Warning: Permanently added '[localhost]:9726' (ECDSA) to the list of known hosts. 2022/09/13 14:08:59 fuzzer started 2022/09/13 14:08:59 dialing manager at localhost:36597 syzkaller login: [ 46.149926] cgroup: Unknown subsys name 'net' [ 46.252846] cgroup: Unknown subsys name 'rlimit' 2022/09/13 14:09:13 syscalls: 2215 2022/09/13 14:09:13 code coverage: enabled 2022/09/13 14:09:13 comparison tracing: enabled 2022/09/13 14:09:13 extra coverage: enabled 2022/09/13 14:09:13 setuid sandbox: enabled 2022/09/13 14:09:13 namespace sandbox: enabled 2022/09/13 14:09:13 Android sandbox: enabled 2022/09/13 14:09:13 fault injection: enabled 2022/09/13 14:09:13 leak checking: enabled 2022/09/13 14:09:13 net packet injection: enabled 2022/09/13 14:09:13 net device setup: enabled 2022/09/13 14:09:13 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/13 14:09:13 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/13 14:09:13 USB emulation: enabled 2022/09/13 14:09:13 hci packet injection: enabled 2022/09/13 14:09:13 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220913) 2022/09/13 14:09:13 802.15.4 emulation: enabled 2022/09/13 14:09:13 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/13 14:09:13 fetching corpus: 50, signal 37245/40442 (executing program) 2022/09/13 14:09:14 fetching corpus: 100, signal 44736/49318 (executing program) 2022/09/13 14:09:14 fetching corpus: 150, signal 55186/60897 (executing program) 2022/09/13 14:09:14 fetching corpus: 200, signal 61890/68688 (executing program) 2022/09/13 14:09:14 fetching corpus: 250, signal 67789/75594 (executing program) 2022/09/13 14:09:14 fetching corpus: 300, signal 71972/80757 (executing program) 2022/09/13 14:09:14 fetching corpus: 350, signal 76921/86507 (executing program) 2022/09/13 14:09:15 fetching corpus: 400, signal 81134/91540 (executing program) 2022/09/13 14:09:15 fetching corpus: 450, signal 85007/96165 (executing program) 2022/09/13 14:09:15 fetching corpus: 500, signal 87567/99531 (executing program) 2022/09/13 14:09:15 fetching corpus: 550, signal 95119/107304 (executing program) 2022/09/13 14:09:15 fetching corpus: 600, signal 99349/111958 (executing program) 2022/09/13 14:09:15 fetching corpus: 650, signal 102797/115836 (executing program) 2022/09/13 14:09:15 fetching corpus: 700, signal 107405/120721 (executing program) 2022/09/13 14:09:16 fetching corpus: 749, signal 109778/123616 (executing program) 2022/09/13 14:09:16 fetching corpus: 799, signal 112793/126979 (executing program) 2022/09/13 14:09:16 fetching corpus: 848, signal 115718/130183 (executing program) 2022/09/13 14:09:16 fetching corpus: 897, signal 118199/132933 (executing program) 2022/09/13 14:09:16 fetching corpus: 947, signal 121463/136286 (executing program) 2022/09/13 14:09:16 fetching corpus: 996, signal 123225/138479 (executing program) 2022/09/13 14:09:17 fetching corpus: 1045, signal 125346/140836 (executing program) 2022/09/13 14:09:17 fetching corpus: 1094, signal 126962/142733 (executing program) 2022/09/13 14:09:17 fetching corpus: 1144, signal 129009/144960 (executing program) 2022/09/13 14:09:17 fetching corpus: 1194, signal 131248/147318 (executing program) 2022/09/13 14:09:17 fetching corpus: 1243, signal 133849/149844 (executing program) 2022/09/13 14:09:17 fetching corpus: 1291, signal 135613/151777 (executing program) 2022/09/13 14:09:18 fetching corpus: 1341, signal 138739/154564 (executing program) 2022/09/13 14:09:18 fetching corpus: 1389, signal 141024/156733 (executing program) 2022/09/13 14:09:18 fetching corpus: 1439, signal 142382/158276 (executing program) 2022/09/13 14:09:18 fetching corpus: 1489, signal 143662/159633 (executing program) 2022/09/13 14:09:18 fetching corpus: 1538, signal 144752/160850 (executing program) 2022/09/13 14:09:18 fetching corpus: 1588, signal 146289/162365 (executing program) 2022/09/13 14:09:19 fetching corpus: 1638, signal 147927/164027 (executing program) 2022/09/13 14:09:19 fetching corpus: 1687, signal 149476/165491 (executing program) 2022/09/13 14:09:19 fetching corpus: 1737, signal 150612/166662 (executing program) 2022/09/13 14:09:19 fetching corpus: 1787, signal 151699/167796 (executing program) 2022/09/13 14:09:19 fetching corpus: 1837, signal 154346/169845 (executing program) 2022/09/13 14:09:19 fetching corpus: 1887, signal 156830/171782 (executing program) 2022/09/13 14:09:19 fetching corpus: 1936, signal 158124/172940 (executing program) 2022/09/13 14:09:19 fetching corpus: 1986, signal 158942/173779 (executing program) 2022/09/13 14:09:20 fetching corpus: 2036, signal 160743/175144 (executing program) 2022/09/13 14:09:20 fetching corpus: 2086, signal 161941/176141 (executing program) 2022/09/13 14:09:20 fetching corpus: 2136, signal 163095/177142 (executing program) 2022/09/13 14:09:20 fetching corpus: 2186, signal 164266/178109 (executing program) 2022/09/13 14:09:20 fetching corpus: 2236, signal 165699/179180 (executing program) 2022/09/13 14:09:20 fetching corpus: 2286, signal 167477/180359 (executing program) 2022/09/13 14:09:21 fetching corpus: 2336, signal 168821/181293 (executing program) 2022/09/13 14:09:21 fetching corpus: 2386, signal 170352/182299 (executing program) 2022/09/13 14:09:21 fetching corpus: 2436, signal 171779/183276 (executing program) 2022/09/13 14:09:21 fetching corpus: 2486, signal 172846/184022 (executing program) 2022/09/13 14:09:21 fetching corpus: 2536, signal 174036/184772 (executing program) 2022/09/13 14:09:21 fetching corpus: 2586, signal 175226/185514 (executing program) 2022/09/13 14:09:22 fetching corpus: 2636, signal 176921/186453 (executing program) 2022/09/13 14:09:22 fetching corpus: 2686, signal 177889/187037 (executing program) 2022/09/13 14:09:22 fetching corpus: 2736, signal 178708/187566 (executing program) 2022/09/13 14:09:22 fetching corpus: 2786, signal 180132/188323 (executing program) 2022/09/13 14:09:22 fetching corpus: 2836, signal 180944/188814 (executing program) 2022/09/13 14:09:22 fetching corpus: 2886, signal 182092/189413 (executing program) 2022/09/13 14:09:23 fetching corpus: 2936, signal 183163/189906 (executing program) 2022/09/13 14:09:23 fetching corpus: 2986, signal 183903/190263 (executing program) 2022/09/13 14:09:23 fetching corpus: 3036, signal 184665/190655 (executing program) 2022/09/13 14:09:23 fetching corpus: 3086, signal 185514/191048 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/191175 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/191256 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/191344 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/191443 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/191519 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/191606 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/191682 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/191759 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/191849 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/191935 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192044 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192132 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192221 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192313 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192402 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192489 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192582 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192663 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192730 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192809 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192873 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/192955 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/193028 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/193100 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/193177 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/193269 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/193339 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/193431 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/193512 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/193605 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/193682 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/193695 (executing program) 2022/09/13 14:09:23 fetching corpus: 3109, signal 185670/193695 (executing program) 2022/09/13 14:09:26 starting 8 fuzzer processes 14:09:26 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000200)={0x200000, 0x0, 0x12}, 0x18) 14:09:26 executing program 1: sysinfo(&(0x7f0000000000)=""/227) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000140)={0x3, &(0x7f0000000100)=[{0x2af, 0x4, 0x2, 0x40}, {0x20, 0x59, 0x6c, 0x3f}, {0xd04, 0xb7, 0x4, 0x80000000}]}) 14:09:26 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000340), &(0x7f0000000380)=0x4) 14:09:26 executing program 3: r0 = memfd_create(&(0x7f0000000280)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x05\x00\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\xff#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x0e\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x04\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\x01\x00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\x01\x01\x00\x00\x00\x00\x00\x00\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/\\\x01\xe2\xba\x0e\xe3\xf95\x1d\x10\xa7\x97\xbf\x8e\xac\x81\xc9\x13\x8e\xb3\xf3\xb5d\xa1\xcf\x1d\x92\x9b\x9b\xa7\x12F\xa0\xe0\xff\x1a\x8e\xe2ae^=\n\xe1\xa6\xb8\xe9v\x8f2\xf4\xac\xe5\xd7\xffi`Mo\x1e\x1cMN<\x1b\xd8\xfe\xd6P\xcdQ\x83\xfa\xe7\x1d\xd5\x01n\xa7~\x8b\x90/62\xff;.S\xf7\x0flwa\x16\xf0\xf2(\x96V,\xd7s\xaaOE\xd3H\xfd`}\xd8\xbc\x9a\xca\xe3\n\xd7fCe\xd8\xbb\xdao\xb0\x85\xcc\xedv\x94\xb5\xc4\xb6[>\xb9,\xfcG_-s\x94,F\x15\xd8m5>\x94\x84\xf5\x00\xc3\xf6m\xc7B\t{\xe0d\xc65(\x18\x9c\xad\x13b6\xca\x16\x95\xcb^zF\xd0\x1a\x8dP\x94\x19\xa4\xbfr=\xb6\xae\x00'/584, 0x2) fcntl$addseals(r0, 0x409, 0xc) ftruncate(r0, 0x2000000) [ 73.489694] audit: type=1400 audit(1663078166.858:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 14:09:26 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @remote}, 0x10) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000000)={r3, 0x3, 0x6, @link_local}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 14:09:26 executing program 5: ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair(0x0, 0x0, 0x8, &(0x7f0000000180)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000480), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0)) sendmsg$NBD_CMD_RECONFIGURE(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14}, 0x14}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r1, 0x0, 0x0) 14:09:26 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000740)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, @dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}) 14:09:26 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b036f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0xf1887000) chroot(0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000400)=ANY=[@ANYBLOB="0180a5a268fbd7bbacb70aa9533c5b2b41783b151ad07e5d3ceed7bcdee5006dc37b469f", @ANYRES32, @ANYRES64=r0]) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) io_uring_setup(0x454c, 0x0) write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0x7}, 0x15182, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r1, 0x0, 0xfffffdef) [ 74.855587] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 74.858536] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 74.860910] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 74.863515] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 74.865586] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 74.867909] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 74.869870] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 74.872011] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 74.881630] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 74.888774] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 74.896857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 74.898465] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 74.907699] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 74.909881] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 74.912214] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 74.914793] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 74.917590] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 74.917890] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 74.919844] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 74.920340] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 74.922971] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 74.925059] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 74.926855] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 74.932997] Bluetooth: hci1: HCI_REQ-0x0c1a [ 74.935122] Bluetooth: hci2: HCI_REQ-0x0c1a [ 74.945519] Bluetooth: hci0: HCI_REQ-0x0c1a [ 74.954914] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 74.965625] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 74.975843] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 74.984832] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 74.985683] Bluetooth: hci5: HCI_REQ-0x0c1a [ 74.995006] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 74.997824] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 75.002805] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 75.005823] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 75.010552] Bluetooth: hci6: HCI_REQ-0x0c1a [ 75.030844] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.032746] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.039882] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.042118] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 75.044182] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 75.052807] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 75.054226] Bluetooth: hci4: HCI_REQ-0x0c1a [ 75.056062] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 75.057798] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 75.112852] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 75.127851] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 75.130225] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 75.159429] Bluetooth: hci3: HCI_REQ-0x0c1a [ 76.985213] Bluetooth: hci2: command 0x0409 tx timeout [ 76.985698] Bluetooth: hci1: command 0x0409 tx timeout [ 76.986666] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 76.988149] Bluetooth: hci0: command 0x0409 tx timeout [ 77.048318] Bluetooth: hci6: command 0x0409 tx timeout [ 77.049094] Bluetooth: hci5: command 0x0409 tx timeout [ 77.112308] Bluetooth: hci4: command 0x0409 tx timeout [ 77.176325] Bluetooth: hci3: command 0x0409 tx timeout [ 79.032805] Bluetooth: hci0: command 0x041b tx timeout [ 79.033339] Bluetooth: hci1: command 0x041b tx timeout [ 79.033762] Bluetooth: hci2: command 0x041b tx timeout [ 79.096455] Bluetooth: hci5: command 0x041b tx timeout [ 79.096963] Bluetooth: hci6: command 0x041b tx timeout [ 79.160319] Bluetooth: hci4: command 0x041b tx timeout [ 79.224326] Bluetooth: hci3: command 0x041b tx timeout [ 80.188925] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 80.190133] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 80.191897] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 80.194240] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 80.196000] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 80.197035] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 80.200860] Bluetooth: hci7: HCI_REQ-0x0c1a [ 81.080397] Bluetooth: hci2: command 0x040f tx timeout [ 81.081096] Bluetooth: hci1: command 0x040f tx timeout [ 81.081570] Bluetooth: hci0: command 0x040f tx timeout [ 81.144352] Bluetooth: hci6: command 0x040f tx timeout [ 81.145115] Bluetooth: hci5: command 0x040f tx timeout [ 81.208357] Bluetooth: hci4: command 0x040f tx timeout [ 81.272296] Bluetooth: hci3: command 0x040f tx timeout [ 82.232447] Bluetooth: hci7: command 0x0409 tx timeout [ 83.128374] Bluetooth: hci0: command 0x0419 tx timeout [ 83.129054] Bluetooth: hci1: command 0x0419 tx timeout [ 83.130165] Bluetooth: hci2: command 0x0419 tx timeout [ 83.192352] Bluetooth: hci5: command 0x0419 tx timeout [ 83.192975] Bluetooth: hci6: command 0x0419 tx timeout [ 83.256365] Bluetooth: hci4: command 0x0419 tx timeout [ 83.320371] Bluetooth: hci3: command 0x0419 tx timeout [ 84.281095] Bluetooth: hci7: command 0x041b tx timeout [ 86.328354] Bluetooth: hci7: command 0x040f tx timeout [ 88.377166] Bluetooth: hci7: command 0x0419 tx timeout 14:10:23 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000740)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, @dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}) 14:10:24 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000740)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, @dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}) 14:10:24 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000740)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, @dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}) 14:10:24 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = msgget$private(0x0, 0x0) msgrcv(r1, 0x0, 0x0, 0x0, 0x0) 14:10:24 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = msgget$private(0x0, 0x0) msgrcv(r1, 0x0, 0x0, 0x0, 0x0) 14:10:24 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = msgget$private(0x0, 0x0) msgrcv(r1, 0x0, 0x0, 0x0, 0x0) 14:10:24 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = msgget$private(0x0, 0x0) msgrcv(r1, 0x0, 0x0, 0x0, 0x0) 14:10:24 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = msgget$private(0x0, 0x0) msgrcv(r1, 0x0, 0x0, 0x0, 0x0) [ 132.485147] device syz_tun entered promiscuous mode [ 132.492946] device syz_tun left promiscuous mode [ 134.313149] loop7: detected capacity change from 0 to 40 [ 134.343497] audit: type=1400 audit(1663078227.712:7): avc: denied { open } for pid=3977 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 134.345066] audit: type=1400 audit(1663078227.712:8): avc: denied { kernel } for pid=3977 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 134.351995] ------------[ cut here ]------------ [ 134.352016] [ 134.352019] ====================================================== [ 134.352023] WARNING: possible circular locking dependency detected [ 134.352027] 6.0.0-rc5-next-20220913 #1 Not tainted [ 134.352033] ------------------------------------------------------ [ 134.352037] syz-executor.7/3978 is trying to acquire lock: [ 134.352043] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 134.352081] [ 134.352081] but task is already holding lock: [ 134.352084] ffff88803ec4cc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 134.352112] [ 134.352112] which lock already depends on the new lock. [ 134.352112] [ 134.352116] [ 134.352116] the existing dependency chain (in reverse order) is: [ 134.352119] [ 134.352119] -> #3 (&ctx->lock){....}-{2:2}: [ 134.352133] _raw_spin_lock+0x2a/0x40 [ 134.352151] __perf_event_task_sched_out+0x53b/0x18d0 [ 134.352163] __schedule+0xedd/0x2470 [ 134.352174] schedule+0xda/0x1b0 [ 134.352183] exit_to_user_mode_prepare+0x114/0x1a0 [ 134.352204] syscall_exit_to_user_mode+0x19/0x40 [ 134.352222] do_syscall_64+0x48/0x90 [ 134.352236] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 134.352254] [ 134.352254] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 134.352268] _raw_spin_lock_nested+0x30/0x40 [ 134.352282] raw_spin_rq_lock_nested+0x1e/0x30 [ 134.352296] task_fork_fair+0x63/0x4d0 [ 134.352313] sched_cgroup_fork+0x3d0/0x540 [ 134.352327] copy_process+0x3f9e/0x6df0 [ 134.352338] kernel_clone+0xe7/0x890 [ 134.352347] user_mode_thread+0xad/0xf0 [ 134.352357] rest_init+0x24/0x250 [ 134.352374] arch_call_rest_init+0xf/0x14 [ 134.352394] start_kernel+0x4c1/0x4e6 [ 134.352411] secondary_startup_64_no_verify+0xe0/0xeb [ 134.352426] [ 134.352426] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 134.352440] _raw_spin_lock_irqsave+0x39/0x60 [ 134.352455] try_to_wake_up+0xab/0x1920 [ 134.352468] up+0x75/0xb0 [ 134.352480] __up_console_sem+0x6e/0x80 [ 134.352496] console_unlock+0x46a/0x590 [ 134.352512] vprintk_emit+0x1bd/0x560 [ 134.352529] vprintk+0x84/0xa0 [ 134.352546] _printk+0xba/0xf1 [ 134.352564] kauditd_hold_skb.cold+0x3f/0x4e [ 134.352579] kauditd_send_queue+0x233/0x290 [ 134.352594] kauditd_thread+0x5da/0x9a0 [ 134.352608] kthread+0x2ed/0x3a0 [ 134.352623] ret_from_fork+0x22/0x30 [ 134.352636] [ 134.352636] -> #0 ((console_sem).lock){....}-{2:2}: [ 134.352649] __lock_acquire+0x2a02/0x5e70 [ 134.352666] lock_acquire+0x1a2/0x530 [ 134.352682] _raw_spin_lock_irqsave+0x39/0x60 [ 134.352697] down_trylock+0xe/0x70 [ 134.352710] __down_trylock_console_sem+0x3b/0xd0 [ 134.352726] vprintk_emit+0x16b/0x560 [ 134.352743] vprintk+0x84/0xa0 [ 134.352759] _printk+0xba/0xf1 [ 134.352776] report_bug.cold+0x72/0xab [ 134.352788] handle_bug+0x3c/0x70 [ 134.352801] exc_invalid_op+0x14/0x50 [ 134.352814] asm_exc_invalid_op+0x16/0x20 [ 134.352831] group_sched_out.part.0+0x2c7/0x460 [ 134.352841] ctx_sched_out+0x8f1/0xc10 [ 134.352851] __perf_event_task_sched_out+0x6d0/0x18d0 [ 134.352863] __schedule+0xedd/0x2470 [ 134.352872] schedule+0xda/0x1b0 [ 134.352882] exit_to_user_mode_prepare+0x114/0x1a0 [ 134.352901] syscall_exit_to_user_mode+0x19/0x40 [ 134.352919] do_syscall_64+0x48/0x90 [ 134.352932] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 134.352949] [ 134.352949] other info that might help us debug this: [ 134.352949] [ 134.352951] Chain exists of: [ 134.352951] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 134.352951] [ 134.352967] Possible unsafe locking scenario: [ 134.352967] [ 134.352969] CPU0 CPU1 [ 134.352971] ---- ---- [ 134.352974] lock(&ctx->lock); [ 134.352980] lock(&rq->__lock); [ 134.352986] lock(&ctx->lock); [ 134.352992] lock((console_sem).lock); [ 134.352998] [ 134.352998] *** DEADLOCK *** [ 134.352998] [ 134.353000] 2 locks held by syz-executor.7/3978: [ 134.353007] #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 134.353032] #1: ffff88803ec4cc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 134.353060] [ 134.353060] stack backtrace: [ 134.353063] CPU: 0 PID: 3978 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220913 #1 [ 134.353075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 134.353084] Call Trace: [ 134.353087] [ 134.353091] dump_stack_lvl+0x8b/0xb3 [ 134.353106] check_noncircular+0x263/0x2e0 [ 134.353123] ? format_decode+0x26c/0xb50 [ 134.353139] ? print_circular_bug+0x450/0x450 [ 134.353156] ? enable_ptr_key_workfn+0x20/0x20 [ 134.353171] ? format_decode+0x26c/0xb50 [ 134.353186] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 134.353204] __lock_acquire+0x2a02/0x5e70 [ 134.353226] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 134.353249] lock_acquire+0x1a2/0x530 [ 134.353266] ? down_trylock+0xe/0x70 [ 134.353281] ? rcu_read_unlock+0x40/0x40 [ 134.353302] ? vprintk+0x84/0xa0 [ 134.353320] _raw_spin_lock_irqsave+0x39/0x60 [ 134.353336] ? down_trylock+0xe/0x70 [ 134.353350] down_trylock+0xe/0x70 [ 134.353363] ? vprintk+0x84/0xa0 [ 134.353381] __down_trylock_console_sem+0x3b/0xd0 [ 134.353398] vprintk_emit+0x16b/0x560 [ 134.353418] vprintk+0x84/0xa0 [ 134.353436] _printk+0xba/0xf1 [ 134.353454] ? record_print_text.cold+0x16/0x16 [ 134.353476] ? report_bug.cold+0x66/0xab [ 134.353490] ? group_sched_out.part.0+0x2c7/0x460 [ 134.353501] report_bug.cold+0x72/0xab [ 134.353516] handle_bug+0x3c/0x70 [ 134.353531] exc_invalid_op+0x14/0x50 [ 134.353547] asm_exc_invalid_op+0x16/0x20 [ 134.353568] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 134.353582] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 134.353594] RSP: 0018:ffff8880403dfc48 EFLAGS: 00010006 [ 134.353603] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.353610] RDX: ffff888015e33580 RSI: ffffffff81566027 RDI: 0000000000000005 [ 134.353619] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 134.353626] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88803ec4cc00 [ 134.353634] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 134.353645] ? group_sched_out.part.0+0x2c7/0x460 [ 134.353658] ? group_sched_out.part.0+0x2c7/0x460 [ 134.353671] ctx_sched_out+0x8f1/0xc10 [ 134.353683] __perf_event_task_sched_out+0x6d0/0x18d0 [ 134.353698] ? lock_is_held_type+0xd7/0x130 [ 134.353717] ? __perf_cgroup_move+0x160/0x160 [ 134.353729] ? set_next_entity+0x304/0x550 [ 134.353747] ? update_curr+0x267/0x740 [ 134.353766] ? lock_is_held_type+0xd7/0x130 [ 134.353784] __schedule+0xedd/0x2470 [ 134.353797] ? io_schedule_timeout+0x150/0x150 [ 134.353810] ? rcu_read_lock_sched_held+0x3e/0x80 [ 134.353831] schedule+0xda/0x1b0 [ 134.353842] exit_to_user_mode_prepare+0x114/0x1a0 [ 134.353863] syscall_exit_to_user_mode+0x19/0x40 [ 134.353881] do_syscall_64+0x48/0x90 [ 134.353895] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 134.353913] RIP: 0033:0x7fe3698f9b19 [ 134.353921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.353932] RSP: 002b:00007fe366e6f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 134.353943] RAX: 0000000000000001 RBX: 00007fe369a0cf68 RCX: 00007fe3698f9b19 [ 134.353951] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe369a0cf6c [ 134.353958] RBP: 00007fe369a0cf60 R08: 000000000000000e R09: 0000000000000000 [ 134.353966] R10: 0000000000000007 R11: 0000000000000246 R12: 00007fe369a0cf6c [ 134.353973] R13: 00007ffc9f6ae1cf R14: 00007fe366e6f300 R15: 0000000000022000 [ 134.353986] [ 134.410643] WARNING: CPU: 0 PID: 3978 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 134.411303] Modules linked in: [ 134.411542] CPU: 0 PID: 3978 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220913 #1 [ 134.412105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 134.412901] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 134.413283] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 134.414639] RSP: 0018:ffff8880403dfc48 EFLAGS: 00010006 [ 134.415007] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.415489] RDX: ffff888015e33580 RSI: ffffffff81566027 RDI: 0000000000000005 [ 134.415970] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 134.416453] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88803ec4cc00 [ 134.416933] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 134.417415] FS: 00007fe366e6f700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 134.417958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.418351] CR2: 00007fa060b2b980 CR3: 0000000015d3a000 CR4: 0000000000350ef0 [ 134.418841] Call Trace: [ 134.419018] [ 134.419178] ctx_sched_out+0x8f1/0xc10 [ 134.419451] __perf_event_task_sched_out+0x6d0/0x18d0 [ 134.419807] ? lock_is_held_type+0xd7/0x130 [ 134.420111] ? __perf_cgroup_move+0x160/0x160 [ 134.420423] ? set_next_entity+0x304/0x550 [ 134.420725] ? update_curr+0x267/0x740 [ 134.421012] ? lock_is_held_type+0xd7/0x130 [ 134.421323] __schedule+0xedd/0x2470 [ 134.421593] ? io_schedule_timeout+0x150/0x150 [ 134.421923] ? rcu_read_lock_sched_held+0x3e/0x80 [ 134.422271] schedule+0xda/0x1b0 [ 134.422514] exit_to_user_mode_prepare+0x114/0x1a0 [ 134.422890] syscall_exit_to_user_mode+0x19/0x40 [ 134.423236] do_syscall_64+0x48/0x90 [ 134.423507] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 134.423876] RIP: 0033:0x7fe3698f9b19 [ 134.424142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.425407] RSP: 002b:00007fe366e6f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 134.425940] RAX: 0000000000000001 RBX: 00007fe369a0cf68 RCX: 00007fe3698f9b19 [ 134.426436] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe369a0cf6c [ 134.426937] RBP: 00007fe369a0cf60 R08: 000000000000000e R09: 0000000000000000 [ 134.427433] R10: 0000000000000007 R11: 0000000000000246 R12: 00007fe369a0cf6c [ 134.427931] R13: 00007ffc9f6ae1cf R14: 00007fe366e6f300 R15: 0000000000022000 [ 134.428434] [ 134.428602] irq event stamp: 6182 [ 134.428846] hardirqs last enabled at (6181): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 134.429509] hardirqs last disabled at (6182): [] __schedule+0x1225/0x2470 [ 134.430083] softirqs last enabled at (5866): [] __irq_exit_rcu+0x11b/0x180 [ 134.430686] softirqs last disabled at (5857): [] __irq_exit_rcu+0x11b/0x180 [ 134.431292] ---[ end trace 0000000000000000 ]--- [ 134.459679] syz-executor.7: attempt to access beyond end of device [ 134.459679] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 134.460655] Buffer I/O error on dev loop7, logical block 10, lost async page write [ 134.487448] syz-executor.7 (3978) used greatest stack depth: 24472 bytes left [ 137.848435] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 142.072438] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 144.260798] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 144.262083] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 144.264939] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 144.267185] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 144.269054] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 144.270182] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 144.273146] Bluetooth: hci2: HCI_REQ-0x0c1a VM DIAGNOSIS: 14:10:28 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b25c1 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff8880403df698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001 R12=0000000000000020 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b25b0 RIP=ffffffff822b2619 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fe366e6f700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa060b2b980 CR3=0000000015d3a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=1ffff11001fb8745 RBX=ffff88806e3d9ee0 RCX=ffffffff811da5c7 RDX=1ffff110012bdf80 RSI=0000000000000008 RDI=ffff8880095efc00 RBP=dffffc0000000000 RSP=ffff88800fe57da8 R8 =0000000000000000 R9 =ffff8880095efc07 R10=ffffed10012bdf80 R11=0000000000000001 R12=ffff88806e3d9ff9 R13=ffff88800fdc3580 R14=0000000000000000 R15=0000000000000092 RIP=ffffffff817bde04 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055b829a6b700 CR3=000000001adcc000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 303534332e343331 20205b203a6c656e YMM01=0000000000000000 0000000000000000 3033363631287469 6475612030303431 YMM02=0000000000000000 0000000000000000 656b207b20206465 696e656420203a63 YMM03=0000000000000000 0000000000000000 652d7a7973223d6d 6d6f632037373933 YMM04=0000000000000000 0000000000000000 2037323a30313a34 3120333120706553 YMM05=0000000000000000 0000000000000000 6576655f66726570 3d7373616c637420 YMM06=0000000000000000 0000000000000000 747379733a755f6d 65747379733d7478 YMM07=0000000000000000 0000000000000000 656b3a725f6d6574 7379733a755f6d65 YMM08=0000000000000000 0000000000000000 2e726f7475636578 652d7a7973223d6d YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000