Warning: Permanently added '[localhost]:48436' (ECDSA) to the list of known hosts. 2025/01/17 22:41:53 fuzzer started 2025/01/17 22:41:54 dialing manager at localhost:44245 syzkaller login: [ 67.825672] cgroup: Unknown subsys name 'net' [ 67.927315] cgroup: Unknown subsys name 'cpuset' [ 67.956852] cgroup: Unknown subsys name 'rlimit' [ 73.936093] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 84.391877] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/17 22:42:11 syscalls: 2217 2025/01/17 22:42:11 code coverage: enabled 2025/01/17 22:42:11 comparison tracing: enabled 2025/01/17 22:42:11 extra coverage: enabled 2025/01/17 22:42:11 setuid sandbox: enabled 2025/01/17 22:42:11 namespace sandbox: enabled 2025/01/17 22:42:11 Android sandbox: enabled 2025/01/17 22:42:11 fault injection: enabled 2025/01/17 22:42:11 leak checking: enabled 2025/01/17 22:42:11 net packet injection: enabled 2025/01/17 22:42:11 net device setup: enabled 2025/01/17 22:42:11 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/17 22:42:11 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/17 22:42:11 USB emulation: enabled 2025/01/17 22:42:11 hci packet injection: enabled 2025/01/17 22:42:11 wifi device emulation: enabled 2025/01/17 22:42:11 802.15.4 emulation: enabled 2025/01/17 22:42:11 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/17 22:42:11 fetching corpus: 2, signal 2989/4084 (executing program) 2025/01/17 22:42:11 fetching corpus: 2, signal 2989/4118 (executing program) 2025/01/17 22:42:11 fetching corpus: 2, signal 2989/4118 (executing program) 2025/01/17 22:42:15 starting 8 fuzzer processes 22:42:15 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000100)=[{&(0x7f0000002240)=""/4109, 0x100d}], 0x1, 0x600, 0x0) 22:42:15 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f00000014c0)={0x1c, 0x18, 0x1, 0x0, 0x0, "", [@generic="801e15479665ae6bae"]}, 0x1c}], 0x1}, 0x0) 22:42:15 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETSF(r0, 0x5404, 0x0) 22:42:15 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$read(0x14, 0x0, &(0x7f0000000100)=""/222, 0xde) [ 89.163194] audit: type=1400 audit(1737153736.010:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 22:42:16 executing program 6: openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioperm(0x0, 0x6d1f, 0x8) statx(0xffffffffffffff9c, &(0x7f0000004700)='./file0\x00', 0x0, 0x0, &(0x7f0000004740)) 22:42:16 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0) pread64(r0, &(0x7f00000012c0)=""/4093, 0xffd, 0x0) 22:42:16 executing program 5: execveat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x1100) 22:42:16 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x28, r1, 0x87d27e71721737b5, 0x0, 0x0, {{0x5}, {@void, @val={0x8, 0x3, r3}, @val={0xc}}}}, 0x28}}, 0x0) recvmmsg(r0, &(0x7f0000003440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 90.557852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.560225] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.565631] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.573011] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.577125] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 90.579120] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.612162] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.616848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.622722] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.633154] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.639735] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 90.641905] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.674286] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.681579] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 90.685797] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.686092] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.688467] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.696018] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 90.698048] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.702912] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 90.704716] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 90.705571] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.719817] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 90.721991] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.734745] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 90.739809] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 90.759795] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 90.767673] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 90.805643] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 90.808788] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 90.837045] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 90.839023] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 90.842175] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 90.844448] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 90.847033] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 90.849844] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 90.854758] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 90.856761] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 90.859307] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 90.866791] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 90.870705] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 90.872536] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 90.896238] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 90.913539] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 90.918402] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 90.926151] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 90.930691] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 90.932768] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 92.637598] Bluetooth: hci0: command tx timeout [ 92.699922] Bluetooth: hci1: command tx timeout [ 92.763457] Bluetooth: hci2: command tx timeout [ 92.764450] Bluetooth: hci3: command tx timeout [ 92.827498] Bluetooth: hci4: command tx timeout [ 92.892710] Bluetooth: hci6: command tx timeout [ 92.955507] Bluetooth: hci7: command tx timeout [ 92.956572] Bluetooth: hci5: command tx timeout [ 94.683830] Bluetooth: hci0: command tx timeout [ 94.747533] Bluetooth: hci1: command tx timeout [ 94.813008] Bluetooth: hci3: command tx timeout [ 94.813090] Bluetooth: hci2: command tx timeout [ 94.875504] Bluetooth: hci4: command tx timeout [ 94.941412] Bluetooth: hci6: command tx timeout [ 95.005385] Bluetooth: hci5: command tx timeout [ 95.005453] Bluetooth: hci7: command tx timeout [ 96.731498] Bluetooth: hci0: command tx timeout [ 96.795598] Bluetooth: hci1: command tx timeout [ 96.859525] Bluetooth: hci3: command tx timeout [ 96.860525] Bluetooth: hci2: command tx timeout [ 96.924410] Bluetooth: hci4: command tx timeout [ 96.988601] Bluetooth: hci6: command tx timeout [ 97.051499] Bluetooth: hci7: command tx timeout [ 97.052583] Bluetooth: hci5: command tx timeout [ 98.779504] Bluetooth: hci0: command tx timeout [ 98.843500] Bluetooth: hci1: command tx timeout [ 98.907508] Bluetooth: hci2: command tx timeout [ 98.907775] Bluetooth: hci3: command tx timeout [ 98.972744] Bluetooth: hci4: command tx timeout [ 99.037023] Bluetooth: hci6: command tx timeout [ 99.100566] Bluetooth: hci5: command tx timeout [ 99.100621] Bluetooth: hci7: command tx timeout [ 154.299020] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 154.306972] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 154.316869] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 154.320692] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 154.321479] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 154.324827] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 154.326777] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 154.337014] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 154.340028] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 154.343206] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 154.351253] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 154.354921] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 154.358911] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 154.360167] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 154.363499] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 154.365718] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 154.366600] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 154.369760] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 154.370309] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 154.376014] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 154.380561] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 154.383949] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 154.384770] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 154.387977] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 154.429476] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 154.431181] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 154.432261] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 154.437925] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 154.444874] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 154.453825] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 154.470534] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 154.471486] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 154.477873] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 154.478621] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 154.486182] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 154.486711] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 154.490479] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 154.492933] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 154.495542] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 154.498022] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 154.499676] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 154.503167] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 154.503633] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 154.508181] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 154.509525] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 154.512247] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 154.516783] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 154.525934] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 156.443933] Bluetooth: hci3: command tx timeout [ 156.444155] Bluetooth: hci0: command tx timeout [ 156.445169] Bluetooth: hci1: command tx timeout [ 156.507452] Bluetooth: hci2: command tx timeout [ 156.571641] Bluetooth: hci7: command tx timeout [ 156.571675] Bluetooth: hci6: command tx timeout [ 156.572394] Bluetooth: hci4: command tx timeout [ 156.635560] Bluetooth: hci5: command tx timeout [ 158.491607] Bluetooth: hci3: command tx timeout [ 158.492538] Bluetooth: hci1: command tx timeout [ 158.492626] Bluetooth: hci0: command tx timeout [ 158.555425] Bluetooth: hci2: command tx timeout [ 158.619518] Bluetooth: hci7: command tx timeout [ 158.619558] Bluetooth: hci4: command tx timeout [ 158.619670] Bluetooth: hci6: command tx timeout [ 158.683406] Bluetooth: hci5: command tx timeout [ 160.539519] Bluetooth: hci0: command tx timeout [ 160.539994] Bluetooth: hci1: command tx timeout [ 160.540075] Bluetooth: hci3: command tx timeout [ 160.603469] Bluetooth: hci2: command tx timeout [ 160.667439] Bluetooth: hci6: command tx timeout [ 160.667480] Bluetooth: hci4: command tx timeout [ 160.667547] Bluetooth: hci7: command tx timeout [ 160.731637] Bluetooth: hci5: command tx timeout [ 162.587489] Bluetooth: hci1: command tx timeout [ 162.587693] Bluetooth: hci3: command tx timeout [ 162.587786] Bluetooth: hci0: command tx timeout [ 162.651830] Bluetooth: hci2: command tx timeout [ 162.715514] Bluetooth: hci4: command tx timeout [ 162.716675] Bluetooth: hci7: command tx timeout [ 162.717396] Bluetooth: hci6: command tx timeout [ 162.780419] Bluetooth: hci5: command tx timeout [ 216.567619] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 216.569719] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 216.571824] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 216.573097] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 216.577760] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 216.582871] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 216.583976] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 216.589655] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 216.596724] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 216.597114] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 216.607463] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 216.608197] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 216.754964] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 216.767697] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 216.773466] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 216.787700] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 216.791693] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 216.798976] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 216.889578] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 216.902289] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 216.910471] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 216.915987] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 216.918152] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 216.921947] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 216.926214] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 216.934295] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 216.941020] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 216.950092] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 216.952678] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 216.961307] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 216.963277] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 216.965080] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 216.974478] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 216.997569] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 217.010591] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 217.016912] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 217.099022] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 217.111616] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 217.116285] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 217.118945] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 217.120086] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 217.120599] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 217.122452] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 217.160447] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 217.162173] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 217.170594] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 217.180471] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 217.182865] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 218.652677] Bluetooth: hci1: command tx timeout [ 218.653670] Bluetooth: hci0: command tx timeout [ 218.843726] Bluetooth: hci2: command tx timeout [ 219.036592] Bluetooth: hci4: command tx timeout [ 219.036809] Bluetooth: hci3: command tx timeout [ 219.100522] Bluetooth: hci5: command tx timeout [ 219.230416] Bluetooth: hci6: command tx timeout [ 219.292403] Bluetooth: hci7: command tx timeout [ 220.699541] Bluetooth: hci0: command tx timeout [ 220.699800] Bluetooth: hci1: command tx timeout [ 220.894383] Bluetooth: hci2: command tx timeout [ 221.083497] Bluetooth: hci3: command tx timeout [ 221.083653] Bluetooth: hci4: command tx timeout [ 221.147418] Bluetooth: hci5: command tx timeout [ 221.275998] Bluetooth: hci6: command tx timeout [ 221.340379] Bluetooth: hci7: command tx timeout [ 222.747684] Bluetooth: hci0: command tx timeout [ 222.748440] Bluetooth: hci1: command tx timeout [ 222.939422] Bluetooth: hci2: command tx timeout [ 223.131608] Bluetooth: hci3: command tx timeout [ 223.133067] Bluetooth: hci4: command tx timeout [ 223.195388] Bluetooth: hci5: command tx timeout [ 223.323434] Bluetooth: hci6: command tx timeout [ 223.388413] Bluetooth: hci7: command tx timeout [ 224.795529] Bluetooth: hci1: command tx timeout [ 224.795631] Bluetooth: hci0: command tx timeout [ 224.989363] Bluetooth: hci2: command tx timeout [ 225.179540] Bluetooth: hci4: command tx timeout [ 225.179563] Bluetooth: hci3: command tx timeout [ 225.243586] Bluetooth: hci5: command tx timeout [ 225.371590] Bluetooth: hci6: command tx timeout [ 225.435680] Bluetooth: hci7: command tx timeout [ 274.845037] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.845167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.282774] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.282857] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 276.762358] [ 276.762594] ====================================================== [ 276.763154] WARNING: possible circular locking dependency detected [ 276.763710] 6.13.0-rc7-next-20250117 #1 Not tainted [ 276.764169] ------------------------------------------------------ [ 276.765141] kworker/u8:0/11 is trying to acquire lock: [ 276.766206] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 276.768607] [ 276.768607] but task is already holding lock: [ 276.769732] ffff888035f80768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 276.771644] [ 276.771644] which lock already depends on the new lock. [ 276.771644] [ 276.772348] [ 276.772348] the existing dependency chain (in reverse order) is: [ 276.772990] [ 276.772990] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 276.773603] __mutex_lock+0x13d/0xb50 [ 276.774034] wiphy_register+0x1b2e/0x25d0 [ 276.774508] ieee80211_register_hw+0x23a4/0x3d60 [ 276.775019] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 276.775557] init_mac80211_hwsim+0x389/0x870 [ 276.776055] do_one_initcall+0xf9/0x640 [ 276.776521] kernel_init_freeable+0x53d/0x7a0 [ 276.777019] kernel_init+0x1e/0x2d0 [ 276.777418] ret_from_fork+0x48/0x80 [ 276.777829] ret_from_fork_asm+0x1a/0x30 [ 276.778298] [ 276.778298] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 276.778866] __lock_acquire+0x29fd/0x4580 [ 276.779309] lock_acquire+0x19b/0x520 [ 276.779737] __mutex_lock+0x13d/0xb50 [ 276.780174] unregister_netdevice_many_notify+0x1612/0x1c80 [ 276.780765] unregister_netdevice_queue+0x224/0x2e0 [ 276.781292] _cfg80211_unregister_wdev+0x57b/0x700 [ 276.781822] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 276.782387] ieee80211_unregister_hw+0x55/0x3a0 [ 276.782888] hwsim_exit_net+0x3a0/0x730 [ 276.783313] ops_exit_list+0xb3/0x180 [ 276.783714] cleanup_net+0x546/0xad0 [ 276.784110] process_one_work+0x8ee/0x1a10 [ 276.784568] worker_thread+0x674/0xe70 [ 276.784999] kthread+0x3ab/0x720 [ 276.785388] ret_from_fork+0x48/0x80 [ 276.785775] ret_from_fork_asm+0x1a/0x30 [ 276.786224] [ 276.786224] other info that might help us debug this: [ 276.786224] [ 276.786902] Possible unsafe locking scenario: [ 276.786902] [ 276.787412] CPU0 CPU1 [ 276.787813] ---- ---- [ 276.788213] lock(&rdev->wiphy.mtx); [ 276.788580] lock(rtnl_mutex); [ 276.789100] lock(&rdev->wiphy.mtx); [ 276.789682] lock(rtnl_mutex); [ 276.790025] [ 276.790025] *** DEADLOCK *** [ 276.790025] [ 276.790559] 4 locks held by kworker/u8:0/11: [ 276.790974] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 276.791941] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 276.792869] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 276.793736] #3: ffff888035f80768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 276.794715] [ 276.794715] stack backtrace: [ 276.795126] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 276.795882] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 276.796612] Workqueue: netns cleanup_net [ 276.797006] Call Trace: [ 276.797248] [ 276.797463] dump_stack_lvl+0xca/0x120 [ 276.797862] print_circular_bug+0x47b/0x750 [ 276.798288] check_noncircular+0x2e9/0x3c0 [ 276.798698] ? __pfx_check_noncircular+0x10/0x10 [ 276.799146] ? hlock_class+0x4e/0x130 [ 276.799513] ? mark_lock+0xac/0xed0 [ 276.799874] ? srso_return_thunk+0x5/0x5f [ 276.800295] ? __dequeue_entity+0x9b1/0x1900 [ 276.800730] ? lockdep_lock+0xba/0x1b0 [ 276.801130] ? __pfx_lockdep_lock+0x10/0x10 [ 276.801571] __lock_acquire+0x29fd/0x4580 [ 276.801986] ? __pfx___lock_acquire+0x10/0x10 [ 276.802430] ? lock_release+0x20f/0x6f0 [ 276.802819] ? __pfx_lock_release+0x10/0x10 [ 276.803241] lock_acquire+0x19b/0x520 [ 276.803613] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 276.804151] ? __pfx_lock_acquire+0x10/0x10 [ 276.804561] ? srso_return_thunk+0x5/0x5f [ 276.804954] ? lock_release+0x20f/0x6f0 [ 276.805326] ? srso_return_thunk+0x5/0x5f [ 276.805721] ? lock_is_held_type+0x9e/0x120 [ 276.806138] ? srso_return_thunk+0x5/0x5f [ 276.806542] __mutex_lock+0x13d/0xb50 [ 276.806908] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 276.807452] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 276.808001] ? srso_return_thunk+0x5/0x5f [ 276.808396] ? synchronize_rcu_expedited+0x38a/0x420 [ 276.808854] ? __pfx___mutex_lock+0x10/0x10 [ 276.809274] ? __pfx_autoremove_wake_function+0x10/0x10 [ 276.809780] ? srso_return_thunk+0x5/0x5f [ 276.810189] ? kasan_quarantine_put+0x84/0x1e0 [ 276.810623] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 276.811035] ? srso_return_thunk+0x5/0x5f [ 276.811437] unregister_netdevice_many_notify+0x1612/0x1c80 [ 276.811951] ? __virt_addr_valid+0x2e8/0x5d0 [ 276.812388] ? __pfx_lock_release+0x10/0x10 [ 276.812802] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 276.813365] ? find_held_lock+0x2c/0x110 [ 276.813774] ? srso_return_thunk+0x5/0x5f [ 276.814198] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 276.814690] ? srso_return_thunk+0x5/0x5f [ 276.815103] ? lock_release+0x20f/0x6f0 [ 276.815496] ? __pfx_lock_release+0x10/0x10 [ 276.815916] ? srso_return_thunk+0x5/0x5f [ 276.816332] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 276.816830] ? srso_return_thunk+0x5/0x5f [ 276.817255] unregister_netdevice_queue+0x224/0x2e0 [ 276.817730] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 276.818243] ? up_write+0x195/0x520 [ 276.818612] _cfg80211_unregister_wdev+0x57b/0x700 [ 276.819077] ? srso_return_thunk+0x5/0x5f [ 276.819488] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 276.819957] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 276.820464] ? srso_return_thunk+0x5/0x5f [ 276.820872] ? srso_return_thunk+0x5/0x5f [ 276.821276] ? synchronize_rcu+0x1ff/0x260 [ 276.821679] ieee80211_unregister_hw+0x55/0x3a0 [ 276.822136] hwsim_exit_net+0x3a0/0x730 [ 276.822515] ? __pfx_hwsim_exit_net+0x10/0x10 [ 276.822938] ? srso_return_thunk+0x5/0x5f [ 276.823345] ? netdev_run_todo+0x788/0x1040 [ 276.823763] ? __pfx_hwsim_exit_net+0x10/0x10 [ 276.824186] ops_exit_list+0xb3/0x180 [ 276.824554] cleanup_net+0x546/0xad0 [ 276.824917] ? __pfx_cleanup_net+0x10/0x10 [ 276.825327] process_one_work+0x8ee/0x1a10 [ 276.825753] ? __pfx_lock_acquire+0x10/0x10 [ 276.826164] ? __pfx_process_one_work+0x10/0x10 [ 276.826605] ? srso_return_thunk+0x5/0x5f [ 276.826999] ? move_linked_works+0x172/0x270 [ 276.827423] ? srso_return_thunk+0x5/0x5f [ 276.827831] ? assign_work+0x196/0x240 [ 276.828222] worker_thread+0x674/0xe70 [ 276.828614] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 276.829109] ? __pfx_worker_thread+0x10/0x10 [ 276.829545] kthread+0x3ab/0x720 [ 276.829888] ? __pfx_kthread+0x10/0x10 [ 276.830278] ? srso_return_thunk+0x5/0x5f [ 276.830689] ? finish_task_switch.isra.0+0x206/0x840 [ 276.831170] ? __pfx_kthread+0x10/0x10 [ 276.831558] ret_from_fork+0x48/0x80 [ 276.831907] ? __pfx_kthread+0x10/0x10 [ 276.832290] ret_from_fork_asm+0x1a/0x30 [ 276.832702] [ 278.887220] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 278.890926] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 278.902270] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 278.906784] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 278.915744] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 278.919540] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 279.016069] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 279.018828] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 279.022143] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 279.030280] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 279.036599] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 279.038798] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 279.085993] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 279.089246] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 279.093946] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 279.105681] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 279.120016] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 279.123281] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 279.142034] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 279.146895] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 279.148682] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 279.151965] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 279.154484] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 279.157603] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 279.214174] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 279.220168] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 279.222632] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 279.239865] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 279.256072] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 279.261701] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 279.270086] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 279.278824] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 279.292061] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 279.302703] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 279.335219] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 279.337977] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 279.341797] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 279.344498] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 279.349430] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 279.351592] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 279.359013] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 279.361508] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 279.361739] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 279.366070] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 279.368400] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 279.370219] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 279.417627] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 279.425862] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 280.987426] Bluetooth: hci0: command tx timeout [ 281.115750] Bluetooth: hci1: command tx timeout [ 281.179435] Bluetooth: hci3: command tx timeout [ 281.179578] Bluetooth: hci2: command tx timeout [ 281.372671] Bluetooth: hci5: command tx timeout [ 281.437376] Bluetooth: hci7: command tx timeout [ 281.499514] Bluetooth: hci4: command tx timeout [ 281.499649] Bluetooth: hci6: command tx timeout [ 283.035357] Bluetooth: hci0: command tx timeout [ 283.163361] Bluetooth: hci1: command tx timeout [ 283.227476] Bluetooth: hci2: command tx timeout [ 283.227690] Bluetooth: hci3: command tx timeout [ 283.419404] Bluetooth: hci5: command tx timeout [ 283.483382] Bluetooth: hci7: command tx timeout [ 283.547364] Bluetooth: hci6: command tx timeout [ 283.547446] Bluetooth: hci4: command tx timeout [ 285.085383] Bluetooth: hci0: command tx timeout [ 285.211439] Bluetooth: hci1: command tx timeout [ 285.275429] Bluetooth: hci2: command tx timeout [ 285.275567] Bluetooth: hci3: command tx timeout [ 285.467637] Bluetooth: hci5: command tx timeout [ 285.531482] Bluetooth: hci7: command tx timeout [ 285.595539] Bluetooth: hci6: command tx timeout [ 285.595807] Bluetooth: hci4: command tx timeout VM DIAGNOSIS: 22:45:23 Registers: info registers vcpu 0 RAX=0000000000000063 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095deb28 R8 =0000000000000001 R9 =ffffed10012bbd55 R10=0000000000000063 R11=6666666666666666 R12=0000000000000063 R13=0000000000000001 R14=ffff888008fea06a R15=ffff8880095dee28 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f52cb562378 CR3=000000000d164000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000003fb4ac61a766238e XMM02=0000000000000000413c3e8500000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffff88800a4ed340 RBX=ffff88800be84a90 RCX=ffffffff81429a4a RDX=1ffff11001d53f00 RSI=0000000000000008 RDI=ffff88800ea9f800 RBP=ffff88800c2134f1 RSP=ffff88800f197dd0 R8 =0000000000000000 R9 =ffffed1001d53f00 R10=ffff88800ea9f807 R11=0000000000000000 R12=ffff88800be84af9 R13=ffff88800c233818 R14=ffff88800a4ed340 R15=0000000000000086 RIP=ffffffff81aeddaf RFL=00000083 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005604120b6810 CR3=000000000d164000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000003f74b4225fc3d655 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=000000c000146420000000c000133e90 XMM04=000000c000148090000000c000148060 XMM05=000000c0001480f0000000c0001480c0 XMM06=000000c000148150000000c000148120 XMM07=000000c000147760000000c00008f4d0 XMM08=000000c0001484b0000000c000148480 XMM09=000000c000148510000000c0001484e0 XMM10=000000c000148540000000c00008f530 XMM11=000000c0001485a0000000c000148570 XMM12=000000c000148600000000c0001485d0 XMM13=000000c000148660000000c000148630 XMM14=000000c0001486c0000000c000148690 XMM15=000000c0000e9080000000c0001486f0