0x10/0x10 [ 283.375302] ? srso_return_thunk+0x5/0x5f [ 283.375743] ? move_linked_works+0x172/0x270 [ 283.376195] ? srso_return_thunk+0x5/0x5f [ 283.376625] ? assign_work+0x196/0x240 [ 283.377031] worker_thread+0x674/0xe70 [ 283.377442] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 283.377976] ? srso_return_thunk+0x5/0x5f [ 283.378410] ? __pfx_worker_thread+0x10/0x10 [ 283.378877] kthread+0x3ab/0x720 [ 283.379246] ? __pfx_kthread+0x10/0x10 [ 283.379655] ? srso_return_thunk+0x5/0x5f [ 283.380087] ? finish_task_switch.isra.0+0x206/0x840 [ 283.380604] ? __pfx_kthread+0x10/0x10 [ 283.381018] ret_from_fork+0x48/0x80 [ 283.381398] ? __pfx_kthread+0x10/0x10 [ 283.381809] ret_from_fork_asm+0x1a/0x30 [ 283.382254] [ 285.088616] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 285.090734] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 285.092675] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 285.096786] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 285.100539] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 285.102653] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 285.412954] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 285.415963] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 285.416961] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 285.420292] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 285.421687] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 285.422922] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 285.428956] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 285.436586] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 285.438759] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 285.454660] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 285.468064] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 285.469913] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 285.489946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 285.492509] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 285.493132] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 285.500914] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 285.502050] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 285.503186] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 285.507311] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 285.514466] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 285.520402] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 285.555587] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 285.559653] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 285.562502] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 285.580404] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 285.590696] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 285.597525] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 285.598131] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 285.610520] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 285.614483] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 285.616418] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 285.622523] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 285.630483] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 285.632538] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 285.635060] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 285.637084] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 285.641585] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 285.643496] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 285.649556] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 285.664692] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 285.665794] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 285.666737] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 287.129268] Bluetooth: hci0: command tx timeout [ 287.448299] Bluetooth: hci1: command tx timeout [ 287.576391] Bluetooth: hci3: command tx timeout [ 287.576411] Bluetooth: hci2: command tx timeout [ 287.640476] Bluetooth: hci4: command tx timeout [ 287.705001] Bluetooth: hci5: command tx timeout [ 287.705081] Bluetooth: hci6: command tx timeout [ 287.768820] Bluetooth: hci7: command tx timeout [ 289.176300] Bluetooth: hci0: command tx timeout [ 289.498235] Bluetooth: hci1: command tx timeout [ 289.624305] Bluetooth: hci3: command tx timeout [ 289.625298] Bluetooth: hci2: command tx timeout [ 289.688279] Bluetooth: hci4: command tx timeout [ 289.752295] Bluetooth: hci6: command tx timeout [ 289.752361] Bluetooth: hci5: command tx timeout [ 289.816366] Bluetooth: hci7: command tx timeout [ 291.225319] Bluetooth: hci0: command tx timeout [ 291.544330] Bluetooth: hci1: command tx timeout [ 291.674290] Bluetooth: hci2: command tx timeout [ 291.674459] Bluetooth: hci3: command tx timeout [ 291.736297] Bluetooth: hci4: command tx timeout [ 291.800437] Bluetooth: hci5: command tx timeout [ 291.800772] Bluetooth: hci6: command tx timeout [ 291.864450] Bluetooth: hci7: command tx timeout [ 293.273676] Bluetooth: hci0: command tx timeout VM DIAGNOSIS: 07:01:55 Registers: info registers vcpu 0 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff88803a9f6b28 R8 =0000000000000001 R9 =ffffed100753ed55 R10=0000000000000031 R11=6666666666666666 R12=0000000000000031 R13=0000000000000001 R14=ffff888008fea064 R15=ffff88803a9f6e28 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f867f848449 CR3=000000000c6f8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000004258d6708f878000 XMM02=00000000000000003fdaade81da29035 XMM03=000000c00008ff20000000c00008fef0 XMM04=000000c000149200000000c0001491d0 XMM05=000000c00008ff50000000c00008ff20 XMM06=000000c00008e4b0000000c00008ff80 XMM07=000000c0000ee000000000c00008ffb0 XMM08=000000c0000ee060000000c0000ee030 XMM09=000000c0000ee0c0000000c0000ee090 XMM10=000000c0000ee120000000c0000ee0f0 XMM11=000000c0000ee180000000c0000ee150 XMM12=000000c0000f0b00000000c00008e4e0 XMM13=000000c000148690000000c000148660 XMM14=000000c0001486f0000000c0001486c0 XMM15=000000c00014c160000000c00008f560 info registers vcpu 1 RAX=0000000000041ec3 RBX=0000000000000001 RCX=ffffffff84a8bb27 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff814b1b6a RBP=dffffc0000000000 RSP=ffff8880096a7e68 R8 =0000000000000001 R9 =ffffed100d9e6c4a R10=ffff88806cf36253 R11=0000000000000001 R12=ffffffff864021d0 R13=1ffff110012d4fd2 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff84a8cace RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe4e00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd5baf39128 CR3=000000000e860000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=2661273d3ad58cbd32452f763077ba4d XMM02=d12871896912de2d00000000000fd690 XMM03=f9980df3bdc2dbad00000000001341e0 XMM04=664c650fdcfd43ff00000000000ae988 XMM05=a5eb109c2082d0da0000000000148a30 XMM06=9f165a4fe6c971ad0000000000137e70 XMM07=711fbe8126c5d3440000000000137d68 XMM08=68a8aee3740b9fad00000000000fd7b0 XMM09=00000000000000000000000000000000 XMM10=00000000000000000020000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000