Warning: Permanently added '[localhost]:23884' (ECDSA) to the list of known hosts. 2022/09/21 13:56:55 fuzzer started 2022/09/21 13:56:55 dialing manager at localhost:40289 syzkaller login: [ 40.845677] cgroup: Unknown subsys name 'net' [ 40.924747] cgroup: Unknown subsys name 'rlimit' 2022/09/21 13:57:10 syscalls: 2215 2022/09/21 13:57:10 code coverage: enabled 2022/09/21 13:57:10 comparison tracing: enabled 2022/09/21 13:57:10 extra coverage: enabled 2022/09/21 13:57:10 setuid sandbox: enabled 2022/09/21 13:57:10 namespace sandbox: enabled 2022/09/21 13:57:10 Android sandbox: enabled 2022/09/21 13:57:10 fault injection: enabled 2022/09/21 13:57:10 leak checking: enabled 2022/09/21 13:57:10 net packet injection: enabled 2022/09/21 13:57:10 net device setup: enabled 2022/09/21 13:57:10 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/21 13:57:10 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/21 13:57:10 USB emulation: enabled 2022/09/21 13:57:10 hci packet injection: enabled 2022/09/21 13:57:10 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220921) 2022/09/21 13:57:10 802.15.4 emulation: enabled 2022/09/21 13:57:10 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/21 13:57:10 fetching corpus: 37, signal 21000/24568 (executing program) 2022/09/21 13:57:10 fetching corpus: 78, signal 33567/38493 (executing program) 2022/09/21 13:57:11 fetching corpus: 128, signal 46101/52165 (executing program) 2022/09/21 13:57:11 fetching corpus: 178, signal 51976/59262 (executing program) 2022/09/21 13:57:11 fetching corpus: 228, signal 61274/69410 (executing program) 2022/09/21 13:57:11 fetching corpus: 277, signal 66471/75666 (executing program) 2022/09/21 13:57:11 fetching corpus: 326, signal 74210/84103 (executing program) 2022/09/21 13:57:11 fetching corpus: 376, signal 77030/87872 (executing program) 2022/09/21 13:57:11 fetching corpus: 426, signal 81431/93018 (executing program) 2022/09/21 13:57:11 fetching corpus: 476, signal 84729/97108 (executing program) 2022/09/21 13:57:11 fetching corpus: 526, signal 87461/100629 (executing program) 2022/09/21 13:57:12 fetching corpus: 576, signal 90781/104609 (executing program) 2022/09/21 13:57:12 fetching corpus: 626, signal 93635/108157 (executing program) 2022/09/21 13:57:12 fetching corpus: 676, signal 95776/111006 (executing program) 2022/09/21 13:57:12 fetching corpus: 726, signal 98023/113870 (executing program) 2022/09/21 13:57:12 fetching corpus: 775, signal 100191/116614 (executing program) 2022/09/21 13:57:12 fetching corpus: 824, signal 102418/119423 (executing program) 2022/09/21 13:57:12 fetching corpus: 874, signal 104883/122329 (executing program) 2022/09/21 13:57:12 fetching corpus: 923, signal 107101/124994 (executing program) 2022/09/21 13:57:13 fetching corpus: 973, signal 109643/127991 (executing program) 2022/09/21 13:57:13 fetching corpus: 1023, signal 111578/130368 (executing program) 2022/09/21 13:57:13 fetching corpus: 1073, signal 112917/132232 (executing program) 2022/09/21 13:57:13 fetching corpus: 1123, signal 115303/134951 (executing program) 2022/09/21 13:57:13 fetching corpus: 1172, signal 117255/137258 (executing program) 2022/09/21 13:57:13 fetching corpus: 1222, signal 118909/139304 (executing program) 2022/09/21 13:57:13 fetching corpus: 1272, signal 121057/141598 (executing program) 2022/09/21 13:57:13 fetching corpus: 1322, signal 123185/143917 (executing program) 2022/09/21 13:57:14 fetching corpus: 1372, signal 124376/145506 (executing program) 2022/09/21 13:57:14 fetching corpus: 1422, signal 125704/147156 (executing program) 2022/09/21 13:57:14 fetching corpus: 1472, signal 127135/148788 (executing program) 2022/09/21 13:57:14 fetching corpus: 1521, signal 128650/150503 (executing program) 2022/09/21 13:57:14 fetching corpus: 1571, signal 129598/151862 (executing program) 2022/09/21 13:57:14 fetching corpus: 1620, signal 132848/154644 (executing program) 2022/09/21 13:57:14 fetching corpus: 1670, signal 134038/156098 (executing program) 2022/09/21 13:57:14 fetching corpus: 1719, signal 135454/157624 (executing program) 2022/09/21 13:57:15 fetching corpus: 1768, signal 137704/159596 (executing program) 2022/09/21 13:57:15 fetching corpus: 1818, signal 138662/160805 (executing program) 2022/09/21 13:57:15 fetching corpus: 1868, signal 139942/162120 (executing program) 2022/09/21 13:57:15 fetching corpus: 1918, signal 141491/163556 (executing program) 2022/09/21 13:57:15 fetching corpus: 1968, signal 143124/165115 (executing program) 2022/09/21 13:57:15 fetching corpus: 2018, signal 144793/166699 (executing program) 2022/09/21 13:57:15 fetching corpus: 2067, signal 145840/167818 (executing program) 2022/09/21 13:57:15 fetching corpus: 2117, signal 146911/168889 (executing program) 2022/09/21 13:57:16 fetching corpus: 2167, signal 147896/169888 (executing program) 2022/09/21 13:57:16 fetching corpus: 2217, signal 149252/171055 (executing program) 2022/09/21 13:57:16 fetching corpus: 2267, signal 150770/172334 (executing program) 2022/09/21 13:57:16 fetching corpus: 2317, signal 151433/173141 (executing program) 2022/09/21 13:57:16 fetching corpus: 2367, signal 152457/174080 (executing program) 2022/09/21 13:57:16 fetching corpus: 2417, signal 154016/175309 (executing program) 2022/09/21 13:57:16 fetching corpus: 2467, signal 154949/176200 (executing program) 2022/09/21 13:57:16 fetching corpus: 2517, signal 156073/177145 (executing program) 2022/09/21 13:57:17 fetching corpus: 2567, signal 158040/178409 (executing program) 2022/09/21 13:57:17 fetching corpus: 2617, signal 159006/179283 (executing program) 2022/09/21 13:57:17 fetching corpus: 2667, signal 161382/180661 (executing program) 2022/09/21 13:57:17 fetching corpus: 2717, signal 162455/181474 (executing program) 2022/09/21 13:57:17 fetching corpus: 2766, signal 163305/182132 (executing program) 2022/09/21 13:57:17 fetching corpus: 2816, signal 164039/182745 (executing program) 2022/09/21 13:57:17 fetching corpus: 2865, signal 165084/183509 (executing program) 2022/09/21 13:57:17 fetching corpus: 2915, signal 166132/184295 (executing program) 2022/09/21 13:57:18 fetching corpus: 2965, signal 166875/184914 (executing program) 2022/09/21 13:57:18 fetching corpus: 3013, signal 168144/185601 (executing program) 2022/09/21 13:57:18 fetching corpus: 3063, signal 169212/186234 (executing program) 2022/09/21 13:57:18 fetching corpus: 3113, signal 170280/186828 (executing program) 2022/09/21 13:57:18 fetching corpus: 3162, signal 170969/187309 (executing program) 2022/09/21 13:57:18 fetching corpus: 3212, signal 171441/187695 (executing program) 2022/09/21 13:57:18 fetching corpus: 3262, signal 172404/188278 (executing program) 2022/09/21 13:57:18 fetching corpus: 3312, signal 172991/188676 (executing program) 2022/09/21 13:57:19 fetching corpus: 3362, signal 174022/189255 (executing program) 2022/09/21 13:57:19 fetching corpus: 3412, signal 174628/189696 (executing program) 2022/09/21 13:57:19 fetching corpus: 3462, signal 175289/190068 (executing program) 2022/09/21 13:57:19 fetching corpus: 3512, signal 176312/190493 (executing program) 2022/09/21 13:57:19 fetching corpus: 3562, signal 176935/190819 (executing program) 2022/09/21 13:57:19 fetching corpus: 3612, signal 178190/191417 (executing program) 2022/09/21 13:57:19 fetching corpus: 3662, signal 179143/191977 (executing program) 2022/09/21 13:57:20 fetching corpus: 3712, signal 179792/192271 (executing program) 2022/09/21 13:57:20 fetching corpus: 3761, signal 181159/192728 (executing program) 2022/09/21 13:57:20 fetching corpus: 3810, signal 182038/193014 (executing program) 2022/09/21 13:57:20 fetching corpus: 3860, signal 182857/193282 (executing program) 2022/09/21 13:57:20 fetching corpus: 3909, signal 183237/193478 (executing program) 2022/09/21 13:57:20 fetching corpus: 3958, signal 184115/193763 (executing program) 2022/09/21 13:57:20 fetching corpus: 4008, signal 184868/193993 (executing program) 2022/09/21 13:57:20 fetching corpus: 4058, signal 185351/194137 (executing program) 2022/09/21 13:57:21 fetching corpus: 4107, signal 186025/194332 (executing program) 2022/09/21 13:57:21 fetching corpus: 4157, signal 186729/194499 (executing program) 2022/09/21 13:57:21 fetching corpus: 4207, signal 187211/194651 (executing program) 2022/09/21 13:57:21 fetching corpus: 4255, signal 189016/195180 (executing program) 2022/09/21 13:57:21 fetching corpus: 4305, signal 189644/195292 (executing program) 2022/09/21 13:57:21 fetching corpus: 4355, signal 190124/195394 (executing program) 2022/09/21 13:57:21 fetching corpus: 4396, signal 190540/195531 (executing program) 2022/09/21 13:57:21 fetching corpus: 4396, signal 190540/195596 (executing program) 2022/09/21 13:57:21 fetching corpus: 4396, signal 190540/195653 (executing program) 2022/09/21 13:57:21 fetching corpus: 4396, signal 190540/195698 (executing program) 2022/09/21 13:57:21 fetching corpus: 4396, signal 190540/195698 (executing program) 2022/09/21 13:57:24 starting 8 fuzzer processes 13:57:24 executing program 0: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) close(r0) 13:57:24 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x73) openat$hpet(0xffffffffffffff9c, 0x0, 0x0, 0x0) 13:57:24 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x5385, &(0x7f0000000000)) 13:57:24 executing program 2: r0 = io_uring_setup(0x1378, &(0x7f0000000000)={0x0, 0x0, 0x2}) io_uring_enter(r0, 0x0, 0x8dd6, 0x3, &(0x7f0000000080)={[0x2]}, 0x8) 13:57:24 executing program 4: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="8427", 0x2}], 0x41, 0x0) vmsplice(r1, &(0x7f00000004c0)=[{&(0x7f0000000040)='T', 0x1}], 0x1, 0x0) [ 68.868275] audit: type=1400 audit(1663768644.088:6): avc: denied { execmem } for pid=285 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:57:24 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000000)={0x1c, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}, 0x1c}], 0x1}, 0x0) 13:57:24 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x19, 0x0, 0x0) 13:57:24 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1/../file0\x00', 0x101042, 0x40) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r1 = gettid() perf_event_open(&(0x7f0000000400)={0x2, 0x80, 0x4, 0x0, 0x20, 0x0, 0x0, 0x800, 0x2000, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000340), 0x2}, 0x10000, 0x0, 0x9, 0x7, 0x80000000, 0x1, 0x4006, 0x0, 0x2}, r1, 0x0, r0, 0x0) io_setup(0x7, &(0x7f0000000000)) syz_open_procfs(0x0, &(0x7f0000000040)='personality\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') clock_gettime(0x0, 0x0) timer_create(0x6, &(0x7f0000000380)={0x0, 0x1c, 0x1, @thr={&(0x7f00000001c0)="7b54d93735e580da4d4b2b1e5b24a25a8bcaf2bc41f8356ec6fa12c71614249af8fe1716f91df35223852725637e0bd619f0a83761463849c1941d2e8e5d3cd891ff19e667251cf607586223f573de3c87e5bcfc1b0efdc1170f8b091408913297abe8ae0133b2ac2e9d432e7e4284ea931c2f138bcda97300df764704007edce14f397f8338c2da279f6640d7c262142c8a996a16d4fb4d5f51d4e5423e0d355e2c2c6fcd182ca6e9f884a4332012c3a1fae0b6fe4c1e5ca7834b10477ce1f489e414b3f293504e6bbbf8a633e5918331f89f9fd30d030b", &(0x7f00000002c0)="e8688df451238387d527607ff86f50345f9daa5b2393bc2ee69dad33498d331e4521010841f5c772701aa08d344c122aee2fcb69cb53d9c4a3e4f4385e483af1f93949b6b0c52b5d2a7660371ea32859657afa5a48652841b683aec70010ae4ebce053ab6b3e521c2cd89875319b74a5ac5863cf475383afccbf06b87b93028341c6fedb1e0937cc4b5cba4b8de113999f3e3542f4391f71ce74c6c3b250f243843e1a8d54dfd0419af205f03fc3fe7407d6c4bd7808"}}, &(0x7f00000003c0)=0x0) timer_gettime(r2, 0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000100)={{}, {r3, r4+60000000}}, &(0x7f0000000180)) timer_delete(0x0) pselect6(0x40, &(0x7f0000000480)={0x2, 0x0, 0x800, 0x7, 0x7, 0x3, 0x0, 0xffffffffffffff0b}, &(0x7f00000004c0)={0x40, 0x0, 0x9, 0x80000001, 0x0, 0x8, 0xeb7, 0x40}, &(0x7f0000000500)={0x7, 0x2, 0x9, 0x9, 0x2, 0x5dc, 0x1, 0x29a}, &(0x7f0000000580), &(0x7f0000000600)={&(0x7f00000005c0)={[0x9]}, 0x8}) [ 70.181072] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 70.182753] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.184379] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 70.185735] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.187201] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 70.188615] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 70.190713] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 70.191700] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.193086] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 70.194361] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.195848] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 70.197327] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 70.200924] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.206050] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.207531] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.208703] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.213547] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 70.214628] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 70.215556] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.216548] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 70.217588] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 70.221931] Bluetooth: hci0: HCI_REQ-0x0c1a [ 70.225263] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 70.227253] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 70.228409] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.229416] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.230481] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 70.238802] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 70.240552] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 70.240607] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 70.242661] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 70.244226] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 70.245297] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 70.246340] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.246841] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 70.255419] Bluetooth: hci5: HCI_REQ-0x0c1a [ 70.255525] Bluetooth: hci2: HCI_REQ-0x0c1a [ 70.256823] Bluetooth: hci3: HCI_REQ-0x0c1a [ 70.266278] Bluetooth: hci4: HCI_REQ-0x0c1a [ 70.270657] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 70.276916] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 70.288238] Bluetooth: hci1: HCI_REQ-0x0c1a [ 70.345185] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 70.348837] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 70.351062] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 70.353262] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 70.354405] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 70.356210] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 70.367637] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 70.376438] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 70.378510] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 70.380305] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 70.381383] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 70.387197] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 70.400197] Bluetooth: hci7: HCI_REQ-0x0c1a [ 70.404881] Bluetooth: hci6: HCI_REQ-0x0c1a [ 72.246418] Bluetooth: hci0: command 0x0409 tx timeout [ 72.310015] Bluetooth: hci5: command 0x0409 tx timeout [ 72.311176] Bluetooth: hci1: command 0x0409 tx timeout [ 72.312255] Bluetooth: hci2: command 0x0409 tx timeout [ 72.313009] Bluetooth: hci4: command 0x0409 tx timeout [ 72.313051] Bluetooth: hci3: command 0x0409 tx timeout [ 72.437986] Bluetooth: hci6: command 0x0409 tx timeout [ 72.438697] Bluetooth: hci7: command 0x0409 tx timeout [ 74.294611] Bluetooth: hci0: command 0x041b tx timeout [ 74.357979] Bluetooth: hci3: command 0x041b tx timeout [ 74.358457] Bluetooth: hci2: command 0x041b tx timeout [ 74.358856] Bluetooth: hci4: command 0x041b tx timeout [ 74.359371] Bluetooth: hci1: command 0x041b tx timeout [ 74.359758] Bluetooth: hci5: command 0x041b tx timeout [ 74.486979] Bluetooth: hci7: command 0x041b tx timeout [ 74.487426] Bluetooth: hci6: command 0x041b tx timeout [ 76.342942] Bluetooth: hci0: command 0x040f tx timeout [ 76.407009] Bluetooth: hci5: command 0x040f tx timeout [ 76.407471] Bluetooth: hci1: command 0x040f tx timeout [ 76.407870] Bluetooth: hci4: command 0x040f tx timeout [ 76.408300] Bluetooth: hci2: command 0x040f tx timeout [ 76.408690] Bluetooth: hci3: command 0x040f tx timeout [ 76.534512] Bluetooth: hci6: command 0x040f tx timeout [ 76.534998] Bluetooth: hci7: command 0x040f tx timeout [ 78.389957] Bluetooth: hci0: command 0x0419 tx timeout [ 78.454030] Bluetooth: hci3: command 0x0419 tx timeout [ 78.454777] Bluetooth: hci2: command 0x0419 tx timeout [ 78.456108] Bluetooth: hci4: command 0x0419 tx timeout [ 78.456826] Bluetooth: hci1: command 0x0419 tx timeout [ 78.457577] Bluetooth: hci5: command 0x0419 tx timeout [ 78.581986] Bluetooth: hci7: command 0x0419 tx timeout [ 78.582752] Bluetooth: hci6: command 0x0419 tx timeout [ 128.018042] audit: type=1400 audit(1663768703.237:7): avc: denied { open } for pid=3746 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.019779] audit: type=1400 audit(1663768703.238:8): avc: denied { kernel } for pid=3746 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.054353] ------------[ cut here ]------------ [ 128.054878] WARNING: CPU: 0 PID: 3750 at kernel/events/core.c:2047 perf_group_detach+0x99e/0x12f0 [ 128.055563] Modules linked in: [ 128.055800] CPU: 0 PID: 3750 Comm: modprobe Not tainted 6.0.0-rc6-next-20220921 #1 [ 128.056341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.057133] RIP: 0010:perf_group_detach+0x99e/0x12f0 [ 128.057534] Code: 85 d5 f8 ff ff e8 a2 59 ee ff 65 44 8b 25 36 b2 aa 7e 31 ff 44 89 e6 e8 40 56 ee ff 45 85 e4 0f 84 0a 05 00 00 e8 82 59 ee ff <0f> 0b e9 a9 f8 ff ff e8 76 59 ee ff 65 8b 1d 0b b2 aa 7e 31 ff 89 [ 128.059440] RSP: 0018:ffff88806ce09e60 EFLAGS: 00010046 [ 128.060240] RAX: 0000000080010002 RBX: ffff8880086685c8 RCX: 0000000000000000 [ 128.060761] RDX: ffff8880176d0000 RSI: ffffffff8157c39e RDI: 0000000000000005 [ 128.061297] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 128.061826] R10: 0000000000000000 R11: ffffffff865b001b R12: 0000000000000000 [ 128.062348] R13: ffff888008668658 R14: ffff88806ce3d140 R15: ffff8880086685c8 [ 128.062871] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 128.063472] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.063910] CR2: 00007f19b8f6bb70 CR3: 00000000206c2000 CR4: 0000000000350ef0 [ 128.064431] Call Trace: [ 128.064627] [ 128.064800] ? perf_event_idx_default+0x10/0x10 [ 128.065166] ? event_sched_out+0x71c/0xcd0 [ 128.065492] __perf_remove_from_context+0x71e/0xb20 [ 128.065882] event_function+0x297/0x3d0 [ 128.066192] ? perf_output_read+0xf80/0xf80 [ 128.066528] remote_function+0x125/0x1b0 [ 128.066849] __flush_smp_call_function_queue+0x1df/0x5a0 [ 128.067268] ? perf_duration_warn+0x40/0x40 [ 128.067601] __sysvec_call_function_single+0x92/0x3a0 [ 128.067998] sysvec_call_function_single+0x89/0xc0 [ 128.068376] [ 128.068552] [ 128.068726] asm_sysvec_call_function_single+0x16/0x20 [ 128.069122] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x60 [ 128.069555] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 ea 21 03 fd 48 89 ef e8 52 97 03 fd 80 e7 02 74 06 e8 68 ec 25 fd fb bf 01 00 00 00 6d 3d f9 fc 65 8b 05 16 65 db 7b 85 c0 74 07 5b 5d e9 8b 31 39 [ 128.070897] RSP: 0018:ffff88800fab79c0 EFLAGS: 00000202 [ 128.071314] RAX: 000000000000165d RBX: 0000000000000246 RCX: ffffffff81298d9f [ 128.071844] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 128.072374] RBP: ffffffff854cf7a0 R08: 0000000000000001 R09: ffffffff86ccf7ef [ 128.072912] R10: fffffbfff0d99efd R11: 0000000000000001 R12: ffff88801a2d06c0 [ 128.073448] R13: ffff888008b5af78 R14: ffff88801bd8a558 R15: ffff88800843cc80 [ 128.073991] ? mark_lock.part.0+0xef/0x2f70 [ 128.074331] find_and_remove_object+0x123/0x170 [ 128.074689] ? do_mas_align_munmap.constprop.0+0xa55/0x1000 [ 128.075125] kmemleak_free+0x21/0x40 [ 128.075416] kmem_cache_free+0xbd/0x610 [ 128.075722] ? fput+0x2b/0x190 [ 128.075975] do_mas_align_munmap.constprop.0+0xa55/0x1000 [ 128.076404] ? __split_vma+0x5d0/0x5d0 [ 128.076714] ? mas_walk+0x48a/0x670 [ 128.077009] ? mas_find+0x209/0xdd0 [ 128.077303] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 128.077709] do_mas_munmap+0x1e8/0x2b0 [ 128.078016] mmap_region+0x21c/0x1a00 [ 128.078323] ? lock_release+0x750/0x750 [ 128.078634] ? inode_has_perm+0x171/0x1d0 [ 128.078962] ? do_munmap+0x100/0x100 [ 128.079261] ? security_mmap_addr+0x79/0xa0 [ 128.079592] ? get_unmapped_area+0x1e5/0x3e0 [ 128.079938] do_mmap+0x828/0xf40 [ 128.080211] vm_mmap_pgoff+0x1af/0x270 [ 128.080517] ? randomize_page+0xb0/0xb0 [ 128.080835] ksys_mmap_pgoff+0x3d0/0x4f0 [ 128.081151] do_syscall_64+0x3b/0x90 [ 128.081447] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.081836] RIP: 0033:0x7f5f8d77dd82 [ 128.082119] Code: eb aa 66 0f 1f 44 00 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 33 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 56 5b 5d c3 0f 1f 00 c7 05 ae 03 01 00 16 00 [ 128.083467] RSP: 002b:00007ffeb0036198 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 128.084039] RAX: ffffffffffffffda RBX: 0000000000000812 RCX: 00007f5f8d77dd82 [ 128.084580] RDX: 0000000000000001 RSI: 000000000000b000 RDI: 00007f5f8d74f000 [ 128.085104] RBP: 00007f5f8d74f000 R08: 0000000000000000 R09: 000000000001b000 [ 128.085658] R10: 0000000000000812 R11: 0000000000000206 R12: 00007f5f8d75c000 [ 128.086193] R13: 00007ffeb00361b0 R14: 00007ffeb0036210 R15: 00007ffeb0036540 [ 128.086754] [ 128.086940] irq event stamp: 5726 [ 128.087201] hardirqs last enabled at (5725): [] _raw_spin_unlock_irqrestore+0x28/0x60 [ 128.087923] hardirqs last disabled at (5726): [] sysvec_call_function_single+0xb/0xc0 [ 128.088628] softirqs last enabled at (5620): [] __irq_exit_rcu+0x11b/0x180 [ 128.089270] softirqs last disabled at (5417): [] __irq_exit_rcu+0x11b/0x180 [ 128.089918] ---[ end trace 0000000000000000 ]--- [ 128.090323] ------------[ cut here ]------------ [ 128.090685] WARNING: CPU: 0 PID: 3750 at kernel/events/core.c:2183 perf_group_detach+0x9c7/0x12f0 [ 128.091362] Modules linked in: [ 128.091613] CPU: 0 PID: 3750 Comm: modprobe Tainted: G W 6.0.0-rc6-next-20220921 #1 [ 128.092286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.093130] RIP: 0010:perf_group_detach+0x9c7/0x12f0 [ 128.093520] Code: ff 0f 0b e9 a9 f8 ff ff e8 76 59 ee ff 65 8b 1d 0b b2 aa 7e 31 ff 89 de e8 16 56 ee ff 85 db 0f 84 86 04 00 00 e8 59 59 ee ff <0f> 0b e9 0e fa ff ff e8 4d 59 ee ff 48 8b 7c 24 20 48 81 c7 f8 00 [ 128.094869] RSP: 0018:ffff88806ce09e60 EFLAGS: 00010046 [ 128.095281] RAX: 0000000080010002 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.095821] RDX: ffff8880176d0000 RSI: ffffffff8157c3c7 RDI: 0000000000000005 [ 128.096364] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 128.096900] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff8880086685c8 [ 128.097434] R13: ffff8880086685c8 R14: ffff88806ce3d140 R15: ffff8880086685c8 [ 128.097969] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 128.098580] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.099015] CR2: 00007f19b8f6bb70 CR3: 00000000206c2000 CR4: 0000000000350ef0 [ 128.099557] Call Trace: [ 128.099759] [ 128.099930] ? perf_event_idx_default+0x10/0x10 [ 128.100293] ? event_sched_out+0x71c/0xcd0 [ 128.100621] __perf_remove_from_context+0x71e/0xb20 [ 128.100997] event_function+0x297/0x3d0 [ 128.101312] ? perf_output_read+0xf80/0xf80 [ 128.101640] remote_function+0x125/0x1b0 [ 128.101956] __flush_smp_call_function_queue+0x1df/0x5a0 [ 128.102373] ? perf_duration_warn+0x40/0x40 [ 128.102704] __sysvec_call_function_single+0x92/0x3a0 [ 128.103112] sysvec_call_function_single+0x89/0xc0 [ 128.103491] [ 128.103667] [ 128.103841] asm_sysvec_call_function_single+0x16/0x20 [ 128.104239] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x60 [ 128.104666] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 ea 21 03 fd 48 89 ef e8 52 97 03 fd 80 e7 02 74 06 e8 68 ec 25 fd fb bf 01 00 00 00 6d 3d f9 fc 65 8b 05 16 65 db 7b 85 c0 74 07 5b 5d e9 8b 31 39 [ 128.106000] RSP: 0018:ffff88800fab79c0 EFLAGS: 00000202 [ 128.106397] RAX: 000000000000165d RBX: 0000000000000246 RCX: ffffffff81298d9f [ 128.106927] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 128.107467] RBP: ffffffff854cf7a0 R08: 0000000000000001 R09: ffffffff86ccf7ef [ 128.108002] R10: fffffbfff0d99efd R11: 0000000000000001 R12: ffff88801a2d06c0 [ 128.108525] R13: ffff888008b5af78 R14: ffff88801bd8a558 R15: ffff88800843cc80 [ 128.109057] ? mark_lock.part.0+0xef/0x2f70 [ 128.109393] find_and_remove_object+0x123/0x170 [ 128.109746] ? do_mas_align_munmap.constprop.0+0xa55/0x1000 [ 128.110176] kmemleak_free+0x21/0x40 [ 128.110460] kmem_cache_free+0xbd/0x610 [ 128.110771] ? fput+0x2b/0x190 [ 128.111034] do_mas_align_munmap.constprop.0+0xa55/0x1000 [ 128.111460] ? __split_vma+0x5d0/0x5d0 [ 128.111765] ? mas_walk+0x48a/0x670 [ 128.112052] ? mas_find+0x209/0xdd0 [ 128.112341] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 128.112744] do_mas_munmap+0x1e8/0x2b0 [ 128.113047] mmap_region+0x21c/0x1a00 [ 128.113359] ? lock_release+0x750/0x750 [ 128.113671] ? inode_has_perm+0x171/0x1d0 [ 128.113988] ? do_munmap+0x100/0x100 [ 128.114286] ? security_mmap_addr+0x79/0xa0 [ 128.114612] ? get_unmapped_area+0x1e5/0x3e0 [ 128.114957] do_mmap+0x828/0xf40 [ 128.115234] vm_mmap_pgoff+0x1af/0x270 [ 128.115534] ? randomize_page+0xb0/0xb0 [ 128.115850] ksys_mmap_pgoff+0x3d0/0x4f0 [ 128.116165] do_syscall_64+0x3b/0x90 [ 128.116455] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.116840] RIP: 0033:0x7f5f8d77dd82 [ 128.117121] Code: eb aa 66 0f 1f 44 00 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 33 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 56 5b 5d c3 0f 1f 00 c7 05 ae 03 01 00 16 00 [ 128.118452] RSP: 002b:00007ffeb0036198 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 128.119018] RAX: ffffffffffffffda RBX: 0000000000000812 RCX: 00007f5f8d77dd82 [ 128.119546] RDX: 0000000000000001 RSI: 000000000000b000 RDI: 00007f5f8d74f000 [ 128.120071] RBP: 00007f5f8d74f000 R08: 0000000000000000 R09: 000000000001b000 [ 128.120595] R10: 0000000000000812 R11: 0000000000000206 R12: 00007f5f8d75c000 [ 128.121122] R13: 00007ffeb00361b0 R14: 00007ffeb0036210 R15: 00007ffeb0036540 [ 128.121657] [ 128.121835] irq event stamp: 5726 [ 128.122100] hardirqs last enabled at (5725): [] _raw_spin_unlock_irqrestore+0x28/0x60 [ 128.122802] hardirqs last disabled at (5726): [] sysvec_call_function_single+0xb/0xc0 [ 128.123499] softirqs last enabled at (5620): [] __irq_exit_rcu+0x11b/0x180 [ 128.124133] softirqs last disabled at (5417): [] __irq_exit_rcu+0x11b/0x180 [ 128.124769] ---[ end trace 0000000000000000 ]--- [ 128.125147] ------------[ cut here ]------------ [ 128.125490] WARNING: CPU: 0 PID: 3750 at kernel/events/core.c:655 perf_event_update_sibling_time+0xd5/0x4d0 [ 128.126210] Modules linked in: [ 128.126456] CPU: 0 PID: 3750 Comm: modprobe Tainted: G W 6.0.0-rc6-next-20220921 #1 [ 128.127128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.127958] RIP: 0010:perf_event_update_sibling_time+0xd5/0x4d0 [ 128.128423] Code: 5e 41 5f e9 7d d7 f0 ff e8 78 d7 f0 ff 65 8b 1d 0d 30 ad 7e 31 ff 89 de e8 18 d4 f0 ff 85 db 0f 84 d3 02 00 00 e8 5b d7 f0 ff <0f> 0b eb 97 e8 52 d7 f0 ff 48 8d 7d 10 48 b8 00 00 00 00 00 fc ff [ 128.129751] RSP: 0018:ffff88806ce09e58 EFLAGS: 00010046 [ 128.130150] RAX: 0000000080010002 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.130681] RDX: ffff8880176d0000 RSI: ffffffff815545c5 RDI: 0000000000000005 [ 128.131215] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 128.131747] R10: 0000000000000000 R11: ffffffff865b001b R12: 0000000000000000 [ 128.132278] R13: ffff888008668670 R14: 0000000000000001 R15: 0000000000000001 [ 128.132805] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 128.133410] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.133848] CR2: 00007f19b8f6bb70 CR3: 00000000206c2000 CR4: 0000000000350ef0 [ 128.134381] Call Trace: [ 128.134577] [ 128.134745] ? lock_is_held_type+0xd7/0x130 [ 128.135082] ? perf_event_update_time+0x285/0x380 [ 128.135463] list_del_event+0x524/0x860 [ 128.135776] __perf_remove_from_context+0xd2/0xb20 [ 128.136155] event_function+0x297/0x3d0 [ 128.136463] ? perf_output_read+0xf80/0xf80 [ 128.136796] remote_function+0x125/0x1b0 [ 128.137116] __flush_smp_call_function_queue+0x1df/0x5a0 [ 128.137522] ? perf_duration_warn+0x40/0x40 [ 128.137855] __sysvec_call_function_single+0x92/0x3a0 [ 128.138246] sysvec_call_function_single+0x89/0xc0 [ 128.138613] [ 128.138792] [ 128.138973] asm_sysvec_call_function_single+0x16/0x20 [ 128.139366] RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x60 [ 128.139796] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 ea 21 03 fd 48 89 ef e8 52 97 03 fd 80 e7 02 74 06 e8 68 ec 25 fd fb bf 01 00 00 00 6d 3d f9 fc 65 8b 05 16 65 db 7b 85 c0 74 07 5b 5d e9 8b 31 39 [ 128.141127] RSP: 0018:ffff88800fab79c0 EFLAGS: 00000202 [ 128.141525] RAX: 000000000000165d RBX: 0000000000000246 RCX: ffffffff81298d9f [ 128.142054] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 128.142582] RBP: ffffffff854cf7a0 R08: 0000000000000001 R09: ffffffff86ccf7ef [ 128.143128] R10: fffffbfff0d99efd R11: 0000000000000001 R12: ffff88801a2d06c0 [ 128.143661] R13: ffff888008b5af78 R14: ffff88801bd8a558 R15: ffff88800843cc80 [ 128.144201] ? mark_lock.part.0+0xef/0x2f70 [ 128.144535] find_and_remove_object+0x123/0x170 [ 128.144882] ? do_mas_align_munmap.constprop.0+0xa55/0x1000 [ 128.145313] kmemleak_free+0x21/0x40 [ 128.145599] kmem_cache_free+0xbd/0x610 [ 128.145904] ? fput+0x2b/0x190 [ 128.146158] do_mas_align_munmap.constprop.0+0xa55/0x1000 [ 128.146585] ? __split_vma+0x5d0/0x5d0 [ 128.146888] ? mas_walk+0x48a/0x670 [ 128.147187] ? mas_find+0x209/0xdd0 [ 128.147481] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 128.147887] do_mas_munmap+0x1e8/0x2b0 [ 128.148191] mmap_region+0x21c/0x1a00 [ 128.148494] ? lock_release+0x750/0x750 [ 128.148801] ? inode_has_perm+0x171/0x1d0 [ 128.149120] ? do_munmap+0x100/0x100 [ 128.149413] ? security_mmap_addr+0x79/0xa0 [ 128.149742] ? get_unmapped_area+0x1e5/0x3e0 [ 128.150087] do_mmap+0x828/0xf40 [ 128.150357] vm_mmap_pgoff+0x1af/0x270 [ 128.150661] ? randomize_page+0xb0/0xb0 [ 128.150985] ksys_mmap_pgoff+0x3d0/0x4f0 [ 128.151303] do_syscall_64+0x3b/0x90 [ 128.151597] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.151983] RIP: 0033:0x7f5f8d77dd82 [ 128.152270] Code: eb aa 66 0f 1f 44 00 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 33 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 56 5b 5d c3 0f 1f 00 c7 05 ae 03 01 00 16 00 [ 128.153590] RSP: 002b:00007ffeb0036198 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 128.154147] RAX: ffffffffffffffda RBX: 0000000000000812 RCX: 00007f5f8d77dd82 [ 128.154670] RDX: 0000000000000001 RSI: 000000000000b000 RDI: 00007f5f8d74f000 [ 128.155199] RBP: 00007f5f8d74f000 R08: 0000000000000000 R09: 000000000001b000 [ 128.155721] R10: 0000000000000812 R11: 0000000000000206 R12: 00007f5f8d75c000 [ 128.156245] R13: 00007ffeb00361b0 R14: 00007ffeb0036210 R15: 00007ffeb0036540 [ 128.156790] [ 128.156968] irq event stamp: 5726 [ 128.157221] hardirqs last enabled at (5725): [] _raw_spin_unlock_irqrestore+0x28/0x60 [ 128.157931] hardirqs last disabled at (5726): [] sysvec_call_function_single+0xb/0xc0 [ 128.158617] softirqs last enabled at (5620): [] __irq_exit_rcu+0x11b/0x180 [ 128.159274] softirqs last disabled at (5417): [] __irq_exit_rcu+0x11b/0x180 [ 128.159907] ---[ end trace 0000000000000000 ]--- [ 129.410056] syz-executor.2 (296) used greatest stack depth: 24640 bytes left [ 132.044057] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 132.045669] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 132.047527] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 132.048137] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 132.048812] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 132.050094] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 132.052737] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 132.053453] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 132.055037] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 132.056059] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 132.056727] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 132.057856] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 132.060952] Bluetooth: hci1: HCI_REQ-0x0c1a [ 132.063706] Bluetooth: hci0: HCI_REQ-0x0c1a [ 132.115096] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 132.124827] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 132.126173] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 132.127167] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 132.129629] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 132.130921] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 132.131838] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 132.136919] Bluetooth: hci4: HCI_REQ-0x0c1a [ 132.155315] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 132.160577] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 132.161279] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 132.165133] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 132.167225] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 132.169402] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 132.171288] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 132.173204] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 132.179305] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 132.179942] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 132.185083] Bluetooth: hci3: HCI_REQ-0x0c1a [ 132.203166] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 132.237578] Bluetooth: hci7: HCI_REQ-0x0c1a [ 134.070014] Bluetooth: hci0: command 0x0409 tx timeout [ 134.070057] Bluetooth: hci1: command 0x0409 tx timeout [ 134.133943] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 134.135122] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 134.197962] Bluetooth: hci3: command 0x0409 tx timeout [ 134.198574] Bluetooth: hci4: command 0x0409 tx timeout [ 134.326043] Bluetooth: hci7: command 0x0409 tx timeout [ 136.118127] Bluetooth: hci1: command 0x041b tx timeout [ 136.119750] Bluetooth: hci0: command 0x041b tx timeout [ 136.246210] Bluetooth: hci4: command 0x041b tx timeout [ 136.246788] Bluetooth: hci3: command 0x041b tx timeout [ 136.374109] Bluetooth: hci7: command 0x041b tx timeout [ 136.698826] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 136.700675] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 136.701854] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 136.703417] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 136.704324] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 136.705188] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 136.707717] Bluetooth: hci2: HCI_REQ-0x0c1a [ 136.844267] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 136.856951] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 136.859467] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 136.873517] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 136.874688] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 136.887900] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 136.895986] Bluetooth: hci6: HCI_REQ-0x0c1a VM DIAGNOSIS: 13:58:23 Registers: info registers vcpu 0 RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b1c91 RDI=ffffffff87645ba0 RBP=ffffffff87645b60 RSP=ffff88806ce09788 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000066 R11=0000000000000001 R12=0000000000000066 R13=ffffffff87645b60 R14=0000000000000010 R15=ffffffff822b1c80 RIP=ffffffff822b1ce9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f19b8f6bb70 CR3=00000000206c2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 6f732e616d7a6c62 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00352e6f732e616d 7a6c62696c2f756e YMM03=0000000000000000 0000000000000000 672d78756e696c2d 34365f3638782f62 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=000000000001c9c2 RBX=1ffff11003029f5c RCX=ffffc90000dd8000 RDX=0000000000040000 RSI=ffffffff813bc4c3 RDI=0000000000000005 RBP=ffff88801814fb90 RSP=ffff88801814fac0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000200 RIP=ffffffff813bc4c5 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa40e632700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa40e632718 CR3=0000000040136000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fa4111c47c0 00007fa4111c47c8 YMM02=0000000000000000 0000000000000000 00007fa4111c47e0 00007fa4111c47c0 YMM03=0000000000000000 0000000000000000 00007fa4111c47c8 00007fa4111c47c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000