Warning: Permanently added '[localhost]:15780' (ECDSA) to the list of known hosts. 2023/08/20 14:24:53 fuzzer started 2023/08/20 14:24:54 dialing manager at localhost:46849 syzkaller login: [ 109.083522] cgroup: Unknown subsys name 'net' [ 109.299300] cgroup: Unknown subsys name 'rlimit' [ 122.218784] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2023/08/20 14:25:08 syscalls: 201 2023/08/20 14:25:08 code coverage: enabled 2023/08/20 14:25:08 comparison tracing: enabled 2023/08/20 14:25:08 extra coverage: enabled 2023/08/20 14:25:08 setuid sandbox: enabled 2023/08/20 14:25:08 namespace sandbox: enabled 2023/08/20 14:25:08 Android sandbox: enabled 2023/08/20 14:25:08 fault injection: enabled 2023/08/20 14:25:08 leak checking: enabled 2023/08/20 14:25:08 net packet injection: enabled 2023/08/20 14:25:08 net device setup: enabled 2023/08/20 14:25:08 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/08/20 14:25:08 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/08/20 14:25:08 USB emulation: enabled 2023/08/20 14:25:08 hci packet injection: enabled 2023/08/20 14:25:08 wifi device emulation: enabled 2023/08/20 14:25:08 802.15.4 emulation: enabled 2023/08/20 14:25:08 fetching corpus: 0, signal 0/0 (executing program) 2023/08/20 14:25:10 starting 8 fuzzer processes 14:25:10 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x10601, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x600800, 0x0) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x7fffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_STATS(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r3, 0x400, 0x70bd27, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000c04}, 0x20004800) ioctl$TIOCMBIS(r1, 0x5416, &(0x7f0000000200)=0x3) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/custom0\x00', 0x800, 0x0) r5 = mmap$binder(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x81) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000580)={0x74, 0x0, &(0x7f0000000400)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000340)={@ptr={0x70742a85, 0x1, &(0x7f0000000280)=""/175, 0xaf, 0x0, 0x23}, @fd={0x66642a85, 0x0, r1}, @fd={0x66642a85, 0x0, r0}}, &(0x7f00000003c0)={0x0, 0x28, 0x40}}}, @exit_looper, @free_buffer={0x40086303, r5}, @enter_looper, @increfs_done={0x40106308, 0x1}], 0xe2, 0x0, &(0x7f0000000480)="000e3196024a9c4c8db2ea61f9399ff1461d1ba7feb9a57679ec0eee6a3e904c7f2f306daa13f8da2a817d28f8c4106ed967727e1e1df7b464603453d1a116d9a18312f18258b031e8a66cf16c67b57f33f099632654ed06a011290bbc3514784b941169cbf3253ea6e36f2ec6847a1be7dc218be688131dee0e8b3c5d653c631154d43fd56cf7119c55b936ce23a8a414defa02da40c6cea0d2450fba9361344c64e835aff44e363b16d41a32ceea3cfd2cf116a0cdf9bdd3d45c695853bd7895c228c884bc020e430ac3ad96ca1c768400cbfe25067f0e4e8f5764d4e79daeaf2a"}) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$NET_DM_CMD_START(r6, &(0x7f00000006c0)={&(0x7f00000005c0), 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x14, r7, 0x200, 0x70bd27, 0x25dfdbff, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x24000004) syz_genetlink_get_family_id$net_dm(&(0x7f0000000700), r6) syz_genetlink_get_family_id$net_dm(&(0x7f0000000740), r6) ioctl$KDSETLED(r1, 0x4b32, 0x4) syz_genetlink_get_family_id$net_dm(&(0x7f0000000780), r6) getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0xb, &(0x7f00000007c0)=""/192, &(0x7f0000000880)=0xc0) sendmsg$NLBL_CALIPSO_C_ADD(r6, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x34, 0x0, 0x2, 0x70bd25, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x40480d4}, 0x800) io_uring_register$IORING_UNREGISTER_EVENTFD(r2, 0x5, 0x0, 0x0) 14:25:10 executing program 1: r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x16002, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) socketpair(0x11, 0x3, 0x7f, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$bt_hci(r2, &(0x7f00000000c0)={0x1, @write_def_link_policy={{0x80f, 0x2}, {0x9}}}, 0x6) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x1, 0x0, &(0x7f0000000100)=[r1]}, 0x1) getsockopt$inet_udp_int(r3, 0x11, 0xb, &(0x7f0000000180), &(0x7f00000001c0)=0x4) fstat(r0, &(0x7f0000000200)) r4 = memfd_secret(0x80000) ioctl$KDGKBTYPE(r4, 0x4b33, &(0x7f0000000280)) r5 = openat$zero(0xffffffffffffff9c, &(0x7f00000002c0), 0x50140, 0x0) ioctl$TIOCMBIS(r4, 0x5416, &(0x7f0000000300)=0x7fffffff) r6 = syz_open_pts(r4, 0x2) ioctl$TIOCSISO7816(r6, 0xc0285443, &(0x7f0000000340)={0x5, 0xffffffff, 0x7, 0x401, 0x1d}) r7 = epoll_create1(0x0) r8 = pidfd_getfd(r0, r7, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000380)={0x85, 0x9, 0x0, 0x101, 0x8}, 0x14) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x80, 0x0) io_uring_register$IORING_UNREGISTER_FILES(r8, 0x3, 0x0, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r5, 0xc018620b, &(0x7f0000000400)) socket$nl_generic(0x10, 0x3, 0x10) 14:25:10 executing program 2: r0 = memfd_secret(0x80000) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) sched_getattr(0xffffffffffffffff, &(0x7f0000000000)={0x38}, 0x38, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x18, 0x0, &(0x7f0000000040)=[@register_looper, @request_death={0x400c630e, 0x3}, @register_looper], 0x59, 0x0, &(0x7f0000000080)="f076ee1b7607d6dfcf73524fdda0ab0b83b879268e9db1e457edaaa70f484575e0c0ff175d3b73c0a92a5989b3ac1afa077a4933d7de55ebfa8786d9ec505245b9ad6b9f81ff600ca43174e25ab28ff797f1e7a61ec71af212"}) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/syz0\x00', 0x200002, 0x0) openat$cgroup_pressure(r1, &(0x7f0000000180)='memory.pressure\x00', 0x2, 0x0) getgid() r2 = clone3(&(0x7f0000000580)={0xad3021a6bb5ff82f, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0), {0x9}, &(0x7f0000000400)=""/232, 0xe8, &(0x7f0000000500), &(0x7f0000000540)=[0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff], 0x4, {r0}}, 0x58) r3 = memfd_secret(0x80000) r4 = clone3(&(0x7f0000000640)={0x5000000, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240), {0x1e}, &(0x7f0000000280)=""/115, 0x73, &(0x7f0000000300)=""/37, &(0x7f0000000600)=[r2, 0xffffffffffffffff], 0x2, {r3}}, 0x58) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000006c0)={0x73622a85, 0x0, 0x3}) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000700)) semctl$IPC_INFO(0x0, 0x2, 0x3, &(0x7f0000000740)=""/75) openat$cgroup_pressure(r0, &(0x7f00000007c0)='io.pressure\x00', 0x2, 0x0) openat$random(0xffffffffffffff9c, &(0x7f0000000800), 0xa08281, 0x0) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000008c0), 0x1000) r6 = syz_open_pts(r0, 0x2) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000a80)={0x80, 0x0, &(0x7f00000009c0)=[@transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000900)={@ptr={0x70742a85, 0x0, &(0x7f0000000840)=""/100, 0x64, 0x2, 0xc}, @fd={0x66642a85, 0x0, r5}, @fd={0x66642a85, 0x0, r6}}, &(0x7f0000000980)={0x0, 0x28, 0x40}}, 0x40}, @request_death, @free_buffer, @dead_binder_done, @register_looper, @decrefs={0x40046307, 0x2}], 0x15, 0x0, &(0x7f0000000a40)="5ecf940aaa3c740385be6e50f4bc6d85ca172e30fe"}) r7 = pidfd_open(r4, 0x0) waitid$P_PIDFD(0x3, r7, &(0x7f0000000ac0), 0x20000000, &(0x7f0000000b40)) [ 124.151672] audit: type=1400 audit(1692541510.238:6): avc: denied { execmem } for pid=271 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 14:25:10 executing program 3: ioctl$RNDCLEARPOOL(0xffffffffffffffff, 0x5206, &(0x7f0000000000)) r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) timerfd_gettime(r0, &(0x7f0000000040)) r1 = openat$cgroup_pressure(r0, &(0x7f0000000080)='memory.pressure\x00', 0x2, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), r0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000100), r2) ioctl$TIOCMBIS(r0, 0x5416, &(0x7f0000000180)=0x1ff) r3 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCL_UNBLANKSCREEN(r3, 0x541c, &(0x7f00000001c0)) syz_open_pts(r0, 0x10001) syz_open_dev$ttys(0xc, 0x2, 0x1) r4 = io_uring_setup(0x61d8, &(0x7f0000000200)={0x0, 0x23a7, 0x1, 0x2, 0x357}) mmap$IORING_OFF_SQ_RING(&(0x7f00003fe000/0xc00000)=nil, 0xc00000, 0x1, 0x110, r4, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x100) fstat(0xffffffffffffffff, &(0x7f0000000340)) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000003c0)) r5 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x1f) ioctl$TIOCSSOFTCAR(r5, 0x541a, &(0x7f0000000400)=0x59b5ff00) ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000440)) 14:25:10 executing program 4: io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x4e06, 0xc8f8, 0x3, &(0x7f0000000000)={[0xbb2]}, 0x8) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000040)={0xa3a8, 0x8, 0x0, 0x5, 0xb6, 0x1f, 0xec3, 0x6283}, &(0x7f0000000080)={0x101, 0x8, 0x4, 0x0, 0x200, 0xff, 0x0, 0x5}, &(0x7f00000000c0)={0xb63, 0x6, 0x6, 0x7, 0x0, 0x8, 0xffffffffffff0001, 0x1}, &(0x7f0000000140)={r0, r1+60000000}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x7]}, 0x8}) io_uring_register$IORING_UNREGISTER_EVENTFD(0xffffffffffffffff, 0x5, 0x0, 0x0) r2 = perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x6, 0x3f, 0x40, 0x9, 0x0, 0x100, 0x814, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_config_ext={0x9, 0xbc59}, 0x2001, 0x0, 0x6, 0x4, 0x1, 0x9f, 0x2, 0x0, 0x2}, 0x0, 0x9, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x3f, 0x7f, 0x1f, 0x0, 0x0, 0x10001, 0x22000, 0x8, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x20, 0x0, @perf_bp={&(0x7f0000000200)}, 0x420, 0x5b, 0x2, 0x3, 0x40, 0x7c, 0x1, 0x0, 0x20, 0x0, 0x1}, 0x0, 0x6, r2, 0x0) pidfd_send_signal(0xffffffffffffffff, 0x2d, &(0x7f0000000340)={0x20, 0x5, 0x8}, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000840)=[{&(0x7f00000003c0)=""/192, 0xc0}, {&(0x7f0000000480)=""/102, 0x66}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000600)=""/101, 0x65}, {&(0x7f0000000680)=""/219, 0xdb}, {&(0x7f0000000780)=""/99, 0x63}, {&(0x7f0000000800)=""/19, 0x13}], 0x7) r3 = getpgrp(0x0) waitid(0x2, r3, &(0x7f00000008c0), 0x4, &(0x7f0000000940)) waitid$P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000a00), 0x8, &(0x7f0000000a80)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c80)={0x0}, &(0x7f0000000cc0)=0xc) clone3(&(0x7f0000000d40)={0x10000000, &(0x7f0000000b40), &(0x7f0000000b80), &(0x7f0000000bc0), {0x3d}, &(0x7f0000000c00)=""/38, 0x26, &(0x7f0000000c40)=""/57, &(0x7f0000000d00)=[r3, r4, r3], 0x3}, 0x58) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000dc0), &(0x7f0000000e00)=0xc) ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000e40)) setsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000e80)=0x5, 0x4) io_uring_register$IORING_UNREGISTER_EVENTFD(0xffffffffffffffff, 0x5, 0x0, 0x0) timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000ec0)={{}, {0x0, 0x3938700}}, &(0x7f0000000f00)) fstat(0xffffffffffffffff, &(0x7f0000000f40)) 14:25:10 executing program 5: r0 = syz_open_pts(0xffffffffffffffff, 0x80200) r1 = syz_open_pts(r0, 0x8000) ioctl$KDSETLED(r1, 0x4b32, 0x7c82fec1) ioctl$TIOCMBIS(r0, 0x5416, &(0x7f0000000000)) r2 = syz_open_dev$ttys(0xc, 0x2, 0x0) r3 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) ioctl$KDFONTOP_COPY(r3, 0x4b72, &(0x7f0000000440)={0x3, 0x1, 0x16, 0xa, 0x192, &(0x7f0000000040)}) io_setup(0x7, &(0x7f0000000480)=0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) r6 = eventfd(0x4) r7 = openat$cgroup_pressure(r3, &(0x7f0000000680)='io.pressure\x00', 0x2, 0x0) io_submit(r4, 0x4, &(0x7f0000000900)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0xb, 0x0, r5, &(0x7f00000004c0)="43bc9e5e308b37783024edd1e3c42c6f576ca956c34dadea99f417a52944d37059bf48aba70b6be4a2f480150c9dcebb9ef7469abc563d7d252c229f233c9bd36208e8f220bbf53d7a14aefc5fe85099385850eb447b27c1cd1448f30eeded88c51f5de2cfaa340e1b575c7568e6444f6fa48440110de59464", 0x79, 0xfff, 0x0, 0x2, r6}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x6, 0x1, 0xffffffffffffffff, &(0x7f0000000580)="09022080080c51177f88fdda08d84f6449a0c0ea83ba0fc60c030f9d3955aedcb5de0f40a2d8bbb0965f3a4b85238169388feb15a7ad2ef910b1b46271f0e6a72457d3a75c94a9ca38d783e684cb31ae6687ad390371a1d971f77204b52c863b5cff80eae86cc4cfaa4a0dbffc93892d0d9645beecb5dfa8602438515d14f3c9ba247b73b7961749dbea9d2bc9d15752b9e69aed33ca94cb6130bfe458c2f914bce6ba565cd5c49bdf8eab23dca5d1bce215c6b81a93", 0xb6, 0x3, 0x0, 0x0, r3}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x7, 0x8000, r7, &(0x7f00000006c0)="45482ac2cbf66051405f90ded8dbad9891976ecbbb3bb628a2c94c2494531d3fd7c1e2017317ef017c7d828f1c65be1565088a2fd53319e338ea3396fd2ed551fc3cfe87903e32793b7c3b821c53e19a1a039a3b7d1591590297f67ae2b30c93fd8a749abdf386dc745b8c15db710a440de0db74857ac547ad552b62d9298c7e8694bd1adc90088047afdcc75f6f8d4e7494800d7fc9c38b796745357d928de006fec9b24ff504478b0752672c9ffb25aba65c084ae64f5e", 0xb8, 0x3f8, 0x0, 0x1, r3}, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x7, 0x6, r1, &(0x7f00000007c0)="47ca76b5810f851d25c4e939b047b8ddb99b8e10b2a4a5e3ed6ee1ab59c120710a9656bab9bb2d1bf3dd61a72cb6a2de716bc9e6089234b3484783ff94d0eb12a6466a2ba38b4f61fa193869107bdf0cec0ad50f600578c69bdb645fc799cc31bd640097bc786952dc6f73a80b146ab68dd9d552055d06e50a03216593143d192614d2c6db3d8f7abae52e65792289c7cbccc9ce9bf8804100413831825b92704093917e889a454fb9a642e2622766865ee321647c50f20402bea2d4637f2a88ca425dc25dd8032d5123f6cbdcccd866298033ebdee019ef38364c77", 0xdc, 0x8000, 0x0, 0x1, r3}]) ioctl$BINDER_GET_NODE_DEBUG_INFO(r3, 0xc018620b, &(0x7f0000000940)={0x3}) r8 = pidfd_getfd(r3, r2, 0x0) ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000c00)={0x80, 0x0, &(0x7f0000000b40)=[@enter_looper, @request_death={0x400c630e, 0x2}, @free_buffer, @increfs_done={0x40106308, 0xffff}, @enter_looper, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000a80)={@ptr={0x70742a85, 0x0, &(0x7f0000000980)=""/244, 0xf4, 0x0, 0x38}, @fda={0x66646185, 0x5, 0x0, 0x9}, @flat=@weak_binder={0x77622a85, 0x100, 0x2}}, &(0x7f0000000b00)={0x0, 0x28, 0x48}}}, @register_looper], 0x4, 0x0, &(0x7f0000000bc0)="e058c7df"}) ioctl$RFKILL_IOCTL_NOINPUT(r3, 0x5201) r9 = pidfd_getfd(r8, r6, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r3, 0x4, &(0x7f0000000c40)=r9, 0x1) r10 = eventfd(0x10000) io_uring_register$IORING_REGISTER_EVENTFD(r8, 0x4, &(0x7f0000000c80)=r10, 0x1) 14:25:10 executing program 6: r0 = syz_io_uring_setup(0x5ee4, &(0x7f0000000000)={0x0, 0x452e, 0x20, 0x1, 0x1f1}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r1 = shmget(0x1, 0x4000, 0x4, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffb000/0x4000)=nil, 0x6000) ioctl$BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, &(0x7f0000000100)={0x3}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000002, 0x13, r0, 0x0) r2 = syz_io_uring_setup(0x1161, &(0x7f0000000140)={0x0, 0xf02a, 0x1, 0x3, 0x82}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) syz_io_uring_setup(0x136a, &(0x7f0000000240)={0x0, 0x1957, 0x8, 0x3, 0x30f, 0x0, r2}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000002c0), &(0x7f0000000300)) shmctl$IPC_STAT(0xffffffffffffffff, 0x2, &(0x7f0000000340)=""/16) r3 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1) semctl$SEM_INFO(0x0, 0x3, 0x13, &(0x7f0000000380)=""/239) r4 = io_uring_setup(0x3597, &(0x7f0000000480)={0x0, 0x5a13, 0x10, 0x1, 0x17, 0x0, r2}) mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000002, 0x4010, r4, 0x10000000) shmctl$SHM_STAT(r1, 0xd, &(0x7f0000000500)=""/192) shmctl$IPC_INFO(r1, 0x3, &(0x7f00000005c0)=""/34) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f0000000600)={0x2}) mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, 0xffffffffffffffff, 0x6) ioctl$TIOCGPTPEER(r3, 0x5441, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000002, 0x2010, r4, 0x10000000) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000700)={0x24, 0x0, &(0x7f0000000640)=[@dead_binder_done, @exit_looper, @acquire_done={0x40106309, 0x3}], 0x64, 0x0, &(0x7f0000000680)="d877221780388115336ed91102becb73ac1ee4c08e33a1bcb9f50b9084275deace8f672987f4b486f2f1d2d0c5f6541b310b408fcf9ce18fd36c88488b43cae83ac3348600f0a3f8644de3fddda2ae9658f8a53c9bdb01b77e40eed6b70a9be611582e25"}) mount$9p_fd(0x0, &(0x7f0000000740)='./file0\x00', &(0x7f0000000780), 0x4000, &(0x7f00000007c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}, {@cachetag={'cachetag', 0x3d, '\x00'}}, {@posixacl}, {@uname={'uname', 0x3d, '\x00'}}], [{@uid_lt={'uid<', 0xffffffffffffffff}}, {@smackfsdef={'smackfsdef', 0x3d, '\x00'}}, {@dont_hash}, {@fowner_eq={'fowner', 0x3d, 0xee00}}, {@fsname={'fsname', 0x3d, ','}}, {@audit}]}}) 14:25:10 executing program 7: semctl$IPC_RMID(0x0, 0x0, 0x0) r0 = semget$private(0x0, 0x2, 0x3ca) semctl$SEM_STAT_ANY(r0, 0x3, 0x14, &(0x7f0000000000)=""/93) semctl$GETNCNT(0xffffffffffffffff, 0x4, 0xe, &(0x7f0000000080)=""/46) semctl$SEM_STAT_ANY(r0, 0x1, 0x14, &(0x7f00000000c0)=""/184) semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000180)=""/39) r1 = semget$private(0x0, 0x2, 0x1) semctl$GETVAL(r1, 0x0, 0xc, &(0x7f00000001c0)=""/17) r2 = semget(0x2, 0x1, 0x201) r3 = semget$private(0x0, 0x3, 0x4) semctl$GETNCNT(r3, 0x3, 0xe, &(0x7f0000000200)=""/223) semctl$SEM_INFO(r2, 0x4, 0x13, &(0x7f0000000300)=""/236) semctl$GETNCNT(r1, 0x4, 0xe, &(0x7f0000000400)) r4 = semget$private(0x0, 0x2, 0x140) semctl$GETNCNT(r4, 0x0, 0xe, &(0x7f0000000440)=""/146) semget(0x3, 0x4, 0x14f0b15a2e0fdbbf) semctl$GETZCNT(r2, 0x3, 0xf, &(0x7f0000000500)=""/213) r5 = semget$private(0x0, 0x4, 0x42) semctl$SEM_STAT_ANY(r5, 0x1, 0x14, &(0x7f0000000600)=""/80) shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000000680)=""/219) [ 125.533250] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 125.541536] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 125.549838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 125.572938] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 125.585344] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 125.588565] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 125.668061] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 125.671080] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 125.673135] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 125.679056] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 125.684265] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 125.686342] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 125.706600] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 125.708301] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 125.713927] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 125.715351] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 125.718445] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 125.726827] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 125.741239] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 125.744708] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 125.762805] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 125.764998] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 125.766562] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 125.770058] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 125.783681] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 125.785665] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 125.788221] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 125.793896] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 125.799118] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 125.807326] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 127.621431] Bluetooth: hci0: command 0x0409 tx timeout [ 127.623482] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 127.683922] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 127.748643] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 127.749354] Bluetooth: hci2: command 0x0409 tx timeout [ 127.875589] Bluetooth: hci7: command 0x0409 tx timeout [ 127.876708] Bluetooth: hci5: command 0x0409 tx timeout [ 127.877608] Bluetooth: hci4: command 0x0409 tx timeout [ 129.668164] Bluetooth: hci0: command 0x041b tx timeout [ 129.795436] Bluetooth: hci2: command 0x041b tx timeout [ 129.924630] Bluetooth: hci5: command 0x041b tx timeout [ 129.924683] Bluetooth: hci7: command 0x041b tx timeout [ 129.925196] Bluetooth: hci4: command 0x041b tx timeout [ 131.715783] Bluetooth: hci0: command 0x040f tx timeout [ 131.844652] Bluetooth: hci2: command 0x040f tx timeout [ 131.972777] Bluetooth: hci4: command 0x040f tx timeout [ 131.973137] Bluetooth: hci7: command 0x040f tx timeout [ 131.974429] Bluetooth: hci5: command 0x040f tx timeout [ 133.444271] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 133.509728] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 133.510707] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 133.765455] Bluetooth: hci0: command 0x0419 tx timeout [ 133.891750] Bluetooth: hci2: command 0x0419 tx timeout [ 134.020458] Bluetooth: hci7: command 0x0419 tx timeout [ 134.021200] Bluetooth: hci5: command 0x0419 tx timeout [ 134.022819] Bluetooth: hci4: command 0x0419 tx timeout [ 136.425943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 136.434797] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 136.435769] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 136.470636] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 136.482001] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 136.487106] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 136.889165] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 136.891311] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 136.894613] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 136.916751] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 136.965426] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 136.975962] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 138.563542] Bluetooth: hci1: command 0x0409 tx timeout [ 138.820020] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 139.077315] Bluetooth: hci6: command 0x0409 tx timeout [ 140.612006] Bluetooth: hci1: command 0x041b tx timeout [ 141.123579] Bluetooth: hci6: command 0x041b tx timeout [ 142.660420] Bluetooth: hci1: command 0x040f tx timeout [ 143.171603] Bluetooth: hci6: command 0x040f tx timeout [ 143.696426] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 144.708494] Bluetooth: hci1: command 0x0419 tx timeout [ 145.221738] Bluetooth: hci6: command 0x0419 tx timeout [ 146.465844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 146.474619] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 146.475475] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 146.478257] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 146.481985] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 146.482834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 148.612781] Bluetooth: hci3: command 0x0409 tx timeout [ 150.659449] Bluetooth: hci3: command 0x041b tx timeout [ 152.707585] Bluetooth: hci3: command 0x040f tx timeout [ 154.756878] Bluetooth: hci3: command 0x0419 tx timeout [ 187.666113] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 187.669765] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 187.671539] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 187.678910] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 187.681269] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 187.682804] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 187.761917] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 187.765143] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 187.766174] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 187.770152] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 187.772599] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 187.774613] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 189.443927] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 189.764037] Bluetooth: hci2: command 0x0409 tx timeout [ 189.827932] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 189.891486] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 189.891638] Bluetooth: hci4: command 0x0409 tx timeout [ 191.811448] Bluetooth: hci2: command 0x041b tx timeout [ 191.940441] Bluetooth: hci4: command 0x041b tx timeout [ 192.160959] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 192.167438] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 192.168546] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 192.182049] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 192.183893] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 192.185487] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 193.065855] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 193.098692] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 193.099954] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 193.134668] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 193.148195] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 193.174770] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 193.859770] Bluetooth: hci2: command 0x040f tx timeout [ 193.987471] Bluetooth: hci4: command 0x040f tx timeout [ 194.243810] Bluetooth: hci0: command 0x0409 tx timeout [ 195.075463] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 195.267541] Bluetooth: hci7: command 0x0409 tx timeout [ 195.908453] Bluetooth: hci2: command 0x0419 tx timeout [ 196.036019] Bluetooth: hci4: command 0x0419 tx timeout [ 196.292586] Bluetooth: hci0: command 0x041b tx timeout [ 197.315764] Bluetooth: hci7: command 0x041b tx timeout [ 198.340439] Bluetooth: hci0: command 0x040f tx timeout [ 199.365074] Bluetooth: hci7: command 0x040f tx timeout [ 200.131451] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 200.388434] Bluetooth: hci0: command 0x0419 tx timeout [ 200.452803] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 200.515443] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 201.412533] Bluetooth: hci7: command 0x0419 tx timeout [ 202.738819] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 202.746989] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 202.748131] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 202.755612] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 202.758141] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 202.761728] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 203.367889] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 203.371656] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 203.380278] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 203.403807] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 203.413653] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 203.444931] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 204.803497] Bluetooth: hci1: command 0x0409 tx timeout [ 205.380456] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 205.572494] Bluetooth: hci5: command 0x0409 tx timeout [ 206.852451] Bluetooth: hci1: command 0x041b tx timeout [ 207.620987] Bluetooth: hci5: command 0x041b tx timeout [ 208.694854] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 208.698327] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 208.707637] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 208.741859] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 208.753077] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 208.759762] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 208.901417] Bluetooth: hci1: command 0x040f tx timeout [ 209.668496] Bluetooth: hci5: command 0x040f tx timeout [ 210.500455] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 210.820667] Bluetooth: hci6: command 0x0409 tx timeout [ 210.947428] Bluetooth: hci1: command 0x0419 tx timeout [ 211.715615] Bluetooth: hci5: command 0x0419 tx timeout [ 212.870414] Bluetooth: hci6: command 0x041b tx timeout [ 213.350851] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 213.357818] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 213.372110] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 213.426658] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 213.479662] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 213.491648] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 214.918832] Bluetooth: hci6: command 0x040f tx timeout [ 215.555793] Bluetooth: hci3: command 0x0409 tx timeout [ 216.963653] Bluetooth: hci6: command 0x0419 tx timeout [ 217.606760] Bluetooth: hci3: command 0x041b tx timeout [ 219.651612] Bluetooth: hci3: command 0x040f tx timeout [ 221.700677] Bluetooth: hci3: command 0x0419 tx timeout [ 249.605208] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 249.611631] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 249.615697] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 249.647629] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 249.662648] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 249.665676] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 251.459722] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 251.716469] Bluetooth: hci4: command 0x0409 tx timeout [ 253.653255] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 253.660352] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 253.661685] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 253.669754] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 253.672882] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 253.674169] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 253.763444] Bluetooth: hci4: command 0x041b tx timeout [ 254.431041] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 254.434089] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 254.444580] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 254.455605] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 254.458286] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 254.462267] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 255.748752] Bluetooth: hci0: command 0x0409 tx timeout [ 255.813463] Bluetooth: hci4: command 0x040f tx timeout [ 256.131445] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 256.515493] Bluetooth: hci7: command 0x0409 tx timeout [ 257.796411] Bluetooth: hci0: command 0x041b tx timeout [ 257.859599] Bluetooth: hci4: command 0x0419 tx timeout [ 258.563740] Bluetooth: hci7: command 0x041b tx timeout [ 259.843453] Bluetooth: hci0: command 0x040f tx timeout [ 260.611440] Bluetooth: hci7: command 0x040f tx timeout [ 260.931775] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 261.892426] Bluetooth: hci0: command 0x0419 tx timeout [ 262.660481] Bluetooth: hci7: command 0x0419 tx timeout [ 263.696905] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 263.710256] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 263.719056] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 263.727328] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 263.733245] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 263.751811] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 264.761369] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 264.765576] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 264.766953] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 264.779336] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 264.782591] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 264.800655] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 265.862444] Bluetooth: hci1: command 0x0409 tx timeout [ 266.307447] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 266.820473] Bluetooth: hci5: command 0x0409 tx timeout [ 267.908646] Bluetooth: hci1: command 0x041b tx timeout [ 268.868483] Bluetooth: hci5: command 0x041b tx timeout [ 269.955433] Bluetooth: hci1: command 0x040f tx timeout [ 270.916484] Bluetooth: hci5: command 0x040f tx timeout [ 271.428587] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 272.003438] Bluetooth: hci1: command 0x0419 tx timeout [ 272.390571] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 272.963526] Bluetooth: hci5: command 0x0419 tx timeout [ 275.802024] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 275.804369] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 275.814739] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 275.822355] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 275.826124] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 275.827975] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 276.548672] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 277.572775] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 277.955571] Bluetooth: hci6: command 0x0409 tx timeout [ 280.004432] Bluetooth: hci6: command 0x041b tx timeout [ 281.412561] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 282.053191] Bluetooth: hci6: command 0x040f tx timeout [ 282.692663] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 284.101429] Bluetooth: hci6: command 0x0419 tx timeout [ 284.709981] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 284.712266] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 284.717657] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 284.756680] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 284.759360] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 284.764956] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 286.853461] Bluetooth: hci2: command 0x0409 tx timeout [ 287.493303] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 288.902579] Bluetooth: hci2: command 0x041b tx timeout [ 290.948716] Bluetooth: hci2: command 0x040f tx timeout [ 292.292439] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 292.996444] Bluetooth: hci2: command 0x0419 tx timeout [ 297.092541] Bluetooth: hci3: Opcode 0x c03 failed: -110 2023/08/20 14:28:03 executor 5 failed 11 times: executor 5: exit status 67 SYZFAIL: wrong response packet (errno 2: No such file or directory) loop exited with status 67 VM DIAGNOSIS: 14:28:03 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88802b8bf650 RCX=0000000000000000 RDX=0000000000000007 RSI=ffffffff8113bbcd RDI=0000000000000006 RBP=ffffffff8615caa2 RSP=ffff88802b8bf5d0 R8 =0000000000000006 R9 =ffffffff8182e89a R10=ffffffff8182e728 R11=0000000000000000 R12=0000000000000001 R13=ffffffff8615caa7 R14=ffff88802b8bf691 R15=00000000000215dd RIP=ffffffff8113bbf2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff60cdbf028 CR3=00000000272ec000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=636578650a3a73656d69742031312064 XMM02=6174732074697865203a3520726f7475 XMM03=203a4c4941465a59530a373620737574 XMM04=702065736e6f7073657220676e6f7277 XMM05=3a32206f6e72726528200a74656b6361 XMM06=726f20656c69662068637573206f4e20 XMM07=706f6f6c0a2979726f74636572696420 XMM08=3a3520726f7475636578650a3a73656d XMM09=0a373620737574617473207469786520 XMM10=7220676e6f7277203a4c4941465a5953 XMM11=200a74656b6361702065736e6f707365 XMM12=637573206f4e203a32206f6e72726528 XMM13=74636572696420726f20656c69662068 XMM14=64657469786520706f6f6c0a2979726f XMM15=0a373620737574617473206874697720 info registers vcpu 1 RAX=0000000000208040 RBX=1ffff110011b7f8a RCX=0000000000000000 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff813842d9 RBP=00000000fffff1a2 RSP=ffff888008dbfc48 R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff85d51ad7 R11=0000000000000001 R12=0000000000000001 R13=1ffffffff0a81e40 R14=ffff888008dbfc70 R15=ffff888008dbfd98 RIP=ffffffff845c9795 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff256b891f0 CR3=000000000a706000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=0000000000000000000000ff00000000 XMM02=00ff000000000000000000000000ff00 XMM03=0000000000ff000000000000ff000000 XMM04=0000ff00000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000