Warning: Permanently added '[localhost]:49040' (ECDSA) to the list of known hosts. 2025/01/18 11:21:40 fuzzer started 2025/01/18 11:21:40 dialing manager at localhost:44245 syzkaller login: [ 67.727215] cgroup: Unknown subsys name 'net' [ 67.818130] cgroup: Unknown subsys name 'cpuset' [ 67.843298] cgroup: Unknown subsys name 'rlimit' [ 72.934831] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 11:21:56 syscalls: 2217 2025/01/18 11:21:56 code coverage: enabled 2025/01/18 11:21:56 comparison tracing: enabled 2025/01/18 11:21:56 extra coverage: enabled 2025/01/18 11:21:56 setuid sandbox: enabled 2025/01/18 11:21:56 namespace sandbox: enabled 2025/01/18 11:21:56 Android sandbox: enabled 2025/01/18 11:21:56 fault injection: enabled 2025/01/18 11:21:56 leak checking: enabled 2025/01/18 11:21:56 net packet injection: enabled 2025/01/18 11:21:56 net device setup: enabled 2025/01/18 11:21:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 11:21:56 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 11:21:56 USB emulation: enabled 2025/01/18 11:21:56 hci packet injection: enabled 2025/01/18 11:21:56 wifi device emulation: enabled 2025/01/18 11:21:56 802.15.4 emulation: enabled 2025/01/18 11:21:56 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 11:21:56 fetching corpus: 50, signal 24845/27935 (executing program) 2025/01/18 11:21:57 fetching corpus: 100, signal 35795/39778 (executing program) 2025/01/18 11:21:57 fetching corpus: 150, signal 44118/48783 (executing program) 2025/01/18 11:21:57 fetching corpus: 200, signal 49001/54392 (executing program) 2025/01/18 11:21:57 fetching corpus: 250, signal 54219/60072 (executing program) 2025/01/18 11:21:57 fetching corpus: 300, signal 57353/63769 (executing program) 2025/01/18 11:21:57 fetching corpus: 350, signal 63125/69686 (executing program) 2025/01/18 11:21:58 fetching corpus: 400, signal 66145/73024 (executing program) 2025/01/18 11:21:58 fetching corpus: 450, signal 69628/76577 (executing program) 2025/01/18 11:21:58 fetching corpus: 500, signal 73351/80195 (executing program) 2025/01/18 11:21:58 fetching corpus: 550, signal 78235/84608 (executing program) 2025/01/18 11:21:58 fetching corpus: 600, signal 80581/86907 (executing program) 2025/01/18 11:21:58 fetching corpus: 650, signal 83170/89304 (executing program) 2025/01/18 11:21:58 fetching corpus: 700, signal 86181/91888 (executing program) 2025/01/18 11:21:59 fetching corpus: 750, signal 88029/93554 (executing program) 2025/01/18 11:21:59 fetching corpus: 800, signal 89972/95219 (executing program) 2025/01/18 11:21:59 fetching corpus: 850, signal 92892/97482 (executing program) 2025/01/18 11:21:59 fetching corpus: 900, signal 94460/98746 (executing program) 2025/01/18 11:21:59 fetching corpus: 950, signal 95965/99921 (executing program) 2025/01/18 11:21:59 fetching corpus: 1000, signal 97741/101180 (executing program) 2025/01/18 11:22:00 fetching corpus: 1050, signal 98778/101974 (executing program) 2025/01/18 11:22:00 fetching corpus: 1100, signal 100368/103026 (executing program) 2025/01/18 11:22:00 fetching corpus: 1150, signal 101247/103621 (executing program) 2025/01/18 11:22:00 fetching corpus: 1200, signal 103439/104904 (executing program) 2025/01/18 11:22:00 fetching corpus: 1250, signal 104664/105613 (executing program) 2025/01/18 11:22:00 fetching corpus: 1262, signal 104892/105753 (executing program) 2025/01/18 11:22:00 fetching corpus: 1262, signal 104892/105781 (executing program) 2025/01/18 11:22:00 fetching corpus: 1262, signal 104892/105815 (executing program) 2025/01/18 11:22:00 fetching corpus: 1262, signal 104892/105857 (executing program) 2025/01/18 11:22:00 fetching corpus: 1262, signal 104892/105896 (executing program) 2025/01/18 11:22:00 fetching corpus: 1262, signal 104892/105933 (executing program) 2025/01/18 11:22:00 fetching corpus: 1262, signal 104892/105970 (executing program) 2025/01/18 11:22:00 fetching corpus: 1262, signal 104892/105999 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106028 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106062 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106103 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106130 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106165 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106197 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106223 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106244 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106263 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106300 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106344 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106381 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106414 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106444 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106473 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106523 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106561 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106589 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106614 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106624 (executing program) 2025/01/18 11:22:01 fetching corpus: 1262, signal 104892/106624 (executing program) 2025/01/18 11:22:03 starting 8 fuzzer processes 11:22:03 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x4, 0x1, &(0x7f0000000200)=[{&(0x7f00000004c0)="43e91bb03d35df4ab0cc0bca33d381e52f8ff9f986e2c12cfea30c61bf9a7d097dd1794223edd9338712ded063ee7188cea667e60c6ec13b81a4117331bbb159b13643e48571e34320446f2146dadda39f2ce1d6e3a950f55a52da374197172bcde52f5d40f89343e02824620ae2caeabdd8b54c362eba90c7c32d98b0be312da9c4ffbb3380301c9ad06730b034630b06613f67451aa9d42a9d72550e65aa9f64ddc1359d688d89502164303a9404c5e65075742385669a769b6ccb004e3814331f09d29cef1267cadef83d3d88d12155afe5320dd72390ed66c0119dd2db2ee727368b256f2d27da195fbc3222c765566897796119c2d6c40e62957da2f7cda1486a3195cb3665d75a23ae10c6db76b539120fdfc0fa7ecc39690bd6a295a935cb112f27e35ee7fc76a06e18727cf62480b602aeaab8760064f8e751a7350eb4a27100650cfc861cd4aaa431e9d0af6ee660e96c118e6bf6ef8d90d7bfae9ea9a77e91ab33de5bd0b300e56fb90fe6a969192c80c856a9b45fc55d1d9db5481de2aac34bc5e9c513b6a4f32b4bca33dcf653f408eefffcf6f67be9551fd71bdc7793ffbe9537ac96d86ddeab9ca97338e86b870dd507bb598f1eb57f0f8023b2e66ae8d3e6892671e4be428ea66af039b1c1b3757baa585ae4fea4989f80a9ca2d0694e21d3a4e7f51ebb92a6406d2e2b91bbd57f1ceba752afd41ebd19cb60f25dff0a0c9a5f7947f8a278d97cdf159711bcad22d68cc7cae169710b80ea4b88064731b05adb856974d2398479ec431bc59a05f1ecff7faaad66eb3140d7545c193284bc3854057212c2e22ad5493416090f0167b4ad7ace058728dcb49139989979d1e4b5c3f3702b9c06358a4dd2ea3a005736d60dcfedd14c07fedc38cb822ac3d1959fcdebc9330284c8e2683ef84c9b7320c006a6a2429d5aedda57c6920dad866eb321f406518c1c333c27747be4e76a90e8a91fe700faf76c3c877586746ab80a019e7e37df228974af93dfb6733a0178e7651e99f7d6e01bfd314b5396df434a6984528c115afd9fbaa860a0a944caf8bf265ebf1a7fa1ed4046aafa4eeb826e57b1edbda5b38d5ef978206859a027507631b93004b8b75c5ac01116343b7b9e59532aa74eb5320e2d963549db2714a3e959b1e16a8eaf6747685eb68487f0f8d45aa10596609917a7a64dedc3bf4410e994a4ebab7aad11a7bf5dcac9125bc4ce12231d08f69396941ff4dab99765e18c92878a00d9062f802d9a93fd2c7e8d2555d539f4b2d32fce3e70d6f255ae7d2d0fd42b47a81cf819dda2660842ec42f931d3f14c95bbe7e8d1362c90947eaf557280fcef6ef8172d16c1ec64ffaaa88695b45ff557f6885a971e07194c674d74acd47a8da0fc64c931620a62b7e66005389078d92a8bacbf2b00a092d75e333a28e3ca3aa6aceb01787fe9d0a53e1e637883d59d05296c8483c531b2bfc8d2da0d4adf98fdb4755134969716e6de8fe2dd4005142d932e0b6e5b3d317b933643def16a91883f3a08ba4915a32958f858c15ed0acfd34ffc46593f07269f70dd47bbd50d9a51db2d318a8abdcddcbde7062dc9d8e144419f0cd567f776645324195dd04768a021470efa7fb21eb47c0cd020c0c6c3a5d801bc339503df31e6b8c94f072a0eff42407229a9a097701d6d12271e6fe39d2e2315df3ab6519aa90f0640fd978757260892269cf967289247348e2ac98e5947254fff0fbfccc3680a6468395abfd56d2c1161948caeae2071b5076077d0279dedd0829ae95d5e8b676bbdae306341865f485cd1e5e294611553e3f454656e9e91275e464d14b4616c7736f94d0846155e3fa0a399c6ac9ca7158451a022262541930eb19c1285fb5e4f17747dc0439806f56c1e20c84c5fcba965b02b58f17f9e2796af25a7e12081eb78069404eda85366f5fd2ebf4c85ecfb22953045704172af380f24c042e32003992d1464570aeda11d39aaaf2f49e856c3d1bb9b8882fbaa6297322369f312a7ef3668b0ba194f86a89cde82efbf2b63daa86e339f79bca45006e494d97eb7b861e1d519b5b7aa19f18bccdb0de78a3138108d01c0c06808e0d13670c6415c6fac2e3759f15149fff93fe186b595bd67b8088587f2d250131ed1b9e79680f16ef8bbdbf8a0a83bc7f6e31f18218d1e84aad2778c22c01372aa26da2ccd89b83e62b2ea43e6e070fd46259648be3ccbc7bd354fcd71cbbfd01f1137603b83e7745c2d2cafe973b857b3b5dc1a78864ee857a407267a0f8bb600764c95ab80025ae6085b9627a296262534b97989c7580929d2d6e79bb5f08fb910292a4d7a26c0a91c240b8dc554bb18aa7e91a84110f503eb70ed9638c0d354f15064e29487d76d6cea3f8f290e9f3bbdcac7b2ee7f2795f9063cffb660a9c5afc27ef3cc06e738e843bf0eccab462e0dd3c052c084e48139c31a5b55c37f80e901312f3200e8017f792e2207cf628792efeaedd2127c2f73f2dd32f20e7d94fc1f136d6d5f0c6fe21684c932447abdbf682a050493188d679f7827c3bd1a02ad34bac231945f824259ceb32b52390fa48e03bf14bd47682b41448b0b30700d05f159b0c9a0340018f4253a9edd2164acc0e681ac38efd5d4fe534dd6443bf29d133aa6dff10c96880848acda57e887e658e0f7c1d3e64f3a6ec935b8caf56c73486edbf63f8e0376db1dfdfaf5903353d7d5c6f48faa12493f4b31ce58636cb5bc038c0791276981abb3869c2d2df275b99cc3ad3eec8899c5dcbe2d50a54f6165ace834daf82e29fef4e4531d55a6f36e0f03dfc8297c692db301807ce35652cd15a473c31e12969e1b2449f7e1b82b98317b1789c3b9bc1b01b11eb231fabab559deff7901b39823adf78279b619737f0ed298d139b5dd15b5fd86d79480a15441a9bcbcf4fa63815430d2ddafa5cf8842a14d62cc6f0f43198f1b33320b451554441c846a75a0853295d40a29afef8ca6ef6e31593c859fe7f78bb1fcf21d935667721a30abb1cc9efc889e3a1e12b635c8c5649cde0e142b08bf4c020f6213266ab0ff36983a7e54a9a5b6111a02bb07aaa6bdfdc452444de9bcca14a26bb41258ae68ebd83ff929beea250c1849d03589dbefe8cc70a726c312532ea33e0b641cc60824f5e330ed7e555476d908dbef73403e03ca041099aad4e2d766d01ebb89299f7246a174bb78553b958ed4e47657b469c70982843453e51c4bd2098f7ac502eff630a3fcab2abfbeeeefc58268485e270ffbbad42363572b3f66dcf172dbd97f0921f89d2482a9cc06a25362a6022da03e2ebe7dddaaf4525d98a700b875a135634ce93e66215e7ebbc4fb3002265799b3dd687db824a3519f26ce02f9144e7aa03b520a691a3c056ebb5b47985bfa8ba7984a2af462baa3a1e752cc78665c24e6de37dcc7575bf85ca79d65d23a27f76862d97e0a60da15c4160b5c6bd04bdbbe15b8777febc6de2ec1625136be919d3ebfd79346ff022518a92b8376157be88570d5b954001afbda14fc1f0226f0ad575f64ac65a6494ac0e92277b6e5b3cf417aa6220d939f65162a3da5e5af18d4b1bb85eca689d1b9a84a4bd7717de8dcd248b5360ad181120ec08ca6532804ef7790f67fbbd87b650d5055716a9c22565538f9aeb87680add233d4ecf451a303fc734fab9ea4fe8d23597069061ac64cb3d4cdd9a126a1d60b8930d97bcffe65ee2068eaef85d39079767a540e02a0594d4b0115753b9e5a6b13a5ddd592e588307e510808f0f1d08510109cf15517ef860b1a9f5ac64069497070956dc6c82994f622516ce28b8d03a1bcf1aaefbe926d08e80c14de6b04c5b3a2b14bd901a41744b5a06f0a9dc3d04c54b9b8a8d9c249ef8c758fce9e3d432a5f604c3b7917c7938401c1134d1d0a3d272289b225274592deb9560a5c5a64c3a429215da2b09394bef30bca5db30881df50fe931804adf1b4afab90afddd1f11a80614c6cd0a943f0dbf91d24b0b64dccf1c21a3028e45ac0e3fe102cf13e162b44e5abdb25215a4893588d595813a25190751ef115499de70a24f4e0931bf73de7c1bb838d553558022d8743eda91418ab9e7ebff596921c1315ae43c2803ef8e39c6c2aaf5407202479cc66ddc0470418b8af12efa9281b758ab1bdf873d972b69f1ff6551e4488f7494f199e01f071280a0efc2b757d348972cb614652ffd2bf180188726fd586a030b8300b2a94b69cc69954a2e06a4e1fbaab0f0c7f2b94ed14b234815a931981d849713f2596f6d8c7a96060f6fe704b581d0ca9c4a8a2fa5cb1aa8d891f10e81a31202171701f10fa6c3861c64c0b3dded2a88b756a", 0xc00, 0x401}], 0x40000, &(0x7f0000000240)={[{@mode}]}) 11:22:03 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, 0x0) 11:22:03 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000008f40)={0x2, &(0x7f0000008f00)=[{0x54}, {0x6}]}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 11:22:03 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETA(r0, 0x80045440, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "0385869887ddee02"}) [ 90.521975] audit: type=1400 audit(1737199323.805:7): avc: denied { execmem } for pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:22:03 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000580)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001040), 0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x5, &(0x7f0000000280), 0x4) sendmmsg$inet6(r0, 0x0, 0x0, 0x10890) socket$inet6_udp(0xa, 0x2, 0x0) pread64(r1, &(0x7f0000001900)=""/4096, 0x1000, 0x2) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000007c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000280)={0xa, 0x4e21, 0x0, @mcast1, 0x1000}, 0x1c, 0x0}}], 0x2, 0x0) 11:22:03 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setgroups(0x0, 0x0) setgroups(0x0, 0x0) dup(0xffffffffffffffff) 11:22:03 executing program 4: r0 = syz_io_uring_setup(0x1117, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000700)=[r1], 0x1) close_range(r0, 0xffffffffffffffff, 0x0) 11:22:03 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='smaps_rollup\x00') read$hiddev(r0, &(0x7f00000003c0)=""/171, 0xab) [ 91.856635] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 91.858299] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 91.859404] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 91.866796] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 91.872132] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 91.873415] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.047798] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 92.069923] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 92.071476] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 92.075924] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 92.089187] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 92.097523] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 92.109204] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 92.112724] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 92.113203] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 92.114829] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 92.116112] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 92.116675] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.117987] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 92.119940] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 92.121357] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 92.122673] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 92.123552] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 92.129326] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 92.130535] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 92.130695] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 92.132956] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 92.133335] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 92.134525] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 92.135964] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 92.136064] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 92.137820] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 92.138666] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.147733] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 92.148902] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 92.151678] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 92.159673] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 92.159864] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 92.168133] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 92.171697] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 92.172992] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 92.186022] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 92.189958] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 92.202972] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 92.212979] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 92.214404] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 92.215009] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 92.219106] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 93.943997] Bluetooth: hci0: command tx timeout [ 94.201696] Bluetooth: hci2: command tx timeout [ 94.202017] Bluetooth: hci6: command tx timeout [ 94.202294] Bluetooth: hci1: command tx timeout [ 94.264129] Bluetooth: hci3: command tx timeout [ 94.265498] Bluetooth: hci4: command tx timeout [ 94.265870] Bluetooth: hci5: command tx timeout [ 94.266190] Bluetooth: hci7: command tx timeout [ 95.991654] Bluetooth: hci0: command tx timeout [ 96.248012] Bluetooth: hci1: command tx timeout [ 96.248107] Bluetooth: hci6: command tx timeout [ 96.248197] Bluetooth: hci2: command tx timeout [ 96.311713] Bluetooth: hci3: command tx timeout [ 96.311799] Bluetooth: hci7: command tx timeout [ 96.311888] Bluetooth: hci5: command tx timeout [ 96.311950] Bluetooth: hci4: command tx timeout [ 98.039744] Bluetooth: hci0: command tx timeout [ 98.296009] Bluetooth: hci1: command tx timeout [ 98.296123] Bluetooth: hci2: command tx timeout [ 98.296235] Bluetooth: hci6: command tx timeout [ 98.359748] Bluetooth: hci3: command tx timeout [ 98.359846] Bluetooth: hci4: command tx timeout [ 98.359921] Bluetooth: hci5: command tx timeout [ 98.359994] Bluetooth: hci7: command tx timeout [ 100.087826] Bluetooth: hci0: command tx timeout [ 100.343722] Bluetooth: hci6: command tx timeout [ 100.343818] Bluetooth: hci2: command tx timeout [ 100.343904] Bluetooth: hci1: command tx timeout [ 100.407998] Bluetooth: hci7: command tx timeout [ 100.408363] Bluetooth: hci5: command tx timeout [ 100.408516] Bluetooth: hci4: command tx timeout [ 100.408682] Bluetooth: hci3: command tx timeout [ 151.662515] syz-executor.0 (284) used greatest stack depth: 24160 bytes left [ 154.438518] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 154.442126] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 154.447162] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 154.452101] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 154.454974] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 154.458127] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 154.516482] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 154.525098] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 154.531922] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 154.548348] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 154.555031] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 154.557269] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 154.560239] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 154.561151] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 154.563137] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 154.576069] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 154.581900] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 154.583119] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 154.587695] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 154.590315] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 154.596129] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 154.602002] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 154.605518] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 154.607528] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 154.734146] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 154.771242] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 154.779429] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 154.791391] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 154.797895] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 154.800752] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 154.800782] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 154.804706] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 154.804805] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 154.834890] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 154.837738] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 154.839747] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 154.889287] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 154.905965] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 154.931277] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 154.934896] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 154.937958] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 154.941127] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 154.957272] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 154.961120] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 154.964091] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 154.985234] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 154.993156] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 154.997140] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 156.536875] Bluetooth: hci0: command tx timeout [ 156.599671] Bluetooth: hci2: command tx timeout [ 156.664818] Bluetooth: hci3: command tx timeout [ 156.728670] Bluetooth: hci1: command tx timeout [ 156.919669] Bluetooth: hci5: command tx timeout [ 156.919851] Bluetooth: hci4: command tx timeout [ 157.047637] Bluetooth: hci6: command tx timeout [ 157.048637] Bluetooth: hci7: command tx timeout [ 158.583632] Bluetooth: hci0: command tx timeout [ 158.647616] Bluetooth: hci2: command tx timeout [ 158.712590] Bluetooth: hci3: command tx timeout [ 158.776590] Bluetooth: hci1: command tx timeout [ 158.967747] Bluetooth: hci5: command tx timeout [ 158.968450] Bluetooth: hci4: command tx timeout [ 159.096620] Bluetooth: hci7: command tx timeout [ 159.096705] Bluetooth: hci6: command tx timeout [ 160.631909] Bluetooth: hci0: command tx timeout [ 160.695638] Bluetooth: hci2: command tx timeout [ 160.759741] Bluetooth: hci3: command tx timeout [ 160.823728] Bluetooth: hci1: command tx timeout [ 161.016001] Bluetooth: hci5: command tx timeout [ 161.017670] Bluetooth: hci4: command tx timeout [ 161.143782] Bluetooth: hci6: command tx timeout [ 161.144960] Bluetooth: hci7: command tx timeout [ 162.679753] Bluetooth: hci0: command tx timeout [ 162.743961] Bluetooth: hci2: command tx timeout [ 162.807792] Bluetooth: hci3: command tx timeout [ 162.871777] Bluetooth: hci1: command tx timeout [ 163.063741] Bluetooth: hci5: command tx timeout [ 163.063880] Bluetooth: hci4: command tx timeout [ 163.191883] Bluetooth: hci6: command tx timeout [ 163.192053] Bluetooth: hci7: command tx timeout [ 216.912735] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 216.914915] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 216.916244] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 216.919861] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 216.921748] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 216.923188] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 217.033417] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 217.035195] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 217.036383] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 217.042862] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 217.045248] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 217.046683] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 217.057491] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 217.061239] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 217.067219] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 217.086005] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 217.096886] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 217.098129] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 217.114309] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 217.121987] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 217.132251] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 217.146667] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 217.148357] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 217.149937] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 217.173450] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 217.201926] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 217.217752] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 217.236812] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 217.238362] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 217.242002] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 217.334458] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 217.340853] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 217.341384] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 217.345888] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 217.352310] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 217.359134] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 217.361359] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 217.373459] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 217.376720] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 217.378381] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 217.379693] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 217.387021] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 217.404261] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 217.420076] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 217.433898] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 217.435247] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 217.448275] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 217.456855] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 218.999713] Bluetooth: hci0: command tx timeout [ 219.127690] Bluetooth: hci1: command tx timeout [ 219.191775] Bluetooth: hci2: command tx timeout [ 219.256640] Bluetooth: hci3: command tx timeout [ 219.319762] Bluetooth: hci4: command tx timeout [ 219.447662] Bluetooth: hci5: command tx timeout [ 219.513614] Bluetooth: hci6: command tx timeout [ 219.575744] Bluetooth: hci7: command tx timeout [ 221.047661] Bluetooth: hci0: command tx timeout [ 221.176354] Bluetooth: hci1: command tx timeout [ 221.239693] Bluetooth: hci2: command tx timeout [ 221.304632] Bluetooth: hci3: command tx timeout [ 221.368044] Bluetooth: hci4: command tx timeout [ 221.495680] Bluetooth: hci5: command tx timeout [ 221.559747] Bluetooth: hci6: command tx timeout [ 221.623877] Bluetooth: hci7: command tx timeout [ 223.096941] Bluetooth: hci0: command tx timeout [ 223.224004] Bluetooth: hci1: command tx timeout [ 223.288805] Bluetooth: hci2: command tx timeout [ 223.353895] Bluetooth: hci3: command tx timeout [ 223.416181] Bluetooth: hci4: command tx timeout [ 223.545616] Bluetooth: hci5: command tx timeout [ 223.607669] Bluetooth: hci6: command tx timeout [ 223.672610] Bluetooth: hci7: command tx timeout [ 225.143705] Bluetooth: hci0: command tx timeout [ 225.271705] Bluetooth: hci1: command tx timeout [ 225.335713] Bluetooth: hci2: command tx timeout [ 225.399980] Bluetooth: hci3: command tx timeout [ 225.463724] Bluetooth: hci4: command tx timeout [ 225.591715] Bluetooth: hci5: command tx timeout [ 225.655808] Bluetooth: hci6: command tx timeout [ 225.720619] Bluetooth: hci7: command tx timeout [ 279.115942] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 279.121246] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 279.124044] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 279.132456] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 279.146070] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 279.148399] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 279.428971] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 279.432916] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 279.435329] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 279.440006] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 279.444091] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 279.446297] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 279.491390] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 279.496695] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 279.499134] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 279.504298] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 279.507266] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 279.510020] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 279.632079] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 279.664877] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 279.671983] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 279.675948] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 279.679932] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 279.693324] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 279.694374] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 279.697844] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 279.698847] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 279.709053] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 279.714933] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 279.716835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 279.718614] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 279.719359] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 279.739462] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 279.740767] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 279.751384] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 279.751819] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 279.761374] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 279.769911] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 279.774927] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 279.788098] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 279.793879] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 279.810947] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 279.813191] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 279.817719] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 279.824003] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 279.843698] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 279.876888] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 279.879359] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 281.207624] Bluetooth: hci0: command tx timeout [ 281.528707] Bluetooth: hci1: command tx timeout [ 281.591665] Bluetooth: hci2: command tx timeout [ 281.784758] Bluetooth: hci4: command tx timeout [ 281.849765] Bluetooth: hci5: command tx timeout [ 281.912591] Bluetooth: hci6: command tx timeout [ 281.913042] Bluetooth: hci7: command tx timeout [ 281.976617] Bluetooth: hci3: command tx timeout [ 283.256576] Bluetooth: hci0: command tx timeout [ 283.575849] Bluetooth: hci1: command tx timeout [ 283.640569] Bluetooth: hci2: command tx timeout [ 283.831885] Bluetooth: hci4: command tx timeout [ 283.895822] Bluetooth: hci5: command tx timeout [ 283.959641] Bluetooth: hci7: command tx timeout [ 283.959741] Bluetooth: hci6: command tx timeout [ 284.024605] Bluetooth: hci3: command tx timeout [ 285.303637] Bluetooth: hci0: command tx timeout [ 285.623597] Bluetooth: hci1: command tx timeout [ 285.687944] Bluetooth: hci2: command tx timeout [ 285.879613] Bluetooth: hci4: command tx timeout [ 285.943630] Bluetooth: hci5: command tx timeout [ 286.007635] Bluetooth: hci6: command tx timeout [ 286.007732] Bluetooth: hci7: command tx timeout [ 286.071650] Bluetooth: hci3: command tx timeout [ 287.351588] Bluetooth: hci0: command tx timeout [ 287.671592] Bluetooth: hci1: command tx timeout [ 287.736845] Bluetooth: hci2: command tx timeout [ 287.927745] Bluetooth: hci4: command tx timeout [ 287.991652] Bluetooth: hci5: command tx timeout [ 288.055780] Bluetooth: hci7: command tx timeout [ 288.055856] Bluetooth: hci6: command tx timeout [ 288.121556] Bluetooth: hci3: command tx timeout [ 339.640088] [ 339.640345] ====================================================== [ 339.640947] WARNING: possible circular locking dependency detected [ 339.641550] 6.13.0-rc7-next-20250117 #1 Not tainted [ 339.642056] ------------------------------------------------------ [ 339.643471] kworker/u8:0/11 is trying to acquire lock: [ 339.644540] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 339.651449] [ 339.651449] but task is already holding lock: [ 339.652738] ffff888030eb0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 339.654946] [ 339.654946] which lock already depends on the new lock. [ 339.654946] [ 339.656650] [ 339.656650] the existing dependency chain (in reverse order) is: [ 339.658180] [ 339.658180] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 339.659640] __mutex_lock+0x13d/0xb50 [ 339.660692] wiphy_register+0x1b2e/0x25d0 [ 339.661804] ieee80211_register_hw+0x23a4/0x3d60 [ 339.663021] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 339.664309] init_mac80211_hwsim+0x389/0x870 [ 339.665490] do_one_initcall+0xf9/0x640 [ 339.666569] kernel_init_freeable+0x53d/0x7a0 [ 339.667774] kernel_init+0x1e/0x2d0 [ 339.668736] ret_from_fork+0x48/0x80 [ 339.669736] ret_from_fork_asm+0x1a/0x30 [ 339.670854] [ 339.670854] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 339.672188] __lock_acquire+0x29fd/0x4580 [ 339.673222] lock_acquire+0x19b/0x520 [ 339.674187] __mutex_lock+0x13d/0xb50 [ 339.675168] unregister_netdevice_many_notify+0x1612/0x1c80 [ 339.676506] unregister_netdevice_queue+0x224/0x2e0 [ 339.677692] _cfg80211_unregister_wdev+0x57b/0x700 [ 339.678905] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 339.680098] ieee80211_unregister_hw+0x55/0x3a0 [ 339.681234] hwsim_exit_net+0x3a0/0x730 [ 339.682226] ops_exit_list+0xb3/0x180 [ 339.683192] cleanup_net+0x546/0xad0 [ 339.684171] process_one_work+0x8ee/0x1a10 [ 339.685261] worker_thread+0x674/0xe70 [ 339.686291] kthread+0x3ab/0x720 [ 339.687203] ret_from_fork+0x48/0x80 [ 339.688143] ret_from_fork_asm+0x1a/0x30 [ 339.689205] [ 339.689205] other info that might help us debug this: [ 339.689205] [ 339.690804] Possible unsafe locking scenario: [ 339.690804] [ 339.692032] CPU0 CPU1 [ 339.693004] ---- ---- [ 339.693972] lock(&rdev->wiphy.mtx); [ 339.694850] lock(rtnl_mutex); [ 339.696147] lock(&rdev->wiphy.mtx); [ 339.697491] lock(rtnl_mutex); [ 339.698263] [ 339.698263] *** DEADLOCK *** [ 339.698263] [ 339.699507] 4 locks held by kworker/u8:0/11: [ 339.700478] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 339.701969] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 339.703299] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 339.704550] #3: ffff888030eb0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 339.705622] [ 339.705622] stack backtrace: [ 339.706045] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 339.706848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 339.707636] Workqueue: netns cleanup_net [ 339.708054] Call Trace: [ 339.708306] [ 339.708528] dump_stack_lvl+0xca/0x120 [ 339.708934] print_circular_bug+0x47b/0x750 [ 339.709368] check_noncircular+0x2e9/0x3c0 [ 339.709796] ? lock_repin_lock+0x207/0x320 [ 339.710247] ? __pfx_check_noncircular+0x10/0x10 [ 339.710721] ? hlock_class+0x4e/0x130 [ 339.711096] ? mark_lock+0xac/0xed0 [ 339.711461] ? __pfx_lock_repin_lock+0x10/0x10 [ 339.711944] ? timerqueue_del+0x83/0x150 [ 339.712362] ? lockdep_lock+0xba/0x1b0 [ 339.712774] ? __pfx_lockdep_lock+0x10/0x10 [ 339.713232] __lock_acquire+0x29fd/0x4580 [ 339.713659] ? __pfx___lock_acquire+0x10/0x10 [ 339.714107] ? lock_release+0x20f/0x6f0 [ 339.714504] ? __pfx_lock_release+0x10/0x10 [ 339.714936] lock_acquire+0x19b/0x520 [ 339.715320] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 339.715893] ? __pfx_lock_acquire+0x10/0x10 [ 339.716320] ? srso_return_thunk+0x5/0x5f [ 339.716756] ? lock_release+0x20f/0x6f0 [ 339.717172] ? srso_return_thunk+0x5/0x5f [ 339.717606] ? lock_is_held_type+0x9e/0x120 [ 339.718048] ? srso_return_thunk+0x5/0x5f [ 339.718475] __mutex_lock+0x13d/0xb50 [ 339.718869] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 339.719443] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 339.720036] ? srso_return_thunk+0x5/0x5f [ 339.720470] ? synchronize_rcu_expedited+0x38a/0x420 [ 339.720969] ? __pfx___mutex_lock+0x10/0x10 [ 339.721415] ? __pfx_autoremove_wake_function+0x10/0x10 [ 339.721974] ? srso_return_thunk+0x5/0x5f [ 339.722418] ? kasan_quarantine_put+0x84/0x1e0 [ 339.722901] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 339.723358] ? srso_return_thunk+0x5/0x5f [ 339.723814] unregister_netdevice_many_notify+0x1612/0x1c80 [ 339.724378] ? __virt_addr_valid+0x2e8/0x5d0 [ 339.724834] ? __pfx_lock_release+0x10/0x10 [ 339.725267] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 339.725862] ? find_held_lock+0x2c/0x110 [ 339.726289] ? srso_return_thunk+0x5/0x5f [ 339.726726] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 339.727235] ? srso_return_thunk+0x5/0x5f [ 339.727679] ? lock_release+0x20f/0x6f0 [ 339.728080] ? __pfx_lock_release+0x10/0x10 [ 339.728506] ? srso_return_thunk+0x5/0x5f [ 339.728928] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 339.729442] ? srso_return_thunk+0x5/0x5f [ 339.729878] unregister_netdevice_queue+0x224/0x2e0 [ 339.730362] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 339.730892] ? up_write+0x195/0x520 [ 339.731276] _cfg80211_unregister_wdev+0x57b/0x700 [ 339.731772] ? srso_return_thunk+0x5/0x5f [ 339.732201] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 339.732702] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 339.733257] ? srso_return_thunk+0x5/0x5f [ 339.733691] ? srso_return_thunk+0x5/0x5f [ 339.734127] ? synchronize_rcu+0x1ff/0x260 [ 339.734563] ieee80211_unregister_hw+0x55/0x3a0 [ 339.735037] hwsim_exit_net+0x3a0/0x730 [ 339.735446] ? __pfx_hwsim_exit_net+0x10/0x10 [ 339.735914] ? srso_return_thunk+0x5/0x5f [ 339.736341] ? netdev_run_todo+0x788/0x1040 [ 339.736773] ? __pfx_hwsim_exit_net+0x10/0x10 [ 339.737217] ops_exit_list+0xb3/0x180 [ 339.737602] cleanup_net+0x546/0xad0 [ 339.737981] ? __pfx_cleanup_net+0x10/0x10 [ 339.738413] process_one_work+0x8ee/0x1a10 [ 339.738860] ? __pfx_lock_acquire+0x10/0x10 [ 339.739286] ? __pfx_process_one_work+0x10/0x10 [ 339.739771] ? srso_return_thunk+0x5/0x5f [ 339.740196] ? move_linked_works+0x172/0x270 [ 339.740653] ? srso_return_thunk+0x5/0x5f [ 339.741091] ? assign_work+0x196/0x240 [ 339.741507] worker_thread+0x674/0xe70 [ 339.741929] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 339.742468] ? __pfx_worker_thread+0x10/0x10 [ 339.742938] kthread+0x3ab/0x720 [ 339.743306] ? __pfx_kthread+0x10/0x10 [ 339.743728] ? srso_return_thunk+0x5/0x5f [ 339.744160] ? finish_task_switch.isra.0+0x206/0x840 [ 339.744678] ? __pfx_kthread+0x10/0x10 [ 339.745093] ret_from_fork+0x48/0x80 [ 339.745468] ? __pfx_kthread+0x10/0x10 [ 339.745888] ret_from_fork_asm+0x1a/0x30 [ 339.746323] [ 341.122172] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 341.124435] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 341.127249] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 341.134098] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 341.139195] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 341.147080] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 341.441655] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 341.443874] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 341.446247] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 341.450235] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 341.454890] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 341.458818] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 341.575771] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 341.587958] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 341.588984] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 341.589842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 341.597656] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 341.597954] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 341.608271] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 341.609528] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 341.626282] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 341.627696] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 341.630111] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 341.636776] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 341.643972] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 341.648691] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 341.667412] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 341.693139] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 341.698956] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 341.701052] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 341.702363] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 341.705247] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 341.706134] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 341.708133] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 341.713888] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 341.717341] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 341.719488] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 341.721300] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 341.722733] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 341.726795] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 341.742725] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 341.757255] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 341.758868] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 341.772842] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 341.784864] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 341.805924] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 341.816180] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 341.825363] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 343.159648] Bluetooth: hci0: command tx timeout [ 343.480561] Bluetooth: hci1: command tx timeout [ 343.671546] Bluetooth: hci2: command tx timeout [ 343.672652] Bluetooth: hci3: command tx timeout [ 343.800616] Bluetooth: hci4: command tx timeout [ 343.863601] Bluetooth: hci5: command tx timeout [ 343.864660] Bluetooth: hci6: command tx timeout [ 343.864695] Bluetooth: hci7: command tx timeout [ 345.207992] Bluetooth: hci0: command tx timeout [ 345.527578] Bluetooth: hci1: command tx timeout [ 345.719795] Bluetooth: hci3: command tx timeout [ 345.719930] Bluetooth: hci2: command tx timeout [ 345.847614] Bluetooth: hci4: command tx timeout [ 345.912551] Bluetooth: hci6: command tx timeout [ 345.912598] Bluetooth: hci7: command tx timeout [ 345.912615] Bluetooth: hci5: command tx timeout [ 347.255776] Bluetooth: hci0: command tx timeout [ 347.575877] Bluetooth: hci1: command tx timeout [ 347.767767] Bluetooth: hci3: command tx timeout [ 347.767811] Bluetooth: hci2: command tx timeout [ 347.895623] Bluetooth: hci4: command tx timeout [ 347.959725] Bluetooth: hci5: command tx timeout [ 347.960938] Bluetooth: hci7: command tx timeout [ 347.960982] Bluetooth: hci6: command tx timeout [ 349.305589] Bluetooth: hci0: command tx timeout [ 349.623729] Bluetooth: hci1: command tx timeout VM DIAGNOSIS: 11:26:13 Registers: info registers vcpu 0 RAX=0000000000000036 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095deb28 R8 =0000000000000001 R9 =ffffed10012bbd55 R10=0000000000000036 R11=6666666666666666 R12=0000000000000036 R13=0000000000000001 R14=ffff888008fea01e R15=ffff8880095dee28 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055e52caca678 CR3=000000000d3b4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000004118a00000000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffff88806cf00000 RBX=0000000000000001 RCX=ffffffff84a8bb27 RDX=ffffed100d9e6c4b RSI=0000000000000004 RDI=ffffffff814b1b6a RBP=dffffc0000000000 RSP=ffff8880096a7e68 R8 =0000000000000000 R9 =ffffed100d9e6c4a R10=ffff88806cf36253 R11=0000000000000000 R12=ffffffff864021d0 R13=1ffff110012d4fd2 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff84a8cace RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd05b68b3e0 CR3=000000000a41a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=21f844c98ec04bba71438b4a86684be3 XMM02=68a8aee3740b9fad00000000000ff630 XMM03=711fbe8126c5d34400000000001373a8 XMM04=061917939ea569d800000000000ae988 XMM05=ebfae20747c011c5000000000014f360 XMM06=9f165a4fe6c971ad00000000001374b0 XMM07=711fbe8126c5d34400000000001373a8 XMM08=68a8aee3740b9fad00000000000ff630 XMM09=00000000000000000000000000000000 XMM10=20000000000000002000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000