] FAULT_INJECTION: forcing a failure. [ 388.698523][T11570] name failslab, interval 1, probability 0, space 0, times 0 [ 388.711802][T11549] FAULT_INJECTION: forcing a failure. [ 388.711802][T11549] name failslab, interval 1, probability 0, space 0, times 0 [ 388.734330][T11570] CPU: 1 PID: 11570 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 388.743235][T11570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.753321][T11570] Call Trace: [ 388.756600][T11570] dump_stack_lvl+0xcd/0x134 [ 388.761196][T11570] should_fail.cold+0x5/0xa [ 388.765702][T11570] ? alloc_workqueue+0x16d/0xef0 [ 388.770754][T11570] should_failslab+0x5/0x10 [ 388.775257][T11570] __kmalloc+0x72/0x320 [ 388.779423][T11570] alloc_workqueue+0x16d/0xef0 [ 388.784186][T11570] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 388.790446][T11570] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 388.796163][T11570] ? snprintf+0xf0/0xf0 [ 388.800404][T11570] ? vsnprintf+0x283/0x14f0 [ 388.804907][T11570] hci_register_dev+0x1c4/0xbd0 [ 388.809763][T11570] ? __raw_spin_lock_init+0x36/0x110 [ 388.815059][T11570] hci_uart_tty_ioctl+0x8c5/0xc50 [ 388.820084][T11570] tty_ioctl+0xc69/0x1670 [ 388.824416][T11570] ? hci_uart_init_work+0x170/0x170 [ 388.829614][T11570] ? tty_lookup_driver+0x550/0x550 [ 388.834732][T11570] ? lock_downgrade+0x6e0/0x6e0 [ 388.839597][T11570] ? __fget_files+0x23d/0x3e0 [ 388.844278][T11570] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 388.850526][T11570] ? tty_lookup_driver+0x550/0x550 [ 388.855659][T11570] __x64_sys_ioctl+0x193/0x200 [ 388.860425][T11570] do_syscall_64+0x35/0xb0 [ 388.864840][T11570] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 388.870736][T11570] RIP: 0033:0x7f7481ae8a39 [ 388.875149][T11570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 388.894773][T11570] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 388.903187][T11570] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 388.911155][T11570] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 388.919121][T11570] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 388.927094][T11570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 388.935059][T11570] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 388.945861][ T148] Bluetooth: hci7: Frame reassembly failed (-84) [ 388.990462][T11549] CPU: 1 PID: 11549 Comm: syz-executor.2 Not tainted 5.15.0-rc6-syzkaller #0 [ 388.999272][T11549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.007453][T11570] Bluetooth: Can't register HCI device [ 389.009337][T11549] Call Trace: [ 389.009350][T11549] dump_stack_lvl+0xcd/0x134 [ 389.009386][T11549] should_fail.cold+0x5/0xa [ 389.009415][T11549] ? kobject_uevent_env+0x240/0x1650 [ 389.032494][T11549] should_failslab+0x5/0x10 [ 389.037023][T11549] kmem_cache_alloc_trace+0x55/0x3c0 [ 389.042340][T11549] ? dev_uevent_filter+0xd0/0xd0 [ 389.047385][T11549] kobject_uevent_env+0x240/0x1650 [ 389.052540][T11549] ? is_acpi_device_node+0x6a/0x80 [ 389.057736][T11549] ? dev_fwnode+0x79/0x90 [ 389.062157][T11549] device_del+0x809/0xd60 [ 389.066514][T11549] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 389.072865][T11549] ? _raw_read_unlock+0x24/0x40 [ 389.077736][T11549] ? hci_sock_dev_event+0xb7/0x570 [ 389.082876][T11549] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 389.088881][T11549] rfkill_unregister+0xcc/0x2c0 [ 389.093823][T11549] hci_unregister_dev+0x28b/0x5a0 [ 389.098870][T11549] hci_uart_tty_close+0x241/0x2a0 [ 389.103911][T11549] ? hci_uart_close+0x70/0x70 [ 389.108615][T11549] tty_ldisc_close+0x110/0x190 [ 389.113396][T11549] tty_set_ldisc+0x214/0x680 [ 389.118007][T11549] tty_ioctl+0xae0/0x1670 [ 389.122359][T11549] ? tty_lookup_driver+0x550/0x550 [ 389.127502][T11549] ? lock_downgrade+0x6e0/0x6e0 [ 389.132392][T11549] ? __fget_files+0x23d/0x3e0 [ 389.137092][T11549] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 389.143356][T11549] ? tty_lookup_driver+0x550/0x550 [ 389.148492][T11549] __x64_sys_ioctl+0x193/0x200 [ 389.153277][T11549] do_syscall_64+0x35/0xb0 [ 389.157707][T11549] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 389.163623][T11549] RIP: 0033:0x7f281dfb5a39 [ 389.168048][T11549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 07:55:44 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 6) [ 389.187704][T11549] RSP: 002b:00007f281b52b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 389.196141][T11549] RAX: ffffffffffffffda RBX: 00007f281e0b8f60 RCX: 00007f281dfb5a39 [ 389.204129][T11549] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 389.212117][T11549] RBP: 00007f281b52b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 389.220102][T11549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 389.228089][T11549] R13: 00007f281e5ecb2f R14: 00007f281b52b300 R15: 0000000000022000 [ 389.284197][T11590] FAULT_INJECTION: forcing a failure. [ 389.284197][T11590] name failslab, interval 1, probability 0, space 0, times 0 [ 389.318639][T11590] CPU: 1 PID: 11590 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 389.327448][T11590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.337520][T11590] Call Trace: [ 389.340811][T11590] dump_stack_lvl+0xcd/0x134 [ 389.345428][T11590] should_fail.cold+0x5/0xa [ 389.349963][T11590] ? alloc_workqueue_attrs+0x38/0x80 [ 389.355266][T11590] should_failslab+0x5/0x10 [ 389.359791][T11590] kmem_cache_alloc_trace+0x55/0x3c0 [ 389.365121][T11590] alloc_workqueue_attrs+0x38/0x80 [ 389.370258][T11590] alloc_workqueue+0x192/0xef0 [ 389.375043][T11590] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 389.381322][T11590] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 389.387064][T11590] ? snprintf+0xf0/0xf0 [ 389.391490][T11590] ? vsnprintf+0x283/0x14f0 [ 389.396024][T11590] hci_register_dev+0x1c4/0xbd0 [ 389.400904][T11590] ? __raw_spin_lock_init+0x36/0x110 [ 389.406321][T11590] hci_uart_tty_ioctl+0x8c5/0xc50 [ 389.411375][T11590] tty_ioctl+0xc69/0x1670 [ 389.415730][T11590] ? hci_uart_init_work+0x170/0x170 [ 389.420953][T11590] ? tty_lookup_driver+0x550/0x550 [ 389.426102][T11590] ? lock_downgrade+0x6e0/0x6e0 [ 389.430997][T11590] ? __fget_files+0x23d/0x3e0 [ 389.435701][T11590] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 389.441967][T11590] ? tty_lookup_driver+0x550/0x550 [ 389.447106][T11590] __x64_sys_ioctl+0x193/0x200 [ 389.451894][T11590] do_syscall_64+0x35/0xb0 [ 389.456334][T11590] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 389.462252][T11590] RIP: 0033:0x7f7481ae8a39 07:55:45 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) [ 389.466681][T11590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 389.486304][T11590] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 389.494745][T11590] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 389.502745][T11590] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 389.510752][T11590] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 389.518741][T11590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 389.526726][T11590] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 389.600283][ T6576] Bluetooth: hci9: sending frame failed (-49) [ 389.739101][T11590] Bluetooth: Can't register HCI device 07:55:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 7) 07:55:45 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 389.977525][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 390.040398][T11608] FAULT_INJECTION: forcing a failure. [ 390.040398][T11608] name failslab, interval 1, probability 0, space 0, times 0 [ 390.074482][T11608] CPU: 0 PID: 11608 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 390.083292][T11608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.093363][T11608] Call Trace: [ 390.096747][T11608] dump_stack_lvl+0xcd/0x134 [ 390.101367][T11608] should_fail.cold+0x5/0xa [ 390.105894][T11608] should_failslab+0x5/0x10 [ 390.110408][T11608] __kmalloc_track_caller+0x79/0x310 [ 390.115696][T11608] ? kasprintf+0xbb/0xf0 [ 390.120011][T11608] kvasprintf+0xb5/0x150 [ 390.124255][T11608] ? bust_spinlocks+0xe0/0xe0 [ 390.128945][T11608] kasprintf+0xbb/0xf0 [ 390.133016][T11608] ? kvasprintf_const+0x190/0x190 [ 390.138053][T11608] ? call_rcu_zapped+0xb0/0xb0 [ 390.142821][T11608] ? lockdep_unlock+0x11c/0x290 [ 390.147678][T11608] alloc_workqueue+0x45d/0xef0 [ 390.152441][T11608] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 390.158969][T11608] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 390.164798][T11608] ? vsnprintf+0x283/0x14f0 [ 390.169321][T11608] hci_register_dev+0x1c4/0xbd0 [ 390.174185][T11608] ? __raw_spin_lock_init+0x36/0x110 [ 390.179577][T11608] hci_uart_tty_ioctl+0x8c5/0xc50 [ 390.184616][T11608] tty_ioctl+0xc69/0x1670 [ 390.188954][T11608] ? hci_uart_init_work+0x170/0x170 [ 390.194169][T11608] ? tty_lookup_driver+0x550/0x550 [ 390.199294][T11608] ? lock_downgrade+0x6e0/0x6e0 [ 390.204157][T11608] ? __fget_files+0x23d/0x3e0 [ 390.208850][T11608] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 390.215108][T11608] ? tty_lookup_driver+0x550/0x550 [ 390.220243][T11608] __x64_sys_ioctl+0x193/0x200 [ 390.225017][T11608] do_syscall_64+0x35/0xb0 [ 390.229436][T11608] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 390.235333][T11608] RIP: 0033:0x7f7481ae8a39 [ 390.239758][T11608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 390.259363][T11608] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 390.267775][T11608] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 390.275752][T11608] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 390.283721][T11608] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 390.291698][T11608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 390.299675][T11608] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 390.763566][ T8227] Bluetooth: hci7: command 0x1003 tx timeout [ 390.771128][T10271] Bluetooth: hci7: sending frame failed (-49) [ 391.003405][ T8227] Bluetooth: hci10: command 0x1003 tx timeout [ 391.011225][ T8227] Bluetooth: hci8: command 0x1003 tx timeout [ 391.012358][T10271] Bluetooth: hci10: sending frame failed (-49) [ 391.027311][T10271] Bluetooth: hci8: sending frame failed (-49) [ 391.643064][ T8227] Bluetooth: hci9: command 0x1003 tx timeout [ 391.650798][T10271] Bluetooth: hci9: sending frame failed (-49) [ 392.043184][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 392.043445][ T8569] Bluetooth: hci6: command 0xfc11 tx timeout 07:55:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 8) [ 392.363027][ T20] Bluetooth: hci11: command 0xfc11 tx timeout [ 392.363506][ T6574] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 392.454438][T11621] FAULT_INJECTION: forcing a failure. [ 392.454438][T11621] name failslab, interval 1, probability 0, space 0, times 0 [ 392.469134][T11621] CPU: 0 PID: 11621 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 392.477932][T11621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.488005][T11621] Call Trace: [ 392.491298][T11621] dump_stack_lvl+0xcd/0x134 [ 392.495915][T11621] should_fail.cold+0x5/0xa [ 392.500447][T11621] ? apply_wqattrs_prepare+0xac/0x890 [ 392.505845][T11621] should_failslab+0x5/0x10 [ 392.510366][T11621] __kmalloc+0x72/0x320 [ 392.514557][T11621] apply_wqattrs_prepare+0xac/0x890 [ 392.519792][T11621] apply_workqueue_attrs_locked+0xc1/0x140 [ 392.525712][T11621] alloc_workqueue+0xa10/0xef0 [ 392.530510][T11621] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 392.536264][T11621] ? vsnprintf+0x283/0x14f0 [ 392.540790][T11621] hci_register_dev+0x1c4/0xbd0 [ 392.545664][T11621] ? __raw_spin_lock_init+0x36/0x110 [ 392.550976][T11621] hci_uart_tty_ioctl+0x8c5/0xc50 [ 392.556027][T11621] tty_ioctl+0xc69/0x1670 [ 392.560379][T11621] ? hci_uart_init_work+0x170/0x170 [ 392.565607][T11621] ? tty_lookup_driver+0x550/0x550 [ 392.570748][T11621] ? lock_downgrade+0x6e0/0x6e0 [ 392.575629][T11621] ? __fget_files+0x23d/0x3e0 [ 392.580330][T11621] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 392.586592][T11621] ? tty_lookup_driver+0x550/0x550 [ 392.591726][T11621] __x64_sys_ioctl+0x193/0x200 [ 392.596513][T11621] do_syscall_64+0x35/0xb0 [ 392.600948][T11621] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 392.606862][T11621] RIP: 0033:0x7f7481ae8a39 [ 392.611291][T11621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 392.630912][T11621] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 392.639345][T11621] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 392.647337][T11621] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 07:55:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 9) [ 392.655327][T11621] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 392.663316][T11621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 392.671360][T11621] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 392.690342][T11621] Bluetooth: Can't register HCI device [ 392.772196][T11625] FAULT_INJECTION: forcing a failure. [ 392.772196][T11625] name failslab, interval 1, probability 0, space 0, times 0 [ 392.787051][T11625] CPU: 0 PID: 11625 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 392.795846][T11625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.805917][T11625] Call Trace: [ 392.809207][T11625] dump_stack_lvl+0xcd/0x134 [ 392.813823][T11625] should_fail.cold+0x5/0xa [ 392.818351][T11625] ? apply_wqattrs_prepare+0xac/0x890 [ 392.823740][T11625] should_failslab+0x5/0x10 [ 392.828263][T11625] __kmalloc+0x72/0x320 [ 392.832457][T11625] apply_wqattrs_prepare+0xac/0x890 [ 392.837691][T11625] apply_workqueue_attrs_locked+0xc1/0x140 [ 392.842977][ T20] Bluetooth: hci7: command 0x1001 tx timeout [ 392.843520][T11625] alloc_workqueue+0xa10/0xef0 [ 392.854257][T11625] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 392.860018][T11625] ? vsnprintf+0x283/0x14f0 [ 392.864542][T11625] hci_register_dev+0x1c4/0xbd0 [ 392.869416][T11625] ? __raw_spin_lock_init+0x36/0x110 [ 392.873546][ T6574] Bluetooth: hci7: sending frame failed (-49) [ 392.874731][T11625] hci_uart_tty_ioctl+0x8c5/0xc50 [ 392.885788][T11625] tty_ioctl+0xc69/0x1670 [ 392.890139][T11625] ? hci_uart_init_work+0x170/0x170 [ 392.895357][T11625] ? tty_lookup_driver+0x550/0x550 [ 392.900502][T11625] ? lock_downgrade+0x6e0/0x6e0 [ 392.905390][T11625] ? __fget_files+0x23d/0x3e0 [ 392.910094][T11625] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 392.916356][T11625] ? tty_lookup_driver+0x550/0x550 [ 392.921493][T11625] __x64_sys_ioctl+0x193/0x200 [ 392.926279][T11625] do_syscall_64+0x35/0xb0 [ 392.930709][T11625] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 392.936622][T11625] RIP: 0033:0x7f7481ae8a39 [ 392.941049][T11625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 392.960668][T11625] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 07:55:48 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x2, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 392.969107][T11625] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 392.977096][T11625] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 392.985084][T11625] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 392.993069][T11625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 393.001051][T11625] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 393.010677][T11625] Bluetooth: Can't register HCI device 07:55:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 10) [ 393.083607][ T20] Bluetooth: hci8: command 0x1001 tx timeout [ 393.090169][ T6574] Bluetooth: hci8: sending frame failed (-49) [ 393.097123][ T20] Bluetooth: hci10: command 0x1001 tx timeout [ 393.104007][ T6574] Bluetooth: hci10: sending frame failed (-49) [ 393.120228][T11630] FAULT_INJECTION: forcing a failure. [ 393.120228][T11630] name failslab, interval 1, probability 0, space 0, times 0 [ 393.143641][T11630] CPU: 0 PID: 11630 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 393.152443][T11630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.162518][T11630] Call Trace: [ 393.165813][T11630] dump_stack_lvl+0xcd/0x134 [ 393.170432][T11630] should_fail.cold+0x5/0xa [ 393.174962][T11630] ? alloc_workqueue_attrs+0x38/0x80 [ 393.180268][T11630] should_failslab+0x5/0x10 [ 393.184794][T11630] kmem_cache_alloc_trace+0x55/0x3c0 [ 393.190116][T11630] alloc_workqueue_attrs+0x38/0x80 [ 393.195248][T11630] apply_wqattrs_prepare+0xbc/0x890 [ 393.200481][T11630] apply_workqueue_attrs_locked+0xc1/0x140 [ 393.206316][T11630] alloc_workqueue+0xa10/0xef0 [ 393.211109][T11630] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 393.216868][T11630] ? vsnprintf+0x283/0x14f0 [ 393.221393][T11630] hci_register_dev+0x1c4/0xbd0 [ 393.226278][T11630] ? __raw_spin_lock_init+0x36/0x110 [ 393.231596][T11630] hci_uart_tty_ioctl+0x8c5/0xc50 [ 393.236647][T11630] tty_ioctl+0xc69/0x1670 [ 393.240998][T11630] ? hci_uart_init_work+0x170/0x170 [ 393.246219][T11630] ? tty_lookup_driver+0x550/0x550 [ 393.251361][T11630] ? lock_downgrade+0x6e0/0x6e0 [ 393.256260][T11630] ? __fget_files+0x23d/0x3e0 [ 393.260957][T11630] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 393.267221][T11630] ? tty_lookup_driver+0x550/0x550 [ 393.272356][T11630] __x64_sys_ioctl+0x193/0x200 [ 393.277147][T11630] do_syscall_64+0x35/0xb0 [ 393.281583][T11630] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 393.287521][T11630] RIP: 0033:0x7f7481ae8a39 [ 393.291949][T11630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 393.311573][T11630] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 393.320011][T11630] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 393.328001][T11630] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 393.335992][T11630] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 393.343981][T11630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 393.351966][T11630] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 393.368318][T11630] Bluetooth: Can't register HCI device [ 393.723120][ T31] Bluetooth: hci9: command 0x1001 tx timeout [ 393.729849][ T6576] Bluetooth: hci9: sending frame failed (-49) [ 394.922932][ T31] Bluetooth: hci7: command 0x1009 tx timeout [ 395.173406][ T31] Bluetooth: hci10: command 0x1009 tx timeout [ 395.179552][ T31] Bluetooth: hci8: command 0x1009 tx timeout [ 395.402836][ T8227] Bluetooth: hci11: command 0xfc11 tx timeout [ 395.414536][ T6574] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 395.802942][ T8458] Bluetooth: hci9: command 0x1009 tx timeout 07:55:55 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 11) 07:55:55 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x10, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:55:55 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:55:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) 07:55:55 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 399.564814][T11664] FAULT_INJECTION: forcing a failure. [ 399.564814][T11664] name failslab, interval 1, probability 0, space 0, times 0 [ 399.616019][T11664] CPU: 1 PID: 11664 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 399.624844][T11664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.634954][T11664] Call Trace: [ 399.638255][T11664] dump_stack_lvl+0xcd/0x134 [ 399.642877][T11664] should_fail.cold+0x5/0xa [ 399.647409][T11664] ? alloc_workqueue_attrs+0x38/0x80 [ 399.652723][T11664] should_failslab+0x5/0x10 [ 399.657251][T11664] kmem_cache_alloc_trace+0x55/0x3c0 [ 399.662574][T11664] alloc_workqueue_attrs+0x38/0x80 [ 399.667709][T11664] apply_wqattrs_prepare+0xbc/0x890 [ 399.672953][T11664] apply_workqueue_attrs_locked+0xc1/0x140 [ 399.678786][T11664] alloc_workqueue+0xa10/0xef0 [ 399.683588][T11664] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 399.689353][T11664] ? vsnprintf+0x283/0x14f0 [ 399.693879][T11664] hci_register_dev+0x1c4/0xbd0 [ 399.698755][T11664] ? __raw_spin_lock_init+0x36/0x110 [ 399.704075][T11664] hci_uart_tty_ioctl+0x8c5/0xc50 [ 399.709129][T11664] tty_ioctl+0xc69/0x1670 [ 399.713482][T11664] ? hci_uart_init_work+0x170/0x170 [ 399.718706][T11664] ? tty_lookup_driver+0x550/0x550 [ 399.723853][T11664] ? lock_downgrade+0x6e0/0x6e0 [ 399.728743][T11664] ? __fget_files+0x23d/0x3e0 [ 399.733447][T11664] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 399.739714][T11664] ? tty_lookup_driver+0x550/0x550 [ 399.744854][T11664] __x64_sys_ioctl+0x193/0x200 [ 399.749645][T11664] do_syscall_64+0x35/0xb0 [ 399.754082][T11664] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 399.760080][T11664] RIP: 0033:0x7f7481ae8a39 [ 399.764510][T11664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 399.784138][T11664] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 399.792571][T11664] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 399.800651][T11664] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 399.808641][T11664] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 399.816642][T11664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 399.824622][T11664] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 399.928888][T11664] Bluetooth: Can't register HCI device 07:55:55 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) 07:55:55 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 12) [ 400.186318][T11693] FAULT_INJECTION: forcing a failure. [ 400.186318][T11693] name failslab, interval 1, probability 0, space 0, times 0 [ 400.215899][T11693] CPU: 1 PID: 11693 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 400.224701][T11693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.234772][T11693] Call Trace: [ 400.238056][T11693] dump_stack_lvl+0xcd/0x134 [ 400.242663][T11693] should_fail.cold+0x5/0xa [ 400.247188][T11693] ? alloc_workqueue+0x16d/0xef0 [ 400.252149][T11693] should_failslab+0x5/0x10 [ 400.257201][T11693] __kmalloc+0x72/0x320 [ 400.261392][T11693] alloc_workqueue+0x16d/0xef0 [ 400.266193][T11693] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 400.272058][T11693] ? vsnprintf+0x283/0x14f0 [ 400.276587][T11693] hci_register_dev+0x216/0xbd0 [ 400.281474][T11693] hci_uart_tty_ioctl+0x8c5/0xc50 [ 400.286527][T11693] tty_ioctl+0xc69/0x1670 [ 400.290882][T11693] ? hci_uart_init_work+0x170/0x170 [ 400.296121][T11693] ? tty_lookup_driver+0x550/0x550 [ 400.301269][T11693] ? lock_downgrade+0x6e0/0x6e0 [ 400.306156][T11693] ? __fget_files+0x23d/0x3e0 [ 400.310872][T11693] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 400.317146][T11693] ? tty_lookup_driver+0x550/0x550 [ 400.322295][T11693] __x64_sys_ioctl+0x193/0x200 [ 400.327086][T11693] do_syscall_64+0x35/0xb0 [ 400.331528][T11693] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 400.337451][T11693] RIP: 0033:0x7f7481ae8a39 [ 400.341883][T11693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 400.361506][T11693] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 400.369941][T11693] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 400.377931][T11693] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 400.385914][T11693] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 400.393881][T11693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 400.401943][T11693] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 07:55:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:55:56 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 13) [ 400.501758][T11693] Bluetooth: Can't register HCI device [ 400.596057][T11703] FAULT_INJECTION: forcing a failure. [ 400.596057][T11703] name failslab, interval 1, probability 0, space 0, times 0 [ 400.615163][T11703] CPU: 1 PID: 11703 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 400.623970][T11703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.634040][T11703] Call Trace: [ 400.637331][T11703] dump_stack_lvl+0xcd/0x134 [ 400.641949][T11703] should_fail.cold+0x5/0xa [ 400.646476][T11703] should_failslab+0x5/0x10 [ 400.650997][T11703] kmem_cache_alloc_node+0x65/0x3d0 [ 400.656218][T11703] ? alloc_unbound_pwq+0x4a5/0xcd0 [ 400.661353][T11703] alloc_unbound_pwq+0x4a5/0xcd0 [ 400.666322][T11703] apply_wqattrs_prepare+0x2b6/0x890 [ 400.671639][T11703] apply_workqueue_attrs_locked+0xc1/0x140 [ 400.677470][T11703] alloc_workqueue+0xa10/0xef0 [ 400.682264][T11703] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 400.688025][T11703] ? vsnprintf+0x283/0x14f0 [ 400.692547][T11703] hci_register_dev+0x1c4/0xbd0 [ 400.697417][T11703] ? __raw_spin_lock_init+0x36/0x110 [ 400.702731][T11703] hci_uart_tty_ioctl+0x8c5/0xc50 [ 400.707785][T11703] tty_ioctl+0xc69/0x1670 [ 400.712135][T11703] ? hci_uart_init_work+0x170/0x170 [ 400.717361][T11703] ? tty_lookup_driver+0x550/0x550 [ 400.722504][T11703] ? lock_downgrade+0x6e0/0x6e0 [ 400.727391][T11703] ? __fget_files+0x23d/0x3e0 [ 400.732092][T11703] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 400.738371][T11703] ? tty_lookup_driver+0x550/0x550 [ 400.743510][T11703] __x64_sys_ioctl+0x193/0x200 [ 400.748295][T11703] do_syscall_64+0x35/0xb0 [ 400.752723][T11703] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 400.758638][T11703] RIP: 0033:0x7f7481ae8a39 [ 400.763059][T11703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 400.782685][T11703] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 400.791118][T11703] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 400.799116][T11703] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 400.807108][T11703] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 400.815099][T11703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 400.823090][T11703] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 400.857006][T11703] Bluetooth: Can't register HCI device 07:55:56 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 14) [ 401.040527][T11714] FAULT_INJECTION: forcing a failure. [ 401.040527][T11714] name failslab, interval 1, probability 0, space 0, times 0 [ 401.066924][T11714] CPU: 1 PID: 11714 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 401.075755][T11714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.085824][T11714] Call Trace: [ 401.089116][T11714] dump_stack_lvl+0xcd/0x134 [ 401.093735][T11714] should_fail.cold+0x5/0xa [ 401.098264][T11714] ? alloc_workqueue_attrs+0x38/0x80 [ 401.103568][T11714] should_failslab+0x5/0x10 [ 401.108090][T11714] kmem_cache_alloc_trace+0x55/0x3c0 [ 401.113414][T11714] alloc_workqueue_attrs+0x38/0x80 [ 401.118550][T11714] alloc_workqueue+0x192/0xef0 [ 401.123344][T11714] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 401.129107][T11714] ? vsnprintf+0x283/0x14f0 [ 401.133634][T11714] hci_register_dev+0x216/0xbd0 [ 401.138517][T11714] hci_uart_tty_ioctl+0x8c5/0xc50 [ 401.143571][T11714] tty_ioctl+0xc69/0x1670 [ 401.147921][T11714] ? hci_uart_init_work+0x170/0x170 [ 401.153143][T11714] ? tty_lookup_driver+0x550/0x550 [ 401.158293][T11714] ? lock_downgrade+0x6e0/0x6e0 [ 401.163178][T11714] ? __fget_files+0x23d/0x3e0 [ 401.167877][T11714] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 401.174143][T11714] ? tty_lookup_driver+0x550/0x550 [ 401.179285][T11714] __x64_sys_ioctl+0x193/0x200 [ 401.184073][T11714] do_syscall_64+0x35/0xb0 [ 401.188502][T11714] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 401.194400][T11714] RIP: 0033:0x7f7481ae8a39 [ 401.198812][T11714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 401.218414][T11714] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 401.226837][T11714] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 401.234803][T11714] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 401.242768][T11714] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 401.250746][T11714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 401.258710][T11714] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 401.285959][T11714] Bluetooth: Can't register HCI device 07:55:56 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 15) [ 401.359192][T11718] FAULT_INJECTION: forcing a failure. [ 401.359192][T11718] name failslab, interval 1, probability 0, space 0, times 0 [ 401.372095][T11718] CPU: 0 PID: 11718 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 401.380889][T11718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.391049][T11718] Call Trace: [ 401.394345][T11718] dump_stack_lvl+0xcd/0x134 [ 401.398963][T11718] should_fail.cold+0x5/0xa [ 401.403494][T11718] ? apply_wqattrs_prepare+0xac/0x890 [ 401.408887][T11718] should_failslab+0x5/0x10 [ 401.413409][T11718] __kmalloc+0x72/0x320 [ 401.417608][T11718] apply_wqattrs_prepare+0xac/0x890 [ 401.422946][T11718] apply_workqueue_attrs_locked+0xc1/0x140 [ 401.428776][T11718] alloc_workqueue+0xa10/0xef0 [ 401.433569][T11718] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 401.439328][T11718] ? vsnprintf+0x283/0x14f0 [ 401.443854][T11718] hci_register_dev+0x216/0xbd0 [ 401.448825][T11718] hci_uart_tty_ioctl+0x8c5/0xc50 [ 401.453880][T11718] tty_ioctl+0xc69/0x1670 [ 401.458234][T11718] ? hci_uart_init_work+0x170/0x170 [ 401.463454][T11718] ? tty_lookup_driver+0x550/0x550 [ 401.468596][T11718] ? lock_downgrade+0x6e0/0x6e0 [ 401.473486][T11718] ? __fget_files+0x23d/0x3e0 [ 401.478189][T11718] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 401.484455][T11718] ? tty_lookup_driver+0x550/0x550 [ 401.489594][T11718] __x64_sys_ioctl+0x193/0x200 [ 401.494380][T11718] do_syscall_64+0x35/0xb0 [ 401.498845][T11718] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 401.504809][T11718] RIP: 0033:0x7f7481ae8a39 [ 401.509215][T11718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 401.528837][T11718] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 401.537250][T11718] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 401.545223][T11718] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 07:55:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 16) [ 401.553210][T11718] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 401.561203][T11718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 401.569187][T11718] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 401.588931][T11718] Bluetooth: Can't register HCI device [ 401.642753][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 401.642799][ T150] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 401.652305][ T8600] Bluetooth: hci7: command 0xfc11 tx timeout [ 401.723857][T11726] FAULT_INJECTION: forcing a failure. [ 401.723857][T11726] name failslab, interval 1, probability 0, space 0, times 0 [ 401.736970][T11726] CPU: 0 PID: 11726 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 401.745757][T11726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.755826][T11726] Call Trace: [ 401.759117][T11726] dump_stack_lvl+0xcd/0x134 [ 401.763734][T11726] should_fail.cold+0x5/0xa [ 401.768261][T11726] ? alloc_workqueue_attrs+0x38/0x80 [ 401.773568][T11726] should_failslab+0x5/0x10 [ 401.778094][T11726] kmem_cache_alloc_trace+0x55/0x3c0 [ 401.783418][T11726] alloc_workqueue_attrs+0x38/0x80 [ 401.788551][T11726] apply_wqattrs_prepare+0xb4/0x890 [ 401.793794][T11726] apply_workqueue_attrs_locked+0xc1/0x140 [ 401.799631][T11726] alloc_workqueue+0xa10/0xef0 [ 401.804426][T11726] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 401.810188][T11726] ? vsnprintf+0x283/0x14f0 [ 401.814717][T11726] hci_register_dev+0x216/0xbd0 [ 401.819601][T11726] hci_uart_tty_ioctl+0x8c5/0xc50 [ 401.824657][T11726] tty_ioctl+0xc69/0x1670 [ 401.829005][T11726] ? hci_uart_init_work+0x170/0x170 [ 401.834249][T11726] ? tty_lookup_driver+0x550/0x550 [ 401.839396][T11726] ? lock_downgrade+0x6e0/0x6e0 [ 401.844287][T11726] ? __fget_files+0x23d/0x3e0 [ 401.848992][T11726] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 401.855258][T11726] ? tty_lookup_driver+0x550/0x550 [ 401.860397][T11726] __x64_sys_ioctl+0x193/0x200 [ 401.865185][T11726] do_syscall_64+0x35/0xb0 [ 401.869624][T11726] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 401.875542][T11726] RIP: 0033:0x7f7481ae8a39 [ 401.879975][T11726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 401.899599][T11726] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 401.908023][T11726] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 401.915984][T11726] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 401.923945][T11726] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 401.931935][T11726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 401.939909][T11726] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 401.958733][T11726] Bluetooth: Can't register HCI device 07:55:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 17) [ 401.976299][ T8600] Bluetooth: hci11: command 0x1003 tx timeout [ 401.996842][ T150] Bluetooth: hci11: sending frame failed (-49) [ 402.033893][T11732] FAULT_INJECTION: forcing a failure. [ 402.033893][T11732] name failslab, interval 1, probability 0, space 0, times 0 [ 402.046773][T11732] CPU: 0 PID: 11732 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 402.055556][T11732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.065631][T11732] Call Trace: [ 402.068925][T11732] dump_stack_lvl+0xcd/0x134 [ 402.073541][T11732] should_fail.cold+0x5/0xa [ 402.078076][T11732] ? alloc_workqueue_attrs+0x38/0x80 [ 402.083381][T11732] should_failslab+0x5/0x10 [ 402.087900][T11732] kmem_cache_alloc_trace+0x55/0x3c0 [ 402.093222][T11732] alloc_workqueue_attrs+0x38/0x80 [ 402.098354][T11732] apply_wqattrs_prepare+0xbc/0x890 [ 402.103597][T11732] apply_workqueue_attrs_locked+0xc1/0x140 [ 402.109431][T11732] alloc_workqueue+0xa10/0xef0 [ 402.114237][T11732] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 402.120003][T11732] ? vsnprintf+0x283/0x14f0 [ 402.124529][T11732] hci_register_dev+0x216/0xbd0 [ 402.129421][T11732] hci_uart_tty_ioctl+0x8c5/0xc50 [ 402.134470][T11732] tty_ioctl+0xc69/0x1670 [ 402.138819][T11732] ? hci_uart_init_work+0x170/0x170 [ 402.144041][T11732] ? tty_lookup_driver+0x550/0x550 [ 402.149189][T11732] ? lock_downgrade+0x6e0/0x6e0 [ 402.154079][T11732] ? __fget_files+0x23d/0x3e0 [ 402.158784][T11732] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 402.165053][T11732] ? tty_lookup_driver+0x550/0x550 [ 402.170199][T11732] __x64_sys_ioctl+0x193/0x200 [ 402.174985][T11732] do_syscall_64+0x35/0xb0 [ 402.179393][T11732] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 402.185287][T11732] RIP: 0033:0x7f7481ae8a39 [ 402.189712][T11732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 402.209334][T11732] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 402.217738][T11732] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 402.225701][T11732] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 402.233738][T11732] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 402.241718][T11732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 402.249693][T11732] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 402.301921][T11732] Bluetooth: Can't register HCI device [ 402.442494][ T8458] Bluetooth: hci9: command 0x1003 tx timeout [ 402.448762][ T150] Bluetooth: hci9: sending frame failed (-49) 07:55:58 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4c01, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:55:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 402.614294][ T8] Bluetooth: hci7: Frame reassembly failed (-84) [ 402.922754][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 402.932067][ T1726] Bluetooth: hci8: command tx timeout [ 404.042661][ T1726] Bluetooth: hci11: command 0x1001 tx timeout [ 404.055645][T10178] Bluetooth: hci11: sending frame failed (-49) [ 404.522522][ T1726] Bluetooth: hci9: command 0x1001 tx timeout [ 404.530623][T10178] Bluetooth: hci9: sending frame failed (-49) [ 404.682565][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 404.688772][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 404.692395][ T8600] Bluetooth: hci6: command 0xfc11 tx timeout [ 404.699351][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 406.122404][ T8458] Bluetooth: hci11: command 0x1009 tx timeout [ 406.602417][ T1726] Bluetooth: hci9: command 0x1009 tx timeout [ 407.322293][ T1726] Bluetooth: hci6: command 0xfc11 tx timeout [ 407.322339][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) 07:56:06 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5409, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:06 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 18) [ 410.379235][T11779] FAULT_INJECTION: forcing a failure. [ 410.379235][T11779] name failslab, interval 1, probability 0, space 0, times 0 [ 410.400406][T11779] CPU: 1 PID: 11779 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 410.409211][T11779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.419284][T11779] Call Trace: [ 410.422578][T11779] dump_stack_lvl+0xcd/0x134 [ 410.427195][T11779] should_fail.cold+0x5/0xa [ 410.431729][T11779] should_failslab+0x5/0x10 [ 410.436253][T11779] kmem_cache_alloc_node+0x65/0x3d0 [ 410.441476][T11779] ? alloc_unbound_pwq+0x4a5/0xcd0 [ 410.446614][T11779] alloc_unbound_pwq+0x4a5/0xcd0 [ 410.451589][T11779] apply_wqattrs_prepare+0x2b6/0x890 [ 410.456914][T11779] apply_workqueue_attrs_locked+0xc1/0x140 [ 410.462749][T11779] alloc_workqueue+0xa10/0xef0 [ 410.467544][T11779] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 410.473304][T11779] ? vsnprintf+0x283/0x14f0 [ 410.477831][T11779] hci_register_dev+0x216/0xbd0 [ 410.482720][T11779] hci_uart_tty_ioctl+0x8c5/0xc50 [ 410.487772][T11779] tty_ioctl+0xc69/0x1670 [ 410.492121][T11779] ? hci_uart_init_work+0x170/0x170 [ 410.497343][T11779] ? tty_lookup_driver+0x550/0x550 [ 410.502484][T11779] ? lock_downgrade+0x6e0/0x6e0 [ 410.507364][T11779] ? __fget_files+0x23d/0x3e0 [ 410.512052][T11779] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 410.518329][T11779] ? tty_lookup_driver+0x550/0x550 [ 410.523465][T11779] __x64_sys_ioctl+0x193/0x200 [ 410.528238][T11779] do_syscall_64+0x35/0xb0 [ 410.532656][T11779] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 410.538743][T11779] RIP: 0033:0x7f7481ae8a39 [ 410.543157][T11779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 410.562760][T11779] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 410.571171][T11779] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 410.579141][T11779] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 410.587123][T11779] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 410.595091][T11779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 410.603058][T11779] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 410.671088][T11779] Bluetooth: Can't register HCI device 07:56:06 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) 07:56:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4c01, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:06 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:06 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 19) [ 411.042895][T11795] FAULT_INJECTION: forcing a failure. [ 411.042895][T11795] name failslab, interval 1, probability 0, space 0, times 0 [ 411.056035][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 411.079717][T11795] CPU: 0 PID: 11795 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 411.088528][T11795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.098607][T11795] Call Trace: [ 411.101901][T11795] dump_stack_lvl+0xcd/0x134 [ 411.106515][T11795] should_fail.cold+0x5/0xa [ 411.111041][T11795] ? alloc_workqueue_attrs+0x38/0x80 [ 411.116348][T11795] should_failslab+0x5/0x10 [ 411.120869][T11795] kmem_cache_alloc_trace+0x55/0x3c0 [ 411.126192][T11795] alloc_workqueue_attrs+0x38/0x80 [ 411.131327][T11795] apply_wqattrs_prepare+0xbc/0x890 [ 411.136569][T11795] apply_workqueue_attrs_locked+0xc1/0x140 [ 411.142409][T11795] alloc_workqueue+0xa10/0xef0 [ 411.147211][T11795] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 411.152976][T11795] ? vsnprintf+0x283/0x14f0 [ 411.157511][T11795] hci_register_dev+0x216/0xbd0 [ 411.162400][T11795] hci_uart_tty_ioctl+0x8c5/0xc50 [ 411.167459][T11795] tty_ioctl+0xc69/0x1670 [ 411.171816][T11795] ? hci_uart_init_work+0x170/0x170 [ 411.177043][T11795] ? tty_lookup_driver+0x550/0x550 [ 411.182197][T11795] ? lock_downgrade+0x6e0/0x6e0 [ 411.187094][T11795] ? __fget_files+0x23d/0x3e0 [ 411.191801][T11795] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 411.198066][T11795] ? tty_lookup_driver+0x550/0x550 [ 411.203214][T11795] __x64_sys_ioctl+0x193/0x200 [ 411.208096][T11795] do_syscall_64+0x35/0xb0 [ 411.212530][T11795] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 411.218449][T11795] RIP: 0033:0x7f7481ae8a39 [ 411.222878][T11795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 411.242506][T11795] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 411.250942][T11795] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 411.258905][T11795] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 411.266870][T11795] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 411.274848][T11795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 411.282923][T11795] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 411.348307][T11795] Bluetooth: Can't register HCI device 07:56:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 20) [ 411.468673][T11815] FAULT_INJECTION: forcing a failure. [ 411.468673][T11815] name failslab, interval 1, probability 0, space 0, times 0 [ 411.482582][T11815] CPU: 0 PID: 11815 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 411.491384][T11815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.501454][T11815] Call Trace: [ 411.504742][T11815] dump_stack_lvl+0xcd/0x134 [ 411.509359][T11815] should_fail.cold+0x5/0xa [ 411.513882][T11815] ? alloc_inode+0x161/0x230 [ 411.518498][T11815] should_failslab+0x5/0x10 [ 411.523016][T11815] kmem_cache_alloc+0x5e/0x390 [ 411.527807][T11815] alloc_inode+0x161/0x230 [ 411.532247][T11815] new_inode+0x27/0x2f0 [ 411.536435][T11815] debugfs_get_inode+0x1a/0x130 [ 411.541462][T11815] debugfs_create_dir+0xde/0x500 [ 411.546428][T11815] hci_register_dev+0x2a7/0xbd0 [ 411.551309][T11815] hci_uart_tty_ioctl+0x8c5/0xc50 [ 411.556358][T11815] tty_ioctl+0xc69/0x1670 [ 411.560703][T11815] ? hci_uart_init_work+0x170/0x170 [ 411.565925][T11815] ? tty_lookup_driver+0x550/0x550 [ 411.571065][T11815] ? lock_downgrade+0x6e0/0x6e0 [ 411.575964][T11815] ? __fget_files+0x23d/0x3e0 [ 411.580636][T11815] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 411.586907][T11815] ? tty_lookup_driver+0x550/0x550 [ 411.592020][T11815] __x64_sys_ioctl+0x193/0x200 [ 411.596805][T11815] do_syscall_64+0x35/0xb0 [ 411.601239][T11815] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 411.607154][T11815] RIP: 0033:0x7f7481ae8a39 [ 411.611580][T11815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 411.631173][T11815] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 411.639576][T11815] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 411.647546][T11815] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 411.655508][T11815] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 07:56:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 411.663476][T11815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 411.671432][T11815] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 411.699539][T11815] debugfs: out of free dentries, can not create directory 'hci8' [ 411.715404][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 412.682004][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 412.692269][ T6574] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 413.082035][ T8227] Bluetooth: hci6: command 0xfc11 tx timeout [ 413.082082][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) 07:56:08 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540b, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 413.277459][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 413.322217][ T8227] Bluetooth: hci10: command 0x1003 tx timeout [ 413.328572][ T6574] Bluetooth: hci10: sending frame failed (-49) [ 413.411906][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 413.421232][ T8227] Bluetooth: hci9: command tx timeout 07:56:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 413.655919][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) 07:56:09 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 21) [ 413.722040][ T8227] Bluetooth: hci8: command 0xfc11 tx timeout [ 413.728224][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 413.802077][ T31] Bluetooth: hci11: command 0xfc11 tx timeout [ 413.802308][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 413.866990][T11856] FAULT_INJECTION: forcing a failure. [ 413.866990][T11856] name failslab, interval 1, probability 0, space 0, times 0 [ 413.899370][T11856] CPU: 1 PID: 11856 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 413.908185][T11856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 413.918254][T11856] Call Trace: [ 413.921545][T11856] dump_stack_lvl+0xcd/0x134 [ 413.926165][T11856] should_fail.cold+0x5/0xa [ 413.930690][T11856] ? security_inode_alloc+0x34/0x160 [ 413.935994][T11856] should_failslab+0x5/0x10 [ 413.940515][T11856] kmem_cache_alloc+0x5e/0x390 [ 413.945308][T11856] security_inode_alloc+0x34/0x160 [ 413.950439][T11856] inode_init_always+0x5d8/0xe10 [ 413.955407][T11856] alloc_inode+0x82/0x230 [ 413.959762][T11856] new_inode+0x27/0x2f0 [ 413.963948][T11856] debugfs_get_inode+0x1a/0x130 [ 413.968823][T11856] debugfs_create_dir+0xde/0x500 [ 413.973792][T11856] hci_register_dev+0x2a7/0xbd0 [ 413.978665][T11856] hci_uart_tty_ioctl+0x8c5/0xc50 [ 413.983696][T11856] tty_ioctl+0xc69/0x1670 [ 413.988025][T11856] ? hci_uart_init_work+0x170/0x170 [ 413.993225][T11856] ? tty_lookup_driver+0x550/0x550 [ 413.998359][T11856] ? lock_downgrade+0x6e0/0x6e0 [ 414.003225][T11856] ? __fget_files+0x23d/0x3e0 [ 414.007905][T11856] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 414.014148][T11856] ? tty_lookup_driver+0x550/0x550 [ 414.019267][T11856] __x64_sys_ioctl+0x193/0x200 [ 414.024034][T11856] do_syscall_64+0x35/0xb0 [ 414.028453][T11856] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 414.034353][T11856] RIP: 0033:0x7f7481ae8a39 [ 414.038770][T11856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 414.058376][T11856] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 07:56:09 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5409, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 414.066793][T11856] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 414.074779][T11856] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 414.082744][T11856] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 414.090729][T11856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 414.098701][T11856] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 414.271925][T11856] debugfs: out of free dentries, can not create directory 'hci8' 07:56:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 414.580910][T10271] Bluetooth: hci11: sending frame failed (-49) [ 415.321920][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 415.322022][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 415.402295][ T8458] Bluetooth: hci10: command 0x1001 tx timeout [ 415.409318][T10023] Bluetooth: hci10: sending frame failed (-49) [ 415.721886][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 415.728082][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 416.362004][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 416.363132][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 416.371190][ T8227] Bluetooth: hci8: command tx timeout [ 416.601877][ T8227] Bluetooth: hci11: command 0xfc11 tx timeout [ 416.602085][ T6574] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 417.481747][ T8600] Bluetooth: hci10: command 0x1009 tx timeout [ 417.881897][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 417.890659][ T1726] Bluetooth: hci6: command tx timeout 07:56:17 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540c, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:17 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 22) 07:56:17 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:17 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5409, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:17 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:17 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 421.905963][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 421.945065][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 421.994649][T11928] FAULT_INJECTION: forcing a failure. [ 421.994649][T11928] name failslab, interval 1, probability 0, space 0, times 0 [ 422.009548][T11928] CPU: 1 PID: 11928 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 422.018371][T11928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 422.028452][T11928] Call Trace: [ 422.031730][T11928] dump_stack_lvl+0xcd/0x134 [ 422.036332][T11928] should_fail.cold+0x5/0xa [ 422.040841][T11928] should_failslab+0x5/0x10 [ 422.045341][T11928] __kmalloc_track_caller+0x79/0x310 [ 422.050628][T11928] ? kstrdup_const+0x53/0x80 [ 422.055307][T11928] kstrdup+0x36/0x70 [ 422.059204][T11928] kstrdup_const+0x53/0x80 [ 422.063636][T11928] kvasprintf_const+0x108/0x190 [ 422.068491][T11928] kobject_set_name_vargs+0x56/0x150 [ 422.073777][T11928] dev_set_name+0xbb/0xf0 [ 422.078104][T11928] ? device_initialize+0x560/0x560 [ 422.083217][T11928] ? up_write+0x148/0x470 [ 422.087552][T11928] hci_register_dev+0x2ee/0xbd0 [ 422.092417][T11928] hci_uart_tty_ioctl+0x8c5/0xc50 [ 422.097464][T11928] tty_ioctl+0xc69/0x1670 [ 422.101820][T11928] ? hci_uart_init_work+0x170/0x170 [ 422.107058][T11928] ? tty_lookup_driver+0x550/0x550 [ 422.112196][T11928] ? lock_downgrade+0x6e0/0x6e0 [ 422.117063][T11928] ? __fget_files+0x23d/0x3e0 [ 422.121750][T11928] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 422.127995][T11928] ? tty_lookup_driver+0x550/0x550 [ 422.133144][T11928] __x64_sys_ioctl+0x193/0x200 [ 422.137927][T11928] do_syscall_64+0x35/0xb0 [ 422.142364][T11928] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 422.148261][T11928] RIP: 0033:0x7f7481ae8a39 [ 422.152676][T11928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 422.172289][T11928] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 422.180709][T11928] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 422.188676][T11928] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 422.196640][T11928] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 422.204610][T11928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 422.212574][T11928] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 422.259060][T11928] Bluetooth: Can't register HCI device 07:56:18 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 23) [ 422.437208][T11943] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 422.464402][T11943] FAULT_INJECTION: forcing a failure. [ 422.464402][T11943] name failslab, interval 1, probability 0, space 0, times 0 [ 422.486173][T11943] CPU: 1 PID: 11943 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 422.494980][T11943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 422.505140][T11943] Call Trace: [ 422.508432][T11943] dump_stack_lvl+0xcd/0x134 [ 422.513052][T11943] should_fail.cold+0x5/0xa [ 422.517605][T11943] ? __kernfs_new_node+0xd4/0x8b0 [ 422.522737][T11943] should_failslab+0x5/0x10 [ 422.527269][T11943] kmem_cache_alloc+0x5e/0x390 [ 422.532072][T11943] __kernfs_new_node+0xd4/0x8b0 [ 422.536952][T11943] ? kernfs_path_from_node+0x60/0x60 [ 422.542274][T11943] ? kernfs_add_one+0x122/0x4c0 [ 422.547151][T11943] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 422.553164][T11943] kernfs_new_node+0x93/0x120 [ 422.557857][T11943] __kernfs_create_file+0x51/0x350 [ 422.562996][T11943] sysfs_add_file_mode_ns+0x226/0x540 [ 422.568417][T11943] sysfs_create_file_ns+0x131/0x1c0 [ 422.573621][T11943] ? sysfs_add_file_mode_ns+0x540/0x540 [ 422.579168][T11943] ? up_write+0x470/0x470 [ 422.583509][T11943] ? lockdep_init_map_type+0x2c3/0x7b0 [ 422.588983][T11943] device_create_file+0xea/0x1d0 [ 422.593935][T11943] device_add+0x578/0x1ee0 [ 422.598360][T11943] ? device_initialize+0x560/0x560 [ 422.603477][T11943] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 422.609737][T11943] ? start_creating.part.0+0x18f/0x290 [ 422.615220][T11943] hci_register_dev+0x2f6/0xbd0 [ 422.620079][T11943] hci_uart_tty_ioctl+0x8c5/0xc50 [ 422.625109][T11943] tty_ioctl+0xc69/0x1670 [ 422.629440][T11943] ? hci_uart_init_work+0x170/0x170 [ 422.634636][T11943] ? tty_lookup_driver+0x550/0x550 [ 422.639767][T11943] ? lock_downgrade+0x6e0/0x6e0 [ 422.644629][T11943] ? __fget_files+0x23d/0x3e0 [ 422.649326][T11943] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 422.655570][T11943] ? tty_lookup_driver+0x550/0x550 [ 422.660687][T11943] __x64_sys_ioctl+0x193/0x200 [ 422.665452][T11943] do_syscall_64+0x35/0xb0 [ 422.669869][T11943] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 422.675762][T11943] RIP: 0033:0x7f7481ae8a39 [ 422.680175][T11943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 422.699780][T11943] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 422.708191][T11943] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 422.716168][T11943] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 422.724133][T11943] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 422.732098][T11943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 422.740063][T11943] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 422.926695][T11943] Bluetooth: Can't register HCI device 07:56:18 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:18 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 24) [ 423.102028][T11951] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 423.110912][T11951] FAULT_INJECTION: forcing a failure. [ 423.110912][T11951] name failslab, interval 1, probability 0, space 0, times 0 [ 423.129109][T11951] CPU: 0 PID: 11951 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 423.137908][T11951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 423.147977][T11951] Call Trace: [ 423.151271][T11951] dump_stack_lvl+0xcd/0x134 [ 423.155888][T11951] should_fail.cold+0x5/0xa [ 423.160417][T11951] ? __kernfs_new_node+0xd4/0x8b0 [ 423.165474][T11951] should_failslab+0x5/0x10 [ 423.169998][T11951] kmem_cache_alloc+0x5e/0x390 [ 423.174796][T11951] __kernfs_new_node+0xd4/0x8b0 [ 423.179678][T11951] ? kernfs_path_from_node+0x60/0x60 [ 423.184997][T11951] ? find_held_lock+0x2d/0x110 [ 423.189792][T11951] ? sysfs_do_create_link_sd+0x82/0x140 [ 423.195367][T11951] kernfs_new_node+0x93/0x120 [ 423.200088][T11951] kernfs_create_link+0xcb/0x230 [ 423.205059][T11951] sysfs_do_create_link_sd+0x90/0x140 [ 423.210455][T11951] sysfs_create_link+0x5f/0xc0 [ 423.215244][T11951] device_add+0x667/0x1ee0 [ 423.219693][T11951] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 423.225959][T11951] ? start_creating.part.0+0x18f/0x290 [ 423.231465][T11951] hci_register_dev+0x2f6/0xbd0 [ 423.236347][T11951] hci_uart_tty_ioctl+0x8c5/0xc50 [ 423.241400][T11951] tty_ioctl+0xc69/0x1670 [ 423.245761][T11951] ? hci_uart_init_work+0x170/0x170 [ 423.250986][T11951] ? tty_lookup_driver+0x550/0x550 [ 423.256131][T11951] ? lock_downgrade+0x6e0/0x6e0 [ 423.261020][T11951] ? __fget_files+0x23d/0x3e0 [ 423.265721][T11951] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 423.271988][T11951] ? tty_lookup_driver+0x550/0x550 [ 423.277124][T11951] __x64_sys_ioctl+0x193/0x200 [ 423.281912][T11951] do_syscall_64+0x35/0xb0 [ 423.286347][T11951] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 423.292261][T11951] RIP: 0033:0x7f7481ae8a39 [ 423.296689][T11951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 423.316314][T11951] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 423.324754][T11951] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 423.332764][T11951] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 423.340778][T11951] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 423.348768][T11951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 423.356749][T11951] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 423.387733][T11951] Bluetooth: Can't register HCI device 07:56:19 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 25) [ 423.491779][T11961] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 423.500604][T11961] FAULT_INJECTION: forcing a failure. [ 423.500604][T11961] name failslab, interval 1, probability 0, space 0, times 0 [ 423.514278][T11961] CPU: 0 PID: 11961 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 423.523071][T11961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 423.533140][T11961] Call Trace: [ 423.536433][T11961] dump_stack_lvl+0xcd/0x134 [ 423.541052][T11961] should_fail.cold+0x5/0xa [ 423.545581][T11961] ? __kernfs_new_node+0xd4/0x8b0 [ 423.550633][T11961] should_failslab+0x5/0x10 [ 423.555165][T11961] kmem_cache_alloc+0x5e/0x390 [ 423.559960][T11961] __kernfs_new_node+0xd4/0x8b0 [ 423.564854][T11961] ? kernfs_path_from_node+0x60/0x60 [ 423.570187][T11961] ? find_held_lock+0x2d/0x110 [ 423.574977][T11961] ? sysfs_do_create_link_sd+0x82/0x140 [ 423.580550][T11961] kernfs_new_node+0x93/0x120 [ 423.585260][T11961] kernfs_create_link+0xcb/0x230 [ 423.590231][T11961] sysfs_do_create_link_sd+0x90/0x140 [ 423.595630][T11961] sysfs_create_link+0x5f/0xc0 [ 423.600416][T11961] device_add+0x667/0x1ee0 [ 423.604858][T11961] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 423.611124][T11961] ? start_creating.part.0+0x18f/0x290 [ 423.616585][T11961] hci_register_dev+0x2f6/0xbd0 [ 423.621433][T11961] hci_uart_tty_ioctl+0x8c5/0xc50 [ 423.626490][T11961] tty_ioctl+0xc69/0x1670 [ 423.630811][T11961] ? hci_uart_init_work+0x170/0x170 [ 423.636054][T11961] ? tty_lookup_driver+0x550/0x550 [ 423.641190][T11961] ? lock_downgrade+0x6e0/0x6e0 [ 423.646060][T11961] ? __fget_files+0x23d/0x3e0 [ 423.650736][T11961] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 423.656992][T11961] ? tty_lookup_driver+0x550/0x550 [ 423.662093][T11961] __x64_sys_ioctl+0x193/0x200 [ 423.666851][T11961] do_syscall_64+0x35/0xb0 [ 423.671253][T11961] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 423.677140][T11961] RIP: 0033:0x7f7481ae8a39 [ 423.681547][T11961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 423.701317][T11961] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 423.709728][T11961] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 423.717702][T11961] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 423.725657][T11961] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 423.733614][T11961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 423.741928][T11961] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 423.762560][T11961] Bluetooth: Can't register HCI device 07:56:19 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 26) 07:56:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 423.869643][T11967] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 423.887387][T11967] FAULT_INJECTION: forcing a failure. [ 423.887387][T11967] name failslab, interval 1, probability 0, space 0, times 0 [ 423.916916][T11967] CPU: 0 PID: 11967 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 423.925725][T11967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 423.935819][T11967] Call Trace: [ 423.939114][T11967] dump_stack_lvl+0xcd/0x134 [ 423.943728][T11967] should_fail.cold+0x5/0xa [ 423.948259][T11967] should_failslab+0x5/0x10 [ 423.952780][T11967] __kmalloc_track_caller+0x79/0x310 [ 423.958089][T11967] ? kstrdup_const+0x53/0x80 [ 423.962711][T11967] kstrdup+0x36/0x70 [ 423.966635][T11967] kstrdup_const+0x53/0x80 [ 423.971074][T11967] __kernfs_new_node+0x9d/0x8b0 [ 423.975953][T11967] ? kernfs_path_from_node+0x60/0x60 [ 423.981277][T11967] ? find_held_lock+0x2d/0x110 [ 423.986067][T11967] ? sysfs_do_create_link_sd+0x82/0x140 [ 423.991665][T11967] kernfs_new_node+0x93/0x120 [ 423.996376][T11967] kernfs_create_link+0xcb/0x230 [ 424.001357][T11967] sysfs_do_create_link_sd+0x90/0x140 [ 424.006756][T11967] sysfs_create_link+0x5f/0xc0 [ 424.011542][T11967] device_add+0x789/0x1ee0 [ 424.015992][T11967] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 424.022256][T11967] ? start_creating.part.0+0x18f/0x290 [ 424.027751][T11967] hci_register_dev+0x2f6/0xbd0 [ 424.032637][T11967] hci_uart_tty_ioctl+0x8c5/0xc50 [ 424.037690][T11967] tty_ioctl+0xc69/0x1670 [ 424.042039][T11967] ? hci_uart_init_work+0x170/0x170 [ 424.047259][T11967] ? tty_lookup_driver+0x550/0x550 [ 424.052404][T11967] ? lock_downgrade+0x6e0/0x6e0 [ 424.057296][T11967] ? __fget_files+0x23d/0x3e0 [ 424.061995][T11967] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 424.068262][T11967] ? tty_lookup_driver+0x550/0x550 [ 424.073397][T11967] __x64_sys_ioctl+0x193/0x200 [ 424.078294][T11967] do_syscall_64+0x35/0xb0 [ 424.082732][T11967] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 424.088651][T11967] RIP: 0033:0x7f7481ae8a39 [ 424.093087][T11967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 424.112714][T11967] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 424.121150][T11967] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 424.129145][T11967] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 424.137134][T11967] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 424.145131][T11967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 424.153121][T11967] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 424.162007][ T20] Bluetooth: hci7: command 0xfc11 tx timeout [ 424.168209][ T6574] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 424.171454][ T8227] Bluetooth: hci6: command 0xfc11 tx timeout [ 424.183930][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 424.193039][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 424.281430][ T8458] Bluetooth: hci10: command 0xfc11 tx timeout [ 424.291809][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 424.300220][T11967] Bluetooth: Can't register HCI device [ 426.201402][ T6574] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 426.761275][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 426.761443][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) 07:56:22 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 27) 07:56:22 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:22 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 426.883026][T12013] FAULT_INJECTION: forcing a failure. [ 426.883026][T12013] name failslab, interval 1, probability 0, space 0, times 0 [ 426.910295][T12013] CPU: 1 PID: 12013 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 426.919110][T12013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 426.929277][T12013] Call Trace: [ 426.932594][T12013] dump_stack_lvl+0xcd/0x134 [ 426.937212][T12013] should_fail.cold+0x5/0xa [ 426.941743][T12013] ? __kernfs_new_node+0xd4/0x8b0 [ 426.946795][T12013] should_failslab+0x5/0x10 [ 426.951323][T12013] kmem_cache_alloc+0x5e/0x390 [ 426.956126][T12013] __kernfs_new_node+0xd4/0x8b0 [ 426.961005][T12013] ? kernfs_path_from_node+0x60/0x60 [ 426.966329][T12013] ? kernfs_add_one+0x122/0x4c0 [ 426.971208][T12013] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 426.977225][T12013] kernfs_new_node+0x93/0x120 [ 426.981935][T12013] __kernfs_create_file+0x51/0x350 [ 426.987082][T12013] sysfs_add_file_mode_ns+0x226/0x540 [ 426.992502][T12013] sysfs_create_file_ns+0x131/0x1c0 [ 426.997732][T12013] ? sysfs_add_file_mode_ns+0x540/0x540 [ 427.003309][T12013] ? up_write+0x470/0x470 [ 427.007660][T12013] ? lockdep_init_map_type+0x2c3/0x7b0 [ 427.013152][T12013] device_create_file+0xea/0x1d0 [ 427.018114][T12013] device_add+0x578/0x1ee0 [ 427.022552][T12013] ? device_initialize+0x560/0x560 [ 427.027689][T12013] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 427.033961][T12013] hci_register_dev+0x2f6/0xbd0 [ 427.038842][T12013] hci_uart_tty_ioctl+0x8c5/0xc50 [ 427.043897][T12013] tty_ioctl+0xc69/0x1670 [ 427.048271][T12013] ? hci_uart_init_work+0x170/0x170 [ 427.053753][T12013] ? tty_lookup_driver+0x550/0x550 [ 427.058978][T12013] ? lock_downgrade+0x6e0/0x6e0 [ 427.063852][T12013] ? __fget_files+0x23d/0x3e0 [ 427.068531][T12013] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 427.074778][T12013] ? tty_lookup_driver+0x550/0x550 [ 427.079896][T12013] __x64_sys_ioctl+0x193/0x200 [ 427.084663][T12013] do_syscall_64+0x35/0xb0 [ 427.089081][T12013] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 427.094977][T12013] RIP: 0033:0x7f7481ae8a39 [ 427.099386][T12013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 427.118992][T12013] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 427.127402][T12013] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 427.135367][T12013] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 427.143333][T12013] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 427.151305][T12013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 427.159285][T12013] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 427.214921][T12013] Bluetooth: Can't register HCI device 07:56:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 28) [ 427.415299][T12034] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 427.434155][T12034] FAULT_INJECTION: forcing a failure. [ 427.434155][T12034] name failslab, interval 1, probability 0, space 0, times 0 [ 427.457297][T12034] CPU: 0 PID: 12034 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 427.466102][T12034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.476176][T12034] Call Trace: [ 427.479471][T12034] dump_stack_lvl+0xcd/0x134 [ 427.484091][T12034] should_fail.cold+0x5/0xa [ 427.488622][T12034] ? __kernfs_new_node+0xd4/0x8b0 [ 427.493674][T12034] should_failslab+0x5/0x10 [ 427.498203][T12034] kmem_cache_alloc+0x5e/0x390 [ 427.502992][T12034] __kernfs_new_node+0xd4/0x8b0 [ 427.507857][T12034] ? kernfs_path_from_node+0x60/0x60 [ 427.513165][T12034] ? find_held_lock+0x2d/0x110 [ 427.517945][T12034] ? kernfs_add_one+0x368/0x4c0 [ 427.522794][T12034] ? lock_downgrade+0x6e0/0x6e0 [ 427.527654][T12034] kernfs_create_dir_ns+0x9c/0x220 [ 427.532772][T12034] internal_create_group+0x798/0xb20 [ 427.538075][T12034] ? sysfs_remove_group+0x170/0x170 [ 427.543264][T12034] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 427.549496][T12034] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 427.555728][T12034] ? kernfs_put+0x31/0x50 [ 427.560050][T12034] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 427.566289][T12034] dpm_sysfs_add+0x7e/0x290 [ 427.570790][T12034] device_add+0xac4/0x1ee0 [ 427.575221][T12034] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 427.581452][T12034] ? start_creating.part.0+0x18f/0x290 [ 427.586925][T12034] hci_register_dev+0x2f6/0xbd0 [ 427.591777][T12034] hci_uart_tty_ioctl+0x8c5/0xc50 [ 427.596794][T12034] tty_ioctl+0xc69/0x1670 [ 427.601113][T12034] ? hci_uart_init_work+0x170/0x170 [ 427.606319][T12034] ? tty_lookup_driver+0x550/0x550 [ 427.611436][T12034] ? lock_downgrade+0x6e0/0x6e0 [ 427.616309][T12034] ? __fget_files+0x23d/0x3e0 [ 427.620981][T12034] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 427.627221][T12034] ? tty_lookup_driver+0x550/0x550 [ 427.632330][T12034] __x64_sys_ioctl+0x193/0x200 [ 427.637088][T12034] do_syscall_64+0x35/0xb0 [ 427.641496][T12034] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 427.647386][T12034] RIP: 0033:0x7f7481ae8a39 [ 427.651805][T12034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 427.671407][T12034] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 427.679902][T12034] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 427.687878][T12034] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 427.695860][T12034] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 427.703817][T12034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 427.711773][T12034] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 07:56:23 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 29) [ 427.757897][T12034] Bluetooth: Can't register HCI device 07:56:23 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:23 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 427.955242][T12040] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 427.977549][T12040] FAULT_INJECTION: forcing a failure. [ 427.977549][T12040] name failslab, interval 1, probability 0, space 0, times 0 07:56:23 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 428.011357][T12046] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 428.021366][T12040] CPU: 0 PID: 12040 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 428.030159][T12040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 428.040232][T12040] Call Trace: [ 428.043523][T12040] dump_stack_lvl+0xcd/0x134 [ 428.048142][T12040] should_fail.cold+0x5/0xa [ 428.052757][T12040] ? __kernfs_new_node+0xd4/0x8b0 [ 428.057811][T12040] should_failslab+0x5/0x10 [ 428.062335][T12040] kmem_cache_alloc+0x5e/0x390 [ 428.067123][T12040] __kernfs_new_node+0xd4/0x8b0 [ 428.071982][T12040] ? kernfs_path_from_node+0x60/0x60 [ 428.077272][T12040] ? lock_downgrade+0x6e0/0x6e0 [ 428.082140][T12040] ? up_write+0x148/0x470 [ 428.086468][T12040] ? kernfs_activate+0x167/0x1d0 [ 428.091424][T12040] kernfs_new_node+0x93/0x120 [ 428.096111][T12040] __kernfs_create_file+0x51/0x350 [ 428.101234][T12040] sysfs_add_file_mode_ns+0x226/0x540 [ 428.106621][T12040] sysfs_merge_group+0x198/0x320 [ 428.111567][T12040] ? sysfs_update_group+0x30/0x30 [ 428.116607][T12040] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 428.122866][T12040] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 428.129129][T12040] ? kernfs_put+0x31/0x50 [ 428.133467][T12040] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 428.139715][T12040] dpm_sysfs_add+0x241/0x290 [ 428.144309][T12040] device_add+0xac4/0x1ee0 [ 428.148738][T12040] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 428.154978][T12040] ? start_creating.part.0+0x18f/0x290 [ 428.160451][T12040] hci_register_dev+0x2f6/0xbd0 [ 428.165311][T12040] hci_uart_tty_ioctl+0x8c5/0xc50 [ 428.170340][T12040] tty_ioctl+0xc69/0x1670 [ 428.174670][T12040] ? hci_uart_init_work+0x170/0x170 [ 428.179885][T12040] ? tty_lookup_driver+0x550/0x550 [ 428.185028][T12040] ? lock_downgrade+0x6e0/0x6e0 [ 428.189893][T12040] ? __fget_files+0x23d/0x3e0 [ 428.194572][T12040] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 428.200815][T12040] ? tty_lookup_driver+0x550/0x550 [ 428.205930][T12040] __x64_sys_ioctl+0x193/0x200 [ 428.210695][T12040] do_syscall_64+0x35/0xb0 [ 428.215123][T12040] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 428.221031][T12040] RIP: 0033:0x7f7481ae8a39 [ 428.225441][T12040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 428.245055][T12040] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 428.253486][T12040] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 428.261459][T12040] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 428.269430][T12040] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 428.277401][T12040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 428.285368][T12040] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 428.305713][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 428.344890][ T148] Bluetooth: hci11: Frame reassembly failed (-84) [ 428.353550][T12040] Bluetooth: Can't register HCI device [ 428.375037][ T158] Bluetooth: hci9: Frame reassembly failed (-84) 07:56:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 30) [ 428.552313][T12068] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 428.562582][T12068] FAULT_INJECTION: forcing a failure. [ 428.562582][T12068] name failslab, interval 1, probability 0, space 0, times 0 [ 428.575876][T12068] CPU: 1 PID: 12068 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 428.584692][T12068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 428.594762][T12068] Call Trace: [ 428.598048][T12068] dump_stack_lvl+0xcd/0x134 [ 428.602667][T12068] should_fail.cold+0x5/0xa [ 428.607190][T12068] ? __kernfs_new_node+0xd4/0x8b0 [ 428.612236][T12068] should_failslab+0x5/0x10 [ 428.616762][T12068] kmem_cache_alloc+0x5e/0x390 [ 428.621552][T12068] __kernfs_new_node+0xd4/0x8b0 [ 428.626431][T12068] ? kernfs_path_from_node+0x60/0x60 [ 428.631743][T12068] ? lock_downgrade+0x6e0/0x6e0 [ 428.636627][T12068] ? up_write+0x148/0x470 [ 428.640970][T12068] ? kernfs_activate+0x167/0x1d0 [ 428.645926][T12068] kernfs_new_node+0x93/0x120 [ 428.650615][T12068] __kernfs_create_file+0x51/0x350 [ 428.655736][T12068] sysfs_add_file_mode_ns+0x226/0x540 [ 428.661120][T12068] sysfs_merge_group+0x198/0x320 [ 428.666059][T12068] ? sysfs_update_group+0x30/0x30 [ 428.671083][T12068] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 428.677345][T12068] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 428.683597][T12068] ? kernfs_put+0x31/0x50 [ 428.687924][T12068] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 428.694177][T12068] dpm_sysfs_add+0x241/0x290 [ 428.698773][T12068] device_add+0xac4/0x1ee0 [ 428.703199][T12068] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 428.709446][T12068] ? start_creating.part.0+0x18f/0x290 [ 428.714917][T12068] hci_register_dev+0x2f6/0xbd0 [ 428.719777][T12068] hci_uart_tty_ioctl+0x8c5/0xc50 [ 428.724821][T12068] tty_ioctl+0xc69/0x1670 [ 428.729153][T12068] ? hci_uart_init_work+0x170/0x170 [ 428.734351][T12068] ? tty_lookup_driver+0x550/0x550 [ 428.739474][T12068] ? lock_downgrade+0x6e0/0x6e0 [ 428.744341][T12068] ? __fget_files+0x23d/0x3e0 [ 428.749021][T12068] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 428.755263][T12068] ? tty_lookup_driver+0x550/0x550 [ 428.760391][T12068] __x64_sys_ioctl+0x193/0x200 [ 428.765160][T12068] do_syscall_64+0x35/0xb0 [ 428.769575][T12068] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 428.775477][T12068] RIP: 0033:0x7f7481ae8a39 [ 428.779889][T12068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 428.799495][T12068] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 428.807906][T12068] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 428.815873][T12068] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 428.823837][T12068] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 428.831806][T12068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 428.839774][T12068] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 428.960072][T12068] Bluetooth: Can't register HCI device 07:56:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 31) [ 429.122638][T12077] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 429.141308][T12077] FAULT_INJECTION: forcing a failure. [ 429.141308][T12077] name failslab, interval 1, probability 0, space 0, times 0 [ 429.162729][T12077] CPU: 1 PID: 12077 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 429.171541][T12077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.181632][T12077] Call Trace: [ 429.184930][T12077] dump_stack_lvl+0xcd/0x134 [ 429.189551][T12077] should_fail.cold+0x5/0xa [ 429.194080][T12077] ? __kernfs_new_node+0xd4/0x8b0 [ 429.199138][T12077] should_failslab+0x5/0x10 [ 429.203849][T12077] kmem_cache_alloc+0x5e/0x390 [ 429.208648][T12077] __kernfs_new_node+0xd4/0x8b0 [ 429.213530][T12077] ? kernfs_path_from_node+0x60/0x60 [ 429.218848][T12077] ? lock_downgrade+0x6e0/0x6e0 [ 429.223742][T12077] ? up_write+0x148/0x470 [ 429.228088][T12077] ? kernfs_activate+0x167/0x1d0 [ 429.233051][T12077] kernfs_new_node+0x93/0x120 [ 429.237758][T12077] __kernfs_create_file+0x51/0x350 [ 429.242907][T12077] sysfs_add_file_mode_ns+0x226/0x540 [ 429.248318][T12077] sysfs_merge_group+0x198/0x320 [ 429.253282][T12077] ? sysfs_update_group+0x30/0x30 [ 429.258326][T12077] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 429.264594][T12077] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 429.270863][T12077] ? kernfs_put+0x31/0x50 [ 429.275220][T12077] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 429.281495][T12077] dpm_sysfs_add+0x241/0x290 [ 429.286109][T12077] device_add+0xac4/0x1ee0 [ 429.290554][T12077] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 429.296819][T12077] ? start_creating.part.0+0x18f/0x290 [ 429.302318][T12077] hci_register_dev+0x2f6/0xbd0 [ 429.307200][T12077] hci_uart_tty_ioctl+0x8c5/0xc50 [ 429.312252][T12077] tty_ioctl+0xc69/0x1670 [ 429.316600][T12077] ? hci_uart_init_work+0x170/0x170 [ 429.321824][T12077] ? tty_lookup_driver+0x550/0x550 [ 429.326965][T12077] ? lock_downgrade+0x6e0/0x6e0 [ 429.331851][T12077] ? __fget_files+0x23d/0x3e0 [ 429.336547][T12077] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 429.342813][T12077] ? tty_lookup_driver+0x550/0x550 [ 429.347952][T12077] __x64_sys_ioctl+0x193/0x200 [ 429.352745][T12077] do_syscall_64+0x35/0xb0 [ 429.357184][T12077] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 429.363097][T12077] RIP: 0033:0x7f7481ae8a39 [ 429.367513][T12077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 429.387303][T12077] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 429.395726][T12077] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 429.403703][T12077] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 429.411687][T12077] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 429.419659][T12077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 429.427637][T12077] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 429.444668][ T8600] Bluetooth: hci7: command 0x1003 tx timeout [ 429.450842][T10023] Bluetooth: hci7: sending frame failed (-49) [ 429.512912][T12077] Bluetooth: Can't register HCI device [ 430.041228][ T6574] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 430.361350][ T150] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 430.361395][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 430.376897][ T8458] Bluetooth: hci10: command 0x1003 tx timeout [ 430.402746][T10178] Bluetooth: hci10: sending frame failed (-49) [ 430.880681][T12096] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 430.905354][ T148] Bluetooth: hci6: Frame reassembly failed (-84) [ 431.481273][ T20] Bluetooth: hci7: command 0x1001 tx timeout [ 431.487783][ T150] Bluetooth: hci7: sending frame failed (-49) [ 432.441143][ T8458] Bluetooth: hci10: command 0x1001 tx timeout [ 432.448326][ T150] Bluetooth: hci10: sending frame failed (-49) [ 432.921194][ T31] Bluetooth: hci6: command 0xfc11 tx timeout [ 432.921224][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 433.571220][ T20] Bluetooth: hci7: command 0x1009 tx timeout [ 434.521057][ T20] Bluetooth: hci10: command 0x1009 tx timeout 07:56:32 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:32 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 32) 07:56:32 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x2, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:32 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5413, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 437.279933][T12114] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 437.316103][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 437.327884][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 437.341742][T12117] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 437.342222][T12114] FAULT_INJECTION: forcing a failure. [ 437.342222][T12114] name failslab, interval 1, probability 0, space 0, times 0 [ 437.376184][T12114] CPU: 0 PID: 12114 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 437.376480][ T7795] Bluetooth: hci11: Frame reassembly failed (-84) [ 437.385068][T12114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 437.385086][T12114] Call Trace: [ 437.385096][T12114] dump_stack_lvl+0xcd/0x134 [ 437.385130][T12114] should_fail.cold+0x5/0xa [ 437.385159][T12114] ? __kernfs_new_node+0xd4/0x8b0 [ 437.385189][T12114] should_failslab+0x5/0x10 [ 437.385212][T12114] kmem_cache_alloc+0x5e/0x390 [ 437.428208][T12114] __kernfs_new_node+0xd4/0x8b0 [ 437.433073][T12114] ? kernfs_path_from_node+0x60/0x60 [ 437.438362][T12114] ? lock_downgrade+0x6e0/0x6e0 [ 437.443224][T12114] ? up_write+0x148/0x470 [ 437.447548][T12114] ? kernfs_activate+0x167/0x1d0 [ 437.452493][T12114] kernfs_new_node+0x93/0x120 [ 437.457176][T12114] __kernfs_create_file+0x51/0x350 [ 437.462297][T12114] sysfs_add_file_mode_ns+0x226/0x540 [ 437.467686][T12114] sysfs_merge_group+0x198/0x320 [ 437.472642][T12114] ? sysfs_update_group+0x30/0x30 [ 437.477670][T12114] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 437.483912][T12114] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 437.490159][T12114] ? kernfs_put+0x31/0x50 [ 437.494492][T12114] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 437.500740][T12114] dpm_sysfs_add+0x241/0x290 [ 437.505352][T12114] device_add+0xac4/0x1ee0 [ 437.509777][T12114] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 437.516024][T12114] ? start_creating.part.0+0x18f/0x290 [ 437.521501][T12114] hci_register_dev+0x2f6/0xbd0 [ 437.526363][T12114] hci_uart_tty_ioctl+0x8c5/0xc50 [ 437.531393][T12114] tty_ioctl+0xc69/0x1670 [ 437.535725][T12114] ? hci_uart_init_work+0x170/0x170 [ 437.540934][T12114] ? tty_lookup_driver+0x550/0x550 [ 437.546054][T12114] ? lock_downgrade+0x6e0/0x6e0 [ 437.550918][T12114] ? __fget_files+0x23d/0x3e0 [ 437.555606][T12114] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 437.561852][T12114] ? tty_lookup_driver+0x550/0x550 [ 437.566968][T12114] __x64_sys_ioctl+0x193/0x200 [ 437.571742][T12114] do_syscall_64+0x35/0xb0 [ 437.576160][T12114] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 437.582057][T12114] RIP: 0033:0x7f7481ae8a39 [ 437.586468][T12114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 437.606071][T12114] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 437.614481][T12114] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 437.622448][T12114] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 437.630414][T12114] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 437.638385][T12114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 437.646356][T12114] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 437.685416][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 437.717802][T12114] Bluetooth: Can't register HCI device 07:56:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 33) [ 437.883910][T12139] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 437.898131][T12139] FAULT_INJECTION: forcing a failure. [ 437.898131][T12139] name failslab, interval 1, probability 0, space 0, times 0 [ 437.927625][T12139] CPU: 0 PID: 12139 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 437.936432][T12139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 437.946507][T12139] Call Trace: [ 437.949820][T12139] dump_stack_lvl+0xcd/0x134 [ 437.954420][T12139] should_fail.cold+0x5/0xa [ 437.958928][T12139] ? kobject_uevent_env+0x240/0x1650 [ 437.964301][T12139] should_failslab+0x5/0x10 [ 437.968803][T12139] kmem_cache_alloc_trace+0x55/0x3c0 [ 437.974102][T12139] ? dev_uevent_filter+0xd0/0xd0 [ 437.979042][T12139] kobject_uevent_env+0x240/0x1650 [ 437.984169][T12139] device_add+0xbb4/0x1ee0 [ 437.988593][T12139] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 437.994843][T12139] ? start_creating.part.0+0x18f/0x290 [ 438.000315][T12139] hci_register_dev+0x2f6/0xbd0 [ 438.005180][T12139] hci_uart_tty_ioctl+0x8c5/0xc50 [ 438.010211][T12139] tty_ioctl+0xc69/0x1670 [ 438.014543][T12139] ? hci_uart_init_work+0x170/0x170 [ 438.019768][T12139] ? tty_lookup_driver+0x550/0x550 [ 438.024896][T12139] ? lock_downgrade+0x6e0/0x6e0 [ 438.029763][T12139] ? __fget_files+0x23d/0x3e0 [ 438.034446][T12139] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 438.040695][T12139] ? tty_lookup_driver+0x550/0x550 [ 438.045818][T12139] __x64_sys_ioctl+0x193/0x200 [ 438.050592][T12139] do_syscall_64+0x35/0xb0 [ 438.055009][T12139] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 438.060906][T12139] RIP: 0033:0x7f7481ae8a39 [ 438.065319][T12139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 438.084929][T12139] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 438.093353][T12139] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 438.101335][T12139] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 438.109313][T12139] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 438.117282][T12139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 438.125250][T12139] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 07:56:34 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 439.320953][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 439.400980][ T20] Bluetooth: hci11: command 0x1003 tx timeout [ 439.401061][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 439.407373][ T20] Bluetooth: hci8: command 0xfc11 tx timeout [ 439.414765][ T6576] Bluetooth: hci11: sending frame failed (-49) [ 439.723228][ T6574] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 439.723615][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.733353][ T8600] Bluetooth: hci9: command tx timeout [ 439.737158][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 07:56:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 1) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 440.041575][T12168] FAULT_INJECTION: forcing a failure. [ 440.041575][T12168] name failslab, interval 1, probability 0, space 0, times 0 [ 440.041750][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 440.071224][T12168] CPU: 0 PID: 12168 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 440.080034][T12168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 440.090110][T12168] Call Trace: [ 440.093403][T12168] dump_stack_lvl+0xcd/0x134 [ 440.098029][T12168] should_fail.cold+0x5/0xa [ 440.102562][T12168] ? tomoyo_realpath_from_path+0xc3/0x620 [ 440.108303][T12168] should_failslab+0x5/0x10 [ 440.112830][T12168] __kmalloc+0x72/0x320 [ 440.117019][T12168] tomoyo_realpath_from_path+0xc3/0x620 [ 440.122594][T12168] ? tomoyo_profile+0x42/0x50 [ 440.127303][T12168] tomoyo_path_number_perm+0x1d5/0x590 [ 440.132782][T12168] ? tomoyo_path_number_perm+0x18d/0x590 [ 440.138441][T12168] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 440.144300][T12168] ? lock_downgrade+0x6e0/0x6e0 [ 440.149195][T12168] ? __fget_files+0x23d/0x3e0 [ 440.153904][T12168] security_file_ioctl+0x50/0xb0 [ 440.158875][T12168] __x64_sys_ioctl+0xb3/0x200 [ 440.163583][T12168] do_syscall_64+0x35/0xb0 [ 440.168019][T12168] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 440.173940][T12168] RIP: 0033:0x7fa994750a39 [ 440.178377][T12168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 440.198008][T12168] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 440.206444][T12168] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 440.214434][T12168] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 440.222421][T12168] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 440.230413][T12168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 440.238454][T12168] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 07:56:35 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 1) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 440.361139][ T31] Bluetooth: hci6: command 0xfc11 tx timeout [ 440.367356][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 440.403572][T12168] ERROR: Out of memory at tomoyo_realpath_from_path. [ 440.407520][T12176] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 440.435506][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 440.439156][T12176] FAULT_INJECTION: forcing a failure. [ 440.439156][T12176] name failslab, interval 1, probability 0, space 0, times 0 [ 440.446547][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 440.472874][T12176] CPU: 0 PID: 12176 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 440.481677][T12176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 440.491756][T12176] Call Trace: [ 440.495056][T12176] dump_stack_lvl+0xcd/0x134 [ 440.499675][T12176] should_fail.cold+0x5/0xa [ 440.504205][T12176] ? tomoyo_realpath_from_path+0xc3/0x620 [ 440.509952][T12176] should_failslab+0x5/0x10 [ 440.514475][T12176] __kmalloc+0x72/0x320 [ 440.518654][T12176] tomoyo_realpath_from_path+0xc3/0x620 [ 440.524217][T12176] ? tomoyo_profile+0x42/0x50 [ 440.528926][T12176] tomoyo_path_number_perm+0x1d5/0x590 [ 440.534403][T12176] ? tomoyo_path_number_perm+0x18d/0x590 [ 440.540058][T12176] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 440.545922][T12176] ? lock_downgrade+0x6e0/0x6e0 [ 440.550816][T12176] ? __fget_files+0x23d/0x3e0 [ 440.555532][T12176] security_file_ioctl+0x50/0xb0 [ 440.560518][T12176] __x64_sys_ioctl+0xb3/0x200 [ 440.565212][T12176] do_syscall_64+0x35/0xb0 [ 440.569650][T12176] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 440.575543][T12176] RIP: 0033:0x7fc6b4930a39 [ 440.579972][T12176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 440.599600][T12176] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 440.600750][ T8600] Bluetooth: hci10: command 0xfc11 tx timeout [ 440.608047][T12176] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 440.622073][T12176] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 440.630058][T12176] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 440.638047][T12176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 440.646033][T12176] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 07:56:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 34) [ 440.661399][ T9202] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 440.696672][T12176] ERROR: Out of memory at tomoyo_realpath_from_path. [ 440.744916][T12187] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 440.753774][T12187] FAULT_INJECTION: forcing a failure. [ 440.753774][T12187] name failslab, interval 1, probability 0, space 0, times 0 [ 440.767123][T12187] CPU: 1 PID: 12187 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 440.775916][T12187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 440.785974][T12187] Call Trace: [ 440.789250][T12187] dump_stack_lvl+0xcd/0x134 [ 440.793849][T12187] should_fail.cold+0x5/0xa [ 440.798356][T12187] ? __kernfs_new_node+0xd4/0x8b0 [ 440.803403][T12187] should_failslab+0x5/0x10 [ 440.807905][T12187] kmem_cache_alloc+0x5e/0x390 [ 440.812675][T12187] __kernfs_new_node+0xd4/0x8b0 [ 440.817533][T12187] ? kernfs_path_from_node+0x60/0x60 [ 440.822836][T12187] ? lock_downgrade+0x6e0/0x6e0 [ 440.827701][T12187] ? up_write+0x148/0x470 [ 440.832027][T12187] ? kernfs_activate+0x167/0x1d0 [ 440.836970][T12187] kernfs_new_node+0x93/0x120 [ 440.841663][T12187] __kernfs_create_file+0x51/0x350 [ 440.846781][T12187] sysfs_add_file_mode_ns+0x226/0x540 [ 440.852191][T12187] sysfs_merge_group+0x198/0x320 [ 440.857136][T12187] ? sysfs_update_group+0x30/0x30 [ 440.862158][T12187] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 440.868415][T12187] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 440.874661][T12187] ? kernfs_put+0x31/0x50 [ 440.879084][T12187] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 440.885333][T12187] dpm_sysfs_add+0x241/0x290 [ 440.889925][T12187] device_add+0xac4/0x1ee0 [ 440.894347][T12187] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 440.900591][T12187] ? start_creating.part.0+0x18f/0x290 [ 440.906064][T12187] hci_register_dev+0x2f6/0xbd0 [ 440.910937][T12187] hci_uart_tty_ioctl+0x8c5/0xc50 [ 440.915981][T12187] tty_ioctl+0xc69/0x1670 [ 440.920313][T12187] ? hci_uart_init_work+0x170/0x170 [ 440.925520][T12187] ? tty_lookup_driver+0x550/0x550 [ 440.930654][T12187] ? lock_downgrade+0x6e0/0x6e0 [ 440.935519][T12187] ? __fget_files+0x23d/0x3e0 [ 440.940214][T12187] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 440.946457][T12187] ? tty_lookup_driver+0x550/0x550 [ 440.951572][T12187] __x64_sys_ioctl+0x193/0x200 [ 440.956341][T12187] do_syscall_64+0x35/0xb0 [ 440.960778][T12187] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 440.966678][T12187] RIP: 0033:0x7f7481ae8a39 [ 440.971093][T12187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 440.990786][T12187] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 440.999201][T12187] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 441.007170][T12187] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 441.015148][T12187] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 441.023120][T12187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 441.031099][T12187] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 07:56:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 35) [ 441.129566][T12187] Bluetooth: Can't register HCI device [ 441.203247][T12192] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 441.213279][T12192] FAULT_INJECTION: forcing a failure. [ 441.213279][T12192] name failslab, interval 1, probability 0, space 0, times 0 [ 441.226508][T12192] CPU: 0 PID: 12192 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 441.235306][T12192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 441.245375][T12192] Call Trace: [ 441.248664][T12192] dump_stack_lvl+0xcd/0x134 [ 441.253289][T12192] should_fail.cold+0x5/0xa [ 441.257821][T12192] ? kobject_get_path+0xbe/0x230 [ 441.262773][T12192] should_failslab+0x5/0x10 [ 441.267293][T12192] __kmalloc+0x72/0x320 [ 441.271481][T12192] kobject_get_path+0xbe/0x230 [ 441.276272][T12192] kobject_uevent_env+0x265/0x1650 [ 441.281421][T12192] device_add+0xbb4/0x1ee0 [ 441.285872][T12192] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 441.292162][T12192] ? start_creating.part.0+0x18f/0x290 [ 441.297666][T12192] hci_register_dev+0x2f6/0xbd0 [ 441.302641][T12192] hci_uart_tty_ioctl+0x8c5/0xc50 [ 441.307696][T12192] tty_ioctl+0xc69/0x1670 [ 441.312046][T12192] ? hci_uart_init_work+0x170/0x170 [ 441.317269][T12192] ? tty_lookup_driver+0x550/0x550 [ 441.322412][T12192] ? lock_downgrade+0x6e0/0x6e0 [ 441.327336][T12192] ? __fget_files+0x23d/0x3e0 [ 441.332303][T12192] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 441.338574][T12192] ? tty_lookup_driver+0x550/0x550 [ 441.343716][T12192] __x64_sys_ioctl+0x193/0x200 [ 441.348510][T12192] do_syscall_64+0x35/0xb0 [ 441.352950][T12192] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 441.358865][T12192] RIP: 0033:0x7f7481ae8a39 [ 441.363289][T12192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 441.383031][T12192] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 441.391470][T12192] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 441.399459][T12192] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 441.407541][T12192] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 441.415527][T12192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 441.423511][T12192] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 07:56:37 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 1) [ 441.490817][ T8458] Bluetooth: hci11: command 0x1001 tx timeout [ 441.497479][ T6576] Bluetooth: hci11: sending frame failed (-49) [ 441.624927][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 441.634084][T12198] FAULT_INJECTION: forcing a failure. [ 441.634084][T12198] name failslab, interval 1, probability 0, space 0, times 0 [ 441.647112][T12198] CPU: 1 PID: 12198 Comm: syz-executor.1 Not tainted 5.15.0-rc6-syzkaller #0 [ 441.655904][T12198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 441.665978][T12198] Call Trace: [ 441.669270][T12198] dump_stack_lvl+0xcd/0x134 [ 441.673885][T12198] should_fail.cold+0x5/0xa [ 441.678419][T12198] ? tomoyo_realpath_from_path+0xc3/0x620 [ 441.684162][T12198] should_failslab+0x5/0x10 [ 441.688685][T12198] __kmalloc+0x72/0x320 [ 441.692876][T12198] tomoyo_realpath_from_path+0xc3/0x620 [ 441.698451][T12198] ? tomoyo_profile+0x42/0x50 [ 441.703161][T12198] tomoyo_path_number_perm+0x1d5/0x590 [ 441.708648][T12198] ? tomoyo_path_number_perm+0x18d/0x590 [ 441.714308][T12198] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 441.720172][T12198] ? lock_downgrade+0x6e0/0x6e0 [ 441.725071][T12198] ? __fget_files+0x23d/0x3e0 [ 441.729780][T12198] security_file_ioctl+0x50/0xb0 [ 441.734739][T12198] __x64_sys_ioctl+0xb3/0x200 [ 441.739465][T12198] do_syscall_64+0x35/0xb0 [ 441.743877][T12198] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 441.749810][T12198] RIP: 0033:0x7f06bed20a39 [ 441.754236][T12198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 441.773840][T12198] RSP: 002b:00007f06bc296188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 441.782243][T12198] RAX: ffffffffffffffda RBX: 00007f06bee23f60 RCX: 00007f06bed20a39 [ 441.790216][T12198] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 441.798177][T12198] RBP: 00007f06bc2961d0 R08: 0000000000000000 R09: 0000000000000000 [ 441.806134][T12198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 441.814102][T12198] R13: 00007f06bf357b2f R14: 00007f06bc296300 R15: 0000000000022000 [ 441.827682][T12198] ERROR: Out of memory at tomoyo_realpath_from_path. [ 441.880710][ T7] Bluetooth: hci7: command 0xfc11 tx timeout [ 441.880861][ T6574] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 442.050769][ T8458] Bluetooth: hci8: command 0xfc11 tx timeout [ 442.057003][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 442.440904][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 442.440962][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 443.480653][ T9202] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 443.480762][ T8458] Bluetooth: hci9: command 0xfc11 tx timeout [ 443.560922][ T8458] Bluetooth: hci11: command 0x1009 tx timeout [ 443.640546][ T8458] Bluetooth: hci10: command 0x1003 tx timeout [ 443.646814][ T9202] Bluetooth: hci10: sending frame failed (-49) [ 445.720448][ T20] Bluetooth: hci10: command 0x1001 tx timeout [ 445.727093][ T9202] Bluetooth: hci10: sending frame failed (-49) 07:56:43 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:43 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 2) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:43 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) (fail_nth: 36) 07:56:43 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 2) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:43 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5414, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 447.519978][T12232] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 447.547947][T12235] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 447.588350][T12233] FAULT_INJECTION: forcing a failure. [ 447.588350][T12233] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 447.594900][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 447.612866][ T8] Bluetooth: hci7: Frame reassembly failed (-84) [ 447.612863][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 447.618802][T12233] CPU: 0 PID: 12233 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 447.634274][T12233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 447.644333][T12233] Call Trace: [ 447.647611][T12233] dump_stack_lvl+0xcd/0x134 [ 447.652212][T12233] should_fail.cold+0x5/0xa [ 447.656719][T12233] prepare_alloc_pages+0x17b/0x580 [ 447.661841][T12233] __alloc_pages+0x12f/0x500 [ 447.666435][T12233] ? __alloc_pages_slowpath.constprop.0+0x21b0/0x21b0 [ 447.673210][T12233] ? ___slab_alloc+0x2d7/0x1050 [ 447.678073][T12233] alloc_pages+0x1a7/0x300 [ 447.682507][T12233] new_slab+0x319/0x490 [ 447.686669][T12233] ___slab_alloc+0x950/0x1050 [ 447.691357][T12233] ? tomoyo_realpath_from_path+0xc3/0x620 [ 447.697090][T12233] ? fs_reclaim_acquire+0xb2/0x160 [ 447.702207][T12233] ? tomoyo_realpath_from_path+0xc3/0x620 [ 447.707926][T12233] ? __slab_alloc.constprop.0+0x4d/0xa0 [ 447.713480][T12233] __slab_alloc.constprop.0+0x4d/0xa0 [ 447.718858][T12233] ? tomoyo_realpath_from_path+0xc3/0x620 [ 447.724579][T12233] __kmalloc+0x305/0x320 [ 447.728827][T12233] tomoyo_realpath_from_path+0xc3/0x620 [ 447.734397][T12233] ? tomoyo_profile+0x42/0x50 [ 447.739086][T12233] tomoyo_path_number_perm+0x1d5/0x590 [ 447.744549][T12233] ? tomoyo_path_number_perm+0x18d/0x590 [ 447.750202][T12233] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 447.756037][T12233] ? lock_downgrade+0x6e0/0x6e0 [ 447.760904][T12233] ? __fget_files+0x23d/0x3e0 [ 447.765586][T12233] security_file_ioctl+0x50/0xb0 [ 447.770532][T12233] __x64_sys_ioctl+0xb3/0x200 [ 447.775214][T12233] do_syscall_64+0x35/0xb0 [ 447.779630][T12233] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 447.785526][T12233] RIP: 0033:0x7fc6b4930a39 [ 447.789941][T12233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 447.809562][T12233] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 447.817974][T12233] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 447.825938][T12233] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 447.833915][T12233] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 447.841882][T12233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 447.850030][T12233] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 447.864486][ T20] Bluetooth: hci10: command 0x1009 tx timeout [ 447.881576][T12234] FAULT_INJECTION: forcing a failure. [ 447.881576][T12234] name failslab, interval 1, probability 0, space 0, times 0 [ 447.901253][T12235] FAULT_INJECTION: forcing a failure. [ 447.901253][T12235] name failslab, interval 1, probability 0, space 0, times 0 [ 447.923008][T12234] CPU: 0 PID: 12234 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 447.931820][T12234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 447.941892][T12234] Call Trace: [ 447.945190][T12234] dump_stack_lvl+0xcd/0x134 [ 447.949810][T12234] should_fail.cold+0x5/0xa [ 447.954343][T12234] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 447.959737][T12234] should_failslab+0x5/0x10 [ 447.964260][T12234] __kmalloc+0x72/0x320 [ 447.968450][T12234] tomoyo_encode2.part.0+0xe9/0x3a0 [ 447.973679][T12234] tomoyo_encode+0x28/0x50 [ 447.978119][T12234] tomoyo_realpath_from_path+0x186/0x620 [ 447.983793][T12234] tomoyo_path_number_perm+0x1d5/0x590 [ 447.989277][T12234] ? tomoyo_path_number_perm+0x18d/0x590 [ 447.994938][T12234] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 448.000806][T12234] ? lock_downgrade+0x6e0/0x6e0 [ 448.005697][T12234] ? __fget_files+0x23d/0x3e0 [ 448.010408][T12234] security_file_ioctl+0x50/0xb0 [ 448.015386][T12234] __x64_sys_ioctl+0xb3/0x200 [ 448.020091][T12234] do_syscall_64+0x35/0xb0 [ 448.024530][T12234] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 448.030452][T12234] RIP: 0033:0x7fa994750a39 [ 448.034888][T12234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 448.054522][T12234] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 448.062963][T12234] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 448.070956][T12234] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 448.078948][T12234] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 448.086940][T12234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 448.094930][T12234] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 448.143093][T12235] CPU: 0 PID: 12235 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 448.151908][T12235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 448.162067][T12235] Call Trace: [ 448.165348][T12235] dump_stack_lvl+0xcd/0x134 [ 448.169953][T12235] should_fail.cold+0x5/0xa [ 448.174487][T12235] should_failslab+0x5/0x10 [ 448.178991][T12235] kmem_cache_alloc_node+0x65/0x3d0 [ 448.184196][T12235] ? __alloc_skb+0x20b/0x340 [ 448.188796][T12235] __alloc_skb+0x20b/0x340 [ 448.193235][T12235] alloc_uevent_skb+0x7b/0x210 [ 448.198005][T12235] kobject_uevent_env+0xb09/0x1650 [ 448.203133][T12235] device_add+0xbb4/0x1ee0 [ 448.207569][T12235] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 448.213813][T12235] ? start_creating.part.0+0x18f/0x290 [ 448.219283][T12235] hci_register_dev+0x2f6/0xbd0 [ 448.224144][T12235] hci_uart_tty_ioctl+0x8c5/0xc50 [ 448.229175][T12235] tty_ioctl+0xc69/0x1670 [ 448.233504][T12235] ? hci_uart_init_work+0x170/0x170 [ 448.238707][T12235] ? tty_lookup_driver+0x550/0x550 [ 448.243827][T12235] ? lock_downgrade+0x6e0/0x6e0 [ 448.248693][T12235] ? __fget_files+0x23d/0x3e0 [ 448.253379][T12235] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 448.259626][T12235] ? tty_lookup_driver+0x550/0x550 [ 448.264759][T12235] __x64_sys_ioctl+0x193/0x200 [ 448.269537][T12235] do_syscall_64+0x35/0xb0 [ 448.273967][T12235] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 448.279871][T12235] RIP: 0033:0x7f7481ae8a39 [ 448.284284][T12235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 448.303893][T12235] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 448.312320][T12235] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 448.320289][T12235] RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003 [ 448.328256][T12235] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 448.336225][T12235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 448.344189][T12235] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 448.358499][T12234] ERROR: Out of memory at tomoyo_realpath_from_path. [ 449.640844][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 449.650263][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 449.650675][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 449.975971][ T8600] Bluetooth: hci11: command 0x1003 tx timeout [ 449.989287][ T150] Bluetooth: hci11: sending frame failed (-49) 07:56:45 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 3) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 3) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:45 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5415, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 450.288271][T12266] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 450.353683][ T158] Bluetooth: hci7: Frame reassembly failed (-84) [ 450.384089][T10271] Bluetooth: hci8: sending frame failed (-49) [ 450.440447][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 450.446741][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) 07:56:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 450.578925][T12286] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 07:56:47 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) [ 452.050575][ T31] Bluetooth: hci11: command 0x1001 tx timeout [ 452.057096][T10271] Bluetooth: hci11: sending frame failed (-49) [ 452.360304][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 452.370381][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 452.379528][ T31] Bluetooth: hci6: command 0xfc11 tx timeout [ 452.379660][T12271] FAULT_INJECTION: forcing a failure. [ 452.379660][T12271] name failslab, interval 1, probability 0, space 0, times 0 [ 452.385726][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 452.408712][T12266] FAULT_INJECTION: forcing a failure. [ 452.408712][T12266] name failslab, interval 1, probability 0, space 0, times 0 [ 452.421634][T12266] CPU: 1 PID: 12266 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 452.430422][T12266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 452.440488][T12266] Call Trace: [ 452.443778][T12266] dump_stack_lvl+0xcd/0x134 [ 452.448387][T12266] should_fail.cold+0x5/0xa [ 452.452905][T12266] should_failslab+0x5/0x10 [ 452.457422][T12266] kmem_cache_alloc_node+0x65/0x3d0 [ 452.462629][T12266] ? __alloc_skb+0x20b/0x340 [ 452.467259][T12266] __alloc_skb+0x20b/0x340 [ 452.471699][T12266] hci_sock_dev_event+0x1b8/0x570 [ 452.476747][T12266] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 452.482754][T12266] hci_unregister_dev+0x257/0x5a0 [ 452.487804][T12266] hci_uart_tty_close+0x241/0x2a0 [ 452.492836][T12266] ? hci_uart_close+0x70/0x70 [ 452.497526][T12266] tty_ldisc_close+0x110/0x190 [ 452.502304][T12266] tty_set_ldisc+0x214/0x680 [ 452.506905][T12266] tty_ioctl+0xae0/0x1670 [ 452.511250][T12266] ? tty_lookup_driver+0x550/0x550 [ 452.516381][T12266] ? lock_downgrade+0x6e0/0x6e0 [ 452.521252][T12266] ? __fget_files+0x23d/0x3e0 [ 452.525933][T12266] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 452.532181][T12266] ? tty_lookup_driver+0x550/0x550 [ 452.537299][T12266] __x64_sys_ioctl+0x193/0x200 [ 452.542077][T12266] do_syscall_64+0x35/0xb0 [ 452.546499][T12266] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 452.552929][T12266] RIP: 0033:0x7fc6b4930a39 [ 452.557345][T12266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 452.576953][T12266] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 452.585363][T12266] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 452.593343][T12266] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 452.601322][T12266] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 452.609374][T12266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 452.617336][T12266] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 452.625522][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 452.630251][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 452.635430][ T5] Bluetooth: hci8: command tx timeout [ 452.654156][T12271] CPU: 0 PID: 12271 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 452.662955][T12271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 452.673029][T12271] Call Trace: [ 452.676313][T12271] dump_stack_lvl+0xcd/0x134 [ 452.680933][T12271] should_fail.cold+0x5/0xa [ 452.685463][T12271] should_failslab+0x5/0x10 [ 452.689983][T12271] kmem_cache_alloc_node+0x65/0x3d0 [ 452.695208][T12271] ? __alloc_skb+0x20b/0x340 [ 452.699828][T12271] __alloc_skb+0x20b/0x340 [ 452.704275][T12271] hci_sock_dev_event+0x1b8/0x570 [ 452.709328][T12271] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 452.715345][T12271] hci_unregister_dev+0x257/0x5a0 [ 452.720403][T12271] hci_uart_tty_close+0x241/0x2a0 [ 452.725452][T12271] ? hci_uart_close+0x70/0x70 [ 452.730155][T12271] tty_ldisc_close+0x110/0x190 [ 452.734943][T12271] tty_set_ldisc+0x214/0x680 [ 452.739565][T12271] tty_ioctl+0xae0/0x1670 [ 452.743931][T12271] ? tty_lookup_driver+0x550/0x550 [ 452.749073][T12271] ? lock_downgrade+0x6e0/0x6e0 [ 452.754310][T12271] ? __fget_files+0x23d/0x3e0 [ 452.759009][T12271] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 452.765280][T12271] ? tty_lookup_driver+0x550/0x550 [ 452.770419][T12271] __x64_sys_ioctl+0x193/0x200 [ 452.775211][T12271] do_syscall_64+0x35/0xb0 [ 452.779651][T12271] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 452.785578][T12271] RIP: 0033:0x7fa994750a39 [ 452.790012][T12271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 07:56:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x2, 0x9) [ 452.809638][T12271] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 452.818072][T12271] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 452.826057][T12271] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 452.834044][T12271] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 452.842035][T12271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 452.850018][T12271] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 07:56:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x10, 0x9) [ 453.174057][T12323] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 454.040158][ T5] Bluetooth: hci10: command 0x1003 tx timeout [ 454.046919][ T9202] Bluetooth: hci10: sending frame failed (-49) [ 454.120194][ T5] Bluetooth: hci11: command 0x1009 tx timeout [ 455.240120][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 455.240125][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 456.120087][ T5] Bluetooth: hci10: command 0x1001 tx timeout [ 456.126977][T10178] Bluetooth: hci10: sending frame failed (-49) [ 458.209994][ T20] Bluetooth: hci10: command 0x1009 tx timeout 07:56:53 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 1) 07:56:53 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4c01, 0x9) 07:56:53 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 4) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 4) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:56:53 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5416, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 458.393973][T12341] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 458.415928][T12346] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 458.444079][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 458.446324][T12345] FAULT_INJECTION: forcing a failure. [ 458.446324][T12345] name failslab, interval 1, probability 0, space 0, times 0 [ 458.465673][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 458.491270][ T10] Bluetooth: hci9: Frame reassembly failed (-84) [ 458.511192][T12345] CPU: 1 PID: 12345 Comm: syz-executor.5 Not tainted 5.15.0-rc6-syzkaller #0 [ 458.520012][T12345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 458.530084][T12345] Call Trace: [ 458.533374][T12345] dump_stack_lvl+0xcd/0x134 [ 458.537996][T12345] should_fail.cold+0x5/0xa [ 458.542527][T12345] ? tomoyo_realpath_from_path+0xc3/0x620 [ 458.548257][T12345] should_failslab+0x5/0x10 [ 458.552848][T12345] __kmalloc+0x72/0x320 [ 458.557015][T12345] tomoyo_realpath_from_path+0xc3/0x620 [ 458.562594][T12345] ? tomoyo_profile+0x42/0x50 [ 458.567280][T12345] tomoyo_path_number_perm+0x1d5/0x590 [ 458.572742][T12345] ? tomoyo_path_number_perm+0x18d/0x590 [ 458.578397][T12345] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 458.584768][T12345] ? lock_downgrade+0x6e0/0x6e0 [ 458.589638][T12345] ? __fget_files+0x23d/0x3e0 [ 458.594323][T12345] security_file_ioctl+0x50/0xb0 [ 458.599269][T12345] __x64_sys_ioctl+0xb3/0x200 [ 458.603976][T12345] do_syscall_64+0x35/0xb0 [ 458.608393][T12345] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 458.614292][T12345] RIP: 0033:0x7fa723b88a39 [ 458.618721][T12345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 458.638324][T12345] RSP: 002b:00007fa7210fe188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 458.646735][T12345] RAX: ffffffffffffffda RBX: 00007fa723c8bf60 RCX: 00007fa723b88a39 [ 458.654704][T12345] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 458.662677][T12345] RBP: 00007fa7210fe1d0 R08: 0000000000000000 R09: 0000000000000000 [ 458.670655][T12345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 458.678622][T12345] R13: 00007fa7241bfb2f R14: 00007fa7210fe300 R15: 0000000000022000 07:56:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5409, 0x9) [ 458.701274][T12345] ERROR: Out of memory at tomoyo_realpath_from_path. 07:56:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540b, 0x9) 07:56:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540c, 0x9) 07:56:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540d, 0x9) [ 460.449930][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 460.459053][T12341] FAULT_INJECTION: forcing a failure. [ 460.459053][T12341] name failslab, interval 1, probability 0, space 0, times 0 [ 460.478291][T12341] CPU: 0 PID: 12341 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 460.487069][T12341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 460.497183][T12341] Call Trace: [ 460.500457][T12341] dump_stack_lvl+0xcd/0x134 [ 460.505047][T12341] should_fail.cold+0x5/0xa [ 460.509550][T12341] should_failslab+0x5/0x10 [ 460.514046][T12341] __kmalloc_node_track_caller+0x7d/0x340 [ 460.519763][T12341] ? hci_sock_dev_event+0x1b8/0x570 [ 460.525043][T12341] __alloc_skb+0xde/0x340 [ 460.529380][T12341] hci_sock_dev_event+0x1b8/0x570 [ 460.534414][T12341] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 460.540436][T12341] hci_unregister_dev+0x257/0x5a0 [ 460.545461][T12341] hci_uart_tty_close+0x241/0x2a0 [ 460.550501][T12341] ? hci_uart_close+0x70/0x70 [ 460.555173][T12341] tty_ldisc_close+0x110/0x190 [ 460.559939][T12341] tty_set_ldisc+0x214/0x680 [ 460.564526][T12341] tty_ioctl+0xae0/0x1670 [ 460.568852][T12341] ? tty_lookup_driver+0x550/0x550 [ 460.573962][T12341] ? lock_downgrade+0x6e0/0x6e0 [ 460.578820][T12341] ? __fget_files+0x23d/0x3e0 [ 460.583492][T12341] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 460.589733][T12341] ? tty_lookup_driver+0x550/0x550 [ 460.594868][T12341] __x64_sys_ioctl+0x193/0x200 [ 460.599654][T12341] do_syscall_64+0x35/0xb0 [ 460.604062][T12341] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 460.609951][T12341] RIP: 0033:0x7fc6b4930a39 [ 460.614387][T12341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 460.634006][T12341] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 460.642431][T12341] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 460.650417][T12341] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 460.658402][T12341] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 460.666381][T12341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 460.674345][T12341] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 460.683651][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 460.692820][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 460.693129][ T5] Bluetooth: hci7: command 0x1003 tx timeout [ 460.694030][T12343] FAULT_INJECTION: forcing a failure. [ 460.694030][T12343] name failslab, interval 1, probability 0, space 0, times 0 [ 460.702136][T10023] Bluetooth: hci7: sending frame failed (-49) [ 460.720601][T12343] CPU: 0 PID: 12343 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 460.735324][T12343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 460.745391][T12343] Call Trace: [ 460.748916][T12343] dump_stack_lvl+0xcd/0x134 [ 460.753529][T12343] should_fail.cold+0x5/0xa [ 460.758037][T12343] should_failslab+0x5/0x10 [ 460.762540][T12343] __kmalloc_node_track_caller+0x7d/0x340 [ 460.768262][T12343] ? hci_sock_dev_event+0x1b8/0x570 [ 460.773467][T12343] __alloc_skb+0xde/0x340 [ 460.777810][T12343] hci_sock_dev_event+0x1b8/0x570 [ 460.782836][T12343] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 460.788827][T12343] hci_unregister_dev+0x257/0x5a0 [ 460.793857][T12343] hci_uart_tty_close+0x241/0x2a0 [ 460.798884][T12343] ? hci_uart_close+0x70/0x70 [ 460.803559][T12343] tty_ldisc_close+0x110/0x190 [ 460.808323][T12343] tty_set_ldisc+0x214/0x680 [ 460.812915][T12343] tty_ioctl+0xae0/0x1670 [ 460.817248][T12343] ? tty_lookup_driver+0x550/0x550 [ 460.822370][T12343] ? lock_downgrade+0x6e0/0x6e0 [ 460.827232][T12343] ? __fget_files+0x23d/0x3e0 [ 460.831917][T12343] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 460.838164][T12343] ? tty_lookup_driver+0x550/0x550 [ 460.843282][T12343] __x64_sys_ioctl+0x193/0x200 [ 460.848065][T12343] do_syscall_64+0x35/0xb0 [ 460.852485][T12343] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 460.858383][T12343] RIP: 0033:0x7fa994750a39 [ 460.862805][T12343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 460.882408][T12343] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 460.890820][T12343] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 460.898791][T12343] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 460.906760][T12343] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 460.914730][T12343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 460.922704][T12343] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 07:56:57 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x2, &(0x7f0000000080)) 07:56:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540e, 0x9) 07:56:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 5) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 462.189419][T12402] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 462.216022][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 462.759643][ T20] Bluetooth: hci7: command 0x1001 tx timeout [ 462.766656][ T9202] Bluetooth: hci7: sending frame failed (-49) [ 464.279787][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 464.279970][ T20] Bluetooth: hci6: command 0xfc11 tx timeout [ 464.294529][T12402] FAULT_INJECTION: forcing a failure. [ 464.294529][T12402] name failslab, interval 1, probability 0, space 0, times 0 [ 464.307327][T12402] CPU: 1 PID: 12402 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 464.316231][T12402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 464.326356][T12402] Call Trace: [ 464.329745][T12402] dump_stack_lvl+0xcd/0x134 [ 464.334440][T12402] should_fail.cold+0x5/0xa [ 464.338933][T12402] ? kobject_uevent_env+0x240/0x1650 [ 464.344210][T12402] should_failslab+0x5/0x10 [ 464.348703][T12402] kmem_cache_alloc_trace+0x55/0x3c0 [ 464.353981][T12402] ? dev_uevent_filter+0xd0/0xd0 [ 464.358958][T12402] kobject_uevent_env+0x240/0x1650 [ 464.359687][ T7] Bluetooth: hci8: command 0x1003 tx timeout [ 464.364066][T12402] ? is_acpi_device_node+0x6a/0x80 [ 464.375096][ T6576] Bluetooth: hci8: sending frame failed (-49) [ 464.381174][T12402] ? dev_fwnode+0x79/0x90 [ 464.381213][T12402] device_del+0x809/0xd60 [ 464.381243][T12402] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 464.381272][T12402] ? _raw_read_unlock+0x24/0x40 [ 464.381300][T12402] ? hci_sock_dev_event+0xb7/0x570 [ 464.381332][T12402] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 464.412430][T12402] rfkill_unregister+0xcc/0x2c0 [ 464.417282][T12402] hci_unregister_dev+0x28b/0x5a0 [ 464.422340][T12402] hci_uart_tty_close+0x241/0x2a0 [ 464.427357][T12402] ? hci_uart_close+0x70/0x70 [ 464.432033][T12402] tty_ldisc_close+0x110/0x190 [ 464.436860][T12402] tty_set_ldisc+0x214/0x680 [ 464.441530][T12402] tty_ioctl+0xae0/0x1670 [ 464.445879][T12402] ? tty_lookup_driver+0x550/0x550 [ 464.450983][T12402] ? lock_downgrade+0x6e0/0x6e0 [ 464.455843][T12402] ? __fget_files+0x23d/0x3e0 [ 464.460509][T12402] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 464.466742][T12402] ? tty_lookup_driver+0x550/0x550 [ 464.471842][T12402] __x64_sys_ioctl+0x193/0x200 [ 464.476593][T12402] do_syscall_64+0x35/0xb0 [ 464.481001][T12402] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 464.486894][T12402] RIP: 0033:0x7fc6b4930a39 [ 464.491308][T12402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 464.510919][T12402] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 464.519320][T12402] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 464.527285][T12402] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 464.535263][T12402] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 464.543224][T12402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 464.551204][T12402] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 464.839662][ T5] Bluetooth: hci7: command 0x1009 tx timeout [ 466.439572][ T7] Bluetooth: hci8: command 0x1001 tx timeout [ 466.446258][ T6576] Bluetooth: hci8: sending frame failed (-49) [ 468.519471][ T5] Bluetooth: hci8: command 0x1009 tx timeout 07:57:04 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) 07:57:04 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5418, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:04 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 5) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540f, 0x9) 07:57:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 6) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 468.637722][T12430] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 468.661445][T12431] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 468.667242][ T158] Bluetooth: hci7: Frame reassembly failed (-84) 07:57:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5410, 0x9) [ 468.704886][ T8] Bluetooth: hci10: Frame reassembly failed (-84) 07:57:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5412, 0x9) 07:57:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5413, 0x9) 07:57:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5414, 0x9) [ 470.679383][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 470.688300][ T8445] Bluetooth: hci7: command 0xfc11 tx timeout [ 470.688773][T12430] FAULT_INJECTION: forcing a failure. [ 470.688773][T12430] name failslab, interval 1, probability 0, space 0, times 0 [ 470.695952][ T6574] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 470.707918][T12430] CPU: 0 PID: 12430 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 470.723624][T12430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 470.733690][T12430] Call Trace: [ 470.736980][T12430] dump_stack_lvl+0xcd/0x134 [ 470.741602][T12430] should_fail.cold+0x5/0xa [ 470.746133][T12430] ? kobject_get_path+0xbe/0x230 [ 470.751093][T12430] should_failslab+0x5/0x10 [ 470.755625][T12430] __kmalloc+0x72/0x320 [ 470.759389][ T8595] Bluetooth: hci10: command 0x1003 tx timeout [ 470.759813][T12430] kobject_get_path+0xbe/0x230 [ 470.766032][ T6574] Bluetooth: hci10: sending frame failed (-49) [ 470.770632][T12430] kobject_uevent_env+0x265/0x1650 [ 470.770669][T12430] ? is_acpi_device_node+0x6a/0x80 [ 470.770695][T12430] ? dev_fwnode+0x79/0x90 [ 470.770728][T12430] device_del+0x809/0xd60 [ 470.770760][T12430] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 470.770790][T12430] ? _raw_read_unlock+0x24/0x40 [ 470.770819][T12430] ? hci_sock_dev_event+0xb7/0x570 [ 470.770848][T12430] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 470.818141][T12430] rfkill_unregister+0xcc/0x2c0 [ 470.823096][T12430] hci_unregister_dev+0x28b/0x5a0 [ 470.828150][T12430] hci_uart_tty_close+0x241/0x2a0 [ 470.833175][T12430] ? hci_uart_close+0x70/0x70 [ 470.837872][T12430] tty_ldisc_close+0x110/0x190 [ 470.842636][T12430] tty_set_ldisc+0x214/0x680 [ 470.847229][T12430] tty_ioctl+0xae0/0x1670 [ 470.851604][T12430] ? tty_lookup_driver+0x550/0x550 [ 470.856727][T12430] ? lock_downgrade+0x6e0/0x6e0 [ 470.861594][T12430] ? __fget_files+0x23d/0x3e0 [ 470.866273][T12430] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 470.872621][T12430] ? tty_lookup_driver+0x550/0x550 [ 470.877738][T12430] __x64_sys_ioctl+0x193/0x200 [ 470.882506][T12430] do_syscall_64+0x35/0xb0 [ 470.887014][T12430] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 470.892912][T12430] RIP: 0033:0x7fc6b4930a39 [ 470.897349][T12430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 470.916956][T12430] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 470.925368][T12430] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 470.933337][T12430] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 470.941302][T12430] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 470.949282][T12430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 470.957252][T12430] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 470.966036][ T9202] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 470.966465][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 471.017032][T12431] FAULT_INJECTION: forcing a failure. [ 471.017032][T12431] name failslab, interval 1, probability 0, space 0, times 0 [ 471.037916][T12431] CPU: 1 PID: 12431 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 471.046722][T12431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 471.056796][T12431] Call Trace: [ 471.060094][T12431] dump_stack_lvl+0xcd/0x134 [ 471.064747][T12431] should_fail.cold+0x5/0xa [ 471.069256][T12431] ? kobject_uevent_env+0x240/0x1650 [ 471.074558][T12431] should_failslab+0x5/0x10 [ 471.079052][T12431] kmem_cache_alloc_trace+0x55/0x3c0 [ 471.084343][T12431] ? dev_uevent_filter+0xd0/0xd0 [ 471.089277][T12431] kobject_uevent_env+0x240/0x1650 [ 471.094389][T12431] ? is_acpi_device_node+0x6a/0x80 [ 471.099551][T12431] ? dev_fwnode+0x79/0x90 [ 471.103897][T12431] device_del+0x809/0xd60 [ 471.108227][T12431] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 471.114559][T12431] ? _raw_read_unlock+0x24/0x40 [ 471.119487][T12431] ? hci_sock_dev_event+0xb7/0x570 [ 471.124598][T12431] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 471.130596][T12431] rfkill_unregister+0xcc/0x2c0 [ 471.135455][T12431] hci_unregister_dev+0x28b/0x5a0 [ 471.140484][T12431] hci_uart_tty_close+0x241/0x2a0 [ 471.145534][T12431] ? hci_uart_close+0x70/0x70 [ 471.150202][T12431] tty_ldisc_close+0x110/0x190 [ 471.155054][T12431] tty_set_ldisc+0x214/0x680 [ 471.159715][T12431] tty_ioctl+0xae0/0x1670 [ 471.164046][T12431] ? tty_lookup_driver+0x550/0x550 [ 471.169181][T12431] ? lock_downgrade+0x6e0/0x6e0 [ 471.174045][T12431] ? __fget_files+0x23d/0x3e0 [ 471.178736][T12431] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 471.184972][T12431] ? tty_lookup_driver+0x550/0x550 [ 471.190083][T12431] __x64_sys_ioctl+0x193/0x200 [ 471.194893][T12431] do_syscall_64+0x35/0xb0 [ 471.199389][T12431] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 471.205289][T12431] RIP: 0033:0x7fa994750a39 [ 471.209747][T12431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 471.229351][T12431] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 471.237769][T12431] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 471.245742][T12431] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 471.253707][T12431] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 471.261670][T12431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 471.269630][T12431] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 471.403621][T12475] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 471.434304][ T158] Bluetooth: hci6: Frame reassembly failed (-84) 07:57:08 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x10, &(0x7f0000000080)) 07:57:08 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5415, 0x9) 07:57:08 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 7) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 472.484310][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 472.839009][ T8600] Bluetooth: hci10: command 0x1001 tx timeout [ 472.845337][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 473.479069][ T8600] Bluetooth: hci6: command 0xfc11 tx timeout [ 473.484772][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 474.528990][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 474.538117][ T8595] Bluetooth: hci8: command 0x1003 tx timeout [ 474.540756][T12489] FAULT_INJECTION: forcing a failure. [ 474.540756][T12489] name failslab, interval 1, probability 0, space 0, times 0 [ 474.547077][T10023] Bluetooth: hci8: sending frame failed (-49) [ 474.568156][T12489] CPU: 0 PID: 12489 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 474.576946][T12489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 474.586990][T12489] Call Trace: [ 474.590259][T12489] dump_stack_lvl+0xcd/0x134 [ 474.594841][T12489] should_fail.cold+0x5/0xa [ 474.599333][T12489] should_failslab+0x5/0x10 [ 474.603823][T12489] kmem_cache_alloc_node+0x65/0x3d0 [ 474.609011][T12489] ? __alloc_skb+0x20b/0x340 [ 474.613594][T12489] __alloc_skb+0x20b/0x340 [ 474.618005][T12489] alloc_uevent_skb+0x7b/0x210 [ 474.622761][T12489] kobject_uevent_env+0xb09/0x1650 [ 474.627861][T12489] ? is_acpi_device_node+0x6a/0x80 [ 474.632961][T12489] ? dev_fwnode+0x79/0x90 [ 474.637283][T12489] device_del+0x809/0xd60 [ 474.641601][T12489] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 474.647921][T12489] ? _raw_read_unlock+0x24/0x40 [ 474.652759][T12489] ? hci_sock_dev_event+0xb7/0x570 [ 474.657876][T12489] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 474.663842][T12489] rfkill_unregister+0xcc/0x2c0 [ 474.668688][T12489] hci_unregister_dev+0x28b/0x5a0 [ 474.673711][T12489] hci_uart_tty_close+0x241/0x2a0 [ 474.678721][T12489] ? hci_uart_close+0x70/0x70 [ 474.683386][T12489] tty_ldisc_close+0x110/0x190 [ 474.688138][T12489] tty_set_ldisc+0x214/0x680 [ 474.692715][T12489] tty_ioctl+0xae0/0x1670 [ 474.697033][T12489] ? tty_lookup_driver+0x550/0x550 [ 474.702134][T12489] ? lock_downgrade+0x6e0/0x6e0 [ 474.706980][T12489] ? __fget_files+0x23d/0x3e0 [ 474.711645][T12489] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 474.717870][T12489] ? tty_lookup_driver+0x550/0x550 [ 474.722988][T12489] __x64_sys_ioctl+0x193/0x200 [ 474.727743][T12489] do_syscall_64+0x35/0xb0 [ 474.732145][T12489] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 474.738025][T12489] RIP: 0033:0x7fc6b4930a39 [ 474.742429][T12489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 474.762019][T12489] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 474.770438][T12489] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 474.778394][T12489] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 474.786375][T12489] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 474.794343][T12489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 474.802297][T12489] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 474.928622][ T8595] Bluetooth: hci10: command 0x1009 tx timeout [ 476.598579][ T8595] Bluetooth: hci8: command 0x1001 tx timeout [ 476.605296][T10023] Bluetooth: hci8: sending frame failed (-49) [ 478.678177][ T8600] Bluetooth: hci8: command 0x1009 tx timeout 07:57:14 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x2, &(0x7f0000000080)) 07:57:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 6) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:14 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5416, 0x9) 07:57:14 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541b, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:14 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 8) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 478.839411][T12518] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 478.869236][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 478.886469][ T10] Bluetooth: hci7: Frame reassembly failed (-84) [ 478.928052][T12529] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 07:57:14 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5418, 0x9) [ 478.987778][ T158] Bluetooth: hci9: Frame reassembly failed (-84) 07:57:14 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541b, 0x9) 07:57:15 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541d, 0x9) 07:57:15 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541e, 0x9) [ 480.917682][ T5] Bluetooth: hci7: command 0x1003 tx timeout [ 480.923785][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 480.939848][T12518] FAULT_INJECTION: forcing a failure. [ 480.939848][T12518] name failslab, interval 1, probability 0, space 0, times 0 [ 480.955192][T10178] Bluetooth: hci7: sending frame failed (-49) [ 480.958522][T12518] CPU: 0 PID: 12518 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 480.970376][T12518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 480.980472][T12518] Call Trace: [ 480.983741][T12518] dump_stack_lvl+0xcd/0x134 [ 480.988326][T12518] should_fail.cold+0x5/0xa [ 480.992822][T12518] ? kobject_get_path+0xbe/0x230 [ 480.997745][T12518] should_failslab+0x5/0x10 [ 481.002323][T12518] __kmalloc+0x72/0x320 [ 481.006481][T12518] kobject_get_path+0xbe/0x230 [ 481.011248][T12518] kobject_uevent_env+0x265/0x1650 [ 481.016459][T12518] ? is_acpi_device_node+0x6a/0x80 [ 481.021561][T12518] ? dev_fwnode+0x79/0x90 [ 481.025892][T12518] device_del+0x809/0xd60 [ 481.030242][T12518] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 481.036580][T12518] ? _raw_read_unlock+0x24/0x40 [ 481.041428][T12518] ? hci_sock_dev_event+0xb7/0x570 [ 481.046546][T12518] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 481.052528][T12518] rfkill_unregister+0xcc/0x2c0 [ 481.057405][T12518] hci_unregister_dev+0x28b/0x5a0 [ 481.062425][T12518] hci_uart_tty_close+0x241/0x2a0 [ 481.067444][T12518] ? hci_uart_close+0x70/0x70 [ 481.072112][T12518] tty_ldisc_close+0x110/0x190 [ 481.076881][T12518] tty_set_ldisc+0x214/0x680 [ 481.081472][T12518] tty_ioctl+0xae0/0x1670 [ 481.085873][T12518] ? tty_lookup_driver+0x550/0x550 [ 481.091001][T12518] ? lock_downgrade+0x6e0/0x6e0 [ 481.095860][T12518] ? __fget_files+0x23d/0x3e0 [ 481.100606][T12518] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 481.106868][T12518] ? tty_lookup_driver+0x550/0x550 [ 481.111981][T12518] __x64_sys_ioctl+0x193/0x200 [ 481.116813][T12518] do_syscall_64+0x35/0xb0 [ 481.121254][T12518] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 481.127266][T12518] RIP: 0033:0x7fa994750a39 [ 481.131695][T12518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 481.151401][T12518] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 481.159834][T12518] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 481.167802][T12518] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 481.175789][T12518] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 481.183764][T12518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 481.191728][T12518] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 481.207677][ T5] Bluetooth: hci10: command 0xfc11 tx timeout [ 481.209358][ T8445] Bluetooth: hci9: command 0xfc11 tx timeout [ 481.219949][ T9202] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 481.229299][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 481.239412][T12530] FAULT_INJECTION: forcing a failure. [ 481.239412][T12530] name failslab, interval 1, probability 0, space 0, times 0 [ 481.255425][T12530] CPU: 1 PID: 12530 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 481.264224][T12530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 481.274303][T12530] Call Trace: [ 481.277601][T12530] dump_stack_lvl+0xcd/0x134 [ 481.282210][T12530] should_fail.cold+0x5/0xa [ 481.286742][T12530] should_failslab+0x5/0x10 [ 481.291271][T12530] __kmalloc_node_track_caller+0x7d/0x340 [ 481.296997][T12530] ? alloc_uevent_skb+0x7b/0x210 [ 481.301945][T12530] __alloc_skb+0xde/0x340 [ 481.306470][T12530] alloc_uevent_skb+0x7b/0x210 [ 481.311247][T12530] kobject_uevent_env+0xb09/0x1650 [ 481.316357][T12530] ? is_acpi_device_node+0x6a/0x80 [ 481.321480][T12530] ? dev_fwnode+0x79/0x90 [ 481.325841][T12530] device_del+0x809/0xd60 [ 481.330196][T12530] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 481.336543][T12530] ? _raw_read_unlock+0x24/0x40 [ 481.341392][T12530] ? hci_sock_dev_event+0xb7/0x570 [ 481.346520][T12530] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 481.352524][T12530] rfkill_unregister+0xcc/0x2c0 [ 481.357385][T12530] hci_unregister_dev+0x28b/0x5a0 [ 481.362419][T12530] hci_uart_tty_close+0x241/0x2a0 [ 481.367444][T12530] ? hci_uart_close+0x70/0x70 [ 481.372140][T12530] tty_ldisc_close+0x110/0x190 [ 481.376908][T12530] tty_set_ldisc+0x214/0x680 [ 481.381506][T12530] tty_ioctl+0xae0/0x1670 [ 481.385872][T12530] ? tty_lookup_driver+0x550/0x550 [ 481.390995][T12530] ? lock_downgrade+0x6e0/0x6e0 [ 481.395868][T12530] ? __fget_files+0x23d/0x3e0 [ 481.400552][T12530] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 481.406810][T12530] ? tty_lookup_driver+0x550/0x550 [ 481.411926][T12530] __x64_sys_ioctl+0x193/0x200 [ 481.416696][T12530] do_syscall_64+0x35/0xb0 [ 481.421113][T12530] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 481.427012][T12530] RIP: 0033:0x7fc6b4930a39 [ 481.431428][T12530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 481.451035][T12530] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 481.459446][T12530] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 481.467418][T12530] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 481.475392][T12530] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 481.483361][T12530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 481.491445][T12530] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 07:57:18 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4c01, &(0x7f0000000080)) 07:57:18 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541e, 0x9) 07:57:18 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 482.696602][T12582] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 482.721784][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 482.742975][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 482.997327][ T8445] Bluetooth: hci7: command 0x1001 tx timeout [ 483.003407][ T9202] Bluetooth: hci7: sending frame failed (-49) [ 484.757201][ T8445] Bluetooth: hci6: command 0x1003 tx timeout [ 484.757217][ T6574] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 484.764365][ T9202] Bluetooth: hci6: sending frame failed (-49) [ 485.077016][ T8445] Bluetooth: hci7: command 0x1009 tx timeout [ 485.301213][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 486.836710][ T8600] Bluetooth: hci6: command 0x1001 tx timeout [ 486.843478][ T6574] Bluetooth: hci6: sending frame failed (-49) [ 487.316681][ T8331] Bluetooth: hci8: command 0xfc11 tx timeout [ 487.316887][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 488.916470][ T7] Bluetooth: hci6: command 0x1009 tx timeout 07:57:24 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x10, &(0x7f0000000080)) 07:57:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 7) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:24 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 9) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5420, 0x9) 07:57:24 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541e, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 489.111645][ T10] Bluetooth: hci7: Frame reassembly failed (-84) [ 489.125330][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 489.142855][T12618] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 07:57:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5421, 0x9) [ 489.160763][ T1102] Bluetooth: hci9: Frame reassembly failed (-84) 07:57:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5422, 0x9) 07:57:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5423, 0x9) 07:57:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5424, 0x9) [ 491.156197][ T8595] Bluetooth: hci8: command 0xfc11 tx timeout [ 491.156284][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 491.162523][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 491.184508][T12616] FAULT_INJECTION: forcing a failure. [ 491.184508][T12616] name failslab, interval 1, probability 0, space 0, times 0 [ 491.208273][T12616] CPU: 1 PID: 12616 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 491.217088][T12616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 491.227263][T12616] Call Trace: [ 491.230549][T12616] dump_stack_lvl+0xcd/0x134 [ 491.235138][T12616] should_fail.cold+0x5/0xa [ 491.239645][T12616] should_failslab+0x5/0x10 [ 491.244161][T12616] kmem_cache_alloc_node+0x65/0x3d0 [ 491.249361][T12616] ? __alloc_skb+0x20b/0x340 [ 491.254035][T12616] __alloc_skb+0x20b/0x340 [ 491.258460][T12616] alloc_uevent_skb+0x7b/0x210 [ 491.263251][T12616] kobject_uevent_env+0xb09/0x1650 [ 491.268372][T12616] ? is_acpi_device_node+0x6a/0x80 [ 491.273505][T12616] ? dev_fwnode+0x79/0x90 [ 491.277854][T12616] device_del+0x809/0xd60 [ 491.282220][T12616] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 491.288580][T12616] ? _raw_read_unlock+0x24/0x40 [ 491.293453][T12616] ? hci_sock_dev_event+0xb7/0x570 [ 491.298568][T12616] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 491.304571][T12616] rfkill_unregister+0xcc/0x2c0 [ 491.309421][T12616] hci_unregister_dev+0x28b/0x5a0 [ 491.314442][T12616] hci_uart_tty_close+0x241/0x2a0 [ 491.319630][T12616] ? hci_uart_close+0x70/0x70 [ 491.324328][T12616] tty_ldisc_close+0x110/0x190 [ 491.329087][T12616] tty_set_ldisc+0x214/0x680 [ 491.333701][T12616] tty_ioctl+0xae0/0x1670 [ 491.338038][T12616] ? tty_lookup_driver+0x550/0x550 [ 491.343187][T12616] ? lock_downgrade+0x6e0/0x6e0 [ 491.348083][T12616] ? __fget_files+0x23d/0x3e0 [ 491.352776][T12616] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 491.359108][T12616] ? tty_lookup_driver+0x550/0x550 [ 491.364267][T12616] __x64_sys_ioctl+0x193/0x200 [ 491.369057][T12616] do_syscall_64+0x35/0xb0 [ 491.373468][T12616] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 491.379361][T12616] RIP: 0033:0x7fa994750a39 [ 491.383783][T12616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 491.403388][T12616] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 491.411805][T12616] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 491.419798][T12616] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 491.427787][T12616] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 491.435772][T12616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 491.443761][T12616] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 491.454921][ T8595] Bluetooth: hci10: command 0x1003 tx timeout [ 491.462000][ T6574] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 491.473254][ T6574] Bluetooth: hci10: sending frame failed (-49) [ 491.482643][T12618] FAULT_INJECTION: forcing a failure. [ 491.482643][T12618] name failslab, interval 1, probability 0, space 0, times 0 [ 491.496457][T12618] CPU: 1 PID: 12618 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 491.505247][T12618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 491.515316][T12618] Call Trace: [ 491.518594][T12618] dump_stack_lvl+0xcd/0x134 [ 491.523261][T12618] should_fail.cold+0x5/0xa [ 491.527768][T12618] ? skb_clone+0x170/0x3c0 [ 491.532204][T12618] should_failslab+0x5/0x10 [ 491.536701][T12618] kmem_cache_alloc+0x5e/0x390 [ 491.541486][T12618] skb_clone+0x170/0x3c0 [ 491.545725][T12618] netlink_broadcast_filtered+0xa0a/0xdc0 [ 491.551558][T12618] netlink_broadcast+0x35/0x40 [ 491.556351][T12618] kobject_uevent_env+0xad0/0x1650 [ 491.561492][T12618] ? is_acpi_device_node+0x6a/0x80 [ 491.566623][T12618] ? dev_fwnode+0x79/0x90 [ 491.570983][T12618] device_del+0x809/0xd60 [ 491.575322][T12618] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 491.581679][T12618] ? _raw_read_unlock+0x24/0x40 [ 491.586551][T12618] ? hci_sock_dev_event+0xb7/0x570 [ 491.591767][T12618] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 491.597752][T12618] rfkill_unregister+0xcc/0x2c0 [ 491.602623][T12618] hci_unregister_dev+0x28b/0x5a0 [ 491.607744][T12618] hci_uart_tty_close+0x241/0x2a0 [ 491.612779][T12618] ? hci_uart_close+0x70/0x70 [ 491.617543][T12618] tty_ldisc_close+0x110/0x190 [ 491.622334][T12618] tty_set_ldisc+0x214/0x680 [ 491.626942][T12618] tty_ioctl+0xae0/0x1670 [ 491.631296][T12618] ? tty_lookup_driver+0x550/0x550 [ 491.636421][T12618] ? lock_downgrade+0x6e0/0x6e0 [ 491.641311][T12618] ? __fget_files+0x23d/0x3e0 [ 491.646014][T12618] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 491.652270][T12618] ? tty_lookup_driver+0x550/0x550 [ 491.657416][T12618] __x64_sys_ioctl+0x193/0x200 [ 491.662197][T12618] do_syscall_64+0x35/0xb0 [ 491.666615][T12618] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 491.672526][T12618] RIP: 0033:0x7fc6b4930a39 [ 491.677110][T12618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 491.696737][T12618] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 491.705251][T12618] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 491.713304][T12618] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 491.721275][T12618] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 491.729259][T12618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 491.737247][T12618] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 07:57:28 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5409, &(0x7f0000000080)) 07:57:28 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5425, 0x9) 07:57:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 8) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 492.936230][T12678] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 492.963260][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 492.963273][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 493.555905][ T8445] Bluetooth: hci10: command 0x1001 tx timeout [ 493.563293][T10023] Bluetooth: hci10: sending frame failed (-49) [ 493.795947][ T6574] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 494.995687][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 494.995833][ T20] Bluetooth: hci8: command 0xfc11 tx timeout [ 495.005199][ T8331] Bluetooth: hci6: command 0x1003 tx timeout [ 495.015927][ T6576] Bluetooth: hci6: sending frame failed (-49) [ 495.025983][T12677] FAULT_INJECTION: forcing a failure. [ 495.025983][T12677] name failslab, interval 1, probability 0, space 0, times 0 [ 495.041314][T12677] CPU: 1 PID: 12677 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 495.050106][T12677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 495.060176][T12677] Call Trace: [ 495.063462][T12677] dump_stack_lvl+0xcd/0x134 [ 495.068069][T12677] should_fail.cold+0x5/0xa [ 495.072570][T12677] should_failslab+0x5/0x10 [ 495.077113][T12677] __kmalloc_node_track_caller+0x7d/0x340 [ 495.082868][T12677] ? alloc_uevent_skb+0x7b/0x210 [ 495.087810][T12677] __alloc_skb+0xde/0x340 [ 495.092151][T12677] alloc_uevent_skb+0x7b/0x210 [ 495.096908][T12677] kobject_uevent_env+0xb09/0x1650 [ 495.102035][T12677] ? is_acpi_device_node+0x6a/0x80 [ 495.107163][T12677] ? dev_fwnode+0x79/0x90 [ 495.111491][T12677] device_del+0x809/0xd60 [ 495.115823][T12677] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 495.122148][T12677] ? _raw_read_unlock+0x24/0x40 [ 495.126999][T12677] ? hci_sock_dev_event+0xb7/0x570 [ 495.132130][T12677] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 495.138105][T12677] rfkill_unregister+0xcc/0x2c0 [ 495.142967][T12677] hci_unregister_dev+0x28b/0x5a0 [ 495.148018][T12677] hci_uart_tty_close+0x241/0x2a0 [ 495.153036][T12677] ? hci_uart_close+0x70/0x70 [ 495.157708][T12677] tty_ldisc_close+0x110/0x190 [ 495.162472][T12677] tty_set_ldisc+0x214/0x680 [ 495.167074][T12677] tty_ioctl+0xae0/0x1670 [ 495.171404][T12677] ? tty_lookup_driver+0x550/0x550 [ 495.176514][T12677] ? lock_downgrade+0x6e0/0x6e0 [ 495.181367][T12677] ? __fget_files+0x23d/0x3e0 [ 495.186040][T12677] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 495.192291][T12677] ? tty_lookup_driver+0x550/0x550 [ 495.197405][T12677] __x64_sys_ioctl+0x193/0x200 [ 495.202193][T12677] do_syscall_64+0x35/0xb0 [ 495.206624][T12677] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 495.212512][T12677] RIP: 0033:0x7fa994750a39 [ 495.216917][T12677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 495.236516][T12677] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 495.244923][T12677] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 495.252893][T12677] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 495.260857][T12677] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 495.268910][T12677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 495.276872][T12677] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 495.635538][ T8331] Bluetooth: hci10: command 0x1009 tx timeout [ 497.075255][ T7] Bluetooth: hci6: command 0x1001 tx timeout [ 497.081886][ T6576] Bluetooth: hci6: sending frame failed (-49) [ 499.155009][ T7] Bluetooth: hci6: command 0x1009 tx timeout 07:57:34 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4c01, &(0x7f0000000080)) 07:57:34 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 10) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5427, 0x9) 07:57:34 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541e, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 9) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 499.340508][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 499.382232][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 499.396681][T12716] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 07:57:35 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5428, 0x9) [ 499.434245][ T1102] Bluetooth: hci10: Frame reassembly failed (-84) [ 499.456415][ T8] Bluetooth: hci9: Frame reassembly failed (-84) [ 499.472200][ T8] Bluetooth: hci9: Frame reassembly failed (-84) 07:57:35 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5429, 0x9) 07:57:35 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x9) 07:57:35 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5441, 0x9) [ 501.156217][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.162590][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.394578][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 501.395424][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 501.406031][T12715] FAULT_INJECTION: forcing a failure. [ 501.406031][T12715] name failslab, interval 1, probability 0, space 0, times 0 [ 501.422572][T12715] CPU: 0 PID: 12715 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 501.431349][T12715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 501.441400][T12715] Call Trace: [ 501.444674][T12715] dump_stack_lvl+0xcd/0x134 [ 501.449275][T12715] should_fail.cold+0x5/0xa [ 501.453777][T12715] ? skb_clone+0x170/0x3c0 [ 501.458216][T12715] should_failslab+0x5/0x10 [ 501.462723][T12715] kmem_cache_alloc+0x5e/0x390 [ 501.467495][T12715] skb_clone+0x170/0x3c0 [ 501.471745][T12715] netlink_broadcast_filtered+0xa0a/0xdc0 [ 501.477482][T12715] netlink_broadcast+0x35/0x40 [ 501.482250][T12715] kobject_uevent_env+0xad0/0x1650 [ 501.487369][T12715] ? is_acpi_device_node+0x6a/0x80 [ 501.492482][T12715] ? dev_fwnode+0x79/0x90 [ 501.496818][T12715] device_del+0x809/0xd60 [ 501.501151][T12715] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 501.507477][T12715] ? _raw_read_unlock+0x24/0x40 [ 501.512336][T12715] ? hci_sock_dev_event+0xb7/0x570 [ 501.517446][T12715] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 501.523430][T12715] rfkill_unregister+0xcc/0x2c0 [ 501.528286][T12715] hci_unregister_dev+0x28b/0x5a0 [ 501.533317][T12715] hci_uart_tty_close+0x241/0x2a0 [ 501.538345][T12715] ? hci_uart_close+0x70/0x70 [ 501.543017][T12715] tty_ldisc_close+0x110/0x190 [ 501.547781][T12715] tty_set_ldisc+0x214/0x680 [ 501.552371][T12715] tty_ioctl+0xae0/0x1670 [ 501.556703][T12715] ? tty_lookup_driver+0x550/0x550 [ 501.561820][T12715] ? lock_downgrade+0x6e0/0x6e0 [ 501.566692][T12715] ? __fget_files+0x23d/0x3e0 [ 501.571371][T12715] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 501.577615][T12715] ? tty_lookup_driver+0x550/0x550 [ 501.582728][T12715] __x64_sys_ioctl+0x193/0x200 [ 501.587492][T12715] do_syscall_64+0x35/0xb0 [ 501.591910][T12715] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 501.597894][T12715] RIP: 0033:0x7fa994750a39 [ 501.602302][T12715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 501.621911][T12715] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 501.630326][T12715] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 501.638293][T12715] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 501.646261][T12715] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 501.654311][T12715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 501.662285][T12715] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 501.674504][ T7] Bluetooth: hci9: command 0xfc11 tx timeout [ 501.675183][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 501.680547][ T7] Bluetooth: hci10: command 0x1003 tx timeout [ 501.700485][T12728] FAULT_INJECTION: forcing a failure. [ 501.700485][T12728] name failslab, interval 1, probability 0, space 0, times 0 [ 501.732263][T12728] CPU: 1 PID: 12728 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 501.741064][T12728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 501.751132][T12728] Call Trace: [ 501.754425][T12728] dump_stack_lvl+0xcd/0x134 [ 501.759041][T12728] should_fail.cold+0x5/0xa [ 501.763655][T12728] ? call_usermodehelper_setup+0x97/0x340 [ 501.769473][T12728] should_failslab+0x5/0x10 [ 501.773997][T12728] kmem_cache_alloc_trace+0x55/0x3c0 [ 501.779309][T12728] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 501.785081][T12728] call_usermodehelper_setup+0x97/0x340 [ 501.790652][T12728] ? kobj_ns_initial+0x90/0x90 [ 501.795442][T12728] kobject_uevent_env+0xf73/0x1650 [ 501.800580][T12728] ? is_acpi_device_node+0x6a/0x80 [ 501.805711][T12728] ? dev_fwnode+0x79/0x90 [ 501.810065][T12728] device_del+0x809/0xd60 [ 501.814419][T12728] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 501.814578][T10023] Bluetooth: hci10: sending frame failed (-49) [ 501.820759][T12728] ? _raw_read_unlock+0x24/0x40 [ 501.820791][T12728] ? hci_sock_dev_event+0xb7/0x570 [ 501.820830][T12728] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 501.820865][T12728] rfkill_unregister+0xcc/0x2c0 [ 501.820899][T12728] hci_unregister_dev+0x28b/0x5a0 [ 501.853030][T12728] hci_uart_tty_close+0x241/0x2a0 [ 501.858072][T12728] ? hci_uart_close+0x70/0x70 [ 501.862770][T12728] tty_ldisc_close+0x110/0x190 [ 501.867825][T12728] tty_set_ldisc+0x214/0x680 [ 501.872439][T12728] tty_ioctl+0xae0/0x1670 [ 501.876800][T12728] ? tty_lookup_driver+0x550/0x550 [ 501.881948][T12728] ? lock_downgrade+0x6e0/0x6e0 [ 501.886834][T12728] ? __fget_files+0x23d/0x3e0 [ 501.891537][T12728] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 501.897812][T12728] ? tty_lookup_driver+0x550/0x550 [ 501.902948][T12728] __x64_sys_ioctl+0x193/0x200 [ 501.907742][T12728] do_syscall_64+0x35/0xb0 [ 501.912177][T12728] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 501.918088][T12728] RIP: 0033:0x7fc6b4930a39 [ 501.922512][T12728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 501.942216][T12728] RSP: 002b:00007fc6b1e85188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 501.950709][T12728] RAX: ffffffffffffffda RBX: 00007fc6b4a34020 RCX: 00007fc6b4930a39 [ 501.958737][T12728] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 501.966730][T12728] RBP: 00007fc6b1e851d0 R08: 0000000000000000 R09: 0000000000000000 [ 501.974735][T12728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 501.982783][T12728] R13: 00007fc6b4f67b2f R14: 00007fc6b1e85300 R15: 0000000000022000 07:57:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540b, &(0x7f0000000080)) 07:57:38 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5450, 0x9) 07:57:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 10) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 503.182192][T12772] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 503.247989][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 503.257535][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 503.884179][ T1726] Bluetooth: hci10: command 0x1001 tx timeout [ 503.891675][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 504.274218][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 504.274331][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 505.314105][ T5] Bluetooth: hci8: command 0x1003 tx timeout [ 505.314276][ T8445] Bluetooth: hci6: command 0xfc11 tx timeout [ 505.323539][T10023] Bluetooth: hci8: sending frame failed (-49) [ 505.326295][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 505.341126][T12778] FAULT_INJECTION: forcing a failure. [ 505.341126][T12778] name failslab, interval 1, probability 0, space 0, times 0 [ 505.364709][T12778] CPU: 1 PID: 12778 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 505.373516][T12778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 505.383584][T12778] Call Trace: [ 505.386873][T12778] dump_stack_lvl+0xcd/0x134 [ 505.391483][T12778] should_fail.cold+0x5/0xa [ 505.396114][T12778] ? call_usermodehelper_setup+0x97/0x340 [ 505.401867][T12778] should_failslab+0x5/0x10 [ 505.406364][T12778] kmem_cache_alloc_trace+0x55/0x3c0 [ 505.411677][T12778] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 505.417419][T12778] call_usermodehelper_setup+0x97/0x340 [ 505.422980][T12778] ? kobj_ns_initial+0x90/0x90 [ 505.427747][T12778] kobject_uevent_env+0xf73/0x1650 [ 505.432880][T12778] ? is_acpi_device_node+0x6a/0x80 [ 505.437994][T12778] ? dev_fwnode+0x79/0x90 [ 505.442347][T12778] device_del+0x809/0xd60 [ 505.446699][T12778] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 505.453053][T12778] ? _raw_read_unlock+0x24/0x40 [ 505.457924][T12778] ? hci_sock_dev_event+0xb7/0x570 [ 505.463050][T12778] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 505.469113][T12778] rfkill_unregister+0xcc/0x2c0 [ 505.474067][T12778] hci_unregister_dev+0x28b/0x5a0 [ 505.479109][T12778] hci_uart_tty_close+0x241/0x2a0 [ 505.484141][T12778] ? hci_uart_close+0x70/0x70 [ 505.488829][T12778] tty_ldisc_close+0x110/0x190 [ 505.493589][T12778] tty_set_ldisc+0x214/0x680 [ 505.498173][T12778] tty_ioctl+0xae0/0x1670 [ 505.502930][T12778] ? tty_lookup_driver+0x550/0x550 [ 505.508071][T12778] ? lock_downgrade+0x6e0/0x6e0 [ 505.512923][T12778] ? __fget_files+0x23d/0x3e0 [ 505.517599][T12778] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 505.523857][T12778] ? tty_lookup_driver+0x550/0x550 [ 505.528980][T12778] __x64_sys_ioctl+0x193/0x200 [ 505.533734][T12778] do_syscall_64+0x35/0xb0 [ 505.538148][T12778] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 505.544038][T12778] RIP: 0033:0x7fa994750a39 [ 505.548461][T12778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 505.568065][T12778] RSP: 002b:00007fa991ca5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 505.576499][T12778] RAX: ffffffffffffffda RBX: 00007fa994854020 RCX: 00007fa994750a39 [ 505.584492][T12778] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 505.592525][T12778] RBP: 00007fa991ca51d0 R08: 0000000000000000 R09: 0000000000000000 [ 505.600491][T12778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 505.608536][T12778] R13: 00007fa994d87b2f R14: 00007fa991ca5300 R15: 0000000000022000 [ 505.953864][ T5] Bluetooth: hci10: command 0x1009 tx timeout [ 507.403874][ T1726] Bluetooth: hci8: command 0x1001 tx timeout [ 507.410754][T10023] Bluetooth: hci8: sending frame failed (-49) 07:57:45 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5409, &(0x7f0000000080)) 07:57:45 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 11) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5451, 0x9) 07:57:45 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5421, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 11) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 509.473499][ T1726] Bluetooth: hci8: command 0x1009 tx timeout [ 509.577127][T12801] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 509.619981][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 509.623415][T12805] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 509.646189][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) 07:57:45 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540b, &(0x7f0000000080)) 07:57:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5452, 0x9) 07:57:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x545d, 0x9) [ 509.819156][ T1102] Bluetooth: hci10: Frame reassembly failed (-84) 07:57:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5460, 0x9) [ 511.633295][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 511.633477][ T6574] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 511.713281][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 511.713327][ T9202] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 511.722598][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 511.728865][ T8445] Bluetooth: hci6: command tx timeout [ 511.742608][T12801] FAULT_INJECTION: forcing a failure. [ 511.742608][T12801] name failslab, interval 1, probability 0, space 0, times 0 [ 511.742840][T12815] FAULT_INJECTION: forcing a failure. [ 511.742840][T12815] name failslab, interval 1, probability 0, space 0, times 0 [ 511.765243][T12801] CPU: 1 PID: 12801 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 511.777029][T12801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 511.787085][T12801] Call Trace: [ 511.790364][T12801] dump_stack_lvl+0xcd/0x134 [ 511.794969][T12801] should_fail.cold+0x5/0xa [ 511.799475][T12801] ? call_usermodehelper_setup+0x97/0x340 [ 511.805197][T12801] should_failslab+0x5/0x10 [ 511.809698][T12801] kmem_cache_alloc_trace+0x55/0x3c0 [ 511.814999][T12801] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 511.820729][T12801] call_usermodehelper_setup+0x97/0x340 [ 511.826714][T12801] ? kobj_ns_initial+0x90/0x90 [ 511.831489][T12801] kobject_uevent_env+0xf73/0x1650 [ 511.836614][T12801] ? is_acpi_device_node+0x6a/0x80 [ 511.841734][T12801] ? dev_fwnode+0x79/0x90 [ 511.846079][T12801] device_del+0x809/0xd60 [ 511.850413][T12801] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 511.856746][T12801] ? _raw_read_unlock+0x24/0x40 [ 511.861596][T12801] ? hci_sock_dev_event+0xb7/0x570 [ 511.866712][T12801] ? hci_send_monitor_ctrl_event+0x5c0/0x5c0 [ 511.872697][T12801] rfkill_unregister+0xcc/0x2c0 [ 511.877555][T12801] hci_unregister_dev+0x28b/0x5a0 [ 511.882599][T12801] hci_uart_tty_close+0x241/0x2a0 [ 511.887635][T12801] ? hci_uart_close+0x70/0x70 [ 511.892314][T12801] tty_ldisc_close+0x110/0x190 [ 511.897081][T12801] tty_set_ldisc+0x214/0x680 [ 511.901670][T12801] tty_ioctl+0xae0/0x1670 [ 511.906014][T12801] ? tty_lookup_driver+0x550/0x550 [ 511.911146][T12801] ? lock_downgrade+0x6e0/0x6e0 [ 511.916010][T12801] ? __fget_files+0x23d/0x3e0 [ 511.920690][T12801] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 511.926944][T12801] ? tty_lookup_driver+0x550/0x550 [ 511.932070][T12801] __x64_sys_ioctl+0x193/0x200 [ 511.936838][T12801] do_syscall_64+0x35/0xb0 [ 511.941252][T12801] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 511.947150][T12801] RIP: 0033:0x7fa994750a39 [ 511.951561][T12801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 511.971169][T12801] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 511.979580][T12801] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 511.987555][T12801] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 511.995526][T12801] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 512.003506][T12801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 512.011482][T12801] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 512.044390][ T1726] Bluetooth: hci10: command 0x1003 tx timeout [ 512.044587][T12815] CPU: 1 PID: 12815 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 512.059226][T12815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 512.069297][T12815] Call Trace: [ 512.072593][T12815] dump_stack_lvl+0xcd/0x134 [ 512.077209][T12815] should_fail.cold+0x5/0xa [ 512.081739][T12815] ? rfkill_send_events+0x87/0x3f0 [ 512.086874][T12815] should_failslab+0x5/0x10 [ 512.091380][T12815] kmem_cache_alloc_trace+0x55/0x3c0 [ 512.096679][T12815] rfkill_send_events+0x87/0x3f0 [ 512.101622][T12815] ? hci_sock_dev_event+0xb7/0x570 [ 512.106741][T12815] rfkill_unregister+0xe7/0x2c0 [ 512.111613][T12815] hci_unregister_dev+0x28b/0x5a0 [ 512.116645][T12815] hci_uart_tty_close+0x241/0x2a0 [ 512.121672][T12815] ? hci_uart_close+0x70/0x70 [ 512.126352][T12815] tty_ldisc_close+0x110/0x190 [ 512.131120][T12815] tty_set_ldisc+0x214/0x680 [ 512.135714][T12815] tty_ioctl+0xae0/0x1670 [ 512.140049][T12815] ? tty_lookup_driver+0x550/0x550 [ 512.145167][T12815] ? lock_downgrade+0x6e0/0x6e0 [ 512.150034][T12815] ? __fget_files+0x23d/0x3e0 [ 512.154729][T12815] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 512.160989][T12815] ? tty_lookup_driver+0x550/0x550 [ 512.166105][T12815] __x64_sys_ioctl+0x193/0x200 [ 512.170875][T12815] do_syscall_64+0x35/0xb0 [ 512.175293][T12815] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 512.181193][T12815] RIP: 0033:0x7fc6b4930a39 [ 512.185618][T12815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 512.205311][T12815] RSP: 002b:00007fc6b1e85188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 512.213727][T12815] RAX: ffffffffffffffda RBX: 00007fc6b4a34020 RCX: 00007fc6b4930a39 [ 512.221695][T12815] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 512.229660][T12815] RBP: 00007fc6b1e851d0 R08: 0000000000000000 R09: 0000000000000000 [ 512.237641][T12815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 512.245607][T12815] R13: 00007fc6b4f67b2f R14: 00007fc6b1e85300 R15: 0000000000022000 [ 512.263758][ T9202] Bluetooth: hci10: sending frame failed (-49) [ 512.471825][T12852] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 07:57:49 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540c, &(0x7f0000000080)) 07:57:49 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5501, 0x9) 07:57:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 12) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:49 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 12) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 513.438076][T10023] Bluetooth: hci7: sending frame failed (-49) [ 513.446401][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 513.469238][T12875] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 513.484211][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) 07:57:49 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5509, 0x9) 07:57:49 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x550c, 0x9) [ 514.282664][ T5] Bluetooth: hci10: command 0x1001 tx timeout [ 514.290381][ T150] Bluetooth: hci10: sending frame failed (-49) [ 514.512824][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 514.522085][ T5] Bluetooth: hci6: command tx timeout 07:57:50 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5424, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x6364, 0x9) [ 514.603860][T12899] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 514.619553][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 515.472743][ T1726] Bluetooth: hci7: command 0xfc11 tx timeout [ 515.472878][ T6574] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 515.479245][ T1726] Bluetooth: hci8: command 0xfc11 tx timeout [ 515.486551][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 515.503026][T12868] FAULT_INJECTION: forcing a failure. [ 515.503026][T12868] name failslab, interval 1, probability 0, space 0, times 0 [ 515.528141][T12868] CPU: 0 PID: 12868 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 515.536945][T12868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 515.547016][T12868] Call Trace: [ 515.550307][T12868] dump_stack_lvl+0xcd/0x134 [ 515.554926][T12868] should_fail.cold+0x5/0xa [ 515.559451][T12868] ? kobject_uevent_env+0x240/0x1650 [ 515.564735][T12868] should_failslab+0x5/0x10 [ 515.569251][T12868] kmem_cache_alloc_trace+0x55/0x3c0 [ 515.574572][T12868] ? dev_uevent_filter+0xd0/0xd0 [ 515.579528][T12868] kobject_uevent_env+0x240/0x1650 [ 515.584648][T12868] ? is_acpi_device_node+0x6a/0x80 [ 515.589773][T12868] ? dev_fwnode+0x79/0x90 [ 515.594111][T12868] device_del+0x809/0xd60 [ 515.598458][T12868] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 515.604784][T12868] ? kfree_const+0x51/0x60 [ 515.609260][T12868] ? kobject_put+0x1f3/0x540 [ 515.613879][T12868] hci_unregister_dev+0x2c6/0x5a0 [ 515.618937][T12868] hci_uart_tty_close+0x241/0x2a0 [ 515.624170][T12868] ? hci_uart_close+0x70/0x70 [ 515.628867][T12868] tty_ldisc_close+0x110/0x190 [ 515.633635][T12868] tty_set_ldisc+0x214/0x680 [ 515.638245][T12868] tty_ioctl+0xae0/0x1670 [ 515.642690][T12868] ? tty_lookup_driver+0x550/0x550 [ 515.647830][T12868] ? lock_downgrade+0x6e0/0x6e0 [ 515.652717][T12868] ? __fget_files+0x23d/0x3e0 [ 515.657409][T12868] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 515.663648][T12868] ? tty_lookup_driver+0x550/0x550 [ 515.668779][T12868] __x64_sys_ioctl+0x193/0x200 [ 515.673545][T12868] do_syscall_64+0x35/0xb0 [ 515.677977][T12868] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 515.683869][T12868] RIP: 0033:0x7fa994750a39 [ 515.688301][T12868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 515.707921][T12868] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 515.716332][T12868] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 515.724325][T12868] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 515.732313][T12868] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 515.740296][T12868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 515.748270][T12868] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 515.767494][T12867] FAULT_INJECTION: forcing a failure. [ 515.767494][T12867] name failslab, interval 1, probability 0, space 0, times 0 [ 515.786501][ T5] Bluetooth: hci9: command 0x1003 tx timeout [ 515.794389][T10178] Bluetooth: hci9: sending frame failed (-49) [ 515.820651][T12867] CPU: 0 PID: 12867 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 515.829460][T12867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 515.839520][T12867] Call Trace: [ 515.842811][T12867] dump_stack_lvl+0xcd/0x134 [ 515.847431][T12867] should_fail.cold+0x5/0xa [ 515.851976][T12867] ? kobject_uevent_env+0x240/0x1650 [ 515.857281][T12867] should_failslab+0x5/0x10 [ 515.861776][T12867] kmem_cache_alloc_trace+0x55/0x3c0 [ 515.867070][T12867] ? dev_uevent_filter+0xd0/0xd0 [ 515.872012][T12867] kobject_uevent_env+0x240/0x1650 [ 515.877135][T12867] ? is_acpi_device_node+0x6a/0x80 [ 515.882273][T12867] ? dev_fwnode+0x79/0x90 [ 515.886614][T12867] device_del+0x809/0xd60 [ 515.890950][T12867] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 515.897307][T12867] ? kfree_const+0x51/0x60 [ 515.901746][T12867] ? kobject_put+0x1f3/0x540 [ 515.906356][T12867] hci_unregister_dev+0x2c6/0x5a0 [ 515.911395][T12867] hci_uart_tty_close+0x241/0x2a0 [ 515.916421][T12867] ? hci_uart_close+0x70/0x70 [ 515.921099][T12867] tty_ldisc_close+0x110/0x190 [ 515.925865][T12867] tty_set_ldisc+0x214/0x680 [ 515.930479][T12867] tty_ioctl+0xae0/0x1670 [ 515.934816][T12867] ? tty_lookup_driver+0x550/0x550 [ 515.939938][T12867] ? lock_downgrade+0x6e0/0x6e0 [ 515.944814][T12867] ? __fget_files+0x23d/0x3e0 [ 515.949495][T12867] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 515.955741][T12867] ? tty_lookup_driver+0x550/0x550 [ 515.960858][T12867] __x64_sys_ioctl+0x193/0x200 [ 515.965624][T12867] do_syscall_64+0x35/0xb0 [ 515.970038][T12867] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 515.975946][T12867] RIP: 0033:0x7fc6b4930a39 [ 515.980364][T12867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 516.000055][T12867] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 516.008475][T12867] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 516.016446][T12867] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 516.024411][T12867] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 516.032378][T12867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 516.040343][T12867] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 516.362389][ T1726] Bluetooth: hci10: command 0x1009 tx timeout [ 516.672487][ T1726] Bluetooth: hci6: command 0xfc11 tx timeout [ 516.678700][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 517.203536][T12921] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 517.882439][ T20] Bluetooth: hci9: command 0x1001 tx timeout [ 517.889521][T10178] Bluetooth: hci9: sending frame failed (-49) [ 519.232040][ T20] Bluetooth: hci6: command 0xfc11 tx timeout [ 519.242207][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 519.952151][ T20] Bluetooth: hci9: command 0x1009 tx timeout 07:57:56 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540c, &(0x7f0000000080)) 07:57:56 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x8913, 0x9) 07:57:56 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 13) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 13) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 520.444269][T12936] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 520.495889][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 520.557935][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 522.511653][ T20] Bluetooth: hci6: command 0xfc11 tx timeout [ 522.521823][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 522.531148][ T1726] Bluetooth: hci7: command 0xfc11 tx timeout [ 522.532081][T12936] FAULT_INJECTION: forcing a failure. [ 522.532081][T12936] name failslab, interval 1, probability 0, space 0, times 0 [ 522.537358][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 522.555292][T12936] CPU: 1 PID: 12936 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 522.566161][T12936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 522.576327][T12936] Call Trace: [ 522.579614][T12936] dump_stack_lvl+0xcd/0x134 [ 522.584216][T12936] should_fail.cold+0x5/0xa [ 522.588728][T12936] ? kobject_get_path+0xbe/0x230 [ 522.593671][T12936] should_failslab+0x5/0x10 [ 522.598178][T12936] __kmalloc+0x72/0x320 [ 522.602358][T12936] kobject_get_path+0xbe/0x230 [ 522.607128][T12936] kobject_uevent_env+0x265/0x1650 [ 522.612263][T12936] ? is_acpi_device_node+0x6a/0x80 [ 522.617375][T12936] ? dev_fwnode+0x79/0x90 [ 522.621720][T12936] device_del+0x809/0xd60 [ 522.626056][T12936] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 522.632386][T12936] ? kfree_const+0x51/0x60 [ 522.636806][T12936] ? kobject_put+0x1f3/0x540 [ 522.641419][T12936] hci_unregister_dev+0x2c6/0x5a0 [ 522.646451][T12936] hci_uart_tty_close+0x241/0x2a0 [ 522.651475][T12936] ? hci_uart_close+0x70/0x70 [ 522.656163][T12936] tty_ldisc_close+0x110/0x190 [ 522.660937][T12936] tty_set_ldisc+0x214/0x680 [ 522.665530][T12936] tty_ioctl+0xae0/0x1670 [ 522.669876][T12936] ? tty_lookup_driver+0x550/0x550 [ 522.675015][T12936] ? lock_downgrade+0x6e0/0x6e0 [ 522.679894][T12936] ? __fget_files+0x23d/0x3e0 [ 522.684586][T12936] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 522.690831][T12936] ? tty_lookup_driver+0x550/0x550 [ 522.695964][T12936] __x64_sys_ioctl+0x193/0x200 [ 522.700734][T12936] do_syscall_64+0x35/0xb0 [ 522.705162][T12936] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 522.711069][T12936] RIP: 0033:0x7fa994750a39 [ 522.715479][T12936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 522.735084][T12936] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 522.743933][T12936] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 522.751900][T12936] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 522.759875][T12936] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 522.767851][T12936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 522.775827][T12936] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 522.788587][T12938] FAULT_INJECTION: forcing a failure. [ 522.788587][T12938] name failslab, interval 1, probability 0, space 0, times 0 [ 522.791606][ T20] Bluetooth: hci8: command 0x1003 tx timeout [ 522.815395][T12938] CPU: 0 PID: 12938 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 522.824207][T12938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 522.834274][T12938] Call Trace: [ 522.837577][T12938] dump_stack_lvl+0xcd/0x134 [ 522.842197][T12938] should_fail.cold+0x5/0xa [ 522.846746][T12938] ? kobject_get_path+0xbe/0x230 [ 522.851757][T12938] should_failslab+0x5/0x10 [ 522.856306][T12938] __kmalloc+0x72/0x320 [ 522.860495][T12938] kobject_get_path+0xbe/0x230 [ 522.865290][T12938] kobject_uevent_env+0x265/0x1650 [ 522.870438][T12938] ? is_acpi_device_node+0x6a/0x80 [ 522.875581][T12938] ? dev_fwnode+0x79/0x90 [ 522.875719][ T6576] Bluetooth: hci8: sending frame failed (-49) [ 522.879932][T12938] device_del+0x809/0xd60 [ 522.879968][T12938] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 522.896944][T12938] ? kfree_const+0x51/0x60 [ 522.901387][T12938] ? kobject_put+0x1f3/0x540 [ 522.906005][T12938] hci_unregister_dev+0x2c6/0x5a0 [ 522.911059][T12938] hci_uart_tty_close+0x241/0x2a0 [ 522.916105][T12938] ? hci_uart_close+0x70/0x70 [ 522.920832][T12938] tty_ldisc_close+0x110/0x190 [ 522.925623][T12938] tty_set_ldisc+0x214/0x680 [ 522.930241][T12938] tty_ioctl+0xae0/0x1670 [ 522.934605][T12938] ? tty_lookup_driver+0x550/0x550 [ 522.939743][T12938] ? lock_downgrade+0x6e0/0x6e0 [ 522.944621][T12938] ? __fget_files+0x23d/0x3e0 [ 522.949304][T12938] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 522.955552][T12938] ? tty_lookup_driver+0x550/0x550 [ 522.960671][T12938] __x64_sys_ioctl+0x193/0x200 [ 522.965439][T12938] do_syscall_64+0x35/0xb0 [ 522.969858][T12938] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 522.975768][T12938] RIP: 0033:0x7fc6b4930a39 [ 522.980182][T12938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 522.999790][T12938] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 523.008207][T12938] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 523.016179][T12938] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 523.024162][T12938] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 523.032139][T12938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 523.040105][T12938] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 07:57:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540d, &(0x7f0000000080)) 07:57:59 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5425, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x8914, 0x9) 07:57:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 14) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:57:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 14) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 523.672898][T12970] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 523.702153][ T158] Bluetooth: hci7: Frame reassembly failed (-84) [ 523.730521][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) 07:57:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x8933, 0x9) [ 523.777114][T12980] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 523.814658][ T10] Bluetooth: hci9: Frame reassembly failed (-84) [ 523.836575][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) 07:57:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x89f1, 0x9) 07:57:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x89f2, 0x9) [ 524.911489][ T8600] Bluetooth: hci8: command 0x1001 tx timeout [ 524.918265][ T150] Bluetooth: hci8: sending frame failed (-49) [ 525.711297][ T8445] Bluetooth: hci7: command 0xfc11 tx timeout [ 525.711438][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 525.728721][T12971] FAULT_INJECTION: forcing a failure. [ 525.728721][T12971] name failslab, interval 1, probability 0, space 0, times 0 [ 525.742506][T12971] CPU: 1 PID: 12971 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 525.751346][T12971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 525.761511][T12971] Call Trace: [ 525.764791][T12971] dump_stack_lvl+0xcd/0x134 [ 525.769380][T12971] should_fail.cold+0x5/0xa [ 525.773877][T12971] ? kobject_get_path+0xbe/0x230 [ 525.778811][T12971] should_failslab+0x5/0x10 [ 525.783310][T12971] __kmalloc+0x72/0x320 [ 525.787478][T12971] kobject_get_path+0xbe/0x230 [ 525.791160][ T7] Bluetooth: hci6: command 0xfc11 tx timeout [ 525.792269][T12971] kobject_uevent_env+0x265/0x1650 [ 525.803499][T12971] ? is_acpi_device_node+0x6a/0x80 [ 525.808637][T12971] ? dev_fwnode+0x79/0x90 [ 525.812967][T12971] device_del+0x809/0xd60 [ 525.817289][T12971] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 525.823605][T12971] ? kfree_const+0x51/0x60 [ 525.828010][T12971] ? kobject_put+0x1f3/0x540 [ 525.832592][T12971] hci_unregister_dev+0x2c6/0x5a0 [ 525.837607][T12971] hci_uart_tty_close+0x241/0x2a0 [ 525.842615][T12971] ? hci_uart_close+0x70/0x70 [ 525.847279][T12971] tty_ldisc_close+0x110/0x190 [ 525.852032][T12971] tty_set_ldisc+0x214/0x680 [ 525.856610][T12971] tty_ioctl+0xae0/0x1670 [ 525.860930][T12971] ? tty_lookup_driver+0x550/0x550 [ 525.866043][T12971] ? lock_downgrade+0x6e0/0x6e0 [ 525.870888][T12971] ? __fget_files+0x23d/0x3e0 [ 525.871118][ T7] Bluetooth: hci10: command 0xfc11 tx timeout [ 525.875576][T12971] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 525.887891][T12971] ? tty_lookup_driver+0x550/0x550 [ 525.893003][T12971] __x64_sys_ioctl+0x193/0x200 [ 525.897795][T12971] do_syscall_64+0x35/0xb0 [ 525.902240][T12971] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 525.908127][T12971] RIP: 0033:0x7fa994750a39 [ 525.912531][T12971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 525.932120][T12971] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 525.940537][T12971] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 525.948492][T12971] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 525.956459][T12971] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 525.964429][T12971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 525.972390][T12971] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 525.986595][ T8445] Bluetooth: hci9: command 0x1003 tx timeout [ 525.992787][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 526.002268][ T6574] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 526.024768][T12982] FAULT_INJECTION: forcing a failure. [ 526.024768][T12982] name failslab, interval 1, probability 0, space 0, times 0 [ 526.042136][ T6574] Bluetooth: hci9: sending frame failed (-49) [ 526.049112][T12982] CPU: 1 PID: 12982 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 526.057908][T12982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 526.067983][T12982] Call Trace: [ 526.071278][T12982] dump_stack_lvl+0xcd/0x134 [ 526.075898][T12982] should_fail.cold+0x5/0xa [ 526.080432][T12982] should_failslab+0x5/0x10 [ 526.084957][T12982] kmem_cache_alloc_node+0x65/0x3d0 [ 526.090181][T12982] ? __alloc_skb+0x20b/0x340 [ 526.094800][T12982] __alloc_skb+0x20b/0x340 [ 526.099232][T12982] alloc_uevent_skb+0x7b/0x210 [ 526.104005][T12982] kobject_uevent_env+0xb09/0x1650 [ 526.109130][T12982] ? is_acpi_device_node+0x6a/0x80 [ 526.114263][T12982] ? dev_fwnode+0x79/0x90 [ 526.118601][T12982] device_del+0x809/0xd60 [ 526.122938][T12982] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 526.129270][T12982] ? kfree_const+0x51/0x60 [ 526.133690][T12982] ? kobject_put+0x1f3/0x540 [ 526.138287][T12982] hci_unregister_dev+0x2c6/0x5a0 [ 526.143320][T12982] hci_uart_tty_close+0x241/0x2a0 [ 526.148357][T12982] ? hci_uart_close+0x70/0x70 [ 526.153056][T12982] tty_ldisc_close+0x110/0x190 [ 526.157863][T12982] tty_set_ldisc+0x214/0x680 [ 526.162461][T12982] tty_ioctl+0xae0/0x1670 [ 526.166798][T12982] ? tty_lookup_driver+0x550/0x550 [ 526.171917][T12982] ? lock_downgrade+0x6e0/0x6e0 [ 526.176787][T12982] ? __fget_files+0x23d/0x3e0 [ 526.181472][T12982] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 526.187721][T12982] ? tty_lookup_driver+0x550/0x550 [ 526.192839][T12982] __x64_sys_ioctl+0x193/0x200 [ 526.197606][T12982] do_syscall_64+0x35/0xb0 [ 526.202022][T12982] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 526.207919][T12982] RIP: 0033:0x7fc6b4930a39 [ 526.212334][T12982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 526.231939][T12982] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 526.240356][T12982] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 526.248324][T12982] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 526.256292][T12982] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 526.264258][T12982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 526.272222][T12982] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 526.990976][ T5] Bluetooth: hci8: command 0x1009 tx timeout [ 528.121166][ T8600] Bluetooth: hci9: command 0x1001 tx timeout [ 528.128271][ T6574] Bluetooth: hci9: sending frame failed (-49) [ 530.191090][ T8445] Bluetooth: hci9: command 0x1009 tx timeout 07:58:06 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540d, &(0x7f0000000080)) 07:58:06 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xae01, 0x9) 07:58:06 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5427, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:06 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 15) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 530.698394][T13028] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 530.733997][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 530.758632][ T10] Bluetooth: hci6: Frame reassembly failed (-84) [ 530.804745][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 532.750300][ T8600] Bluetooth: hci7: command 0xfc11 tx timeout [ 532.750312][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 532.771798][T13029] FAULT_INJECTION: forcing a failure. [ 532.771798][T13029] name failslab, interval 1, probability 0, space 0, times 0 [ 532.787114][T13029] CPU: 0 PID: 13029 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 532.795916][T13029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.805991][T13029] Call Trace: [ 532.809285][T13029] dump_stack_lvl+0xcd/0x134 [ 532.813910][T13029] should_fail.cold+0x5/0xa [ 532.818449][T13029] should_failslab+0x5/0x10 [ 532.822978][T13029] __kmalloc_node_track_caller+0x7d/0x340 [ 532.828725][T13029] ? alloc_uevent_skb+0x7b/0x210 [ 532.830450][ T6574] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 532.833674][T13029] __alloc_skb+0xde/0x340 [ 532.833717][T13029] alloc_uevent_skb+0x7b/0x210 [ 532.833752][T13029] kobject_uevent_env+0xb09/0x1650 [ 532.843161][ T8600] Bluetooth: hci6: command tx timeout [ 532.845663][T13029] ? is_acpi_device_node+0x6a/0x80 [ 532.865954][T13029] ? dev_fwnode+0x79/0x90 [ 532.870312][T13029] device_del+0x809/0xd60 [ 532.874665][T13029] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 532.881016][T13029] ? kfree_const+0x51/0x60 [ 532.885455][T13029] ? kobject_put+0x1f3/0x540 [ 532.890069][T13029] hci_unregister_dev+0x2c6/0x5a0 [ 532.895109][T13029] hci_uart_tty_close+0x241/0x2a0 [ 532.900131][T13029] ? hci_uart_close+0x70/0x70 [ 532.904826][T13029] tty_ldisc_close+0x110/0x190 [ 532.909607][T13029] tty_set_ldisc+0x214/0x680 [ 532.914215][T13029] tty_ioctl+0xae0/0x1670 [ 532.918560][T13029] ? tty_lookup_driver+0x550/0x550 [ 532.923679][T13029] ? lock_downgrade+0x6e0/0x6e0 [ 532.928554][T13029] ? __fget_files+0x23d/0x3e0 [ 532.933231][T13029] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 532.939494][T13029] ? tty_lookup_driver+0x550/0x550 [ 532.944606][T13029] __x64_sys_ioctl+0x193/0x200 [ 532.949387][T13029] do_syscall_64+0x35/0xb0 [ 532.953798][T13029] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 532.959688][T13029] RIP: 0033:0x7fa994750a39 [ 532.964095][T13029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 532.983718][T13029] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 532.992159][T13029] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 533.000145][T13029] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 533.008254][T13029] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 533.016215][T13029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 533.024178][T13029] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 533.033315][ T5] Bluetooth: hci8: command 0x1003 tx timeout [ 533.039579][ T6574] Bluetooth: hci8: sending frame failed (-49) 07:58:10 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) 07:58:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 15) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:10 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xae41, 0x9) 07:58:10 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5428, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 16) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 534.527821][T13064] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 534.558089][T13065] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 07:58:10 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xae60, 0x9) 07:58:10 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xae80, 0x9) 07:58:10 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xaead, 0x9) [ 535.069893][ T20] Bluetooth: hci8: command 0x1001 tx timeout [ 535.080505][ T150] Bluetooth: hci8: sending frame failed (-49) [ 536.589827][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 536.601184][ T6574] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 536.608277][ T8600] Bluetooth: hci9: command 0xfc11 tx timeout [ 536.615316][T13061] FAULT_INJECTION: forcing a failure. [ 536.615316][T13061] name failslab, interval 1, probability 0, space 0, times 0 [ 536.635637][T13061] CPU: 0 PID: 13061 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 536.644435][T13061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.654482][T13061] Call Trace: [ 536.657754][T13061] dump_stack_lvl+0xcd/0x134 [ 536.662340][T13061] should_fail.cold+0x5/0xa [ 536.666834][T13061] ? skb_clone+0x170/0x3c0 [ 536.671242][T13061] should_failslab+0x5/0x10 [ 536.675735][T13061] kmem_cache_alloc+0x5e/0x390 [ 536.680496][T13061] skb_clone+0x170/0x3c0 [ 536.684735][T13061] netlink_broadcast_filtered+0xa0a/0xdc0 [ 536.690476][T13061] netlink_broadcast+0x35/0x40 [ 536.695244][T13061] kobject_uevent_env+0xad0/0x1650 [ 536.700383][T13061] ? is_acpi_device_node+0x6a/0x80 [ 536.705488][T13061] ? dev_fwnode+0x79/0x90 [ 536.710258][T13061] device_del+0x809/0xd60 [ 536.714617][T13061] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 536.720945][T13061] ? kfree_const+0x51/0x60 [ 536.725376][T13061] ? kobject_put+0x1f3/0x540 [ 536.729972][T13061] hci_unregister_dev+0x2c6/0x5a0 [ 536.734996][T13061] hci_uart_tty_close+0x241/0x2a0 [ 536.740010][T13061] ? hci_uart_close+0x70/0x70 [ 536.744683][T13061] tty_ldisc_close+0x110/0x190 [ 536.749433][T13061] tty_set_ldisc+0x214/0x680 [ 536.754029][T13061] tty_ioctl+0xae0/0x1670 [ 536.758364][T13061] ? tty_lookup_driver+0x550/0x550 [ 536.763482][T13061] ? lock_downgrade+0x6e0/0x6e0 [ 536.768340][T13061] ? __fget_files+0x23d/0x3e0 [ 536.773051][T13061] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 536.779292][T13061] ? tty_lookup_driver+0x550/0x550 [ 536.784443][T13061] __x64_sys_ioctl+0x193/0x200 [ 536.789221][T13061] do_syscall_64+0x35/0xb0 [ 536.793666][T13061] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 536.799565][T13061] RIP: 0033:0x7fa994750a39 [ 536.803983][T13061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 536.823626][T13061] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 536.832033][T13061] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 536.839991][T13061] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 536.847952][T13061] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 536.855953][T13061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 536.863972][T13061] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 536.884049][ T20] Bluetooth: hci10: command 0x1003 tx timeout [ 536.890399][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 536.900292][T10178] Bluetooth: hci10: sending frame failed (-49) [ 536.921656][T13065] FAULT_INJECTION: forcing a failure. [ 536.921656][T13065] name failslab, interval 1, probability 0, space 0, times 0 [ 536.956145][T13065] CPU: 1 PID: 13065 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 536.964961][T13065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.975035][T13065] Call Trace: [ 536.978327][T13065] dump_stack_lvl+0xcd/0x134 [ 536.982951][T13065] should_fail.cold+0x5/0xa [ 536.987481][T13065] should_failslab+0x5/0x10 [ 536.992005][T13065] __kmalloc_node_track_caller+0x7d/0x340 [ 536.997750][T13065] ? alloc_uevent_skb+0x7b/0x210 [ 537.002707][T13065] __alloc_skb+0xde/0x340 [ 537.007036][T13065] alloc_uevent_skb+0x7b/0x210 [ 537.011803][T13065] kobject_uevent_env+0xb09/0x1650 [ 537.016955][T13065] ? is_acpi_device_node+0x6a/0x80 [ 537.022087][T13065] ? dev_fwnode+0x79/0x90 [ 537.026452][T13065] device_del+0x809/0xd60 [ 537.030797][T13065] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 537.037166][T13065] ? kfree_const+0x51/0x60 [ 537.041589][T13065] ? kobject_put+0x1f3/0x540 [ 537.046204][T13065] hci_unregister_dev+0x2c6/0x5a0 [ 537.051255][T13065] hci_uart_tty_close+0x241/0x2a0 [ 537.056294][T13065] ? hci_uart_close+0x70/0x70 [ 537.060990][T13065] tty_ldisc_close+0x110/0x190 [ 537.065780][T13065] tty_set_ldisc+0x214/0x680 [ 537.070372][T13065] tty_ioctl+0xae0/0x1670 [ 537.074730][T13065] ? tty_lookup_driver+0x550/0x550 [ 537.079868][T13065] ? lock_downgrade+0x6e0/0x6e0 [ 537.084741][T13065] ? __fget_files+0x23d/0x3e0 [ 537.089493][T13065] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 537.095758][T13065] ? tty_lookup_driver+0x550/0x550 [ 537.100898][T13065] __x64_sys_ioctl+0x193/0x200 [ 537.105675][T13065] do_syscall_64+0x35/0xb0 [ 537.110088][T13065] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 537.116002][T13065] RIP: 0033:0x7fc6b4930a39 [ 537.120429][T13065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 537.140060][T13065] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 537.148520][T13065] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 537.156506][T13065] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 537.164495][T13065] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 537.172491][T13065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 537.180474][T13065] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 537.193576][ T8600] Bluetooth: hci8: command 0x1009 tx timeout [ 537.417374][T13070] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 538.919423][ T20] Bluetooth: hci10: command 0x1001 tx timeout [ 538.926627][ T6574] Bluetooth: hci10: sending frame failed (-49) [ 539.469524][ T7] Bluetooth: hci6: command 0xfc11 tx timeout [ 539.480393][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) 07:58:16 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) 07:58:16 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400448c9, 0x9) 07:58:16 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 17) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:16 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 16) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 540.937678][T13126] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 540.957765][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 540.977819][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 540.989403][ T1726] Bluetooth: hci10: command 0x1009 tx timeout [ 542.989162][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 542.989178][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 543.007804][ T1726] Bluetooth: hci7: command 0xfc11 tx timeout [ 543.016486][T13126] FAULT_INJECTION: forcing a failure. [ 543.016486][T13126] name failslab, interval 1, probability 0, space 0, times 0 [ 543.031647][T13126] CPU: 1 PID: 13126 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 543.040445][T13126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.050535][T13126] Call Trace: [ 543.053832][T13126] dump_stack_lvl+0xcd/0x134 [ 543.058456][T13126] should_fail.cold+0x5/0xa [ 543.062982][T13126] ? skb_clone+0x170/0x3c0 [ 543.067429][T13126] should_failslab+0x5/0x10 [ 543.068968][ T1726] Bluetooth: hci8: command 0x1003 tx timeout [ 543.071946][T13126] kmem_cache_alloc+0x5e/0x390 [ 543.071992][T13126] skb_clone+0x170/0x3c0 [ 543.087064][T13126] netlink_broadcast_filtered+0xa0a/0xdc0 [ 543.092828][T13126] netlink_broadcast+0x35/0x40 [ 543.097625][T13126] kobject_uevent_env+0xad0/0x1650 [ 543.102761][T13126] ? is_acpi_device_node+0x6a/0x80 [ 543.106101][ T6576] Bluetooth: hci8: sending frame failed (-49) [ 543.107876][T13126] ? dev_fwnode+0x79/0x90 [ 543.107917][T13126] device_del+0x809/0xd60 [ 543.107953][T13126] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 543.129180][T13126] ? kfree_const+0x51/0x60 [ 543.133623][T13126] ? kobject_put+0x1f3/0x540 [ 543.138228][T13126] hci_unregister_dev+0x2c6/0x5a0 [ 543.143258][T13126] hci_uart_tty_close+0x241/0x2a0 [ 543.148311][T13126] ? hci_uart_close+0x70/0x70 [ 543.152989][T13126] tty_ldisc_close+0x110/0x190 [ 543.157773][T13126] tty_set_ldisc+0x214/0x680 [ 543.162385][T13126] tty_ioctl+0xae0/0x1670 [ 543.166746][T13126] ? tty_lookup_driver+0x550/0x550 [ 543.171875][T13126] ? lock_downgrade+0x6e0/0x6e0 [ 543.176724][T13126] ? __fget_files+0x23d/0x3e0 [ 543.181404][T13126] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 543.187663][T13126] ? tty_lookup_driver+0x550/0x550 [ 543.192770][T13126] __x64_sys_ioctl+0x193/0x200 [ 543.197536][T13126] do_syscall_64+0x35/0xb0 [ 543.201971][T13126] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 543.207897][T13126] RIP: 0033:0x7fc6b4930a39 [ 543.212308][T13126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 543.231917][T13126] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 543.240359][T13126] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 543.248350][T13126] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 543.256332][T13126] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 543.264451][T13126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 543.272422][T13126] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 543.304200][T13128] FAULT_INJECTION: forcing a failure. [ 543.304200][T13128] name failslab, interval 1, probability 0, space 0, times 0 [ 543.323999][T13128] CPU: 0 PID: 13128 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 543.332811][T13128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.342886][T13128] Call Trace: [ 543.346175][T13128] dump_stack_lvl+0xcd/0x134 [ 543.350768][T13128] should_fail.cold+0x5/0xa [ 543.355265][T13128] ? call_usermodehelper_setup+0x97/0x340 [ 543.361051][T13128] should_failslab+0x5/0x10 [ 543.365565][T13128] kmem_cache_alloc_trace+0x55/0x3c0 [ 543.370868][T13128] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 543.376586][T13128] call_usermodehelper_setup+0x97/0x340 [ 543.382128][T13128] ? kobj_ns_initial+0x90/0x90 [ 543.386885][T13128] kobject_uevent_env+0xf73/0x1650 [ 543.391990][T13128] ? is_acpi_device_node+0x6a/0x80 [ 543.397087][T13128] ? dev_fwnode+0x79/0x90 [ 543.401430][T13128] device_del+0x809/0xd60 [ 543.405786][T13128] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 543.412107][T13128] ? kfree_const+0x51/0x60 [ 543.416515][T13128] ? kobject_put+0x1f3/0x540 [ 543.421096][T13128] hci_unregister_dev+0x2c6/0x5a0 [ 543.426126][T13128] hci_uart_tty_close+0x241/0x2a0 [ 543.431140][T13128] ? hci_uart_close+0x70/0x70 [ 543.435844][T13128] tty_ldisc_close+0x110/0x190 [ 543.440598][T13128] tty_set_ldisc+0x214/0x680 [ 543.445222][T13128] tty_ioctl+0xae0/0x1670 [ 543.449542][T13128] ? tty_lookup_driver+0x550/0x550 [ 543.454646][T13128] ? lock_downgrade+0x6e0/0x6e0 [ 543.459494][T13128] ? __fget_files+0x23d/0x3e0 [ 543.464163][T13128] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 543.470397][T13128] ? tty_lookup_driver+0x550/0x550 [ 543.475505][T13128] __x64_sys_ioctl+0x193/0x200 [ 543.480264][T13128] do_syscall_64+0x35/0xb0 [ 543.484689][T13128] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 543.490643][T13128] RIP: 0033:0x7fa994750a39 [ 543.495049][T13128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 543.514642][T13128] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 543.523046][T13128] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 543.531180][T13128] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 543.539146][T13128] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 543.547296][T13128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 543.555305][T13128] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 07:58:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5413, &(0x7f0000000080)) 07:58:20 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5437, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:20 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400448dd, 0x9) 07:58:20 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 17) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:20 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 18) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 544.787201][T13165] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 544.818440][T13167] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 07:58:20 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40045431, 0x9) [ 544.833547][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 544.854294][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 544.866992][ T10] Bluetooth: hci9: Frame reassembly failed (-84) 07:58:20 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40045436, 0x9) 07:58:20 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400454ca, 0x9) [ 545.148662][ T7] Bluetooth: hci8: command 0x1001 tx timeout [ 545.156260][ T150] Bluetooth: hci8: sending frame failed (-49) [ 546.838718][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 546.908646][ T8445] Bluetooth: hci10: command 0x1003 tx timeout [ 546.908785][ T7] Bluetooth: hci9: command 0xfc11 tx timeout [ 546.915262][T10023] Bluetooth: hci10: sending frame failed (-49) [ 546.921043][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 546.935082][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 546.945241][T13165] FAULT_INJECTION: forcing a failure. [ 546.945241][T13165] name failslab, interval 1, probability 0, space 0, times 0 [ 546.961105][T13165] CPU: 0 PID: 13165 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 546.962262][T13167] FAULT_INJECTION: forcing a failure. [ 546.962262][T13167] name failslab, interval 1, probability 0, space 0, times 0 [ 546.969895][T13165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.969915][T13165] Call Trace: [ 546.969925][T13165] dump_stack_lvl+0xcd/0x134 [ 546.969960][T13165] should_fail.cold+0x5/0xa [ 547.004965][T13165] ? call_usermodehelper_setup+0x97/0x340 [ 547.010721][T13165] should_failslab+0x5/0x10 [ 547.015250][T13165] kmem_cache_alloc_trace+0x55/0x3c0 [ 547.020565][T13165] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 547.026321][T13165] call_usermodehelper_setup+0x97/0x340 [ 547.031905][T13165] ? kobj_ns_initial+0x90/0x90 [ 547.036786][T13165] kobject_uevent_env+0xf73/0x1650 [ 547.041947][T13165] ? is_acpi_device_node+0x6a/0x80 [ 547.047083][T13165] ? dev_fwnode+0x79/0x90 [ 547.051452][T13165] device_del+0x809/0xd60 [ 547.055812][T13165] ? fw_devlink_purge_absent_suppliers+0x50/0x50 [ 547.062180][T13165] ? kfree_const+0x51/0x60 [ 547.066631][T13165] ? kobject_put+0x1f3/0x540 [ 547.071251][T13165] hci_unregister_dev+0x2c6/0x5a0 [ 547.076347][T13165] hci_uart_tty_close+0x241/0x2a0 [ 547.081384][T13165] ? hci_uart_close+0x70/0x70 [ 547.086077][T13165] tty_ldisc_close+0x110/0x190 [ 547.090890][T13165] tty_set_ldisc+0x214/0x680 [ 547.095492][T13165] tty_ioctl+0xae0/0x1670 [ 547.099850][T13165] ? tty_lookup_driver+0x550/0x550 [ 547.104996][T13165] ? lock_downgrade+0x6e0/0x6e0 [ 547.109882][T13165] ? __fget_files+0x23d/0x3e0 [ 547.114573][T13165] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 547.120825][T13165] ? tty_lookup_driver+0x550/0x550 [ 547.126041][T13165] __x64_sys_ioctl+0x193/0x200 [ 547.130823][T13165] do_syscall_64+0x35/0xb0 [ 547.135255][T13165] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 547.141166][T13165] RIP: 0033:0x7fc6b4930a39 [ 547.145592][T13165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 547.165217][T13165] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 547.173643][T13165] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 547.181621][T13165] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 547.189598][T13165] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 547.197579][T13165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 547.205558][T13165] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 547.213728][T13167] CPU: 1 PID: 13167 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 547.222513][T13167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 547.232583][T13167] Call Trace: [ 547.235881][T13167] dump_stack_lvl+0xcd/0x134 [ 547.240540][T13167] should_fail.cold+0x5/0xa [ 547.245078][T13167] ? __get_vm_area_node.constprop.0+0xd3/0x380 [ 547.251299][T13167] should_failslab+0x5/0x10 [ 547.255813][T13167] kmem_cache_alloc_node_trace+0x59/0x2f0 [ 547.261553][T13167] __get_vm_area_node.constprop.0+0xd3/0x380 [ 547.267558][T13167] __vmalloc_node_range+0x12a/0x9e0 [ 547.272777][T13167] ? n_tty_open+0x16/0x170 [ 547.277209][T13167] ? n_tty_open+0x16/0x170 [ 547.281650][T13167] ? find_held_lock+0x2d/0x110 [ 547.286431][T13167] ? vfree_atomic+0xe0/0xe0 [ 547.290956][T13167] ? n_tty_open+0x16/0x170 [ 547.295403][T13167] vzalloc+0x67/0x80 [ 547.299306][T13167] ? n_tty_open+0x16/0x170 [ 547.303728][T13167] n_tty_open+0x16/0x170 [ 547.307977][T13167] ? n_tty_set_termios+0x1010/0x1010 [ 547.313270][T13167] tty_ldisc_open+0x9b/0x110 [ 547.317865][T13167] tty_set_ldisc+0x2f1/0x680 [ 547.322464][T13167] tty_ioctl+0xae0/0x1670 [ 547.326803][T13167] ? tty_lookup_driver+0x550/0x550 [ 547.331928][T13167] ? lock_downgrade+0x6e0/0x6e0 [ 547.336802][T13167] ? __fget_files+0x23d/0x3e0 [ 547.341490][T13167] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 547.347738][T13167] ? tty_lookup_driver+0x550/0x550 [ 547.352856][T13167] __x64_sys_ioctl+0x193/0x200 [ 547.357628][T13167] do_syscall_64+0x35/0xb0 [ 547.362054][T13167] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 547.367981][T13167] RIP: 0033:0x7fa994750a39 [ 547.372399][T13167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 547.392012][T13167] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 547.400450][T13167] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 547.408423][T13167] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 547.416413][T13167] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 547.424384][T13167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 547.432352][T13167] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 547.445748][ T20] Bluetooth: hci8: command 0x1009 tx timeout [ 547.450233][T13167] syz-executor.4: vmalloc error: size 9120, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 547.467937][T13167] CPU: 0 PID: 13167 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 [ 547.476730][T13167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 547.486806][T13167] Call Trace: [ 547.490102][T13167] dump_stack_lvl+0xcd/0x134 [ 547.494726][T13167] warn_alloc.cold+0x87/0x17a [ 547.499477][T13167] ? zone_watermark_ok_safe+0x290/0x290 [ 547.505067][T13167] ? __kasan_kmalloc+0xb8/0xd0 [ 547.509857][T13167] ? __get_vm_area_node.constprop.0+0x292/0x380 [ 547.516141][T13167] __vmalloc_node_range+0x82d/0x9e0 [ 547.521399][T13167] ? n_tty_open+0x16/0x170 [ 547.525834][T13167] ? find_held_lock+0x2d/0x110 [ 547.530609][T13167] ? vfree_atomic+0xe0/0xe0 [ 547.535120][T13167] ? n_tty_open+0x16/0x170 [ 547.539546][T13167] vzalloc+0x67/0x80 [ 547.543444][T13167] ? n_tty_open+0x16/0x170 [ 547.547868][T13167] n_tty_open+0x16/0x170 [ 547.552116][T13167] ? n_tty_set_termios+0x1010/0x1010 [ 547.557407][T13167] tty_ldisc_open+0x9b/0x110 [ 547.562005][T13167] tty_set_ldisc+0x2f1/0x680 [ 547.566600][T13167] tty_ioctl+0xae0/0x1670 [ 547.570943][T13167] ? tty_lookup_driver+0x550/0x550 [ 547.576068][T13167] ? lock_downgrade+0x6e0/0x6e0 [ 547.580944][T13167] ? __fget_files+0x23d/0x3e0 [ 547.585655][T13167] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 547.591906][T13167] ? tty_lookup_driver+0x550/0x550 [ 547.597029][T13167] __x64_sys_ioctl+0x193/0x200 [ 547.601820][T13167] do_syscall_64+0x35/0xb0 [ 547.606242][T13167] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 547.612141][T13167] RIP: 0033:0x7fa994750a39 [ 547.616598][T13167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 547.636468][T13167] RSP: 002b:00007fa991cc6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 547.644905][T13167] RAX: ffffffffffffffda RBX: 00007fa994853f60 RCX: 00007fa994750a39 [ 547.652881][T13167] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 547.660854][T13167] RBP: 00007fa991cc61d0 R08: 0000000000000000 R09: 0000000000000000 [ 547.668824][T13167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 547.676810][T13167] R13: 00007fa994d87b2f R14: 00007fa991cc6300 R15: 0000000000022000 [ 547.687509][T13167] Mem-Info: [ 547.691477][T13167] active_anon:281 inactive_anon:144429 isolated_anon:0 [ 547.691477][T13167] active_file:5134 inactive_file:88921 isolated_file:0 [ 547.691477][T13167] unevictable:768 dirty:54 writeback:0 [ 547.691477][T13167] slab_reclaimable:20506 slab_unreclaimable:99183 [ 547.691477][T13167] mapped:60557 shmem:6305 pagetables:1387 bounce:0 [ 547.691477][T13167] kernel_misc_reclaimable:0 [ 547.691477][T13167] free:1208512 free_pcp:10949 free_cma:0 [ 547.733917][T13167] Node 0 active_anon:1108kB inactive_anon:576828kB active_file:20420kB inactive_file:355724kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:242264kB dirty:248kB writeback:0kB shmem:22792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 540672kB writeback_tmp:0kB kernel_stack:9280kB pagetables:5544kB all_unreclaimable? no [ 547.766527][T13167] Node 1 active_anon:0kB inactive_anon:868kB active_file:116kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2404kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:0kB pagetables:4kB all_unreclaimable? no [ 547.797039][T13167] Node 0 DMA free:15360kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 547.823694][T13167] lowmem_reserve[]: 0 2647 2648 2648 2648 [ 547.829595][T13167] Node 0 DMA32 free:814588kB min:35692kB low:44612kB high:53532kB reserved_highatomic:0KB active_anon:1108kB inactive_anon:574648kB active_file:20420kB inactive_file:355724kB unevictable:1536kB writepending:248kB present:3129332kB managed:2718896kB mlocked:0kB bounce:0kB free_pcp:42752kB local_pcp:21148kB free_cma:0kB [ 547.859714][T13167] lowmem_reserve[]: 0 0 0 0 0 [ 547.864464][T13167] Node 0 Normal free:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:708kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 547.899012][T13167] lowmem_reserve[]: 0 0 0 0 0 [ 547.903926][T13167] Node 1 Normal free:4006356kB min:54208kB low:67760kB high:81312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:868kB active_file:116kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117624kB mlocked:0kB bounce:0kB free_pcp:1476kB local_pcp:0kB free_cma:0kB [ 547.958308][T13167] lowmem_reserve[]: 0 0 0 0 0 [ 547.963084][T13167] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 547.976680][T13167] Node 0 DMA32: 5635*4kB (UME) 3082*8kB (UME) 2084*16kB (UME) 673*32kB (UME) 431*64kB (UME) 69*128kB (UME) 7*256kB (UME) 3*512kB (UME) 3*1024kB (UME) 3*2048kB (ME) 162*4096kB (UM) = 814588kB [ 547.996705][T13167] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 548.009806][T13167] Node 1 Normal: 137*4kB (UE) 26*8kB (UE) 24*16kB (UME) 167*32kB (UE) 70*64kB (UE) 22*128kB (UE) 8*256kB (UME) 4*512kB (UE) 1*1024kB (U) 1*2048kB (E) 973*4096kB (M) = 4006356kB [ 548.028626][T13167] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 548.039879][T13167] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 548.050011][T13167] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 548.064488][T13167] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 548.077642][T13167] 52817 total pagecache pages [ 548.083162][T13167] 0 pages in swap cache [ 548.087724][T13167] Swap cache stats: add 0, delete 0, find 0/0 [ 548.094531][T13167] Free swap = 0kB [ 548.099125][T13167] Total swap = 0kB [ 548.103012][T13167] 2097051 pages RAM [ 548.106922][T13167] 0 pages HighMem/MovableOnly [ 548.112477][T13167] 383904 pages reserved [ 548.116752][T13167] 0 pages cma reserved [ 548.988373][ T8445] Bluetooth: hci10: command 0x1001 tx timeout [ 548.995705][T10178] Bluetooth: hci10: sending frame failed (-49) 07:58:26 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5413, &(0x7f0000000080)) 07:58:26 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4004550a, 0x9) 07:58:26 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5441, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:26 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 18) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 551.070676][ T5] Bluetooth: hci10: command 0x1009 tx timeout [ 551.185379][T13219] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 551.206776][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 551.217686][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 551.220999][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 553.227812][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 553.228765][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 553.233899][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 553.234066][ T6574] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 553.264455][T13219] FAULT_INJECTION: forcing a failure. [ 553.264455][T13219] name failslab, interval 1, probability 0, space 0, times 0 [ 553.287517][T13219] CPU: 0 PID: 13219 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 553.296342][T13219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 553.306416][T13219] Call Trace: [ 553.309712][T13219] dump_stack_lvl+0xcd/0x134 [ 553.314336][T13219] should_fail.cold+0x5/0xa [ 553.318869][T13219] ? __get_vm_area_node.constprop.0+0xd3/0x380 [ 553.325052][T13219] should_failslab+0x5/0x10 [ 553.329582][T13219] kmem_cache_alloc_node_trace+0x59/0x2f0 [ 553.335346][T13219] __get_vm_area_node.constprop.0+0xd3/0x380 [ 553.341359][T13219] __vmalloc_node_range+0x12a/0x9e0 [ 553.346584][T13219] ? n_tty_open+0x16/0x170 [ 553.351004][T13219] ? n_tty_open+0x16/0x170 [ 553.355457][T13219] ? find_held_lock+0x2d/0x110 [ 553.360255][T13219] ? vfree_atomic+0xe0/0xe0 [ 553.364757][T13219] ? n_tty_open+0x16/0x170 [ 553.369227][T13219] vzalloc+0x67/0x80 [ 553.373124][T13219] ? n_tty_open+0x16/0x170 [ 553.377564][T13219] n_tty_open+0x16/0x170 [ 553.381826][T13219] ? n_tty_set_termios+0x1010/0x1010 [ 553.387112][T13219] tty_ldisc_open+0x9b/0x110 [ 553.391789][T13219] tty_set_ldisc+0x2f1/0x680 [ 553.396384][T13219] tty_ioctl+0xae0/0x1670 [ 553.400715][T13219] ? tty_lookup_driver+0x550/0x550 [ 553.405862][T13219] ? lock_downgrade+0x6e0/0x6e0 [ 553.410827][T13219] ? __fget_files+0x23d/0x3e0 [ 553.415505][T13219] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 553.421746][T13219] ? tty_lookup_driver+0x550/0x550 [ 553.426887][T13219] __x64_sys_ioctl+0x193/0x200 [ 553.431655][T13219] do_syscall_64+0x35/0xb0 [ 553.436085][T13219] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 553.441987][T13219] RIP: 0033:0x7fc6b4930a39 [ 553.446393][T13219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 553.465992][T13219] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 553.474400][T13219] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 553.482365][T13219] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 553.490341][T13219] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 553.498576][T13219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 553.507688][T13219] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 553.518090][ T8445] Bluetooth: hci8: command 0x1003 tx timeout [ 553.524326][ T6574] Bluetooth: hci8: sending frame failed (-49) [ 553.935446][T13242] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 07:58:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5414, &(0x7f0000000080)) 07:58:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x9) 07:58:30 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 19) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 555.009036][T13254] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 555.027105][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 555.059249][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) [ 555.065883][ T8] Bluetooth: hci9: Frame reassembly failed (-84) 07:58:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40049409, 0x9) 07:58:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40085503, 0x9) 07:58:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40086602, 0x9) 07:58:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4008ae89, 0x9) [ 555.547479][ T5] Bluetooth: hci8: command 0x1001 tx timeout [ 555.558906][T10023] Bluetooth: hci8: sending frame failed (-49) [ 556.027642][ T6574] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 557.067354][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 557.067681][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 557.084348][T13255] FAULT_INJECTION: forcing a failure. [ 557.084348][T13255] name failslab, interval 1, probability 0, space 0, times 0 [ 557.100061][ T20] Bluetooth: hci9: command tx timeout [ 557.105638][ T20] Bluetooth: hci10: command 0x1003 tx timeout [ 557.117902][ T150] Bluetooth: hci10: sending frame failed (-49) [ 557.148623][T13255] CPU: 1 PID: 13255 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 557.157463][T13255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 557.167536][T13255] Call Trace: [ 557.170833][T13255] dump_stack_lvl+0xcd/0x134 [ 557.175462][T13255] should_fail.cold+0x5/0xa [ 557.179998][T13255] should_failslab+0x5/0x10 [ 557.184526][T13255] kmem_cache_alloc_node+0x65/0x3d0 [ 557.189751][T13255] ? alloc_vmap_area+0x166/0x1e00 [ 557.194803][T13255] alloc_vmap_area+0x166/0x1e00 [ 557.199675][T13255] ? kmem_cache_alloc_node_trace+0x46/0x2f0 [ 557.205602][T13255] ? free_vmap_area+0x1ad0/0x1ad0 [ 557.210625][T13255] ? rcu_read_lock_sched_held+0x3a/0x70 [ 557.216247][T13255] ? trace_kmalloc_node+0x32/0x100 [ 557.221375][T13255] __get_vm_area_node.constprop.0+0x128/0x380 [ 557.227538][T13255] __vmalloc_node_range+0x12a/0x9e0 [ 557.232736][T13255] ? n_tty_open+0x16/0x170 [ 557.237157][T13255] ? n_tty_open+0x16/0x170 [ 557.241577][T13255] ? find_held_lock+0x2d/0x110 [ 557.246347][T13255] ? vfree_atomic+0xe0/0xe0 [ 557.250865][T13255] ? n_tty_open+0x16/0x170 [ 557.255305][T13255] vzalloc+0x67/0x80 [ 557.259201][T13255] ? n_tty_open+0x16/0x170 [ 557.263623][T13255] n_tty_open+0x16/0x170 [ 557.267866][T13255] ? n_tty_set_termios+0x1010/0x1010 [ 557.273162][T13255] tty_ldisc_open+0x9b/0x110 [ 557.277750][T13255] tty_set_ldisc+0x2f1/0x680 [ 557.282342][T13255] tty_ioctl+0xae0/0x1670 [ 557.286687][T13255] ? tty_lookup_driver+0x550/0x550 [ 557.291809][T13255] ? lock_downgrade+0x6e0/0x6e0 [ 557.296681][T13255] ? __fget_files+0x23d/0x3e0 [ 557.301365][T13255] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 557.307610][T13255] ? tty_lookup_driver+0x550/0x550 [ 557.312728][T13255] __x64_sys_ioctl+0x193/0x200 [ 557.317496][T13255] do_syscall_64+0x35/0xb0 [ 557.321923][T13255] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 557.327820][T13255] RIP: 0033:0x7fc6b4930a39 [ 557.332236][T13255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 557.351842][T13255] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 557.360273][T13255] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 557.368240][T13255] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 557.376218][T13255] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 557.384220][T13255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 557.392200][T13255] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 557.627196][ T20] Bluetooth: hci8: command 0x1009 tx timeout [ 559.147094][ T8445] Bluetooth: hci10: command 0x1001 tx timeout [ 559.153971][ T150] Bluetooth: hci10: sending frame failed (-49) [ 561.228973][ T8445] Bluetooth: hci10: command 0x1009 tx timeout 07:58:37 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5414, &(0x7f0000000080)) 07:58:37 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4008ae90, 0x9) 07:58:37 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5450, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x2, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 561.433968][T13310] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 561.464147][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 561.480066][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 562.587287][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.593851][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.466643][ T5] Bluetooth: hci8: command 0xfc11 tx timeout [ 563.466826][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 563.480409][ T8445] Bluetooth: hci7: command 0x1003 tx timeout [ 563.487850][ T6574] Bluetooth: hci7: sending frame failed (-49) [ 563.556877][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 563.566134][ T5] Bluetooth: hci6: command tx timeout [ 563.997878][T13334] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 564.031973][ T6574] Bluetooth: hci6: sending frame failed (-49) 07:58:40 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) (fail_nth: 20) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:40 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5415, &(0x7f0000000080)) 07:58:40 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4008ae93, 0x9) 07:58:40 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40186366, 0x9) [ 565.257120][T13348] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 07:58:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x401c5820, 0x9) 07:58:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4020940d, 0x9) [ 565.556448][ T5] Bluetooth: hci7: command 0x1001 tx timeout [ 565.570972][ T150] Bluetooth: hci7: sending frame failed (-49) 07:58:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4020ae46, 0x9) 07:58:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4090ae82, 0x9) [ 566.036428][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 566.106265][ T8595] Bluetooth: hci8: command 0xfc11 tx timeout [ 566.112440][ T6574] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 567.306236][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 567.326701][T13348] FAULT_INJECTION: forcing a failure. [ 567.326701][T13348] name failslab, interval 1, probability 0, space 0, times 0 [ 567.351381][T13348] CPU: 1 PID: 13348 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 567.360194][T13348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 567.370270][T13348] Call Trace: [ 567.373546][T13348] dump_stack_lvl+0xcd/0x134 [ 567.378135][T13348] should_fail.cold+0x5/0xa [ 567.382636][T13348] ? __get_vm_area_node.constprop.0+0xd3/0x380 [ 567.388858][T13348] should_failslab+0x5/0x10 [ 567.393359][T13348] kmem_cache_alloc_node_trace+0x59/0x2f0 [ 567.399087][T13348] __get_vm_area_node.constprop.0+0xd3/0x380 [ 567.405067][T13348] __vmalloc_node_range+0x12a/0x9e0 [ 567.410258][T13348] ? n_tty_open+0x16/0x170 [ 567.414689][T13348] ? n_tty_open+0x16/0x170 [ 567.419134][T13348] ? find_held_lock+0x2d/0x110 [ 567.423934][T13348] ? vfree_atomic+0xe0/0xe0 [ 567.428447][T13348] ? n_tty_open+0x16/0x170 [ 567.432866][T13348] vzalloc+0x67/0x80 [ 567.436800][T13348] ? n_tty_open+0x16/0x170 [ 567.441236][T13348] n_tty_open+0x16/0x170 [ 567.445481][T13348] ? n_tty_set_termios+0x1010/0x1010 [ 567.450758][T13348] tty_ldisc_open+0x9b/0x110 [ 567.455559][T13348] tty_set_ldisc+0x2f1/0x680 [ 567.460160][T13348] tty_ioctl+0xae0/0x1670 [ 567.464507][T13348] ? tty_lookup_driver+0x550/0x550 [ 567.469619][T13348] ? lock_downgrade+0x6e0/0x6e0 [ 567.474506][T13348] ? __fget_files+0x23d/0x3e0 [ 567.479176][T13348] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 567.485412][T13348] ? tty_lookup_driver+0x550/0x550 [ 567.490552][T13348] __x64_sys_ioctl+0x193/0x200 [ 567.495311][T13348] do_syscall_64+0x35/0xb0 [ 567.499720][T13348] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 567.505609][T13348] RIP: 0033:0x7fc6b4930a39 [ 567.510029][T13348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 567.529628][T13348] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 567.538034][T13348] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 567.546014][T13348] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 567.553977][T13348] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 567.561942][T13348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 567.569925][T13348] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 567.596036][ T8445] Bluetooth: hci10: command 0x1003 tx timeout [ 567.602293][T10178] Bluetooth: hci10: sending frame failed (-49) [ 567.603576][T13348] warn_alloc: 2 callbacks suppressed [ 567.603590][T13348] syz-executor.3: vmalloc error: size 9120, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 567.632182][ T8445] Bluetooth: hci7: command 0x1009 tx timeout [ 567.638761][T13348] CPU: 1 PID: 13348 Comm: syz-executor.3 Not tainted 5.15.0-rc6-syzkaller #0 [ 567.647545][T13348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 567.657592][T13348] Call Trace: [ 567.660862][T13348] dump_stack_lvl+0xcd/0x134 [ 567.665448][T13348] warn_alloc.cold+0x87/0x17a [ 567.670113][T13348] ? zone_watermark_ok_safe+0x290/0x290 [ 567.675661][T13348] ? __kasan_kmalloc+0xb8/0xd0 [ 567.680433][T13348] ? __get_vm_area_node.constprop.0+0x292/0x380 [ 567.686681][T13348] __vmalloc_node_range+0x82d/0x9e0 [ 567.691888][T13348] ? n_tty_open+0x16/0x170 [ 567.696296][T13348] ? find_held_lock+0x2d/0x110 [ 567.701051][T13348] ? vfree_atomic+0xe0/0xe0 [ 567.705562][T13348] ? n_tty_open+0x16/0x170 [ 567.709980][T13348] vzalloc+0x67/0x80 [ 567.713894][T13348] ? n_tty_open+0x16/0x170 [ 567.718407][T13348] n_tty_open+0x16/0x170 [ 567.722651][T13348] ? n_tty_set_termios+0x1010/0x1010 [ 567.727986][T13348] tty_ldisc_open+0x9b/0x110 [ 567.732571][T13348] tty_set_ldisc+0x2f1/0x680 [ 567.737158][T13348] tty_ioctl+0xae0/0x1670 [ 567.741492][T13348] ? tty_lookup_driver+0x550/0x550 [ 567.746619][T13348] ? lock_downgrade+0x6e0/0x6e0 [ 567.751467][T13348] ? __fget_files+0x23d/0x3e0 [ 567.756134][T13348] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 567.762369][T13348] ? tty_lookup_driver+0x550/0x550 [ 567.767473][T13348] __x64_sys_ioctl+0x193/0x200 [ 567.772234][T13348] do_syscall_64+0x35/0xb0 [ 567.776704][T13348] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 567.782595][T13348] RIP: 0033:0x7fc6b4930a39 [ 567.787018][T13348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 567.806617][T13348] RSP: 002b:00007fc6b1ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 567.815061][T13348] RAX: ffffffffffffffda RBX: 00007fc6b4a33f60 RCX: 00007fc6b4930a39 [ 567.823022][T13348] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000003 [ 567.830976][T13348] RBP: 00007fc6b1ea61d0 R08: 0000000000000000 R09: 0000000000000000 [ 567.838934][T13348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 567.846895][T13348] R13: 00007fc6b4f67b2f R14: 00007fc6b1ea6300 R15: 0000000000022000 [ 567.874637][T13348] Mem-Info: [ 567.879505][T13348] active_anon:276 inactive_anon:139579 isolated_anon:0 [ 567.879505][T13348] active_file:5134 inactive_file:92740 isolated_file:0 [ 567.879505][T13348] unevictable:768 dirty:99 writeback:0 [ 567.879505][T13348] slab_reclaimable:20508 slab_unreclaimable:99256 [ 567.879505][T13348] mapped:60577 shmem:6299 pagetables:1325 bounce:0 [ 567.879505][T13348] kernel_misc_reclaimable:0 [ 567.879505][T13348] free:1209868 free_pcp:10659 free_cma:0 [ 567.926453][T13348] Node 0 active_anon:1104kB inactive_anon:557448kB active_file:20420kB inactive_file:370960kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:242308kB dirty:396kB writeback:0kB shmem:22792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 501760kB writeback_tmp:0kB kernel_stack:9120kB pagetables:5296kB all_unreclaimable? no [ 567.960137][T13348] Node 1 active_anon:0kB inactive_anon:868kB active_file:116kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:2404kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:0kB pagetables:4kB all_unreclaimable? no [ 567.990203][T13348] Node 0 DMA free:15360kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 568.017671][T13348] lowmem_reserve[]: 0 2647 2648 2648 2648 [ 568.023474][T13348] Node 0 DMA32 free:817500kB min:35692kB low:44612kB high:53532kB reserved_highatomic:0KB active_anon:1104kB inactive_anon:557448kB active_file:20420kB inactive_file:370960kB unevictable:1536kB writepending:396kB present:3129332kB managed:2718896kB mlocked:0kB bounce:0kB free_pcp:41536kB local_pcp:19832kB free_cma:0kB [ 568.055248][T13348] lowmem_reserve[]: 0 0 0 0 0 [ 568.060732][T13348] Node 0 Normal free:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:708kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 568.087774][T13348] lowmem_reserve[]: 0 0 0 0 0 [ 568.092726][T13348] Node 1 Normal free:4006612kB min:54208kB low:67760kB high:81312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:868kB active_file:116kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117624kB mlocked:0kB bounce:0kB free_pcp:1220kB local_pcp:0kB free_cma:0kB [ 568.122349][T13348] lowmem_reserve[]: 0 0 0 0 0 [ 568.128450][T13348] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 568.141953][T13348] Node 0 DMA32: 5639*4kB (UME) 3154*8kB (UME) 2097*16kB (UME) 845*32kB (UME) 372*64kB (UME) 72*128kB (UME) 7*256kB (UME) 3*512kB (UME) 3*1024kB (UME) 3*2048kB (ME) 162*4096kB (UM) = 817500kB [ 568.161791][T13348] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 568.173552][T13348] Node 1 Normal: 137*4kB (UE) 26*8kB (UE) 24*16kB (UME) 165*32kB (UE) 73*64kB (UE) 23*128kB (UE) 8*256kB (UME) 4*512kB (UE) 1*1024kB (U) 1*2048kB (E) 973*4096kB (M) = 4006612kB [ 568.192000][T13348] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 568.202732][T13348] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 568.212617][T13348] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 568.222585][T13348] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 568.232370][T13348] 52834 total pagecache pages [ 568.237314][T13348] 0 pages in swap cache [ 568.241593][T13348] Swap cache stats: add 0, delete 0, find 0/0 [ 568.250776][T13348] Free swap = 0kB [ 568.254729][T13348] Total swap = 0kB [ 568.258711][T13348] 2097051 pages RAM [ 568.262585][T13348] 0 pages HighMem/MovableOnly [ 568.267690][T13348] 383904 pages reserved [ 568.271858][T13348] 0 pages cma reserved [ 569.625934][ T8595] Bluetooth: hci10: command 0x1001 tx timeout [ 569.632738][T10178] Bluetooth: hci10: sending frame failed (-49) 07:58:47 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5415, &(0x7f0000000080)) 07:58:47 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x41015500, 0x9) 07:58:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x10, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:47 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5451, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:47 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 571.673913][T13405] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 571.705815][ T8445] Bluetooth: hci10: command 0x1009 tx timeout [ 571.723448][T13408] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 571.728841][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 571.732098][ T10] Bluetooth: hci8: Frame reassembly failed (-84) [ 571.763973][ T10] Bluetooth: hci9: Frame reassembly failed (-84) [ 571.772099][ T10] Bluetooth: hci9: Frame reassembly failed (-84) [ 573.785502][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 573.785552][ T1726] Bluetooth: hci8: command 0xfc11 tx timeout [ 573.785815][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 573.794915][ T20] Bluetooth: hci9: command 0x1003 tx timeout [ 573.799474][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 573.843245][ T9202] Bluetooth: hci9: sending frame failed (-49) [ 574.320774][T13436] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 574.348507][ T10] Bluetooth: hci6: Frame reassembly failed (-84) 07:58:51 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5416, &(0x7f0000000080)) 07:58:51 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4138ae84, 0x9) 07:58:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x2, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4c01, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 575.488776][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 575.506238][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 575.508859][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) 07:58:51 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4400ae8f, 0x9) [ 575.587929][T10178] Bluetooth: hci10: sending frame failed (-49) 07:58:51 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045430, 0x9) 07:58:51 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045432, 0x9) [ 575.872099][ T8445] Bluetooth: hci9: command 0x1001 tx timeout [ 575.878472][T10178] Bluetooth: hci9: sending frame failed (-49) [ 576.425232][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 576.425296][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 577.545103][ T8445] Bluetooth: hci8: command 0xfc11 tx timeout [ 577.551258][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 577.555201][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 577.625366][ T8445] Bluetooth: hci10: command 0x1003 tx timeout [ 577.631623][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 577.945013][ T8445] Bluetooth: hci9: command 0x1009 tx timeout [ 578.083454][T13498] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 578.119578][ T10] Bluetooth: hci6: Frame reassembly failed (-84) [ 579.704968][ T1726] Bluetooth: hci10: command 0x1001 tx timeout [ 579.712019][ T9202] Bluetooth: hci10: sending frame failed (-49) [ 580.104992][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 580.194901][ T8445] Bluetooth: hci6: command 0xfc11 tx timeout [ 580.201087][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 581.785479][ T8445] Bluetooth: hci10: command 0x1009 tx timeout 07:58:57 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5416, &(0x7f0000000080)) 07:58:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045438, 0x9) 07:58:57 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5452, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x10, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:58:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5409, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 581.881526][T13523] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 581.929259][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 581.949943][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 581.960046][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 581.981236][T13533] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 583.944473][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 583.944870][ T6574] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 583.953821][ T8445] Bluetooth: hci6: command 0xfc11 tx timeout [ 584.024579][ T8445] Bluetooth: hci9: command 0x1003 tx timeout [ 584.024646][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 584.030636][ T8445] Bluetooth: hci8: command 0xfc11 tx timeout [ 584.038547][ T6574] Bluetooth: hci9: sending frame failed (-49) [ 584.480225][T13554] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 584.515496][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 584.578562][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) 07:59:01 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5418, &(0x7f0000000080)) 07:59:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045439, 0x9) 07:59:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045440, 0x9) [ 585.760491][ T8] Bluetooth: hci10: Frame reassembly failed (-84) 07:59:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x800455c9, 0x9) 07:59:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x800455ca, 0x9) 07:59:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x9) [ 586.104373][ T8595] Bluetooth: hci9: command 0x1001 tx timeout [ 586.110702][T10178] Bluetooth: hci9: sending frame failed (-49) 07:59:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80085502, 0x9) [ 586.504133][ T1726] Bluetooth: hci6: command 0xfc11 tx timeout [ 586.504256][ T6574] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 586.584645][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 586.594254][ T8595] Bluetooth: hci8: command 0xfc11 tx timeout [ 586.600404][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 587.784220][ T8595] Bluetooth: hci10: command 0x1003 tx timeout [ 587.791296][T10023] Bluetooth: hci10: sending frame failed (-49) [ 588.183967][ T8445] Bluetooth: hci9: command 0x1009 tx timeout [ 589.863882][ T8445] Bluetooth: hci10: command 0x1001 tx timeout [ 589.870663][T10023] Bluetooth: hci10: sending frame failed (-49) [ 591.943670][ T8595] Bluetooth: hci10: command 0x1009 tx timeout 07:59:07 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5418, &(0x7f0000000080)) 07:59:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80086301, 0x9) 07:59:07 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x545d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:07 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540b, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x127f, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 592.139653][T13621] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 592.193240][ T10] Bluetooth: hci6: Frame reassembly failed (-84) [ 594.273465][ T31] Bluetooth: hci8: command 0xfc11 tx timeout [ 594.273479][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 594.279784][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 594.294938][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 594.811148][T13655] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 594.844336][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 594.858353][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) 07:59:11 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541b, &(0x7f0000000080)) 07:59:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80086601, 0x9) 07:59:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541b, &(0x7f0000000080)) [ 595.967753][T13673] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 07:59:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x801c581f, 0x9) [ 596.008162][ T10] Bluetooth: hci9: Frame reassembly failed (-84) 07:59:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x8138ae83, 0x9) 07:59:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc0045878, 0x9) 07:59:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc0045878, 0x9) 07:59:12 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc004aea7, 0x9) 07:59:12 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc0085504, 0x9) [ 596.903115][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 596.913170][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 596.923195][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) 07:59:12 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc008ae05, 0x9) 07:59:12 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5460, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:12 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4c01, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 597.118529][T13719] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 597.176306][ T10] Bluetooth: hci7: Frame reassembly failed (-84) [ 598.022943][ T8331] Bluetooth: hci9: command 0x1003 tx timeout [ 598.030033][ T6576] Bluetooth: hci9: sending frame failed (-49) [ 598.036650][ T8331] Bluetooth: hci10: command 0x1003 tx timeout [ 598.043978][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 599.222873][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 599.233774][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 599.234800][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 599.243171][ T8595] Bluetooth: hci6: command 0xfc11 tx timeout [ 599.756978][T13739] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 599.800146][ T10] Bluetooth: hci7: Frame reassembly failed (-84) [ 600.102747][ T8331] Bluetooth: hci10: command 0x1001 tx timeout [ 600.108914][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 600.116471][ T8331] Bluetooth: hci9: command 0x1001 tx timeout [ 600.122560][ T6576] Bluetooth: hci9: sending frame failed (-49) [ 601.782676][ T8595] Bluetooth: hci6: command 0xfc11 tx timeout [ 601.782963][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 601.862631][ T8331] Bluetooth: hci7: command 0xfc11 tx timeout [ 601.867351][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 602.182628][ T8331] Bluetooth: hci9: command 0x1009 tx timeout [ 602.188702][ T8331] Bluetooth: hci10: command 0x1009 tx timeout 07:59:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541d, &(0x7f0000000080)) 07:59:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540c, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:21 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc0189379, 0x9) 07:59:21 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5409, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:21 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x6364, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:21 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541d, &(0x7f0000000080)) [ 606.278976][T13770] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 606.329270][ T9202] Bluetooth: hci8: sending frame failed (-49) [ 606.336981][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 606.338921][T13774] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 07:59:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc0189436, 0x9) [ 606.394464][ T9202] Bluetooth: hci9: sending frame failed (-49) [ 606.418245][T13787] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 07:59:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc020660b, 0x9) 07:59:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 07:59:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3) 07:59:22 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540b, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) [ 607.194941][T10271] Bluetooth: hci11: sending frame failed (-49) [ 608.342120][ T7] Bluetooth: hci8: command 0xfc11 tx timeout [ 608.348326][ T6574] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 608.361244][ T7] Bluetooth: hci7: command 0x1003 tx timeout [ 608.381589][ T6574] Bluetooth: hci7: sending frame failed (-49) [ 608.422089][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 608.431301][ T7] Bluetooth: hci9: command tx timeout [ 608.582333][ T5] Bluetooth: hci6: command 0x1003 tx timeout [ 608.589502][T10023] Bluetooth: hci6: sending frame failed (-49) [ 609.141993][ T9202] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 609.151077][ T7] Bluetooth: hci10: command tx timeout [ 609.222004][ T7] Bluetooth: hci11: command 0x1003 tx timeout [ 609.228206][ T9202] Bluetooth: hci11: sending frame failed (-49) [ 609.675405][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 610.421786][ T5] Bluetooth: hci7: command 0x1001 tx timeout [ 610.428454][T10023] Bluetooth: hci7: sending frame failed (-49) [ 610.661833][ T5] Bluetooth: hci6: command 0x1001 tx timeout [ 610.669014][T10023] Bluetooth: hci6: sending frame failed (-49) [ 611.301862][ T5] Bluetooth: hci11: command 0x1001 tx timeout [ 611.308593][T10023] Bluetooth: hci11: sending frame failed (-49) [ 611.711726][ T8331] Bluetooth: hci8: command 0xfc11 tx timeout [ 611.717940][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 612.511763][ T5] Bluetooth: hci7: command 0x1009 tx timeout [ 612.741732][ T5] Bluetooth: hci6: command 0x1009 tx timeout [ 613.381547][ T5] Bluetooth: hci11: command 0x1009 tx timeout 07:59:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541e, &(0x7f0000000080)) 07:59:32 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8913, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:32 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540c, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:32 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541e, &(0x7f0000000080)) [ 617.060065][T13862] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 617.097125][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 617.120260][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 617.130535][T13872] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 617.158084][ T6574] Bluetooth: hci10: sending frame failed (-49) 07:59:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x5) 07:59:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6) 07:59:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x7) 07:59:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x8) 07:59:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xa) 07:59:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xb) 07:59:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xc) [ 619.140916][ T31] Bluetooth: hci6: command 0xfc11 tx timeout [ 619.150989][ T5] Bluetooth: hci8: command 0x1003 tx timeout [ 619.157313][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 619.164545][T10178] Bluetooth: hci8: sending frame failed (-49) [ 619.180947][ T5] Bluetooth: hci7: command 0x1003 tx timeout [ 619.193267][T10178] Bluetooth: hci7: sending frame failed (-49) [ 619.221255][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 619.228040][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 619.231203][ T5] Bluetooth: hci9: command tx timeout [ 619.678827][T13929] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 619.702065][ T10] Bluetooth: hci6: Frame reassembly failed (-84) [ 619.750423][T13933] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 619.786575][ T1102] Bluetooth: hci10: Frame reassembly failed (-84) [ 619.795045][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 621.220817][ T5] Bluetooth: hci7: command 0x1001 tx timeout [ 621.226852][ T5] Bluetooth: hci8: command 0x1001 tx timeout [ 621.228361][ T6576] Bluetooth: hci7: sending frame failed (-49) [ 621.239155][T13880] Bluetooth: hci8: sending frame failed (-49) [ 621.701086][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 621.860820][ T8445] Bluetooth: hci9: command 0xfc11 tx timeout [ 621.872501][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 621.876723][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 621.881838][ T5] Bluetooth: hci10: command 0xfc11 tx timeout [ 623.300686][ T8331] Bluetooth: hci7: command 0x1009 tx timeout [ 623.304133][ T31] Bluetooth: hci8: command 0x1009 tx timeout [ 624.022613][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.028925][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 07:59:42 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541e, &(0x7f0000000080)) 07:59:42 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xd) 07:59:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:42 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8914, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:42 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:42 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541e, &(0x7f0000000080)) [ 627.404790][T13968] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 627.464753][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 627.471544][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 627.477602][T13974] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 627.507566][T10023] Bluetooth: hci9: sending frame failed (-49) [ 627.521544][ T158] Bluetooth: hci10: Frame reassembly failed (-84) 07:59:43 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xe) 07:59:43 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x10) 07:59:43 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x11) 07:59:43 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x12) 07:59:43 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3e) 07:59:43 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x5a) [ 629.460063][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 629.460152][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 629.476626][ T8600] Bluetooth: hci7: command 0xfc11 tx timeout [ 629.540196][ T8458] Bluetooth: hci9: command 0x1003 tx timeout [ 629.541470][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 629.546390][ T9202] Bluetooth: hci9: sending frame failed (-49) [ 629.573649][ T20] Bluetooth: hci10: command 0x1003 tx timeout [ 629.598326][ T9202] Bluetooth: hci10: sending frame failed (-49) [ 629.984346][T14028] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 630.006083][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 630.035805][ T8] Bluetooth: hci7: Frame reassembly failed (-84) [ 631.619920][ T8458] Bluetooth: hci10: command 0x1001 tx timeout [ 631.626314][ T8458] Bluetooth: hci9: command 0x1001 tx timeout [ 631.627333][ T150] Bluetooth: hci10: sending frame failed (-49) [ 631.640132][ T150] Bluetooth: hci9: sending frame failed (-49) [ 632.019862][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 632.021119][ T20] Bluetooth: hci6: command 0xfc11 tx timeout [ 632.100352][ T20] Bluetooth: hci7: command 0xfc11 tx timeout [ 632.106973][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 633.699784][ T20] Bluetooth: hci9: command 0x1009 tx timeout [ 633.705896][ T20] Bluetooth: hci10: command 0x1009 tx timeout 07:59:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5421, &(0x7f0000000080)) 07:59:53 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x775) 07:59:53 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8933, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5413, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:53 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:53 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5421, &(0x7f0000000080)) [ 638.262063][T14063] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 638.298669][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) 07:59:54 executing program 0: landlock_restrict_self(0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 638.309752][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 638.316875][T14065] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 638.353362][ T8] Bluetooth: hci10: Frame reassembly failed (-84) [ 638.373258][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 638.513003][ T8] Bluetooth: hci11: Frame reassembly failed (-84) [ 640.339192][ T8569] Bluetooth: hci6: command 0xfc11 tx timeout [ 640.345381][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 640.349193][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 640.373946][ T8458] Bluetooth: hci7: command 0x1003 tx timeout [ 640.380369][T10023] Bluetooth: hci7: sending frame failed (-49) [ 640.428581][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 640.429256][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 640.444653][ T8458] Bluetooth: hci10: command 0x1003 tx timeout [ 640.453531][ T150] Bluetooth: hci10: sending frame failed (-49) [ 640.579121][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) 07:59:56 executing program 0: ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000100)={0xffffffffffffffff, 0x7, 0x507, 0x100000000}) ioctl$PPPIOCGUNIT(r0, 0x80047456, &(0x7f0000000180)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r2, 0x0, r3, 0x0, 0x4ffe6, 0x0) ioctl$PPPIOCSMRU1(r2, 0x40047452, &(0x7f00000000c0)=0xffff) ioctl$KDADDIO(r1, 0x400455c8, 0x9) [ 640.669471][T14109] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 640.871580][T10023] Bluetooth: hci8: sending frame failed (-49) [ 640.891989][T14119] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 642.418890][ T5] Bluetooth: hci7: command 0x1001 tx timeout [ 642.425662][ T6576] Bluetooth: hci7: sending frame failed (-49) [ 642.498870][ T5] Bluetooth: hci10: command 0x1001 tx timeout [ 642.506112][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 642.739060][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 642.739082][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) 07:59:58 executing program 0: r0 = syz_open_dev$audion(&(0x7f0000000000), 0x16, 0x2c0000) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000080)={0x0, 0x1, 0x20}, 0x8) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x9) [ 642.848088][T14131] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 642.865093][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 642.899010][ T5] Bluetooth: hci8: command 0xfc11 tx timeout [ 642.905228][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) 07:59:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5414, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 642.978831][ T5] Bluetooth: hci11: command 0xfc11 tx timeout [ 642.988859][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 642.991068][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) 07:59:58 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400448c9, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 07:59:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5413, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 643.093174][T10271] Bluetooth: hci8: sending frame failed (-49) [ 643.133425][T14150] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 643.160119][ T8] Bluetooth: hci9: Frame reassembly failed (-84) [ 643.193026][ T6576] Bluetooth: hci11: sending frame failed (-49) [ 644.499166][ T5] Bluetooth: hci7: command 0x1009 tx timeout [ 644.578880][ T5] Bluetooth: hci10: command 0x1009 tx timeout [ 644.898808][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 644.905000][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 644.925658][T14131] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 645.138643][ T31] Bluetooth: hci8: command 0xfc11 tx timeout [ 645.148826][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 645.218886][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 645.228771][ T150] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 645.741070][T14185] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 645.772944][ T10] Bluetooth: hci11: Frame reassembly failed (-84) [ 646.988568][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 646.988649][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 647.698569][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 647.698727][ T20] Bluetooth: hci8: command 0xfc11 tx timeout [ 647.778589][ T5] Bluetooth: hci11: command 0xfc11 tx timeout [ 647.778715][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 647.784932][T10023] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:00:04 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5424, &(0x7f0000000080)) 08:00:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:00:04 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5415, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:00:04 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400448dd, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:00:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5414, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:00:04 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5424, &(0x7f0000000080)) [ 649.073646][T14224] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 649.095554][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 649.121431][T14229] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 649.140062][ T10] Bluetooth: hci6: Frame reassembly failed (-84) [ 649.150454][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 651.138209][ T8331] Bluetooth: hci8: command 0xfc11 tx timeout [ 651.138505][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 651.144499][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 651.228034][ T5] Bluetooth: hci11: command 0x1003 tx timeout [ 651.228210][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 651.234315][T10178] Bluetooth: hci11: sending frame failed (-49) [ 651.240454][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 651.248981][ T5] Bluetooth: hci10: command 0xfc11 tx timeout [ 651.254622][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 651.279392][ T8569] Bluetooth: hci6: command 0x1003 tx timeout [ 651.327193][ T150] Bluetooth: hci6: sending frame failed (-49) [ 651.700563][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 651.709679][T14272] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 653.299671][ T5] Bluetooth: hci11: command 0x1001 tx timeout [ 653.306765][ T6576] Bluetooth: hci11: sending frame failed (-49) 08:00:09 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x1) [ 653.378027][ T8569] Bluetooth: hci6: command 0x1001 tx timeout [ 653.378158][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 653.384105][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout [ 653.392681][ T6576] Bluetooth: hci6: sending frame failed (-49) [ 653.515330][ T6576] Bluetooth: hci7: sending frame failed (-49) 08:00:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5415, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 653.698024][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 653.778036][ T20] Bluetooth: hci9: command 0xfc11 tx timeout [ 653.788295][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:00:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5416, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 653.834041][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 653.858120][ T9202] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 653.867947][ T5] Bluetooth: hci10: command tx timeout 08:00:09 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400454ca, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 653.929903][T14305] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 653.947527][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 655.377829][ T5] Bluetooth: hci11: command 0x1009 tx timeout [ 655.458798][ T5] Bluetooth: hci6: command 0x1009 tx timeout [ 655.547801][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 655.547895][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 655.857756][ T8569] Bluetooth: hci8: command 0xfc11 tx timeout [ 655.858050][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 656.018142][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 656.018400][ T20] Bluetooth: hci9: command 0xfc11 tx timeout [ 656.028036][ T9202] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 656.417943][ T6576] Bluetooth: hci12: Entering manufacturer mode failed (-110) [ 656.418124][ T8569] Bluetooth: hci12: command 0xfc11 tx timeout 08:00:12 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x426802, 0x0) [ 656.544266][T14342] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 656.565456][ T150] Bluetooth: hci8: sending frame failed (-49) [ 656.592963][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) [ 656.611141][ T158] Bluetooth: hci9: Frame reassembly failed (-84) 08:00:14 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5416, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 658.417706][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 658.417780][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 658.513190][ T8] Bluetooth: hci7: Frame reassembly failed (-84) [ 658.577755][ T8331] Bluetooth: hci8: command 0xfc11 tx timeout [ 658.583991][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 658.657786][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 658.667110][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:00:14 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5425, &(0x7f0000000080)) 08:00:14 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40049409, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:00:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5418, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:00:14 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5425, &(0x7f0000000080)) [ 659.361226][T14385] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 659.384297][T14386] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 659.401675][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 659.441729][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 660.577364][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 660.577661][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 660.657461][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 660.666442][ T8331] Bluetooth: hci8: command tx timeout 08:00:16 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x4ffe6, 0x0) write$binfmt_misc(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="73797a319d9c8882598fe2fe739a92a97187553d6b98de5833fb9b30e348d2c25cd7be8b526fb59854a23f5a609d9fef6f2ce88c2c3b289a2012dd4b050b8d853145622aed09fdb08593575fc13da2edb874f88c629ba9e879eab6bdfb7a3daae45687502371984887bf4b5c15803305c812d674aed3f1edd348f6c8fa132e9412f6253e7e377d22419e3b57bfb589b384e8663f2ff3fa8124d2ded349dc823fb7b494d93525d273b25344768eb471cb5428680e23a29944cf336360ed6ce038301ff0213984b24e1b9fe0c25abcac95c75aaab2a886430c109f46afec32fc071180b64b320d758c8e1d5fba84ebd3a72bd66be38b7178e475a66106179e24efba7b095d93dbbbe686b303e6e28f08729d4e8ba18706951a3366f7cadf4a4f0ca6876fb77d6faff71caaffad94"], 0x95) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x14) 08:00:16 executing program 0: ioctl$KVM_S390_VCPU_FAULT(0xffffffffffffffff, 0x4008ae52, &(0x7f0000000000)=0x2) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x13) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000080)=0x2) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:00:16 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x6c4402, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x400008f) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x5) 08:00:16 executing program 0: pipe(&(0x7f0000000080)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) splice(r0, 0x0, r1, 0x0, 0x4ffe6, 0x0) ioctl$IOCTL_STOP_ACCEL_DEV(r0, 0x40096101, &(0x7f0000000000)={{&(0x7f00000002c0)={'Accelerator\x00', {&(0x7f0000000180)=@adf_str={@bank={'Bank', '3', 'InterruptCoalescingNumResponses\x00'}, {"a1ed0d1b9a516607ce1ad53e06584001243636aaaa6be3c2fa0e0d3db1f7e98ea9648f5d7e9206b1e0876ab8411bae74e1a466795eaf591d84e42078230e14b8"}, {&(0x7f0000000080)=@adf_dec={@format={'Cy', '3', 'RingAsymTx\x00'}}}}}, {&(0x7f0000000240)={'Accelerator0\x00'}}}}, 0x3}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x9) [ 661.125356][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 661.457457][ T31] Bluetooth: hci10: command 0x1003 tx timeout [ 661.457519][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 661.463624][ T31] Bluetooth: hci9: command 0xfc11 tx timeout [ 661.463772][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 661.472462][T10271] Bluetooth: hci10: sending frame failed (-49) [ 661.517235][ T8331] Bluetooth: hci11: command 0x1003 tx timeout [ 661.523897][T10271] Bluetooth: hci11: sending frame failed (-49) [ 661.988572][T14442] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 662.015897][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 662.017310][T14446] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 662.024977][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 662.044307][ T1102] Bluetooth: hci9: Frame reassembly failed (-84) [ 663.137329][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 663.137341][ T31] Bluetooth: hci7: command 0xfc11 tx timeout [ 663.151710][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:00:18 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5418, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 663.537159][ T8458] Bluetooth: hci11: command 0x1001 tx timeout [ 663.543729][ T6576] Bluetooth: hci11: sending frame failed (-49) [ 663.550151][ T8458] Bluetooth: hci10: command 0x1001 tx timeout [ 663.556461][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 664.017140][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 664.023429][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:00:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541b, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 664.097165][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 664.097348][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:00:19 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40086602, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 664.169525][T14470] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 664.202809][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 665.377037][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 665.383250][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 665.616962][ T8458] Bluetooth: hci10: command 0x1009 tx timeout [ 665.625307][ T8458] Bluetooth: hci11: command 0x1009 tx timeout [ 666.257564][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 666.267056][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 666.337130][ T5] Bluetooth: hci8: command 0xfc11 tx timeout [ 666.337127][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 666.783749][T14496] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 666.807084][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 666.881396][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 668.016821][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 668.023021][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:00:23 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541b, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 668.208308][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 668.816858][ T31] Bluetooth: hci6: command 0xfc11 tx timeout [ 668.823059][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 668.897461][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:00:25 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5427, &(0x7f0000000080)) 08:00:25 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4010942a, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:00:25 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5427, &(0x7f0000000080)) 08:00:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 669.681702][T14534] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 669.711205][T14537] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 669.729665][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 669.751978][ T8] Bluetooth: hci10: Frame reassembly failed (-84) [ 669.770561][ T8] Bluetooth: hci9: Frame reassembly failed (-84) [ 670.256577][ T8518] Bluetooth: hci7: command 0xfc11 tx timeout [ 670.262783][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:00:26 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f0000000000)={0x0, 0x9}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x9) ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f0000000080)=0x7) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000200)=ANY=[@ANYBLOB="01000000010000001800000079c5df25915d155ff90f0b30c864d739a62f701e8d692dcc8c2bfe6cf0d58861a4103269e7edacb422d55f48091c0b9b47fc3d29a9069b1e35b7ca9277c7d58bd63122514ffd0b38cae30cf913c983a299c8f71316e7853ab417777f8147821b5318850f317aeaea131a1cde53e481d0eaaed699d4163248e47a4b759058ea862874637d2c544691c7f9a1dc131272bdce", @ANYRES32=r0, @ANYBLOB="da000066696c653000"]) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f00000002c0)={0x0, ""/256, 0x0, 0x0}) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000380)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000003c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004c5c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}], 0xf8, "a03c6d6f97b3d6"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000054400)={0x0, [{}, {0x0, r6}, {0x0, r6}, {r4}, {}, {}, {r5, r6}, {0x0, r6}, {r5, r6}, {}, {0x0, r6}, {}, {r4, r6}, {0x0, r6}, {r4}, {r5, r6}, {}, {}, {}, {r4, r6}, {r5}, {0x0, r6}, {0x0, r6}, {r5}, {}, {r4, r6}, {r5}, {}, {0x0, r6}, {r5}, {}, {}, {r5, r6}, {r4, r6}, {0x0, r6}, {r5}, {}, {r4}, {r5, r6}, {r4, r6}, {}, {0x0, r6}, {0x0, r6}, {r5}, {r4}, {r4, r6}, {}, {r4, r6}, {0x0, r6}, {r4}, {0x0, r6}, {}, {r4}, {}, {0x0, r6}, {r4}, {r5, r6}, {}, {r4, r6}, {r5}, {0x0, r6}, {}, {0x0, r6}, {r4, r6}, {r5, r6}, {r4}, {}, {r4, r6}, {}, {0x0, r6}, {}, {}, {}, {r4}, {}, {r4, r6}, {}, {0x0, r6}, {r4}, {0x0, r6}, {}, {r5}, {0x0, r10}, {r5, r6}, {0x0, r6}, {r4}, {r4, r6}, {r4}, {r5, r6}, {r4, r6}, {r4}, {}, {r4, r6}, {}, {r5}, {0x0, r6}, {r5, r6}, {0x0, r6}, {}, {}, {0x0, r6}, {r5, r6}, {0x0, r6}, {0x0, r6}, {}, {0x0, r6}, {r4}, {r4}, {r5}, {r4}, {r4, r6}, {r5}, {}, {0x0, r6}, {r5, r6}, {r9}, {}, {0x0, r6}, {0x0, r6}, {r5}, {0x0, r6}, {0x0, r6}, {r4, r6}, {0x0, r6}, {}, {r5, r6}, {r4, r6}, {}, {r5, r6}, {r5, r6}, {r4}, {r5, r6}, {}, {r5}, {r5, r6}, {r4, r6}, {0x0, r6}, {0x0, r6}, {}, {r4, r6}, {0x0, r6}, {}, {0x0, r6}, {r4, r6}, {r4}, {0x0, r6}, {}, {r4, r6}, {r5}, {0x0, r6}, {0x0, r6}, {0x0, r6}, {0x0, r6}, {0x0, r6}, {}, {r4}, {}, {r5, r6}, {}, {r5}, {0x0, r6}, {r4, r6}, {r4, r6}, {}, {}, {r4, r6}, {r4}, {0x0, r6}, {0x0, r6}, {}, {}, {0x0, r6}, {}, {r4, r6}, {r4}, {r4, r6}, {r4}, {}, {r4}, {}, {r5}, {}, {r4}, {}, {}, {r5}, {}, {r4, r6}, {}, {r5}, {}, {0x0, r6}, {0x0, r6}, {0x0, r6}, {0x0, r6}, {r5}, {r4, r6}, {r5, r6}, {0x0, r6}, {}, {r5}, {0x0, r6}, {0x0, r6}, {r5}, {0x0, r6}, {0x0, r6}, {0x0, r6}, {r4, r6}, {0x0, r6}, {r5}, {r5, r6}, {r4, r6}, {0x0, r6}, {}, {r5}, {0x0, r6}, {}, {0x0, r6}, {r5, r6}, {}, {0x0, r6}, {}, {0x0, r6}, {r4}, {0x0, r6}, {r5}, {r5, r6}, {0x0, r6}, {0x0, r6}, {r4, r6}, {}, {}, {r5, r6}, {r5}, {}, {r5}, {}, {r5}, {r5}, {r4, r6}, {r5}, {0x0, r6}, {r4, r6}, {r5, r6}, {}, {0x0, r6}, {0x0, r6}, {}, {0x0, r6}, {0x0, r6}, {}, {0x0, r6}, {r4}, {r5, r6}, {r4, r8}], 0x80, "4d3cdb27eeeb56"}) sendmsg$nl_route(r7, &(0x7f0000000540)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=@getrule={0x14, 0x22, 0x20, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x17) [ 671.776646][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 671.776650][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 671.784145][ T5] Bluetooth: hci8: command 0x1003 tx timeout [ 671.790414][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 671.813220][ T150] Bluetooth: hci8: sending frame failed (-49) [ 671.825552][ T8600] Bluetooth: hci10: command 0x1003 tx timeout [ 671.832434][ T150] Bluetooth: hci10: sending frame failed (-49) 08:00:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541e, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 672.313807][T14571] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 672.336001][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 672.409731][T14577] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 672.736393][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 672.742536][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 672.816634][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:00:28 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 672.933043][ T7795] Bluetooth: hci11: Frame reassembly failed (-84) [ 673.856258][ T20] Bluetooth: hci10: command 0x1001 tx timeout [ 673.862407][ T20] Bluetooth: hci8: command 0x1001 tx timeout [ 673.863534][T10155] Bluetooth: hci10: sending frame failed (-49) [ 673.880968][T10155] Bluetooth: hci8: sending frame failed (-49) 08:00:30 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40186366, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 674.336316][ T8569] Bluetooth: hci6: command 0xfc11 tx timeout [ 674.342528][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 674.434690][T14603] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 674.462982][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 674.480326][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 674.496403][ T8518] Bluetooth: hci9: command 0xfc11 tx timeout [ 674.496465][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:00:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x1b) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 674.816366][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 674.825666][ T5] Bluetooth: hci7: command tx timeout 08:00:30 executing program 0: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, &(0x7f0000000000)=ANY=[], 0xfffffecc) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {r2}}, './file0\x00'}) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x9) [ 674.976419][ T5] Bluetooth: hci11: command 0xfc11 tx timeout [ 674.982701][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 675.025927][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 675.105788][T14627] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 675.137056][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) 08:00:31 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541e, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 675.577853][ T1192] Bluetooth: hci11: Frame reassembly failed (-84) [ 675.937176][ T5] Bluetooth: hci8: command 0x1009 tx timeout [ 675.943345][ T5] Bluetooth: hci10: command 0x1009 tx timeout [ 676.496275][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 677.025784][T14643] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 677.054358][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 677.060924][ T8518] Bluetooth: hci7: command 0xfc11 tx timeout [ 677.067099][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:00:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541e, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 677.136697][ T9202] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 677.171273][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 677.615949][ T8518] Bluetooth: hci11: command 0xfc11 tx timeout [ 677.616007][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 678.137096][T14662] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 678.161213][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 679.055946][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 679.216143][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 679.732391][T14674] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 680.175940][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:00:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5428, &(0x7f0000000080)) 08:00:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x10d000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x5) open_by_handle_at(r0, &(0x7f0000000080)=@reiserfs_6={0x18, 0x6, {0x8, 0xfffffffc, 0x0, 0x9, 0x0, 0x7}}, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:00:36 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5428, &(0x7f0000000080)) 08:00:36 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x401c5820, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:00:36 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541e, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 680.510897][T14696] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:00:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) ioctl$KDSKBLED(r0, 0x4b65, 0xfff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xc) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 680.562126][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 680.576721][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 681.775610][ T8569] Bluetooth: hci6: command 0xfc11 tx timeout [ 681.775798][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:00:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5421, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 681.931803][T14726] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 681.966533][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 682.575621][ T31] Bluetooth: hci9: command 0xfc11 tx timeout [ 682.575769][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 682.581765][ T31] Bluetooth: hci8: command 0xfc11 tx timeout [ 682.582011][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 682.589497][ T5] Bluetooth: hci7: command 0x1003 tx timeout [ 682.635557][T10178] Bluetooth: hci7: sending frame failed (-49) [ 682.658470][ T8569] Bluetooth: hci10: command 0x1003 tx timeout [ 682.678488][T10178] Bluetooth: hci10: sending frame failed (-49) 08:00:38 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4020940d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:00:38 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5421, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 683.288374][T14745] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 683.317163][ T8] Bluetooth: hci9: Frame reassembly failed (-84) [ 684.015513][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 684.021785][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 684.539249][T14757] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 684.655438][ T5] Bluetooth: hci7: command 0x1001 tx timeout [ 684.661570][ T6576] Bluetooth: hci7: sending frame failed (-49) [ 684.735646][ T5] Bluetooth: hci10: command 0x1001 tx timeout [ 684.742803][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 685.295381][ T31] Bluetooth: hci8: command 0xfc11 tx timeout [ 685.302539][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 685.375549][ T31] Bluetooth: hci9: command 0xfc11 tx timeout [ 685.382248][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 685.456742][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.463073][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.846689][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 685.905809][T14771] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 685.930896][ T1102] Bluetooth: hci9: Frame reassembly failed (-84) [ 686.575576][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 686.581880][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:00:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5424, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 686.733648][T14779] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 686.735531][ T5] Bluetooth: hci7: command 0x1009 tx timeout [ 686.778141][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 686.815343][ T5] Bluetooth: hci10: command 0x1009 tx timeout [ 687.855262][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:00:43 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80045432, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 687.935955][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 687.943544][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:00:43 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5424, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 687.995805][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 688.154719][T14795] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 688.185991][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 688.815251][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 688.824271][ T5] Bluetooth: hci6: command tx timeout [ 689.336155][T14807] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 689.359361][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 690.025194][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 690.255118][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 690.255220][ T8518] Bluetooth: hci9: command 0xfc11 tx timeout 08:00:46 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5437, &(0x7f0000000080)) 08:00:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = syz_open_dev$usbfs(&(0x7f0000000180), 0x77, 0x1) ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect={0x0, 0x5517, 0x48000000}) ioctl$USBDEVFS_IOCTL(r1, 0x8108551b, &(0x7f0000000380)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f000005a700)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005f100)={0x4, [{}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {0x0}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {0x0}, {}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0}, {0x0}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, r3}], 0x0, "b67d5166ab9c79"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004d100)={0xfffffffffffffff9, [{}, {0x0, r44}, {}, {0x0, r123}, {}, {}, {}, {0x0, r99}, {}, {0x0, r25}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {0x0, r3}, {}, {}, {}, {r98, r67}, {r39}, {r6}, {r76}, {0x0, r111}, {0x0, r89}, {0x0, r92}, {}, {}, {0x0, r82}, {0x0, r19}, {}, {}, {0x0, r72}, {}, {}, {r124, r31}, {}, {}, {}, {r20, r53}, {0x0, r118}, {}, {}, {}, {r63}, {}, {r58}, {0x0, r128}, {0x0, r114}, {0x0, r17}, {0x0, r32}, {}, {r77}, {0x0, r111}, {r110, r125}, {0x0, r88}, {}, {}, {}, {}, {}, {}, {}, {}, {r15}, {}, {}, {r56}, {0x0, r7}, {}, {0x0, r93}, {}, {r11, r84}, {r120}, {}, {}, {0x0, r101}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r18}, {r46, r116}, {}, {r28, r47}, {r62}, {}, {0x0, r113}, {}, {r45}, {}, {0x0, r41}, {r40, r103}, {}, {r48, r21}, {0x0, r14}, {}, {}, {}, {0x0, r55}, {r129}, {r64, r5}, {}, {}, {r105}, {r87}, {}, {}, {0x0, r10}, {}, {0x0, r29}, {r18}, {0x0, r80}, {}, {r95, r8}, {0x0, r96}, {0x0, r33}, {0x0, r68}, {r70}, {r34}, {}, {}, {}, {r90}, {}, {r94}, {}, {}, {}, {r49}, {r4}, {}, {}, {}, {r51}, {0x0, r13}, {}, {r81}, {r59, r43}, {r121}, {0x0, r52}, {0x0, r119}, {}, {}, {r45}, {0x0, r107}, {0x0, r14}, {r104}, {r85}, {}, {}, {0x0, r69}, {}, {}, {}, {0x0, r75}, {0x0, r35}, {}, {0x0, r25}, {r24}, {0x0, r106}, {r63}, {}, {}, {}, {r36}, {}, {r42, r12}, {}, {}, {0x0, r50}, {0x0, r71}, {r66}, {0x0, r9}, {r23, r10}, {}, {0x0, r57}, {0x0, r16}, {}, {r102}, {r79, r61}, {}, {r91, r112}, {r30, r55}, {r86}, {}, {}, {}, {r108}, {0x0, r126}, {}, {}, {}, {0x0, r113}, {r22}, {}, {r115}, {r37}, {r65}, {}, {r73}, {}, {}, {}, {}, {}, {0x0, r26}, {}, {r117}, {}, {r15}, {}, {}, {r81}, {}, {r83, r97}, {}, {}, {}, {r60}, {}, {0x0, r74}, {}, {}, {}, {0x0, r43}, {0x0, r122}, {r2, r111}, {}, {}, {0x0, r127}, {r27, r78}, {0x0, r100}, {}, {}, {}, {0x0, r19}, {}, {}, {0x0, r109}, {}, {0x0, r38}, {r54}], 0x8, "3c1d4c65c79995"}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000001740)={{r2, 0x0, 0x6965, 0x3ff, 0x1, 0x2, 0x1, 0x9, 0x80000001, 0x0, 0xa3, 0x6, 0x0, 0x0, 0x7f}}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000180)={0x0, r2, "8e2713efd389b286e5593727f2f9e543618db2868ec67ebafed03a15cdd3da939d40cadbcce8d4d82f468357f36b463e814ac914dae8dcdee975dd0825a3bc8ccb5eec58753cfa9119b7595048d61c579e7e1f1ec5611d20b70bc75b29b741a79183f1d6e74f5868e5dd561dfc5c5c5eb98091d0b35d33b91c753476217d62462f177853aecf5983b00a62255ce32d1aaf3ddd52016f6dce15edbdc3cbc71169d29442f93fa77a0fd6e26dc0dd97323d3ef55eb94e8b56a5981f62935173c74b9027adb9328b4cb783c86865b5e1c41b3b59d7a0fd6485b199c5a6393daed292df07c793f56ad1ac700705c5ba94995c3d7a41613021037bc12e657e5d13204e", "48e560cf24238942dfa82b43efd443d8bbab3fe49ae110c7f908db1e85391c078c8f358ad6e9bddcd1c58c460d1a1e5a204eff5a0e958642ff7d788b9677c174e051f666e2b7bbe574f711446e4a29563a57717a2407f0ce0e0070a97b9a930f93ca659b1c856089000d242d4bb74af6697868e992286ba272a4e78b434f0594fc647173c68a61d190e8a0bbf05afe6e502985c1ad45c972a9d5dd36173c54a8120b8ff6ac02eec6457f838905d30049f8bcc2283c45a51a55426bd96322a728164eb3649eb74354da2abb19ed8c798a9c6983e067d46a35a191996ac5eae93aa6a120c81072861414ae0f3f12457bf2f83b2d8263665c53e374d86b885d443d42ebee9e2e2bc7194a98b986f24b850f3f100918a3ae1cdd0295a0175c84ffb3543ad2b20986a3b541b90abd56753a5735107f8a0fcc7112a5891ac37e2b46e7dd2fe86bb78fcb90911f125525685edfd9b10371059977323bfd4ccbd2955e192ac309f7607d3e17c107e5b40a084d199e59492099ecbf7657d3e7b8ca8b8126c2514c4019d9abc296deea260d8e181a6ee440505c3b686af733a52c864e4656e38c2316db649f1aba80f134d5965b726d7329b0adb7c94af0fcc12a1b89c4d63148142b0e1a9cc317b29ec992e4b378dc73816d8014ecb975578c01480505cd386cc2069171378f9284bfb41a02c73b3b160fefdefe2f49dfdcbf7912a68874329fb53c5946d31d307ba615aa7ebcfd8cce4294364d8e5a6abd5f051719f93e42cb5dc09b6b178192e359bc53b55c9fb0b8c0834bcf2dddf3f08b9c9c5e3cce4da0e12cfa17d137cc39227600f96da717ff33642ce5f54aeda53f601645cda7c43a8127948edb56da66403b9f166d19c46aa8a3d97145381f9c266aee270fd9a8d4e41f0957c8903ce419f5d2e9e6a274c1ac5bd59f1bab3f0f6a819ece02f96c654b23071820dd6108781377b0a581ad5407471ecb33ad1a2b296ccf68a6ef3dd30e45350e41ca57152a0de2657f2d4e9931a75379bc0f67ff3de2189878b0dc4de747f8e2e57ca116127c5b477355f6be2d6f4c5ae3e0656fbad7f06eabd947cb0cbbf1ccc475c96366c54c12f08131f4c8f282fe60285f9c540a3752a6d24c4032e04c79a2688526d74d9190a396a8c5abc49406a1b8132c4d1fa63cf00341d181d1f5d2e4428b03309de2185134097a234593576ab4aba4a5abd44536b093069d618ff4fe3fe2a72b31ac9c540db8ce5224d6b06cddec7b7e9dc09fcac254971db1297d2686f12a597cdf287e45e9285ef4eb7b696e1a56a7982118d0c4d25d2d64eba130adca51648fe9fdaddbaa6fd650bc7f4a5cdaadd34ba9d5c9d045b64c67c55de2f4b500df34751c81444886f4a832f584989d3fcdf499648c427f9bd94b80ff3b53ed52254a7031b2e7941c9d4483604cdcaf464399cba29d57e11ad508d4eb759e6056a48f6d4ce1184d707bb973bb17b5728b8e814e11e821c9451fd60c1fc178dbfe65e7eeebca8346cdadb3f5383218c011272052965edc026acc3c36cc95333dd3e067226e782c1951c15fcf251cc41e4b7c42446b8d83d4bfb77c8b66749b2f52ba4f299042c37ed59bd4af1e4e69fd41ac424ba5db96d8158eee90ed32fec14638d2531d3f7b7a151a6981575a1a767dc7f6db1cf6cce6cb55580bbdb236a83ccca8918ec0e8c405c15a49e0eb1d5209b27ad4b7a472162b966adf98d625c31be9736116ef8e3aed5926d80a950290db6bce5b84f52a182da6fefffa85c17db634a0de800701042cf7afeb9caa7a6257d3c418722b1e4ce040a55ca33daee4285abb4970234babe862f3d4079990ca8ac373f8133b1eec5cb6b0c8b4856fca9c9870e7ce3e37bafbed734fc82e297718e07e7f679ba6d02e15a595dbb5d42ed38e8367c5eb559b30da18971aacfaa3f8aad1d6cd47bff7250cb32c949ae6278410c95434ecbe789cb1397bec8fd337845df2a1d0638e04b1b6e74e5186d48fd48f3dd3ef3c835c83da23f431a5462b0f65de0e4320814dfbe60f3b6599e61da61baa0e2c5100460910e8b076725edb4ee7a1edc83e54ef6267514e481fcdc57e3b5e1729c55c4069506c1a4b76c2a141b8a9132cd94425589f83a3ff91872cea584af6dacadf537721927969699f17244e55b9af45d95e3190e2501b4974ccc7e6bdc1c64ed58d2230fc24a7ff185cb873039113406802f84f2750b7fc4e90aabf38907a5883a4e004e8a54d4d23ae989132d57311bed394466d728a1c1c7b9d6350b0324e30c36e729906e2b7651b726c5925051ccc707039ae040cb80d514887181db7e6953072df806e43490d71b5065fda3d55b5039872bd593c646ad29d6c4bdd6c53aa5cb164ac20806946e5b7f4e1d432cc3eed28c011ef8a65e3190c77874c876f39d20e5bb5355729b83199e95f159bb025bffd869b4f2412a2b0959e10312f8bbd2a8a36166f9cb21c0f71c18604f2c09e72cf57e05a4c4a3708d9140bc652a7535a3fc120dbfe190804f3e03367eda6b0aaa9cf2d4f2c9f12dce4ccdfe47a9709df208bdac33c399c7d7e41bb7565396401248c0f94faccc234452cd51a80a17b555c1e2831e6b98d29fc781bbc86a471b04ade04e32b0ecbd9e3386fb2dc7415eacb4432091c057e734f617cc3db509b100313cf3c44909c8d752db6ca4850c8b5d2630db69d9d829814bb802b58d6d2f2e622a735f4b314a90a26ed2d197510b0f10bc2868765dc83b21cebb3791224d87257fa87d555981a743a5ba7bf88676ec840572b9c8509dbc4dd4d549446665edfc18749d03e503d41633e93015929c270370188dff84a270d8840e194be8f6ee0718467f67142f19eaf957540751c224cf24c12009375476db7234fe7d4f44f404ffc8575e437ae209dee60b8eeecb9ba9180a3c28a7a60c385b9a722ce866b4671da22e209fe1ab9dd58e43ac27acd5191a75b0abd6d04edef3f01f3c5c7d3f5e0c127c36de67781476ff68765f8e8d2dd586d4ccb26ef2839f11ef7b6d2477bad954d5290d1465a0d224211b1debd40ff38763c5dec540078bfc90ab053c005f9b4c4b2ec2d2c584d4cfa84dc7bb3f6cec7f4831762ac3a3cfb603ed749a5f75e7d4da2a3e179e603cd1e02a9d6924a0b5edc3e3a710a86ce5f61c48cf8d7a7764564e3a9d65163dcfa053a2a76d83e5f30cb93ddaf0543a03d7ce9b75dc1352d903dec49cae8935966ac343e1a41d38d9205d03d56f9e58084c7417f6344e25de2d678e3ac82bef404aabe20a603aaf68554af2d16d1987fb38910deadea3f56e1a4b5653b0ffed4b7e933dff810a25ce176d5ff1870dc3fe14ba4d934492532ebf4a542c54718f9b692a9461f069515bbc041cb72da58b5ae5c9c3710a1b8ff2c840d5ea70abc081d6cb60096f3d35570d186ef0e50871582887b76b2024a50943343ff913281d6933f6b8606afdf2d2b9a7e3f1629a5730ad29ef58dc591fbb1f3024ef145e5aaeed7d554c214e929689a52211731da62c6a86e9db9d9a61a48a36cdbc7e7383d98a8b28c41ca3bb52ce3016642eb0de30853dc0d1c5dfbe595257ea786b92b30ce56f2fa684ecdf7b418a3c8cd7d047f0ddfbf58178d99cd14675b6957cb344127434fa8ed2b8539897e5b81be705f0c4999f0257f85c532405593ff6b5834d613b5e339a01e2141dec09d008c49983eb64ca7c34ed98227c4d7e717f0b72071b522c0c1fb813c7144eb871b8933ff3b489d669e966056929b30a4787992784615674a89f0cb3338a3ef0e87bf6b9075b0403a3d6cdc65ad7753da8509c72de0f9bd4bf6440494f1ab9ff0b1037f21c0d88605325afb8fa054ee0764b797701469913797dd5fa3e969febe283e1a7fd6c9e68ea89b3dc27f77bb2b2467713efda5d8594d5afad9de9084005930c860f707a358054d46c3ef7adecf2f939a3859dd8c3057c0132bc3d9183de053c1f527910d2e3ba060ad4b4456bb8542b380d19d0f8895eb6298f8a953a2cc73de9993a3ebcf478095a2cb9e6d2832d3214d5a1284c367febde5f6fdd3324205aef87252fd6c40fbd64cb17ecb0a67e820a2feebeb8bc2052166152d95143e11d637a439f6a22406dddf1e48bcce339d482803e607bd0ca14056dce74a5eba4912112bd02645f873302114dc58544a97bd40485fe320334d0f3946244d53f3f5e6070f2c9e967f3f69377fe650e2b6f81c78d75281cd2539ef114b6096b9793e0f4d1f7106c84838965fd06e765c6633fa229d437fe7249b6f923350feaa3a74ef87c186214e0c4fa54a6e12d483928bb19ef33772295fb42c74ef89f81ee559390d422b7c82bd1d520eddb6dc662e26386ce4ff6661f14f8a8a15e59778d3b61d16477a0cac416f917ce19b162e69b4ac1b323b55781112bb4bceae9fd36a1de00455aeee91dfc4f9a37a1b7c7ab9fc31dfc7c944f8d58fc8cd00c92294d7e5ed9fafddaa44a24f9eee7b7c89fe6c0a45185ee8899f8f508c17689da33e8da4fd54729dd72c3d92677397317a4ac9127ee825e0b45fe616947100d57959e1932ffcf69407a76f0dd037fe1e0c6443ab1557bc31ec5f91017bdb7b6b6d6c6beaf758c174b91f63859081ac7b050e330bb6556286bc8fb9136bce02bf7dfd1cd1c470d2de7dbc5301001c0a862b83b401a2d0807fd1179211e497f60d03858711ac7176793da5835b44cdc8de915dd57dca4d77d46313601dc03b78db7505a448a50f35ca8d0efd2f110901d010bcdf45f41abb1fd459073b48700d659c6f5e3214a422d5945ac658d6aac5ad7ece67045639e1e2de4552f3f0bd7d93585dce7bf15871d4f78098353c13125785a7d68b66be3cbf653f2f04e89698ce1f56724aa4d9bb4ab8d11f25f257b5d5c5d511aef15867f6613e2afb785d706a64bc50770bf03b224df55bbc6246f0ccdfe14101362de7e11fc9ac9073e66593334b761ae2ba91b2d411656fe09a23383aa109b412fb3ec832c6c1a4dc6c69f7dac058451de22688ccb403ea3580ab5b14c794d9120ccfb6feb10a633b474157d91f789a09b1fc1f155156fc48647d47efb97da48a84c4f84762de736c8f2e5f980a9be4cbe9be7d9cab4bf67c90a9ee38db399f6b4353b4b1b2a96cc24459ff7a4a31cfccb5a1dc6ee0a9ac86b782e1e92efb10d107db95fef40ff3ccc534bdcb6327a01299655d649c62a401ce7359fa878307e7d657d736e9cf22bf52f8aacf585df3a1ad39496ba7aec081c932affc880a1e65d61511c3c9e3db70c00554a930f3f1b3470655884003249ef379ede51eb88157d3b9801a2384238a630f1361b7c62ea0e60b9125c1194a7fef62ee919f55bc3341a21b526461f1864838c676c7460708849815f570582817739de341a3d3d72e42c3dae8b2cb98"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000040)={{r2, 0x5, 0x2de, 0x3, 0x9, 0x2, 0x3f, 0x7, 0xffffffff, 0x9, 0x2, 0x4, 0x37, 0x7, 0x100}, 0x28, [0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004c5c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0xf8, "a03c6d6f97b3d6"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004b5c0)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r130}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x0, "c30d0621e1e7b8"}) r133 = syz_open_dev$usbfs(&(0x7f0000000180), 0x77, 0x1) ioctl$USBDEVFS_IOCTL(r133, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) ioctl$USBDEVFS_IOCTL(r133, 0xc0105512, &(0x7f0000000380)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r133, 0x81f8943c, &(0x7f00000003c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004c5c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r132}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r131}, {0x0, r134}], 0xf8, "a03c6d6f97b3d6"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000049c00)={0x10001, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {0x0, r134}], 0xe5, "bdc799756059d1"}) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:00:46 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5437, &(0x7f0000000080)) [ 690.772607][T14832] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 690.792722][ T8] Bluetooth: hci10: Frame reassembly failed (-84) [ 691.374951][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 691.375585][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:00:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5425, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 691.491711][T14855] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 691.525646][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) 08:00:48 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80045440, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 692.574986][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 692.718284][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 692.815046][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 692.815913][ T31] Bluetooth: hci10: command 0xfc11 tx timeout [ 692.824462][ T8518] Bluetooth: hci9: command 0x1003 tx timeout [ 692.836704][ T150] Bluetooth: hci9: sending frame failed (-49) [ 692.843139][ T8518] Bluetooth: hci7: command 0x1003 tx timeout [ 692.849396][ T150] Bluetooth: hci7: sending frame failed (-49) 08:00:48 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5425, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 692.896463][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 692.899336][ T20] Bluetooth: hci11: command 0xfc11 tx timeout [ 692.936049][T14840] hub 9-0:1.0: USB hub found [ 692.941743][T14840] hub 9-0:1.0: 8 ports detected [ 693.036629][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) [ 693.534898][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 693.544817][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 694.071618][T14893] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 694.130337][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 694.734839][ T8458] Bluetooth: hci8: command 0xfc11 tx timeout [ 694.735599][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 694.894621][ T8518] Bluetooth: hci7: command 0x1001 tx timeout [ 694.902002][ T8518] Bluetooth: hci9: command 0x1001 tx timeout [ 694.903348][T10271] Bluetooth: hci7: sending frame failed (-49) [ 694.922801][T10271] Bluetooth: hci9: sending frame failed (-49) [ 695.074132][ T8518] Bluetooth: hci10: command 0xfc11 tx timeout [ 695.080416][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 695.302052][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 696.184674][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 696.190878][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:00:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5427, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 696.335365][T14916] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 696.369070][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 696.974570][ T20] Bluetooth: hci9: command 0x1009 tx timeout [ 696.987975][ T20] Bluetooth: hci7: command 0x1009 tx timeout [ 697.374468][ T31] Bluetooth: hci8: command 0xfc11 tx timeout [ 697.384507][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:00:53 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80086301, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 697.573141][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 697.694488][ T8458] Bluetooth: hci10: command 0xfc11 tx timeout [ 697.696477][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:00:53 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5427, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 697.941365][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) [ 698.424439][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 698.430641][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:00:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5428, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 699.102902][T14946] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 699.152908][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 699.614312][ T8458] Bluetooth: hci8: command 0xfc11 tx timeout [ 699.620502][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 700.014455][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 700.024353][ T8518] Bluetooth: hci10: command tx timeout [ 700.552818][ T150] Bluetooth: hci10: sending frame failed (-49) 08:00:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5441, &(0x7f0000000080)) 08:00:56 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5441, &(0x7f0000000080)) [ 701.025853][T14975] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 701.040005][ T158] Bluetooth: hci7: Frame reassembly failed (-84) [ 701.083902][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 701.224443][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 701.230708][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 701.770910][T14989] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 701.811223][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 701.818077][ T8] Bluetooth: hci6: Frame reassembly failed (-84) 08:00:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000003c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004c5c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}], 0xf8, "a03c6d6f97b3d6"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004c5c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0xf8, "a03c6d6f97b3d6"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004b5c0)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0x0, "c30d0621e1e7b8"}) r14 = syz_open_dev$usbfs(&(0x7f0000000180), 0x77, 0x1) ioctl$USBDEVFS_IOCTL(r14, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) ioctl$USBDEVFS_IOCTL(r14, 0xc0105512, &(0x7f0000000380)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r14, 0x81f8943c, &(0x7f00000003c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004c5c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r9}, {0x0, r15}], 0xf8, "a03c6d6f97b3d6"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f000004f840)={0x7f, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}], 0x1, "6c4c1e2fbebe58"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r2, 0xd000943e, &(0x7f0000050840)={0x0, 0x0, "3b809f74a4ba9f22471f950028ff40637b176ecafa4019c0c1f862920660dd2b8f4421b6293d0c1f30324fabae6e51ce332ae2c9fcac1d66df255de7a5c9ae3c8627338ef61445b2a3dd1f683a44ae66d37eee3357c63c1678d3fc8154e4900af7b8c8f3e2a236d21f6391c6e97d8d6fad1c69d3627a465675538087e06a027ae534cccf6e0bcf8888725d2db83967b456020930269225b64f1b6cfae629fbaa3c4c46c4f78d6e8d7964ec4b3aa5f5eceab1563a2c9ff8225d5046494b5cb6e0a24c3e84868bc93fa3b52a4e123de850967cee96dc2db9a4bd9880067e8d508fac918546cc4a7453c83a613cee87db0d88fa98159d913d6541a2c64e09266054", "27518c7e7b2863ae209ac48e7d3ef51c30ca3c43ab32d4e213089ffd7c3932972aa8817389273378ffff760c29bb648d3aeab0c8da894b30709f49530ca9546c7ec0a63a1477a01ae3e75c3c96b18664d44ef3d4249ce751f58ef68e267a8d183ebf159fdf07f550f50b59ac2fa92706f6223b9c05367d1ef32750ad075fe7349720cdacee6a4664f16eead760dbf84e6c17c6dbc2ee51fb85914a4f80da76cd7185bd0b2b073f8180446ef5f70b2ab476f8bedcb8164d7f7dc21aeb92fb6cb71f744d6bde18a1e3e7538e5d9746c3aca87feab385ce9137009292e08bbc0e50516f03e964047e1eeb71e808783ee183dbbe83a7a033d60e1796e360e47d8c47e56d1ce5fb28b9bae50c9f6954a7c3150968da3ec0ffb1c430afd394e19d24ec04308d75db7ced469db1fc9433b9946fd3e1255570f57452a7bdbececa274cf91d62e21625c332d97a46fdcd6fface5d58326fd404a0489c6953f0bf781650fa098fee161b4332e77af4ce590a3de857127ed8d561d869885655e8843b73cadd30332e5acc378628cc61781fe13241b130443e338c13c82d0abb1c275e870f8645815c787fa00eba35ca40b123fec8a92437c1d483ff03c1d564d479edb0d41e96182f91fb1ba71468fa508a99af64401a99bba3e1319929c352560842cc12921ab34f723bf82cbff03afa46378dc63f76e395ba3980717905156c9344c485a67b692c112005202249bc8bcf4a96d3c77485653f424c6f020542c3800ba0e5489c94321ae1762a00d76e97232b5e8bbbc932ea313373fdf3c52a028b41c53fda3c1e55781eab56b0412e98cc56c5c06196aea04857c88981e3a1a65150e71ef5aee4b0ebfc674f68372ee16dfd6d3380c546d29948f02546f01af24a933cd4120093f161fd95506988cc6212409f0005c8e0fc09e41868f6c715b585c9369fc071d77e52ab2c2dac1466f8b3d8e4ece4d53955801566f203482b58662bb01706683ad7a0db794ff8cc2f10042214b7cb40d2b435c778399a3bb9a858e980e3fb61e746a90e27968a97ae2ab6e43b1b7ea9e08f12608df3b1503b8a7a21ad5a37c433efc0c17801f1be740a649f6f78fb9f3945e5276e849de464a81dcbb74df33bc1f04457e42f575593a05bc6cf4d8dc88647b8e873ad2a936a4e23e039aedd2acc1b4e36b292e864ae327aca23491b99c0c5f6abf4ba6e46248e7c49e20ca5cfb3949b7011826f8e830afaf814fd275e892371eaae2c7f180bc3c30a225a38b052bcae163537c3f8edaf250427aca8f425e9625671e8f726469b2c398d991e68aaf622cc16f2e23cc4e2247f9793f7f2e1ab83f3f3c997ff042570ca28def573c34f71c4474e6df8178563a314082984411038784501a64eb4b44b78edf1e7fe6f2c816c4ea006fcb4d8898b2a3114409f1bd2bdd654a045b4d5883ef4c2610006580fb26e48297b90ecad79e9577f6e850873c0c439d75593edf814748d0f14ceca4001ce82ed9835ee41cc2ff8678cf665d175f00df2aaac9ce327d962674117f883b014329e648db186b0a67924c1c08655cea72c97fed141773e4fc9c484c6d1e6fbcc16042bd2f4d9121ca9802a35f2d6e7e01388b15203159bde5c99bc90a304e714ae04edb02fee2296dd236a9b83ef221329fdedfa78f0ea4301e9c6499d070dad222925bf12f2f1f9ef30cd08f24eea5598d584e316330c9d8d41dba2cca8eb435c00c6e17223ddfda9a43b465d9862ea8e3f87ea6219a0782708bd76a20dcec9ae8973b0c6f5eb79f3bac7fb79109ad544681bb239a2bf2aeba3ebbef2c6feeb8369073e67ad6d2ad8989a56866e76a5729155d4f7185e90f0c0b94525e3ec10bd06076697100ccb3fcee2c80392b93a69bea6408ed7c2af2b594fd3a073f90b7ba5a1d462811e43580b47d1295911a4c683d9ee07d2340bdd3d58b08147cdd098ea0b0935e1e6b74a68fecaabf8547f6afb68d3efbf906010e5421a794aba1738691b51adcae5e86c242004488c78943f426e3cd30f28d07408ef86e9b9a2b5fc8dab20744213335f9ba98b3f49fcc81b684eb43c5bd5fe9fbee361a4635f6dc427588edd0e4709c5eccafe14b75618c3740c89a57d4637365af6f7f474ce99ad862c360f66404d201b2da6d9f97fb6c0d4d00edd008284975b64be1d45278cb8802dfed6b9395221de849642e6bac782826d2dae31d64b204b5be9c74bb6c4126aa8da379b2c66ba7501ca7e9e28edb60bbabcb10ffefeb33e3e0e4a70e0594066727fc91902f3c36bf96aa55d4a4dacc15a765da175e1a45812a0e0dcc759cd4113c59c81bb8c8a4cc26023410c07a7ee7ef9014a5573c75e37c90bacc7d66c02315615bcee89c89cdca7ecef3bc809e215b834d5a44750ae3b1987f9a0aa33a4cf1fc383b5a1f535c876dbb861ce4cfa5fed98b292dcf8e3617a723a1613cc473a428d4f787f7fc9f4d6378c4472f576795ca479eda4a3817d6d03fbcc051cb0243b78c713235ba0f57ae71787f7969b80a527faaa4236e664caaee7a7a1dfe694e201cffa71b46563570c089ac0613c644332e357c794fd81513f2d2916c84864e0508b2f80f05c91b9822a3544039a540af4d813536e78eba4d74c67d67729bc81b19d89f1b87a39b71fe44525c15c18ac218943ee97af2aec30a448cdb6b3ffc224cacb4e793eae980e578139ea22150bdefa11ac4c4492e8441051c90dae5516090d169442a9273a5cc4e730941343bf2ed76c19e217707c1ae6fab76eabb7783a5318fd53987f6572999d672d0c92d7f1f88e93df4de649bea989f9b9580395ce7e6adc45f6ad0d73c6ba800f341a2a021eaf8864c1e46e21f2a37cdb11c72727896259c8c486c5f97b900b478aedf74aa097872c4b27df3389cc848542bcf4e73a2e09dde072a414abafc30a2d9ad03ed6cd993098c608ba6c765fe7bacb41527aec1cb35efc95099545ec8ad4d2095d97c365dae653862d50c4e2ca2fd164713425346e9c1ec49e560328ab47389a823321204c1c3857fc4770fda6ef5bef655bdc65cc1c456cd2ea6ccb5024e0aef3fb16eb99d52876e4c41b94a493fd4da60a61cc214e0e10876cfd08d5c86a0726080cc9d280b872ab3d1e289607920dd831cb3085dc8115da6533a678c8211419b034bc56653860413af26ba841d22f58ad8419dfa2ae0a8bcab030e8385205df24f2313b7cbfb9b93a9d2683408b30e6f0a877254168d15d5cbbad5ff1cafcfcccd0b20804dd0ebf9a26c3af17aab17b00428cbdf4c102989458197fe42f54a77a1726ec3f5be4de2abe7b0a4470281fb7554d63246efe94fedf6cd560176fbb401e909e30ccff90d59b619daf104ad171ba1e06d0603b9db5485a7e4ad5f85f1b775c1ad366cdab45f8e30e3f2939697ca5d686b074455f9708d23a0a328dd2bc2270624d6e8499fb013414b4043139237c06472b8eaaa119081f2ef89df125b95ecf440df3e65def437431924a1ca4aff9c4440c37d857f062df84afb3b4961c1f62dfafc8b2ba2332ea5a788a46dee4feaefb04fe47b7c274dd8ebe4cb02a6a5ad05e718af21adc94bedf3d4e5c12f5b834da63b71b7da16b3139c6ffba07530a8a8e95be83b7571429581669045015c9244a876950a75d0153d042ee9ca90a9421daa43e80ac218e1172837afed211565c1d9a4cceab98aacdb0256f7247ce3fba0e479290f0387bba7d9d883ff91e99e75424f6c67b20e1e3ec8ba65beb69f9e66a2daf94c56939cd9d3a3ebc328d24543d8d787a785b080211a90f68103716d66e4cb82eb2d5f6ef8c054c8507bfd9d5cf5ee2771adee88c09e6be62c8fd8856ec9bb1bcfa65fcd24fff5d0e264bedcd6c63d2913d6117eebc692dcc50c6d045e17c63341fc7ee08cfdf9e180f7282eb7e251b9a9d26ee820e3b267e42f4d09883237be20bd35618708c0bf2bb8b367b1f6c82125f17e46a864a4474641ebe8bb593d663589bc90238ccd4d8ebd2838f6710ab98e8eafe8df17a2a82b484d21f8983e8ab8b9ac9aa95a272474a2d2373c388aec94b5c527749c4885922c54292d9dd53060948bf2e0e3c555663ef4665fc7718efedabe5daac4799850bcad1a1ec3232b561a1e491fa973c225b2df5b6db2c3048291d83b8b2cd8ee5374ab41194987256a536d7124781d22e1f658479fadd4b4c2d9141cc50a47408c5254f77069b5e734db640853b193090d3831c8e274dd74e7142c07a1d24f8bc2a9da808a0d3307ed73544252de6a39649f69c56f555c2c2cb28992813016d70d532e3e439ecaab4969e5b0237136c60a1befa18c312cd1cfb14f285110e7e31ac195b7a881253df01a28c16fdd167e9235de30297ed6b2d54bb7b4eb1ec816af50a35623e2fc365bb1bd459057cc00967b233cd2487caa06dff775768e1539cb1a4fe82e44e7bc8a6e01a31b597209b4fdbf91df691f8d1a7747af9f50ef65ca96e7ad5fabafbcf4701d53ef0154be99ad5ee1c295682da1363f5b4d3e933e52cef4ed05a19acdc69b82ef53b2ccb60f68ea6d2ace0661def4f048737b6f419fd5f2093c18d6e3c85a84cbf69d8e36e265f0da39cfc62d9932e992d10e2741bf9cc6a86bbd7e29cb8aa105db45be12b4a4ef2e596184da9d9e03855ce3d4eb3ce5fcc0ba2ae847498c217262e5f86742fae08b2431c64c5937e2a64e8f675355e2915e7b474cec781f7e742856e1ca47d9ae6c7dd5aa49040199149802a9db7aff3a3c47ffa218bf442c44a2d4f0591dd77f6b3885aca608caa9de3942cfa03fd374ab6f1a069d673c418e8e373d40e27e71f1eef6660dae08b4aa17cf90c84b90e66afb0ccf4516c7076b2c6c9e6e12f2cfde2e5a653e4ba468ec7b81b97006e6df5779f12010d74dc0d8a5645307e135063115909e3f738bb3078b9c386ee26392080af00e77066af7e12c38d0c580944c41d0bd97d5be86b83f807035eef39f700f9d5cfb2c37b77bf93c44c04d049ef8345b2ec1f0bb93b63c22a42411875ff60867e086ff3e0b0f37fd7a06c6d1953d9c6e9eefab106da8e68cba3674b9a7f260e4da18fb17bd403667e198649b87bb83c348bc33f0a427204667d2b474126a3879a0dd97cc6843ebe2f24c1e6ad4c49991a42bcedb38e6bd74c9bc0dac3c15c2fa0320e60ffe7acd5f7018d9cc1f8500ec9bebc65eb66492af661a581288361a8304246627c6da24872e3e32fe29d10fd9c1bf9480de8be279e4734dcec648f3c11a80b0eff8f9f94437924feb2a23b19ff6ab26f0dec33766caae2e12211d24760d4d18ad753ede510da5ed5c91f561712a8d18ee4e0a97320bae9b5c68419bfd706a9c55cbda9740d53ecf8c427142a5058a9c526702c937df83230c097bfde5f5fc889c4e8309eeff6a338a61cd10c67e5"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000051840)={0x2d28000000000000, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {0x0, r15}, {r17}, {0x0, r18}], 0x1f, "cc3ae69a54572a"}) splice(r1, 0x0, r3, 0x0, 0x4ffe6, 0x0) ioctl$GIO_UNIMAP(r1, 0x4b66, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{}, {}]}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 702.125309][T14994] hub 9-0:1.0: USB hub found [ 702.130258][T14994] hub 9-0:1.0: 8 ports detected [ 702.178111][ T8] Bluetooth: hci11: Frame reassembly failed (-84) [ 702.184143][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout [ 702.185246][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:00:57 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80086601, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 702.331536][ T8] Bluetooth: hci8: Frame reassembly failed (-84) 08:00:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5428, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 702.574230][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 702.574305][ T7] Bluetooth: hci10: command 0xfc11 tx timeout [ 703.054198][ T31] Bluetooth: hci7: command 0x1003 tx timeout [ 703.060721][T10155] Bluetooth: hci7: sending frame failed (-49) [ 703.134106][ T8518] Bluetooth: hci9: command 0x1003 tx timeout [ 703.141082][T10155] Bluetooth: hci9: sending frame failed (-49) [ 703.854121][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 703.857423][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:00:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x542f, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 703.961537][T15023] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 703.989894][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 704.174140][ T8458] Bluetooth: hci11: command 0xfc11 tx timeout [ 704.175214][ T150] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 704.221290][T15032] hub 9-0:1.0: USB hub found [ 704.229122][T15032] hub 9-0:1.0: 8 ports detected 08:00:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x14) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r4, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x17) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TCSBRK(r0, 0x5409, 0x6) splice(r3, &(0x7f00000000c0)=0xfffffffffffffffd, r0, &(0x7f0000000100)=0x20, 0x2, 0x8) r5 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r5, 0xc02c5341, &(0x7f0000000180)) [ 704.334191][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 704.334246][ T8458] Bluetooth: hci8: command 0xfc11 tx timeout [ 704.743950][ T20] Bluetooth: hci10: command 0xfc11 tx timeout [ 704.744081][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:01:00 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x801c581f, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 704.942511][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) 08:01:00 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000080)=""/84, 0x54}, {&(0x7f0000000180)=""/81, 0x51}], 0x2, 0x5, 0x2d2a) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 705.134100][ T31] Bluetooth: hci7: command 0x1001 tx timeout [ 705.140913][T10271] Bluetooth: hci7: sending frame failed (-49) [ 705.214017][ T31] Bluetooth: hci9: command 0x1001 tx timeout [ 705.231651][ T150] Bluetooth: hci9: sending frame failed (-49) [ 705.298757][ T1102] Bluetooth: hci11: Frame reassembly failed (-84) [ 706.013832][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 706.013989][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 706.537580][T15071] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 706.568469][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 706.973912][ T8458] Bluetooth: hci8: command 0xfc11 tx timeout [ 706.980108][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 707.213954][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 707.214078][ T20] Bluetooth: hci10: command 0xfc11 tx timeout [ 707.227953][ T8518] Bluetooth: hci7: command 0x1009 tx timeout 08:01:02 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 707.293738][ T8600] Bluetooth: hci9: command 0x1009 tx timeout [ 707.345255][ T6576] Bluetooth: hci8: sending frame failed (-49) [ 707.373938][ T8518] Bluetooth: hci11: command 0xfc11 tx timeout [ 707.374099][ T150] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:01:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5437, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 707.540965][ T7795] Bluetooth: hci11: Frame reassembly failed (-84) [ 708.573805][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 708.574064][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:01:04 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5437, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 708.664964][T15104] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 708.688646][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 709.373637][ T31] Bluetooth: hci8: command 0xfc11 tx timeout [ 709.373727][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 709.613772][ T8518] Bluetooth: hci11: command 0xfc11 tx timeout [ 709.613797][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 709.627696][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 709.637454][ T31] Bluetooth: hci10: command 0xfc11 tx timeout [ 710.160770][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 710.733678][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 710.733809][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout 08:01:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5450, &(0x7f0000000080)) [ 711.153163][T15135] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 711.188809][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 711.277973][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) 08:01:07 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5450, &(0x7f0000000080)) 08:01:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x612100, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0) r2 = open_tree(r0, &(0x7f00000000c0)='./file0\x00', 0x80000) close_range(r1, r2, 0x0) 08:01:07 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 711.780912][T15149] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:01:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x840, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x1) io_setup(0x7, &(0x7f00000000c0)=0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r3, 0x0, r4, 0x0, 0x4ffe6, 0x0) r5 = syz_open_dev$dri(&(0x7f0000000280), 0x7ff, 0x6040) r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000380)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0xff01, r1, &(0x7f0000000180)="f2bfdd01a79f546dcfb2ba76da2f5e248345fdccd9addf08cdf70f05b067663e99db91346d837279649ea1429a8b77db9e783e21b8aa581caf3e92c3c2a29fff1e7e6ce5aa989b4c4bd28216a93623aa8562c645a4b368b2d2997b9f218519a790cd4134975f7e736b9a2d365072d31eed0b4271825bdbb70635eb5302e72188d24d0e329afb6675266275f28c9dda09493d78561dc23d3fb113ae65780b45ec36ee9c8343f5c99c4886bb010ddac8f7374d84fee120081f7bd17526cde8d739d6783f94c9aa116590ba77a26988c64ba19aaf7e91cf78", 0xd7, 0x8, 0x0, 0x1, r3}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x8, 0x1ff, r5, &(0x7f00000002c0)="c7b9ba3b564158ece53e1c912759b879c295d1712d4a09fe4ea09a9d9a7643fc10c9b7cc7f66935286244335f3950ef4a6f04800e88a8719ef844f6b4b48", 0x3e, 0x6, 0x0, 0x1, r6}]) [ 711.829854][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 711.863624][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) 08:01:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x2f80, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xb) ioctl$KDADDIO(r0, 0x4b34, 0x6f18) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x284401, 0x0) ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000080)={0x8, 0x10, 0x2cb2, 0x40, 0x14, "27213ae1f383bcd0"}) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 712.173345][ T5] Bluetooth: hci8: command 0xfc11 tx timeout [ 712.174336][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:01:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5441, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xb) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 712.357498][T10155] Bluetooth: hci11: sending frame failed (-49) [ 713.223802][ T20] Bluetooth: hci6: command 0x1003 tx timeout [ 713.231844][T10155] Bluetooth: hci6: sending frame failed (-49) [ 713.293372][ T7] Bluetooth: hci7: command 0xfc11 tx timeout [ 713.304257][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:01:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5441, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 713.462290][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 713.853458][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 713.853488][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 713.933258][ T5] Bluetooth: hci10: command 0x1003 tx timeout [ 713.939673][T10178] Bluetooth: hci10: sending frame failed (-49) [ 714.333194][ T5] Bluetooth: hci8: command 0xfc11 tx timeout [ 714.343455][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:01:10 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 714.413327][ T31] Bluetooth: hci11: command 0xfc11 tx timeout [ 714.413334][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:01:10 executing program 0: r0 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000080)=0x9) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x11) ioctl$KDADDIO(r1, 0x400455c8, 0x9) [ 714.476230][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) 08:01:10 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/137, 0x89}, {&(0x7f0000000180)=""/246, 0xf6}, {&(0x7f0000000280)=""/88, 0x58}, {&(0x7f0000000300)=""/75, 0x4b}], 0x4, 0xbd30, 0x7) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 714.758866][T15223] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 714.782814][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 714.888458][ T10] Bluetooth: hci11: Frame reassembly failed (-84) [ 715.303345][ T20] Bluetooth: hci6: command 0x1001 tx timeout [ 715.309930][T10155] Bluetooth: hci6: sending frame failed (-49) [ 715.533239][ T31] Bluetooth: hci7: command 0xfc11 tx timeout [ 715.539185][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 716.023139][ T20] Bluetooth: hci10: command 0x1001 tx timeout [ 716.030136][ T9202] Bluetooth: hci10: sending frame failed (-49) [ 716.493140][ T31] Bluetooth: hci8: command 0xfc11 tx timeout [ 716.503175][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 716.813029][ T31] Bluetooth: hci9: command 0xfc11 tx timeout [ 716.813149][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 716.893212][ T31] Bluetooth: hci11: command 0xfc11 tx timeout [ 716.899674][T10178] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 717.057921][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 717.065925][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 717.373216][ T20] Bluetooth: hci6: command 0x1009 tx timeout [ 718.093092][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 718.093103][ T20] Bluetooth: hci7: command 0xfc11 tx timeout [ 718.106909][ T8458] Bluetooth: hci10: command 0x1009 tx timeout [ 719.133084][ T5] Bluetooth: hci8: command 0xfc11 tx timeout [ 719.144653][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:01:17 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5451, &(0x7f0000000080)) [ 721.391438][T15268] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:01:17 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5450, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:17 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000015c0), 0x420100, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000001600)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x12003, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={&(0x7f00000000c0)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000001480)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/169, 0xa9}, {&(0x7f0000001240)=""/41, 0x29}, {&(0x7f0000001280)=""/161, 0xa1}, {&(0x7f0000001340)=""/218, 0xda}, {&(0x7f0000001440)=""/33, 0x21}], 0x6, &(0x7f0000001500)=""/73, 0x49}, 0x40010010) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000001640)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) syz_open_pts(r4, 0x80) ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x819}}, './file0\x00'}) ioctl$KDADDIO(r1, 0x400455c8, 0x9) 08:01:17 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5450, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:17 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5451, &(0x7f0000000080)) 08:01:17 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0189436, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 722.075468][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 722.076913][T15286] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 722.098910][ T10] Bluetooth: hci9: Frame reassembly failed (-84) 08:01:18 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x4002, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x9) [ 722.904563][T10155] Bluetooth: hci11: sending frame failed (-49) [ 723.452571][ T8600] Bluetooth: hci6: command 0x1003 tx timeout [ 723.459874][T10155] Bluetooth: hci6: sending frame failed (-49) [ 724.092629][ T8600] Bluetooth: hci8: command 0xfc11 tx timeout [ 724.092655][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 724.098808][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 724.172491][ T8600] Bluetooth: hci10: command 0x1003 tx timeout [ 724.172861][ T8458] Bluetooth: hci9: command 0xfc11 tx timeout [ 724.178752][T10178] Bluetooth: hci10: sending frame failed (-49) [ 724.184720][ T9202] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 724.632932][ T10] Bluetooth: hci7: Frame reassembly failed (-84) [ 724.715946][T15326] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 724.747371][ T10] Bluetooth: hci9: Frame reassembly failed (-84) [ 724.972511][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 724.981622][ T31] Bluetooth: hci11: command tx timeout 08:01:20 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0x1, 0x140, 0x5, 0xfffa, 0x1a, "19259991607cf102"}) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 725.532431][ T8600] Bluetooth: hci6: command 0x1001 tx timeout [ 725.539581][T10155] Bluetooth: hci6: sending frame failed (-49) [ 726.252312][ T20] Bluetooth: hci10: command 0x1001 tx timeout [ 726.259153][T10155] Bluetooth: hci10: sending frame failed (-49) 08:01:22 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5451, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 726.652363][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 726.663143][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:01:22 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc020660b, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 726.737941][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 726.807487][T10155] Bluetooth: hci8: sending frame failed (-49) [ 726.814160][ T8458] Bluetooth: hci9: command 0xfc11 tx timeout [ 726.820293][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:01:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5451, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 726.935672][T15358] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 726.948926][T10155] Bluetooth: hci9: sending frame failed (-49) [ 727.132417][ T8458] Bluetooth: hci11: command 0xfc11 tx timeout [ 727.132772][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:01:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x42000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x19) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 727.612265][ T7] Bluetooth: hci6: command 0x1009 tx timeout [ 728.332255][ T8458] Bluetooth: hci10: command 0x1009 tx timeout [ 728.812735][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 728.822220][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 728.822565][ T8458] Bluetooth: hci7: command tx timeout [ 728.972142][ T7] Bluetooth: hci9: command 0xfc11 tx timeout [ 728.974229][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 729.292244][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 729.354262][T15391] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 729.388578][ T8] Bluetooth: hci9: Frame reassembly failed (-84) [ 729.399173][ T10] Bluetooth: hci8: Frame reassembly failed (-84) [ 729.404716][ T8] Bluetooth: hci9: Frame reassembly failed (-84) [ 731.371948][ T31] Bluetooth: hci7: command 0xfc11 tx timeout [ 731.372099][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 731.452282][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 731.457951][ T8569] Bluetooth: hci8: command 0xfc11 tx timeout [ 731.461446][ T8458] Bluetooth: hci9: command 0xfc11 tx timeout [ 731.466110][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 731.535136][T10178] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 731.541955][ T8458] Bluetooth: hci11: command 0xfc11 tx timeout 08:01:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5452, &(0x7f0000000080)) 08:01:27 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) fsetxattr$trusted_overlay_nlink(r1, &(0x7f0000000000), &(0x7f0000000080)={'L-', 0x101}, 0x16, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:01:27 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:27 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5452, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 731.693888][T15420] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 731.730007][ T6576] Bluetooth: hci8: sending frame failed (-49) [ 731.737571][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 731.766086][T15429] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 731.798318][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) 08:01:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5452, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:27 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5452, &(0x7f0000000080)) [ 733.771867][ T31] Bluetooth: hci8: command 0xfc11 tx timeout [ 733.771987][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 733.777998][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 733.785652][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 733.861852][ T8458] Bluetooth: hci9: command 0x1003 tx timeout [ 733.868115][T10178] Bluetooth: hci9: sending frame failed (-49) 08:01:29 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000000)={0x2, 0x1, 0xfffffff8, 0x5, 0x1}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000000180)={0x0, 0x0, "e9884cdbdfbac38dc4f7b416a0bb6eab30095924e7290cf72fe863280550e55c96163ea6e154791d93af44a01428da0aa8992613faad4545913cd6faac730980a0d54d3f9c5154bcc8628cfff8b9659050a62532b524194f14f718be6c0f252acf3985508cfaf79f70e6620c847d787e1f2c9ca8d717b0c640faef6c7cfadf1ed3772d1ffd19f7f13196fe71660771df587cd11c62ef087be4f43ee891021dc8033dd1246793c6bcc5ff065e0cf4ff2060bb56dc9a1823adf9e4ccfa28c8806de810e32ebfbf88560922ee9d486c2dcb03d96fc8ac72f8fcfba82dd5d31ed37a185258442203611bffa833986fbda0b928d8148c49345665e76b95de0f194313", "8a16a12c7e585bca154836098e2179389e804c2774c2db3bf71c89758bd32a921e39969b6154bfaa4b852d7bc0fc63592b8724dbafecf15e7dc6a77ff277298e834411c6510b8253f4db0a677efd91c551d4c0409010bee0969402affded5298a803979f97410b29363e23d9308291c4bf005c3016bace8415108846722e0d2110a4d2f1148f673eb7a3eb73ff849a248fbdbc5cedccc68cc1d86068963893288fbeda90b3f097620dd3dcd764fe8788213889316146a551ad8f51bfde5709ab4364837d02d41f3bb774b019223082da002ff73568c487fe1373ad60541677292e15e2cac42961f3fe3debd8da9e301b91b1324169f7aead59748049a19e5e3de419ae9a05d72de7ee1ca877855ff833050a4ec034bd59a3703faf212e962d6d83d4c63ba9b8e252e3f64d3ed4463cdab863c2258ab25b7f782517f7b937ce8871713e27301a24558aed89320631e1f23fe412ed1e77f49e5f6c004351064a6da40b984e0587c4d5815103ade00646767fd1108fcf80a5342f87237f7046c038a5137979c3c6ff6e983eeb93ee0c54201bbee91883506561ea2bac6b13d4d1dac1e11278255059c6847b3ef1b83c5ec5ddb4d82aa5ab0855cf1df807a79d83d7141b3028a248a9b1d62b07d0df0bf4b2825a144abdfcc38cb7b153ceec9a5da1d71926e866ffc3f9651ae48cb9d1e7948b1e1d5eaeb8674a85015ab3db186f54832577ef0669fe0db94d74a0a95cf53bd7fc3c5b94e9a3280fb69c165f964327f2c592a4c957abf6ebdc6c7b250705f51af5ccc23651e5b82601cac757279f80fcbbc5de2533e5f4ef36c6d01f924c5ad1a6c7a30f9baf0365a3319c23c6ae6b09e01191457a410ae696768f65ca3fe8edf0320c11e1c2bbf10ac78e810a9965af166c72e48e2bf1ba5c03e47cd3a0ebc0caef2866b5247c353fbddd0b189bd7642c843b2306a45a3cf4922b69a49923af8121a289e431ef5a862a3bde0bd406c875536f6cb1d53f94f3f72889386243d7704c47e370ccbec25e717afeec2c0456544c29d9253b7b2fa324525387bfed5f937614b52d8b85d2c6827bc54cf9775366afd14e461b751d62d9beb162a0908d0c56d936acbaac9d0b0d52f8b307399f5b793f2fb4255a9cc0d0bf46e2704356e9fafb695155bf6a993dc1929d30340bfdc091ec9845e4f611d9a565874330322ffc2ed6d4e03f686f7f686f7ecf30737f41cc7b3c829d1f0e1bb6fc1bf9b47558a1464f9e1db14996b7a4259238c2bcb32bdcc5f433a6b23e499cd5bee451c8713bf7243f0da316d154bc1b4a5b115dfef21f438a0baf6abe72c30fec0bdabc7719a3b218a404c63c38e432b3123d2e47cf262a4db9b2415d340a42258154d8d90523ef11e504c7b873676f4a71085751ea0f0ee2df65fcadf25f87520d47c2406ccf793f8625a6dc0e3827246280ce710c9b650ef3100011b73bb72311d62b2b91547c579beb931569805c3539b4acbe35f821df5d91d7a5dcec5eec668a93b3a5363cf340dc0cf08ebc59a483485c7dd261fa2d4abad94f26f6927931bc53295b6f4a53e2cbe550c4b5bdd5dbc656a91e0398d4e29a8ddd1029c464b9a72cb0dbd5b61f659254bc247b4d3f42eb7908fd6a9dfa95098eb612ddab2b8852b88975622eabad5aa87c06a0c3743fe10d8d50612a0a34fcd9dda1744e67a42db824a202bbf38d70539c5b9689be5714bacd095e1df4238b9a3dcc9dae719bff2e6154e107ed09abbd09ebb615db8a306a454be9b11b029f60ca9cef3b103631d2467950c5335f14a4b98bfd77222a7274477b90d61e99c31a390877dcc1471101f014957f96fe4d972b4c96468c2ada4c7f9bfd05519730de8b3ef3b9bf791124f8051869ee9d1ff04820dbd98af1bcdee0dc7f5c776e707f3142e2441891e3dbd391888f85b21d815ccaec438cf1852302faaab565c9002dbe0f76175d6569d3ac8354af52807fa59a3009dccc9d5802a6ef0b8adb7a0253247b6b5dbd8399d5740367bcf3b9ffa2cc77a47adc60944f781a62fa738fa36b82216b2706a5711109bc26350a4a9c6c594510f21e9818adf9f01d3f3e91ad7f6e5357b18273cd6d5c1358fd3ba56c2252e1f12fe63458b2593e1ad53b93bbe906a5c174fa2d53a2a63c6f29bfbf1970b587b83a9621932fc566bddbd0e2c9d3177c9ae982fde7ea8eeb2ea97a226000521d3a2beeff7659d1163ee3384840abcc358fbbc7e102b451a28b0eeb555ee952f2ae3d2ac7d0620f0714fb48539acde2a8a72de6d2b4fd4bb056bee29d154c8e696a06a6996054e86ef7978296b32e3897820f55631db1b457760251515c16963f6cac5111112708a5a5340de4572482878ef64256310ca8dc2cfecab886f2e2e1d510e105df16a8d6fd9406ae934fc8c30a1eac98b3bdabe764b5dc3f75f43037de4103cdfb1b2f0d54fa17a4d77a7d820a75abc5c4c888cfa63ca4d1e569a4eaa097f46decd66ac7b15392443423342f8d1db839ece128bb6cc582953c38f0a66935b3db3ae1f208667a5dbc98f61129d520dfc3dab7d1c721b0694135662ead06594197b8b4f3ed0922cc05bd9dccefccacc6ee2dd8adb21e2bede4054997824a6b45f84b47ff3a54a6108ab62985422dbe745c9a16dc5fcd475a5cf85459df20ca585946fc78dc867458a6b84f5406462b4eb79b50697eee8d95d02dde7acede0e3a2faf9c4cb15cc8998130e75489f92b2563360a2d210e93d22dd4a0445d6018e7ff3512e92839a36d3a38b835c425eea2c4e1b2a830658347232ff019b406960f31bcb6b8559dca7fdc6c3403a74f3ba66ca0a89e84bda77a974a72aa865ed71304c86ab8935981b6a6240ae50f475e1a8e4361dad283a40d92e7009bd8a9697d4c8965fb8ab5e0542601be595cce6fdb25ec449d183d71c4fa29f13c221cf3b8f770d4a8ee065f4116c1a4b9865f88cc0f0514c84bea44c839280f7ebe1fb3e01fa08616c78859bfa9ce0cee58f64499999bf2836f6413652afb6bb03e7cc4e0088b5f7d993b9e29243010d0f3c8a3c83f43d5e7a7860197b8a70b6d8f32352ac4116d67a76227d5d57cf9130a8aa6ef3de3003fd7c0471df86a82da03c724f2f6c54512411c57e76cfbb648ec8b47ea9cfc81c23fe71b418387c6219fcacb870219c9219fc8e81afa5168879bc45bfa2ce2700d2f57ee1bdbf303737053a04db894a84e44b9cb8bd2bbccf9387ca12e44117047e492243a3c9806ebba1f2963faa5eb37d7668a52a0e1afc3a5f75602310a344d6040921fc91a31f6389dd13dd6401c52f21255159c74a6744798c7b97dc0f9a44e2aab312780658e5a1d54f6b9e570db7a9e7c89fc5d5c3e0cdbd7eccc00c942828d0beffbe1beb2578daa20d37a8dfaeae9c1d0fe200d95865e5c87bbc05c279e4aa4df5f8a5ebed74d0a3b80f437c2f0c95207545674fb3a3bf823579dbf2085d34f0bdb1f137b5e75d09f3b84e33b937dd1d2d421f0c408c23b808c0da2a5df8876b4e0c0549668b7e3a03198755e49b43fc2f9d3dbcd67ca1983235382480f2d5eb947d8cc3766aaff8ba9c92e226af7f16f4bc3488c6d9b790484c3c1c95cd88bf8607200295a5064a06457fa988088005f72f5ceca11a9c2ed45ad4e1c9d5badae8290fb64ca3c0687bee7c28aea2abf6f8bfe1ed84574443edd7fdfa1109a8dec600e1e2dd21eabcc81e8788dfed0e15255316575d6b838e2391abf425e1eab0e70fdf835e87559247632fb54f862e131f0b93b1a81c769cf0c1817a6385baebcf9f05d2fb1791653f88f684b2efe8cbba10344e41d5f19194094bd82ac35918c2f63d5321aed1b18c4deb387a8df92f9d9e70d6b72a20e693a2e08529fa7e3fbcd40d22e41cca3430bec8a3ce17db29ae4f091485e0c7f23e4077f1ce44a4cf86904406bff9df5dd9590ba2aaa3603343541ecd7c10c9a3c6faa0806e3b215e9dace9e4b54918e6fc9cad503e5b3bff7f416baecb4a13b009de5193a7f9cc984e639166d95dd30c4060fcfeee48575a700ea1897292536336a2ff5f1e1d8459b628e718e2ce6c2fdd286cd235adb255fa82d0856a9744cf0ddf1305c20220a1deb5b1d2095ff1b3287255297a9e9714cef20c19e2c3e788b2eaa7f5b948a81ab4b21af73b853044010296a0ab98e714a31a064a4c779339313f133b775da2fb33b06919e027156d2feb070372128bf8ee98ba2e10ef2dae8188d203614b3ce8dda979a65f91dc2e2e3c728f33c6178e11cdad5588d9d545e0368142986855d112542ae68956947ff181cc970e63751a14eddff7aa6f8c04c7b54b03ffdfa42de5348bd4a4c91acd6c152e59c84b584e90bcb92a60e90111b7c6c70b48b5c68a0b848ac23a498416d98124463efbf5fc357c2067e38ae6053178957de1b433fbd80cd217f4128b0e0fd99525fe8d248915eaa1bde29a6ea46c0944f2afbe5d486d1a95662a70e14b047d78ab0e520827c13b9262fc957ec60e0d642eff35697f3dcea858bda33c63673f034698654f90da969faf5e8fc92e2bfefca7ba4467bd1584fcd37c27345b47b8c7e3288572c85e5a17b68563a5490edbef3ce56cc37308ce1c18a566816501a14e11899f6e4be4716b21b2d62edcffafb6e614eea1e71d2790a87d2a4f14ded6cb342281241fe146926ccc8ae828794d59e75a677c3800523101a68c210842a2fdb581e8ff31bc661b32fed5bfae604caa4854467b0522addfad473b1d31c0707a851323ef74c914a900b2f24bb2674182f29ad3bb7c9c8982d061b2d8cf5e3d1b301151e7774fe6ca4e28cdc641f8a069f3611febc235ffdf66f70b816b411959835debbddc89c8c960b03e20fb29661110a4dafa568b62927bb0cfa1bf36fafc4267568fe97ddf581aeb01167306668e21642cbef5b9c1bf727dbaaf965688c122456caa624ff61a677ab0f6322a6ace99e54927517e102c21167726ddcb53f569cb7c71926504d7fedc8cef344fa997076a21ba22fe0f7896a6f31a2fdf9650527f0c0344f11361ed2000537053e2123291d58c67d04a607293e1e808138040dc09e6506ac0ca7041f0d42aa29124b65ef0ced1dcdb260c6ad4daf3dddae2dbde1e7bc49cd2d00358772c80fd7841b302fd78f4f1c8e3fb225747623d3423d891560ffdc05a7c813d4ffdc7a074a9411b1fc57fdcbbcbbb6f17338b226726fa223eb96e8c7eef2a304ff81d39220814a2492465b951149b03aa4454fa8c5dbc400c9ad73fd2bbda85f6a6d4e337dc78edf6ab4267e64fe74c3d761f164cab9c8cae98a5c4e06b7fa21cec5f0baf9b7b60d092b5078cd56c44d85c0c0aafa305ccebfd60f88d107318b6853d34db2f72f49f34fbbf611d6d85a218e0566352f03f6ca9c284c99dbec7166011361edc3"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001180)={{r1, 0x1, 0x7, 0xe094, 0x0, 0xf033, 0x5, 0xfffff265, 0x7b, 0x81, 0x9, 0x4, 0x2, 0xfffffffffffffffd, 0x2}}) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 733.960479][T15465] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:01:30 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 734.342737][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 734.411903][ T7] Bluetooth: hci10: command 0xfc11 tx timeout [ 734.412078][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 734.427624][ T31] Bluetooth: hci11: command 0x1003 tx timeout [ 734.439493][ T150] Bluetooth: hci11: sending frame failed (-49) [ 734.972808][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 735.941641][ T31] Bluetooth: hci9: command 0x1001 tx timeout [ 735.952679][T10155] Bluetooth: hci9: sending frame failed (-49) [ 736.011666][ T7] Bluetooth: hci6: command 0xfc11 tx timeout [ 736.013839][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:01:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x48c000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0x1f, 0x9, 0x20, 0x101, 0x10, "eb08e1009f3c817b6a69efd9c9a5adbb4bfc27"}) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 08:01:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xb) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x16) 08:01:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r1, 0x0) preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xa) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="4a000000000000002e3066696c653000de1ebd0ddbc18bbfdd77a8cc12385d108e8263832b653e5e1ce9fc4ce21b92246c15f2d3b1285937e092bc084e57a1c80e663bd826083be42c92fbe74ed05fff87a06d0da72a74280b0bdacb0ed7abdf136ec6879b06acb376e601e6c790dbe272b44e12dddada639f4f72e8afcf4e22ffffb6e848f8dc0043f16cd1edd344a7e94a8d60768ae32ab4028eb60236f74dac8fd2538855cf289a0e44a35e"]) syz_open_pts(r2, 0xc00) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:01:32 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TCXONC(r0, 0x540a, 0x2) [ 736.411601][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 736.417785][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 736.428847][T15511] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 736.471511][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 736.491639][ T7] Bluetooth: hci8: command 0xfc11 tx timeout [ 736.501953][ T31] Bluetooth: hci11: command 0x1001 tx timeout [ 736.502038][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 736.508124][T10178] Bluetooth: hci11: sending frame failed (-49) [ 736.971688][ T8600] Bluetooth: hci10: command 0xfc11 tx timeout [ 736.971849][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 738.011479][ T8600] Bluetooth: hci9: command 0x1009 tx timeout [ 738.491665][ T8600] Bluetooth: hci6: command 0xfc11 tx timeout [ 738.501543][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 738.533535][T15533] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 738.571662][ T31] Bluetooth: hci11: command 0x1009 tx timeout [ 740.571410][ T31] Bluetooth: hci6: command 0xfc11 tx timeout [ 740.581487][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:01:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x545d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:38 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x545d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:38 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x545d, &(0x7f0000000080)) 08:01:38 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_tracing={0x1a, 0x9, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x3}, [@exit, @map={0x18, 0x2, 0x1, 0x0, r0}, @generic={0x20, 0x4, 0x2, 0x4, 0x1}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x9f, &(0x7f0000000180)=""/159, 0x41100, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0xb, 0x5, 0x5}, 0x10, 0x1c338}, 0x78) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r1, 0x942e, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r2, 0x0, r3, 0x0, 0x4ffe6, 0x0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) 08:01:38 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x545d, &(0x7f0000000080)) [ 742.562351][T15554] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 742.603835][T15557] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 742.613762][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 742.634538][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 742.641167][ T10] Bluetooth: hci8: Frame reassembly failed (-84) 08:01:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5460, &(0x7f0000000080)) [ 742.810052][ T7795] Bluetooth: hci11: Frame reassembly failed (-84) [ 744.651229][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 744.651336][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 744.653278][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 744.660436][ T5] Bluetooth: hci8: command tx timeout [ 744.731138][ T5] Bluetooth: hci10: command 0x1003 tx timeout [ 744.737451][ T9202] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 744.741032][T13435] Bluetooth: hci9: command 0xfc11 tx timeout [ 744.747535][ T9202] Bluetooth: hci10: sending frame failed (-49) 08:01:40 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) dup(r0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) dup3(r1, r0, 0x0) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9) [ 744.811314][T13435] Bluetooth: hci11: command 0x1003 tx timeout [ 744.824538][ T9202] Bluetooth: hci11: sending frame failed (-49) 08:01:40 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x505601, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000000)={0x5, 0x68b7, 0x9}) 08:01:40 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/protocols\x00') ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 745.047480][T15611] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:01:40 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5460, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5460, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:40 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 745.343679][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 745.382801][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 745.398655][T15630] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 745.415225][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 746.810886][ T7] Bluetooth: hci10: command 0x1001 tx timeout [ 746.818707][T10155] Bluetooth: hci10: sending frame failed (-49) [ 746.893107][ T7] Bluetooth: hci11: command 0x1001 tx timeout [ 746.894354][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 746.906732][T10155] Bluetooth: hci11: sending frame failed (-49) [ 746.912309][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.130872][T15599] Bluetooth: hci6: command 0xfc11 tx timeout [ 747.131095][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:01:42 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x104802, 0x10, 0x2}, 0x18) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000100)={"c02f6079b6f6852448522b32f97901c5", 0x0, 0x0, {0x81, 0x7}, {0x4, 0x1}, 0x5, [0x40, 0x7fff, 0x5, 0x1f, 0x6, 0x6, 0x1000, 0x2040000000000000, 0x200, 0x9, 0x800, 0x3, 0x7, 0x4, 0x8, 0x8]}) ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000280)={0x0, 0xe6, 0x0, [0x7c30003c, 0xffff, 0x3, 0x2, 0x5c4e], [0xc2, 0xd17f0ca, 0x2, 0xf34, 0x9, 0x4, 0x6, 0x7fff, 0x8001, 0x3, 0x7fff, 0xfffffffffffffffb, 0x0, 0x8, 0x80, 0x3, 0x7a3ea32, 0x3, 0x482a3fa7, 0x4, 0x1, 0x7, 0x10001, 0x8, 0x1, 0x5, 0x8, 0xfff, 0xffffffffffff8000, 0x2339, 0x10001, 0x1, 0x4, 0x100000000, 0x4, 0x10000, 0x7, 0x5d7c, 0x8, 0x10000, 0x200, 0x0, 0x1ff, 0x5, 0x8, 0x4, 0x74, 0xc4f, 0x5, 0x1, 0x98ab, 0x3, 0x9, 0x800, 0x10000, 0x0, 0x6c4e, 0x4, 0x3f, 0x7, 0x300000000000000, 0x1, 0x100, 0x18, 0x9d, 0xdb9, 0x2, 0x4, 0xffffffffffffff01, 0x6, 0x7ff, 0x37a, 0x3ff, 0xffff, 0x1, 0x6, 0x0, 0x6, 0x7ff, 0x0, 0x50ba, 0xfffffffffffffff8, 0x8000000000, 0x1, 0x5be9, 0x3, 0x0, 0xff, 0x8, 0x9ca000, 0xa52, 0x8, 0x3, 0x1, 0x8, 0x0, 0x100000001, 0x0, 0x7, 0x7, 0x2f, 0x7, 0x1, 0x100000000, 0xadc, 0x80000001, 0x3, 0x7, 0x100000001, 0x8000, 0x8000, 0x1, 0x2, 0xff, 0x7, 0x1, 0x7, 0x9, 0x1, 0xb3c, 0x3]}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f00000006c0)={{r1}, r2, 0x14, @inherit={0x50, &(0x7f0000000200)={0x1, 0x1, 0x10001, 0x3, {0x27, 0x20, 0x8, 0x8}, [0x1ff]}}, @devid=r3}) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 747.248165][T15647] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 747.371100][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 747.371126][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 747.451127][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 747.460085][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 747.460971][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 747.999905][ T6576] Bluetooth: hci8: sending frame failed (-49) [ 748.011957][T15670] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 748.047376][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 748.890713][T15599] Bluetooth: hci10: command 0x1009 tx timeout [ 748.975939][T13435] Bluetooth: hci11: command 0x1009 tx timeout [ 749.290841][T15599] Bluetooth: hci6: command 0xfc11 tx timeout [ 749.290973][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 749.330260][T15679] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:01:45 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x6364, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 749.930707][T15599] Bluetooth: hci7: command 0xfc11 tx timeout [ 749.930890][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 750.021000][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 750.027200][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:01:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5501, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 750.090871][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 750.100940][T15599] Bluetooth: hci9: command tx timeout 08:01:45 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x5) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 750.217682][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 750.228583][T15702] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 751.370545][T15599] Bluetooth: hci6: command 0xfc11 tx timeout [ 751.370771][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 752.090737][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 752.250634][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 752.259630][T15599] Bluetooth: hci8: command tx timeout [ 752.340665][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 752.615007][T15726] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 752.644407][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 752.790783][ T158] Bluetooth: hci7: Frame reassembly failed (-84) 08:01:49 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5460, &(0x7f0000000080)) 08:01:49 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5501, &(0x7f0000000080)) 08:01:49 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r1, 0x0, r3, 0x0, 0x4ffe6, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x8) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$BTRFS_IOC_QGROUP_CREATE(r2, 0x4010942a, &(0x7f00000000c0)={0x1, 0xffff}) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) timerfd_settime(r1, 0x1, &(0x7f00000001c0)={{r4, r5+10000000}, {0x77359400}}, &(0x7f0000000200)) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000100)={0x6, 0x1000, 0x10000, 0x401, 0x19, "b5eac10c78ec5b47a27d643e681578148ceea8"}) 08:01:49 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 753.442072][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 753.450492][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 753.499373][T15754] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:01:49 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0xc0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=0x1, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x5, 0x3}, 0x0, 0x0, &(0x7f00000000c0)={0x5, 0x12, 0x1, 0x8}, &(0x7f0000000100)=0x435c1b41, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=0x100}}, 0x10) [ 754.650459][T15599] Bluetooth: hci6: command 0xfc11 tx timeout [ 754.659667][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:01:50 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8903, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 754.767096][T15778] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 754.798999][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 754.810578][T15599] Bluetooth: hci7: command 0xfc11 tx timeout [ 754.817133][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:01:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5509, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 754.997033][ T8] Bluetooth: hci7: Frame reassembly failed (-84) [ 755.450411][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 755.450682][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 755.610431][T15599] Bluetooth: hci9: command 0x1003 tx timeout [ 755.616678][T15599] Bluetooth: hci10: command 0x1003 tx timeout [ 755.617416][ T150] Bluetooth: hci9: sending frame failed (-49) [ 755.630017][T10155] Bluetooth: hci10: sending frame failed (-49) [ 755.690290][T10023] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:01:51 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 756.810213][ T7] Bluetooth: hci6: command 0xfc11 tx timeout [ 756.810277][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 757.050127][ T8518] Bluetooth: hci7: command 0xfc11 tx timeout [ 757.061126][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 757.334465][T15818] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 757.349155][ T10] Bluetooth: hci6: Frame reassembly failed (-84) [ 757.690234][ T8518] Bluetooth: hci10: command 0x1001 tx timeout [ 757.696494][ T150] Bluetooth: hci10: sending frame failed (-49) [ 757.700247][T15599] Bluetooth: hci9: command 0x1001 tx timeout [ 757.709903][ T150] Bluetooth: hci9: sending frame failed (-49) [ 757.770360][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout [ 757.773596][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:01:53 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 758.090305][T10155] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 758.090357][T13435] Bluetooth: hci11: command 0xfc11 tx timeout 08:01:54 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:55 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8913, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 759.370167][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 759.379138][ T1053] Bluetooth: hci6: command tx timeout [ 759.471026][T15851] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 759.496717][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 759.610214][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 759.610330][ T8518] Bluetooth: hci7: command 0xfc11 tx timeout 08:01:55 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x550c, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 759.770026][ T8518] Bluetooth: hci9: command 0x1009 tx timeout [ 759.776269][ T8518] Bluetooth: hci10: command 0x1009 tx timeout [ 759.929992][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout [ 759.940702][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 759.991480][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 760.730127][T10155] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 761.258887][ T10] Bluetooth: hci11: Frame reassembly failed (-84) [ 761.530127][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 761.779980][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 762.019865][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 762.026061][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 762.054963][T15890] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 762.089630][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 763.289860][T15599] Bluetooth: hci11: command 0xfc11 tx timeout [ 763.300788][T10155] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 764.099896][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:01:59 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x10) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:59 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xe08738c3d47da3cc, 0x40) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f0000000100)={0xb, 0x10, 0xfa00, {&(0x7f0000000180), 0xffffffffffffffff, 0xfff}}, 0x18) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x8) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018cd6e61caf3610000006b2b176ff15ff05d6571fa8ba032b614fc83c181cf8ce365869dbed92cc9b6bddf22bf5cca55b56e90d247c37b0f921349e235b3a32feb73839f1a720d0a6700c3963a8ad7a565f2717c1453d3b468b60f0e82526e4c0d568f1893aecc24d2706ba253a0dd750695affea7bffc74887b0b4c843a36", @ANYRES32=r1, @ANYRESOCT=r1, @ANYBLOB="00000000fd0f796e96110010"]) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0x4e) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x308000, 0x0) ioctl$KDADDIO(r1, 0x400455c8, 0x9) 08:01:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8914, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:01:59 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5501, &(0x7f0000000080)) 08:01:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5509, &(0x7f0000000080)) [ 764.298157][T15917] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 764.316256][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 764.329800][ T1053] Bluetooth: hci7: command 0xfc11 tx timeout [ 764.336003][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 764.370013][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 764.415218][ T8] Bluetooth: hci7: Frame reassembly failed (-84) 08:02:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5602, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:02:00 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000002740)=0x0) getresgid(&(0x7f0000002780), &(0x7f00000027c0), &(0x7f0000002800)=0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) r5 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000002840), 0x0, 0x0) r6 = getegid() setresgid(r6, 0x0, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) r8 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000002d00), 0x20100, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) r10 = syz_open_dev$radio(&(0x7f0000002d40), 0x0, 0x2) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002e00)=[{{&(0x7f0000000080)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000000)=[{&(0x7f0000000180)="4d8a3872a5887cd7b4628f98f3569d766fdac08230a3044ad805e660a6b7eda4757994cf9ff479caed279e125e07a58c8689845b860ec79f06064dc6476da50ed439ecbc88318487887e6e9085b217e19701eb972c081b5a26457b483936e50eabc3ead4070de0f45ecb7d12d66db90756215cb65fb88fa743ca56392372cd35a627490afc73531f0c279c55edced30e894470fdad952e306ba10417588b2a343fb063472f8c841e285485a5de397c7feb", 0xb1}, {&(0x7f0000000240)="153cb9d6f67264dab0ef429f12763533286dc0ecace899aa71c7c0247c71f0b3a5e4327f4217d5362ccc7b005306a36121563284efb38bac93c5de5844e5aa651840057936651e549b54ed153dcb1643e3ee2e655a7d0a5ea2d402c7ef42cae1babc9c7918c354a6ca0810ee37905783de3c5c5de7c3e29ab2d6eaae96cd80e0817f83c425a321369aa04c5211475c8835dde94dcc69d6b3b296b5088eb2818b3966861ba10b923d989a08e450f8cbdef812a4b66e927192b82bb1d56b1135e45fa83f96095b4e", 0xc7}, {&(0x7f0000000340)="f99c6cdcbe1a908b81466423ec1695edc783a337f991ce7882e6335509d20891febe810ce48a70bb9f95312e383ea12f308f27b12d779a0340edd5386308f84c868ad57b957776e1608c466115b77b8d644835c275ddf325e14868b8341ee5a81c98dc9484ac360e9515e5b380fceaff6f964ceec1a05ff2b1e7868457b24c5fc6216edbc4e109f152b69abfa27eff3623b10fbce0aa06a62071da7b7fa8d2242ef115b13944", 0xa6}], 0x3, &(0x7f0000000a40)=[@rights={{0x24, 0x1, 0x1, [r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01}}}], 0x48, 0x8091}}, {{&(0x7f0000000ac0)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000001f40)=[{&(0x7f0000000b40)="eaa2542b4d6fbb7d73ef506bed0f4f5c1ee2ef1cf42bbd9dec526c0120e3fce78239f698a2d5e26c0862c73d44406d1be65ff7bdfca746fbd07de7054b2cb0bf359088cabf9ed84e010c2765c391787748331540cf0ddfc467d962e8e8587f4c24c5eba5f39b70e2ff3ab4063557aee4305bf32a21cf06da404a8a833ec8d99840c3936c2b826bf1622f920d6460c4ffe5dba7a2ba32cf5cfd46d90d60ebfb697a7a276ad4665d6f6f4d", 0xaa}, {&(0x7f0000000c00)="675d32562e4075305d4672bf56d781c7a0049bc80a7aba23572a6a89002f48d53320aa8fd7043c2f461c8d3238fef5fe890e125e910090dc1391b8d0fd5f0b7753646bb6f98f25d6cdf0d4ea85b7cab9a0071d9a5670e521fd06ec379755c771bbf312ceb5916d1cfecf6ecfed06", 0x6e}, {&(0x7f0000000c80)="5bb9f47b214add8bc36f05dd5335c8094bff320d0116c5aa3771660b59200e3d38748e215f54a64491117d7067cd3c2dbfa9f79bbe5e6d9469b2f7ec0c71a592a602bb8690187978ffc549267900ee900c4940afaa77279531a4fb8c07a737399805ff2889164af77f12652e", 0x6c}, {&(0x7f0000000d00)="a03bbb988abf2e9df1e3b77104317eaafa74ff0852ab2aed16c742902003675fc5891cbc15ffe8993ce3679b53411c029aacc7a71a9c39457291db40109a7410dc442d058efba788e87043e81389c67e97d93ecf87f20ab53db0125fcb9e77773b9862623e7a5750b5abac5eeb360400b44143e5e86105a460d6a18a8ce90a4f45595047a79f40eb89f8ada08d375ea7", 0x90}, {&(0x7f0000000dc0)="48b196d6691c5b3f8635a2ab41cc92215774380822a7514fca685c457161f0f45f20236b58fac810248dc12b6a089306488d75de97846a74e6777ab862d4d7aa4b4cc7", 0x43}, {&(0x7f0000000e40)="11dda24758fa80f4efc4e4aaa385433716eb18b5289ae4eb778e8336484d4d09013907c2c94ce7a5557e64f6e585be90f24f8f4d34102a405f714c21547ecc763fe4c49969f50f2272bc321e937b37cddb2f1bf209ebc0df12aee1a7baf2840a1ee2a250597774b07edd229a45bd094b4dd125cb94d93cea7485f199fa272af4dad3737a21ee264397be1a772aad3d8499ad5838d8fe6373a413dd89a84fbdad251bf91acaa56b5de69872255e9263ead296f8620eb0ab54e1215ac261c29716f381add0d60c91c701d91a4dedc61d85aa8d78842ba03550dff1b25704151bb360224c2a73d399d6cda7eeee46f93948ceb295dc577acb71252d5cb97296db9e71a10b3c3fec7356e7a55fddb9e30a9c98e0caa8bc6766dcaee34006f5811107a61bc86cebf0a430eba99c844c0ef7857a684560e2d8892019e4a0c44b8cca4fa16fbff71b703deae9570c0a7fc212362937d1d00a0f87b5242d43c3370df33693245595f2f77bcd28525e8c1fe188b5af196eaaf791b10cb57e05abb18fb5885db200e9c9247978a60d0fb0c798180dac4cd7a4f9cbe89a42a011c6a217c304c629ce5ba038c4ec8f6128dc72428ba015c16e3b37cc3f18248db30e5ea404f4c513a693d61e8cf082e7b05669eaab085adc95379654a46b06d1600d58a303cd97095816fba2dbcdb3412f2dae55cbc75fbe0e832e7388db19b28f50f4ea590fea593f7ee6a7c024c16cd5fbfa5e20d44b122f429be643bd993056f6b3230066dc1e166c54fd33f8fe0558790e17286356718425b15d5294244acabff0a508bf959ff6078b4de01d26627115a2e21134c488e73aaf7d45149535a3d3174cec2313cb7e2aca8b03767a08d8e7487a440922abda7d30d7e3f35cab89a6d96deb8aefb6dc38f6df36068b1a74eb31701fa8d7edff34f9f464d8e9f22f642e940f58f270e5419909ed5a5774bea441dae49e33e21bd7476117d69b7108e3cff74daa83b711c8b2ab7dbef54628f8cc68ef51c5ebde3b6c130901757381ab7d93de85dbcd57b625bc973b2920488aba95289d7bf04231155e1680e190cbd87d6b03f1e259d9d8289ad16e748bd7eee257d52ca6e2bb4d2e92fca2461c2e37be91741456f9e2054f2dad4596b47d44bdd1a8aaf354a2410c894e12eab15c5d8e29ca8885a39bf8f84a331f3c133910b829edd6722b7b4e8157be054a831be3ac7e8082d6cfc5262623d42db9f5125db722e98404dd743b913167b15abb0ecd685a82eb25eb17c66ed407ce9df830d6b4d1f265f23417bf1080ff50ea2bdebf78fbbfc11897e51ba536df4e2ff6fdae2740ca388fc441ef5021bf11889b37f5b2351078c389780ecfc32e4029f9fe28c458acfcc4f162085963b7323cfbf2da8781f04d04c6d5a85fe58baf0f8523494495a18ad1b27250820e57dadb3be6eba27e9aefc64a4ce36ad94ba6e10a6d3e1a090b18b2519410a568b2f5fc279a3692e74b9b3f4d75916cbb827e89f67398216999cff0ec317859f398b317f7c1d6e8c19f40b44c6b9ee4e857025419de0ab259f129469426ca6b81254dd1cc632dfb1239d730b2aa61f5427c8072207f1542cd52cc940512600c6ae06d5d10ecc680b888c6a21a4ac938c42965b6b2341ce491bdd85ca910c823c0692c1867b8217bbd918804e93ba30cf19d26b25c4181a28930834affd19599eb4b7483d3ca14fb1364dd030eee0c7b5498391960828070f63f33239e07a8e5b2b68aecb2a0d895b0e29bb3a02a58e8906a434db1e6234aa72ac83b04facf9cc4be75a13fe951dd53ee94fbb7f40b5a6f69af4e9ae027c5861dced2e221944482b0e717eaed3d3568b48ed0c31a46bb2226a83c2520669e823911861e88e2a575bdf8f10aa1f12c00ef749c47a35635f12fc2d460817c6c105e1a31f77d80fcfb6839921ff15c75b54ad3831f6d4e643cef99d9a9ba4584d03fdfbaebffd9f4f1e4c29ca0573ea7b7e1a9c5760a618dbaaf7622da55a99729637b1b455c565387d71416130fc246ae19427bf8a1091356e0a53f5177714a699404b38037bdfacaf6e8aace3fee00230b06530f26f7b86d18056a96308236e59769bb78497f3de205f2f4282debdaf2e2641e3a64757ded8053831d8954a98715d5d0cb603bd9e8e0546e2c715e1f0969425f211f9f067b12ee6c9eed1092a88b7d583ca7452d1980f14a8690925dd6fee1584af0f15772c3d9e01512b295e265788032cc74a9735563a32effa8e78fd03dd75cc6e7c73024cd7d1453e587ce8ac1270e9725658ccb0bfdba4b23fa06ff25657ddae85948a14a43005e0c6581cefd25172f12b61732ecc173df4c2ccf6c7e2c307d6c95766f6eb8103979a84186d195f7ee6455266ec76ee3b13d6b366917c786e3413fab892c2df51dc21c37d860d6a1c20d8a39a4b171a27e73848341c4b65ee22cff774a680829e482bb52ef9f0c6570326199db7515565db03abeac3a84054182446748bca52945117c97ca3f0e2e038736e61999bb3c3e04113a0f1abe0b6e6c2c760e93b0b0ae13e74f8db34231b6b88b51f096c137b3e924f7868f8b47492299c5529a51cd0600899c09227f5ff2d6a30efdaf8c80eea762777d1819ab8bb40413b6a3158952494f12580b42d22b63ab86a6c60c67663138756285781c1af194ce3b1aa5dde210aa18d5d20786111e6a0a2fb834303d93741a109ec03f5eeb35ddbf6e11e2d97ece65e1f29db41222e1526f61795a01657997b62318384d245585e84227ef5f1d4dc9519b0e4507e03ca8e41c4c1f529377670b5b8043f0274a7ad27d5a2be70343c363fbafb637d61ee439e70960688b3a9dfcb51616c7feed1110fd506b00f5da9d3ac880e05c94091c7b5fcfb4ec8bc096da4638b03817de168c58eb32ad896da53fc39af5c86936225fb861f09eae36f356e1c368286f25a3565a2df2b9e9cfbc604107d4c786059fb747c27eb8e1f26b00275de3d56fc4246281cd15d5972f784c4ee379e6649de56824cf86e87153b954b72c627131dfbe741365fa77f9d9c4f2bbc22062470b15bf86a135703fe6a9f92d1cf87869912ee410ce46e3d375d99291d18db3075e8b41629c108ac10d9ea2b84f649cda530620ec76cc4088330459de31b05eb2b02190e6fc72135a234defb718e92d6128ddf2271caa2cb81446653073b056a73e7c6694f13a7813d3af428f2b2c22cc4c8e52f2f743da10cdc06e91ac057b1d255bd87ee101a86b2c43b5014e63229b3f9348a955ec7608c299f7b0e8fabec25082c8fefb6aa5320cae6af5217c22c8e0818b68e246735a0026936247349b8a0801186cb08aa3f4a87bf7e44648560bee4e5b5c7007903578bdab0f56616b0b56ddbe1dbd0c1ae7d23e930a5952e512dbab7819d57d9ad0c1e16c97e9e31afc83cf54364a18e39bf060537d030b42fb0c5daf1153a736f9dbefcb788d0fcf1b788fde7090bced454af3f2ac3c5c42b81b142e56ecee5adad365aae58a7ac74860f9cd2c53dcfe78fd968ad1fa4ca2f381ec3c35c4df82be72f920f63d2a08986b589626585a3da1d225e42670d19b8c85feeb7776cab84779b4a2df443e4f041fbcefcb4cf9a854a783e387cafa29d1a20e9dff6d411ef6357edec44756445e4423af94c9a780ee70cef477f4d822093c2300232ae26de9f56faa19ab585340ac196895c94ad2adf7fddca9790e33889c18fe69d7b17f7d92e34377c5a2dd60286aad2a115c9350cc5204e3c08e784922e236a9506b95878d11022e0022bb1c353a64da0a732cd0c317c230ff115240a0d92981280302b35851a15a52ca92489ac3a572900c882965dc17295c627f9340db10ab8666541cbd9741d62622c1df9d8439fedcd460ad93281dd747fcaca606d50d3227cbd6d83cef524df25c93ad084173dd6b341e68676c263ceeb6939ac64f68646c3b2eb37b65b6b6b324d9f917c6618788008cc6e51c6df244e118a20b3fa866988d81dc580061153829addaf232f49972819b42442435f7ad74b76d3c364bcc3ef55f9534d5fe67274b806086a2b7f15da2f6409937ffd646cd25a0cfff0c60d9a35a9f6e658e89aff42b58e37596df6a801dacc147e592dbe73e1cf371130217886556e9c303ecde7e51c8cceae03114f69da236f70723aa22ea9b9dc0a347207dce2df7577a09659a9c5a41b846da0bccf7ab2e4f36e8a3a9d68196f620157a204101e610ec6d8ac76ed571fef9ceb7a04e275b50a29b280c359d8b169d0e7c76a5218f00bf06ba62f92f765a0b574b0a67c738906d555834589f0bb852c685a12dfa5833e4b34bbed10c29a4c0f9215a8079a66d11f313f6ddf40d461c4d76e2db602c9001f76c0c29789cd86cfc4297057f73e3d25c61da1c2ec72f68b879f43f0e3b641b7321b60d22c5d25ca4277c9631ba19fb6f39c2d8055f711a2dbc16e96ff43c17441495d1445cbeca595a81f7022251ed5983d8c5ce66807504208976532aa00c2ce81f468240a305dca99876d624de3af8c500878debcc0d0a1481e09211e111b27cfe6296b506566c92f22bc52ad301f3189822387240211e8c8b49898e72c6fb8b800afeeb432131720d710d54ebf4acfc021090b8a7a849394d28db385d7ea2bde4286ad7eff0a882a84768395131be180da29909a0db345b4dbdbf18daeac01feb7df363b02be2d20dcb93d76f5c4016cb5112e73a50466075773e10e8443816d4d57b784645f922d7906e894a6748f419b32f4da90b93c8196f426fc530c4b9f588246f3a0cd4ec975da67b62a10a29b550d3722e36c9df552f119671cfaf9312bcf0cbc0f9a22e48dccf8b612e5c252d37dc83052563e6db5e50038467258230b3b8005a1ae785bcccbb775f97baa19f8c82b98c7044d1082dabac2346624445610d30a3be6bad0ac279ca11b85780a19e3196c1672f0fed91992bb85db0e844f005ad08208c9ea9380bd17305a1e3ca9dfe6ffe4538b9d8645bd057d7d22b4dcbdd7b99d9bc40d6ef5fd33f8129c4a780c62a7a37112550d53fbfb45b9659b567e452507ae70053f8ec0e4fc28e69f56c13e984c6a503140fb1a4c4dde60884a0c311e00807e7ae9cd28fb3836d444b7161911655c270c7f91f6f485122aaee49298a5901569e30e0a8d2dc1b89f9129494ddc20091751a92b5da5f15edc8fbc279783227582360ced67fa865e2a57006c936e80e6f8509a9085f8d599b684fa5d3b5f00167faec5bd234d6e1c9009e5f7ae7681393dcc4cb081f93d3b970aec25254153098c0683ae8c5a7927f241c4ac07f4bd07a81967ab7b6e256cced51e6faf0611bc1b107efb4eb1812e089ae125786220c401515fc62abde9fedc12a4cdea175dbefd130ae88390b509dd2b2dbb6aa89a4ed3d21690140e4f2fe27273e35cd81e7c9035015ff13c0a8732e7cedda25746e06734add875fd54b4e0f74f457560ab638b37422639d9870d9e91915596ab92a41540f89d5300d5540516db5495082bed76bb8303370a007692f4d8853c9668d5da35cf0f982bd9d3a757605f84408a5d39f40ae6a2436a02cb81a0da9b3c87988cd9b9edfbfc3e07bb77beb7f107ce1314715783253c7d64eb41b7ef37dc083ca816a2eca97659b9bbe88c3cfb4f43c002b396b466ac19dfc6fc08234808bdf10edf07ad15a94572691e10c168178edffc35e660619e43e7bfa252e6aff15c4019d1057f339523e94113c6712b2a00a92fde2d074c24398418d4dac066a12b9adf8fedc5aac806d94e334c00c5968f451f7009b3312f83c72", 0x1000}, {&(0x7f0000001e40)="d4f734b1f6b695e940b8707190b71e819be345010cb0ac55affa64772f18ac7263569c43701117cff3ba746a9b26b4f690f243756a17436e5c15b2371ae8d133e0c48793e42741f7f0e7cc36611e9732daa3444d8eb09c48fe", 0x59}, {&(0x7f0000001ec0)="0730e18aee7d0bada8e8aef2522e011da8b058dd1e89bcd060366a6e2e92423025c629dc7d96663f52f84034e77ba4ea813cfd45084c7e1622fa611301a6b2ee95ad531da092b586b21bbeee", 0x4c}], 0x8}}, {{&(0x7f0000001fc0)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000025c0)=[{&(0x7f0000002040)="43fe8fe873096d67c593727fa6caa0f8e45a017dbfedf8e28cc91b1c3e3371b64e7bc533e656c8eaf00795fd09f0509f011b9aaa7a1532e6a1023fff92b02ef43f572ae375e872b7511568c529c486c0493512f662fda549d459ca51fa3fca7508bdf0861721ac0e008d9a513859658a14d9318c14a0bfa009fe0b123d4e026ba1199731b38b8044af4107b05e4226070161ab5197353c400bb18f3f64dd0c71584f114bc1d88e24a7d4", 0xaa}, {&(0x7f0000002100)="7b2539e0f93344611c0a128fea9fdb06c1c6b248d8b3fd2470c03f9e3be88382927c732dff553daa0a2974a587820d19cfc4510f6fdadbba7eea5b95bf43ed630bb34c61a8378925f3c928137c46ac667f05dbeec3e130b19e0f9c", 0x5b}, {&(0x7f0000002180)="3b2f788218bbbfe0c02f88819fba8c6ac134c2499376a4decbfe2a1cc27af164b6dac7f6416b43b8c65f1fc20e54b1a5926cc97285208dfbaa986b9004413559659173bc4475b8452aa7d44e78d03653e4bf4ef3f0bf5ffa1393", 0x5a}, {&(0x7f0000002200)="8327975f6337a6dd28a8c88283f9f121d14325dbdf85066bf52692de84127c194c896b9ff5710f0ec50a0ee829b327b457a87d7a50249bfbfe3513a2072c1e7df97b2320f7835fa7549d511efb6d2d3d1e0c4bc3ab08ed888f7d3ca35578ecfdcd04553b02bbb857a48b4d1e1568de1c555173036b53c65c37b5933964eb021a5b71bee32cb1019ff453bc698c57c6e9a4db0b4a1e4596a2", 0x98}, {&(0x7f00000022c0)}, {&(0x7f0000002300)="e61b571599ef5dbf5d2365aa9341661b0c3d2fc8ee7f02585500ae21fe32b970bd691a5e76ebfd320852e0f5bb00c6603d1d692ddff9642ee496d320c96be11d0e08b4d55f0a899e046decc871fe1b5532897d00ad56fc2a1e004305a0b833143b140c43b5faaf5f47d74ac0ddba018c55e1629e43d592d4edf558eddcaed94ce3e22967412ecb2f25078790d10df4b7f91e1c8c88fe5023664f65f0ed84d19b6b78c9c06da63ed6e4e530112c76a0ad76f3d7c4cd1d5fc1f967654524683fa87c2ecab95d831c11930261c10950441419f5fcd8", 0xd4}, {&(0x7f0000002400)="042659713bbd01aa96ad8e5e5c02d245925bc7bee3062a6ea12c0dccebb122c039235aef059f7e411a7b6ebd386f67c6437e769bfcb1b6fc7ce67606f7f0a0b12371a5fb19a8b8b1275bab79174c70127ecb82ff035fa93de3e462f19d6c90bac28317c1bbd0767eb1bbd3ddad1a4305187a463e0aa9ef5fab462284fb82c68a8e7af330cdf9229c2af1", 0x8a}, {&(0x7f00000024c0)="3bdccf7f42dabf24c5d040b4b3f5a17604eabdf8f3bd7c288cdce41d4ed0d3c6551e9d8915593811b33ccd9b5a3893cef9aef83eb44594823a697984bb3a5476f11a710d68dc07ab1a955820143bae1da52df531c6a4442b25bfe9f546f91b6e233054069e21102dc7a86131c94e72ef953d09227c8829f49f8e63c12e667e68770c049912ec637f24e6b5d14a0536dbd652f6e08d5afdd1860d568d1f2589ef0ba8a520e078f740239aec6f579a7a09fb1b6fb4cc0ef4d7a0062fe87ab37b5b32f35b697b16314937be219044b0fcec1bb8c4d8db033793", 0xd8}], 0x8, &(0x7f0000002880)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r0, r0]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r1, 0xee00, r2}}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x24, 0x1, 0x1, [r0, r3, r4, r0, r5]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00, r6}}}], 0x118, 0x1}}, {{&(0x7f00000029c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000002cc0)=[{&(0x7f0000002a40)="b244c673980b1a5dfd138fa7e583b95490db0be48156a364b97650f8a1ccf115fa964ad56585efdae6860b8b7e3e16ebd901326cee1074191d6887b87698db5f1ad2", 0x42}, {&(0x7f0000002ac0)="09e0e0363ba631dada8d0543a851c019a619a8d2845b74a45d4ba513eec29fe07e637eb6179d8e94be433870fab2fe91c00d3f5f38f79343d25ab8c4bf0b800cbadcd9ec0bfedbd33caa82e89b81b2789a6a08442b6232a3d21502afac558431058a384d4166035e2a453aaaa75fa68801057be3e2cd5c1cb0b1fef84372e20198309c4dd3cdaefc88b55a67bf07873858dbdeba70efec4cb421ea558625c2b6b4051fa0d8046bb687d344230e61405ed89712b46c0eb119ee1d12ab65579db7dfca66066aaa", 0xc6}, {&(0x7f0000002bc0)="5cfe7d048445da5208428f99ff57640883b268c590ef64d1854802a59cd74ea9c014ad899a9605386abd1427001022aa5c6150e63d0523b56d12bcf2dce7e7e9ffed578237b22d4ed7dc8c7cadf1eae0c0f1689ce20103ec993f26f321b01c074a1568a4952c23487ef0a3ccee856d9fd8d096095a38586b274ff664319cbc7793bf2438a8d2c548b407", 0x8a}, {&(0x7f0000002c80)="08154f98580d9da48f7356f8ef305a62a07c0dd796cf1750acf5ed6c477fe784bbe4aafcad8b", 0x26}], 0x4, &(0x7f0000002d80)=[@rights={{0x18, 0x1, 0x1, [r7, r8]}}, @rights={{0x18, 0x1, 0x1, [r9, r10]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r0]}}], 0x48, 0x4000004}}], 0x4, 0x800) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 764.597040][T15941] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 764.635161][ T1102] Bluetooth: hci9: Frame reassembly failed (-84) 08:02:00 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1d) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 765.213872][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 766.329860][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout [ 766.330150][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 766.409646][ T8518] Bluetooth: hci6: command 0x1003 tx timeout [ 766.416027][T10178] Bluetooth: hci6: sending frame failed (-49) [ 766.499663][T15599] Bluetooth: hci7: command 0x1003 tx timeout [ 766.506492][T10178] Bluetooth: hci7: sending frame failed (-49) [ 766.649606][ T8518] Bluetooth: hci9: command 0xfc11 tx timeout [ 766.659799][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 766.729798][T15599] Bluetooth: hci10: command 0xfc11 tx timeout [ 766.730022][T10155] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:02:02 executing program 0: shutdown(0xffffffffffffffff, 0x1) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 766.876208][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 766.933187][T15980] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 766.982967][T10178] Bluetooth: hci9: sending frame failed (-49) [ 767.209782][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 767.744142][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 768.489522][ T1053] Bluetooth: hci6: command 0x1001 tx timeout [ 768.496249][ T6576] Bluetooth: hci6: sending frame failed (-49) [ 768.579674][ T1053] Bluetooth: hci7: command 0x1001 tx timeout [ 768.585791][ T6576] Bluetooth: hci7: sending frame failed (-49) 08:02:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8933, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 768.889396][ T8569] Bluetooth: hci8: command 0xfc11 tx timeout [ 768.889507][T10155] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 769.058931][ T1053] Bluetooth: hci9: command 0xfc11 tx timeout [ 769.065097][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:02:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 769.209470][ T5] Bluetooth: hci10: command 0xfc11 tx timeout [ 769.219436][T10178] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:02:05 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x6364, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 769.390418][T16019] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 769.416066][ T1102] Bluetooth: hci9: Frame reassembly failed (-84) [ 769.769302][ T8518] Bluetooth: hci11: command 0xfc11 tx timeout [ 769.769429][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:02:05 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x48) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 770.589218][ T5] Bluetooth: hci6: command 0x1009 tx timeout [ 770.649278][ T5] Bluetooth: hci7: command 0x1009 tx timeout [ 771.059009][ T5] Bluetooth: hci8: command 0xfc11 tx timeout [ 771.059510][T10155] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 771.449219][T15599] Bluetooth: hci9: command 0xfc11 tx timeout [ 771.449440][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 771.977884][T16046] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 772.019228][ T1053] Bluetooth: hci10: command 0xfc11 tx timeout [ 772.025642][T13880] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 772.568289][T15936] Bluetooth: hci10: Frame reassembly failed (-84) [ 773.609205][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 773.611262][T15599] Bluetooth: hci8: command 0xfc11 tx timeout 08:02:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x89a2, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 774.009061][ T8518] Bluetooth: hci9: command 0xfc11 tx timeout [ 774.015329][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:02:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8904, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 774.164823][T16070] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 774.208198][ T1102] Bluetooth: hci9: Frame reassembly failed (-84) 08:02:10 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5509, &(0x7f0000000080)) [ 774.569249][ T5] Bluetooth: hci10: command 0xfc11 tx timeout [ 774.569574][T13880] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 774.656165][T16082] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 774.713957][T15936] Bluetooth: hci6: Frame reassembly failed (-84) 08:02:10 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5601, &(0x7f0000000080)) 08:02:10 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4c) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 775.201406][ T1102] Bluetooth: hci10: Frame reassembly failed (-84) [ 775.849058][ T5] Bluetooth: hci8: command 0xfc11 tx timeout [ 775.855333][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 776.249027][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 776.255225][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 776.403548][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) [ 776.728851][ T8518] Bluetooth: hci6: command 0x1003 tx timeout [ 776.735032][T10178] Bluetooth: hci6: sending frame failed (-49) [ 776.779663][T16115] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 776.842047][T10023] Bluetooth: hci9: sending frame failed (-49) [ 777.208902][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 777.208943][ T8518] Bluetooth: hci10: command 0x1003 tx timeout [ 777.210256][T10023] Bluetooth: hci10: sending frame failed (-49) [ 777.777772][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) 08:02:13 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000080)=""/121, 0x79}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/159, 0x9f}, {&(0x7f0000001240)=""/149, 0x95}], 0x4, 0x5, 0xffffff09) r2 = syz_open_dev$evdev(0x0, 0x3, 0x2000) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f000005d100)={{0x0, 0x9, 0x0, 0x101}}) r5 = syz_open_dev$usbfs(&(0x7f0000000180), 0x77, 0x1) ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect={0x0, 0x5517, 0x48000000}) ioctl$USBDEVFS_IOCTL(r5, 0x8108551b, &(0x7f0000000380)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f000005a700)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f000005f100)={0x4, [{}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {0x0}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {0x0}, {}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0}, {0x0}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {r4, r7}], 0x0, "b67d5166ab9c79"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004d100)={0xfffffffffffffff9, [{}, {0x0, r48}, {}, {0x0, r127}, {}, {}, {}, {0x0, r103}, {}, {0x0, r29}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {0x0, r7}, {}, {}, {}, {r102, r71}, {r43}, {r10}, {r80}, {0x0, r115}, {0x0, r93}, {0x0, r96}, {}, {}, {0x0, r86}, {0x0, r23}, {}, {}, {0x0, r76}, {}, {}, {r128, r35}, {}, {}, {}, {r24, r57}, {0x0, r122}, {}, {}, {}, {r67}, {}, {r62}, {0x0, r132}, {0x0, r118}, {0x0, r21}, {0x0, r36}, {}, {r81}, {0x0, r115}, {r114, r129}, {0x0, r92}, {}, {}, {}, {}, {}, {}, {}, {}, {r19}, {}, {}, {r60}, {0x0, r11}, {}, {0x0, r97}, {}, {r15, r88}, {r124}, {}, {}, {0x0, r105}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r22}, {r50, r120}, {}, {r32, r51}, {r66}, {}, {0x0, r117}, {}, {r49}, {}, {0x0, r45}, {r44, r107}, {}, {r52, r25}, {0x0, r18}, {}, {}, {}, {0x0, r59}, {r133}, {r68, r9}, {}, {}, {r109}, {r91}, {}, {}, {0x0, r14}, {}, {0x0, r33}, {r22}, {0x0, r84}, {}, {r99, r12}, {0x0, r100}, {0x0, r37}, {0x0, r72}, {r74}, {r38}, {}, {}, {}, {r94}, {}, {r98}, {}, {}, {}, {r53}, {r8}, {}, {}, {}, {r55}, {0x0, r17}, {}, {r85}, {r63, r47}, {r125}, {0x0, r56}, {0x0, r123}, {}, {}, {r49}, {0x0, r111}, {0x0, r18}, {r108}, {r89}, {}, {}, {0x0, r73}, {}, {}, {}, {0x0, r79}, {0x0, r39}, {}, {0x0, r29}, {r28}, {0x0, r110}, {r67}, {}, {}, {}, {r40}, {}, {r46, r16}, {}, {}, {0x0, r54}, {0x0, r75}, {r70}, {0x0, r13}, {r27, r14}, {}, {0x0, r61}, {0x0, r20}, {}, {r106}, {r83, r65}, {}, {r95, r116}, {r34, r59}, {r90}, {}, {}, {}, {r112}, {0x0, r130}, {}, {}, {}, {0x0, r117}, {r26}, {}, {r119}, {r41}, {r69}, {}, {r77}, {}, {}, {}, {}, {}, {0x0, r30}, {}, {r121}, {}, {r19}, {}, {}, {r85}, {}, {r87, r101}, {}, {}, {}, {r64}, {}, {0x0, r78}, {}, {}, {}, {0x0, r47}, {0x0, r126}, {r6, r115}, {}, {}, {0x0, r131}, {r31, r82}, {0x0, r104}, {}, {}, {}, {0x0, r23}, {}, {}, {0x0, r113}, {}, {0x0, r42}, {r58}], 0x8, "3c1d4c65c79995"}) ioctl$BTRFS_IOC_TREE_SEARCH(r2, 0xd0009411, &(0x7f0000001740)={{r6, 0x0, 0x6965, 0x3ff, 0x1, 0x2, 0x1, 0x9, 0x80000001, 0x0, 0xa3, 0x6, 0x0, 0x0, 0x7f}}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000180)={0x0, r6, "8e2713efd389b286e5593727f2f9e543618db2868ec67ebafed03a15cdd3da939d40cadbcce8d4d82f468357f36b463e814ac914dae8dcdee975dd0825a3bc8ccb5eec58753cfa9119b7595048d61c579e7e1f1ec5611d20b70bc75b29b741a79183f1d6e74f5868e5dd561dfc5c5c5eb98091d0b35d33b91c753476217d62462f177853aecf5983b00a62255ce32d1aaf3ddd52016f6dce15edbdc3cbc71169d29442f93fa77a0fd6e26dc0dd97323d3ef55eb94e8b56a5981f62935173c74b9027adb9328b4cb783c86865b5e1c41b3b59d7a0fd6485b199c5a6393daed292df07c793f56ad1ac700705c5ba94995c3d7a41613021037bc12e657e5d13204e", "48e560cf24238942dfa82b43efd443d8bbab3fe49ae110c7f908db1e85391c078c8f358ad6e9bddcd1c58c460d1a1e5a204eff5a0e958642ff7d788b9677c174e051f666e2b7bbe574f711446e4a29563a57717a2407f0ce0e0070a97b9a930f93ca659b1c856089000d242d4bb74af6697868e992286ba272a4e78b434f0594fc647173c68a61d190e8a0bbf05afe6e502985c1ad45c972a9d5dd36173c54a8120b8ff6ac02eec6457f838905d30049f8bcc2283c45a51a55426bd96322a728164eb3649eb74354da2abb19ed8c798a9c6983e067d46a35a191996ac5eae93aa6a120c81072861414ae0f3f12457bf2f83b2d8263665c53e374d86b885d443d42ebee9e2e2bc7194a98b986f24b850f3f100918a3ae1cdd0295a0175c84ffb3543ad2b20986a3b541b90abd56753a5735107f8a0fcc7112a5891ac37e2b46e7dd2fe86bb78fcb90911f125525685edfd9b10371059977323bfd4ccbd2955e192ac309f7607d3e17c107e5b40a084d199e59492099ecbf7657d3e7b8ca8b8126c2514c4019d9abc296deea260d8e181a6ee440505c3b686af733a52c864e4656e38c2316db649f1aba80f134d5965b726d7329b0adb7c94af0fcc12a1b89c4d63148142b0e1a9cc317b29ec992e4b378dc73816d8014ecb975578c01480505cd386cc2069171378f9284bfb41a02c73b3b160fefdefe2f49dfdcbf7912a68874329fb53c5946d31d307ba615aa7ebcfd8cce4294364d8e5a6abd5f051719f93e42cb5dc09b6b178192e359bc53b55c9fb0b8c0834bcf2dddf3f08b9c9c5e3cce4da0e12cfa17d137cc39227600f96da717ff33642ce5f54aeda53f601645cda7c43a8127948edb56da66403b9f166d19c46aa8a3d97145381f9c266aee270fd9a8d4e41f0957c8903ce419f5d2e9e6a274c1ac5bd59f1bab3f0f6a819ece02f96c654b23071820dd6108781377b0a581ad5407471ecb33ad1a2b296ccf68a6ef3dd30e45350e41ca57152a0de2657f2d4e9931a75379bc0f67ff3de2189878b0dc4de747f8e2e57ca116127c5b477355f6be2d6f4c5ae3e0656fbad7f06eabd947cb0cbbf1ccc475c96366c54c12f08131f4c8f282fe60285f9c540a3752a6d24c4032e04c79a2688526d74d9190a396a8c5abc49406a1b8132c4d1fa63cf00341d181d1f5d2e4428b03309de2185134097a234593576ab4aba4a5abd44536b093069d618ff4fe3fe2a72b31ac9c540db8ce5224d6b06cddec7b7e9dc09fcac254971db1297d2686f12a597cdf287e45e9285ef4eb7b696e1a56a7982118d0c4d25d2d64eba130adca51648fe9fdaddbaa6fd650bc7f4a5cdaadd34ba9d5c9d045b64c67c55de2f4b500df34751c81444886f4a832f584989d3fcdf499648c427f9bd94b80ff3b53ed52254a7031b2e7941c9d4483604cdcaf464399cba29d57e11ad508d4eb759e6056a48f6d4ce1184d707bb973bb17b5728b8e814e11e821c9451fd60c1fc178dbfe65e7eeebca8346cdadb3f5383218c011272052965edc026acc3c36cc95333dd3e067226e782c1951c15fcf251cc41e4b7c42446b8d83d4bfb77c8b66749b2f52ba4f299042c37ed59bd4af1e4e69fd41ac424ba5db96d8158eee90ed32fec14638d2531d3f7b7a151a6981575a1a767dc7f6db1cf6cce6cb55580bbdb236a83ccca8918ec0e8c405c15a49e0eb1d5209b27ad4b7a472162b966adf98d625c31be9736116ef8e3aed5926d80a950290db6bce5b84f52a182da6fefffa85c17db634a0de800701042cf7afeb9caa7a6257d3c418722b1e4ce040a55ca33daee4285abb4970234babe862f3d4079990ca8ac373f8133b1eec5cb6b0c8b4856fca9c9870e7ce3e37bafbed734fc82e297718e07e7f679ba6d02e15a595dbb5d42ed38e8367c5eb559b30da18971aacfaa3f8aad1d6cd47bff7250cb32c949ae6278410c95434ecbe789cb1397bec8fd337845df2a1d0638e04b1b6e74e5186d48fd48f3dd3ef3c835c83da23f431a5462b0f65de0e4320814dfbe60f3b6599e61da61baa0e2c5100460910e8b076725edb4ee7a1edc83e54ef6267514e481fcdc57e3b5e1729c55c4069506c1a4b76c2a141b8a9132cd94425589f83a3ff91872cea584af6dacadf537721927969699f17244e55b9af45d95e3190e2501b4974ccc7e6bdc1c64ed58d2230fc24a7ff185cb873039113406802f84f2750b7fc4e90aabf38907a5883a4e004e8a54d4d23ae989132d57311bed394466d728a1c1c7b9d6350b0324e30c36e729906e2b7651b726c5925051ccc707039ae040cb80d514887181db7e6953072df806e43490d71b5065fda3d55b5039872bd593c646ad29d6c4bdd6c53aa5cb164ac20806946e5b7f4e1d432cc3eed28c011ef8a65e3190c77874c876f39d20e5bb5355729b83199e95f159bb025bffd869b4f2412a2b0959e10312f8bbd2a8a36166f9cb21c0f71c18604f2c09e72cf57e05a4c4a3708d9140bc652a7535a3fc120dbfe190804f3e03367eda6b0aaa9cf2d4f2c9f12dce4ccdfe47a9709df208bdac33c399c7d7e41bb7565396401248c0f94faccc234452cd51a80a17b555c1e2831e6b98d29fc781bbc86a471b04ade04e32b0ecbd9e3386fb2dc7415eacb4432091c057e734f617cc3db509b100313cf3c44909c8d752db6ca4850c8b5d2630db69d9d829814bb802b58d6d2f2e622a735f4b314a90a26ed2d197510b0f10bc2868765dc83b21cebb3791224d87257fa87d555981a743a5ba7bf88676ec840572b9c8509dbc4dd4d549446665edfc18749d03e503d41633e93015929c270370188dff84a270d8840e194be8f6ee0718467f67142f19eaf957540751c224cf24c12009375476db7234fe7d4f44f404ffc8575e437ae209dee60b8eeecb9ba9180a3c28a7a60c385b9a722ce866b4671da22e209fe1ab9dd58e43ac27acd5191a75b0abd6d04edef3f01f3c5c7d3f5e0c127c36de67781476ff68765f8e8d2dd586d4ccb26ef2839f11ef7b6d2477bad954d5290d1465a0d224211b1debd40ff38763c5dec540078bfc90ab053c005f9b4c4b2ec2d2c584d4cfa84dc7bb3f6cec7f4831762ac3a3cfb603ed749a5f75e7d4da2a3e179e603cd1e02a9d6924a0b5edc3e3a710a86ce5f61c48cf8d7a7764564e3a9d65163dcfa053a2a76d83e5f30cb93ddaf0543a03d7ce9b75dc1352d903dec49cae8935966ac343e1a41d38d9205d03d56f9e58084c7417f6344e25de2d678e3ac82bef404aabe20a603aaf68554af2d16d1987fb38910deadea3f56e1a4b5653b0ffed4b7e933dff810a25ce176d5ff1870dc3fe14ba4d934492532ebf4a542c54718f9b692a9461f069515bbc041cb72da58b5ae5c9c3710a1b8ff2c840d5ea70abc081d6cb60096f3d35570d186ef0e50871582887b76b2024a50943343ff913281d6933f6b8606afdf2d2b9a7e3f1629a5730ad29ef58dc591fbb1f3024ef145e5aaeed7d554c214e929689a52211731da62c6a86e9db9d9a61a48a36cdbc7e7383d98a8b28c41ca3bb52ce3016642eb0de30853dc0d1c5dfbe595257ea786b92b30ce56f2fa684ecdf7b418a3c8cd7d047f0ddfbf58178d99cd14675b6957cb344127434fa8ed2b8539897e5b81be705f0c4999f0257f85c532405593ff6b5834d613b5e339a01e2141dec09d008c49983eb64ca7c34ed98227c4d7e717f0b72071b522c0c1fb813c7144eb871b8933ff3b489d669e966056929b30a4787992784615674a89f0cb3338a3ef0e87bf6b9075b0403a3d6cdc65ad7753da8509c72de0f9bd4bf6440494f1ab9ff0b1037f21c0d88605325afb8fa054ee0764b797701469913797dd5fa3e969febe283e1a7fd6c9e68ea89b3dc27f77bb2b2467713efda5d8594d5afad9de9084005930c860f707a358054d46c3ef7adecf2f939a3859dd8c3057c0132bc3d9183de053c1f527910d2e3ba060ad4b4456bb8542b380d19d0f8895eb6298f8a953a2cc73de9993a3ebcf478095a2cb9e6d2832d3214d5a1284c367febde5f6fdd3324205aef87252fd6c40fbd64cb17ecb0a67e820a2feebeb8bc2052166152d95143e11d637a439f6a22406dddf1e48bcce339d482803e607bd0ca14056dce74a5eba4912112bd02645f873302114dc58544a97bd40485fe320334d0f3946244d53f3f5e6070f2c9e967f3f69377fe650e2b6f81c78d75281cd2539ef114b6096b9793e0f4d1f7106c84838965fd06e765c6633fa229d437fe7249b6f923350feaa3a74ef87c186214e0c4fa54a6e12d483928bb19ef33772295fb42c74ef89f81ee559390d422b7c82bd1d520eddb6dc662e26386ce4ff6661f14f8a8a15e59778d3b61d16477a0cac416f917ce19b162e69b4ac1b323b55781112bb4bceae9fd36a1de00455aeee91dfc4f9a37a1b7c7ab9fc31dfc7c944f8d58fc8cd00c92294d7e5ed9fafddaa44a24f9eee7b7c89fe6c0a45185ee8899f8f508c17689da33e8da4fd54729dd72c3d92677397317a4ac9127ee825e0b45fe616947100d57959e1932ffcf69407a76f0dd037fe1e0c6443ab1557bc31ec5f91017bdb7b6b6d6c6beaf758c174b91f63859081ac7b050e330bb6556286bc8fb9136bce02bf7dfd1cd1c470d2de7dbc5301001c0a862b83b401a2d0807fd1179211e497f60d03858711ac7176793da5835b44cdc8de915dd57dca4d77d46313601dc03b78db7505a448a50f35ca8d0efd2f110901d010bcdf45f41abb1fd459073b48700d659c6f5e3214a422d5945ac658d6aac5ad7ece67045639e1e2de4552f3f0bd7d93585dce7bf15871d4f78098353c13125785a7d68b66be3cbf653f2f04e89698ce1f56724aa4d9bb4ab8d11f25f257b5d5c5d511aef15867f6613e2afb785d706a64bc50770bf03b224df55bbc6246f0ccdfe14101362de7e11fc9ac9073e66593334b761ae2ba91b2d411656fe09a23383aa109b412fb3ec832c6c1a4dc6c69f7dac058451de22688ccb403ea3580ab5b14c794d9120ccfb6feb10a633b474157d91f789a09b1fc1f155156fc48647d47efb97da48a84c4f84762de736c8f2e5f980a9be4cbe9be7d9cab4bf67c90a9ee38db399f6b4353b4b1b2a96cc24459ff7a4a31cfccb5a1dc6ee0a9ac86b782e1e92efb10d107db95fef40ff3ccc534bdcb6327a01299655d649c62a401ce7359fa878307e7d657d736e9cf22bf52f8aacf585df3a1ad39496ba7aec081c932affc880a1e65d61511c3c9e3db70c00554a930f3f1b3470655884003249ef379ede51eb88157d3b9801a2384238a630f1361b7c62ea0e60b9125c1194a7fef62ee919f55bc3341a21b526461f1864838c676c7460708849815f570582817739de341a3d3d72e42c3dae8b2cb98"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000040)={{r6, 0x5, 0x2de, 0x3, 0x9, 0x2, 0x3f, 0x7, 0xffffffff, 0x9, 0x2, 0x4, 0x37, 0x7, 0x100}, 0x28, [0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f000005bec0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000005c0c0)={0x2, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6, r134}], 0x2, "148e35230fb80d"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 777.956428][T16128] hub 9-0:1.0: USB hub found [ 777.964297][T16128] hub 9-0:1.0: 8 ports detected 08:02:14 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x89a3, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 778.408763][ T5] Bluetooth: hci8: command 0xfc11 tx timeout [ 778.408925][T10155] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 778.505137][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) [ 778.818900][ T8518] Bluetooth: hci6: command 0x1001 tx timeout [ 778.826042][ T6576] Bluetooth: hci6: sending frame failed (-49) 08:02:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8913, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 778.888958][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 778.898038][ T5] Bluetooth: hci9: command tx timeout [ 778.979296][T16149] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 779.004335][T15936] Bluetooth: hci9: Frame reassembly failed (-84) [ 779.288665][ T5] Bluetooth: hci10: command 0x1001 tx timeout [ 779.294824][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 779.848704][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout [ 779.858913][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:02:15 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x68) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 779.940613][T15936] Bluetooth: hci7: Frame reassembly failed (-84) [ 780.088660][ T5] Bluetooth: hci11: command 0xfc11 tx timeout [ 780.088794][ T9202] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 780.134524][T16129] hub 9-0:1.0: USB hub found [ 780.142265][T16129] hub 9-0:1.0: 8 ports detected 08:02:15 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000080)) ioctl$TIOCSWINSZ(r2, 0x5414, &(0x7f00000000c0)={0x1000, 0x7e8d, 0x52c8, 0xaa6}) [ 780.568739][T10155] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 780.898669][ T5] Bluetooth: hci6: command 0x1009 tx timeout [ 781.048723][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 781.057903][ T8518] Bluetooth: hci9: command tx timeout [ 781.368537][ T8518] Bluetooth: hci10: command 0x1009 tx timeout [ 781.570785][T16189] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 782.018672][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 782.018812][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 782.338760][ T9202] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 782.386303][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 782.556616][T15936] Bluetooth: hci11: Frame reassembly failed (-84) 08:02:18 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x89f0, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 783.128661][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 783.129956][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 783.227126][ T158] Bluetooth: hci8: Frame reassembly failed (-84) 08:02:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8914, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 783.608540][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 783.608782][ T8518] Bluetooth: hci9: command 0xfc11 tx timeout [ 783.712102][T16221] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 783.733258][ T6576] Bluetooth: hci9: sending frame failed (-49) 08:02:20 executing program 0: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={0xffffffffffffffff}) preadv(r0, &(0x7f0000002500)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f0000000080)=""/142, 0x8e}, {&(0x7f0000002180)=""/171, 0xab}, {&(0x7f0000002240)=""/149, 0x95}, {&(0x7f0000002640)=""/258, 0x102}, {&(0x7f0000002400)=""/199, 0xc7}], 0x7, 0x3, 0x2) socket$inet(0x2, 0x3, 0x6) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000002580)={0x1, [0x200]}, 0x6) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) r2 = syz_open_dev$vcsa(&(0x7f00000025c0), 0x1, 0x120243) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000002600)=0x10) ioctl$KDADDIO(r1, 0x400455c8, 0x9) [ 784.408398][T15599] Bluetooth: hci7: command 0xfc11 tx timeout [ 784.408561][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 784.568419][ T1053] Bluetooth: hci11: command 0xfc11 tx timeout [ 784.574724][T10023] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:02:20 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6c) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 784.691664][ T6576] Bluetooth: hci11: sending frame failed (-49) [ 785.290441][ T1053] Bluetooth: hci8: command 0xfc11 tx timeout [ 785.307262][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:02:21 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5608, &(0x7f0000000080)) 08:02:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x6364, &(0x7f0000000080)) [ 785.447191][T16256] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 785.473155][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 785.496037][T15936] Bluetooth: hci8: Frame reassembly failed (-84) [ 785.768409][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 785.852637][T16268] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 786.309736][T13880] Bluetooth: hci10: sending frame failed (-49) [ 786.568383][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout [ 786.568412][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 786.728407][T10023] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:02:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1102, 0x0) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETS(r3, 0x5402, &(0x7f0000000300)={0x2, 0x6, 0x3, 0x5, 0x10, "2f59c3ecc34e320dd75e87d2f051dbdbfe4a75"}) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000580)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="11080000000000000000450000000e0001006e65746465767373696d30000008008e0000000000"], 0x3c}}, 0x0) fsetxattr$trusted_overlay_origin(r2, &(0x7f0000000340), &(0x7f0000000380), 0x2, 0x0) ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0x9, 0xd8, 0x4, 0x480, 0x5, "985e2a8685ecf6d4"}) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)={0x148, r1, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}]}, 0x148}, 0x1, 0x0, 0x0, 0x1}, 0x4) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 787.528379][ T8569] Bluetooth: hci8: command 0x1003 tx timeout [ 787.538192][ T8518] Bluetooth: hci6: command 0x1003 tx timeout [ 787.539357][T13880] Bluetooth: hci8: sending frame failed (-49) [ 787.551007][ T150] Bluetooth: hci6: sending frame failed (-49) [ 787.938245][T13435] Bluetooth: hci9: command 0xfc11 tx timeout [ 787.944387][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:02:23 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x89f6, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 788.029978][T16302] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 788.338195][ T8569] Bluetooth: hci10: command 0xfc11 tx timeout [ 788.338392][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:02:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8933, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 789.048025][ T7] Bluetooth: hci7: command 0xfc11 tx timeout [ 789.059590][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:02:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) [ 789.288254][ T9202] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:02:25 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x74) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 789.399776][ T1102] Bluetooth: hci11: Frame reassembly failed (-84) [ 789.618303][T15599] Bluetooth: hci8: command 0x1001 tx timeout [ 789.625452][ T150] Bluetooth: hci8: sending frame failed (-49) [ 789.632634][T15599] Bluetooth: hci6: command 0x1001 tx timeout [ 789.639721][ T150] Bluetooth: hci6: sending frame failed (-49) [ 790.088131][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 790.088243][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 790.488180][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:02:26 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae01, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 790.666976][T16349] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 790.693300][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 791.213280][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout [ 791.219727][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 791.248352][ T158] Bluetooth: hci7: Frame reassembly failed (-84) [ 791.448284][T15599] Bluetooth: hci11: command 0xfc11 tx timeout [ 791.458117][ T9202] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 791.692819][T15599] Bluetooth: hci6: command 0x1009 tx timeout [ 791.698933][T15599] Bluetooth: hci8: command 0x1009 tx timeout [ 792.002096][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 792.727872][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 793.047802][T15599] Bluetooth: hci10: command 0xfc11 tx timeout [ 793.047989][T10155] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:02:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400448c9, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 793.149033][T16379] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 793.172766][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 793.288148][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout [ 793.294372][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:02:29 executing program 0: ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x5, 0x1, 0x9}}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x4ffe6, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:02:29 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = accept$packet(r1, 0x0, &(0x7f00000000c0)) ioctl$SIOCGSTAMP(r4, 0x8906, &(0x7f0000000100)) connect$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x3, {0x0, 0x4}}, 0x10) close(0xffffffffffffffff) splice(r1, 0x0, r3, 0x0, 0x4ffe6, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x16) setsockopt$packet_int(r2, 0x107, 0x3, &(0x7f0000000200)=0x8, 0x4) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="300000004a00605e8d010000000000000000000a", @ANYRES32=0x0, @ANYBLOB="0000000014000100ff010000000000000000000000000001"], 0x30}}, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r6, 0x0) preadv(r6, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800006, 0x12, 0xffffffffffffffff, 0x0) ioctl$TIOCSIG(r6, 0x40045436, 0x3b) fcntl$setflags(r5, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:02:29 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7a) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 794.007816][ T9202] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 794.017142][T15599] Bluetooth: hci11: command tx timeout [ 794.103073][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 795.207736][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 795.208091][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 795.297965][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:02:31 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x6364, &(0x7f0000000080)) 08:02:31 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8913, &(0x7f0000000080)) 08:02:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x380, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r2 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x2, 0x400) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000080)={0x60000000}) 08:02:31 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae41, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 795.624171][T16426] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 795.653430][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 795.718378][T16432] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 795.766858][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 795.783178][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 796.167876][ T20] Bluetooth: hci7: command 0xfc11 tx timeout [ 796.174038][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 797.698310][T13435] Bluetooth: hci6: command 0x1003 tx timeout [ 797.706546][T13880] Bluetooth: hci6: sending frame failed (-49) [ 797.767702][ T8518] Bluetooth: hci10: command 0xfc11 tx timeout [ 797.772538][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 797.781902][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 797.789816][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 797.800881][T13435] Bluetooth: hci9: command tx timeout 08:02:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400448dd, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 797.847770][T13435] Bluetooth: hci11: command 0x1003 tx timeout [ 797.857290][T10178] Bluetooth: hci11: sending frame failed (-49) 08:02:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) preadv(r0, &(0x7f0000001540)=[{&(0x7f0000000000)=""/53, 0x35}, {&(0x7f0000000080)=""/74, 0x4a}, {&(0x7f0000000100)=""/48, 0x30}, {&(0x7f0000000180)=""/184, 0xb8}, {&(0x7f0000000240)=""/88, 0x58}, {&(0x7f00000002c0)=""/249, 0xf9}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/118, 0x76}, {&(0x7f0000001440)=""/123, 0x7b}, {&(0x7f00000014c0)=""/93, 0x5d}], 0xa, 0x8, 0x7) [ 797.962705][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) [ 797.990244][T16472] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 798.728065][ T20] Bluetooth: hci7: command 0xfc11 tx timeout [ 798.734455][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:02:34 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x300) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 798.842059][ T158] Bluetooth: hci7: Frame reassembly failed (-84) [ 799.768721][T15599] Bluetooth: hci6: command 0x1001 tx timeout [ 799.776035][T13880] Bluetooth: hci6: sending frame failed (-49) [ 799.937728][ T20] Bluetooth: hci11: command 0x1001 tx timeout [ 799.944082][T13880] Bluetooth: hci11: sending frame failed (-49) [ 800.007472][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 800.016469][ T8227] Bluetooth: hci8: command 0xfc11 tx timeout [ 800.017519][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 800.038444][T16493] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:02:36 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae60, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 800.327288][ T8227] Bluetooth: hci10: command 0xfc11 tx timeout [ 800.337400][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 800.455054][ T158] Bluetooth: hci8: Frame reassembly failed (-84) 08:02:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400454ca, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 800.887308][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 800.887344][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 801.429040][T13880] Bluetooth: hci7: sending frame failed (-49) [ 801.847397][ T8227] Bluetooth: hci6: command 0x1009 tx timeout [ 802.007331][ T8227] Bluetooth: hci11: command 0x1009 tx timeout 08:02:37 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) syz_open_pts(r0, 0x11b840) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 802.167227][ T8227] Bluetooth: hci9: command 0xfc11 tx timeout [ 802.167412][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 802.286032][T16532] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 802.310805][T13880] Bluetooth: hci9: sending frame failed (-49) [ 802.487225][ T8227] Bluetooth: hci8: command 0xfc11 tx timeout [ 802.487443][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 802.727279][T10155] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 803.257880][T13880] Bluetooth: hci10: sending frame failed (-49) 08:02:39 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x500) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 803.447087][ T20] Bluetooth: hci7: command 0xfc11 tx timeout [ 803.453240][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 803.567724][T13880] Bluetooth: hci7: sending frame failed (-49) [ 804.327333][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 804.336649][ T20] Bluetooth: hci9: command tx timeout 08:02:40 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 804.420335][T16566] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 805.047033][ T20] Bluetooth: hci8: command 0xfc11 tx timeout [ 805.057308][T10155] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 805.287047][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 805.606958][ T20] Bluetooth: hci7: command 0xfc11 tx timeout [ 805.607014][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:02:41 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8913, &(0x7f0000000080)) [ 805.864957][T16589] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 805.888444][ T9202] Bluetooth: hci6: sending frame failed (-49) 08:02:42 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8914, &(0x7f0000000080)) 08:02:42 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae80, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:02:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4004550a, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 806.487135][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 806.487174][ T8227] Bluetooth: hci9: command 0xfc11 tx timeout [ 806.533477][T16608] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 806.571978][T15936] Bluetooth: hci10: Frame reassembly failed (-84) [ 806.585719][ T8] Bluetooth: hci9: Frame reassembly failed (-84) [ 806.601241][ T1102] Bluetooth: hci11: Frame reassembly failed (-84) [ 807.926963][ T8458] Bluetooth: hci6: command 0x1003 tx timeout [ 807.934434][ T150] Bluetooth: hci6: sending frame failed (-49) 08:02:43 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x600) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 808.167007][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 808.281029][ T150] Bluetooth: hci7: sending frame failed (-49) [ 808.328578][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.335039][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 [ 808.566832][T13435] Bluetooth: hci8: command 0xfc11 tx timeout [ 808.572985][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 808.646868][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 808.647014][T10155] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 808.662945][ T8227] Bluetooth: hci11: command 0xfc11 tx timeout [ 808.684247][ T8227] Bluetooth: hci9: command 0x1003 tx timeout [ 808.692872][T10155] Bluetooth: hci9: sending frame failed (-49) 08:02:44 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x4ffe6, 0x0) ioctl$TIOCL_SETVESABLANK(r1, 0x541c, &(0x7f0000000000)) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x100000c, 0x100010, r3, 0x8dbc7000) [ 808.842894][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 809.107527][T10178] Bluetooth: hci10: sending frame failed (-49) [ 810.006880][ T8227] Bluetooth: hci6: command 0x1001 tx timeout [ 810.013682][ T150] Bluetooth: hci6: sending frame failed (-49) [ 810.326821][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 810.331630][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 810.726672][ T8458] Bluetooth: hci9: command 0x1001 tx timeout [ 810.733920][ T9202] Bluetooth: hci9: sending frame failed (-49) 08:02:46 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x700) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 810.886800][ T20] Bluetooth: hci8: command 0xfc11 tx timeout [ 810.896940][T10155] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 810.968089][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 811.126842][T13435] Bluetooth: hci10: command 0xfc11 tx timeout [ 811.133138][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:02:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 811.286797][T10178] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 811.289909][ T8227] Bluetooth: hci11: command 0xfc11 tx timeout 08:02:47 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400448c9, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 811.474642][T15936] Bluetooth: hci11: Frame reassembly failed (-84) [ 812.086667][ T5] Bluetooth: hci6: command 0x1009 tx timeout [ 812.806583][T13435] Bluetooth: hci9: command 0x1009 tx timeout [ 812.966598][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 812.976656][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:02:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000080)={0xfffefffe, 0x4, 0x3}) [ 813.130543][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 813.286664][ T8227] Bluetooth: hci10: command 0xfc11 tx timeout [ 813.290671][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 813.522726][T10155] Bluetooth: hci8: sending frame failed (-49) [ 813.530370][ T5] Bluetooth: hci11: command 0xfc11 tx timeout [ 813.536622][T10178] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 813.829085][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 813.835666][T15936] Bluetooth: hci10: Frame reassembly failed (-84) [ 814.063362][ T1102] Bluetooth: hci11: Frame reassembly failed (-84) [ 815.206517][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 815.216410][ T8227] Bluetooth: hci7: command tx timeout 08:02:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r1, 0x0) preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) ioctl$TCXONC(r1, 0x540a, 0x3) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x0, 0xdc, 0x0, 0x0, 0xd, "45dfa075986f20b425d53febe7f8a83c680b2a"}) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r2 = socket$inet(0x2, 0x4, 0x7) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r2, 0xf505, 0x0) 08:02:51 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 815.526356][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 815.650879][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 815.657607][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 815.846518][T10178] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 815.855948][ T5] Bluetooth: hci10: command tx timeout 08:02:51 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8914, &(0x7f0000000080)) [ 816.096647][ T8227] Bluetooth: hci11: command 0xfc11 tx timeout [ 816.102944][T10155] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:02:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8933, &(0x7f0000000080)) 08:02:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40049409, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:02:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400448dd, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:02:52 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8933, &(0x7f0000000080)) [ 816.742136][T16779] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 816.766469][T16780] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 816.786892][T10155] Bluetooth: hci6: sending frame failed (-49) [ 816.810849][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) [ 816.837278][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 817.366216][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:02:53 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f00000000c0)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x7) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$TCSBRKP(r1, 0x5425, 0x0) ioctl$KDADDIO(r1, 0x400455c8, 0x800) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xd) [ 817.686270][ T8227] Bluetooth: hci8: command 0xfc11 tx timeout [ 817.686347][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 818.232165][ T8] Bluetooth: hci7: Frame reassembly failed (-84) 08:02:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:02:54 executing program 0: getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)=""/24, &(0x7f0000000080)=0x18) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) syz_open_pts(r0, 0x442) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 818.571730][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 818.806194][ T8227] Bluetooth: hci6: command 0xfc11 tx timeout [ 818.806269][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 818.896375][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 818.905462][ T8227] Bluetooth: hci11: command 0x1003 tx timeout [ 818.916112][T10178] Bluetooth: hci11: sending frame failed (-49) [ 818.928963][ T8227] Bluetooth: hci10: command 0x1003 tx timeout [ 818.943827][T10178] Bluetooth: hci10: sending frame failed (-49) [ 819.330186][T16837] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 819.359367][ T6576] Bluetooth: hci6: sending frame failed (-49) 08:02:55 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400454ca, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 819.491132][T16843] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 819.532128][T15936] Bluetooth: hci9: Frame reassembly failed (-84) [ 820.246149][T15599] Bluetooth: hci7: command 0xfc11 tx timeout [ 820.246207][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:02:55 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1d00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 820.646000][ T20] Bluetooth: hci8: command 0xfc11 tx timeout [ 820.652184][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 820.966144][ T8227] Bluetooth: hci10: command 0x1001 tx timeout [ 820.972304][ T8227] Bluetooth: hci11: command 0x1001 tx timeout [ 820.973288][ T150] Bluetooth: hci10: sending frame failed (-49) [ 820.982371][T13880] Bluetooth: hci11: sending frame failed (-49) [ 821.366207][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:02:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40085503, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 821.462781][T16869] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 821.488155][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 821.606226][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 821.606983][ T20] Bluetooth: hci9: command 0xfc11 tx timeout [ 822.127987][T16878] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 822.406139][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 822.406204][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout [ 822.725895][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 822.732132][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:02:58 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/221, 0xdd}], 0x1, 0x1, 0x6) ioctl$KDADDIO(r0, 0x4b34, 0x7) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 822.950987][T13880] Bluetooth: hci8: sending frame failed (-49) [ 823.045913][ T5] Bluetooth: hci11: command 0x1009 tx timeout [ 823.055903][T15599] Bluetooth: hci10: command 0x1009 tx timeout [ 823.525919][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 824.042893][T16902] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:02:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40049409, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 824.245785][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 824.245874][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 824.327147][T16910] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 824.354283][T15936] Bluetooth: hci9: Frame reassembly failed (-84) [ 824.885730][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 824.885984][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 824.938187][T13880] Bluetooth: hci7: sending frame failed (-49) [ 824.965931][ T7] Bluetooth: hci8: command 0xfc11 tx timeout [ 824.972115][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 826.085746][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 826.085814][ T7] Bluetooth: hci6: command 0xfc11 tx timeout [ 826.405678][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 826.926720][T16941] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 826.965752][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:03:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae01, &(0x7f0000000080)) 08:03:02 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1f00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:02 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40086602, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:02 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x89f0, &(0x7f0000000080)) [ 827.102368][T10271] Bluetooth: hci7: sending frame failed (-49) [ 827.137367][ T6576] Bluetooth: hci8: sending frame failed (-49) [ 827.162511][T16959] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:03:02 executing program 0: r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, r0) add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r1) add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, r1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r3 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r4 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, r3) r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r4) r6 = add_key$keyring(&(0x7f00000009c0), &(0x7f0000000a80)={'syz', 0x3}, 0x0, 0x0, r5) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000ac0)={r6}, &(0x7f0000000b00)={'enc=', 'raw', ' hash=', {'blake2s-160-x86\x00'}}, 0x0, 0x0) add_key(&(0x7f0000000200)='dns_resolver\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, r6) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x9) [ 827.326264][T15936] Bluetooth: hci11: Frame reassembly failed (-84) [ 827.332781][T15936] Bluetooth: hci11: Frame reassembly failed (-84) [ 828.965777][T10155] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 828.968500][ T1053] Bluetooth: hci6: command 0xfc11 tx timeout 08:03:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40086602, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 829.096454][T16980] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 829.135556][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout [ 829.142012][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 829.205602][ T8569] Bluetooth: hci8: command 0x1003 tx timeout [ 829.211715][ T9202] Bluetooth: hci8: sending frame failed (-49) [ 829.285585][ T8569] Bluetooth: hci10: command 0x1003 tx timeout [ 829.285734][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 829.291840][ T9202] Bluetooth: hci10: sending frame failed (-49) [ 829.365817][T10023] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 829.374983][ T7] Bluetooth: hci11: command tx timeout [ 829.658975][T16999] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:03:05 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40095505, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 829.878885][T13880] Bluetooth: hci11: sending frame failed (-49) [ 831.205331][ T7] Bluetooth: hci6: command 0xfc11 tx timeout [ 831.205673][T10155] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 831.285489][ T1053] Bluetooth: hci8: command 0x1001 tx timeout [ 831.292183][T10155] Bluetooth: hci8: sending frame failed (-49) [ 831.365491][ T1053] Bluetooth: hci10: command 0x1001 tx timeout [ 831.372571][T10155] Bluetooth: hci10: sending frame failed (-49) 08:03:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r1, 0x0) preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x87b, 0x800, 0x800, 0x3, 0x8, "aa7c2f56a047b69e11fbe78bdb7d98caa863c7"}) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000080)={0x9, 0x3, 0x401, 0x401, 0x17, "1cef9f853a2dbaedd76c94f31d93879f6cc1d1"}) [ 831.445364][ T1053] Bluetooth: hci7: command 0xfc11 tx timeout [ 831.455594][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 831.531914][T17017] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 831.554512][T15936] Bluetooth: hci6: Frame reassembly failed (-84) [ 831.685436][ T7] Bluetooth: hci9: command 0xfc11 tx timeout [ 831.685456][ T9202] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:03:07 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 831.818795][T17031] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 831.935553][ T5] Bluetooth: hci11: command 0xfc11 tx timeout [ 831.941856][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 832.467225][ T1192] Bluetooth: hci11: Frame reassembly failed (-84) [ 833.365375][ T1053] Bluetooth: hci8: command 0x1009 tx timeout [ 833.455483][ T1053] Bluetooth: hci10: command 0x1009 tx timeout [ 833.605242][ T1053] Bluetooth: hci6: command 0xfc11 tx timeout [ 833.605252][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 833.639819][T17017] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 833.845168][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 833.850410][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 833.859277][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:03:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40186366, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 833.977308][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 834.392556][T17062] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:03:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40186366, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 834.495399][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:03:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x3) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$KDADDIO(r1, 0x400455c8, 0x9) [ 835.685231][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 836.005115][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 836.485098][ T1053] Bluetooth: hci9: command 0xfc11 tx timeout [ 836.489451][ T9202] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 836.522457][T17090] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 836.645168][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 836.645313][ T8595] Bluetooth: hci11: command 0xfc11 tx timeout [ 837.180842][ T8] Bluetooth: hci7: Frame reassembly failed (-84) 08:03:13 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae41, &(0x7f0000000080)) 08:03:13 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3f00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:13 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000080)=0x9) r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x9, 0x228003) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000001400)) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r0, 0x50009418, &(0x7f0000000200)={{r1}, 0x0, 0x11, @inherit={0x68, &(0x7f0000000180)=ANY=[@ANYBLOB="010000e4ffffffff0300000000000000090000000000000003000000000000000600000000000000010000000000000005000000000000000ac400000000000001040000000000000900000000000000070000000000000000040000000000d17d000000000000"]}, @name="bf18990a3e008b77cdf76ebef8ae606dc64c451a1d15c6c4ca21a2ed27ba2563eaab11639ab774d491292116b8d172fec7742714faf88d4fd5f23d7a69f9eb5307323e640735ce23a6a835d4ed0e94f15270850245508713f94637c3df2a870498d942ae5ab2f6459ceca2b910774fda0c7ca8249a76a04c365381ea29dedf0b89ff7380fc904360481c0429703d7df0646e21a1c8c0fa2057405b0ec7647016670a057354aa27faa8d65d80b04ce7e0cbcab93e2784cbdab7f4ab9e4ac3f5da51e07763da27787f0988afa1259bf7ec9312b45a7aa37843168fed3e748096c8a2bcf6675d1e52bcd3fa3b5aa593adc984c19407a3420d1ecc264434b94a4c487454cf3beb5adcc6d9a8bc08ec05f9ca2c2c9d6e3cd5a4265f498e9c21a77735bc659b6b6a6d2e9332582133210b777ceb3bcb8ef09942153c87f69ea8bfc1510b3211daf2d6326dea7dfc04437fcef1f49a99fa252dba0895f2a8aa3ac8093f11c3a01ac076967a805ee02c5b13dca677e0d7eca60b47a3daa9b049a68534da7517a723e8f98a66b0405864cc83c0dd59489d4404dffb69ef3cb5b67541ed4d55bed635eb2ecd83d53f26ea636888d0bfaf47ab4385062b2418680ddf25c93fc257eb009331db7d9ecc9e134b41f715721b2b3a320338d8926ff078e3254743f0aa38af502f2de4be90f0e0451e5ff6e0907755110e39e7d786aaeda1689d38fdf6d12c4578d81855435927c4b5c07e0e2d2ca68c0a040f601e9539ee8b7b040eba1271940b29aa88d30aa0f1d7e6983e77c13487ce4de34376e223bbefd9aa90c122fc6fcd4c3271cafbae73d2643d0a534713ded1dda7bec3fe60595db68d0a8ea4d8fbb0a5870004b1a1599b36cf8b57debe2f873a609c224c08e68176c651894372a31adfd9cdfcbf681a1884fc4e9d2ca21b75486059edbbc25eb7d6c71097aca479d203a1112510a3c40a333fbedbc01b857241c7ca0c020514eb6d20aa025ea25e39caa317c6d279852effd6bc6b7c8576337e11d11fb7c7f12b4d8115e59b28ca766480f4969861b56115abb1114c01704b508525199fb744b635c700e504cc003909e2be34075a3988486902b734f8b01053900c00e2a4eaba90115e869107cd058a0e9710c0bad4e5770f17c2158c150d4e3f3975117f2187a0885434de1f53d98a20de7fd187b669b95e6b25c8c63f7deb1958b5ffb4f9c01bd991da8e326dba97b7507acbeb665227e3baa7fde1ad9fd604d08ea1d248d1d0f23427c2482b5e1a6cb8bd566d135efe62011c17340be62f1b61c39a6827dc6a902f60781f794ee233de55f2fe422ca9cb62aa92d1d233db9893bad04a6bcd4944035ff581911cecc226aa385e19f092e40082ee04ada6dda44cc71078ffba0874ed648e647e019a2e522a84834bb108a6c9b22aa008c6df53bcaa4d0da2a2af6b6a8747372f3ecf25c44b030320cc87f5774891475107652efa2742e67f03c70bc0eeb7c82a8c8ef25caa132ee5e2cf022d8ac0c40a06dd1d7d8888a3df1b2968b9507265bc43f20cd02955579d817e8019cb8af02e8cc162a7886c72ef54a1b7543c510e3e1895405db2ddc469b93e2a07be801b3d72caf8d5e5b4ba76e157359dcc1992ecd6495ed8da2f92a92f690f69f65b491779425de39ae0125ded088e24241987015818a1e65c720e3b8c1974e3767356f056f5a0f6ddb64b5bf8bab35a06828d8277bbdb9d445b29e5a19dd59ce11d2508cc7c89e572b31fdf90b7e36d44f4921f8c7faaa10b302a9183b657121a06aadac762f41c0dece33a2179193e7657a4730b67f178cd4d1117d5e26d462aa3cdaa71059931c75118ee8ded31f7d5eaf0801caa7df5cda0c7147ed984763d742efca89d5f11147205593363e5e8c8b38b3a6e86d2b315e93d05f5c7da7a0651e3b10cc817266fe09a0dd2487e661d988a29376e7f96afe3a6fa37bda46e8835021e92a8a1414056c77efacb9db198c64e20c780620895a0889feef06ff8b3582fa03b1682d4ea59501a4ab7bd444716ae22a19a20ddb422977c164b73b3edea5804ed717157e5106bcf5666ab4e72a9e111880d461bc2c81c9e83db755b57e8302c597c8b6a3e16a4fab693d2fc5e2a4984223935463cdfc77ddef3b9008479ff794fa8e16e3b735706fb13e5b78a397ff9bdfa40490e0b2e10e4eddbc3d04829d74ea4fbab4817b9df611ae5cd3cab35e997342b446a256b098071eeb4e6da98965dc1f6440546a0811df3c7e805a2f33096d7ef8a9697bdb762d92d971269bb511ac2437d00238be0b4603162c23e802180318c632a72006694c8bfc7f865ea918e6669a6d89563aac2437e932550608ead84054c546e3ca94efcf827715cd054fee4feea90397fa4c857aabf6b1914739247e6ab2941f7d198cbd189ce38443be30341a94a2711eb1ece9fb004fb2971992ecf2334a97a240d806e69cf8de654dc80e32bcf7c3ffef5b9794175ead50776b8546699d1c0d364c6fdc957a841c2c6801ccf264e3cb4866c17dd190b7a5892f08f3de04aafe42070f75c2be12ad6ee5ef11e00596727ca9747e2465ecaa0922a41400772fd5b7d36b6c7ea62b4026620199df88905fcc064de33a878f924160862027430d724387406e1eeb07dba928bf3fc7679d2df307b18a3efb6dcc6b90b3b10ca123b61c322a75c068fe9f2271a6353b442608d54c6bf95b1e9e6063b0b5b3647a0aae28347b9bb07544d092b0c9619bf59c86f0d33e5c1dbfd973fdbd19813d4cd3f746ca3d2b1104eca203ba96d558cc34fca1a1732ef2158617caa639af08df02249a9c33c28e6061abb193b6f0f7afb2874f0ab31062f1daeaed53e8879cb581c2eef64b12c99a58a101df88c3fc0eaeb0a8b210a45df06cbe25ce75dd1f2becb5300fa2004c7721067ca0348754e4b19054bccbf69050df2b2e4357ab4e61cf7ea023ff39fca768a231d1e948056ab6db4ef4f3215f133e6d63b9b67557dbf07e3ef796463aca8f148cdf7769e76cc37d3371e2c901b6ea93ab5d3d50108a589b6cd0b3fe8ec188e2a6ab4b6842883f19d7ba8efe3083c798026535ecd79204be1ff427aa56f498044c73250607ce821c7d64b2fbf5efa84e4e01b972db07c112a493acbf82a964fb1021f4e993760aef4d59e0694ef916f4a52c80c98c78d2ae492dade2a540ceaf0e2130a7386f09be48c275662794695c73f1e87c47eb6a57671e8d3a3630071ac93d32918b24bfce58599241c45ae181c5704a4b581b7bc84d55cabd97d2441afe69e91a7f803a9e921a0ab2500f0e3a99699277c1fc9702786b9368ef6ec62ce33c7604a30251aeda47c816989a07d00dc71842e51177ed17bec188abe32f6ad56586b8ea4b9738d5007577e6f260084395d3556e825b157442f7a577146449899a7f1d55b6fcd544e15ed8546b6b92155abf4bef626de6ed33270da46bc3edfa13ff156567f1c0c46de75231e686e964c2a34c591540c593bdc2d1e6fdbb5176fd4180ea7835c41a661debaaf065c08bc3d2f18ab72c171177cfa0d24d9839765b51cc1da281b7fab526f8f143a1226fc3d4a521330d21e2b46e35db6c64fc0d4d637461e4626b3a956aaaea0fa404c7d2be7fde6f2c06989584b346b10cf53c6c5593179d082d79b074bcd32dfa0eb12818f1e981a4d53ac5dc8912c1aabfce505a9a178473e61d2b8c065aca59a370cbb402ca24d54095255a91b0e14b09bf968b144193d220af28631f89089145295b4295d4c6f0d7487710c1ef07f8eca8781d284a2012afd240398806564f928cd135bd8f1535ad09442b4b8fbd1dad740ea2c4b6963dbcdbe0647610d2d93797a08956e155d630c86aa4122cb10b13c8ec2c8aa92c8274378676d488c19166aeb44d520b331392a4ce54acad33d31c7bd73c1589c9d0f3d1a076003499d59a9eac38295e1260a1ac126f8ded9947eda584d9ec73a35f7a8695b0641573aaa30dc6b03e8c32f706fed744fd444f0ab426bccc51f5e95e695078fec3bc5db5b211bd35d21bea4b515b179329fd91ccf83ff1df4150e33ffda7a02c041d8c1e2eb1b6dc927581ebdb049a55b23661d512d0b36d4f3779f32daa37672eec92731089f9d1e32fcd5c1f8669e5fae1dd238fbf1265b2261f6582e1432960c0ed3292464aefef14e1329b1b65a928f6cc7322cf02e5e8bfe0c41fe4c15ab3e5879d2b649c4187e63e83556bad791059304dbead2e5963a2889ebb413dd28b149cc94eb99c419b1cf44206c73f3bfdf8fd1b1af11dd1931908085883f3a6b90818d5f8673b231b87f7b0ce36f8ae1a6c0877dfae9db1ad915fe3350f837491747482bca048d132f1b468f33859679751d0c521a04f479aa6c207017d1cc2efedba1f868809be570911f06fd12029c11144972c0d63794384ad9236067210947daeb42ccc1496f0746e1522b215e5f76082882b7c153b3e86d7ed16707f353fc1da76acf59f333bbe53709bb32eeaaddff987af7cef9cf97037eac5d00b26b918dbebe4b7c8044f43dae49058cdcc4c227bad00e2a0d4f77388c74fb6977c03e3407ff3fe8305a01d952159354f530ba530914cb1ffa0932bb86f228dceccf218fa856709efb43e2a935fe73251ffc1931d7971c6c6b48bbb3fa41446f0c73254388fa7ec36cb50b84eb501acaf4f367625b649f709ffe9b1c5a49cae9b6ebefd45301f7037e4a3036790ab9fb3a591527f984b98dcd37a6f8438a079bf2df068e33773d5fda142ddba64abdfd1b96023c0c68b5dc42f4810ea15c21047205e6ae6df25c8358cd765f55f4e4876000e2db58c69b196010a93c3d8abb8727a0b7b1b3585e23c43b7717deeebfdb56c897ecc9ead69c1e129250cccd104b1f2970b95ab996ca2b1a8d3bb8945ed6335144ae5d41be69719653273d89c3074c1e9c830aa6ec7cf434a896f53dbea0c59a265c86340a76bc23d2a10b2cb90ac7e4fae18411b4693d2c05077d7e59c63c9aecf4c8a34897fa1ea4d8026412a5bb2c0bed5bfcfbca6b5d96cfdcabf89e019be0ec76b5eaac21f8b318c6e99d3075334be03512ad64891d618351b103a27abc7ff3af3dd3dd99b872ba222d1d9724eca2e2bce41e7da67e07ea18affdfa5bd16fd840e2881a790ba5ae612e8af868ac178f9b93db670efa73fd1b84ccabe619c56e2b68db389e31e37492a6ec1cd077482b0623cb282d8f2cefcb710f52009cbdc403cd5c529c6fa89888f5bf8b0a54a339e5326a72818fa3b157c9df13e8303db92b1a90ce5e6465675f19fc7fdf7a2c2ff1290207d878dc347968aa2267c326c405c1673f2fdca226675c44b2f3c2b8cec7568dfeaa78090aaac75fa7b4a5e3925c7bdfad38d52f84b4da7e0b31cd28aab31320c9dcee5b532207f0ef6a7e54c5bd6a27091ae3952343d7146f5e40d0e7ebb69d1b0723d1062d593e92602f8654f50032a76dbbd9e776798eef719c4b274a20dccf207c62a7b895523d933d1d7a79d8518ac66231012c5c1f096e8015f7d2bea5f5cf849090ff7bf87eebcf0f73f33b047b65a916ce46e66e8397d6ed1970236b5a82ce685c7e4ca12776e69f41b0c0b19860d3886f79d30c0132072bf03b412c3767ca4a4ee345f2db210c90b0a19b0ead66039d450e78ce5218cedfabac879de89cd5c3ba5b43a05c80c25584f68c43621881b51abe35efd2c21f75da1d64e42c7ba7"}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r2, 0x0, r4, 0x0, 0x4ffe6, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000001300)=0x8) ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000100)=@usbdevfs_driver={0xbb1, 0x9b93, &(0x7f0000001200)="11e81813b1b15d757b86ec717c925f2f1598dce50f3d0d07025e6ca9e61b3ec2798b600178da09849d571cf62c5a3fd9c4dd33e76306775a110a66a96a6fd373c35665cf40ca8a5e9113cb92b7d6edc555640bca3b0e699f2a787775a3bce75d310dad24fa21a54e6d8cacbd6bc7ee839c567a9cab6eb136b04486a09f8d98c72c68804a88e93f16c99d5644010513f4888b899ce4c61319c85b25ce3e571767bea01f77cd67d3a1df6bd2c45ba5420c78ab7c6d3e5a88399c2c447d021ca7da00b9c9db24b5"}) ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000001340)={0x9, 0x4, 0x3, 0xfffff800, 0x3, "4a21bf29346017319cfe72f26669c1ea263996"}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000013c0)=0x1b) syz_open_pts(r5, 0x80000) ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, &(0x7f0000001380)) 08:03:13 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae01, &(0x7f0000000080)) [ 837.909359][T17112] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 837.938637][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 837.968726][ T8] Bluetooth: hci10: Frame reassembly failed (-84) [ 838.564968][ T1053] Bluetooth: hci6: command 0xfc11 tx timeout [ 838.565019][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:03:14 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x401c5820, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 838.666316][T17135] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 838.682118][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) 08:03:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x401c5820, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 839.204848][ T1053] Bluetooth: hci7: command 0xfc11 tx timeout [ 839.215630][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 839.340342][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 839.924978][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 840.004910][ T7] Bluetooth: hci11: command 0x1003 tx timeout [ 840.004978][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 840.018870][T10271] Bluetooth: hci11: sending frame failed (-49) [ 840.025700][ T1053] Bluetooth: hci10: command 0x1003 tx timeout [ 840.031889][ T1053] Bluetooth: hci9: command tx timeout [ 840.032033][T10178] Bluetooth: hci10: sending frame failed (-49) [ 840.089800][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 840.460647][T17163] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 840.725085][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 840.734109][ T8595] Bluetooth: hci6: command tx timeout [ 841.248177][T17170] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 841.365047][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 841.884084][ T150] Bluetooth: hci7: sending frame failed (-49) [ 842.084878][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 842.085928][ T8595] Bluetooth: hci8: command 0xfc11 tx timeout [ 842.094236][ T8331] Bluetooth: hci10: command 0x1001 tx timeout [ 842.104961][T10178] Bluetooth: hci10: sending frame failed (-49) [ 842.124788][ T8595] Bluetooth: hci11: command 0x1001 tx timeout 08:03:17 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x5) ioctl$KDADDIO(r0, 0x4b34, 0x1) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 842.130987][T10178] Bluetooth: hci11: sending frame failed (-49) 08:03:18 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 842.484772][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 842.484840][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 842.565627][T17195] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:03:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4020940d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 843.284708][ T8569] Bluetooth: hci6: command 0xfc11 tx timeout [ 843.284884][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 843.372009][T17204] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 843.398727][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 843.924610][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 843.930808][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:03:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4020940d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 844.164785][ T8331] Bluetooth: hci11: command 0x1009 tx timeout [ 844.171198][ T8331] Bluetooth: hci10: command 0x1009 tx timeout [ 844.244619][ T8569] Bluetooth: hci8: command 0xfc11 tx timeout [ 844.244749][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 844.299234][ T150] Bluetooth: hci8: sending frame failed (-49) [ 844.644504][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 844.644610][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 845.166339][T17229] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 845.444582][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 845.959671][T17236] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 846.084478][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 846.090654][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:03:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4b34, 0xffffffff80000000) ioctl$KDADDIO(r0, 0x400455c8, 0x10000) [ 846.324601][ T8595] Bluetooth: hci8: command 0xfc11 tx timeout [ 846.330816][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:03:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000000)={0x40, 0x6255, 0xffff, 0x0, 0x2}) [ 846.540438][ T8] Bluetooth: hci7: Frame reassembly failed (-84) [ 847.204634][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 848.004759][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 848.008491][T13435] Bluetooth: hci6: command 0xfc11 tx timeout 08:03:23 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae60, &(0x7f0000000080)) 08:03:23 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4800) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:23 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4020ae46, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:23 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae41, &(0x7f0000000080)) [ 848.141772][T17276] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 848.180199][T15936] Bluetooth: hci6: Frame reassembly failed (-84) [ 848.204419][T17279] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 848.240327][ T1102] Bluetooth: hci9: Frame reassembly failed (-84) [ 848.272237][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 848.279226][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 848.304092][ T150] Bluetooth: hci11: sending frame failed (-49) [ 848.564377][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout [ 848.570579][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 848.644716][ T8569] Bluetooth: hci8: command 0xfc11 tx timeout [ 848.650948][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:03:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x41015500, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 848.866749][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 850.244204][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 850.244309][ T8569] Bluetooth: hci6: command 0x1003 tx timeout [ 850.259308][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 850.275085][T10023] Bluetooth: hci6: sending frame failed (-49) [ 850.324365][ T8595] Bluetooth: hci11: command 0x1003 tx timeout [ 850.324518][T10155] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 850.330634][T10023] Bluetooth: hci11: sending frame failed (-49) [ 850.644323][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 850.653660][ T8569] Bluetooth: hci7: command tx timeout 08:03:26 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000000)=0x5) ioctl$TCFLSH(r0, 0x540b, 0x2) ioctl$KDADDIO(r0, 0x400455c8, 0x80000003) 08:03:26 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xe) [ 850.856402][T17332] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 850.886222][T13435] Bluetooth: hci8: command 0xfc11 tx timeout [ 850.887575][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 850.892385][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 850.941819][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 850.953396][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 852.324041][T13435] Bluetooth: hci6: command 0x1001 tx timeout [ 852.331312][ T150] Bluetooth: hci6: sending frame failed (-49) [ 852.403993][T13435] Bluetooth: hci11: command 0x1001 tx timeout [ 852.411142][ T150] Bluetooth: hci11: sending frame failed (-49) 08:03:28 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4c00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 852.804268][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 852.886707][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 852.964509][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 852.973743][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:03:28 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4030582a, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 853.094818][T17369] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 853.136566][ T150] Bluetooth: hci9: sending frame failed (-49) [ 853.444005][T13435] Bluetooth: hci10: command 0xfc11 tx timeout [ 853.445281][T10155] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:03:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80045432, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 853.558707][ T150] Bluetooth: hci10: sending frame failed (-49) [ 854.403894][ T8569] Bluetooth: hci6: command 0x1009 tx timeout [ 854.483908][ T8569] Bluetooth: hci11: command 0x1009 tx timeout [ 854.884189][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 855.044025][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:03:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x40000000001d) 08:03:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2c2440, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r1, 0x0) preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f0000000080)={0x3fb, 0xcc, 0x6, 0x3}) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 855.203913][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 855.203915][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 855.418598][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 855.603996][T10155] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 855.613347][ T8569] Bluetooth: hci10: command tx timeout [ 855.749281][T10023] Bluetooth: hci8: sending frame failed (-49) [ 856.125730][T17413] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 856.146771][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 857.443850][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 857.764074][ T8569] Bluetooth: hci8: command 0xfc11 tx timeout [ 857.770281][T10155] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 858.163912][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 858.172895][ T8569] Bluetooth: hci9: command tx timeout 08:03:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae80, &(0x7f0000000080)) 08:03:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) 08:03:33 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6800) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 858.374422][T17435] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 858.408862][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) 08:03:34 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae60, &(0x7f0000000080)) 08:03:34 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4090ae82, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80045440, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x3) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 858.979096][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 859.001029][T17455] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:03:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x5) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 859.025986][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 859.035368][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 859.114406][T10178] Bluetooth: hci10: sending frame failed (-49) 08:03:35 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4400ae8f, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 859.594186][ T150] Bluetooth: hci11: sending frame failed (-49) [ 860.483784][ T8569] Bluetooth: hci7: command 0x1003 tx timeout [ 860.483796][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 860.490833][ T150] Bluetooth: hci7: sending frame failed (-49) [ 861.009762][T17482] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 861.043630][ T8569] Bluetooth: hci9: command 0x1003 tx timeout [ 861.049720][ T8569] Bluetooth: hci8: command 0xfc11 tx timeout [ 861.050345][ T9202] Bluetooth: hci9: sending frame failed (-49) [ 861.056251][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 861.123949][ T1053] Bluetooth: hci10: command 0xfc11 tx timeout [ 861.130181][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:03:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x22f, 0x3af5, 0x7fff, 0x6, 0x6, "382ae7cec642c2a8ef12e3c4e5d8f606a9ed6f"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x16) close_range(r0, r0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$TIOCGSERIAL(r1, 0x541e, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=""/247}) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) 08:03:37 executing program 0: ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffff}}, './file0\x00'}) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r0, 0xc01064ac, &(0x7f0000000080)={0x0, 0x5c, &(0x7f0000000500)=""/92}) r1 = dup3(0xffffffffffffffff, r0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r0, 0xc01064c1, &(0x7f0000000180)={0x0, 0x1, r0}) r4 = syz_open_dev$dmmidi(&(0x7f00000001c0), 0x3, 0x523000) r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000003c0), 0x248800) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000000c0), 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_adj\x00') io_setup(0x2, &(0x7f0000000300)=0x0) dup2(0xffffffffffffffff, r6) io_submit(r7, 0x0, &(0x7f00000005c0)) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="300000004a0001000000000000000000c4008000ea71831f68c7404db7ee33ff86d0f5afd95acfdeb604d4e9b15d383804354561607bf9e3cd0d77dad88c8a766ac2199e19bbd375aadad85d74b4e4b65b7434523208181d02839f53938ac68bf42b975022bf1ac84bc3de108b1c00abd722b7c9a0caa4b35f5fb7a89a0b9ae41c1daf71fed2c005443eea371f81ac6be706b24f58c8a9ab5267ad", @ANYRES32=0x0, @ANYBLOB="0000000014000100ff010000000000000000000000000001"], 0x30}}, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f00000004c0), 0x200, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000600)='/sys/kernel/software_nodes', 0xc000, 0xc3) io_submit(0x0, 0x2, &(0x7f0000000380)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1945, 0xffffffffffffffff, &(0x7f0000000200)="bc57546f7a6c1d60ed63a853866f5de9bf7d176f798250cb54ac0778b933c21969c0202b6deac6496e6ad89cb94d68419dfd98245b4d0379e900e2", 0x3b, 0x7, 0x0, 0x2}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x20, 0xffffffffffffffff, &(0x7f0000000280)="7d4be566a0d01f7047ed49914a8d03e30e1480c66b65cba2290b879c85ef46e08297f12c52294c4e5c29e15033557cd76c38f062f7c2930d6a33e69e1bee997b4200285b7388846a0c70", 0x4a, 0xfff, 0x0, 0x1}]) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000640)=ANY=[@ANYBLOB="0000c073040500000600000000000014a0c0fa15635292b35f7a2182047905256e7c9165bf1b2f880fc03ff819fe9487942d439f587f878e8fac19ed8d623118e375d52b4da0f0e31f546a752e6b2ef68a64fe0f1af746", @ANYRES32=r3, @ANYBLOB="000000000500"/28, @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\t\x00'/28, @ANYRES32=r5, @ANYRESOCT=r2, @ANYRES32=r3, @ANYBLOB="00000000fdffffffffffffff00"/28, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\b\x00'/28]) r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r9, 0x400455c8, 0x9) [ 861.439417][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 861.450319][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 861.621193][ T1053] Bluetooth: hci11: command 0xfc11 tx timeout [ 861.622792][T10178] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 862.573572][ T1053] Bluetooth: hci7: command 0x1001 tx timeout [ 862.579812][ T9202] Bluetooth: hci7: sending frame failed (-49) 08:03:38 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6c00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 863.043464][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 863.043524][ T8227] Bluetooth: hci6: command 0xfc11 tx timeout [ 863.143258][ T5] Bluetooth: hci9: command 0x1001 tx timeout [ 863.149376][ T150] Bluetooth: hci9: sending frame failed (-49) [ 863.159562][T17520] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 863.175049][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 863.443414][ T8595] Bluetooth: hci8: command 0xfc11 tx timeout [ 863.444616][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 863.603495][ T5] Bluetooth: hci10: command 0xfc11 tx timeout [ 863.603583][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 864.163489][ T1053] Bluetooth: hci11: command 0xfc11 tx timeout [ 864.174064][T10178] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 864.643291][ T8595] Bluetooth: hci7: command 0x1009 tx timeout [ 865.213321][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 865.213421][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 865.228086][ T5] Bluetooth: hci9: command 0x1009 tx timeout [ 865.733781][T17543] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 865.758621][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 867.763218][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 867.763510][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:03:44 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae9a, &(0x7f0000000080)) 08:03:44 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x509604, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x19) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:03:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80085502, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 868.582445][T17557] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 868.598300][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) 08:03:44 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae80, &(0x7f0000000080)) 08:03:44 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80045432, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:44 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7400) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:44 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x30082, 0x0) sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, 0x17, 0xa, 0x201, 0x0, 0x0, {0xc, 0x0, 0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x800}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x404c0d1}, 0x20000000) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x40900, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x9) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15) [ 869.219483][T15936] Bluetooth: hci8: Frame reassembly failed (-84) [ 869.254159][T17579] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 869.275959][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 869.284697][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 869.302080][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 869.764107][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 869.770458][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.643179][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 870.652366][ T1053] Bluetooth: hci7: command 0x1003 tx timeout [ 870.664398][T10023] Bluetooth: hci7: sending frame failed (-49) [ 871.170742][T17600] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 871.198383][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 871.283102][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 871.293201][T10155] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 871.302559][ T8595] Bluetooth: hci11: command 0x1003 tx timeout [ 871.312077][T10155] Bluetooth: hci11: sending frame failed (-49) [ 871.367110][T10271] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 871.372968][ T8458] Bluetooth: hci9: command 0xfc11 tx timeout 08:03:47 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x627040, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:03:47 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCL_SETVESABLANK(r0, 0x541c, &(0x7f0000000000)) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 871.809400][T17624] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 872.723037][ T8595] Bluetooth: hci7: command 0x1001 tx timeout [ 872.730257][ T9202] Bluetooth: hci7: sending frame failed (-49) 08:03:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80086301, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 873.202847][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 873.202841][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 873.292497][T17636] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 873.362805][ T1053] Bluetooth: hci11: command 0x1001 tx timeout [ 873.370271][ T9202] Bluetooth: hci11: sending frame failed (-49) [ 873.692749][ T8595] Bluetooth: hci8: command 0xfc11 tx timeout [ 873.699026][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:03:49 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x4ffe6, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x14) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x12) ioctl$KDADDIO(r0, 0x400455c8, 0x9) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x80000) ioctl$KDGETKEYCODE(r4, 0x4b4c, &(0x7f00000001c0)={0xf8f8, 0x101}) ioctl$TIOCSWINSZ(r3, 0x5414, &(0x7f0000000000)={0x40, 0x9, 0xd7, 0x1}) [ 873.793992][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) 08:03:49 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80045440, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 873.842685][ T8458] Bluetooth: hci9: command 0xfc11 tx timeout [ 873.862438][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 873.922949][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 874.005589][T17661] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 874.802675][ T8458] Bluetooth: hci7: command 0x1009 tx timeout [ 875.362620][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 875.362696][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 875.442775][ T8458] Bluetooth: hci11: command 0x1009 tx timeout [ 875.842660][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 875.891610][T17671] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 875.921663][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 876.082960][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 876.093040][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 876.623064][T10023] Bluetooth: hci8: sending frame failed (-49) [ 877.922629][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 877.931838][ T8595] Bluetooth: hci6: command tx timeout [ 878.642392][ T8458] Bluetooth: hci8: command 0xfc11 tx timeout [ 878.648621][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:03:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400448c9, &(0x7f0000000080)) 08:03:54 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7a00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0xf503, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x400040, 0x0) ioctl$BTRFS_IOC_FS_INFO(r3, 0x8400941f, &(0x7f0000000180)) ioctl$KDADDIO(r2, 0x4b34, 0x6f3a) [ 878.824783][T17698] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 878.850565][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) [ 878.869518][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 878.881363][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) 08:03:55 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400448c9, &(0x7f0000000080)) 08:03:55 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80086601, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:55 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80086301, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 879.468956][T17718] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 879.511549][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 880.882328][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 880.882531][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 880.888732][ T8458] Bluetooth: hci8: command 0x1003 tx timeout [ 880.894553][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 880.903579][T10023] Bluetooth: hci8: sending frame failed (-49) [ 880.909119][ T150] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:03:56 executing program 0: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$key(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x2, 0xb, 0x0, 0x3, 0x1e, 0x0, 0x70bd2a, 0x25dfdbfe, [@sadb_sa={0x2, 0x1, 0x4d5, 0x7f, 0x6, 0x88, 0x4, 0xe0000000}, @sadb_ident={0x2, 0x0, 0x7, 0x0, 0x3}, @sadb_x_kmaddress={0x8, 0x19, 0x0, @in6={0xa, 0x4e20, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x5}, @in6={0xa, 0x4e21, 0x401, @mcast2, 0xd2eb}}, @sadb_lifetime={0x4, 0x4, 0x4, 0x59af, 0x3, 0xffffffffffffffff}, @sadb_x_filter={0x5, 0x1a, @in6=@private1, @in=@dev={0xac, 0x14, 0x14, 0x28}, 0x2c, 0x18}, @sadb_x_kmaddress={0x5, 0x19, 0x0, @in={0x2, 0x4e23, @loopback}, @in={0x2, 0x9, @remote}}, @sadb_sa={0x2, 0x1, 0x4d2, 0x1, 0x20, 0x58, 0x4}]}, 0xf0}}, 0xb0) close(r2) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) sendto$inet6(r0, &(0x7f0000000080)="7e889488069ae106e5bf888a05b3edb7ebd813fca527c91deccd366beba803804ebb914e128c9d1d133810408c4f4005426bc452b712f817649db8e2c96377404442c04d00a59a8ee7c15d7e8ba7920cd1a1f8279a9b98f0d4638faf893da3338f915303602bdb46d679d755e6225f5650ac3fd8556624708149b83b73a4861fbcc4707965a9", 0x86, 0x240088c0, &(0x7f0000000000)={0xa, 0x4e20, 0x100, @loopback, 0x6}, 0x1c) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r4 = socket(0x1a, 0x6, 0x7fff) connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4e24, 0xfcf, @local}, 0x1c) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x9) [ 881.036555][T17740] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 881.070048][ T150] Bluetooth: hci6: sending frame failed (-49) [ 881.522340][ T5] Bluetooth: hci10: command 0xfc11 tx timeout [ 881.528499][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 881.532453][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 881.534984][T10155] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 881.602415][ T8458] Bluetooth: hci11: command 0x1003 tx timeout [ 881.608674][T10155] Bluetooth: hci11: sending frame failed (-49) [ 882.058449][T17756] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 882.100213][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 882.972160][ T5] Bluetooth: hci8: command 0x1001 tx timeout [ 882.979252][T13880] Bluetooth: hci8: sending frame failed (-49) [ 883.122358][ T8569] Bluetooth: hci6: command 0xfc11 tx timeout [ 883.128633][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 883.195466][T17764] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 883.219058][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) 08:03:59 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x8089) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 883.522277][ T150] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 883.639050][T13880] Bluetooth: hci7: sending frame failed (-49) [ 883.691471][ T5] Bluetooth: hci11: command 0x1001 tx timeout [ 883.698392][T13880] Bluetooth: hci11: sending frame failed (-49) [ 884.162205][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 884.162302][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 884.171523][ T8569] Bluetooth: hci10: command tx timeout 08:03:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80086601, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:03:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x801c581f, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 884.273595][T17789] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 884.296634][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 884.335171][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 885.042305][T13435] Bluetooth: hci8: command 0x1009 tx timeout 08:04:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) [ 885.282185][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:04:01 executing program 0: r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000e40)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x38, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_GET_MPATH(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r2, 0x2, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xfffffff7, 0x49}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4007}, 0x8015) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x9) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9) [ 885.682096][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 885.688310][ T150] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 885.762043][ T8569] Bluetooth: hci11: command 0x1009 tx timeout [ 886.203263][T17812] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 886.225242][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 886.322069][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 886.332760][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 886.402088][ T8569] Bluetooth: hci10: command 0xfc11 tx timeout [ 886.402994][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 886.867470][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 886.923270][T17826] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 886.946240][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 886.956526][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 888.242043][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 888.881745][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout [ 888.893185][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 888.962019][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:04:04 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400448dd, &(0x7f0000000080)) 08:04:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x2142c0, 0x0) syz_open_pts(r0, 0x200) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x700202, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:04:04 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x20000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 889.063365][T17845] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 889.148720][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) 08:04:05 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400448dd, &(0x7f0000000080)) 08:04:05 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x801c581f, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:04:05 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:04:05 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x1, 0x1f, 0xb5, 0xcc28, 0xe, "2a785d3549098d7f4bfd9ffcba6878a2641061"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 889.704204][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 889.737212][T17872] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 889.790642][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) 08:04:05 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 890.339946][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 891.121799][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 891.121857][ T8595] Bluetooth: hci6: command 0xfc11 tx timeout [ 891.201727][ T8458] Bluetooth: hci7: command 0x1003 tx timeout [ 891.208787][ T6576] Bluetooth: hci7: sending frame failed (-49) [ 891.643404][T17895] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 891.761921][ T5] Bluetooth: hci8: command 0x1003 tx timeout [ 891.769023][T13880] Bluetooth: hci8: sending frame failed (-49) [ 891.841750][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 891.841797][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:04:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_open_pts(r0, 0x800) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x20, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) read(r1, &(0x7f0000000180)=""/220, 0xdc) [ 891.999323][T17907] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 892.037885][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 892.402103][ T8595] Bluetooth: hci11: command 0xfc11 tx timeout [ 892.408410][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 892.945477][T13880] Bluetooth: hci11: sending frame failed (-49) [ 893.291593][ T5] Bluetooth: hci7: command 0x1001 tx timeout [ 893.297708][T13880] Bluetooth: hci7: sending frame failed (-49) [ 893.681518][ T8569] Bluetooth: hci6: command 0xfc11 tx timeout [ 893.681638][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:04:09 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x400000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 893.798091][T17928] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 893.841553][ T8569] Bluetooth: hci8: command 0x1001 tx timeout [ 893.859061][T13880] Bluetooth: hci8: sending frame failed (-49) [ 894.081614][ T8518] Bluetooth: hci9: command 0xfc11 tx timeout [ 894.081702][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 894.124394][T17936] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 894.148173][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 894.163026][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 894.401553][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 894.401672][ T8569] Bluetooth: hci10: command 0xfc11 tx timeout 08:04:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8208ae63, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 894.493612][T13880] Bluetooth: hci10: sending frame failed (-49) 08:04:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0085504, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 894.961504][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 895.076347][ T1192] Bluetooth: hci11: Frame reassembly failed (-84) [ 895.361427][T13435] Bluetooth: hci7: command 0x1009 tx timeout [ 895.931543][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 895.931702][ T5] Bluetooth: hci8: command 0x1009 tx timeout [ 896.171488][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 896.172510][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 896.446948][T17969] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 896.477121][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 896.571516][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 896.571609][ T5] Bluetooth: hci10: command 0xfc11 tx timeout [ 897.091086][T17976] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 897.121515][ T5] Bluetooth: hci11: command 0xfc11 tx timeout [ 897.127809][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 897.671500][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 898.481335][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 898.481348][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 899.121191][ T8458] Bluetooth: hci9: command 0xfc11 tx timeout [ 899.132107][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:04:14 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f0000000000)={0x7, 0x6, 0x1000, 0x0, 0x7f, 0x4004}) readv(r0, &(0x7f0000002500)=[{&(0x7f0000000080)=""/74, 0x4a}, {&(0x7f0000000180)=""/169, 0xa9}, {&(0x7f0000000240)=""/101, 0x65}, {&(0x7f00000002c0)=""/223, 0xdf}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/176, 0xb0}, {&(0x7f0000001480)=""/4096, 0x1000}, {&(0x7f0000000100)=""/33, 0x21}, {&(0x7f0000002480)=""/58, 0x3a}, {&(0x7f00000024c0)=""/39, 0x27}], 0xa) ioctl$KDADDIO(r0, 0x400455c8, 0x9) 08:04:14 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:04:14 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400454ca, &(0x7f0000000080)) [ 899.295144][T18002] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 899.309783][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 899.334588][T18005] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 899.346128][ T150] Bluetooth: hci7: sending frame failed (-49) [ 899.681592][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:04:15 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400454ca, &(0x7f0000000080)) 08:04:15 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:04:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0189436, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 899.959527][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 899.987552][T15936] Bluetooth: hci10: Frame reassembly failed (-84) [ 901.361164][T10155] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 901.361313][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 901.381891][ T8595] Bluetooth: hci7: command 0x1003 tx timeout [ 901.397941][T18047] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 901.406496][ T150] Bluetooth: hci7: sending frame failed (-49) [ 901.889351][T18051] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 902.001058][ T8227] Bluetooth: hci10: command 0x1003 tx timeout [ 902.001330][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 902.008480][T13880] Bluetooth: hci10: sending frame failed (-49) [ 902.081314][ T8227] Bluetooth: hci11: command 0xfc11 tx timeout [ 902.081673][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:04:18 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 902.649003][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 903.440968][ T8227] Bluetooth: hci7: command 0x1001 tx timeout [ 903.448227][ T9202] Bluetooth: hci7: sending frame failed (-49) 08:04:19 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000080)) r1 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCGETD(r1, 0x5424, &(0x7f0000000000)) [ 903.521049][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 903.521132][T15599] Bluetooth: hci6: command 0xfc11 tx timeout [ 903.649335][T18076] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 903.679692][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) 08:04:19 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 903.920925][ T8227] Bluetooth: hci9: command 0xfc11 tx timeout [ 903.921136][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 904.008817][T18086] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 904.080875][ T8227] Bluetooth: hci10: command 0x1001 tx timeout [ 904.089405][ T9202] Bluetooth: hci10: sending frame failed (-49) 08:04:20 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc020660b, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 904.560907][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout [ 904.560979][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 904.720912][T15599] Bluetooth: hci11: command 0xfc11 tx timeout [ 904.727189][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 905.520919][T15599] Bluetooth: hci7: command 0x1009 tx timeout [ 905.680827][T15599] Bluetooth: hci6: command 0xfc11 tx timeout [ 905.681053][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 905.718081][T18112] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 905.746015][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 906.080914][ T8227] Bluetooth: hci9: command 0xfc11 tx timeout [ 906.091064][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 906.160815][ T8518] Bluetooth: hci10: command 0x1009 tx timeout [ 906.605409][T18118] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 906.631272][ T9202] Bluetooth: hci9: sending frame failed (-49) [ 906.720827][ T8227] Bluetooth: hci8: command 0xfc11 tx timeout [ 906.724478][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 907.251205][ T9202] Bluetooth: hci8: sending frame failed (-49) [ 907.280922][ T8227] Bluetooth: hci11: command 0xfc11 tx timeout [ 907.281004][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:04:23 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc004743e, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 907.387197][ T1102] Bluetooth: hci11: Frame reassembly failed (-84) [ 907.760702][T13435] Bluetooth: hci6: command 0xfc11 tx timeout [ 907.760744][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:04:23 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x300, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$KDADDIO(r1, 0x400455c8, 0x5c7) 08:04:23 executing program 0: r0 = accept$unix(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000000)=0x6e) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000009140)=[{{&(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e20, @loopback}, 0x2, 0x1, 0x3, 0x4}}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000100)="66b585c19fd3a06d12f69dd43e562bf7d7b2a857dc851c", 0x17}, {&(0x7f0000000200)="09b2c5468b027a0d15e27295736115b7dd2caf98ecabc8329272012b1acebf56bdfc700aaada7c1a05b6c0e5018affee1130a1268a04cb51f0b2f55734be51c8f985c98e3d9ffdddf0c046692b0c9e8a307c137417f5445396a038c6c0c77551821b8ceba14acf023d10b40b5c239a2c225f4d28fb", 0x75}, {&(0x7f0000000280)="84d8468cdfa9319f3e5350a41d5b2f9da8dd06a8a3fab1e88154980bd18cc2ac2f2d68e9140b0887a1545d58d6addf73b9f3a6351a795c9128a4f40478a7eeabc6c4a9b886370c88c9694204314f6305956f406748e8cd995a95e64a03f46e59e79f1eba8d63c08c6b73894d16897525b5fd8a879b286167799450b3bb5cb0dfbb9e77a48897129e09f898970b4545059eefdd512cc23e08cee9ba1a2b8c5682f51d52917170b18b92dc2cbb525684", 0xaf}, {&(0x7f0000000340)="81b1fb1c39afe2a527154265f0adfb6000eb75d41e10edfa32d72b7bf75d2f676d8f75d231efcb3bf21f8e25664cac00757990076206d4ab86bdbb635f3bdb75748c39a1b1264f5a120860c25fb83c1ea0db42964553137b62", 0x59}], 0x4, &(0x7f0000000400)=[@timestamping={{0x14, 0x1, 0x25, 0x80000001}}, @mark={{0x14, 0x1, 0x24, 0x7}}, @txtime={{0x18, 0x1, 0x3d, 0x100000000}}], 0x48}}, {{&(0x7f0000000480)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000001640)=[{&(0x7f0000000500)="6b302c4c74e00db4c9f67f860d159fda3dc1151bd6c5e097ff5936c74e407d79aee4efd480b8eef72c028020188a5a18cfae93220423a0a62f7fc290f88f57cb4ff1be5eb6a8dfd98444e40248807c2564b48e36402bbad186a73bf87d4a241acb63a44b457e27a14488f34ba41173afcdffcb7324a58abd037bf36dd42f3d9066304b190c8ec87be8b8391282975ca1f3a0a9498f4024a3b007e40276c1a09c2da81a766f9a34a05887cabbe42c515ecf032ea0b50cec8a97ea483ba291817d2208337c2e1e95e8dba6bf4032844372688496f2aedda08e5af8f76e22c064bde2dcdd65", 0xe4}, {&(0x7f0000000600)="a16641", 0x3}, {&(0x7f0000000640)="b4a2ec5b236ea4c27730e7115c1e7143a4dd50be7d087fa77629dfc8a9f25debe1c3aed9af83c2edada6cd7b3f4802a1990141250dc3522b8bd13cba998559279b697908ce9374adc744cea15ea1bf74692e7774ff4c3cff0bcb43a0e16744e5919b2958129eed8c1f91f4e58ccc8557a5d852d34328472ae761d44ae239649c724f9dc1b90e6b10ef37aed85010bcb4e615a5fe310461e3650cd2a6d0154e03ba7a4084d58a32b82b4955dea845a4850be4732a69c65e4719c8c0cb126e5d97c6745cf8de87d515e63ebc386b25d3b47cc35ca31408cc90925d194cd6f316245cacad09798b299981af07598c31511c5f4096c9ecb1e94b2f8e9caa94a8da144ad6a722d38ad8c66ee8797584517151b78cce6852819e0c2f07a5b9434ceaac35c46b7625c9b57f1cf0b9e72bafc708729e7f1139eb5f386139e06e2d65985cb4a1610384c5ff71cc6713d300ed99d589f1c196bddd164c5f1a5023181c7d0d8788aea302e57cfcb3c8d6abce5134947c750659855f12ce99d35beb6412d99af7801613e85eff0d0a7e602d81aa87a41aecfd81b08d8f24fee763b0597029460fffe45492530984840b3c5169610edd5b86ca32433441db9805cd9ac2ab8e2501314928b89f068a01eb4e67070aeca8bce040c09d29cd543c8882452cb7cae5282c915c6e882d711a5060954043c74661ed13de549397b862fc97c0929eb3e9790033367336402970d33fa38e971e9bb5e703503c49f972fa0f41004040359da2155bd196f336aaf9ba9f90017eee7b2eb3e774a9a1f8d31505cb60a66be14b4ce50603a82c993cd9ef94d9669c8858c171843ee0ea34fc756dcd545757724d78764ce40461a08e7c462bad418a6022ead7462cac828df22593907f9d2b3d15582a4fb6dc484cc075664e9a3366b4729b38a623d73b8a8ade4639fab3dbd1220d94f4cc15243b5669cc88c25218e592758773e4a1cf53144fc7ac1eb8ad479f7884deddd031c0606d8cea5966470234fe53048c5000c9edecd53631a06ca75ff859a2facf083abd8beb61d355e86bb0face2bc261cf6c937eedf631ab8e4782c1a271e868864bc301b8da40053724bfceec2b9cfcd17d5af1309e5112ec2ee40f11dfe2d8125ee0b1b748ad2614f5b261ffb870da6283c9071306758318a34b27dbbc61ffd33b79831d5e5791f888418ce2aef3b49178c8cb7599288140b0d32e689357c9b8b0a3e5eee351a6c9a829da46de9f66a36ecf9522006ff92c3796e6564e6cf66102a9e2df7abc2f6434afb3d73c89a13b80adf955d57c00cbc36814fd3c2be9d7ad56f1f11939e84cb05b13ce2ab1aa2b719a70b9f0a1dfcf266c1b242a76ca1dcb07dc25737a6fed42c3157fdd633ce3ff5933c8784f6c40e2fab51467edea4f0dd36c4d03b7dc2710c24bf6db52885e2c38a4ef9cba447f2f7bb0df22bd156a53f09fbb3f5f93b96ca2088cd4b41da961e4c8ce539deb945c26f01714e43b035c7f453f98a65cff94eac550d27c0ca5679b6934fc7464f0f91edff25b27f807d49e1968a847b94a5f04383bb911f4978b9d761addf0f645e10141bf19212af5bae89b0b1928c09fdc66ba32b8d0a1c22baab227ef2392dc674b3e351874929d4d678a34b202ede8a76549cecaf80dee3417afae3f202811b08194badbe4b53a78599d8d2e3b18882484da993b1d151dd423c3bf4671905a9a28d260b32f134abaeee19c67322b40f110446250d7f85710f19b6da510a6ad039aee6535baab88a374c08263abb520b27d325b383f2974daeb1aa547b792ae4a1e5640c3f077c3b595052cb2eed32912a40223c4c38c697fa3b84bdaf70dda59e527e669a5e6de0ace71b328b9e4eec85a7af4a365e405f148547b713812035f8d44684aa1854663f286ca07525cd0a1f4ec0ab5bcf7649a528b109a53d601cc21a7aa242297405b8c56515ae3271b04b0ed6d5c16f3a84fab193a5d2c14ef84ec77991490e2ffa3dc62fbd41637878fc94af7a5f3d71666557a91aa361b9034cf40062fcacb4868b7350d06d018b0523c6443ad8f762e0344ce37b6af7cc85b52ec6ef004d6c5c0b912a611ec3b3984746fb1ff19d3821a4f10e20c615e62d6d86792ce4638fa01f2d0152ad575db5cb7722aeed6f62c369dc995fe63777889c77a6f862116d6caccdd34df300443095eed81f26d1ce95d264ff6ce91bef9962dc82d998ee158715cc92bc649e54f9d6f64054aa588e5373d97e90294f9c7e87d6fe1e18eb4f2d95d9558334d6023c5aa841fbad2ffb27f07e223844cd18c4b51d40ec8ca264b55390ecb702d0c42a4d5ad7c5f41ccf924235aa9ee46788441f4c80251981a4f2795ebb1e1b92ba9da4a3c4a162036499b0c115f6f390631a56ebca51e9efbabb580be23d863817a956c0bf917246156e6dfd212fefc15fab194fc7d65d78531179f4fe85f764f582e1584a53e92c7017073e001caa3c9a284c3aa872692b720e9a484c3e4fa4906c720a7318bdb356d12b0a0103652e6255df1714d0fa4116e85d32af8d116ec9cfc6360b68c9c3feafa8e8b23a6708b9f6cdcbea0b106b8d6d73fc3b729f9d1af0ada8f190491e5f1490cca6f3b6df6e8ea8cd49abff62e2b5af8c0fa95b8b5ac441bd8a7200a028fddf303dd10c6fbab421ceb470f3295b547853495115776e4314e7598d25434a6ee0d85e8c27d076627cbbc1621451fd6c895d78363d33440debbe96c67359d0b987c105deaf4bd8a361eb286eb9c66993c22d619b1cc0aa82591787161150396fe40915876ae654e9b3d172f1caf64bce23c302df626171aab9f015893597fd4dc30d9ad147366d344a6af993621916bded36eb517012b586cceba507bfda81d7664352ffaff8b7dd60826d6fb56249e2547bda7e14f033962c1351fdd86d314b3540ae1a74edf48eee9d250bb626200a40c349c10e1a90f13db8ebdba8488d326e821cf18875ca888716d5d5f3c8ce6e41a22f444b149539f5cb6c370b52265c8238ebe5e0c303f73bf8a5fc937e1cd5bba28e20e140a05092f9ddeb42c1cf3db977b0326d0500d11f97b0e26b3ada503b7384c32a8cda5d58bd106bca92a5713607ed9185d9a1dbd4e9ccafa1c2876692ed444aa4a188335ba3d6d59eb4ee5a11f455b65835855fafaa0403c886058d00c0b018683f0092349b97670e8a988e03de61e736eaa580f73a152f0ada9a769c8e1bb66401c401e80f0c6b96c6a2d78ef32deee1e33d0c62873d8ee76a95d9e35870e937b7a20eae1023efa5dac0a7df85abba3f74ab5cd5e3e9bf762b7eab3033c6a58f7a60e5e738f10e38364d373850efe40d9842ed2be63b45071a47277aaac06c9628e24c82fa2f83995aa9e96852a59472bd6a64511a9c6688124a839f31b60d44ba82da3d37616fc0822db5be7dece5299b376e2c7d04ee46d02f3329e4ea4fcf87f5be7a1127fa00ca5f7b1cd2774ba2990b731aa2591fdebd5844fd35b1391cd0adf3896f5bdd5fdab056a6c0be40ba6f55a9f21014da0eea0966ad6b457b2dc6789a46f927395702f4f6555f4ce7f8dea18d4df60dabc90be721eb7c14af2a7af8914f8e009888eb941237a26cbaf24ca535ed007dc622006a74f4e08e4aaf8c758623f9ad5eef20ca79e2f8dfebcf8c9165e02101eee5f1a8f47ad2550e1bb11f654ceb6d2f47736941a8db050ddbecaeab50d0cc53175ee42a6e23a26006b31f0fc8c0edeb2f98f1bd7add9a60554df642cef069e4f5d33cfe5542c0ca94b6438677a31864c3b96d7fc44d5c3aeb4939717752431795f09c6e79084eeaffca8c75170858bd26d4028dc546d662c59a008cc55fe72bc2df28911d4c26b25037c3013e86d96461f509ea8de92b920c20d7d9fc2f6bef5b6ca07c0934e19f915acff8a3dffb67abce17b2ee6d9db2703e979831f7db827421632079ea226774d33bfa4a6e61d84e7e7d2d29c91d9a78cc46dd7b1c3db25b0052270f7bed116c8a7000e9c3d60c7b106a8c794aa6e67034ec152037fd65e4f4adcb3aa311482ad01ed5f1778810697e8facd2ecc98bf8c14206af521a7809e1ea05cfc481690fafee86ba5d4c6329ca26632d9c02944333cf8197065fd545b562e505fbb6d228075ca462f2e01fbfc67b0c83f0fd003f3003196a61628e9032549db38ae2dba54c2f10aa68507b4dd327c4bf68ec4c7332a7b86b525d5fd77e0b8d3885a37c8bb7d69376f4e380767cb890e3c2d0a96fca9c242bdaed6186bc78a92c43e6704c9efb05115d9f3c7179226ef9f61a1b3ad8b8ec65a8be4247caf14197c8bd6d4a75ed11a969f1ec4cc39c8ff2e135c4f08046469ca37e308596c37a52db022a7b16cfd03cc6e98d8d1b6708e7bdcca770c22472110eadd4f6747707f7beb5c4bcf8df230e57715478d9eb032a779b0a26cc5d6cdbff23511c40906b28e78be406f1528194affaa3539e0411a82c8f83b5b4d5cb9728237e63843f1b53bbd6a220b8c9f37b34654ef6102f55dde5e7865ec97d3cc574d1c60158baf5ded90f18b15ea54004d780a9f1f9740d68b898bec853f77ff176bb77ca21fd95f861c8f30f92426089493d7ce8d92b765ad2f608ca820aa593e0d9d953a36b0dd3b49d655fb35113c7344fb12ae43c3ce6788ec1b9861072576465252d0de7ab6738d119d5b74ddff4ce65e5264a58c6887e3b73075af2b2719095b4bb7554b9cc2993960cc39184dd7617e0359f8151538e6d1e4b42f0bc0fa8b644fa3d97703dd95d6df240bac8521c7649931e375575957136034481012ae9e9e575dbfa54fd4cef0fdd52c6a7cb3dd761cf996dba343671f4a05dcedd9dc25245b3a5c5039d954dfc0e35c5bf9f7d349e8ece10b855fa9246e70cddfa3b789a4a33a3db5a08ff2e02666d9f6eb45d854b3481059dd2986507da036544a22f4f9a8bec0f43c1fa21a86ea6eaa1dd3dd9e531e0951b21faf60c36df23d976d92e83325bbe317211a52e0017366d9873f0999fcebfff0ec0b4cca562dcbb7529c2dfe37f81efc7c954340de896badab7dfb2f854d2a7045385545c7d7fb922421e3d5321c7915c3bfac73addee79a755111c317406488cacd30350a8e7bd5fbae79e9cae48ad9539feb9ad465802099ed537ce1c9c816647e48836bb2d2071005ebe14945fdf2e2302bbabf0662a7b1cd626a9126bfd363311ef8023a9634b397e6cf88303c0954660fd1b702dfba4875fef611aaeacc16a3cbebe32a7e6be3d522b1305d608771bcf5f4fb63fdc41accd13142eb705d1a40944deb3ca7b6dd7bea18bd4ec2e755e7c7bf93c94f9e49cc293289ffda770418dd76d347271d9f0bc4d79710be8d708ad16c500c29f1ddc28249351b19c1759a803e78d540bd26a39f1f25ac48ec80de9662b4ab2e19305d3b4d9678cea9860881c9805588831963fa9e4f5eadb08cd4694f69eedf9026fcf07068ea822744234b5593573725a813e64cf9c81d9fd1a0222c6a1bcbef19f7c0282d8eb2f16240bb83fbdc8af667ec40245a5c7f3ca4751ba4f848b21eed6f574f87d6ae84d59a60a06aeb2d7cb00d181ac0ddc3826d9c91ea311b876e95319b3fc89d4675ef254bc300c2c2da45acc5a1cf89adc761ec83eff790af9f32476f5394a5b4bade841c293c0b76ab62b8242ff1e73b452c0b3e6a7956b95b935397e3af98f2064f7532cc9b80a22cc46e27648fd939b4cbe3d9c0d22f401ff1e9f3b0b8a2961e3695f842392fafe17b8266bd87ebbca8b455c0e6186ec086967b56e8307e897273d15b379808f5500d", 0x1000}], 0x3, &(0x7f0000001680)=[@txtime={{0x18, 0x1, 0x3d, 0x9}}, @mark={{0x14, 0x1, 0x24, 0x8}}, @txtime={{0x18, 0x1, 0x3d, 0x4}}], 0x48}}, {{&(0x7f0000001700)=@phonet={0x23, 0x6e, 0x3a, 0x9}, 0x80, &(0x7f0000002840)=[{&(0x7f0000001780)="bf64b2ade337f8b80aaa1d6b795936d31e8b47f6f8204b8b2f87a580990d67893674621bc57184ccc474f9bbe27bf3dbd7", 0x31}, {&(0x7f00000017c0)="8a6c00eb7144820d0d7f5186a2cdc1d0305a25658d4f9ed19b79adf0831c0f1b652352779a14dbc0202881e25cc89829a76a979f1246aa70eea2c997c0a51e28b8999198", 0x44}, {&(0x7f0000001840)="3fdc2f9fb22779c523b555b1bb9e764a0440a50f8a6cf379232014eca1466d5e46e9cf7b3aeba2c264390e79a54f5897cfbceb519b24f4139a230e192907da2c89f4a637f4caad4cb4a8a9f749d6e849a2ac23bf259d0180931337f366de5a3a90ee00e8a73f1d375c8ffae703b906291862b35f481367248f4e29662e82573259e8e26b98630fa5576432440d763ec2d57c2209b7586204d2d38f7fe539e841801f248750037bc7948c70eff51238086e00ef95eaa3996f006a241e355899de4924d15a8301d33141ad74ee2830948fd7a165b7772fb6b40dcaf878c5362e72ca3cb7449c0a7add3748f4d644dadacf5fbbfcb378494808bc8303ead34488614e683755e7852ffd6daf8e47166d314aaaa9c75c1b633591dfe4931933293a0835365b2c7e209d8eb9ebbe5b61916bb82247ab92557f98686434c2bc41063cdb87c64c9bf0ce6b63672ec9c3d3088cf755c5ff1ce35782d17ba590e43d75e126b41c02dc1bb9f0986443ac29f9b5548d072c6ea2156cae449ceb68339ccf9ddfeaeb91f47e39fc5bd547f1bf84651750749318924c13e57562df50eeedc1ccfea9eeebe28f4dd3b9ed025118f2580a447819281ad85d2d82c1a11825de41b4c773a62b62f24b5b5089a80b36eb954531b48acc56a7a50f02476cf975936ac799dca09b9776dce1639744c3b083705499eb24738a62275170d658938006cb805b696c2386eaedab64cd2e08cfaf483e4344ca5b122c28557487dab07ab95af03f5829fb4dffe82405c13a0af8a682c70ca4aee34cb09b2fb8f4dd3d35f5766d2bd84bc98eee1d18c10fcecb62ce87b1acc92a8fe45c96ec941c00bf615abd12ccd48564b2445c1da687d1574b83b4c0e567592c8c490e3314b878304e7066139b76d7a7a98eb82f127eab650e83f4666c9cd63c2c18734d967fe3601bc75f91a1441bcb0c5cf9609a1d0bd799c4d60b6faacdae117f90ce67cd24f5b8f74c939b337801d059f5958912bb891bdee46bcc29270674755a70ea9eb20f39b843c79f1a97f665bab74b67677ab106ebd12d9d15fea952efd8e1b43627c4a9ea6cb1d4b810acc38edeefe5fd464888933ed3ee5c58020e29835caccff14d3d28482687671524de1400599721fbc9d9aa4ee9c8e0bee1737cb59c32d0bab3cf2fd4f492495cf380572a786700e8b4820fcf46cce7d5fe42d73725d54513b99fa656e90014017f77698c935a44ab48d5cf8c07bd759be27f1579eefd8a1aea8a75bdbcf51bc386aaade69cedff77d392e0db1f36e22269fd28262093464067a615c0cfee32e8722dfb83d6b4c448a634235457e6664438ae64dfcbdb40aef0140fa6fdbf8bacaac9ca702832aa794eef6d4bd99ac7a21b173d083a31747bef25ea7bc455b8bb1b84ae71b545329072949fd0943c3232294278a02cad47b8689fc8b7cfd78b01e039a0c291ceb78840b601f5b02aede12a8521bb60b087156b26ca4705479588bbf45a85d3e554da2739d26e7adb12346ccc842303a1031a715c4471e7c6697b55574f5e193477946b363f846de0b7bce655a8a99b4ec09469ba4d8f2baf380b5be82f839bf3044de368e8e49a2eca7014ac9fbf011a34f5250130bfcc60e771e9e2683a7fb0379413900d3dca61a3ff103645dd9f90cb3dacc9084d07f881acb1581b41e8306212a3362ec66c9918c2cdcec3e718f3b584aa01f136202b6ccbf67c0b818653ad97fa73c8cf8c6418b839f3d8fe84e1abdbc8be5681e650716e4baacf6c1bb8dcda89721951e7602cf4e833f8fc08342993ab3af33071d857fe3f863cd93a4ab91e512d75d3267aa4391260c96e295ef2ac4037039590e4a3efb1847ab745726b10314a0b35142f6e9bfc304fca7072986314e07d990d947208992783cf8b6a1bb5215d2d710efdc413ce442f31124f5b3b3d55a3f15926f064807534978f9895081dfcf9217e87083b19856c8c2f6ae5528a0bb10f6c0143ef4e28acf8562216fdced04f1988ac1ec8e56698056d4f6aeb64426502d013bd967f6761be44a0797fbfbc994f1aefcd80ee889041172d431bb2498d17c6819a983a365b56415d9efd5a798ef9f396c74f4b0cf6f97e106d98226f3185c4a7289e63e7da74eb84587f6da89975b7c973db6c74d1f0ff62f944809e32e93f1a499e21e3b7cfb0cd7dd0c7cf8e4a17d81d90aca36608b57bf8aa3261d47293b2274e03dcd1f2a0d4d8409cae83dc305886bf07ee8cb5e8baed5a351cc5cf8bcceb8a20aaa20410a2030bf7b4b011d640c69c4a12c8b07dd3238454ea14fd489afea54c6e06c1ffc9d89cf23f4b541b47081be9a130944716ae002fe744ff69140fc32f740b407284450d8b5d792bea7e36b0bcd34caf995a3d8859124236dff128731f35c5b139e4e3d522a3c6d3e287d0a4ec2711fc0c0535e2390d4cc4fe52fa28681d0c2b341c7a26849a2e274591f1af44d9f65c717552c4fe8a395a5ada07b031b44775a9b6a581292facfbe668a638d5a8c47a05b6c1054876f6a16e3976243487b5b92062749c7bae659f8258dd166de5cacfc2665127d2b906ae7683a4130cb724ec5b6212f21dfb3060d7ab6a6141dbdb56d44cafa0fef32f6a2da2c7d169d65ba76ec59477cd4f6ead2fb7c1d3bd18a7ab393a35af46ebe421e92e3e052287eb02fb37f175b1cabe3b77ecd4100615dd2f1ff27618d4f6d4dc38bf36ba9f64587607b326e04a3a1d582ed8af0cf47f3e7bb30ae85aed08f787c05d86cfd840a3d81ab5105fe587835133a404f6b74f66d7019520212bc5951ff9d3ec511a20bea095a20d52df332fcb4c068d14aed5a93c96196e053135a99a29898140d7f1d24c7f887320944da4c10778a3ec17cab9b4c514a10ac38e317c0fa4ff269f3667081a7e3681c2e1c510903bb964adc4c8cde6637e26e608c62b201df0174dc83c0b2c6163aba160b2f9443dd3ef2003b1a3fdc9fa34624f80f507ff4acd481c50c6da2dcb1d499869e734a07d33453ac65b09670a1415ff38aec87855e3b774e75778b70afd7ed436fbf906beeba9898fa07df4e224d6853c51ee9e3bd8edd7077e04f83213c657d30434be7e3da92c194130f50d5cfd1009a8251962d0b797844f1eb616e00e9d19cdc787f9d1e1a0f021ab3d396549fa84cceb32495065be1065a1d93113607719b06602eed5f34bb505b644a23d3a233298df5bcabd88b9151bc0dc27f962ab6194195f3a3d1423a06ca7bc10cc33d68483b22fecc221dc7bf399a9eac4ae8a611404e049ec4db133740e5061708f0fa6c4638b642282b9f0fce9618902c115300cbd12cd35f14324ad817f266236daba0cd44cee05a468785a59a34a23640e4b675dae371f760c96557d9c3313934039d720aac5b2bafbf4e6bd7e0485c37a9fbb06a58fc2c88144aabec9dfdcb68483ac7f9d1acba2cd75ea0290e7001f06e613fd58007db4c82edbcab3993106f6c200a7fb8fe81404d38807c46cdaac6bbd395fe6ed1fe95e42bd8a53655ccbf2be03fb058d1c58cda3ec589cb2eb2f0735fcb9c042506642ee305718f10509345351709dbc8d3a4bc1bdb8dd24ed77587c60718f67be3cc734c826a8361402593221f19f2f127db7fbbb21b71cf554b727b728b726a41188b47c89b9ca168943aa5be8f031630c0c51c8161ba241a3bedaf2cbf1a013f72cf586165766bb376bb059953e53a427c490a336f4a0bbafda9cc185773905cf5d1d3e6ffbad0db2968b5a0b5dd4d756dd15b1d4b31ef5f55950ca13d90f727682c8db4a3ba5eb8d8aa6c0d9f7bddc8a048d710b2175803d697ec8e9528d3bce537072b3fdc5494fa0fbed1347264899048f090995d0e3c96fddf6a1242ed423da5fddf011d982dae51986b2b5c9a494d1b6ba759551e43102eeb80abaf036a5e76d21e03bc189716c58239bf49830286dc0f2288a2cb85ddc39870feedb65b9548df1b3c63a22fe8000a27ad3601e55c017527e3d8945b11c26f9a8ea7011b36ed8a7f85b1d65efd88313ea72078b6221ed5656bacc2a8da3f3105ed6c624aec212080db859dd65d557ba4d95ae28cc0c48b6623d51c96798ffc9b9d07c67c8c830386046c1d392345e4ff1713a5be14a51b6e759c05b9814aa903b55492288895123013524ad059c1db35677fb922c667fb23cd33d6600bd9664d2a62dae20afb20ef03184ab5bf7765315d75731a446aeca16fd2129589a07599c4a679d542f5a0da53ca964230347fea166d7e9cf17c11d5cf5969dfd7aa11f2b41779226d97b748454720769b5ae6d55258593031ad270b1c73be08f5780557c9b724cf956498aa6c2bb32ae20dde0829fd7ef698ddc94b620a1e68dbcb9608868f3497c987ea1a6e49a5538701f22ff3507c8de565a3143ab474c6d25d53dd32dc26dcd5152456e47c0d55fe0f464ae1a6400706f80cbe631a6d035e136c84ab553ebf001d56f5f9952532299baf168e8e2fa1fc48352f07d3c158ab9eb860617154be395c7da6fb270499e426f93816db8562ed952673fa376c76cdf8ee8a4f68af3be22ec9609a38f75d2b1172ca2254b5472b053e80390ed3486f7b9fbca4edd268fc1851ec6c30bd3bfe4f513b67121be7a6ae12ec0c4319ebd73ce5ad8b1d94d6c98f30b5801e02327a33a7b17e91e0296b34a8796fad5af70e77d98bfe36053e7748d866d76118a808b45939da3e30b50885f532076a585a28c177e05b173facac96bcca58fa27ccca7426c15520d871a3252f436f7c8cb57262829dcf06bacb04b773b6c0434b8b9c64970316c5deadb8e437acf9b001eb299680453897f1e54fe6133912053a5513583b19babd4a9ac075454ace8df036f499362dbd9f99668f76b7cad0de22cee0ecdd6f80da2786dd1ec1d953bddfded9253cd694792671940e25f209881db9cc39adc7d531f570007d94fd45b6cf60ed17ad0fc1f8d131ca3e8b32fc4647f68e447aa6d05a9bf71e0776c77861fa3e76a7431680093a947cc8de264e472363bda2724d1d44305b3eb4a2fdf9668e1e1be070c2144983eb149c23bb91aa630a6e73a92701614059a963fa3848ea0692588e5e1de0540383bab95058fc9dac889e98ab8e4dc9b43128ce6c7c13b2d9ff66dc66ead8de4336096a7d748a8ff318106937e4f61846fc783bb2802a7e5c40f391cc60ba4b856402518e93c8bcdae3e8f7aeaa32a79e9ab309217533307e1610b960c198ef451412ba9fa38463d17738f6b9398e2a1d8ecc329af27f45a5051c34ba103ba7b6fc9bf165a6556113ddde2f601e8cd4803d7990cc891c768b6bdd38ce592d13f0f58d57638e926af8e90c9c2e2b9df19acd79ff5d8306cdaee39546a4dc183508d5538bbe71ee8d0bde657fdf69e2156c2839a34cd86dbacde16c9c2cb1b5cc70228a08254d36e0c3a92f8eaaa326d980bef0532c6cca64e2c2860e305e14e3da4c61fb406678f615f4d1a9c9b52ffc3bba21cd956c9c168973c5743636abe2a07db05973fc8a25f544331e8de57cc8f7be7ab1d3dd21e577019fe9e5361b0b56ce45509299f1332665055cdb969efaf09dfa0783860e211703b550e809c172543b217fd38a7f6b0d488a477ab5e26160f83941fdff20112953d9cb94884048f522363fe96b45cad13169a337d0d60a557fe0d3ae6f56574c4d645e6498a67ec9d0138cc9de9e56cbaec41842890667aeb17ac2a2321c8291ed8232c9ebcb37582a4431ba3e61398c8fd062a635b63fcbe5e41555023fbe5bd503925673e31886f0366f9546507b649a2b1a6401f3a", 0x1000}], 0x3}}, {{&(0x7f0000002880)=@pppoe={0x18, 0x0, {0x3, @broadcast, 'wlan1\x00'}}, 0x80, &(0x7f0000002e00)=[{&(0x7f0000002900)="aed8b9628b3025b711700a500a8b0dae853e8c2c8c863348cac24b059ce6a90b8730ff3d3b3bf7a372637c1537adc3def3263577d5318341134a3e0a22ef0a41c4aae6d757784ffe5754910f6a75b5500224f98db73f7d57ef3536abbfa927ebb474a608023baa9a59c50ef35c375b38cf99debf73d496a7414f122438425a77a62a6c6888f232939bd11a08aa087456d5df8c013e9921bd4d32603e21c5b7e57d16f77772c314b35451308a74035198ce935020d1", 0xb5}, {&(0x7f00000029c0)="c5824d9eb685b7bc17c1a7626a5fdf9dae44b7c4815d8b6245cdf243984063e98b48a72d1dd6d3c67d749cbba63438c39f463a0d3486345f090f2f8b1ccebe741c2e9738115e4a0c9d8039d97c5ecef5e4cfef82c7e36c5854a4b1e9ce651e5e0b7bbdcbd45b1862e64025aa145d4419a0c8b9ea26f2a82da5bbfd8518e71a0e6c342f9772feb0ec7f757a09e6e26b1639fef57077bbfafa46f770b27da6a5785e3a59735da71a7b6fb72a601d199fcb728bd189ab8264ca078ecb6fc96ad3e7f19d2878b1863e373e67d8a761d3", 0xce}, {&(0x7f0000002ac0)="2a2d69f1c8be4122c4673e87e0624c923a247bb85f7458acde082c15700071121becca2dd1cf9686f54f585983334f0962d1cda2994704afcbccf71781c54f723c2eacc5cd953b5137a19a647df41d39678c3bc910b0aec54464a6a046537a84bfc6b58dc22dd1d4b85b91201bf90f098690c57520233698d6ad18718988abb6a156279e8c4a62b8c7a45aa2a67da719106dab353d65109c704897fd662d1b6535de182fd01976a33c9048a6fa1a9452c52ff71caf62ac939f10638dcf31bcc013754ed226c6baed6fcb2a484bfd772203e5bf31f870a9d2", 0xd8}, {&(0x7f0000002bc0)="e2a35db6e8688b64fe6a559fbafbe3b7e750626a8dbe906d6f558eecfb06cc06abc10d454a6eb360267565325d74dfaed8e5143c2416345059fb0a83eb099bbfb7d6debaa0244a8ef16eaf777da56cc06c92c8efa649c6ab7455bc830b2cfe5193041d8d1517552e05fdd1179d8d8a3fcbad28079e856167ef1f443b65bd9f298c97108fef537036443d67858e5245a240c103a1ace5fde77a45a8abe8cb2fcd5534ce4d603a1104c9c6b8f1cae8f77e0a37574e2e033f0dad56496123602a0eba81442bebd0d4ef09c19faade8eb4e1d76150b9640c62fcef029797eb3ff7377ddfbdbadb8dd2647e500f6cbbc22b2c324b444deb574b87ac1c32", 0xfb}, {&(0x7f0000002cc0)="4948881741e1471286ada29d51c54d84e9286001016832a53460c017cc3cdfdfa6f8142b6a0232", 0x27}, {&(0x7f0000002d00)="60188233a7f88ce5eec6d07a797905255ed761e4a7d87dc59144fb4e3a1987ac0b54f6517a5cbc19665c4e3df5f998a7360be91f2ea70689d90b5d3a7a78d2722ed91fc412d69cc7bc67eb0f2b3e9006b544340f7e7635ec13f5860031ccee5230ad6167ffcdfc270aefe3a3ca13cf2996b8961364977e5a13403216bc98b02bb84adb2fa0382489518984d8af3107b39d10ca68bd96e00e00cf87ca8a5cb004db42919a98c4fa8e8bae9f7e93780c9dffb96f65ef4335", 0xb7}, {&(0x7f0000002dc0)="dbd5782ac2f0bf1dd46b4f47d1185276efc6406b534785a186a74268db9cb6bbf6faee417fea13f67eeb2a", 0x2b}], 0x7, &(0x7f0000002e80)=[@txtime={{0x18, 0x1, 0x3d, 0x4316}}, @mark={{0x14, 0x1, 0x24, 0x3}}], 0x30}}, {{0x0, 0x0, &(0x7f0000004040)=[{&(0x7f0000002ec0)="9e11be6331d98e6f7870284df22ec0bdc7613ec566c3c416d3b85c19b51f82908defc7d74b25924e537302c5108ebc1e5120d9b8a47cfdc950d3579fbcc31337a6815e97128baaa41b115eedda3c76ebf80be542c7bcc51acbdedd4888c9ac357ede9eb77b1a", 0x66}, {&(0x7f0000002f40)="5d240dd12731aa17651c484e3a304d709b8db3fde9a983c814a2c097453013b9d057eaeddb2fd95f8343248175cee75b9e89b88d6f1799ef05600db16f2767f548d5acbb28d7264fecc49f24207ef75838ee86259c3e8ed204ae50db673ffeb734e575152bcd88ba76123c3568c8bc377f15264d21c34f00526f1c0d3e93519039e7e5d30d0924fe2e4f2c405d57a24b54ee3c6d3431aa2ac7a4c77c89b38d7bea76f349df478273000dad66c87179af70a8a52dafe89b4a9ac5bc15762f80d9fee58e65f96d6ee7d87674f47e88cd759dbb8bdd51700330d7cd7b55f5414a4d3afcb8a0bd2c45dddae11eaedfc88a84c2097218443ea832a2c3465b49f06d1357c3cc0e584326af8404fd8eddfe1d6a0022b551cc756cc49e12289c448baaa92db4f3104c269f7d61bcd9cb81655ebabf5931f64a16aa5232f572fda139e0bef866451f797f42d8800c1551e67fa6de2a34e8a1422908f23e3ff44c85877ec4545ff875084008a2a12d4509717ba395368ff8b5484189216aa1cb87119769f45b0866b0d1f9738108050d2dd8a651e77047e7b55bd89481ae322a6fd1f7f06745e279ea0cb2c5223665a481eceea2d0b03e9e1f25b4bfac36f1cccb3a33c1c18088fb1c1c7629079de14a5e9c1d71e8b49a9b495cf45caf67c28a6a7369b2adf788ab919bac63b8ee93b78404e277e068228b46be24ca569b3e13f83c4f40faac0ffca1d802060970672909205fc326707178eb91e8d115775c5022202b52906dc633440deac78c9d56b6a4990ddc7e01cc70b72383cd20dcf8cf647625807019ac336d6c360fb63875bc2ec3bc04be9b40ee0fcbaffd217637882fc879030403380510d2ed406e0f868e2e7dd3f81a52075de11f8c091d4561c48b39843474ec217cd4e522a10d648f234055f8f2087e1396d6c76be979e115b77d55409c99bd1c03108d812781464e574aeec8502856cb0816289a84c9d187400bc1eba6d6b62554c9ecad6f35bf73263493f66a40d6a7d51de06b777b77baef88f2edaeabcf9a6ea95380f28aff9302e7c215b4079c33f5dfc345d72a5cb6104137925e61575b6b6a8d4098cb6449a4db6ab6feb0a3523cab8a744ca1cf2c7d9f39a039c10bffd67259ffd0a98beb50ceabeea1ef4cf8a485b5101a9f5919acabe5e45b177bb96c2ee36861a802faa6ae2d00a9427a8cc578ac1568b1797ed1061e30cf5c82674e4753f15e812574c6652de5e30427b98ad1863fb2de803723d3ba287c25ce4617a908be096ad91e2d45f0973ff3ce1e17c6ea8f74d403d78cc47935b6ea6ec4320f550a436a85f7679dfcfc1ec7cda5bd453a957466c03a9bdcd26c8da4884e411156313c26f61690b1876580dc66afdb9c0b76cedad78afa37ccfcebc6493d57a61653ed7f8184e7c72f43d41ef2b750c981e702a1bc2a03d3dfb37df9e9151e019188680e8f0038fd30d9620ea0f57b911f4dedcebc3014de0f2b777e399e6e5921b47bea821a8b1abdaa89ed5ca7493266b5af376c1656c3375d9c9977f889403218c90932119db08e5dc4c33906002b53aebffce615f3e3fd6dfb5652762d9e7ab31fd918a388f266e15640cdfb53e02f2406d5dd7597e6917f7651cb5afd97bb4dcb503537dbbce096a77ef13ffd3a2dd5dee562a883a36b700859a0028c84fdf946ac49bf054f807ef4512b5cd3fdbe522bbaa10d262f16ff0021ffd3b690327a0483ec4e6918afca86dfabe530609d5f4e8188bba1c936bbd96dfde283c0bfac83336afaca4f30be046ad9df131f1200cccf9538023d07cbdd923bf5c7dd4ba96848f01374f19c2fdcd3c5f22b479c16523995d00cf9e8d6b01934f4bf673f8f82ac41e365a7d57a6c4d250ebb4fc5982ff2a572a37d076b555988ca509cb3593faecb6ffd19d9eb6438cc6dd74c86094225c04353d542ecbe1c1fa5708e6bec7923468bf05d99fc1e9ea88f21b812c754ee069543c1929fa3613fa46daddf00ce92c12d4342d5326fc3496fe0b3a8d6ec2469e1e2c0a13bae22385e6de1a38e7de1e00957b0a414b382e5657a389965aabf2b1bc6248050da76b97aa326ee1dd4512f67735415fa0427da89a43ccfe45984ba0f2123412cf05526c38f391ea7c9289fb501916176afa78b15a96e503380860af6be4484e6a9722e0bef6829556a52c6fdd6fe392592aa37f93b0173bf0f29838bf0465e29d4642206038278d93c494f2581935e69b316c80f91cadd0d6a59363c1a32a4c140b68a7db5d2a2b218b1778d39d2c0dc8a4810d994d284b6fbfcd8ce43ddcc56e54e4eeb6f69d5ee17d226f94183aea5fa5f129a3790db58bb36545a690089117a583d17e8436c8eb2d70991af006b1c8dff0988d6d4628e383aa817f17ba072cbe6bbd2af12cb71e01f360792711e65ffe7283889c190638b64f6d4ed551e9f6b05f91303f5ecb83ec362b30d2c06d690a7720d5ad34bf5f3b1c7c64e04d48b4bcf82d821608a9b358fbb95cc02bae8aae19424febd0efd8d2cd123596c0269cf4fa91799a66796e0ca4610463fc27938d5cf0209aebb55100c60ed2cedfe3947927eee896e7c7842fc78eca4a011e5097f4a5366a0e1c75ac404f1efb84e38d6b0f84ccf50776141d454018b4af1a82b19969e9cc7d36f82aeea79ca419d9d6ec53ed7b7df7cedfeeb104dc0df0da929aa407a320b7f2827aca232f2295a5ebf2f53d101761f5d05fd19ba023f7af65ea066f867addc9c805749ac0eb76cc17516c959258a2ea23d03a9a630cb6704ab9853931f351c0e97a16389dcd55ddd821f8d99c7f5ad0986d2efe73286513c3e14941acc16bc41a74458a574a0cca938cf4bdfbb39d41988b4df0a082436434f953e638bc93777c09e709e566d3e680be33f0105a14c8cdf6d3528d3fd81b6ecb5b52450330b12550be50d34c68f9cf0f24f7328f8cb8fa63f74d34142e80261211b232b5953d6fdfc0c9910e5cd013a2f43d98c8548abeffa7a0583502efedf62c5a1ba2084f8e84ccb124510319a1b59258606c61d3ec149abc07804673048a6be79d92b9e8b16817700941e08e10d4cb143fcabe4bc7177d224c551920d75873ee59cdf838ab73b3934eca601bbace91d1bcb0960f54df7e5837fcf94f70986ef5e2ca9402a9e15d2ed84fd214c53f983c3fcf52433e0bd9aa40d8b7b583c94b9c429a24e6840da2c59e7bb97cc947b2c7c5e38a46f18b0d608a6e0bc59a9415822b41dc80c5431cbd186a99702290a68ee75563b1897f6a6021074d33e50331bc9c39604d7f0d541227df19cecbbe5c8b9193dec4ad5b8bef3393a9d1f446200a94673eebe416d06c3d815ce34d2e3f93d83b5f58865b991d99ccace78e3ce5341969b83d5d7c01dd37185bafe4e89795f4721b664c22e5d115108896970ea5b2e34c11b2e4a2236d8ae773daec2c69548e756a3e1888f6e1ba1a5031261579f17e4de723f817668c1dc148969be6dd30e351340c55e0b3dc47fdd4f2cd54387bae39e79e2a33771afc51c6c03bc485ea73da8963f15ae6392cc91a64bf69374b6ce7c1d4be082ef8cce67ea3a889065bb3a4900536659952f9862b2f66cfb73932a3bd425c6625de4bf13a13270739b7dace2bf0510fed8fc9cedad429a7d9e87249264d2b9fa8083d86d51555ddecce2bf70a08baae0bc74a9cf2eda004f0095d0d67e938f2e5e329305e4d6ef9041bbe31a8d767320780fe80e591dc910468407bb2cb527d557e846db33d95b23d059e3e22762430de9f1d0f23ba6b303adca9353340c6fa83b92d7e1a5795bbf5d84270051c26dbff5781a967a9fcfdee9c0a23b2ca0dd94297e016ea73d41a4312b9d2c8a613afb7beb110b1268cb840f8d2eb90b2912291e83d5b0786a86fbc98e8000dc3b2c4ff8e9b32c4db5a97bc137d2dc34adc08daff7b1d572b497a7d77161b2388ec2b2a7b5de60745fc1c675019bbed4b78f9f8d81d6991d5fdf8a173e9d8a30221dabe6dcb3540aabb85fd1c727ed0c5e1be3eb5cfabd39013c1e409a7d48c54590539e8d0e53c68de916a2f6850dd9e066d739a42f419bc3552ccc5fcd7445974465370412505f8d1748b2f6d9ab27e1a83ef2feb87f11832831ffbcdb42d3c3accdd8685c1a19830c77ec93efe8ba1838853067e26ddff78c7cbdc6077f9e0ac42d9b75cd7501e9db5c69a4f815bf92307482cd8ee9ca4c82c91b6d7597c392596f6ec549cfe68a0c95e6c7c62102612258cfed70cc0961f145e357afe51ece586f3b708b5e19e855e229fe509b2f275d6227a660f1db0f7c3fc3a98e76bdbc3d2ea8509db4e7d40c36bfbc50d3f2b9052a7383c967c933cd95d5ab15dc8432c3cc640c5f25c6f3a26744fadd166dd3598e5babf92057c7f316070e70be2c220c7e75b7eda1093095b0d40f169a94a5c87fe06cf4f98d4e1d4fd2dd4085614039fb06d107e23708bec9bff69aa29a0cf9a14af718b482cf00b3c55fd899b138df803b8eeb66c1ab01c6b8234e40158cbd2c51b0d6ad6f7661d959ab048f7364f8f4f9da371148df478c118d9c85132d3922602f7bb14bf07a1d174cbf868b32b3a8836adce706935dc94d2229a24cea68b157b4a07ca842adddeec9aaee84456f0c499fe0ac72bc649f0f76aae4f18d769401135130d875a8b26751fea15e9de653db423cdb91aaed65ff65e4ba169a5166adaabf44f228793d625de9da352cb58015858edcd095b7dc2303652105965ce24f39bcd7904dee6cf5c5fbb952992252780fd846d50142b54ddaeaa46cedb0bb76278c6055a0d86c2236c24f2957586f35becd69584f1593516d9c143df0dfc67ddc6b25411793d6085d81cac5b7b7df7efd4b23603a2fd27bec4de5f7cc1bcadc354c2567fdc94161366b1485a5e05cb960039c3a598d04cfdfb9de70da3c3199291bd2d49d0c13ebde02e11d57937027737fdb3f63382c13f0f8e6673371a5a73be9ed6a2fc55c862965fc65f8b84019b3cfb900b5b99a70deb26507bccba0742b0dbfa4ff38216516f548eeb6bb1209ce88521ab4d111575f66be348e116920692b0727137309d375fda74d700abf2bf679a6cffebd5f05287feb3c5884846e8651983dc2da9a34d2e883ef5d069752db98d6c0e52f186a45612ae0affb4af8d901b3565140065edc50a761a91c580c13db743562d798297209b4092e81ccf2fe25979c26e4ea3f6649204601bd43d2dc023218e47fd8d0e573ee9e1e46138b771ea2ea545037e0ebaa7908034b9182cad65555fcae9e5178d000ba4d25c0c9ae5991eb58a85fe210641a1ea9d54203a00b53db9367cc0a85819ced16f9dd67402801ab4016fe8cec89a91e46b4ac3493a1ab996bf67e7fd5697b89232509f1ef613e2f628e1345756e25caffb1c47aab3d559feb8b49af029c097627d81c418580d34394d1e95e16e6f1f0e73694d3fd51329b84ddc12cfc174992b5216274cc7221e87cdbac28af170331ab64cd244f33c454a261e911deb7da1166f108aaa40c704c6898966968e7bfc8c602d78d35b4925e44b7406b43966642b30fc903cc58ce9dae9f39f6124c3fe1beaf975181dbf52c530208eea4874eb7a3e30d7d8fb4927f0650749dcc9fc687c171bf2363bdf3a32d099e11cb901667b8bfc1b80f2b2cf62e69d0d413c7fa5712bc5a7e9717b2e001ecf9cc7e24a20afe70531f6fc64d6a6e6970298b504654a5f677dbb263883bda1291ebd9d281763a1190e280b809a963ad57b4ebeaee206a80de6af58c9c98bc665ef2fe54de0006314aee957d11f3abff77", 0x1000}, {&(0x7f0000003f40)="ba600a98008fc160bf367cc1e5d956fd4d25618dded0bdeabb6260e164ea91f97c424af63b16438572d7a2164c8adb151ebffc4bd9f9310fd7c38dc4c6000727a590cc78fbd733f726251d7aeff6cf271b4dd9302340b93cdca6d14d8ab569ebe4d74d733abf7c7227cc5b0da56275fe889765421d1ea31919b707ee37dbd72876abbd3b36e815657577ae1fbabafef78075830b699824171345e433687a6173f2c08311ccd49383608ecdc69243dec8d028d9dfaf59a42eb4d8c5eb2b60169e6ba3c842433021a2de31ea473a569d79ee659ab982eef9554edc8c12f37d9653db84c2", 0xe3}], 0x3, &(0x7f0000004080)=[@txtime={{0x18, 0x1, 0x3d, 0x800}}, @txtime={{0x18, 0x1, 0x3d, 0x5}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @mark={{0x14, 0x1, 0x24, 0x8}}, @timestamping={{0x14, 0x1, 0x25, 0x800}}, @timestamping={{0x14, 0x1, 0x25, 0x322f5178}}, @txtime={{0x18, 0x1, 0x3d, 0x24ac}}, @txtime={{0x18, 0x1, 0x3d, 0x401}}, @txtime={{0x18, 0x1, 0x3d, 0xffffffff}}, @timestamping={{0x14, 0x1, 0x25, 0x1f}}], 0xf0}}, {{&(0x7f0000004180)=@un=@file={0x66a8dd0c7249c983, '.\x00'}, 0x80, &(0x7f0000004a00)=[{&(0x7f0000004200)="b5d466b55cc2f801df1e71c1c5843687aec34fd773c89d109ecd69e9ba8057063bbbf707d805dcc11703846e032091ecd76184937987ccb37d99f8afe807329e5ba3a807365579792f34fc33676d52686ebc18f0ff1592b13add9dc6e6dbf486b2de0f458823a2bebf47785a999e4db77557fc249fab11c8b5a6cf4d14982c61200e", 0x82}, {&(0x7f00000042c0)="a58f1ea98fd7713131359a5b08dbcddad0e765560e87d5bfd2e5b421e5825ee407f56301b0d659dce6acedf97be52b23be0dacba93448383a286e5cb3d6f29d612977e43b7f9a1a9e1a4766679e13ae9c693f92371f72968a5b14653c70fcba1954df0a177c7d1c3b2a540fee612de6528a5e47756a56bf0412a7a12e7d5b0924d24432ded2046beddb7131a723bc4a75b16d601e550bcaf5b02487a5ac2c6ff24ac5771a8656a787ce1173db77ddce12e032ae77990623ec10b4d4e38", 0xbd}, {&(0x7f0000004380)="0a8049f5c88f33c52c8ca575febaf592116a97392c80d62d997c2a2cfb80dff1063d37410756989d19d21baccf58ff3c574abd0b99779c9a52db295d47a587d90896f59f03190a0c910b542e7c1cd36832a318b60ed1f58fd44b4e5262f612a8b2f95e11134abdbdd5385a2bd0043d19e3ff75d984bb40f201fdbf32ddae", 0x7e}, {&(0x7f0000004400)="32006d3ea510581726e7749904026cb5da67a71c96a8fa4d10594e2c640d9aff65fe9cebb33a598a4790783d0f4a213f0f3c553c314ac0bc08f31c8bf8055bfb7b8069392139c6a91739806ae9d4801739c87f73176ad382632f085b8e8433fe74895ed72e85a8a9445beed5d3ccc3a9727e28cb9065ab303eed178a32cbaf442f1fbec1", 0x84}, {&(0x7f00000044c0)="af2a8f75a716a422d21703e95d1d775e3cae427adbb317b88b1249b6aaee465a64202bee7bd2f4a88e17dc05abf01018f4200ed6a3d73005191962c090077bbc2c3eb28ae1da1e0fa5bb148e98b202113f2f67f8d7835228e2abd34db3423963e23db90a6a53f5283a63333baed93099b25cea383b158d61bba1bebc52de54de3fb872172f014df9b74ce8a63c8bbaa9857947f6a39fc1a7fcd384f77f8dc7da2fe76b612af93fde8265bb0c23c1720d3f3e6875fa9cf35117a210ec2c960d306ca9016e02b61cc469a83614aebda4dc4d8fe376", 0xd4}, {&(0x7f00000045c0)="e617967c807914c04c78f8caa8ea95784bc6f797fa5600972b59f09723fda17462119914f6f09d531850703dd42a6898f35429a675642c7893ff2a3d774a58a9f1461544f00aa4dc541550c9b5b6a05b72cf61142f06669ea15cad9b85b042d21954e688856b15688dfa0c5dc5537fb85e084300dc51f2453cc87a8deacdca592990efb1dc1ecb772e9ee5a465b2cd15649379e400ce896fd2df0d69b58b4a44fc6672a53a9146774a6ccd08ba913a52e5ab79ac5734ee79a7b96815babcb7db", 0xc0}, {&(0x7f0000004680)="ecebc046984bb5d9a7c3127608f34b158a93c8751d9c257e39ce573da1f1d7e076cf56e17e48459a6a397a37b6d7508d7c94a86c880f2d2cdcde1d505ca0f66a1674b9bf15bc0234037c7af20075c17f3d9816210f0e5cd147f60df83078b0c59483ae905a2172ea68d53247c2b3714def51273a5d1020438dc9cd30c4936fd493df979ef221aa39aba8601ed8c12a0f95b80875785fb8445924443ad459e659c0eb5d8b0e47e5b89b71587d06", 0xad}, {&(0x7f0000004740)="0e5415d0c098cbe723e7f71f2efc8e2802c263a3c7f56758ef340171ed2c4194d80efa952ab4dce15f8019c985a177dc2f8fef14e3d3f20afbe5887ff2d3144277502aa25f6b6a7aa3ab91c1406bfe0e3a3c5fafaba6e56cf3f794dac68011a33c849dc358d77a1cd17f47659fea9f1f623dd502d8ffd9df89a4224d65dc550a1c25a9877a30a430d3a64e079872780f4ace73fd4ac8c7a0430be06b4914edde1152ff73689b35492aa71c3c9afc494576bd25defc3ff6c83372f04cd6b2dd6cd1b844209d9a60db6062722699da56813a1be7", 0xd3}, {&(0x7f0000004840)="ba21b28f7fe9f42e3ca6e8419d3c7a40b18db09a3c2105f058a68f0ecdc9c1f05883ed43babc859b517e5416ecf5b768377ddb9812cddf1815a0c9fef169e9110909bb4e508f138326349e66eedc36c71fa5cf398dab6233428585e3b3d6ea3f04a6961520743c54028b0c36f68db640818d90ac285b9947b99cc7e266932f5978c83ff72b492048aeffea8b2fa4eb73207257c0c1ee04576fc2805a5014f1f6bc1f82844c5dc93264841f30c645d4b70c439414ef664acc4efa45ae6b20d1e6fdadea64e1a0ec44eb25", 0xca}, {&(0x7f0000004940)="eda40430dd5affc3bbc1d9c2dac9d29997be1d74dd0d3c1d242fe611d4d83f32427a21bd30968baf923ead92533c2899c369e334cb14da9a28fdea67d216e288704498f79600cfe0dc8aeb98521aa200b2f87c74b5092b8d3c97c670963ea630ddd81dc2a07afa3bea343660e50202a7471629539f530ee0d581516605f1f1384f790a5496d2887e15238257ba143504e1fde000ca4d3057666d8c43d83e8d582b35a2845dcada50f5cd22adc3766ac205d49cf81cfee9292ed7251a", 0xbc}], 0xa, &(0x7f0000004ac0)=[@txtime={{0x18, 0x1, 0x3d, 0x8}}, @mark={{0x14, 0x1, 0x24, 0x9}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}, @mark={{0x14, 0x1, 0x24, 0x5}}, @mark={{0x14, 0x1, 0x24, 0x80}}], 0x78}}, {{&(0x7f0000004b40)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e22, @multicast2}, 0x3, 0x4, 0x0, 0x4}}, 0x80, &(0x7f0000006d00)=[{&(0x7f0000004bc0)="0cea532562c62d6794897123d4efda8a3cd27cfe5e6795f16f393a465c54a1bd0f", 0x21}, {&(0x7f0000004c00)="11ae420a42540046d4b8d8156e93b8af78e6af14f40d14077163e1339a75f9b1a08adfd3380c383aa2e13b2af177caa9a51a15694d2ec69e5c26672739e00ce75364842c1ccee5f5126a47129c12a3329d462345e17705b302c53479afd7d2a021d926a31a332c072652727243602840fcb1727e", 0x74}, {&(0x7f0000004c80)="b1658a515d57c533d2e60b57191b8d2572a18497d5901ea101d9625f796e0c1ad4b511b60947edc5e4c6e2469c373505fce900c629dd6de30e17b02a65bfb9f89b48350593e25dcb702b8450dabacd746e31c00f8a2700cb1bca0a9cfceb9a5452b451782d29f3fbd6a8b1038025", 0x6e}, {&(0x7f0000004d00)="9983c64669baea3db1926b19dbb4fcc8e396dedee1ac94fc59af7c86e82c58bccaa9b16bf0735425a4d8f316c24e97955bc41f23e1bc8dfd5de40780fbf2bbfe6b5204ce78869b612f5d7784d768e9933a659cfc03b352947b3eb2d486c20bd4db7a4a970d4ab5e52785a6fe4ed9fe7c81c2fc85bf2f66df5a370a8c281542198d9dee316317aae983a9496b3b11ca2cd7062ffc5edcb343e2fd646afb966478dcf3c7e923c75b727917e82f36de2d9f6cdd6fcc0cf004a30480aa76a3c1ac6de395e6385aadf2b6d5ff32c0a78ccbd7856816eaac3527f7441b922845c08446cca09b7220263509fd83af867d3f2b3e4981b5dcadd4c442868c0f7198e4b6533bdd804f5244bbecb35cd82f7c66a0b4d7b0dd0cf4da6aab8ce089046ca7c4a4221545f824ccf4657749294554c048f757187bafabff076834ea830cdd8456c0b3efa55982f082d96daeb094bc5c93137b917310b9cbacfd275dc50b0e498cbe8315f0d8ce80b1b0fb1030210dc10967287d37596613bec6936990e8524f20d3355ad86a1878dedfc60a4bfe9a3c1cb37c6fd189a75dc84b73637c8177744c6c0d123120742885595df866b298c235c09e431a00c930afaed6fd4405fe1cd4400ab4ef0bdeaf23a1ea27c58beda874ae33170f96102c4d148ffca24cf4d394f22af7db594bd57523a9b69ab4d7b471ead11efdf23753f91b15559dcb13a2b1ccc3e05746fb4ed69da5e5067d7db2b96b64f2e6c73c182882cffaf9106482638ab59edabb7ad8e9815cb64549be65430dd927a82856ef3c20e9c724e312c92f7ab866a3a2b0771bd272d0e66ea731d70b112b1dcf4c7dc62b8b712ed699c1fc2d9741d7ddcaa3095d8f9376a0c00a12705561f3d185627d0b5f7797194d667dd311d9e827cdba38639e877f5337eae47b98557dba27a6753bc4cd8b46f0553b8806813d491042bef8a9ebe754ea610886d2aa0e35d3c6bc01970fcded74a496113ae9da284a7f15d6347cfc93defd9855020639af3b458f7dd8f4b3eea02fc2024c224972adba16d1bdd968de5dbeff6bf859f33935fe1858200d21964a3c2c4ddd980721ba93c67233fd84d4a941421eaa33ac6337fff2da1e4f5ba93e29209c004a2a40742fcffe8101baa09d305ae9f3cb8986f0a1cf2d9deedf8b0942ac0fad7599c94e8bf83aa4994da2223d0878fc6e43507774baa15f82427f525d8513e8917b7013086a7a8763a0ab3c3a75d4dd744eccb8354f953e1997e24784ae34859b5a189e7ac8f45589bcecd9965ed4ec8c899427d5236d4e22945dd88eaa976b3dae00aaaa7fe3e9746148a28468b7197a91f715bc3fe6556ef7f59d77208b9bc283ddb58576b812c831dbae7e0cbf8e7243403b0945a940c5654ee2ffd1ceafdb7151271924558724f34d2bbde33e711dacf1d0750689343a5adf52a92b0d7d2a796762bb57765187bfba5980fcca90f798d15269429c6f780283f07e814cd2993f8b135aa1dc01e4db4851b3d854b410e03a6dc2435ffb244dae73312284e0ce25d45c65c579e438a2b63f7a2d7e2dab67d11d47a70d8f41646145d40acb5854b43e9f4e125f8765ffbf320bc9e905cf58b8883b8a39748074052da0c52b73b72fc8a4a1b7ab4c836256488a91885b2ec3b007da9ab2bc7a6dcfb50910163b902f390c43a8953e34903b8faf99bbc3890cfb7d71d60b54184bfa099fb100f8f0575b9a1e1acf7acb0eb700b0e775ed8f94083f3391d62fa9e17f412b511d99779a10fb746de430c0189c38c77b69232d9599f89d55e823136ae4a26645e9bfaf67bc338f6eaf741b8f45415b30fdb88c5f4d2d1ebdef861e74345ef09137b46a20e350684076186b0be18089d384530b487ad0a2d87ad1b5d27b7813b52576fd828ef5839301386302ab6d739d1bddd4075ad375bee58605ceedf26bc70a1635cd2265e3b9da0b14150ea387f2b4ff05b7ec3e922930afe20e3ee953a8ca343010cde7583a0b3b2e2111368789b8f7fc3d206a74cf54992b0f6c99f59a3ffdf5f8123b00153e4b0a1c900dbd810d857ee1a6adc7e5071880b4e39814c2824d3ef92003e8ec5d6ff5c488347f738f7447bd0f91eab458e811ae563caee46d1147a732820828e65fec96bb159f003eaa220cc2e61ee1bb06c41df02be35fe6a7d12d404378803e5d845b0d680b1d5f6351a77c787376c41d6c112dbc61e6cbc03b6915d3a4d7cfb8b8f923b26aaf1fa9f7ab5bed9511803c7ebaeee15257825fc45d7094f4f8609ec402fd395b52274222ee5304fb0dc73b9342555598801a46573c6a162beb0f6d46c0286eef365802af061f8ca77f29530e98068c24d4c44e3e90cb46df6f2b148a2b5ff2c1a75cda156a7d8f2ab7352f89dd9443580c6a861cd19a852fedb48c3ce24ee6c673c8eb65c71559e20ea580af6c61641889da613abd80f5c0276c6c173fe6ef61fec851a6f6825c8e2260dee3faf128f9aae746a40f61b1489500dc4b68f7e1ce37409cd4f8af0d1dbae460cdbb4bc426b63bcfd95b18058eb41ff096ffaca0c49f226fb4cdabb21983d557a97f64ad1a0b1650bbad419b9243f0902c2311dda3d7d35b5443a948647b067999373b4e048848974407a7d05a7a4240541af3b55cbb7aaff45d550de9dd1c7309a8a5647f4512d7aade22e272ab82e2cad884b0869638a7a5a56a89d31b722de17b1e18ff26ebc322925688cc1e98945ef0198f5fa827cf96b8606e1f5940e0e706a373a8e71d595ca36001222bf09832354b07e074e93e8e77a50f441574ba5b2ad5baaed08afdb8872cf913bd1ab996be0fe956cc88df1926fc131ef0d64e7a562839972b33f86173deda969a5d8ffff53079b1b1a1e384c479d5819d2f2bebb701ec7b0d343594e733b0235c05ef7c5dc90846343bb9b08009dfeb95cca0a47a98c16346ec6169d4d1939e77f2ca1b31b4e320a9805d0dcb3e2c4fea2c023f825fc0c111e81b0387c6b1714bdbf20f554dda4f43326aa306eec5b11580075e4545d61443624cdc34a1cd8d283ba0ce1611b182dea8637e2657965936c9eef4f894e69652577411bb790f60a2d32a27052e89c81fd0e26e7e80ec994d5a164e4cd16be6e208ec2c064c55667ff805e3e540ffc6d0294048b0a75b0fe96783db878ae488fbba417af88dd0fb5382bb7a8398c4f106d33903d813d4793c1028529c4a33bd1a1ac670e46ddb824a056179da49eae1f3054863df020892cccae66d943889851b38beb51e4aa9c3352a6c0e399ec76043f99afdaa4016bfc8dcb55bdec1e191209575773175c9065701e4df8b69fabf2c979258eb305fb5fe56d6c50c59ae8e07f0256d6f7d87c14fc6776a36642ef701aebd13b295e36c55aba8ae5a1974908a130bc6bb0c7c79d10517070ae60a7537b3161987e6bb50637fe42033c32cbd992e6410c0c1e9d949c7f51205d538bd6aadacb7bb04de8a661c6d626253331110b615ea154eda67dc8eaf3141022e266092fc4a8114363382f201ae894abf44d8a7d31f6b931a0792cc325b6037117ac0a25fe7e58161ec6d816436989c98ebdcc9f5cc5a60e0f211d16f196b2baadce5eab17fd1528c35c22aed671d4ef1d1ff4c62ecc3e124348265fc1bb89b18fd6f5ac6355a2d8ebe37ef8696e3f44c98ea41b1212aa454d3d98272746ac718ae1a00ae9c734494b9dda67c3b08c40025f224f90636c6c6f9128e56ccf6860b5f30eb74eae745fe24f07bb12f6c23df3b2c3743a44763b83f7244280578635fa8cc44c38ccf9bf7114671a992a0cb495161991cebeb1b8433432d9a16d416e4d63ef73c2f4fec10d4064b067872c5964aa685b0337e6d752966592bc2b03da377437b591bd8db00efe7e4ecf57718167189ad6f31eb4fa25e6f23c118bf3bcc9eed3c26fa7602ec51d080c02af046cd63d135b41b61f4e104bf98a869652264b7bcbe38734c47fa2d4d2820bbead6128de5d117b8cc27b90b2dc70ed2a81c14c1fb3f9512931ff00e9c054083a69c2314b7b0d5bec32b28e241f26a092fa8e5536b23458a34fe1d91e402d40fbe9e8533c9e07093094fc6debf3e205784f3a5f32b3b88d8083f5893c4f8fbea047f0b2798eea193349008344f5d8aebcd34832334c635eee55d22801c27a006c75af5803d41bbf40298a24e132a5134fb9a8b75e8f4f1081b4ad0838919f3a76f82a5ecc66364abacd6ae609b7db63cdca0bc98f8649963c961d9cbd50e0886db24cd2d8a4f4115275455d2f5ffebf7db828d4e24a0c6f718a79f05dd5444f4dcebf966cd514de7bb60dc3518c693c5ff280438117ded6f1f3f7e48202cfb0bbd9933756dd1a84dc226aed7bcfc5a62bd19fd7220e11b99cc025b3cfe2f75981c6761ed69cf5f01a6ae2683dace61a1bab716e4b61798ba3f24179663a52902a6c794c11d61f0a0ea15f02f62531b3f3a697b6a1d7b6041e595858909aca63da675c5a4408e274bba2d74daf8c013b3861d7d7a815e23fcc0c34f4023d5f36ddf19cc6e64e6e85f923a31fc028f9b0bcddf080f80ecdd2f3997527ff590655af9fbc07d9ae2fa28cee244e311e0e6e92d7ae2d5d83a4e4cf1abfa9fdc4cad2260bcdce9d03b09e0c681a14b10fd1481ea3bcd9a724edb11b01e669b449f918bc325d3efe7418bb1129ddae333786a180bc0c1375d09819cd4cc34e2811e3e058b9672aabdc1b16bdc9469e5a14cefab48601077f0c7ed8129c21696bba8f1d17ad48a871f8f1307e86f60ca60bf4735d3e9064f298fc9d50392fff6049bf951e7871be8196b33f9ae2128d72e0b0e8f250a7e508055d53ce7e5423d57820f06154cf7603b34332c699fa1b350187e4e5aba37c0e4d5a1bb6aab3c10e03843b94fa931352b561ce728e9a590328edf2316c56d3892a9701d5dafcb15fed69e5aa95212d2f0f17fe77eff7511be15e8e94e9fefecb822bb0368267508dc0ccaea6839a17ac37acd83dcf9df4afc66387a56e4df11b00529ee3de801bd73b004dbdbdfbb0bdb2e42dea9536d7ac696d48d254e9bbbe4d949a7fce32064fd2620da9bb0ad889bc2b52e72822ccf60385a1ba6482f6b0f56247acdb5603ff3aad2cbd0158d9bc632dc14d67e940b96a6a0cd530822af27e6872bae88743e1fa4b32321cc4fd3a076778536dfc817bc9761f87aebc02c6606da52392d6949042a16cc28587fec2229a3976396bcfe3ab1e5cd1f13bf174257ce002ec4db9fe2c6b09bb6bca7a09043d64769902e16de41d9fd71668de84cc4105c0c3f7f09355c9185eaaa868a9a824a5b324ddf2e691a16d9c425bd304d5032657d04887fbd65538e5f13442f7adf6d7531dc016dc8f0c05008e6b323d8e7768e462b3a031ff0d41894235244f79865bb296fe4044c0ebbd2bbe3ef3cf7b95d7c75fbd3630b2bf0cd88e6cc359ede01188941c73244e3104d547e8586c3e90ea6d96d21091c0d5bbbd8823100a61837ebfc6e01703c082bbd069db000e9a2438d333d19d9aa283263f226f70af1b3989ac8886ba7b689bdbee4e304addd22134b526ac14a35fb9dec8fed967ded1871b7e7a3120b95f3d55e2c39cf70b30faacc5a792c77a72b835fa1aa9adfa6555eb66f8e8e3c5e2afc8384bc0bd1305a19dad9688732b2d793c1858c4fa7547fbdbf7e3517ae1444ebb68f69fb07df6fbf3141748b36b178212c26bb86f965807c9c041eb7d9973cb3ae4996d428051b9ad8206dede1a60caa10fa3a1bde79f5cf9e78ecbb6d91fe13eadd015ce4ee68b5c26bf585e3dbea696525cdb5df2d77", 0x1000}, {&(0x7f0000005d00)="ea0d9178f3153f6d77d2855859e26a3eff4aa33f0fcd7986f6f84900916deba0b9b71e6f5488b19fb793e106d00774d4fd2b742041e4069cc2a88c2e2c80ede0a1b7df6f7eb558b28de2dbe33b5b947de9ed68ced664596f916ba06f925086ce7f3a218290174334bf58a5d412933f6c47e206b568bfa574bad496a39024814aef85c31e47f9d767c45ac2c62e810d3ee4cdaee0124d1d50d490ac48a7e04fb9a27f44c913d00eac45b8b6ad2ed2f7ece77e1cd82b10140e0e551e30820722c8fd73c5e89645413fe5d2c8503381ab60e0be99a047d76a6af037656cdc6304694e84cc2380091b77882268a28a52dbdef8f5f1c92283fe94638cf66638c4e7104a23eefef1c32e8be2fd022f60dc1ee0046acbf6cb827552b1a74c65c6ce1346406c13930060d65f3a1ad131761fb416dbbcd60e436c1cd5f1fc8b796b8c30e4b9027883dc139fea8bfea0458ba8f5e9b404c30b5f4c3e3e7fc381bae553e5d6451c314bde24b8d7f5182e897e392af3f088562fdd4befc666bfffbd0bfe8fad6eb71f0fe025c54324babe38e71d58be64c82feb50abebfe5fce4c765ec84a96a98c83389ed1320055816dce5cf332ba7aecb440670060fb42c3a6ce1fe5ba9afff21310ae8a3d4dde7f092ddb4f619cf4751af16cf6e7ebdac5791eafe9f13aef1c1dc39dcb5c2775c267bf86b63d6cf08136a4b7418fa7c62f76e8604ad010f6a70a36b5d81368906a6b66256a065c9b81d5661f1de9e911db6283acfce13c97de0107aa7acb0b27daac68009eef813422121f3d105a107a1993c7001598a0d2484ed5222d491e32d5ebf42e2df825699cdd62ed42386ca06b2c17e66724e0f6457db6219fb9b510041cda9d4f92e420e85c411957abafcf3e18bff669dae3ab0ef7abb78feaa75a47c6cfc480d28dd9e2d860f3e7c288ecb1e8eab8d4fef9754437aea0a85e79e03bb287d1f3463483125a5a9cf740c46cf5f1ff1fe2c1b1f49c6f4557aa342054e898b8625e52017d06a87ccf54fff722742299525c995121b89362ea435dab469c8ca7a0bc28d6079dfd2f11ba1c30b7210b0e9fd66fdfeb344b4a75c6edd5607ddda5ba5837b88e12803646c9e722beae9bee6d483203cf606a6bac605dcfbcda2c9505575cc1fb317f49df14e4bb428c4788cb04073e05004592295987e333e2bc1e1adbf49096c411705820c2adaa283c23b9163e4349579bcf261bcd1a6aa39b8cf40548294ac23c493896f16b5d5d6ae2a9b196d251337c5ca1efb6e5c9a1708fdfab80b5a0821c3b18d465dca3e5c1315cf5658c8f5166b57392d14e878cf67493aebeb2fe384f97fadee6dd3d61f697dab6c98b50b55e397f55ce36dc9b7f6f394ad5b1394bcb4d9046719adf53a5a3b7f10cc1b99c1588a2949824b2e0ad09b7aa1afe1a51a3e30ed641bd7a9212ea6fea53d2628bd59c0043bb71b224f06701d190eacca074b24ad5c13098064cfd8b74f337aaa2222ec08317c6a1c7dc763ecfe52779ea51d661934c379536f9db7ff7914bde18f41c153c3c597eaa4bcd3f0870f8bf3ca4fdd4b8014e13aaca1d69eaebea37a0fac7496b885318168f628ebf72d9c41ebebaed1005dff6cc274789d641df074cc9e6c303a2194509c66a819832caf56452ba6cfc0031ff5d6870a4774b53fdee573e6962f297b18fdaf05f541bce296db453f7acff71b9b3a4dddbb78eb4f87bef7136b494f7e2593c93e76d9be973acf777912a049e75f45b76d8142e81bf31f783dd7beecbe2a5236a24897ee5a391fd0870641d84d59bcb66deb6a4904252ff438b6d5022f92c19e4deb51ed7e4bde5719441072867a3240f49c38385873be6cc5d7ff5161830bfae5cde76703d521ff283c07b3a3bc4612ed3d82106df0c4d3c1abf3f93d321de9998a7cd98e9dc4706d7326cf37a89b8eba3aee85c2d0a8619c3c28e61ccf14f8575a0a37afcb7d74191318d4701b405fdaac0c3423a2f896b1a4be0c1ba22622c9fe5983c108796a9fba7bfe5a58d92916e88d637ca3af67c13f4e03313bb7c824c9808e1170f5fb05f2c109dc0edb393069d976426c43ddb6ec5c66915553f99e223e0d87635c42807281ff1554c3ce5447d40ec1df00899674710ce40e5843a2158c9ce03dc6d0f57425791b1a4d77f5f89150e370a47719b41b2a411cc0f5e149c69a2c992e9fa22724b8d84efc3f49aa7416f8c42f665c66377e3c3e6125d5a1f74bcd053887613ce1ad56abed4769f699f2f0d52dbc1861be42d1be8cd19d9edd63b5882ef5b125c7db925e60c4e84ec7a3023be78484993a41f176bf0babd3398b4fda2bdd0ef85f2266818eedbfa68d74e1d1fe697c5a8f82f0edd2b43cc8fe73c2c8b06ebff678276f8b3fee1243031765405a3abe538003e8ff15ad19adf8195736f38cb351443f3deded8e56d38833f8212d7a91ce87f29b44f4f415379775b82e57e2aeb73a4bc353c9dc96f2403e825401b872caa4165fb1bb7bd7d7748355070aa75956879102ba85529b26cabc7bd5b1bd6724ad909218b9437d37a583e7beb5d3e1d9ab36c57b5aaeb16a251611db80320aeb76a2de7c083aa623691b51c83ba878fcb01ecd81e5ceb7188a034eec7d665f20199fc7b8e28f8001d4f43c10b5b4c25a49fbac8e64eaccf7d7d188d58c67bc8627e76e63fcaea04a2c35eed09300c8a50bb0bc23b7b397d40b91fefe36e1a50e49c0b5727c64bb970d914a13c11695840e333f3700cfe1bee96c74879c820ab3efa5697d64d9789f1c91a539c0b7ade522b7bc748dcfe80833baea0fa88fb8dc3760fe42e634d8510b27ff6595368daaa2f80ddb94cfa0216bbb18b0c519975cc355edf98693cae0761146fbbea172eec8fe7f28ead254654ae137047ecbe6a759c8dcba72ba1c2bb4ec3d71c0b7b0383e89af7d41f9bd46ade7e02b9c6cc03e303c9c2974f8d0ff77bc896e2e10a49cea8bf7a23a5c828a222afa5241c22cfa09941d25c597d443b56a4105bd72ea84a924ba0530d8782152c864d087cf68ed848b086d8456348381f47aa7752e9ee14f00266aa346592451250a1e46ff76f02347ef1d599d558f2fd8972785a81e86aba06c92b9d66b458a0e7677cfd98843d6efe1cc189e5ebf129ee4938d5da7c28f8203ca324d1830321edd9cbe5550e827242e6b8039932193738505dcb78817fe9de28d3095db65d5fd09fdcf11811d2d93e5e08fc198aea53e83d91f85000f8422d11dd798d6de07eb6191367d04f2f2a1fd84c604705c7ea2282a81221d2ae697a6ba38d99da45fad1d5aec6286382ac9ce9461573144cc6616481e3b240a7a039055f60beb112e0a008b2690db58a33a4da31e0233f70d7721f509ab28a49b0c5ea27850ceaef0314ff2b324a788253b4d7358ae102da54a771aa47999141459f6630c35c05999a3d00ad9801a05841d8c3e954969b24fa2ed35c6bfec271ef0c9d4dc10b5df926eb5149de4c8282663694f1249d84039b61f2c3c8233c24f737e56b6d5962690ab74610b49e3dfb9fdf5f078e287346620ff70ad870a6c98d347e62f281daeb39271cbf771b5d1d8b4105ef1ec3ce9072000db0464a59f406cdaf6a06180720b19c6105b2a38ffb4ed9045f74037f37fbd153258e45237babf268b54be0ca40768a1c0ba49fe548be4da8cff113aa8dc5f12b2817a1d29303895536411889d0fd526eb51a597e75067fd16e9c0fc613264f5cf3ca98fa4472263387572678ee8347ba0c0e052826d67c6c16c947c739b3db310ba636cd601c4a88f7d05f4ce158576038764a7d950a0737b5bdd2538062311fe1b8e1cf4917bcfb69b17d38bdd3a053f07e3b9f5bb3c169f6cb0547b49d36472977869615ce0789a279a6b3b089e96a6eba56fb84d47e0f2aceb69282b0b52f99f9a3b22efe0589936d206e859603f366014872da487f0a18374b73d774aca0764160851723546ca355d31b6e77da7c0b49ca87c7f2228e3850f209310ffbd537e02ecc881b8b7d2830f706a125d49c387a9cc895be92aa6b4e7df90279c7e7e783251fcf27e620b12da870095d64ce1d412874acd262925250cb02ddb83be367051b52c1a3185c4bfc09f044c94063c3c31ac724644a7393cf5cee621006f0cc2ee1b392a04120fab0a38cc10a8889f7330ab979fc06919e6ae5ab1343bdd844ebb6f21dce106697736fe533216be488ef6d6c03edf1eddc8cf0ee1030f3f0eda3088450209ee9ee02b5f44ac89d627a74ef09eac9a53c13847c810858fb93b1084b9841243baed287d4502dbfb062c79a99fbf406c1eede2a084568b46a5f5f65c3b961e7e5cccb23954499c3c6f57ec3c3e3eb4db8469141d9d6b7d06a9d452e85ee7effd78efc91b25c14e8560b89d61d2a6b677b930b51a43e69b01cde75a8206556ca3df49ded2868322a95865f02e042aa102cd53f74fb39e2096a1514679a1c7a7981cd986b57ebb3791a40950b9517a19aa777d04e7b41eb151c66f109e6967317cdffbe749a9d64ec2d11946c132a71df4810120d5b3052b336b1a098069ebc03523dd2b6f4b5a965b172f39e692cf89d9f7e02a739820b837d5eaf21e9b2de292179440204de7157eafffef3cb2f5acc8db4b236caeea726f9a809b041502534529c0c72d05dda5fb9340afc85e0a3485bf06ca5da55b25ede921ba96ae313b0012aa05b62c61808075bde9a051f6c2250db98d16a49e2d00af06c055ad9b1f2d65bc038f58a60a03ad8579c2a0ac3fc0e025cb224340cc917ef052c884b2870f00f002cc02ad46ca383e0bd1bfbaed5d4552be86000dddeca0cc7c087f866ff7dd02b12906ab0bc86755edeee620e9d08ba1d8b7489fbaf4e5221c4d71d322c18d0a7c8551d66c0b255e08ed27b5405c1384e3b6d9c172bd41495ba8be2515700fa3eba7e648eb68153f2c90cb2701f95a58d9eb8d16ee44919770ff12ad011f9eb7a0c977e4b4ce64122cae90e17299cb448a1f167ef7848b72ee0a65dcf9ced886556c38cf930b0f1db1469bb4d2bc6f006f21ee4a09738fe1fc1eea3afb3aef364dc8a0e761d43678189166dd1049eddb7914972f60cf9f5fee61f55400b0b3fde4dc5b5127f3385645c0e44a3572feadf3cb9fde25c34ece1a3356b2effabe189300251f4bd2cdf899f287d52ea5fce39087128de3ecc03e9a3767ce293a2a078c02dfac3a3d449cf8ba373451f450e1104e9483a1b5acca4e3cd6d61e62b044cd0e7897151bad8283fee4384adc024224b06becd839f27fe01f3284691f95f2577a3a0c6acb2341776fd36f27e2d406f3af3616ef9cb95bb8de5862cf2ec2e10e58a6c4a8825de240d2692c57788ca39f64e839368b2d84b09605c25e4285b28e23e55531c8adc23410a183d18adff96c087153f2fe25189e1b326bfa06999a7faa7c74a52092b9c89eee7404f32b19b9e5e9692f47bf3896b3bf597f27ee3e0bc70bbcae10cf8e8ca157a22cebfbe75a93c6ddb0c273c35a6ad3479f5f33b5db099935d9b913fe86684d9b48aef18866485b4b0d24f4788f3823b2d5314ff2a9bcf8a31e599aa9eeec3e39f336f3a71e30a0fcace94414e296555661c7a0547078e4ae975f3b269cfee916a70e888b67005f4528940c005b08b17b475bcc051e275da2b71077fe419fca2fd1ae624478677807f91b97af49f6e6335704e585200a4a41ef46e2a74a9f0f32435ac0aba856e851b99da46a3fb2a58bede482f938f13b44345bd93661d85b461e71d7796967f558028311f96af235c703e13ebb9142416cbc083", 0x1000}], 0x5, &(0x7f0000006d80)=[@mark={{0x14, 0x1, 0x24, 0x6}}, @timestamping={{0x14, 0x1, 0x25, 0xa36}}], 0x30}}, {{&(0x7f0000006dc0)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x80, &(0x7f0000009040)=[{&(0x7f0000006e40)="3ad88e28e5160f5625153935369e8cfd03519f61fa603fe6fa2d7b953a2a9599b000d609348d637e54f41072fcd1f33ad1d09f615340cb31cc91730ec6972bda9891bd4403eeaa734e8837991d8ffe53f89e5d6d08ac95065a42000471a61e62d5569e3a1d90155171b9b9c1f9b17e69ca5f2d2ddd011343f6c9c20b5319f874f0235b95df359fbb5fe574803a2453da88069812b4837b7f", 0x98}, {&(0x7f0000006f00)="49dfbf78c1130e421651d94f39f8daa10ee0d6d6710386923eaf067f026a7b994de138e26dbb945a45cb465b4643ee39364602335c499594e516da9d7e8325ad75930f97563e62ff1cc116338356dbc1cc179ed1728f8e601f7a36800574a40cb5b012955181a71dce9e37478ecfa9c227777cbeefbc7be3a766fec30eece59d4e746680dd86e504c6209ac9d88df4d542df8d34c0363aeebe4a83bf1419f353a604f04de6c33c0c94f845beae1289012fd8a7a323c262a73867d1ae69e8f7c5a57529b73b899e4b91e7fe9fd1630adc94610c375d4a3bda78eea7802dd7d53e6d71cc01c6f2bee1685b3116136e91984d3c39b3a212dfe63f3413a4d92d43f0844b08b89428b16bed78d0fe81c667ec863255b32b2ae2fcd481c1c2d7f068df956169179676b411aaf224c33f534df17479523f6252d491fc43e62d7f8dc965bab6d7bbad50e804f71b8629f6d184ca5294887ec1cbe852f341f6c23d3ddb4946e8b07918158bb9b9de587eb09803b7c1f9f6d028b89f2cd2308554be25662818a89faddd866b9f3f17a411afc8010ab31a35e955f71c79280c75e0bf0fedc0ebee72f8b5fbc4eeadb684bd6dd34b0ffd897d26eba436b65fb32cec8433e4ac6063eb40ddfc518b8c4f7728d37e212cfb440126ba8c280046f126e499ffdf9f16bff6a6e85e21450f055125d522e8483b3f6506d397911f35a82762e3a4e1a05ee468134c34d024ea2ddf86f36265dc0d13495bb133861f73990ed758c3c76c5d2c50b78881c91d196596133391a92ad847e0d3e2f6a4e1eeab0668b9081658448e71c73085ad6a7132e2a18c650249a0de09b143b3e8fab87b96058a530dcda9110d4991cf0dffa4cd9030bb18deea2a1dbe227c9ea8ca69c05d5be92c315198f9dc638bbd12e5f7198bcb97ac5f9c6f1adbfbf6731a51b61ab42395d476779dc2b18b28b8f6393b3f3ff9369ad0bad88ac0e588445ce469e337893211df01bf101ecfa892c2045497fabbbc2ef60b24dd21dafd59dff8f18a138515b91b70a061c4dead9f91ef21e0baff728ed4227fa3f3b7dc224cdf8f92c5663fc8758f4d2c8d4cca10a426187a66d6756ca5117906878cd6afdb098bbcdc486fea270a5136ca84e5507e17067239df3b639f5bce6a64ae02c45c410bc0e5c4eb09d0179ba449a6c5a0d80c3d1fc21ad74ba064957d4214da106cec9f84d6bccfd0558795a9979edaf51ed573897918ccf2409300fec5387473cce280658f682024f7744b9334549930b052bd8e839daf361da6caeb393eb6604f0f28dd460b596112195346d6884cdf77126d3d43aaf4199fc80b25407356100aea7a31017d3612e417a28803d9fb14fd15c3c161e72135c9a0fab6e1478748be9435daebb9e022560eb3c48bff6169f91f0f959cc24e16c3ce8ad54b1ad5ca19b9fb97c17a0f5f4fc011f29ca9b3a111fa96135033398bd77318ca5379f000c603d94467eb095919067464466588273a685802e4b0c79016234f535d85100d50c4092c56d3de1a02b61ac4104c0c24096b475de6bbe7d3520b5701ab1c3d56c00db56482a5beb8ebff48fd918e48ab34561a7e0bca1f34ac629bde0548d16014926f8160d1db935e9ec051b64db93d90e5471678c3f9ca4ed0bb2b67164b3d129efec4f63da5c68e62343cb26ac463cbc0410b7fd3705cabb2f85cf71a3b35da308d0443cdfe02e648da186fd243640fafb70b61bd9515fc0e3460aa8078a3de66d5211d4a135387619ad71a6d05992db5adc0a583653fbfc5298ec082727bbab039c4b93197c58d61913c6173d2cc0354f83b90f715e01a274ad1d725ee0f857addcd9d8244198c9784379afb0bb2051a9ad4002319ff653de3953f44bf68202bf36b88f969e300b78513310b25a2fd72a5c42cc861b33c825a0e7ced6f590499fd0dc425835c629f37e54d762ce27cd9881b3bf81264ca6505d089673d24b4bf12f6c77ab4463ffe996662ea9850781b04a9619b347bee2c0824ffb912167f9ca62ddb64ccc9e2ea7505d22cb7234950bec0dece88462a23df76508d7a30506a4518c84ea3c6e4405c8ffbd10f5a0b4db9061c0fbf3f95e6479f50e3450f468f14467482e28d8a48a268b544b028f69bf459becd8031f9524dd415d0cd54a95693f4ccffe47858120cff170c61ea8d28ed7c6fad4a368d9887d2afb884ddb67e86fab9c709f9f7bcb04dabd239eb24483c3eb4beb80db9874e657e2144ca473af4868de046700d18016e95a0adb9872fc18f2dd70f2db28b8dd02e07d53e5bf90a663e3b28b1734d74f6b82f8f80539aad4e40feb05bd07b6a8b5e3d76f3e5561def0744522b6a3ec94c35128f778c0cc1f7a68f0acb6a8e52f7eb73f8e91481485b7c3fb6373109f119710bdd1c81c7fa8ce8c2371ed53aeb212110827730ffb541669c867446722071059938ae876be950e2e78250297f1f61d8cd3224ed7acf19d8f7a31edd5638feed0a21d6f58ea68d096d4d305e4673097f0081c3c7f45feb9664930f932e8e003ed9349914ea6112c73d5c902b516f031952413b1a1b2c314a6eaf317f67b1f7a4f31c938c6e89e7b84edd06082b1c5bcd23761752fa6a5989c8123f6f545e68d383bb7180f5fb9a0af320053637a7c1f1071c6869c1f47ac1c59c9d8e43c7ee4401d4d99354349b5e531b42d9bd1f4b1ca63e14fa30674ad084173df355b204876af07c0d802b1d132044b7694ed40990f57aafa37f774af010720b82efa284021015f55cb9457424def3f3b98b186d07e065e1b57fd4bfb26c1f9abe0d1f38974ef2ff50b81af03a780051d94b43aad842bdec6e9961b1ca962ec24fc2e5824b701daa40f22330b50d73914ae57b37b7ff20a0739bbb81f1d637301bd44b45363623cb1386b53eb91fabbd3273a5de8db80a84035a022a606b0340d087e06bd529ad4c88d42248400aad4518c60702daea036323a1b4fe6a9adc674eab94d29f7e4b6cb3475328260af90c92bc287438a1d864c714e9c89aef6b78184236bece52f2a990573e63280cfb2935161577a6c9de8b58194fed62684d12fe890aca1e5592635d366f1c098992d1c541bb3125cb3537b70207b8fe5a9152d06bbd69aa3daf02df640fa421003d24970fc0d08bd84f71ee662084af4c8f66402e82d09d9660b87b62cd14bd63c7f01528987e760e41d7566ea822358ca46b8fa39879bc67ba49f830900840d5619850a1bad1f5435a322b884da0706c44a49b3bfeec43941ba2686d28a44429f40d6b06f56c55b9ae54cac8c71bda4094f13053e4aa78c56791f0ecaae411e3bc2dc0f0e8b838074e9ac758edfa40e3288a9c50c4f40cfcc1f8f2ca2fbd6cb8cb3aaec2b513d3204113601333ea8dba198c3a20bc664e6c3aec4e2926b105f67f96ca88465011108d0dc4bc8888d1d83d7a91e60dba6bc35d6bf9e201073c406e563e1be4d8ed946de55dc790f8e41bc9022523a98eb5e13cb52db39d11ac1e60c789772dae71c6a518c3d3dfd069bd9dcc675efd05d260b2e2c623017ed7cb8f6823607a9e76dcab5ae9e2ac9e99d5a0bb45c82c1fe8668a4f58818cbc4279430dba64ad286e37175dc96f7a8119b2e1e487f325bce20b39b6ec71fc717e635ffe30b3a906cca875d1213c2cdb1063c4b31a8a3f8dba47b9ff0de5b90294db926d3d73fdbdec35b2d52b519e747b40a50bf0a572332956b28e8ceb89a307b375736f17887bf42d9d3494ae4c2193a3e8e60ef907eb4af7ec55991551ed0938784cffdfff4a1f59f13d465154861d0937501daaf31c7abe5d16e1e605c9927e1d554199e9e8a56e27800daee06ba218a8bd01d3ee83573900212db0f0b603de275bbe4e98e22f8d4504c9167b380117977809c036fb0064703670023607dd65e7d3e37dd6a4ceb0ec0afb151164e625dd8ef12e2a98f4083f089158feb6272ba665fc00fa52ea1d9e4152603a8a16d3cc147877ce57661d39f6c2d8149b8257d678f347c4b195317d281c0cf5acbe0ecaa02db384479c2d61f133ee50ea3ed853d9dbb209b69bfc1f0f6db507ee8e38472211d5ecba25a77faa05bc5ade49dcd8f6adaa7768778388dd16da8cfa0f4c5811ae6e03cb1010cf05a2bd52904b88b053ed04665da4f84bb61e61312c2e9e29a99fe489770f87eae12af135666ad936f74005632c24c959256ecfe146adbb09baa6068ef5e46667194b3c6c4c236d53567fb7e6c2a4994c6135609b7d711c6b627b7bb4e64f697a932ef0c8802f81ae61015010470c8e7135f2f98a08df1ae079baf13841672b1ce6ecfd1d4da4547b1caad606182d62ed9cd02151e3d2f02dcc89a68eb03327d3cbf4ef72e6a9769b558ca526401e0c36fdcaa1a97e5920243ed7f14c96124714434b1e8acd774e77ed00a752fa2347884ad4e08ce9bfde9398a208d1f11d264b7891fa714a68d2450186befe5bf13c04481a803e74912bc060e9d3675973b139744f134c0a5d6f4b89c55875d07486e1f041cf9863f30f3bcbde2d9221a45df7599cd763c508c00c671d9da176acc25c1633c865b1a60fe5269db2398c82d657e611f873e9fa232e79d12e828223819afbc7975e00f00c54624f86a331b990eee677874ea5b6ea696b417ac6d44040a7c1e48277e58966d1cb0cf46c8b0669a4521bf8c31d87fd702213a3d9ddb08fac2994cd68c0664d117def99595e522e831a4dc1d854c1fa4bec1a2189be3d792c9de2702873fd40efa515c2a127a48e42a6ff01a886e441f307bcad951b47fe5110595c8370f355dc691b2b3f4603625019a3d396b315664490999d5abc0fbc689dd8cb84881e34e6be79551565792b33c6212f1cc0cb67a3b4a8ad85fc8af1d9568145c00b19270f783c499f11fed67815df91b9d63c47e9177de7e32e1dc46d650ea4c6f2fd4fe21d3c0958c61d2b6c62d28ea7af8d7f0692d0141ab10f0bb46ec09df283355235dde8d5fa9293f3873cb91a27a988a1604167b6e4472a05470d47a8b47d43df93084fcbf2d65b2a22d2b21ae9e1bfbf5e12d16f209054608f1322fd3e70d890b71628a199be4317a8f76600198c2db9a39135d65bfdf79f8fb97be83f49712d5cc768cf08d828b80c5a8dabf057f4aca1f0f5260aaeb615c3359f8a0987a1c4bbaef8f5eefd4663e53e0d77aa27c56e72873f22446ca8f1fe213bf4b768a44333cd37284d8ee3e3885d8d4ab12dffb98a7264a0953471af29fd68caad75e0efa67aa5f54498439f3524750b133859901510208e44c35986204cf66b7b79b5d0e08b1f4fd90154693cfe5f80ee2ec4435069dc3b654903227487e2100238db4edfef66376d8e62498003820da850f281dcfa365da56e1975e4c80c517e1bb8c46c3e6ef9d789a5215ee3e5aa6dbc3e4f46b0a6f1419f98b840559b18cb8ff1a4e6fbc50bfba367ac46a00c95e6389407098845aa24bc40de13708ec4000998811cf317d807148ee5850640ca8df533da989e422ea44819cf7af1dd04917abdc678ade562b211175a68df2e63a8908512e6ce51d2d29e8cf38d790b75371174d7ec61209980969a2c0c4ce313497962ef2f4defc1e68b070f806acdb5beaf6eee5e9f3506c739c2b45628fe105192b7d4f763283b108b9794af8e81f87c068d36fa313b5fd54825a9a0c31f8c1f90dff96079297a0ce8bdbd0615cae4090d63ab01cabef2a0de7536e995b6fed1cea07e03889deb33f8803ba001484218c17802fa1844d66ea444918ac35ac527ba62a1dcea265227f44d13876d87ab9d6b0b216c83bafe", 0x1000}, {&(0x7f0000007f00)="041b13e442c8590ff737b60fe0bd0bae1b1b073dfe181c8bc9e4f15d3f3db7b0c71bcc8bb66d89abf9c383a9fc1f3119d5f3ccaef448d0d5c7e3e7693404ff733ba22d0cc6e6503a1cd8491d05f30671a76e8adc6cd380203c290f6feb9016b635eaf37a240265cb186821377b9778352ae68734225dbaa6bfb7981df8990f43146a0e16be0db35b10df54c640b47d4f85eaf6b30798f3567282f058163956ee7cd2bc062c204275ffbd3a5480cc7e3924cbdbb8d6f5c3d312c698a27609f0cc451a94607b1208c6ed1e", 0xca}, {&(0x7f0000008000)="26118d9e3351606474b2be47f9a97de1847697b560150c5b7b71528e121aa78899c72a65de802fd53edd8a422dfb3aff537c5e8a11e7ed76da61ae5c8a48be1f48ba813f8cfd24e67ba4a8eee79dee7d6e1f552e1e9e14e54f0a9d67c41a4e03ad562c948f271d09d1264e1737317c8085c55378b9d8771cb186201b778ad8abd39db8b4913d46d856d7f520179d5518a85ab3b8477b20c3a568882ac46eb993a8d1f4c9a679b77a2e9be6e70b80f93f8f255ebb302652c21791953e5df9c6c141b2debd064813a738cb79d4bec4b67851ccd8b76418595b981d063d40d4c22ab5c64a7cf5de323d3d941a6161ddd3d51667ab4570aeee014f58b30360b659880111004cb0e84a1e2b80f6258d536c328de8c6e4c73162b2f62b86b5aa21e58d6d1b0b4643e20d896209a84dbf4e7a7cd0be71ca29fe0d4e661ed6ebbc567646e8113964a0dbcbf6833d0db026493a5efdbef06ad442fcf5b51b22ac7684892176ee5bf62f67e12da7c70c988008f0bda7f2e8b757eaec45c333c72a025e84a475d2d8dbe540831487bca78d9f3189900a9ea1d3c875800f3265ce2cd6277d12245775cebf847938df30316c1b22adf74b58980f96312f2504da94a96bb47c1971a9fa5188df1b9a93ed587925c72ecbc1b4ee81ea130ef9f872e7521ddbcaa97fc273474241852ddcb95a2f4cb0bf53406cfc346f6f0334a209ad838399596a4d4c9191cda5d04cbcf6186a9b7eaef39845256a5bc6a657d18790d67a539320b0dc6eb0da7b39faa54d9e09a502381ee45c97de034a0e2eccd708658713ce46fb0ae33ca5e1d503123a309d845ecc7f36b45654f90057deff4a2b2b16909d60708b5c24bb34a671a773621b55f3660d980da4bc0b3cc35c9ffa561fb227918984d258c63887bf2b224e76f4263c5ed820d35deac2d3b75e76351932d55d51d24b8cdd2ed1ec5cfbb3da54b5cac5a4ec327a85946cd46ac9437d98f6876a265b4d78ec2837b43b004b52f2ccdbe73502dfc421b42900fbcd20b309cf04fe72016879697fbf30eb65d1ed93feef73f37304337bbac262042a9564e31e9e064467243536a2ae27ea31cf89f0b8047cd8e98fab07c2b81f67e8dd51347563623fefa677022cb26e6edf224b5b4f9a30cce5ed8994d3c933d6d118ac8adfde682deee52ed88dbc35874cc2e6386a435ae8e4aea64f54ea94e3255cc53d9153dee7ce913601073c431f835ef570b87f83c32b49376f24551de69c9d2e280d3d3a81d328a454e89e19c625654747156d2da46248f69d81c445d52649f939334a9c8346e95a38fdc68dc93a9c83e63f7c10bc4f903cf7b270cee11117d586cb3a53e61bdb8e70b5fc4d0111914f1518fe7727ce4e362f441224fafe34137df42a5f8cabd5b79f07f4ad158389c840a8018d8f7da00a4d31f43f3f1dca9f1a69266d8618ca79013a3f3c9ae45bc7d0ff414cfd8fbfbc45ccd4de4def0c63325b6d819649928afc90a2d3bafad535cb5a3d912e01a495f8ed3fc16867510a9d792a64da4ca860d0d6144e60b28b72dbd78f9ebb6e5ae16347fdc0692a55706abb039cc436313f371cf9bbe09f1b7430d90f02d17f13b6a15ccee29bf00befccea0c13a47308b7e84a9f8f188ce93b38ce107559652fc0835732ad4792fc6eadce293b749f6c2b3243639949e7607a96bd91171cbafb40ae31fd1e6bc884c7affdd01a712ddbed60b3e7163f89847af1dcbfa0617f287f4a7bf1bfaaa00ce76fc83f8f01aca1a6fd67cbd24f1d4cab07a3318838ac7f32a262daab0b8bb9a3fb1606535fda0a7e381e1d513bf3f81f55e42ecb5ab892500d6e0fa906dd61f4bd576968a84b07ace57c810fde9941fe2f0e43a383750eb43e25909da1dbaede05cf59af93967a0e14b71e2b263955e4098ded1ed8de7f231b93381979f6176e917aded305dfa39084116fe8f139b346286e38db8654e13902f03c61a4bef14fea943b4ff278f616e354cb3cc1be3c673e661bd9f891fc9d8ab17d76603138741a16363d633f93074d408dbafa0a7935d8f02912202246bc801dd746bea5ad9d0bea9b79e5aef0fc47ea751ca2cabef4802e809345bb644a11b6d1cdb3dcb8ad872e1640748a247d68e995b8e50fe853fcdcf6e4f14aa23e28c1ada1f8991686de5240b4cf2206b73068efa4e6a70f9fe27726c3a2ef160131a9ecff6253c87fea8f3815e63646020509bc11bb972d770cbbcf9136f68236f0f7a07b0e13acbef25a6ecf4e582daebb33d3a5212aa3ee87075ce82d34a1c73f09f75e49f1d86f4e2ffa7336a258815e5ad0d3fdd5bde76ed2c6db63c59ce85d59efbcd7fd9de6a296efcf2518dfddc9a4c4f65c79f3bca927256950970def03221533a413c8d9e068cbf625a0f1cd739e00de28eba3144caab5f1acbe21f64f4b00f7e4507ae3f1db8dee4852617ed879d8b8e6d91add771bec6df8f864925915cc100dadba8adf8c4224074e724c95b145ea5a9d17f07b97a470a6a34aa7d59a97dd4be27d952225186a845e76d5818c5bf6895813ad446f6a5d6eca62b5e92e875b6c6a6fbf9cb39198f07ddd76b518c02c88e7cdba5baa3099950eb6917ef7c966b1c77e9c404b4bd13ed79d7f9ebcc9ef985bbeb46223e3a67ccd8bcf1095dfde31dace9f048d5abcc238b3dae65d5a325141102e537dfa552bc9f366f06d03d6b05fc97b3fd83b6e276a728265de69ce5518fbcdf5e539724534cd1d03594265d10a58f98c03d7b900cba522a6224e3c6cf9f8d166cd87a3d4a5c40d60acb87ad53f5a358e2a7ebad1504fa608be33f1309896a3522ab71342298b646e15db7d77d7290571b26adfe6ef0f48e724528ece4a14f9f1fa663bb503ebfcfe1327a61b93113207b2d507af39ab98e7635492e7c41755864b38398cca1af6f259d21a9c36f61f97e0e94f0b5fc7aa9f5e4a29262b5fefee1c47d75355c8ef2d86e57308409555e871eaa423b98c1e7b13b0ae769a1b7b7936303d1be015c6404b5dc289afe19c07a2d8b2c88385bb380039c5864079b0162b50fcacd839e483d35cbd861ac0fabe8c93e08b72cbf96fad7ebf6dded6d5370f697165a9a16379055a77e101d7ee2763b588cb72e28951d6ff639075f8df00e9eb05eea293e52c9d81972d456946006140bd462d262267317fb54f9227c8085406e1806e39acfff77a0aefce7f393a42f9dd2c22075508320c37f76a94d32c971cbb76f4de136afc57f7a19723f462bdf08cdca7d05f9bfef15092bea75dddbca481c6d030fae3e75a39e262a809311339808cee49f370cb12b8f4b6146e3a844ee24870f220c06c6f58d6e0b63e7c30414e25c5a25da072704010203111ed8ce290486e6062b813f1fb91f32f3da192a0b49b91b697529c42e61b9c5c260c7100467c2b386ee9bf5ca630f6001664a8c34179894feffc43ffe5a554d41ba5ee2528ef41044af039143087ec7b172182e0a74902283f1f43f4f3d3a0b639120a0932565642f31f30b5303d5e14fc6d5ba6ad3da17c794286d0d3d83d73bdc4fab76c863a9316906b073014190d67a143c32e4bf2f19e8b69c6cf23eb9b741f73b53e11fa400aaf4a97dd414f6420d604511d861c168535b839c4f099688ac2e960c531a0b4310b5378c690ecf435885b7776d2157638b816d98bd27906fb33e9277ca91852b7084b4889901dbb8620a56334d157b8d94413fa3ea3ebd9a739e36bf75211c2a070c8188bd3225338c3c39491caf30648c50da5d9bfa848b589d9cc2c7eb587a9f024b6de1d12bcf306f5c00ba644d5d8cd34e982d290e6ee33ab80179642797c75e2b707263aaabd8d8f9348e27b607f5da0e88acaa268f54d51c0fc885fc8698b7d057da2b53cbddceabdd2b6db117bf358f63c71b70e2b27be5752867785004c9f4456ed9938324957db42df523302c40e2a750febee44770ab428d7ed556aa3e6e1a8d1fadac3d7d4fc80b1f48391e1aead27533a2f650ac1093fbf1a014222b75066095ae069ec03a6a7f258c21c628b09c859b7b5fc8a8f3cf7e50bc276303320c95952b2403d2cc6549eb06d5aea14833ff424f0e81e3d61da28b06a23d69c0a9cd5c7e03b64296f489e23705e9f6218ab4a7a7f30f568455b62faede92f1f47883b68b17ac9c259591bc8a8f77402ddaa943180f77754d7097b986496443d8dbf6388cf631e74f9a5dd399f19efe622c728574b974a6f20dbb642de18934f9b797dfadf0988ee055b8d3ff61b05cd63211afedb492edc3139fdef4afb3b4fff273371cd73d3ebffd1dcd66681444c85e9aac2b4dd206e80ca84e39c233cd83fb1628a0210c757b2fe2b002d75ae98d9b4488734eccde10752d7f4e7a2c297dfeb8567379dc0b06f47e03c9343c9f38a28a47d17a564a46f2de1856e52876abc1ee1671f563f4ebd88ead6a94edff60243b5f4c6d1b4f26bd84fdebb1da482f2c58f5845c7ec6f5ae8f63f35a0dc0f60fb363d51a224c5efa0e853547bb21829a8973eb0088c6cde1770d833a60008aa1a014263e563f13f03716d80b143bd8c6dc750b8a19ddb89a9613471a9a93e7b30aa3c3008468a6b4cb7a0da0fe10871f5e97b900f5adf01ebcfbd8aa32638285b22c6af69e3551b841115e8e73fbbab8133d7f1e23fefe8d77ed3c7182f24d2d2b7195f011e530296135553db63fb53ab24547f426db4b76246e463fac424620a54ca80506287543b5df46ab8f2b4167b69854511d78bb4bd2de86fdafbb9d450a294925f5b1803f6be663ce0e30e4978c1ddaf60fc3fe74f8014883361b2dfcb09d0ab9661f476957540414d34c09fd43e8fb79ea6b0721cccd2709dcc52aa45ffbfbe5089f6ae1902f78157582c766a5517a73ea6cb6de1f8ab70b707bbe082604d3b3b97c864c322324e63d920d2046cb483a1112945ddb3dfc86ac6c6fc8092b839d6defeb6b159cc574745b3db50f78a789531b5d30a6f27fe7972fab3bc7069ac85779f3a63e5bda7bac36dc064c4d340782b3dae364cba0c5dea1d6640b3b3ce693617f8646fe2690b55bce4355b867c7e7618f9e0cfb36f43c186c37b0370ecc9b18e8f6ea424fdf649609ddf0434d4083f68e2e17a540f6f8656d5307a45ce73ed08c5b2ad77e4ab2afbe007c27007664a5aeadfcd24e7802c68f8f43a76bbd0cf7d0a6b321d38c40ba16441560ce073ee14f2a195a2b5efe50e74e75c737c8580ae024a11b3753234ab3d2fac365c7e00f83d8f56963b4b4ae2541be76cbc0be216f94f6767fef822c3dac2e97fa47a8954514f99cc812d5adc6487f8338637937d0194bc6ffc6cedb88b8cd9d87f254538e6acf18e6d3356a5ae118e492d9d5b2056bb5ec3a3b0919ba24bfb217238f256b7aa3b1963a7c26e87c2a628b8a36a6b401fa4cd6b501a768b2d916b546b45bfc05a98e08b134ad1ed8f728b8ec209e164b180a9c3514b337badf7938047a8b3795f2b2fc8242f71bcbfa5b49db75e5aedf4f6633b4e2b32d709086c270e62d5df4386749013cffccd9720227226ba4df1fe3420004b7c80131c49b9b8298586df50509617fde96dacb90cd65d43fa42505095005ba8a4fb8ade6ca1845310346c2f33808e71eb08fce0c43f95b79703effbf592771e59945a16f897cdb94ac9657a64ef9a60ab028ee4929516066e00e9c78fda19b5eef9b1a316b0d12de7069ace672c0cc8bf97fd8a4b9728081cf452e9a473e6c55fcd0f04283587d369c9024e67cf7baa6c721e0299365c09015719d9dd8a7c3dc79472f47629c9cacdaf49f4ff6c", 0x1000}, {&(0x7f0000009000)="17f61de6ca42326afc711926ef28d0c62522e41aea21", 0x16}], 0x5, &(0x7f00000090c0)=[@timestamping={{0x14, 0x1, 0x25, 0x6a515214}}, @txtime={{0x18, 0x1, 0x3d, 0x7fffffff}}, @mark={{0x14, 0x1, 0x24, 0x7}}], 0x48}}], 0x8, 0x4040000) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x9) [ 908.113141][T18146] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:04:24 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 908.640793][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 908.650062][T13435] Bluetooth: hci9: command tx timeout [ 908.727711][T18156] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 909.280743][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 909.440895][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 909.450069][ T8227] Bluetooth: hci11: command tx timeout 08:04:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 909.984758][ T6576] Bluetooth: hci8: sending frame failed (-49) 08:04:25 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4004550a, &(0x7f0000000080)) 08:04:25 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4004550a, &(0x7f0000000080)) [ 910.160664][ T8227] Bluetooth: hci6: command 0xfc11 tx timeout [ 910.166965][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 910.197953][T18188] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 910.243818][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) [ 910.267176][ T6576] Bluetooth: hci6: sending frame failed (-49) [ 910.280583][ T9202] Bluetooth: hci11: sending frame failed (-49) [ 910.800550][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 911.315481][T18206] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 911.344119][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 911.600605][T15599] Bluetooth: hci7: command 0xfc11 tx timeout [ 911.600615][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:04:27 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc01864c6, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 912.000648][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 912.009957][T13435] Bluetooth: hci8: command tx timeout [ 912.111317][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) 08:04:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 912.228213][ T9202] Bluetooth: hci8: sending frame failed (-49) [ 912.320436][ T8518] Bluetooth: hci11: command 0x1003 tx timeout [ 912.324255][T13435] Bluetooth: hci6: command 0xfc11 tx timeout [ 912.326630][ T9202] Bluetooth: hci11: sending frame failed (-49) [ 912.334577][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 912.338892][ T8518] Bluetooth: hci10: command 0x1003 tx timeout [ 912.352757][T10271] Bluetooth: hci10: sending frame failed (-49) 08:04:28 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x10400, 0x0) ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f0000000080)) [ 912.489874][T18233] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:04:29 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 913.360331][ T8227] Bluetooth: hci9: command 0xfc11 tx timeout [ 913.360456][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 913.434333][T18243] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 914.160430][ T8518] Bluetooth: hci7: command 0xfc11 tx timeout [ 914.164175][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 914.240620][T13880] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 914.400373][ T8227] Bluetooth: hci11: command 0x1001 tx timeout [ 914.403983][T15599] Bluetooth: hci10: command 0x1001 tx timeout [ 914.407804][T13880] Bluetooth: hci11: sending frame failed (-49) [ 914.422487][T13880] Bluetooth: hci10: sending frame failed (-49) [ 914.560602][ T8227] Bluetooth: hci6: command 0xfc11 tx timeout [ 914.570561][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 914.604108][T18257] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 914.655183][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) 08:04:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 914.835609][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 915.520507][ T8595] Bluetooth: hci9: command 0xfc11 tx timeout [ 915.526733][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:04:31 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x5000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 916.089702][T18280] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 916.116417][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 916.480210][ T8227] Bluetooth: hci10: command 0x1009 tx timeout [ 916.488380][ T8227] Bluetooth: hci11: command 0x1009 tx timeout [ 916.720187][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 916.720580][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:04:32 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) close_range(0xffffffffffffffff, r0, 0x2) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x9) 08:04:32 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0189436, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 916.859753][T18293] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 916.880258][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:04:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 917.475390][T15936] Bluetooth: hci8: Frame reassembly failed (-84) [ 918.160182][T13435] Bluetooth: hci9: command 0xfc11 tx timeout [ 918.166403][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 918.682407][T18319] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 918.700061][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 918.960053][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 918.969211][ T8227] Bluetooth: hci6: command 0xfc11 tx timeout [ 918.970150][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 919.022141][T18323] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 919.074874][T13880] Bluetooth: hci6: sending frame failed (-49) 08:04:35 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc020660b, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 919.520204][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 920.047300][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) 08:04:36 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40045564, &(0x7f0000000080)) 08:04:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40049409, &(0x7f0000000080)) [ 920.447848][T15936] Bluetooth: hci10: Frame reassembly failed (-84) [ 920.478749][ T1192] Bluetooth: hci11: Frame reassembly failed (-84) 08:04:36 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 920.730129][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 920.820279][T18370] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 920.835283][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 921.119927][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 921.130835][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:04:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 921.222665][T18378] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 921.247495][T10178] Bluetooth: hci6: sending frame failed (-49) [ 921.600049][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 921.607171][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 922.079917][ T8595] Bluetooth: hci8: command 0xfc11 tx timeout [ 922.080140][T13880] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:04:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x5) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 922.147036][T15936] Bluetooth: hci7: Frame reassembly failed (-84) [ 922.241908][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 922.479861][ T8518] Bluetooth: hci10: command 0x1003 tx timeout [ 922.480113][T15599] Bluetooth: hci11: command 0x1003 tx timeout [ 922.492392][T10178] Bluetooth: hci10: sending frame failed (-49) [ 922.507628][T10178] Bluetooth: hci11: sending frame failed (-49) [ 922.889871][ T8595] Bluetooth: hci9: command 0xfc11 tx timeout [ 922.896094][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 923.289844][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 923.299158][T15599] Bluetooth: hci6: command tx timeout [ 923.425452][T18407] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:04:39 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80045440, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 923.870581][T18412] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 923.894806][T15936] Bluetooth: hci9: Frame reassembly failed (-84) [ 924.160193][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 924.163919][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout 08:04:39 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0286405, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 924.244936][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 924.294963][ T158] Bluetooth: hci7: Frame reassembly failed (-84) [ 924.569765][ T8595] Bluetooth: hci11: command 0x1001 tx timeout [ 924.576862][ T8595] Bluetooth: hci10: command 0x1001 tx timeout [ 924.576896][T13880] Bluetooth: hci11: sending frame failed (-49) [ 924.585065][T10178] Bluetooth: hci10: sending frame failed (-49) 08:04:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 924.853285][ T158] Bluetooth: hci8: Frame reassembly failed (-84) 08:04:41 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 925.439768][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 925.543765][T18442] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 925.919764][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 925.925955][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 926.319607][ T8518] Bluetooth: hci7: command 0xfc11 tx timeout [ 926.319657][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:04:42 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xae41, &(0x7f0000000080)) [ 926.550760][ T158] Bluetooth: hci7: Frame reassembly failed (-84) [ 926.639547][ T8518] Bluetooth: hci11: command 0x1009 tx timeout [ 926.647160][T15599] Bluetooth: hci10: command 0x1009 tx timeout [ 926.849347][T18461] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 926.877922][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 926.879543][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout [ 926.884593][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 927.444191][T15936] Bluetooth: hci8: Frame reassembly failed (-84) [ 927.599593][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 927.600603][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 928.124378][T18476] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 928.151417][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 928.559496][T15599] Bluetooth: hci7: command 0x1003 tx timeout [ 928.567230][T13880] Bluetooth: hci7: sending frame failed (-49) 08:04:44 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0cc5615, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 928.879557][ T8518] Bluetooth: hci9: command 0xfc11 tx timeout [ 928.879702][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 928.964810][T18484] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:04:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 929.519483][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout [ 929.519628][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 929.619846][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 930.159480][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 930.172498][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:04:46 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40045569, &(0x7f0000000080)) 08:04:46 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40085503, &(0x7f0000000080)) 08:04:46 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 930.639474][ T8518] Bluetooth: hci7: command 0x1001 tx timeout [ 930.647654][ T6576] Bluetooth: hci7: sending frame failed (-49) [ 930.717105][T18513] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 930.779073][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 931.039306][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 931.059344][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 931.200434][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.207030][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 [ 931.574839][T18532] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 931.589437][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 931.679451][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout [ 931.686011][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:04:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x8) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 932.315357][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 932.719298][T13435] Bluetooth: hci7: command 0x1009 tx timeout [ 932.799368][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 932.810182][T13435] Bluetooth: hci11: command 0x1003 tx timeout [ 932.815736][ T8518] Bluetooth: hci6: command 0x1003 tx timeout [ 932.822707][ T150] Bluetooth: hci6: sending frame failed (-49) [ 932.832515][ T150] Bluetooth: hci11: sending frame failed (-49) 08:04:49 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xd000943d, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 933.599203][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 933.679276][T18559] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 933.703000][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 934.319209][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 934.328514][T13435] Bluetooth: hci8: command tx timeout [ 934.854879][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 934.879026][ T5] Bluetooth: hci11: command 0x1001 tx timeout [ 934.886763][ T5] Bluetooth: hci6: command 0x1001 tx timeout [ 934.886803][T13880] Bluetooth: hci11: sending frame failed (-49) [ 934.918364][T13880] Bluetooth: hci6: sending frame failed (-49) 08:04:51 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x10000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 935.360237][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 935.362561][T15599] Bluetooth: hci10: command 0xfc11 tx timeout [ 935.759014][T15599] Bluetooth: hci9: command 0xfc11 tx timeout [ 935.765167][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 936.287432][T18583] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 936.303567][ T158] Bluetooth: hci9: Frame reassembly failed (-84) 08:04:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 936.879120][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 936.882294][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 936.971325][T13435] Bluetooth: hci6: command 0x1009 tx timeout [ 936.978118][T13435] Bluetooth: hci11: command 0x1009 tx timeout 08:04:52 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000000)={0x40, 0x6255, 0xffff, 0x0, 0x2}) [ 937.082229][ T158] Bluetooth: hci7: Frame reassembly failed (-84) [ 937.439047][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 937.971398][T13880] Bluetooth: hci10: sending frame failed (-49) [ 938.328899][T15599] Bluetooth: hci9: command 0xfc11 tx timeout [ 938.335149][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:04:54 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 938.416118][T18617] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 939.038889][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout [ 939.038974][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 939.119031][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:04:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000000)={0x40, 0x6255, 0xffff, 0x0, 0x2}) [ 939.244531][T15936] Bluetooth: hci7: Frame reassembly failed (-84) [ 939.251827][T15936] Bluetooth: hci7: Frame reassembly failed (-84) [ 939.568001][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 939.998923][ T8569] Bluetooth: hci10: command 0xfc11 tx timeout [ 940.005093][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:04:55 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1d000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 940.104560][T15936] Bluetooth: hci10: Frame reassembly failed (-84) [ 940.479054][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:04:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40086602, &(0x7f0000000080)) 08:04:56 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40049409, &(0x7f0000000080)) [ 940.930842][T18659] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 940.968348][T18663] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:04:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 941.121411][ T7795] Bluetooth: hci11: Frame reassembly failed (-84) [ 941.278857][T15599] Bluetooth: hci7: command 0xfc11 tx timeout [ 941.279187][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:04:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000000)={0x40, 0x6255, 0xffff, 0x0, 0x2}) [ 941.459415][T13880] Bluetooth: hci7: sending frame failed (-49) 08:04:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x10) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 941.598810][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 941.735004][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 941.742969][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 942.168751][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 942.705484][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) [ 942.968625][ T8518] Bluetooth: hci6: command 0x1003 tx timeout [ 942.976250][T13880] Bluetooth: hci6: sending frame failed (-49) [ 943.038779][T13435] Bluetooth: hci9: command 0x1003 tx timeout [ 943.045717][T13880] Bluetooth: hci9: sending frame failed (-49) [ 943.118803][T10155] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 943.518676][T15599] Bluetooth: hci7: command 0xfc11 tx timeout [ 943.518779][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:04:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:04:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 943.758740][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 943.765297][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 944.301874][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) 08:05:00 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1f000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 944.718722][T13435] Bluetooth: hci10: command 0xfc11 tx timeout [ 944.724993][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 944.814230][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) [ 945.038614][T15599] Bluetooth: hci6: command 0x1001 tx timeout [ 945.045411][T13880] Bluetooth: hci6: sending frame failed (-49) [ 945.118534][T15599] Bluetooth: hci9: command 0x1001 tx timeout [ 945.124941][T13880] Bluetooth: hci9: sending frame failed (-49) [ 945.678494][ T8518] Bluetooth: hci7: command 0xfc11 tx timeout [ 945.684623][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:05:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) [ 945.838431][T15599] Bluetooth: hci11: command 0xfc11 tx timeout [ 945.838680][T10155] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:05:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) [ 946.318438][T10271] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 946.878380][T13435] Bluetooth: hci10: command 0xfc11 tx timeout [ 946.884614][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 947.118363][T13435] Bluetooth: hci6: command 0x1009 tx timeout [ 947.198449][T13435] Bluetooth: hci9: command 0x1009 tx timeout [ 947.409997][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 949.438302][ T150] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:05:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40095505, &(0x7f0000000080)) 08:05:06 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40085503, &(0x7f0000000080)) 08:05:06 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) write(0xffffffffffffffff, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:06 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1d) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:06 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x20000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 951.196803][T18789] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 951.233140][T15936] Bluetooth: hci7: Frame reassembly failed (-84) 08:05:06 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) write(0xffffffffffffffff, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) [ 951.274064][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) [ 951.308635][T18804] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 951.323911][T15936] Bluetooth: hci9: Frame reassembly failed (-84) 08:05:07 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) write(0xffffffffffffffff, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) [ 953.278089][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 953.278157][ T8518] Bluetooth: hci7: command 0xfc11 tx timeout [ 953.291973][T13435] Bluetooth: hci8: command 0xfc11 tx timeout [ 953.298147][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 953.307300][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 953.391447][ T5] Bluetooth: hci10: command 0x1003 tx timeout [ 953.398329][ T5] Bluetooth: hci9: command 0x1003 tx timeout [ 953.398442][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 953.425573][ T6576] Bluetooth: hci9: sending frame failed (-49) [ 953.815139][T18840] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 953.901199][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 955.447902][ T8595] Bluetooth: hci9: command 0x1001 tx timeout [ 955.449014][ T150] Bluetooth: hci9: sending frame failed (-49) [ 955.460257][ T8595] Bluetooth: hci10: command 0x1001 tx timeout [ 955.466434][ T150] Bluetooth: hci10: sending frame failed (-49) [ 955.917948][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 955.919097][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 955.927260][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 955.931832][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 957.517752][T15599] Bluetooth: hci10: command 0x1009 tx timeout [ 957.523961][T15599] Bluetooth: hci9: command 0x1009 tx timeout 08:05:17 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40106437, &(0x7f0000000080)) 08:05:17 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x48) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:17 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:17 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x5) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:17 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40086602, &(0x7f0000000080)) 08:05:17 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3f000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 962.126787][T18875] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:05:17 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) [ 962.171264][T18877] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 962.193179][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) [ 962.193353][T15936] Bluetooth: hci6: Frame reassembly failed (-84) 08:05:18 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40186366, &(0x7f0000000080)) 08:05:18 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) [ 962.402326][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) 08:05:18 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:18 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:18 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) [ 964.237477][ T5] Bluetooth: hci9: command 0x1003 tx timeout [ 964.237559][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 964.243753][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 964.249678][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 964.257402][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 964.275806][T10155] Bluetooth: hci9: sending frame failed (-49) [ 964.477588][ T8518] Bluetooth: hci10: command 0x1003 tx timeout [ 964.485159][T10155] Bluetooth: hci10: sending frame failed (-49) [ 966.317404][ T8518] Bluetooth: hci9: command 0x1001 tx timeout [ 966.324506][T10155] Bluetooth: hci9: sending frame failed (-49) [ 966.567451][ T5] Bluetooth: hci10: command 0x1001 tx timeout [ 966.574121][T10155] Bluetooth: hci10: sending frame failed (-49) [ 968.397106][ T8518] Bluetooth: hci9: command 0x1009 tx timeout [ 968.637249][ T8518] Bluetooth: hci10: command 0x1009 tx timeout 08:05:28 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x48000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:28 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4c) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:28 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x40186366, &(0x7f0000000080)) 08:05:28 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:28 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x401c5820, &(0x7f0000000080)) [ 972.954641][T18943] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 973.008114][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 973.009613][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 973.014855][T18947] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 973.043455][ T158] Bluetooth: hci6: Frame reassembly failed (-84) 08:05:28 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) [ 973.056955][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 973.081655][ T1102] Bluetooth: hci9: Frame reassembly failed (-84) [ 973.139282][T15936] Bluetooth: hci10: Frame reassembly failed (-84) 08:05:28 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:29 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:29 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:29 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) write(0xffffffffffffffff, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) 08:05:29 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) write(0xffffffffffffffff, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) [ 975.036953][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 975.036970][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 975.051916][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 975.116750][ T8595] Bluetooth: hci9: command 0x1003 tx timeout [ 975.117592][T10155] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 975.124597][T10023] Bluetooth: hci9: sending frame failed (-49) [ 975.136617][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 975.206735][ T5] Bluetooth: hci10: command 0x1003 tx timeout [ 975.213645][T10155] Bluetooth: hci10: sending frame failed (-49) [ 975.570404][T18996] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 975.589500][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 975.614374][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) 08:05:31 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4c000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) write(0xffffffffffffffff, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) [ 975.806156][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 977.196585][ T8595] Bluetooth: hci9: command 0x1001 tx timeout [ 977.204035][T10178] Bluetooth: hci9: sending frame failed (-49) [ 977.276671][ T8595] Bluetooth: hci10: command 0x1001 tx timeout [ 977.284011][T10178] Bluetooth: hci10: sending frame failed (-49) [ 977.596563][ T8518] Bluetooth: hci7: command 0xfc11 tx timeout [ 977.607217][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:05:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x68) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 977.676860][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 977.753068][T19024] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 977.836580][ T5] Bluetooth: hci8: command 0xfc11 tx timeout [ 977.836698][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 978.367124][T10155] Bluetooth: hci7: sending frame failed (-49) [ 979.286497][ T8518] Bluetooth: hci9: command 0x1009 tx timeout [ 979.356486][ T8518] Bluetooth: hci10: command 0x1009 tx timeout [ 979.836627][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 979.839840][T13435] Bluetooth: hci6: command 0xfc11 tx timeout [ 980.355999][T19038] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 980.373072][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 980.415668][ T150] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 980.415846][T15599] Bluetooth: hci7: command 0xfc11 tx timeout [ 982.396640][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:05:39 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x401c5820, &(0x7f0000000080)) 08:05:39 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) write(r0, 0x0, 0x0) 08:05:39 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4020940d, &(0x7f0000000080)) 08:05:39 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:39 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x63f9a6c6) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6c) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 983.830261][T19061] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 983.862079][T19064] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 983.877141][ T6576] Bluetooth: hci7: sending frame failed (-49) 08:05:39 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) write(r0, &(0x7f0000000180)="ce5210ee4f47a62d60c8d13c859d008af5bb8e2d5aed21874df58f0ddffdd417a62465bfcd27f6372617ef9a803fb1efbb84c0d8772be97758bf0eecb1e3aa7b568ab5e03088dd83f3ff4be43aba38f6cfc084b94882823e5a13d2201b9737e731dbfdd7e7ee1fd2d42d32b98e03484da6392a889f39bf7ac9a5efa4c31b441a44a67e903592e05842916def854d7392219eb335740a51cca8edfb9bf7ccbb0b10802cb6d3b295399c987960977dba5bb06d07f99d1eb958e1dacac5f9347a74a35b5abb646d9d035a2c2bb10c2e3bf50ab801d5ad39e891bff0e433694ed7e484f4173603df5d316c891936fe9057677293b77b61cb96dd969516a5b906c541", 0x100) ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000000)={0x40, 0x6255, 0xffff, 0x0, 0x2}) [ 983.933168][T19075] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 983.971104][ T150] Bluetooth: hci6: sending frame failed (-49) [ 984.022061][ T1102] Bluetooth: hci10: Frame reassembly failed (-84) [ 985.915936][ T8518] Bluetooth: hci8: command 0x1003 tx timeout [ 985.916059][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 985.922364][ T8518] Bluetooth: hci7: command 0xfc11 tx timeout [ 985.931042][T13880] Bluetooth: hci8: sending frame failed (-49) [ 985.996067][ T8518] Bluetooth: hci6: command 0x1003 tx timeout [ 985.996246][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 986.002441][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 986.010213][T10271] Bluetooth: hci6: sending frame failed (-49) 08:05:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 986.076120][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 986.225303][ T158] Bluetooth: hci7: Frame reassembly failed (-84) 08:05:42 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x8) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 986.475804][T15599] Bluetooth: hci11: command 0xfc11 tx timeout [ 986.475844][T10178] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:05:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x74) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:42 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x68000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 986.579113][T19121] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 986.606477][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) [ 986.782301][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 987.995671][ T8595] Bluetooth: hci8: command 0x1001 tx timeout [ 988.002459][T13880] Bluetooth: hci8: sending frame failed (-49) [ 988.075678][T15599] Bluetooth: hci6: command 0x1001 tx timeout [ 988.082983][T13880] Bluetooth: hci6: sending frame failed (-49) [ 988.235656][ T150] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 988.235670][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 988.645517][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 988.646812][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 988.655091][ T8595] Bluetooth: hci10: command tx timeout 08:05:44 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 988.805664][T13435] Bluetooth: hci11: command 0xfc11 tx timeout [ 988.812500][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 988.883848][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 989.174863][T19155] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 989.205340][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) [ 990.075216][T13435] Bluetooth: hci8: command 0x1009 tx timeout [ 990.155430][T13435] Bluetooth: hci6: command 0x1009 tx timeout [ 990.955069][ T5] Bluetooth: hci7: command 0xfc11 tx timeout [ 990.955160][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 991.275051][ T8518] Bluetooth: hci9: command 0xfc11 tx timeout [ 991.275408][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 991.281348][T10178] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 991.291982][T13435] Bluetooth: hci10: command 0xfc11 tx timeout [ 991.355208][ T150] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 991.355472][T13435] Bluetooth: hci11: command 0xfc11 tx timeout [ 992.646167][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 992.652499][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 08:05:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7a) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:50 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:50 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6c000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:50 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4020940d, &(0x7f0000000080)) 08:05:50 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4020ae46, &(0x7f0000000080)) [ 994.674866][T19197] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 994.708982][T19198] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 994.737666][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 994.741494][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 996.794312][T13435] Bluetooth: hci9: command 0xfc11 tx timeout [ 996.794417][T10178] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 996.800612][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 996.807944][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 996.823168][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 996.833532][ T5] Bluetooth: hci11: command 0x1003 tx timeout [ 996.839891][ T5] Bluetooth: hci8: command 0x1003 tx timeout [ 996.839983][T10178] Bluetooth: hci11: sending frame failed (-49) [ 996.846072][ T150] Bluetooth: hci8: sending frame failed (-49) [ 997.338652][T19238] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:05:53 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:05:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x300) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:05:53 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x74000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 997.539107][T19251] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 997.556540][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 997.576536][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) [ 998.873930][ T8595] Bluetooth: hci11: command 0x1001 tx timeout [ 998.873930][ T5] Bluetooth: hci8: command 0x1001 tx timeout [ 998.882361][T13880] Bluetooth: hci8: sending frame failed (-49) [ 998.892716][T13880] Bluetooth: hci11: sending frame failed (-49) [ 999.433810][ T8595] Bluetooth: hci6: command 0xfc11 tx timeout [ 999.433865][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:05:55 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x10) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 999.512490][T19267] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 999.521408][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 999.593999][T10155] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 999.594690][ T8595] Bluetooth: hci9: command 0xfc11 tx timeout [ 999.603229][ T5] Bluetooth: hci10: command 0xfc11 tx timeout [ 999.614040][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:05:55 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) [ 999.741705][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 1000.049261][T19286] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1000.953876][ T8227] Bluetooth: hci11: command 0x1009 tx timeout [ 1000.960488][ T8227] Bluetooth: hci8: command 0x1009 tx timeout [ 1001.593666][ T5] Bluetooth: hci6: command 0xfc11 tx timeout [ 1001.593774][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1001.753617][ T8227] Bluetooth: hci7: command 0xfc11 tx timeout [ 1001.759795][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:05:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:05:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:05:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:05:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) [ 1002.073476][ T5] Bluetooth: hci9: command 0xfc11 tx timeout [ 1002.079690][T10023] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:05:57 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7a000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1002.129735][T19314] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1002.153725][T15599] Bluetooth: hci10: command 0xfc11 tx timeout [ 1002.153761][ T150] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1004.233135][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1004.233455][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1004.242341][ T8227] Bluetooth: hci7: command tx timeout [ 1004.772106][T19337] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:06:00 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4020ae46, &(0x7f0000000080)) 08:06:00 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:06:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x500) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:06:00 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1d) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:06:00 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4090ae82, &(0x7f0000000080)) [ 1004.963117][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 1004.995819][T19358] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:06:00 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) [ 1005.015787][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 1005.041415][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) 08:06:00 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9) ioctl$TIOCSETD(0xffffffffffffffff, 0x400455c8, &(0x7f0000000080)) 08:06:00 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9) ioctl$TIOCSETD(0xffffffffffffffff, 0x400455c8, &(0x7f0000000080)) 08:06:01 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9) ioctl$TIOCSETD(0xffffffffffffffff, 0x400455c8, &(0x7f0000000080)) 08:06:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:06:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) [ 1006.872813][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:06:02 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x89800000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1006.981302][T19394] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1007.032869][ T8227] Bluetooth: hci8: command 0x1003 tx timeout [ 1007.039062][T10178] Bluetooth: hci8: sending frame failed (-49) [ 1007.039125][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1007.048352][ T8595] Bluetooth: hci9: command 0x1003 tx timeout [ 1007.071377][ T6576] Bluetooth: hci9: sending frame failed (-49) [ 1007.123042][T10155] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1007.572748][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 1007.654243][ T1102] Bluetooth: hci10: Frame reassembly failed (-84) [ 1009.032609][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1009.112755][ T8227] Bluetooth: hci9: command 0x1001 tx timeout [ 1009.114786][T19237] Bluetooth: hci8: command 0x1001 tx timeout [ 1009.120043][T10271] Bluetooth: hci9: sending frame failed (-49) [ 1009.125368][T10178] Bluetooth: hci8: sending frame failed (-49) [ 1009.562526][T19417] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1009.582608][T15936] Bluetooth: hci6: Frame reassembly failed (-84) [ 1009.592487][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 1009.593065][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1009.672390][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1009.672438][T19237] Bluetooth: hci10: command 0xfc11 tx timeout [ 1011.192231][ T8458] Bluetooth: hci9: command 0x1009 tx timeout [ 1011.192360][T19237] Bluetooth: hci8: command 0x1009 tx timeout [ 1011.592175][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 1011.602983][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:06:10 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4020ae76, &(0x7f0000000080)) 08:06:10 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:06:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x48) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:06:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x600) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:06:10 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x97ffffff) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:06:10 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x41015500, &(0x7f0000000080)) [ 1015.191890][T19441] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1015.248075][T15936] Bluetooth: hci6: Frame reassembly failed (-84) [ 1015.276993][T19454] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:06:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) [ 1015.296673][ T1102] Bluetooth: hci9: Frame reassembly failed (-84) [ 1015.313997][ T158] Bluetooth: hci10: Frame reassembly failed (-84) 08:06:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:06:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:06:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:06:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:06:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) [ 1017.271420][ T150] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1017.271573][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1017.280825][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1017.299673][ T8595] Bluetooth: hci8: command 0xfc11 tx timeout [ 1017.351524][ T8595] Bluetooth: hci9: command 0x1003 tx timeout [ 1017.361880][ T1726] Bluetooth: hci10: command 0x1003 tx timeout [ 1017.365174][T10023] Bluetooth: hci9: sending frame failed (-49) [ 1017.369381][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 1017.811884][T19495] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1019.431037][ T8595] Bluetooth: hci9: command 0x1001 tx timeout [ 1019.431037][ T8518] Bluetooth: hci10: command 0x1001 tx timeout [ 1019.437483][T10023] Bluetooth: hci10: sending frame failed (-49) [ 1019.449582][T10271] Bluetooth: hci9: sending frame failed (-49) [ 1019.831166][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1019.831244][ T8595] Bluetooth: hci6: command 0xfc11 tx timeout [ 1019.910911][T19237] Bluetooth: hci8: command 0xfc11 tx timeout [ 1019.911027][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1021.510766][ T8458] Bluetooth: hci10: command 0x1009 tx timeout [ 1021.516957][ T8458] Bluetooth: hci9: command 0x1009 tx timeout 08:06:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x4090ae82, &(0x7f0000000080)) 08:06:21 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:06:21 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xc6a6f963) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:06:21 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4c) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:06:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x700) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:06:21 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80045432, &(0x7f0000000080)) [ 1026.102892][T19525] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:06:21 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) [ 1026.166820][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 1026.177683][ T6576] Bluetooth: hci6: sending frame failed (-49) [ 1026.192344][T19533] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:06:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x41015500, &(0x7f0000000080)) 08:06:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) [ 1026.467195][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) 08:06:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:06:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:06:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) 08:06:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x400455c8, &(0x7f0000000080)) [ 1028.229850][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1028.230030][T10155] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1028.239455][ T8518] Bluetooth: hci6: command tx timeout [ 1028.245874][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1028.254118][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout [ 1028.263478][T15599] Bluetooth: hci7: command tx timeout [ 1028.324857][ T8595] Bluetooth: hci9: command 0x1003 tx timeout [ 1028.331285][T10155] Bluetooth: hci9: sending frame failed (-49) [ 1028.469910][ T1726] Bluetooth: hci10: command 0x1003 tx timeout [ 1028.476261][T10155] Bluetooth: hci10: sending frame failed (-49) 08:06:24 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf5ffffff) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1028.816375][T19588] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1028.868003][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 1028.874562][T15936] Bluetooth: hci6: Frame reassembly failed (-84) [ 1029.029856][ T1726] Bluetooth: hci11: command 0x1003 tx timeout [ 1029.036332][T13880] Bluetooth: hci11: sending frame failed (-49) [ 1030.389681][T15599] Bluetooth: hci9: command 0x1001 tx timeout [ 1030.397039][T13880] Bluetooth: hci9: sending frame failed (-49) [ 1030.559435][ T8595] Bluetooth: hci10: command 0x1001 tx timeout [ 1030.565842][T13880] Bluetooth: hci10: sending frame failed (-49) [ 1030.869487][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1030.870855][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1030.878899][ T8595] Bluetooth: hci6: command 0xfc11 tx timeout 08:06:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:06:26 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x68) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1030.949645][ T1726] Bluetooth: hci8: command 0xfc11 tx timeout [ 1030.950862][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1031.024212][T19614] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1031.119618][ T1726] Bluetooth: hci11: command 0x1001 tx timeout [ 1031.129867][T10155] Bluetooth: hci11: sending frame failed (-49) [ 1032.469142][ T7] Bluetooth: hci9: command 0x1009 tx timeout [ 1032.629285][ T7] Bluetooth: hci10: command 0x1009 tx timeout [ 1033.109072][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 1033.109354][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1033.117708][ T150] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1033.124927][ T8518] Bluetooth: hci6: command tx timeout [ 1033.189321][ T8595] Bluetooth: hci11: command 0x1009 tx timeout [ 1033.509026][ T7] Bluetooth: hci8: command 0xfc11 tx timeout [ 1033.519139][T10155] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:06:29 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xfdfdffff) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1033.642130][T19637] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1033.658081][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 1033.670338][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 1033.704299][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) [ 1035.668916][ T150] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1035.678411][T10155] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1035.749875][ T1726] Bluetooth: hci8: command 0xfc11 tx timeout [ 1035.756052][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1036.232399][T19660] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1036.255820][ T158] Bluetooth: hci6: Frame reassembly failed (-84) 08:06:32 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80045440, &(0x7f0000000080)) 08:06:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1d00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:06:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5000940b, &(0x7f0000000080)) 08:06:32 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6c) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1036.921055][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 1036.967779][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 1036.985556][T19680] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1037.009546][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 1037.041444][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) 08:06:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x400455c8, &(0x7f0000000080)) [ 1037.541974][ T9202] Bluetooth: hci11: sending frame failed (-49) [ 1038.308475][T19237] Bluetooth: hci6: command 0xfc11 tx timeout [ 1038.308613][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:06:34 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xfdffffff) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1038.398384][T19706] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1038.948300][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 1038.948478][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1039.028649][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1039.028681][T19237] Bluetooth: hci9: command 0x1003 tx timeout [ 1039.036444][T10023] Bluetooth: hci9: sending frame failed (-49) [ 1039.108387][ T8458] Bluetooth: hci10: command 0x1003 tx timeout [ 1039.114996][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 1039.598228][ T8458] Bluetooth: hci11: command 0x1003 tx timeout [ 1039.605280][ T9202] Bluetooth: hci11: sending frame failed (-49) [ 1040.468229][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1040.468289][ T8595] Bluetooth: hci6: command 0xfc11 tx timeout [ 1040.991790][T19729] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1041.011041][ T9202] Bluetooth: hci6: sending frame failed (-49) [ 1041.118331][ T8445] Bluetooth: hci9: command 0x1001 tx timeout [ 1041.124735][ T9202] Bluetooth: hci9: sending frame failed (-49) [ 1041.188069][ T8458] Bluetooth: hci10: command 0x1001 tx timeout [ 1041.195378][ T9202] Bluetooth: hci10: sending frame failed (-49) 08:06:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1f00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1041.508406][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1041.588002][ T8458] Bluetooth: hci8: command 0xfc11 tx timeout [ 1041.598315][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:06:37 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x74) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1041.668302][ T8518] Bluetooth: hci11: command 0x1001 tx timeout [ 1041.675710][T10023] Bluetooth: hci11: sending frame failed (-49) [ 1041.733667][T15936] Bluetooth: hci8: Frame reassembly failed (-84) 08:06:38 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xfeffffff) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1043.027779][ T1726] Bluetooth: hci6: command 0xfc11 tx timeout [ 1043.031726][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1043.114633][T19753] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1043.192595][ T1726] Bluetooth: hci9: command 0x1009 tx timeout [ 1043.267991][ T8518] Bluetooth: hci10: command 0x1009 tx timeout [ 1043.588012][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1043.747721][ T1726] Bluetooth: hci8: command 0xfc11 tx timeout [ 1043.748043][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1043.763239][ T8445] Bluetooth: hci11: command 0x1009 tx timeout [ 1044.284308][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 1045.187402][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 1045.199160][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1045.714830][T19776] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1045.742200][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) 08:06:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1046.147437][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1046.307559][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1046.307844][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout 08:06:42 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7a) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1046.423041][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) 08:06:42 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80085502, &(0x7f0000000080)) [ 1047.096207][T19800] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1047.122712][T15936] Bluetooth: hci9: Frame reassembly failed (-84) 08:06:43 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x400455c8, &(0x7f0000000080)) 08:06:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80045432, &(0x7f0000000080)) [ 1047.748625][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1047.758418][ T8445] Bluetooth: hci6: command tx timeout 08:06:43 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xfffffdfd) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1047.832864][T19815] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1047.883779][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 1047.913459][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) [ 1047.948206][ T1192] Bluetooth: hci11: Frame reassembly failed (-84) [ 1048.227233][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1048.237360][ T8445] Bluetooth: hci7: command tx timeout [ 1048.467268][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1048.476467][ T8595] Bluetooth: hci8: command tx timeout [ 1048.999053][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 1049.187083][ T8595] Bluetooth: hci9: command 0x1003 tx timeout [ 1049.193459][T10023] Bluetooth: hci9: sending frame failed (-49) [ 1049.906851][ T8518] Bluetooth: hci6: command 0x1003 tx timeout [ 1049.913818][T10023] Bluetooth: hci6: sending frame failed (-49) [ 1049.997041][T19237] Bluetooth: hci11: command 0xfc11 tx timeout [ 1050.003708][ T150] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1050.013212][ T8595] Bluetooth: hci10: command 0x1003 tx timeout [ 1050.023531][ T150] Bluetooth: hci10: sending frame failed (-49) 08:06:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3f00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1050.786902][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1050.796286][T19237] Bluetooth: hci7: command tx timeout [ 1050.880565][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) 08:06:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x300) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1051.026814][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1051.035792][T19237] Bluetooth: hci8: command tx timeout [ 1051.266738][ T8595] Bluetooth: hci9: command 0x1001 tx timeout [ 1051.273016][T10023] Bluetooth: hci9: sending frame failed (-49) [ 1051.986642][ T8595] Bluetooth: hci6: command 0x1001 tx timeout [ 1051.993144][T10023] Bluetooth: hci6: sending frame failed (-49) [ 1052.066576][ T8445] Bluetooth: hci10: command 0x1001 tx timeout [ 1052.074625][T10023] Bluetooth: hci10: sending frame failed (-49) 08:06:48 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xffffff7f) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1052.546759][ T150] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1052.546894][ T8445] Bluetooth: hci11: command 0xfc11 tx timeout [ 1052.946649][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1053.186441][ T8445] Bluetooth: hci8: command 0xfc11 tx timeout [ 1053.192563][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1053.346479][ T8445] Bluetooth: hci9: command 0x1009 tx timeout [ 1053.471678][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 1053.719050][T10023] Bluetooth: hci8: sending frame failed (-49) [ 1054.067014][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.067078][ T8595] Bluetooth: hci6: command 0x1009 tx timeout [ 1054.073386][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.146349][T19237] Bluetooth: hci10: command 0x1009 tx timeout [ 1054.706190][T19237] Bluetooth: hci11: command 0xfc11 tx timeout [ 1054.706319][ T150] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1055.251078][ T7795] Bluetooth: hci11: Frame reassembly failed (-84) 08:06:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1055.506122][T19237] Bluetooth: hci7: command 0xfc11 tx timeout [ 1055.506293][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1055.596220][T15936] Bluetooth: hci7: Frame reassembly failed (-84) [ 1055.746152][ T1726] Bluetooth: hci8: command 0xfc11 tx timeout [ 1055.746281][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:06:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x500) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1055.862049][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 1057.266247][ T150] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1057.269016][ T8595] Bluetooth: hci11: command 0xfc11 tx timeout 08:06:53 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xffffff97) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:06:53 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80086301, &(0x7f0000000080)) [ 1057.391445][T19926] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1057.412045][T15936] Bluetooth: hci9: Frame reassembly failed (-84) [ 1057.461103][T10023] Bluetooth: hci11: sending frame failed (-49) [ 1057.666036][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1057.675023][T15599] Bluetooth: hci7: command tx timeout [ 1057.916053][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1057.918492][T15599] Bluetooth: hci8: command 0xfc11 tx timeout 08:06:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80045440, &(0x7f0000000080)) [ 1058.031463][T19949] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1058.220940][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 1058.466567][T10023] Bluetooth: hci8: sending frame failed (-49) 08:06:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x400455c8, &(0x7f0000000080)) [ 1059.425626][T15599] Bluetooth: hci9: command 0xfc11 tx timeout [ 1059.425737][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1059.516231][T15599] Bluetooth: hci11: command 0x1003 tx timeout [ 1059.524661][ T150] Bluetooth: hci11: sending frame failed (-49) [ 1059.946783][T19974] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1059.972427][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 1060.080936][T15599] Bluetooth: hci6: command 0x1003 tx timeout [ 1060.087965][T10023] Bluetooth: hci6: sending frame failed (-49) 08:06:55 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4800) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1060.225654][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:06:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x600) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1060.465760][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1060.552688][T15936] Bluetooth: hci8: Frame reassembly failed (-84) [ 1060.715563][T15599] Bluetooth: hci10: command 0x1003 tx timeout [ 1060.722028][T10023] Bluetooth: hci10: sending frame failed (-49) [ 1061.585366][ T8518] Bluetooth: hci11: command 0x1001 tx timeout [ 1061.592091][T10023] Bluetooth: hci11: sending frame failed (-49) [ 1061.985433][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1061.985462][T15599] Bluetooth: hci9: command 0xfc11 tx timeout 08:06:57 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xfffffff5) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1062.077275][T19998] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1062.145321][T15599] Bluetooth: hci6: command 0x1001 tx timeout [ 1062.151456][T10023] Bluetooth: hci6: sending frame failed (-49) [ 1062.305336][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1062.625285][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 1062.631454][ T9202] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1062.785263][T19237] Bluetooth: hci10: command 0x1001 tx timeout [ 1062.792700][ T9202] Bluetooth: hci10: sending frame failed (-49) [ 1062.839259][T10178] Bluetooth: hci7: sending frame failed (-49) [ 1063.153602][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 1063.665191][T19237] Bluetooth: hci11: command 0x1009 tx timeout [ 1064.145067][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1064.225089][T19237] Bluetooth: hci6: command 0x1009 tx timeout [ 1064.659365][T20021] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:07:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4c00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1064.865187][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1064.874212][T15599] Bluetooth: hci7: command tx timeout [ 1064.887333][T15599] Bluetooth: hci10: command 0x1009 tx timeout [ 1065.184928][ T8595] Bluetooth: hci8: command 0xfc11 tx timeout [ 1065.191129][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:07:00 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x700) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1065.283028][T10023] Bluetooth: hci8: sending frame failed (-49) 08:07:02 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xfffffffd) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1066.704884][ T8595] Bluetooth: hci9: command 0xfc11 tx timeout [ 1066.704956][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1066.801954][T20045] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1066.823938][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 1067.024698][T15599] Bluetooth: hci7: command 0xfc11 tx timeout [ 1067.034718][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1067.344656][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:07:03 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80086601, &(0x7f0000000080)) [ 1067.891357][ T158] Bluetooth: hci11: Frame reassembly failed (-84) 08:07:03 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80085502, &(0x7f0000000080)) [ 1068.241090][T20079] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:07:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x400455c8, 0x0) [ 1068.864611][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1068.866979][ T8595] Bluetooth: hci9: command 0xfc11 tx timeout [ 1068.943774][T20090] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1069.423638][T15936] Bluetooth: hci10: Frame reassembly failed (-84) [ 1069.584390][T15599] Bluetooth: hci7: command 0xfc11 tx timeout [ 1069.590557][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:07:05 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6800) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1069.674558][ T8518] Bluetooth: hci8: command 0x1003 tx timeout [ 1069.687486][T13880] Bluetooth: hci8: sending frame failed (-49) 08:07:05 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1069.904421][ T9202] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1069.904511][ T8595] Bluetooth: hci11: command 0xfc11 tx timeout [ 1069.995985][T13880] Bluetooth: hci11: sending frame failed (-49) [ 1070.304426][ T8595] Bluetooth: hci6: command 0x1003 tx timeout [ 1070.311360][T13880] Bluetooth: hci6: sending frame failed (-49) [ 1071.034223][ T8518] Bluetooth: hci9: command 0x1003 tx timeout [ 1071.041528][T13880] Bluetooth: hci9: sending frame failed (-49) [ 1071.424120][T15599] Bluetooth: hci10: command 0xfc11 tx timeout [ 1071.424267][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:07:07 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xfffffffe) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1071.548624][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) [ 1071.744031][ T8518] Bluetooth: hci8: command 0x1001 tx timeout [ 1071.744119][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1071.751505][T13880] Bluetooth: hci8: sending frame failed (-49) [ 1072.064200][ T8518] Bluetooth: hci11: command 0xfc11 tx timeout [ 1072.064236][ T9202] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1072.393937][ T8458] Bluetooth: hci6: command 0x1001 tx timeout [ 1072.400999][T13880] Bluetooth: hci6: sending frame failed (-49) [ 1073.104072][ T8458] Bluetooth: hci9: command 0x1001 tx timeout [ 1073.110338][T10155] Bluetooth: hci9: sending frame failed (-49) [ 1073.583933][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1073.593097][ T8518] Bluetooth: hci10: command tx timeout [ 1073.823815][ T8518] Bluetooth: hci8: command 0x1009 tx timeout [ 1074.121597][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) 08:07:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6c00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1074.303767][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1074.303826][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 1074.463694][ T8458] Bluetooth: hci6: command 0x1009 tx timeout [ 1074.623768][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1074.623786][T15599] Bluetooth: hci11: command 0xfc11 tx timeout 08:07:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1d00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1075.183728][ T8595] Bluetooth: hci9: command 0x1009 tx timeout [ 1076.143619][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1076.143627][T19237] Bluetooth: hci10: command 0xfc11 tx timeout 08:07:11 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xffffffff) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1076.463517][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 1076.475513][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1076.783674][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1077.025028][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 1077.318006][ T8] Bluetooth: hci11: Frame reassembly failed (-84) 08:07:13 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x801c581f, &(0x7f0000000080)) [ 1077.857069][T15936] Bluetooth: hci8: Frame reassembly failed (-84) [ 1078.303412][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1078.306234][T19237] Bluetooth: hci10: command 0xfc11 tx timeout 08:07:14 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80086301, &(0x7f0000000080)) [ 1078.459363][T20202] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1078.475696][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 1079.023100][T19237] Bluetooth: hci7: command 0xfc11 tx timeout [ 1079.026133][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:07:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7400) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:07:14 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7a000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1079.139280][ T158] Bluetooth: hci7: Frame reassembly failed (-84) [ 1079.173892][T20223] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1079.353255][ T8569] Bluetooth: hci11: command 0xfc11 tx timeout [ 1079.359575][ T9202] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:07:15 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1f00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1079.459094][ T1192] Bluetooth: hci11: Frame reassembly failed (-84) [ 1079.902940][T19237] Bluetooth: hci8: command 0x1003 tx timeout [ 1079.909882][T10155] Bluetooth: hci8: sending frame failed (-49) [ 1080.542997][ T8458] Bluetooth: hci6: command 0x1003 tx timeout [ 1080.549880][T10155] Bluetooth: hci6: sending frame failed (-49) [ 1080.862944][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1080.863361][T19237] Bluetooth: hci10: command 0xfc11 tx timeout 08:07:16 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r1, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @out_args}, './file0\x00'}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000240)=0xe) ioctl$PIO_UNIMAPCLR(r2, 0x4b68, &(0x7f0000000180)={0x20, 0x6, 0x1ff}) preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x2) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x10) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/bcm5974', 0x40, 0x1b6) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1081.006263][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 1081.182866][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 1081.183035][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1081.263131][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1081.263181][T19237] Bluetooth: hci9: command 0xfc11 tx timeout [ 1081.502953][ T9202] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:07:17 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5509, &(0x7f0000000080)) [ 1081.801393][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) [ 1081.811703][T20257] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1081.842138][ T8] Bluetooth: hci9: Frame reassembly failed (-84) [ 1081.984967][T19237] Bluetooth: hci8: command 0x1001 tx timeout [ 1081.991038][T13880] Bluetooth: hci8: sending frame failed (-49) [ 1082.037457][ T8] Bluetooth: hci11: Frame reassembly failed (-84) [ 1082.622784][T19237] Bluetooth: hci6: command 0x1001 tx timeout [ 1082.629034][T10155] Bluetooth: hci6: sending frame failed (-49) [ 1083.022770][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:07:19 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r1, 0x0) preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r2, 0x0) preadv(r2, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x14) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1083.645461][ T8] Bluetooth: hci10: Frame reassembly failed (-84) [ 1083.822658][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:07:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7a00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1083.902490][ T8595] Bluetooth: hci9: command 0x1003 tx timeout [ 1083.910257][ T9202] Bluetooth: hci9: sending frame failed (-49) 08:07:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1084.062614][ T8595] Bluetooth: hci11: command 0xfc11 tx timeout [ 1084.068822][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1084.078353][ T8595] Bluetooth: hci8: command 0x1009 tx timeout [ 1084.166267][ T1102] Bluetooth: hci11: Frame reassembly failed (-84) [ 1084.702410][ T8595] Bluetooth: hci6: command 0x1009 tx timeout [ 1085.662466][ T8595] Bluetooth: hci10: command 0xfc11 tx timeout [ 1085.662527][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1085.982383][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1085.991411][ T8569] Bluetooth: hci7: command tx timeout [ 1085.999791][ T8569] Bluetooth: hci9: command 0x1001 tx timeout [ 1086.016027][ T9202] Bluetooth: hci9: sending frame failed (-49) 08:07:21 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x4ffe6, 0x0) ioctl$KDGETKEYCODE(r1, 0x4b4c, &(0x7f0000000000)={0xab, 0x2}) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xa, 0x12, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1086.222381][T19237] Bluetooth: hci11: command 0xfc11 tx timeout [ 1086.228667][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1086.287583][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) 08:07:23 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8208ae63, &(0x7f0000000080)) [ 1088.072032][T19237] Bluetooth: hci9: command 0x1009 tx timeout [ 1088.302057][T19237] Bluetooth: hci7: command 0xfc11 tx timeout [ 1088.308242][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:07:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x8089) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1088.542023][ T9202] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1088.542054][ T8518] Bluetooth: hci10: command 0xfc11 tx timeout 08:07:24 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x80086601, &(0x7f0000000080)) [ 1088.646298][T20342] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1088.661589][ T1102] Bluetooth: hci6: Frame reassembly failed (-84) [ 1088.724736][ T1102] Bluetooth: hci7: Frame reassembly failed (-84) 08:07:24 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3f00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1088.782122][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1090.151778][ T8595] Bluetooth: hci8: command 0x1003 tx timeout [ 1090.159191][T10155] Bluetooth: hci8: sending frame failed (-49) [ 1090.701892][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1090.781700][ T8595] Bluetooth: hci7: command 0x1003 tx timeout [ 1090.787977][ T6576] Bluetooth: hci7: sending frame failed (-49) [ 1090.861687][ T8595] Bluetooth: hci10: command 0xfc11 tx timeout [ 1090.861848][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:07:26 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) sendfile(r1, r0, &(0x7f00000000c0)=0x9, 0x7) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="38000000200010002bbd7000fedbdf2502101402f80000031800000008000200640101010c000c400000000000000037080002007f220001"], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0xc008004) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000000)=0x1) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1090.941662][ T8595] Bluetooth: hci11: command 0xfc11 tx timeout [ 1090.947989][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1090.980773][T20374] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1091.230875][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) [ 1091.503226][T10155] Bluetooth: hci11: sending frame failed (-49) [ 1092.223814][ T8595] Bluetooth: hci8: command 0x1001 tx timeout [ 1092.230646][T10155] Bluetooth: hci8: sending frame failed (-49) 08:07:28 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x68) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1092.565129][T20396] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1092.588639][ T8] Bluetooth: hci9: Frame reassembly failed (-84) [ 1092.861527][T19237] Bluetooth: hci7: command 0x1001 tx timeout [ 1092.868502][T10155] Bluetooth: hci7: sending frame failed (-49) [ 1093.021354][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 1093.032572][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:07:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x20000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1093.261350][ T8595] Bluetooth: hci10: command 0xfc11 tx timeout [ 1093.261503][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1093.346549][T20408] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:07:29 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1093.591564][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1093.689885][ T8] Bluetooth: hci11: Frame reassembly failed (-84) [ 1094.311227][ T8569] Bluetooth: hci8: command 0x1009 tx timeout [ 1094.621440][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1094.941302][ T8569] Bluetooth: hci7: command 0x1009 tx timeout 08:07:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000080)=""/121, 0x79}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/159, 0x9f}, {&(0x7f0000001240)=""/149, 0x95}], 0x4, 0x5, 0xffffff09) r2 = syz_open_dev$evdev(0x0, 0x3, 0x2000) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f000005d100)={{0x0, 0x9, 0x0, 0x101}}) r5 = syz_open_dev$usbfs(&(0x7f0000000180), 0x77, 0x1) ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect={0x0, 0x5517, 0x48000000}) ioctl$USBDEVFS_IOCTL(r5, 0x8108551b, &(0x7f0000000380)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f000005a700)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f000005f100)={0x4, [{}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {0x0}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {0x0}, {}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0}, {0x0}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {r4, r7}], 0x0, "b67d5166ab9c79"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004d100)={0xfffffffffffffff9, [{}, {0x0, r48}, {}, {0x0, r127}, {}, {}, {}, {0x0, r103}, {}, {0x0, r29}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {0x0, r7}, {}, {}, {}, {r102, r71}, {r43}, {r10}, {r80}, {0x0, r115}, {0x0, r93}, {0x0, r96}, {}, {}, {0x0, r86}, {0x0, r23}, {}, {}, {0x0, r76}, {}, {}, {r128, r35}, {}, {}, {}, {r24, r57}, {0x0, r122}, {}, {}, {}, {r67}, {}, {r62}, {0x0, r132}, {0x0, r118}, {0x0, r21}, {0x0, r36}, {}, {r81}, {0x0, r115}, {r114, r129}, {0x0, r92}, {}, {}, {}, {}, {}, {}, {}, {}, {r19}, {}, {}, {r60}, {0x0, r11}, {}, {0x0, r97}, {}, {r15, r88}, {r124}, {}, {}, {0x0, r105}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r22}, {r50, r120}, {}, {r32, r51}, {r66}, {}, {0x0, r117}, {}, {r49}, {}, {0x0, r45}, {r44, r107}, {}, {r52, r25}, {0x0, r18}, {}, {}, {}, {0x0, r59}, {r133}, {r68, r9}, {}, {}, {r109}, {r91}, {}, {}, {0x0, r14}, {}, {0x0, r33}, {r22}, {0x0, r84}, {}, {r99, r12}, {0x0, r100}, {0x0, r37}, {0x0, r72}, {r74}, {r38}, {}, {}, {}, {r94}, {}, {r98}, {}, {}, {}, {r53}, {r8}, {}, {}, {}, {r55}, {0x0, r17}, {}, {r85}, {r63, r47}, {r125}, {0x0, r56}, {0x0, r123}, {}, {}, {r49}, {0x0, r111}, {0x0, r18}, {r108}, {r89}, {}, {}, {0x0, r73}, {}, {}, {}, {0x0, r79}, {0x0, r39}, {}, {0x0, r29}, {r28}, {0x0, r110}, {r67}, {}, {}, {}, {r40}, {}, {r46, r16}, {}, {}, {0x0, r54}, {0x0, r75}, {r70}, {0x0, r13}, {r27, r14}, {}, {0x0, r61}, {0x0, r20}, {}, {r106}, {r83, r65}, {}, {r95, r116}, {r34, r59}, {r90}, {}, {}, {}, {r112}, {0x0, r130}, {}, {}, {}, {0x0, r117}, {r26}, {}, {r119}, {r41}, {r69}, {}, {r77}, {}, {}, {}, {}, {}, {0x0, r30}, {}, {r121}, {}, {r19}, {}, {}, {r85}, {}, {r87, r101}, {}, {}, {}, {r64}, {}, {0x0, r78}, {}, {}, {}, {0x0, r47}, {0x0, r126}, {r6, r115}, {}, {}, {0x0, r131}, {r31, r82}, {0x0, r104}, {}, {}, {}, {0x0, r23}, {}, {}, {0x0, r113}, {}, {0x0, r42}, {r58}], 0x8, "3c1d4c65c79995"}) ioctl$BTRFS_IOC_TREE_SEARCH(r2, 0xd0009411, &(0x7f0000001740)={{r6, 0x0, 0x6965, 0x3ff, 0x1, 0x2, 0x1, 0x9, 0x80000001, 0x0, 0xa3, 0x6, 0x0, 0x0, 0x7f}}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000180)={0x0, r6, "8e2713efd389b286e5593727f2f9e543618db2868ec67ebafed03a15cdd3da939d40cadbcce8d4d82f468357f36b463e814ac914dae8dcdee975dd0825a3bc8ccb5eec58753cfa9119b7595048d61c579e7e1f1ec5611d20b70bc75b29b741a79183f1d6e74f5868e5dd561dfc5c5c5eb98091d0b35d33b91c753476217d62462f177853aecf5983b00a62255ce32d1aaf3ddd52016f6dce15edbdc3cbc71169d29442f93fa77a0fd6e26dc0dd97323d3ef55eb94e8b56a5981f62935173c74b9027adb9328b4cb783c86865b5e1c41b3b59d7a0fd6485b199c5a6393daed292df07c793f56ad1ac700705c5ba94995c3d7a41613021037bc12e657e5d13204e", "48e560cf24238942dfa82b43efd443d8bbab3fe49ae110c7f908db1e85391c078c8f358ad6e9bddcd1c58c460d1a1e5a204eff5a0e958642ff7d788b9677c174e051f666e2b7bbe574f711446e4a29563a57717a2407f0ce0e0070a97b9a930f93ca659b1c856089000d242d4bb74af6697868e992286ba272a4e78b434f0594fc647173c68a61d190e8a0bbf05afe6e502985c1ad45c972a9d5dd36173c54a8120b8ff6ac02eec6457f838905d30049f8bcc2283c45a51a55426bd96322a728164eb3649eb74354da2abb19ed8c798a9c6983e067d46a35a191996ac5eae93aa6a120c81072861414ae0f3f12457bf2f83b2d8263665c53e374d86b885d443d42ebee9e2e2bc7194a98b986f24b850f3f100918a3ae1cdd0295a0175c84ffb3543ad2b20986a3b541b90abd56753a5735107f8a0fcc7112a5891ac37e2b46e7dd2fe86bb78fcb90911f125525685edfd9b10371059977323bfd4ccbd2955e192ac309f7607d3e17c107e5b40a084d199e59492099ecbf7657d3e7b8ca8b8126c2514c4019d9abc296deea260d8e181a6ee440505c3b686af733a52c864e4656e38c2316db649f1aba80f134d5965b726d7329b0adb7c94af0fcc12a1b89c4d63148142b0e1a9cc317b29ec992e4b378dc73816d8014ecb975578c01480505cd386cc2069171378f9284bfb41a02c73b3b160fefdefe2f49dfdcbf7912a68874329fb53c5946d31d307ba615aa7ebcfd8cce4294364d8e5a6abd5f051719f93e42cb5dc09b6b178192e359bc53b55c9fb0b8c0834bcf2dddf3f08b9c9c5e3cce4da0e12cfa17d137cc39227600f96da717ff33642ce5f54aeda53f601645cda7c43a8127948edb56da66403b9f166d19c46aa8a3d97145381f9c266aee270fd9a8d4e41f0957c8903ce419f5d2e9e6a274c1ac5bd59f1bab3f0f6a819ece02f96c654b23071820dd6108781377b0a581ad5407471ecb33ad1a2b296ccf68a6ef3dd30e45350e41ca57152a0de2657f2d4e9931a75379bc0f67ff3de2189878b0dc4de747f8e2e57ca116127c5b477355f6be2d6f4c5ae3e0656fbad7f06eabd947cb0cbbf1ccc475c96366c54c12f08131f4c8f282fe60285f9c540a3752a6d24c4032e04c79a2688526d74d9190a396a8c5abc49406a1b8132c4d1fa63cf00341d181d1f5d2e4428b03309de2185134097a234593576ab4aba4a5abd44536b093069d618ff4fe3fe2a72b31ac9c540db8ce5224d6b06cddec7b7e9dc09fcac254971db1297d2686f12a597cdf287e45e9285ef4eb7b696e1a56a7982118d0c4d25d2d64eba130adca51648fe9fdaddbaa6fd650bc7f4a5cdaadd34ba9d5c9d045b64c67c55de2f4b500df34751c81444886f4a832f584989d3fcdf499648c427f9bd94b80ff3b53ed52254a7031b2e7941c9d4483604cdcaf464399cba29d57e11ad508d4eb759e6056a48f6d4ce1184d707bb973bb17b5728b8e814e11e821c9451fd60c1fc178dbfe65e7eeebca8346cdadb3f5383218c011272052965edc026acc3c36cc95333dd3e067226e782c1951c15fcf251cc41e4b7c42446b8d83d4bfb77c8b66749b2f52ba4f299042c37ed59bd4af1e4e69fd41ac424ba5db96d8158eee90ed32fec14638d2531d3f7b7a151a6981575a1a767dc7f6db1cf6cce6cb55580bbdb236a83ccca8918ec0e8c405c15a49e0eb1d5209b27ad4b7a472162b966adf98d625c31be9736116ef8e3aed5926d80a950290db6bce5b84f52a182da6fefffa85c17db634a0de800701042cf7afeb9caa7a6257d3c418722b1e4ce040a55ca33daee4285abb4970234babe862f3d4079990ca8ac373f8133b1eec5cb6b0c8b4856fca9c9870e7ce3e37bafbed734fc82e297718e07e7f679ba6d02e15a595dbb5d42ed38e8367c5eb559b30da18971aacfaa3f8aad1d6cd47bff7250cb32c949ae6278410c95434ecbe789cb1397bec8fd337845df2a1d0638e04b1b6e74e5186d48fd48f3dd3ef3c835c83da23f431a5462b0f65de0e4320814dfbe60f3b6599e61da61baa0e2c5100460910e8b076725edb4ee7a1edc83e54ef6267514e481fcdc57e3b5e1729c55c4069506c1a4b76c2a141b8a9132cd94425589f83a3ff91872cea584af6dacadf537721927969699f17244e55b9af45d95e3190e2501b4974ccc7e6bdc1c64ed58d2230fc24a7ff185cb873039113406802f84f2750b7fc4e90aabf38907a5883a4e004e8a54d4d23ae989132d57311bed394466d728a1c1c7b9d6350b0324e30c36e729906e2b7651b726c5925051ccc707039ae040cb80d514887181db7e6953072df806e43490d71b5065fda3d55b5039872bd593c646ad29d6c4bdd6c53aa5cb164ac20806946e5b7f4e1d432cc3eed28c011ef8a65e3190c77874c876f39d20e5bb5355729b83199e95f159bb025bffd869b4f2412a2b0959e10312f8bbd2a8a36166f9cb21c0f71c18604f2c09e72cf57e05a4c4a3708d9140bc652a7535a3fc120dbfe190804f3e03367eda6b0aaa9cf2d4f2c9f12dce4ccdfe47a9709df208bdac33c399c7d7e41bb7565396401248c0f94faccc234452cd51a80a17b555c1e2831e6b98d29fc781bbc86a471b04ade04e32b0ecbd9e3386fb2dc7415eacb4432091c057e734f617cc3db509b100313cf3c44909c8d752db6ca4850c8b5d2630db69d9d829814bb802b58d6d2f2e622a735f4b314a90a26ed2d197510b0f10bc2868765dc83b21cebb3791224d87257fa87d555981a743a5ba7bf88676ec840572b9c8509dbc4dd4d549446665edfc18749d03e503d41633e93015929c270370188dff84a270d8840e194be8f6ee0718467f67142f19eaf957540751c224cf24c12009375476db7234fe7d4f44f404ffc8575e437ae209dee60b8eeecb9ba9180a3c28a7a60c385b9a722ce866b4671da22e209fe1ab9dd58e43ac27acd5191a75b0abd6d04edef3f01f3c5c7d3f5e0c127c36de67781476ff68765f8e8d2dd586d4ccb26ef2839f11ef7b6d2477bad954d5290d1465a0d224211b1debd40ff38763c5dec540078bfc90ab053c005f9b4c4b2ec2d2c584d4cfa84dc7bb3f6cec7f4831762ac3a3cfb603ed749a5f75e7d4da2a3e179e603cd1e02a9d6924a0b5edc3e3a710a86ce5f61c48cf8d7a7764564e3a9d65163dcfa053a2a76d83e5f30cb93ddaf0543a03d7ce9b75dc1352d903dec49cae8935966ac343e1a41d38d9205d03d56f9e58084c7417f6344e25de2d678e3ac82bef404aabe20a603aaf68554af2d16d1987fb38910deadea3f56e1a4b5653b0ffed4b7e933dff810a25ce176d5ff1870dc3fe14ba4d934492532ebf4a542c54718f9b692a9461f069515bbc041cb72da58b5ae5c9c3710a1b8ff2c840d5ea70abc081d6cb60096f3d35570d186ef0e50871582887b76b2024a50943343ff913281d6933f6b8606afdf2d2b9a7e3f1629a5730ad29ef58dc591fbb1f3024ef145e5aaeed7d554c214e929689a52211731da62c6a86e9db9d9a61a48a36cdbc7e7383d98a8b28c41ca3bb52ce3016642eb0de30853dc0d1c5dfbe595257ea786b92b30ce56f2fa684ecdf7b418a3c8cd7d047f0ddfbf58178d99cd14675b6957cb344127434fa8ed2b8539897e5b81be705f0c4999f0257f85c532405593ff6b5834d613b5e339a01e2141dec09d008c49983eb64ca7c34ed98227c4d7e717f0b72071b522c0c1fb813c7144eb871b8933ff3b489d669e966056929b30a4787992784615674a89f0cb3338a3ef0e87bf6b9075b0403a3d6cdc65ad7753da8509c72de0f9bd4bf6440494f1ab9ff0b1037f21c0d88605325afb8fa054ee0764b797701469913797dd5fa3e969febe283e1a7fd6c9e68ea89b3dc27f77bb2b2467713efda5d8594d5afad9de9084005930c860f707a358054d46c3ef7adecf2f939a3859dd8c3057c0132bc3d9183de053c1f527910d2e3ba060ad4b4456bb8542b380d19d0f8895eb6298f8a953a2cc73de9993a3ebcf478095a2cb9e6d2832d3214d5a1284c367febde5f6fdd3324205aef87252fd6c40fbd64cb17ecb0a67e820a2feebeb8bc2052166152d95143e11d637a439f6a22406dddf1e48bcce339d482803e607bd0ca14056dce74a5eba4912112bd02645f873302114dc58544a97bd40485fe320334d0f3946244d53f3f5e6070f2c9e967f3f69377fe650e2b6f81c78d75281cd2539ef114b6096b9793e0f4d1f7106c84838965fd06e765c6633fa229d437fe7249b6f923350feaa3a74ef87c186214e0c4fa54a6e12d483928bb19ef33772295fb42c74ef89f81ee559390d422b7c82bd1d520eddb6dc662e26386ce4ff6661f14f8a8a15e59778d3b61d16477a0cac416f917ce19b162e69b4ac1b323b55781112bb4bceae9fd36a1de00455aeee91dfc4f9a37a1b7c7ab9fc31dfc7c944f8d58fc8cd00c92294d7e5ed9fafddaa44a24f9eee7b7c89fe6c0a45185ee8899f8f508c17689da33e8da4fd54729dd72c3d92677397317a4ac9127ee825e0b45fe616947100d57959e1932ffcf69407a76f0dd037fe1e0c6443ab1557bc31ec5f91017bdb7b6b6d6c6beaf758c174b91f63859081ac7b050e330bb6556286bc8fb9136bce02bf7dfd1cd1c470d2de7dbc5301001c0a862b83b401a2d0807fd1179211e497f60d03858711ac7176793da5835b44cdc8de915dd57dca4d77d46313601dc03b78db7505a448a50f35ca8d0efd2f110901d010bcdf45f41abb1fd459073b48700d659c6f5e3214a422d5945ac658d6aac5ad7ece67045639e1e2de4552f3f0bd7d93585dce7bf15871d4f78098353c13125785a7d68b66be3cbf653f2f04e89698ce1f56724aa4d9bb4ab8d11f25f257b5d5c5d511aef15867f6613e2afb785d706a64bc50770bf03b224df55bbc6246f0ccdfe14101362de7e11fc9ac9073e66593334b761ae2ba91b2d411656fe09a23383aa109b412fb3ec832c6c1a4dc6c69f7dac058451de22688ccb403ea3580ab5b14c794d9120ccfb6feb10a633b474157d91f789a09b1fc1f155156fc48647d47efb97da48a84c4f84762de736c8f2e5f980a9be4cbe9be7d9cab4bf67c90a9ee38db399f6b4353b4b1b2a96cc24459ff7a4a31cfccb5a1dc6ee0a9ac86b782e1e92efb10d107db95fef40ff3ccc534bdcb6327a01299655d649c62a401ce7359fa878307e7d657d736e9cf22bf52f8aacf585df3a1ad39496ba7aec081c932affc880a1e65d61511c3c9e3db70c00554a930f3f1b3470655884003249ef379ede51eb88157d3b9801a2384238a630f1361b7c62ea0e60b9125c1194a7fef62ee919f55bc3341a21b526461f1864838c676c7460708849815f570582817739de341a3d3d72e42c3dae8b2cb98"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000040)={{r6, 0x5, 0x2de, 0x3, 0x9, 0x2, 0x3f, 0x7, 0xffffffff, 0x9, 0x2, 0x4, 0x37, 0x7, 0x100}, 0x28, [0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f000005bec0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000005c0c0)={0x2, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6, r134}], 0x2, "148e35230fb80d"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 1095.215431][T20428] hub 9-0:1.0: USB hub found [ 1095.226880][T20428] hub 9-0:1.0: 8 ports detected [ 1095.373470][T20428] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1095.421196][ T8569] Bluetooth: hci6: command 0xfc11 tx timeout [ 1095.421326][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1095.581068][ T8595] Bluetooth: hci10: command 0xfc11 tx timeout [ 1095.587171][T13880] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:07:31 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10010, 0xffffffffffffffff, 0x0) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x101, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x8) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$TCSBRKP(r2, 0x5425, 0x40) [ 1095.683083][T20445] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1095.706235][T15936] Bluetooth: hci6: Frame reassembly failed (-84) [ 1095.741197][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1096.274324][T10271] Bluetooth: hci11: sending frame failed (-49) [ 1097.420888][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 1097.421069][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:07:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000080)=""/121, 0x79}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/159, 0x9f}, {&(0x7f0000001240)=""/149, 0x95}], 0x4, 0x5, 0xffffff09) r2 = syz_open_dev$evdev(0x0, 0x3, 0x2000) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f000005d100)={{0x0, 0x9, 0x0, 0x101}}) r5 = syz_open_dev$usbfs(&(0x7f0000000180), 0x77, 0x1) ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect={0x0, 0x5517, 0x48000000}) ioctl$USBDEVFS_IOCTL(r5, 0x8108551b, &(0x7f0000000380)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f000005a700)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f000005f100)={0x4, [{}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {0x0}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {0x0}, {}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0}, {0x0}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {r4, r7}], 0x0, "b67d5166ab9c79"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004d100)={0xfffffffffffffff9, [{}, {0x0, r48}, {}, {0x0, r127}, {}, {}, {}, {0x0, r103}, {}, {0x0, r29}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {0x0, r7}, {}, {}, {}, {r102, r71}, {r43}, {r10}, {r80}, {0x0, r115}, {0x0, r93}, {0x0, r96}, {}, {}, {0x0, r86}, {0x0, r23}, {}, {}, {0x0, r76}, {}, {}, {r128, r35}, {}, {}, {}, {r24, r57}, {0x0, r122}, {}, {}, {}, {r67}, {}, {r62}, {0x0, r132}, {0x0, r118}, {0x0, r21}, {0x0, r36}, {}, {r81}, {0x0, r115}, {r114, r129}, {0x0, r92}, {}, {}, {}, {}, {}, {}, {}, {}, {r19}, {}, {}, {r60}, {0x0, r11}, {}, {0x0, r97}, {}, {r15, r88}, {r124}, {}, {}, {0x0, r105}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r22}, {r50, r120}, {}, {r32, r51}, {r66}, {}, {0x0, r117}, {}, {r49}, {}, {0x0, r45}, {r44, r107}, {}, {r52, r25}, {0x0, r18}, {}, {}, {}, {0x0, r59}, {r133}, {r68, r9}, {}, {}, {r109}, {r91}, {}, {}, {0x0, r14}, {}, {0x0, r33}, {r22}, {0x0, r84}, {}, {r99, r12}, {0x0, r100}, {0x0, r37}, {0x0, r72}, {r74}, {r38}, {}, {}, {}, {r94}, {}, {r98}, {}, {}, {}, {r53}, {r8}, {}, {}, {}, {r55}, {0x0, r17}, {}, {r85}, {r63, r47}, {r125}, {0x0, r56}, {0x0, r123}, {}, {}, {r49}, {0x0, r111}, {0x0, r18}, {r108}, {r89}, {}, {}, {0x0, r73}, {}, {}, {}, {0x0, r79}, {0x0, r39}, {}, {0x0, r29}, {r28}, {0x0, r110}, {r67}, {}, {}, {}, {r40}, {}, {r46, r16}, {}, {}, {0x0, r54}, {0x0, r75}, {r70}, {0x0, r13}, {r27, r14}, {}, {0x0, r61}, {0x0, r20}, {}, {r106}, {r83, r65}, {}, {r95, r116}, {r34, r59}, {r90}, {}, {}, {}, {r112}, {0x0, r130}, {}, {}, {}, {0x0, r117}, {r26}, {}, {r119}, {r41}, {r69}, {}, {r77}, {}, {}, {}, {}, {}, {0x0, r30}, {}, {r121}, {}, {r19}, {}, {}, {r85}, {}, {r87, r101}, {}, {}, {}, {r64}, {}, {0x0, r78}, {}, {}, {}, {0x0, r47}, {0x0, r126}, {r6, r115}, {}, {}, {0x0, r131}, {r31, r82}, {0x0, r104}, {}, {}, {}, {0x0, r23}, {}, {}, {0x0, r113}, {}, {0x0, r42}, {r58}], 0x8, "3c1d4c65c79995"}) ioctl$BTRFS_IOC_TREE_SEARCH(r2, 0xd0009411, &(0x7f0000001740)={{r6, 0x0, 0x6965, 0x3ff, 0x1, 0x2, 0x1, 0x9, 0x80000001, 0x0, 0xa3, 0x6, 0x0, 0x0, 0x7f}}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000180)={0x0, r6, "8e2713efd389b286e5593727f2f9e543618db2868ec67ebafed03a15cdd3da939d40cadbcce8d4d82f468357f36b463e814ac914dae8dcdee975dd0825a3bc8ccb5eec58753cfa9119b7595048d61c579e7e1f1ec5611d20b70bc75b29b741a79183f1d6e74f5868e5dd561dfc5c5c5eb98091d0b35d33b91c753476217d62462f177853aecf5983b00a62255ce32d1aaf3ddd52016f6dce15edbdc3cbc71169d29442f93fa77a0fd6e26dc0dd97323d3ef55eb94e8b56a5981f62935173c74b9027adb9328b4cb783c86865b5e1c41b3b59d7a0fd6485b199c5a6393daed292df07c793f56ad1ac700705c5ba94995c3d7a41613021037bc12e657e5d13204e", "48e560cf24238942dfa82b43efd443d8bbab3fe49ae110c7f908db1e85391c078c8f358ad6e9bddcd1c58c460d1a1e5a204eff5a0e958642ff7d788b9677c174e051f666e2b7bbe574f711446e4a29563a57717a2407f0ce0e0070a97b9a930f93ca659b1c856089000d242d4bb74af6697868e992286ba272a4e78b434f0594fc647173c68a61d190e8a0bbf05afe6e502985c1ad45c972a9d5dd36173c54a8120b8ff6ac02eec6457f838905d30049f8bcc2283c45a51a55426bd96322a728164eb3649eb74354da2abb19ed8c798a9c6983e067d46a35a191996ac5eae93aa6a120c81072861414ae0f3f12457bf2f83b2d8263665c53e374d86b885d443d42ebee9e2e2bc7194a98b986f24b850f3f100918a3ae1cdd0295a0175c84ffb3543ad2b20986a3b541b90abd56753a5735107f8a0fcc7112a5891ac37e2b46e7dd2fe86bb78fcb90911f125525685edfd9b10371059977323bfd4ccbd2955e192ac309f7607d3e17c107e5b40a084d199e59492099ecbf7657d3e7b8ca8b8126c2514c4019d9abc296deea260d8e181a6ee440505c3b686af733a52c864e4656e38c2316db649f1aba80f134d5965b726d7329b0adb7c94af0fcc12a1b89c4d63148142b0e1a9cc317b29ec992e4b378dc73816d8014ecb975578c01480505cd386cc2069171378f9284bfb41a02c73b3b160fefdefe2f49dfdcbf7912a68874329fb53c5946d31d307ba615aa7ebcfd8cce4294364d8e5a6abd5f051719f93e42cb5dc09b6b178192e359bc53b55c9fb0b8c0834bcf2dddf3f08b9c9c5e3cce4da0e12cfa17d137cc39227600f96da717ff33642ce5f54aeda53f601645cda7c43a8127948edb56da66403b9f166d19c46aa8a3d97145381f9c266aee270fd9a8d4e41f0957c8903ce419f5d2e9e6a274c1ac5bd59f1bab3f0f6a819ece02f96c654b23071820dd6108781377b0a581ad5407471ecb33ad1a2b296ccf68a6ef3dd30e45350e41ca57152a0de2657f2d4e9931a75379bc0f67ff3de2189878b0dc4de747f8e2e57ca116127c5b477355f6be2d6f4c5ae3e0656fbad7f06eabd947cb0cbbf1ccc475c96366c54c12f08131f4c8f282fe60285f9c540a3752a6d24c4032e04c79a2688526d74d9190a396a8c5abc49406a1b8132c4d1fa63cf00341d181d1f5d2e4428b03309de2185134097a234593576ab4aba4a5abd44536b093069d618ff4fe3fe2a72b31ac9c540db8ce5224d6b06cddec7b7e9dc09fcac254971db1297d2686f12a597cdf287e45e9285ef4eb7b696e1a56a7982118d0c4d25d2d64eba130adca51648fe9fdaddbaa6fd650bc7f4a5cdaadd34ba9d5c9d045b64c67c55de2f4b500df34751c81444886f4a832f584989d3fcdf499648c427f9bd94b80ff3b53ed52254a7031b2e7941c9d4483604cdcaf464399cba29d57e11ad508d4eb759e6056a48f6d4ce1184d707bb973bb17b5728b8e814e11e821c9451fd60c1fc178dbfe65e7eeebca8346cdadb3f5383218c011272052965edc026acc3c36cc95333dd3e067226e782c1951c15fcf251cc41e4b7c42446b8d83d4bfb77c8b66749b2f52ba4f299042c37ed59bd4af1e4e69fd41ac424ba5db96d8158eee90ed32fec14638d2531d3f7b7a151a6981575a1a767dc7f6db1cf6cce6cb55580bbdb236a83ccca8918ec0e8c405c15a49e0eb1d5209b27ad4b7a472162b966adf98d625c31be9736116ef8e3aed5926d80a950290db6bce5b84f52a182da6fefffa85c17db634a0de800701042cf7afeb9caa7a6257d3c418722b1e4ce040a55ca33daee4285abb4970234babe862f3d4079990ca8ac373f8133b1eec5cb6b0c8b4856fca9c9870e7ce3e37bafbed734fc82e297718e07e7f679ba6d02e15a595dbb5d42ed38e8367c5eb559b30da18971aacfaa3f8aad1d6cd47bff7250cb32c949ae6278410c95434ecbe789cb1397bec8fd337845df2a1d0638e04b1b6e74e5186d48fd48f3dd3ef3c835c83da23f431a5462b0f65de0e4320814dfbe60f3b6599e61da61baa0e2c5100460910e8b076725edb4ee7a1edc83e54ef6267514e481fcdc57e3b5e1729c55c4069506c1a4b76c2a141b8a9132cd94425589f83a3ff91872cea584af6dacadf537721927969699f17244e55b9af45d95e3190e2501b4974ccc7e6bdc1c64ed58d2230fc24a7ff185cb873039113406802f84f2750b7fc4e90aabf38907a5883a4e004e8a54d4d23ae989132d57311bed394466d728a1c1c7b9d6350b0324e30c36e729906e2b7651b726c5925051ccc707039ae040cb80d514887181db7e6953072df806e43490d71b5065fda3d55b5039872bd593c646ad29d6c4bdd6c53aa5cb164ac20806946e5b7f4e1d432cc3eed28c011ef8a65e3190c77874c876f39d20e5bb5355729b83199e95f159bb025bffd869b4f2412a2b0959e10312f8bbd2a8a36166f9cb21c0f71c18604f2c09e72cf57e05a4c4a3708d9140bc652a7535a3fc120dbfe190804f3e03367eda6b0aaa9cf2d4f2c9f12dce4ccdfe47a9709df208bdac33c399c7d7e41bb7565396401248c0f94faccc234452cd51a80a17b555c1e2831e6b98d29fc781bbc86a471b04ade04e32b0ecbd9e3386fb2dc7415eacb4432091c057e734f617cc3db509b100313cf3c44909c8d752db6ca4850c8b5d2630db69d9d829814bb802b58d6d2f2e622a735f4b314a90a26ed2d197510b0f10bc2868765dc83b21cebb3791224d87257fa87d555981a743a5ba7bf88676ec840572b9c8509dbc4dd4d549446665edfc18749d03e503d41633e93015929c270370188dff84a270d8840e194be8f6ee0718467f67142f19eaf957540751c224cf24c12009375476db7234fe7d4f44f404ffc8575e437ae209dee60b8eeecb9ba9180a3c28a7a60c385b9a722ce866b4671da22e209fe1ab9dd58e43ac27acd5191a75b0abd6d04edef3f01f3c5c7d3f5e0c127c36de67781476ff68765f8e8d2dd586d4ccb26ef2839f11ef7b6d2477bad954d5290d1465a0d224211b1debd40ff38763c5dec540078bfc90ab053c005f9b4c4b2ec2d2c584d4cfa84dc7bb3f6cec7f4831762ac3a3cfb603ed749a5f75e7d4da2a3e179e603cd1e02a9d6924a0b5edc3e3a710a86ce5f61c48cf8d7a7764564e3a9d65163dcfa053a2a76d83e5f30cb93ddaf0543a03d7ce9b75dc1352d903dec49cae8935966ac343e1a41d38d9205d03d56f9e58084c7417f6344e25de2d678e3ac82bef404aabe20a603aaf68554af2d16d1987fb38910deadea3f56e1a4b5653b0ffed4b7e933dff810a25ce176d5ff1870dc3fe14ba4d934492532ebf4a542c54718f9b692a9461f069515bbc041cb72da58b5ae5c9c3710a1b8ff2c840d5ea70abc081d6cb60096f3d35570d186ef0e50871582887b76b2024a50943343ff913281d6933f6b8606afdf2d2b9a7e3f1629a5730ad29ef58dc591fbb1f3024ef145e5aaeed7d554c214e929689a52211731da62c6a86e9db9d9a61a48a36cdbc7e7383d98a8b28c41ca3bb52ce3016642eb0de30853dc0d1c5dfbe595257ea786b92b30ce56f2fa684ecdf7b418a3c8cd7d047f0ddfbf58178d99cd14675b6957cb344127434fa8ed2b8539897e5b81be705f0c4999f0257f85c532405593ff6b5834d613b5e339a01e2141dec09d008c49983eb64ca7c34ed98227c4d7e717f0b72071b522c0c1fb813c7144eb871b8933ff3b489d669e966056929b30a4787992784615674a89f0cb3338a3ef0e87bf6b9075b0403a3d6cdc65ad7753da8509c72de0f9bd4bf6440494f1ab9ff0b1037f21c0d88605325afb8fa054ee0764b797701469913797dd5fa3e969febe283e1a7fd6c9e68ea89b3dc27f77bb2b2467713efda5d8594d5afad9de9084005930c860f707a358054d46c3ef7adecf2f939a3859dd8c3057c0132bc3d9183de053c1f527910d2e3ba060ad4b4456bb8542b380d19d0f8895eb6298f8a953a2cc73de9993a3ebcf478095a2cb9e6d2832d3214d5a1284c367febde5f6fdd3324205aef87252fd6c40fbd64cb17ecb0a67e820a2feebeb8bc2052166152d95143e11d637a439f6a22406dddf1e48bcce339d482803e607bd0ca14056dce74a5eba4912112bd02645f873302114dc58544a97bd40485fe320334d0f3946244d53f3f5e6070f2c9e967f3f69377fe650e2b6f81c78d75281cd2539ef114b6096b9793e0f4d1f7106c84838965fd06e765c6633fa229d437fe7249b6f923350feaa3a74ef87c186214e0c4fa54a6e12d483928bb19ef33772295fb42c74ef89f81ee559390d422b7c82bd1d520eddb6dc662e26386ce4ff6661f14f8a8a15e59778d3b61d16477a0cac416f917ce19b162e69b4ac1b323b55781112bb4bceae9fd36a1de00455aeee91dfc4f9a37a1b7c7ab9fc31dfc7c944f8d58fc8cd00c92294d7e5ed9fafddaa44a24f9eee7b7c89fe6c0a45185ee8899f8f508c17689da33e8da4fd54729dd72c3d92677397317a4ac9127ee825e0b45fe616947100d57959e1932ffcf69407a76f0dd037fe1e0c6443ab1557bc31ec5f91017bdb7b6b6d6c6beaf758c174b91f63859081ac7b050e330bb6556286bc8fb9136bce02bf7dfd1cd1c470d2de7dbc5301001c0a862b83b401a2d0807fd1179211e497f60d03858711ac7176793da5835b44cdc8de915dd57dca4d77d46313601dc03b78db7505a448a50f35ca8d0efd2f110901d010bcdf45f41abb1fd459073b48700d659c6f5e3214a422d5945ac658d6aac5ad7ece67045639e1e2de4552f3f0bd7d93585dce7bf15871d4f78098353c13125785a7d68b66be3cbf653f2f04e89698ce1f56724aa4d9bb4ab8d11f25f257b5d5c5d511aef15867f6613e2afb785d706a64bc50770bf03b224df55bbc6246f0ccdfe14101362de7e11fc9ac9073e66593334b761ae2ba91b2d411656fe09a23383aa109b412fb3ec832c6c1a4dc6c69f7dac058451de22688ccb403ea3580ab5b14c794d9120ccfb6feb10a633b474157d91f789a09b1fc1f155156fc48647d47efb97da48a84c4f84762de736c8f2e5f980a9be4cbe9be7d9cab4bf67c90a9ee38db399f6b4353b4b1b2a96cc24459ff7a4a31cfccb5a1dc6ee0a9ac86b782e1e92efb10d107db95fef40ff3ccc534bdcb6327a01299655d649c62a401ce7359fa878307e7d657d736e9cf22bf52f8aacf585df3a1ad39496ba7aec081c932affc880a1e65d61511c3c9e3db70c00554a930f3f1b3470655884003249ef379ede51eb88157d3b9801a2384238a630f1361b7c62ea0e60b9125c1194a7fef62ee919f55bc3341a21b526461f1864838c676c7460708849815f570582817739de341a3d3d72e42c3dae8b2cb98"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000040)={{r6, 0x5, 0x2de, 0x3, 0x9, 0x2, 0x3f, 0x7, 0xffffffff, 0x9, 0x2, 0x4, 0x37, 0x7, 0x100}, 0x28, [0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f000005bec0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000005c0c0)={0x2, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6, r134}], 0x2, "148e35230fb80d"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) [ 1097.529643][T20468] hub 9-0:1.0: USB hub found [ 1097.536388][T20468] hub 9-0:1.0: 8 ports detected [ 1097.697080][T20468] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1097.740835][ T8569] Bluetooth: hci6: command 0xfc11 tx timeout [ 1097.750986][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:07:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x400000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1097.980924][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1098.057114][T20485] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:07:33 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000080)) [ 1098.304890][ T8569] Bluetooth: hci11: command 0xfc11 tx timeout [ 1098.311175][T10155] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1098.335169][ T1102] Bluetooth: hci8: Frame reassembly failed (-84) 08:07:34 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4800) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1098.475466][ T8] Bluetooth: hci10: Frame reassembly failed (-84) 08:07:34 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x8010661b, &(0x7f0000000080)) 08:07:34 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x111180, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) ioctl$BTRFS_IOC_SCRUB_CANCEL(r1, 0x941c, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/anycast6\x00') pipe(&(0x7f0000000080)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r3, 0x0, r4, 0x0, 0x4ffe6, 0x0) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0xbc, r5, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x400}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_NODEID={0xc}]}, @TIPC_NLA_NODE={0x4}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x713c}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3b7e}]}, @TIPC_NLA_NODE={0x4}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x40}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7f}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x880}, 0x20000004) syz_usb_connect(0x0, 0x0, 0x0, 0x0) fdatasync(r2) ioctl$EVIOCGPROP(r2, 0x80404509, &(0x7f0000000200)=""/251) 08:07:35 executing program 2: bind$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @private=0xa010100}}, 0x24) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1099.740603][ T8569] Bluetooth: hci9: command 0xfc11 tx timeout [ 1099.751017][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:07:35 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x48) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1099.841983][T20532] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1099.865970][ T158] Bluetooth: hci9: Frame reassembly failed (-84) [ 1100.140584][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1100.149682][ T8595] Bluetooth: hci6: command tx timeout [ 1100.381314][ T8569] Bluetooth: hci8: command 0x1003 tx timeout [ 1100.388867][ T6576] Bluetooth: hci8: sending frame failed (-49) [ 1100.540483][ T8595] Bluetooth: hci10: command 0xfc11 tx timeout [ 1100.540696][T10178] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1100.669009][T20544] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1100.693086][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 1101.020509][ T8569] Bluetooth: hci7: command 0x1003 tx timeout [ 1101.026660][ T6576] Bluetooth: hci7: sending frame failed (-49) [ 1101.580564][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1101.589774][ T8595] Bluetooth: hci11: command tx timeout [ 1101.900351][ T8595] Bluetooth: hci9: command 0xfc11 tx timeout [ 1101.900607][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:07:37 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10010, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1102.166940][T20560] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:07:38 executing program 0: bind$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @private=0xa010100}}, 0x24) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1102.470571][ T8569] Bluetooth: hci8: command 0x1001 tx timeout [ 1102.481008][T13880] Bluetooth: hci8: sending frame failed (-49) [ 1102.503564][ T1192] Bluetooth: hci11: Frame reassembly failed (-84) [ 1102.700307][T15599] Bluetooth: hci6: command 0xfc11 tx timeout [ 1102.700353][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:07:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1102.789797][T20579] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1102.815202][T15936] Bluetooth: hci6: Frame reassembly failed (-84) 08:07:38 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4c00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1103.100424][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1103.120907][ T8569] Bluetooth: hci7: command 0x1001 tx timeout [ 1103.127016][ T6576] Bluetooth: hci7: sending frame failed (-49) [ 1103.203267][ T1102] Bluetooth: hci10: Frame reassembly failed (-84) [ 1104.220434][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1104.540210][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1104.549416][T15599] Bluetooth: hci11: command tx timeout [ 1104.557002][T15599] Bluetooth: hci8: command 0x1009 tx timeout 08:07:40 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/74, 0x4a}, {&(0x7f0000000200)=""/122, 0x7a}, {&(0x7f0000000180)=""/20, 0x14}], 0x3, 0xd639, 0x8) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) preadv(r2, &(0x7f00000004c0)=[{0x0}, {&(0x7f0000000400)=""/172, 0xffffffffffffff7b}, {&(0x7f0000000380)=""/112, 0x70}], 0x3, 0x800, 0x3fffe) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) ioctl$KDADDIO(r1, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x0, 0xff, 0x7, 0x2f, 0x0, 0x9, 0x41, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x6, 0x2, @perf_bp={&(0x7f00000002c0), 0x3}, 0x8080, 0x2, 0x0, 0x8, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x4e99}, 0x0, 0x8, 0xffffffffffffffff, 0x2) [ 1104.870592][ T8595] Bluetooth: hci6: command 0xfc11 tx timeout [ 1104.876754][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:07:40 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1105.127751][T20606] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1105.167151][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 1105.180032][T15599] Bluetooth: hci7: command 0x1009 tx timeout [ 1105.270079][T15599] Bluetooth: hci10: command 0xfc11 tx timeout [ 1105.270077][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1105.398503][T20617] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1105.413499][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 1105.811390][ T8] Bluetooth: hci10: Frame reassembly failed (-84) [ 1107.179739][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1107.189076][ T8569] Bluetooth: hci6: command tx timeout [ 1107.419873][ T6576] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1107.819921][ T8458] Bluetooth: hci10: command 0xfc11 tx timeout [ 1107.829874][T13880] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:07:44 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000080)) 08:07:44 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x7) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) mq_getsetattr(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x4, 0x3, 0x8}, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0xd8, r1, 0x400, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "0cfbb256f6f77799dd0ca2a5d5aba55afe66266476e8a226"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "fbf29a096fdb4607fbed4277acc4f885bdc13f3d7315828a"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "965bc44e5bb477891c86afae4e3a00bc2f118e1020242317"}, @NL80211_ATTR_MNTR_FLAGS={0x10, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x18, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}], @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}, @NL80211_ATTR_4ADDR={0x5}]}, 0xd8}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:07:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1108.566080][T20645] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1108.594618][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) [ 1108.612160][ T7795] Bluetooth: hci8: Frame reassembly failed (-84) 08:07:44 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x801c581f, &(0x7f0000000080)) 08:07:44 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:07:44 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6800) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:07:44 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000000c0)=0x3f6) [ 1109.240388][T13880] Bluetooth: hci11: sending frame failed (-49) [ 1109.250605][T20662] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1109.262724][ T1102] Bluetooth: hci10: Frame reassembly failed (-84) [ 1110.619329][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1110.629631][ T8569] Bluetooth: hci8: command 0x1003 tx timeout [ 1110.644397][ T6576] Bluetooth: hci8: sending frame failed (-49) [ 1111.140436][T20689] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1111.163820][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 1111.259339][T13880] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1111.259387][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1111.289165][ T8595] Bluetooth: hci11: command 0x1003 tx timeout [ 1111.295384][T13880] Bluetooth: hci11: sending frame failed (-49) [ 1111.339215][ T8595] Bluetooth: hci9: command 0xfc11 tx timeout [ 1111.339471][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:07:47 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_open_pts(r0, 0x404500) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0) ioctl$KDSETMODE(r1, 0x4b3a, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x12) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) dup3(r2, r3, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:07:47 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x541e, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:07:47 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6c00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1111.912065][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 1111.956558][T20709] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1111.973580][ T8] Bluetooth: hci9: Frame reassembly failed (-84) [ 1112.699034][ T7] Bluetooth: hci8: command 0x1001 tx timeout [ 1112.705681][T10023] Bluetooth: hci8: sending frame failed (-49) 08:07:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1113.179461][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1113.187538][T15599] Bluetooth: hci6: command tx timeout [ 1113.257318][T20729] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1113.338995][ T8569] Bluetooth: hci11: command 0x1001 tx timeout [ 1113.345387][T10023] Bluetooth: hci11: sending frame failed (-49) [ 1113.978977][ T8518] Bluetooth: hci9: command 0xfc11 tx timeout [ 1113.979228][T13880] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1113.985264][ T150] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1113.995830][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 1114.060455][ T8569] Bluetooth: hci10: command 0xfc11 tx timeout [ 1114.066761][ T9202] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:07:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5413, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1114.572885][T20744] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1114.603624][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 1114.642287][ T8] Bluetooth: hci10: Frame reassembly failed (-84) [ 1114.788877][ T8569] Bluetooth: hci8: command 0x1009 tx timeout [ 1115.338778][ T8569] Bluetooth: hci6: command 0xfc11 tx timeout [ 1115.338887][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1115.420665][ T8595] Bluetooth: hci11: command 0x1009 tx timeout [ 1115.509325][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 1115.515671][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 [ 1115.859234][T20760] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1115.883762][T10023] Bluetooth: hci6: sending frame failed (-49) [ 1116.618723][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1116.618742][ T150] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1116.628100][T15599] Bluetooth: hci9: command 0xfc11 tx timeout [ 1116.702131][T13880] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1117.898479][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 1117.904743][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:07:54 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0085504, &(0x7f0000000080)) 08:07:54 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x5) dup(r0) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) r1 = signalfd(r0, &(0x7f0000000000)={[0x1000]}, 0x8) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x400180, 0x0) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f00000000c0)={0x9}, 0x1) 08:07:54 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7400) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1118.787691][T20786] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1118.844340][ T150] Bluetooth: hci8: sending frame failed (-49) 08:07:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x81f8943c, &(0x7f0000000080)) 08:07:55 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x540c, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:07:55 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1119.419871][T20806] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1119.438943][ T8] Bluetooth: hci10: Frame reassembly failed (-84) [ 1119.497940][T20815] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1119.531101][ T8] Bluetooth: hci9: Frame reassembly failed (-84) [ 1120.858222][ T8458] Bluetooth: hci8: command 0xfc11 tx timeout [ 1120.864524][T13880] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1120.874006][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1120.885118][ T8458] Bluetooth: hci7: command tx timeout [ 1120.899241][ T8458] Bluetooth: hci6: command 0x1003 tx timeout [ 1120.922250][ T6576] Bluetooth: hci6: sending frame failed (-49) [ 1121.404532][T13880] Bluetooth: hci7: sending frame failed (-49) [ 1121.498363][ T8518] Bluetooth: hci10: command 0xfc11 tx timeout [ 1121.508372][T10178] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:07:57 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) fstatfs(r0, &(0x7f0000000200)=""/64) syz_usb_connect(0x0, 0x0, 0x0, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@setneightbl={0x24, 0x43, 0x100, 0x70bd26, 0x25dfdbfe, {0xa}, [@NDTA_GC_INTERVAL={0xc}, @NDTA_PARMS={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008014}, 0x24028080) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'}) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) poll(&(0x7f0000000100)=[{r1, 0x8000}, {r2}, {r3, 0x2101}, {r4}], 0x4, 0x101) [ 1121.578297][T15599] Bluetooth: hci9: command 0x1003 tx timeout [ 1121.584483][T10178] Bluetooth: hci9: sending frame failed (-49) 08:07:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5409, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1122.058561][ T9202] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1122.058752][ T8518] Bluetooth: hci11: command 0xfc11 tx timeout 08:07:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x5000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1122.238503][T13880] Bluetooth: hci11: sending frame failed (-49) [ 1122.937837][ T7] Bluetooth: hci6: command 0x1001 tx timeout [ 1122.944664][T13880] Bluetooth: hci6: sending frame failed (-49) [ 1123.427853][ T7] Bluetooth: hci7: command 0xfc11 tx timeout [ 1123.434066][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:07:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7a00) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1123.525590][ T8] Bluetooth: hci7: Frame reassembly failed (-84) [ 1123.657912][ T8445] Bluetooth: hci9: command 0x1001 tx timeout [ 1123.664582][T13880] Bluetooth: hci9: sending frame failed (-49) [ 1123.737837][ T8458] Bluetooth: hci8: command 0xfc11 tx timeout [ 1123.737896][T10178] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1124.137660][ T8458] Bluetooth: hci10: command 0xfc11 tx timeout [ 1124.137892][ T9202] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:08:00 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0xffffe000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) syz_usb_connect$cdc_ncm(0x1, 0xa1, &(0x7f0000000180)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x8f, 0x2, 0x1, 0x8, 0x10, 0xe2, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, 'W'}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x5, 0x1, 0x6}, {0x6, 0x24, 0x1a, 0x3, 0x2c}, [@call_mgmt={0x5, 0x24, 0x1, 0x1}, @mdlm={0x15, 0x24, 0x12, 0x1}, @mbim_extended={0x8, 0x24, 0x1c, 0x20, 0x5, 0x3}, @acm={0x4, 0x24, 0x2, 0x7}, @mbim={0xc, 0x24, 0x1b, 0x2, 0x0, 0x0, 0xcf, 0x4800, 0x7f}]}, {{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x6, 0x9}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x40, 0x2, 0xfb, 0x7f}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x81, 0x38, 0x3}}}}}}}]}}, &(0x7f0000000540)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x110, 0x7, 0x3, 0x0, 0x40}, 0xfd, &(0x7f0000000240)={0x5, 0xf, 0xfd, 0x2, [@ss_container_id={0x14, 0x10, 0x4, 0x4, "4ad5341c80b3326d53e8dc762647c5f8"}, @generic={0xe4, 0x10, 0x4, "1d11d101739da942dc51c6d76aae53be934fc8b81d07754a2474b47f94e9902fc7a316c9e2587269bc4612c2ad14978739a2a08a796d17ba2668b18e02106a3267c11f54f994502243408819212472473b3bdffe9c0ecd92ec8663e402c332f665924ece545f88181bff06ca3fa9526c8418fa409148a6320620585c5f57cf09e273ba33878d6b0b03da217819bfbcf98cf8baae8a5ef5ed0ec751cc6c32eac7c541c1120c9724ee6958e31f3d752e721181c1d1132b6c114b0312c7ccf8a9d861c4f8933fd798c964f3c023a32b5233ee5ec42614e672497b4bdc51b26c553c3e"}]}, 0x6, [{0xc7, &(0x7f0000000340)=@string={0xc7, 0x3, "0eb5b691a05697d5a594fc91834587fa018682e2dd59fbeb217497bb5be25fa5596ec5eccc582b71dc3b9992984ad447ddb20412e00179eb3ab78010d741a5d4dd76293e0bb0c70950dc45a7878c8555b4419c038b47476bf3d381eefbe8dc67208e8809f648a5d16e586289bbf73cacf78a44dfb60e047ada8181bb36f4ceb51973f1864a1d7903ba752749f08c587aa10e1e05a26b37cb4127832a40cda68e115d8a4ad796a6b920481de35cf1ee61844601c8beebf2a49a6f6a7607fc802e624085e8f7"}}, {0x4, &(0x7f00000000c0)=@lang_id={0x4, 0x3, 0x406}}, {0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x426}}, {0x70, &(0x7f0000000440)=@string={0x70, 0x3, "7f2897148ad4caa3de10a916b2f7a157378141bdf7f421a99c5f8b66aa431ce127daf4ad9e26afd5092daa288c6195c645feb9aeeb372f25fbcc871fdb7e84f42f29c572d87516232d0f490dc295a1dd0bd47dba7cda6e123dd00216c6ce264d9482758593ee5bad013a58a5baa2"}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x3409}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x41b}}]}) [ 1124.298057][T10023] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1124.298129][ T8595] Bluetooth: hci11: command 0xfc11 tx timeout 08:08:00 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x400455c8, 0x0) (fail_nth: 1) [ 1124.739751][T20895] FAULT_INJECTION: forcing a failure. [ 1124.739751][T20895] name failslab, interval 1, probability 0, space 0, times 0 [ 1124.747648][ T8595] usb 3-1: new low-speed USB device number 2 using dummy_hcd [ 1124.757848][ T1102] Bluetooth: hci10: Frame reassembly failed (-84) [ 1124.766701][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) [ 1124.771157][T20895] CPU: 1 PID: 20895 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 1124.781880][T20895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1124.791957][T20895] Call Trace: [ 1124.795250][T20895] dump_stack_lvl+0xcd/0x134 [ 1124.799875][T20895] should_fail.cold+0x5/0xa [ 1124.804409][T20895] ? tomoyo_realpath_from_path+0xc3/0x620 [ 1124.810170][T20895] should_failslab+0x5/0x10 [ 1124.814695][T20895] __kmalloc+0x72/0x320 [ 1124.818889][T20895] tomoyo_realpath_from_path+0xc3/0x620 [ 1124.824466][T20895] ? tomoyo_profile+0x42/0x50 [ 1124.829186][T20895] tomoyo_path_number_perm+0x1d5/0x590 [ 1124.834666][T20895] ? tomoyo_path_number_perm+0x18d/0x590 [ 1124.840331][T20895] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 1124.846218][T20895] ? lock_downgrade+0x6e0/0x6e0 [ 1124.851114][T20895] ? __fget_files+0x23d/0x3e0 [ 1124.855825][T20895] security_file_ioctl+0x50/0xb0 [ 1124.860798][T20895] __x64_sys_ioctl+0xb3/0x200 [ 1124.865508][T20895] do_syscall_64+0x35/0xb0 [ 1124.869949][T20895] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1124.875879][T20895] RIP: 0033:0x7f7481ae8a39 [ 1124.880314][T20895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1124.899944][T20895] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1124.908384][T20895] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 1124.916379][T20895] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 1124.924374][T20895] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1124.932368][T20895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1124.940363][T20895] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 1124.961223][T20895] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1125.017650][ T8445] Bluetooth: hci6: command 0x1009 tx timeout [ 1125.391510][ T8595] usb 3-1: No LPM exit latency info found, disabling LPM. [ 1125.503467][ T8595] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1125.514550][ T8595] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 8 [ 1125.527074][ T8595] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 is Bulk; changing to Interrupt [ 1125.538116][ T8595] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 is Bulk; changing to Interrupt [ 1125.577561][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout [ 1125.577722][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1125.737724][T15599] Bluetooth: hci9: command 0x1009 tx timeout [ 1126.457621][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1126.457651][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 1126.777578][T15599] Bluetooth: hci10: command 0x1003 tx timeout [ 1126.783993][T10023] Bluetooth: hci10: sending frame failed (-49) [ 1127.017507][ T8518] Bluetooth: hci11: command 0xfc11 tx timeout [ 1127.027571][T10178] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1127.362879][ T8595] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1127.375110][ T8595] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1127.393250][ T8595] usb 3-1: Product: Ц [ 1127.400207][ T8595] usb 3-1: Manufacturer: І [ 1127.451388][ T8595] usb 3-1: can't set config #1, error -71 [ 1127.468504][ T8595] usb 3-1: USB disconnect, device number 2 [ 1128.857400][ T8458] Bluetooth: hci10: command 0x1001 tx timeout [ 1128.864213][T10178] Bluetooth: hci10: sending frame failed (-49) 08:08:04 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0096616, &(0x7f0000000080)) 08:08:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x8089) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:08:04 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1129.034961][T20932] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1129.072139][ T158] Bluetooth: hci7: Frame reassembly failed (-84) [ 1129.079312][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) 08:08:05 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000080)) 08:08:05 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x4ffe6, 0x0) ioctl$EVIOCGPROP(r1, 0x80404509, &(0x7f0000000180)=""/245) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r3 = mq_open(&(0x7f0000000280)='/dev/ptmx\x00', 0x2, 0x102, &(0x7f00000002c0)={0x3ffc000000, 0xffffffffffffffe0, 0x9916, 0x8f}) r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r4, 0x0) preadv(r4, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000500)=0x1) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000300)) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2000000, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf) fstatfs(r0, &(0x7f00000000c0)=""/96) [ 1129.673554][T20951] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1129.703469][ T1192] Bluetooth: hci11: Frame reassembly failed (-84) [ 1130.937298][ T8595] Bluetooth: hci10: command 0x1009 tx timeout [ 1131.097045][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1131.106232][ T8595] Bluetooth: hci7: command 0x1003 tx timeout [ 1131.107110][T10155] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1131.112647][T10023] Bluetooth: hci7: sending frame failed (-49) [ 1131.631626][T20968] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1131.737172][ T8595] Bluetooth: hci11: command 0xfc11 tx timeout [ 1131.743537][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1131.756473][ T8595] Bluetooth: hci9: command 0x1003 tx timeout [ 1131.763734][ T6576] Bluetooth: hci9: sending frame failed (-49) [ 1133.176701][T15599] Bluetooth: hci7: command 0x1001 tx timeout [ 1133.183505][T10155] Bluetooth: hci7: sending frame failed (-49) [ 1133.736653][ T8518] Bluetooth: hci8: command 0xfc11 tx timeout [ 1133.742944][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 1133.746788][T13880] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1133.752787][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:08:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x400000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:08:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1133.827691][T15599] Bluetooth: hci9: command 0x1001 tx timeout [ 1133.869548][T20990] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1133.878385][T10023] Bluetooth: hci9: sending frame failed (-49) [ 1133.905504][ T8] Bluetooth: hci6: Frame reassembly failed (-84) 08:08:10 executing program 2: sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x54, 0x0, 0x624, 0x70bd27, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}]}, 0x54}, 0x1, 0x0, 0x0, 0x40400c0}, 0x14) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1134.296529][ T7] Bluetooth: hci11: command 0xfc11 tx timeout [ 1134.296637][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1135.256396][ T7] Bluetooth: hci7: command 0x1009 tx timeout 08:08:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x400455c8, 0x0) (fail_nth: 2) [ 1135.440265][T21014] FAULT_INJECTION: forcing a failure. [ 1135.440265][T21014] name failslab, interval 1, probability 0, space 0, times 0 [ 1135.442323][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) [ 1135.475472][T21014] CPU: 1 PID: 21014 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 1135.484279][T21014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1135.494349][T21014] Call Trace: [ 1135.497643][T21014] dump_stack_lvl+0xcd/0x134 [ 1135.502260][T21014] should_fail.cold+0x5/0xa [ 1135.506789][T21014] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 1135.512187][T21014] should_failslab+0x5/0x10 [ 1135.516714][T21014] __kmalloc+0x72/0x320 [ 1135.520899][T21014] tomoyo_encode2.part.0+0xe9/0x3a0 [ 1135.526130][T21014] tomoyo_encode+0x28/0x50 [ 1135.530567][T21014] tomoyo_realpath_from_path+0x186/0x620 [ 1135.536230][T21014] tomoyo_path_number_perm+0x1d5/0x590 [ 1135.541707][T21014] ? tomoyo_path_number_perm+0x18d/0x590 [ 1135.547364][T21014] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 1135.553223][T21014] ? lock_downgrade+0x6e0/0x6e0 [ 1135.558116][T21014] ? __fget_files+0x23d/0x3e0 [ 1135.562817][T21014] security_file_ioctl+0x50/0xb0 [ 1135.567782][T21014] __x64_sys_ioctl+0xb3/0x200 [ 1135.572479][T21014] do_syscall_64+0x35/0xb0 [ 1135.576909][T21014] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1135.582823][T21014] RIP: 0033:0x7f7481ae8a39 [ 1135.587249][T21014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1135.606910][T21014] RSP: 002b:00007f747f05e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1135.615489][T21014] RAX: ffffffffffffffda RBX: 00007f7481bebf60 RCX: 00007f7481ae8a39 [ 1135.623450][T21014] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 1135.631437][T21014] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1135.639397][T21014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1135.647360][T21014] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 1135.662144][T21014] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1135.896523][ T8458] Bluetooth: hci9: command 0x1009 tx timeout [ 1135.976486][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 1135.976508][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1135.982544][T15599] Bluetooth: hci6: command 0xfc11 tx timeout [ 1135.982878][T13880] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1136.456751][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1136.457802][ T8458] Bluetooth: hci11: command 0xfc11 tx timeout [ 1136.513308][T21029] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1136.530096][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 1136.561813][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) 08:08:12 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1137.496367][ T7] Bluetooth: hci10: command 0x1003 tx timeout [ 1137.503263][T10271] Bluetooth: hci10: sending frame failed (-49) 08:08:13 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x902, 0x0) ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/ath3k', 0x40, 0x128) [ 1137.630763][ T1192] Bluetooth: hci11: Frame reassembly failed (-84) 08:08:14 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1138.536218][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1138.608864][T21055] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1138.616219][ T8569] Bluetooth: hci8: command 0xfc11 tx timeout [ 1138.623107][T13880] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:08:14 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0189372, &(0x7f0000000080)) 08:08:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x8000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1139.265568][ T6576] Bluetooth: hci7: sending frame failed (-49) [ 1139.575936][T15599] Bluetooth: hci10: command 0x1001 tx timeout [ 1139.583692][T10023] Bluetooth: hci10: sending frame failed (-49) [ 1139.656014][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1139.656094][ T8458] Bluetooth: hci11: command 0xfc11 tx timeout 08:08:15 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000080)) [ 1139.910896][T21085] debugfs: Directory 'hci9' with parent 'bluetooth' already present! 08:08:15 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = syz_open_dev$cec(&(0x7f0000000280), 0x0, 0x2) mmap(&(0x7f0000154000/0x3000)=nil, 0x3000, 0x2, 0x4000010, r1, 0xffffe000) ioctl$VT_DISALLOCATE(r0, 0x5608) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$KDDISABIO(r2, 0x4b37) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000000), &(0x7f0000000180)={0x0, 0xfb, 0xd1, 0x2, 0x9, "e9869095c19bd882b4eeecf794f7c43a", "850ed157e2e3d8287ea7b4f6a7abec85e168d73919fa2ed074bbde2f59729ff3ceffa43adf5b99f53861d17322662ea6d9640a1e4c087f671663225cb7735cebe3233f9c8001514fbcaea97f5f9e8a1277edcbbcd9604fa42546272292be48a5280315cc31c92b94f026a02e0edd620b1c4e157a707bdf9b5ded43bc010759d804e479a2e0b07a73b620b97056be283b398f4ac8fe39b967ba7403ca9b2d6032bc20047b0bba67b7f858a32ff0f40b8a1844f9fb8514c5a1b3bc6ec7"}, 0xd1, 0x2) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0), 0x80800, 0x0) ioctl$KDGETKEYCODE(r3, 0x4b4c, &(0x7f0000000100)={0x6068, 0x9}) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1140.705895][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:08:16 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1141.269964][T21106] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1141.336320][ T7] Bluetooth: hci8: command 0x1003 tx timeout [ 1141.342718][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout [ 1141.343157][T10023] Bluetooth: hci8: sending frame failed (-49) [ 1141.348881][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1141.655918][ T7] Bluetooth: hci10: command 0x1009 tx timeout [ 1141.886269][T10178] Bluetooth: hci7: sending frame failed (-49) [ 1141.986275][T15599] Bluetooth: hci9: command 0x1003 tx timeout [ 1141.992704][T10178] Bluetooth: hci9: sending frame failed (-49) [ 1142.295659][ T8458] Bluetooth: hci11: command 0xfc11 tx timeout [ 1142.295671][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:08:19 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x3f1942, 0x0) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000180)="c1f8d0531ad1b98b2dfb76e18a94ed2690120b929ac85d1a872443e1a4a6090159495be7848bce6bd6250e55706257b06251e95e4ceeb068fe9115782083c1e8ff1a8f48403fe3f6e863c53c029111f1d1b77ad99f4a81d472c025731347a080f30afd5a59bb098c9e31d0b57b0a7fce4415b7051f6c9ff3dc91ce70c408b72bbcaacb9d92cd39c1e22375148683c392a850c34d381a4d802dcd9790ba0d22cdf4a944ca4835aa1cd01205d8f9f5a62e1e49fd521306d99ab1e9549a9fdee8ae4abfd2e0a1f04cded3c830d3bf8111da6755fabe31dafdc49fa38205f1b0be886472cccaae9182df631cfc4578") syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1143.335647][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 1143.345631][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1143.407486][T21123] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1143.424335][ T8458] Bluetooth: hci8: command 0x1001 tx timeout [ 1143.430848][T13880] Bluetooth: hci8: sending frame failed (-49) [ 1143.451570][T10271] Bluetooth: hci6: sending frame failed (-49) 08:08:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1143.895614][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1143.902780][ T8569] Bluetooth: hci7: command 0xfc11 tx timeout 08:08:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1144.055736][T15599] Bluetooth: hci9: command 0x1001 tx timeout [ 1144.062504][T10178] Bluetooth: hci9: sending frame failed (-49) [ 1145.495613][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1145.505047][ T8595] Bluetooth: hci8: command 0x1009 tx timeout 08:08:21 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x400455c8, 0x0) (fail_nth: 3) [ 1145.659520][T21151] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1145.681164][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 1145.683000][T21151] FAULT_INJECTION: forcing a failure. [ 1145.683000][T21151] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 1145.712030][T21151] CPU: 1 PID: 21151 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 [ 1145.720854][T21151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1145.730930][T21151] Call Trace: [ 1145.734225][T21151] dump_stack_lvl+0xcd/0x134 [ 1145.738850][T21151] should_fail.cold+0x5/0xa [ 1145.743382][T21151] _copy_to_user+0x2c/0x150 [ 1145.747998][T21151] simple_read_from_buffer+0xcc/0x160 [ 1145.753456][T21151] proc_fail_nth_read+0x187/0x220 [ 1145.758607][T21151] ? proc_fault_inject_read+0x220/0x220 [ 1145.764196][T21151] ? security_file_permission+0xab/0xd0 [ 1145.769772][T21151] ? proc_fault_inject_read+0x220/0x220 [ 1145.775347][T21151] vfs_read+0x1b5/0x600 [ 1145.779595][T21151] ksys_read+0x12d/0x250 [ 1145.783860][T21151] ? vfs_write+0xae0/0xae0 [ 1145.788302][T21151] ? syscall_enter_from_user_mode+0x21/0x70 [ 1145.794230][T21151] do_syscall_64+0x35/0xb0 [ 1145.798674][T21151] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1145.804595][T21151] RIP: 0033:0x7f7481a9b5ec [ 1145.809026][T21151] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1145.828665][T21151] RSP: 002b:00007f747f05e170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1145.837082][T21151] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007f7481a9b5ec [ 1145.845054][T21151] RDX: 000000000000000f RSI: 00007f747f05e1e0 RDI: 0000000000000004 [ 1145.853028][T21151] RBP: 00007f747f05e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1145.860998][T21151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1145.869051][T21151] R13: 00007f748211fb2f R14: 00007f747f05e300 R15: 0000000000022000 [ 1145.975252][T15599] Bluetooth: hci7: command 0xfc11 tx timeout [ 1145.975369][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1146.055601][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1146.135706][ T8595] Bluetooth: hci9: command 0x1009 tx timeout 08:08:21 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x69a200, 0x0) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000001900)) [ 1146.520334][ T158] Bluetooth: hci10: Frame reassembly failed (-84) [ 1146.588590][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 1147.735085][ T8595] Bluetooth: hci6: command 0x1003 tx timeout [ 1147.742233][T10178] Bluetooth: hci6: sending frame failed (-49) [ 1148.294947][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 1148.295131][T10271] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:08:24 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1148.535190][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1148.615459][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:08:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x10000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1148.755920][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) [ 1148.762609][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) 08:08:25 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc018937d, &(0x7f0000000080)) 08:08:25 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x68502, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1149.559518][ T1192] Bluetooth: hci8: Frame reassembly failed (-84) [ 1149.590346][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 1149.821813][ T8595] Bluetooth: hci6: command 0x1001 tx timeout [ 1149.838681][T10178] Bluetooth: hci6: sending frame failed (-49) 08:08:25 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0085504, &(0x7f0000000080)) [ 1150.258804][T21222] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1150.299689][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 1150.704957][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1150.774985][ T8595] Bluetooth: hci10: command 0xfc11 tx timeout [ 1150.775041][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1151.243029][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 1151.574703][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 1151.581029][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1151.654934][T15599] Bluetooth: hci11: command 0x1003 tx timeout [ 1151.661212][ T6576] Bluetooth: hci11: sending frame failed (-49) [ 1151.894582][T15599] Bluetooth: hci6: command 0x1009 tx timeout 08:08:27 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x3, 0x0, 0x0, 0x0) [ 1152.178675][T10178] Bluetooth: hci8: sending frame failed (-49) [ 1152.375055][T15599] Bluetooth: hci9: command 0x1003 tx timeout [ 1152.381263][T10178] Bluetooth: hci9: sending frame failed (-49) 08:08:29 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x5000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1153.254579][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1153.263810][ T8458] Bluetooth: hci7: command tx timeout [ 1153.334895][T13880] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1153.344454][ T8569] Bluetooth: hci10: command tx timeout 08:08:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1d000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1153.744342][ T8569] Bluetooth: hci11: command 0x1001 tx timeout [ 1153.751305][T10178] Bluetooth: hci11: sending frame failed (-49) [ 1154.214439][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1154.223546][ T8569] Bluetooth: hci8: command tx timeout [ 1154.454797][ T8569] Bluetooth: hci9: command 0x1001 tx timeout [ 1154.461447][ T6576] Bluetooth: hci9: sending frame failed (-49) 08:08:30 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r1, 0x0) preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) mmap(&(0x7f0000693000/0x3000)=nil, 0x3000, 0x2000000, 0x11, r0, 0xe27bd000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x10) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1154.803575][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 1155.414265][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1155.414338][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 1155.494841][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1155.494998][ T8569] Bluetooth: hci10: command 0xfc11 tx timeout 08:08:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x400455c8, 0x0) [ 1155.814155][ T8569] Bluetooth: hci11: command 0x1009 tx timeout [ 1155.891369][T21291] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:08:31 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1156.026993][ T8] Bluetooth: hci7: Frame reassembly failed (-84) [ 1156.087821][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) [ 1156.534422][ T8595] Bluetooth: hci9: command 0x1009 tx timeout [ 1156.854253][ T6576] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1156.863439][ T8595] Bluetooth: hci8: command tx timeout 08:08:33 executing program 2: bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22, 0x7fff, @dev={0xfe, 0x80, '\x00', 0x28}, 0x5}, 0x1c) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x1b) mmap(&(0x7f00001a8000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCGETD(r1, 0x5424, &(0x7f00000000c0)) preadv(r1, &(0x7f0000000300)=[{&(0x7f0000000180)=""/191, 0xbf}, {&(0x7f0000000240)=""/189, 0xbd}], 0x2, 0x4, 0x80000000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000340)=0x8) 08:08:33 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x1e4541, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)=""/177, 0xb1}], 0x1, 0x9, 0x1000) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$TIOCGETD(r1, 0x5424, &(0x7f0000000000)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4b34, 0x8) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1157.974326][ T8458] Bluetooth: hci6: command 0x1003 tx timeout [ 1157.980537][ T6576] Bluetooth: hci6: sending frame failed (-49) [ 1158.054001][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1158.063384][ T8595] Bluetooth: hci7: command tx timeout 08:08:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1f000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1158.134038][T13880] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1158.674445][ T6576] Bluetooth: hci8: sending frame failed (-49) 08:08:35 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0189436, &(0x7f0000000080)) [ 1159.763394][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 1160.053747][T15599] Bluetooth: hci6: command 0x1001 tx timeout [ 1160.060558][ T6576] Bluetooth: hci6: sending frame failed (-49) [ 1160.213680][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1160.223100][T15599] Bluetooth: hci7: command tx timeout 08:08:36 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1160.704105][T10023] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1160.802373][T15936] Bluetooth: hci7: Frame reassembly failed (-84) 08:08:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc008561b, &(0x7f0000000080)) 08:08:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x20000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:08:36 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$KIOCSOUND(r0, 0x4b2f, 0xfffffffffffffff7) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000100)={0x0, 0x7, 0x3, 0x3, 0x1a, "834d63c5cb0a01c4ac1d6114f2aafe26917297"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) r2 = signalfd4(r0, &(0x7f0000000200)={[0x3ff]}, 0x8, 0x80800) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0x13) r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r3, 0x0) preadv(r3, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) ioctl$KDSETKEYCODE(r3, 0x4b4d, &(0x7f0000000180)={0x1, 0x7f}) ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f0000000280)={0xfffffbff, 0xfffffffa, 0x4}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf) [ 1161.060326][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 1161.082617][T21369] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1161.186657][T10178] Bluetooth: hci11: sending frame failed (-49) [ 1161.813647][ T8569] Bluetooth: hci10: command 0x1003 tx timeout [ 1161.820486][T10178] Bluetooth: hci10: sending frame failed (-49) [ 1162.133595][ T8569] Bluetooth: hci6: command 0x1009 tx timeout [ 1162.863499][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1162.872816][ T8569] Bluetooth: hci7: command tx timeout [ 1163.103424][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 1163.103552][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1163.173404][ T8569] Bluetooth: hci9: command 0x1003 tx timeout [ 1163.179742][ T150] Bluetooth: hci9: sending frame failed (-49) [ 1163.253472][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1163.254480][ T8569] Bluetooth: hci11: command 0xfc11 tx timeout [ 1163.407764][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 1163.645438][T10023] Bluetooth: hci8: sending frame failed (-49) [ 1163.903608][ T8595] Bluetooth: hci10: command 0x1001 tx timeout [ 1163.909881][T10023] Bluetooth: hci10: sending frame failed (-49) 08:08:40 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x81) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:08:40 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x2010, r0, 0x3a496000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) ioctl$VT_DISALLOCATE(r0, 0x5608) ioctl$TIOCGPTLCK(0xffffffffffffffff, 0x80045439, &(0x7f0000000000)) syz_usb_connect(0x2, 0x0, 0x0, 0x0) [ 1164.909245][T10178] Bluetooth: hci11: sending frame failed (-49) [ 1165.253351][ T8458] Bluetooth: hci9: command 0x1001 tx timeout [ 1165.261506][T10178] Bluetooth: hci9: sending frame failed (-49) [ 1165.423527][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1165.653106][ T8569] Bluetooth: hci8: command 0xfc11 tx timeout [ 1165.653213][ T150] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1165.973292][ T8569] Bluetooth: hci10: command 0x1009 tx timeout 08:08:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x2, 0x0) 08:08:41 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x8000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:08:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3f000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1166.170686][T21426] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1166.207099][T21325] Bluetooth: hci7: Frame reassembly failed (-84) [ 1166.230100][ T8] Bluetooth: hci8: Frame reassembly failed (-84) [ 1166.933155][T10023] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1166.935211][ T8595] Bluetooth: hci11: command tx timeout [ 1167.333131][ T8595] Bluetooth: hci9: command 0x1009 tx timeout 08:08:43 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = syz_open_dev$dmmidi(&(0x7f0000000000), 0x8, 0x400000) r2 = socket$rds(0x15, 0x5, 0x0) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00>\x00\x00Y\f\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="00000000c900"/28, @ANYRES32=r1, @ANYBLOB="00000000feffffffffffffff00"/28, @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00\b\x00'/28, @ANYRES32=r0, @ANYBLOB="00000000ce3400"/28, @ANYRES32=r0, @ANYBLOB='\x00'/28, @ANYRES32=r0, @ANYBLOB="00000000030000000000000000000000000000000000000000000000fd523c915afebbff1ddb4de74329388b6d99bc8b3810b90771d3f22661341fcd96d69d431f2e90e32bd9b23fb0bc8ae2203c13672f7b3f0c3cdfc4d5bb195d057994903f50a943a235a635e5049d60a0af85e372", @ANYRES32=r0, @ANYBLOB="000000000100"/28, @ANYRES32=r3, @ANYBLOB="000000009500"/28, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\a\x00'/28, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00u\x00'/28]) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001380)='/sys/module/virtio_pci_modern_dev', 0x0, 0xa4) ioctl$KDGKBTYPE(r4, 0x4b33, &(0x7f00000013c0)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1167.554123][ T1192] Bluetooth: hci11: Frame reassembly failed (-84) [ 1168.212890][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 1168.212948][ T150] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1168.218959][ T8518] Bluetooth: hci7: command 0xfc11 tx timeout [ 1168.222942][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1168.293066][ T8569] Bluetooth: hci8: command 0x1003 tx timeout [ 1168.299624][ T9202] Bluetooth: hci8: sending frame failed (-49) [ 1168.739233][T21458] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1168.773086][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 1169.572775][ T8569] Bluetooth: hci11: command 0xfc11 tx timeout [ 1169.579060][T10023] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:08:45 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc020660b, &(0x7f0000000080)) [ 1169.970354][T21325] Bluetooth: hci10: Frame reassembly failed (-84) 08:08:45 executing program 2: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='schedstat\x00') ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000000c0)={0x5, 0x8, 0x4, 0x9bab9c83e556b78f, 0x101, {r0, r1/1000+60000}, {0x1, 0x8, 0xab, 0x83, 0x5, 0x20, "5d59fa7e"}, 0x400, 0x0, @planes=&(0x7f0000000040)={0x4, 0xfffff001, @userptr=0xdc, 0x8}, 0x44, 0x0, r2}) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KDADDIO(r3, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1170.372675][ T8458] Bluetooth: hci8: command 0x1001 tx timeout [ 1170.379414][T10023] Bluetooth: hci8: sending frame failed (-49) 08:08:46 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) syz_io_uring_setup(0x4106, &(0x7f0000000200)={0x0, 0x0, 0x20, 0x2, 0x800000}, &(0x7f000079c000/0x4000)=nil, &(0x7f00003a3000/0x4000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x5, 0x0, &(0x7f0000000040)=""/18, 0x12}, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000000, 0x13, 0xffffffffffffffff, 0x10000000) syz_io_uring_submit(r1, r3, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0xffffffff, 0xc, 0x1, {0x0, 0x0, r0}}, 0x35) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000180)={0x0, 0x0, 0x80000001, 0x9, 0x15, "ef84631b0dcce683c633dd0bab15097a07fb96"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1170.763671][ T7795] Bluetooth: hci11: Frame reassembly failed (-84) [ 1170.772749][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 1170.779141][ T9202] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1170.852635][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:08:46 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc00caee0, &(0x7f0000000080)) 08:08:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:08:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x48000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1171.260498][T21504] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1171.293108][ T158] Bluetooth: hci6: Frame reassembly failed (-84) [ 1171.296035][T21325] Bluetooth: hci7: Frame reassembly failed (-84) [ 1171.323157][T21510] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1171.972402][ T8595] Bluetooth: hci10: command 0x1003 tx timeout [ 1171.978923][ T150] Bluetooth: hci10: sending frame failed (-49) [ 1172.456943][ T8595] Bluetooth: hci8: command 0x1009 tx timeout [ 1172.772346][ T8595] Bluetooth: hci11: command 0xfc11 tx timeout [ 1172.778578][T10023] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:08:49 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) ioctl$KDADDIO(r1, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)=0x12) syz_usb_connect(0x0, 0x0, 0x0, 0x0) ioctl$KDADDIO(r1, 0x4b34, 0x2) [ 1173.332535][ T7] Bluetooth: hci7: command 0xfc11 tx timeout [ 1173.338971][T10155] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1173.342453][ T8569] Bluetooth: hci6: command 0xfc11 tx timeout [ 1173.353114][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1173.419025][ T8445] Bluetooth: hci9: command 0x1003 tx timeout [ 1173.425318][T13880] Bluetooth: hci9: sending frame failed (-49) [ 1173.869922][T21535] debugfs: Directory 'hci6' with parent 'bluetooth' already present! 08:08:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4c000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1174.012846][T10023] Bluetooth: hci7: sending frame failed (-49) [ 1174.062491][ T8569] Bluetooth: hci10: command 0x1001 tx timeout [ 1174.069343][T10023] Bluetooth: hci10: sending frame failed (-49) [ 1175.492140][ T8595] Bluetooth: hci9: command 0x1001 tx timeout [ 1175.499277][T10023] Bluetooth: hci9: sending frame failed (-49) [ 1175.891965][ T7] Bluetooth: hci6: command 0xfc11 tx timeout [ 1175.892019][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1176.051924][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 1176.052109][T10155] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1176.132038][T15599] Bluetooth: hci10: command 0x1009 tx timeout 08:08:52 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x10, 0x0) 08:08:52 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x2) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x4ffe6, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x2) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:08:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x10000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1176.397580][T21560] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1176.421346][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 1176.440197][T21325] Bluetooth: hci8: Frame reassembly failed (-84) [ 1176.451365][ T8] Bluetooth: hci6: Frame reassembly failed (-84) [ 1176.598226][ T158] Bluetooth: hci11: Frame reassembly failed (-84) [ 1176.932694][ T1360] ieee802154 phy0 wpan0: encryption failed: -22 [ 1176.939037][ T1360] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.571792][ T8569] Bluetooth: hci9: command 0x1009 tx timeout [ 1178.451918][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1178.451918][ T8595] Bluetooth: hci8: command 0x1003 tx timeout [ 1178.465797][ T150] Bluetooth: hci8: sending frame failed (-49) [ 1178.472375][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 1178.477754][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1178.478415][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 1178.621817][ T8518] Bluetooth: hci11: command 0xfc11 tx timeout [ 1178.628099][T10023] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:08:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x63f9a6c6) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1178.713397][T21590] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1178.741437][ T158] Bluetooth: hci6: Frame reassembly failed (-84) 08:08:55 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0286405, &(0x7f0000000080)) 08:08:55 executing program 2: r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x5]}, 0x8) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000080)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0xfc}}, {0xa, 0x0, 0x0, @mcast1, 0xfec0}, r2}}, 0x48) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f00000000c0)=0x10001, r2, 0x0, 0x2, 0x4}}, 0x20) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1180.261895][T13880] Bluetooth: hci11: sending frame failed (-49) [ 1180.531597][ T7] Bluetooth: hci8: command 0x1001 tx timeout [ 1180.537987][T13880] Bluetooth: hci8: sending frame failed (-49) [ 1180.771573][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:08:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1d000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1181.011483][ T7] Bluetooth: hci7: command 0xfc11 tx timeout [ 1181.011519][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1181.098391][T21625] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1181.121723][T21325] Bluetooth: hci6: Frame reassembly failed (-84) [ 1181.311882][T13880] Bluetooth: hci7: sending frame failed (-49) 08:08:57 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0145608, &(0x7f0000000080)) [ 1181.497160][T21637] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1182.291322][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1182.302873][ T7] Bluetooth: hci11: command 0x1003 tx timeout [ 1182.310817][T10271] Bluetooth: hci11: sending frame failed (-49) [ 1182.621264][ T7] Bluetooth: hci8: command 0x1009 tx timeout 08:08:58 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$VT_DISALLOCATE(r0, 0x5608) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1183.171183][ T7] Bluetooth: hci6: command 0xfc11 tx timeout [ 1183.171276][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:08:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x68000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1183.341254][T10023] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1183.350257][ T7] Bluetooth: hci7: command tx timeout [ 1183.419673][T21663] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1183.581349][ T7] Bluetooth: hci9: command 0x1003 tx timeout [ 1183.587797][ T6576] Bluetooth: hci9: sending frame failed (-49) [ 1184.381159][ T8569] Bluetooth: hci11: command 0x1001 tx timeout [ 1184.389647][T13880] Bluetooth: hci11: sending frame failed (-49) [ 1184.931014][ T7] Bluetooth: hci10: command 0xfc11 tx timeout [ 1184.931242][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:09:01 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1185.491716][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1185.578331][T21684] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1185.651097][ T8569] Bluetooth: hci9: command 0x1001 tx timeout [ 1185.657280][T10271] Bluetooth: hci9: sending frame failed (-49) [ 1185.730949][ T8458] Bluetooth: hci7: command 0xfc11 tx timeout [ 1185.741925][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) 08:09:01 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1f000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1186.450948][ T1726] Bluetooth: hci11: command 0x1009 tx timeout 08:09:02 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x4c01, 0x0) [ 1186.618349][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 1187.650802][ T8595] Bluetooth: hci6: command 0xfc11 tx timeout [ 1187.650812][T10023] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1187.731250][ T8595] Bluetooth: hci9: command 0x1009 tx timeout [ 1187.890682][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 1187.890943][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1188.050779][ T8458] Bluetooth: hci10: command 0xfc11 tx timeout [ 1188.050914][T10271] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:09:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6c000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1188.136438][T21722] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1188.155806][T21325] Bluetooth: hci6: Frame reassembly failed (-84) [ 1188.187238][ T1192] Bluetooth: hci7: Frame reassembly failed (-84) [ 1188.435553][T15936] Bluetooth: hci10: Frame reassembly failed (-84) [ 1188.700652][ T7] Bluetooth: hci8: command 0x1003 tx timeout [ 1188.707214][T13880] Bluetooth: hci8: sending frame failed (-49) [ 1190.210576][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 1190.210751][ T6576] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1190.216862][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1190.226190][ T7] Bluetooth: hci6: command 0xfc11 tx timeout 08:09:06 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$PIO_FONTX(r0, 0x4b6c, &(0x7f0000000000)={0x38, 0x19, &(0x7f0000000180)="03b8506889b882dc4d112274a49804e8680c30f86d1537cf23b46c761c9bd80ef64c68fcfb165a9f6f31673df2cdb9c44a7bdc82576e3f768879212c9e9086b0d9ddb4fd1e307794690f4c5fa0a9159eb8b35a0aa2940bf159c0b74ec29c0a4cbd227f39c6854fd64565413131b92099be10c0f78ded61275da1ca1bed03012776fce0756e95c5771b3dd4d9e223186ff9a0cbca49bb1686ca94d0a9fa4f37d615f9e68352e5a3dd38185bf0bba3381ab291334b962658f06d623d2086fc65d709914c2099b259303605b80c8bc0e79fc0ce90e2736217b006649a37077a1581731c9b7f5698cec94a5c246608d88d04fd78b31234daf7cd416e267d1dc82a856de6a4a7197721dc313450306bdf91c4c6381b79367a05dd4679795b52f2400b7619f94317328ab5c066352a8ea14f8e10a189e38619959ea19a3f26d04ea1a0adeb1c7dbf3515f7a33cce30b2eb0c3808a3bf45b14b7e457e96b9e4cc5a193d1f20c1c28df83041a21a6ec65881b92025167268de39a61c9ddfb99809cac216d423392331b2b5b06b00dba67f2dd06ed229c7bca128f8af0f7cf3b78524cd652f7fb929a7b63d128c3c1b1f5c332498a4f57e992a7dbd7c27060a2db0ed520dd8ce391ca88aa3acb4e738a74ee2ff53e5d23d7cf27654c874d9571d80414516e8a3f7fa3987b05c35b8655eb1c7659e15d27ff65ccf267956dd21c9e98a31cbbc4058aa18be73e0390483277b40efeda66c750ee62e059d9c498f106889f738b10191b28e7929ab944848131a83ca66dba45be580e40b7095dfa93909706cd809e62dca8facb5b408ae1dded172a357efef1f56bda0809aa1f4cc9806034d10f0590c49fd3427cc57a10a5e7dd042814950182fd7c4c753f50f918b613090b06d8d136e7f39d9164d041cab65c28f0d92b0a5919270293e298d2d793606dda94b8726e5ed19bd61bf5cdb93619ac286188a8a5bbdb2a797d3438adebb6780e2bb242e451f7a5402e268383be6d087101d98c6c60909b2004d7f0225aa5009764fc647ab11b7ed700649b2394099b03eb7b46e41b64f0e7af0066160aee99d7a98fc56d1dbffad5f91b2cddd6d21a4e45def8beed070afe04277240924e018f97ef28c0ec13f5e3ba355561bd15028b70741e30515a6292f102e7f508d30043d837624b17d4fae55ccba46b21197756a50bdf962a58679f6222f2b3aa6fcf8103e939739cedf7cb1cef124387897c714480cd243c402116d46d1fc5d51bddcb99b43942f62627a87ba2a39202db0bfa052f7719a8814d77ab08d2becfa07633df9ae2e65c6a767cc7af7bedf65433ee64d0bccd8306c5e3cf77840a8ee7ad8e2a6da4c1754edf44ab1420ae2607588a5f92d8d0d7ec697f1e19b004106a9e75b3457bcf778bfba1d01292582537abedc9f1682e9d40a67fdecf900385e0efee0"}) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1190.334638][T21741] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1190.360197][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) 08:09:06 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xd000943e, &(0x7f0000000080)) [ 1190.450634][ T8595] Bluetooth: hci10: command 0xfc11 tx timeout [ 1190.457036][T10023] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:09:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x20000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1190.562469][T21325] Bluetooth: hci7: Frame reassembly failed (-84) [ 1190.585577][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) [ 1190.770554][ T8595] Bluetooth: hci8: command 0x1001 tx timeout [ 1190.782895][ T6576] Bluetooth: hci8: sending frame failed (-49) 08:09:07 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc0189436, &(0x7f0000000080)) [ 1191.732580][T21773] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1191.755227][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 1192.370347][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 1192.380360][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1192.610293][ T8518] Bluetooth: hci10: command 0xfc11 tx timeout [ 1192.616569][T10178] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1192.635289][ T8518] Bluetooth: hci7: command 0x1003 tx timeout [ 1192.646102][T10178] Bluetooth: hci7: sending frame failed (-49) 08:09:08 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x74000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1192.850277][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1192.850281][ T8595] Bluetooth: hci11: command 0xfc11 tx timeout [ 1192.866348][ T8458] Bluetooth: hci8: command 0x1009 tx timeout 08:09:08 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000000)={0x0, 0x6, [0x1, 0x7, 0x3f, 0x800000000000000, 0x3, 0x1]}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) syz_open_pts(r0, 0x40801) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10010, r0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f0000000cc0)={0x1f, 0x0, 0x2, 0x2, 0xc55, 0x10}) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_usb_connect(0x0, 0x688, &(0x7f0000000180)={{0x12, 0x1, 0x200, 0x91, 0x9e, 0x9c, 0x10, 0x41e, 0x41e, 0xe273, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x676, 0x3, 0x8e, 0x1, 0x90, 0x2b, [{{0x9, 0x4, 0x24, 0x9, 0xf, 0x89, 0xd2, 0xe, 0x7f, [@cdc_ecm={{0x8, 0x24, 0x6, 0x0, 0x0, "8e00f0"}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0xfffffffd, 0x8, 0x7, 0x1}, [@ncm={0x6, 0x24, 0x1a, 0xd027, 0x749c88c72b2dc29}, @mbim_extended={0x8, 0x24, 0x1c, 0x4, 0x3f, 0x1}]}, @uac_as={[@format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x3f, 0x2, 0x0, 0x2, "c4b724"}]}], [{{0x9, 0x5, 0x5, 0x0, 0x20, 0x0, 0x9, 0x40, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xff}]}}, {{0x9, 0x5, 0x8, 0x0, 0x20, 0x8, 0x61}}, {{0x9, 0x5, 0x3, 0x10, 0x200, 0x1f, 0x2, 0x3}}, {{0x9, 0x5, 0x9, 0x10, 0x10, 0x7, 0x2, 0x4}}, {{0x9, 0x5, 0xb, 0x4, 0x10, 0xb9, 0x80, 0x4, [@generic={0x1d, 0x8, "ce022317b072f5840a58e576f5d5bb23d55ad17f3b52b08ae2d831"}, @generic={0x43, 0x24, "91a47033b91d84868b8046c3dfe09976d85530bec2863414a113ea9a55532bf6ea2d90c54ed636731f87636b468cb21ec0817f5347c01af8bc63102b691ee1f073"}]}}, {{0x9, 0x5, 0xf, 0xc, 0x430, 0x7, 0x6, 0x2}}, {{0x9, 0x5, 0x7, 0xc, 0x20, 0x4, 0x3f, 0x7f}}, {{0x9, 0x5, 0x8, 0x3, 0x200, 0x0, 0x8, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x3, 0x3ff}]}}, {{0x9, 0x5, 0xe, 0x0, 0x3ff, 0xc1, 0x9, 0x3, [@generic={0x7b, 0x23, "d99b3b1a6451c45c4d7ead45dca5e34ea6ac1f61d02b99035fa55da4ca16a8cad25fd984cb58582d3a18146f367f07e4103bdf9f9cd823ddf23010365f70062b1f642565a896b6412f181ca459c4be4b4ca3047df2b0d58aa5c5a7c5b9cbc86088d5c00bc7afbc1593014daac232b4ba296930779d347df4da"}]}}, {{0x9, 0x5, 0x2, 0x2, 0x20, 0x8, 0x8, 0x20, [@generic={0x98, 0xd, "1aa008aa4587de4d4d96b7d104187af780c86ae387083753d8f72f9204db9883127e2145d17669c8c7a486e92d661ddecfcc5377d6526ba1df6f39d967c387d2c026dc5fc3e90963d1c4b3897cc688a653ec2bb52c87a8cd3f343fa5f0c8fc3c1943dc6a2e00a5899235a011ee01db0ec004b793ff1ba7e125fe88a9d7855d0e61553f087e24d8335b137ae2993c1555cf9b39830622"}]}}, {{0x9, 0x5, 0x1, 0xc, 0x0, 0x9, 0x1, 0xfc, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x90, 0x7f}, @generic={0x75, 0x9, "7c524360060975f144838da572df4e32666dd8adf0bbf8e4f85dd473e4a37593b293520e8428c384e13e2c61aae151ae69bdc593c84005f9b4134818e384619af44f6a60809bb15ec121f0e508ee43c986c6beeb3e89036e32eb68783f5cf822bead8729833628bed377fa81ae50587b606489"}]}}, {{0x9, 0x5, 0xa, 0x4, 0x3ff, 0x84, 0x1f, 0x1, [@generic={0x4f, 0xd, "b4680443e74a0a4219568b74368dc6e828d63a4be6001ddaf68f29a7f1f5b7b1e98d062d1e705af87056b2bf12a698357a09c94f1f1381994ec8e8fb2ccea37beafd1d9e4725964d395955e617"}, @generic={0xd5, 0x4, "dccb93b3d717adc044d019bd7818d8371960ef750758a50ccacc9ebea4613ea9d74fb21ce4d261ce1f7e9ba215a95f561777a9b74d8d931cc1ea8ee5aa44137cbed1f778732dbe79c61156480503a610f9b660c910baf1db8459d8f0de9d4f29fa7c252b6b484a6d7355233e8fca20f783b030ef62dcbe81620c5a3398a251c9ee981d0ed91d7e1197092bf2a6ccf3c769bdb9abe294bb0b8058d3b543c0ed1abbe0c4fa0c8b27c4d238253c821a6c435542190688c4d89c5fbad734387b82642c1c81abe11e2ffa1fba2d0607a5069e5dd66f"}]}}, {{0x9, 0x5, 0x6, 0x0, 0x40, 0x4, 0x5, 0x40, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x0, 0x4}, @generic={0x64, 0xd, "86283ed9d532f640caf2dbe73b94fc15356a1b5677ccd96d183f9784c7a8626c20ee6308b41374fc772cdd72c7fc3614f015c7cc52a5f5b656f4f6ea55c0640bee8cbf8c4b81f3610674358ea9d36f164114d644927c59cf6153505ce84383815ed4"}]}}, {{0x9, 0x5, 0xd, 0x0, 0x200, 0x6, 0x84}}, {{0x9, 0x5, 0xd, 0x0, 0x200, 0x8, 0x3, 0x9b, [@generic={0xfa, 0x7, "70b639a45ae16a26414596bdeae9e5c31e2d2bc5e3f20a142d58908b320a88c8321791319d4012b34504e20add02721a3cdc565f206703e73a6eb8d63389f0bdc02085cf5fc84799f28293e029ab815eaef961facf718ca375f42289d5d2376e73d57b6afeab85f46ced7d3722184d1166af0f7edc40e7cdd277643cee0aec1b05e37ef9f8dd733808db79687512b823de127d639310f8c52c3aaff763e29390b1ca6f433cdbec423044aaa77c5bc786e3c28794523dd108e965c181305b122e93bdaa5591e8c142c56341e98f4c2a73a3fdd05587801b2d5ac1fe95b0590d8ca4103f7c3413fe0e13abad3d7781a16c1c2a83ea8af3d654"}]}}]}}, {{0x9, 0x4, 0xb5, 0xc, 0x2, 0x21, 0x37, 0x25, 0x8, [@hid_hid={0x9, 0x21, 0x82c, 0x7, 0x1, {0x22, 0xdc}}], [{{0x9, 0x5, 0xb, 0x10, 0x40, 0x40, 0xf1, 0x20, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x3f, 0x6}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x0, 0xed}]}}, {{0x9, 0x5, 0x4, 0x10, 0x40, 0x0, 0x2, 0x20, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x0, 0xdf4}]}}]}}, {{0x9, 0x4, 0x3e, 0x9, 0x2, 0xfc, 0xba, 0x1b, 0x7f, [@cdc_ecm={{0x6, 0x24, 0x6, 0x0, 0x0, '_'}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0x100, 0x0, 0x1ff, 0x4}, [@call_mgmt={0x5, 0x24, 0x1, 0x0, 0x5}, @ncm={0x6, 0x24, 0x1a, 0x4, 0x8a2b73b8f3c45d17}, @obex={0x5, 0x24, 0x15, 0x9}, @dmm={0x7, 0x24, 0x14, 0xfffa}]}, @hid_hid={0x9, 0x21, 0x6, 0x7f, 0x1, {0x22, 0x486}}], [{{0x9, 0x5, 0x7, 0x0, 0x100, 0x1, 0x9c, 0xde, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xff, 0x401}]}}, {{0x9, 0x5, 0x0, 0xc, 0x200, 0x6, 0x4c, 0x5, [@generic={0x2c, 0x22, "5c0f576ece767d202152c5cb4019870e772888d99191744a0f033acdbc2d9b5d70e31142f940a36a0cc6"}, @generic={0x65, 0x24, "d58342df7c43e39b70b22a524d7bb600506b9595094612eb30a8ba50e1a4b57d4c24598ff5e109882282d73bc0c1a18e45a41a05dec57a8ac9a54e5bf51955d2a54e8d41d1c06b3a2d0f7b8c14f38a24f13f327022c20712cabf0eba414959d272e3dd"}]}}]}}]}}]}}, &(0x7f0000000c40)={0xa, &(0x7f0000000100)={0xa, 0x6, 0xeeb5870474ca5d99, 0x6, 0x1, 0xcc, 0x7ddf28c10539a70a, 0xf8}, 0x43, &(0x7f0000000840)={0x5, 0xf, 0x43, 0x4, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x6, 0x40, 0x8, 0x8}, @ext_cap={0x7, 0x10, 0x2, 0x12, 0x3, 0xa, 0x2}, @generic={0x19, 0x10, 0x3, "d97b1710a02d2ee3745dbb4269f200b8f501a2dcb46f"}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "6a4c7cad1d56a302488861297f050b14"}]}, 0x8, [{0xb4, &(0x7f00000008c0)=@string={0xb4, 0x3, "b6c4ae23f74c2c7847c12681120a444a83ea7b605d9420f6ce6ea681b2cf209e255516a6d80a480c093f7ecf5d05079943642672b34cf6d9828eb5d6f86e2fc781d20c72809197195eab861f4c300043a02e5e44a931ad94e53baa0891b53b7b4c902c96c554b9b2ff320afb4b2d11e4a5f898bc2df1bb9932529305f269dc006d44f4cda0034159874e4fd46feb13b996aabdc11866b6d60f86de8aac630b22ab13248823fc6ce74aceb0f7393b5b285dec"}}, {0x50, &(0x7f0000000980)=@string={0x50, 0x3, "d05f06cfcc8cc124eca01926a57c04b71d32e03dc2e4d62163ddec5d278e804bb2b4ca62cdfe324897e299e9f3a3df9632b64bcc225fa1ba171b33745a232349bc4e96d5a6a0d0ef08a7cebf412d"}}, {0x86, &(0x7f0000000a00)=ANY=[@ANYBLOB="86e90a1ccf80a0380ef04d9928a649eb9e7b9f15c0f3e952560643631002f1304e3d3c1cffd2f17263f1952f2de6817195e3d11043a8140bd31021530e11bdd9eac488f57a637af6bdaaa42412ea35acefe1ee669b90139cb45359b19224e7aee451d03f11d8c726acf44b7d786a0a36fe238c99f12c37990628cfd37cef9349dfd76c98e3b8"]}, {0x4, &(0x7f0000000ac0)=@lang_id={0x4, 0x3, 0x500a}}, {0x4, &(0x7f0000000b00)=@lang_id={0x4, 0x3, 0x1c01}}, {0x70, &(0x7f0000000b40)=@string={0x70, 0x3, "254ad50bf0dac74fb84fad6f6b1dec6b22dec96c563f5a2eac0c88d7d8e5fa6c112c43006b38f1972b854afe3912e85b3464c6faadbb67117cfecbb508f810e6d8c09d35d834735a86c6afbbdfcf318486bb21d4f1db1804a8aeb919316ced95903cffd01b7f5e1ccd4d3752b582"}}, {0x33, &(0x7f0000000bc0)=@string={0x33, 0x3, "117faa32a7e3bd7b3202dfab4179e319433942747d927890d7048a7f84e9b7c0cc455b224ef5321da2aea5e22c31b8fc96"}}, {0x4, &(0x7f0000000c00)=@lang_id={0x4, 0x3, 0x809}}]}) close(r2) splice(r1, 0x0, r2, 0x0, 0x4ffe6, 0x0) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f00000000c0)={0x6}, 0x4) [ 1192.985615][T21789] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1193.007815][ T1192] Bluetooth: hci6: Frame reassembly failed (-84) [ 1193.145068][T13880] Bluetooth: hci11: sending frame failed (-49) [ 1193.420271][ T8569] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 1193.670265][ T8569] usb 3-1: Using ep0 maxpacket: 16 [ 1193.801825][ T8569] usb 3-1: config 142 has an invalid interface number: 36 but max is 2 [ 1193.810377][ T8569] usb 3-1: config 142 has an invalid interface number: 220 but max is 2 [ 1193.818842][ T8569] usb 3-1: config 142 has an invalid interface number: 181 but max is 2 [ 1193.828994][ T8569] usb 3-1: config 142 has an invalid interface number: 62 but max is 2 [ 1193.838132][ T8569] usb 3-1: config 142 has 4 interfaces, different from the descriptor's value: 3 [ 1193.848003][ T8569] usb 3-1: config 142 has no interface number 0 [ 1193.855718][ T8569] usb 3-1: config 142 has no interface number 1 [ 1193.863087][ T8569] usb 3-1: config 142 has no interface number 2 [ 1193.869359][ T8569] usb 3-1: config 142 has no interface number 3 [ 1193.877225][ T8569] usb 3-1: config 142 interface 36 altsetting 9 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 1193.889128][ T8569] usb 3-1: config 142 interface 36 altsetting 9 endpoint 0xF has invalid maxpacket 1072, setting to 64 [ 1193.901232][ T8569] usb 3-1: config 142 interface 36 altsetting 9 has a duplicate endpoint with address 0x8, skipping [ 1193.913320][ T8569] usb 3-1: config 142 interface 36 altsetting 9 endpoint 0xE has invalid maxpacket 1023, setting to 64 [ 1193.925226][ T8569] usb 3-1: config 142 interface 36 altsetting 9 bulk endpoint 0x2 has invalid maxpacket 32 [ 1193.936309][ T8569] usb 3-1: config 142 interface 36 altsetting 9 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1193.947198][ T8569] usb 3-1: config 142 interface 36 altsetting 9 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 1193.959527][ T8569] usb 3-1: config 142 interface 36 altsetting 9 has 12 endpoint descriptors, different from the interface descriptor's value: 15 [ 1193.974104][ T8569] usb 3-1: too many endpoints for config 142 interface 220 altsetting 203: 147, using maximum allowed: 30 [ 1193.986441][ T8569] usb 3-1: config 142 interface 220 altsetting 203 endpoint 0xD has invalid maxpacket 512, setting to 64 [ 1193.998511][ T8569] usb 3-1: config 142 interface 220 altsetting 203 has a duplicate endpoint with address 0xD, skipping [ 1194.010598][ T8569] usb 3-1: config 142 interface 220 altsetting 203 has 3 endpoint descriptors, different from the interface descriptor's value: 147 [ 1194.024991][ T8569] usb 3-1: config 142 interface 181 altsetting 12 has a duplicate endpoint with address 0xB, skipping [ 1194.036933][ T8569] usb 3-1: config 142 interface 62 altsetting 9 has a duplicate endpoint with address 0x7, skipping [ 1194.048675][ T8569] usb 3-1: config 142 interface 62 altsetting 9 has an invalid endpoint with address 0x0, skipping [ 1194.061454][ T8569] usb 3-1: config 142 interface 36 has no altsetting 0 [ 1194.068347][ T8569] usb 3-1: config 142 interface 220 has no altsetting 0 [ 1194.076965][ T8569] usb 3-1: config 142 interface 181 has no altsetting 0 [ 1194.085110][ T8569] usb 3-1: config 142 interface 62 has no altsetting 0 [ 1194.092912][ T8445] Bluetooth: hci9: command 0x1003 tx timeout [ 1194.099060][T13880] Bluetooth: hci9: sending frame failed (-49) [ 1194.450953][ T8569] usb 3-1: New USB device found, idVendor=041e, idProduct=041e, bcdDevice=e2.73 [ 1194.460269][ T8569] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1194.469194][ T8569] usb 3-1: Manufacturer: 忐켆賌Ⓛꃬ☙粥뜄㈝㷠⇖巬踧䮀뒲拊ﻍ䠲ꏳ雟똲챋弢몡ᬗ琳⍚䤣亼햖ꂦ꜈뿎ⵁ [ 1194.485186][ T8569] usb 3-1: SerialNumber: 倊 [ 1194.527736][T21802] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 1194.700077][ T8458] Bluetooth: hci7: command 0x1001 tx timeout [ 1194.707429][T13880] Bluetooth: hci7: sending frame failed (-49) [ 1195.020178][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 1195.026352][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1195.090332][ T8445] Bluetooth: hci10: command 0xfc11 tx timeout [ 1195.090505][T10178] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1195.170374][T10271] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1195.170898][T15599] Bluetooth: hci11: command 0xfc11 tx timeout 08:09:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3f000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1195.284784][T21824] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1195.307961][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 1195.323907][ T8569] usb 3-1: USB disconnect, device number 3 [ 1195.550680][ T6576] Bluetooth: hci10: sending frame failed (-49) [ 1196.140155][T15599] Bluetooth: hci9: command 0x1001 tx timeout [ 1196.147698][T13880] Bluetooth: hci9: sending frame failed (-49) 08:09:12 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5409, 0x0) [ 1196.769976][T15599] Bluetooth: hci7: command 0x1009 tx timeout [ 1196.866877][ T158] Bluetooth: hci8: Frame reassembly failed (-84) [ 1197.329794][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 1197.336311][T10271] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1197.569730][T15599] Bluetooth: hci10: command 0xfc11 tx timeout [ 1197.569873][T10178] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:09:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7a000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1197.648742][T21868] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1197.657270][T15599] Bluetooth: hci11: command 0xfc11 tx timeout [ 1197.663534][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:09:13 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000)) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000200)={"3375137e8d5dff61d14d3a4557049ab8", 0x0, 0x0, {0x200, 0x4}, {0x1c4c, 0x44}, 0x401, [0xe9, 0xfff, 0x0, 0x4, 0xe6, 0x0, 0x600000000000000, 0xaf, 0x5, 0x4, 0xffffffff80000000, 0x5, 0x98, 0x8, 0x8, 0xe91a]}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r3, 0x50009417, &(0x7f00000005c0)={{r4}, r5, 0x14, @unused=[0x7, 0x5, 0x100000000, 0x7], @name="0d81878ea5efe2f72ab6858dad67d7b58fa918acf4497fff23d1cee5957b6ea5feb8b18037b55a22306e89eb3ce0a587853c74b2312e201b31c057789297e8cbddd12b4c53d72a67074436c41c3ffcafdf1d47358562c9d907b9edb39538000c4ab2a1dd66ba27752ea0e1af7da5de4f992ffc3d27b398b2f834ad0b1afeb60d5c9b96902a00c16b387276a1b67cbf6d18c270c13939097cebe43e5d469217852df4ec13e382e2775e057a9e03c917a6c0cc270c3b0b1133645c3ab3af36636dac79f86e025a208fc349d124a33930ad9aed51bbf0f131934c269129ac229ae02f848061af5b9b0adf59ef85b90a459cebc235642f921a902fdf756a93fe96ed4ec0b65ce27a83657521766e287d3cd8e3eb24e12bb9f1d6eb7b9713d9389bcc9d6176c109d387b7347cd34224af37ff4b8b7b29899d764f8d0c383168bdcb1fcf4a986f457a910d08e820f76951adacf9c741a8b7594ffde8928c78845ef220917d4de43aa9294585b8764fab590be91b9423c9e895e3ad177fb588bfc506bd522804597dea6f99da4c70a460b5d9030939f3ac2440d456c5e76f07b8a691a6ee5ea01cd2cf3366ef1e79b690bca695138bf34de531bd28ce629f33873b1b6e2a953ffee5a2d0af340a2f61dac6981c3ef3575115ba8388d66c91d8adf90499da6fe7c0f7c8a73e507fefdb8dfa7251b20b48a3c0924f0b5a4ffae99a54fd5429a056e382bbc61499cca0f29314f1c6f7c3a5883832c7a93c485299e613003cf0b1e44bfbabfd674dd7bf09c651833de84f4e15758bb2cbd4918d4f64385f5e744021ed8f20f6be4edde2dc669ceb4cd7ea9aee2f1fdc50f92c36ef0f26a7bb2e8155e798995179b36e1f3adf5b1382c9a92a422eb9a94c16549e0bca1aff0aa1cd145b7e43b8141ca06bf268644c8bfac7da36889e05a15a32c4033c4880b7d4358547834fa7db9bfcac8c47b55571c33693267e9ca83a20ddd20fef91c8f048b4685a080ca7ecc8b0121cd8658bb59e26d366b27d54c9e3e2164a6090d4f5b8d4838151d625bbfa4d0d47556d661d5b4a3121f9004492238edd356da4809f459e1f2c26a209ad10d4edfdb3b2fbbd2051ac92ef94ee2a70d47f5029f7819e40ef31a7e359c28bf20d6df6d317c09a2a426cd53d2d3e498dde016b2b6132b3c268b1fd7010969225c416475aaad44a21aaa45180aab1269dc44875dafc8a3a0c8e477c68b3855271709b5e6d4bff8aa6526280a08a703df54b81f8727a27b1e4406a3315b670ddc8e997c3bb021a4b961df69df8f592452155d1d3af34831cd6923620b019ac0e8a7b292e54e9f57a7e16de3da1d34c8f6e277430ea39d6e7ee101bcdd0a7e12df3962d7e69fa7ae4846c7e51efebbabe6c7d38d1e2de23dedda280515022172f16548676ff3993de2fac81a8c2262deba36a54c6eee613557bfc6603f02c6734b19d456df1133a932b39ec045de3cbd80fb0087539ce2025535f4f9134c0432335a0365a16c214c0929840476266e299f783e51aefd8b09b0a1202639de46b8ec97db98e669eb2e4bf0a0b718fbf1bf1e120adb19c57fefdea788d270c46be4bf23eb7dc8accc381fdb2167faf305cc19ac30a81716d87f03b8b9e5e2c9df1bd14b554484af6b810003256e0bfc882456e5638fbfb1a608f8bb70a86beeeb3e123033137709b805b077080663f8c69a63bc06b3855fba423fbd4fd76d7f34d00fe8d62538cfebba091195249877af4f78191a2f79868051cb198c7fc94a7ffd75fd76fa1362f6a1da5b8d808ef56c37261db57c2bf80f06813b4f304f76902c8e74ff69b7b4457d78c0f23e5a09966881183ac34ffba0382489393f41104d0938921cde0dac583be4c26c6020f898927054bea96eaeab7cc941619911d8822dce605cb3b8856f50ce63b33fc64e2778f1da6b32732e73ef882de373113996d2cc5cf1d606398141e4f970a7cbbfb712f1f728ee1d40c6b03702e59fad972bb4fce07bade983208b232a860db8b6ae77f9c152080a97ca97a79b230c6f0555aa70a859e92a5d065823930088a306f1551a66b780c34fad68de94eece919c4dedb17d61fd88454864b765e559e014730424b8086d4ceb4af9fe0fb4c68fff858bce119555efab2b39b39a836bff126ec202c31ab1fd6ba4b40b0dbd889219c644ded8b09abacb5fa6f7ff2f295d844f970f05b80e0d5512b46e8a7ddf38d81c7591e3e01152f7a9f88eec6e482e0cbc33c11c2f3afbefea36161cc77162427b99f7b8cc1e9d07dc8e67815bfdcb74b73c5473bcbb9219bac71094d3f2428cb16282c6214a53b6d7a69316fe39415df727ddcce44572f84bd687e9e283e3cff1fa6cf55cca5a3e8ccfd9bb075bc60bb0bb3d3b321a9b649cd12c4350cfebff7f9b0fd56a4871e5c6068858423c0860c463cc7b7363be9a4ce50fac65715d1efba078f5d4803d9f87bd33f00ce9c197685799f215890460c44c1d715bc813bf20545f7a0c8d1ca86c4b0d236dc0c30813ec713191450785b413f53442ef4aea4070f245d691bbb561553b0304117168b42a00e59c45ea750d9f6447d68c9882544f7fd52af0cde91f1bc603af0656e817949ebc1369a7e34975021b6c2782adfa22314806429de291b48193ad5676de8991b7ad24e8169c1e5dc9b6c1ab645b9135a153dd746fd797338812c32dfbd8f5328acd896135f3fefc2fdc563f499e672fc9ea9ae1f1cb3430a8f44a137c8c62624f1b9ebb7905bb46113b54293448398f2b89eefa900ac56b44df73170e037861756b07dd66e5d55e347bcb6375af3390c0be5189ad3fec21de704431310431eda7a1e3e1c0f44fbec0299fba70ed4c553805900f1c34fbe776a37f048ec2272a15b1820724d74013d6202fdcc618b29484cb1acba21dedd7b6f5ccf5f64c3f6ad7b9d6a9d1591e4ffa19d1a5bdbf56759762d3148b32d9c4f549a1b6a11b867907784277dc08e31d2b8aca3f05dc63e5a62401f304d32cfd0f95776b49f1700cf54bfa03ae42969cb24f2c3f703d23587a6847efa36643064ce8d01f2fb3e2a03b6951ead9828c05bdf5e20c06184e97267aeeec58efec7de88e14744c05d2283be92596d1dc014a4d6065bc55e8166a1b1b3a2bc3459412c76d291fadeb748df2e83581045ac1e5f018d1c593cf75fb2796a55b943e9c786532a51cc16cc7016da4f3c481e916741bc0f4380122fe9ed2f47c4e204db42979d78555b631a889907a102b73a916182ac7635b03fe6d26ff7ffa03fceaedc87c286c283d9a8c7f00083ed965eef2ed741c671a04e1ecb850bc3a04395916524006f3933d1616e067bcebd7854f8ef7364111c575c16fe5f304055f203853f030894b9d4729b8d52747691988c8f712315274c2458a627242dbdda5b90f97d1afc6609d982467243e06ae3254b0f5a75e237578a183f36275565a2fd3e89e52095d0c38e41dacdd4339d486dfa254fe9944a5a72236380360422bc379638082edeab6ec8adf89ce174ff350c7d1a36dd999189d7b4f2125e1d06ca568ab8e49f8c346cd9e8901f0b8a107eb5f833abc44bb71febb288c80fc0896e59fb629bf6855d470b463954dba71bfe553db83c554ddf0c9adffb0c4037f64b03649045af7adee716e7c5fd292075d60f9d2492234479bd1c7712b5d2d5181ec094210c16db85da82e36df846a44adfaf87917e67bdfb17480897b4ee5f7cbf80c7126f5aab555a097acfb7597751b2a36605c3a20606611a5f9be4d9032031b276690ae17fe487b0e84f54a2c1975bf0ed75f91eb817c1e5cfeaa0e97012b39653e85faf10fda1684280d0adac7ce2638b6f5b9dcd39c1215580352f1553ce959fcaf649400bfef9892432d4f6a45ca06100042c20a2a2729be3804265f2fa6b70ae7f056b9a848415def5c8f43bb3627f4b13c3feacf4cd5ed10286b979d50cb4c01233a593fbdf48d50c87a219f68b19100671fce123a68cacdb058f4ad833ae7fe5b328dfd9eb5228db3ac4900790af82f0463c9637230d47787793752e1af864aae54e9545d3e9e829902212613c51fb62c8261f05ecb1cd5b288d682ce38ac9291be013577a629030bc906233fa1229941cd0e0069af04d3fae5817918152438c8528c98a3ac3268ce45df1b68fa2a5414ca8f085d5cfb3d4606661dbf0815299fa8ef24a92463df01cb72e8a078e435bc4c12c54fe7e41df00ed026ee6e8cb726431860d33bde2d2a9a6a7eb5a2411ed0b718d2f579fb0485f91d000ed9ade1a01922a7c25b90d2760ad4818457bca23613cc2249cc44c064a2d9739f1ec646ca994c23b36a82ca6362402e6d03104a9a77eff061f42c90c10aa5e508dc4223fe51d6baad19f288e4f05c456554de55c7e44b2b68ddd6486f8418ee6914893217c7ba97020b42d530387112b274da328f69c6d81f85cb2f8e91a916c5c9fecf1e8266d2a4c2606a902448cbd6a9cc61f77faecae36756ed168b2db66978b57d90efab8f6ee60ee765f232e272ea5e467d0fee5e6024d79f961fd7bb14bb1aebb1dd182726942c8fa78aa4510638200b957f6a53a5329fb2b509877af521afe9d07191b35cece359a5752a0a6d5ebac6d796a92a16ccfa1bcd6cad75962c42ef36cf0f83d18a6f4530af7ecc0ed6394fcd31854104b0f59f6977260df6c2ddb7a345ede2b671c94f9b2c70ffac56048013ae255e490b7dd5cbb89f397869a274deab27df88f43759d02b507ffb18dc94f5f88c0dd45b41f6bf342ff30c703cceac719c937cc6bd22c7a34f4f165dd5c5720296f76cef2b6b40d7c5d1ddfe860d7cd8a974ccacd683a9a02101d856da55eeeca4914b6f8010c384c1dbf6ce9817a4856d4d7005e50a995f8b96b151a7c9e16a532dc0435d8650ad552491f9350cab56644b8cfea760a1c735eb803471477e23cd76f24369df187e1d7299b2dac1b9a6b4d209ce45ab7bbb3cc72c17caf1a6ee720b5251c0de4f36fe421f81878319542f5cd65935b8619c78067fc08067b9b5d75ce0ccb7b54b96bd2dd423ffd8e8bc563e757890076aec6fd686daf899f3b60b3dca9a8fc95e7b536f6e390d3ac33c1ef89a1728a860263754dbc988833be77e1d598408cd52fd3b5f59990a8cbe28a04e69653db7f193c5a44ac92272e268a3e65fc18711d5a116de5deca4905ebe264a61ffa99edd80f632d4fe3920756cd90b78f93d979e5f9539ee2a8ac8b7c5a741ab3df875011fda3720d514500befb0d61b464e549ea24de4bb4a83bf819bf1552903188dbed1b007997c2bb466722e73c1582e35f24aedfbb57ef39fd9d506623952be0a036149f41c6624d2315861984960bb5c26a971964fe1855be1427de0e1513926d07229613c7dd7f48307b28f71adf8dbd839579cc19aac4234c1dcfdf11d5c5f4fffe7c366042f9548431ffb71152b5510f267550836b4d90b9579682aadf4353e7875b0be28ffe4c17c6635c58432f6050dabdd712eb8bf423b7b5f97c8d9396cc1c93a3582d8d7be3369a50f6f04a73f27a1cc672870c5b8d04b5a682901224e46a0c324526cc84e741c6f45dfc575577cba7eac877317cb9d4c61ffa0531db2fecf9052cabf70c133c38bacfd24b7b93102e6b76da3c0d1a8732dacd8791607ddf16442910005c218936e34547e596584a39e061f79a89d0ff6fb2097dbc7e6235cb6528fd4e28c7e6641d1c963718ed"}) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) sendfile(r1, r2, &(0x7f00000000c0)=0x6, 0x200) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1197.857007][T10271] Bluetooth: hci10: sending frame failed (-49) [ 1198.219911][ T8595] Bluetooth: hci9: command 0x1009 tx timeout [ 1198.929878][T15599] Bluetooth: hci8: command 0x1003 tx timeout [ 1198.936947][T10271] Bluetooth: hci8: sending frame failed (-49) [ 1199.729544][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 1199.729618][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1199.889434][T15599] Bluetooth: hci11: command 0xfc11 tx timeout [ 1199.889599][T10178] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1199.896357][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1199.905801][ T8518] Bluetooth: hci10: command tx timeout 08:09:15 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x48000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1200.009494][T21897] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1200.265819][ T7795] Bluetooth: hci10: Frame reassembly failed (-84) 08:09:16 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000651000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000000)={0x3, 0x32d, 0x1, 0x1, 0x15, "21a65f238df416af"}) [ 1200.520261][T10271] Bluetooth: hci11: sending frame failed (-49) 08:09:16 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) [ 1200.703717][T10271] Bluetooth: hci7: sending frame failed (-49) [ 1201.009324][ T8458] Bluetooth: hci8: command 0x1001 tx timeout [ 1201.015681][T10271] Bluetooth: hci8: sending frame failed (-49) [ 1201.540185][ T150] Bluetooth: hci12: sending frame failed (-49) 08:09:17 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc020660b, &(0x7f0000000080)) [ 1201.972594][T21930] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1201.987577][T15936] Bluetooth: hci9: Frame reassembly failed (-84) [ 1202.049262][ T8518] Bluetooth: hci6: command 0xfc11 tx timeout [ 1202.050485][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) 08:09:18 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x89800000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1202.289229][T10178] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1202.361344][T21943] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1202.391076][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 1202.397468][ T7795] Bluetooth: hci6: Frame reassembly failed (-84) [ 1202.541685][ T6576] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1202.769258][ T8595] Bluetooth: hci7: command 0x1003 tx timeout [ 1202.769523][T13880] Bluetooth: hci7: sending frame failed (-49) 08:09:18 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0x40, 0x7ff, 0x5}) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x38) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) capset(&(0x7f00000000c0)={0x19980330, r1}, &(0x7f0000000100)={0xf76, 0xc95, 0x5, 0x2, 0x1, 0x401}) ioctl$KDADDIO(r0, 0x400455c8, 0x9) gettid() mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x1010, 0xffffffffffffffff, 0x1000) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1203.093638][ T8569] Bluetooth: hci8: command 0x1009 tx timeout 08:09:18 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x9) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200, 0x66) mmap(&(0x7f000058d000/0x10000)=nil, 0x10000, 0x800001, 0x10, 0xffffffffffffffff, 0x9a3db000) openat(r1, &(0x7f0000000100)='./file0\x00', 0x9df35a413b1f0bba, 0x20) preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x7) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r3, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x20000004, &(0x7f00000001c0)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000080), 0x152) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4000, 0x9, 0x0, 0x0, 0xca1}, 0x0, 0xb, r1, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, 0x0, 0x0) [ 1203.286459][ T1192] Bluetooth: hci11: Frame reassembly failed (-84) [ 1203.296309][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 1203.569187][T15599] Bluetooth: hci12: command 0x1003 tx timeout [ 1203.576822][ T150] Bluetooth: hci12: sending frame failed (-49) [ 1204.049004][T15599] Bluetooth: hci9: command 0x1003 tx timeout [ 1204.055748][ T150] Bluetooth: hci9: sending frame failed (-49) [ 1204.449227][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1204.449308][ T8595] Bluetooth: hci6: command 0xfc11 tx timeout 08:09:20 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x4c000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1204.619097][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1204.688272][T21972] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1204.849102][ T8595] Bluetooth: hci7: command 0x1001 tx timeout [ 1204.855524][T10178] Bluetooth: hci7: sending frame failed (-49) [ 1205.329107][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1205.378314][ T7795] Bluetooth: hci11: Frame reassembly failed (-84) [ 1205.394880][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 1205.648899][T15599] Bluetooth: hci12: command 0x1001 tx timeout [ 1205.655618][ T150] Bluetooth: hci12: sending frame failed (-49) [ 1206.128817][T15599] Bluetooth: hci9: command 0x1001 tx timeout [ 1206.135676][ T150] Bluetooth: hci9: sending frame failed (-49) [ 1206.768872][ T6576] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1206.768974][ T8458] Bluetooth: hci6: command 0xfc11 tx timeout [ 1206.928919][ T8458] Bluetooth: hci7: command 0x1009 tx timeout 08:09:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x540b, 0x0) [ 1207.008785][T15599] Bluetooth: hci10: command 0xfc11 tx timeout [ 1207.011312][T10178] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:09:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x97ffffff) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1207.119334][T21998] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1207.135625][T15936] Bluetooth: hci6: Frame reassembly failed (-84) [ 1207.172668][T21325] Bluetooth: hci8: Frame reassembly failed (-84) 08:09:23 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x63f9a6c6) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1207.385656][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) [ 1207.408880][T15599] Bluetooth: hci11: command 0xfc11 tx timeout [ 1207.415253][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:09:23 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) unshare(0x40000000) pipe(0x0) r1 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r1, 0x29, 0xd0, &(0x7f00000001c0)=0x80000000, 0x4) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000b40)={0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000a40)=[{{&(0x7f00000000c0), 0x6e, &(0x7f0000000280)=[{&(0x7f0000000180)=""/200, 0xc8}, {&(0x7f0000000000)=""/37, 0x25}], 0x2, &(0x7f0000000bc0)=ANY=[@ANYBLOB="34000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="2c000000fdf0794aafe776385abd8152000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000003c0)=""/11, 0xb}], 0x1, &(0x7f0000000440)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xc0}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000500)=""/226, 0xe2}, {&(0x7f0000000600)=""/119, 0x77}], 0x2, &(0x7f00000006c0)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x128}}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000800)=""/233, 0xe9}, {&(0x7f0000000900)=""/51, 0x33}, {&(0x7f0000000940)=""/105, 0x69}], 0x3, &(0x7f0000000a00)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x28}}], 0x4, 0x3, &(0x7f0000000b80)={r2, r3+10000000}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1207.609693][T21325] Bluetooth: hci11: Frame reassembly failed (-84) [ 1207.728767][ T8445] Bluetooth: hci12: command 0x1009 tx timeout [ 1208.208628][ T8445] Bluetooth: hci9: command 0x1009 tx timeout [ 1209.168501][ T8458] Bluetooth: hci6: command 0x1003 tx timeout [ 1209.175184][ T150] Bluetooth: hci6: sending frame failed (-49) [ 1209.248737][T10155] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 1209.248751][ T8445] Bluetooth: hci8: command 0xfc11 tx timeout [ 1209.418606][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) [ 1209.648662][T15599] Bluetooth: hci11: command 0xfc11 tx timeout [ 1209.655003][T13880] Bluetooth: hci11: Entering manufacturer mode failed (-110) [ 1209.783326][T21325] Bluetooth: hci8: Frame reassembly failed (-84) [ 1209.972523][T10155] Bluetooth: hci10: sending frame failed (-49) 08:09:26 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = dup3(r0, r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xb) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x30}}, 0x0) write$binfmt_elf64(r2, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x9, 0x5, 0x81, 0x3, 0x2, 0x3e, 0xfffffff7, 0x2d8, 0x40, 0xa8, 0xff, 0x7ff, 0x38, 0x1, 0x0, 0x8, 0x7fff}, [{0x5, 0x2, 0x2, 0x1, 0x8, 0xbbcb, 0x7ff, 0x3}, {0x1, 0x4, 0x5, 0x7, 0xe413, 0x7, 0x7, 0x1}], "f712f52077fa758794bb3418b08e0c498d877740442ed60b9d51f804465466b9bf00b90d997f469eb86058e4", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xadc) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1211.258374][ T8595] Bluetooth: hci6: command 0x1001 tx timeout [ 1211.266606][T10023] Bluetooth: hci6: sending frame failed (-49) [ 1211.808446][T15599] Bluetooth: hci8: command 0xfc11 tx timeout [ 1211.814645][T13880] Bluetooth: hci8: Entering manufacturer mode failed (-110) 08:09:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xc6a6f963) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1211.916767][T21325] Bluetooth: hci7: Frame reassembly failed (-84) [ 1212.058303][ T8595] Bluetooth: hci10: command 0xfc11 tx timeout [ 1212.064662][ T6576] Bluetooth: hci10: Entering manufacturer mode failed (-110) 08:09:27 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2) 08:09:27 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x68000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:09:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0xc028564e, &(0x7f0000000080)) [ 1212.294763][T21325] Bluetooth: hci8: Frame reassembly failed (-84) [ 1212.308793][T22115] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1212.348749][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 1212.377053][ T1192] Bluetooth: hci10: Frame reassembly failed (-84) [ 1212.384054][T15599] Bluetooth: hci11: command 0xfc11 tx timeout [ 1212.391546][T10155] Bluetooth: hci11: Entering manufacturer mode failed (-110) 08:09:28 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x2043c0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @empty}, &(0x7f00000000c0)=0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1213.203057][T21325] Bluetooth: hci11: Frame reassembly failed (-84) [ 1213.338272][T15599] Bluetooth: hci6: command 0x1009 tx timeout 08:09:29 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x800000000009) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0xfffffffffffffbff, 0x2) fsetxattr(r1, &(0x7f00000000c0)=@random={'security.', '/dev/ptmx\x00'}, &(0x7f0000000100)='/dev/ptmx\x00', 0xa, 0x5) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1213.623842][T15936] Bluetooth: hci12: Frame reassembly failed (-84) [ 1213.633383][T15936] Bluetooth: hci12: Frame reassembly failed (-84) [ 1213.978156][ T8595] Bluetooth: hci7: command 0xfc11 tx timeout [ 1213.984381][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1214.368173][ T9202] Bluetooth: hci9: Entering manufacturer mode failed (-110) [ 1214.379198][ T8595] Bluetooth: hci10: command 0x1003 tx timeout [ 1214.383872][ T8331] Bluetooth: hci8: command 0x1003 tx timeout [ 1214.392417][ T9202] Bluetooth: hci10: sending frame failed (-49) [ 1214.399236][ T9202] Bluetooth: hci8: sending frame failed (-49) [ 1214.524604][T13880] Bluetooth: hci7: sending frame failed (-49) [ 1214.884470][T22161] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1214.908437][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 1214.914824][ T1192] Bluetooth: hci9: Frame reassembly failed (-84) [ 1215.248145][ T8595] Bluetooth: hci11: command 0x1003 tx timeout [ 1215.255680][ T150] Bluetooth: hci11: sending frame failed (-49) [ 1215.647961][T10023] Bluetooth: hci12: Entering manufacturer mode failed (-110) 08:09:31 executing program 2: ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, &(0x7f0000000000)={0x0, @aes128}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="01000800000000003ec861648ddbde2e2f66696c653000"]) syz_open_pts(r1, 0x2200c0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f00000000c0)={0x6, 0x4}) syz_usb_connect(0x0, 0x0, 0x0, 0x0) getegid() [ 1216.232285][T21325] Bluetooth: hci12: Frame reassembly failed (-84) [ 1216.447796][ T8458] Bluetooth: hci8: command 0x1001 tx timeout [ 1216.454781][ T150] Bluetooth: hci8: sending frame failed (-49) [ 1216.461154][ T8458] Bluetooth: hci10: command 0x1001 tx timeout [ 1216.467377][ T150] Bluetooth: hci10: sending frame failed (-49) [ 1216.527935][ T9202] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1216.927933][ T8458] Bluetooth: hci9: command 0xfc11 tx timeout [ 1216.931637][T13880] Bluetooth: hci9: Entering manufacturer mode failed (-110) 08:09:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x540c, 0x0) 08:09:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf5ffffff) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 08:09:33 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x6c000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1217.328692][ T8331] Bluetooth: hci11: command 0x1001 tx timeout [ 1217.334893][T10178] Bluetooth: hci11: sending frame failed (-49) [ 1217.343497][T22190] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1217.401483][T22196] debugfs: Directory 'hci9' with parent 'bluetooth' already present! [ 1217.421827][ T7795] Bluetooth: hci9: Frame reassembly failed (-84) [ 1218.287770][T10023] Bluetooth: hci12: Entering manufacturer mode failed (-110) [ 1218.288192][ T8331] Bluetooth: hci12: command 0xfc11 tx timeout [ 1218.527663][ T8458] Bluetooth: hci10: command 0x1009 tx timeout [ 1218.534254][ T8458] Bluetooth: hci8: command 0x1009 tx timeout 08:09:34 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) ppoll(&(0x7f0000000000)=[{r0, 0x21}, {r0, 0x88}], 0x2, &(0x7f00000000c0), &(0x7f0000000100)={[0x1]}, 0x8) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1219.407621][T13880] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1219.407751][T10178] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1219.438677][T15599] Bluetooth: hci11: command 0x1009 tx timeout [ 1219.487624][ T8331] Bluetooth: hci9: command 0x1003 tx timeout [ 1219.494059][T10178] Bluetooth: hci9: sending frame failed (-49) [ 1219.932444][T22223] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1219.964347][ T7795] Bluetooth: hci7: Frame reassembly failed (-84) [ 1220.927403][ T8458] Bluetooth: hci12: command 0xfc11 tx timeout [ 1220.940187][T10023] Bluetooth: hci12: Entering manufacturer mode failed (-110) 08:09:37 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0)=0x56) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1221.523197][ T1192] Bluetooth: hci12: Frame reassembly failed (-84) [ 1221.567331][T15599] Bluetooth: hci9: command 0x1001 tx timeout [ 1221.574681][ T150] Bluetooth: hci9: sending frame failed (-49) [ 1221.967295][T10178] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 1221.967349][ T8331] Bluetooth: hci7: command 0xfc11 tx timeout 08:09:37 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x74000000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) [ 1222.047528][ T8331] Bluetooth: hci6: command 0xfc11 tx timeout [ 1222.053750][T13880] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 1222.624554][T22263] debugfs: Directory 'hci6' with parent 'bluetooth' already present! [ 1223.567092][T10023] Bluetooth: hci12: Entering manufacturer mode failed (-110) [ 1223.575385][ T8331] ================================================================== [ 1223.583863][ T8331] BUG: KASAN: use-after-free in hci_cmd_timeout+0x203/0x210 [ 1223.591191][ T8331] Read of size 2 at addr ffff88807c6d3008 by task kworker/0:5/8331 [ 1223.599091][ T8331] [ 1223.601412][ T8331] CPU: 0 PID: 8331 Comm: kworker/0:5 Not tainted 5.15.0-rc6-syzkaller #0 [ 1223.609811][ T8331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1223.619854][ T8331] Workqueue: events hci_cmd_timeout [ 1223.625060][ T8331] Call Trace: [ 1223.628330][ T8331] dump_stack_lvl+0xcd/0x134 [ 1223.632909][ T8331] print_address_description.constprop.0.cold+0x6c/0x309 [ 1223.639976][ T8331] ? hci_cmd_timeout+0x203/0x210 [ 1223.644901][ T8331] ? hci_cmd_timeout+0x203/0x210 [ 1223.649828][ T8331] kasan_report.cold+0x83/0xdf [ 1223.654606][ T8331] ? hci_cmd_timeout+0x203/0x210 [ 1223.659536][ T8331] hci_cmd_timeout+0x203/0x210 [ 1223.664289][ T8331] process_one_work+0x9bf/0x16b0 [ 1223.669220][ T8331] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 1223.674596][ T8331] ? rwlock_bug.part.0+0x90/0x90 [ 1223.679534][ T8331] ? _raw_spin_lock_irq+0x41/0x50 [ 1223.684553][ T8331] worker_thread+0x658/0x11f0 [ 1223.689221][ T8331] ? process_one_work+0x16b0/0x16b0 [ 1223.694423][ T8331] kthread+0x3e5/0x4d0 [ 1223.698540][ T8331] ? set_kthread_struct+0x130/0x130 [ 1223.703726][ T8331] ret_from_fork+0x1f/0x30 [ 1223.708184][ T8331] [ 1223.710491][ T8331] Allocated by task 21390: [ 1223.714885][ T8331] kasan_save_stack+0x1b/0x40 [ 1223.719550][ T8331] __kasan_kmalloc+0xa4/0xd0 [ 1223.724125][ T8331] alloc_bprm+0x51/0x8f0 [ 1223.728353][ T8331] kernel_execve+0x55/0x460 [ 1223.732926][ T8331] call_usermodehelper_exec_async+0x2e3/0x580 [ 1223.738984][ T8331] ret_from_fork+0x1f/0x30 [ 1223.743428][ T8331] [ 1223.745753][ T8331] Freed by task 10023: [ 1223.749799][ T8331] kasan_save_stack+0x1b/0x40 [ 1223.754468][ T8331] kasan_set_track+0x1c/0x30 [ 1223.759063][ T8331] kasan_set_free_info+0x20/0x30 [ 1223.763989][ T8331] __kasan_slab_free+0xff/0x130 [ 1223.768826][ T8331] slab_free_freelist_hook+0x8b/0x1c0 [ 1223.774184][ T8331] kfree+0xf3/0x550 [ 1223.777978][ T8331] skb_release_data+0x65a/0x790 [ 1223.782816][ T8331] kfree_skb+0x133/0x3f0 [ 1223.787047][ T8331] hci_dev_do_open+0xa50/0x1a00 [ 1223.791884][ T8331] hci_power_on+0x133/0x650 [ 1223.796392][ T8331] process_one_work+0x9bf/0x16b0 [ 1223.801325][ T8331] worker_thread+0x658/0x11f0 [ 1223.805984][ T8331] kthread+0x3e5/0x4d0 [ 1223.810038][ T8331] ret_from_fork+0x1f/0x30 [ 1223.814440][ T8331] [ 1223.816749][ T8331] Last potentially related work creation: [ 1223.822442][ T8331] kasan_save_stack+0x1b/0x40 [ 1223.827174][ T8331] kasan_record_aux_stack+0xe9/0x110 [ 1223.832475][ T8331] call_rcu+0xb1/0x750 [ 1223.836593][ T8331] inetdev_event+0xd4c/0x15d0 [ 1223.841271][ T8331] notifier_call_chain+0xb5/0x200 [ 1223.846280][ T8331] call_netdevice_notifiers_info+0xb5/0x130 [ 1223.852205][ T8331] unregister_netdevice_many+0x951/0x1790 [ 1223.857913][ T8331] ip_tunnel_delete_nets+0x39f/0x5b0 [ 1223.863238][ T8331] ops_exit_list+0x10d/0x160 [ 1223.867862][ T8331] cleanup_net+0x4ea/0xb00 [ 1223.872265][ T8331] process_one_work+0x9bf/0x16b0 [ 1223.877188][ T8331] worker_thread+0x658/0x11f0 [ 1223.881847][ T8331] kthread+0x3e5/0x4d0 [ 1223.885900][ T8331] ret_from_fork+0x1f/0x30 [ 1223.890305][ T8331] [ 1223.892612][ T8331] Second to last potentially related work creation: [ 1223.899171][ T8331] kasan_save_stack+0x1b/0x40 [ 1223.903872][ T8331] kasan_record_aux_stack+0xe9/0x110 [ 1223.909195][ T8331] call_rcu+0xb1/0x750 [ 1223.913251][ T8331] __key_link+0x146/0x360 [ 1223.917621][ T8331] key_link+0x24b/0x340 [ 1223.921765][ T8331] look_up_user_keyrings+0x51c/0x740 [ 1223.927040][ T8331] lookup_user_key+0x25f/0x11e0 [ 1223.931894][ T8331] __do_sys_request_key+0x1a4/0x3b0 [ 1223.937087][ T8331] do_syscall_64+0x35/0xb0 [ 1223.941491][ T8331] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1223.947373][ T8331] [ 1223.949682][ T8331] The buggy address belongs to the object at ffff88807c6d3000 [ 1223.949682][ T8331] which belongs to the cache kmalloc-512 of size 512 [ 1223.963722][ T8331] The buggy address is located 8 bytes inside of [ 1223.963722][ T8331] 512-byte region [ffff88807c6d3000, ffff88807c6d3200) [ 1223.976809][ T8331] The buggy address belongs to the page: [ 1223.982424][ T8331] page:ffffea0001f1b400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7c6d0 [ 1223.992575][ T8331] head:ffffea0001f1b400 order:2 compound_mapcount:0 compound_pincount:0 [ 1224.000888][ T8331] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 1224.008918][ T8331] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888010c41c80 [ 1224.017495][ T8331] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 1224.026667][ T8331] page dumped because: kasan: bad access detected [ 1224.033095][ T8331] page_owner tracks the page as allocated [ 1224.038802][ T8331] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 19, ts 134813285844, free_ts 123620716901 [ 1224.057285][ T8331] get_page_from_freelist+0xa72/0x2f80 [ 1224.062750][ T8331] __alloc_pages+0x1b2/0x500 [ 1224.067351][ T8331] alloc_pages+0x1a7/0x300 [ 1224.071756][ T8331] new_slab+0x319/0x490 [ 1224.075902][ T8331] ___slab_alloc+0x950/0x1050 [ 1224.080567][ T8331] __slab_alloc.constprop.0+0x4d/0xa0 [ 1224.085969][ T8331] __kmalloc_node_track_caller+0x2d2/0x340 [ 1224.091778][ T8331] __alloc_skb+0xde/0x340 [ 1224.096102][ T8331] __napi_alloc_skb+0x70/0x310 [ 1224.100852][ T8331] page_to_skb+0x192/0xd90 [ 1224.105334][ T8331] receive_buf+0x3238/0x65c0 [ 1224.109911][ T8331] virtnet_poll+0x5bf/0x1190 [ 1224.114486][ T8331] __napi_poll+0xaf/0x440 [ 1224.118805][ T8331] net_rx_action+0x801/0xb40 [ 1224.123381][ T8331] __do_softirq+0x29b/0x9c2 [ 1224.127875][ T8331] run_ksoftirqd+0x2d/0x60 [ 1224.132358][ T8331] page last free stack trace: [ 1224.137017][ T8331] free_pcp_prepare+0x2c5/0x780 [ 1224.141855][ T8331] free_unref_page+0x19/0x690 [ 1224.146563][ T8331] __put_page+0x105/0x400 [ 1224.150927][ T8331] skb_release_data+0x49d/0x790 [ 1224.155774][ T8331] __kfree_skb+0x46/0x60 [ 1224.160013][ T8331] tcp_recvmsg_locked+0x12f7/0x2320 [ 1224.165258][ T8331] tcp_recvmsg+0x134/0x550 [ 1224.169671][ T8331] inet_recvmsg+0x11b/0x5e0 [ 1224.174160][ T8331] sock_read_iter+0x33c/0x470 [ 1224.178874][ T8331] new_sync_read+0x5ba/0x6e0 [ 1224.183465][ T8331] vfs_read+0x35c/0x600 [ 1224.187607][ T8331] ksys_read+0x1ee/0x250 [ 1224.191932][ T8331] do_syscall_64+0x35/0xb0 [ 1224.196333][ T8331] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1224.202223][ T8331] [ 1224.204542][ T8331] Memory state around the buggy address: [ 1224.210154][ T8331] ffff88807c6d2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1224.218312][ T8331] ffff88807c6d2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1224.226366][ T8331] >ffff88807c6d3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1224.234425][ T8331] ^ [ 1224.238883][ T8331] ffff88807c6d3080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1224.246935][ T8331] ffff88807c6d3100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1224.254981][ T8331] ================================================================== [ 1224.263026][ T8331] Disabling lock debugging due to kernel taint [ 1224.270255][ T8331] Kernel panic - not syncing: panic_on_warn set ... [ 1224.276846][ T8331] CPU: 0 PID: 8331 Comm: kworker/0:5 Tainted: G B 5.15.0-rc6-syzkaller #0 [ 1224.286649][ T8331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1224.296704][ T8331] Workqueue: events hci_cmd_timeout [ 1224.301905][ T8331] Call Trace: [ 1224.305176][ T8331] dump_stack_lvl+0xcd/0x134 [ 1224.309764][ T8331] panic+0x2b0/0x6dd [ 1224.313704][ T8331] ? __warn_printk+0xf3/0xf3 [ 1224.318290][ T8331] ? preempt_schedule_common+0x59/0xc0 [ 1224.323749][ T8331] ? hci_cmd_timeout+0x203/0x210 [ 1224.328685][ T8331] ? preempt_schedule_thunk+0x16/0x18 [ 1224.334055][ T8331] ? trace_hardirqs_on+0x38/0x1c0 [ 1224.339103][ T8331] ? trace_hardirqs_on+0x51/0x1c0 [ 1224.344125][ T8331] ? hci_cmd_timeout+0x203/0x210 [ 1224.349057][ T8331] ? hci_cmd_timeout+0x203/0x210 [ 1224.354008][ T8331] end_report.cold+0x63/0x6f [ 1224.358594][ T8331] kasan_report.cold+0x71/0xdf [ 1224.363355][ T8331] ? hci_cmd_timeout+0x203/0x210 [ 1224.368289][ T8331] hci_cmd_timeout+0x203/0x210 [ 1224.373050][ T8331] process_one_work+0x9bf/0x16b0 [ 1224.377983][ T8331] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 1224.383350][ T8331] ? rwlock_bug.part.0+0x90/0x90 [ 1224.388283][ T8331] ? _raw_spin_lock_irq+0x41/0x50 [ 1224.393308][ T8331] worker_thread+0x658/0x11f0 [ 1224.397986][ T8331] ? process_one_work+0x16b0/0x16b0 [ 1224.403176][ T8331] kthread+0x3e5/0x4d0 [ 1224.407245][ T8331] ? set_kthread_struct+0x130/0x130 [ 1224.412443][ T8331] ret_from_fork+0x1f/0x30 [ 1224.417118][ T8331] Kernel Offset: disabled [ 1224.421432][ T8331] Rebooting in 86400 seconds..