Warning: Permanently added '[localhost]:39573' (ECDSA) to the list of known hosts.
2025/01/18 22:43:43 fuzzer started
2025/01/18 22:43:44 dialing manager at localhost:44245
syzkaller login: [ 62.270690] cgroup: Unknown subsys name 'net'
[ 62.401192] cgroup: Unknown subsys name 'cpuset'
[ 62.430193] cgroup: Unknown subsys name 'rlimit'
[ 67.279700] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
[ 78.749783] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
2025/01/18 22:44:01 syscalls: 2217
2025/01/18 22:44:01 code coverage: enabled
2025/01/18 22:44:01 comparison tracing: enabled
2025/01/18 22:44:01 extra coverage: enabled
2025/01/18 22:44:01 setuid sandbox: enabled
2025/01/18 22:44:01 namespace sandbox: enabled
2025/01/18 22:44:01 Android sandbox: enabled
2025/01/18 22:44:01 fault injection: enabled
2025/01/18 22:44:01 leak checking: enabled
2025/01/18 22:44:01 net packet injection: enabled
2025/01/18 22:44:01 net device setup: enabled
2025/01/18 22:44:01 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/01/18 22:44:01 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/01/18 22:44:01 USB emulation: enabled
2025/01/18 22:44:01 hci packet injection: enabled
2025/01/18 22:44:01 wifi device emulation: enabled
2025/01/18 22:44:01 802.15.4 emulation: enabled
2025/01/18 22:44:01 fetching corpus: 0, signal 0/2000 (executing program)
2025/01/18 22:44:01 fetching corpus: 50, signal 25557/28579 (executing program)
2025/01/18 22:44:01 fetching corpus: 100, signal 40213/43938 (executing program)
2025/01/18 22:44:01 fetching corpus: 150, signal 45753/50342 (executing program)
2025/01/18 22:44:02 fetching corpus: 200, signal 50534/55847 (executing program)
2025/01/18 22:44:02 fetching corpus: 250, signal 55122/60984 (executing program)
2025/01/18 22:44:02 fetching corpus: 300, signal 60285/66415 (executing program)
2025/01/18 22:44:02 fetching corpus: 350, signal 63595/70097 (executing program)
2025/01/18 22:44:02 fetching corpus: 400, signal 67302/73959 (executing program)
2025/01/18 22:44:03 fetching corpus: 450, signal 71649/78237 (executing program)
2025/01/18 22:44:03 fetching corpus: 500, signal 73821/80579 (executing program)
2025/01/18 22:44:03 fetching corpus: 550, signal 76531/83273 (executing program)
2025/01/18 22:44:03 fetching corpus: 600, signal 78621/85344 (executing program)
2025/01/18 22:44:03 fetching corpus: 650, signal 81153/87740 (executing program)
2025/01/18 22:44:03 fetching corpus: 700, signal 83534/89940 (executing program)
2025/01/18 22:44:03 fetching corpus: 750, signal 86461/92405 (executing program)
2025/01/18 22:44:04 fetching corpus: 800, signal 87964/93821 (executing program)
2025/01/18 22:44:04 fetching corpus: 850, signal 89805/95406 (executing program)
2025/01/18 22:44:04 fetching corpus: 900, signal 91110/96607 (executing program)
2025/01/18 22:44:04 fetching corpus: 950, signal 92659/97838 (executing program)
2025/01/18 22:44:04 fetching corpus: 1000, signal 94081/98929 (executing program)
2025/01/18 22:44:04 fetching corpus: 1050, signal 95201/99847 (executing program)
2025/01/18 22:44:05 fetching corpus: 1100, signal 97826/101556 (executing program)
2025/01/18 22:44:05 fetching corpus: 1150, signal 99626/102764 (executing program)
2025/01/18 22:44:05 fetching corpus: 1200, signal 101119/103717 (executing program)
2025/01/18 22:44:05 fetching corpus: 1250, signal 104586/105599 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/105820 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/105855 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/105890 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/105931 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/105971 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106015 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106059 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106100 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106134 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106175 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106214 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106242 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106278 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106310 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106339 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106374 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106400 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106434 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106478 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106516 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106543 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106572 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106598 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106634 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106661 (executing program)
2025/01/18 22:44:05 fetching corpus: 1269, signal 104942/106704 (executing program)
2025/01/18 22:44:06 fetching corpus: 1269, signal 104942/106737 (executing program)
2025/01/18 22:44:06 fetching corpus: 1269, signal 104942/106753 (executing program)
2025/01/18 22:44:06 fetching corpus: 1269, signal 104942/106753 (executing program)
2025/01/18 22:44:08 starting 8 fuzzer processes
22:44:08 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmat(0x0, &(0x7f0000ff3000/0x4000)=nil, 0x4000)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0)
r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ff8000/0x4000)=nil)
shmctl$IPC_RMID(0x0, 0x0)
shmctl$IPC_RMID(r1, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000ff7000/0x1000)=nil, 0x1000, 0x15)
shmctl$IPC_RMID(0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000300)=ANY=[])
sendfile(r0, 0xffffffffffffffff, 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000004c0)=0xff)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = dup(r3)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000002880), 0x4000101, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8)
22:44:08 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x1000000000000004, 0x1)
22:44:08 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept$inet6(r0, 0x0, 0x0)
22:44:08 executing program 2:
r0 = fsopen(&(0x7f0000000100)='autofs\x00', 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
dup2(r1, r0)
22:44:08 executing program 3:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read(r0, 0x0, 0x0)
22:44:08 executing program 7:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f00000010c0)={0x2c, 0x10, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @typed={0x4, 0x0, 0x0, 0x0, @binary}, @nested={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @pid}]}]}, 0x2c}], 0x1}, 0x0)
22:44:08 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="010300ff000021b7aeee0100220004000180"], 0x18}}, 0x0)
22:44:08 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4)
[ 86.751836] audit: type=1400 audit(1737240249.010:7): avc: denied { execmem } for pid=276 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 88.186400] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 88.188973] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 88.191816] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 88.200164] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 88.204118] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 88.206414] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 88.208801] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 88.217137] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 88.220464] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 88.220562] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 88.227276] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 88.231177] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 88.231699] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 88.236669] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 88.239596] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 88.240880] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 88.242250] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 88.243620] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 88.246102] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 88.255975] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 88.260975] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 88.270971] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 88.272398] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 88.273648] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 88.277442] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 88.279222] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 88.280420] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 88.284433] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 88.304001] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 88.315179] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 88.317018] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 88.321576] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 88.324070] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 88.326144] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 88.327654] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 88.327952] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 88.334141] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 88.335683] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 88.338202] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 88.342911] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 88.360614] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 88.366880] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 88.367069] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 88.367109] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 88.373973] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 88.375549] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 88.376151] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 88.387846] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 90.324202] Bluetooth: hci1: command tx timeout
[ 90.324204] Bluetooth: hci0: command tx timeout
[ 90.324515] Bluetooth: hci6: command tx timeout
[ 90.388114] Bluetooth: hci4: command tx timeout
[ 90.389925] Bluetooth: hci2: command tx timeout
[ 90.452028] Bluetooth: hci7: command tx timeout
[ 90.452133] Bluetooth: hci5: command tx timeout
[ 90.452218] Bluetooth: hci3: command tx timeout
[ 92.373818] Bluetooth: hci6: command tx timeout
[ 92.373846] Bluetooth: hci0: command tx timeout
[ 92.373925] Bluetooth: hci1: command tx timeout
[ 92.435839] Bluetooth: hci4: command tx timeout
[ 92.436402] Bluetooth: hci2: command tx timeout
[ 92.500248] Bluetooth: hci7: command tx timeout
[ 92.500401] Bluetooth: hci3: command tx timeout
[ 92.500601] Bluetooth: hci5: command tx timeout
[ 94.419889] Bluetooth: hci1: command tx timeout
[ 94.420013] Bluetooth: hci0: command tx timeout
[ 94.420125] Bluetooth: hci6: command tx timeout
[ 94.483904] Bluetooth: hci4: command tx timeout
[ 94.484084] Bluetooth: hci2: command tx timeout
[ 94.548911] Bluetooth: hci5: command tx timeout
[ 94.549017] Bluetooth: hci3: command tx timeout
[ 94.549119] Bluetooth: hci7: command tx timeout
[ 96.467839] Bluetooth: hci6: command tx timeout
[ 96.467877] Bluetooth: hci0: command tx timeout
[ 96.467943] Bluetooth: hci1: command tx timeout
[ 96.531851] Bluetooth: hci2: command tx timeout
[ 96.531957] Bluetooth: hci4: command tx timeout
[ 96.595908] Bluetooth: hci7: command tx timeout
[ 96.596086] Bluetooth: hci3: command tx timeout
[ 96.596119] Bluetooth: hci5: command tx timeout
[ 147.928272] syz-executor.0 (287) used greatest stack depth: 24648 bytes left
[ 148.183118] syz-executor.2 (281) used greatest stack depth: 24304 bytes left
[ 150.434677] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 150.438374] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 150.439880] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 150.449978] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 150.454162] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 150.460131] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 150.636930] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 150.639915] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 150.641006] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 150.652912] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 150.656070] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 150.661820] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 150.696263] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 150.706460] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 150.710626] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 150.722660] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 150.734845] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 150.736053] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 150.780288] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 150.782090] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 150.783407] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 150.791997] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 150.794340] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 150.795391] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 150.889384] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 150.901091] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 150.927125] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 150.937650] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 150.955081] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 150.958181] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 151.037251] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 151.044825] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 151.062581] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 151.085204] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 151.095175] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 151.101218] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 151.106428] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 151.129011] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 151.136606] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 151.137107] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 151.151200] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 151.162472] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 151.210399] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 151.214467] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 151.217139] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 151.218391] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 151.227472] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 151.228639] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 152.531828] Bluetooth: hci0: command tx timeout
[ 152.723786] Bluetooth: hci1: command tx timeout
[ 152.787813] Bluetooth: hci2: command tx timeout
[ 152.851797] Bluetooth: hci3: command tx timeout
[ 153.043805] Bluetooth: hci4: command tx timeout
[ 153.172780] Bluetooth: hci5: command tx timeout
[ 153.300823] Bluetooth: hci6: command tx timeout
[ 153.300852] Bluetooth: hci7: command tx timeout
[ 154.579792] Bluetooth: hci0: command tx timeout
[ 154.773746] Bluetooth: hci1: command tx timeout
[ 154.837756] Bluetooth: hci2: command tx timeout
[ 154.899895] Bluetooth: hci3: command tx timeout
[ 155.091868] Bluetooth: hci4: command tx timeout
[ 155.219857] Bluetooth: hci5: command tx timeout
[ 155.347787] Bluetooth: hci7: command tx timeout
[ 155.348102] Bluetooth: hci6: command tx timeout
[ 156.628748] Bluetooth: hci0: command tx timeout
[ 156.820739] Bluetooth: hci1: command tx timeout
[ 156.883907] Bluetooth: hci2: command tx timeout
[ 156.947774] Bluetooth: hci3: command tx timeout
[ 157.140764] Bluetooth: hci4: command tx timeout
[ 157.268449] Bluetooth: hci5: command tx timeout
[ 157.395799] Bluetooth: hci7: command tx timeout
[ 157.395875] Bluetooth: hci6: command tx timeout
[ 158.675780] Bluetooth: hci0: command tx timeout
[ 158.868764] Bluetooth: hci1: command tx timeout
[ 158.931820] Bluetooth: hci2: command tx timeout
[ 158.997197] Bluetooth: hci3: command tx timeout
[ 159.188829] Bluetooth: hci4: command tx timeout
[ 159.316799] Bluetooth: hci5: command tx timeout
[ 159.443995] Bluetooth: hci7: command tx timeout
[ 159.444666] Bluetooth: hci6: command tx timeout
[ 211.175849]
[ 211.176110] ======================================================
[ 211.176695] WARNING: possible circular locking dependency detected
[ 211.177286] 6.13.0-rc7-next-20250117 #1 Not tainted
[ 211.177774] ------------------------------------------------------
[ 211.179122] kworker/u8:1/65 is trying to acquire lock:
[ 211.180412] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80
[ 211.182424]
[ 211.182424] but task is already holding lock:
[ 211.184139] ffff8880189b8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0
[ 211.186055]
[ 211.186055] which lock already depends on the new lock.
[ 211.186055]
[ 211.187431]
[ 211.187431] the existing dependency chain (in reverse order) is:
[ 211.188137]
[ 211.188137] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}:
[ 211.188782] __mutex_lock+0x13d/0xb50
[ 211.189251] wiphy_register+0x1b2e/0x25d0
[ 211.189744] ieee80211_register_hw+0x23a4/0x3d60
[ 211.190303] mac80211_hwsim_new_radio+0x2759/0x4d50
[ 211.190876] init_mac80211_hwsim+0x389/0x870
[ 211.191401] do_one_initcall+0xf9/0x640
[ 211.191855] kernel_init_freeable+0x53d/0x7a0
[ 211.192351] kernel_init+0x1e/0x2d0
[ 211.192749] ret_from_fork+0x48/0x80
[ 211.193152] ret_from_fork_asm+0x1a/0x30
[ 211.193609]
[ 211.193609] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[ 211.194209] __lock_acquire+0x29fd/0x4580
[ 211.194693] lock_acquire+0x19b/0x520
[ 211.195134] __mutex_lock+0x13d/0xb50
[ 211.195566] unregister_netdevice_many_notify+0x1612/0x1c80
[ 211.196142] unregister_netdevice_queue+0x224/0x2e0
[ 211.196664] _cfg80211_unregister_wdev+0x57b/0x700
[ 211.197183] ieee80211_remove_interfaces+0x2f2/0x6b0
[ 211.197700] ieee80211_unregister_hw+0x55/0x3a0
[ 211.198202] hwsim_exit_net+0x3a0/0x730
[ 211.198634] ops_exit_list+0xb3/0x180
[ 211.199075] cleanup_net+0x546/0xad0
[ 211.199517] process_one_work+0x8ee/0x1a10
[ 211.200025] worker_thread+0x674/0xe70
[ 211.200498] kthread+0x3ab/0x720
[ 211.200925] ret_from_fork+0x48/0x80
[ 211.201360] ret_from_fork_asm+0x1a/0x30
[ 211.201846]
[ 211.201846] other info that might help us debug this:
[ 211.201846]
[ 211.202577] Possible unsafe locking scenario:
[ 211.202577]
[ 211.203111] CPU0 CPU1
[ 211.203528] ---- ----
[ 211.203946] lock(&rdev->wiphy.mtx);
[ 211.204352] lock(rtnl_mutex);
[ 211.204933] lock(&rdev->wiphy.mtx);
[ 211.205562] lock(rtnl_mutex);
[ 211.205918]
[ 211.205918] *** DEADLOCK ***
[ 211.205918]
[ 211.206469] 4 locks held by kworker/u8:1/65:
[ 211.206878] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10
[ 211.207832] #1: ffff888009d37d30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10
[ 211.208790] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0
[ 211.209699] #3: ffff8880189b8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0
[ 211.210739]
[ 211.210739] stack backtrace:
[ 211.211186] CPU: 0 UID: 0 PID: 65 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250117 #1
[ 211.211976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 211.212743] Workqueue: netns cleanup_net
[ 211.213149] Call Trace:
[ 211.213399] <TASK>
[ 211.213622] dump_stack_lvl+0xca/0x120
[ 211.214032] print_circular_bug+0x47b/0x750
[ 211.214470] check_noncircular+0x2e9/0x3c0
[ 211.214891] ? __pfx_check_noncircular+0x10/0x10
[ 211.215357] ? hlock_class+0x4e/0x130
[ 211.215731] ? mark_lock+0xac/0xed0
[ 211.216103] ? srso_return_thunk+0x5/0x5f
[ 211.216534] ? dl_scaled_delta_exec+0xd4/0x2c0
[ 211.216971] ? lockdep_lock+0xba/0x1b0
[ 211.217367] ? __pfx_lockdep_lock+0x10/0x10
[ 211.217796] __lock_acquire+0x29fd/0x4580
[ 211.218235] ? __pfx___lock_acquire+0x10/0x10
[ 211.218680] ? lock_release+0x20f/0x6f0
[ 211.219084] ? __pfx_lock_release+0x10/0x10
[ 211.219530] lock_acquire+0x19b/0x520
[ 211.219927] ? unregister_netdevice_many_notify+0x1612/0x1c80
[ 211.220512] ? __pfx_lock_acquire+0x10/0x10
[ 211.220958] ? srso_return_thunk+0x5/0x5f
[ 211.221393] ? lock_release+0x20f/0x6f0
[ 211.221807] ? srso_return_thunk+0x5/0x5f
[ 211.222254] ? lock_is_held_type+0x9e/0x120
[ 211.222710] ? srso_return_thunk+0x5/0x5f
[ 211.223153] __mutex_lock+0x13d/0xb50
[ 211.223558] ? unregister_netdevice_many_notify+0x1612/0x1c80
[ 211.224135] ? unregister_netdevice_many_notify+0x1612/0x1c80
[ 211.224716] ? srso_return_thunk+0x5/0x5f
[ 211.225146] ? synchronize_rcu_expedited+0x38a/0x420
[ 211.225621] ? __pfx___mutex_lock+0x10/0x10
[ 211.226040] ? __pfx_autoremove_wake_function+0x10/0x10
[ 211.226566] ? srso_return_thunk+0x5/0x5f
[ 211.226974] ? kasan_quarantine_put+0x84/0x1e0
[ 211.227427] ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 211.227854] ? srso_return_thunk+0x5/0x5f
[ 211.228266] unregister_netdevice_many_notify+0x1612/0x1c80
[ 211.228788] ? __virt_addr_valid+0x2e8/0x5d0
[ 211.229217] ? __pfx_lock_release+0x10/0x10
[ 211.229648] ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 211.230245] ? find_held_lock+0x2c/0x110
[ 211.230674] ? srso_return_thunk+0x5/0x5f
[ 211.231107] ? kernfs_remove_by_name_ns+0xc7/0x130
[ 211.231611] ? srso_return_thunk+0x5/0x5f
[ 211.232020] ? lock_release+0x20f/0x6f0
[ 211.232404] ? __pfx_lock_release+0x10/0x10
[ 211.232812] ? srso_return_thunk+0x5/0x5f
[ 211.233218] ? lockdep_hardirqs_on_prepare+0x262/0x3f0
[ 211.233706] ? srso_return_thunk+0x5/0x5f
[ 211.234124] unregister_netdevice_queue+0x224/0x2e0
[ 211.234599] ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 211.235103] ? up_write+0x195/0x520
[ 211.235482] _cfg80211_unregister_wdev+0x57b/0x700
[ 211.235950] ? srso_return_thunk+0x5/0x5f
[ 211.236368] ieee80211_remove_interfaces+0x2f2/0x6b0
[ 211.236835] ? __pfx_ieee80211_remove_interfaces+0x10/0x10
[ 211.237353] ? srso_return_thunk+0x5/0x5f
[ 211.237785] ? srso_return_thunk+0x5/0x5f
[ 211.238228] ? synchronize_rcu+0x1ff/0x260
[ 211.238653] ieee80211_unregister_hw+0x55/0x3a0
[ 211.239133] hwsim_exit_net+0x3a0/0x730
[ 211.239545] ? __pfx_hwsim_exit_net+0x10/0x10
[ 211.239996] ? srso_return_thunk+0x5/0x5f
[ 211.240421] ? netdev_run_todo+0x788/0x1040
[ 211.240858] ? __pfx_hwsim_exit_net+0x10/0x10
[ 211.241320] ops_exit_list+0xb3/0x180
[ 211.241717] cleanup_net+0x546/0xad0
[ 211.242108] ? __pfx_cleanup_net+0x10/0x10
[ 211.242565] process_one_work+0x8ee/0x1a10
[ 211.243021] ? __pfx_lock_acquire+0x10/0x10
[ 211.243465] ? __pfx_process_one_work+0x10/0x10
[ 211.243955] ? srso_return_thunk+0x5/0x5f
[ 211.244394] ? move_linked_works+0x172/0x270
[ 211.244849] ? srso_return_thunk+0x5/0x5f
[ 211.245283] ? assign_work+0x196/0x240
[ 211.245694] worker_thread+0x674/0xe70
[ 211.246111] ? lockdep_hardirqs_on_prepare+0x262/0x3f0
[ 211.246641] ? srso_return_thunk+0x5/0x5f
[ 211.247071] ? __pfx_worker_thread+0x10/0x10
[ 211.247537] kthread+0x3ab/0x720
[ 211.247902] ? __pfx_kthread+0x10/0x10
[ 211.248315] ? srso_return_thunk+0x5/0x5f
[ 211.248721] ? finish_task_switch.isra.0+0x206/0x840
[ 211.249204] ? __pfx_kthread+0x10/0x10
[ 211.249595] ret_from_fork+0x48/0x80
[ 211.249949] ? __pfx_kthread+0x10/0x10
[ 211.250342] ret_from_fork_asm+0x1a/0x30
[ 211.250758] </TASK>
[ 212.704471] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 212.706453] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 212.708270] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 212.708473] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 212.710012] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 212.714341] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 212.715168] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 212.716470] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 212.721989] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 212.722418] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 212.729607] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 212.730344] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 212.767158] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 212.769110] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 212.776980] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 212.782625] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 212.787950] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 212.789640] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 212.891766] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 212.899867] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 212.906034] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 212.924362] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 212.945299] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 212.946949] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 212.968071] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 212.983941] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 212.989183] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 213.023862] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 213.032113] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 213.032263] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 213.034108] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 213.044827] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 213.054580] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 213.070205] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 213.085984] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 213.089035] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 213.096482] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 213.099180] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 213.099490] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 213.138957] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 213.166924] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 213.170356] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 213.206033] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 213.253177] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 213.292872] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 213.300309] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 213.302569] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 213.305849] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 214.803873] Bluetooth: hci2: command tx timeout
[ 214.804100] Bluetooth: hci1: command tx timeout
[ 214.804161] Bluetooth: hci0: command tx timeout
[ 214.995720] Bluetooth: hci3: command tx timeout
[ 215.059793] Bluetooth: hci4: command tx timeout
[ 215.187750] Bluetooth: hci5: command tx timeout
[ 215.252633] Bluetooth: hci6: command tx timeout
[ 215.380786] Bluetooth: hci7: command tx timeout
[ 216.851885] Bluetooth: hci0: command tx timeout
[ 216.853146] Bluetooth: hci2: command tx timeout
[ 216.853173] Bluetooth: hci1: command tx timeout
[ 217.045345] Bluetooth: hci3: command tx timeout
[ 217.108746] Bluetooth: hci4: command tx timeout
[ 217.235737] Bluetooth: hci5: command tx timeout
[ 217.299720] Bluetooth: hci6: command tx timeout
[ 217.428759] Bluetooth: hci7: command tx timeout
[ 218.900726] Bluetooth: hci1: command tx timeout
[ 218.900759] Bluetooth: hci2: command tx timeout
[ 218.900812] Bluetooth: hci0: command tx timeout
[ 219.092728] Bluetooth: hci3: command tx timeout
[ 219.155847] Bluetooth: hci4: command tx timeout
[ 219.284750] Bluetooth: hci5: command tx timeout
[ 219.348796] Bluetooth: hci6: command tx timeout
[ 219.475751] Bluetooth: hci7: command tx timeout
[ 220.948741] Bluetooth: hci0: command tx timeout
[ 220.948776] Bluetooth: hci1: command tx timeout
[ 220.948821] Bluetooth: hci2: command tx timeout
[ 221.139971] Bluetooth: hci3: command tx timeout
VM DIAGNOSIS:
22:46:13 Registers:
info registers vcpu 0
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff888009d36bb8
R8 =0000000000000001 R9 =ffffed10013a6d67 R10=0000000000000034 R11=3a6b636f6c206762
R12=0000000000000034 R13=0000000000000001 R14=ffff888008fea00d R15=ffff888009d36eb8
RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055fce0c9af98 CR3=000000001543e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000004175a32800000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=ffff88800eff9bc0 RBX=ffffffff87824318 RCX=ffffffff81429a4a RDX=1ffff11001d77d80
RSI=0000000000000008 RDI=ffff88800ebbec00 RBP=0000000000000000 RSP=ffff88800f0e7dd0
R8 =0000000000000000 R9 =ffffed1001d77d80 R10=ffff88800ebbec07 R11=ffff88800effa078
R12=ffffffff87824ff9 R13=ffff888008c504a0 R14=ffff88800eff9bc0 R15=0000000000000086
RIP=ffffffff81aedda6 RFL=00000007 [-----PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f97ccc92400 CR3=000000001543e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=0000000000000000425166341fcf0000
XMM02=00000000000000003fd977a525c1ab8a XMM03=000000c0003da040000000c00016f8e0
XMM04=000000c0000a9020000000c0000a9010 XMM05=000000c0000a9040000000c0000a9030
XMM06=000000c0000a9068000000c0000a9058 XMM07=000000c0000a9098000000c0000a9088
XMM08=000000c00016f930000000c0000a8f90 XMM09=000000c00016f940000000c0000a8fc8
XMM10=000000c0000a9000000000c0000a8ff0 XMM11=000000c0000a9020000000c0000a9010
XMM12=000000c0000a9040000000c0000a9030 XMM13=000000c0000a9068000000c0000a9058
XMM14=000000c0000a9098000000c0000a9088 XMM15=000000c0000a90b8000000c0000a90a8