3114][T13767] tty_init_dev+0x5b/0x80 [ 605.963137][T13767] ptmx_open+0x112/0x360 [ 605.963162][T13767] ? pty_unix98_compat_ioctl+0x50/0x50 [ 605.991324][ T26] audit: type=1800 audit(1644684561.178:1455): pid=13782 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1184 res=0 errno=0 [ 605.998298][T13767] chrdev_open+0x266/0x770 [ 605.998329][T13767] ? cdev_device_add+0x210/0x210 [ 606.136736][T13767] ? fsnotify_perm.part.0+0x22d/0x620 [ 606.142209][T13767] do_dentry_open+0x4b9/0x1240 [ 606.146989][T13767] ? cdev_device_add+0x210/0x210 [ 606.151921][T13767] ? may_open+0x1f6/0x420 [ 606.156243][T13767] path_openat+0x1c9e/0x2940 [ 606.160831][T13767] ? path_lookupat+0x860/0x860 [ 606.165582][T13767] ? mark_lock+0xef/0x17b0 [ 606.169992][T13767] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 606.175994][T13767] do_filp_open+0x1aa/0x400 [ 606.180490][T13767] ? may_open_dev+0xf0/0xf0 [ 606.184992][T13767] ? rwlock_bug.part.0+0x90/0x90 [ 606.190357][T13767] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 606.196593][T13767] ? _find_next_bit+0x1e3/0x260 [ 606.201443][T13767] ? _raw_spin_unlock+0x24/0x40 [ 606.206375][T13767] ? alloc_fd+0x2f0/0x670 [ 606.210705][T13767] do_sys_openat2+0x16d/0x4d0 [ 606.215377][T13767] ? build_open_flags+0x6f0/0x6f0 [ 606.220392][T13767] ? __context_tracking_exit+0xb8/0xe0 [ 606.225851][T13767] ? lock_downgrade+0x6e0/0x6e0 [ 606.230700][T13767] __x64_sys_openat+0x13f/0x1f0 [ 606.235561][T13767] ? __ia32_sys_open+0x1c0/0x1c0 [ 606.240513][T13767] ? syscall_enter_from_user_mode+0x21/0x70 [ 606.246408][T13767] do_syscall_64+0x35/0xb0 [ 606.250840][T13767] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 606.256752][T13767] RIP: 0033:0x7f8192773059 [ 606.261161][T13767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 606.281631][T13767] RSP: 002b:00007f81910c7168 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 606.290060][T13767] RAX: ffffffffffffffda RBX: 00007f8192886030 RCX: 00007f8192773059 [ 606.298020][T13767] RDX: 0000000000000000 RSI: 0000000020000140 RDI: ffffffffffffff9c [ 606.305980][T13767] RBP: 00007f81927cd08d R08: 0000000000000000 R09: 0000000000000000 [ 606.313943][T13767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 606.321906][T13767] R13: 00007ffc161f323f R14: 00007f81910c7300 R15: 0000000000022000 [ 606.330144][T13767] [ 606.347987][T13767] Mem-Info: [ 606.353444][T13767] active_anon:2650 inactive_anon:147104 isolated_anon:0 [ 606.353444][T13767] active_file:4122 inactive_file:8173 isolated_file:0 [ 606.353444][T13767] unevictable:768 dirty:546 writeback:0 [ 606.353444][T13767] slab_reclaimable:19201 slab_unreclaimable:97272 [ 606.353444][T13767] mapped:27887 shmem:4136 pagetables:834 bounce:0 [ 606.353444][T13767] kernel_misc_reclaimable:0 [ 606.353444][T13767] free:1324309 free_pcp:9050 free_cma:0 [ 606.401059][T13767] Node 0 active_anon:10592kB inactive_anon:587484kB active_file:16412kB inactive_file:32692kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111548kB dirty:2180kB writeback:0kB shmem:14068kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 438272kB writeback_tmp:0kB kernel_stack:10136kB pagetables:3332kB all_unreclaimable? no [ 606.436657][T13767] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 606.467536][T13767] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 606.495913][T13767] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 606.501822][T13767] Node 0 DMA32 free:1329368kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10592kB inactive_anon:587484kB active_file:16412kB inactive_file:32692kB unevictable:1536kB writepending:2180kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:36052kB local_pcp:14796kB free_cma:0kB [ 606.533070][T13767] lowmem_reserve[]: 0 0 0 0 0 [ 606.538042][T13767] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 606.565953][T13767] lowmem_reserve[]: 0 0 0 0 0 [ 606.572017][T13767] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 606.602147][T13767] lowmem_reserve[]: 0 0 0 0 0 [ 606.606878][T13767] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 606.625596][T13767] Node 0 DMA32: 78*4kB (UE) 1158*8kB (UME) 1941*16kB (UME) 547*32kB (UME) 305*64kB (UME) 185*128kB (UME) 67*256kB (UME) 39*512kB (UME) 23*1024kB (UME) 14*2048kB (UME) 278*4096kB (UM) = 1329368kB [ 606.645408][T13767] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 606.657221][T13767] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 606.677709][T13767] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 606.688475][T13767] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 606.697953][T13767] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 606.711400][T13767] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 606.721087][T13767] 16431 total pagecache pages 16:49:22 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TCFLSH(r2, 0x540b, 0x0) (async) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/sync_persist_mode\x00', 0x2, 0x0) ioctl$PPPOEIOCSFWD(r3, 0x4008b100, &(0x7f0000000280)={0x18, 0x0, {0x3, @local, 'ipvlan0\x00'}}) (async) r4 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000000c0), 0x22080, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2) (async) write$P9_RCLUNK(r4, &(0x7f0000000180)={0x7, 0x79, 0x1}, 0x7) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 606.725769][T13767] 0 pages in swap cache [ 606.730000][T13767] Swap cache stats: add 0, delete 0, find 0/0 [ 606.736058][T13767] Free swap = 0kB [ 606.739818][T13767] Total swap = 0kB [ 606.743621][T13767] 2097051 pages RAM [ 606.747421][T13767] 0 pages HighMem/MovableOnly [ 606.752151][T13767] 384548 pages reserved [ 606.756329][T13767] 0 pages cma reserved [ 606.760490][T13767] ptm ptm3: ldisc open failed (-12), clearing slot 3 [ 606.768922][T13777] ptm ptm10: ldisc open failed (-12), clearing slot 10 16:49:22 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async, rerun: 64) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async, rerun: 64) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (rerun: 64) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) dup(r1) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 64) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 606.804512][T13800] ptm ptm12: ldisc open failed (-12), clearing slot 12 [ 606.820528][ T26] audit: type=1804 audit(1644684562.158:1456): pid=13822 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/620/bus" dev="sda1" ino=1182 res=1 errno=0 16:49:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) syz_open_pts(r4, 0x391100) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r3, r4, 0x0, 0x10000) (async) syz_open_pts(r4, 0x391100) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) 16:49:22 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0) io_setup(0xb, &(0x7f0000000040)=0x0) io_submit(r2, 0xf10, &(0x7f0000000540)=[&(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x200a00}]) r3 = socket$inet6_dccp(0xa, 0x6, 0x0) io_cancel(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x9be25f1d02349e8c, 0x101, r3, &(0x7f0000000280)="f7fd11f1f922912848b1617c0477a19ca23976b4f78b05aea33863cc9a7be11126e7208500b4c0ebc17ed3451ade0d4f505ab382398151c4708b78fa81350bf4a8f1e879de218b1d4998ae9e6f36cd04d777c08cdf64871fc585bd2d9f2855e9a6590ba513631d322af60678071e651aa27c82f49446d7f470f446e74d09647a2dc33bfa783ecf21", 0x88, 0xffffffffffffff80, 0x0, 0x1}, &(0x7f00000000c0)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000000)=0x3) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) creat(&(0x7f0000000300)='./bus\x00', 0x0) (async) io_setup(0xb, &(0x7f0000000040)) (async) io_submit(r2, 0xf10, &(0x7f0000000540)=[&(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x200a00}]) (async) socket$inet6_dccp(0xa, 0x6, 0x0) (async) io_cancel(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x9be25f1d02349e8c, 0x101, r3, &(0x7f0000000280)="f7fd11f1f922912848b1617c0477a19ca23976b4f78b05aea33863cc9a7be11126e7208500b4c0ebc17ed3451ade0d4f505ab382398151c4708b78fa81350bf4a8f1e879de218b1d4998ae9e6f36cd04d777c08cdf64871fc585bd2d9f2855e9a6590ba513631d322af60678071e651aa27c82f49446d7f470f446e74d09647a2dc33bfa783ecf21", 0x88, 0xffffffffffffff80, 0x0, 0x1}, &(0x7f00000000c0)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000000)=0x3) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 606.868189][ T26] audit: type=1800 audit(1644684562.158:1457): pid=13822 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 606.983627][ T3642] Bluetooth: hci9: sending frame failed (-49) [ 606.991086][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 607.097680][T13840] ptm ptm42: ldisc open failed (-12), clearing slot 42 16:49:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$FS_IOC_MEASURE_VERITY(r1, 0xc0046686, &(0x7f0000000000)={0x1, 0x3b, "d614aaf73bde7720a3a8fa2b29824c7b07f4fb7a0d8958ca60c40b50cf9f2483496484217d42e3709dd9655795ff7a4b992c949ef1a3cf1f4b9c8e"}) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x400000) [ 607.151949][T13836] ptm ptm42: ldisc open failed (-12), clearing slot 42 16:49:22 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x16) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x28c180, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) lseek(0xffffffffffffffff, 0x100000000000202, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) openat$binder_debug(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.stat\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0) r3 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000100), &(0x7f0000000180)=0x14) io_submit(0x0, 0x1, &(0x7f0000000200)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3, 0x5, 0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x7f, 0x0, 0x2}]) sendfile(0xffffffffffffffff, r1, 0x0, 0x10002) 16:49:22 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x16) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x28c180, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) lseek(0xffffffffffffffff, 0x100000000000202, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) openat$binder_debug(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.stat\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0) r3 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000100), &(0x7f0000000180)=0x14) io_submit(0x0, 0x1, &(0x7f0000000200)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3, 0x5, 0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x7f, 0x0, 0x2}]) sendfile(0xffffffffffffffff, r1, 0x0, 0x10002) openat$ptmx(0xffffffffffffff9c, 0x0, 0x100, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x16) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x28c180, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) lseek(0xffffffffffffffff, 0x100000000000202, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) openat$binder_debug(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.stat\x00', 0x275a, 0x0) (async) write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0xfea7) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0) (async) socket$inet(0x2, 0x80001, 0x84) (async) getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000100), &(0x7f0000000180)=0x14) (async) io_submit(0x0, 0x1, &(0x7f0000000200)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3, 0x5, 0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x7f, 0x0, 0x2}]) (async) sendfile(0xffffffffffffffff, r1, 0x0, 0x10002) (async) 16:49:22 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x100, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x16) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x28c180, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) lseek(0xffffffffffffffff, 0x100000000000202, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) openat$binder_debug(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (async) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.stat\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0xfea7) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0) (async) r3 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000100), &(0x7f0000000180)=0x14) (async) io_submit(0x0, 0x1, &(0x7f0000000200)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3, 0x5, 0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x7f, 0x0, 0x2}]) (async) sendfile(0xffffffffffffffff, r1, 0x0, 0x10002) [ 607.344402][T13865] ptm ptm4: ldisc open failed (-12), clearing slot 4 16:49:23 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0), 0x381240, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x1) 16:49:23 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000000)={0x6, 0x7f}) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$KDFONTOP_COPY(r2, 0x4b72, &(0x7f0000000040)={0x3, 0x0, 0x2, 0x6, 0x71, &(0x7f0000000280)}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000000)={0x6, 0x7f}) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$KDFONTOP_COPY(r2, 0x4b72, &(0x7f0000000040)={0x3, 0x0, 0x2, 0x6, 0x71, &(0x7f0000000280)}) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 607.809973][ T3672] Bluetooth: hci6: command 0x1003 tx timeout [ 607.816605][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:49:23 executing program 0: syz_mount_image$qnx4(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2, 0x3, &(0x7f0000000380)=[{&(0x7f00000000c0)="9122064ad79a6646bb91a70b6faeb89988916cffda150bf383a833c9127f5d92ce7d29a75fdf4d2f0bf56ac5a2", 0x2d, 0xffff}, {&(0x7f0000000280)="402ad378d2cd64b4dc3b7a67b23e62bfe27b36cd5aef7447ae64aaaed004893a02f3e333428e969db323e3442c18a924ecb5a3dea4794b33d6eef747b71c7b122b235f27005ce394600e55ae5f8db48e1946c2b282a04974c12952fbae0981cfa8e5101ecdb52421081811d66e6f48e8c4b84c5792c83789cadbe0ce203883fea670e5c8816aa5f92ab35fac11846f2796a00898a9d7d604b714145b6c580dd8b44ee9634a8a1566d46311b7cf6e1be3cee71fc459f2b6e3394e07361e1dfe865af6e7d272c89a", 0xc7, 0xd7}, {&(0x7f0000000180)="b8162ee531c122e60b4d521ea8d49dd94a161253d57f5a926e36962cf601f0b6c04dec6f367fde6a42177ff147547c53af4c8cd96808f57ab022a7660ba672c88c78f836f0f13945ec3511aac1f0003a23ab05f449ede41bbdc572b3eb7badc24babb9a5ed49571b5115d9f01a8adb2fe0fb23116e372234ac86a8ebade5610a4f762feaeb175727c3d97d5db754a02040f481e9828353eaf0c6f3faab116fbd9a8fee265a74793dac9a3e3418ab1fa3e9", 0xb1, 0x7ff}], 0x80, &(0x7f0000000400)={[{'/dev/ptmx\x00'}, {'-}&}%}\\-'}, {}, {'/dev/ptmx\x00'}, {'+('}, {'/dev/ptmx\x00'}, {'/dev/ptmx\x00'}, {'\xa5'}, {'/dev.!a\xf50x0) io_submit(r2, 0xf10, &(0x7f0000000540)=[&(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x200a00}]) (async) r3 = socket$inet6_dccp(0xa, 0x6, 0x0) io_cancel(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x9be25f1d02349e8c, 0x101, r3, &(0x7f0000000280)="f7fd11f1f922912848b1617c0477a19ca23976b4f78b05aea33863cc9a7be11126e7208500b4c0ebc17ed3451ade0d4f505ab382398151c4708b78fa81350bf4a8f1e879de218b1d4998ae9e6f36cd04d777c08cdf64871fc585bd2d9f2855e9a6590ba513631d322af60678071e651aa27c82f49446d7f470f446e74d09647a2dc33bfa783ecf21", 0x88, 0xffffffffffffff80, 0x0, 0x1}, &(0x7f00000000c0)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000000)=0x3) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:24 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 32) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$FS_IOC_MEASURE_VERITY(r1, 0xc0046686, &(0x7f0000000000)={0x1, 0x3b, "d614aaf73bde7720a3a8fa2b29824c7b07f4fb7a0d8958ca60c40b50cf9f2483496484217d42e3709dd9655795ff7a4b992c949ef1a3cf1f4b9c8e"}) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x400000) 16:49:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x86900, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/qat_c62xvf', 0x40, 0x80) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000180)=0x10) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x12) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x3, 0x3, 0x5, 0x0, 0x2, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 609.249814][ T3642] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:49:24 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3) getsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, 0x0, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:24 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1b) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x6) sendfile(r3, r4, 0x0, 0x10000) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x3}, &(0x7f0000000180)=0x8) [ 609.356004][ T3636] Bluetooth: hci9: sending frame failed (-49) [ 609.363602][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 609.429443][ T3636] Bluetooth: hci9: sending frame failed (-49) [ 609.436468][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:49:25 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0), 0x381240, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x1) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0), 0x381240, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x1) (async) 16:49:25 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 64) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async, rerun: 64) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3) getsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, 0x0, 0x0) creat(0x0, 0x0) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 64) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async, rerun: 32) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (rerun: 32) 16:49:25 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$FS_IOC_MEASURE_VERITY(r1, 0xc0046686, &(0x7f0000000000)={0x1, 0x3b, "d614aaf73bde7720a3a8fa2b29824c7b07f4fb7a0d8958ca60c40b50cf9f2483496484217d42e3709dd9655795ff7a4b992c949ef1a3cf1f4b9c8e"}) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x400000) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$FS_IOC_MEASURE_VERITY(r1, 0xc0046686, &(0x7f0000000000)={0x1, 0x3b, "d614aaf73bde7720a3a8fa2b29824c7b07f4fb7a0d8958ca60c40b50cf9f2483496484217d42e3709dd9655795ff7a4b992c949ef1a3cf1f4b9c8e"}) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x400000) (async) [ 609.889858][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 609.892338][ T3671] Bluetooth: hci6: command 0x1003 tx timeout [ 609.984539][ T3638] Bluetooth: hci10: sending frame failed (-49) [ 609.992003][ T3636] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:49:25 executing program 3: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:25 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 32) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1b) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) (async) r4 = open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x6) sendfile(r3, r4, 0x0, 0x10000) (async) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x3}, &(0x7f0000000180)=0x8) [ 610.129832][ T3671] Bluetooth: hci7: command 0x1003 tx timeout [ 610.129924][ T3643] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:49:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x6, 0xbde, 0x401, 0x1, 0x18, "cbb26c6ca147c85ea6800a24e7b7de2107b717"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040)) 16:49:26 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000000)=0x1) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$AUTOFS_IOC_FAIL(r0, 0x9361, 0x3811812a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:26 executing program 3: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 64) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1000200000001) (rerun: 64) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) (async, rerun: 32) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 611.009776][ T3625] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 611.009905][ T3671] Bluetooth: hci8: command 0x1003 tx timeout 16:49:26 executing program 3: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:26 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000180)={0x56, 0x3, 0x4, 0x8, 0xa55}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) write$6lowpan_enable(r1, &(0x7f00000000c0)='0', 0x1) ioctl$TCFLSH(r0, 0x540b, 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000300)=ANY=[@ANYBLOB="6e6174000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000b905adf477c47702e8a0d5b8f7ff87a481dc7263298dcdaac3533baa6982c1305073716a5575a64119416ffe62bcd1a47ed9df013fabc4af568a709df6d41ca08245e8bbd88f42d4ca61217524437bfa46843a9f82b8e9442385f2aa77851eb3f63059160ad6d9eb16277384afed104c14f354dcebc2b9b571393fdc01d3b43e927b702200288df6e198ce7a64c62599589415a247596aab64959beaf52e34d77efc77e1b5fffe250f2447602da2676fab0668b8f55a25e07d73e8f99ab0a43b55e1e1bf8b4ff84378fdc844df38933d0e09acdad3f5e7d22f7ce56bc35b22f532c18192ead5298c3541164fa07e45ac0962b8bc2c66abb701"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 611.083535][ T26] kauditd_printk_skb: 18 callbacks suppressed [ 611.083550][ T26] audit: type=1804 audit(1644684566.418:1476): pid=13999 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/610/bus" dev="sda1" ino=1182 res=1 errno=0 16:49:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x6, 0xbde, 0x401, 0x1, 0x18, "cbb26c6ca147c85ea6800a24e7b7de2107b717"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040)) [ 611.188715][ T26] audit: type=1800 audit(1644684566.468:1477): pid=13999 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:49:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x6, 0xbde, 0x401, 0x1, 0x18, "cbb26c6ca147c85ea6800a24e7b7de2107b717"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x6, 0xbde, 0x401, 0x1, 0x18, "cbb26c6ca147c85ea6800a24e7b7de2107b717"}) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040)) (async) [ 611.275434][ T26] audit: type=1804 audit(1644684566.608:1478): pid=14019 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/549/bus" dev="sda1" ino=1183 res=1 errno=0 [ 611.297078][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 611.307986][ T3640] Bluetooth: hci11: Opcode 0x1003 failed: -49 [ 611.313603][ T26] audit: type=1800 audit(1644684566.608:1479): pid=14019 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1183 res=0 errno=0 [ 611.969750][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 612.049888][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 612.049927][ T3671] Bluetooth: hci9: command 0x1003 tx timeout [ 612.209776][ T3728] Bluetooth: hci7: command 0x1003 tx timeout [ 612.209843][ T3643] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 613.170619][ T3625] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 613.178431][ T7] Bluetooth: hci10: command 0x1003 tx timeout [ 613.180149][ T3636] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:49:29 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async, rerun: 32) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0), 0x381240, 0x0) (rerun: 32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x1) 16:49:29 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0xa) r1 = creat(0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x802) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x6) ftruncate(r1, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x122, 0x3, 0x6, 0xf921, 0xa}) sendfile(r0, r3, &(0x7f0000000140)=0x2, 0x2) sendfile(r1, 0xffffffffffffffff, 0x0, 0x10000) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$FS_IOC_GETFLAGS(r4, 0x80086601, &(0x7f0000000000)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TCSETAF(r3, 0x5408, &(0x7f00000000c0)={0x4, 0x9, 0x4, 0x7, 0x13, "703c42d3e0adabb5"}) 16:49:29 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3) getsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, 0x0, 0x0) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:29 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1b) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x6) sendfile(r3, r4, 0x0, 0x10000) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x3}, &(0x7f0000000180)=0x8) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1b) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x6) (async) sendfile(r3, r4, 0x0, 0x10000) (async) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x3}, &(0x7f0000000180)=0x8) (async) 16:49:29 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000000)=0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$AUTOFS_IOC_FAIL(r0, 0x9361, 0x3811812a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000000)=0x1) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$AUTOFS_IOC_FAIL(r0, 0x9361, 0x3811812a) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:49:29 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000180)={0x56, 0x3, 0x4, 0x8, 0xa55}) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) write$6lowpan_enable(r1, &(0x7f00000000c0)='0', 0x1) ioctl$TCFLSH(r0, 0x540b, 0x0) (async) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000300)=ANY=[@ANYBLOB="6e6174000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000b905adf477c47702e8a0d5b8f7ff87a481dc7263298dcdaac3533baa6982c1305073716a5575a64119416ffe62bcd1a47ed9df013fabc4af568a709df6d41ca08245e8bbd88f42d4ca61217524437bfa46843a9f82b8e9442385f2aa77851eb3f63059160ad6d9eb16277384afed104c14f354dcebc2b9b571393fdc01d3b43e927b702200288df6e198ce7a64c62599589415a247596aab64959beaf52e34d77efc77e1b5fffe250f2447602da2676fab0668b8f55a25e07d73e8f99ab0a43b55e1e1bf8b4ff84378fdc844df38933d0e09acdad3f5e7d22f7ce56bc35b22f532c18192ead5298c3541164fa07e45ac0962b8bc2c66abb701"], 0x48) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 614.049834][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 614.057699][ T7] Bluetooth: hci6: command tx timeout [ 614.103742][ T26] audit: type=1804 audit(1644684569.438:1480): pid=14040 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/611/bus" dev="sda1" ino=1179 res=1 errno=0 [ 614.160650][ T26] audit: type=1800 audit(1644684569.438:1481): pid=14040 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1179 res=0 errno=0 [ 614.185315][ T26] audit: type=1804 audit(1644684569.438:1482): pid=14042 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/594/bus" dev="sda1" ino=1181 res=1 errno=0 [ 614.223841][ T26] audit: type=1800 audit(1644684569.438:1483): pid=14042 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1181 res=0 errno=0 [ 614.245867][ T26] audit: type=1804 audit(1644684569.468:1484): pid=14034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/626/bus" dev="sda1" ino=1182 res=1 errno=0 [ 614.272356][ T26] audit: type=1800 audit(1644684569.468:1485): pid=14034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:49:29 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000180)={0x56, 0x3, 0x4, 0x8, 0xa55}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) write$6lowpan_enable(r1, &(0x7f00000000c0)='0', 0x1) (async) ioctl$TCFLSH(r0, 0x540b, 0x0) (async, rerun: 64) ftruncate(r1, 0x800) (async, rerun: 64) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000300)=ANY=[@ANYBLOB="6e6174000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000b905adf477c47702e8a0d5b8f7ff87a481dc7263298dcdaac3533baa6982c1305073716a5575a64119416ffe62bcd1a47ed9df013fabc4af568a709df6d41ca08245e8bbd88f42d4ca61217524437bfa46843a9f82b8e9442385f2aa77851eb3f63059160ad6d9eb16277384afed104c14f354dcebc2b9b571393fdc01d3b43e927b702200288df6e198ce7a64c62599589415a247596aab64959beaf52e34d77efc77e1b5fffe250f2447602da2676fab0668b8f55a25e07d73e8f99ab0a43b55e1e1bf8b4ff84378fdc844df38933d0e09acdad3f5e7d22f7ce56bc35b22f532c18192ead5298c3541164fa07e45ac0962b8bc2c66abb701"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 614.494037][ T3640] Bluetooth: hci11: sending frame failed (-49) [ 614.502206][ T3638] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:49:29 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x1000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 614.641336][ T3640] Bluetooth: hci11: sending frame failed (-49) [ 614.648964][ T3638] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:49:30 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, r0, 0x0, 0x1000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:30 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, r0, 0x0, 0x1000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 614.895200][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 614.902868][ T3640] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:49:30 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x9, 0x45, 0x8, 0xa, "eba1f192a00be7efe3739626f18fedecce1c54"}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000280)={"6382389d836a47edbe59650398acf2f0", 0x0, 0x0, {0x0, 0x8001}, {0x3, 0x4}, 0x10000, [0x4, 0x9, 0x80, 0x81, 0x0, 0x5, 0x7, 0x8, 0x5be, 0x4e, 0x101, 0x9, 0x6, 0xc0, 0x5, 0x1ff]}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000000380)={{r1}, r2, 0x16, @inherit={0x68, &(0x7f0000000180)={0x1, 0x4, 0x0, 0x2, {0x0, 0xfffffffffffffff9, 0x1, 0x7, 0x7ff}, [0x7fffffff, 0x7, 0x7ff, 0x5]}}, @name="cfaa0a445d3123e81b321c03ad7c8b2a7ddefdc2b627b648756d1c6c83addfc97123adb12a7a0461fd651833fdf6e7c90d7157f83b28a5cfed57d134ef63a8ed309b75810fbe246947af962bf25f560aa774cb9f4274aec6a52bb7ba2f8b1864b5b9bf9b7e2f9d2f2249770d950f326e3a718f4cf3e5d66f8d7ca849f2a109d44c01fe6ceb4422cbfa80195a1955dbe56d553551edcda04ef07f05bcb2c4c3aa8f2c6edd998d3ab9683e9ede32379a51788259123d04423f96b21126e6f864520ba7a837fce5def5ae4ea133d067891753313859a5126af739f223c7e7a9a0746eafa369de82576873f0e8954b3b6fe28906be91dc5374648b49c851515029bdc6ba928967354b8ddbf6bdbe2e4fd9cbe1e4f18cc96b14f162c6efdcc520c36bbc4365e06ea7f2b2b21a0bfcd3196b4f67fde1dc6c3d75453a84ebfc8b051a8d27171c85e41915bf6409f75ac2da8c12df3389a9423b07b307717d1277701885b1dfba5560b7cd7b61ccc5aac169ba674706c2c57a9bb10701d20dce72a6325fa1adba0d7a3cb47a4a9212f4e70af8b833a79d38e1677b854d331e9cc560439a3ed359cefee0be8d742f3e6ed3eeec858891dc2316038aead8e1be2b8a4dd0c3875acadb5311a7c9b9abcd34334264b1517a6edd34807f316da1f84b094d1ce9f27e3e88860b084f4c506a92aab07941935405b8a6cfa5b6cebee51126f0d91e46b3729358367e631a8f398ff422c9e690d42a42274694f9b0c91a1be48de6de9d8ed20165f880c591ca27ee9037c9eb0ac8c4f2711010ea8bb386a148dd74a1c1ee2b74c41f4ef82b95e8e4430c9a0bdc4a75035d3979c4084a98084fa53a5cbdea77e7db652323e523742b8f039a9563afa1707c17ff43e87e384957a0322c8af4b7ec3f7efdae6c1a050bc55a6f3fd0f8a5f6351f0ca1d11cc7025790f72854a828acf606d1c335e45f10fc1b6aea0e0a729c42aca663b82ce96efaeb53a23e482c5a53b332ad344fee533abcbb0b3516a6bec02a80354561f4c0d53d16b1b350e65921564c7ab286fc12a1e432893f28cf2c55275af8cf510c1c566e5a086e01329f46e1890df46c9c1748c04152a0a0c5af979b7514162cb51f885874d48d390b2727053c434851fdeb836ea5390fd5e87713d0efb9b8b5920e9830ac389aae32a275c87884db7449d2ddb8c0fda8808008c73884d942f3e739356cca61c66fd3dd39a8c755bbc608c65828711b40ae764052ef5685e9d5ff3a4c526f57d9c99010186fcab25df47a0c62c3ef9a2a6cd12429b5c4373258169111dfe79757ed7d8a0f4adf70aac87689dce4a2d75bdd526ae7feb9d834b3f6d78014a01ccac95fd353102707307ed6abd8b5529aa8010da7f604bb347f411e61f96d1b5cb9ef2320fb74a4cbc75755dccacdf649585088c8c19ddc99add023c172e47f705c98f6ce0d14b5ce270dc0e00b43f4e3994a2449a2d1cb61efb29726641884c9ac6b7b18c03e642ebfe360e862ed09c64ffb1640a8a737a9e4419d06389f5797b84e5d6e831c1f3b0a22473cbe11723f8ca067d9711b7e4642c08570c3b6d706b11a14d83e459b9e687c83db5bfe525a35f1b1fb24cda2771ed6e2ed543f070eaa13b0dc38d3b5e85010c48f72153e791f9ebb0120295a5666e496c3e9d664b18855e0954378adefcd1b3d599dacebc4e1ccf1dac3890fe8ba42d1c62f16405fc1d3c42dcf0b229ffba9de86da1aaa03cc6b39dbeb5254108668c72e4b0ae1dd8f60ed4d26f3b2284f854de4bb68adec555fe55840071576e78e59ad6cc2f54af281fd7fcf9260117e0de11fdcddcf8d7bcf34397ab4776dfa117cbacb5ee6332cc6a478fdd57effb1dd05d2e31f24badf522a3b434173a98fb4a43526789ebc1636553796f421ea30e1533eeb6a2896c0887bb296dd14ef8d173f9eab1919e040bf3fadbafb2973b3ded8ce30050878a676c9ab73b45ab1ca1e9b0c34d0d3df934119d9006011ebc91bc1655bf97817e3928ac3ac288d6e9ee21f5dc01e4ed828514030ca99ad35caafb7737caad40c32095da8cdc752efe3b55472c5680db234b5aa2a838bdecbaec2092aeea032810e3714171c26910b74fbe42ad84a7284cd5d7c524ab505b20500742af13ba50b4960841702ea2be58066165ec4a3ff04d9d3e9f5a31f77c03e5e1835920f99502744ece57e896a95c475e461347dfa9957daa2884aa2bca8ecd1bc54701ef98f343a6e9a7cb809fe41d03fff40fe7cdda9027325afe70c3b01e5906e031cc2f70d9ffe16d5738ecfbb54a2c6236adb842fb75688c74bac3cfc4df74be19ffdb32b6508e17e855d18254b053de6b5ceb5e4228f8ae9d7e31a952b07fef93d9622dba981c180370af52c6621f904b391316641010ee0cc639791e61fde6e335ddb798f2ab24b49e0eff6501f7a2a53b0852746e19ced6966ba6b6790b07018c243a3e5b0cef82502fda191b05d69f6afdc94be144cead20fe11c398a564017c39122885f9c7ba40b6b969bc35e0156ed2e612af6c78fb0daf900bdbfb40aaf68e0d1caaeac7fb30732031024484cd36f5a24ec72bcf0a028663ea3fbbf7cde81c70591b68ddb9eb34210b4ff085f51fc88ef2287948e2fe058838eb4fb67edead23c8f5bb42cc55df3ca5a93fd30f866b5790a1ecda835840ddc9c747fa4f2f8565363f1d03c3fb9a64d7907c3aac8d2297acfdd05b7fd850ef62b1ee85d0b6fad080e5dd2cb5d8173ce39602d7798faad5830e118b6a2223ad780a40d632d4952b9e1f497ebf4bbf1afd184caf888149d9ab83ce5ad74bc93cece1e508033cc57fcf0f25550471b31d90773c48043f85684bcbfb02f0911cb1862f60b57e20d926e1f82c1757740adc43c964b748ef0ece362b92a3528dad61a4e0e3f08d5632037bed2c48fe1a0beae552f851c18619c957bf532375d7eb6f40c3a13e87e547d9238038ee282ac9d6123cdd409ee624e2481e30043e050b84285def144045d45e874398a7fb91461be99ed789f67f1c4a62584ffd3a4859c51e290250cca498efa65f09c5613cb4982c1fda8fd9f8c4f31f6ec3b72f8e7a5780ace77e1a3570664e86a59bec0fbc7de352a5ee7dae819b07b330dbad79882585fa863493990084c5647b68b4472dd8e7a47c7773fb178090f6abbe29830b83ea61c6669f53c3f02a39abb6a0a8de2ded30b05064ee8b0798b7bdb2d3362b15ce0056d021765d300057d40e839ff3d313a5bfbbee81373d46f2d628dd90fd293e41a057ed169697b0e1505731617d0263ac93993b95a8a66185abf2df59c0b253f05a09ede5b0582454aee583a5b2047a46aa409985ae93ba685ee61f164c9d6ec790eebcd8084d7831e5ea54e4be75306e4df483132be6fde3cc93a5ab3151e7e4df8280748c38f55d203b2dbd689ad762bdcf97b246d7a6c21e13d7f790aec7d8079877e6692e0e784c7da263af75977132dc9dd2b4728eb7cf9889e197e559331924cd1ac24a80c2f5fd318cb62dcec5cd95cb0ef09136b24f0ec10524f7902f9ebba6f9505dcfadfa6fa9c3f7e32466ac62e3c1fb60fdfa851b9f019830dfcbb681076fcf0bed75e4639aea630eabc0e7c05fdc5be04e21e34e20a73d6bed647bf28083acc54c807195649cabea318ae128d936f0421b8f3c37a30a9e59f448b496c5f11577b596eab0749267613990486e39635e0c141f679f7690573823eb0c186162ac908be67fa65a29e28056d37ee9cdcb964e790ad54877f2466366246edb5ab51697c41a3cbabda18616a4e046a1089a4dd3e85870a613192ca95e889135b4df8b7a67efb0463e91cda2db9528968e9cc8a13c4e8c7a72bde7d7d38695731262314bb6276fcb39dffd818430bd0f93d96534a2d0c030459b51d456d1268a3a63ee96f03087b03b759d41077abf78b47bfc7fcc836529fe141b78900be4b6a8543839f7a396612b4b7f8b8385aa343f88fad6cf1e5191ed130ff8f932058b6950512154b98a97955e80250059ebffeda8144dbbe83eab187020865bf7e1808cad272a7bc745ecd071287b9aa49919854108be2f6349bde69fa82571906069e496935e53f81deb2f7a737aede396faa9989fe393620f5d37574320c1f72b6c006453472fd95216a9e504ba0ff9bd9a61036b882d701d0c047e63ea170efa2486c8f27238973e044bc51da6f008c92acb537345d2b6c5cf5c7b2f3c7a6c73d57e86ea30e32228e16f21232836118b18964e493f3f72bb15666b31e57663b33d8410125a91c31bedfdae2639370490be4c814b85591e445fb7dc2455291f13275f1d9a0ae808f1078d9d99b2e9c2d872995cc6c6f1b73c2052b330d8be9caa674ef1d38b99c51b831e9340decec6c7d08a69f187d393c85b9cba461054af1582f94df5e3ebb657d86f006344ecf86ac542780e2524f0d2d4ee78a208375135a079545ce63413d6d49859ae53f65960c0463076e17047364e926cd650df69e6277e466dec7404f773f9e33174bbb3200492f0a67ed66c010511384ef8f2b490839b867b111f182091ae7befad7a5f6d2397d4c506919026a494a30d41820c213a8d77f3ff2c525d2fe94f0b760fe956419104d5634bc86a90d3b594894c94ecd5cdbce61d596c2d68b6fc81e6d5cd04bbd7c1f40aa302693f071a5784b1c84a459dd7fba365096482f1858efffa41b591c427bed649648373b575656d497f45fae4ca987cee618266005044b5097bac3e40b436866c59f5611e706797afe541023468f0f1c86b53f3d12a0b5d9b0417c9fee5bdb26750e045ec8a78f340d1af03298ab1f5c8cb61fe205df4358de1856539742b1c0485a5b3f7a842a7860bd4da209751cbab0adedbad1291e6babb59d3cf929419d4a2a01ff41a698d7c9d33aca1ca2b12361c48e17649b3d9ad9bde15d49434aa8468c6073146a1513deac941ca2b33290eaf8b562f082dfb2528f6cac32d5b87613bbf94773c7fcd7d3b4556a5f45bf53caddf1485e86fa4830a3f5de93945138d767831e72ad698e5cff19b74ca442c91d106b4f424b1478d8ae305a9011dde5a3ac8c0fe10b1f96c7e272428be58a1f86255e2a4e89dab8ec497dc393e09d7ffa976e8d13245cb18bca9205e531ec8598847f30f34a9aeac40a38d838fee5a100cbb1bcff58f246cae3b66e798e0a5cb68687de3763d62c62954485ff041b3bd04ebc4b15136b2d23858d4671d0fc4d12008b4473877116e5ddc5f34222f356f63566b85e332e685c04e4321b5767fd02c8b0f20575f5675d7628624bfef401318e1375a1841fb2ad33c577a218a68be5b4d5e60efaaa7aa9eab0f72411ca36034fe2dc2f5690d551b4075112109df8c68afa977a8a12b80ad3fe8575c6322613da2e05cd4d16269138ddad4545a642bbe0816bdd6c850f852f3896049d0d5ccc885ab5801664353aeb5707d9d004a20a75ab2100996c1d2b2cfb838fe11a46a630329a83971ea307baa55892f4b53341d123dd553191b881d7880f2426db1dac2b75f1d56c96b76e69631657f235353748fbc915ef5796612400f8ea66f3a1a4eec2de358e376e20c143912f87d30253f6aec150616302e7e76a988ad937c2ed6812734bec026f6bf5010c83513e790c36737958130cdfa9d9a4d38df77edd0b0726789a95aa03824da9c00e6a5b80b851701955e5ddfdcb04865db953d8eee540f3506b3873"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 615.035080][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 615.042852][ T3640] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:49:30 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x9, 0x45, 0x8, 0xa, "eba1f192a00be7efe3739626f18fedecce1c54"}) (async) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000280)={"6382389d836a47edbe59650398acf2f0", 0x0, 0x0, {0x0, 0x8001}, {0x3, 0x4}, 0x10000, [0x4, 0x9, 0x80, 0x81, 0x0, 0x5, 0x7, 0x8, 0x5be, 0x4e, 0x101, 0x9, 0x6, 0xc0, 0x5, 0x1ff]}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000000380)={{r1}, r2, 0x16, @inherit={0x68, &(0x7f0000000180)={0x1, 0x4, 0x0, 0x2, {0x0, 0xfffffffffffffff9, 0x1, 0x7, 0x7ff}, [0x7fffffff, 0x7, 0x7ff, 0x5]}}, @name="cfaa0a445d3123e81b321c03ad7c8b2a7ddefdc2b627b648756d1c6c83addfc97123adb12a7a0461fd651833fdf6e7c90d7157f83b28a5cfed57d134ef63a8ed309b75810fbe246947af962bf25f560aa774cb9f4274aec6a52bb7ba2f8b1864b5b9bf9b7e2f9d2f2249770d950f326e3a718f4cf3e5d66f8d7ca849f2a109d44c01fe6ceb4422cbfa80195a1955dbe56d553551edcda04ef07f05bcb2c4c3aa8f2c6edd998d3ab9683e9ede32379a51788259123d04423f96b21126e6f864520ba7a837fce5def5ae4ea133d067891753313859a5126af739f223c7e7a9a0746eafa369de82576873f0e8954b3b6fe28906be91dc5374648b49c851515029bdc6ba928967354b8ddbf6bdbe2e4fd9cbe1e4f18cc96b14f162c6efdcc520c36bbc4365e06ea7f2b2b21a0bfcd3196b4f67fde1dc6c3d75453a84ebfc8b051a8d27171c85e41915bf6409f75ac2da8c12df3389a9423b07b307717d1277701885b1dfba5560b7cd7b61ccc5aac169ba674706c2c57a9bb10701d20dce72a6325fa1adba0d7a3cb47a4a9212f4e70af8b833a79d38e1677b854d331e9cc560439a3ed359cefee0be8d742f3e6ed3eeec858891dc2316038aead8e1be2b8a4dd0c3875acadb5311a7c9b9abcd34334264b1517a6edd34807f316da1f84b094d1ce9f27e3e88860b084f4c506a92aab07941935405b8a6cfa5b6cebee51126f0d91e46b3729358367e631a8f398ff422c9e690d42a42274694f9b0c91a1be48de6de9d8ed20165f880c591ca27ee9037c9eb0ac8c4f2711010ea8bb386a148dd74a1c1ee2b74c41f4ef82b95e8e4430c9a0bdc4a75035d3979c4084a98084fa53a5cbdea77e7db652323e523742b8f039a9563afa1707c17ff43e87e384957a0322c8af4b7ec3f7efdae6c1a050bc55a6f3fd0f8a5f6351f0ca1d11cc7025790f72854a828acf606d1c335e45f10fc1b6aea0e0a729c42aca663b82ce96efaeb53a23e482c5a53b332ad344fee533abcbb0b3516a6bec02a80354561f4c0d53d16b1b350e65921564c7ab286fc12a1e432893f28cf2c55275af8cf510c1c566e5a086e01329f46e1890df46c9c1748c04152a0a0c5af979b7514162cb51f885874d48d390b2727053c434851fdeb836ea5390fd5e87713d0efb9b8b5920e9830ac389aae32a275c87884db7449d2ddb8c0fda8808008c73884d942f3e739356cca61c66fd3dd39a8c755bbc608c65828711b40ae764052ef5685e9d5ff3a4c526f57d9c99010186fcab25df47a0c62c3ef9a2a6cd12429b5c4373258169111dfe79757ed7d8a0f4adf70aac87689dce4a2d75bdd526ae7feb9d834b3f6d78014a01ccac95fd353102707307ed6abd8b5529aa8010da7f604bb347f411e61f96d1b5cb9ef2320fb74a4cbc75755dccacdf649585088c8c19ddc99add023c172e47f705c98f6ce0d14b5ce270dc0e00b43f4e3994a2449a2d1cb61efb29726641884c9ac6b7b18c03e642ebfe360e862ed09c64ffb1640a8a737a9e4419d06389f5797b84e5d6e831c1f3b0a22473cbe11723f8ca067d9711b7e4642c08570c3b6d706b11a14d83e459b9e687c83db5bfe525a35f1b1fb24cda2771ed6e2ed543f070eaa13b0dc38d3b5e85010c48f72153e791f9ebb0120295a5666e496c3e9d664b18855e0954378adefcd1b3d599dacebc4e1ccf1dac3890fe8ba42d1c62f16405fc1d3c42dcf0b229ffba9de86da1aaa03cc6b39dbeb5254108668c72e4b0ae1dd8f60ed4d26f3b2284f854de4bb68adec555fe55840071576e78e59ad6cc2f54af281fd7fcf9260117e0de11fdcddcf8d7bcf34397ab4776dfa117cbacb5ee6332cc6a478fdd57effb1dd05d2e31f24badf522a3b434173a98fb4a43526789ebc1636553796f421ea30e1533eeb6a2896c0887bb296dd14ef8d173f9eab1919e040bf3fadbafb2973b3ded8ce30050878a676c9ab73b45ab1ca1e9b0c34d0d3df934119d9006011ebc91bc1655bf97817e3928ac3ac288d6e9ee21f5dc01e4ed828514030ca99ad35caafb7737caad40c32095da8cdc752efe3b55472c5680db234b5aa2a838bdecbaec2092aeea032810e3714171c26910b74fbe42ad84a7284cd5d7c524ab505b20500742af13ba50b4960841702ea2be58066165ec4a3ff04d9d3e9f5a31f77c03e5e1835920f99502744ece57e896a95c475e461347dfa9957daa2884aa2bca8ecd1bc54701ef98f343a6e9a7cb809fe41d03fff40fe7cdda9027325afe70c3b01e5906e031cc2f70d9ffe16d5738ecfbb54a2c6236adb842fb75688c74bac3cfc4df74be19ffdb32b6508e17e855d18254b053de6b5ceb5e4228f8ae9d7e31a952b07fef93d9622dba981c180370af52c6621f904b391316641010ee0cc639791e61fde6e335ddb798f2ab24b49e0eff6501f7a2a53b0852746e19ced6966ba6b6790b07018c243a3e5b0cef82502fda191b05d69f6afdc94be144cead20fe11c398a564017c39122885f9c7ba40b6b969bc35e0156ed2e612af6c78fb0daf900bdbfb40aaf68e0d1caaeac7fb30732031024484cd36f5a24ec72bcf0a028663ea3fbbf7cde81c70591b68ddb9eb34210b4ff085f51fc88ef2287948e2fe058838eb4fb67edead23c8f5bb42cc55df3ca5a93fd30f866b5790a1ecda835840ddc9c747fa4f2f8565363f1d03c3fb9a64d7907c3aac8d2297acfdd05b7fd850ef62b1ee85d0b6fad080e5dd2cb5d8173ce39602d7798faad5830e118b6a2223ad780a40d632d4952b9e1f497ebf4bbf1afd184caf888149d9ab83ce5ad74bc93cece1e508033cc57fcf0f25550471b31d90773c48043f85684bcbfb02f0911cb1862f60b57e20d926e1f82c1757740adc43c964b748ef0ece362b92a3528dad61a4e0e3f08d5632037bed2c48fe1a0beae552f851c18619c957bf532375d7eb6f40c3a13e87e547d9238038ee282ac9d6123cdd409ee624e2481e30043e050b84285def144045d45e874398a7fb91461be99ed789f67f1c4a62584ffd3a4859c51e290250cca498efa65f09c5613cb4982c1fda8fd9f8c4f31f6ec3b72f8e7a5780ace77e1a3570664e86a59bec0fbc7de352a5ee7dae819b07b330dbad79882585fa863493990084c5647b68b4472dd8e7a47c7773fb178090f6abbe29830b83ea61c6669f53c3f02a39abb6a0a8de2ded30b05064ee8b0798b7bdb2d3362b15ce0056d021765d300057d40e839ff3d313a5bfbbee81373d46f2d628dd90fd293e41a057ed169697b0e1505731617d0263ac93993b95a8a66185abf2df59c0b253f05a09ede5b0582454aee583a5b2047a46aa409985ae93ba685ee61f164c9d6ec790eebcd8084d7831e5ea54e4be75306e4df483132be6fde3cc93a5ab3151e7e4df8280748c38f55d203b2dbd689ad762bdcf97b246d7a6c21e13d7f790aec7d8079877e6692e0e784c7da263af75977132dc9dd2b4728eb7cf9889e197e559331924cd1ac24a80c2f5fd318cb62dcec5cd95cb0ef09136b24f0ec10524f7902f9ebba6f9505dcfadfa6fa9c3f7e32466ac62e3c1fb60fdfa851b9f019830dfcbb681076fcf0bed75e4639aea630eabc0e7c05fdc5be04e21e34e20a73d6bed647bf28083acc54c807195649cabea318ae128d936f0421b8f3c37a30a9e59f448b496c5f11577b596eab0749267613990486e39635e0c141f679f7690573823eb0c186162ac908be67fa65a29e28056d37ee9cdcb964e790ad54877f2466366246edb5ab51697c41a3cbabda18616a4e046a1089a4dd3e85870a613192ca95e889135b4df8b7a67efb0463e91cda2db9528968e9cc8a13c4e8c7a72bde7d7d38695731262314bb6276fcb39dffd818430bd0f93d96534a2d0c030459b51d456d1268a3a63ee96f03087b03b759d41077abf78b47bfc7fcc836529fe141b78900be4b6a8543839f7a396612b4b7f8b8385aa343f88fad6cf1e5191ed130ff8f932058b6950512154b98a97955e80250059ebffeda8144dbbe83eab187020865bf7e1808cad272a7bc745ecd071287b9aa49919854108be2f6349bde69fa82571906069e496935e53f81deb2f7a737aede396faa9989fe393620f5d37574320c1f72b6c006453472fd95216a9e504ba0ff9bd9a61036b882d701d0c047e63ea170efa2486c8f27238973e044bc51da6f008c92acb537345d2b6c5cf5c7b2f3c7a6c73d57e86ea30e32228e16f21232836118b18964e493f3f72bb15666b31e57663b33d8410125a91c31bedfdae2639370490be4c814b85591e445fb7dc2455291f13275f1d9a0ae808f1078d9d99b2e9c2d872995cc6c6f1b73c2052b330d8be9caa674ef1d38b99c51b831e9340decec6c7d08a69f187d393c85b9cba461054af1582f94df5e3ebb657d86f006344ecf86ac542780e2524f0d2d4ee78a208375135a079545ce63413d6d49859ae53f65960c0463076e17047364e926cd650df69e6277e466dec7404f773f9e33174bbb3200492f0a67ed66c010511384ef8f2b490839b867b111f182091ae7befad7a5f6d2397d4c506919026a494a30d41820c213a8d77f3ff2c525d2fe94f0b760fe956419104d5634bc86a90d3b594894c94ecd5cdbce61d596c2d68b6fc81e6d5cd04bbd7c1f40aa302693f071a5784b1c84a459dd7fba365096482f1858efffa41b591c427bed649648373b575656d497f45fae4ca987cee618266005044b5097bac3e40b436866c59f5611e706797afe541023468f0f1c86b53f3d12a0b5d9b0417c9fee5bdb26750e045ec8a78f340d1af03298ab1f5c8cb61fe205df4358de1856539742b1c0485a5b3f7a842a7860bd4da209751cbab0adedbad1291e6babb59d3cf929419d4a2a01ff41a698d7c9d33aca1ca2b12361c48e17649b3d9ad9bde15d49434aa8468c6073146a1513deac941ca2b33290eaf8b562f082dfb2528f6cac32d5b87613bbf94773c7fcd7d3b4556a5f45bf53caddf1485e86fa4830a3f5de93945138d767831e72ad698e5cff19b74ca442c91d106b4f424b1478d8ae305a9011dde5a3ac8c0fe10b1f96c7e272428be58a1f86255e2a4e89dab8ec497dc393e09d7ffa976e8d13245cb18bca9205e531ec8598847f30f34a9aeac40a38d838fee5a100cbb1bcff58f246cae3b66e798e0a5cb68687de3763d62c62954485ff041b3bd04ebc4b15136b2d23858d4671d0fc4d12008b4473877116e5ddc5f34222f356f63566b85e332e685c04e4321b5767fd02c8b0f20575f5675d7628624bfef401318e1375a1841fb2ad33c577a218a68be5b4d5e60efaaa7aa9eab0f72411ca36034fe2dc2f5690d551b4075112109df8c68afa977a8a12b80ad3fe8575c6322613da2e05cd4d16269138ddad4545a642bbe0816bdd6c850f852f3896049d0d5ccc885ab5801664353aeb5707d9d004a20a75ab2100996c1d2b2cfb838fe11a46a630329a83971ea307baa55892f4b53341d123dd553191b881d7880f2426db1dac2b75f1d56c96b76e69631657f235353748fbc915ef5796612400f8ea66f3a1a4eec2de358e376e20c143912f87d30253f6aec150616302e7e76a988ad937c2ed6812734bec026f6bf5010c83513e790c36737958130cdfa9d9a4d38df77edd0b0726789a95aa03824da9c00e6a5b80b851701955e5ddfdcb04865db953d8eee540f3506b3873"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 616.129916][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 616.143620][T14054] warn_alloc: 21 callbacks suppressed [ 616.143635][T14054] syz-executor.4: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1 [ 616.183512][T14054] CPU: 1 PID: 14054 Comm: syz-executor.4 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 616.194451][T14054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 616.204505][T14054] Call Trace: [ 616.207768][T14054] [ 616.210687][T14054] dump_stack_lvl+0xcd/0x134 [ 616.215465][T14054] warn_alloc.cold+0x9b/0x189 [ 616.220135][T14054] ? zone_watermark_ok_safe+0x290/0x290 [ 616.225749][T14054] ? __kmalloc_node+0x62/0x390 [ 616.230648][T14054] ? __vmalloc_node_range+0x7bf/0x1060 [ 616.236279][T14054] __vmalloc_node_range+0xe1e/0x1060 [ 616.241645][T14054] ? vfree_atomic+0xe0/0xe0 [ 616.246134][T14054] ? n_tty_open+0x16/0x170 [ 616.250565][T14054] vzalloc+0x67/0x80 [ 616.254541][T14054] ? n_tty_open+0x16/0x170 [ 616.259308][T14054] n_tty_open+0x16/0x170 [ 616.263539][T14054] ? n_tty_set_termios+0x1010/0x1010 [ 616.269504][T14054] tty_ldisc_open+0x9b/0x110 [ 616.274089][T14054] tty_set_ldisc+0x2f1/0x680 [ 616.278680][T14054] tty_ioctl+0xae0/0x1660 [ 616.283022][T14054] ? tty_lookup_driver+0x550/0x550 [ 616.288130][T14054] ? find_held_lock+0x2d/0x110 [ 616.292908][T14054] ? __fget_files+0x28c/0x470 [ 616.297589][T14054] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 616.303924][T14054] ? tty_lookup_driver+0x550/0x550 [ 616.309030][T14054] __x64_sys_ioctl+0x193/0x200 [ 616.313781][T14054] do_syscall_64+0x35/0xb0 [ 616.318206][T14054] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 616.324274][T14054] RIP: 0033:0x7f8192773059 [ 616.329165][T14054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 616.349600][T14054] RSP: 002b:00007f81910c7168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 616.358136][T14054] RAX: ffffffffffffffda RBX: 00007f8192886030 RCX: 00007f8192773059 [ 616.366094][T14054] RDX: 0000000020000100 RSI: 0000000000005423 RDI: 0000000000000003 [ 616.374229][T14054] RBP: 00007f81927cd08d R08: 0000000000000000 R09: 0000000000000000 [ 616.382451][T14054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 616.390421][T14054] R13: 00007ffc161f323f R14: 00007f81910c7300 R15: 0000000000022000 [ 616.398407][T14054] [ 616.409929][ T7] Bluetooth: hci10: command 0x1003 tx timeout [ 616.416214][ T3625] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 616.416804][ T3643] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:49:31 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) r2 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) socket$nl_generic(0x10, 0x3, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x17) r3 = syz_open_dev$hiddev(&(0x7f00000000c0), 0xb328, 0x181880) r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000180), 0x5731c2, 0x0) r5 = syz_mount_image$efs(&(0x7f00000001c0), &(0x7f0000000200)='./bus\x00', 0x8, 0x5, &(0x7f0000000600)=[{&(0x7f0000000280)="33084fef442fbeb5887f63311d72c7f30513640eac1160aae4e421da2db1c340ee73b4d1c5303dd293bafed9584d74267a030d6d28e103bdb11ee613362b3a688652ec08898d8ae545c2d7b74c207a596b7fa3be1ff8a561f2b012bcc17e04502e97d1d2abe5eeae315bf99ab38609bed2fa3f4253e0c0d0d47bdf8e1d66e3c1eddd7db2ab500365de", 0x89, 0x4b0f}, {&(0x7f0000000340)="3cbfe7a4b04d7f56931af5ef4d9569daa128f6bfc78e88ef75cc036b9221c033fe2f85dc0d93c8d5519349ee52774ba3738fac97ac448bc73537b24943eb0ab3b72041019f1b43ba8839864b0f22589e2e79c0eec8c015633735caa2d066ec9645442318a96a16517f0aa2010167b42c4f63a66f521069736aeee44a673c2151aee726e92459bfad1c4fc8a3102153db6a28fbfddc548b91cb60725c4ad754b0c2ef1287fafc9cba1d5cda1055ecc8b4ef5c1f19daef6aa38d", 0xb9, 0x4}, {&(0x7f0000000400)="307682d0a6b415cd873031b7d8b69653123d3dc0bda5afb1d20c883fa027062c1a2685377ea16f51f2065c653272a5b54bad91a4ad93a908852373f51067dc26709f69a42a5045a1b34cfaec3eed867256675a6168ef96b136a0b324ed39cea79779302d921d9ede4d449a37d5e124634a3206e5f280ee4594aeb0e6de9c5a200f468a43d25d21f286a6293075b16509875c8676959ae3d93aaadd751aacc233f82b0098f97ed98361d1a08004ed0c6cb4a6dfb1c0509ef5370fe5f9e0e3d9c7b22a869238ff99c82b3be65ff030dd0bebf4a8c3667d50b6d43287b1bf6b3b44707a94e525c587116c4668ed70c3489598caed6363", 0xf5}, {&(0x7f0000000500)="809424bad09e8bc6310208cf9d34c0c7f49dc81ce0e474a540852f3478ffa5a2f9aaddc9fb62be4e9e6ba18ad18bffbe4c808f9bbbfddf56c20a115c6e2b4b53d18cac76b222738e95625fb2901cbc4fae5d96b9c92efa2df48a6f121d58006c7546aa6d2a30756000c25a9fa86ef81eb7751cd09f7a425e1edcc378987801caa3f5a8db64a69e13c7b6c6fccdd4b21593a7cc79d8d3ba978da9b14d9f619e5515e6dc4a1e4547432b27e31a3a6c", 0xae, 0x6}, {&(0x7f00000005c0)="9cd52122bf608807c9f92ed50b1225ae3f6be42bbbbe", 0x16, 0x1}], 0x180008, &(0x7f0000000680)={[{'/dev/ptmx\x00'}, {'/dev/ppp\x00'}, {'+'}, {'/dev/ptmx\x00'}, {'$:&,:)+['}], [{@uid_gt={'uid>', 0xffffffffffffffff}}, {@obj_user}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/ptmx\x00'}}]}) ppoll(&(0x7f0000000700)=[{r1, 0x1000}, {r3, 0x100}, {r0, 0x10}, {r2, 0x90}, {r4, 0x2018}, {r5, 0x2000}], 0x6, &(0x7f0000000740)={0x0, 0x3938700}, &(0x7f0000000780)={[0x80000001]}, 0x8) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 616.424029][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 616.429848][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 616.437420][ T7] Bluetooth: hci9: command tx timeout [ 616.452684][ T7] Bluetooth: hci8: command 0x1003 tx timeout 16:49:31 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0xa) r1 = creat(0x0, 0x0) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x802) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x6) (async) ftruncate(r1, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x122, 0x3, 0x6, 0xf921, 0xa}) sendfile(r0, r3, &(0x7f0000000140)=0x2, 0x2) (async) sendfile(r1, 0xffffffffffffffff, 0x0, 0x10000) (async) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$FS_IOC_GETFLAGS(r4, 0x80086601, &(0x7f0000000000)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TCSETAF(r3, 0x5408, &(0x7f00000000c0)={0x4, 0x9, 0x4, 0x7, 0x13, "703c42d3e0adabb5"}) 16:49:31 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2) (async, rerun: 64) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x9, 0x45, 0x8, 0xa, "eba1f192a00be7efe3739626f18fedecce1c54"}) (rerun: 64) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000280)={"6382389d836a47edbe59650398acf2f0", 0x0, 0x0, {0x0, 0x8001}, {0x3, 0x4}, 0x10000, [0x4, 0x9, 0x80, 0x81, 0x0, 0x5, 0x7, 0x8, 0x5be, 0x4e, 0x101, 0x9, 0x6, 0xc0, 0x5, 0x1ff]}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000000380)={{r1}, r2, 0x16, @inherit={0x68, &(0x7f0000000180)={0x1, 0x4, 0x0, 0x2, {0x0, 0xfffffffffffffff9, 0x1, 0x7, 0x7ff}, [0x7fffffff, 0x7, 0x7ff, 0x5]}}, @name="cfaa0a445d3123e81b321c03ad7c8b2a7ddefdc2b627b648756d1c6c83addfc97123adb12a7a0461fd651833fdf6e7c90d7157f83b28a5cfed57d134ef63a8ed309b75810fbe246947af962bf25f560aa774cb9f4274aec6a52bb7ba2f8b1864b5b9bf9b7e2f9d2f2249770d950f326e3a718f4cf3e5d66f8d7ca849f2a109d44c01fe6ceb4422cbfa80195a1955dbe56d553551edcda04ef07f05bcb2c4c3aa8f2c6edd998d3ab9683e9ede32379a51788259123d04423f96b21126e6f864520ba7a837fce5def5ae4ea133d067891753313859a5126af739f223c7e7a9a0746eafa369de82576873f0e8954b3b6fe28906be91dc5374648b49c851515029bdc6ba928967354b8ddbf6bdbe2e4fd9cbe1e4f18cc96b14f162c6efdcc520c36bbc4365e06ea7f2b2b21a0bfcd3196b4f67fde1dc6c3d75453a84ebfc8b051a8d27171c85e41915bf6409f75ac2da8c12df3389a9423b07b307717d1277701885b1dfba5560b7cd7b61ccc5aac169ba674706c2c57a9bb10701d20dce72a6325fa1adba0d7a3cb47a4a9212f4e70af8b833a79d38e1677b854d331e9cc560439a3ed359cefee0be8d742f3e6ed3eeec858891dc2316038aead8e1be2b8a4dd0c3875acadb5311a7c9b9abcd34334264b1517a6edd34807f316da1f84b094d1ce9f27e3e88860b084f4c506a92aab07941935405b8a6cfa5b6cebee51126f0d91e46b3729358367e631a8f398ff422c9e690d42a42274694f9b0c91a1be48de6de9d8ed20165f880c591ca27ee9037c9eb0ac8c4f2711010ea8bb386a148dd74a1c1ee2b74c41f4ef82b95e8e4430c9a0bdc4a75035d3979c4084a98084fa53a5cbdea77e7db652323e523742b8f039a9563afa1707c17ff43e87e384957a0322c8af4b7ec3f7efdae6c1a050bc55a6f3fd0f8a5f6351f0ca1d11cc7025790f72854a828acf606d1c335e45f10fc1b6aea0e0a729c42aca663b82ce96efaeb53a23e482c5a53b332ad344fee533abcbb0b3516a6bec02a80354561f4c0d53d16b1b350e65921564c7ab286fc12a1e432893f28cf2c55275af8cf510c1c566e5a086e01329f46e1890df46c9c1748c04152a0a0c5af979b7514162cb51f885874d48d390b2727053c434851fdeb836ea5390fd5e87713d0efb9b8b5920e9830ac389aae32a275c87884db7449d2ddb8c0fda8808008c73884d942f3e739356cca61c66fd3dd39a8c755bbc608c65828711b40ae764052ef5685e9d5ff3a4c526f57d9c99010186fcab25df47a0c62c3ef9a2a6cd12429b5c4373258169111dfe79757ed7d8a0f4adf70aac87689dce4a2d75bdd526ae7feb9d834b3f6d78014a01ccac95fd353102707307ed6abd8b5529aa8010da7f604bb347f411e61f96d1b5cb9ef2320fb74a4cbc75755dccacdf649585088c8c19ddc99add023c172e47f705c98f6ce0d14b5ce270dc0e00b43f4e3994a2449a2d1cb61efb29726641884c9ac6b7b18c03e642ebfe360e862ed09c64ffb1640a8a737a9e4419d06389f5797b84e5d6e831c1f3b0a22473cbe11723f8ca067d9711b7e4642c08570c3b6d706b11a14d83e459b9e687c83db5bfe525a35f1b1fb24cda2771ed6e2ed543f070eaa13b0dc38d3b5e85010c48f72153e791f9ebb0120295a5666e496c3e9d664b18855e0954378adefcd1b3d599dacebc4e1ccf1dac3890fe8ba42d1c62f16405fc1d3c42dcf0b229ffba9de86da1aaa03cc6b39dbeb5254108668c72e4b0ae1dd8f60ed4d26f3b2284f854de4bb68adec555fe55840071576e78e59ad6cc2f54af281fd7fcf9260117e0de11fdcddcf8d7bcf34397ab4776dfa117cbacb5ee6332cc6a478fdd57effb1dd05d2e31f24badf522a3b434173a98fb4a43526789ebc1636553796f421ea30e1533eeb6a2896c0887bb296dd14ef8d173f9eab1919e040bf3fadbafb2973b3ded8ce30050878a676c9ab73b45ab1ca1e9b0c34d0d3df934119d9006011ebc91bc1655bf97817e3928ac3ac288d6e9ee21f5dc01e4ed828514030ca99ad35caafb7737caad40c32095da8cdc752efe3b55472c5680db234b5aa2a838bdecbaec2092aeea032810e3714171c26910b74fbe42ad84a7284cd5d7c524ab505b20500742af13ba50b4960841702ea2be58066165ec4a3ff04d9d3e9f5a31f77c03e5e1835920f99502744ece57e896a95c475e461347dfa9957daa2884aa2bca8ecd1bc54701ef98f343a6e9a7cb809fe41d03fff40fe7cdda9027325afe70c3b01e5906e031cc2f70d9ffe16d5738ecfbb54a2c6236adb842fb75688c74bac3cfc4df74be19ffdb32b6508e17e855d18254b053de6b5ceb5e4228f8ae9d7e31a952b07fef93d9622dba981c180370af52c6621f904b391316641010ee0cc639791e61fde6e335ddb798f2ab24b49e0eff6501f7a2a53b0852746e19ced6966ba6b6790b07018c243a3e5b0cef82502fda191b05d69f6afdc94be144cead20fe11c398a564017c39122885f9c7ba40b6b969bc35e0156ed2e612af6c78fb0daf900bdbfb40aaf68e0d1caaeac7fb30732031024484cd36f5a24ec72bcf0a028663ea3fbbf7cde81c70591b68ddb9eb34210b4ff085f51fc88ef2287948e2fe058838eb4fb67edead23c8f5bb42cc55df3ca5a93fd30f866b5790a1ecda835840ddc9c747fa4f2f8565363f1d03c3fb9a64d7907c3aac8d2297acfdd05b7fd850ef62b1ee85d0b6fad080e5dd2cb5d8173ce39602d7798faad5830e118b6a2223ad780a40d632d4952b9e1f497ebf4bbf1afd184caf888149d9ab83ce5ad74bc93cece1e508033cc57fcf0f25550471b31d90773c48043f85684bcbfb02f0911cb1862f60b57e20d926e1f82c1757740adc43c964b748ef0ece362b92a3528dad61a4e0e3f08d5632037bed2c48fe1a0beae552f851c18619c957bf532375d7eb6f40c3a13e87e547d9238038ee282ac9d6123cdd409ee624e2481e30043e050b84285def144045d45e874398a7fb91461be99ed789f67f1c4a62584ffd3a4859c51e290250cca498efa65f09c5613cb4982c1fda8fd9f8c4f31f6ec3b72f8e7a5780ace77e1a3570664e86a59bec0fbc7de352a5ee7dae819b07b330dbad79882585fa863493990084c5647b68b4472dd8e7a47c7773fb178090f6abbe29830b83ea61c6669f53c3f02a39abb6a0a8de2ded30b05064ee8b0798b7bdb2d3362b15ce0056d021765d300057d40e839ff3d313a5bfbbee81373d46f2d628dd90fd293e41a057ed169697b0e1505731617d0263ac93993b95a8a66185abf2df59c0b253f05a09ede5b0582454aee583a5b2047a46aa409985ae93ba685ee61f164c9d6ec790eebcd8084d7831e5ea54e4be75306e4df483132be6fde3cc93a5ab3151e7e4df8280748c38f55d203b2dbd689ad762bdcf97b246d7a6c21e13d7f790aec7d8079877e6692e0e784c7da263af75977132dc9dd2b4728eb7cf9889e197e559331924cd1ac24a80c2f5fd318cb62dcec5cd95cb0ef09136b24f0ec10524f7902f9ebba6f9505dcfadfa6fa9c3f7e32466ac62e3c1fb60fdfa851b9f019830dfcbb681076fcf0bed75e4639aea630eabc0e7c05fdc5be04e21e34e20a73d6bed647bf28083acc54c807195649cabea318ae128d936f0421b8f3c37a30a9e59f448b496c5f11577b596eab0749267613990486e39635e0c141f679f7690573823eb0c186162ac908be67fa65a29e28056d37ee9cdcb964e790ad54877f2466366246edb5ab51697c41a3cbabda18616a4e046a1089a4dd3e85870a613192ca95e889135b4df8b7a67efb0463e91cda2db9528968e9cc8a13c4e8c7a72bde7d7d38695731262314bb6276fcb39dffd818430bd0f93d96534a2d0c030459b51d456d1268a3a63ee96f03087b03b759d41077abf78b47bfc7fcc836529fe141b78900be4b6a8543839f7a396612b4b7f8b8385aa343f88fad6cf1e5191ed130ff8f932058b6950512154b98a97955e80250059ebffeda8144dbbe83eab187020865bf7e1808cad272a7bc745ecd071287b9aa49919854108be2f6349bde69fa82571906069e496935e53f81deb2f7a737aede396faa9989fe393620f5d37574320c1f72b6c006453472fd95216a9e504ba0ff9bd9a61036b882d701d0c047e63ea170efa2486c8f27238973e044bc51da6f008c92acb537345d2b6c5cf5c7b2f3c7a6c73d57e86ea30e32228e16f21232836118b18964e493f3f72bb15666b31e57663b33d8410125a91c31bedfdae2639370490be4c814b85591e445fb7dc2455291f13275f1d9a0ae808f1078d9d99b2e9c2d872995cc6c6f1b73c2052b330d8be9caa674ef1d38b99c51b831e9340decec6c7d08a69f187d393c85b9cba461054af1582f94df5e3ebb657d86f006344ecf86ac542780e2524f0d2d4ee78a208375135a079545ce63413d6d49859ae53f65960c0463076e17047364e926cd650df69e6277e466dec7404f773f9e33174bbb3200492f0a67ed66c010511384ef8f2b490839b867b111f182091ae7befad7a5f6d2397d4c506919026a494a30d41820c213a8d77f3ff2c525d2fe94f0b760fe956419104d5634bc86a90d3b594894c94ecd5cdbce61d596c2d68b6fc81e6d5cd04bbd7c1f40aa302693f071a5784b1c84a459dd7fba365096482f1858efffa41b591c427bed649648373b575656d497f45fae4ca987cee618266005044b5097bac3e40b436866c59f5611e706797afe541023468f0f1c86b53f3d12a0b5d9b0417c9fee5bdb26750e045ec8a78f340d1af03298ab1f5c8cb61fe205df4358de1856539742b1c0485a5b3f7a842a7860bd4da209751cbab0adedbad1291e6babb59d3cf929419d4a2a01ff41a698d7c9d33aca1ca2b12361c48e17649b3d9ad9bde15d49434aa8468c6073146a1513deac941ca2b33290eaf8b562f082dfb2528f6cac32d5b87613bbf94773c7fcd7d3b4556a5f45bf53caddf1485e86fa4830a3f5de93945138d767831e72ad698e5cff19b74ca442c91d106b4f424b1478d8ae305a9011dde5a3ac8c0fe10b1f96c7e272428be58a1f86255e2a4e89dab8ec497dc393e09d7ffa976e8d13245cb18bca9205e531ec8598847f30f34a9aeac40a38d838fee5a100cbb1bcff58f246cae3b66e798e0a5cb68687de3763d62c62954485ff041b3bd04ebc4b15136b2d23858d4671d0fc4d12008b4473877116e5ddc5f34222f356f63566b85e332e685c04e4321b5767fd02c8b0f20575f5675d7628624bfef401318e1375a1841fb2ad33c577a218a68be5b4d5e60efaaa7aa9eab0f72411ca36034fe2dc2f5690d551b4075112109df8c68afa977a8a12b80ad3fe8575c6322613da2e05cd4d16269138ddad4545a642bbe0816bdd6c850f852f3896049d0d5ccc885ab5801664353aeb5707d9d004a20a75ab2100996c1d2b2cfb838fe11a46a630329a83971ea307baa55892f4b53341d123dd553191b881d7880f2426db1dac2b75f1d56c96b76e69631657f235353748fbc915ef5796612400f8ea66f3a1a4eec2de358e376e20c143912f87d30253f6aec150616302e7e76a988ad937c2ed6812734bec026f6bf5010c83513e790c36737958130cdfa9d9a4d38df77edd0b0726789a95aa03824da9c00e6a5b80b851701955e5ddfdcb04865db953d8eee540f3506b3873"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async, rerun: 32) bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 32) [ 616.492713][T14054] Mem-Info: [ 616.495951][T14054] active_anon:2656 inactive_anon:146025 isolated_anon:0 [ 616.495951][T14054] active_file:4128 inactive_file:7663 isolated_file:0 [ 616.495951][T14054] unevictable:768 dirty:55 writeback:0 [ 616.495951][T14054] slab_reclaimable:19293 slab_unreclaimable:96127 [ 616.495951][T14054] mapped:27886 shmem:4142 pagetables:789 bounce:0 [ 616.495951][T14054] kernel_misc_reclaimable:0 [ 616.495951][T14054] free:1325103 free_pcp:10665 free_cma:0 [ 616.567704][T14054] Node 0 active_anon:10616kB inactive_anon:585188kB active_file:16436kB inactive_file:30652kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111544kB dirty:216kB writeback:0kB shmem:14092kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 436224kB writeback_tmp:0kB kernel_stack:9780kB pagetables:3152kB all_unreclaimable? no [ 616.618156][T14054] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 616.658427][ T26] kauditd_printk_skb: 7 callbacks suppressed [ 616.658452][ T26] audit: type=1804 audit(1644684571.948:1493): pid=14111 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/595/bus" dev="sda1" ino=1173 res=1 errno=0 [ 616.696947][T14119] loop2: detected capacity change from 0 to 75 [ 616.713493][ T26] audit: type=1800 audit(1644684571.948:1494): pid=14111 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1173 res=0 errno=0 [ 616.720279][T14054] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 616.763703][T14054] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 616.773008][T14054] Node 0 DMA32 free:1325712kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10616kB inactive_anon:589360kB active_file:16436kB inactive_file:30652kB unevictable:1536kB writepending:216kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:42096kB local_pcp:20028kB free_cma:0kB [ 616.812821][T14054] lowmem_reserve[]: 0 0 0 0 0 [ 616.822737][T14054] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 616.860260][T14054] lowmem_reserve[]: 0 0 0 0 0 [ 616.865153][T14054] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 616.898473][T14054] lowmem_reserve[]: 0 0 0 0 0 [ 616.903508][T14054] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 616.923969][T14054] Node 0 DMA32: 86*4kB (UME) 1143*8kB (UME) 1948*16kB (UME) 608*32kB (UME) 311*64kB (UME) 185*128kB (UME) 67*256kB (UME) 39*512kB (UME) 23*1024kB (UME) 15*2048kB (UME) 276*4096kB (UM) = 1325584kB [ 616.947772][T14054] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 616.959358][T14054] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 616.977648][T14054] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 616.987260][T14054] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 616.997017][T14054] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 617.006610][T14054] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 617.016303][T14054] 15933 total pagecache pages [ 617.024238][T14054] 0 pages in swap cache [ 617.028490][T14054] Swap cache stats: add 0, delete 0, find 0/0 [ 617.034632][T14054] Free swap = 0kB [ 617.038355][T14054] Total swap = 0kB [ 617.042219][T14054] 2097051 pages RAM [ 617.046018][T14054] 0 pages HighMem/MovableOnly [ 617.050816][T14054] 384548 pages reserved [ 617.054973][T14054] 0 pages cma reserved [ 617.063827][ T3636] Bluetooth: hci6: sending frame failed (-49) [ 617.070718][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:49:32 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = dup2(r0, r0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x4) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) syz_io_uring_setup(0x7877, &(0x7f0000000280)={0x0, 0x57bc, 0x20, 0x2, 0x12, 0x0, r1}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000300)) syz_io_uring_submit(r4, 0x0, &(0x7f0000000340)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x64}, 0x33) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, &(0x7f0000000380)={0x40, 0x7f, 0xd800, 0x1f, 0x9757}) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r5, 0x0, 0x10000) ioctl$TCSETS(r2, 0x5402, &(0x7f00000000c0)={0x2c94, 0x47b5, 0x8, 0xffff, 0x4, "a6d1a3eaceefa73a0c9a2ec4c67a9e830bb74d"}) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000040)) 16:49:32 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x9) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:32 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x10) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:32 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) r2 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) socket$nl_generic(0x10, 0x3, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x17) r3 = syz_open_dev$hiddev(&(0x7f00000000c0), 0xb328, 0x181880) r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000180), 0x5731c2, 0x0) r5 = syz_mount_image$efs(&(0x7f00000001c0), &(0x7f0000000200)='./bus\x00', 0x8, 0x5, &(0x7f0000000600)=[{&(0x7f0000000280)="33084fef442fbeb5887f63311d72c7f30513640eac1160aae4e421da2db1c340ee73b4d1c5303dd293bafed9584d74267a030d6d28e103bdb11ee613362b3a688652ec08898d8ae545c2d7b74c207a596b7fa3be1ff8a561f2b012bcc17e04502e97d1d2abe5eeae315bf99ab38609bed2fa3f4253e0c0d0d47bdf8e1d66e3c1eddd7db2ab500365de", 0x89, 0x4b0f}, {&(0x7f0000000340)="3cbfe7a4b04d7f56931af5ef4d9569daa128f6bfc78e88ef75cc036b9221c033fe2f85dc0d93c8d5519349ee52774ba3738fac97ac448bc73537b24943eb0ab3b72041019f1b43ba8839864b0f22589e2e79c0eec8c015633735caa2d066ec9645442318a96a16517f0aa2010167b42c4f63a66f521069736aeee44a673c2151aee726e92459bfad1c4fc8a3102153db6a28fbfddc548b91cb60725c4ad754b0c2ef1287fafc9cba1d5cda1055ecc8b4ef5c1f19daef6aa38d", 0xb9, 0x4}, {&(0x7f0000000400)="307682d0a6b415cd873031b7d8b69653123d3dc0bda5afb1d20c883fa027062c1a2685377ea16f51f2065c653272a5b54bad91a4ad93a908852373f51067dc26709f69a42a5045a1b34cfaec3eed867256675a6168ef96b136a0b324ed39cea79779302d921d9ede4d449a37d5e124634a3206e5f280ee4594aeb0e6de9c5a200f468a43d25d21f286a6293075b16509875c8676959ae3d93aaadd751aacc233f82b0098f97ed98361d1a08004ed0c6cb4a6dfb1c0509ef5370fe5f9e0e3d9c7b22a869238ff99c82b3be65ff030dd0bebf4a8c3667d50b6d43287b1bf6b3b44707a94e525c587116c4668ed70c3489598caed6363", 0xf5}, {&(0x7f0000000500)="809424bad09e8bc6310208cf9d34c0c7f49dc81ce0e474a540852f3478ffa5a2f9aaddc9fb62be4e9e6ba18ad18bffbe4c808f9bbbfddf56c20a115c6e2b4b53d18cac76b222738e95625fb2901cbc4fae5d96b9c92efa2df48a6f121d58006c7546aa6d2a30756000c25a9fa86ef81eb7751cd09f7a425e1edcc378987801caa3f5a8db64a69e13c7b6c6fccdd4b21593a7cc79d8d3ba978da9b14d9f619e5515e6dc4a1e4547432b27e31a3a6c", 0xae, 0x6}, {&(0x7f00000005c0)="9cd52122bf608807c9f92ed50b1225ae3f6be42bbbbe", 0x16, 0x1}], 0x180008, &(0x7f0000000680)={[{'/dev/ptmx\x00'}, {'/dev/ppp\x00'}, {'+'}, {'/dev/ptmx\x00'}, {'$:&,:)+['}], [{@uid_gt={'uid>', 0xffffffffffffffff}}, {@obj_user}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/ptmx\x00'}}]}) ppoll(&(0x7f0000000700)=[{r1, 0x1000}, {r3, 0x100}, {r0, 0x10}, {r2, 0x90}, {r4, 0x2018}, {r5, 0x2000}], 0x6, &(0x7f0000000740)={0x0, 0x3938700}, &(0x7f0000000780)={[0x80000001]}, 0x8) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x17) (async) syz_open_dev$hiddev(&(0x7f00000000c0), 0xb328, 0x181880) (async) openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000180), 0x5731c2, 0x0) (async) syz_mount_image$efs(&(0x7f00000001c0), &(0x7f0000000200)='./bus\x00', 0x8, 0x5, &(0x7f0000000600)=[{&(0x7f0000000280)="33084fef442fbeb5887f63311d72c7f30513640eac1160aae4e421da2db1c340ee73b4d1c5303dd293bafed9584d74267a030d6d28e103bdb11ee613362b3a688652ec08898d8ae545c2d7b74c207a596b7fa3be1ff8a561f2b012bcc17e04502e97d1d2abe5eeae315bf99ab38609bed2fa3f4253e0c0d0d47bdf8e1d66e3c1eddd7db2ab500365de", 0x89, 0x4b0f}, {&(0x7f0000000340)="3cbfe7a4b04d7f56931af5ef4d9569daa128f6bfc78e88ef75cc036b9221c033fe2f85dc0d93c8d5519349ee52774ba3738fac97ac448bc73537b24943eb0ab3b72041019f1b43ba8839864b0f22589e2e79c0eec8c015633735caa2d066ec9645442318a96a16517f0aa2010167b42c4f63a66f521069736aeee44a673c2151aee726e92459bfad1c4fc8a3102153db6a28fbfddc548b91cb60725c4ad754b0c2ef1287fafc9cba1d5cda1055ecc8b4ef5c1f19daef6aa38d", 0xb9, 0x4}, {&(0x7f0000000400)="307682d0a6b415cd873031b7d8b69653123d3dc0bda5afb1d20c883fa027062c1a2685377ea16f51f2065c653272a5b54bad91a4ad93a908852373f51067dc26709f69a42a5045a1b34cfaec3eed867256675a6168ef96b136a0b324ed39cea79779302d921d9ede4d449a37d5e124634a3206e5f280ee4594aeb0e6de9c5a200f468a43d25d21f286a6293075b16509875c8676959ae3d93aaadd751aacc233f82b0098f97ed98361d1a08004ed0c6cb4a6dfb1c0509ef5370fe5f9e0e3d9c7b22a869238ff99c82b3be65ff030dd0bebf4a8c3667d50b6d43287b1bf6b3b44707a94e525c587116c4668ed70c3489598caed6363", 0xf5}, {&(0x7f0000000500)="809424bad09e8bc6310208cf9d34c0c7f49dc81ce0e474a540852f3478ffa5a2f9aaddc9fb62be4e9e6ba18ad18bffbe4c808f9bbbfddf56c20a115c6e2b4b53d18cac76b222738e95625fb2901cbc4fae5d96b9c92efa2df48a6f121d58006c7546aa6d2a30756000c25a9fa86ef81eb7751cd09f7a425e1edcc378987801caa3f5a8db64a69e13c7b6c6fccdd4b21593a7cc79d8d3ba978da9b14d9f619e5515e6dc4a1e4547432b27e31a3a6c", 0xae, 0x6}, {&(0x7f00000005c0)="9cd52122bf608807c9f92ed50b1225ae3f6be42bbbbe", 0x16, 0x1}], 0x180008, &(0x7f0000000680)={[{'/dev/ptmx\x00'}, {'/dev/ppp\x00'}, {'+'}, {'/dev/ptmx\x00'}, {'$:&,:)+['}], [{@uid_gt={'uid>', 0xffffffffffffffff}}, {@obj_user}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/ptmx\x00'}}]}) (async) ppoll(&(0x7f0000000700)=[{r1, 0x1000}, {r3, 0x100}, {r0, 0x10}, {r2, 0x90}, {r4, 0x2018}, {r5, 0x2000}], 0x6, &(0x7f0000000740)={0x0, 0x3938700}, &(0x7f0000000780)={[0x80000001]}, 0x8) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) [ 617.168290][ T3644] Bluetooth: hci9: sending frame failed (-49) [ 617.175532][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 617.210411][ T3644] Bluetooth: hci9: sending frame failed (-49) [ 617.219143][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 617.238049][T14129] loop2: detected capacity change from 0 to 75 [ 617.273794][ T26] audit: type=1804 audit(1644684572.608:1495): pid=14131 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/627/bus" dev="sda1" ino=1183 res=1 errno=0 16:49:32 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x10) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 617.318705][ T26] audit: type=1800 audit(1644684572.608:1496): pid=14131 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1183 res=0 errno=0 16:49:32 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) r2 = creat(0x0, 0x0) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 64) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) socket$nl_generic(0x10, 0x3, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x17) (async, rerun: 64) r3 = syz_open_dev$hiddev(&(0x7f00000000c0), 0xb328, 0x181880) (async) r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000180), 0x5731c2, 0x0) (async) r5 = syz_mount_image$efs(&(0x7f00000001c0), &(0x7f0000000200)='./bus\x00', 0x8, 0x5, &(0x7f0000000600)=[{&(0x7f0000000280)="33084fef442fbeb5887f63311d72c7f30513640eac1160aae4e421da2db1c340ee73b4d1c5303dd293bafed9584d74267a030d6d28e103bdb11ee613362b3a688652ec08898d8ae545c2d7b74c207a596b7fa3be1ff8a561f2b012bcc17e04502e97d1d2abe5eeae315bf99ab38609bed2fa3f4253e0c0d0d47bdf8e1d66e3c1eddd7db2ab500365de", 0x89, 0x4b0f}, {&(0x7f0000000340)="3cbfe7a4b04d7f56931af5ef4d9569daa128f6bfc78e88ef75cc036b9221c033fe2f85dc0d93c8d5519349ee52774ba3738fac97ac448bc73537b24943eb0ab3b72041019f1b43ba8839864b0f22589e2e79c0eec8c015633735caa2d066ec9645442318a96a16517f0aa2010167b42c4f63a66f521069736aeee44a673c2151aee726e92459bfad1c4fc8a3102153db6a28fbfddc548b91cb60725c4ad754b0c2ef1287fafc9cba1d5cda1055ecc8b4ef5c1f19daef6aa38d", 0xb9, 0x4}, {&(0x7f0000000400)="307682d0a6b415cd873031b7d8b69653123d3dc0bda5afb1d20c883fa027062c1a2685377ea16f51f2065c653272a5b54bad91a4ad93a908852373f51067dc26709f69a42a5045a1b34cfaec3eed867256675a6168ef96b136a0b324ed39cea79779302d921d9ede4d449a37d5e124634a3206e5f280ee4594aeb0e6de9c5a200f468a43d25d21f286a6293075b16509875c8676959ae3d93aaadd751aacc233f82b0098f97ed98361d1a08004ed0c6cb4a6dfb1c0509ef5370fe5f9e0e3d9c7b22a869238ff99c82b3be65ff030dd0bebf4a8c3667d50b6d43287b1bf6b3b44707a94e525c587116c4668ed70c3489598caed6363", 0xf5}, {&(0x7f0000000500)="809424bad09e8bc6310208cf9d34c0c7f49dc81ce0e474a540852f3478ffa5a2f9aaddc9fb62be4e9e6ba18ad18bffbe4c808f9bbbfddf56c20a115c6e2b4b53d18cac76b222738e95625fb2901cbc4fae5d96b9c92efa2df48a6f121d58006c7546aa6d2a30756000c25a9fa86ef81eb7751cd09f7a425e1edcc378987801caa3f5a8db64a69e13c7b6c6fccdd4b21593a7cc79d8d3ba978da9b14d9f619e5515e6dc4a1e4547432b27e31a3a6c", 0xae, 0x6}, {&(0x7f00000005c0)="9cd52122bf608807c9f92ed50b1225ae3f6be42bbbbe", 0x16, 0x1}], 0x180008, &(0x7f0000000680)={[{'/dev/ptmx\x00'}, {'/dev/ppp\x00'}, {'+'}, {'/dev/ptmx\x00'}, {'$:&,:)+['}], [{@uid_gt={'uid>', 0xffffffffffffffff}}, {@obj_user}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/ptmx\x00'}}]}) ppoll(&(0x7f0000000700)=[{r1, 0x1000}, {r3, 0x100}, {r0, 0x10}, {r2, 0x90}, {r4, 0x2018}, {r5, 0x2000}], 0x6, &(0x7f0000000740)={0x0, 0x3938700}, &(0x7f0000000780)={[0x80000001]}, 0x8) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 617.464671][ T3640] Bluetooth: hci10: sending frame failed (-49) [ 617.471658][ T3644] Bluetooth: hci10: Opcode 0x1003 failed: -49 [ 617.485614][T14157] loop2: detected capacity change from 0 to 75 16:49:32 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffea7) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:49:33 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = dup2(r0, r0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x4) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) syz_io_uring_setup(0x7877, &(0x7f0000000280)={0x0, 0x57bc, 0x20, 0x2, 0x12, 0x0, r1}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000300)) syz_io_uring_submit(r4, 0x0, &(0x7f0000000340)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x64}, 0x33) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, &(0x7f0000000380)={0x40, 0x7f, 0xd800, 0x1f, 0x9757}) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r5, 0x0, 0x10000) ioctl$TCSETS(r2, 0x5402, &(0x7f00000000c0)={0x2c94, 0x47b5, 0x8, 0xffff, 0x4, "a6d1a3eaceefa73a0c9a2ec4c67a9e830bb74d"}) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000040)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) dup2(r0, r0) (async) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x4) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) syz_io_uring_setup(0x7877, &(0x7f0000000280)={0x0, 0x57bc, 0x20, 0x2, 0x12, 0x0, r1}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000300)) (async) syz_io_uring_submit(r4, 0x0, &(0x7f0000000340)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x64}, 0x33) (async) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) (async) ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, &(0x7f0000000380)={0x40, 0x7f, 0xd800, 0x1f, 0x9757}) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r3, r5, 0x0, 0x10000) (async) ioctl$TCSETS(r2, 0x5402, &(0x7f00000000c0)={0x2c94, 0x47b5, 0x8, 0xffff, 0x4, "a6d1a3eaceefa73a0c9a2ec4c67a9e830bb74d"}) (async) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000040)) (async) [ 617.631445][ T3640] Bluetooth: hci10: sending frame failed (-49) [ 617.639067][ T3644] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:49:33 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffea7) (async, rerun: 64) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (rerun: 64) [ 617.694632][ T3640] Bluetooth: hci10: sending frame failed (-49) [ 617.702356][ T3644] Bluetooth: hci10: Opcode 0x1003 failed: -49 [ 617.751390][ T3644] Bluetooth: hci10: sending frame failed (-49) [ 617.759910][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -49 [ 617.771245][ T26] audit: type=1804 audit(1644684573.108:1497): pid=14161 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/628/bus" dev="sda1" ino=1182 res=1 errno=0 [ 617.805036][ T26] audit: type=1800 audit(1644684573.128:1498): pid=14161 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:49:33 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffea7) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 617.864763][ T26] audit: type=1804 audit(1644684573.198:1499): pid=14167 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/628/bus" dev="sda1" ino=1182 res=1 errno=0 [ 617.890420][ T26] audit: type=1800 audit(1644684573.198:1500): pid=14167 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:49:34 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0xa) (async, rerun: 32) r1 = creat(0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x802) (async) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x6) (async) ftruncate(r1, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x122, 0x3, 0x6, 0xf921, 0xa}) (async) sendfile(r0, r3, &(0x7f0000000140)=0x2, 0x2) (async, rerun: 32) sendfile(r1, 0xffffffffffffffff, 0x0, 0x10000) (async, rerun: 32) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$FS_IOC_GETFLAGS(r4, 0x80086601, &(0x7f0000000000)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TCSETAF(r3, 0x5408, &(0x7f00000000c0)={0x4, 0x9, 0x4, 0x7, 0x13, "703c42d3e0adabb5"}) 16:49:34 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = dup2(r0, r0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x4) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (async, rerun: 64) syz_io_uring_setup(0x7877, &(0x7f0000000280)={0x0, 0x57bc, 0x20, 0x2, 0x12, 0x0, r1}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000300)) (rerun: 64) syz_io_uring_submit(r4, 0x0, &(0x7f0000000340)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x64}, 0x33) (async) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, &(0x7f0000000380)={0x40, 0x7f, 0xd800, 0x1f, 0x9757}) (async) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r5, 0x0, 0x10000) (async) ioctl$TCSETS(r2, 0x5402, &(0x7f00000000c0)={0x2c94, 0x47b5, 0x8, 0xffff, 0x4, "a6d1a3eaceefa73a0c9a2ec4c67a9e830bb74d"}) (async) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000040)) 16:49:34 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) r2 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x401a) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TCFLSH(r2, 0x540b, 0x1) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 618.770034][ T3643] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 618.770132][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 618.782021][ T3674] Bluetooth: hci7: command 0x1003 tx timeout [ 618.850209][ T3643] Bluetooth: hci7: sending frame failed (-49) [ 618.858194][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 618.888476][ T26] audit: type=1804 audit(1644684574.218:1501): pid=14194 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/596/bus" dev="sda1" ino=1177 res=1 errno=0 [ 618.921216][ T26] audit: type=1800 audit(1644684574.258:1502): pid=14194 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1177 res=0 errno=0 16:49:34 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x9) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:34 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000180)='./file0\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x17) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fsi_master_aspeed_opb_error\x00', r4}, 0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:34 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = socket$phonet(0x23, 0x2, 0x1) ioctl$EXT4_IOC_CHECKPOINT(r2, 0x4004662b, &(0x7f0000000040)=0x4) r3 = creat(0x0, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000200)=0x1f) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x4000000000801) r5 = signalfd(r2, &(0x7f00000000c0)={[0x7]}, 0x8) ioctl$TCSETAW(r5, 0x5407, &(0x7f0000000180)={0x8, 0x2, 0x9, 0xc91a, 0x1b, "473aeead0f58ceee"}) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x51f, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) writev(r3, &(0x7f0000001280)=[{&(0x7f0000000280)="ec6444c7c851b0b0297891be0a9e7b6b779e3df91e0fcfbc86d63371a917651c4a9489efea75b3f2516aa44c315eddcac72eba53c93c38378aee370387b44a3ac2b71251825753050ec40e87219dfda8b34a38ce2bd368cbcad6e04ffa067205c9602c90ac81890bc3c7d946baf2f54154263324889c37426b3a7dadb5770184f245e4b299117e1e34ec1d66d3b816e0728e436c04675012ae81399a81afc783a4604b419c6d634e344ece115949d103cbb429cf283fbcb3d6aececb8c38862e432b385de97c69f44c6edbab20318b77e73590e8dfb9d66c86bcd3f67e53ae4e0e10e95d65300be567ecd57872d16c35384da0cff234496c638277f907781955677d51831bedf56549327e9e5b9504e3624e419009fbc145f9021a51328dcd656cab5c1c11455d1584b6a4185f10fe98709a94839526dd42aaf21086f21f56dd81bb2cd7f4ecd323e6fb206ad8f578f9e9cb8819923c2dbd0964af00f4ecbb4ae9a0592bcc29d9eed1870ab7f33cf44b400fd9056361c706039ef76947b9928319cfc8a2f2f7e65ed131ba03ad35f7ad4e114ad1ec76a6eacc44f9554129171ea4eb72b8309044373fb648f1a0b9d6972f4199c733b2c1461fd041a5356770a746182576f37bcb1c0678707c5f20ead80bb842d2cd5f45180c8dc8ee665973b159210a5c5725e90fe32dbd8f1a4785a74b9b565c68b2393e3a345bfe9399e5095f5aec9592815ae8aa2a08a6efb62891d2a3abdcc648e376e078f9edfff9d2aa3dbf7991a73c280f013a7435c6e7354c7c7fa3cf95fb1f3f2ab8132e857f4193b49c0db793b515a9f0a5e985caf3e85b619b469adf90a2b1197ef912f0c5fd655d2e93516a43ec56369b23ba9f705733e92799783a9be55fc505f8b4cf58593edfcaffc37a16541970a8eb28c7258459b1d42392df2b2e714d093442b8f76fb9656063cc283f7bb5afdacb1af33ed2cb69ddb99d8c995c0e0e1f0542f813be9ff85cd14649bcbe840df916fc982ba9c5cd7a3cae132bbe3657842526f361a5dd1def6bdce44c7e7a0429f39ba67d3ae63f9d8d0fc4a73798911dc73e3ee2ca2a0797ddf2c9cb006e8c0945b547659cb0be892914d54f35319778f695df75e46cbd0a019458303c2fe5bc23191e8b70b9e0cea7584b7ea8aeccd430f2897435435d66dd08ffa0e0872c00318600f2b579e0556c00ecdd21782c679ef1fee44850d9b31e6288d4f6ebe3981c55a8f5a860b39ebe9c4c2c88e65950ec56476cd5c3df4544abbd98b16a16691e57c5cdf0c9d9744d94ea5859fe0b802edd481e020515deac177eb24f156c6d730c3730f15985ed7af60955fd85195edbbf07af89bc6bc20886c665882d9619d7f87fec5effafd16134a810c2c12305625eb62aafc295961d2fa5fa898f671288d35beb0ff3ee67c057528a374abefd7f35c5bd9cded1b156bea008df764ed90f68f81579fa6ba05e10a48a11203fceaf7b1db80ce3c8e4ff1d90a06b3ba908f456b5c94def24ffdccef49e4848bcaeaa8a73913ccadbeb2aff7d348d8cdc89644b390e1b81dfb3c245bb39de1bbb88fec41fe5fb15d4cceafe8247c5cba3350e8ea726761af4848fe5aa6b4bd663dc851c4f7aa0e51f2d3066d9753b8a20cd86b23d7cb952438215d9a6dcd7dc232998a3d70760a566e72ce149ff0249a3f505f9d0317964a05c788ba820646893667f64d135964f87183ee439f6ac33203c187a2f5ee272e3053b4221acc54d338fcda750d82a3ec9ae95db4bfc2a33690e2e2a833a846197b829fc5ad46bd6989c5440cacaa574545234e997cd3fe62489187374988805bb8b4fe257fc17ed96541c077bb6b472563de6a7cd620e1f1956ca47a6c67ed95e059213484ed6c2c0cf2ee8b85aa66bdf8fdbc01a72184d72b0495007ad787c6768faefa6b5cc1faaa4c8a32d04392318bca58b10bca86b25003e4629bc95ba9efee1bf4db7785d4499caed038c923324f519e815e69b319287f6a4a8bf3480b3c7857ce48123085f51c00f2773bf16b8208a1579876304dc54af98958c8141fad2e719be6b782eb142e604de19815317bfbe00609e0c4700b0bc275a7a9549ee46b58b11c2dc05840c9260e60522c1b827b0f8dad317dbb751e7937441a204b317428034a4fa36b398ec7648863f9a3f43d0a8afaae9d8440ca98b71bc242b62ce483d3f9452594400491f22fd54f4c8c3111548e02aae066e4c9bf3dab56344b8728fb88f2332247cb48072568914707b34380dd1dd3ed448a289d3c74e95d29fe62d4b51bcd74bf1e50f0ea48b492ebd279bf7862b1bf8b90cc0b8a7fea4c376cc4a1622dce739d47c5bff359f5d9e9e1b7160b8f3226538ef7fb6517cb63301c30d875e2f58df3d116936e58a0f6bdec603b1720e0091c39cf91e43f49ec97b66464e58a31e8dda19cf7e91a1550de5d1696184371b63c0d08e2a543376d8a7a5696cab756f2486cd0ba2fa60b5761fac8e004c4cfdd20abfd0dca0586644cd0057d4b2af3a0550f4be9ad5e609ebe0f88c7f36ee9e2bb992bda7c2ebe0f7b8cf78c813127d3ec4717ac1070bab44a1b38233ebc773965d7a797e056f37f9030633c20d2d5d3ed4159d741e187f12da94be8be2c38d4053a738bbf7b720cd99788f0c78a876db28896c54793ba3e707897dfb8b38e16063645ea796aa47d47da07f980f73c26f14c087766d1a55e1aa1e9aac2541f53d041c22227d0ffd6331b163c0367bb3f19421a7da5cbd5b450ec2de7f9faba109298d1916ae61f17866cd6cb87e91b8a45967cafe57660c5b6f067602f7c4c81fcb21428b134c3f53eea41f20dae17bb42eadd41abd88586bf190bb4f07dd07f61a2a76cbd67b147cfc9b91102455ab4e931ae7439cb61087cfe27ade38b78b8fb5e88a4b1c16e1dcd2fab6f8f864a0e112bd70d6291603a0b6b82f17d45b132efbecccf55651faf2f92cc44410f04b8029bd617fa0c7275faafce106d9e9e5ae25688adf1722cc96555ac863861976262dc9f0bffb91f7649d412739f650ec8384b4fb2978a49d722f45c8114ee47de1aa838757fc8b720be693e85fc2bd7a30bcb0b3612cd15e0d543ad62ad0576672f2858f78ab9280799869be359e7550fc931df56f28f190fb2c3c0d303c76f692ef399bbda2f790af9f02c5f3e4998971b11a1f72fdfc2a8328b91c98dedefe9d9b2720782b71eadd6e6005d813fc47b4a4ae64269673bb592fff17197f5fbd450884615b55e6e7f342ff4c031e24e66feb8c382a383b808bed1531d382574466a884661ced7124c6ad3c5b3b2f13c860b1a0e8c50a9feeaa451f24db8c448099fc078ec6550bc8199e882d11910dc3563ff99a01d7060bf56001d193b514ef35a3e4035fc6200dad8ee1dafe51254430b8eb71b3aadb88af33160a3b4c748fb1f4ff75023524e83f25b179b4d9c17bda5c24018cc7338576111955f68d20fb4f465924d17aace338a212c5b9ed5e97b9192b408630cc5f19f1287636dd1450798500726eaacbd99784aa3899681ed75af749e03268e9cc0d4f1e9ad466a7089e3139918c8c52ded5a1c26641dad41c02babe4a9e8828d41b8ed2203c53c7eddcd64c88c0e3f1b9ca1c0d7fb7c42069e6d2229a0fbd475e4dc0afb8ca95d7c940d6b68b90914596f092631728974b761087eb0f7a682cc5126bcc5d361dabc8f70e86baa54d620be03b006f2cb9943b9bc472d365416a88c4b4309851663c5c5670273c36b8e88edad8dae0094b41a4a41e2e2f1f76a7fce0a745d9d263f20656ee28c19bc9ad7c3e67632edf975fa38b9dc0f4cc542f16e26beaf689a42541a498bda3a253ef932f72f21f2fdf72ce21b7d0393bf3474238926a754cd26384c58309ea3b182731fd5b18626d87ca98d42d8129eb12483d08dc4cbc867de5ff82dd7ea0dcbedaf4b2a0377e5c92e1d8c44ee49abe5eea60320f78ec369840470e884937f53008a16c844d07bfb1a3c381facbbbb0b273ece607293dbb2ebbb2581f6edf3d074df6fe4f86a29d641f497b5af628888dbcc8beaaaffcf50795e81238a7643aeb520a347370a4713265606da572ac511808bb3bdf531aee8c76d9431f25ce294c295dcac40134b7764dac48e3a951757239747bef09ae626090a74c28854a1d909a6eaa1d038009e52c53b8f7d6eecc3bb858c15e8c3eba2417f99f922c874ad81c48b56a99fb8797687b819d33bf7ba95ee4f3304486d544cfa77205ba30ff5c01f4d01a6c69c77117943cb0f4bd9417a0d664136654aee1177b8dd3a3845f0ffb8763ba55019548f8c05ba6df0b6710435106ccf62d0b7c8e301e1e72b6156a41230244d531d99430fa603ac8cf67c28f229394fb84e4d4011c49816c39667c8b0b71903fc2a6da0615aaa100a14726d45b451de95b09446dbd7ab4ec83b5db6b916a8010f1d6ca2397a3d18245ec63c06e990694acf838204136ba2d339043d2d3d7485f0bde0ef55dac65ba358b70aa761e797dcbc98f408d82fe6e39e3ba082a06df063245add7a02e3838ffb24a56add9777a399eb5ae23613eb17b3b2e479993c2cdb8f74e5fb3bd116691c9b460e1fde502ea62c4f4bfeca8da6a78633739bcce104dd216e873c6a035d9a6a659e29b16f43ecdb9776e82657290864193df3ec84146eb0d84a2194ec86fd88e26ddf34db1dfa5bb899c59194a815f56a472c4f8eb260d7e4bafe7ef58aea95cac79b56dba21043d19f67d6a2404e78ff38c7eabf6680baf6cd64acaab574cafba94e8bd4cc5408bd988f32941dd5f221b87fc7d9b46edea1c320c5f4faae1a03b9da1e26c478a17113220ec087875f4052df3e60d535e9bfca13b0175dee50430b8da01861a399ac14d7d1a45f73dd967a9c6a41b1a30e8d8bce87826f6c69f83c7d4b6dbfc3ada96ead8d69c73eb05548a204a1cec6c03151bc8d3eb039444e98279e7dcbb446e28a3d3e3e08fdef2112aa6fe1aba61af703ca295fa4fdcb1d7b228c67c73ae62bd359c4beb526a411503ff9e97fd24f90c2f6558533ecb3f99553eca07fc6a0306243445d51248f5d7db478c4838770e370b3a8cd9c52abe3b97a3087fc06adc26beb4a11f570aab507d9322d681931bd155a77227b81b886658a0e400a549222af9aaed4e0a6747361d4f3dbfe20d394c352fd234a9eda2742153f2aaa6c37c1a3a507f16651422c33ee2761446dcbb11726ce8bc703a051698c2ee6af22760b84623a83bdc5a710fa14819c42df53faf6bee7dbc8d1e1235acc6b000245f9da65370d4fbdbd13230ee48e4a7b2c75e7239bb5b1c88d7ab73ee90b4f614258c444bd5f6067c466717c1cbd8f2bbc939cbd4098d196b0089692fa424cae349a23cf33a11cedd0ae5dcde912ff9c2208602ec6ed44a9e9cc0eeee7b7ad735b2d21d6d6e17d48f6c12d82d170b82ff4bc9b6c4359ad79fc7a8d7d4c14a77abfc6bcd23b414f6512961f7f866b45651d75250ec5eea7bc6fe648dec938761a43a0a8954bb1a02aefaae68a420e22aebb3cec44347725d27998d252a6a001d649d97d6a54f7a5494009115381a3f18b8240f2b022aa92dc0c1c09c79ab9c981883f5b18fdd91eca4002d919544b85676a193360211ce00878b1505f75f94df05b8cec8a395305a1bb03999312961f7ee0e7bcfb2b3c07edd7c0dd0d1d1b52c31cad8919226c4d3927ddcd866d59e0854b0212e804d4bd4ec80761ff1c351f32c558b8648ef4f855645673230d4bf3ffacb215e256c6108957c8dacb0946d2b339cb670dbc30a4835a3f14b0f", 0x1000}], 0x1) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 619.171990][ T3675] Bluetooth: hci6: command 0x1003 tx timeout [ 619.179840][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 619.252536][ T3643] Bluetooth: hci6: sending frame failed (-49) [ 619.260380][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 619.276769][ T3643] Bluetooth: hci7: sending frame failed (-49) [ 619.283742][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 619.409986][ T3671] Bluetooth: hci9: command 0x1003 tx timeout [ 619.416220][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -110 16:49:34 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x10) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:34 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x9) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 64) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:34 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000040)={r1}, 0x8) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x3) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x800, 0x5, 0x0, 0x0, "00f0bf1aacce1f0c6b978e4b6000"}) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000280)=""/152) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:34 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 32) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async, rerun: 64) r2 = socket$phonet(0x23, 0x2, 0x1) (rerun: 64) ioctl$EXT4_IOC_CHECKPOINT(r2, 0x4004662b, &(0x7f0000000040)=0x4) (async) r3 = creat(0x0, 0x0) (async) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000200)=0x1f) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(0xffffffffffffffff, 0x4000000000801) (async) r5 = signalfd(r2, &(0x7f00000000c0)={[0x7]}, 0x8) ioctl$TCSETAW(r5, 0x5407, &(0x7f0000000180)={0x8, 0x2, 0x9, 0xc91a, 0x1b, "473aeead0f58ceee"}) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x51f, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) (async, rerun: 64) writev(r3, &(0x7f0000001280)=[{&(0x7f0000000280)="ec6444c7c851b0b0297891be0a9e7b6b779e3df91e0fcfbc86d63371a917651c4a9489efea75b3f2516aa44c315eddcac72eba53c93c38378aee370387b44a3ac2b71251825753050ec40e87219dfda8b34a38ce2bd368cbcad6e04ffa067205c9602c90ac81890bc3c7d946baf2f54154263324889c37426b3a7dadb5770184f245e4b299117e1e34ec1d66d3b816e0728e436c04675012ae81399a81afc783a4604b419c6d634e344ece115949d103cbb429cf283fbcb3d6aececb8c38862e432b385de97c69f44c6edbab20318b77e73590e8dfb9d66c86bcd3f67e53ae4e0e10e95d65300be567ecd57872d16c35384da0cff234496c638277f907781955677d51831bedf56549327e9e5b9504e3624e419009fbc145f9021a51328dcd656cab5c1c11455d1584b6a4185f10fe98709a94839526dd42aaf21086f21f56dd81bb2cd7f4ecd323e6fb206ad8f578f9e9cb8819923c2dbd0964af00f4ecbb4ae9a0592bcc29d9eed1870ab7f33cf44b400fd9056361c706039ef76947b9928319cfc8a2f2f7e65ed131ba03ad35f7ad4e114ad1ec76a6eacc44f9554129171ea4eb72b8309044373fb648f1a0b9d6972f4199c733b2c1461fd041a5356770a746182576f37bcb1c0678707c5f20ead80bb842d2cd5f45180c8dc8ee665973b159210a5c5725e90fe32dbd8f1a4785a74b9b565c68b2393e3a345bfe9399e5095f5aec9592815ae8aa2a08a6efb62891d2a3abdcc648e376e078f9edfff9d2aa3dbf7991a73c280f013a7435c6e7354c7c7fa3cf95fb1f3f2ab8132e857f4193b49c0db793b515a9f0a5e985caf3e85b619b469adf90a2b1197ef912f0c5fd655d2e93516a43ec56369b23ba9f705733e92799783a9be55fc505f8b4cf58593edfcaffc37a16541970a8eb28c7258459b1d42392df2b2e714d093442b8f76fb9656063cc283f7bb5afdacb1af33ed2cb69ddb99d8c995c0e0e1f0542f813be9ff85cd14649bcbe840df916fc982ba9c5cd7a3cae132bbe3657842526f361a5dd1def6bdce44c7e7a0429f39ba67d3ae63f9d8d0fc4a73798911dc73e3ee2ca2a0797ddf2c9cb006e8c0945b547659cb0be892914d54f35319778f695df75e46cbd0a019458303c2fe5bc23191e8b70b9e0cea7584b7ea8aeccd430f2897435435d66dd08ffa0e0872c00318600f2b579e0556c00ecdd21782c679ef1fee44850d9b31e6288d4f6ebe3981c55a8f5a860b39ebe9c4c2c88e65950ec56476cd5c3df4544abbd98b16a16691e57c5cdf0c9d9744d94ea5859fe0b802edd481e020515deac177eb24f156c6d730c3730f15985ed7af60955fd85195edbbf07af89bc6bc20886c665882d9619d7f87fec5effafd16134a810c2c12305625eb62aafc295961d2fa5fa898f671288d35beb0ff3ee67c057528a374abefd7f35c5bd9cded1b156bea008df764ed90f68f81579fa6ba05e10a48a11203fceaf7b1db80ce3c8e4ff1d90a06b3ba908f456b5c94def24ffdccef49e4848bcaeaa8a73913ccadbeb2aff7d348d8cdc89644b390e1b81dfb3c245bb39de1bbb88fec41fe5fb15d4cceafe8247c5cba3350e8ea726761af4848fe5aa6b4bd663dc851c4f7aa0e51f2d3066d9753b8a20cd86b23d7cb952438215d9a6dcd7dc232998a3d70760a566e72ce149ff0249a3f505f9d0317964a05c788ba820646893667f64d135964f87183ee439f6ac33203c187a2f5ee272e3053b4221acc54d338fcda750d82a3ec9ae95db4bfc2a33690e2e2a833a846197b829fc5ad46bd6989c5440cacaa574545234e997cd3fe62489187374988805bb8b4fe257fc17ed96541c077bb6b472563de6a7cd620e1f1956ca47a6c67ed95e059213484ed6c2c0cf2ee8b85aa66bdf8fdbc01a72184d72b0495007ad787c6768faefa6b5cc1faaa4c8a32d04392318bca58b10bca86b25003e4629bc95ba9efee1bf4db7785d4499caed038c923324f519e815e69b319287f6a4a8bf3480b3c7857ce48123085f51c00f2773bf16b8208a1579876304dc54af98958c8141fad2e719be6b782eb142e604de19815317bfbe00609e0c4700b0bc275a7a9549ee46b58b11c2dc05840c9260e60522c1b827b0f8dad317dbb751e7937441a204b317428034a4fa36b398ec7648863f9a3f43d0a8afaae9d8440ca98b71bc242b62ce483d3f9452594400491f22fd54f4c8c3111548e02aae066e4c9bf3dab56344b8728fb88f2332247cb48072568914707b34380dd1dd3ed448a289d3c74e95d29fe62d4b51bcd74bf1e50f0ea48b492ebd279bf7862b1bf8b90cc0b8a7fea4c376cc4a1622dce739d47c5bff359f5d9e9e1b7160b8f3226538ef7fb6517cb63301c30d875e2f58df3d116936e58a0f6bdec603b1720e0091c39cf91e43f49ec97b66464e58a31e8dda19cf7e91a1550de5d1696184371b63c0d08e2a543376d8a7a5696cab756f2486cd0ba2fa60b5761fac8e004c4cfdd20abfd0dca0586644cd0057d4b2af3a0550f4be9ad5e609ebe0f88c7f36ee9e2bb992bda7c2ebe0f7b8cf78c813127d3ec4717ac1070bab44a1b38233ebc773965d7a797e056f37f9030633c20d2d5d3ed4159d741e187f12da94be8be2c38d4053a738bbf7b720cd99788f0c78a876db28896c54793ba3e707897dfb8b38e16063645ea796aa47d47da07f980f73c26f14c087766d1a55e1aa1e9aac2541f53d041c22227d0ffd6331b163c0367bb3f19421a7da5cbd5b450ec2de7f9faba109298d1916ae61f17866cd6cb87e91b8a45967cafe57660c5b6f067602f7c4c81fcb21428b134c3f53eea41f20dae17bb42eadd41abd88586bf190bb4f07dd07f61a2a76cbd67b147cfc9b91102455ab4e931ae7439cb61087cfe27ade38b78b8fb5e88a4b1c16e1dcd2fab6f8f864a0e112bd70d6291603a0b6b82f17d45b132efbecccf55651faf2f92cc44410f04b8029bd617fa0c7275faafce106d9e9e5ae25688adf1722cc96555ac863861976262dc9f0bffb91f7649d412739f650ec8384b4fb2978a49d722f45c8114ee47de1aa838757fc8b720be693e85fc2bd7a30bcb0b3612cd15e0d543ad62ad0576672f2858f78ab9280799869be359e7550fc931df56f28f190fb2c3c0d303c76f692ef399bbda2f790af9f02c5f3e4998971b11a1f72fdfc2a8328b91c98dedefe9d9b2720782b71eadd6e6005d813fc47b4a4ae64269673bb592fff17197f5fbd450884615b55e6e7f342ff4c031e24e66feb8c382a383b808bed1531d382574466a884661ced7124c6ad3c5b3b2f13c860b1a0e8c50a9feeaa451f24db8c448099fc078ec6550bc8199e882d11910dc3563ff99a01d7060bf56001d193b514ef35a3e4035fc6200dad8ee1dafe51254430b8eb71b3aadb88af33160a3b4c748fb1f4ff75023524e83f25b179b4d9c17bda5c24018cc7338576111955f68d20fb4f465924d17aace338a212c5b9ed5e97b9192b408630cc5f19f1287636dd1450798500726eaacbd99784aa3899681ed75af749e03268e9cc0d4f1e9ad466a7089e3139918c8c52ded5a1c26641dad41c02babe4a9e8828d41b8ed2203c53c7eddcd64c88c0e3f1b9ca1c0d7fb7c42069e6d2229a0fbd475e4dc0afb8ca95d7c940d6b68b90914596f092631728974b761087eb0f7a682cc5126bcc5d361dabc8f70e86baa54d620be03b006f2cb9943b9bc472d365416a88c4b4309851663c5c5670273c36b8e88edad8dae0094b41a4a41e2e2f1f76a7fce0a745d9d263f20656ee28c19bc9ad7c3e67632edf975fa38b9dc0f4cc542f16e26beaf689a42541a498bda3a253ef932f72f21f2fdf72ce21b7d0393bf3474238926a754cd26384c58309ea3b182731fd5b18626d87ca98d42d8129eb12483d08dc4cbc867de5ff82dd7ea0dcbedaf4b2a0377e5c92e1d8c44ee49abe5eea60320f78ec369840470e884937f53008a16c844d07bfb1a3c381facbbbb0b273ece607293dbb2ebbb2581f6edf3d074df6fe4f86a29d641f497b5af628888dbcc8beaaaffcf50795e81238a7643aeb520a347370a4713265606da572ac511808bb3bdf531aee8c76d9431f25ce294c295dcac40134b7764dac48e3a951757239747bef09ae626090a74c28854a1d909a6eaa1d038009e52c53b8f7d6eecc3bb858c15e8c3eba2417f99f922c874ad81c48b56a99fb8797687b819d33bf7ba95ee4f3304486d544cfa77205ba30ff5c01f4d01a6c69c77117943cb0f4bd9417a0d664136654aee1177b8dd3a3845f0ffb8763ba55019548f8c05ba6df0b6710435106ccf62d0b7c8e301e1e72b6156a41230244d531d99430fa603ac8cf67c28f229394fb84e4d4011c49816c39667c8b0b71903fc2a6da0615aaa100a14726d45b451de95b09446dbd7ab4ec83b5db6b916a8010f1d6ca2397a3d18245ec63c06e990694acf838204136ba2d339043d2d3d7485f0bde0ef55dac65ba358b70aa761e797dcbc98f408d82fe6e39e3ba082a06df063245add7a02e3838ffb24a56add9777a399eb5ae23613eb17b3b2e479993c2cdb8f74e5fb3bd116691c9b460e1fde502ea62c4f4bfeca8da6a78633739bcce104dd216e873c6a035d9a6a659e29b16f43ecdb9776e82657290864193df3ec84146eb0d84a2194ec86fd88e26ddf34db1dfa5bb899c59194a815f56a472c4f8eb260d7e4bafe7ef58aea95cac79b56dba21043d19f67d6a2404e78ff38c7eabf6680baf6cd64acaab574cafba94e8bd4cc5408bd988f32941dd5f221b87fc7d9b46edea1c320c5f4faae1a03b9da1e26c478a17113220ec087875f4052df3e60d535e9bfca13b0175dee50430b8da01861a399ac14d7d1a45f73dd967a9c6a41b1a30e8d8bce87826f6c69f83c7d4b6dbfc3ada96ead8d69c73eb05548a204a1cec6c03151bc8d3eb039444e98279e7dcbb446e28a3d3e3e08fdef2112aa6fe1aba61af703ca295fa4fdcb1d7b228c67c73ae62bd359c4beb526a411503ff9e97fd24f90c2f6558533ecb3f99553eca07fc6a0306243445d51248f5d7db478c4838770e370b3a8cd9c52abe3b97a3087fc06adc26beb4a11f570aab507d9322d681931bd155a77227b81b886658a0e400a549222af9aaed4e0a6747361d4f3dbfe20d394c352fd234a9eda2742153f2aaa6c37c1a3a507f16651422c33ee2761446dcbb11726ce8bc703a051698c2ee6af22760b84623a83bdc5a710fa14819c42df53faf6bee7dbc8d1e1235acc6b000245f9da65370d4fbdbd13230ee48e4a7b2c75e7239bb5b1c88d7ab73ee90b4f614258c444bd5f6067c466717c1cbd8f2bbc939cbd4098d196b0089692fa424cae349a23cf33a11cedd0ae5dcde912ff9c2208602ec6ed44a9e9cc0eeee7b7ad735b2d21d6d6e17d48f6c12d82d170b82ff4bc9b6c4359ad79fc7a8d7d4c14a77abfc6bcd23b414f6512961f7f866b45651d75250ec5eea7bc6fe648dec938761a43a0a8954bb1a02aefaae68a420e22aebb3cec44347725d27998d252a6a001d649d97d6a54f7a5494009115381a3f18b8240f2b022aa92dc0c1c09c79ab9c981883f5b18fdd91eca4002d919544b85676a193360211ce00878b1505f75f94df05b8cec8a395305a1bb03999312961f7ee0e7bcfb2b3c07edd7c0dd0d1d1b52c31cad8919226c4d3927ddcd866d59e0854b0212e804d4bd4ec80761ff1c351f32c558b8648ef4f855645673230d4bf3ffacb215e256c6108957c8dacb0946d2b339cb670dbc30a4835a3f14b0f", 0x1000}], 0x1) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 619.495004][ T3625] Bluetooth: hci6: sending frame failed (-49) [ 619.503540][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:49:34 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, r1, 0x0, 0x4, &(0x7f0000000000)='({L\x00'}, 0x30) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000001e97f009a000000", @ANYRES32=r0, @ANYBLOB="83763f5284e77e875478334ef41996d76ca22adb015ac93f4488e7ddbb115da07a343ed5a6305c11db1f77a35a458b3852d23c560c70f5a99a5900dcfe56202974"]) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x20) [ 619.600813][ T3643] Bluetooth: hci7: sending frame failed (-49) [ 619.608455][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:49:35 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x20) sendfile(r2, r3, 0x0, 0x10000) ioctl$KDADDIO(r3, 0x4b34, 0x200000000000000) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r2, 0x5412, &(0x7f00000000c0)=0x5) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = fcntl$dupfd(r4, 0x0, r4) bind$bt_hci(r5, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$FUSE_DIRENTPLUS(r5, &(0x7f0000000380)=ANY=[@ANYBLOB="56000000e201"], 0x1e8) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) epoll_create1(0x80000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 619.705414][ T3643] Bluetooth: hci7: sending frame failed (-49) [ 619.714424][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:49:35 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, r1, 0x0, 0x4, &(0x7f0000000000)='({L\x00'}, 0x30) (async) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000001e97f009a000000", @ANYRES32=r0, @ANYBLOB="83763f5284e77e875478334ef41996d76ca22adb015ac93f4488e7ddbb115da07a343ed5a6305c11db1f77a35a458b3852d23c560c70f5a99a5900dcfe56202974"]) (async) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x20) 16:49:35 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000180)='./file0\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x17) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fsi_master_aspeed_opb_error\x00', r4}, 0x10) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = socket$phonet(0x23, 0x2, 0x1) ioctl$EXT4_IOC_CHECKPOINT(r2, 0x4004662b, &(0x7f0000000040)=0x4) (async) r3 = creat(0x0, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000200)=0x1f) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) (async, rerun: 64) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x4000000000801) (async, rerun: 64) r5 = signalfd(r2, &(0x7f00000000c0)={[0x7]}, 0x8) (rerun: 64) ioctl$TCSETAW(r5, 0x5407, &(0x7f0000000180)={0x8, 0x2, 0x9, 0xc91a, 0x1b, "473aeead0f58ceee"}) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x51f, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async, rerun: 32) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) writev(r3, &(0x7f0000001280)=[{&(0x7f0000000280)="ec6444c7c851b0b0297891be0a9e7b6b779e3df91e0fcfbc86d63371a917651c4a9489efea75b3f2516aa44c315eddcac72eba53c93c38378aee370387b44a3ac2b71251825753050ec40e87219dfda8b34a38ce2bd368cbcad6e04ffa067205c9602c90ac81890bc3c7d946baf2f54154263324889c37426b3a7dadb5770184f245e4b299117e1e34ec1d66d3b816e0728e436c04675012ae81399a81afc783a4604b419c6d634e344ece115949d103cbb429cf283fbcb3d6aececb8c38862e432b385de97c69f44c6edbab20318b77e73590e8dfb9d66c86bcd3f67e53ae4e0e10e95d65300be567ecd57872d16c35384da0cff234496c638277f907781955677d51831bedf56549327e9e5b9504e3624e419009fbc145f9021a51328dcd656cab5c1c11455d1584b6a4185f10fe98709a94839526dd42aaf21086f21f56dd81bb2cd7f4ecd323e6fb206ad8f578f9e9cb8819923c2dbd0964af00f4ecbb4ae9a0592bcc29d9eed1870ab7f33cf44b400fd9056361c706039ef76947b9928319cfc8a2f2f7e65ed131ba03ad35f7ad4e114ad1ec76a6eacc44f9554129171ea4eb72b8309044373fb648f1a0b9d6972f4199c733b2c1461fd041a5356770a746182576f37bcb1c0678707c5f20ead80bb842d2cd5f45180c8dc8ee665973b159210a5c5725e90fe32dbd8f1a4785a74b9b565c68b2393e3a345bfe9399e5095f5aec9592815ae8aa2a08a6efb62891d2a3abdcc648e376e078f9edfff9d2aa3dbf7991a73c280f013a7435c6e7354c7c7fa3cf95fb1f3f2ab8132e857f4193b49c0db793b515a9f0a5e985caf3e85b619b469adf90a2b1197ef912f0c5fd655d2e93516a43ec56369b23ba9f705733e92799783a9be55fc505f8b4cf58593edfcaffc37a16541970a8eb28c7258459b1d42392df2b2e714d093442b8f76fb9656063cc283f7bb5afdacb1af33ed2cb69ddb99d8c995c0e0e1f0542f813be9ff85cd14649bcbe840df916fc982ba9c5cd7a3cae132bbe3657842526f361a5dd1def6bdce44c7e7a0429f39ba67d3ae63f9d8d0fc4a73798911dc73e3ee2ca2a0797ddf2c9cb006e8c0945b547659cb0be892914d54f35319778f695df75e46cbd0a019458303c2fe5bc23191e8b70b9e0cea7584b7ea8aeccd430f2897435435d66dd08ffa0e0872c00318600f2b579e0556c00ecdd21782c679ef1fee44850d9b31e6288d4f6ebe3981c55a8f5a860b39ebe9c4c2c88e65950ec56476cd5c3df4544abbd98b16a16691e57c5cdf0c9d9744d94ea5859fe0b802edd481e020515deac177eb24f156c6d730c3730f15985ed7af60955fd85195edbbf07af89bc6bc20886c665882d9619d7f87fec5effafd16134a810c2c12305625eb62aafc295961d2fa5fa898f671288d35beb0ff3ee67c057528a374abefd7f35c5bd9cded1b156bea008df764ed90f68f81579fa6ba05e10a48a11203fceaf7b1db80ce3c8e4ff1d90a06b3ba908f456b5c94def24ffdccef49e4848bcaeaa8a73913ccadbeb2aff7d348d8cdc89644b390e1b81dfb3c245bb39de1bbb88fec41fe5fb15d4cceafe8247c5cba3350e8ea726761af4848fe5aa6b4bd663dc851c4f7aa0e51f2d3066d9753b8a20cd86b23d7cb952438215d9a6dcd7dc232998a3d70760a566e72ce149ff0249a3f505f9d0317964a05c788ba820646893667f64d135964f87183ee439f6ac33203c187a2f5ee272e3053b4221acc54d338fcda750d82a3ec9ae95db4bfc2a33690e2e2a833a846197b829fc5ad46bd6989c5440cacaa574545234e997cd3fe62489187374988805bb8b4fe257fc17ed96541c077bb6b472563de6a7cd620e1f1956ca47a6c67ed95e059213484ed6c2c0cf2ee8b85aa66bdf8fdbc01a72184d72b0495007ad787c6768faefa6b5cc1faaa4c8a32d04392318bca58b10bca86b25003e4629bc95ba9efee1bf4db7785d4499caed038c923324f519e815e69b319287f6a4a8bf3480b3c7857ce48123085f51c00f2773bf16b8208a1579876304dc54af98958c8141fad2e719be6b782eb142e604de19815317bfbe00609e0c4700b0bc275a7a9549ee46b58b11c2dc05840c9260e60522c1b827b0f8dad317dbb751e7937441a204b317428034a4fa36b398ec7648863f9a3f43d0a8afaae9d8440ca98b71bc242b62ce483d3f9452594400491f22fd54f4c8c3111548e02aae066e4c9bf3dab56344b8728fb88f2332247cb48072568914707b34380dd1dd3ed448a289d3c74e95d29fe62d4b51bcd74bf1e50f0ea48b492ebd279bf7862b1bf8b90cc0b8a7fea4c376cc4a1622dce739d47c5bff359f5d9e9e1b7160b8f3226538ef7fb6517cb63301c30d875e2f58df3d116936e58a0f6bdec603b1720e0091c39cf91e43f49ec97b66464e58a31e8dda19cf7e91a1550de5d1696184371b63c0d08e2a543376d8a7a5696cab756f2486cd0ba2fa60b5761fac8e004c4cfdd20abfd0dca0586644cd0057d4b2af3a0550f4be9ad5e609ebe0f88c7f36ee9e2bb992bda7c2ebe0f7b8cf78c813127d3ec4717ac1070bab44a1b38233ebc773965d7a797e056f37f9030633c20d2d5d3ed4159d741e187f12da94be8be2c38d4053a738bbf7b720cd99788f0c78a876db28896c54793ba3e707897dfb8b38e16063645ea796aa47d47da07f980f73c26f14c087766d1a55e1aa1e9aac2541f53d041c22227d0ffd6331b163c0367bb3f19421a7da5cbd5b450ec2de7f9faba109298d1916ae61f17866cd6cb87e91b8a45967cafe57660c5b6f067602f7c4c81fcb21428b134c3f53eea41f20dae17bb42eadd41abd88586bf190bb4f07dd07f61a2a76cbd67b147cfc9b91102455ab4e931ae7439cb61087cfe27ade38b78b8fb5e88a4b1c16e1dcd2fab6f8f864a0e112bd70d6291603a0b6b82f17d45b132efbecccf55651faf2f92cc44410f04b8029bd617fa0c7275faafce106d9e9e5ae25688adf1722cc96555ac863861976262dc9f0bffb91f7649d412739f650ec8384b4fb2978a49d722f45c8114ee47de1aa838757fc8b720be693e85fc2bd7a30bcb0b3612cd15e0d543ad62ad0576672f2858f78ab9280799869be359e7550fc931df56f28f190fb2c3c0d303c76f692ef399bbda2f790af9f02c5f3e4998971b11a1f72fdfc2a8328b91c98dedefe9d9b2720782b71eadd6e6005d813fc47b4a4ae64269673bb592fff17197f5fbd450884615b55e6e7f342ff4c031e24e66feb8c382a383b808bed1531d382574466a884661ced7124c6ad3c5b3b2f13c860b1a0e8c50a9feeaa451f24db8c448099fc078ec6550bc8199e882d11910dc3563ff99a01d7060bf56001d193b514ef35a3e4035fc6200dad8ee1dafe51254430b8eb71b3aadb88af33160a3b4c748fb1f4ff75023524e83f25b179b4d9c17bda5c24018cc7338576111955f68d20fb4f465924d17aace338a212c5b9ed5e97b9192b408630cc5f19f1287636dd1450798500726eaacbd99784aa3899681ed75af749e03268e9cc0d4f1e9ad466a7089e3139918c8c52ded5a1c26641dad41c02babe4a9e8828d41b8ed2203c53c7eddcd64c88c0e3f1b9ca1c0d7fb7c42069e6d2229a0fbd475e4dc0afb8ca95d7c940d6b68b90914596f092631728974b761087eb0f7a682cc5126bcc5d361dabc8f70e86baa54d620be03b006f2cb9943b9bc472d365416a88c4b4309851663c5c5670273c36b8e88edad8dae0094b41a4a41e2e2f1f76a7fce0a745d9d263f20656ee28c19bc9ad7c3e67632edf975fa38b9dc0f4cc542f16e26beaf689a42541a498bda3a253ef932f72f21f2fdf72ce21b7d0393bf3474238926a754cd26384c58309ea3b182731fd5b18626d87ca98d42d8129eb12483d08dc4cbc867de5ff82dd7ea0dcbedaf4b2a0377e5c92e1d8c44ee49abe5eea60320f78ec369840470e884937f53008a16c844d07bfb1a3c381facbbbb0b273ece607293dbb2ebbb2581f6edf3d074df6fe4f86a29d641f497b5af628888dbcc8beaaaffcf50795e81238a7643aeb520a347370a4713265606da572ac511808bb3bdf531aee8c76d9431f25ce294c295dcac40134b7764dac48e3a951757239747bef09ae626090a74c28854a1d909a6eaa1d038009e52c53b8f7d6eecc3bb858c15e8c3eba2417f99f922c874ad81c48b56a99fb8797687b819d33bf7ba95ee4f3304486d544cfa77205ba30ff5c01f4d01a6c69c77117943cb0f4bd9417a0d664136654aee1177b8dd3a3845f0ffb8763ba55019548f8c05ba6df0b6710435106ccf62d0b7c8e301e1e72b6156a41230244d531d99430fa603ac8cf67c28f229394fb84e4d4011c49816c39667c8b0b71903fc2a6da0615aaa100a14726d45b451de95b09446dbd7ab4ec83b5db6b916a8010f1d6ca2397a3d18245ec63c06e990694acf838204136ba2d339043d2d3d7485f0bde0ef55dac65ba358b70aa761e797dcbc98f408d82fe6e39e3ba082a06df063245add7a02e3838ffb24a56add9777a399eb5ae23613eb17b3b2e479993c2cdb8f74e5fb3bd116691c9b460e1fde502ea62c4f4bfeca8da6a78633739bcce104dd216e873c6a035d9a6a659e29b16f43ecdb9776e82657290864193df3ec84146eb0d84a2194ec86fd88e26ddf34db1dfa5bb899c59194a815f56a472c4f8eb260d7e4bafe7ef58aea95cac79b56dba21043d19f67d6a2404e78ff38c7eabf6680baf6cd64acaab574cafba94e8bd4cc5408bd988f32941dd5f221b87fc7d9b46edea1c320c5f4faae1a03b9da1e26c478a17113220ec087875f4052df3e60d535e9bfca13b0175dee50430b8da01861a399ac14d7d1a45f73dd967a9c6a41b1a30e8d8bce87826f6c69f83c7d4b6dbfc3ada96ead8d69c73eb05548a204a1cec6c03151bc8d3eb039444e98279e7dcbb446e28a3d3e3e08fdef2112aa6fe1aba61af703ca295fa4fdcb1d7b228c67c73ae62bd359c4beb526a411503ff9e97fd24f90c2f6558533ecb3f99553eca07fc6a0306243445d51248f5d7db478c4838770e370b3a8cd9c52abe3b97a3087fc06adc26beb4a11f570aab507d9322d681931bd155a77227b81b886658a0e400a549222af9aaed4e0a6747361d4f3dbfe20d394c352fd234a9eda2742153f2aaa6c37c1a3a507f16651422c33ee2761446dcbb11726ce8bc703a051698c2ee6af22760b84623a83bdc5a710fa14819c42df53faf6bee7dbc8d1e1235acc6b000245f9da65370d4fbdbd13230ee48e4a7b2c75e7239bb5b1c88d7ab73ee90b4f614258c444bd5f6067c466717c1cbd8f2bbc939cbd4098d196b0089692fa424cae349a23cf33a11cedd0ae5dcde912ff9c2208602ec6ed44a9e9cc0eeee7b7ad735b2d21d6d6e17d48f6c12d82d170b82ff4bc9b6c4359ad79fc7a8d7d4c14a77abfc6bcd23b414f6512961f7f866b45651d75250ec5eea7bc6fe648dec938761a43a0a8954bb1a02aefaae68a420e22aebb3cec44347725d27998d252a6a001d649d97d6a54f7a5494009115381a3f18b8240f2b022aa92dc0c1c09c79ab9c981883f5b18fdd91eca4002d919544b85676a193360211ce00878b1505f75f94df05b8cec8a395305a1bb03999312961f7ee0e7bcfb2b3c07edd7c0dd0d1d1b52c31cad8919226c4d3927ddcd866d59e0854b0212e804d4bd4ec80761ff1c351f32c558b8648ef4f855645673230d4bf3ffacb215e256c6108957c8dacb0946d2b339cb670dbc30a4835a3f14b0f", 0x1000}], 0x1) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async, rerun: 64) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (rerun: 64) 16:49:36 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) r2 = creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x401a) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) ioctl$TCFLSH(r2, 0x540b, 0x1) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:49:36 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000180)='./file0\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x17) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) (async) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fsi_master_aspeed_opb_error\x00', r4}, 0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 620.929861][ T3674] Bluetooth: hci8: command 0x1003 tx timeout [ 620.930049][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:49:36 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000180)="a9e44865c803421f5cb56ae39f5a41787ec696f459b3f4473d0ffcc38ad49445a38fcec40393623343abbdb214bf57fecca08112b6160e51347920dbd2f589d98d26aee88d844aa3214aa1f90d87ca9568501f83c91215db3445d776d9b2985be964251dfdd65c808f4d6a06ba2e04ca0e8f0db1b271940271892efdf337763f10096691173b8939b5932285116d6daa782aabf6bea3582ea71e23f3aae0") ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x8000016) [ 621.240413][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 621.247871][ T3640] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:49:36 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000180)="a9e44865c803421f5cb56ae39f5a41787ec696f459b3f4473d0ffcc38ad49445a38fcec40393623343abbdb214bf57fecca08112b6160e51347920dbd2f589d98d26aee88d844aa3214aa1f90d87ca9568501f83c91215db3445d776d9b2985be964251dfdd65c808f4d6a06ba2e04ca0e8f0db1b271940271892efdf337763f10096691173b8939b5932285116d6daa782aabf6bea3582ea71e23f3aae0") (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x8000016) [ 621.503481][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 621.511577][ T3640] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:49:36 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000040)={r1}, 0x8) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x3) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x800, 0x5, 0x0, 0x0, "00f0bf1aacce1f0c6b978e4b6000"}) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000280)=""/152) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) bpf$ITER_CREATE(0x21, &(0x7f0000000040)={r1}, 0x8) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x3) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x800, 0x5, 0x0, 0x0, "00f0bf1aacce1f0c6b978e4b6000"}) (async) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000280)=""/152) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 621.569914][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:49:37 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000180)="a9e44865c803421f5cb56ae39f5a41787ec696f459b3f4473d0ffcc38ad49445a38fcec40393623343abbdb214bf57fecca08112b6160e51347920dbd2f589d98d26aee88d844aa3214aa1f90d87ca9568501f83c91215db3445d776d9b2985be964251dfdd65c808f4d6a06ba2e04ca0e8f0db1b271940271892efdf337763f10096691173b8939b5932285116d6daa782aabf6bea3582ea71e23f3aae0") (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x8000016) [ 621.795614][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 621.803329][ T3640] Bluetooth: hci11: Opcode 0x1003 failed: -49 [ 621.813677][ T3684] Bluetooth: hci7: command 0x1003 tx timeout [ 621.820007][ T26] kauditd_printk_skb: 14 callbacks suppressed 16:49:37 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x20) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$KDADDIO(r3, 0x4b34, 0x200000000000000) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r2, 0x5412, &(0x7f00000000c0)=0x5) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = fcntl$dupfd(r4, 0x0, r4) bind$bt_hci(r5, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) (async) write$FUSE_DIRENTPLUS(r5, &(0x7f0000000380)=ANY=[@ANYBLOB="56000000e201"], 0x1e8) (async) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) epoll_create1(0x80000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 621.820027][ T26] audit: type=1804 audit(1644684577.148:1517): pid=14308 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/563/bus" dev="sda1" ino=1169 res=1 errno=0 [ 621.839787][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:49:37 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, r1, 0x0, 0x4, &(0x7f0000000000)='({L\x00'}, 0x30) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000001e97f009a000000", @ANYRES32=r0, @ANYBLOB="83763f5284e77e875478334ef41996d76ca22adb015ac93f4488e7ddbb115da07a343ed5a6305c11db1f77a35a458b3852d23c560c70f5a99a5900dcfe56202974"]) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x20) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, r1, 0x0, 0x4, &(0x7f0000000000)='({L\x00'}, 0x30) (async) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000001e97f009a000000", @ANYRES32=r0, @ANYBLOB="83763f5284e77e875478334ef41996d76ca22adb015ac93f4488e7ddbb115da07a343ed5a6305c11db1f77a35a458b3852d23c560c70f5a99a5900dcfe56202974"]) (async) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x20) (async) [ 621.889861][ T3675] Bluetooth: hci9: command 0x1003 tx timeout [ 621.893638][ T3643] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 621.920237][ T26] audit: type=1800 audit(1644684577.148:1518): pid=14308 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1169 res=0 errno=0 [ 621.983498][ T26] audit: type=1804 audit(1644684577.318:1519): pid=14314 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/616/bus" dev="sda1" ino=1176 res=1 errno=0 [ 622.012506][ T3638] Bluetooth: hci9: sending frame failed (-49) [ 622.021837][ T3643] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:49:37 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 64) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 64) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r0, 0x800) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x20) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$KDADDIO(r3, 0x4b34, 0x200000000000000) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r2, 0x5412, &(0x7f00000000c0)=0x5) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = fcntl$dupfd(r4, 0x0, r4) bind$bt_hci(r5, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) (async) write$FUSE_DIRENTPLUS(r5, &(0x7f0000000380)=ANY=[@ANYBLOB="56000000e201"], 0x1e8) (async) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) epoll_create1(0x80000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 622.047897][ T26] audit: type=1800 audit(1644684577.318:1520): pid=14314 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1176 res=0 errno=0 [ 622.117615][ T3638] Bluetooth: hci7: sending frame failed (-49) [ 622.125237][ T3643] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:49:37 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000001c0)=0xd) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0xfffffffffffffffc) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x800) lseek(r0, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r0, r1, 0x0, 0x10000) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0x2, 0x1f], 0x2, 0x80000}) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) creat(0x0, 0x90) ftruncate(0xffffffffffffffff, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x184) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) sendfile(r3, 0xffffffffffffffff, 0x0, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x18) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) [ 622.209936][ T26] audit: type=1804 audit(1644684577.548:1521): pid=14334 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/630/bus" dev="sda1" ino=1184 res=1 errno=0 [ 622.242289][ T26] audit: type=1800 audit(1644684577.548:1522): pid=14334 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1184 res=0 errno=0 [ 622.286141][ T26] audit: type=1804 audit(1644684577.618:1523): pid=14335 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/630/bus" dev="sda1" ino=1184 res=1 errno=0 16:49:37 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCGISO7816(r1, 0x80285442, &(0x7f0000000000)) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 622.333697][ T26] audit: type=1804 audit(1644684577.618:1524): pid=14335 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/630/bus" dev="sda1" ino=1184 res=1 errno=0 [ 622.400046][ T26] audit: type=1800 audit(1644684577.618:1525): pid=14335 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1184 res=0 errno=0 [ 622.454544][ T26] audit: type=1804 audit(1644684577.788:1526): pid=14338 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/564/bus" dev="sda1" ino=1169 res=1 errno=0 16:49:38 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x3) openat(r1, &(0x7f00000000c0)='./file0\x00', 0x40, 0x4) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000140)='./file0\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) syz_open_pts(r2, 0x50000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) dup3(r0, r0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 623.010127][ T3674] Bluetooth: hci8: command 0x1003 tx timeout [ 623.010157][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:49:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ioctl$TCFLSH(r2, 0x540b, 0x1) r3 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$VT_ACTIVATE(r3, 0x5606, 0x4) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:49:38 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 64) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async, rerun: 64) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) lseek(0xffffffffffffffff, 0x200, 0x0) (async, rerun: 64) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (rerun: 64) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async, rerun: 32) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) (async, rerun: 32) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) r2 = creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x401a) (async, rerun: 32) bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 32) ioctl$TCFLSH(r2, 0x540b, 0x1) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:49:38 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000001c0)=0xd) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0xfffffffffffffffc) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x800) lseek(r0, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r0, r1, 0x0, 0x10000) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0x2, 0x1f], 0x2, 0x80000}) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) creat(0x0, 0x90) ftruncate(0xffffffffffffffff, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x184) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) sendfile(r3, 0xffffffffffffffff, 0x0, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x18) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000001c0)=0xd) (async) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0xfffffffffffffffc) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r0, 0x800) (async) lseek(r0, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r0, r1, 0x0, 0x10000) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0x2, 0x1f], 0x2, 0x80000}) (async) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) (async) creat(0x0, 0x90) (async) ftruncate(0xffffffffffffffff, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x184) (async) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r2, r3, 0x0, 0x10000) (async) sendfile(r3, 0xffffffffffffffff, 0x0, 0x2) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x18) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) (async) [ 623.090187][ T3676] Bluetooth: hci10: command 0x1003 tx timeout [ 623.100016][ T3644] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 623.142667][ T3638] Bluetooth: hci9: sending frame failed (-49) [ 623.150384][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:49:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ioctl$TCFLSH(r2, 0x540b, 0x1) (async) r3 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$VT_ACTIVATE(r3, 0x5606, 0x4) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 623.242966][ T3638] Bluetooth: hci9: sending frame failed (-49) [ 623.250914][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 623.260316][ T3625] Bluetooth: hci10: sending frame failed (-49) [ 623.268361][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -49 [ 623.651249][ T1222] ieee802154 phy0 wpan0: encryption failed: -22 [ 623.651884][ T3684] Bluetooth: hci6: command 0x1003 tx timeout [ 623.657689][ T1222] ieee802154 phy1 wpan1: encryption failed: -22 [ 623.670188][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 624.449934][ T3643] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 624.449970][ T3676] Bluetooth: hci7: command 0x1003 tx timeout [ 625.089859][ T8020] Bluetooth: hci8: command 0x1003 tx timeout [ 625.090131][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:49:41 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 32) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 32) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000040)={r1}, 0x8) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x3) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x800, 0x5, 0x0, 0x0, "00f0bf1aacce1f0c6b978e4b6000"}) (async, rerun: 32) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000280)=""/152) (rerun: 32) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:41 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000001c0)=0xd) (async) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0xfffffffffffffffc) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x800) lseek(r0, 0x200, 0x0) (async) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r0, r1, 0x0, 0x10000) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0x2, 0x1f], 0x2, 0x80000}) (async) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) (async) creat(0x0, 0x90) (async) ftruncate(0xffffffffffffffff, 0x0) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x184) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) sendfile(r3, 0xffffffffffffffff, 0x0, 0x2) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x18) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) 16:49:41 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x7fff, 0x0) ftruncate(r1, 0xf7bb) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f00000001c0)={0x7, 0x7, 0x0, 0x10001, 0x2, "03930fc30cc1cdafcc5e60a4190c5bf2e0e196"}) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x80800, 0x0) 16:49:41 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ioctl$TCFLSH(r2, 0x540b, 0x1) r3 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$VT_ACTIVATE(r3, 0x5606, 0x4) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:49:41 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCGISO7816(r1, 0x80285442, &(0x7f0000000000)) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:41 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) openat(r1, &(0x7f00000000c0)='./file0\x00', 0x40, 0x4) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async, rerun: 64) lseek(r2, 0x200, 0x0) (async, rerun: 64) r3 = open(&(0x7f0000000140)='./file0\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) syz_open_pts(r2, 0x50000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) dup3(r0, r0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 64) [ 625.729999][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:49:41 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = socket$nl_crypto(0x10, 0x3, 0x15) ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0) 16:49:41 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3) [ 627.889911][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 627.890146][ T3675] Bluetooth: hci9: command 0x1003 tx timeout [ 627.901258][ T3643] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 627.902593][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 627.910312][ T7] Bluetooth: hci8: command 0x1003 tx timeout [ 627.915194][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 627.928641][T14398] warn_alloc: 16 callbacks suppressed [ 627.928655][T14398] syz-executor.3: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1 [ 627.960072][T14398] CPU: 0 PID: 14398 Comm: syz-executor.3 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 627.970990][T14398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 627.981240][T14398] Call Trace: [ 627.984520][T14398] [ 627.987449][T14398] dump_stack_lvl+0xcd/0x134 [ 627.992059][T14398] warn_alloc.cold+0x9b/0x189 [ 627.996925][T14398] ? zone_watermark_ok_safe+0x290/0x290 [ 628.002485][T14398] ? __kmalloc_node+0x62/0x390 [ 628.007303][T14398] ? __vmalloc_node_range+0x7bf/0x1060 [ 628.012778][T14398] __vmalloc_node_range+0xe1e/0x1060 [ 628.018345][T14398] ? vfree_atomic+0xe0/0xe0 [ 628.022854][T14398] ? n_tty_open+0x16/0x170 [ 628.027612][T14398] vzalloc+0x67/0x80 [ 628.031494][T14398] ? n_tty_open+0x16/0x170 [ 628.035910][T14398] n_tty_open+0x16/0x170 [ 628.040138][T14398] ? n_tty_set_termios+0x1010/0x1010 [ 628.045436][T14398] tty_ldisc_open+0x9b/0x110 [ 628.050022][T14398] tty_set_ldisc+0x2f1/0x680 [ 628.054611][T14398] tty_ioctl+0xae0/0x1660 [ 628.058932][T14398] ? tty_lookup_driver+0x550/0x550 [ 628.064066][T14398] ? find_held_lock+0x2d/0x110 [ 628.068851][T14398] ? __fget_files+0x28c/0x470 [ 628.073524][T14398] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 628.079766][T14398] ? tty_lookup_driver+0x550/0x550 [ 628.084907][T14398] __x64_sys_ioctl+0x193/0x200 [ 628.089663][T14398] do_syscall_64+0x35/0xb0 [ 628.094107][T14398] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 628.100024][T14398] RIP: 0033:0x7fc1aaa11059 [ 628.104431][T14398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 628.124115][T14398] RSP: 002b:00007fc1a9323168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 628.132545][T14398] RAX: ffffffffffffffda RBX: 00007fc1aab241d0 RCX: 00007fc1aaa11059 16:49:43 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 64) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) r1 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x7fff, 0x0) ftruncate(r1, 0xf7bb) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0) (rerun: 32) ioctl$TCSETSF(r2, 0x5404, &(0x7f00000001c0)={0x7, 0x7, 0x0, 0x10001, 0x2, "03930fc30cc1cdafcc5e60a4190c5bf2e0e196"}) (async, rerun: 64) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x80800, 0x0) (rerun: 64) 16:49:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800000000000800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x526, 0x1, 0x100, 0xf921, 0x17, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=[&(0x7f0000000040)='/dev/ptmx\x00', &(0x7f00000000c0)='/dev/ptmx\x00', &(0x7f0000000180)='/dev/ptmx\x00', &(0x7f0000000200)='/dev/ptmx\x00'], &(0x7f00000004c0)=[&(0x7f00000002c0)='/dev/ptmx\x00', &(0x7f0000000300)='/dev/ptmx\x00', &(0x7f0000000340)='\x00', &(0x7f0000000380)='/dev/ptmx\x00', &(0x7f00000003c0)='/dev/ptmx\x00', &(0x7f0000000400)='/dev/ptmx\x00', &(0x7f0000000440)='%(}+&\x00', &(0x7f0000000480)='/dev/ptmx\x00']) [ 628.140503][T14398] RDX: 0000000020000100 RSI: 0000000000005423 RDI: 0000000000000003 [ 628.148475][T14398] RBP: 00007fc1aaa6b08d R08: 0000000000000000 R09: 0000000000000000 [ 628.156779][T14398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 628.164734][T14398] R13: 00007fff87efb14f R14: 00007fc1a9323300 R15: 0000000000022000 [ 628.172703][T14398] [ 628.176629][ T3644] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 628.178481][T14398] Mem-Info: 16:49:43 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = socket$nl_crypto(0x10, 0x3, 0x15) ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) socket$nl_crypto(0x10, 0x3, 0x15) (async) ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0) (async) 16:49:43 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) openat(r1, &(0x7f00000000c0)='./file0\x00', 0x40, 0x4) (async, rerun: 32) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (rerun: 32) ftruncate(r2, 0x800) (async, rerun: 32) lseek(r2, 0x200, 0x0) (async, rerun: 32) r3 = open(&(0x7f0000000140)='./file0\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async, rerun: 64) syz_open_pts(r2, 0x50000) (rerun: 64) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) dup3(r0, r0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 628.209771][ T3676] Bluetooth: hci11: command 0x1003 tx timeout [ 628.211850][ T3638] Bluetooth: hci11: Opcode 0x1003 failed: -110 16:49:43 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3) [ 628.261970][T14398] active_anon:2662 inactive_anon:147099 isolated_anon:0 [ 628.261970][T14398] active_file:4152 inactive_file:7663 isolated_file:0 [ 628.261970][T14398] unevictable:768 dirty:1 writeback:0 [ 628.261970][T14398] slab_reclaimable:19294 slab_unreclaimable:95869 [ 628.261970][T14398] mapped:27869 shmem:4147 pagetables:818 bounce:0 [ 628.261970][T14398] kernel_misc_reclaimable:0 [ 628.261970][T14398] free:1325192 free_pcp:9679 free_cma:0 [ 628.315014][ T3642] Bluetooth: hci7: sending frame failed (-49) [ 628.322182][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 628.360260][ T3642] Bluetooth: hci8: sending frame failed (-49) [ 628.367306][ T3644] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 628.370790][T14428] ptm ptm5: ldisc open failed (-12), clearing slot 5 16:49:43 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) r1 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x7fff, 0x0) ftruncate(r1, 0xf7bb) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f00000001c0)={0x7, 0x7, 0x0, 0x10001, 0x2, "03930fc30cc1cdafcc5e60a4190c5bf2e0e196"}) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x80800, 0x0) 16:49:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800000000000800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x526, 0x1, 0x100, 0xf921, 0x17, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=[&(0x7f0000000040)='/dev/ptmx\x00', &(0x7f00000000c0)='/dev/ptmx\x00', &(0x7f0000000180)='/dev/ptmx\x00', &(0x7f0000000200)='/dev/ptmx\x00'], &(0x7f00000004c0)=[&(0x7f00000002c0)='/dev/ptmx\x00', &(0x7f0000000300)='/dev/ptmx\x00', &(0x7f0000000340)='\x00', &(0x7f0000000380)='/dev/ptmx\x00', &(0x7f00000003c0)='/dev/ptmx\x00', &(0x7f0000000400)='/dev/ptmx\x00', &(0x7f0000000440)='%(}+&\x00', &(0x7f0000000480)='/dev/ptmx\x00']) [ 628.410234][ T3642] Bluetooth: hci7: sending frame failed (-49) [ 628.417524][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:49:43 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3) [ 628.499433][T14398] Node 0 active_anon:10644kB inactive_anon:591504kB active_file:16536kB inactive_file:30652kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111476kB dirty:84kB writeback:0kB shmem:14116kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 442368kB writeback_tmp:0kB kernel_stack:11136kB pagetables:3236kB all_unreclaimable? no [ 628.543914][T14398] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 628.590208][T14398] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 628.618097][T14398] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 628.624796][T14398] Node 0 DMA32 free:1332900kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10644kB inactive_anon:589544kB active_file:16536kB inactive_file:30652kB unevictable:1536kB writepending:84kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:35728kB local_pcp:15344kB free_cma:0kB [ 628.666306][T14398] lowmem_reserve[]: 0 0 0 0 0 [ 628.674427][T14398] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 628.702059][T14398] lowmem_reserve[]: 0 0 0 0 0 [ 628.706883][T14398] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 628.736290][T14398] lowmem_reserve[]: 0 0 0 0 0 [ 628.741649][T14398] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 628.755801][T14398] Node 0 DMA32: 1179*4kB (UM) 1701*8kB (UME) 1979*16kB (UME) 707*32kB (UME) 370*64kB (UME) 193*128kB (UME) 66*256kB (UME) 38*512kB (UME) 22*1024kB (UE) 15*2048kB (UME) 274*4096kB (UM) = 1332900kB [ 628.778750][T14398] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 628.790286][T14398] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 628.808750][T14398] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 628.818384][T14398] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 628.828376][T14398] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 628.838026][T14398] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 628.847336][T14398] 15964 total pagecache pages [ 628.852203][T14398] 0 pages in swap cache [ 628.860748][T14398] Swap cache stats: add 0, delete 0, find 0/0 [ 628.866975][T14398] Free swap = 0kB [ 628.873428][T14398] Total swap = 0kB [ 628.877333][T14398] 2097051 pages RAM [ 628.884298][T14398] 0 pages HighMem/MovableOnly 16:49:44 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0xe47, 0x5e6baf8a, 0x7f, 0x4, 0x1, "30a902c84719d2f206daa25dbba56a059df339"}) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:49:44 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCGISO7816(r1, 0x80285442, &(0x7f0000000000)) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCGISO7816(r1, 0x80285442, &(0x7f0000000000)) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:49:44 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCEXCL(r0, 0x540c) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xa0800, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:44 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x311000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) dup(r0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x60) openat(r1, &(0x7f0000000040)='./file0\x00', 0x40c280, 0x2906ec182058154f) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 628.889046][T14398] 384548 pages reserved [ 628.896274][T14398] 0 pages cma reserved 16:49:44 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x311000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) dup(r0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x60) openat(r1, &(0x7f0000000040)='./file0\x00', 0x40c280, 0x2906ec182058154f) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x311000, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) dup(r0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x60) (async) openat(r1, &(0x7f0000000040)='./file0\x00', 0x40c280, 0x2906ec182058154f) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 628.975416][ T3643] Bluetooth: hci10: sending frame failed (-49) [ 628.982987][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -49 [ 628.994688][ T26] kauditd_printk_skb: 14 callbacks suppressed [ 628.994702][ T26] audit: type=1804 audit(1644684584.328:1541): pid=14472 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/566/bus" dev="sda1" ino=1182 res=1 errno=0 16:49:44 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x311000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) dup(r0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x60) openat(r1, &(0x7f0000000040)='./file0\x00', 0x40c280, 0x2906ec182058154f) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x311000, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) dup(r0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x60) (async) openat(r1, &(0x7f0000000040)='./file0\x00', 0x40c280, 0x2906ec182058154f) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 629.046992][ T26] audit: type=1800 audit(1644684584.328:1542): pid=14472 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 630.369813][ T3638] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 630.392236][ T3640] Bluetooth: hci6: sending frame failed (-49) [ 630.399377][ T3638] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:49:45 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = socket$nl_crypto(0x10, 0x3, 0x15) ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) socket$nl_crypto(0x10, 0x3, 0x15) (async) ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0) (async) 16:49:45 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x5}}, './file0\x00'}) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000040)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:45 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) r4 = socket$packet(0x11, 0x2, 0x300) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'vlan1\x00', 0x0}) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000040)={r6, 0x1, 0x6, @link_local}, 0x10) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000200)={0x2, 0x3ff, 0x100, 0x4e800000, 0xf, "e440a3f396ec502aec6d4eb469670be56d63b4"}) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@getqdisc={0x3c, 0x26, 0x800, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xffe0, 0x6}, {0x7, 0xf}, {0xa, 0x8}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) [ 630.490341][ T3643] Bluetooth: hci10: sending frame failed (-49) [ 630.497789][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -49 [ 630.500685][ T3625] Bluetooth: hci11: sending frame failed (-49) [ 630.511856][ T3643] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:49:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async, rerun: 32) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async, rerun: 32) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800000000000800) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x526, 0x1, 0x100, 0xf921, 0x17, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (rerun: 32) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async, rerun: 64) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async, rerun: 64) execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=[&(0x7f0000000040)='/dev/ptmx\x00', &(0x7f00000000c0)='/dev/ptmx\x00', &(0x7f0000000180)='/dev/ptmx\x00', &(0x7f0000000200)='/dev/ptmx\x00'], &(0x7f00000004c0)=[&(0x7f00000002c0)='/dev/ptmx\x00', &(0x7f0000000300)='/dev/ptmx\x00', &(0x7f0000000340)='\x00', &(0x7f0000000380)='/dev/ptmx\x00', &(0x7f00000003c0)='/dev/ptmx\x00', &(0x7f0000000400)='/dev/ptmx\x00', &(0x7f0000000440)='%(}+&\x00', &(0x7f0000000480)='/dev/ptmx\x00']) [ 630.536663][ T3675] Bluetooth: hci7: command 0x1003 tx timeout [ 630.539773][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 630.564006][ T26] audit: type=1804 audit(1644684585.878:1543): pid=14510 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/639/bus" dev="sda1" ino=1181 res=1 errno=0 [ 630.598410][T14510] device vlan1 entered promiscuous mode [ 630.603036][ T26] audit: type=1800 audit(1644684585.928:1544): pid=14510 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1181 res=0 errno=0 [ 630.639482][T14519] ptm ptm6: ldisc open failed (-12), clearing slot 6 16:49:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async, rerun: 64) lseek(0xffffffffffffffff, 0x200, 0x0) (async, rerun: 64) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x5}}, './file0\x00'}) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000040)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x5}}, './file0\x00'}) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000040)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 630.752389][ T3640] Bluetooth: hci11: sending frame failed (-49) [ 630.761524][ T3643] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:49:46 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0xe47, 0x5e6baf8a, 0x7f, 0x4, 0x1, "30a902c84719d2f206daa25dbba56a059df339"}) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0xe47, 0x5e6baf8a, 0x7f, 0x4, 0x1, "30a902c84719d2f206daa25dbba56a059df339"}) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) 16:49:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = syz_open_pts(r0, 0x200401) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$KIOCSOUND(r3, 0x4b2f, 0x10000) ioctl$KDADDIO(r1, 0x4b34, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 631.009834][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 631.017702][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 631.027643][ T7] Bluetooth: hci9: command 0x1003 tx timeout 16:49:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCEXCL(r0, 0x540c) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xa0800, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 631.073492][ T26] audit: type=1804 audit(1644684586.408:1545): pid=14541 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/570/bus" dev="sda1" ino=1158 res=1 errno=0 [ 631.115741][ T3643] Bluetooth: hci9: sending frame failed (-49) [ 631.122791][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 631.131042][ T26] audit: type=1800 audit(1644684586.448:1546): pid=14541 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1158 res=0 errno=0 [ 631.167740][ T3643] Bluetooth: hci9: sending frame failed (-49) [ 631.175421][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 631.213571][ T3643] Bluetooth: hci9: sending frame failed (-49) 16:49:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async, rerun: 32) ioctl$TIOCEXCL(r0, 0x540c) (async, rerun: 32) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xa0800, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 631.220652][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:49:46 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0xe47, 0x5e6baf8a, 0x7f, 0x4, 0x1, "30a902c84719d2f206daa25dbba56a059df339"}) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 631.300854][T14504] device vlan1 left promiscuous mode 16:49:47 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) r4 = socket$packet(0x11, 0x2, 0x300) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'vlan1\x00', 0x0}) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000040)={r6, 0x1, 0x6, @link_local}, 0x10) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000200)={0x2, 0x3ff, 0x100, 0x4e800000, 0xf, "e440a3f396ec502aec6d4eb469670be56d63b4"}) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@getqdisc={0x3c, 0x26, 0x800, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xffe0, 0x6}, {0x7, 0xf}, {0xa, 0x8}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r2, r3, 0x0, 0x10000) (async) socket$packet(0x11, 0x2, 0x300) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'vlan1\x00'}) (async) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000040)={r6, 0x1, 0x6, @link_local}, 0x10) (async) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000200)={0x2, 0x3ff, 0x100, 0x4e800000, 0xf, "e440a3f396ec502aec6d4eb469670be56d63b4"}) (async) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@getqdisc={0x3c, 0x26, 0x800, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xffe0, 0x6}, {0x7, 0xf}, {0xa, 0x8}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) (async) [ 632.539850][ T3638] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 632.547687][T14422] Bluetooth: hci6: command tx timeout [ 632.609964][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 632.654664][ T26] audit: type=1804 audit(1644684587.988:1547): pid=14580 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/640/bus" dev="sda1" ino=1171 res=1 errno=0 [ 632.682302][ T26] audit: type=1800 audit(1644684587.988:1548): pid=14580 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1171 res=0 errno=0 16:49:48 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x200) ioctl$KDENABIO(r1, 0x4b36) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080), 0x1203, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x8000, 0x9}}, './bus\x00'}) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000) openat2(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)={0x300, 0x40, 0x4}, 0x18) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x6, 0x5, 0xe4, 0x3, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) r4 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x103000) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000180)=0x17) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000040)=0x1) [ 632.705680][ T3675] Bluetooth: hci10: command 0x1003 tx timeout [ 632.705883][T14581] device vlan1 entered promiscuous mode [ 632.717994][ T3625] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:49:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) r4 = socket$packet(0x11, 0x2, 0x300) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'vlan1\x00', 0x0}) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000040)={r6, 0x1, 0x6, @link_local}, 0x10) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000200)={0x2, 0x3ff, 0x100, 0x4e800000, 0xf, "e440a3f396ec502aec6d4eb469670be56d63b4"}) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@getqdisc={0x3c, 0x26, 0x800, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xffe0, 0x6}, {0x7, 0xf}, {0xa, 0x8}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r2, r3, 0x0, 0x10000) (async) socket$packet(0x11, 0x2, 0x300) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'vlan1\x00'}) (async) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000040)={r6, 0x1, 0x6, @link_local}, 0x10) (async) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000200)={0x2, 0x3ff, 0x100, 0x4e800000, 0xf, "e440a3f396ec502aec6d4eb469670be56d63b4"}) (async) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@getqdisc={0x3c, 0x26, 0x800, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xffe0, 0x6}, {0x7, 0xf}, {0xa, 0x8}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) (async) [ 632.768185][T14582] device vlan1 left promiscuous mode [ 632.802193][ T3638] Bluetooth: hci7: sending frame failed (-49) [ 632.809066][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 632.811347][ T46] Bluetooth: hci10: sending frame failed (-49) [ 632.823906][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:49:48 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x200) ioctl$KDENABIO(r1, 0x4b36) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080), 0x1203, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x8000, 0x9}}, './bus\x00'}) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 632.901744][ T26] audit: type=1804 audit(1644684588.238:1549): pid=14593 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/641/bus" dev="sda1" ino=1171 res=1 errno=0 [ 632.929717][ T26] audit: type=1800 audit(1644684588.238:1550): pid=14593 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1171 res=0 errno=0 16:49:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) fsetxattr$trusted_overlay_redirect(r0, &(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x8, 0x3) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 632.953588][T14591] device vlan1 entered promiscuous mode [ 632.978876][T14602] device vlan1 left promiscuous mode 16:49:48 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x200) ioctl$KDENABIO(r1, 0x4b36) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080), 0x1203, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x8000, 0x9}}, './bus\x00'}) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x200) (async) ioctl$KDENABIO(r1, 0x4b36) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080), 0x1203, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x8000, 0x9}}, './bus\x00'}) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) 16:49:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) fsetxattr$trusted_overlay_redirect(r0, &(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x8, 0x3) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async, rerun: 32) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 32) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 633.021888][ T46] Bluetooth: hci7: sending frame failed (-49) [ 633.028864][ T3640] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:49:48 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = syz_open_pts(r0, 0x200401) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$KIOCSOUND(r3, 0x4b2f, 0x10000) ioctl$KDADDIO(r1, 0x4b34, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) syz_open_pts(r0, 0x200401) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$KIOCSOUND(r3, 0x4b2f, 0x10000) (async) ioctl$KDADDIO(r1, 0x4b34, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 633.089850][ T3728] Bluetooth: hci8: command 0x1003 tx timeout [ 633.097807][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:49:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) fsetxattr$trusted_overlay_redirect(r0, &(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x8, 0x3) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 32) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0x1) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (rerun: 64) 16:49:48 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x200440, 0x0) ioctl$KDENABIO(0xffffffffffffffff, 0x4b36) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 633.330067][ T3728] Bluetooth: hci9: command 0x1003 tx timeout [ 633.336336][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -110 16:49:48 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x2) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x24, 0x7, 0x800, 0xff81, 0x9, 0x1ff, 0x10001}}, 0x50) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:49:48 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x16) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$TCFLSH(r1, 0x540b, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0xfffffffc) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x6) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xb) [ 633.381993][ T3640] Bluetooth: hci8: sending frame failed (-49) [ 633.389389][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 633.411319][ T3643] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 633.421567][T14422] Bluetooth: hci11: command tx timeout 16:49:50 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000) (async) openat2(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)={0x300, 0x40, 0x4}, 0x18) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x6, 0x5, 0xe4, 0x3, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) r4 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x103000) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000180)=0x17) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000040)=0x1) 16:49:50 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x200440, 0x0) ioctl$KDENABIO(0xffffffffffffffff, 0x4b36) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:50 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 64) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x16) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async, rerun: 64) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (rerun: 64) ioctl$TCFLSH(r1, 0x540b, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0xfffffffc) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 634.849814][ T915] Bluetooth: hci6: command 0x1003 tx timeout [ 634.850200][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:49:50 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000) openat2(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)={0x300, 0x40, 0x4}, 0x18) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x6, 0x5, 0xe4, 0x3, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) r4 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x103000) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000180)=0x17) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000040)=0x1) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000) (async) openat2(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)={0x300, 0x40, 0x4}, 0x18) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r3, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x6, 0x5, 0xe4, 0x3, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x103000) (async) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000180)=0x17) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) (async) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000040)=0x1) (async) 16:49:50 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x16) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$TCFLSH(r1, 0x540b, 0x2) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0xfffffffc) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x7f) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000400)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x5) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @link_local}, 0x10) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0xfffa) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1c, 0xd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000a0000000000000000000186400051000000000000000070000008520000001912400180000000500000000000000200000001817000058406d0a75a146826ec4853313c92a824395a1048af144c8e2518c39f81b5e6284dd141bd12ac720e6ee78233277bee2e002412203c1077344", @ANYRES32=0x1, @ANYBLOB="00000000000000000736aa00020400001866000004000000000031e1ced200009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x2005, 0x4e, &(0x7f0000000280)=""/78, 0x41100, 0x0, '\x00', 0x0, 0x26, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xd, 0x5}, 0x8, 0x10, &(0x7f0000000300)={0x2, 0x3, 0x7, 0x7}, 0x10, 0x0, r4, 0x0, &(0x7f0000000340)=[0x1, r4, 0x1, 0xffffffffffffffff]}, 0x80) [ 635.207946][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 635.207963][ T26] audit: type=1804 audit(1644684590.538:1554): pid=14694 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/627/bus" dev="sda1" ino=1182 res=1 errno=0 16:49:50 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) (async) r1 = syz_open_pts(r0, 0x200401) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$KIOCSOUND(r3, 0x4b2f, 0x10000) ioctl$KDADDIO(r1, 0x4b34, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x7f) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000400)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x5) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async, rerun: 64) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 64) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @link_local}, 0x10) (rerun: 64) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(0xffffffffffffffff, r2, 0x0, 0xfffa) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1c, 0xd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000a0000000000000000000186400051000000000000000070000008520000001912400180000000500000000000000200000001817000058406d0a75a146826ec4853313c92a824395a1048af144c8e2518c39f81b5e6284dd141bd12ac720e6ee78233277bee2e002412203c1077344", @ANYRES32=0x1, @ANYBLOB="00000000000000000736aa00020400001866000004000000000031e1ced200009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x2005, 0x4e, &(0x7f0000000280)=""/78, 0x41100, 0x0, '\x00', 0x0, 0x26, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xd, 0x5}, 0x8, 0x10, &(0x7f0000000300)={0x2, 0x3, 0x7, 0x7}, 0x10, 0x0, r4, 0x0, &(0x7f0000000340)=[0x1, r4, 0x1, 0xffffffffffffffff]}, 0x80) [ 635.240326][ T26] audit: type=1800 audit(1644684590.538:1555): pid=14694 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 635.262140][ T3728] Bluetooth: hci7: command 0x1003 tx timeout [ 635.269358][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 635.343951][ T26] audit: type=1804 audit(1644684590.678:1556): pid=14704 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/572/bus" dev="sda1" ino=1168 res=1 errno=0 16:49:50 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000800000000000000100000094965a696c32b0ad4ea0c265eb840000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) sendfile(r1, r0, 0x0, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) sendmsg$NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, 0x0, 0x400, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x2, 0x4f}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x24000015}, 0x40) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 635.374114][ T26] audit: type=1800 audit(1644684590.678:1557): pid=14704 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1168 res=0 errno=0 [ 635.403208][ T26] audit: type=1804 audit(1644684590.698:1558): pid=14697 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/628/bus" dev="sda1" ino=1182 res=1 errno=0 [ 635.429069][ T26] audit: type=1800 audit(1644684590.698:1559): pid=14697 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 635.489979][ T3643] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:49:50 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async, rerun: 64) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x2) (async, rerun: 64) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) (rerun: 64) write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x24, 0x7, 0x800, 0xff81, 0x9, 0x1ff, 0x10001}}, 0x50) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:49:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x7f) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000400)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x5) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @link_local}, 0x10) (async) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) (async) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0xfffa) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1c, 0xd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000a0000000000000000000186400051000000000000000070000008520000001912400180000000500000000000000200000001817000058406d0a75a146826ec4853313c92a824395a1048af144c8e2518c39f81b5e6284dd141bd12ac720e6ee78233277bee2e002412203c1077344", @ANYRES32=0x1, @ANYBLOB="00000000000000000736aa00020400001866000004000000000031e1ced200009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x2005, 0x4e, &(0x7f0000000280)=""/78, 0x41100, 0x0, '\x00', 0x0, 0x26, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xd, 0x5}, 0x8, 0x10, &(0x7f0000000300)={0x2, 0x3, 0x7, 0x7}, 0x10, 0x0, r4, 0x0, &(0x7f0000000340)=[0x1, r4, 0x1, 0xffffffffffffffff]}, 0x80) 16:49:50 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x6) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xb) [ 635.570192][ T3675] Bluetooth: hci9: command 0x1003 tx timeout [ 635.580812][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -110 16:49:51 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x14) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 635.633967][ T26] audit: type=1804 audit(1644684590.968:1560): pid=14713 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/629/bus" dev="sda1" ino=1177 res=1 errno=0 [ 635.692191][ T26] audit: type=1800 audit(1644684590.998:1561): pid=14713 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1177 res=0 errno=0 [ 635.780749][ T26] audit: type=1804 audit(1644684591.028:1562): pid=14723 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/630/bus" dev="sda1" ino=1177 res=1 errno=0 [ 635.806209][ T26] audit: type=1800 audit(1644684591.028:1563): pid=14723 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1177 res=0 errno=0 16:49:52 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x200440, 0x0) ioctl$KDENABIO(0xffffffffffffffff, 0x4b36) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x200440, 0x0) (async) ioctl$KDENABIO(0xffffffffffffffff, 0x4b36) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) 16:49:52 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x6) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xb) [ 636.929931][ T3728] Bluetooth: hci6: command 0x1003 tx timeout [ 636.936412][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:49:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0xa) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x19) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000280)={0x0, 0x0, 0x7, 0x0, '\x00', [{0xfffffffa, 0x3, 0x1000, 0x20a, 0x7ff}, {0x401, 0x8000, 0x6, 0x2, 0x5b, 0x7ff}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) [ 637.009909][ T3675] Bluetooth: hci10: command 0x1003 tx timeout [ 637.016493][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 637.076967][T14739] ptm ptm1: ldisc open failed (-12), clearing slot 1 [ 637.101686][ T3644] Bluetooth: hci10: sending frame failed (-49) [ 637.108781][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:49:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0xa) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x19) (async) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000280)={0x0, 0x0, 0x7, 0x0, '\x00', [{0xfffffffa, 0x3, 0x1000, 0x20a, 0x7ff}, {0x401, 0x8000, 0x6, 0x2, 0x5b, 0x7ff}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) [ 637.198275][ T3644] Bluetooth: hci10: sending frame failed (-49) [ 637.206202][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:49:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0xa) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x19) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000280)={0x0, 0x0, 0x7, 0x0, '\x00', [{0xfffffffa, 0x3, 0x1000, 0x20a, 0x7ff}, {0x401, 0x8000, 0x6, 0x2, 0x5b, 0x7ff}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0xa) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x19) (async) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000280)={0x0, 0x0, 0x7, 0x0, '\x00', [{0xfffffffa, 0x3, 0x1000, 0x20a, 0x7ff}, {0x401, 0x8000, 0x6, 0x2, 0x5b, 0x7ff}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) (async) [ 637.301119][ T3644] Bluetooth: hci10: sending frame failed (-49) [ 637.309366][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:49:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000800000000000000100000094965a696c32b0ad4ea0c265eb840000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) (async) sendfile(r1, r0, 0x0, 0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) sendmsg$NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, 0x0, 0x400, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x2, 0x4f}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x24000015}, 0x40) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 637.489844][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 637.489962][ T3728] Bluetooth: hci7: command 0x1003 tx timeout [ 637.554654][ T3644] Bluetooth: hci7: sending frame failed (-49) [ 637.562942][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:49:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000800000000000000100000094965a696c32b0ad4ea0c265eb840000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) (async, rerun: 64) sendfile(r1, r0, 0x0, 0x1) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) sendmsg$NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, 0x0, 0x400, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x2, 0x4f}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x24000015}, 0x40) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:53 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r1 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 637.739763][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 637.761840][ T3644] Bluetooth: hci8: sending frame failed (-49) [ 637.768905][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -49 16:49:53 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x2) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x24, 0x7, 0x800, 0xff81, 0x9, 0x1ff, 0x10001}}, 0x50) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x2) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) (async) write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x24, 0x7, 0x800, 0xff81, 0x9, 0x1ff, 0x10001}}, 0x50) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) 16:49:53 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x14) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 637.810168][ T915] Bluetooth: hci9: command 0x1003 tx timeout [ 637.815058][ T3643] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 637.873375][ T3642] Bluetooth: hci8: sending frame failed (-49) [ 637.880801][ T3643] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 637.913266][ T3642] Bluetooth: hci8: sending frame failed (-49) [ 637.920372][ T3643] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 637.961818][T14775] warn_alloc: 28 callbacks suppressed [ 637.961833][T14775] syz-executor.2: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 637.968223][T14784] ptm ptm6: ldisc open failed (-12), clearing slot 6 [ 637.992025][T14775] ,cpuset=syz2,mems_allowed=0-1 [ 637.997724][T14775] CPU: 0 PID: 14775 Comm: syz-executor.2 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 638.008499][T14775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 638.018828][T14775] Call Trace: [ 638.022111][T14775] [ 638.025040][T14775] dump_stack_lvl+0xcd/0x134 [ 638.029645][T14775] warn_alloc.cold+0x9b/0x189 [ 638.034332][T14775] ? zone_watermark_ok_safe+0x290/0x290 [ 638.039880][T14775] ? __kmalloc_node+0x62/0x390 [ 638.044936][T14775] ? __vmalloc_node_range+0x7bf/0x1060 [ 638.050735][T14775] __vmalloc_node_range+0xe1e/0x1060 [ 638.056039][T14775] ? vfree_atomic+0xe0/0xe0 [ 638.060546][T14775] ? n_tty_open+0x16/0x170 [ 638.064954][T14775] vzalloc+0x67/0x80 [ 638.068852][T14775] ? n_tty_open+0x16/0x170 [ 638.073276][T14775] n_tty_open+0x16/0x170 [ 638.077545][T14775] ? n_tty_set_termios+0x1010/0x1010 [ 638.082864][T14775] tty_ldisc_open+0x9b/0x110 [ 638.087631][T14775] tty_set_ldisc+0x2f1/0x680 [ 638.092228][T14775] tty_ioctl+0xae0/0x1660 [ 638.096596][T14775] ? tty_lookup_driver+0x550/0x550 [ 638.102086][T14775] ? find_held_lock+0x2d/0x110 [ 638.106903][T14775] ? __fget_files+0x28c/0x470 [ 638.111594][T14775] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 638.117855][T14775] ? tty_lookup_driver+0x550/0x550 [ 638.122983][T14775] __x64_sys_ioctl+0x193/0x200 [ 638.127930][T14775] do_syscall_64+0x35/0xb0 [ 638.132446][T14775] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 638.138351][T14775] RIP: 0033:0x7f8386363059 [ 638.142758][T14775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 638.162532][T14775] RSP: 002b:00007f8384cd8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 638.171066][T14775] RAX: ffffffffffffffda RBX: 00007f8386475f60 RCX: 00007f8386363059 [ 638.179039][T14775] RDX: 0000000020000100 RSI: 0000000000005423 RDI: 0000000000000003 [ 638.187238][T14775] RBP: 00007f83863bd08d R08: 0000000000000000 R09: 0000000000000000 [ 638.195237][T14775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 638.203213][T14775] R13: 00007fff37015fff R14: 00007f8384cd8300 R15: 0000000000022000 16:49:53 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x14) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 638.211214][T14775] [ 638.217507][T14775] Mem-Info: [ 638.221074][T14775] active_anon:2619 inactive_anon:148145 isolated_anon:0 [ 638.221074][T14775] active_file:4157 inactive_file:7661 isolated_file:0 [ 638.221074][T14775] unevictable:768 dirty:33 writeback:0 [ 638.221074][T14775] slab_reclaimable:19239 slab_unreclaimable:95943 [ 638.221074][T14775] mapped:27869 shmem:4104 pagetables:814 bounce:0 [ 638.221074][T14775] kernel_misc_reclaimable:0 [ 638.221074][T14775] free:1325694 free_pcp:7491 free_cma:0 [ 638.263966][T14775] Node 0 active_anon:10468kB inactive_anon:591624kB active_file:16552kB inactive_file:30644kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111476kB dirty:128kB writeback:0kB shmem:13940kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 442368kB writeback_tmp:0kB kernel_stack:10848kB pagetables:3252kB all_unreclaimable? no [ 638.296316][T14775] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 638.334758][ T3642] Bluetooth: hci8: sending frame failed (-49) [ 638.334906][T14775] Node 0 [ 638.341925][ T3643] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 638.351900][T14775] DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 638.378943][T14775] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 638.385775][T14775] Node 0 DMA32 free:1334660kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10468kB inactive_anon:591624kB active_file:16552kB inactive_file:30644kB unevictable:1536kB writepending:128kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:29244kB local_pcp:20456kB free_cma:0kB [ 638.418099][T14775] lowmem_reserve[]: 0 0 0 0 0 [ 638.424382][T14775] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 638.454921][T14775] lowmem_reserve[]: 0 0 0 0 0 [ 638.460613][T14775] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 638.490751][T14775] lowmem_reserve[]: 0 0 0 0 0 [ 638.495713][T14775] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 638.508867][T14775] Node 0 DMA32: 1189*4kB (UM) 1730*8kB (UME) 1978*16kB (UME) 506*32kB (UME) 366*64kB (UME) 193*128kB (UME) 66*256kB (UME) 38*512kB (UME) 22*1024kB (UE) 15*2048kB (UME) 276*4096kB (UM) = 1334660kB [ 638.529235][T14775] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 638.541081][T14775] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB 16:49:53 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x519503, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x6) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0xc0) lseek(0xffffffffffffffff, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x10000) write$damon_monitor_on(0xffffffffffffffff, &(0x7f00000000c0), 0x3) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0xfffffffffffffff4) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 638.559276][T14775] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 638.572252][T14775] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 638.581942][T14775] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 638.598943][T14775] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 638.608767][T14775] 15923 total pagecache pages [ 638.620183][T14775] 0 pages in swap cache [ 638.625935][T14775] Swap cache stats: add 0, delete 0, find 0/0 [ 638.636785][T14775] Free swap = 0kB [ 638.641902][T14775] Total swap = 0kB [ 638.646220][T14775] 2097051 pages RAM [ 638.655208][T14775] 0 pages HighMem/MovableOnly [ 638.660329][T14775] 384548 pages reserved [ 638.664617][T14775] 0 pages cma reserved [ 638.673551][ T3642] Bluetooth: hci8: sending frame failed (-49) [ 638.681590][ T3643] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 639.010868][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 639.020807][T14422] Bluetooth: hci11: command 0x1003 tx timeout [ 639.031723][ T46] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 639.053091][ T3625] Bluetooth: hci6: sending frame failed (-49) [ 639.060379][ T46] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:49:54 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x8) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:54 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x800) lseek(r0, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r0, r1, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r2, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:49:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x519503, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x6) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0xc0) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x10000) (async) write$damon_monitor_on(0xffffffffffffffff, &(0x7f00000000c0), 0x3) (async) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0xfffffffffffffff4) (async) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:54 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x202, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 639.163621][ T3643] Bluetooth: hci8: sending frame failed (-49) [ 639.170994][ T3625] Bluetooth: hci8: Opcode 0x1003 failed: -49 16:49:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x10) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000280)=0x3) r3 = creat(0x0, 0x0) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) ioctl$KDADDIO(r4, 0x4b34, 0x1000) r5 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x200400, 0x0) r6 = ioctl$TIOCGPTPEER(r5, 0x5441, 0x70) ioctl$sock_inet_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000040)) r7 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r7, 0x0, 0x10000) ioctl$RTC_WKALM_SET(r7, 0x4028700f, &(0x7f0000000200)={0x1, 0x0, {0x7, 0x7, 0x6, 0x1b, 0x2, 0x8000, 0x0, 0x7d, 0x1}}) ftruncate(r6, 0x1000) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:49:54 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async, rerun: 64) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (rerun: 64) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x8) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:49:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x519503, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x6) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0xc0) lseek(0xffffffffffffffff, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x10000) write$damon_monitor_on(0xffffffffffffffff, &(0x7f00000000c0), 0x3) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0xfffffffffffffff4) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x519503, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x6) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0xc0) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(0xffffffffffffffff, r4, 0x0, 0x10000) (async) write$damon_monitor_on(0xffffffffffffffff, &(0x7f00000000c0), 0x3) (async) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0xfffffffffffffff4) (async) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 639.415804][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 639.419686][T14419] Bluetooth: hci10: command 0x1003 tx timeout 16:49:55 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) r1 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x10) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000280)=0x3) r3 = creat(0x0, 0x0) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) ioctl$KDADDIO(r4, 0x4b34, 0x1000) r5 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x200400, 0x0) r6 = ioctl$TIOCGPTPEER(r5, 0x5441, 0x70) ioctl$sock_inet_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000040)) r7 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r7, 0x0, 0x10000) ioctl$RTC_WKALM_SET(r7, 0x4028700f, &(0x7f0000000200)={0x1, 0x0, {0x7, 0x7, 0x6, 0x1b, 0x2, 0x8000, 0x0, 0x7d, 0x1}}) ftruncate(r6, 0x1000) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x10) (async) openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000280)=0x3) (async) creat(0x0, 0x0) (async) openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) (async) ioctl$KDADDIO(r4, 0x4b34, 0x1000) (async) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x200400, 0x0) (async) ioctl$TIOCGPTPEER(r5, 0x5441, 0x70) (async) ioctl$sock_inet_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000040)) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(0xffffffffffffffff, r7, 0x0, 0x10000) (async) ioctl$RTC_WKALM_SET(r7, 0x4028700f, &(0x7f0000000200)={0x1, 0x0, {0x7, 0x7, 0x6, 0x1b, 0x2, 0x8000, 0x0, 0x7d, 0x1}}) (async) ftruncate(r6, 0x1000) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) 16:49:55 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TIOCNOTTY(r0, 0x5422) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 639.730205][ T3728] Bluetooth: hci7: command 0x1003 tx timeout [ 639.731519][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:49:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x10) (async) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000280)=0x3) r3 = creat(0x0, 0x0) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) ioctl$KDADDIO(r4, 0x4b34, 0x1000) r5 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x200400, 0x0) r6 = ioctl$TIOCGPTPEER(r5, 0x5441, 0x70) (async) ioctl$sock_inet_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000040)) r7 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r7, 0x0, 0x10000) (async) ioctl$RTC_WKALM_SET(r7, 0x4028700f, &(0x7f0000000200)={0x1, 0x0, {0x7, 0x7, 0x6, 0x1b, 0x2, 0x8000, 0x0, 0x7d, 0x1}}) ftruncate(r6, 0x1000) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:49:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x277, 0x203, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dc2b6b978e4b6000"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$sock_SIOCADDRT(r2, 0x890b, &(0x7f0000000280)={0x0, @ethernet={0x307, @local}, @generic={0x29, "98019b6c321504e97105ff304543"}, @can, 0x0, 0x0, 0x0, 0x0, 0xff, &(0x7f0000000000)='wlan0\x00', 0x6b, 0x400, 0x1}) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 639.987505][ T3644] Bluetooth: hci11: sending frame failed (-49) [ 639.996334][ T3642] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:49:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x277, 0x203, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dc2b6b978e4b6000"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$sock_SIOCADDRT(r2, 0x890b, &(0x7f0000000280)={0x0, @ethernet={0x307, @local}, @generic={0x29, "98019b6c321504e97105ff304543"}, @can, 0x0, 0x0, 0x0, 0x0, 0xff, &(0x7f0000000000)='wlan0\x00', 0x6b, 0x400, 0x1}) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 641.169740][ T3676] Bluetooth: hci6: command 0x1003 tx timeout [ 641.169901][ T46] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:49:56 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x800) lseek(r0, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r0, r1, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r2, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r0, 0x800) (async) lseek(r0, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r0, r1, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r2, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) 16:49:56 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x202, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async, rerun: 64) creat(0x0, 0x0) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async, rerun: 32) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 641.250085][ T3625] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 641.312540][ T26] kauditd_printk_skb: 22 callbacks suppressed [ 641.312558][ T26] audit: type=1804 audit(1644684596.648:1586): pid=14888 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3272609572/syzkaller.ZmexmB/707/bus" dev="sda1" ino=1181 res=1 errno=0 [ 641.348371][ T26] audit: type=1800 audit(1644684596.648:1587): pid=14888 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1181 res=0 errno=0 [ 641.375633][ T26] audit: type=1804 audit(1644684596.708:1588): pid=14889 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3272609572/syzkaller.ZmexmB/707/bus" dev="sda1" ino=1181 res=1 errno=0 [ 641.403783][ T26] audit: type=1800 audit(1644684596.708:1589): pid=14889 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1181 res=0 errno=0 16:49:56 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 64) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async, rerun: 64) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x8) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 641.495686][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 641.499715][T14422] Bluetooth: hci9: command 0x1003 tx timeout [ 641.549930][ T3644] Bluetooth: hci9: sending frame failed (-49) [ 641.557965][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:49:56 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x1fd, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x3) dup3(0xffffffffffffffff, r3, 0x0) [ 641.671810][ T26] audit: type=1804 audit(1644684597.008:1590): pid=14902 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/645/bus" dev="sda1" ino=1183 res=1 errno=0 [ 641.698938][ T26] audit: type=1800 audit(1644684597.008:1591): pid=14902 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1183 res=0 errno=0 [ 641.727859][ T26] audit: type=1804 audit(1644684597.058:1592): pid=14903 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/645/bus" dev="sda1" ino=1183 res=1 errno=0 16:49:57 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TIOCNOTTY(r0, 0x5422) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 641.753612][ T26] audit: type=1804 audit(1644684597.058:1593): pid=14903 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/645/bus" dev="sda1" ino=1183 res=1 errno=0 [ 641.779029][ T26] audit: type=1800 audit(1644684597.058:1594): pid=14903 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1183 res=0 errno=0 [ 641.810341][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:49:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async, rerun: 32) lseek(0xffffffffffffffff, 0x200, 0x0) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async, rerun: 64) r1 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (rerun: 64) sendfile(r1, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 641.863497][ T26] audit: type=1804 audit(1644684597.198:1595): pid=14906 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/637/bus" dev="sda1" ino=1182 res=1 errno=0 [ 641.889723][ T3676] Bluetooth: hci10: command 0x1003 tx timeout [ 641.890140][ T3643] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 641.970852][ T3644] Bluetooth: hci10: sending frame failed (-49) [ 641.978673][ T3643] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:49:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x11, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @mcast1, 0xfffffffe}}}, 0x88) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r2, 0x200, 0x0) dup(r0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000040)=0xff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f0000000280)={{}, "d6eb46d790ed134b63eb83d0b350a8cc44f3fbd05d4cf053694ffd69903d74d112c4411cd55003750f0fee5008508054629180223656f6571357fb11fee22eb4f9df8814b500f79a0eda7849f827ddbee664afc128ff87088a44795d334467ec4224fb5cdd5bf60fb79e5ec366815b5cc786dc2468e5daaea8541b5c837a783a3636dfc2ead6651a9a811876bdb8e14ae0865862b2b5af7a1b64507f8d036cf862975d075b18fe162e84bb45d8e32ca3fed531499c50c3aa11559439196b9ec66d9e17bfe6e26aa3757fb3675b6e05f21d218a43a43077ad9615911d7d15892872e759f55bfa65eeddabaf5fb6cbce18f98e97df5ba971e067812acf1cf999e64c75e65ed38d377a95b3fdec10723c5c3482e9fd5bc3f5dd77d4d600dd1ec0d6937c3320ff3c30085af07de383d56020c4bd641397f782024df751f915f4c4400d99b837762b15700a36b4d404136ac78dfb93a86f05ff95b31eff9c105b354156ad31506031374c70303d6e6da977e422a939ea3e60670787d7a6e26929f2ccb8b040c9bf1762e6510f604094677771749c53fe67768e3b83c52fddaf8be2e75b902ccc59e94e68dd1a66e0c89982e6d5955c7eae5b4eda924eeae79c2679ec9c3dfe56785b42bd92c3d7576dac23647d3a64e712460c052fc3e9e13f679f3a98080247a73ae3301a47bb231f36ceb908c1e32e4979e0708f6782c4ece518abb3555fbc43fbad00121d4bc6eb7bf247e1517491f76df7808c9e0c7fa36921c38418fdd0bd558e35a2a2c1ce96d72fec1bebd0b94dad2853aa5deabe20ba08595a89ba0cbd82e1275d4d4dd293dee6d3a070513d47a965039591ea65486d0540b2d4d324958250638136efb2ecb9287934517d8f9c5085a09b6e9acdabe17a89a964c60f3b42d576177627ae33ea7d545e39d2761fb66f763d4c215e23c21b7050fcb108ff5e119d15fb0f27048d49c94b0b5255cce0f1d9ad57789a252f85c40bd0f13adaa56a0579f0125068f78240737861663c530aea11ad205ad2e5e6599b5cfd4ebe7761a786483aa69a21b17fc1f16ab5fd56b5ff946ac648278b2f315165c93e4647900ef44bad5aa719881680e49ffc0d06a6be56a657653289415fe5f8115b7461106cff400567eea95b3ee50f5ba1013502244b34bf3fe32000a2d374e12bb4b29b06fe5abda189eed302e7f16816b52e6248a9871c69cb2cc4324986cf25ca7f23fab7927dfbd884ca3ac29bd12fe78b5fc8385836ccd1ad90bcf667727ccccc59e09119511da30c023f470e775e06bd44226d686f3ca2f72a8aee167048a2342779acf12026728d8aa86ce4a5200efef4c4bb1498208239cea0767d5bb286032d6109ebc6e5439c14a86e45bb309a41adf2dd1fd37b795bc43bf1b341217e9f395bfa71eeb5c14a575bf6ee5b64c54db2e46db625ea327d090d10eebdc49e4cbe931afb4a8fe1a97204c6ade4779a9522225dde334981210525547f3b17584fc339822dfec51156edbe9a4ae023a280674030e92145cf8de4f346e85702dce5651c6b0658de76b1d90863b7a32ba594222b6e801fa986a29a875747aeab12632f7466f44e07e4bd73a684be18c692c100b099c3112164f9484f53bf6c8f8476c1016af926cda40099aca7c621bf29f51f033e7bd771d8ac655dc8011a34e0e8e5a26fba3a031a89cbcafb4054b7f20738bc0a9757689378ce3c7c40083ba25e6276fbaac685d9aab302f1f30df8030ca4c8cfa3b972c7be26be0c3454f6726fb8c46904ce0766f7af2374c42a61d8ed1576a71bd01178dcbba858a7f75ac3d7eac8e07cdd2a777b46541962438aa48f256ceb92956fbf676e7ed5b7e8bf1d059b9b136f2f9c410462799db6e5776b6239d5e6a388d0aaf8af881b97999f9b0428ed886a8fbc67810da6e4b19e555892e4fa87324e806aa5e22a6e2cf5ea7235a217771bdbc7c30fb91a6cf744bbb2b822851bbe598191261d599f96198c28a22e00f09e2b00cbbf382e5eae616dc5879a0c3629390aeea4a26d2189f2d572c5fb1e5efb1c6160acae4d4e3118d06343318f2a8c24062fdfbb1451ca651e371502ef4f87932fec5db290d74e70f0c601269ace327797326966a96a6470d9c55ced36e221c15c7ec9fd6dcc83935bb3b792262cd84070fe90819d3ae40dcd96ff66c168c841439f0284278dfdc70559b79ba5dc789c6063461cbcd27415ca8ed1f02f57b178d90bd30fdcc390e78201caf778bae7eba9f7063f532cded86416a4be3347d558491a0253a67677fc5fec4ee895a3ae55c139708e1e94a2753ca11725fff6d1c13029dda9a8d853a48f80945800f6aa655de8c8340d99a70f9c0a76f1a4b319836bd77ee4b8a480babc0c8fe25ee912e4fa8eb0b37e17b6b03e522ba406128f08afbbc7ad0624c4b4976a94f16a9f7da4a303fa330695fddc2a3392b89784789408c4a38640d26990f7e037c69bb361a9f72935ac055044def46687039194f5001c98cc150e6f8c239acee55f2bb2b9929908e426c66fe7b87443995902e167db5bf9ca5b7cde8e9cffd4cebc7059bf30d5bb6d3e016896396a64bc2d9750a3fd760a16490db0df6d18d6329ac0d310233f9831921c11188659f2b98f617d88ee51a0a72ab417573fb0512c1b664e18e7d026d6abac4d6ed1c036d616c91181d8cc3d7fc5a881d72d1accc68410928c418097985b7f60c012c2951b2f6c702547a7614a41d1c47f1f7afe444bd8473cea2e63870700503e1f55c0357d6bc979ce4b7b9c569830b50b09d037262b39610f73549ef21c321aaf27cd0dab68857b4467b2bc159ffdd9b98fe35618d356defa252fe1fd25d6ecf5b89a0f38b63ade6174b761630bb4b2b1a37c01933abbcdffeec03b3a36986162955fca03bd26cf1af346b73275f787b81bb77428838e056d0b3bb5dfac4743acd415d6be0bf8ecef1d326efe164fd887ff6c8a57fcc9c83b30e071c0b37220b93274c3697ce1946da109959f5f9fa4743a1184dfbc39bdf9ede2224564992424d5b0b8ee832e905b86d2abfd38aa15732b77d27cf342aee13c12593c971d96a1bbecbdf5dbc10a664d54a7741f0f4743138c8d94ea535bcf3eada19e6eaf9ce4361fbd7893aea0850530b72e7e774c9d0ba4a9ca211a1e3b07bb0abaea3ba6f1ac21f6371cfdfb913951fe47ca6fd7aa2fbc260da213ebd82c30e6c9af470c75c305d4faccedd949d2a41399a2a590a902487d6d22c91ed8ef246be07ac165f104ce2008a6c9c37dbbb56e415efb4df8cc2a5135a33bcb721dee79bdc772d4b1ecad700cacfc220e31afc2f5b215d73a8d0cdb72716ca1e41953df744f5a2dcdee87701bebf1c9e4d3fdf6802f4095ba8817d4ee1b36742e7685305c0e475718b8d36a86c1231519f3b73d9f23f23524f9a46c2847435f6516f411ac66cee380d7e7a569cd973f25ec535b67ec778aae78ee867dc8ece54afe7fe6c3863795a135cd1cee117241ad70e5d855b5c6ef4c36623a23c7ab9570acdbdc637bec490cd4e1bb73dba3f2eb798780b23bc168c0be72a506c9a93e7c29d1ac7da78b82993f4aeb927dc75a933a7772b88d2f6787740851ad4208d807ad5aab14e9e0c4e66a37c6e8379b976a548b7a03112fcc6ec23cf44b4107d837d159a88a7479aa74c6dad6baba1f7f3224da0319baa02b639442c644628bf7483d13ade7cc9f0b90d49c4492ac4fce169b7bb6eb28020cd149ef1baad6b9f0b8a50f372d1890a32b1a531b9215ea5067742db7a55396ff73d02dfcee14c6902155a997eae6669f0a39d063782134337d9884f227fc3f55e3ec623fa23396d270055e130fda0c30bc233c57035f5d598753941e45632babd0b2b9add828cf6c2e8f922b3ceedaebc5fdee50be5157071c4357d9140d915f7584a65eaeb58a842ffed3c318cfd16323ad7b6881c8d40f8cd0d046cb8deece9626ccdfd6e5d9979840db15e1682a139da63181e45be38edd3864882a8c367ed08a1401e70256d69f255e46653fb7217890b87311493d991288d0a173fa4b23d930ece778cda6f7ab630ba4b360c716ef68693d92313cd4caed51ad4f8d5c480dd9520a665bcb28be3a065c31ad8df311a069f8c1739a36ab6d13509628658970556b88bfcde05c6e55eeea7f182747eb204139a9eb37d5c2d1179e49ffbea12c161542d4e5c2184cd078f841822a0c446a5c7e2b93fd7aa66dfbde42506fc7b8d4f82b7239d38bcf0d84f02d8cbb4463a41d406efb3de95fe6cd314e2f24ffe56a69179801b1bc1d1055043fe3f012375d2a102c45f5af71825a3bb08f5a80db1233f9316dae1e0d0bb794cc03238f046342baf1492686077e1931caa857764900e1544990f1533ab914c70416d54352b24587dd8af5425026a6118126a778dfeb35bf3dba88b9c2e3354e49fe7ce562241c7e644027393223d6c331e2c84f8bf8b916809b0a438124986597305243b3449f3a4102f3357c4ab50a6d6179fcb64d95b53ac94cd20805169ec40fd3da4f4a2b2542de4c1381485907a520448adc2ee7859c34e38012d67eff6be80b4e76c95ba8ef24b3d8b4c8876321438efb5533860755e584b520b5a429f7d3f39be10bef8a405d8a3b00fdc52a44c38c2e1490a00c54358c5f3e087db718b5ce2e39b6cde238cc352f54a2037c007e39d4fe999ccc43c21865b5cf966a15bcbf16a4176937588fc73572a129fdf7f8aef342be111be2c0b5551699aa5520a5941d7338519fa6a0980e97929229d495764bc7f910f43d680f244023eabee1538acb255b54b68811c91489922a00db37cd120b2f04f2643ed7c07a0e38b72b5cf665f5bc7a9e72632ae77be5acc2f2cdae22cdc846863d98d9935bda901a492582f28c6ec1a6ff77625e5ad8a689981032ac0a3c31a3f3e9d5f8768cec0c686d3634f3456c7ab7d809ad6d6483ce8cc7311827c8d3c204ba4c7213bb24b910af379f9bbf2c487af01b2f2334063a515d5c64f04d93ae5820b9f890eee844436b0a784f55ca4af78c0a4f3055a7c6b7d656fb454ef8a2c7fbe582ffcc9b44ff2a8b7d3e5b18c75f413cbfd3b1aed8ba858378eb9c43db702b1b9742f6925789b23c12975ffe7f1620aa143ce4cbf88444a47988dd4fe9a1585db51fec96d20cc5a7ada8f2093c39321880a79a5e9a4d3bd466dd595486243630d71f4127f703fec7d1764ee9f53b8bc5de3f933f025f83d33f66d711c32f64b764a090adb0d9c81100d5134f231133da29ba01eb1241f19d62dec22eff61873024428f27ef8715f595d127ba96e41a22081b4c501eee30bdc12dad5cec15c11c8bd106ca1afedf0ae55dc70315c4f7f0c8bcc9c6911a8aabeded31756611c7c2243539d2ca4a2538acae1c72d68ca5343b41eaf68e6488f6e7a636db677edb0d1d25af5512afc225ccc4a1f7e8c77bd3994a8730bc888d26e1b1c5626dace4f65d7477daa6acae206583da278338fb671b940720d61a16e050a2386b53b5a37fe81db99ce4ad5373de2f55c087b6d687b258226996514699a64744be4dff5297cd503d0473570d52797e4791ac15eb6ca379493e1eefb2f20a8f8769ccb6f0e0db78e9e85fa8f3a14777b776b864c7734ef733b982464f13d8fae6078c8b20571a4ca4c0cd66cbbdc3bd3378b7112a9bbab76c900227552701c4d51a1ed4bbda9d1653047c7be496b37ea74bcf4f3fa998717dc9bce8ac02d8ada34e40ad9d8b4ba34ce310b79d7d385cafd774de74261cfddcc26bda7cd143e9e0c065bf62"}) write(r0, &(0x7f0000000180)="4607d3d198e8a72b246f7a37d6da60a62c5b87e5835cbc9f0bc66e7c68240dc305f20cfce5a05388145e10f54fe66036e33d675c92cb4a8835f99d5563aa119ec0887873dd513e95a153a1916c8fff5c3f7e477ef599938e2ba94ecdf9e13e684df76de583b5e22c4cbd0512f0ba194963c3ee1825818bd9406f29c8ca34f53acfe2c096", 0x84) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x9) 16:49:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x11, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @mcast1, 0xfffffffe}}}, 0x88) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r2, 0x200, 0x0) dup(r0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000040)=0xff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f0000000280)={{}, "d6eb46d790ed134b63eb83d0b350a8cc44f3fbd05d4cf053694ffd69903d74d112c4411cd55003750f0fee5008508054629180223656f6571357fb11fee22eb4f9df8814b500f79a0eda7849f827ddbee664afc128ff87088a44795d334467ec4224fb5cdd5bf60fb79e5ec366815b5cc786dc2468e5daaea8541b5c837a783a3636dfc2ead6651a9a811876bdb8e14ae0865862b2b5af7a1b64507f8d036cf862975d075b18fe162e84bb45d8e32ca3fed531499c50c3aa11559439196b9ec66d9e17bfe6e26aa3757fb3675b6e05f21d218a43a43077ad9615911d7d15892872e759f55bfa65eeddabaf5fb6cbce18f98e97df5ba971e067812acf1cf999e64c75e65ed38d377a95b3fdec10723c5c3482e9fd5bc3f5dd77d4d600dd1ec0d6937c3320ff3c30085af07de383d56020c4bd641397f782024df751f915f4c4400d99b837762b15700a36b4d404136ac78dfb93a86f05ff95b31eff9c105b354156ad31506031374c70303d6e6da977e422a939ea3e60670787d7a6e26929f2ccb8b040c9bf1762e6510f604094677771749c53fe67768e3b83c52fddaf8be2e75b902ccc59e94e68dd1a66e0c89982e6d5955c7eae5b4eda924eeae79c2679ec9c3dfe56785b42bd92c3d7576dac23647d3a64e712460c052fc3e9e13f679f3a98080247a73ae3301a47bb231f36ceb908c1e32e4979e0708f6782c4ece518abb3555fbc43fbad00121d4bc6eb7bf247e1517491f76df7808c9e0c7fa36921c38418fdd0bd558e35a2a2c1ce96d72fec1bebd0b94dad2853aa5deabe20ba08595a89ba0cbd82e1275d4d4dd293dee6d3a070513d47a965039591ea65486d0540b2d4d324958250638136efb2ecb9287934517d8f9c5085a09b6e9acdabe17a89a964c60f3b42d576177627ae33ea7d545e39d2761fb66f763d4c215e23c21b7050fcb108ff5e119d15fb0f27048d49c94b0b5255cce0f1d9ad57789a252f85c40bd0f13adaa56a0579f0125068f78240737861663c530aea11ad205ad2e5e6599b5cfd4ebe7761a786483aa69a21b17fc1f16ab5fd56b5ff946ac648278b2f315165c93e4647900ef44bad5aa719881680e49ffc0d06a6be56a657653289415fe5f8115b7461106cff400567eea95b3ee50f5ba1013502244b34bf3fe32000a2d374e12bb4b29b06fe5abda189eed302e7f16816b52e6248a9871c69cb2cc4324986cf25ca7f23fab7927dfbd884ca3ac29bd12fe78b5fc8385836ccd1ad90bcf667727ccccc59e09119511da30c023f470e775e06bd44226d686f3ca2f72a8aee167048a2342779acf12026728d8aa86ce4a5200efef4c4bb1498208239cea0767d5bb286032d6109ebc6e5439c14a86e45bb309a41adf2dd1fd37b795bc43bf1b341217e9f395bfa71eeb5c14a575bf6ee5b64c54db2e46db625ea327d090d10eebdc49e4cbe931afb4a8fe1a97204c6ade4779a9522225dde334981210525547f3b17584fc339822dfec51156edbe9a4ae023a280674030e92145cf8de4f346e85702dce5651c6b0658de76b1d90863b7a32ba594222b6e801fa986a29a875747aeab12632f7466f44e07e4bd73a684be18c692c100b099c3112164f9484f53bf6c8f8476c1016af926cda40099aca7c621bf29f51f033e7bd771d8ac655dc8011a34e0e8e5a26fba3a031a89cbcafb4054b7f20738bc0a9757689378ce3c7c40083ba25e6276fbaac685d9aab302f1f30df8030ca4c8cfa3b972c7be26be0c3454f6726fb8c46904ce0766f7af2374c42a61d8ed1576a71bd01178dcbba858a7f75ac3d7eac8e07cdd2a777b46541962438aa48f256ceb92956fbf676e7ed5b7e8bf1d059b9b136f2f9c410462799db6e5776b6239d5e6a388d0aaf8af881b97999f9b0428ed886a8fbc67810da6e4b19e555892e4fa87324e806aa5e22a6e2cf5ea7235a217771bdbc7c30fb91a6cf744bbb2b822851bbe598191261d599f96198c28a22e00f09e2b00cbbf382e5eae616dc5879a0c3629390aeea4a26d2189f2d572c5fb1e5efb1c6160acae4d4e3118d06343318f2a8c24062fdfbb1451ca651e371502ef4f87932fec5db290d74e70f0c601269ace327797326966a96a6470d9c55ced36e221c15c7ec9fd6dcc83935bb3b792262cd84070fe90819d3ae40dcd96ff66c168c841439f0284278dfdc70559b79ba5dc789c6063461cbcd27415ca8ed1f02f57b178d90bd30fdcc390e78201caf778bae7eba9f7063f532cded86416a4be3347d558491a0253a67677fc5fec4ee895a3ae55c139708e1e94a2753ca11725fff6d1c13029dda9a8d853a48f80945800f6aa655de8c8340d99a70f9c0a76f1a4b319836bd77ee4b8a480babc0c8fe25ee912e4fa8eb0b37e17b6b03e522ba406128f08afbbc7ad0624c4b4976a94f16a9f7da4a303fa330695fddc2a3392b89784789408c4a38640d26990f7e037c69bb361a9f72935ac055044def46687039194f5001c98cc150e6f8c239acee55f2bb2b9929908e426c66fe7b87443995902e167db5bf9ca5b7cde8e9cffd4cebc7059bf30d5bb6d3e016896396a64bc2d9750a3fd760a16490db0df6d18d6329ac0d310233f9831921c11188659f2b98f617d88ee51a0a72ab417573fb0512c1b664e18e7d026d6abac4d6ed1c036d616c91181d8cc3d7fc5a881d72d1accc68410928c418097985b7f60c012c2951b2f6c702547a7614a41d1c47f1f7afe444bd8473cea2e63870700503e1f55c0357d6bc979ce4b7b9c569830b50b09d037262b39610f73549ef21c321aaf27cd0dab68857b4467b2bc159ffdd9b98fe35618d356defa252fe1fd25d6ecf5b89a0f38b63ade6174b761630bb4b2b1a37c01933abbcdffeec03b3a36986162955fca03bd26cf1af346b73275f787b81bb77428838e056d0b3bb5dfac4743acd415d6be0bf8ecef1d326efe164fd887ff6c8a57fcc9c83b30e071c0b37220b93274c3697ce1946da109959f5f9fa4743a1184dfbc39bdf9ede2224564992424d5b0b8ee832e905b86d2abfd38aa15732b77d27cf342aee13c12593c971d96a1bbecbdf5dbc10a664d54a7741f0f4743138c8d94ea535bcf3eada19e6eaf9ce4361fbd7893aea0850530b72e7e774c9d0ba4a9ca211a1e3b07bb0abaea3ba6f1ac21f6371cfdfb913951fe47ca6fd7aa2fbc260da213ebd82c30e6c9af470c75c305d4faccedd949d2a41399a2a590a902487d6d22c91ed8ef246be07ac165f104ce2008a6c9c37dbbb56e415efb4df8cc2a5135a33bcb721dee79bdc772d4b1ecad700cacfc220e31afc2f5b215d73a8d0cdb72716ca1e41953df744f5a2dcdee87701bebf1c9e4d3fdf6802f4095ba8817d4ee1b36742e7685305c0e475718b8d36a86c1231519f3b73d9f23f23524f9a46c2847435f6516f411ac66cee380d7e7a569cd973f25ec535b67ec778aae78ee867dc8ece54afe7fe6c3863795a135cd1cee117241ad70e5d855b5c6ef4c36623a23c7ab9570acdbdc637bec490cd4e1bb73dba3f2eb798780b23bc168c0be72a506c9a93e7c29d1ac7da78b82993f4aeb927dc75a933a7772b88d2f6787740851ad4208d807ad5aab14e9e0c4e66a37c6e8379b976a548b7a03112fcc6ec23cf44b4107d837d159a88a7479aa74c6dad6baba1f7f3224da0319baa02b639442c644628bf7483d13ade7cc9f0b90d49c4492ac4fce169b7bb6eb28020cd149ef1baad6b9f0b8a50f372d1890a32b1a531b9215ea5067742db7a55396ff73d02dfcee14c6902155a997eae6669f0a39d063782134337d9884f227fc3f55e3ec623fa23396d270055e130fda0c30bc233c57035f5d598753941e45632babd0b2b9add828cf6c2e8f922b3ceedaebc5fdee50be5157071c4357d9140d915f7584a65eaeb58a842ffed3c318cfd16323ad7b6881c8d40f8cd0d046cb8deece9626ccdfd6e5d9979840db15e1682a139da63181e45be38edd3864882a8c367ed08a1401e70256d69f255e46653fb7217890b87311493d991288d0a173fa4b23d930ece778cda6f7ab630ba4b360c716ef68693d92313cd4caed51ad4f8d5c480dd9520a665bcb28be3a065c31ad8df311a069f8c1739a36ab6d13509628658970556b88bfcde05c6e55eeea7f182747eb204139a9eb37d5c2d1179e49ffbea12c161542d4e5c2184cd078f841822a0c446a5c7e2b93fd7aa66dfbde42506fc7b8d4f82b7239d38bcf0d84f02d8cbb4463a41d406efb3de95fe6cd314e2f24ffe56a69179801b1bc1d1055043fe3f012375d2a102c45f5af71825a3bb08f5a80db1233f9316dae1e0d0bb794cc03238f046342baf1492686077e1931caa857764900e1544990f1533ab914c70416d54352b24587dd8af5425026a6118126a778dfeb35bf3dba88b9c2e3354e49fe7ce562241c7e644027393223d6c331e2c84f8bf8b916809b0a438124986597305243b3449f3a4102f3357c4ab50a6d6179fcb64d95b53ac94cd20805169ec40fd3da4f4a2b2542de4c1381485907a520448adc2ee7859c34e38012d67eff6be80b4e76c95ba8ef24b3d8b4c8876321438efb5533860755e584b520b5a429f7d3f39be10bef8a405d8a3b00fdc52a44c38c2e1490a00c54358c5f3e087db718b5ce2e39b6cde238cc352f54a2037c007e39d4fe999ccc43c21865b5cf966a15bcbf16a4176937588fc73572a129fdf7f8aef342be111be2c0b5551699aa5520a5941d7338519fa6a0980e97929229d495764bc7f910f43d680f244023eabee1538acb255b54b68811c91489922a00db37cd120b2f04f2643ed7c07a0e38b72b5cf665f5bc7a9e72632ae77be5acc2f2cdae22cdc846863d98d9935bda901a492582f28c6ec1a6ff77625e5ad8a689981032ac0a3c31a3f3e9d5f8768cec0c686d3634f3456c7ab7d809ad6d6483ce8cc7311827c8d3c204ba4c7213bb24b910af379f9bbf2c487af01b2f2334063a515d5c64f04d93ae5820b9f890eee844436b0a784f55ca4af78c0a4f3055a7c6b7d656fb454ef8a2c7fbe582ffcc9b44ff2a8b7d3e5b18c75f413cbfd3b1aed8ba858378eb9c43db702b1b9742f6925789b23c12975ffe7f1620aa143ce4cbf88444a47988dd4fe9a1585db51fec96d20cc5a7ada8f2093c39321880a79a5e9a4d3bd466dd595486243630d71f4127f703fec7d1764ee9f53b8bc5de3f933f025f83d33f66d711c32f64b764a090adb0d9c81100d5134f231133da29ba01eb1241f19d62dec22eff61873024428f27ef8715f595d127ba96e41a22081b4c501eee30bdc12dad5cec15c11c8bd106ca1afedf0ae55dc70315c4f7f0c8bcc9c6911a8aabeded31756611c7c2243539d2ca4a2538acae1c72d68ca5343b41eaf68e6488f6e7a636db677edb0d1d25af5512afc225ccc4a1f7e8c77bd3994a8730bc888d26e1b1c5626dace4f65d7477daa6acae206583da278338fb671b940720d61a16e050a2386b53b5a37fe81db99ce4ad5373de2f55c087b6d687b258226996514699a64744be4dff5297cd503d0473570d52797e4791ac15eb6ca379493e1eefb2f20a8f8769ccb6f0e0db78e9e85fa8f3a14777b776b864c7734ef733b982464f13d8fae6078c8b20571a4ca4c0cd66cbbdc3bd3378b7112a9bbab76c900227552701c4d51a1ed4bbda9d1653047c7be496b37ea74bcf4f3fa998717dc9bce8ac02d8ada34e40ad9d8b4ba34ce310b79d7d385cafd774de74261cfddcc26bda7cd143e9e0c065bf62"}) write(r0, &(0x7f0000000180)="4607d3d198e8a72b246f7a37d6da60a62c5b87e5835cbc9f0bc66e7c68240dc305f20cfce5a05388145e10f54fe66036e33d675c92cb4a8835f99d5563aa119ec0887873dd513e95a153a1916c8fff5c3f7e477ef599938e2ba94ecdf9e13e684df76de583b5e22c4cbd0512f0ba194963c3ee1825818bd9406f29c8ca34f53acfe2c096", 0x84) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x9) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) socket$inet6_udplite(0xa, 0x2, 0x88) (async) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x11, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @mcast1, 0xfffffffe}}}, 0x88) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) lseek(r2, 0x200, 0x0) (async) dup(r0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000040)=0xff) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f0000000280)={{}, "d6eb46d790ed134b63eb83d0b350a8cc44f3fbd05d4cf053694ffd69903d74d112c4411cd55003750f0fee5008508054629180223656f6571357fb11fee22eb4f9df8814b500f79a0eda7849f827ddbee664afc128ff87088a44795d334467ec4224fb5cdd5bf60fb79e5ec366815b5cc786dc2468e5daaea8541b5c837a783a3636dfc2ead6651a9a811876bdb8e14ae0865862b2b5af7a1b64507f8d036cf862975d075b18fe162e84bb45d8e32ca3fed531499c50c3aa11559439196b9ec66d9e17bfe6e26aa3757fb3675b6e05f21d218a43a43077ad9615911d7d15892872e759f55bfa65eeddabaf5fb6cbce18f98e97df5ba971e067812acf1cf999e64c75e65ed38d377a95b3fdec10723c5c3482e9fd5bc3f5dd77d4d600dd1ec0d6937c3320ff3c30085af07de383d56020c4bd641397f782024df751f915f4c4400d99b837762b15700a36b4d404136ac78dfb93a86f05ff95b31eff9c105b354156ad31506031374c70303d6e6da977e422a939ea3e60670787d7a6e26929f2ccb8b040c9bf1762e6510f604094677771749c53fe67768e3b83c52fddaf8be2e75b902ccc59e94e68dd1a66e0c89982e6d5955c7eae5b4eda924eeae79c2679ec9c3dfe56785b42bd92c3d7576dac23647d3a64e712460c052fc3e9e13f679f3a98080247a73ae3301a47bb231f36ceb908c1e32e4979e0708f6782c4ece518abb3555fbc43fbad00121d4bc6eb7bf247e1517491f76df7808c9e0c7fa36921c38418fdd0bd558e35a2a2c1ce96d72fec1bebd0b94dad2853aa5deabe20ba08595a89ba0cbd82e1275d4d4dd293dee6d3a070513d47a965039591ea65486d0540b2d4d324958250638136efb2ecb9287934517d8f9c5085a09b6e9acdabe17a89a964c60f3b42d576177627ae33ea7d545e39d2761fb66f763d4c215e23c21b7050fcb108ff5e119d15fb0f27048d49c94b0b5255cce0f1d9ad57789a252f85c40bd0f13adaa56a0579f0125068f78240737861663c530aea11ad205ad2e5e6599b5cfd4ebe7761a786483aa69a21b17fc1f16ab5fd56b5ff946ac648278b2f315165c93e4647900ef44bad5aa719881680e49ffc0d06a6be56a657653289415fe5f8115b7461106cff400567eea95b3ee50f5ba1013502244b34bf3fe32000a2d374e12bb4b29b06fe5abda189eed302e7f16816b52e6248a9871c69cb2cc4324986cf25ca7f23fab7927dfbd884ca3ac29bd12fe78b5fc8385836ccd1ad90bcf667727ccccc59e09119511da30c023f470e775e06bd44226d686f3ca2f72a8aee167048a2342779acf12026728d8aa86ce4a5200efef4c4bb1498208239cea0767d5bb286032d6109ebc6e5439c14a86e45bb309a41adf2dd1fd37b795bc43bf1b341217e9f395bfa71eeb5c14a575bf6ee5b64c54db2e46db625ea327d090d10eebdc49e4cbe931afb4a8fe1a97204c6ade4779a9522225dde334981210525547f3b17584fc339822dfec51156edbe9a4ae023a280674030e92145cf8de4f346e85702dce5651c6b0658de76b1d90863b7a32ba594222b6e801fa986a29a875747aeab12632f7466f44e07e4bd73a684be18c692c100b099c3112164f9484f53bf6c8f8476c1016af926cda40099aca7c621bf29f51f033e7bd771d8ac655dc8011a34e0e8e5a26fba3a031a89cbcafb4054b7f20738bc0a9757689378ce3c7c40083ba25e6276fbaac685d9aab302f1f30df8030ca4c8cfa3b972c7be26be0c3454f6726fb8c46904ce0766f7af2374c42a61d8ed1576a71bd01178dcbba858a7f75ac3d7eac8e07cdd2a777b46541962438aa48f256ceb92956fbf676e7ed5b7e8bf1d059b9b136f2f9c410462799db6e5776b6239d5e6a388d0aaf8af881b97999f9b0428ed886a8fbc67810da6e4b19e555892e4fa87324e806aa5e22a6e2cf5ea7235a217771bdbc7c30fb91a6cf744bbb2b822851bbe598191261d599f96198c28a22e00f09e2b00cbbf382e5eae616dc5879a0c3629390aeea4a26d2189f2d572c5fb1e5efb1c6160acae4d4e3118d06343318f2a8c24062fdfbb1451ca651e371502ef4f87932fec5db290d74e70f0c601269ace327797326966a96a6470d9c55ced36e221c15c7ec9fd6dcc83935bb3b792262cd84070fe90819d3ae40dcd96ff66c168c841439f0284278dfdc70559b79ba5dc789c6063461cbcd27415ca8ed1f02f57b178d90bd30fdcc390e78201caf778bae7eba9f7063f532cded86416a4be3347d558491a0253a67677fc5fec4ee895a3ae55c139708e1e94a2753ca11725fff6d1c13029dda9a8d853a48f80945800f6aa655de8c8340d99a70f9c0a76f1a4b319836bd77ee4b8a480babc0c8fe25ee912e4fa8eb0b37e17b6b03e522ba406128f08afbbc7ad0624c4b4976a94f16a9f7da4a303fa330695fddc2a3392b89784789408c4a38640d26990f7e037c69bb361a9f72935ac055044def46687039194f5001c98cc150e6f8c239acee55f2bb2b9929908e426c66fe7b87443995902e167db5bf9ca5b7cde8e9cffd4cebc7059bf30d5bb6d3e016896396a64bc2d9750a3fd760a16490db0df6d18d6329ac0d310233f9831921c11188659f2b98f617d88ee51a0a72ab417573fb0512c1b664e18e7d026d6abac4d6ed1c036d616c91181d8cc3d7fc5a881d72d1accc68410928c418097985b7f60c012c2951b2f6c702547a7614a41d1c47f1f7afe444bd8473cea2e63870700503e1f55c0357d6bc979ce4b7b9c569830b50b09d037262b39610f73549ef21c321aaf27cd0dab68857b4467b2bc159ffdd9b98fe35618d356defa252fe1fd25d6ecf5b89a0f38b63ade6174b761630bb4b2b1a37c01933abbcdffeec03b3a36986162955fca03bd26cf1af346b73275f787b81bb77428838e056d0b3bb5dfac4743acd415d6be0bf8ecef1d326efe164fd887ff6c8a57fcc9c83b30e071c0b37220b93274c3697ce1946da109959f5f9fa4743a1184dfbc39bdf9ede2224564992424d5b0b8ee832e905b86d2abfd38aa15732b77d27cf342aee13c12593c971d96a1bbecbdf5dbc10a664d54a7741f0f4743138c8d94ea535bcf3eada19e6eaf9ce4361fbd7893aea0850530b72e7e774c9d0ba4a9ca211a1e3b07bb0abaea3ba6f1ac21f6371cfdfb913951fe47ca6fd7aa2fbc260da213ebd82c30e6c9af470c75c305d4faccedd949d2a41399a2a590a902487d6d22c91ed8ef246be07ac165f104ce2008a6c9c37dbbb56e415efb4df8cc2a5135a33bcb721dee79bdc772d4b1ecad700cacfc220e31afc2f5b215d73a8d0cdb72716ca1e41953df744f5a2dcdee87701bebf1c9e4d3fdf6802f4095ba8817d4ee1b36742e7685305c0e475718b8d36a86c1231519f3b73d9f23f23524f9a46c2847435f6516f411ac66cee380d7e7a569cd973f25ec535b67ec778aae78ee867dc8ece54afe7fe6c3863795a135cd1cee117241ad70e5d855b5c6ef4c36623a23c7ab9570acdbdc637bec490cd4e1bb73dba3f2eb798780b23bc168c0be72a506c9a93e7c29d1ac7da78b82993f4aeb927dc75a933a7772b88d2f6787740851ad4208d807ad5aab14e9e0c4e66a37c6e8379b976a548b7a03112fcc6ec23cf44b4107d837d159a88a7479aa74c6dad6baba1f7f3224da0319baa02b639442c644628bf7483d13ade7cc9f0b90d49c4492ac4fce169b7bb6eb28020cd149ef1baad6b9f0b8a50f372d1890a32b1a531b9215ea5067742db7a55396ff73d02dfcee14c6902155a997eae6669f0a39d063782134337d9884f227fc3f55e3ec623fa23396d270055e130fda0c30bc233c57035f5d598753941e45632babd0b2b9add828cf6c2e8f922b3ceedaebc5fdee50be5157071c4357d9140d915f7584a65eaeb58a842ffed3c318cfd16323ad7b6881c8d40f8cd0d046cb8deece9626ccdfd6e5d9979840db15e1682a139da63181e45be38edd3864882a8c367ed08a1401e70256d69f255e46653fb7217890b87311493d991288d0a173fa4b23d930ece778cda6f7ab630ba4b360c716ef68693d92313cd4caed51ad4f8d5c480dd9520a665bcb28be3a065c31ad8df311a069f8c1739a36ab6d13509628658970556b88bfcde05c6e55eeea7f182747eb204139a9eb37d5c2d1179e49ffbea12c161542d4e5c2184cd078f841822a0c446a5c7e2b93fd7aa66dfbde42506fc7b8d4f82b7239d38bcf0d84f02d8cbb4463a41d406efb3de95fe6cd314e2f24ffe56a69179801b1bc1d1055043fe3f012375d2a102c45f5af71825a3bb08f5a80db1233f9316dae1e0d0bb794cc03238f046342baf1492686077e1931caa857764900e1544990f1533ab914c70416d54352b24587dd8af5425026a6118126a778dfeb35bf3dba88b9c2e3354e49fe7ce562241c7e644027393223d6c331e2c84f8bf8b916809b0a438124986597305243b3449f3a4102f3357c4ab50a6d6179fcb64d95b53ac94cd20805169ec40fd3da4f4a2b2542de4c1381485907a520448adc2ee7859c34e38012d67eff6be80b4e76c95ba8ef24b3d8b4c8876321438efb5533860755e584b520b5a429f7d3f39be10bef8a405d8a3b00fdc52a44c38c2e1490a00c54358c5f3e087db718b5ce2e39b6cde238cc352f54a2037c007e39d4fe999ccc43c21865b5cf966a15bcbf16a4176937588fc73572a129fdf7f8aef342be111be2c0b5551699aa5520a5941d7338519fa6a0980e97929229d495764bc7f910f43d680f244023eabee1538acb255b54b68811c91489922a00db37cd120b2f04f2643ed7c07a0e38b72b5cf665f5bc7a9e72632ae77be5acc2f2cdae22cdc846863d98d9935bda901a492582f28c6ec1a6ff77625e5ad8a689981032ac0a3c31a3f3e9d5f8768cec0c686d3634f3456c7ab7d809ad6d6483ce8cc7311827c8d3c204ba4c7213bb24b910af379f9bbf2c487af01b2f2334063a515d5c64f04d93ae5820b9f890eee844436b0a784f55ca4af78c0a4f3055a7c6b7d656fb454ef8a2c7fbe582ffcc9b44ff2a8b7d3e5b18c75f413cbfd3b1aed8ba858378eb9c43db702b1b9742f6925789b23c12975ffe7f1620aa143ce4cbf88444a47988dd4fe9a1585db51fec96d20cc5a7ada8f2093c39321880a79a5e9a4d3bd466dd595486243630d71f4127f703fec7d1764ee9f53b8bc5de3f933f025f83d33f66d711c32f64b764a090adb0d9c81100d5134f231133da29ba01eb1241f19d62dec22eff61873024428f27ef8715f595d127ba96e41a22081b4c501eee30bdc12dad5cec15c11c8bd106ca1afedf0ae55dc70315c4f7f0c8bcc9c6911a8aabeded31756611c7c2243539d2ca4a2538acae1c72d68ca5343b41eaf68e6488f6e7a636db677edb0d1d25af5512afc225ccc4a1f7e8c77bd3994a8730bc888d26e1b1c5626dace4f65d7477daa6acae206583da278338fb671b940720d61a16e050a2386b53b5a37fe81db99ce4ad5373de2f55c087b6d687b258226996514699a64744be4dff5297cd503d0473570d52797e4791ac15eb6ca379493e1eefb2f20a8f8769ccb6f0e0db78e9e85fa8f3a14777b776b864c7734ef733b982464f13d8fae6078c8b20571a4ca4c0cd66cbbdc3bd3378b7112a9bbab76c900227552701c4d51a1ed4bbda9d1653047c7be496b37ea74bcf4f3fa998717dc9bce8ac02d8ada34e40ad9d8b4ba34ce310b79d7d385cafd774de74261cfddcc26bda7cd143e9e0c065bf62"}) (async) write(r0, &(0x7f0000000180)="4607d3d198e8a72b246f7a37d6da60a62c5b87e5835cbc9f0bc66e7c68240dc305f20cfce5a05388145e10f54fe66036e33d675c92cb4a8835f99d5563aa119ec0887873dd513e95a153a1916c8fff5c3f7e477ef599938e2ba94ecdf9e13e684df76de583b5e22c4cbd0512f0ba194963c3ee1825818bd9406f29c8ca34f53acfe2c096", 0x84) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x9) (async) 16:49:57 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x277, 0x203, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dc2b6b978e4b6000"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$sock_SIOCADDRT(r2, 0x890b, &(0x7f0000000280)={0x0, @ethernet={0x307, @local}, @generic={0x29, "98019b6c321504e97105ff304543"}, @can, 0x0, 0x0, 0x0, 0x0, 0xff, &(0x7f0000000000)='wlan0\x00', 0x6b, 0x400, 0x1}) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x277, 0x203, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dc2b6b978e4b6000"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$sock_SIOCADDRT(r2, 0x890b, &(0x7f0000000280)={0x0, @ethernet={0x307, @local}, @generic={0x29, "98019b6c321504e97105ff304543"}, @can, 0x0, 0x0, 0x0, 0x0, 0xff, &(0x7f0000000000)='wlan0\x00', 0x6b, 0x400, 0x1}) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) [ 642.129878][ T3728] Bluetooth: hci11: command 0x1003 tx timeout [ 642.139865][ T3642] Bluetooth: hci11: Opcode 0x1003 failed: -110 16:49:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x11, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @mcast1, 0xfffffffe}}}, 0x88) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async, rerun: 64) lseek(0xffffffffffffffff, 0x200, 0x0) (rerun: 64) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r2, 0x200, 0x0) dup(r0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000040)=0xff) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f0000000280)={{}, "d6eb46d790ed134b63eb83d0b350a8cc44f3fbd05d4cf053694ffd69903d74d112c4411cd55003750f0fee5008508054629180223656f6571357fb11fee22eb4f9df8814b500f79a0eda7849f827ddbee664afc128ff87088a44795d334467ec4224fb5cdd5bf60fb79e5ec366815b5cc786dc2468e5daaea8541b5c837a783a3636dfc2ead6651a9a811876bdb8e14ae0865862b2b5af7a1b64507f8d036cf862975d075b18fe162e84bb45d8e32ca3fed531499c50c3aa11559439196b9ec66d9e17bfe6e26aa3757fb3675b6e05f21d218a43a43077ad9615911d7d15892872e759f55bfa65eeddabaf5fb6cbce18f98e97df5ba971e067812acf1cf999e64c75e65ed38d377a95b3fdec10723c5c3482e9fd5bc3f5dd77d4d600dd1ec0d6937c3320ff3c30085af07de383d56020c4bd641397f782024df751f915f4c4400d99b837762b15700a36b4d404136ac78dfb93a86f05ff95b31eff9c105b354156ad31506031374c70303d6e6da977e422a939ea3e60670787d7a6e26929f2ccb8b040c9bf1762e6510f604094677771749c53fe67768e3b83c52fddaf8be2e75b902ccc59e94e68dd1a66e0c89982e6d5955c7eae5b4eda924eeae79c2679ec9c3dfe56785b42bd92c3d7576dac23647d3a64e712460c052fc3e9e13f679f3a98080247a73ae3301a47bb231f36ceb908c1e32e4979e0708f6782c4ece518abb3555fbc43fbad00121d4bc6eb7bf247e1517491f76df7808c9e0c7fa36921c38418fdd0bd558e35a2a2c1ce96d72fec1bebd0b94dad2853aa5deabe20ba08595a89ba0cbd82e1275d4d4dd293dee6d3a070513d47a965039591ea65486d0540b2d4d324958250638136efb2ecb9287934517d8f9c5085a09b6e9acdabe17a89a964c60f3b42d576177627ae33ea7d545e39d2761fb66f763d4c215e23c21b7050fcb108ff5e119d15fb0f27048d49c94b0b5255cce0f1d9ad57789a252f85c40bd0f13adaa56a0579f0125068f78240737861663c530aea11ad205ad2e5e6599b5cfd4ebe7761a786483aa69a21b17fc1f16ab5fd56b5ff946ac648278b2f315165c93e4647900ef44bad5aa719881680e49ffc0d06a6be56a657653289415fe5f8115b7461106cff400567eea95b3ee50f5ba1013502244b34bf3fe32000a2d374e12bb4b29b06fe5abda189eed302e7f16816b52e6248a9871c69cb2cc4324986cf25ca7f23fab7927dfbd884ca3ac29bd12fe78b5fc8385836ccd1ad90bcf667727ccccc59e09119511da30c023f470e775e06bd44226d686f3ca2f72a8aee167048a2342779acf12026728d8aa86ce4a5200efef4c4bb1498208239cea0767d5bb286032d6109ebc6e5439c14a86e45bb309a41adf2dd1fd37b795bc43bf1b341217e9f395bfa71eeb5c14a575bf6ee5b64c54db2e46db625ea327d090d10eebdc49e4cbe931afb4a8fe1a97204c6ade4779a9522225dde334981210525547f3b17584fc339822dfec51156edbe9a4ae023a280674030e92145cf8de4f346e85702dce5651c6b0658de76b1d90863b7a32ba594222b6e801fa986a29a875747aeab12632f7466f44e07e4bd73a684be18c692c100b099c3112164f9484f53bf6c8f8476c1016af926cda40099aca7c621bf29f51f033e7bd771d8ac655dc8011a34e0e8e5a26fba3a031a89cbcafb4054b7f20738bc0a9757689378ce3c7c40083ba25e6276fbaac685d9aab302f1f30df8030ca4c8cfa3b972c7be26be0c3454f6726fb8c46904ce0766f7af2374c42a61d8ed1576a71bd01178dcbba858a7f75ac3d7eac8e07cdd2a777b46541962438aa48f256ceb92956fbf676e7ed5b7e8bf1d059b9b136f2f9c410462799db6e5776b6239d5e6a388d0aaf8af881b97999f9b0428ed886a8fbc67810da6e4b19e555892e4fa87324e806aa5e22a6e2cf5ea7235a217771bdbc7c30fb91a6cf744bbb2b822851bbe598191261d599f96198c28a22e00f09e2b00cbbf382e5eae616dc5879a0c3629390aeea4a26d2189f2d572c5fb1e5efb1c6160acae4d4e3118d06343318f2a8c24062fdfbb1451ca651e371502ef4f87932fec5db290d74e70f0c601269ace327797326966a96a6470d9c55ced36e221c15c7ec9fd6dcc83935bb3b792262cd84070fe90819d3ae40dcd96ff66c168c841439f0284278dfdc70559b79ba5dc789c6063461cbcd27415ca8ed1f02f57b178d90bd30fdcc390e78201caf778bae7eba9f7063f532cded86416a4be3347d558491a0253a67677fc5fec4ee895a3ae55c139708e1e94a2753ca11725fff6d1c13029dda9a8d853a48f80945800f6aa655de8c8340d99a70f9c0a76f1a4b319836bd77ee4b8a480babc0c8fe25ee912e4fa8eb0b37e17b6b03e522ba406128f08afbbc7ad0624c4b4976a94f16a9f7da4a303fa330695fddc2a3392b89784789408c4a38640d26990f7e037c69bb361a9f72935ac055044def46687039194f5001c98cc150e6f8c239acee55f2bb2b9929908e426c66fe7b87443995902e167db5bf9ca5b7cde8e9cffd4cebc7059bf30d5bb6d3e016896396a64bc2d9750a3fd760a16490db0df6d18d6329ac0d310233f9831921c11188659f2b98f617d88ee51a0a72ab417573fb0512c1b664e18e7d026d6abac4d6ed1c036d616c91181d8cc3d7fc5a881d72d1accc68410928c418097985b7f60c012c2951b2f6c702547a7614a41d1c47f1f7afe444bd8473cea2e63870700503e1f55c0357d6bc979ce4b7b9c569830b50b09d037262b39610f73549ef21c321aaf27cd0dab68857b4467b2bc159ffdd9b98fe35618d356defa252fe1fd25d6ecf5b89a0f38b63ade6174b761630bb4b2b1a37c01933abbcdffeec03b3a36986162955fca03bd26cf1af346b73275f787b81bb77428838e056d0b3bb5dfac4743acd415d6be0bf8ecef1d326efe164fd887ff6c8a57fcc9c83b30e071c0b37220b93274c3697ce1946da109959f5f9fa4743a1184dfbc39bdf9ede2224564992424d5b0b8ee832e905b86d2abfd38aa15732b77d27cf342aee13c12593c971d96a1bbecbdf5dbc10a664d54a7741f0f4743138c8d94ea535bcf3eada19e6eaf9ce4361fbd7893aea0850530b72e7e774c9d0ba4a9ca211a1e3b07bb0abaea3ba6f1ac21f6371cfdfb913951fe47ca6fd7aa2fbc260da213ebd82c30e6c9af470c75c305d4faccedd949d2a41399a2a590a902487d6d22c91ed8ef246be07ac165f104ce2008a6c9c37dbbb56e415efb4df8cc2a5135a33bcb721dee79bdc772d4b1ecad700cacfc220e31afc2f5b215d73a8d0cdb72716ca1e41953df744f5a2dcdee87701bebf1c9e4d3fdf6802f4095ba8817d4ee1b36742e7685305c0e475718b8d36a86c1231519f3b73d9f23f23524f9a46c2847435f6516f411ac66cee380d7e7a569cd973f25ec535b67ec778aae78ee867dc8ece54afe7fe6c3863795a135cd1cee117241ad70e5d855b5c6ef4c36623a23c7ab9570acdbdc637bec490cd4e1bb73dba3f2eb798780b23bc168c0be72a506c9a93e7c29d1ac7da78b82993f4aeb927dc75a933a7772b88d2f6787740851ad4208d807ad5aab14e9e0c4e66a37c6e8379b976a548b7a03112fcc6ec23cf44b4107d837d159a88a7479aa74c6dad6baba1f7f3224da0319baa02b639442c644628bf7483d13ade7cc9f0b90d49c4492ac4fce169b7bb6eb28020cd149ef1baad6b9f0b8a50f372d1890a32b1a531b9215ea5067742db7a55396ff73d02dfcee14c6902155a997eae6669f0a39d063782134337d9884f227fc3f55e3ec623fa23396d270055e130fda0c30bc233c57035f5d598753941e45632babd0b2b9add828cf6c2e8f922b3ceedaebc5fdee50be5157071c4357d9140d915f7584a65eaeb58a842ffed3c318cfd16323ad7b6881c8d40f8cd0d046cb8deece9626ccdfd6e5d9979840db15e1682a139da63181e45be38edd3864882a8c367ed08a1401e70256d69f255e46653fb7217890b87311493d991288d0a173fa4b23d930ece778cda6f7ab630ba4b360c716ef68693d92313cd4caed51ad4f8d5c480dd9520a665bcb28be3a065c31ad8df311a069f8c1739a36ab6d13509628658970556b88bfcde05c6e55eeea7f182747eb204139a9eb37d5c2d1179e49ffbea12c161542d4e5c2184cd078f841822a0c446a5c7e2b93fd7aa66dfbde42506fc7b8d4f82b7239d38bcf0d84f02d8cbb4463a41d406efb3de95fe6cd314e2f24ffe56a69179801b1bc1d1055043fe3f012375d2a102c45f5af71825a3bb08f5a80db1233f9316dae1e0d0bb794cc03238f046342baf1492686077e1931caa857764900e1544990f1533ab914c70416d54352b24587dd8af5425026a6118126a778dfeb35bf3dba88b9c2e3354e49fe7ce562241c7e644027393223d6c331e2c84f8bf8b916809b0a438124986597305243b3449f3a4102f3357c4ab50a6d6179fcb64d95b53ac94cd20805169ec40fd3da4f4a2b2542de4c1381485907a520448adc2ee7859c34e38012d67eff6be80b4e76c95ba8ef24b3d8b4c8876321438efb5533860755e584b520b5a429f7d3f39be10bef8a405d8a3b00fdc52a44c38c2e1490a00c54358c5f3e087db718b5ce2e39b6cde238cc352f54a2037c007e39d4fe999ccc43c21865b5cf966a15bcbf16a4176937588fc73572a129fdf7f8aef342be111be2c0b5551699aa5520a5941d7338519fa6a0980e97929229d495764bc7f910f43d680f244023eabee1538acb255b54b68811c91489922a00db37cd120b2f04f2643ed7c07a0e38b72b5cf665f5bc7a9e72632ae77be5acc2f2cdae22cdc846863d98d9935bda901a492582f28c6ec1a6ff77625e5ad8a689981032ac0a3c31a3f3e9d5f8768cec0c686d3634f3456c7ab7d809ad6d6483ce8cc7311827c8d3c204ba4c7213bb24b910af379f9bbf2c487af01b2f2334063a515d5c64f04d93ae5820b9f890eee844436b0a784f55ca4af78c0a4f3055a7c6b7d656fb454ef8a2c7fbe582ffcc9b44ff2a8b7d3e5b18c75f413cbfd3b1aed8ba858378eb9c43db702b1b9742f6925789b23c12975ffe7f1620aa143ce4cbf88444a47988dd4fe9a1585db51fec96d20cc5a7ada8f2093c39321880a79a5e9a4d3bd466dd595486243630d71f4127f703fec7d1764ee9f53b8bc5de3f933f025f83d33f66d711c32f64b764a090adb0d9c81100d5134f231133da29ba01eb1241f19d62dec22eff61873024428f27ef8715f595d127ba96e41a22081b4c501eee30bdc12dad5cec15c11c8bd106ca1afedf0ae55dc70315c4f7f0c8bcc9c6911a8aabeded31756611c7c2243539d2ca4a2538acae1c72d68ca5343b41eaf68e6488f6e7a636db677edb0d1d25af5512afc225ccc4a1f7e8c77bd3994a8730bc888d26e1b1c5626dace4f65d7477daa6acae206583da278338fb671b940720d61a16e050a2386b53b5a37fe81db99ce4ad5373de2f55c087b6d687b258226996514699a64744be4dff5297cd503d0473570d52797e4791ac15eb6ca379493e1eefb2f20a8f8769ccb6f0e0db78e9e85fa8f3a14777b776b864c7734ef733b982464f13d8fae6078c8b20571a4ca4c0cd66cbbdc3bd3378b7112a9bbab76c900227552701c4d51a1ed4bbda9d1653047c7be496b37ea74bcf4f3fa998717dc9bce8ac02d8ada34e40ad9d8b4ba34ce310b79d7d385cafd774de74261cfddcc26bda7cd143e9e0c065bf62"}) (async) write(r0, &(0x7f0000000180)="4607d3d198e8a72b246f7a37d6da60a62c5b87e5835cbc9f0bc66e7c68240dc305f20cfce5a05388145e10f54fe66036e33d675c92cb4a8835f99d5563aa119ec0887873dd513e95a153a1916c8fff5c3f7e477ef599938e2ba94ecdf9e13e684df76de583b5e22c4cbd0512f0ba194963c3ee1825818bd9406f29c8ca34f53acfe2c096", 0x84) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x9) [ 642.227403][ T3643] Bluetooth: hci10: sending frame failed (-49) [ 642.234482][ T3642] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:49:57 executing program 3: semget(0x0, 0x3, 0x480) r0 = semget$private(0x0, 0x2, 0x0) semop(r0, &(0x7f0000001740)=[{0x1, 0x8e, 0x1000}, {0x0, 0x4}], 0x2) semctl$GETZCNT(r0, 0x1, 0xf, &(0x7f00000001c0)=""/254) semctl$SETALL(r0, 0x0, 0x11, &(0x7f00000000c0)=[0x7, 0x1e83]) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x7a103, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000180), 0x10800, 0x0) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000080)=0xf) lseek(0xffffffffffffffff, 0x200, 0x0) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$KDGKBTYPE(r3, 0x4b33, &(0x7f0000000040)) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:57 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x4000000f) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r4 = creat(0x0, 0x0) ftruncate(r4, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r4, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 643.329751][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 643.329795][T14422] Bluetooth: hci6: command 0x1003 tx timeout 16:49:58 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x800) lseek(r0, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r0, r1, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe) (async) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r2, 0x5412, 0x0) (async) creat(0x0, 0x0) (async, rerun: 32) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 32) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (rerun: 32) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (rerun: 32) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:49:58 executing program 3: semget(0x0, 0x3, 0x480) r0 = semget$private(0x0, 0x2, 0x0) semop(r0, &(0x7f0000001740)=[{0x1, 0x8e, 0x1000}, {0x0, 0x4}], 0x2) semctl$GETZCNT(r0, 0x1, 0xf, &(0x7f00000001c0)=""/254) semctl$SETALL(r0, 0x0, 0x11, &(0x7f00000000c0)=[0x7, 0x1e83]) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x7a103, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000180), 0x10800, 0x0) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000080)=0xf) lseek(0xffffffffffffffff, 0x200, 0x0) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$KDGKBTYPE(r3, 0x4b33, &(0x7f0000000040)) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) semget(0x0, 0x3, 0x480) (async) semget$private(0x0, 0x2, 0x0) (async) semop(r0, &(0x7f0000001740)=[{0x1, 0x8e, 0x1000}, {0x0, 0x4}], 0x2) (async) semctl$GETZCNT(r0, 0x1, 0xf, &(0x7f00000001c0)=""/254) (async) semctl$SETALL(r0, 0x0, 0x11, &(0x7f00000000c0)=[0x7, 0x1e83]) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x7a103, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000180), 0x10800, 0x0) (async) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000080)=0xf) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async) ioctl$KDGKBTYPE(r3, 0x4b33, &(0x7f0000000040)) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:49:58 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x4000000f) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r4 = creat(0x0, 0x0) ftruncate(r4, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r4, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 643.409683][ T3676] Bluetooth: hci8: command 0x1003 tx timeout [ 643.409903][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:49:59 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x202, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x202, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 643.729870][ T3676] Bluetooth: hci9: command 0x1003 tx timeout [ 643.739853][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 643.801845][ T3625] Bluetooth: hci8: sending frame failed (-49) [ 643.808820][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -49 16:49:59 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TIOCNOTTY(r0, 0x5422) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TIOCNOTTY(r0, 0x5422) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:49:59 executing program 3: semget(0x0, 0x3, 0x480) (async) r0 = semget$private(0x0, 0x2, 0x0) semop(r0, &(0x7f0000001740)=[{0x1, 0x8e, 0x1000}, {0x0, 0x4}], 0x2) (async) semctl$GETZCNT(r0, 0x1, 0xf, &(0x7f00000001c0)=""/254) (async) semctl$SETALL(r0, 0x0, 0x11, &(0x7f00000000c0)=[0x7, 0x1e83]) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x7a103, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000180), 0x10800, 0x0) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000080)=0xf) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$KDGKBTYPE(r3, 0x4b33, &(0x7f0000000040)) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:49:59 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x1fd, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x3) dup3(0xffffffffffffffff, r3, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x1fd, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r3, r4, 0x0, 0x3) (async) dup3(0xffffffffffffffff, r3, 0x0) (async) 16:49:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async, rerun: 64) lseek(r2, 0x200, 0x0) (async, rerun: 64) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x4000000f) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r4 = creat(0x0, 0x0) ftruncate(r4, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r4, 0xffffffffffffffff, 0x0, 0x10000) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, 0x0) (rerun: 64) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 643.889899][ T3728] Bluetooth: hci7: command 0x1003 tx timeout [ 643.889994][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:49:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x9, 0x1) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)=ANY=[@ANYBLOB="01006561473615676f8fae2e", @ANYRES32=r0, @ANYBLOB="00000000000000002e0500696c653000"]) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) ioctl$TIOCNOTTY(r1, 0x5422) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 643.949982][ T3625] Bluetooth: hci7: sending frame failed (-49) [ 643.957360][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:49:59 executing program 1: ioctl$VIDIOC_G_MODULATOR(0xffffffffffffffff, 0xc0445636, &(0x7f0000000380)={0x8, "b1e3af9b2dfd09ab1c36424aa06aa4111c2125c7b7da4cc4544e3867ed02a64f", 0x200, 0x74b5, 0x984, 0x4, 0x5}) ioctl$VIDIOC_S_JPEGCOMP(0xffffffffffffffff, 0x408c563e, &(0x7f0000000400)={0x7, 0xe, 0x23, "ec21eda4fac2909fcb00865e1aaa129c06579cbb76c8300484e0e80d5f6b5bd8fc9b072a08fa1f9928ee8b4003d31d6c9c6ca5b9abc403434ea8e710", 0x2e, "8e1257e1ef23d6a2971ebbb03079a8c989b5d75709471f3686294ae7d16e2a45247d04cc0e488476b145144a62390033551ad61bd317b2f262150e36", 0x4ab3ffe92d14ff41}) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x10000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) sync_file_range(r1, 0x90e, 0x6304, 0x0) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x4, 0xf91e, 0xc, "90ffbf1aa99dba1728ac420600039100"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) r3 = syz_mount_image$jffs2(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000280)="3cfe5bd993036d408e013ac1eeb0de303b5b84c33c52dd9e4a6b2304d3cb9c6eca8532a7a327faa75159df18784633f6690d2581d8044781e272eed65ce84703704a374208bc4b6f5c5da8b6f0452f8fca054224261dc9a07aeeb5dbc7d2cdb044aba1", 0x63, 0x458}], 0x0, &(0x7f0000000300)={[{@compr_zlib}], [{@measure}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@pcr={'pcr', 0x3d, 0xc}}, {@smackfshat={'smackfshat', 0x3d, ','}}]}) ioctl$BTRFS_IOC_SCRUB_CANCEL(r3, 0x941c, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:49:59 executing program 1: ioctl$VIDIOC_G_MODULATOR(0xffffffffffffffff, 0xc0445636, &(0x7f0000000380)={0x8, "b1e3af9b2dfd09ab1c36424aa06aa4111c2125c7b7da4cc4544e3867ed02a64f", 0x200, 0x74b5, 0x984, 0x4, 0x5}) (async) ioctl$VIDIOC_S_JPEGCOMP(0xffffffffffffffff, 0x408c563e, &(0x7f0000000400)={0x7, 0xe, 0x23, "ec21eda4fac2909fcb00865e1aaa129c06579cbb76c8300484e0e80d5f6b5bd8fc9b072a08fa1f9928ee8b4003d31d6c9c6ca5b9abc403434ea8e710", 0x2e, "8e1257e1ef23d6a2971ebbb03079a8c989b5d75709471f3686294ae7d16e2a45247d04cc0e488476b145144a62390033551ad61bd317b2f262150e36", 0x4ab3ffe92d14ff41}) (async) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x10000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) sync_file_range(r1, 0x90e, 0x6304, 0x0) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x4, 0xf91e, 0xc, "90ffbf1aa99dba1728ac420600039100"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) r3 = syz_mount_image$jffs2(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000280)="3cfe5bd993036d408e013ac1eeb0de303b5b84c33c52dd9e4a6b2304d3cb9c6eca8532a7a327faa75159df18784633f6690d2581d8044781e272eed65ce84703704a374208bc4b6f5c5da8b6f0452f8fca054224261dc9a07aeeb5dbc7d2cdb044aba1", 0x63, 0x458}], 0x0, &(0x7f0000000300)={[{@compr_zlib}], [{@measure}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@pcr={'pcr', 0x3d, 0xc}}, {@smackfshat={'smackfshat', 0x3d, ','}}]}) ioctl$BTRFS_IOC_SCRUB_CANCEL(r3, 0x941c, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 644.310447][T15031] loop1: detected capacity change from 0 to 64 [ 644.329303][T15031] jffs2: Unknown parameter 'measure' [ 644.397623][T15034] loop1: detected capacity change from 0 to 64 [ 644.405650][T15034] jffs2: Unknown parameter 'measure' 16:49:59 executing program 1: ioctl$VIDIOC_G_MODULATOR(0xffffffffffffffff, 0xc0445636, &(0x7f0000000380)={0x8, "b1e3af9b2dfd09ab1c36424aa06aa4111c2125c7b7da4cc4544e3867ed02a64f", 0x200, 0x74b5, 0x984, 0x4, 0x5}) ioctl$VIDIOC_S_JPEGCOMP(0xffffffffffffffff, 0x408c563e, &(0x7f0000000400)={0x7, 0xe, 0x23, "ec21eda4fac2909fcb00865e1aaa129c06579cbb76c8300484e0e80d5f6b5bd8fc9b072a08fa1f9928ee8b4003d31d6c9c6ca5b9abc403434ea8e710", 0x2e, "8e1257e1ef23d6a2971ebbb03079a8c989b5d75709471f3686294ae7d16e2a45247d04cc0e488476b145144a62390033551ad61bd317b2f262150e36", 0x4ab3ffe92d14ff41}) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x10000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) sync_file_range(r1, 0x90e, 0x6304, 0x0) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x4, 0xf91e, 0xc, "90ffbf1aa99dba1728ac420600039100"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) r3 = syz_mount_image$jffs2(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000280)="3cfe5bd993036d408e013ac1eeb0de303b5b84c33c52dd9e4a6b2304d3cb9c6eca8532a7a327faa75159df18784633f6690d2581d8044781e272eed65ce84703704a374208bc4b6f5c5da8b6f0452f8fca054224261dc9a07aeeb5dbc7d2cdb044aba1", 0x63, 0x458}], 0x0, &(0x7f0000000300)={[{@compr_zlib}], [{@measure}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@pcr={'pcr', 0x3d, 0xc}}, {@smackfshat={'smackfshat', 0x3d, ','}}]}) ioctl$BTRFS_IOC_SCRUB_CANCEL(r3, 0x941c, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$VIDIOC_G_MODULATOR(0xffffffffffffffff, 0xc0445636, &(0x7f0000000380)={0x8, "b1e3af9b2dfd09ab1c36424aa06aa4111c2125c7b7da4cc4544e3867ed02a64f", 0x200, 0x74b5, 0x984, 0x4, 0x5}) (async) ioctl$VIDIOC_S_JPEGCOMP(0xffffffffffffffff, 0x408c563e, &(0x7f0000000400)={0x7, 0xe, 0x23, "ec21eda4fac2909fcb00865e1aaa129c06579cbb76c8300484e0e80d5f6b5bd8fc9b072a08fa1f9928ee8b4003d31d6c9c6ca5b9abc403434ea8e710", 0x2e, "8e1257e1ef23d6a2971ebbb03079a8c989b5d75709471f3686294ae7d16e2a45247d04cc0e488476b145144a62390033551ad61bd317b2f262150e36", 0x4ab3ffe92d14ff41}) (async) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x10000, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) sync_file_range(r1, 0x90e, 0x6304, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x4, 0xf91e, 0xc, "90ffbf1aa99dba1728ac420600039100"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) syz_mount_image$jffs2(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000280)="3cfe5bd993036d408e013ac1eeb0de303b5b84c33c52dd9e4a6b2304d3cb9c6eca8532a7a327faa75159df18784633f6690d2581d8044781e272eed65ce84703704a374208bc4b6f5c5da8b6f0452f8fca054224261dc9a07aeeb5dbc7d2cdb044aba1", 0x63, 0x458}], 0x0, &(0x7f0000000300)={[{@compr_zlib}], [{@measure}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@pcr={'pcr', 0x3d, 0xc}}, {@smackfshat={'smackfshat', 0x3d, ','}}]}) (async) ioctl$BTRFS_IOC_SCRUB_CANCEL(r3, 0x941c, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) [ 644.540592][T15038] loop1: detected capacity change from 0 to 64 [ 644.551299][T15038] jffs2: Unknown parameter 'measure' 16:50:01 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) ftruncate(0xffffffffffffffff, 0x80000000) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:01 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TCFLSH(r1, 0x540b, 0x2) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 645.650116][ T3676] Bluetooth: hci6: command 0x1003 tx timeout [ 645.663036][ T46] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:50:01 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TCFLSH(r1, 0x540b, 0x2) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 645.735875][ T3643] Bluetooth: hci6: sending frame failed (-49) [ 645.743568][ T46] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 645.748993][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 645.757610][ T3644] Bluetooth: hci11: Opcode 0x1003 failed: -49 [ 645.823866][ T3638] Bluetooth: hci6: sending frame failed (-49) [ 645.831004][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:50:01 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xb) r1 = creat(0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$PPPIOCSFLAGS1(r2, 0x40047459, &(0x7f0000000040)=0x4000000) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000a6a8ac9f8a932805baaf11164c4ca8c548ac6d302d9ce3863aecab2d1c0befd9a733", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='./file0\x00']) dup3(r1, r0, 0x80000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 645.889684][ T3671] Bluetooth: hci8: command 0x1003 tx timeout [ 645.889894][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 646.049861][ T3671] Bluetooth: hci7: command 0x1003 tx timeout [ 646.055962][ T3676] Bluetooth: hci9: command 0x1003 tx timeout [ 646.056050][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 646.062215][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:50:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x800007, 0x810, r0, 0x25287000) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x13) 16:50:01 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) ftruncate(0xffffffffffffffff, 0x80000000) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0x0) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:01 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TCFLSH(r1, 0x540b, 0x2) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:01 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x9, 0x1) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)=ANY=[@ANYBLOB="01006561473615676f8fae2e", @ANYRES32=r0, @ANYBLOB="00000000000000002e0500696c653000"]) (async) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) ioctl$TIOCNOTTY(r1, 0x5422) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:01 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x1fd, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) (async) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x3) dup3(0xffffffffffffffff, r3, 0x0) [ 646.129832][ T915] Bluetooth: hci10: command 0x1003 tx timeout [ 646.129962][ T3642] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:50:01 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x9, 0x1) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)=ANY=[@ANYBLOB="01006561473615676f8fae2e", @ANYRES32=r0, @ANYBLOB="00000000000000002e0500696c653000"]) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) ioctl$TIOCNOTTY(r1, 0x5422) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x9, 0x1) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)=ANY=[@ANYBLOB="01006561473615676f8fae2e", @ANYRES32=r0, @ANYBLOB="00000000000000002e0500696c653000"]) (async) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) (async) ioctl$TIOCNOTTY(r1, 0x5422) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 646.194084][ T3625] Bluetooth: hci7: sending frame failed (-49) [ 646.201327][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 646.208288][ T3644] Bluetooth: hci8: sending frame failed (-49) [ 646.215853][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 646.218024][ T3625] Bluetooth: hci9: sending frame failed (-49) [ 646.229279][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:50:01 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) ftruncate(0xffffffffffffffff, 0x80000000) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) ftruncate(0xffffffffffffffff, 0x80000000) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) [ 646.297101][ T3625] Bluetooth: hci7: sending frame failed (-49) [ 646.305877][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 646.321580][ T3625] Bluetooth: hci8: sending frame failed (-49) [ 646.329052][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -49 16:50:01 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x404000, 0x0) ioctl$TCFLSH(r2, 0x540b, 0x2) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x800007, 0x810, r0, 0x25287000) (async, rerun: 32) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async, rerun: 32) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x13) (rerun: 32) [ 646.366489][ T3625] Bluetooth: hci7: sending frame failed (-49) [ 646.376457][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:50:01 executing program 4: getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, &(0x7f0000000280)=""/4093, &(0x7f0000000040)=0xffd) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001680), 0x0, 0x0) ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000001ac0)={0x2, 0x1, 0x15, 0x14, 0x1a4, &(0x7f00000016c0)="5f36f5a3b65b89bc033ff025ef8fc1ba43b1d43b4631429e67d51412abecc9847a4a7fd1f195594d559dd7d69445e2fef4802f5371be9042681162d6ab09b0362e80e07128f2730d0d2da49d8ba8a28aba7f217423a68dfa164a7b91c8e25d43a41d89e9920fe5ef620e1b1b6831910530df7ad75d72dd2459fd4cf0c8690e1e2edeb0fcdd47ba84e1ebf925abafd901c2c6e58dc70fd3bd770ed88127d29bcf54f3e26b76a14e6bc9d8c8e77ae664387be44202da570dfdeb2cb0c3daad82c3d50acb5d5a806725a9e90ecaa32b7fba7792acf49b0be17767a46c9d575d924d64d91583c46643d02759c668ede76832b6a117bbaf78b378665053f35beb85dab39f673759f7ed2b1e40e9b868f96c166b1b74cfaec7f9f8c8fc275136e31f03246facc45b721214140298b80a4e637dbecf6acea366ac34490766cb8cd1c92e0c8ec6a4b2ac1e915b62f256e57a7dc32a446fc0f16f392793be45b495f0f1810b61096f849ed29b3daee00cf8bc762eb6b81c3fcd9217b07b7c91f4b58fe2c289a3ab304f0a12518208a04b5a6b6aacc8dea0c378322e466c778027fc6667d4e188864b99ee626ba1131cdf8c35572ebe2d7b32d2804dee9e59228ef5ff92b748b8a31aee35ee2a0bc9bda40204b6ce525f454624b8cee6d1b887f5ccf6fa8d72727bf3d22de606314d1ea245fe6acd5d737e2406de7b87c8a71caef43410c986ec5b3d6d2e19edad5805838d4485ff3fb1d9bd8e7b08cd456f305c6dcbc049d9a8822de3fe17a9e11c80df58ca13d491a03b9f198c793dbe023fcc0680f06d32d7435e0dced37d1d673cde187a4ceb1d981496fce4c7941d9a415e57a3b6dcf91fe8251c7b2c3c6684e4354356aa3433e09c50a1c63c3a7051c18cf9c141f07935890dd527e06c4d52522539988dd642b8f61ceedf4d7a63e4de4c540ba1992ca950c9b6ec403c7311150cd09ef1225302fca9f227e978b51da4e4c2e978fc4c48170d41b86fb0fdba758bc08604c396c290018ccb5a482857b9850d1122e4ad025b238dde3cafd1cbde32a5a5f8bd5357ff4202a5eb5e1409cf4674e0cebec03fdef4c5554a445f908e9795586d8badc9ef36947a2c04195d1be03110075b0a0b0e333df5a1b1b7543ad488ed8638dc869c1d39c5767e4d4eb9d83dea1778ada72300055d5da196856a2db46fb3a60e4992f3d6c0473acd715a97ca9d54008a85d06e8eea0fe6d40652aa58c4b922f86eef96ed1673f5388ed51a19625acfa3e0a4f8c2b3db503d080acbda5c3e00c0e3042d74815c2974b41ddef703c79a65095da9c90d71a8dc563bc4c7d2ceccdd9c6a4239ef13d4fab9c5abfcc120fd835d728048c4c2262796299ca139172eb46888e5a05868ea2d8eae2a1aa2498e6642f2df0b9e1cdc50c9a213f078bdebc34ec6d455bc25a92752f3da990c7ad9"}) syz_open_pts(r0, 0x240080) r3 = open(&(0x7f0000000000)='./bus\x00', 0x400100, 0x0) ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f00000000c0)={0x17c, 0xe, &(0x7f0000001280)}) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000180), 0x400000, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000200)=0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:01 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x80) ioctl$TCFLSH(r0, 0x540b, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe) r2 = socket$rxrpc(0x21, 0x2, 0x2) dup(r2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7a) ioctl$TIOCNOTTY(r0, 0x5422) [ 646.589483][ T3644] Bluetooth: hci9: sending frame failed (-49) [ 646.596920][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 647.979886][T14422] Bluetooth: hci6: command 0x1003 tx timeout [ 647.979923][ T3640] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 647.996747][T15062] warn_alloc: 20 callbacks suppressed [ 647.996759][T15062] syz-executor.5: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1 [ 648.026657][T15062] CPU: 1 PID: 15062 Comm: syz-executor.5 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 648.037186][T15062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 648.047431][T15062] Call Trace: [ 648.050702][T15062] [ 648.053628][T15062] dump_stack_lvl+0xcd/0x134 [ 648.058501][T15062] warn_alloc.cold+0x9b/0x189 [ 648.063270][T15062] ? zone_watermark_ok_safe+0x290/0x290 [ 648.068822][T15062] ? __kmalloc_node+0x62/0x390 [ 648.073835][T15062] ? __vmalloc_node_range+0x7bf/0x1060 [ 648.079529][T15062] __vmalloc_node_range+0xe1e/0x1060 [ 648.084826][T15062] ? vfree_atomic+0xe0/0xe0 [ 648.089328][T15062] ? n_tty_open+0x16/0x170 [ 648.093769][T15062] vzalloc+0x67/0x80 [ 648.097677][T15062] ? n_tty_open+0x16/0x170 [ 648.102094][T15062] n_tty_open+0x16/0x170 [ 648.106324][T15062] ? n_tty_set_termios+0x1010/0x1010 [ 648.111599][T15062] tty_ldisc_open+0x9b/0x110 [ 648.116183][T15062] tty_set_ldisc+0x2f1/0x680 [ 648.120763][T15062] tty_ioctl+0xae0/0x1660 [ 648.125086][T15062] ? tty_lookup_driver+0x550/0x550 [ 648.130324][T15062] ? find_held_lock+0x2d/0x110 [ 648.135086][T15062] ? __fget_files+0x28c/0x470 [ 648.139759][T15062] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 648.146195][T15062] ? tty_lookup_driver+0x550/0x550 [ 648.151302][T15062] __x64_sys_ioctl+0x193/0x200 [ 648.156065][T15062] do_syscall_64+0x35/0xb0 [ 648.160470][T15062] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 648.166353][T15062] RIP: 0033:0x7fed00c59059 [ 648.170758][T15062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 648.190465][T15062] RSP: 002b:00007fecff5ad168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 648.199003][T15062] RAX: ffffffffffffffda RBX: 00007fed00d6c030 RCX: 00007fed00c59059 [ 648.207138][T15062] RDX: 0000000020000100 RSI: 0000000000005423 RDI: 0000000000000003 [ 648.215286][T15062] RBP: 00007fed00cb308d R08: 0000000000000000 R09: 0000000000000000 [ 648.223243][T15062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 648.231291][T15062] R13: 00007ffec5bbfd0f R14: 00007fecff5ad300 R15: 0000000000022000 [ 648.239268][T15062] [ 648.246471][T15062] Mem-Info: [ 648.249918][T15062] active_anon:2624 inactive_anon:146536 isolated_anon:0 [ 648.249918][T15062] active_file:4164 inactive_file:7663 isolated_file:0 [ 648.249918][T15062] unevictable:768 dirty:40 writeback:0 [ 648.249918][T15062] slab_reclaimable:19312 slab_unreclaimable:96697 [ 648.249918][T15062] mapped:27869 shmem:4109 pagetables:749 bounce:0 [ 648.249918][T15062] kernel_misc_reclaimable:0 [ 648.249918][T15062] free:1324015 free_pcp:9583 free_cma:0 [ 648.292867][T15062] Node 0 active_anon:10488kB inactive_anon:585212kB active_file:16580kB inactive_file:30652kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111476kB dirty:156kB writeback:0kB shmem:13964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 436224kB writeback_tmp:0kB kernel_stack:10544kB pagetables:2992kB all_unreclaimable? no [ 648.324856][T15062] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 648.356080][T15062] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 648.384486][T15062] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 648.391056][T15062] Node 0 DMA32 free:1328192kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10488kB inactive_anon:585212kB active_file:16580kB inactive_file:30652kB unevictable:1536kB writepending:156kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:39324kB local_pcp:17580kB free_cma:0kB [ 648.422237][T15062] lowmem_reserve[]: 0 0 0 0 0 [ 648.426965][T15062] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 648.453753][T15062] lowmem_reserve[]: 0 0 0 0 0 [ 648.458849][T15062] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 648.490482][T15062] lowmem_reserve[]: 0 0 0 0 0 [ 648.495207][T15062] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 648.508066][T15062] Node 0 DMA32: 910*4kB (UME) 1713*8kB (UM) 2008*16kB (UME) 592*32kB (UME) 312*64kB (UME) 170*128kB (UME) 66*256kB (UME) 38*512kB (UME) 22*1024kB (UE) 18*2048kB (UME) 274*4096kB (UM) = 1328192kB [ 648.527462][T15062] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 648.539110][ T3728] Bluetooth: hci7: command 0x1003 tx timeout [ 648.539605][T15062] Node 1 Normal: 149*4kB [ 648.545235][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 648.555027][T15062] (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 648.580557][T15062] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 648.595058][T15062] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 648.605621][T15062] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 648.615484][ T3625] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 648.623801][T14422] Bluetooth: hci8: command tx timeout [ 648.624158][T15062] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 648.642602][T15062] 15937 total pagecache pages [ 648.662166][T15062] 0 pages in swap cache [ 648.670344][T15062] Swap cache stats: add 0, delete 0, find 0/0 [ 648.676471][T15062] Free swap = 0kB 16:50:04 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xb) r1 = creat(0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$PPPIOCSFLAGS1(r2, 0x40047459, &(0x7f0000000040)=0x4000000) (async) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000a6a8ac9f8a932805baaf11164c4ca8c548ac6d302d9ce3863aecab2d1c0befd9a733", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='./file0\x00']) (async) dup3(r1, r0, 0x80000) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x800007, 0x810, r0, 0x25287000) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async, rerun: 32) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x13) 16:50:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x80) ioctl$TCFLSH(r0, 0x540b, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe) r2 = socket$rxrpc(0x21, 0x2, 0x2) dup(r2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7a) ioctl$TIOCNOTTY(r0, 0x5422) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x80) (async) ioctl$TCFLSH(r0, 0x540b, 0x0) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'}) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe) (async) socket$rxrpc(0x21, 0x2, 0x2) (async) dup(r2) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7a) (async) ioctl$TIOCNOTTY(r0, 0x5422) (async) 16:50:04 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x404000, 0x0) ioctl$TCFLSH(r2, 0x540b, 0x2) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:04 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3f7) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:04 executing program 4: getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, &(0x7f0000000280)=""/4093, &(0x7f0000000040)=0xffd) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001680), 0x0, 0x0) ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000001ac0)={0x2, 0x1, 0x15, 0x14, 0x1a4, &(0x7f00000016c0)="5f36f5a3b65b89bc033ff025ef8fc1ba43b1d43b4631429e67d51412abecc9847a4a7fd1f195594d559dd7d69445e2fef4802f5371be9042681162d6ab09b0362e80e07128f2730d0d2da49d8ba8a28aba7f217423a68dfa164a7b91c8e25d43a41d89e9920fe5ef620e1b1b6831910530df7ad75d72dd2459fd4cf0c8690e1e2edeb0fcdd47ba84e1ebf925abafd901c2c6e58dc70fd3bd770ed88127d29bcf54f3e26b76a14e6bc9d8c8e77ae664387be44202da570dfdeb2cb0c3daad82c3d50acb5d5a806725a9e90ecaa32b7fba7792acf49b0be17767a46c9d575d924d64d91583c46643d02759c668ede76832b6a117bbaf78b378665053f35beb85dab39f673759f7ed2b1e40e9b868f96c166b1b74cfaec7f9f8c8fc275136e31f03246facc45b721214140298b80a4e637dbecf6acea366ac34490766cb8cd1c92e0c8ec6a4b2ac1e915b62f256e57a7dc32a446fc0f16f392793be45b495f0f1810b61096f849ed29b3daee00cf8bc762eb6b81c3fcd9217b07b7c91f4b58fe2c289a3ab304f0a12518208a04b5a6b6aacc8dea0c378322e466c778027fc6667d4e188864b99ee626ba1131cdf8c35572ebe2d7b32d2804dee9e59228ef5ff92b748b8a31aee35ee2a0bc9bda40204b6ce525f454624b8cee6d1b887f5ccf6fa8d72727bf3d22de606314d1ea245fe6acd5d737e2406de7b87c8a71caef43410c986ec5b3d6d2e19edad5805838d4485ff3fb1d9bd8e7b08cd456f305c6dcbc049d9a8822de3fe17a9e11c80df58ca13d491a03b9f198c793dbe023fcc0680f06d32d7435e0dced37d1d673cde187a4ceb1d981496fce4c7941d9a415e57a3b6dcf91fe8251c7b2c3c6684e4354356aa3433e09c50a1c63c3a7051c18cf9c141f07935890dd527e06c4d52522539988dd642b8f61ceedf4d7a63e4de4c540ba1992ca950c9b6ec403c7311150cd09ef1225302fca9f227e978b51da4e4c2e978fc4c48170d41b86fb0fdba758bc08604c396c290018ccb5a482857b9850d1122e4ad025b238dde3cafd1cbde32a5a5f8bd5357ff4202a5eb5e1409cf4674e0cebec03fdef4c5554a445f908e9795586d8badc9ef36947a2c04195d1be03110075b0a0b0e333df5a1b1b7543ad488ed8638dc869c1d39c5767e4d4eb9d83dea1778ada72300055d5da196856a2db46fb3a60e4992f3d6c0473acd715a97ca9d54008a85d06e8eea0fe6d40652aa58c4b922f86eef96ed1673f5388ed51a19625acfa3e0a4f8c2b3db503d080acbda5c3e00c0e3042d74815c2974b41ddef703c79a65095da9c90d71a8dc563bc4c7d2ceccdd9c6a4239ef13d4fab9c5abfcc120fd835d728048c4c2262796299ca139172eb46888e5a05868ea2d8eae2a1aa2498e6642f2df0b9e1cdc50c9a213f078bdebc34ec6d455bc25a92752f3da990c7ad9"}) syz_open_pts(r0, 0x240080) r3 = open(&(0x7f0000000000)='./bus\x00', 0x400100, 0x0) ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f00000000c0)={0x17c, 0xe, &(0x7f0000001280)}) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000180), 0x400000, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000200)=0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, &(0x7f0000000280)=""/4093, &(0x7f0000000040)=0xffd) (async) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001680), 0x0, 0x0) (async) ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000001ac0)={0x2, 0x1, 0x15, 0x14, 0x1a4, &(0x7f00000016c0)="5f36f5a3b65b89bc033ff025ef8fc1ba43b1d43b4631429e67d51412abecc9847a4a7fd1f195594d559dd7d69445e2fef4802f5371be9042681162d6ab09b0362e80e07128f2730d0d2da49d8ba8a28aba7f217423a68dfa164a7b91c8e25d43a41d89e9920fe5ef620e1b1b6831910530df7ad75d72dd2459fd4cf0c8690e1e2edeb0fcdd47ba84e1ebf925abafd901c2c6e58dc70fd3bd770ed88127d29bcf54f3e26b76a14e6bc9d8c8e77ae664387be44202da570dfdeb2cb0c3daad82c3d50acb5d5a806725a9e90ecaa32b7fba7792acf49b0be17767a46c9d575d924d64d91583c46643d02759c668ede76832b6a117bbaf78b378665053f35beb85dab39f673759f7ed2b1e40e9b868f96c166b1b74cfaec7f9f8c8fc275136e31f03246facc45b721214140298b80a4e637dbecf6acea366ac34490766cb8cd1c92e0c8ec6a4b2ac1e915b62f256e57a7dc32a446fc0f16f392793be45b495f0f1810b61096f849ed29b3daee00cf8bc762eb6b81c3fcd9217b07b7c91f4b58fe2c289a3ab304f0a12518208a04b5a6b6aacc8dea0c378322e466c778027fc6667d4e188864b99ee626ba1131cdf8c35572ebe2d7b32d2804dee9e59228ef5ff92b748b8a31aee35ee2a0bc9bda40204b6ce525f454624b8cee6d1b887f5ccf6fa8d72727bf3d22de606314d1ea245fe6acd5d737e2406de7b87c8a71caef43410c986ec5b3d6d2e19edad5805838d4485ff3fb1d9bd8e7b08cd456f305c6dcbc049d9a8822de3fe17a9e11c80df58ca13d491a03b9f198c793dbe023fcc0680f06d32d7435e0dced37d1d673cde187a4ceb1d981496fce4c7941d9a415e57a3b6dcf91fe8251c7b2c3c6684e4354356aa3433e09c50a1c63c3a7051c18cf9c141f07935890dd527e06c4d52522539988dd642b8f61ceedf4d7a63e4de4c540ba1992ca950c9b6ec403c7311150cd09ef1225302fca9f227e978b51da4e4c2e978fc4c48170d41b86fb0fdba758bc08604c396c290018ccb5a482857b9850d1122e4ad025b238dde3cafd1cbde32a5a5f8bd5357ff4202a5eb5e1409cf4674e0cebec03fdef4c5554a445f908e9795586d8badc9ef36947a2c04195d1be03110075b0a0b0e333df5a1b1b7543ad488ed8638dc869c1d39c5767e4d4eb9d83dea1778ada72300055d5da196856a2db46fb3a60e4992f3d6c0473acd715a97ca9d54008a85d06e8eea0fe6d40652aa58c4b922f86eef96ed1673f5388ed51a19625acfa3e0a4f8c2b3db503d080acbda5c3e00c0e3042d74815c2974b41ddef703c79a65095da9c90d71a8dc563bc4c7d2ceccdd9c6a4239ef13d4fab9c5abfcc120fd835d728048c4c2262796299ca139172eb46888e5a05868ea2d8eae2a1aa2498e6642f2df0b9e1cdc50c9a213f078bdebc34ec6d455bc25a92752f3da990c7ad9"}) (async) syz_open_pts(r0, 0x240080) (async) open(&(0x7f0000000000)='./bus\x00', 0x400100, 0x0) (async) ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f00000000c0)={0x17c, 0xe, &(0x7f0000001280)}) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000180), 0x400000, 0x0) (async) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000200)=0x1) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) [ 648.680325][T15062] Total swap = 0kB [ 648.684046][T15062] 2097051 pages RAM [ 648.687833][T15062] 0 pages HighMem/MovableOnly [ 648.693329][T15062] 384548 pages reserved [ 648.697473][T15062] 0 pages cma reserved [ 648.748526][ T3642] Bluetooth: hci6: sending frame failed (-49) [ 648.755846][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:50:04 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async, rerun: 32) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 64) ioctl$KDADDIO(r0, 0x400455c8, 0x3f7) (rerun: 64) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 32) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 64) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x80) ioctl$TCFLSH(r0, 0x540b, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe) r2 = socket$rxrpc(0x21, 0x2, 0x2) dup(r2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7a) ioctl$TIOCNOTTY(r0, 0x5422) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x80) (async) ioctl$TCFLSH(r0, 0x540b, 0x0) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'}) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe) (async) socket$rxrpc(0x21, 0x2, 0x2) (async) dup(r2) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7a) (async) ioctl$TIOCNOTTY(r0, 0x5422) (async) [ 648.834680][ T26] kauditd_printk_skb: 101 callbacks suppressed [ 648.834698][ T26] audit: type=1804 audit(1644684604.168:1697): pid=15170 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/652/bus" dev="sda1" ino=1181 res=1 errno=0 [ 648.851241][ T3642] Bluetooth: hci6: sending frame failed (-49) [ 648.874822][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 648.886414][ T3625] Bluetooth: hci9: sending frame failed (-49) [ 648.893961][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 648.902555][ T26] audit: type=1800 audit(1644684604.238:1698): pid=15170 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1181 res=0 errno=0 [ 648.906436][ T3636] Bluetooth: hci7: sending frame failed (-49) [ 648.934141][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:50:04 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 32) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x404000, 0x0) ioctl$TCFLSH(r2, 0x540b, 0x2) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async, rerun: 32) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 648.971707][T15176] ptm ptm7: ldisc open failed (-12), clearing slot 7 16:50:04 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000000)={0x2, 0x40, 0x9}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x1fe, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) ioctl$TIOCNXCL(r0, 0x540d) r1 = syz_open_dev$vcsn(&(0x7f0000000040), 0x10000, 0x4000) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x7, 0x0, 0xa3, 0x2, 0x19, "9580a395232142ab5c85fd4b1dd2a4b3d4b5ed"}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:04 executing program 4: getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, &(0x7f0000000280)=""/4093, &(0x7f0000000040)=0xffd) (async) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001680), 0x0, 0x0) ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, &(0x7f0000001ac0)={0x2, 0x1, 0x15, 0x14, 0x1a4, &(0x7f00000016c0)="5f36f5a3b65b89bc033ff025ef8fc1ba43b1d43b4631429e67d51412abecc9847a4a7fd1f195594d559dd7d69445e2fef4802f5371be9042681162d6ab09b0362e80e07128f2730d0d2da49d8ba8a28aba7f217423a68dfa164a7b91c8e25d43a41d89e9920fe5ef620e1b1b6831910530df7ad75d72dd2459fd4cf0c8690e1e2edeb0fcdd47ba84e1ebf925abafd901c2c6e58dc70fd3bd770ed88127d29bcf54f3e26b76a14e6bc9d8c8e77ae664387be44202da570dfdeb2cb0c3daad82c3d50acb5d5a806725a9e90ecaa32b7fba7792acf49b0be17767a46c9d575d924d64d91583c46643d02759c668ede76832b6a117bbaf78b378665053f35beb85dab39f673759f7ed2b1e40e9b868f96c166b1b74cfaec7f9f8c8fc275136e31f03246facc45b721214140298b80a4e637dbecf6acea366ac34490766cb8cd1c92e0c8ec6a4b2ac1e915b62f256e57a7dc32a446fc0f16f392793be45b495f0f1810b61096f849ed29b3daee00cf8bc762eb6b81c3fcd9217b07b7c91f4b58fe2c289a3ab304f0a12518208a04b5a6b6aacc8dea0c378322e466c778027fc6667d4e188864b99ee626ba1131cdf8c35572ebe2d7b32d2804dee9e59228ef5ff92b748b8a31aee35ee2a0bc9bda40204b6ce525f454624b8cee6d1b887f5ccf6fa8d72727bf3d22de606314d1ea245fe6acd5d737e2406de7b87c8a71caef43410c986ec5b3d6d2e19edad5805838d4485ff3fb1d9bd8e7b08cd456f305c6dcbc049d9a8822de3fe17a9e11c80df58ca13d491a03b9f198c793dbe023fcc0680f06d32d7435e0dced37d1d673cde187a4ceb1d981496fce4c7941d9a415e57a3b6dcf91fe8251c7b2c3c6684e4354356aa3433e09c50a1c63c3a7051c18cf9c141f07935890dd527e06c4d52522539988dd642b8f61ceedf4d7a63e4de4c540ba1992ca950c9b6ec403c7311150cd09ef1225302fca9f227e978b51da4e4c2e978fc4c48170d41b86fb0fdba758bc08604c396c290018ccb5a482857b9850d1122e4ad025b238dde3cafd1cbde32a5a5f8bd5357ff4202a5eb5e1409cf4674e0cebec03fdef4c5554a445f908e9795586d8badc9ef36947a2c04195d1be03110075b0a0b0e333df5a1b1b7543ad488ed8638dc869c1d39c5767e4d4eb9d83dea1778ada72300055d5da196856a2db46fb3a60e4992f3d6c0473acd715a97ca9d54008a85d06e8eea0fe6d40652aa58c4b922f86eef96ed1673f5388ed51a19625acfa3e0a4f8c2b3db503d080acbda5c3e00c0e3042d74815c2974b41ddef703c79a65095da9c90d71a8dc563bc4c7d2ceccdd9c6a4239ef13d4fab9c5abfcc120fd835d728048c4c2262796299ca139172eb46888e5a05868ea2d8eae2a1aa2498e6642f2df0b9e1cdc50c9a213f078bdebc34ec6d455bc25a92752f3da990c7ad9"}) syz_open_pts(r0, 0x240080) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x400100, 0x0) ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f00000000c0)={0x17c, 0xe, &(0x7f0000001280)}) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000180), 0x400000, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000200)=0x1) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 649.166829][ T26] audit: type=1804 audit(1644684604.498:1699): pid=15198 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/642/bus" dev="sda1" ino=1182 res=1 errno=0 [ 649.238680][ T26] audit: type=1800 audit(1644684604.538:1700): pid=15198 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:50:06 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xb) r1 = creat(0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$PPPIOCSFLAGS1(r2, 0x40047459, &(0x7f0000000040)=0x4000000) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000a6a8ac9f8a932805baaf11164c4ca8c548ac6d302d9ce3863aecab2d1c0befd9a733", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='./file0\x00']) (async) dup3(r1, r0, 0x80000) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:06 executing program 4: sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)={0xec, 0x0, 0x2, 0x101, 0x0, 0x0, {0xa, 0x0, 0x4}, [@CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x1}, @CTA_EXPECT_TIMEOUT={0x8}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x7}, @CTA_EXPECT_ZONE={0x6}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x542}, @CTA_EXPECT_HELP_NAME={0x5, 0x6, '\x00'}, @CTA_EXPECT_NAT={0xa8, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0xa4, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x34, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010102}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x33}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x20000080}, 0x408c0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:06 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 32) ioctl$KDADDIO(r0, 0x400455c8, 0x3f7) (rerun: 32) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x12) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 650.939738][T14422] Bluetooth: hci8: command 0x1003 tx timeout [ 650.946775][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:50:06 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6f69cc15b51add70, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) r2 = fcntl$dupfd(r0, 0x406, 0xffffffffffffffff) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000140)={0x7, 0x410001, 0xf63f, 0x78, 0x1b, "da620188ef25158064dccdc18d87440100"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x10) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000001c0)) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) r3 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) bind$pptp(r3, &(0x7f0000000100)={0x18, 0x2, {0x2, @local}}, 0x1e) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$KDADDIO(r2, 0x4b34, 0x1) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x12) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x12) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) [ 651.071025][ T3644] Bluetooth: hci9: sending frame failed (-49) [ 651.078967][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:50:06 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6f69cc15b51add70, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) r2 = fcntl$dupfd(r0, 0x406, 0xffffffffffffffff) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000140)={0x7, 0x410001, 0xf63f, 0x78, 0x1b, "da620188ef25158064dccdc18d87440100"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x10) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000001c0)) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) r3 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) bind$pptp(r3, &(0x7f0000000100)={0x18, 0x2, {0x2, @local}}, 0x1e) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) ioctl$KDADDIO(r2, 0x4b34, 0x1) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x12) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 651.156545][ T26] audit: type=1804 audit(1644684606.488:1701): pid=15219 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/653/bus" dev="sda1" ino=1169 res=1 errno=0 [ 651.182689][ T3671] Bluetooth: hci7: command 0x1003 tx timeout [ 651.190090][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 651.190230][ T3671] Bluetooth: hci6: command 0x1003 tx timeout 16:50:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b977d4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 651.198381][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:50:06 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async, rerun: 64) ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000000)={0x2, 0x40, 0x9}) (rerun: 64) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x1fe, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) ioctl$TIOCNXCL(r0, 0x540d) r1 = syz_open_dev$vcsn(&(0x7f0000000040), 0x10000, 0x4000) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x7, 0x0, 0xa3, 0x2, 0x19, "9580a395232142ab5c85fd4b1dd2a4b3d4b5ed"}) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 651.261556][ T3625] Bluetooth: hci7: sending frame failed (-49) [ 651.269159][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:50:06 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6f69cc15b51add70, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) r2 = fcntl$dupfd(r0, 0x406, 0xffffffffffffffff) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000140)={0x7, 0x410001, 0xf63f, 0x78, 0x1b, "da620188ef25158064dccdc18d87440100"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x10) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000001c0)) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async, rerun: 64) r3 = creat(0x0, 0x0) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async, rerun: 64) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async, rerun: 64) bind$pptp(r3, &(0x7f0000000100)={0x18, 0x2, {0x2, @local}}, 0x1e) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$KDADDIO(r2, 0x4b34, 0x1) (async, rerun: 64) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (rerun: 64) 16:50:06 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000000), 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) sendmsg$nl_xfrm(r2, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=@report={0x64, 0x20, 0x800, 0x70bd26, 0x25dfdbfc, {0xff, {@in6=@local, @in6=@private1, 0x4e21, 0x0, 0x4e21, 0x7f, 0x2, 0xa0, 0xa0, 0x0, 0x0, r3}}, [@offload={0xc, 0x1c, {0x0, 0x1}}, @lastused={0xc, 0xf, 0x2387c}]}, 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x2400c805) r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r4, 0x800) lseek(r4, 0x200, 0x0) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r4, r5, 0x0, 0x10000) setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000300)={@multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 651.357054][ T26] audit: type=1800 audit(1644684606.528:1702): pid=15219 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1169 res=0 errno=0 [ 651.476200][ T3644] Bluetooth: hci9: sending frame failed (-49) [ 651.483806][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 651.513975][ T26] audit: type=1804 audit(1644684606.718:1703): pid=15260 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/643/bus" dev="sda1" ino=1182 res=1 errno=0 [ 651.542457][ T26] audit: type=1800 audit(1644684606.718:1704): pid=15260 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 651.564015][ T26] audit: type=1804 audit(1644684606.758:1705): pid=15264 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/654/bus" dev="sda1" ino=1177 res=1 errno=0 [ 651.589915][ T26] audit: type=1800 audit(1644684606.758:1706): pid=15264 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1177 res=0 errno=0 16:50:08 executing program 4: sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)={0xec, 0x0, 0x2, 0x101, 0x0, 0x0, {0xa, 0x0, 0x4}, [@CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x1}, @CTA_EXPECT_TIMEOUT={0x8}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x7}, @CTA_EXPECT_ZONE={0x6}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x542}, @CTA_EXPECT_HELP_NAME={0x5, 0x6, '\x00'}, @CTA_EXPECT_NAT={0xa8, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0xa4, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x34, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010102}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x33}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x20000080}, 0x408c0) (async) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:08 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b977d4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b977d4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) 16:50:08 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x1fe, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async, rerun: 64) ioctl$TIOCNXCL(r0, 0x540d) (rerun: 64) r1 = syz_open_dev$vcsn(&(0x7f0000000040), 0x10000, 0x4000) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x7, 0x0, 0xa3, 0x2, 0x19, "9580a395232142ab5c85fd4b1dd2a4b3d4b5ed"}) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:08 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x1) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) fallocate(r2, 0x40, 0x7, 0x3) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f00000000c0)={0x0, @aes256, 0x0, @desc3}) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 653.089832][ T3676] Bluetooth: hci8: command 0x1003 tx timeout [ 653.100007][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 653.151570][ T3644] Bluetooth: hci9: sending frame failed (-49) [ 653.159287][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:50:08 executing program 4: sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)={0xec, 0x0, 0x2, 0x101, 0x0, 0x0, {0xa, 0x0, 0x4}, [@CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x1}, @CTA_EXPECT_TIMEOUT={0x8}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x7}, @CTA_EXPECT_ZONE={0x6}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x542}, @CTA_EXPECT_HELP_NAME={0x5, 0x6, '\x00'}, @CTA_EXPECT_NAT={0xa8, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0xa4, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x34, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010102}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x33}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x20000080}, 0x408c0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)={0xec, 0x0, 0x2, 0x101, 0x0, 0x0, {0xa, 0x0, 0x4}, [@CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x1}, @CTA_EXPECT_TIMEOUT={0x8}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x7}, @CTA_EXPECT_ZONE={0x6}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x542}, @CTA_EXPECT_HELP_NAME={0x5, 0x6, '\x00'}, @CTA_EXPECT_NAT={0xa8, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0xa4, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x34, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010102}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x33}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x20000080}, 0x408c0) (async) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) 16:50:08 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b977d4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 653.245574][ T3638] Bluetooth: hci9: sending frame failed (-49) [ 653.253482][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:50:08 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000000)={0x2, 0x40, 0x9}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000000)={0x2, 0x40, 0x9}) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 653.307287][ T3638] Bluetooth: hci9: sending frame failed (-49) [ 653.316955][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 653.339873][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:50:08 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x244200, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x2, 0x40, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) r1 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000040)={0xee6, 0x5, 0x1, 0x6, 0xe, "dea56678b5ca20918029c544b7d74bc9b7cf50"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:08 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000000), 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) sendmsg$nl_xfrm(r2, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=@report={0x64, 0x20, 0x800, 0x70bd26, 0x25dfdbfc, {0xff, {@in6=@local, @in6=@private1, 0x4e21, 0x0, 0x4e21, 0x7f, 0x2, 0xa0, 0xa0, 0x0, 0x0, r3}}, [@offload={0xc, 0x1c, {0x0, 0x1}}, @lastused={0xc, 0xf, 0x2387c}]}, 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x2400c805) r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r4, 0x800) lseek(r4, 0x200, 0x0) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r4, r5, 0x0, 0x10000) setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000300)={@multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) syz_open_dev$vcsa(&(0x7f0000000000), 0x3, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) (async) sendmsg$nl_xfrm(r2, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=@report={0x64, 0x20, 0x800, 0x70bd26, 0x25dfdbfc, {0xff, {@in6=@local, @in6=@private1, 0x4e21, 0x0, 0x4e21, 0x7f, 0x2, 0xa0, 0xa0, 0x0, 0x0, r3}}, [@offload={0xc, 0x1c, {0x0, 0x1}}, @lastused={0xc, 0xf, 0x2387c}]}, 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x2400c805) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r4, 0x800) (async) lseek(r4, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r4, r5, 0x0, 0x10000) (async) setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000300)={@multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 653.409836][ T3728] Bluetooth: hci7: command 0x1003 tx timeout [ 653.409917][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 653.482128][ T3638] Bluetooth: hci9: sending frame failed (-49) [ 653.490072][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:50:08 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async, rerun: 64) r1 = creat(0x0, 0x0) (rerun: 64) r2 = syz_open_dev$vcsa(&(0x7f0000000000), 0x3, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) sendmsg$nl_xfrm(r2, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=@report={0x64, 0x20, 0x800, 0x70bd26, 0x25dfdbfc, {0xff, {@in6=@local, @in6=@private1, 0x4e21, 0x0, 0x4e21, 0x7f, 0x2, 0xa0, 0xa0, 0x0, 0x0, r3}}, [@offload={0xc, 0x1c, {0x0, 0x1}}, @lastused={0xc, 0xf, 0x2387c}]}, 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x2400c805) r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r4, 0x800) lseek(r4, 0x200, 0x0) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r4, r5, 0x0, 0x10000) (async) setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000300)={@multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc) (async) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 64) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:10 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x1) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) fallocate(r2, 0x40, 0x7, 0x3) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f00000000c0)={0x0, @aes256, 0x0, @desc3}) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x1) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) fallocate(r2, 0x40, 0x7, 0x3) (async) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f00000000c0)={0x0, @aes256, 0x0, @desc3}) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) [ 655.169818][ T3675] Bluetooth: hci8: command 0x1003 tx timeout [ 655.169972][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:50:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(0xffffffffffffffff, 0x4, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002b40)=[{{&(0x7f0000000000), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000180)=""/163, 0xa3}, {&(0x7f00000000c0)=""/30, 0x1e}, {&(0x7f0000000280)=""/39, 0x27}, {&(0x7f00000002c0)}], 0x4, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000400)=""/121, 0x79}, {&(0x7f0000000480)=""/160, 0xa0}], 0x2, &(0x7f0000000580)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000600)=""/86, 0x56}, {&(0x7f0000000680)=""/34, 0x22}, {&(0x7f00000006c0)=""/49, 0x31}, {&(0x7f0000000700)=""/235, 0xeb}, {&(0x7f0000000800)=""/217, 0xd9}], 0x5, &(0x7f0000000980)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}}, {{&(0x7f0000000a00)=@abs, 0x6e, &(0x7f0000000f40)=[{&(0x7f0000000a80)=""/171, 0xab}, {&(0x7f0000000b40)=""/150, 0x96}, {&(0x7f0000000c00)=""/60, 0x3c}, {&(0x7f0000000c40)=""/246, 0xf6}, {&(0x7f0000000d40)=""/110, 0x6e}, {&(0x7f0000000dc0)=""/77, 0x4d}, {&(0x7f0000000e40)=""/145, 0x91}, {&(0x7f0000000f00)=""/61, 0x3d}], 0x8, &(0x7f0000000fc0)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xe0}}, {{&(0x7f00000010c0), 0x6e, &(0x7f0000002340)=[{&(0x7f0000001140)=""/148, 0x94}, {&(0x7f0000001200)=""/96, 0x60}, {&(0x7f0000001280)=""/4096, 0x1000}, {&(0x7f0000002280)=""/159, 0x9f}], 0x4, &(0x7f0000002380)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x100}}, {{&(0x7f0000002480)=@abs, 0x6e, &(0x7f0000002a00)=[{&(0x7f0000002500)=""/250, 0xfa}, {&(0x7f0000002600)=""/65, 0x41}, {&(0x7f0000002680)=""/160, 0xa0}, {&(0x7f0000002740)=""/243, 0xf3}, {&(0x7f0000002840)=""/118, 0x76}, {&(0x7f00000028c0)=""/20, 0x14}, {&(0x7f0000002900)=""/226, 0xe2}], 0x7, &(0x7f0000002a80)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x90}}], 0x6, 0x100, &(0x7f0000002cc0)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) [ 655.249692][ T3675] Bluetooth: hci10: command 0x1003 tx timeout [ 655.249909][ T3642] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:50:10 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x8, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x210002, 0x0) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 655.329996][ T46] Bluetooth: hci11: Opcode 0x1003 failed: -110 16:50:10 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@map_fd={0x18, 0x9, 0x1, 0x0, 0x1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @cb_func={0x18, 0xb, 0x4, 0x0, 0x6}, @alu={0x7, 0x0, 0x8, 0x6, 0x5, 0x100, 0xfffffffffffffff0}, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ldst={0x0, 0x0, 0x6, 0x4, 0x7, 0x8, 0x10}]}, &(0x7f00000000c0)='syzkaller\x00', 0xb73f, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0x1, 0x6, 0x9}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000280)=[0xffffffffffffffff, r3, 0x1]}, 0x80) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 655.409677][ T3675] Bluetooth: hci6: command 0x1003 tx timeout [ 655.420805][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 655.468088][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 655.468106][ T26] audit: type=1804 audit(1644684610.798:1713): pid=15366 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/594/bus" dev="sda1" ino=1183 res=1 errno=0 [ 655.499953][ T3638] Bluetooth: hci6: sending frame failed (-49) [ 655.502626][ T3676] Bluetooth: hci7: command 0x1003 tx timeout [ 655.506905][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:50:10 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x244200, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x2, 0x40, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) r1 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000040)={0xee6, 0x5, 0x1, 0x6, 0xe, "dea56678b5ca20918029c544b7d74bc9b7cf50"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x244200, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x2, 0x40, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) syz_open_dev$ttys(0xc, 0x2, 0x0) (async) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000040)={0xee6, 0x5, 0x1, 0x6, 0xe, "dea56678b5ca20918029c544b7d74bc9b7cf50"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 655.518580][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 655.598961][ T26] audit: type=1800 audit(1644684610.818:1714): pid=15366 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1183 res=0 errno=0 16:50:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000380)=0x100016) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r2 = signalfd(r1, &(0x7f00000002c0)={[0x7]}, 0x8) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000300)={0x9, 0x8, 0x20, 0x0, 0x10, "48a4d8c424bb476ab3aded892d5fc3265bc228"}) r3 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000340)={{0x1, 0x1, 0x18, r1, {r0}}, './file0\x00'}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5337b1ffb0f0770c66f5107d7aedfc76387e2493e7db426082d728c72d2c67e40e7908bda03d9f109e5fb1233a3cce683d7508c50952f72f2fab670a22703ced1ced06df15e398e4520e86141c8b9d27ab779da460961925fc507798538e29f7c890d1af8dfc8a03caa4f4e3168beeb172583b8e5153a41dd9e4289ae1cb176f3982c1b4ed008a056fc134d87c648b858970b2531cc35a53c63af9ae1ce0fa0b8a2d6f4edc8f1311af9bab8afec9aac0be550daa1bc8529718", @ANYRES16=r6, @ANYBLOB="01070000e9ff1f00000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, r6, 0x400, 0x70bd2d, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4050}, 0x20000000) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x20, r7, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x20}}, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(r4, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)={0x48, r7, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xa94d}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x607d}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x800) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 655.636167][ T26] audit: type=1804 audit(1644684610.868:1715): pid=15368 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/645/bus" dev="sda1" ino=1178 res=1 errno=0 [ 655.647786][ T3636] Bluetooth: hci6: sending frame failed (-49) [ 655.668773][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 655.671559][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 655.676992][T14419] Bluetooth: hci9: command 0x1003 tx timeout 16:50:11 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x244200, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x2, 0x40, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async, rerun: 32) r1 = syz_open_dev$ttys(0xc, 0x2, 0x0) (rerun: 32) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000040)={0xee6, 0x5, 0x1, 0x6, 0xe, "dea56678b5ca20918029c544b7d74bc9b7cf50"}) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (rerun: 64) 16:50:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000380)=0x100016) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r2 = signalfd(r1, &(0x7f00000002c0)={[0x7]}, 0x8) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000300)={0x9, 0x8, 0x20, 0x0, 0x10, "48a4d8c424bb476ab3aded892d5fc3265bc228"}) r3 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000340)={{0x1, 0x1, 0x18, r1, {r0}}, './file0\x00'}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5337b1ffb0f0770c66f5107d7aedfc76387e2493e7db426082d728c72d2c67e40e7908bda03d9f109e5fb1233a3cce683d7508c50952f72f2fab670a22703ced1ced06df15e398e4520e86141c8b9d27ab779da460961925fc507798538e29f7c890d1af8dfc8a03caa4f4e3168beeb172583b8e5153a41dd9e4289ae1cb176f3982c1b4ed008a056fc134d87c648b858970b2531cc35a53c63af9ae1ce0fa0b8a2d6f4edc8f1311af9bab8afec9aac0be550daa1bc8529718", @ANYRES16=r6, @ANYBLOB="01070000e9ff1f00000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0) (async) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, r6, 0x400, 0x70bd2d, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4050}, 0x20000000) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x20, r7, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x20}}, 0x0) (async) sendmsg$TIPC_NL_BEARER_DISABLE(r4, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)={0x48, r7, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xa94d}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x607d}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x800) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 655.825144][ T26] audit: type=1800 audit(1644684610.868:1716): pid=15368 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1178 res=0 errno=0 16:50:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000380)=0x100016) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) r2 = signalfd(r1, &(0x7f00000002c0)={[0x7]}, 0x8) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000300)={0x9, 0x8, 0x20, 0x0, 0x10, "48a4d8c424bb476ab3aded892d5fc3265bc228"}) (async) r3 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000340)={{0x1, 0x1, 0x18, r1, {r0}}, './file0\x00'}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5337b1ffb0f0770c66f5107d7aedfc76387e2493e7db426082d728c72d2c67e40e7908bda03d9f109e5fb1233a3cce683d7508c50952f72f2fab670a22703ced1ced06df15e398e4520e86141c8b9d27ab779da460961925fc507798538e29f7c890d1af8dfc8a03caa4f4e3168beeb172583b8e5153a41dd9e4289ae1cb176f3982c1b4ed008a056fc134d87c648b858970b2531cc35a53c63af9ae1ce0fa0b8a2d6f4edc8f1311af9bab8afec9aac0be550daa1bc8529718", @ANYRES16=r6, @ANYBLOB="01070000e9ff1f00000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0) (async) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, r6, 0x400, 0x70bd2d, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4050}, 0x20000000) (async) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x20, r7, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x20}}, 0x0) (async) sendmsg$TIPC_NL_BEARER_DISABLE(r4, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)={0x48, r7, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xa94d}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x607d}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x800) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x6, 0x10000) sendfile(r4, r3, 0x0, 0x800000000000000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:11 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async, rerun: 32) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@map_fd={0x18, 0x9, 0x1, 0x0, 0x1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @cb_func={0x18, 0xb, 0x4, 0x0, 0x6}, @alu={0x7, 0x0, 0x8, 0x6, 0x5, 0x100, 0xfffffffffffffff0}, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ldst={0x0, 0x0, 0x6, 0x4, 0x7, 0x8, 0x10}]}, &(0x7f00000000c0)='syzkaller\x00', 0xb73f, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0x1, 0x6, 0x9}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000280)=[0xffffffffffffffff, r3, 0x1]}, 0x80) (async, rerun: 32) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 656.091348][ T26] audit: type=1804 audit(1644684611.428:1717): pid=15404 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/660/bus" dev="sda1" ino=1158 res=1 errno=0 [ 656.137201][ T26] audit: type=1800 audit(1644684611.428:1718): pid=15404 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1158 res=0 errno=0 [ 656.161080][ T26] audit: type=1804 audit(1644684611.468:1719): pid=15409 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/646/bus" dev="sda1" ino=1182 res=1 errno=0 [ 656.181766][ T3638] Bluetooth: hci9: sending frame failed (-49) [ 656.187960][ T26] audit: type=1800 audit(1644684611.468:1720): pid=15409 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 656.193786][ T3625] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:50:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async, rerun: 32) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (rerun: 32) ftruncate(r1, 0x800) (async, rerun: 64) lseek(r1, 0x200, 0x0) (async, rerun: 64) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) (async, rerun: 32) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 32) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) (async) r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x6, 0x10000) sendfile(r4, r3, 0x0, 0x800000000000000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 656.512228][ T26] audit: type=1804 audit(1644684611.848:1721): pid=15417 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/661/bus" dev="sda1" ino=1167 res=1 errno=0 [ 656.538364][ T26] audit: type=1800 audit(1644684611.868:1722): pid=15417 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1167 res=0 errno=0 [ 657.259772][T14419] Bluetooth: hci8: command 0x1003 tx timeout [ 657.266488][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 657.409919][ T46] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 657.418076][ T3671] Bluetooth: hci10: command 0x1003 tx timeout [ 657.419949][ T3642] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 657.889755][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 657.891003][ T915] Bluetooth: hci6: command 0x1003 tx timeout [ 658.220056][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 658.228364][T14419] Bluetooth: hci7: command tx timeout [ 658.237640][T15410] warn_alloc: 20 callbacks suppressed [ 658.237653][T15410] syz-executor.0: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 658.270111][T15410] CPU: 1 PID: 15410 Comm: syz-executor.0 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 658.280624][T15410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 658.290808][T15410] Call Trace: [ 658.294093][T15410] [ 658.297010][T15410] dump_stack_lvl+0xcd/0x134 [ 658.302040][T15410] warn_alloc.cold+0x9b/0x189 [ 658.307104][T15410] ? zone_watermark_ok_safe+0x290/0x290 [ 658.312639][T15410] ? __kmalloc_node+0x62/0x390 [ 658.317413][T15410] ? __vmalloc_node_range+0x7bf/0x1060 [ 658.323197][T15410] __vmalloc_node_range+0xe1e/0x1060 [ 658.328482][T15410] ? vfree_atomic+0xe0/0xe0 [ 658.332997][T15410] ? n_tty_open+0x16/0x170 [ 658.337423][T15410] vzalloc+0x67/0x80 [ 658.341570][T15410] ? n_tty_open+0x16/0x170 [ 658.345973][T15410] n_tty_open+0x16/0x170 [ 658.350199][T15410] ? n_tty_set_termios+0x1010/0x1010 [ 658.355571][T15410] tty_ldisc_open+0x9b/0x110 [ 658.360234][T15410] tty_set_ldisc+0x2f1/0x680 [ 658.365024][T15410] tty_ioctl+0xae0/0x1660 [ 658.369989][T15410] ? tty_lookup_driver+0x550/0x550 [ 658.375091][T15410] ? find_held_lock+0x2d/0x110 [ 658.379850][T15410] ? __fget_files+0x28c/0x470 [ 658.384721][T15410] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 658.391303][T15410] ? tty_lookup_driver+0x550/0x550 [ 658.396621][T15410] __x64_sys_ioctl+0x193/0x200 [ 658.401394][T15410] do_syscall_64+0x35/0xb0 [ 658.405796][T15410] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 658.411689][T15410] RIP: 0033:0x7fef70383059 [ 658.416105][T15410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 658.435720][T15410] RSP: 002b:00007fef6ec74168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 658.444136][T15410] RAX: ffffffffffffffda RBX: 00007fef704962a0 RCX: 00007fef70383059 [ 658.452090][T15410] RDX: 0000000020000100 RSI: 0000000000005423 RDI: 0000000000000003 [ 658.460046][T15410] RBP: 00007fef703dd08d R08: 0000000000000000 R09: 0000000000000000 [ 658.467998][T15410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 658.475949][T15410] R13: 00007ffc5492c60f R14: 00007fef6ec74300 R15: 0000000000022000 [ 658.483918][T15410] [ 658.492078][T15410] Mem-Info: [ 658.495209][T15410] active_anon:2629 inactive_anon:146001 isolated_anon:0 [ 658.495209][T15410] active_file:4174 inactive_file:7647 isolated_file:0 [ 658.495209][T15410] unevictable:768 dirty:47 writeback:0 [ 658.495209][T15410] slab_reclaimable:19290 slab_unreclaimable:96332 [ 658.495209][T15410] mapped:27869 shmem:4114 pagetables:727 bounce:0 [ 658.495209][T15410] kernel_misc_reclaimable:0 [ 658.495209][T15410] free:1325812 free_pcp:10080 free_cma:0 [ 658.544068][T15410] Node 0 active_anon:10508kB inactive_anon:583072kB active_file:16620kB inactive_file:30588kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111476kB dirty:184kB writeback:0kB shmem:13980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB kernel_stack:10544kB pagetables:2904kB all_unreclaimable? no [ 658.579316][T15410] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 658.611913][T15410] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 658.639018][T15410] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 658.644825][T15410] Node 0 DMA32 free:1335380kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10508kB inactive_anon:583072kB active_file:16620kB inactive_file:30588kB unevictable:1536kB writepending:184kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:41128kB local_pcp:20856kB free_cma:0kB [ 658.675859][T15410] lowmem_reserve[]: 0 0 0 0 0 [ 658.680617][T15410] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 658.708620][T15410] lowmem_reserve[]: 0 0 0 0 0 [ 658.713703][T15410] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 658.744522][T15410] lowmem_reserve[]: 0 0 0 0 0 [ 658.749262][T15410] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 658.766503][T15410] Node 0 DMA32: 83*4kB (UME) 1541*8kB (UME) 2004*16kB (UME) 693*32kB (UME) 316*64kB (UME) 156*128kB (UME) 66*256kB (UME) 38*512kB (UME) 22*1024kB (UE) 19*2048kB (UME) 276*4096kB (UM) = 1335380kB [ 658.789656][T15410] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 658.802413][T15410] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 658.821673][T15410] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 658.831959][T15410] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 658.841686][T15410] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 658.853063][T15410] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 658.862516][T15410] 15935 total pagecache pages [ 658.867348][T15410] 0 pages in swap cache [ 658.872914][T15410] Swap cache stats: add 0, delete 0, find 0/0 [ 658.878995][T15410] Free swap = 0kB [ 658.885965][T15410] Total swap = 0kB [ 658.891087][T15410] 2097051 pages RAM [ 658.895322][T15410] 0 pages HighMem/MovableOnly [ 658.900669][T15410] 384548 pages reserved [ 658.905055][T15410] 0 pages cma reserved [ 658.913421][ T3644] Bluetooth: hci6: sending frame failed (-49) [ 658.920529][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:50:14 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x1) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) fallocate(r2, 0x40, 0x7, 0x3) (async) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f00000000c0)={0x0, @aes256, 0x0, @desc3}) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:14 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x6, 0x10000) sendfile(r4, r3, 0x0, 0x800000000000000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) socket$inet6_udplite(0xa, 0x2, 0x88) (async) syz_open_dev$I2C(&(0x7f0000000000), 0x6, 0x10000) (async) sendfile(r4, r3, 0x0, 0x800000000000000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) 16:50:14 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x8, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x210002, 0x0) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:14 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) lseek(0xffffffffffffffff, 0x4, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async, rerun: 32) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002b40)=[{{&(0x7f0000000000), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000180)=""/163, 0xa3}, {&(0x7f00000000c0)=""/30, 0x1e}, {&(0x7f0000000280)=""/39, 0x27}, {&(0x7f00000002c0)}], 0x4, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000400)=""/121, 0x79}, {&(0x7f0000000480)=""/160, 0xa0}], 0x2, &(0x7f0000000580)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000600)=""/86, 0x56}, {&(0x7f0000000680)=""/34, 0x22}, {&(0x7f00000006c0)=""/49, 0x31}, {&(0x7f0000000700)=""/235, 0xeb}, {&(0x7f0000000800)=""/217, 0xd9}], 0x5, &(0x7f0000000980)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}}, {{&(0x7f0000000a00)=@abs, 0x6e, &(0x7f0000000f40)=[{&(0x7f0000000a80)=""/171, 0xab}, {&(0x7f0000000b40)=""/150, 0x96}, {&(0x7f0000000c00)=""/60, 0x3c}, {&(0x7f0000000c40)=""/246, 0xf6}, {&(0x7f0000000d40)=""/110, 0x6e}, {&(0x7f0000000dc0)=""/77, 0x4d}, {&(0x7f0000000e40)=""/145, 0x91}, {&(0x7f0000000f00)=""/61, 0x3d}], 0x8, &(0x7f0000000fc0)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xe0}}, {{&(0x7f00000010c0), 0x6e, &(0x7f0000002340)=[{&(0x7f0000001140)=""/148, 0x94}, {&(0x7f0000001200)=""/96, 0x60}, {&(0x7f0000001280)=""/4096, 0x1000}, {&(0x7f0000002280)=""/159, 0x9f}], 0x4, &(0x7f0000002380)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x100}}, {{&(0x7f0000002480)=@abs, 0x6e, &(0x7f0000002a00)=[{&(0x7f0000002500)=""/250, 0xfa}, {&(0x7f0000002600)=""/65, 0x41}, {&(0x7f0000002680)=""/160, 0xa0}, {&(0x7f0000002740)=""/243, 0xf3}, {&(0x7f0000002840)=""/118, 0x76}, {&(0x7f00000028c0)=""/20, 0x14}, {&(0x7f0000002900)=""/226, 0xe2}], 0x7, &(0x7f0000002a80)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x90}}], 0x6, 0x100, &(0x7f0000002cc0)) (async, rerun: 32) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) 16:50:14 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x385001, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000040)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:14 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 32) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 32) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 32) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (rerun: 32) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async, rerun: 64) lseek(r2, 0x200, 0x0) (async, rerun: 64) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@map_fd={0x18, 0x9, 0x1, 0x0, 0x1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @cb_func={0x18, 0xb, 0x4, 0x0, 0x6}, @alu={0x7, 0x0, 0x8, 0x6, 0x5, 0x100, 0xfffffffffffffff0}, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ldst={0x0, 0x0, 0x6, 0x4, 0x7, 0x8, 0x10}]}, &(0x7f00000000c0)='syzkaller\x00', 0xb73f, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0x1, 0x6, 0x9}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000280)=[0xffffffffffffffff, r3, 0x1]}, 0x80) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 659.329849][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 659.329908][ T915] Bluetooth: hci8: command 0x1003 tx timeout [ 659.429090][ T3644] Bluetooth: hci7: sending frame failed (-49) [ 659.438460][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 659.448900][ T3644] Bluetooth: hci8: sending frame failed (-49) [ 659.458429][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -49 16:50:14 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x8, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x210002, 0x0) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x8, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x210002, 0x0) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) [ 659.516907][ T3644] Bluetooth: hci10: sending frame failed (-49) [ 659.524814][ T46] Bluetooth: hci9: sending frame failed (-49) [ 659.533282][ T3636] Bluetooth: hci10: Opcode 0x1003 failed: -49 [ 659.540498][ T3642] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 659.559210][T15435] ptm ptm29: ldisc open failed (-12), clearing slot 29 16:50:14 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x110, r1, 0x20223000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:14 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x385001, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000040)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 659.622992][T15450] ptm ptm1: ldisc open failed (-12), clearing slot 1 16:50:15 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(0xffffffffffffffff, 0x4, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002b40)=[{{&(0x7f0000000000), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000180)=""/163, 0xa3}, {&(0x7f00000000c0)=""/30, 0x1e}, {&(0x7f0000000280)=""/39, 0x27}, {&(0x7f00000002c0)}], 0x4, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000400)=""/121, 0x79}, {&(0x7f0000000480)=""/160, 0xa0}], 0x2, &(0x7f0000000580)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000600)=""/86, 0x56}, {&(0x7f0000000680)=""/34, 0x22}, {&(0x7f00000006c0)=""/49, 0x31}, {&(0x7f0000000700)=""/235, 0xeb}, {&(0x7f0000000800)=""/217, 0xd9}], 0x5, &(0x7f0000000980)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}}, {{&(0x7f0000000a00)=@abs, 0x6e, &(0x7f0000000f40)=[{&(0x7f0000000a80)=""/171, 0xab}, {&(0x7f0000000b40)=""/150, 0x96}, {&(0x7f0000000c00)=""/60, 0x3c}, {&(0x7f0000000c40)=""/246, 0xf6}, {&(0x7f0000000d40)=""/110, 0x6e}, {&(0x7f0000000dc0)=""/77, 0x4d}, {&(0x7f0000000e40)=""/145, 0x91}, {&(0x7f0000000f00)=""/61, 0x3d}], 0x8, &(0x7f0000000fc0)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xe0}}, {{&(0x7f00000010c0), 0x6e, &(0x7f0000002340)=[{&(0x7f0000001140)=""/148, 0x94}, {&(0x7f0000001200)=""/96, 0x60}, {&(0x7f0000001280)=""/4096, 0x1000}, {&(0x7f0000002280)=""/159, 0x9f}], 0x4, &(0x7f0000002380)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x100}}, {{&(0x7f0000002480)=@abs, 0x6e, &(0x7f0000002a00)=[{&(0x7f0000002500)=""/250, 0xfa}, {&(0x7f0000002600)=""/65, 0x41}, {&(0x7f0000002680)=""/160, 0xa0}, {&(0x7f0000002740)=""/243, 0xf3}, {&(0x7f0000002840)=""/118, 0x76}, {&(0x7f00000028c0)=""/20, 0x14}, {&(0x7f0000002900)=""/226, 0xe2}], 0x7, &(0x7f0000002a80)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x90}}], 0x6, 0x100, &(0x7f0000002cc0)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) lseek(0xffffffffffffffff, 0x4, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002b40)=[{{&(0x7f0000000000), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000180)=""/163, 0xa3}, {&(0x7f00000000c0)=""/30, 0x1e}, {&(0x7f0000000280)=""/39, 0x27}, {&(0x7f00000002c0)}], 0x4, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000400)=""/121, 0x79}, {&(0x7f0000000480)=""/160, 0xa0}], 0x2, &(0x7f0000000580)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000600)=""/86, 0x56}, {&(0x7f0000000680)=""/34, 0x22}, {&(0x7f00000006c0)=""/49, 0x31}, {&(0x7f0000000700)=""/235, 0xeb}, {&(0x7f0000000800)=""/217, 0xd9}], 0x5, &(0x7f0000000980)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}}, {{&(0x7f0000000a00)=@abs, 0x6e, &(0x7f0000000f40)=[{&(0x7f0000000a80)=""/171, 0xab}, {&(0x7f0000000b40)=""/150, 0x96}, {&(0x7f0000000c00)=""/60, 0x3c}, {&(0x7f0000000c40)=""/246, 0xf6}, {&(0x7f0000000d40)=""/110, 0x6e}, {&(0x7f0000000dc0)=""/77, 0x4d}, {&(0x7f0000000e40)=""/145, 0x91}, {&(0x7f0000000f00)=""/61, 0x3d}], 0x8, &(0x7f0000000fc0)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xe0}}, {{&(0x7f00000010c0), 0x6e, &(0x7f0000002340)=[{&(0x7f0000001140)=""/148, 0x94}, {&(0x7f0000001200)=""/96, 0x60}, {&(0x7f0000001280)=""/4096, 0x1000}, {&(0x7f0000002280)=""/159, 0x9f}], 0x4, &(0x7f0000002380)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x100}}, {{&(0x7f0000002480)=@abs, 0x6e, &(0x7f0000002a00)=[{&(0x7f0000002500)=""/250, 0xfa}, {&(0x7f0000002600)=""/65, 0x41}, {&(0x7f0000002680)=""/160, 0xa0}, {&(0x7f0000002740)=""/243, 0xf3}, {&(0x7f0000002840)=""/118, 0x76}, {&(0x7f00000028c0)=""/20, 0x14}, {&(0x7f0000002900)=""/226, 0xe2}], 0x7, &(0x7f0000002a80)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x90}}], 0x6, 0x100, &(0x7f0000002cc0)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r2, r3, 0x0, 0x10000) (async) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) (async) [ 659.677892][T15469] ptm ptm1: ldisc open failed (-12), clearing slot 1 16:50:15 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x258800, 0x0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000040)={0x2, {0x2, 0x2, 0x8ff, 0x6, 0x101, 0x1}}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$KDADDIO(r2, 0x4b34, 0x8001) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:15 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x385001, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000040)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x385001, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000040)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 659.814603][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 659.825162][ T3625] Bluetooth: hci11: Opcode 0x1003 failed: -49 [ 659.874978][T15498] ptm ptm5: ldisc open failed (-12), clearing slot 5 16:50:16 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 661.410099][ T3640] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 661.459087][ T26] kauditd_printk_skb: 7 callbacks suppressed [ 661.459105][ T26] audit: type=1804 audit(1644684616.788:1730): pid=15510 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3272609572/syzkaller.ZmexmB/721/bus" dev="sda1" ino=1182 res=1 errno=0 [ 661.495067][ T26] audit: type=1800 audit(1644684616.788:1731): pid=15510 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 661.528656][ T26] audit: type=1804 audit(1644684616.858:1732): pid=15511 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3272609572/syzkaller.ZmexmB/721/bus" dev="sda1" ino=1182 res=1 errno=0 [ 661.555277][ T26] audit: type=1800 audit(1644684616.858:1733): pid=15511 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:50:17 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) [ 661.649757][ T915] Bluetooth: hci7: command 0x1003 tx timeout [ 661.655988][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 661.734137][ T26] audit: type=1804 audit(1644684617.068:1734): pid=15513 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3272609572/syzkaller.ZmexmB/722/bus" dev="sda1" ino=1182 res=1 errno=0 [ 661.769285][ T26] audit: type=1800 audit(1644684617.068:1735): pid=15513 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 661.797672][ T26] audit: type=1804 audit(1644684617.128:1736): pid=15514 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3272609572/syzkaller.ZmexmB/722/bus" dev="sda1" ino=1182 res=1 errno=0 [ 661.809893][ T3671] Bluetooth: hci9: command 0x1003 tx timeout 16:50:17 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x110, r1, 0x20223000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x110, r1, 0x20223000) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:50:17 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x258800, 0x0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000040)={0x2, {0x2, 0x2, 0x8ff, 0x6, 0x101, 0x1}}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$KDADDIO(r2, 0x4b34, 0x8001) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 661.824048][ T915] Bluetooth: hci10: command 0x1003 tx timeout [ 661.829647][ T3644] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 661.835941][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 661.844643][ T46] Bluetooth: hci9: Opcode 0x1003 failed: -110 16:50:17 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountstats\x00') ioctl$TCSETS(r1, 0x5402, &(0x7f00000001c0)={0x1, 0x3, 0x5, 0x3, 0xfc, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 661.890342][ T3625] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 661.963716][ T3636] Bluetooth: hci8: sending frame failed (-49) [ 661.972136][ T3640] Bluetooth: hci10: sending frame failed (-49) [ 661.979737][ T3644] Bluetooth: hci10: Opcode 0x1003 failed: -49 [ 661.979873][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 662.001513][ T3644] Bluetooth: hci9: sending frame failed (-49) 16:50:17 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) (async, rerun: 64) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (rerun: 64) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async, rerun: 64) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 662.008690][ T46] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 662.033939][ T26] audit: type=1800 audit(1644684617.128:1737): pid=15514 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 662.132831][ T26] audit: type=1804 audit(1644684617.438:1738): pid=15542 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3272609572/syzkaller.ZmexmB/723/bus" dev="sda1" ino=1182 res=1 errno=0 [ 662.172525][ T26] audit: type=1800 audit(1644684617.438:1739): pid=15542 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:50:19 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000100)=0x5) 16:50:19 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountstats\x00') ioctl$TCSETS(r1, 0x5402, &(0x7f00000001c0)={0x1, 0x3, 0x5, 0x3, 0xfc, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:19 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x110, r1, 0x20223000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TCGETA(r2, 0x5405, &(0x7f0000000180)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x7) r3 = syz_open_dev$vcsu(&(0x7f0000000040), 0x6, 0x415400) ioctl$KDSKBMETA(r3, 0x4b63, &(0x7f00000000c0)=0x3) 16:50:19 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f00000000c0)={0x8c4, 0x100, 0x101, 0x800, 0xc, "cd254bd556542a25"}) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x7ffffffe) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 663.729757][ T3675] Bluetooth: hci6: command 0x1003 tx timeout [ 663.739813][ T3642] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:50:19 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f00000000c0)={0x8c4, 0x100, 0x101, 0x800, 0xc, "cd254bd556542a25"}) (async) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x7ffffffe) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:19 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x800) (rerun: 64) lseek(0xffffffffffffffff, 0x200, 0x0) (async) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f00000000c0)={0x8c4, 0x100, 0x101, 0x800, 0xc, "cd254bd556542a25"}) (async) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x7ffffffe) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 64) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:19 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x258800, 0x0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000040)={0x2, {0x2, 0x2, 0x8ff, 0x6, 0x101, 0x1}}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$KDADDIO(r2, 0x4b34, 0x8001) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 663.969921][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:50:19 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f00000000c0)={r0, 0xfffffffffffffff6, 0x8001, 0x5}) ioctl$KDADDIO(r3, 0x4b34, 0x5) [ 664.073392][T14217] Bluetooth: Error in BCSP hdr checksum [ 664.115331][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 664.123261][ T3636] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:50:19 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f00000000c0)={r0, 0xfffffffffffffff6, 0x8001, 0x5}) ioctl$KDADDIO(r3, 0x4b34, 0x5) 16:50:21 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x480080, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000040)=0x2) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0xfe01, 0x5, 0x1, 0xf30c, 0x4}}) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 665.819898][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 665.819910][ T3642] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 665.828505][ T7] Bluetooth: hci8: command 0x1003 tx timeout 16:50:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) (async) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) (async) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000100)=0x5) 16:50:21 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountstats\x00') ioctl$TCSETS(r1, 0x5402, &(0x7f00000001c0)={0x1, 0x3, 0x5, 0x3, 0xfc, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountstats\x00') (async) ioctl$TCSETS(r1, 0x5402, &(0x7f00000001c0)={0x1, 0x3, 0x5, 0x3, 0xfc, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 665.889898][ T3671] Bluetooth: hci9: command 0x1003 tx timeout [ 665.889894][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 665.900005][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 665.926908][T15579] sp0: Synchronizing with TNC 16:50:21 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TCGETA(r2, 0x5405, &(0x7f0000000180)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x7) (async) r3 = syz_open_dev$vcsu(&(0x7f0000000040), 0x6, 0x415400) ioctl$KDSKBMETA(r3, 0x4b63, &(0x7f00000000c0)=0x3) 16:50:21 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x759103, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0xb, 0x3) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x16, 0x1e6, &(0x7f0000000280)}) creat(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0xff}}, './file0\x00'}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r2) sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f00000006c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000680)={&(0x7f0000000200)={0x34, r4, 0x4, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}, @NL80211_ATTR_MAC={0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x8800}, 0x4000) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x10000) [ 666.049883][ T7] Bluetooth: hci7: command 0x1003 tx timeout [ 666.056228][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:50:21 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x759103, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0xb, 0x3) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x16, 0x1e6, &(0x7f0000000280)}) creat(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0xff}}, './file0\x00'}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r2) sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f00000006c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000680)={&(0x7f0000000200)={0x34, r4, 0x4, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}, @NL80211_ATTR_MAC={0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x8800}, 0x4000) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x10000) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x759103, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0xb, 0x3) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x16, 0x1e6, &(0x7f0000000280)}) (async) creat(0x0, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0xff}}, './file0\x00'}) (async) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r2) (async) sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f00000006c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000680)={&(0x7f0000000200)={0x34, r4, 0x4, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}, @NL80211_ATTR_MAC={0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x8800}, 0x4000) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x10000) (async) 16:50:21 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x759103, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0xb, 0x3) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x16, 0x1e6, &(0x7f0000000280)}) creat(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0xff}}, './file0\x00'}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r2) sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f00000006c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000680)={&(0x7f0000000200)={0x34, r4, 0x4, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}, @NL80211_ATTR_MAC={0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x8800}, 0x4000) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x10000) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x759103, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0xb, 0x3) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x16, 0x1e6, &(0x7f0000000280)}) (async) creat(0x0, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0xff}}, './file0\x00'}) (async) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r2) (async) sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f00000006c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000680)={&(0x7f0000000200)={0x34, r4, 0x4, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}, @NL80211_ATTR_MAC={0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x8800}, 0x4000) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x10000) (async) 16:50:21 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000000040)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 666.289861][ T3675] Bluetooth: hci11: command 0x1003 tx timeout [ 666.289985][ T3636] Bluetooth: hci11: Opcode 0x1003 failed: -110 16:50:21 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f00000000c0)={r0, 0xfffffffffffffff6, 0x8001, 0x5}) ioctl$KDADDIO(r3, 0x4b34, 0x5) [ 666.348593][ T3625] Bluetooth: hci7: sending frame failed (-49) [ 666.356557][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:50:21 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000000040)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:21 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x444c20, 0x24) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x1b) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(r2, r1, 0x0, 0x81) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async, rerun: 32) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async, rerun: 32) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) (async) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000100)=0x5) [ 666.501472][ T3625] Bluetooth: hci7: sending frame failed (-49) [ 666.508562][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 666.518408][ T26] kauditd_printk_skb: 146 callbacks suppressed [ 666.518424][ T26] audit: type=1804 audit(1644684621.848:1886): pid=15660 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/641/bus" dev="sda1" ino=1174 res=1 errno=0 [ 666.570892][ T3642] Bluetooth: hci11: sending frame failed (-49) [ 666.577583][ T3636] Bluetooth: hci11: Opcode 0x1003 failed: -49 [ 666.607190][ T26] audit: type=1800 audit(1644684621.888:1887): pid=15660 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1174 res=0 errno=0 16:50:23 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x14, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r5, 0x0, 0x10000) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1) sendfile(r3, r4, 0x0, 0x10000) getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000000), &(0x7f0000000040)=0x4) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:23 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x444c20, 0x24) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x1b) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(r2, r1, 0x0, 0x81) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x444c20, 0x24) (async) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x1b) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(r2, r1, 0x0, 0x81) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) [ 667.969929][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 668.035432][ T26] audit: type=1804 audit(1644684623.368:1888): pid=15671 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/642/bus" dev="sda1" ino=1157 res=1 errno=0 [ 668.061242][ T3676] Bluetooth: hci8: command 0x1003 tx timeout [ 668.062986][ T26] audit: type=1800 audit(1644684623.368:1889): pid=15671 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1157 res=0 errno=0 [ 668.067382][ T46] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 668.092838][ T8020] Bluetooth: hci9: command 0x1003 tx timeout [ 668.098336][ T26] audit: type=1804 audit(1644684623.368:1890): pid=15671 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/642/bus" dev="sda1" ino=1157 res=1 errno=0 [ 668.101025][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 668.127178][ T26] audit: type=1800 audit(1644684623.368:1891): pid=15671 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1157 res=0 errno=0 [ 668.193120][T15622] sp0: Synchronizing with TNC [ 668.529712][T14422] Bluetooth: hci10: command 0x1003 tx timeout [ 668.529813][ T3625] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 668.550846][T15658] warn_alloc: 26 callbacks suppressed [ 668.550858][T15658] syz-executor.5: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1 [ 668.581360][T15658] CPU: 1 PID: 15658 Comm: syz-executor.5 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 668.591865][T15658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.601908][T15658] Call Trace: [ 668.605170][T15658] [ 668.608087][T15658] dump_stack_lvl+0xcd/0x134 [ 668.613199][T15658] warn_alloc.cold+0x9b/0x189 [ 668.618153][T15658] ? zone_watermark_ok_safe+0x290/0x290 [ 668.623884][T15658] ? __kmalloc_node+0x62/0x390 [ 668.628773][T15658] ? __vmalloc_node_range+0x7bf/0x1060 [ 668.634597][T15658] __vmalloc_node_range+0xe1e/0x1060 [ 668.639893][T15658] ? vfree_atomic+0xe0/0xe0 [ 668.644421][T15658] ? n_tty_open+0x16/0x170 [ 668.648835][T15658] vzalloc+0x67/0x80 [ 668.652725][T15658] ? n_tty_open+0x16/0x170 [ 668.657313][T15658] n_tty_open+0x16/0x170 [ 668.661552][T15658] ? n_tty_set_termios+0x1010/0x1010 [ 668.666830][T15658] tty_ldisc_open+0x9b/0x110 [ 668.671588][T15658] tty_set_ldisc+0x2f1/0x680 [ 668.676258][T15658] tty_ioctl+0xae0/0x1660 [ 668.680606][T15658] ? tty_lookup_driver+0x550/0x550 [ 668.686451][T15658] ? find_held_lock+0x2d/0x110 [ 668.691413][T15658] ? __fget_files+0x28c/0x470 [ 668.696100][T15658] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 668.702342][T15658] ? tty_lookup_driver+0x550/0x550 [ 668.707449][T15658] __x64_sys_ioctl+0x193/0x200 [ 668.712237][T15658] do_syscall_64+0x35/0xb0 [ 668.716681][T15658] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 668.722597][T15658] RIP: 0033:0x7fed00c59059 [ 668.727011][T15658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 668.747061][T15658] RSP: 002b:00007fecff5ce168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 668.755482][T15658] RAX: ffffffffffffffda RBX: 00007fed00d6bf60 RCX: 00007fed00c59059 [ 668.763448][T15658] RDX: 0000000020000100 RSI: 0000000000005423 RDI: 0000000000000003 [ 668.771418][T15658] RBP: 00007fed00cb308d R08: 0000000000000000 R09: 0000000000000000 [ 668.779382][T15658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 668.787346][T15658] R13: 00007ffec5bbfd0f R14: 00007fecff5ce300 R15: 0000000000022000 [ 668.795328][T15658] [ 668.804017][T15658] Mem-Info: [ 668.807436][T15658] active_anon:2635 inactive_anon:147074 isolated_anon:0 [ 668.807436][T15658] active_file:4183 inactive_file:7664 isolated_file:0 [ 668.807436][T15658] unevictable:768 dirty:22 writeback:0 [ 668.807436][T15658] slab_reclaimable:19268 slab_unreclaimable:95991 [ 668.807436][T15658] mapped:27887 shmem:4120 pagetables:792 bounce:0 [ 668.807436][T15658] kernel_misc_reclaimable:0 [ 668.807436][T15658] free:1324739 free_pcp:9954 free_cma:0 [ 668.850416][T15658] Node 0 active_anon:10532kB inactive_anon:587364kB active_file:16656kB inactive_file:30656kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111548kB dirty:84kB writeback:0kB shmem:14004kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 438272kB writeback_tmp:0kB kernel_stack:10680kB pagetables:3164kB all_unreclaimable? no [ 668.883397][T15658] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 668.912860][T15658] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 668.941574][T15658] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 668.947499][T15658] Node 0 DMA32 free:1331880kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10532kB inactive_anon:587364kB active_file:16656kB inactive_file:30656kB unevictable:1536kB writepending:84kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:38796kB local_pcp:17040kB free_cma:0kB [ 668.978971][T15658] lowmem_reserve[]: 0 0 0 0 0 [ 668.983873][T15658] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 669.012537][T15658] lowmem_reserve[]: 0 0 0 0 0 [ 669.017878][T15658] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 669.049731][T15658] lowmem_reserve[]: 0 0 0 0 0 [ 669.054506][T15658] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 669.067502][T15658] Node 0 DMA32: 14*4kB (UME) 1496*8kB (UME) 1955*16kB (UME) 735*32kB (UME) 323*64kB (UME) 156*128kB (UME) 66*256kB (UME) 38*512kB (UME) 22*1024kB (UE) 17*2048kB (UME) 276*4096kB (UM) = 1331656kB [ 669.086856][T15658] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 669.098537][T15658] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 669.116507][T15658] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 669.126103][T15658] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 669.135871][T15658] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 669.146012][T15658] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 669.156893][T15658] 15967 total pagecache pages [ 669.162373][T15658] 0 pages in swap cache [ 669.166529][T15658] Swap cache stats: add 0, delete 0, find 0/0 [ 669.172776][T15658] Free swap = 0kB [ 669.176502][T15658] Total swap = 0kB [ 669.180269][T15658] 2097051 pages RAM [ 669.184279][T15658] 0 pages HighMem/MovableOnly [ 669.189417][T15658] 384548 pages reserved [ 669.194078][T15658] 0 pages cma reserved [ 670.049830][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 670.050019][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 670.058362][ T3675] Bluetooth: hci7: command 0x1003 tx timeout [ 670.063660][ T7] Bluetooth: hci6: command tx timeout [ 670.104432][ T3644] Bluetooth: hci6: sending frame failed (-49) [ 670.112090][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:50:25 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TCGETA(r2, 0x5405, &(0x7f0000000180)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x7) r3 = syz_open_dev$vcsu(&(0x7f0000000040), 0x6, 0x415400) ioctl$KDSKBMETA(r3, 0x4b63, &(0x7f00000000c0)=0x3) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TCGETA(r2, 0x5405, &(0x7f0000000180)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x7) (async) syz_open_dev$vcsu(&(0x7f0000000040), 0x6, 0x415400) (async) ioctl$KDSKBMETA(r3, 0x4b63, &(0x7f00000000c0)=0x3) (async) 16:50:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x480080, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000040)=0x2) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0xfe01, 0x5, 0x1, 0xf30c, 0x4}}) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:25 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000000040)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:25 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x14, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r5, 0x0, 0x10000) (async) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1) sendfile(r3, r4, 0x0, 0x10000) getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000000), &(0x7f0000000040)=0x4) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xe) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ftruncate(r3, 0x100000) lseek(r2, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r4, 0x0, 0x10000) ioctl$TIOCL_SCROLLCONSOLE(0xffffffffffffffff, 0x541c, &(0x7f00000000c0)={0xd, 0x7f}) accept4(r3, &(0x7f0000000180)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast}, &(0x7f0000000280)=0x80, 0x80800) ioctl$TIOCGDEV(r4, 0x80045432, &(0x7f0000000040)) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:25 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) (async) r1 = open(&(0x7f0000000000)='./bus\x00', 0x444c20, 0x24) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x1b) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async, rerun: 64) creat(0x0, 0x0) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 32) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(r2, r1, 0x0, 0x81) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 670.210014][ T3676] Bluetooth: hci8: command 0x1003 tx timeout [ 670.210092][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 670.262767][ T26] audit: type=1804 audit(1644684625.598:1892): pid=15696 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/643/bus" dev="sda1" ino=1178 res=1 errno=0 [ 670.317934][ T26] audit: type=1800 audit(1644684625.598:1893): pid=15696 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1178 res=0 errno=0 [ 670.342938][ T3625] Bluetooth: hci8: sending frame failed (-49) [ 670.352199][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 670.383557][ T26] audit: type=1804 audit(1644684625.598:1894): pid=15691 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/643/bus" dev="sda1" ino=1178 res=1 errno=0 16:50:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x480080, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000040)=0x2) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0xfe01, 0x5, 0x1, 0xf30c, 0x4}}) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x480080, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000040)=0x2) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0xfe01, 0x5, 0x1, 0xf30c, 0x4}}) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 670.414817][ T26] audit: type=1800 audit(1644684625.598:1895): pid=15691 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1178 res=0 errno=0 16:50:25 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0xffffffffffffffff) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x19) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xffffffff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:25 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x6) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ftruncate(0xffffffffffffffff, 0x800) lseek(r0, 0x20, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000000c0)={0xfffffffc, 0x80, 0x4000, 0x809b, 0x5, "617f47e979ba63e2741fb7b1a5c52ffe07b5d8"}) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x34200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 670.551136][T15714] ptm ptm3: ldisc open failed (-12), clearing slot 3 [ 670.590507][ T46] Bluetooth: hci10: sending frame failed (-49) [ 670.597818][ T3642] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:50:26 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0xffffffffffffffff) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x19) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xffffffff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0xffffffffffffffff) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x19) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xffffffff) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) 16:50:26 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0xffffffffffffffff) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x19) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xffffffff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0xffffffffffffffff) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x19) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xffffffff) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 670.750956][T15742] ptm ptm6: ldisc open failed (-12), clearing slot 6 [ 670.801275][ T3642] Bluetooth: hci10: sending frame failed (-49) [ 670.808372][ T46] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:50:26 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xa) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x5) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x410000, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) [ 672.289877][ T3640] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 672.290147][ T3675] Bluetooth: hci6: command 0x1003 tx timeout [ 672.369692][ T3675] Bluetooth: hci9: command 0x1003 tx timeout [ 672.380239][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 672.405184][ T3640] Bluetooth: hci6: sending frame failed (-49) [ 672.413881][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 672.453120][T15712] sp0: Synchronizing with TNC 16:50:27 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x13) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000040)={0x1f, 0x8, 0x8, 0x1c, 0x1a, "cc352f12a382e0d2"}) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xe) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) ftruncate(r3, 0x100000) lseek(r2, 0x200, 0x0) (async) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r4, 0x0, 0x10000) ioctl$TIOCL_SCROLLCONSOLE(0xffffffffffffffff, 0x541c, &(0x7f00000000c0)={0xd, 0x7f}) (async) accept4(r3, &(0x7f0000000180)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast}, &(0x7f0000000280)=0x80, 0x80800) ioctl$TIOCGDEV(r4, 0x80045432, &(0x7f0000000040)) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x14, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r5, 0x0, 0x10000) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1) (async) sendfile(r3, r4, 0x0, 0x10000) (async) getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000000), &(0x7f0000000040)=0x4) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 672.539183][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 672.539199][ T26] audit: type=1804 audit(1644684627.868:1900): pid=15760 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/644/bus" dev="sda1" ino=1180 res=1 errno=0 [ 672.572581][ T26] audit: type=1800 audit(1644684627.868:1901): pid=15760 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1180 res=0 errno=0 [ 672.593867][ T26] audit: type=1804 audit(1644684627.868:1902): pid=15760 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/644/bus" dev="sda1" ino=1180 res=1 errno=0 [ 672.619758][ T3676] Bluetooth: hci8: command 0x1003 tx timeout [ 672.619903][ T3625] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 672.628525][ T26] audit: type=1800 audit(1644684627.868:1903): pid=15760 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1180 res=0 errno=0 [ 672.632809][ T8020] Bluetooth: hci7: command 0x1003 tx timeout [ 672.669738][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:50:28 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x6) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(r0, 0x20, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000000c0)={0xfffffffc, 0x80, 0x4000, 0x809b, 0x5, "617f47e979ba63e2741fb7b1a5c52ffe07b5d8"}) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x34200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:28 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) dup3(r0, r0, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 672.675932][ T26] audit: type=1804 audit(1644684627.888:1904): pid=15769 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/664/bus" dev="sda1" ino=1182 res=1 errno=0 [ 672.708350][ T26] audit: type=1800 audit(1644684627.888:1905): pid=15769 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:50:28 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async, rerun: 32) dup3(r0, r0, 0x0) (async, rerun: 32) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 672.759200][ T3625] Bluetooth: hci7: sending frame failed (-49) [ 672.768077][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 672.778286][ T3636] Bluetooth: hci8: sending frame failed (-49) [ 672.793148][ T3625] Bluetooth: hci8: Opcode 0x1003 failed: -49 16:50:28 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x6) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(r0, 0x20, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000000c0)={0xfffffffc, 0x80, 0x4000, 0x809b, 0x5, "617f47e979ba63e2741fb7b1a5c52ffe07b5d8"}) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x34200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:28 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x2) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f00000000c0)={0xc988, 0x76, 0x6}) 16:50:28 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xa) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 32) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x5) (async, rerun: 64) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x410000, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) [ 672.929744][ T3728] Bluetooth: hci10: command 0x1003 tx timeout [ 672.939935][ T46] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:50:28 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xa) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x5) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x410000, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xa) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x5) (async) openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x410000, 0x0) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) (async) 16:50:28 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x2) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f00000000c0)={0xc988, 0x76, 0x6}) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x2) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f00000000c0)={0xc988, 0x76, 0x6}) (async) [ 673.061089][ T3636] Bluetooth: hci8: sending frame failed (-49) [ 673.068203][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 673.099941][ T3636] Bluetooth: hci10: sending frame failed (-49) [ 673.107012][ T46] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:50:28 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x2) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f00000000c0)={0xc988, 0x76, 0x6}) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x2) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f00000000c0)={0xc988, 0x76, 0x6}) (async) [ 673.206092][ T3636] Bluetooth: hci8: sending frame failed (-49) [ 673.213875][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -49 16:50:30 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x13) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000040)={0x1f, 0x8, 0x8, 0x1c, 0x1a, "cc352f12a382e0d2"}) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x13) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000040)={0x1f, 0x8, 0x8, 0x1c, 0x1a, "cc352f12a382e0d2"}) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:50:30 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendfile(0xffffffffffffffff, r1, 0x0, 0x1000000000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 674.609870][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 674.609935][ T3728] Bluetooth: hci9: command 0x1003 tx timeout [ 674.612241][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 674.617285][ T3684] Bluetooth: hci6: command 0x1003 tx timeout 16:50:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(r1, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r1, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) 16:50:30 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) fcntl$setlease(r2, 0x400, 0x0) ftruncate(0xffffffffffffffff, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000c00)=[{{&(0x7f0000000180)=@ax25={{0x3, @bcast, 0x2}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000540)="5c0d8a3b9552c6ce72db51ebefee16ba311a91bc5de52c9df1d12a430eea1e205fe51908a506e05b2b7734dc2e9742c89a9d8b824326d5e627ee354f78bc3e22", 0x40}, {&(0x7f0000000280)="b0cf04dd0d491aa4b488255a44fefc9cbd140be413396e441b0d934bb7891eaf30f37a0b065e5addf26d689af016ad9cd3febacbf612951642d7cbfee6224358d278a362347f", 0x46}, {&(0x7f0000000300)="f595902afa59d70859201114fa40114f2a3c608f2b8a43ae1c63c55fbce2b5af5116af95eea8b6096a4ad099d976eaf67d55fc1d339213d5581fb9ba960c38d7de1370d62df9b12803d665077dae1e185b6a7ff39f1d63add05cc3f88bbf26c160f83f6491ad214976f78b25ec04ae4e856fdb970225cd84b5a0924abc7b603e8b352c4f5744f2c909eaaae00b1bb4601b2fa9444cbb3c438670fd3df2424dea63cf70776008679df2c7a753b37bbc", 0xaf}, {&(0x7f00000003c0)="8e0d12bd06e07d83f9069f0a910e28d97695844869472ac64a11c912efb4162637099a622de4e3d513044146", 0x2c}, {&(0x7f0000000400)="57d5b5097fc9a1ec5d1edb50a4e7428369ebdf02a7d6ece238ed37b11f0a4ee9527c7cbbe8440f06f0e2e00d858c70e666e9b20fee8d88e476f36e0010e1b197a4b1ea7ab7d78ca6cb746699c8ee35f8b44ad9f5dba45e", 0x57}], 0x5, &(0x7f0000000500)=ANY=[@ANYRESOCT=r3], 0x4b0}}, {{&(0x7f00000009c0)=@sco, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000a40)="7181ffecea280cd570443181c8e4addacc89f89ab90759840c118ec1df4176c5917be94a3974599f38b0825b4915c3c95f3515e255a1f44878c51833073647060253ea01205ac94d0166788765b53340989472695628c70307983a68568e953784e21029f12e5db21e9b713f85d53bd08265a1e1806ca6c8a8e81fcf860527adcb026bcd7962549eb734f4777b3c5dfb451850c936f2614f00676d96d1e03ea4164f0ddf51207d53e69cae8eb8a9f3119c22337a8f3225e2da2fdc607c91eb", 0xbf}], 0x1, &(0x7f0000000b40)=[{0xc0, 0x119, 0x4, "73ec813c450304a4e7ac050e1223fb7e87000d8db39097f1f0f50977a3e5538235e3ac32702a3b4db403cf997eb22d64eeb7cd5085ade7efc6c4b62388b8ce39777d505e2e5129f9ab7c2d03e4617964f9592da6f6080cbe3d86d0aa4fd6c6c5abd6940898930eeb89b26ece4fe27c20487952a748d88e5001738dd483dc04f387a11aa68e4586d4476d57657525b0cb5a386c1fe2138cd8e6e2b725f3f2940d4c75172f58a539ccbac86bee"}], 0xc0}}], 0x2, 0x0) 16:50:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xe) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ftruncate(r3, 0x100000) (async) lseek(r2, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r4, 0x0, 0x10000) ioctl$TIOCL_SCROLLCONSOLE(0xffffffffffffffff, 0x541c, &(0x7f00000000c0)={0xd, 0x7f}) accept4(r3, &(0x7f0000000180)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast}, &(0x7f0000000280)=0x80, 0x80800) (async) ioctl$TIOCGDEV(r4, 0x80045432, &(0x7f0000000040)) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 674.703823][ T46] Bluetooth: hci6: sending frame failed (-49) [ 674.712011][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 674.763244][ T26] audit: type=1804 audit(1644684630.098:1906): pid=15836 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/665/bus" dev="sda1" ino=1177 res=1 errno=0 [ 674.797449][ T26] audit: type=1800 audit(1644684630.098:1907): pid=15836 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1177 res=0 errno=0 16:50:30 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) dup3(r0, r0, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) dup3(r0, r0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:50:30 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x13) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000040)={0x1f, 0x8, 0x8, 0x1c, 0x1a, "cc352f12a382e0d2"}) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(r1, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r1, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r1, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r1, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) (async) [ 674.929822][ T3675] Bluetooth: hci7: command 0x1003 tx timeout [ 674.929860][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:50:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = creat(0x0, 0x0) ftruncate(r1, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r1, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) 16:50:30 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) getsockopt$ax25_int(r2, 0x101, 0x8, &(0x7f0000000000), &(0x7f0000000040)=0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x6000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x15) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r3, 0x80286722, &(0x7f0000000000)={&(0x7f0000000280)=""/4096, 0x1000, 0x978, 0xfffff800}) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x7) ioctl$TIOCSETD(r0, 0x5423, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r4, 0x800) lseek(r3, 0x200, 0x0) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r4, r5, 0x0, 0x10000) dup2(0xffffffffffffffff, r4) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 675.081004][ T3644] Bluetooth: hci7: sending frame failed (-49) [ 675.088165][ T46] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:50:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x6000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x15) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) (async) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r3, 0x80286722, &(0x7f0000000000)={&(0x7f0000000280)=""/4096, 0x1000, 0x978, 0xfffff800}) (async) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x7) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r4, 0x800) (async) lseek(r3, 0x200, 0x0) (async) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r4, r5, 0x0, 0x10000) (async) dup2(0xffffffffffffffff, r4) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 675.124284][ T26] audit: type=1804 audit(1644684630.458:1908): pid=15883 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/648/bus" dev="sda1" ino=1182 res=1 errno=0 [ 675.151628][ T26] audit: type=1800 audit(1644684630.458:1909): pid=15883 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:50:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x6000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x15) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) (async) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r3, 0x80286722, &(0x7f0000000000)={&(0x7f0000000280)=""/4096, 0x1000, 0x978, 0xfffff800}) (async) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x7) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64) r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (rerun: 64) ftruncate(r4, 0x800) (async, rerun: 64) lseek(r3, 0x200, 0x0) (async, rerun: 64) r5 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r4, r5, 0x0, 0x10000) dup2(0xffffffffffffffff, r4) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:32 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendfile(0xffffffffffffffff, r1, 0x0, 0x1000000000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) socket$inet_icmp_raw(0x2, 0x3, 0x1) (async) sendfile(0xffffffffffffffff, r1, 0x0, 0x1000000000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) 16:50:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) syz_open_dev$vcsn(&(0x7f0000000040), 0x7, 0x200040) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x2) [ 676.689700][ T3728] Bluetooth: hci8: command 0x1003 tx timeout [ 676.699869][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:50:32 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 32) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async, rerun: 32) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async, rerun: 32) lseek(0xffffffffffffffff, 0x200, 0x0) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async, rerun: 32) getsockopt$ax25_int(r2, 0x101, 0x8, &(0x7f0000000000), &(0x7f0000000040)=0x4) (rerun: 32) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:32 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) fcntl$setlease(r2, 0x400, 0x0) ftruncate(0xffffffffffffffff, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000c00)=[{{&(0x7f0000000180)=@ax25={{0x3, @bcast, 0x2}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000540)="5c0d8a3b9552c6ce72db51ebefee16ba311a91bc5de52c9df1d12a430eea1e205fe51908a506e05b2b7734dc2e9742c89a9d8b824326d5e627ee354f78bc3e22", 0x40}, {&(0x7f0000000280)="b0cf04dd0d491aa4b488255a44fefc9cbd140be413396e441b0d934bb7891eaf30f37a0b065e5addf26d689af016ad9cd3febacbf612951642d7cbfee6224358d278a362347f", 0x46}, {&(0x7f0000000300)="f595902afa59d70859201114fa40114f2a3c608f2b8a43ae1c63c55fbce2b5af5116af95eea8b6096a4ad099d976eaf67d55fc1d339213d5581fb9ba960c38d7de1370d62df9b12803d665077dae1e185b6a7ff39f1d63add05cc3f88bbf26c160f83f6491ad214976f78b25ec04ae4e856fdb970225cd84b5a0924abc7b603e8b352c4f5744f2c909eaaae00b1bb4601b2fa9444cbb3c438670fd3df2424dea63cf70776008679df2c7a753b37bbc", 0xaf}, {&(0x7f00000003c0)="8e0d12bd06e07d83f9069f0a910e28d97695844869472ac64a11c912efb4162637099a622de4e3d513044146", 0x2c}, {&(0x7f0000000400)="57d5b5097fc9a1ec5d1edb50a4e7428369ebdf02a7d6ece238ed37b11f0a4ee9527c7cbbe8440f06f0e2e00d858c70e666e9b20fee8d88e476f36e0010e1b197a4b1ea7ab7d78ca6cb746699c8ee35f8b44ad9f5dba45e", 0x57}], 0x5, &(0x7f0000000500)=ANY=[@ANYRESOCT=r3], 0x4b0}}, {{&(0x7f00000009c0)=@sco, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000a40)="7181ffecea280cd570443181c8e4addacc89f89ab90759840c118ec1df4176c5917be94a3974599f38b0825b4915c3c95f3515e255a1f44878c51833073647060253ea01205ac94d0166788765b53340989472695628c70307983a68568e953784e21029f12e5db21e9b713f85d53bd08265a1e1806ca6c8a8e81fcf860527adcb026bcd7962549eb734f4777b3c5dfb451850c936f2614f00676d96d1e03ea4164f0ddf51207d53e69cae8eb8a9f3119c22337a8f3225e2da2fdc607c91eb", 0xbf}], 0x1, &(0x7f0000000b40)=[{0xc0, 0x119, 0x4, "73ec813c450304a4e7ac050e1223fb7e87000d8db39097f1f0f50977a3e5538235e3ac32702a3b4db403cf997eb22d64eeb7cd5085ade7efc6c4b62388b8ce39777d505e2e5129f9ab7c2d03e4617964f9592da6f6080cbe3d86d0aa4fd6c6c5abd6940898930eeb89b26ece4fe27c20487952a748d88e5001738dd483dc04f387a11aa68e4586d4476d57657525b0cb5a386c1fe2138cd8e6e2b725f3f2940d4c75172f58a539ccbac86bee"}], 0xc0}}], 0x2, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) (async) fcntl$setlease(r2, 0x400, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, r0, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) (async) sendmmsg(0xffffffffffffffff, &(0x7f0000000c00)=[{{&(0x7f0000000180)=@ax25={{0x3, @bcast, 0x2}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000540)="5c0d8a3b9552c6ce72db51ebefee16ba311a91bc5de52c9df1d12a430eea1e205fe51908a506e05b2b7734dc2e9742c89a9d8b824326d5e627ee354f78bc3e22", 0x40}, {&(0x7f0000000280)="b0cf04dd0d491aa4b488255a44fefc9cbd140be413396e441b0d934bb7891eaf30f37a0b065e5addf26d689af016ad9cd3febacbf612951642d7cbfee6224358d278a362347f", 0x46}, {&(0x7f0000000300)="f595902afa59d70859201114fa40114f2a3c608f2b8a43ae1c63c55fbce2b5af5116af95eea8b6096a4ad099d976eaf67d55fc1d339213d5581fb9ba960c38d7de1370d62df9b12803d665077dae1e185b6a7ff39f1d63add05cc3f88bbf26c160f83f6491ad214976f78b25ec04ae4e856fdb970225cd84b5a0924abc7b603e8b352c4f5744f2c909eaaae00b1bb4601b2fa9444cbb3c438670fd3df2424dea63cf70776008679df2c7a753b37bbc", 0xaf}, {&(0x7f00000003c0)="8e0d12bd06e07d83f9069f0a910e28d97695844869472ac64a11c912efb4162637099a622de4e3d513044146", 0x2c}, {&(0x7f0000000400)="57d5b5097fc9a1ec5d1edb50a4e7428369ebdf02a7d6ece238ed37b11f0a4ee9527c7cbbe8440f06f0e2e00d858c70e666e9b20fee8d88e476f36e0010e1b197a4b1ea7ab7d78ca6cb746699c8ee35f8b44ad9f5dba45e", 0x57}], 0x5, &(0x7f0000000500)=ANY=[@ANYRESOCT=r3], 0x4b0}}, {{&(0x7f00000009c0)=@sco, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000a40)="7181ffecea280cd570443181c8e4addacc89f89ab90759840c118ec1df4176c5917be94a3974599f38b0825b4915c3c95f3515e255a1f44878c51833073647060253ea01205ac94d0166788765b53340989472695628c70307983a68568e953784e21029f12e5db21e9b713f85d53bd08265a1e1806ca6c8a8e81fcf860527adcb026bcd7962549eb734f4777b3c5dfb451850c936f2614f00676d96d1e03ea4164f0ddf51207d53e69cae8eb8a9f3119c22337a8f3225e2da2fdc607c91eb", 0xbf}], 0x1, &(0x7f0000000b40)=[{0xc0, 0x119, 0x4, "73ec813c450304a4e7ac050e1223fb7e87000d8db39097f1f0f50977a3e5538235e3ac32702a3b4db403cf997eb22d64eeb7cd5085ade7efc6c4b62388b8ce39777d505e2e5129f9ab7c2d03e4617964f9592da6f6080cbe3d86d0aa4fd6c6c5abd6940898930eeb89b26ece4fe27c20487952a748d88e5001738dd483dc04f387a11aa68e4586d4476d57657525b0cb5a386c1fe2138cd8e6e2b725f3f2940d4c75172f58a539ccbac86bee"}], 0xc0}}], 0x2, 0x0) (async) 16:50:32 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80400, 0x0) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f00000000c0)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 676.769672][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 676.769811][T14422] Bluetooth: hci9: command 0x1003 tx timeout [ 676.845463][ T3644] Bluetooth: hci9: sending frame failed (-49) [ 676.852512][ T46] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 677.009671][ T3728] Bluetooth: hci6: command 0x1003 tx timeout [ 677.019853][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 678.769924][ T3728] Bluetooth: hci7: command 0x1003 tx timeout [ 678.779851][ T3640] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 678.789910][T15896] warn_alloc: 17 callbacks suppressed [ 678.789929][T15896] syz-executor.1: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 678.824468][T15896] CPU: 1 PID: 15896 Comm: syz-executor.1 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 678.835236][T15896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 678.846268][T15896] Call Trace: [ 678.849580][T15896] [ 678.852508][T15896] dump_stack_lvl+0xcd/0x134 [ 678.857239][T15896] warn_alloc.cold+0x9b/0x189 [ 678.861956][T15896] ? zone_watermark_ok_safe+0x290/0x290 [ 678.867533][T15896] ? __kmalloc_node+0x62/0x390 [ 678.872324][T15896] ? __vmalloc_node_range+0x7bf/0x1060 [ 678.878089][T15896] __vmalloc_node_range+0xe1e/0x1060 [ 678.883396][T15896] ? vfree_atomic+0xe0/0xe0 [ 678.887904][T15896] ? n_tty_open+0x16/0x170 [ 678.892340][T15896] vzalloc+0x67/0x80 [ 678.896232][T15896] ? n_tty_open+0x16/0x170 [ 678.900636][T15896] n_tty_open+0x16/0x170 [ 678.904868][T15896] ? n_tty_set_termios+0x1010/0x1010 [ 678.910155][T15896] tty_ldisc_open+0x9b/0x110 [ 678.914758][T15896] tty_set_ldisc+0x2f1/0x680 [ 678.919527][T15896] tty_ioctl+0xae0/0x1660 [ 678.923879][T15896] ? tty_lookup_driver+0x550/0x550 [ 678.929003][T15896] ? find_held_lock+0x2d/0x110 [ 678.933772][T15896] ? __fget_files+0x28c/0x470 [ 678.938448][T15896] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 678.945030][T15896] ? tty_lookup_driver+0x550/0x550 [ 678.950142][T15896] __x64_sys_ioctl+0x193/0x200 [ 678.954927][T15896] do_syscall_64+0x35/0xb0 [ 678.959338][T15896] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 678.965268][T15896] RIP: 0033:0x7ff25089b059 [ 678.970216][T15896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 678.990224][T15896] RSP: 002b:00007ff24f210168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 678.998638][T15896] RAX: ffffffffffffffda RBX: 00007ff2509adf60 RCX: 00007ff25089b059 [ 679.006626][T15896] RDX: 0000000020000100 RSI: 0000000000005423 RDI: 0000000000000003 [ 679.014593][T15896] RBP: 00007ff2508f508d R08: 0000000000000000 R09: 0000000000000000 [ 679.022570][T15896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 679.030538][T15896] R13: 00007ffe07e00f7f R14: 00007ff24f210300 R15: 0000000000022000 [ 679.039009][T15896] [ 679.042985][ T3728] Bluetooth: hci8: command 0x1003 tx timeout [ 679.054561][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 679.081165][T15896] Mem-Info: [ 679.084376][T15896] active_anon:2641 inactive_anon:146542 isolated_anon:0 [ 679.084376][T15896] active_file:4190 inactive_file:7646 isolated_file:0 [ 679.084376][T15896] unevictable:768 dirty:31 writeback:0 [ 679.084376][T15896] slab_reclaimable:19237 slab_unreclaimable:96507 [ 679.084376][T15896] mapped:27881 shmem:4125 pagetables:750 bounce:0 [ 679.084376][T15896] kernel_misc_reclaimable:0 [ 679.084376][T15896] free:1324355 free_pcp:10079 free_cma:0 16:50:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:34 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) getsockopt$ax25_int(r2, 0x101, 0x8, &(0x7f0000000000), &(0x7f0000000040)=0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) getsockopt$ax25_int(r2, 0x101, 0x8, &(0x7f0000000000), &(0x7f0000000040)=0x4) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:50:34 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80400, 0x0) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f00000000c0)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80400, 0x0) (async) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f00000000c0)) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) 16:50:34 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) fcntl$setlease(r2, 0x400, 0x0) ftruncate(0xffffffffffffffff, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000c00)=[{{&(0x7f0000000180)=@ax25={{0x3, @bcast, 0x2}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000540)="5c0d8a3b9552c6ce72db51ebefee16ba311a91bc5de52c9df1d12a430eea1e205fe51908a506e05b2b7734dc2e9742c89a9d8b824326d5e627ee354f78bc3e22", 0x40}, {&(0x7f0000000280)="b0cf04dd0d491aa4b488255a44fefc9cbd140be413396e441b0d934bb7891eaf30f37a0b065e5addf26d689af016ad9cd3febacbf612951642d7cbfee6224358d278a362347f", 0x46}, {&(0x7f0000000300)="f595902afa59d70859201114fa40114f2a3c608f2b8a43ae1c63c55fbce2b5af5116af95eea8b6096a4ad099d976eaf67d55fc1d339213d5581fb9ba960c38d7de1370d62df9b12803d665077dae1e185b6a7ff39f1d63add05cc3f88bbf26c160f83f6491ad214976f78b25ec04ae4e856fdb970225cd84b5a0924abc7b603e8b352c4f5744f2c909eaaae00b1bb4601b2fa9444cbb3c438670fd3df2424dea63cf70776008679df2c7a753b37bbc", 0xaf}, {&(0x7f00000003c0)="8e0d12bd06e07d83f9069f0a910e28d97695844869472ac64a11c912efb4162637099a622de4e3d513044146", 0x2c}, {&(0x7f0000000400)="57d5b5097fc9a1ec5d1edb50a4e7428369ebdf02a7d6ece238ed37b11f0a4ee9527c7cbbe8440f06f0e2e00d858c70e666e9b20fee8d88e476f36e0010e1b197a4b1ea7ab7d78ca6cb746699c8ee35f8b44ad9f5dba45e", 0x57}], 0x5, &(0x7f0000000500)=ANY=[@ANYRESOCT=r3], 0x4b0}}, {{&(0x7f00000009c0)=@sco, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000a40)="7181ffecea280cd570443181c8e4addacc89f89ab90759840c118ec1df4176c5917be94a3974599f38b0825b4915c3c95f3515e255a1f44878c51833073647060253ea01205ac94d0166788765b53340989472695628c70307983a68568e953784e21029f12e5db21e9b713f85d53bd08265a1e1806ca6c8a8e81fcf860527adcb026bcd7962549eb734f4777b3c5dfb451850c936f2614f00676d96d1e03ea4164f0ddf51207d53e69cae8eb8a9f3119c22337a8f3225e2da2fdc607c91eb", 0xbf}], 0x1, &(0x7f0000000b40)=[{0xc0, 0x119, 0x4, "73ec813c450304a4e7ac050e1223fb7e87000d8db39097f1f0f50977a3e5538235e3ac32702a3b4db403cf997eb22d64eeb7cd5085ade7efc6c4b62388b8ce39777d505e2e5129f9ab7c2d03e4617964f9592da6f6080cbe3d86d0aa4fd6c6c5abd6940898930eeb89b26ece4fe27c20487952a748d88e5001738dd483dc04f387a11aa68e4586d4476d57657525b0cb5a386c1fe2138cd8e6e2b725f3f2940d4c75172f58a539ccbac86bee"}], 0xc0}}], 0x2, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) (async) fcntl$setlease(r2, 0x400, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, r0, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) (async) sendmmsg(0xffffffffffffffff, &(0x7f0000000c00)=[{{&(0x7f0000000180)=@ax25={{0x3, @bcast, 0x2}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000540)="5c0d8a3b9552c6ce72db51ebefee16ba311a91bc5de52c9df1d12a430eea1e205fe51908a506e05b2b7734dc2e9742c89a9d8b824326d5e627ee354f78bc3e22", 0x40}, {&(0x7f0000000280)="b0cf04dd0d491aa4b488255a44fefc9cbd140be413396e441b0d934bb7891eaf30f37a0b065e5addf26d689af016ad9cd3febacbf612951642d7cbfee6224358d278a362347f", 0x46}, {&(0x7f0000000300)="f595902afa59d70859201114fa40114f2a3c608f2b8a43ae1c63c55fbce2b5af5116af95eea8b6096a4ad099d976eaf67d55fc1d339213d5581fb9ba960c38d7de1370d62df9b12803d665077dae1e185b6a7ff39f1d63add05cc3f88bbf26c160f83f6491ad214976f78b25ec04ae4e856fdb970225cd84b5a0924abc7b603e8b352c4f5744f2c909eaaae00b1bb4601b2fa9444cbb3c438670fd3df2424dea63cf70776008679df2c7a753b37bbc", 0xaf}, {&(0x7f00000003c0)="8e0d12bd06e07d83f9069f0a910e28d97695844869472ac64a11c912efb4162637099a622de4e3d513044146", 0x2c}, {&(0x7f0000000400)="57d5b5097fc9a1ec5d1edb50a4e7428369ebdf02a7d6ece238ed37b11f0a4ee9527c7cbbe8440f06f0e2e00d858c70e666e9b20fee8d88e476f36e0010e1b197a4b1ea7ab7d78ca6cb746699c8ee35f8b44ad9f5dba45e", 0x57}], 0x5, &(0x7f0000000500)=ANY=[@ANYRESOCT=r3], 0x4b0}}, {{&(0x7f00000009c0)=@sco, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000a40)="7181ffecea280cd570443181c8e4addacc89f89ab90759840c118ec1df4176c5917be94a3974599f38b0825b4915c3c95f3515e255a1f44878c51833073647060253ea01205ac94d0166788765b53340989472695628c70307983a68568e953784e21029f12e5db21e9b713f85d53bd08265a1e1806ca6c8a8e81fcf860527adcb026bcd7962549eb734f4777b3c5dfb451850c936f2614f00676d96d1e03ea4164f0ddf51207d53e69cae8eb8a9f3119c22337a8f3225e2da2fdc607c91eb", 0xbf}], 0x1, &(0x7f0000000b40)=[{0xc0, 0x119, 0x4, "73ec813c450304a4e7ac050e1223fb7e87000d8db39097f1f0f50977a3e5538235e3ac32702a3b4db403cf997eb22d64eeb7cd5085ade7efc6c4b62388b8ce39777d505e2e5129f9ab7c2d03e4617964f9592da6f6080cbe3d86d0aa4fd6c6c5abd6940898930eeb89b26ece4fe27c20487952a748d88e5001738dd483dc04f387a11aa68e4586d4476d57657525b0cb5a386c1fe2138cd8e6e2b725f3f2940d4c75172f58a539ccbac86bee"}], 0xc0}}], 0x2, 0x0) (async) [ 679.129633][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 679.137581][ T3728] Bluetooth: hci6: command tx timeout [ 679.146781][T15896] Node 0 active_anon:10556kB inactive_anon:583188kB active_file:16684kB inactive_file:30584kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111524kB dirty:120kB writeback:0kB shmem:14024kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB kernel_stack:10552kB pagetables:2996kB all_unreclaimable? no [ 679.190934][ T3640] Bluetooth: hci6: sending frame failed (-49) [ 679.198144][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:50:34 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80400, 0x0) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f00000000c0)) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async, rerun: 32) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async, rerun: 32) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 679.257887][T15896] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 679.299792][T15896] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 679.308856][ T26] kauditd_printk_skb: 6 callbacks suppressed 16:50:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(r0, r1, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:50:34 executing program 4: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200080, 0x0) r1 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1, {0xfffff000}}, './bus\x00'}) r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f00000000c0)=0x3) ioctl$KDADDIO(r3, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x5) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)) [ 679.308873][ T26] audit: type=1804 audit(1644684634.638:1916): pid=15944 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/605/bus" dev="sda1" ino=1181 res=1 errno=0 [ 679.334014][T15896] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 679.369402][T15896] Node 0 DMA32 free:1329640kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10560kB inactive_anon:587432kB active_file:16684kB inactive_file:30584kB unevictable:1536kB writepending:120kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:37820kB local_pcp:17228kB free_cma:0kB [ 679.424875][ T26] audit: type=1800 audit(1644684634.698:1917): pid=15944 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1181 res=0 errno=0 [ 679.434822][T15896] lowmem_reserve[]: 0 0 0 0 0 [ 679.451337][T15896] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 679.480994][T15896] lowmem_reserve[]: 0 0 0 0 0 [ 679.486924][T15896] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 679.503530][ T3640] Bluetooth: hci9: sending frame failed (-49) [ 679.529700][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 679.577837][T15896] lowmem_reserve[]: 0 0 0 0 0 [ 679.583872][T15896] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 679.604809][T15896] Node 0 DMA32: 32*4kB (UME) 1489*8kB (UME) 1960*16kB (UME) 621*32kB (UME) 339*64kB (UME) 160*128kB (UME) 66*256kB (UME) 38*512kB (UME) 22*1024kB (UE) 15*2048kB (UME) 277*4096kB (UM) = 1329640kB [ 679.633150][T15896] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 679.645307][T15896] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 679.667359][T15896] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 679.677146][T15896] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 679.688754][T15896] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 679.700006][T15896] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 679.710057][T15896] 15962 total pagecache pages [ 679.714743][T15896] 0 pages in swap cache [ 679.718898][T15896] Swap cache stats: add 0, delete 0, find 0/0 [ 679.725878][T15896] Free swap = 0kB [ 679.738747][T15896] Total swap = 0kB [ 679.743018][T15896] 2097051 pages RAM [ 679.746821][T15896] 0 pages HighMem/MovableOnly [ 679.756002][T15896] 384548 pages reserved [ 679.761062][T15896] 0 pages cma reserved 16:50:36 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendfile(0xffffffffffffffff, r1, 0x0, 0x1000000000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(r0, r1, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:36 executing program 4: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200080, 0x0) r1 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1, {0xfffff000}}, './bus\x00'}) (async) r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f00000000c0)=0x3) ioctl$KDADDIO(r3, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async, rerun: 64) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (rerun: 64) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x5) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)) 16:50:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async, rerun: 64) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async, rerun: 64) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) syz_open_dev$vcsn(&(0x7f0000000040), 0x7, 0x200040) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x2) [ 681.089894][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 681.098209][T14422] Bluetooth: hci7: command tx timeout [ 681.180342][T16002] Bluetooth: Error in BCSP hdr checksum 16:50:36 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x346) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCGDEV(r1, 0x80045432, &(0x7f0000000180)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 681.249763][ T3671] Bluetooth: hci6: command 0x1003 tx timeout [ 681.260900][ T915] Bluetooth: hci8: command 0x1003 tx timeout [ 681.267642][ T46] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 681.270228][ T3625] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:50:38 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x900, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000200)={0x7, 0x7, 0x4838}) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) lseek(0xffffffffffffffff, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0xffffffffffffff80) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r3 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) ioctl$GIO_UNISCRNMAP(r3, 0x4b69, &(0x7f0000000180)=""/70) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x17) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) ioctl$TIOCVHANGUP(r4, 0x5437, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 683.179977][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 683.188096][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 683.197954][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 683.250473][ T3638] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 683.254363][ T25] Bluetooth: hci11: command 0x1003 tx timeout 16:50:38 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) ioctl$SNDRV_PCM_IOCTL_INFO(r1, 0x81204101, &(0x7f0000000280)) 16:50:38 executing program 4: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x200080, 0x0) (async) r1 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1, {0xfffff000}}, './bus\x00'}) (async) r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f00000000c0)=0x3) (async) ioctl$KDADDIO(r3, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x5) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)) 16:50:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) syz_open_dev$vcsn(&(0x7f0000000040), 0x7, 0x200040) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x2) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) syz_open_dev$vcsn(&(0x7f0000000040), 0x7, 0x200040) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x2) (async) 16:50:38 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xe) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 683.330703][ T25] Bluetooth: hci6: command 0x1003 tx timeout [ 683.336948][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:50:38 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x346) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCGDEV(r1, 0x80045432, &(0x7f0000000180)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(r0, 0xffffffffffffffff, 0x0, 0x346) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$TIOCGDEV(r1, 0x80045432, &(0x7f0000000180)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) [ 683.409821][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 683.420862][ T26] audit: type=1804 audit(1644684638.758:1918): pid=16029 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/681/bus" dev="sda1" ino=1181 res=1 errno=0 16:50:38 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000040)={0x3fa16c56, 0xfffffffffffffff8, 0x2, 0x7, 0x0, [0x1000, 0xa5, 0x3ff, 0x7]}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 683.472371][ T26] audit: type=1800 audit(1644684638.788:1919): pid=16029 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1181 res=0 errno=0 [ 683.519039][ T3644] Bluetooth: hci8: sending frame failed (-49) [ 683.528558][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 683.540611][ T3644] Bluetooth: hci10: sending frame failed (-49) [ 683.548742][ T46] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:50:38 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000040)={0x3fa16c56, 0xfffffffffffffff8, 0x2, 0x7, 0x0, [0x1000, 0xa5, 0x3ff, 0x7]}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000040)={0x3fa16c56, 0xfffffffffffffff8, 0x2, 0x7, 0x0, [0x1000, 0xa5, 0x3ff, 0x7]}) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) 16:50:39 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x346) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) (async) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$TIOCGDEV(r1, 0x80045432, &(0x7f0000000180)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 683.684927][ T3644] Bluetooth: hci8: sending frame failed (-49) [ 683.695055][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 683.706150][ T3644] Bluetooth: hci10: sending frame failed (-49) [ 683.714060][ T46] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:50:39 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000040)={0x3fa16c56, 0xfffffffffffffff8, 0x2, 0x7, 0x0, [0x1000, 0xa5, 0x3ff, 0x7]}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000040)={0x3fa16c56, 0xfffffffffffffff8, 0x2, 0x7, 0x0, [0x1000, 0xa5, 0x3ff, 0x7]}) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) 16:50:39 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x200e) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$KDADDIO(r1, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x424000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) ioctl$KDSETLED(r0, 0x4b32, 0xff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 683.818065][ T26] audit: type=1804 audit(1644684639.148:1920): pid=16077 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3272609572/syzkaller.ZmexmB/745/bus" dev="sda1" ino=1173 res=1 errno=0 16:50:39 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x200e) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x0) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x424000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async, rerun: 32) ioctl$KDSETLED(r0, 0x4b32, 0xff) (rerun: 32) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 683.863124][ T26] audit: type=1800 audit(1644684639.188:1921): pid=16077 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1173 res=0 errno=0 [ 683.945661][ T26] audit: type=1804 audit(1644684639.248:1922): pid=16089 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3272609572/syzkaller.ZmexmB/746/bus" dev="sda1" ino=1173 res=1 errno=0 [ 683.973377][ T26] audit: type=1800 audit(1644684639.248:1923): pid=16089 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1173 res=0 errno=0 [ 685.101659][ T1222] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.108134][ T1222] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.249681][T14422] Bluetooth: hci7: command 0x1003 tx timeout 16:50:40 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xe) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 685.339764][ T3640] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 685.367219][ T26] audit: type=1804 audit(1644684640.708:1924): pid=16094 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/682/bus" dev="sda1" ino=1173 res=1 errno=0 [ 685.408526][ T26] audit: type=1800 audit(1644684640.708:1925): pid=16094 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1173 res=0 errno=0 16:50:40 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) ioctl$SNDRV_PCM_IOCTL_INFO(r1, 0x81204101, &(0x7f0000000280)) 16:50:40 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0x6) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:40 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf91d, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:40 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x900, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000200)={0x7, 0x7, 0x4838}) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) lseek(0xffffffffffffffff, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0xffffffffffffff80) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) r3 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) ioctl$GIO_UNISCRNMAP(r3, 0x4b69, &(0x7f0000000180)=""/70) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x17) (async) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) ioctl$TIOCVHANGUP(r4, 0x5437, 0x0) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:40 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x200e) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x0) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 32) open(&(0x7f0000000000)='./bus\x00', 0x424000, 0x0) (rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) ioctl$KDSETLED(r0, 0x4b32, 0xff) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:40 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async, rerun: 64) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xe) (rerun: 64) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 685.438264][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 685.439777][ T3638] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 685.454348][T14422] Bluetooth: hci9: command 0x1003 tx timeout 16:50:40 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x82) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) syz_open_pts(r2, 0x800) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 685.526302][ T26] audit: type=1804 audit(1644684640.858:1926): pid=16113 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/683/bus" dev="sda1" ino=1177 res=1 errno=0 [ 685.591371][ T26] audit: type=1800 audit(1644684640.858:1927): pid=16113 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1177 res=0 errno=0 [ 685.616215][ T26] audit: type=1804 audit(1644684640.908:1928): pid=16115 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3272609572/syzkaller.ZmexmB/747/bus" dev="sda1" ino=1178 res=1 errno=0 16:50:41 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x82) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) syz_open_pts(r2, 0x800) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x82) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) syz_open_pts(r2, 0x800) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) [ 685.644615][ T26] audit: type=1800 audit(1644684640.908:1929): pid=16115 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1178 res=0 errno=0 16:50:41 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x82) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) syz_open_pts(r2, 0x800) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:41 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x608040, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xe) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCSETD(r1, 0x5412, 0x0) r2 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = syz_open_dev$mouse(&(0x7f00000000c0), 0x44, 0x48200) write$P9_RREADLINK(r3, &(0x7f0000000180)={0xe, 0x17, 0x2, {0x5, './bus'}}, 0xe) ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f0000000280)={0x4, "99110ca3802f78cc3bd1b259d8a174d0a45ce1352a23f3e91c8f48dbdb07ee79afa7b28a93525ca06e11965cbf44f9fa7c13cd4a01c1fea3dc08923dfa7857f9cac2322b43f941fc387a9fa872293ee8ea7b4c9a40dcbb5fe541b853f788d4775a3b070c38ef8760d85f6819c08891d577464c9d38411f5e1b6907317bad850ed71409f4bcea5be99e55e74e9c9c3f9c0d18fd23c9a84174fec43af9ee0aa85e24af89b9eb81433f06fcd8c6a222f1826f2acc936439be45986da2f493b3c0d1ca2e58fdb80186a1e04aa9ffea375553cbba655e0d5eb75747d816a4408a5c5ec7c8f733255e8c0f528810d43dc076609543fde2cc1e10723f068078212a29d1910bfcb0f572fe66fd43fc747c963cfbb6d72c9cf401e31deef04ad6ef930155dfcd8d0abe9f745f1a78752ddf57e227b7da5a82a0832ed486d401be70c4451f2b61ffa749ba6a880ccc529327788110697308f06f3c69b51b9cc2527bef1a48dd14846b1dca35708acffed0ed63a2f5ad5fabfe33a54d833caaafff95c7ec9f63198014b4c8f8ab954fbe867a6e70e4ff7d8c8bd5094cf2532fcf5f07b55a29c07ee314b3ddd890dc3fd8d6328930ff293b14934bcab401d6a00d63520759b37237b707ab6c77fee2535856896d8f6908835dba27ad62b80392a2d18b550b47f6a5dc158829c2ade183f3713cc9c210b6edcdb0118f2d37ea7945f4452be324"}) 16:50:41 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x608040, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xe) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) r2 = creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r3 = syz_open_dev$mouse(&(0x7f00000000c0), 0x44, 0x48200) write$P9_RREADLINK(r3, &(0x7f0000000180)={0xe, 0x17, 0x2, {0x5, './bus'}}, 0xe) ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f0000000280)={0x4, "99110ca3802f78cc3bd1b259d8a174d0a45ce1352a23f3e91c8f48dbdb07ee79afa7b28a93525ca06e11965cbf44f9fa7c13cd4a01c1fea3dc08923dfa7857f9cac2322b43f941fc387a9fa872293ee8ea7b4c9a40dcbb5fe541b853f788d4775a3b070c38ef8760d85f6819c08891d577464c9d38411f5e1b6907317bad850ed71409f4bcea5be99e55e74e9c9c3f9c0d18fd23c9a84174fec43af9ee0aa85e24af89b9eb81433f06fcd8c6a222f1826f2acc936439be45986da2f493b3c0d1ca2e58fdb80186a1e04aa9ffea375553cbba655e0d5eb75747d816a4408a5c5ec7c8f733255e8c0f528810d43dc076609543fde2cc1e10723f068078212a29d1910bfcb0f572fe66fd43fc747c963cfbb6d72c9cf401e31deef04ad6ef930155dfcd8d0abe9f745f1a78752ddf57e227b7da5a82a0832ed486d401be70c4451f2b61ffa749ba6a880ccc529327788110697308f06f3c69b51b9cc2527bef1a48dd14846b1dca35708acffed0ed63a2f5ad5fabfe33a54d833caaafff95c7ec9f63198014b4c8f8ab954fbe867a6e70e4ff7d8c8bd5094cf2532fcf5f07b55a29c07ee314b3ddd890dc3fd8d6328930ff293b14934bcab401d6a00d63520759b37237b707ab6c77fee2535856896d8f6908835dba27ad62b80392a2d18b550b47f6a5dc158829c2ade183f3713cc9c210b6edcdb0118f2d37ea7945f4452be324"}) 16:50:41 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x608040, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xe) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async, rerun: 32) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) (rerun: 32) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async, rerun: 64) r2 = creat(0x0, 0x0) (rerun: 64) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async, rerun: 64) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 64) r3 = syz_open_dev$mouse(&(0x7f00000000c0), 0x44, 0x48200) (rerun: 64) write$P9_RREADLINK(r3, &(0x7f0000000180)={0xe, 0x17, 0x2, {0x5, './bus'}}, 0xe) (async, rerun: 64) ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f0000000280)={0x4, "99110ca3802f78cc3bd1b259d8a174d0a45ce1352a23f3e91c8f48dbdb07ee79afa7b28a93525ca06e11965cbf44f9fa7c13cd4a01c1fea3dc08923dfa7857f9cac2322b43f941fc387a9fa872293ee8ea7b4c9a40dcbb5fe541b853f788d4775a3b070c38ef8760d85f6819c08891d577464c9d38411f5e1b6907317bad850ed71409f4bcea5be99e55e74e9c9c3f9c0d18fd23c9a84174fec43af9ee0aa85e24af89b9eb81433f06fcd8c6a222f1826f2acc936439be45986da2f493b3c0d1ca2e58fdb80186a1e04aa9ffea375553cbba655e0d5eb75747d816a4408a5c5ec7c8f733255e8c0f528810d43dc076609543fde2cc1e10723f068078212a29d1910bfcb0f572fe66fd43fc747c963cfbb6d72c9cf401e31deef04ad6ef930155dfcd8d0abe9f745f1a78752ddf57e227b7da5a82a0832ed486d401be70c4451f2b61ffa749ba6a880ccc529327788110697308f06f3c69b51b9cc2527bef1a48dd14846b1dca35708acffed0ed63a2f5ad5fabfe33a54d833caaafff95c7ec9f63198014b4c8f8ab954fbe867a6e70e4ff7d8c8bd5094cf2532fcf5f07b55a29c07ee314b3ddd890dc3fd8d6328930ff293b14934bcab401d6a00d63520759b37237b707ab6c77fee2535856896d8f6908835dba27ad62b80392a2d18b550b47f6a5dc158829c2ade183f3713cc9c210b6edcdb0118f2d37ea7945f4452be324"}) (rerun: 64) [ 687.489752][ T3675] Bluetooth: hci6: command 0x1003 tx timeout [ 687.495930][ T3638] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:50:42 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async, rerun: 32) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) ioctl$SNDRV_PCM_IOCTL_INFO(r1, 0x81204101, &(0x7f0000000280)) 16:50:42 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x8) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 687.569873][ T3625] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 687.570038][ T46] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 687.579934][T14422] Bluetooth: hci7: command 0x1003 tx timeout 16:50:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf91d, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf91d, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) 16:50:43 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000280)="04a3238ac53bfa94f3b7e969943f26890f54b4702ca23a5f384ff01800dc075c9d3a4a2c67e12706d8a50ab0ac61f7c10fc7367672bbb11091149445298268926f0c040eabc64d1dcaba5374e70f56042fe148f7674bdbb4fd9488a5ca66c3166b0268834c484a37336ab72532d4b521372656fe014aaa5244d6c9f34d8efc7887cd0a49c4b753adaac4d945bfe4e23fa39bde000490f6e2e7ee312d268bac9f9f7fabfba663be2e39316b401f87fc1d4538b3dac9edcabc63f584ca44eea0ff99a5c0e01be922efe0beb799cb7082d3bd18b80a84659f302fc952fa6afc637a61ec411919f2dc0e409997dd0885aee63529fd264b91b65ee5b43c9b5386e505904485e97d5bb9b6ce08dbed632a1c380c025863c49b2d2e79b786d799dad532bf9d96df1db83dbf6ab8802a039c46db0f46e47dd57596c342c8a1850a42fb6888ed1661bb5c7759135a081af1960ddf7fb52dae0c617195ce37bfeb2c46e69b6b9ba3d88f932431904712e1bdd9119905824da6410aec41301f56358ec37e3c6b84ed8e7c5ffa80809a6bb7fe816254e6e2cd5fda6421941cf0bc6e20c52af5611aef599cc0040a7ab0919051b82ba941f3f6a62db1b61841627c8e88721d4bf4b6b5a8a5822cde2b46790598d7efef47a321d962e04a6d7cd76efb4a0f78d1d4ac23f9d78eec1aa9302812273b2efb1cc3997cd1c4786eb7a8ff425ebea33bf3474f7b20431ef19250d6eb223a4969120a0c410729a2e0975ed8f61f9896815d0c46075b45c4a23e86be25f785af05a75f30f2d1a5a2b4b7ea0c708a0ea59c29fe4ce5a86059968bda05206ac56f030993ae1977310eee932871ecc757421183a340f2ea06f5644cb7a0542a52cff5f01f0bcf7bcaf35d80806012bec436afd350aeb4876811c4e73acf039686848d03a2fb60492e6f8c9514e0943a6614d160ebf078252881ec4e6f65a37e77c959d7a91257a57775029e03565bf615cf96acaa7643ef78e9e983f988ae623e9354714bb5b6f350d471b5f539c794955076bc52ece590b58df432551d2de02c4f1c6cb3ad288acd71d308db5d4f9ed4dacd7ac8be3fe090f2b19f23e81fca5bdbe973a7221868ebff82e7161b1bd9c339e20ed2eb272a2a19829f4ef8a467a16b539a1516cb6cfb75f46c918029215b0010f1e87949e4adb3e24e4fc714f539f5dbc5272598775fbe3e4bc87559a74fcb00488f7d2b7530e8ddf66f16d417e3904f14db07048d17356e1bd38f392f00858e9387fe2987b98a5d1500aa63ae049f45f5b8cd832a1e2c548c88c0da4592ee0c7b1a03b6bcc18882e79d2ed22b474693868d9afcd996bd4f230e5b91e9651334f57a81a1eac9a90549b0e5133508aed419f950b74ddbb91a09d92e1671e17affd95fda3215eed0540c20ad3848f6ea375889b1c649b149a9e4eec33ef30a22b0365c0c4ae98fd8ec84996baf07c97d1cc0716eecf197a934141cb17192e7a6d09f294fc79b95c92bc9611bb4f2c8b2818630ab4d07749795590d4942b4e0724000be0fee5a58161e2595a3a86450561cd38b654b0d5c1c6a8b4d9126d29974e82215a345db9651508f21b39893f0b9dd0b54d1855517117f3bcf65356dad65ee5b5be3634952ba74f5daf887bfde052ceec379d0ce2a6d41482171357153a1c943429e76e483b4b72e92a82ba0b595f8a02a337ae8cbaf1caa5889f52a6d59c937c67f8403cefb0906c46385e4b95a0454004afd6cdd272a85a9c3a3d76bb78225c8add8205e9fa155d9ddc49cf66f7da1d4bf2460857a6668ecb4e79f5cc74a224901d6efcb9d98184a9141b5bc64f95948b3b1c25e9176efdaf562c5d66029c637b45e64da812c2d9dca14af263c181b55df43176f077e210328af49433f6ed372153b029568c9ea773b2a6e03fcdff3aee799bccc2c1efa83e4417c3e1ed1e592cb46db000ebc8d736d5c81ad82e78f442e0b30db183866aa3c8d5bcdd3c8b0f67cfbaf6e99b0ce3373cdd6d90100037226505fbf462705760319e3bfeff715680c5d7e820dbb900f35676e662e67f068da15d5a2c20080a3eb507b6bb6de881d56a8abd0a8a68bc02da1d9babd6da53fcb0c9c383d17dd96fe92866948ee8b522ad2b6f63b3c2b300d71a877b1ad3af24cd7f64cb22c2915b323578b03eb97a48a7ce6e907610397bfe02fe5f04ed8bd46db6cac1ac1a674db7ba6c9f15974dbea9e7b6b63da27d4ee2a6a73ab792317ef02391df58a065bb33cf52a251577f687f531e8c4139ece3b71a5337b98f784395fed4c3e4db8aeb52e3590b3323c00f8d02895b8b0b86533eb0af95bde43547ebcdd843422d83ee50044277d2211df0cc9a1fa07e299825e2f560d4e5af85b44836f4704f3bd187527ad491901bf136181a975de6cbca81e676a39dcc3837ab31aba9aec980922360801e24f517d93aeb6ab26f35221333b7e403548c13259a2abc0bc50e476f1f59a4e3ea818c889a3155f57ad32f1d51dbe718b9536b10423f8fc2338845e9c657fc54a40f5efd868305bab04e0bed24153d8ec83a315cb1f72489605b2ba8d8ce94d88af2815584149a968b621860af9bf3401cd455abed8567ca295e984ea78c69522f5d041d1ef0f60d9bf4a63e320503365a7c7ea371be77aac4e2d0053b5dacd6d7e9de2f95b292a8ae457974af06bea998a0d7bf0b1ba2eba0ba88badc8f8c26b232216f7b2e2975eb061bfa3529526803f9977f1222439a87828e5c231a873967b22cd0e974619d811ee6af942e42aaa290db0a6ad1e4dd594d8efa0ea9aa6880bc2554ec18f1ac8567a0b777eb7b583cadf96ac9fdf92c45f5afd5ec1964c14fdf9b7ae54511a596d1f17e9becc73503fac8aefd902d4a57eb2a8f4ef007e6083aa9fbe62a17a0adfc8949404d4e6f4b1315dcaed3ed31dab8484a922bcbe8fca0cc16b73cb43f03d9173e72e66a30bf65568e165de82e67f93b7849d80287def599884918f4cb8dfc119925c203d46cf2fc38da9e55c1306e860160777dc37503f6c74b401d1820d52c4bf33e5c0bebc575b28d4c8d5454b8bcb73c59734dcf3fee9668e2d269295337d79d8336b6de5463906faeb008ce9b7bd73df48bf4c96b790fee6540cfdbc16f72133d7dcee2f73a7066e84935826c99d20277775dedd660da876d6b305864d3e228cf59401674e16d40b9e134eea2fb8f177c3de33a5dbbfa27541d999a6f9dc5b8d18a49a6ef655fc32c4991e4d2b378d106c168d51febfec718378b2123b5bc65c593a5b24062553d81c3c67a2e9ebca9c05b635462fc50c819965c670cdb8bf2863f20750fd656317338794d5b38269827da54b23bede0bf6c4352f187069d5430e0cbeb4a15dbb7d8db2853c3d5e7f11226a7e3bbf082bbe049160f3c5baa16ae06460da660a8be7fc97d635c8e051a9816d6fe6d2af9d727e308c67d195c532fa9802224ebdc2bc0ad0bc7b191df53f6d55613e261828165ac5bfd64c9addc413ad671380efabe661005b2abd6aadfb01455b8c116d022f990f77afbe138d8b1211ffec5856bf62a590beae11fb061b4e60b8237d46c8b6a2fdc4b0aad20b869d431ecc1dcce2c6afea52c28bbb0e0400ae1fbd3b04ec424b9daa0db7247a723b16409a01a46c0abe580c8b01db456102e2461d7a55e7e2f3e493e1ae606a8152898115dcdb65ec135dc4216d2b79567478ef0008abbab5328df4b3ec9c4136f6cee4f8aeaeb80ecb6ab3e2c16558d5c16f8f69535fc05df897924dd0d26253f7161cb0998af66a91223ce4776fdd5e296f2f6c9cd17e562bedd468a8af0fb74c8c63c44eb3157bf465af201e5633455b77885bbad24e5109c3af7d95ac79167db4259101b4c10e726dcba83763a255a14afea67ff5a3acb7e40eaeef7d9d92bbbf02b2e73941ca05de5b037b31d924bfee04fed6bee4ec893825f12b8bd33986bc45ff5d8440b4b72fe67b6d1eb25345e9dad65c1bb336d3aca769b9acefe6e0efdd9364427271d5a3c473abd74bf1e71af3a6a8aa1b43bdc4de5ac924683af5034995334e6086f642cfc2999fd72d60852f5cd47e51a6c6ad03bdfdc9b892fa0fe6e55504dd7e4e50da1feb7aadae4c8320e2b79a1f3b867e7cee3d88c1b2101d94968fa638dc9a5f3a7b399b6e680a2d5d4b75a60b8fcf5892099c3797405031bf2cd1ffe9b2dec0c287ea12318d5c98af22a259a9d9b0247e1f8af39a4152192b2ab97650dc048effeddb14be9b81fcf0e5992d72c5a0d2619062d8ce82b9012564b10add9f448e19d68e40261e002ba5d46284abc0fa92452c994164d4bdc21052bc987befbd45b33f0f20cb418fe8fa6c17869a9b7a760633164be2c600acfd5ac5070214372ed764d367a8f02b3c7bee0066720b804d53828738635d03e6074cfc670dc1d37c72f055d03fb79aae27c7dcfc050283baf37a95a52575717f514c29b6450091186f8e790bcdb9401acc22ea4247291cf95e924465ece9c48c1e228724a4dd9493097eca82e9c394563a0eec76882bc12d41e8dca31cc1f18b423927db931fec9479ff34168d0cb84031c7d88bb51b3fd374ae242c48275b41905ed05a68754364063f84e3c95cb1e2837f8979d4487496dcd0bf3d68b5b29dac8a6f8f9704e8ddb7d9ff4037f7f1e86dc1362f61088c19f6c2869df873ab63eff4877700a025aab36483cc87bf4c461dcb250aea84b26cc249eb883648f6b579fc21d8950c09451f3d97b8a08310fe537c5068b4b9f946dcc6e171f964b02dee6328423178e9db51cfb4615d224c07e5dd0be15496f9f96e9d7b290ac673e0ad854b1cb0bc326a36609848f86b5f4b55ae68ddec18ad3881293b68f2aea81ead31655cb41dcce06d096a8f57d303b833c6cca36862a272edd3a333bcdfc7deeb6e5c4cfc7e6e91f0db88b3d07d4620e817b8788159ccf05176c8eda8871c9f2687ccb50a046c1af35f29d1da95aa7b2448f9ef96eef3c05344c74595d97945781225c2566ea8ae12156b2ea672e30fe921317a1f675c7be6531097808828b1153fc11fe240c94fa1e1d4b72a540b5b86924e3151b1c4a3c93d581d0ed9d97770d64275e7ee13b25a9e5ea924b844e79a1229949e35df6bd68215653b5a85356305872d08f947121d6b060890f98f550150e7d3022c0a2f08ea1018351be55d5aa17686d011dbad387dbe466a99af6e4cc40be6b82a33389e4dac7b0ef9185ca61ab66af22446849c5590e4591dea240dae98d867346a2062f442ceec5aba0a052f2dd9643bde156343a3e3ea578defa5c76a624f8039610b8580ad2941fc976c11cdfd7912723c7fcb8296a7e9a1e8c210ca13df26fdcaad37c415ba9f21c99dab6d9ecd2a82fd3f1ec6b1092a30b4536489aeee189ce997eeb988ef97fd264810fcc49a0bfbd67a1b6a9ea439c85a79edcb763a21133dfec50d1ddf86959cb956edb6a69415cbe24e202179bfbb5cf7fa5017bd5b85ef831adcc65fd755f07109a2c19886129644d6c24d5c2c43f3f79935e93695123ed5a308fe7b3b5d7f4a89c8e87327d6bd938cb798d8816102287fab600b837e9ef62406f58f614e286a6d9da0f3c270527535054dff1ef86cd9f6836a23eb6a234a7ec68a48094bd98735f1c9505110bbef1755a0f038629fe7111081705d344cb3de6cadaa5e373a74f1e41b1e81eb6fc2a4cd7819888d5146d4efba15264af465ba34754450084f1a276c7e30ab076bd418c61ce9be57558f694fd5006f9d70d0e2518390d0081c22b0b1852c5ca98cc41fa28a0535b7e53d0189") ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TCFLSH(r0, 0x540b, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000000)=0xccd) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) pipe2(&(0x7f00000000c0)={0xffffffffffffffff}, 0x0) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f00000001c0)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:50:43 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0x6) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0x6) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) 16:50:43 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x900, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000200)={0x7, 0x7, 0x4838}) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) lseek(0xffffffffffffffff, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0xffffffffffffff80) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) r3 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) ioctl$GIO_UNISCRNMAP(r3, 0x4b69, &(0x7f0000000180)=""/70) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x17) (async) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) ioctl$TIOCVHANGUP(r4, 0x5437, 0x0) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 687.653079][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 16:50:45 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) syz_open_pts(r0, 0x200) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 689.649781][T14422] Bluetooth: hci6: command 0x1003 tx timeout [ 689.649929][ T46] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 689.656143][ T3625] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 689.665031][ T3671] Bluetooth: hci7: command 0x1003 tx timeout [ 689.678863][T16158] warn_alloc: 18 callbacks suppressed [ 689.678880][T16158] syz-executor.2: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 689.730700][ T3638] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 689.739999][ T3644] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 689.744066][ T46] Bluetooth: hci7: sending frame failed (-49) [ 689.747400][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 689.756292][ T3638] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 689.761471][T16158] CPU: 0 PID: 16158 Comm: syz-executor.2 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 689.776426][T16158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.786596][T16158] Call Trace: [ 689.789898][T16158] [ 689.792840][T16158] dump_stack_lvl+0xcd/0x134 [ 689.797474][T16158] warn_alloc.cold+0x9b/0x189 [ 689.802639][T16158] ? zone_watermark_ok_safe+0x290/0x290 [ 689.808221][T16158] ? __kmalloc_node+0x62/0x390 [ 689.813023][T16158] ? __vmalloc_node_range+0x7bf/0x1060 [ 689.818857][T16158] __vmalloc_node_range+0xe1e/0x1060 [ 689.824196][T16158] ? vfree_atomic+0xe0/0xe0 [ 689.828748][T16158] ? n_tty_open+0x16/0x170 [ 689.833468][T16158] vzalloc+0x67/0x80 [ 689.837395][T16158] ? n_tty_open+0x16/0x170 [ 689.841829][T16158] n_tty_open+0x16/0x170 [ 689.846089][T16158] ? n_tty_set_termios+0x1010/0x1010 [ 689.851385][T16158] tty_ldisc_open+0x9b/0x110 [ 689.855988][T16158] tty_set_ldisc+0x2f1/0x680 [ 689.857798][T16193] Bluetooth: hci11: command 0x1003 tx timeout [ 689.860594][T16158] tty_ioctl+0xae0/0x1660 [ 689.860629][T16158] ? tty_lookup_driver+0x550/0x550 [ 689.860659][T16158] ? find_held_lock+0x2d/0x110 [ 689.860692][T16158] ? __fget_files+0x28c/0x470 [ 689.860724][T16158] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 689.891898][T16158] ? tty_lookup_driver+0x550/0x550 [ 689.897207][T16158] __x64_sys_ioctl+0x193/0x200 [ 689.901971][T16158] do_syscall_64+0x35/0xb0 [ 689.906393][T16158] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 689.912280][T16158] RIP: 0033:0x7f8386363059 [ 689.916700][T16158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 689.936564][T16158] RSP: 002b:00007f8384cd8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 689.944973][T16158] RAX: ffffffffffffffda RBX: 00007f8386475f60 RCX: 00007f8386363059 [ 689.952931][T16158] RDX: 0000000020000100 RSI: 0000000000005423 RDI: 0000000000000003 16:50:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = openat2(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180)={0x100, 0x10, 0xd}, 0x18) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB="00000000000000002e0f62757300"]) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000240)=0x8) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) r4 = syz_open_pts(r0, 0x20000) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$VT_DISALLOCATE(r4, 0x5608) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) lseek(r5, 0x200, 0x0) r6 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r5, r6, 0x0, 0x10000) ioctl$TCSETSF(r6, 0x5404, &(0x7f0000000000)={0x1, 0x0, 0x3, 0x0, 0x15, "5069889883d53c2471845406ac8fff3941b020"}) 16:50:45 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000280)="04a3238ac53bfa94f3b7e969943f26890f54b4702ca23a5f384ff01800dc075c9d3a4a2c67e12706d8a50ab0ac61f7c10fc7367672bbb11091149445298268926f0c040eabc64d1dcaba5374e70f56042fe148f7674bdbb4fd9488a5ca66c3166b0268834c484a37336ab72532d4b521372656fe014aaa5244d6c9f34d8efc7887cd0a49c4b753adaac4d945bfe4e23fa39bde000490f6e2e7ee312d268bac9f9f7fabfba663be2e39316b401f87fc1d4538b3dac9edcabc63f584ca44eea0ff99a5c0e01be922efe0beb799cb7082d3bd18b80a84659f302fc952fa6afc637a61ec411919f2dc0e409997dd0885aee63529fd264b91b65ee5b43c9b5386e505904485e97d5bb9b6ce08dbed632a1c380c025863c49b2d2e79b786d799dad532bf9d96df1db83dbf6ab8802a039c46db0f46e47dd57596c342c8a1850a42fb6888ed1661bb5c7759135a081af1960ddf7fb52dae0c617195ce37bfeb2c46e69b6b9ba3d88f932431904712e1bdd9119905824da6410aec41301f56358ec37e3c6b84ed8e7c5ffa80809a6bb7fe816254e6e2cd5fda6421941cf0bc6e20c52af5611aef599cc0040a7ab0919051b82ba941f3f6a62db1b61841627c8e88721d4bf4b6b5a8a5822cde2b46790598d7efef47a321d962e04a6d7cd76efb4a0f78d1d4ac23f9d78eec1aa9302812273b2efb1cc3997cd1c4786eb7a8ff425ebea33bf3474f7b20431ef19250d6eb223a4969120a0c410729a2e0975ed8f61f9896815d0c46075b45c4a23e86be25f785af05a75f30f2d1a5a2b4b7ea0c708a0ea59c29fe4ce5a86059968bda05206ac56f030993ae1977310eee932871ecc757421183a340f2ea06f5644cb7a0542a52cff5f01f0bcf7bcaf35d80806012bec436afd350aeb4876811c4e73acf039686848d03a2fb60492e6f8c9514e0943a6614d160ebf078252881ec4e6f65a37e77c959d7a91257a57775029e03565bf615cf96acaa7643ef78e9e983f988ae623e9354714bb5b6f350d471b5f539c794955076bc52ece590b58df432551d2de02c4f1c6cb3ad288acd71d308db5d4f9ed4dacd7ac8be3fe090f2b19f23e81fca5bdbe973a7221868ebff82e7161b1bd9c339e20ed2eb272a2a19829f4ef8a467a16b539a1516cb6cfb75f46c918029215b0010f1e87949e4adb3e24e4fc714f539f5dbc5272598775fbe3e4bc87559a74fcb00488f7d2b7530e8ddf66f16d417e3904f14db07048d17356e1bd38f392f00858e9387fe2987b98a5d1500aa63ae049f45f5b8cd832a1e2c548c88c0da4592ee0c7b1a03b6bcc18882e79d2ed22b474693868d9afcd996bd4f230e5b91e9651334f57a81a1eac9a90549b0e5133508aed419f950b74ddbb91a09d92e1671e17affd95fda3215eed0540c20ad3848f6ea375889b1c649b149a9e4eec33ef30a22b0365c0c4ae98fd8ec84996baf07c97d1cc0716eecf197a934141cb17192e7a6d09f294fc79b95c92bc9611bb4f2c8b2818630ab4d07749795590d4942b4e0724000be0fee5a58161e2595a3a86450561cd38b654b0d5c1c6a8b4d9126d29974e82215a345db9651508f21b39893f0b9dd0b54d1855517117f3bcf65356dad65ee5b5be3634952ba74f5daf887bfde052ceec379d0ce2a6d41482171357153a1c943429e76e483b4b72e92a82ba0b595f8a02a337ae8cbaf1caa5889f52a6d59c937c67f8403cefb0906c46385e4b95a0454004afd6cdd272a85a9c3a3d76bb78225c8add8205e9fa155d9ddc49cf66f7da1d4bf2460857a6668ecb4e79f5cc74a224901d6efcb9d98184a9141b5bc64f95948b3b1c25e9176efdaf562c5d66029c637b45e64da812c2d9dca14af263c181b55df43176f077e210328af49433f6ed372153b029568c9ea773b2a6e03fcdff3aee799bccc2c1efa83e4417c3e1ed1e592cb46db000ebc8d736d5c81ad82e78f442e0b30db183866aa3c8d5bcdd3c8b0f67cfbaf6e99b0ce3373cdd6d90100037226505fbf462705760319e3bfeff715680c5d7e820dbb900f35676e662e67f068da15d5a2c20080a3eb507b6bb6de881d56a8abd0a8a68bc02da1d9babd6da53fcb0c9c383d17dd96fe92866948ee8b522ad2b6f63b3c2b300d71a877b1ad3af24cd7f64cb22c2915b323578b03eb97a48a7ce6e907610397bfe02fe5f04ed8bd46db6cac1ac1a674db7ba6c9f15974dbea9e7b6b63da27d4ee2a6a73ab792317ef02391df58a065bb33cf52a251577f687f531e8c4139ece3b71a5337b98f784395fed4c3e4db8aeb52e3590b3323c00f8d02895b8b0b86533eb0af95bde43547ebcdd843422d83ee50044277d2211df0cc9a1fa07e299825e2f560d4e5af85b44836f4704f3bd187527ad491901bf136181a975de6cbca81e676a39dcc3837ab31aba9aec980922360801e24f517d93aeb6ab26f35221333b7e403548c13259a2abc0bc50e476f1f59a4e3ea818c889a3155f57ad32f1d51dbe718b9536b10423f8fc2338845e9c657fc54a40f5efd868305bab04e0bed24153d8ec83a315cb1f72489605b2ba8d8ce94d88af2815584149a968b621860af9bf3401cd455abed8567ca295e984ea78c69522f5d041d1ef0f60d9bf4a63e320503365a7c7ea371be77aac4e2d0053b5dacd6d7e9de2f95b292a8ae457974af06bea998a0d7bf0b1ba2eba0ba88badc8f8c26b232216f7b2e2975eb061bfa3529526803f9977f1222439a87828e5c231a873967b22cd0e974619d811ee6af942e42aaa290db0a6ad1e4dd594d8efa0ea9aa6880bc2554ec18f1ac8567a0b777eb7b583cadf96ac9fdf92c45f5afd5ec1964c14fdf9b7ae54511a596d1f17e9becc73503fac8aefd902d4a57eb2a8f4ef007e6083aa9fbe62a17a0adfc8949404d4e6f4b1315dcaed3ed31dab8484a922bcbe8fca0cc16b73cb43f03d9173e72e66a30bf65568e165de82e67f93b7849d80287def599884918f4cb8dfc119925c203d46cf2fc38da9e55c1306e860160777dc37503f6c74b401d1820d52c4bf33e5c0bebc575b28d4c8d5454b8bcb73c59734dcf3fee9668e2d269295337d79d8336b6de5463906faeb008ce9b7bd73df48bf4c96b790fee6540cfdbc16f72133d7dcee2f73a7066e84935826c99d20277775dedd660da876d6b305864d3e228cf59401674e16d40b9e134eea2fb8f177c3de33a5dbbfa27541d999a6f9dc5b8d18a49a6ef655fc32c4991e4d2b378d106c168d51febfec718378b2123b5bc65c593a5b24062553d81c3c67a2e9ebca9c05b635462fc50c819965c670cdb8bf2863f20750fd656317338794d5b38269827da54b23bede0bf6c4352f187069d5430e0cbeb4a15dbb7d8db2853c3d5e7f11226a7e3bbf082bbe049160f3c5baa16ae06460da660a8be7fc97d635c8e051a9816d6fe6d2af9d727e308c67d195c532fa9802224ebdc2bc0ad0bc7b191df53f6d55613e261828165ac5bfd64c9addc413ad671380efabe661005b2abd6aadfb01455b8c116d022f990f77afbe138d8b1211ffec5856bf62a590beae11fb061b4e60b8237d46c8b6a2fdc4b0aad20b869d431ecc1dcce2c6afea52c28bbb0e0400ae1fbd3b04ec424b9daa0db7247a723b16409a01a46c0abe580c8b01db456102e2461d7a55e7e2f3e493e1ae606a8152898115dcdb65ec135dc4216d2b79567478ef0008abbab5328df4b3ec9c4136f6cee4f8aeaeb80ecb6ab3e2c16558d5c16f8f69535fc05df897924dd0d26253f7161cb0998af66a91223ce4776fdd5e296f2f6c9cd17e562bedd468a8af0fb74c8c63c44eb3157bf465af201e5633455b77885bbad24e5109c3af7d95ac79167db4259101b4c10e726dcba83763a255a14afea67ff5a3acb7e40eaeef7d9d92bbbf02b2e73941ca05de5b037b31d924bfee04fed6bee4ec893825f12b8bd33986bc45ff5d8440b4b72fe67b6d1eb25345e9dad65c1bb336d3aca769b9acefe6e0efdd9364427271d5a3c473abd74bf1e71af3a6a8aa1b43bdc4de5ac924683af5034995334e6086f642cfc2999fd72d60852f5cd47e51a6c6ad03bdfdc9b892fa0fe6e55504dd7e4e50da1feb7aadae4c8320e2b79a1f3b867e7cee3d88c1b2101d94968fa638dc9a5f3a7b399b6e680a2d5d4b75a60b8fcf5892099c3797405031bf2cd1ffe9b2dec0c287ea12318d5c98af22a259a9d9b0247e1f8af39a4152192b2ab97650dc048effeddb14be9b81fcf0e5992d72c5a0d2619062d8ce82b9012564b10add9f448e19d68e40261e002ba5d46284abc0fa92452c994164d4bdc21052bc987befbd45b33f0f20cb418fe8fa6c17869a9b7a760633164be2c600acfd5ac5070214372ed764d367a8f02b3c7bee0066720b804d53828738635d03e6074cfc670dc1d37c72f055d03fb79aae27c7dcfc050283baf37a95a52575717f514c29b6450091186f8e790bcdb9401acc22ea4247291cf95e924465ece9c48c1e228724a4dd9493097eca82e9c394563a0eec76882bc12d41e8dca31cc1f18b423927db931fec9479ff34168d0cb84031c7d88bb51b3fd374ae242c48275b41905ed05a68754364063f84e3c95cb1e2837f8979d4487496dcd0bf3d68b5b29dac8a6f8f9704e8ddb7d9ff4037f7f1e86dc1362f61088c19f6c2869df873ab63eff4877700a025aab36483cc87bf4c461dcb250aea84b26cc249eb883648f6b579fc21d8950c09451f3d97b8a08310fe537c5068b4b9f946dcc6e171f964b02dee6328423178e9db51cfb4615d224c07e5dd0be15496f9f96e9d7b290ac673e0ad854b1cb0bc326a36609848f86b5f4b55ae68ddec18ad3881293b68f2aea81ead31655cb41dcce06d096a8f57d303b833c6cca36862a272edd3a333bcdfc7deeb6e5c4cfc7e6e91f0db88b3d07d4620e817b8788159ccf05176c8eda8871c9f2687ccb50a046c1af35f29d1da95aa7b2448f9ef96eef3c05344c74595d97945781225c2566ea8ae12156b2ea672e30fe921317a1f675c7be6531097808828b1153fc11fe240c94fa1e1d4b72a540b5b86924e3151b1c4a3c93d581d0ed9d97770d64275e7ee13b25a9e5ea924b844e79a1229949e35df6bd68215653b5a85356305872d08f947121d6b060890f98f550150e7d3022c0a2f08ea1018351be55d5aa17686d011dbad387dbe466a99af6e4cc40be6b82a33389e4dac7b0ef9185ca61ab66af22446849c5590e4591dea240dae98d867346a2062f442ceec5aba0a052f2dd9643bde156343a3e3ea578defa5c76a624f8039610b8580ad2941fc976c11cdfd7912723c7fcb8296a7e9a1e8c210ca13df26fdcaad37c415ba9f21c99dab6d9ecd2a82fd3f1ec6b1092a30b4536489aeee189ce997eeb988ef97fd264810fcc49a0bfbd67a1b6a9ea439c85a79edcb763a21133dfec50d1ddf86959cb956edb6a69415cbe24e202179bfbb5cf7fa5017bd5b85ef831adcc65fd755f07109a2c19886129644d6c24d5c2c43f3f79935e93695123ed5a308fe7b3b5d7f4a89c8e87327d6bd938cb798d8816102287fab600b837e9ef62406f58f614e286a6d9da0f3c270527535054dff1ef86cd9f6836a23eb6a234a7ec68a48094bd98735f1c9505110bbef1755a0f038629fe7111081705d344cb3de6cadaa5e373a74f1e41b1e81eb6fc2a4cd7819888d5146d4efba15264af465ba34754450084f1a276c7e30ab076bd418c61ce9be57558f694fd5006f9d70d0e2518390d0081c22b0b1852c5ca98cc41fa28a0535b7e53d0189") ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TCFLSH(r0, 0x540b, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000000)=0xccd) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) pipe2(&(0x7f00000000c0)={0xffffffffffffffff}, 0x0) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f00000001c0)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000280)="04a3238ac53bfa94f3b7e969943f26890f54b4702ca23a5f384ff01800dc075c9d3a4a2c67e12706d8a50ab0ac61f7c10fc7367672bbb11091149445298268926f0c040eabc64d1dcaba5374e70f56042fe148f7674bdbb4fd9488a5ca66c3166b0268834c484a37336ab72532d4b521372656fe014aaa5244d6c9f34d8efc7887cd0a49c4b753adaac4d945bfe4e23fa39bde000490f6e2e7ee312d268bac9f9f7fabfba663be2e39316b401f87fc1d4538b3dac9edcabc63f584ca44eea0ff99a5c0e01be922efe0beb799cb7082d3bd18b80a84659f302fc952fa6afc637a61ec411919f2dc0e409997dd0885aee63529fd264b91b65ee5b43c9b5386e505904485e97d5bb9b6ce08dbed632a1c380c025863c49b2d2e79b786d799dad532bf9d96df1db83dbf6ab8802a039c46db0f46e47dd57596c342c8a1850a42fb6888ed1661bb5c7759135a081af1960ddf7fb52dae0c617195ce37bfeb2c46e69b6b9ba3d88f932431904712e1bdd9119905824da6410aec41301f56358ec37e3c6b84ed8e7c5ffa80809a6bb7fe816254e6e2cd5fda6421941cf0bc6e20c52af5611aef599cc0040a7ab0919051b82ba941f3f6a62db1b61841627c8e88721d4bf4b6b5a8a5822cde2b46790598d7efef47a321d962e04a6d7cd76efb4a0f78d1d4ac23f9d78eec1aa9302812273b2efb1cc3997cd1c4786eb7a8ff425ebea33bf3474f7b20431ef19250d6eb223a4969120a0c410729a2e0975ed8f61f9896815d0c46075b45c4a23e86be25f785af05a75f30f2d1a5a2b4b7ea0c708a0ea59c29fe4ce5a86059968bda05206ac56f030993ae1977310eee932871ecc757421183a340f2ea06f5644cb7a0542a52cff5f01f0bcf7bcaf35d80806012bec436afd350aeb4876811c4e73acf039686848d03a2fb60492e6f8c9514e0943a6614d160ebf078252881ec4e6f65a37e77c959d7a91257a57775029e03565bf615cf96acaa7643ef78e9e983f988ae623e9354714bb5b6f350d471b5f539c794955076bc52ece590b58df432551d2de02c4f1c6cb3ad288acd71d308db5d4f9ed4dacd7ac8be3fe090f2b19f23e81fca5bdbe973a7221868ebff82e7161b1bd9c339e20ed2eb272a2a19829f4ef8a467a16b539a1516cb6cfb75f46c918029215b0010f1e87949e4adb3e24e4fc714f539f5dbc5272598775fbe3e4bc87559a74fcb00488f7d2b7530e8ddf66f16d417e3904f14db07048d17356e1bd38f392f00858e9387fe2987b98a5d1500aa63ae049f45f5b8cd832a1e2c548c88c0da4592ee0c7b1a03b6bcc18882e79d2ed22b474693868d9afcd996bd4f230e5b91e9651334f57a81a1eac9a90549b0e5133508aed419f950b74ddbb91a09d92e1671e17affd95fda3215eed0540c20ad3848f6ea375889b1c649b149a9e4eec33ef30a22b0365c0c4ae98fd8ec84996baf07c97d1cc0716eecf197a934141cb17192e7a6d09f294fc79b95c92bc9611bb4f2c8b2818630ab4d07749795590d4942b4e0724000be0fee5a58161e2595a3a86450561cd38b654b0d5c1c6a8b4d9126d29974e82215a345db9651508f21b39893f0b9dd0b54d1855517117f3bcf65356dad65ee5b5be3634952ba74f5daf887bfde052ceec379d0ce2a6d41482171357153a1c943429e76e483b4b72e92a82ba0b595f8a02a337ae8cbaf1caa5889f52a6d59c937c67f8403cefb0906c46385e4b95a0454004afd6cdd272a85a9c3a3d76bb78225c8add8205e9fa155d9ddc49cf66f7da1d4bf2460857a6668ecb4e79f5cc74a224901d6efcb9d98184a9141b5bc64f95948b3b1c25e9176efdaf562c5d66029c637b45e64da812c2d9dca14af263c181b55df43176f077e210328af49433f6ed372153b029568c9ea773b2a6e03fcdff3aee799bccc2c1efa83e4417c3e1ed1e592cb46db000ebc8d736d5c81ad82e78f442e0b30db183866aa3c8d5bcdd3c8b0f67cfbaf6e99b0ce3373cdd6d90100037226505fbf462705760319e3bfeff715680c5d7e820dbb900f35676e662e67f068da15d5a2c20080a3eb507b6bb6de881d56a8abd0a8a68bc02da1d9babd6da53fcb0c9c383d17dd96fe92866948ee8b522ad2b6f63b3c2b300d71a877b1ad3af24cd7f64cb22c2915b323578b03eb97a48a7ce6e907610397bfe02fe5f04ed8bd46db6cac1ac1a674db7ba6c9f15974dbea9e7b6b63da27d4ee2a6a73ab792317ef02391df58a065bb33cf52a251577f687f531e8c4139ece3b71a5337b98f784395fed4c3e4db8aeb52e3590b3323c00f8d02895b8b0b86533eb0af95bde43547ebcdd843422d83ee50044277d2211df0cc9a1fa07e299825e2f560d4e5af85b44836f4704f3bd187527ad491901bf136181a975de6cbca81e676a39dcc3837ab31aba9aec980922360801e24f517d93aeb6ab26f35221333b7e403548c13259a2abc0bc50e476f1f59a4e3ea818c889a3155f57ad32f1d51dbe718b9536b10423f8fc2338845e9c657fc54a40f5efd868305bab04e0bed24153d8ec83a315cb1f72489605b2ba8d8ce94d88af2815584149a968b621860af9bf3401cd455abed8567ca295e984ea78c69522f5d041d1ef0f60d9bf4a63e320503365a7c7ea371be77aac4e2d0053b5dacd6d7e9de2f95b292a8ae457974af06bea998a0d7bf0b1ba2eba0ba88badc8f8c26b232216f7b2e2975eb061bfa3529526803f9977f1222439a87828e5c231a873967b22cd0e974619d811ee6af942e42aaa290db0a6ad1e4dd594d8efa0ea9aa6880bc2554ec18f1ac8567a0b777eb7b583cadf96ac9fdf92c45f5afd5ec1964c14fdf9b7ae54511a596d1f17e9becc73503fac8aefd902d4a57eb2a8f4ef007e6083aa9fbe62a17a0adfc8949404d4e6f4b1315dcaed3ed31dab8484a922bcbe8fca0cc16b73cb43f03d9173e72e66a30bf65568e165de82e67f93b7849d80287def599884918f4cb8dfc119925c203d46cf2fc38da9e55c1306e860160777dc37503f6c74b401d1820d52c4bf33e5c0bebc575b28d4c8d5454b8bcb73c59734dcf3fee9668e2d269295337d79d8336b6de5463906faeb008ce9b7bd73df48bf4c96b790fee6540cfdbc16f72133d7dcee2f73a7066e84935826c99d20277775dedd660da876d6b305864d3e228cf59401674e16d40b9e134eea2fb8f177c3de33a5dbbfa27541d999a6f9dc5b8d18a49a6ef655fc32c4991e4d2b378d106c168d51febfec718378b2123b5bc65c593a5b24062553d81c3c67a2e9ebca9c05b635462fc50c819965c670cdb8bf2863f20750fd656317338794d5b38269827da54b23bede0bf6c4352f187069d5430e0cbeb4a15dbb7d8db2853c3d5e7f11226a7e3bbf082bbe049160f3c5baa16ae06460da660a8be7fc97d635c8e051a9816d6fe6d2af9d727e308c67d195c532fa9802224ebdc2bc0ad0bc7b191df53f6d55613e261828165ac5bfd64c9addc413ad671380efabe661005b2abd6aadfb01455b8c116d022f990f77afbe138d8b1211ffec5856bf62a590beae11fb061b4e60b8237d46c8b6a2fdc4b0aad20b869d431ecc1dcce2c6afea52c28bbb0e0400ae1fbd3b04ec424b9daa0db7247a723b16409a01a46c0abe580c8b01db456102e2461d7a55e7e2f3e493e1ae606a8152898115dcdb65ec135dc4216d2b79567478ef0008abbab5328df4b3ec9c4136f6cee4f8aeaeb80ecb6ab3e2c16558d5c16f8f69535fc05df897924dd0d26253f7161cb0998af66a91223ce4776fdd5e296f2f6c9cd17e562bedd468a8af0fb74c8c63c44eb3157bf465af201e5633455b77885bbad24e5109c3af7d95ac79167db4259101b4c10e726dcba83763a255a14afea67ff5a3acb7e40eaeef7d9d92bbbf02b2e73941ca05de5b037b31d924bfee04fed6bee4ec893825f12b8bd33986bc45ff5d8440b4b72fe67b6d1eb25345e9dad65c1bb336d3aca769b9acefe6e0efdd9364427271d5a3c473abd74bf1e71af3a6a8aa1b43bdc4de5ac924683af5034995334e6086f642cfc2999fd72d60852f5cd47e51a6c6ad03bdfdc9b892fa0fe6e55504dd7e4e50da1feb7aadae4c8320e2b79a1f3b867e7cee3d88c1b2101d94968fa638dc9a5f3a7b399b6e680a2d5d4b75a60b8fcf5892099c3797405031bf2cd1ffe9b2dec0c287ea12318d5c98af22a259a9d9b0247e1f8af39a4152192b2ab97650dc048effeddb14be9b81fcf0e5992d72c5a0d2619062d8ce82b9012564b10add9f448e19d68e40261e002ba5d46284abc0fa92452c994164d4bdc21052bc987befbd45b33f0f20cb418fe8fa6c17869a9b7a760633164be2c600acfd5ac5070214372ed764d367a8f02b3c7bee0066720b804d53828738635d03e6074cfc670dc1d37c72f055d03fb79aae27c7dcfc050283baf37a95a52575717f514c29b6450091186f8e790bcdb9401acc22ea4247291cf95e924465ece9c48c1e228724a4dd9493097eca82e9c394563a0eec76882bc12d41e8dca31cc1f18b423927db931fec9479ff34168d0cb84031c7d88bb51b3fd374ae242c48275b41905ed05a68754364063f84e3c95cb1e2837f8979d4487496dcd0bf3d68b5b29dac8a6f8f9704e8ddb7d9ff4037f7f1e86dc1362f61088c19f6c2869df873ab63eff4877700a025aab36483cc87bf4c461dcb250aea84b26cc249eb883648f6b579fc21d8950c09451f3d97b8a08310fe537c5068b4b9f946dcc6e171f964b02dee6328423178e9db51cfb4615d224c07e5dd0be15496f9f96e9d7b290ac673e0ad854b1cb0bc326a36609848f86b5f4b55ae68ddec18ad3881293b68f2aea81ead31655cb41dcce06d096a8f57d303b833c6cca36862a272edd3a333bcdfc7deeb6e5c4cfc7e6e91f0db88b3d07d4620e817b8788159ccf05176c8eda8871c9f2687ccb50a046c1af35f29d1da95aa7b2448f9ef96eef3c05344c74595d97945781225c2566ea8ae12156b2ea672e30fe921317a1f675c7be6531097808828b1153fc11fe240c94fa1e1d4b72a540b5b86924e3151b1c4a3c93d581d0ed9d97770d64275e7ee13b25a9e5ea924b844e79a1229949e35df6bd68215653b5a85356305872d08f947121d6b060890f98f550150e7d3022c0a2f08ea1018351be55d5aa17686d011dbad387dbe466a99af6e4cc40be6b82a33389e4dac7b0ef9185ca61ab66af22446849c5590e4591dea240dae98d867346a2062f442ceec5aba0a052f2dd9643bde156343a3e3ea578defa5c76a624f8039610b8580ad2941fc976c11cdfd7912723c7fcb8296a7e9a1e8c210ca13df26fdcaad37c415ba9f21c99dab6d9ecd2a82fd3f1ec6b1092a30b4536489aeee189ce997eeb988ef97fd264810fcc49a0bfbd67a1b6a9ea439c85a79edcb763a21133dfec50d1ddf86959cb956edb6a69415cbe24e202179bfbb5cf7fa5017bd5b85ef831adcc65fd755f07109a2c19886129644d6c24d5c2c43f3f79935e93695123ed5a308fe7b3b5d7f4a89c8e87327d6bd938cb798d8816102287fab600b837e9ef62406f58f614e286a6d9da0f3c270527535054dff1ef86cd9f6836a23eb6a234a7ec68a48094bd98735f1c9505110bbef1755a0f038629fe7111081705d344cb3de6cadaa5e373a74f1e41b1e81eb6fc2a4cd7819888d5146d4efba15264af465ba34754450084f1a276c7e30ab076bd418c61ce9be57558f694fd5006f9d70d0e2518390d0081c22b0b1852c5ca98cc41fa28a0535b7e53d0189") (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TCFLSH(r0, 0x540b, 0x2) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) (async) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000000)=0xccd) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) pipe2(&(0x7f00000000c0), 0x0) (async) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f00000001c0)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 689.960897][T16158] RBP: 00007f83863bd08d R08: 0000000000000000 R09: 0000000000000000 [ 689.968894][T16158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 689.976869][T16158] R13: 00007fff37015fff R14: 00007f8384cd8300 R15: 0000000000022000 [ 689.985715][T16158] [ 689.998928][ T3636] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 690.002711][T16158] Mem-Info: [ 690.045516][T16158] active_anon:2645 inactive_anon:147618 isolated_anon:0 [ 690.045516][T16158] active_file:4196 inactive_file:7646 isolated_file:0 [ 690.045516][T16158] unevictable:768 dirty:39 writeback:0 [ 690.045516][T16158] slab_reclaimable:19246 slab_unreclaimable:96512 [ 690.045516][T16158] mapped:27881 shmem:4129 pagetables:784 bounce:0 [ 690.045516][T16158] kernel_misc_reclaimable:0 [ 690.045516][T16158] free:1321730 free_pcp:11065 free_cma:0 16:50:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf91d, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf91d, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) 16:50:45 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0x6) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0x6) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) 16:50:45 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000280)="04a3238ac53bfa94f3b7e969943f26890f54b4702ca23a5f384ff01800dc075c9d3a4a2c67e12706d8a50ab0ac61f7c10fc7367672bbb11091149445298268926f0c040eabc64d1dcaba5374e70f56042fe148f7674bdbb4fd9488a5ca66c3166b0268834c484a37336ab72532d4b521372656fe014aaa5244d6c9f34d8efc7887cd0a49c4b753adaac4d945bfe4e23fa39bde000490f6e2e7ee312d268bac9f9f7fabfba663be2e39316b401f87fc1d4538b3dac9edcabc63f584ca44eea0ff99a5c0e01be922efe0beb799cb7082d3bd18b80a84659f302fc952fa6afc637a61ec411919f2dc0e409997dd0885aee63529fd264b91b65ee5b43c9b5386e505904485e97d5bb9b6ce08dbed632a1c380c025863c49b2d2e79b786d799dad532bf9d96df1db83dbf6ab8802a039c46db0f46e47dd57596c342c8a1850a42fb6888ed1661bb5c7759135a081af1960ddf7fb52dae0c617195ce37bfeb2c46e69b6b9ba3d88f932431904712e1bdd9119905824da6410aec41301f56358ec37e3c6b84ed8e7c5ffa80809a6bb7fe816254e6e2cd5fda6421941cf0bc6e20c52af5611aef599cc0040a7ab0919051b82ba941f3f6a62db1b61841627c8e88721d4bf4b6b5a8a5822cde2b46790598d7efef47a321d962e04a6d7cd76efb4a0f78d1d4ac23f9d78eec1aa9302812273b2efb1cc3997cd1c4786eb7a8ff425ebea33bf3474f7b20431ef19250d6eb223a4969120a0c410729a2e0975ed8f61f9896815d0c46075b45c4a23e86be25f785af05a75f30f2d1a5a2b4b7ea0c708a0ea59c29fe4ce5a86059968bda05206ac56f030993ae1977310eee932871ecc757421183a340f2ea06f5644cb7a0542a52cff5f01f0bcf7bcaf35d80806012bec436afd350aeb4876811c4e73acf039686848d03a2fb60492e6f8c9514e0943a6614d160ebf078252881ec4e6f65a37e77c959d7a91257a57775029e03565bf615cf96acaa7643ef78e9e983f988ae623e9354714bb5b6f350d471b5f539c794955076bc52ece590b58df432551d2de02c4f1c6cb3ad288acd71d308db5d4f9ed4dacd7ac8be3fe090f2b19f23e81fca5bdbe973a7221868ebff82e7161b1bd9c339e20ed2eb272a2a19829f4ef8a467a16b539a1516cb6cfb75f46c918029215b0010f1e87949e4adb3e24e4fc714f539f5dbc5272598775fbe3e4bc87559a74fcb00488f7d2b7530e8ddf66f16d417e3904f14db07048d17356e1bd38f392f00858e9387fe2987b98a5d1500aa63ae049f45f5b8cd832a1e2c548c88c0da4592ee0c7b1a03b6bcc18882e79d2ed22b474693868d9afcd996bd4f230e5b91e9651334f57a81a1eac9a90549b0e5133508aed419f950b74ddbb91a09d92e1671e17affd95fda3215eed0540c20ad3848f6ea375889b1c649b149a9e4eec33ef30a22b0365c0c4ae98fd8ec84996baf07c97d1cc0716eecf197a934141cb17192e7a6d09f294fc79b95c92bc9611bb4f2c8b2818630ab4d07749795590d4942b4e0724000be0fee5a58161e2595a3a86450561cd38b654b0d5c1c6a8b4d9126d29974e82215a345db9651508f21b39893f0b9dd0b54d1855517117f3bcf65356dad65ee5b5be3634952ba74f5daf887bfde052ceec379d0ce2a6d41482171357153a1c943429e76e483b4b72e92a82ba0b595f8a02a337ae8cbaf1caa5889f52a6d59c937c67f8403cefb0906c46385e4b95a0454004afd6cdd272a85a9c3a3d76bb78225c8add8205e9fa155d9ddc49cf66f7da1d4bf2460857a6668ecb4e79f5cc74a224901d6efcb9d98184a9141b5bc64f95948b3b1c25e9176efdaf562c5d66029c637b45e64da812c2d9dca14af263c181b55df43176f077e210328af49433f6ed372153b029568c9ea773b2a6e03fcdff3aee799bccc2c1efa83e4417c3e1ed1e592cb46db000ebc8d736d5c81ad82e78f442e0b30db183866aa3c8d5bcdd3c8b0f67cfbaf6e99b0ce3373cdd6d90100037226505fbf462705760319e3bfeff715680c5d7e820dbb900f35676e662e67f068da15d5a2c20080a3eb507b6bb6de881d56a8abd0a8a68bc02da1d9babd6da53fcb0c9c383d17dd96fe92866948ee8b522ad2b6f63b3c2b300d71a877b1ad3af24cd7f64cb22c2915b323578b03eb97a48a7ce6e907610397bfe02fe5f04ed8bd46db6cac1ac1a674db7ba6c9f15974dbea9e7b6b63da27d4ee2a6a73ab792317ef02391df58a065bb33cf52a251577f687f531e8c4139ece3b71a5337b98f784395fed4c3e4db8aeb52e3590b3323c00f8d02895b8b0b86533eb0af95bde43547ebcdd843422d83ee50044277d2211df0cc9a1fa07e299825e2f560d4e5af85b44836f4704f3bd187527ad491901bf136181a975de6cbca81e676a39dcc3837ab31aba9aec980922360801e24f517d93aeb6ab26f35221333b7e403548c13259a2abc0bc50e476f1f59a4e3ea818c889a3155f57ad32f1d51dbe718b9536b10423f8fc2338845e9c657fc54a40f5efd868305bab04e0bed24153d8ec83a315cb1f72489605b2ba8d8ce94d88af2815584149a968b621860af9bf3401cd455abed8567ca295e984ea78c69522f5d041d1ef0f60d9bf4a63e320503365a7c7ea371be77aac4e2d0053b5dacd6d7e9de2f95b292a8ae457974af06bea998a0d7bf0b1ba2eba0ba88badc8f8c26b232216f7b2e2975eb061bfa3529526803f9977f1222439a87828e5c231a873967b22cd0e974619d811ee6af942e42aaa290db0a6ad1e4dd594d8efa0ea9aa6880bc2554ec18f1ac8567a0b777eb7b583cadf96ac9fdf92c45f5afd5ec1964c14fdf9b7ae54511a596d1f17e9becc73503fac8aefd902d4a57eb2a8f4ef007e6083aa9fbe62a17a0adfc8949404d4e6f4b1315dcaed3ed31dab8484a922bcbe8fca0cc16b73cb43f03d9173e72e66a30bf65568e165de82e67f93b7849d80287def599884918f4cb8dfc119925c203d46cf2fc38da9e55c1306e860160777dc37503f6c74b401d1820d52c4bf33e5c0bebc575b28d4c8d5454b8bcb73c59734dcf3fee9668e2d269295337d79d8336b6de5463906faeb008ce9b7bd73df48bf4c96b790fee6540cfdbc16f72133d7dcee2f73a7066e84935826c99d20277775dedd660da876d6b305864d3e228cf59401674e16d40b9e134eea2fb8f177c3de33a5dbbfa27541d999a6f9dc5b8d18a49a6ef655fc32c4991e4d2b378d106c168d51febfec718378b2123b5bc65c593a5b24062553d81c3c67a2e9ebca9c05b635462fc50c819965c670cdb8bf2863f20750fd656317338794d5b38269827da54b23bede0bf6c4352f187069d5430e0cbeb4a15dbb7d8db2853c3d5e7f11226a7e3bbf082bbe049160f3c5baa16ae06460da660a8be7fc97d635c8e051a9816d6fe6d2af9d727e308c67d195c532fa9802224ebdc2bc0ad0bc7b191df53f6d55613e261828165ac5bfd64c9addc413ad671380efabe661005b2abd6aadfb01455b8c116d022f990f77afbe138d8b1211ffec5856bf62a590beae11fb061b4e60b8237d46c8b6a2fdc4b0aad20b869d431ecc1dcce2c6afea52c28bbb0e0400ae1fbd3b04ec424b9daa0db7247a723b16409a01a46c0abe580c8b01db456102e2461d7a55e7e2f3e493e1ae606a8152898115dcdb65ec135dc4216d2b79567478ef0008abbab5328df4b3ec9c4136f6cee4f8aeaeb80ecb6ab3e2c16558d5c16f8f69535fc05df897924dd0d26253f7161cb0998af66a91223ce4776fdd5e296f2f6c9cd17e562bedd468a8af0fb74c8c63c44eb3157bf465af201e5633455b77885bbad24e5109c3af7d95ac79167db4259101b4c10e726dcba83763a255a14afea67ff5a3acb7e40eaeef7d9d92bbbf02b2e73941ca05de5b037b31d924bfee04fed6bee4ec893825f12b8bd33986bc45ff5d8440b4b72fe67b6d1eb25345e9dad65c1bb336d3aca769b9acefe6e0efdd9364427271d5a3c473abd74bf1e71af3a6a8aa1b43bdc4de5ac924683af5034995334e6086f642cfc2999fd72d60852f5cd47e51a6c6ad03bdfdc9b892fa0fe6e55504dd7e4e50da1feb7aadae4c8320e2b79a1f3b867e7cee3d88c1b2101d94968fa638dc9a5f3a7b399b6e680a2d5d4b75a60b8fcf5892099c3797405031bf2cd1ffe9b2dec0c287ea12318d5c98af22a259a9d9b0247e1f8af39a4152192b2ab97650dc048effeddb14be9b81fcf0e5992d72c5a0d2619062d8ce82b9012564b10add9f448e19d68e40261e002ba5d46284abc0fa92452c994164d4bdc21052bc987befbd45b33f0f20cb418fe8fa6c17869a9b7a760633164be2c600acfd5ac5070214372ed764d367a8f02b3c7bee0066720b804d53828738635d03e6074cfc670dc1d37c72f055d03fb79aae27c7dcfc050283baf37a95a52575717f514c29b6450091186f8e790bcdb9401acc22ea4247291cf95e924465ece9c48c1e228724a4dd9493097eca82e9c394563a0eec76882bc12d41e8dca31cc1f18b423927db931fec9479ff34168d0cb84031c7d88bb51b3fd374ae242c48275b41905ed05a68754364063f84e3c95cb1e2837f8979d4487496dcd0bf3d68b5b29dac8a6f8f9704e8ddb7d9ff4037f7f1e86dc1362f61088c19f6c2869df873ab63eff4877700a025aab36483cc87bf4c461dcb250aea84b26cc249eb883648f6b579fc21d8950c09451f3d97b8a08310fe537c5068b4b9f946dcc6e171f964b02dee6328423178e9db51cfb4615d224c07e5dd0be15496f9f96e9d7b290ac673e0ad854b1cb0bc326a36609848f86b5f4b55ae68ddec18ad3881293b68f2aea81ead31655cb41dcce06d096a8f57d303b833c6cca36862a272edd3a333bcdfc7deeb6e5c4cfc7e6e91f0db88b3d07d4620e817b8788159ccf05176c8eda8871c9f2687ccb50a046c1af35f29d1da95aa7b2448f9ef96eef3c05344c74595d97945781225c2566ea8ae12156b2ea672e30fe921317a1f675c7be6531097808828b1153fc11fe240c94fa1e1d4b72a540b5b86924e3151b1c4a3c93d581d0ed9d97770d64275e7ee13b25a9e5ea924b844e79a1229949e35df6bd68215653b5a85356305872d08f947121d6b060890f98f550150e7d3022c0a2f08ea1018351be55d5aa17686d011dbad387dbe466a99af6e4cc40be6b82a33389e4dac7b0ef9185ca61ab66af22446849c5590e4591dea240dae98d867346a2062f442ceec5aba0a052f2dd9643bde156343a3e3ea578defa5c76a624f8039610b8580ad2941fc976c11cdfd7912723c7fcb8296a7e9a1e8c210ca13df26fdcaad37c415ba9f21c99dab6d9ecd2a82fd3f1ec6b1092a30b4536489aeee189ce997eeb988ef97fd264810fcc49a0bfbd67a1b6a9ea439c85a79edcb763a21133dfec50d1ddf86959cb956edb6a69415cbe24e202179bfbb5cf7fa5017bd5b85ef831adcc65fd755f07109a2c19886129644d6c24d5c2c43f3f79935e93695123ed5a308fe7b3b5d7f4a89c8e87327d6bd938cb798d8816102287fab600b837e9ef62406f58f614e286a6d9da0f3c270527535054dff1ef86cd9f6836a23eb6a234a7ec68a48094bd98735f1c9505110bbef1755a0f038629fe7111081705d344cb3de6cadaa5e373a74f1e41b1e81eb6fc2a4cd7819888d5146d4efba15264af465ba34754450084f1a276c7e30ab076bd418c61ce9be57558f694fd5006f9d70d0e2518390d0081c22b0b1852c5ca98cc41fa28a0535b7e53d0189") ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TCFLSH(r0, 0x540b, 0x2) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) (async) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000000)=0xccd) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) pipe2(&(0x7f00000000c0)={0xffffffffffffffff}, 0x0) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f00000001c0)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 690.114645][ T26] audit: type=1804 audit(1644684645.448:1930): pid=16198 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/663/bus" dev="sda1" ino=1169 res=1 errno=0 [ 690.209611][T16158] Node 0 active_anon:10576kB inactive_anon:591672kB active_file:16708kB inactive_file:30584kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111476kB dirty:152kB writeback:0kB shmem:14048kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 442368kB writeback_tmp:0kB kernel_stack:10904kB pagetables:3288kB all_unreclaimable? no [ 690.253385][ T26] audit: type=1800 audit(1644684645.448:1931): pid=16198 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1169 res=0 errno=0 [ 690.283258][T16158] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 690.315497][T16158] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 690.347169][T16158] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 690.354818][T16158] Node 0 DMA32 free:1319500kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10580kB inactive_anon:593660kB active_file:16708kB inactive_file:30588kB unevictable:1536kB writepending:160kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:39716kB local_pcp:21780kB free_cma:0kB [ 690.387120][T16158] lowmem_reserve[]: 0 0 0 0 0 [ 690.393363][T16158] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 690.420958][T16158] lowmem_reserve[]: 0 0 0 0 0 [ 690.426099][T16158] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 690.456018][T16158] lowmem_reserve[]: 0 0 0 0 0 [ 690.462693][T16158] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 690.476351][T16158] Node 0 DMA32: 31*4kB (ME) 1146*8kB (UME) 1972*16kB (UME) 618*32kB (UME) 344*64kB (UME) 163*128kB (UME) 66*256kB (UME) 38*512kB (UME) 22*1024kB (UE) 13*2048kB (UE) 276*4096kB (UM) = 1319500kB [ 690.495952][T16158] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 690.507926][T16158] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 690.526249][T16158] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 690.536470][T16158] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 690.547160][T16158] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 16:50:45 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x8) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x8) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) [ 690.557117][T16158] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 690.566895][T16158] 15974 total pagecache pages [ 690.573311][T16158] 0 pages in swap cache [ 690.577837][T16158] Swap cache stats: add 0, delete 0, find 0/0 [ 690.584248][T16158] Free swap = 0kB [ 690.588197][T16158] Total swap = 0kB [ 690.592203][T16158] 2097051 pages RAM [ 690.596433][T16158] 0 pages HighMem/MovableOnly [ 690.601462][T16158] 384548 pages reserved [ 690.605863][T16158] 0 pages cma reserved 16:50:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async, rerun: 64) r2 = openat2(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180)={0x100, 0x10, 0xd}, 0x18) (rerun: 64) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB="00000000000000002e0f62757300"]) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000240)=0x8) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) r4 = syz_open_pts(r0, 0x20000) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 64) ioctl$VT_DISALLOCATE(r4, 0x5608) (rerun: 64) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) (async) lseek(r5, 0x200, 0x0) (async) r6 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r5, r6, 0x0, 0x10000) ioctl$TCSETSF(r6, 0x5404, &(0x7f0000000000)={0x1, 0x0, 0x3, 0x0, 0x15, "5069889883d53c2471845406ac8fff3941b020"}) 16:50:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = openat2(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180)={0x100, 0x10, 0xd}, 0x18) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB="00000000000000002e0f62757300"]) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000240)=0x8) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) r4 = syz_open_pts(r0, 0x20000) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$VT_DISALLOCATE(r4, 0x5608) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) lseek(r5, 0x200, 0x0) r6 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r5, r6, 0x0, 0x10000) ioctl$TCSETSF(r6, 0x5404, &(0x7f0000000000)={0x1, 0x0, 0x3, 0x0, 0x15, "5069889883d53c2471845406ac8fff3941b020"}) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) openat2(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180)={0x100, 0x10, 0xd}, 0x18) (async) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB="00000000000000002e0f62757300"]) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000240)=0x8) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) syz_open_pts(r0, 0x20000) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) ioctl$VT_DISALLOCATE(r4, 0x5608) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r5, 0x800) (async) lseek(r5, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r5, r6, 0x0, 0x10000) (async) ioctl$TCSETSF(r6, 0x5404, &(0x7f0000000000)={0x1, 0x0, 0x3, 0x0, 0x15, "5069889883d53c2471845406ac8fff3941b020"}) (async) [ 690.696842][T16243] ptm ptm12: ldisc open failed (-12), clearing slot 12 16:50:46 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x82841, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$VT_RELDISP(r0, 0x5605) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x8) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x13) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 690.733957][ T26] audit: type=1804 audit(1644684646.068:1932): pid=16258 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/665/bus" dev="sda1" ino=1169 res=1 errno=0 [ 690.760752][ T26] audit: type=1800 audit(1644684646.068:1933): pid=16258 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1169 res=0 errno=0 [ 690.830899][ T3642] Bluetooth: hci11: sending frame failed (-49) [ 690.838837][ T3644] Bluetooth: hci11: Opcode 0x1003 failed: -49 [ 690.847867][ T26] audit: type=1804 audit(1644684646.178:1934): pid=16268 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/666/bus" dev="sda1" ino=1169 res=1 errno=0 [ 690.875596][ T26] audit: type=1800 audit(1644684646.178:1935): pid=16268 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1169 res=0 errno=0 [ 690.915291][ T26] audit: type=1804 audit(1644684646.248:1936): pid=16269 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/666/bus" dev="sda1" ino=1169 res=1 errno=0 16:50:46 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x82841, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$VT_RELDISP(r0, 0x5605) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x8) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x13) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x82841, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$VT_RELDISP(r0, 0x5605) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x8) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x13) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 691.144294][ T26] audit: type=1804 audit(1644684646.478:1937): pid=16272 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/667/bus" dev="sda1" ino=1169 res=1 errno=0 [ 691.172895][ T26] audit: type=1800 audit(1644684646.478:1938): pid=16272 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1169 res=0 errno=0 [ 691.198873][ T26] audit: type=1804 audit(1644684646.538:1939): pid=16273 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/667/bus" dev="sda1" ino=1169 res=1 errno=0 16:50:47 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) syz_open_pts(r0, 0x200) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 691.729807][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 692.209854][T16193] Bluetooth: hci7: command 0x1003 tx timeout [ 692.210074][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 692.289823][ T3638] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 692.290077][T14422] Bluetooth: hci8: command 0x1003 tx timeout 16:50:47 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x9) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x80000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x81, 0x81, 0x0, 0x96, 0x8, 0x3, 0x3e, 0x6, 0x3b6, 0x40, 0x9, 0x84, 0x1f, 0x38, 0x1, 0x5e6, 0x8001, 0x6}, [{0x60000000, 0x4, 0x20, 0x1, 0xf227, 0x8, 0x1f, 0x10000}, {0x60000000, 0x8, 0x2, 0x9, 0xfffffffffffff931, 0x2, 0x7, 0x1ff}], "2aea10bcd4c5f923ef4ac58728a485724640d58b1f3657f150462c882fa6cdde2616630bebcf936a0a88781f6110f10a6aad96d2174eeb7a0f5e3ba82103021c55881c3d769e0c3dcdd4ac55a92a5fd347402a91aaf2cb4973d50355dfb89f0bb4f8d534708013fc774e02dbc891867814baadb52a1f4329890e15476ef94f29072f0522074033b21617a4f991a8184112a57b748b69c88d67e058b3019c6ae4847283a99b9b38e2d75fe885f8503dfd3a143f461adada0e9787f22d5098501a4d0073a70515cf0cb64b3867e87ce4a03f0eeee2b9ee3de515068898d68b9508b5807d58a9a1e198982a6ebc8921"}, 0x19e) ioctl$TCFLSH(r0, 0x540b, 0x1) [ 692.369801][T16193] Bluetooth: hci9: command 0x1003 tx timeout [ 692.370049][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 692.503638][ T26] audit: type=1804 audit(1644684647.838:1940): pid=16287 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/687/bus" dev="sda1" ino=1182 res=1 errno=0 [ 692.529968][ T26] audit: type=1800 audit(1644684647.838:1941): pid=16287 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:50:48 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x8) (rerun: 64) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async, rerun: 32) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 692.689644][ T7] Bluetooth: hci10: command 0x1003 tx timeout [ 692.690040][ T46] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:50:48 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x82841, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$VT_RELDISP(r0, 0x5605) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x8) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x13) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x82841, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$VT_RELDISP(r0, 0x5605) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x8) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x13) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 693.169812][T16193] Bluetooth: hci11: command 0x1003 tx timeout [ 693.179811][ T3644] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 693.809790][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 693.809829][T16193] Bluetooth: hci6: command 0x1003 tx timeout [ 694.289751][T16196] Bluetooth: hci7: command 0x1003 tx timeout [ 694.300005][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:50:49 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) pipe2$9p(&(0x7f00000000c0), 0x4000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) ftruncate(r3, 0x800) lseek(r2, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x10000) ioctl$TCFLSH(r4, 0x540b, 0x1) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r5 = creat(0x0, 0x0) ftruncate(r5, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r5, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:49 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) syz_open_pts(r0, 0x200) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) syz_open_pts(r0, 0x200) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:50:49 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x600) fsetxattr$security_capability(r1, &(0x7f00000000c0), &(0x7f0000000180)=@v2={0x2000000, [{0x0, 0x4}, {0x8, 0x80}]}, 0x14, 0x3) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 694.369862][ T3638] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 694.375006][T16196] Bluetooth: hci8: command 0x1003 tx timeout 16:50:49 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x9) (async, rerun: 32) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x80000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x81, 0x81, 0x0, 0x96, 0x8, 0x3, 0x3e, 0x6, 0x3b6, 0x40, 0x9, 0x84, 0x1f, 0x38, 0x1, 0x5e6, 0x8001, 0x6}, [{0x60000000, 0x4, 0x20, 0x1, 0xf227, 0x8, 0x1f, 0x10000}, {0x60000000, 0x8, 0x2, 0x9, 0xfffffffffffff931, 0x2, 0x7, 0x1ff}], "2aea10bcd4c5f923ef4ac58728a485724640d58b1f3657f150462c882fa6cdde2616630bebcf936a0a88781f6110f10a6aad96d2174eeb7a0f5e3ba82103021c55881c3d769e0c3dcdd4ac55a92a5fd347402a91aaf2cb4973d50355dfb89f0bb4f8d534708013fc774e02dbc891867814baadb52a1f4329890e15476ef94f29072f0522074033b21617a4f991a8184112a57b748b69c88d67e058b3019c6ae4847283a99b9b38e2d75fe885f8503dfd3a143f461adada0e9787f22d5098501a4d0073a70515cf0cb64b3867e87ce4a03f0eeee2b9ee3de515068898d68b9508b5807d58a9a1e198982a6ebc8921"}, 0x19e) ioctl$TCFLSH(r0, 0x540b, 0x1) [ 694.451311][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 16:50:50 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f00000000c0)) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 694.769871][T16193] Bluetooth: hci10: command 0x1003 tx timeout [ 694.776476][ T46] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:50:50 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) ftruncate(r1, 0x896d) r2 = syz_open_dev$usbmon(&(0x7f0000000000), 0x401, 0x20000) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000280)) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x7}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {r2}}, './file0\x00'}) ioctl$EVIOCGPROP(r3, 0x80404509, &(0x7f0000000480)=""/198) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 695.249665][ T25] Bluetooth: hci11: command 0x1003 tx timeout [ 695.249823][ T3644] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 695.307662][ T3642] Bluetooth: hci11: sending frame failed (-49) [ 695.315056][ T3644] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:50:51 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) ftruncate(r1, 0x896d) (async) r2 = syz_open_dev$usbmon(&(0x7f0000000000), 0x401, 0x20000) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000280)) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x7}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {r2}}, './file0\x00'}) ioctl$EVIOCGPROP(r3, 0x80404509, &(0x7f0000000480)=""/198) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:51 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x600) fsetxattr$security_capability(r1, &(0x7f00000000c0), &(0x7f0000000180)=@v2={0x2000000, [{0x0, 0x4}, {0x8, 0x80}]}, 0x14, 0x3) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x600) (async) fsetxattr$security_capability(r1, &(0x7f00000000c0), &(0x7f0000000180)=@v2={0x2000000, [{0x0, 0x4}, {0x8, 0x80}]}, 0x14, 0x3) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 696.460100][ T8020] Bluetooth: hci6: command 0x1003 tx timeout [ 696.466612][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 696.469650][ T3638] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 696.474554][ T8020] Bluetooth: hci7: command 0x1003 tx timeout [ 696.486980][ T3636] Bluetooth: hci6: sending frame failed (-49) [ 696.494927][ T3638] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 696.529922][T16193] Bluetooth: hci9: command 0x1003 tx timeout [ 696.530215][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 696.536644][T16193] Bluetooth: hci8: command 0x1003 tx timeout [ 696.542773][ T3625] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:50:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x80800, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xd) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) syz_open_pts(0xffffffffffffffff, 0x84780) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) sendfile(r4, r3, 0x0, 0x40000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:51 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x9) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x80000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x81, 0x81, 0x0, 0x96, 0x8, 0x3, 0x3e, 0x6, 0x3b6, 0x40, 0x9, 0x84, 0x1f, 0x38, 0x1, 0x5e6, 0x8001, 0x6}, [{0x60000000, 0x4, 0x20, 0x1, 0xf227, 0x8, 0x1f, 0x10000}, {0x60000000, 0x8, 0x2, 0x9, 0xfffffffffffff931, 0x2, 0x7, 0x1ff}], "2aea10bcd4c5f923ef4ac58728a485724640d58b1f3657f150462c882fa6cdde2616630bebcf936a0a88781f6110f10a6aad96d2174eeb7a0f5e3ba82103021c55881c3d769e0c3dcdd4ac55a92a5fd347402a91aaf2cb4973d50355dfb89f0bb4f8d534708013fc774e02dbc891867814baadb52a1f4329890e15476ef94f29072f0522074033b21617a4f991a8184112a57b748b69c88d67e058b3019c6ae4847283a99b9b38e2d75fe885f8503dfd3a143f461adada0e9787f22d5098501a4d0073a70515cf0cb64b3867e87ce4a03f0eeee2b9ee3de515068898d68b9508b5807d58a9a1e198982a6ebc8921"}, 0x19e) ioctl$TCFLSH(r0, 0x540b, 0x1) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x9) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x80000) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x81, 0x81, 0x0, 0x96, 0x8, 0x3, 0x3e, 0x6, 0x3b6, 0x40, 0x9, 0x84, 0x1f, 0x38, 0x1, 0x5e6, 0x8001, 0x6}, [{0x60000000, 0x4, 0x20, 0x1, 0xf227, 0x8, 0x1f, 0x10000}, {0x60000000, 0x8, 0x2, 0x9, 0xfffffffffffff931, 0x2, 0x7, 0x1ff}], "2aea10bcd4c5f923ef4ac58728a485724640d58b1f3657f150462c882fa6cdde2616630bebcf936a0a88781f6110f10a6aad96d2174eeb7a0f5e3ba82103021c55881c3d769e0c3dcdd4ac55a92a5fd347402a91aaf2cb4973d50355dfb89f0bb4f8d534708013fc774e02dbc891867814baadb52a1f4329890e15476ef94f29072f0522074033b21617a4f991a8184112a57b748b69c88d67e058b3019c6ae4847283a99b9b38e2d75fe885f8503dfd3a143f461adada0e9787f22d5098501a4d0073a70515cf0cb64b3867e87ce4a03f0eeee2b9ee3de515068898d68b9508b5807d58a9a1e198982a6ebc8921"}, 0x19e) (async) ioctl$TCFLSH(r0, 0x540b, 0x1) (async) [ 696.619134][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 696.619152][ T26] audit: type=1804 audit(1644684651.958:1948): pid=16336 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/612/bus" dev="sda1" ino=1170 res=1 errno=0 16:50:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) pipe2$9p(&(0x7f00000000c0), 0x4000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async) ftruncate(r3, 0x800) (async, rerun: 32) lseek(r2, 0x200, 0x0) (async, rerun: 32) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x10000) (async) ioctl$TCFLSH(r4, 0x540b, 0x1) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r5 = creat(0x0, 0x0) ftruncate(r5, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async, rerun: 32) sendfile(r5, 0xffffffffffffffff, 0x0, 0x10000) (rerun: 32) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 696.652794][ T26] audit: type=1800 audit(1644684651.958:1949): pid=16336 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1170 res=0 errno=0 [ 696.747435][ T26] audit: type=1804 audit(1644684652.078:1950): pid=16352 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/658/bus" dev="sda1" ino=1182 res=1 errno=0 [ 696.846207][ T26] audit: type=1804 audit(1644684652.178:1951): pid=16345 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/689/bus" dev="sda1" ino=1183 res=1 errno=0 [ 696.873327][ T46] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 696.879667][ T915] Bluetooth: hci10: command 0x1003 tx timeout 16:50:52 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async, rerun: 64) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (rerun: 64) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f00000000c0)) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 64) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 696.886647][ T26] audit: type=1800 audit(1644684652.178:1952): pid=16345 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1183 res=0 errno=0 16:50:52 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f00000000c0)) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:50:53 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) ftruncate(r1, 0x896d) r2 = syz_open_dev$usbmon(&(0x7f0000000000), 0x401, 0x20000) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000280)) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x7}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {r2}}, './file0\x00'}) ioctl$EVIOCGPROP(r3, 0x80404509, &(0x7f0000000480)=""/198) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) socket$nl_sock_diag(0x10, 0x3, 0x4) (async) ftruncate(r1, 0x896d) (async) syz_open_dev$usbmon(&(0x7f0000000000), 0x401, 0x20000) (async) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000280)) (async) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x7}) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {r2}}, './file0\x00'}) (async) ioctl$EVIOCGPROP(r3, 0x80404509, &(0x7f0000000480)=""/198) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 698.209816][T16196] Bluetooth: hci11: command 0x1003 tx timeout [ 698.219875][ T3644] Bluetooth: hci11: Opcode 0x1003 failed: -110 16:50:53 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x600) fsetxattr$security_capability(r1, &(0x7f00000000c0), &(0x7f0000000180)=@v2={0x2000000, [{0x0, 0x4}, {0x8, 0x80}]}, 0x14, 0x3) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x600) (async) fsetxattr$security_capability(r1, &(0x7f00000000c0), &(0x7f0000000180)=@v2={0x2000000, [{0x0, 0x4}, {0x8, 0x80}]}, 0x14, 0x3) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 698.609901][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 698.618197][ T7] Bluetooth: hci6: command tx timeout 16:50:54 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x80800, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xd) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) syz_open_pts(0xffffffffffffffff, 0x84780) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) sendfile(r4, r3, 0x0, 0x40000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x80800, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xd) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r2, r3, 0x0, 0x10000) (async) syz_open_pts(0xffffffffffffffff, 0x84780) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async) sendfile(r4, r3, 0x0, 0x40000) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 698.690557][ T3671] Bluetooth: hci7: command 0x1003 tx timeout [ 698.700038][ T3640] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 698.748879][ T26] audit: type=1804 audit(1644684654.078:1953): pid=16397 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/613/bus" dev="sda1" ino=1170 res=1 errno=0 [ 698.777051][ T3638] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:50:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) pipe2$9p(&(0x7f00000000c0), 0x4000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async) ftruncate(r3, 0x800) (async, rerun: 32) lseek(r2, 0x200, 0x0) (async, rerun: 32) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x10000) (async) ioctl$TCFLSH(r4, 0x540b, 0x1) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r5 = creat(0x0, 0x0) ftruncate(r5, 0x800) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async, rerun: 32) sendfile(r5, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 698.785112][ T26] audit: type=1800 audit(1644684654.078:1954): pid=16397 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1170 res=0 errno=0 16:50:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 698.845782][ T26] audit: type=1804 audit(1644684654.178:1955): pid=16403 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/659/bus" dev="sda1" ino=1182 res=1 errno=0 [ 698.849828][ T3671] Bluetooth: hci9: command 0x1003 tx timeout [ 698.872765][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -110 16:50:54 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000040)={0x3ff, 0x81, 0x9, 0x0, 0x12, "8fb34f0edc765669fa795df5a0e63d3695d929"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) pipe(&(0x7f0000000000)) [ 698.933470][ T3638] Bluetooth: hci8: sending frame failed (-49) [ 698.941868][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 698.978636][ T26] audit: type=1804 audit(1644684654.318:1956): pid=16413 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/690/bus" dev="sda1" ino=1182 res=1 errno=0 16:50:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) [ 699.025090][ T26] audit: type=1800 audit(1644684654.318:1957): pid=16413 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:50:54 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) syz_open_dev$tty1(0xc, 0x4, 0x2) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r3 = openat$incfs(r1, &(0x7f0000000180)='.pending_reads\x00', 0x400, 0x112) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000001c0)=0x5) fchdir(r2) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x4, 0x7df5ad2e, 0x5, 0x7, 0x5, "0b3f9ead8306410852cbac97c0cd4c912a5177"}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 699.089851][ T46] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 699.099857][ T7] Bluetooth: hci10: command 0x1003 tx timeout [ 699.202296][ T3642] Bluetooth: hci10: sending frame failed (-49) [ 699.211334][ T3638] Bluetooth: hci10: Opcode 0x1003 failed: -49 16:50:54 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) syz_open_dev$tty1(0xc, 0x4, 0x2) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r3 = openat$incfs(r1, &(0x7f0000000180)='.pending_reads\x00', 0x400, 0x112) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000001c0)=0x5) fchdir(r2) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x4, 0x7df5ad2e, 0x5, 0x7, 0x5, "0b3f9ead8306410852cbac97c0cd4c912a5177"}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) syz_open_dev$tty1(0xc, 0x4, 0x2) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) openat$incfs(r1, &(0x7f0000000180)='.pending_reads\x00', 0x400, 0x112) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000001c0)=0x5) (async) fchdir(r2) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x4, 0x7df5ad2e, 0x5, 0x7, 0x5, "0b3f9ead8306410852cbac97c0cd4c912a5177"}) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) [ 699.302111][ T3638] Bluetooth: hci10: sending frame failed (-49) [ 699.314162][ T3642] Bluetooth: hci10: Opcode 0x1003 failed: -49 [ 700.289614][T16193] Bluetooth: hci11: command 0x1003 tx timeout [ 700.299875][ T3644] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 700.311749][T16379] warn_alloc: 30 callbacks suppressed [ 700.311765][T16379] syz-executor.0: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 700.336604][T16379] CPU: 1 PID: 16379 Comm: syz-executor.0 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 700.347388][T16379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 700.357571][T16379] Call Trace: [ 700.361016][T16379] [ 700.363970][T16379] dump_stack_lvl+0xcd/0x134 [ 700.368582][T16379] warn_alloc.cold+0x9b/0x189 [ 700.373275][T16379] ? zone_watermark_ok_safe+0x290/0x290 [ 700.378957][T16379] ? __kmalloc_node+0x62/0x390 [ 700.383752][T16379] ? __vmalloc_node_range+0x7bf/0x1060 [ 700.389223][T16379] __vmalloc_node_range+0xe1e/0x1060 [ 700.394713][T16379] ? vfree_atomic+0xe0/0xe0 [ 700.399205][T16379] ? n_tty_open+0x16/0x170 [ 700.403637][T16379] vzalloc+0x67/0x80 [ 700.407778][T16379] ? n_tty_open+0x16/0x170 [ 700.412265][T16379] n_tty_open+0x16/0x170 [ 700.416610][T16379] ? n_tty_set_termios+0x1010/0x1010 [ 700.423144][T16379] tty_ldisc_open+0x9b/0x110 [ 700.427936][T16379] tty_set_ldisc+0x2f1/0x680 [ 700.432794][T16379] tty_ioctl+0xae0/0x1660 [ 700.437133][T16379] ? tty_lookup_driver+0x550/0x550 [ 700.442259][T16379] ? find_held_lock+0x2d/0x110 [ 700.447196][T16379] ? __fget_files+0x28c/0x470 [ 700.451866][T16379] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 700.458582][T16379] ? tty_lookup_driver+0x550/0x550 [ 700.463868][T16379] __x64_sys_ioctl+0x193/0x200 [ 700.468634][T16379] do_syscall_64+0x35/0xb0 [ 700.473252][T16379] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 700.479158][T16379] RIP: 0033:0x7fef70383059 [ 700.483577][T16379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 700.504573][T16379] RSP: 002b:00007fef6ecd7168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 700.513080][T16379] RAX: ffffffffffffffda RBX: 00007fef70496030 RCX: 00007fef70383059 [ 700.521041][T16379] RDX: 0000000020000100 RSI: 0000000000005423 RDI: 0000000000000003 [ 700.529025][T16379] RBP: 00007fef703dd08d R08: 0000000000000000 R09: 0000000000000000 [ 700.536979][T16379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 700.544939][T16379] R13: 00007ffc5492c60f R14: 00007fef6ecd7300 R15: 0000000000022000 [ 700.552921][T16379] [ 700.569667][T16379] Mem-Info: [ 700.573027][T16379] active_anon:2651 inactive_anon:147617 isolated_anon:0 [ 700.573027][T16379] active_file:4203 inactive_file:7666 isolated_file:0 [ 700.573027][T16379] unevictable:768 dirty:1 writeback:0 [ 700.573027][T16379] slab_reclaimable:19273 slab_unreclaimable:95834 [ 700.573027][T16379] mapped:27869 shmem:4135 pagetables:793 bounce:0 [ 700.573027][T16379] kernel_misc_reclaimable:0 [ 700.573027][T16379] free:1322047 free_pcp:10828 free_cma:0 [ 700.617090][T16379] Node 0 active_anon:10596kB inactive_anon:589536kB active_file:16736kB inactive_file:30664kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111476kB dirty:4kB writeback:0kB shmem:14064kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 440320kB writeback_tmp:0kB kernel_stack:10928kB pagetables:3168kB all_unreclaimable? no [ 700.649275][T16379] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 700.681803][T16379] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 700.689759][ T3671] Bluetooth: hci6: command 0x1003 tx timeout [ 700.709502][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 700.715567][T16379] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 700.756586][T16379] Node 0 DMA32 free:1322496kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10596kB inactive_anon:589536kB active_file:16736kB inactive_file:30664kB unevictable:1536kB writepending:4kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:41348kB local_pcp:20252kB free_cma:0kB [ 700.789962][ T3640] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 700.790011][T16196] Bluetooth: hci7: command 0x1003 tx timeout 16:50:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x80800, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xd) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async, rerun: 64) syz_open_pts(0xffffffffffffffff, 0x84780) (async, rerun: 64) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64) sendfile(r4, r3, 0x0, 0x40000) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 700.819718][T16379] lowmem_reserve[]: 0 0 0 0 0 [ 700.828062][T16379] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 700.857449][T16379] lowmem_reserve[]: 0 0 0 0 0 16:50:56 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x230a02, 0x0) ioctl$TCFLSH(r1, 0x540b, 0x1) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x1b) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) r4 = creat(&(0x7f0000000180)='./bus\x00', 0x6a) read$hiddev(r4, &(0x7f0000000280)=""/162, 0xa2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 700.862929][T16379] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 700.904434][T16379] lowmem_reserve[]: 0 0 0 0 0 [ 700.909405][T16379] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 700.938572][ T3625] Bluetooth: hci6: sending frame failed (-49) [ 700.949948][ T3640] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 700.964465][T16379] Node 0 DMA32: 26*4kB (UME) 919*8kB (UME) 1873*16kB (UME) 622*32kB (UME) 348*64kB (UME) 164*128kB (UME) 66*256kB (UME) 38*512kB (UME) 22*1024kB (UE) 15*2048kB (UME) 277*4096kB (UM) = 1324784kB [ 700.984581][T16379] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 700.997169][T16379] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 701.015665][T16379] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 701.027135][T16379] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 701.036982][T16379] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 701.046897][T16379] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 701.056637][T16379] 16005 total pagecache pages [ 701.061725][T16379] 0 pages in swap cache 16:50:56 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000040)={0x3ff, 0x81, 0x9, 0x0, 0x12, "8fb34f0edc765669fa795df5a0e63d3695d929"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) pipe(&(0x7f0000000000)) [ 701.065879][T16379] Swap cache stats: add 0, delete 0, find 0/0 [ 701.072280][T16379] Free swap = 0kB [ 701.075999][T16379] Total swap = 0kB [ 701.080049][T16379] 2097051 pages RAM [ 701.083866][T16379] 0 pages HighMem/MovableOnly [ 701.090053][ T3671] Bluetooth: hci8: command 0x1003 tx timeout [ 701.090743][T16379] 384548 pages reserved [ 701.100910][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 701.109835][T16379] 0 pages cma reserved [ 701.249748][ T3671] Bluetooth: hci9: command 0x1003 tx timeout [ 701.256366][ T46] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 701.409795][ T3642] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 701.409963][ T3671] Bluetooth: hci10: command 0x1003 tx timeout [ 703.009909][ T3671] Bluetooth: hci7: command 0x1003 tx timeout [ 703.010002][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:50:58 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000180)=@v2={0x2000000, [{0xc7, 0x7ff}, {0x80000001, 0x4}]}, 0x14, 0x2) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x7, 0x3f, 0x4, 0x0, 0x12, "d1c7f1438e985106097257619e0ab5384eba7a"}) 16:50:58 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (rerun: 32) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:50:58 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) syz_open_dev$tty1(0xc, 0x4, 0x2) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r3 = openat$incfs(r1, &(0x7f0000000180)='.pending_reads\x00', 0x400, 0x112) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000001c0)=0x5) fchdir(r2) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x4, 0x7df5ad2e, 0x5, 0x7, 0x5, "0b3f9ead8306410852cbac97c0cd4c912a5177"}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) syz_open_dev$tty1(0xc, 0x4, 0x2) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) openat$incfs(r1, &(0x7f0000000180)='.pending_reads\x00', 0x400, 0x112) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000001c0)=0x5) (async) fchdir(r2) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x4, 0x7df5ad2e, 0x5, 0x7, 0x5, "0b3f9ead8306410852cbac97c0cd4c912a5177"}) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) 16:50:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x305a40, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x92) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r3, 0x0, 0x3) ioctl$FIONREAD(r3, 0x541b, &(0x7f0000000000)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f00000001c0)={0xe155, 0x6, 0x2, 0x2, 0x8, "3160f3cc378c43dce217804c837d6a8072d093", 0x0, 0x9e8}) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$RTC_RD_TIME(r2, 0x80247009, &(0x7f0000000180)) 16:50:58 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x230a02, 0x0) ioctl$TCFLSH(r1, 0x540b, 0x1) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x1b) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) r4 = creat(&(0x7f0000000180)='./bus\x00', 0x6a) read$hiddev(r4, &(0x7f0000000280)=""/162, 0xa2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x230a02, 0x0) (async) ioctl$TCFLSH(r1, 0x540b, 0x1) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x1b) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) creat(&(0x7f0000000180)='./bus\x00', 0x6a) (async) read$hiddev(r4, &(0x7f0000000280)=""/162, 0xa2) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 703.169698][ T25] Bluetooth: hci6: command 0x1003 tx timeout [ 703.180045][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 703.223340][ T3644] Bluetooth: hci6: sending frame failed (-49) [ 703.232855][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 703.249835][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 703.265852][ T26] kauditd_printk_skb: 7 callbacks suppressed 16:50:58 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000040)={0x3ff, 0x81, 0x9, 0x0, 0x12, "8fb34f0edc765669fa795df5a0e63d3695d929"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) pipe(&(0x7f0000000000)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000040)={0x3ff, 0x81, 0x9, 0x0, 0x12, "8fb34f0edc765669fa795df5a0e63d3695d929"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) pipe(&(0x7f0000000000)) (async) 16:50:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x305a40, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x92) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r3, 0x0, 0x3) ioctl$FIONREAD(r3, 0x541b, &(0x7f0000000000)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f00000001c0)={0xe155, 0x6, 0x2, 0x2, 0x8, "3160f3cc378c43dce217804c837d6a8072d093", 0x0, 0x9e8}) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$RTC_RD_TIME(r2, 0x80247009, &(0x7f0000000180)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x305a40, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) creat(&(0x7f00000000c0)='./bus\x00', 0x92) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r3, 0x0, 0x3) (async) ioctl$FIONREAD(r3, 0x541b, &(0x7f0000000000)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f00000001c0)={0xe155, 0x6, 0x2, 0x2, 0x8, "3160f3cc378c43dce217804c837d6a8072d093", 0x0, 0x9e8}) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) ioctl$RTC_RD_TIME(r2, 0x80247009, &(0x7f0000000180)) (async) [ 703.265866][ T26] audit: type=1804 audit(1644684658.598:1965): pid=16465 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/682/bus" dev="sda1" ino=1183 res=1 errno=0 16:50:58 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x93) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 703.374798][ T26] audit: type=1800 audit(1644684658.618:1966): pid=16465 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1183 res=0 errno=0 [ 703.411083][ T3644] Bluetooth: hci6: sending frame failed (-49) [ 703.418367][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 703.427996][ T26] audit: type=1804 audit(1644684658.618:1967): pid=16469 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/615/bus" dev="sda1" ino=1181 res=1 errno=0 [ 703.458422][ T26] audit: type=1800 audit(1644684658.618:1968): pid=16469 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1181 res=0 errno=0 [ 703.480374][ T26] audit: type=1804 audit(1644684658.638:1969): pid=16472 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/672/bus" dev="sda1" ino=1171 res=1 errno=0 [ 703.505922][ T26] audit: type=1800 audit(1644684658.638:1970): pid=16472 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1171 res=0 errno=0 16:50:58 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x93) (async, rerun: 32) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async, rerun: 32) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async, rerun: 64) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (rerun: 64) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async, rerun: 32) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async, rerun: 32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 703.527535][ T26] audit: type=1804 audit(1644684658.668:1971): pid=16493 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1628300500/syzkaller.Edf8Bu/692/bus" dev="sda1" ino=1184 res=1 errno=0 [ 703.578636][ T26] audit: type=1800 audit(1644684658.668:1972): pid=16493 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1184 res=0 errno=0 16:50:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x305a40, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x92) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r3, 0x0, 0x3) (async) ioctl$FIONREAD(r3, 0x541b, &(0x7f0000000000)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f00000001c0)={0xe155, 0x6, 0x2, 0x2, 0x8, "3160f3cc378c43dce217804c837d6a8072d093", 0x0, 0x9e8}) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$RTC_RD_TIME(r2, 0x80247009, &(0x7f0000000180)) 16:50:59 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 703.610068][ T26] audit: type=1804 audit(1644684658.788:1973): pid=16499 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/616/bus" dev="sda1" ino=1181 res=1 errno=0 [ 703.647645][ T26] audit: type=1800 audit(1644684658.788:1974): pid=16499 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1181 res=0 errno=0 16:50:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x3) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xb) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000180)=0x7) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:50:59 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000180)=@v2={0x2000000, [{0xc7, 0x7ff}, {0x80000001, 0x4}]}, 0x14, 0x2) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x7, 0x3f, 0x4, 0x0, 0x12, "d1c7f1438e985106097257619e0ab5384eba7a"}) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000180)=@v2={0x2000000, [{0xc7, 0x7ff}, {0x80000001, 0x4}]}, 0x14, 0x2) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x7, 0x3f, 0x4, 0x0, 0x12, "d1c7f1438e985106097257619e0ab5384eba7a"}) (async) 16:50:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x93) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 703.855612][T16559] sp0: Synchronizing with TNC 16:51:00 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/input/devices\x00', 0x0, 0x0) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) 16:51:00 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x100000f) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)=0xc) r4 = creat(0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x16) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000000c0)={0x1, 0x2}) ftruncate(r4, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r1, r1, 0x0, 0xffffffffffffffff) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) syz_open_pts(0xffffffffffffffff, 0x84401) [ 705.249906][ T3671] Bluetooth: hci7: command 0x1003 tx timeout [ 705.249932][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 705.329925][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 705.809794][ T3671] Bluetooth: hci8: command 0x1003 tx timeout [ 705.809872][ T3644] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 705.822730][ T3636] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 705.830016][ T915] Bluetooth: hci6: command tx timeout [ 707.329856][ T3671] Bluetooth: hci7: command 0x1003 tx timeout [ 707.339878][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:51:02 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x230a02, 0x0) ioctl$TCFLSH(r1, 0x540b, 0x1) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x1b) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) r4 = creat(&(0x7f0000000180)='./bus\x00', 0x6a) read$hiddev(r4, &(0x7f0000000280)=""/162, 0xa2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x230a02, 0x0) (async) ioctl$TCFLSH(r1, 0x540b, 0x1) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x1b) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) creat(&(0x7f0000000180)='./bus\x00', 0x6a) (async) read$hiddev(r4, &(0x7f0000000280)=""/162, 0xa2) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) 16:51:02 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000180)=@v2={0x2000000, [{0xc7, 0x7ff}, {0x80000001, 0x4}]}, 0x14, 0x2) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x7, 0x3f, 0x4, 0x0, 0x12, "d1c7f1438e985106097257619e0ab5384eba7a"}) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000180)=@v2={0x2000000, [{0xc7, 0x7ff}, {0x80000001, 0x4}]}, 0x14, 0x2) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x7, 0x3f, 0x4, 0x0, 0x12, "d1c7f1438e985106097257619e0ab5384eba7a"}) (async) 16:51:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x100000f) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)=0xc) (async) r4 = creat(0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x16) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000000c0)={0x1, 0x2}) ftruncate(r4, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r1, r1, 0x0, 0xffffffffffffffff) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) syz_open_pts(0xffffffffffffffff, 0x84401) 16:51:02 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x3) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xb) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000180)=0x7) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x3) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xb) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000180)=0x7) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:51:02 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 32) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:51:02 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/input/devices\x00', 0x0, 0x0) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) [ 707.410058][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 707.410051][ T3684] Bluetooth: hci9: command 0x1003 tx timeout [ 707.495675][ T46] Bluetooth: hci9: sending frame failed (-49) [ 707.506199][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 707.552679][T16603] sp0: Synchronizing with TNC [ 707.656043][T16623] ptm ptm7: ldisc open failed (-12), clearing slot 7 16:51:03 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x100000f) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)=0xc) (async) r4 = creat(0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x16) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000000c0)={0x1, 0x2}) (async) ftruncate(r4, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r1, r1, 0x0, 0xffffffffffffffff) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) syz_open_pts(0xffffffffffffffff, 0x84401) 16:51:03 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0xb1e, 0x8, 0x1, 0xc7, 0x10, "d3cfb9c52a21b20aaa191b28f488f512a28fca"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x8, 0x3ff, 0xc4, 0xffffffff, 0xa, "1776f8ff10e3fe7e9088560f176e73508a7195"}) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000180)) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:51:03 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0xb1e, 0x8, 0x1, 0xc7, 0x10, "d3cfb9c52a21b20aaa191b28f488f512a28fca"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x8, 0x3ff, 0xc4, 0xffffffff, 0xa, "1776f8ff10e3fe7e9088560f176e73508a7195"}) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000180)) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) syz_open_dev$ttys(0xc, 0x2, 0x0) (async) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0xb1e, 0x8, 0x1, 0xc7, 0x10, "d3cfb9c52a21b20aaa191b28f488f512a28fca"}) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r3, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x8, 0x3ff, 0xc4, 0xffffffff, 0xa, "1776f8ff10e3fe7e9088560f176e73508a7195"}) (async) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000180)) (async) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x2) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) [ 708.051086][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 708.058697][ T46] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:51:04 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:51:04 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$VT_WAITACTIVE(r2, 0x5607) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 709.489685][ T25] Bluetooth: hci8: command 0x1003 tx timeout [ 709.489859][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 709.502693][ T915] Bluetooth: hci7: command 0x1003 tx timeout [ 709.508812][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 709.515120][ T3640] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:51:04 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/input/devices\x00', 0x0, 0x0) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) [ 709.569669][ T3676] Bluetooth: hci10: command 0x1003 tx timeout [ 709.569719][ T3625] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 709.633769][ T3642] Bluetooth: hci6: sending frame failed (-49) [ 709.642300][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 709.653248][ T26] kauditd_printk_skb: 21 callbacks suppressed [ 709.653267][ T26] audit: type=1804 audit(1644684664.988:1996): pid=16659 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/675/bus" dev="sda1" ino=1173 res=1 errno=0 [ 709.685074][ T26] audit: type=1800 audit(1644684664.988:1997): pid=16659 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1173 res=0 errno=0 16:51:05 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x5, 0x5, 0x1, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:51:05 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:51:05 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x3) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xb) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000180)=0x7) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x3) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xb) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000180)=0x7) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 709.732708][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 709.757836][T16670] ptm ptm5: ldisc open failed (-12), clearing slot 5 16:51:05 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x5, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x2a0003, 0xc) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 709.837869][ T3625] Bluetooth: hci6: sending frame failed (-49) [ 709.845275][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:51:05 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x5, 0x5, 0x1, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x5, 0x5, 0x1, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 709.902969][ T26] audit: type=1804 audit(1644684665.238:1998): pid=16684 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/620/bus" dev="sda1" ino=1182 res=1 errno=0 [ 709.929165][ T3640] Bluetooth: hci8: sending frame failed (-49) [ 709.936520][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 709.937626][ T26] audit: type=1800 audit(1644684665.238:1999): pid=16684 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 709.967767][T16686] sp0: Synchronizing with TNC 16:51:05 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ftruncate(0xffffffffffffffff, 0x800) lseek(0xffffffffffffffff, 0x5, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x2a0003, 0xc) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(0xffffffffffffffff, 0x5, 0x0) (async) open(&(0x7f0000000180)='./bus\x00', 0x2a0003, 0xc) (async) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) 16:51:05 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0xb1e, 0x8, 0x1, 0xc7, 0x10, "d3cfb9c52a21b20aaa191b28f488f512a28fca"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x8, 0x3ff, 0xc4, 0xffffffff, 0xa, "1776f8ff10e3fe7e9088560f176e73508a7195"}) (async) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000180)) (async) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x2) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 710.125409][ T3636] Bluetooth: hci9: sending frame failed (-49) [ 710.130050][ T46] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 710.132534][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:51:05 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$VT_WAITACTIVE(r2, 0x5607) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$VT_WAITACTIVE(r2, 0x5607) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 710.208039][T16709] ptm ptm3: ldisc open failed (-12), clearing slot 3 [ 710.262790][ T26] audit: type=1804 audit(1644684665.598:2000): pid=16733 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/676/bus" dev="sda1" ino=1173 res=1 errno=0 [ 710.289775][ T26] audit: type=1800 audit(1644684665.618:2001): pid=16733 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1173 res=0 errno=0 [ 710.385627][T16732] warn_alloc: 20 callbacks suppressed [ 710.385644][T16732] syz-executor.0: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 710.418086][T16732] CPU: 1 PID: 16732 Comm: syz-executor.0 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 710.428692][T16732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 710.438729][T16732] Call Trace: [ 710.441997][T16732] [ 710.444927][T16732] dump_stack_lvl+0xcd/0x134 [ 710.449513][T16732] warn_alloc.cold+0x9b/0x189 [ 710.454201][T16732] ? zone_watermark_ok_safe+0x290/0x290 [ 710.459762][T16732] ? __kmalloc_node+0x62/0x390 [ 710.464569][T16732] ? __vmalloc_node_range+0x7bf/0x1060 [ 710.470023][T16732] __vmalloc_node_range+0xe1e/0x1060 [ 710.475792][T16732] ? vfree_atomic+0xe0/0xe0 [ 710.480464][T16732] ? rcu_read_lock_sched_held+0x3a/0x70 [ 710.486025][T16732] ? kernel_clone+0xe7/0xab0 [ 710.490608][T16732] copy_process+0x926/0x7300 [ 710.495185][T16732] ? kernel_clone+0xe7/0xab0 [ 710.499761][T16732] ? lock_chain_count+0x20/0x20 [ 710.504601][T16732] ? lock_chain_count+0x20/0x20 [ 710.509450][T16732] ? find_held_lock+0x2d/0x110 [ 710.514248][T16732] ? __cleanup_sighand+0xb0/0xb0 [ 710.519191][T16732] ? lock_downgrade+0x6e0/0x6e0 [ 710.524050][T16732] ? __lock_acquire+0x1655/0x5470 [ 710.529070][T16732] ? kernel_clone+0x314/0xab0 [ 710.533943][T16732] kernel_clone+0xe7/0xab0 [ 710.538348][T16732] ? create_io_thread+0xf0/0xf0 [ 710.543194][T16732] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 710.549162][T16732] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 710.555165][T16732] ? find_held_lock+0x2d/0x110 [ 710.559917][T16732] __do_sys_clone+0xc8/0x110 [ 710.564502][T16732] ? kernel_clone+0xab0/0xab0 [ 710.569164][T16732] ? lock_downgrade+0x6e0/0x6e0 [ 710.574010][T16732] ? syscall_enter_from_user_mode+0x21/0x70 [ 710.579930][T16732] do_syscall_64+0x35/0xb0 [ 710.584442][T16732] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 710.590324][T16732] RIP: 0033:0x7fef70384481 [ 710.594724][T16732] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 710.614340][T16732] RSP: 002b:00007ffc5492c558 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 710.622740][T16732] RAX: ffffffffffffffda RBX: 00007fef6ebcf700 RCX: 00007fef70384481 [ 710.630701][T16732] RDX: 00007fef6ebcf9d0 RSI: 00007fef6ebcf2f0 RDI: 00000000003d0f00 [ 710.638657][T16732] RBP: 00007ffc5492c7a0 R08: 00007fef6ebcf700 R09: 00007fef6ebcf700 [ 710.646614][T16732] R10: 00007fef6ebcf9d0 R11: 0000000000000206 R12: 00007ffc5492c60e [ 710.654978][T16732] R13: 00007ffc5492c60f R14: 00007fef6ebcf300 R15: 0000000000022000 [ 710.662980][T16732] [ 710.671935][T16732] Mem-Info: [ 710.675288][T16732] active_anon:2657 inactive_anon:147643 isolated_anon:0 [ 710.675288][T16732] active_file:4211 inactive_file:7666 isolated_file:0 [ 710.675288][T16732] unevictable:768 dirty:21 writeback:8 [ 710.675288][T16732] slab_reclaimable:19303 slab_unreclaimable:96037 [ 710.675288][T16732] mapped:27893 shmem:4141 pagetables:806 bounce:0 [ 710.675288][T16732] kernel_misc_reclaimable:0 [ 710.675288][T16732] free:1325034 free_pcp:9162 free_cma:0 [ 710.720553][T16732] Node 0 active_anon:10620kB inactive_anon:589640kB active_file:16768kB inactive_file:30664kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111572kB dirty:84kB writeback:32kB shmem:14088kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 440320kB writeback_tmp:0kB kernel_stack:10964kB pagetables:3220kB all_unreclaimable? no [ 710.753408][T16732] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 710.783156][T16732] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 710.811300][T16732] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 710.818109][T16732] Node 0 DMA32 free:1332268kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10620kB inactive_anon:589640kB active_file:16768kB inactive_file:30664kB unevictable:1536kB writepending:116kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:35864kB local_pcp:15072kB free_cma:0kB [ 710.850693][T16732] lowmem_reserve[]: 0 0 0 0 0 [ 710.855515][T16732] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 710.882956][T16732] lowmem_reserve[]: 0 0 0 0 0 [ 710.887820][T16732] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 710.919832][T16732] lowmem_reserve[]: 0 0 0 0 0 [ 710.924889][T16732] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 710.937792][T16732] Node 0 DMA32: 135*4kB (UME) 888*8kB (UM) 1813*16kB (UME) 806*32kB (UME) 353*64kB (UME) 164*128kB (UME) 66*256kB (UME) 38*512kB (UME) 22*1024kB (UE) 16*2048kB (UME) 277*4096kB (UM) = 1332268kB [ 710.957161][T16732] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 710.968729][T16732] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 710.987070][T16732] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 710.996842][T16732] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 711.006202][T16732] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 711.015965][T16732] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 711.027245][T16732] 16018 total pagecache pages [ 711.032675][T16732] 0 pages in swap cache [ 711.036823][T16732] Swap cache stats: add 0, delete 0, find 0/0 [ 711.042954][T16732] Free swap = 0kB [ 711.046672][T16732] Total swap = 0kB [ 711.050459][T16732] 2097051 pages RAM [ 711.054259][T16732] 0 pages HighMem/MovableOnly [ 711.058911][T16732] 384548 pages reserved [ 711.063218][T16732] 0 pages cma reserved 16:51:07 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) creat(0x0, 0x0) (async, rerun: 32) ftruncate(0xffffffffffffffff, 0x0) (rerun: 32) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 711.970050][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 711.978329][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 712.021803][ T3625] Bluetooth: hci6: sending frame failed (-49) [ 712.030760][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -49 16:51:07 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) signalfd4(r0, &(0x7f0000000000)={[0x5]}, 0x8, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 712.129989][ T3642] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 712.130076][ T3684] Bluetooth: hci8: command 0x1003 tx timeout 16:51:07 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x5, 0x5, 0x1, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x5, 0x5, 0x1, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 712.210414][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 712.251791][ T3638] Bluetooth: hci9: sending frame failed (-49) [ 712.260494][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -49 [ 712.289899][ T8020] Bluetooth: hci11: command 0x1003 tx timeout 16:51:07 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='pids.events\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x1e, 0x0, "90ffbf1aac6f56ae83dcce1f2b6bb78e4b6000"}) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, &(0x7f0000000280)={0x1, 0x0, {0x1ce0e422, 0x0, 0x5, 0xf93}}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = dup3(r5, r4, 0x0) ioctl$TCXONC(r6, 0x540a, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 712.290044][ T46] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 712.296583][ T3636] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 712.306860][ T3671] Bluetooth: hci10: command 0x1003 tx timeout 16:51:07 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x7) lseek(r5, 0x200, 0x0) r6 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(r6, 0x5402, &(0x7f0000000000)={0x522, 0x3, 0x9, 0xf921, 0x1c, "9000"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 712.420365][ T3640] Bluetooth: hci10: sending frame failed (-49) [ 712.428154][ T46] Bluetooth: hci10: Opcode 0x1003 failed: -49 [ 712.449606][ T26] audit: type=1804 audit(1644684667.778:2002): pid=16759 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir97599979/syzkaller.XKDNkA/672/bus" dev="sda1" ino=1182 res=1 errno=0 [ 712.481160][ T26] audit: type=1800 audit(1644684667.778:2003): pid=16759 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 712.513817][ T26] audit: type=1804 audit(1644684667.788:2004): pid=16760 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/687/bus" dev="sda1" ino=1183 res=1 errno=0 16:51:07 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) (async) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(0xffffffffffffffff, 0x7) lseek(r5, 0x200, 0x0) (async) r6 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(r6, 0x5402, &(0x7f0000000000)={0x522, 0x3, 0x9, 0xf921, 0x1c, "9000"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 712.564496][ T26] audit: type=1800 audit(1644684667.788:2005): pid=16760 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1183 res=0 errno=0 16:51:09 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 714.129876][ T3684] Bluetooth: hci7: command 0x1003 tx timeout [ 714.136079][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:51:09 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ftruncate(0xffffffffffffffff, 0x800) (async) lseek(0xffffffffffffffff, 0x5, 0x0) (async) r1 = open(&(0x7f0000000180)='./bus\x00', 0x2a0003, 0xc) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) (async) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)) (async) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:51:09 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) signalfd4(r0, &(0x7f0000000000)={[0x5]}, 0x8, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) (async) signalfd4(r0, &(0x7f0000000000)={[0x5]}, 0x8, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:51:09 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x1018000, 0xfffffffffffffffc) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0xffffffff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 714.209989][ T3642] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 714.218193][ T3671] Bluetooth: hci8: command 0x1003 tx timeout [ 714.219885][ T3625] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 714.327257][ T3638] Bluetooth: hci8: sending frame failed (-49) [ 714.334801][ T3644] Bluetooth: hci8: Opcode 0x1003 failed: -49 16:51:09 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$VT_WAITACTIVE(r2, 0x5607) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:51:09 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) signalfd4(r0, &(0x7f0000000000)={[0x5]}, 0x8, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) (async) signalfd4(r0, &(0x7f0000000000)={[0x5]}, 0x8, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 714.369944][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 714.370035][ T3671] Bluetooth: hci9: command 0x1003 tx timeout [ 714.403083][T16790] ptm ptm6: ldisc open failed (-12), clearing slot 6 16:51:09 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='pids.events\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x1e, 0x0, "90ffbf1aac6f56ae83dcce1f2b6bb78e4b6000"}) (async, rerun: 64) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (rerun: 64) ftruncate(r3, 0x800) (async, rerun: 64) lseek(r3, 0x200, 0x0) (async, rerun: 64) ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, &(0x7f0000000280)={0x1, 0x0, {0x1ce0e422, 0x0, 0x5, 0xf93}}) (async, rerun: 64) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (rerun: 64) sendfile(r3, r4, 0x0, 0x10000) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) r6 = dup3(r5, r4, 0x0) ioctl$TCXONC(r6, 0x540a, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 714.529801][T16193] Bluetooth: hci11: command 0x1003 tx timeout [ 714.536142][ T46] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 714.659841][ T26] kauditd_printk_skb: 86 callbacks suppressed [ 714.659857][ T26] audit: type=1804 audit(1644684669.998:2092): pid=16818 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/688/bus" dev="sda1" ino=1183 res=1 errno=0 [ 714.692163][T16193] Bluetooth: hci10: command 0x1003 tx timeout [ 714.698792][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:51:10 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) (async) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x7) (async) lseek(r5, 0x200, 0x0) r6 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(r6, 0x5402, &(0x7f0000000000)={0x522, 0x3, 0x9, 0xf921, 0x1c, "9000"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 714.705425][ T26] audit: type=1800 audit(1644684669.998:2093): pid=16818 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1183 res=0 errno=0 [ 714.751107][ T26] audit: type=1804 audit(1644684669.998:2094): pid=16818 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/688/bus" dev="sda1" ino=1183 res=1 errno=0 [ 714.780109][ T26] audit: type=1800 audit(1644684669.998:2095): pid=16818 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1183 res=0 errno=0 [ 714.805988][ T26] audit: type=1804 audit(1644684669.998:2096): pid=16818 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/688/bus" dev="sda1" ino=1183 res=1 errno=0 [ 714.835581][ T26] audit: type=1800 audit(1644684669.998:2097): pid=16818 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1183 res=0 errno=0 [ 714.857752][ T26] audit: type=1804 audit(1644684669.998:2098): pid=16818 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/688/bus" dev="sda1" ino=1183 res=1 errno=0 [ 714.884492][ T26] audit: type=1800 audit(1644684669.998:2099): pid=16818 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1183 res=0 errno=0 [ 714.906373][ T26] audit: type=1804 audit(1644684669.998:2100): pid=16818 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2869705153/syzkaller.uDmYeM/688/bus" dev="sda1" ino=1183 res=1 errno=0 [ 714.933349][ T26] audit: type=1800 audit(1644684669.998:2101): pid=16818 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1183 res=0 errno=0 16:51:10 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async, rerun: 32) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (rerun: 32) r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='pids.events\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x1e, 0x0, "90ffbf1aac6f56ae83dcce1f2b6bb78e4b6000"}) (async) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) (async, rerun: 64) lseek(r3, 0x200, 0x0) (async, rerun: 64) ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, &(0x7f0000000280)={0x1, 0x0, {0x1ce0e422, 0x0, 0x5, 0xf93}}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x10000) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) (async) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) r6 = dup3(r5, r4, 0x0) ioctl$TCXONC(r6, 0x540a, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:51:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x1018000, 0xfffffffffffffffc) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0xffffffff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x1018000, 0xfffffffffffffffc) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0xffffffff) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) [ 716.299816][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:51:11 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x9) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) ioctl$TCXONC(r0, 0x540a, 0x1) open(&(0x7f0000000000)='./bus\x00', 0x2c840, 0x80) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1) ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x8905, &(0x7f00000000c0)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) lseek(r1, 0x9, 0x0) [ 716.360902][ T3638] Bluetooth: hci6: sending frame failed (-49) [ 716.368081][ T3625] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 716.369877][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 716.375248][ T3684] Bluetooth: hci7: command 0x1003 tx timeout 16:51:11 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x9) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) r1 = creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) ioctl$TCXONC(r0, 0x540a, 0x1) (async) open(&(0x7f0000000000)='./bus\x00', 0x2c840, 0x80) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1) (async) ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x8905, &(0x7f00000000c0)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) lseek(r1, 0x9, 0x0) 16:51:11 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000240), 0x228f80, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x4000000d) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) read(r2, &(0x7f0000000180)=""/100, 0x64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$nl_audit(0x10, 0x3, 0x9) ppoll(&(0x7f0000000000)=[{r3, 0x702}], 0x1, &(0x7f0000000040), &(0x7f00000000c0)={[0x2]}, 0x8) [ 716.460248][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:51:11 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x9) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) (async) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) ioctl$TCXONC(r0, 0x540a, 0x1) (async) open(&(0x7f0000000000)='./bus\x00', 0x2c840, 0x80) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1) ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x8905, &(0x7f00000000c0)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) lseek(r1, 0x9, 0x0) [ 716.529695][T16193] Bluetooth: hci9: command 0x1003 tx timeout [ 716.530851][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -110 16:51:11 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) r2 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) ioctl$FIONCLEX(r2, 0x5450) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x101) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) sendfile(r2, r0, &(0x7f00000000c0)=0x3, 0x9) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:51:12 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) r2 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) ioctl$FIONCLEX(r2, 0x5450) (async, rerun: 32) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x101) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) sendfile(r2, r0, &(0x7f00000000c0)=0x3, 0x9) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) [ 716.643753][ T3625] Bluetooth: hci8: sending frame failed (-49) [ 716.651077][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 716.720211][ T3625] Bluetooth: hci8: sending frame failed (-49) [ 716.727769][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -49 16:51:12 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) r2 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) ioctl$FIONCLEX(r2, 0x5450) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x101) (async, rerun: 32) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async, rerun: 32) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) sendfile(r2, r0, &(0x7f00000000c0)=0x3, 0x9) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 64) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 716.849899][T14422] Bluetooth: hci10: command 0x1003 tx timeout [ 716.849899][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 717.489648][T16193] Bluetooth: hci11: command 0x1003 tx timeout [ 717.499840][ T46] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 718.449743][ T3642] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:51:13 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x4b34, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCMBIS(r2, 0x5416, &(0x7f0000000040)) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x8) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:51:13 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3) dup(0xffffffffffffffff) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:51:13 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 32) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async, rerun: 32) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000240), 0x228f80, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x4000000d) (async, rerun: 64) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async, rerun: 64) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) (async, rerun: 64) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (rerun: 64) read(r2, &(0x7f0000000180)=""/100, 0x64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$nl_audit(0x10, 0x3, 0x9) ppoll(&(0x7f0000000000)=[{r3, 0x702}], 0x1, &(0x7f0000000040), &(0x7f00000000c0)={[0x2]}, 0x8) 16:51:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x12) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000280)="c303a3560cae500aa1f809de7398a21a4448e54a5b3c886d583c6790744ecd5cbb9b3e97d7cd4d9a01db187916d5383e0dc101771846bbc1e5b0544a49a6a567882fdbb126bb3c854873c3a081c301be4a4fc8898b5336975793913bb781cc20a8db5d03ecdd2e8cd11e633206") ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x4b) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:51:13 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x1018000, 0xfffffffffffffffc) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0xffffffff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 718.609695][T14422] Bluetooth: hci7: command 0x1003 tx timeout [ 718.609750][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:51:14 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(r0, 0x20) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 718.849619][T16196] Bluetooth: hci8: command 0x1003 tx timeout [ 718.860064][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:51:14 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000240), 0x228f80, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x4000000d) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) read(r2, &(0x7f0000000180)=""/100, 0x64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$nl_audit(0x10, 0x3, 0x9) ppoll(&(0x7f0000000000)=[{r3, 0x702}], 0x1, &(0x7f0000000040), &(0x7f00000000c0)={[0x2]}, 0x8) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000240), 0x228f80, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x4000000d) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) (async) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) read(r2, &(0x7f0000000180)=""/100, 0x64) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) socket$nl_audit(0x10, 0x3, 0x9) (async) ppoll(&(0x7f0000000000)=[{r3, 0x702}], 0x1, &(0x7f0000000040), &(0x7f00000000c0)={[0x2]}, 0x8) (async) 16:51:14 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xc) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)=0xa) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) ftruncate(0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000040)={0xff, 0x5aee228e, 0xec, 0x2, 0x13, "5c5a629989d3612715f6b6ab415dd08247b737"}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, 0x8010, r0, 0x325b3000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:51:15 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xc) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)=0xa) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) ftruncate(0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000040)={0xff, 0x5aee228e, 0xec, 0x2, 0x13, "5c5a629989d3612715f6b6ab415dd08247b737"}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, 0x8010, r0, 0x325b3000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xc) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)=0xa) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) (async) ftruncate(0xffffffffffffffff, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000040)={0xff, 0x5aee228e, 0xec, 0x2, 0x13, "5c5a629989d3612715f6b6ab415dd08247b737"}) (async) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, 0x8010, r0, 0x325b3000) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 719.899145][ T26] kauditd_printk_skb: 58 callbacks suppressed [ 719.899164][ T26] audit: type=1804 audit(1644684675.228:2160): pid=16908 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/682/bus" dev="sda1" ino=1182 res=1 errno=0 16:51:15 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xc) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)=0xa) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) ftruncate(0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000040)={0xff, 0x5aee228e, 0xec, 0x2, 0x13, "5c5a629989d3612715f6b6ab415dd08247b737"}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, 0x8010, r0, 0x325b3000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xc) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)=0xa) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) (async) ftruncate(0xffffffffffffffff, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000040)={0xff, 0x5aee228e, 0xec, 0x2, 0x13, "5c5a629989d3612715f6b6ab415dd08247b737"}) (async) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, 0x8010, r0, 0x325b3000) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 719.932072][ T26] audit: type=1800 audit(1644684675.238:2161): pid=16908 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1182 res=0 errno=0 16:51:15 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 720.017222][ T26] audit: type=1804 audit(1644684675.348:2162): pid=16921 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/683/bus" dev="sda1" ino=1182 res=1 errno=0 [ 720.046070][ T26] audit: type=1800 audit(1644684675.348:2163): pid=16921 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1182 res=0 errno=0 [ 720.112771][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 720.119880][ T3625] Bluetooth: hci11: Opcode 0x1003 failed: -49 16:51:15 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 720.197096][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 720.204539][ T3625] Bluetooth: hci11: Opcode 0x1003 failed: -49 [ 720.689689][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 720.699122][T16879] warn_alloc: 20 callbacks suppressed [ 720.699133][T16879] syz-executor.1: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 720.699739][ T915] Bluetooth: hci7: command 0x1003 tx timeout [ 720.717361][T16879] ,cpuset= [ 720.719184][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 720.731670][T16879] syz1,mems_allowed=0-1 [ 720.759687][T16879] CPU: 0 PID: 16879 Comm: syz-executor.1 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 720.769916][ T3676] Bluetooth: hci10: command 0x1003 tx timeout [ 720.770506][T16879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 720.786740][T16879] Call Trace: [ 720.790028][T16879] [ 720.792957][T16879] dump_stack_lvl+0xcd/0x134 [ 720.797555][T16879] warn_alloc.cold+0x9b/0x189 [ 720.802354][T16879] ? zone_watermark_ok_safe+0x290/0x290 [ 720.807929][T16879] ? __kmalloc_node+0x62/0x390 [ 720.812693][T16879] ? __vmalloc_node_range+0x7bf/0x1060 [ 720.818152][T16879] __vmalloc_node_range+0xe1e/0x1060 [ 720.823469][T16879] ? vfree_atomic+0xe0/0xe0 [ 720.828017][T16879] ? n_tty_open+0x16/0x170 [ 720.832452][T16879] vzalloc+0x67/0x80 [ 720.836606][T16879] ? n_tty_open+0x16/0x170 [ 720.841027][T16879] n_tty_open+0x16/0x170 [ 720.845280][T16879] ? n_tty_set_termios+0x1010/0x1010 [ 720.850560][T16879] tty_ldisc_open+0x9b/0x110 [ 720.855171][T16879] tty_set_ldisc+0x2f1/0x680 [ 720.859854][T16879] tty_ioctl+0xae0/0x1660 [ 720.864209][T16879] ? tty_lookup_driver+0x550/0x550 [ 720.869358][T16879] ? find_held_lock+0x2d/0x110 [ 720.874138][T16879] ? __fget_files+0x28c/0x470 [ 720.878818][T16879] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 720.885053][T16879] ? tty_lookup_driver+0x550/0x550 [ 720.890203][T16879] __x64_sys_ioctl+0x193/0x200 [ 720.895114][T16879] do_syscall_64+0x35/0xb0 [ 720.899532][T16879] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 720.905437][T16879] RIP: 0033:0x7ff25089b059 [ 720.909935][T16879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 720.929797][T16879] RSP: 002b:00007ff24f210168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 720.938356][T16879] RAX: ffffffffffffffda RBX: 00007ff2509adf60 RCX: 00007ff25089b059 [ 720.946413][T16879] RDX: 0000000020000100 RSI: 0000000000005423 RDI: 0000000000000003 [ 720.954472][T16879] RBP: 00007ff2508f508d R08: 0000000000000000 R09: 0000000000000000 [ 720.962454][T16879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.970518][T16879] R13: 00007ffe07e00f7f R14: 00007ff24f210300 R15: 0000000000022000 [ 720.978536][T16879] [ 720.984955][ T3640] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 720.991641][ T46] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 720.991881][T16879] Mem-Info: [ 720.999618][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:51:16 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x4b34, 0x0) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCMBIS(r2, 0x5416, &(0x7f0000000040)) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x8) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 721.043634][T16879] active_anon:2661 inactive_anon:146597 isolated_anon:0 [ 721.043634][T16879] active_file:4224 inactive_file:7663 isolated_file:0 [ 721.043634][T16879] unevictable:768 dirty:27 writeback:0 [ 721.043634][T16879] slab_reclaimable:19279 slab_unreclaimable:95738 [ 721.043634][T16879] mapped:27881 shmem:4145 pagetables:793 bounce:0 [ 721.043634][T16879] kernel_misc_reclaimable:0 [ 721.043634][T16879] free:1325149 free_pcp:10499 free_cma:0 [ 721.087179][T16879] Node 0 active_anon:10636kB inactive_anon:585356kB active_file:16820kB inactive_file:30652kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111524kB dirty:108kB writeback:0kB shmem:14104kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 436224kB writeback_tmp:0kB kernel_stack:10680kB pagetables:3168kB all_unreclaimable? no [ 721.118441][ T26] audit: type=1804 audit(1644684676.418:2164): pid=16948 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/625/bus" dev="sda1" ino=1169 res=1 errno=0 [ 721.153062][ T3636] Bluetooth: hci6: sending frame failed (-49) [ 721.162437][ T3640] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 721.169397][T16879] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 721.171137][ T26] audit: type=1800 audit(1644684676.478:2165): pid=16948 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1169 res=0 errno=0 [ 721.252926][T16879] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 721.284002][T16879] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 721.290298][T16879] Node 0 DMA32 free:1334952kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10644kB inactive_anon:587352kB active_file:16820kB inactive_file:30588kB unevictable:1536kB writepending:104kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:37500kB local_pcp:19588kB free_cma:0kB [ 721.323053][T16879] lowmem_reserve[]: 0 0 0 0 0 [ 721.327859][T16879] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 721.355443][T16879] lowmem_reserve[]: 0 0 0 0 0 [ 721.361935][T16879] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 721.392332][T16879] lowmem_reserve[]: 0 0 0 0 0 [ 721.397147][T16879] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 721.412049][T16879] Node 0 DMA32: 294*4kB (UME) 900*8kB (UME) 1829*16kB (UME) 761*32kB (UME) 366*64kB (UME) 166*128kB (UME) 66*256kB (UME) 38*512kB (UME) 22*1024kB (UE) 17*2048kB (UME) 277*4096kB (UM) = 1334952kB [ 721.432499][T16879] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 721.444243][T16879] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 721.462461][T16879] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 721.476207][T16879] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 721.485744][T16879] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 16:51:16 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3) dup(0xffffffffffffffff) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3) (async) dup(0xffffffffffffffff) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) 16:51:16 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x12) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000280)="c303a3560cae500aa1f809de7398a21a4448e54a5b3c886d583c6790744ecd5cbb9b3e97d7cd4d9a01db187916d5383e0dc101771846bbc1e5b0544a49a6a567882fdbb126bb3c854873c3a081c301be4a4fc8898b5336975793913bb781cc20a8db5d03ecdd2e8cd11e633206") ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x4b) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x12) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000280)="c303a3560cae500aa1f809de7398a21a4448e54a5b3c886d583c6790744ecd5cbb9b3e97d7cd4d9a01db187916d5383e0dc101771846bbc1e5b0544a49a6a567882fdbb126bb3c854873c3a081c301be4a4fc8898b5336975793913bb781cc20a8db5d03ecdd2e8cd11e633206") (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x4b) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) 16:51:16 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(r0, 0x20) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(r0, 0x20) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) 16:51:16 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000440)=0xf) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8041, 0xb6445b68d498dd43) ftruncate(r2, 0x401) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0x19) r3 = openat$cgroup(r2, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000023c0)=[{{&(0x7f0000001fc0)=@abs={0x1, 0x0, 0x4e24}, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0, 0x200048c0}}, {{&(0x7f0000000a00)=@file={0x0, './file0\x00'}, 0x0, &(0x7f0000001f00)=[{&(0x7f0000000a80)="aa809bbeef531a4c19388b72b4d598a3ec0b70af67e1b4ecc6c5d71b27aa2fdf6dfea5b51a8d8963f9d7229c67b0363ad3dc9ddf4fb3c41797c2231c1cd7909c75670ab745ba0fd476d3be784537f93debdbf61ce43bdab0a0e5804000a2cf97e3867214d842"}, {&(0x7f0000000400)="3966ef"}, {&(0x7f0000000b00)="2608d7b38a43772d0e3125687a6c57166065f115486777cde28666d56b6243462062f7f0900bd23cf57bbf2e168710a07d8c47e8bb675745fafb1b6282010f6ef3e3eb05a178ba68a15ccc67c0c7a748fa"}, {&(0x7f0000000b80)="6017d1ec51515929ea81db04ae3005fcc7454ccccf2981cb50f7161ae96d906da139987741cd6604f2f943158d30f676f778cd2a7a9fc5def2b52f1dfc195f2e1803d36ba0e3faf0dd3bffe7dd42edc055808c88de376333dea4835d1a4f2f415dd045d2207a7112a96bd60b83dc222aa2027156afdac48ee627d9c53bc9289fa30a114885ce66f0a2d972b4d8c6de2d03b03ccea24fa48c789d5693467621fa024c8318cf3afdc322650eb0b9594f88566b63b745e9e6619745911777ec574407ae2819b8c66afab3c49945c6d525b7971e71e6971b518f483b788998627f554b69e50ae337322d865868ad7c981f7f338249dbbbdf0fb37293008b6d8a38aba2e2657d5ab5f12cd73e5e0ccef3f18373519a2f3df0f7fcc0a7c10cfab87a5cbbd4acee8c48a4a8311dfc48f43fbc28b26c9aad3ffde95027e9b1108a561e2ec54583ab853ff1baf1017ee8d3fdc50461998568c64bfc28eaf43f8aed1d3bf551fc8fcff9c10c2f4d33d98ed46c5ccf9460f922ebf3f7a71ef5cd4265029b933048b4b28f18481395565c94bd003f0c48c48c9980a1b67c69eb24d85f59619c1c57cb89e7dbdb17404d36f97f52e6d062e40070de951219ebcc94ed1eb8ff05a3e3f4c7b11c0c82c8487ccbea548a3794ba723fb17be987168b5435bb2ee0dcfd512d465c6bd9cad57f34b67574589b3a874395abc9b7732e2828ff91030a34577624d9dff546ffbcd7e52793443dc2ee191073ae801d6c992f54bf71bf083aeaea1e7cb6a4c5625f03eee16ff1a80b688d11a2694b77bb3042be7ad53c28778f09b194a95a5f6b523758a5f3755bc0a680ad240851a7b181984a78311ed0261b3285d6ba1f75e7aac5f8eebbf319023a9ec85ef87a8c5d26644dc2fb65dafd092cd83bef52f8e9a0620b5a735c79920cfd732f5255f73bc9c47359ae1c2f580f1c302d7c7b9194b768d3021b4d19b71da9dfa9c04a0fb9bcc3ab5049af9344a1a7b621ea50a7bb85c2d718ca41e2a108153aa4a175aaf2a9a20eb89412f32e42a503f80d186b8b60893f2dfb995be38d391fd09601f751682b137a2c966e5be7be9f13d0a98cd9d93dd9e159e18b609fbb2e69c3c556de444dee5d13eb8844701733c83a197ad13032741b9497769f585cd0b69707340d9dd78d8643ef47f4744d98f5d99c78fe1398ef3b12f4bc5bf9d9e56d74b90dd1fe52c2c52f2c21fea30cfe08daf97d7ff0e0a5186b23a14378b562c3c6b11c358f6bd2f2a6354fd4d7e68c54a79d23be7b23ac4202b78d8c6aa3da1739d8a21fd3527296b0918b3fd78fa9f86f4310e83c47ac4757732090f29585f67879a47b88f7f2c02056426bb4ac78d96acc795ced965180bda57f27a59bc9a215e2f7c6b152043d1a66d412e9bdc7c9bde9893f490636cbb8d41e3cf2ce3f8399c494d47785629f865d36783b58c206ac7119379f9e2492cc1267d03fe82e7ea8e3c378a56e2af79a58e62f449482e085cf481f26c118d8b19d221cffe357e44423a0915c8568304a747473f186a22d2171d2098dd28e02fb9c8a817cb8e344bf900fa6263b98813e1d2913d21eb2c562bbb8c9a9e47956096cee1018b380ad88f86517ae459f17d7745d8b2e963118688c147b397d4d42e44f40b762e988f5a01e585300399d827f2b2f1d961c3884719843f5562bf7660b0c5232bf85b4b14917f5918187c0de66279a3cc2786c3f16ee614e4181e5adb339597c0a7c0b7154f729a0c03b584de598a388537dd6b8f40dcb9828bcad779993f9e1105ced191fb4245304bd5fe4e8e82c2e5823fbbbff2b594b3d4a877deca01553221b028251bb2bd5fb4aef6e425f570878f60919ce509e493a7d86f5387cf9ef447e39235530c2f1c13479adeaa4cb64c202dc65fcafaf011b9cb264c9a55801ad1157392e19c33a34a04cba9869f7723f1bcbb4ee4c69e9e3001df162ca7ec9cf0087758bb999fc1797418d4192b15f274c7cbac603c9964a236033ae4e14b6e8fe4dc9209c9ab253c60491312b43b505fbdf6191191d6becf075b0773b8729f67c89ac3d7e6a424719f126922d0bf53ebe8e8eabc796e67126a02b01076b12f1243b32f13224f0b913738ce3030e316396d1b20f77b6a4c36d7d5b0473240d2c2e940f91972c9feb9b525e0924d2d170b9545c5d2f9c619bb105b65809781ec4de1a7435a3a7e143300aa7d42f0cc9009bf46c4fcb18186b4ccaac13c186fca341981efbc6164f9c3fbaa15c0d8fe3ac0c48f60ddf6f0bf7f700328109e0be3301867629918426867d3b39c2ff1e935a701804aa475062d8593318cdff3a375b6e9a7497b2c40f570ef7b74a49f9c25d51e00d44d3d8c0be3070f22a63afb1437e30c0dd6795261bb253aaa823c2053d8b2c6e3bf2a62784e1c8ff2dbcadbf6de9409ef2a1bf43a78471b3cea04f5947a942ec68f5481426c16ffb93813d23a8bf6b168711de442b103e789f5f9399a9233da4bf05ae5d6e075558db24bb711beb8c71d167cbb6de61effd873491bb2965b205a8d48c83cae2025e6b5b579257256b9d7353c01ee95b8f6bdef2453a96301d306297f1e86328ddbee12dab16460b0d4864786cd953c499b044b64ada7979fa8d2cc75f3f0c49b6533555eea040992567aa323374c957dce81aae3839e22fbd86a183ddc1700dfb28dad75341ae5cf269c0d61d4badc7c775782408b22d658869c535fbff8cde042f3344383d419775363d07c59af537dd5b97f6c872b41fe32d708d68b0c3ce161c5000256f1695c45a87fe2cdbc8d19c6169252feddb399d2eea5c8aa344c476d37e4c691e5acf1ecda502f25fab674eb08d45e0646f247a321a50a728678c44edc6b3167b98f6ed5e4159b70224739887831edac06dfa4d1e8aeed3b7a6531166380e5d8837b311ef841317d49dbc09948b76509650e5b4176509393245898791734a05375fd2620e638787abfcd6b5c1c2f05f0eac17be1cc01a1d2f46d1209e2469c476080d898b2459664adb5fa8c07808275f5a94f683964794ce25cf0e34f292cdfc17fca4f329486520f17bb5d057e6a153dca2c94135d8ef89987874db36ff20abf4c6848330db85973e4680603dc327e5498a8d8215ad12bd91f56a5f6477b5fc743b960dbef4b3ef2eff07d81c6f9380df2e996fa2d8610534fbe96960a35c8a5b76ae34e0af6ce2b23b7cc01c770fc7703adc63a17ec2b08f1b5a79143df724e2a0e55899af77c3dbba36ec1088b95306c4652850e7803ce4ec72c54431de48a9ad9940bf4a327a3c1707df078867a531799f7ae5cd273e950cb79c16c999f955bcfb3b28434e6443830126f006e3ae5a9d77221412e4f6b3522f90e67d617afa398990848cd1fb9036cea7d2b524eddbbb133160b1dc312cddbd131bcf9b7e84c5326ad657657d2ab43aec2738cd642c352d078a1b31c849cf3a96fe03fce85fe9eb2ebaa1b2434d3229b89180d99a25ef54b04a8f1b92e0f59ab5b62b63677f6ff237b54921dc156ede840d9db1972b31c138909bb623fc2a27e2b06fb042dcd2985a45bf240fcdfc70628d69568aefe3df736adbaef8c0b76bb00555b5515ee5711a6a6718b7e86d77f16fddb0ac44c6cd55e5025f3a91f1d787ec36f8d0e8ca1fed277dc2490d804edcea731eb98147dc839c49ee773fb2eb852c70a7c2745047457cd72cd2a6e4bd45e2f62d091ed0ee158cd06cb6f08870c8da06827ca548fbb87bcc1408694bd9b3afc03ecf754857137f5744774ea29d07b5303e5ca0edaa984478857aed367249896b66ec6339dd97740f8aab07b146ad372d6f2d368f44908e12c72d9ffe91fc865d12a9001e05ac48d7d1f9146ed04d2255f7e2a8af7b7809b1daf6f189b513bedd8abdfc75f3887f491747ab23a3d117db99c993d025eb81f5bca89fb2fa7fc852c38ce5a514ce323449bc8741d7a761ae144b5173670f4fef73ec3f4018a8732d3affdbec6887c77d24aaad52cddb6924d924e7dad38c4a98f18e3a99c9f3f680b6d7fe8239c2c58883f744f7e9ae8047fd7a2f2f7bbd33082ba1b2bb7307fd3b3817fc50b3e9c33e87bcee005dd282da1b10a9032887c50493477127748151945a88410b704c9ffc08f9f5dc101de48d08e87c0e88165eb2d2808f5682a4901dd570d640688f656bb61b86a4d288122264bba85f7406dbc274ce2f09d836b41bdbcacbaeb158a372087a7fce8e777ae8d70ce389af8a3819d2612fe316a3034743d39dbbe0dc2ae6e206d4af9cd0e3595b0f832fdfcae0e5c741fbe610ca09e53fc6fec0d7af06b2be0578d948f882c53a2376d0d3ce6fe57797eeb0fa69283b483a3aa523b29f6a8253e1d9f6ced4d695ba6fcd231dd0e95939188cd7db791abb0556a812642801bceeb8627c7a63a7c292aa97dc7f82ea9750f4b5597718d6d2ed5e0fa3e599e101ec581e6b785db28d96fd6e6a1d50dbf6702a65f2cdaf32865fd677590d8a243f253849ae61b84964425361f897ca6245157943b8fb9002468a2f599225604c2912337adbae1537df49c01e85e467923e5dff44e9b57f402c828b967501d6487964569fd1b33d36978112c6662d24b87b71c559813e38b8b84c553a9d2ee17d912104cdeaccd441a3e3c148542554af60d03c46f8253c4945bf4860c753d96b90cef3419447f878137655425165c1cddf5d0309d6cf56956f3a417c7d1ca641de8c05bffe1cbf1f1df0e9b51e2d63796173dc96edb4ac5e94912f6256a367e730055dbb5defb613e34fd57b939359e4a95ba0b2e144cc2634a738be650fb4cba61f91cc5cbb252c222361c61ff2d50ccd402d70c7dfa698b2688266f5329b7486a4c2f7415bf289576d39aa04a3a67cb279bf023da5e26e2163c58d23be204d598a0d63f238438e7d76baab16c52e8ceddccda782d8ea4e4fdc9a73074823ee4f2d5e5c166c8f9a50d586b41e3a056a8feb8ccb21234798bfd98c831305292cb1704dd67665cb41a0345bdd51fce1b4fe217886727ae9aab17a2429d8b9900bcae7740fcf0b48a105ed1ebd67a3164e3abfd7cb784862d343de24079bf5d8c9485f2b928150b82ea252c4f006b63679a20e6f1b63016303f3baacca914813468036227966d10e076e17c10f2c37882e292ceb6d8667d5f5d9e210ad2a9a4617e92235e9ab640a0649aa780c8dd5f42b6295d08c3684f66d675cc88478be5d5860af1a233f9bb53b522136a684c51cf4ae9e309ad2ba76ae8fad164c0e2ca4626b6bdb3b7da04da401ccfba10da5a8b89d4d3f66db0a0f157bdb855d91afa62f7946fb3920df8b77e54d4a05915724195f7a92502ac69f15f9274cdfc2a85f448fc8343a2dd96cabdb133a851add676f422bb406d2076812cbd08eed03b2480ac6329b533488b2c9f47198a90e3f4ccf69ca2b5ec54e4c7424918493be3deb90b3905fa97eb67ffa5555a58a34bfad533b0db8add0ba09707bf78d621fe833c89ba6db59e7374307e7b40200efe6f87316bd7d1b9ea21a54c6b678886306a219fc1d6e80b57ee0e86c2f256212ec672575ed2c0bb802f97a418b27f5293416d2b76755cea9f5a4135e5112e7b2dc38bfcb3d4508d8ebfa4acc82848c4aebad4dfa0c5a8e8a89cd5afd6528aadf68104ebe0b1ebd8049c7814c3a8a60b0c1704fd72f199b2200373138dca1a55066bb7470a6b7c218c6783ee068b340382cccabbe2171d4ac1c4ff68332d15083682512bd4fcb71e00f488e0ea0a15e433a2bc1f94f8fa63f1595e688867ba4b2313f36e794d91e2c1ed602a68e"}, {&(0x7f0000001b80)="312e9bfcc72741cb55e89d49aa45a2cec3a77a7b3f5c81ccc54e3fd3e1d9b8905eec5fc489e42e129cfbaaa5d6d5df5e009c31e9132c4dd4d1e2f4810bdedaba80f2c35a8bcd4c27e7441f41e573df2b7a55dcd8d4e8e7c9175223c69037c057eab6af85a080ad5b71309bcd067b2dab5fadb9e02783b8d00cf997cd0a1ba430c522b9f5eeb6acd9e6f369628e92b1c4d219d77ae67ae1f55f7fa73c0e1252442580fa70f3f5c9218a50112cc5471836a4ecd2e4a8bb4f20186e9f8e01611a64adbf1b238ac9f75ece01ca60160e370555217b4aeebc448f22cadfa3997fe07d27cb907d998a48112db4495a0941ae03ebf2"}, {&(0x7f00000004c0)="b66ab14f2a11c10ee30c545961b87de2cefafeb895bb4ff19476f6174b8d158f1751076a6be2c4968a074b2d083743af7a8a5a397129530e"}, {&(0x7f0000001c80)="f7cd2f8a788fb6367baec77a33c4d891a70b6363856661d5879bd66619b4ec1a064f5b8d86e9939a735b68b1c679321d160a086d387d669d4812a8796c1b6c80053ef1bd3d4d506864e1ab935a689b16df284960bc816bf01314e04cd00a0b8b283938767209544ff33aba1fda16f5b867eb16f4e8662f60d647ebd66270253eac4bf5e89cfeadcc1b05929c53ba704d4d77a43a3a77"}, {&(0x7f0000001d40)="2ccdf0a1e913f69c6c8a596992a2e35918ce4de4a35922b3a21b87a47d46ce5d7cc844cc435e488e768a9b9b560a92d9af0184e56af16f743acaf728d4d86be98163ee63b3347310cdd15e34a4e7c076f676230331cca3c2c209af8763c46d5761ee1596e70d70703fc6860f215a9aa2c880c9f46caa2ec1b9c67e191fcfcccc61374df6d8760ad0ddf2f83da39380ac8942644bb8a71e48a24c22b4c7b5e88310a512f66847f5c5918547cab94a2ceb88e58a5225abca6d64027ba16c60ec640e878268"}, {&(0x7f0000001e40)="b211115c8d09553dd20896eb2babc58b7deb94c444be303c93137ca093ba42700d44c4eadccf2f47b3f90e7c0d23c810f45cd196684a5a1ffcb7d298188166d0fb0758cbbef247713e5bfad70c4519d9195562780f156b88d6c27a5cdf96672b3c8b1d02018673a64d04b9d6571e8884c989e67d90657895e2eadbc6cbfea1965c471f73b377f4f1da880f65507e18e1322cf05c282c03b5c24156"}, {&(0x7f0000000680)="3722c53d0cf86bccf3e638360588947765353c00bc5f115733884eec228a0aa26f96218ac7ff3583d11ef6de234531022cd06c895bd5c637a14b"}], 0x0, &(0x7f0000002340)=[@cred={{0x0, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred, @cred={{0x0, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee01}}}], 0x0, 0xc0}}], 0x277, 0x0) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000001, 0x110, r4, 0x99a1c000) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x200000b, 0x4000010, r3, 0x401000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) syz_clone3(&(0x7f0000000700)={0x800, &(0x7f0000000480), &(0x7f0000000780), &(0x7f0000000500), {0x2b}, &(0x7f0000000540)=""/87, 0x57, &(0x7f00000007c0)=""/262, &(0x7f00000006c0)=[0x0], 0x1}, 0x58) sendfile(r3, r1, &(0x7f00000000c0)=0x2, 0x5d8d9872) [ 721.495723][T16879] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 721.505275][T16879] 16018 total pagecache pages [ 721.510657][T16879] 0 pages in swap cache [ 721.514895][T16879] Swap cache stats: add 0, delete 0, find 0/0 [ 721.521229][T16879] Free swap = 0kB [ 721.525026][T16879] Total swap = 0kB [ 721.528806][T16879] 2097051 pages RAM [ 721.532947][T16879] 0 pages HighMem/MovableOnly [ 721.538264][T16879] 384548 pages reserved [ 721.543495][T16879] 0 pages cma reserved [ 721.583813][ T3636] Bluetooth: hci6: sending frame failed (-49) [ 721.590791][ T3640] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 721.646212][T16962] ptm ptm7: ldisc open failed (-12), clearing slot 7 [ 721.698850][T16970] ptm ptm8: ldisc open failed (-12), clearing slot 8 16:51:17 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x4b34, 0x0) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCMBIS(r2, 0x5416, &(0x7f0000000040)) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x8) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 721.788143][ T26] audit: type=1804 audit(1644684677.118:2166): pid=16994 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/626/bus" dev="sda1" ino=1169 res=1 errno=0 [ 721.817164][ T26] audit: type=1800 audit(1644684677.118:2167): pid=16994 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1169 res=0 errno=0 16:51:17 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 722.289630][T16193] Bluetooth: hci11: command 0x1003 tx timeout [ 722.289741][ T3625] Bluetooth: hci11: Opcode 0x1003 failed: -110 16:51:17 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$TCXONC(r2, 0x540a, 0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 723.649882][ T46] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 723.650808][ T8020] Bluetooth: hci8: command 0x1003 tx timeout [ 723.666599][ T3636] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 723.675554][ T3640] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:51:19 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = creat(0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000440)=0xf) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8041, 0xb6445b68d498dd43) ftruncate(r2, 0x401) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0x19) (async) r3 = openat$cgroup(r2, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000023c0)=[{{&(0x7f0000001fc0)=@abs={0x1, 0x0, 0x4e24}, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0, 0x200048c0}}, {{&(0x7f0000000a00)=@file={0x0, './file0\x00'}, 0x0, &(0x7f0000001f00)=[{&(0x7f0000000a80)="aa809bbeef531a4c19388b72b4d598a3ec0b70af67e1b4ecc6c5d71b27aa2fdf6dfea5b51a8d8963f9d7229c67b0363ad3dc9ddf4fb3c41797c2231c1cd7909c75670ab745ba0fd476d3be784537f93debdbf61ce43bdab0a0e5804000a2cf97e3867214d842"}, {&(0x7f0000000400)="3966ef"}, {&(0x7f0000000b00)="2608d7b38a43772d0e3125687a6c57166065f115486777cde28666d56b6243462062f7f0900bd23cf57bbf2e168710a07d8c47e8bb675745fafb1b6282010f6ef3e3eb05a178ba68a15ccc67c0c7a748fa"}, {&(0x7f0000000b80)="6017d1ec51515929ea81db04ae3005fcc7454ccccf2981cb50f7161ae96d906da139987741cd6604f2f943158d30f676f778cd2a7a9fc5def2b52f1dfc195f2e1803d36ba0e3faf0dd3bffe7dd42edc055808c88de376333dea4835d1a4f2f415dd045d2207a7112a96bd60b83dc222aa2027156afdac48ee627d9c53bc9289fa30a114885ce66f0a2d972b4d8c6de2d03b03ccea24fa48c789d5693467621fa024c8318cf3afdc322650eb0b9594f88566b63b745e9e6619745911777ec574407ae2819b8c66afab3c49945c6d525b7971e71e6971b518f483b788998627f554b69e50ae337322d865868ad7c981f7f338249dbbbdf0fb37293008b6d8a38aba2e2657d5ab5f12cd73e5e0ccef3f18373519a2f3df0f7fcc0a7c10cfab87a5cbbd4acee8c48a4a8311dfc48f43fbc28b26c9aad3ffde95027e9b1108a561e2ec54583ab853ff1baf1017ee8d3fdc50461998568c64bfc28eaf43f8aed1d3bf551fc8fcff9c10c2f4d33d98ed46c5ccf9460f922ebf3f7a71ef5cd4265029b933048b4b28f18481395565c94bd003f0c48c48c9980a1b67c69eb24d85f59619c1c57cb89e7dbdb17404d36f97f52e6d062e40070de951219ebcc94ed1eb8ff05a3e3f4c7b11c0c82c8487ccbea548a3794ba723fb17be987168b5435bb2ee0dcfd512d465c6bd9cad57f34b67574589b3a874395abc9b7732e2828ff91030a34577624d9dff546ffbcd7e52793443dc2ee191073ae801d6c992f54bf71bf083aeaea1e7cb6a4c5625f03eee16ff1a80b688d11a2694b77bb3042be7ad53c28778f09b194a95a5f6b523758a5f3755bc0a680ad240851a7b181984a78311ed0261b3285d6ba1f75e7aac5f8eebbf319023a9ec85ef87a8c5d26644dc2fb65dafd092cd83bef52f8e9a0620b5a735c79920cfd732f5255f73bc9c47359ae1c2f580f1c302d7c7b9194b768d3021b4d19b71da9dfa9c04a0fb9bcc3ab5049af9344a1a7b621ea50a7bb85c2d718ca41e2a108153aa4a175aaf2a9a20eb89412f32e42a503f80d186b8b60893f2dfb995be38d391fd09601f751682b137a2c966e5be7be9f13d0a98cd9d93dd9e159e18b609fbb2e69c3c556de444dee5d13eb8844701733c83a197ad13032741b9497769f585cd0b69707340d9dd78d8643ef47f4744d98f5d99c78fe1398ef3b12f4bc5bf9d9e56d74b90dd1fe52c2c52f2c21fea30cfe08daf97d7ff0e0a5186b23a14378b562c3c6b11c358f6bd2f2a6354fd4d7e68c54a79d23be7b23ac4202b78d8c6aa3da1739d8a21fd3527296b0918b3fd78fa9f86f4310e83c47ac4757732090f29585f67879a47b88f7f2c02056426bb4ac78d96acc795ced965180bda57f27a59bc9a215e2f7c6b152043d1a66d412e9bdc7c9bde9893f490636cbb8d41e3cf2ce3f8399c494d47785629f865d36783b58c206ac7119379f9e2492cc1267d03fe82e7ea8e3c378a56e2af79a58e62f449482e085cf481f26c118d8b19d221cffe357e44423a0915c8568304a747473f186a22d2171d2098dd28e02fb9c8a817cb8e344bf900fa6263b98813e1d2913d21eb2c562bbb8c9a9e47956096cee1018b380ad88f86517ae459f17d7745d8b2e963118688c147b397d4d42e44f40b762e988f5a01e585300399d827f2b2f1d961c3884719843f5562bf7660b0c5232bf85b4b14917f5918187c0de66279a3cc2786c3f16ee614e4181e5adb339597c0a7c0b7154f729a0c03b584de598a388537dd6b8f40dcb9828bcad779993f9e1105ced191fb4245304bd5fe4e8e82c2e5823fbbbff2b594b3d4a877deca01553221b028251bb2bd5fb4aef6e425f570878f60919ce509e493a7d86f5387cf9ef447e39235530c2f1c13479adeaa4cb64c202dc65fcafaf011b9cb264c9a55801ad1157392e19c33a34a04cba9869f7723f1bcbb4ee4c69e9e3001df162ca7ec9cf0087758bb999fc1797418d4192b15f274c7cbac603c9964a236033ae4e14b6e8fe4dc9209c9ab253c60491312b43b505fbdf6191191d6becf075b0773b8729f67c89ac3d7e6a424719f126922d0bf53ebe8e8eabc796e67126a02b01076b12f1243b32f13224f0b913738ce3030e316396d1b20f77b6a4c36d7d5b0473240d2c2e940f91972c9feb9b525e0924d2d170b9545c5d2f9c619bb105b65809781ec4de1a7435a3a7e143300aa7d42f0cc9009bf46c4fcb18186b4ccaac13c186fca341981efbc6164f9c3fbaa15c0d8fe3ac0c48f60ddf6f0bf7f700328109e0be3301867629918426867d3b39c2ff1e935a701804aa475062d8593318cdff3a375b6e9a7497b2c40f570ef7b74a49f9c25d51e00d44d3d8c0be3070f22a63afb1437e30c0dd6795261bb253aaa823c2053d8b2c6e3bf2a62784e1c8ff2dbcadbf6de9409ef2a1bf43a78471b3cea04f5947a942ec68f5481426c16ffb93813d23a8bf6b168711de442b103e789f5f9399a9233da4bf05ae5d6e075558db24bb711beb8c71d167cbb6de61effd873491bb2965b205a8d48c83cae2025e6b5b579257256b9d7353c01ee95b8f6bdef2453a96301d306297f1e86328ddbee12dab16460b0d4864786cd953c499b044b64ada7979fa8d2cc75f3f0c49b6533555eea040992567aa323374c957dce81aae3839e22fbd86a183ddc1700dfb28dad75341ae5cf269c0d61d4badc7c775782408b22d658869c535fbff8cde042f3344383d419775363d07c59af537dd5b97f6c872b41fe32d708d68b0c3ce161c5000256f1695c45a87fe2cdbc8d19c6169252feddb399d2eea5c8aa344c476d37e4c691e5acf1ecda502f25fab674eb08d45e0646f247a321a50a728678c44edc6b3167b98f6ed5e4159b70224739887831edac06dfa4d1e8aeed3b7a6531166380e5d8837b311ef841317d49dbc09948b76509650e5b4176509393245898791734a05375fd2620e638787abfcd6b5c1c2f05f0eac17be1cc01a1d2f46d1209e2469c476080d898b2459664adb5fa8c07808275f5a94f683964794ce25cf0e34f292cdfc17fca4f329486520f17bb5d057e6a153dca2c94135d8ef89987874db36ff20abf4c6848330db85973e4680603dc327e5498a8d8215ad12bd91f56a5f6477b5fc743b960dbef4b3ef2eff07d81c6f9380df2e996fa2d8610534fbe96960a35c8a5b76ae34e0af6ce2b23b7cc01c770fc7703adc63a17ec2b08f1b5a79143df724e2a0e55899af77c3dbba36ec1088b95306c4652850e7803ce4ec72c54431de48a9ad9940bf4a327a3c1707df078867a531799f7ae5cd273e950cb79c16c999f955bcfb3b28434e6443830126f006e3ae5a9d77221412e4f6b3522f90e67d617afa398990848cd1fb9036cea7d2b524eddbbb133160b1dc312cddbd131bcf9b7e84c5326ad657657d2ab43aec2738cd642c352d078a1b31c849cf3a96fe03fce85fe9eb2ebaa1b2434d3229b89180d99a25ef54b04a8f1b92e0f59ab5b62b63677f6ff237b54921dc156ede840d9db1972b31c138909bb623fc2a27e2b06fb042dcd2985a45bf240fcdfc70628d69568aefe3df736adbaef8c0b76bb00555b5515ee5711a6a6718b7e86d77f16fddb0ac44c6cd55e5025f3a91f1d787ec36f8d0e8ca1fed277dc2490d804edcea731eb98147dc839c49ee773fb2eb852c70a7c2745047457cd72cd2a6e4bd45e2f62d091ed0ee158cd06cb6f08870c8da06827ca548fbb87bcc1408694bd9b3afc03ecf754857137f5744774ea29d07b5303e5ca0edaa984478857aed367249896b66ec6339dd97740f8aab07b146ad372d6f2d368f44908e12c72d9ffe91fc865d12a9001e05ac48d7d1f9146ed04d2255f7e2a8af7b7809b1daf6f189b513bedd8abdfc75f3887f491747ab23a3d117db99c993d025eb81f5bca89fb2fa7fc852c38ce5a514ce323449bc8741d7a761ae144b5173670f4fef73ec3f4018a8732d3affdbec6887c77d24aaad52cddb6924d924e7dad38c4a98f18e3a99c9f3f680b6d7fe8239c2c58883f744f7e9ae8047fd7a2f2f7bbd33082ba1b2bb7307fd3b3817fc50b3e9c33e87bcee005dd282da1b10a9032887c50493477127748151945a88410b704c9ffc08f9f5dc101de48d08e87c0e88165eb2d2808f5682a4901dd570d640688f656bb61b86a4d288122264bba85f7406dbc274ce2f09d836b41bdbcacbaeb158a372087a7fce8e777ae8d70ce389af8a3819d2612fe316a3034743d39dbbe0dc2ae6e206d4af9cd0e3595b0f832fdfcae0e5c741fbe610ca09e53fc6fec0d7af06b2be0578d948f882c53a2376d0d3ce6fe57797eeb0fa69283b483a3aa523b29f6a8253e1d9f6ced4d695ba6fcd231dd0e95939188cd7db791abb0556a812642801bceeb8627c7a63a7c292aa97dc7f82ea9750f4b5597718d6d2ed5e0fa3e599e101ec581e6b785db28d96fd6e6a1d50dbf6702a65f2cdaf32865fd677590d8a243f253849ae61b84964425361f897ca6245157943b8fb9002468a2f599225604c2912337adbae1537df49c01e85e467923e5dff44e9b57f402c828b967501d6487964569fd1b33d36978112c6662d24b87b71c559813e38b8b84c553a9d2ee17d912104cdeaccd441a3e3c148542554af60d03c46f8253c4945bf4860c753d96b90cef3419447f878137655425165c1cddf5d0309d6cf56956f3a417c7d1ca641de8c05bffe1cbf1f1df0e9b51e2d63796173dc96edb4ac5e94912f6256a367e730055dbb5defb613e34fd57b939359e4a95ba0b2e144cc2634a738be650fb4cba61f91cc5cbb252c222361c61ff2d50ccd402d70c7dfa698b2688266f5329b7486a4c2f7415bf289576d39aa04a3a67cb279bf023da5e26e2163c58d23be204d598a0d63f238438e7d76baab16c52e8ceddccda782d8ea4e4fdc9a73074823ee4f2d5e5c166c8f9a50d586b41e3a056a8feb8ccb21234798bfd98c831305292cb1704dd67665cb41a0345bdd51fce1b4fe217886727ae9aab17a2429d8b9900bcae7740fcf0b48a105ed1ebd67a3164e3abfd7cb784862d343de24079bf5d8c9485f2b928150b82ea252c4f006b63679a20e6f1b63016303f3baacca914813468036227966d10e076e17c10f2c37882e292ceb6d8667d5f5d9e210ad2a9a4617e92235e9ab640a0649aa780c8dd5f42b6295d08c3684f66d675cc88478be5d5860af1a233f9bb53b522136a684c51cf4ae9e309ad2ba76ae8fad164c0e2ca4626b6bdb3b7da04da401ccfba10da5a8b89d4d3f66db0a0f157bdb855d91afa62f7946fb3920df8b77e54d4a05915724195f7a92502ac69f15f9274cdfc2a85f448fc8343a2dd96cabdb133a851add676f422bb406d2076812cbd08eed03b2480ac6329b533488b2c9f47198a90e3f4ccf69ca2b5ec54e4c7424918493be3deb90b3905fa97eb67ffa5555a58a34bfad533b0db8add0ba09707bf78d621fe833c89ba6db59e7374307e7b40200efe6f87316bd7d1b9ea21a54c6b678886306a219fc1d6e80b57ee0e86c2f256212ec672575ed2c0bb802f97a418b27f5293416d2b76755cea9f5a4135e5112e7b2dc38bfcb3d4508d8ebfa4acc82848c4aebad4dfa0c5a8e8a89cd5afd6528aadf68104ebe0b1ebd8049c7814c3a8a60b0c1704fd72f199b2200373138dca1a55066bb7470a6b7c218c6783ee068b340382cccabbe2171d4ac1c4ff68332d15083682512bd4fcb71e00f488e0ea0a15e433a2bc1f94f8fa63f1595e688867ba4b2313f36e794d91e2c1ed602a68e"}, {&(0x7f0000001b80)="312e9bfcc72741cb55e89d49aa45a2cec3a77a7b3f5c81ccc54e3fd3e1d9b8905eec5fc489e42e129cfbaaa5d6d5df5e009c31e9132c4dd4d1e2f4810bdedaba80f2c35a8bcd4c27e7441f41e573df2b7a55dcd8d4e8e7c9175223c69037c057eab6af85a080ad5b71309bcd067b2dab5fadb9e02783b8d00cf997cd0a1ba430c522b9f5eeb6acd9e6f369628e92b1c4d219d77ae67ae1f55f7fa73c0e1252442580fa70f3f5c9218a50112cc5471836a4ecd2e4a8bb4f20186e9f8e01611a64adbf1b238ac9f75ece01ca60160e370555217b4aeebc448f22cadfa3997fe07d27cb907d998a48112db4495a0941ae03ebf2"}, {&(0x7f00000004c0)="b66ab14f2a11c10ee30c545961b87de2cefafeb895bb4ff19476f6174b8d158f1751076a6be2c4968a074b2d083743af7a8a5a397129530e"}, {&(0x7f0000001c80)="f7cd2f8a788fb6367baec77a33c4d891a70b6363856661d5879bd66619b4ec1a064f5b8d86e9939a735b68b1c679321d160a086d387d669d4812a8796c1b6c80053ef1bd3d4d506864e1ab935a689b16df284960bc816bf01314e04cd00a0b8b283938767209544ff33aba1fda16f5b867eb16f4e8662f60d647ebd66270253eac4bf5e89cfeadcc1b05929c53ba704d4d77a43a3a77"}, {&(0x7f0000001d40)="2ccdf0a1e913f69c6c8a596992a2e35918ce4de4a35922b3a21b87a47d46ce5d7cc844cc435e488e768a9b9b560a92d9af0184e56af16f743acaf728d4d86be98163ee63b3347310cdd15e34a4e7c076f676230331cca3c2c209af8763c46d5761ee1596e70d70703fc6860f215a9aa2c880c9f46caa2ec1b9c67e191fcfcccc61374df6d8760ad0ddf2f83da39380ac8942644bb8a71e48a24c22b4c7b5e88310a512f66847f5c5918547cab94a2ceb88e58a5225abca6d64027ba16c60ec640e878268"}, {&(0x7f0000001e40)="b211115c8d09553dd20896eb2babc58b7deb94c444be303c93137ca093ba42700d44c4eadccf2f47b3f90e7c0d23c810f45cd196684a5a1ffcb7d298188166d0fb0758cbbef247713e5bfad70c4519d9195562780f156b88d6c27a5cdf96672b3c8b1d02018673a64d04b9d6571e8884c989e67d90657895e2eadbc6cbfea1965c471f73b377f4f1da880f65507e18e1322cf05c282c03b5c24156"}, {&(0x7f0000000680)="3722c53d0cf86bccf3e638360588947765353c00bc5f115733884eec228a0aa26f96218ac7ff3583d11ef6de234531022cd06c895bd5c637a14b"}], 0x0, &(0x7f0000002340)=[@cred={{0x0, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred, @cred={{0x0, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee01}}}], 0x0, 0xc0}}], 0x277, 0x0) (async) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000001, 0x110, r4, 0x99a1c000) (async) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x200000b, 0x4000010, r3, 0x401000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) syz_clone3(&(0x7f0000000700)={0x800, &(0x7f0000000480), &(0x7f0000000780), &(0x7f0000000500), {0x2b}, &(0x7f0000000540)=""/87, 0x57, &(0x7f00000007c0)=""/262, &(0x7f00000006c0)=[0x0], 0x1}, 0x58) sendfile(r3, r1, &(0x7f00000000c0)=0x2, 0x5d8d9872) 16:51:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x12) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000280)="c303a3560cae500aa1f809de7398a21a4448e54a5b3c886d583c6790744ecd5cbb9b3e97d7cd4d9a01db187916d5383e0dc101771846bbc1e5b0544a49a6a567882fdbb126bb3c854873c3a081c301be4a4fc8898b5336975793913bb781cc20a8db5d03ecdd2e8cd11e633206") (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x4b) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:51:19 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x3) (async) dup(0xffffffffffffffff) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 723.697773][ T3640] Bluetooth: hci7: sending frame failed (-49) [ 723.710427][ T3636] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 723.729958][ T3642] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:51:19 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(r0, 0x20) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 723.809649][ T3684] Bluetooth: hci10: command 0x1003 tx timeout [ 723.809910][ T3644] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:51:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x11) r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f00000000c0)='./bus\x00', 0x0, 0x8}, 0x10) close(r3) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:51:19 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x0, '\x00', [{0x1, 0x866, 0x1b, 0x800, 0x7, 0x9}, {0x8, 0x8001, 0xfffffffffffffffc, 0x20, 0x100000001, 0x1}], ['\x00', '\x00']}) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) r4 = syz_open_dev$hidraw(&(0x7f0000000000), 0xf1, 0x0) fgetxattr(r4, &(0x7f0000000040)=@known='user.syz\x00', &(0x7f0000000280)=""/173, 0xad) [ 723.904623][ T3636] Bluetooth: hci8: sending frame failed (-49) [ 723.912306][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 723.914863][ T26] audit: type=1804 audit(1644684679.248:2168): pid=17030 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/627/bus" dev="sda1" ino=1169 res=1 errno=0 16:51:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000180)=0x1f) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000240)=0xf) fallocate(r0, 0x65, 0x8000, 0x2) ioctl$KDADDIO(r3, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0x2) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)) [ 723.946939][ T26] audit: type=1800 audit(1644684679.248:2169): pid=17030 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1169 res=0 errno=0 16:51:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x11) r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f00000000c0)='./bus\x00', 0x0, 0x8}, 0x10) close(r3) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:51:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x11) r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f00000000c0)='./bus\x00', 0x0, 0x8}, 0x10) close(r3) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x11) (async) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f00000000c0)='./bus\x00', 0x0, 0x8}, 0x10) (async) close(r3) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:51:19 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$TCXONC(r2, 0x540a, 0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 724.449963][ T3625] Bluetooth: hci11: Opcode 0x1003 failed: -110 [ 724.452863][ T3676] Bluetooth: hci11: command 0x1003 tx timeout 16:51:19 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$TCXONC(r2, 0x540a, 0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) (async) ioctl$TCXONC(r2, 0x540a, 0x1) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) 16:51:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$KDADDIO(r2, 0x400455c8, 0x9d65) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x20101, 0x19c) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) ioctl$TCFLSH(r0, 0x540b, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:51:21 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000440)=0xf) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8041, 0xb6445b68d498dd43) ftruncate(r2, 0x401) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0x19) r3 = openat$cgroup(r2, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000023c0)=[{{&(0x7f0000001fc0)=@abs={0x1, 0x0, 0x4e24}, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0, 0x200048c0}}, {{&(0x7f0000000a00)=@file={0x0, './file0\x00'}, 0x0, &(0x7f0000001f00)=[{&(0x7f0000000a80)="aa809bbeef531a4c19388b72b4d598a3ec0b70af67e1b4ecc6c5d71b27aa2fdf6dfea5b51a8d8963f9d7229c67b0363ad3dc9ddf4fb3c41797c2231c1cd7909c75670ab745ba0fd476d3be784537f93debdbf61ce43bdab0a0e5804000a2cf97e3867214d842"}, {&(0x7f0000000400)="3966ef"}, {&(0x7f0000000b00)="2608d7b38a43772d0e3125687a6c57166065f115486777cde28666d56b6243462062f7f0900bd23cf57bbf2e168710a07d8c47e8bb675745fafb1b6282010f6ef3e3eb05a178ba68a15ccc67c0c7a748fa"}, {&(0x7f0000000b80)="6017d1ec51515929ea81db04ae3005fcc7454ccccf2981cb50f7161ae96d906da139987741cd6604f2f943158d30f676f778cd2a7a9fc5def2b52f1dfc195f2e1803d36ba0e3faf0dd3bffe7dd42edc055808c88de376333dea4835d1a4f2f415dd045d2207a7112a96bd60b83dc222aa2027156afdac48ee627d9c53bc9289fa30a114885ce66f0a2d972b4d8c6de2d03b03ccea24fa48c789d5693467621fa024c8318cf3afdc322650eb0b9594f88566b63b745e9e6619745911777ec574407ae2819b8c66afab3c49945c6d525b7971e71e6971b518f483b788998627f554b69e50ae337322d865868ad7c981f7f338249dbbbdf0fb37293008b6d8a38aba2e2657d5ab5f12cd73e5e0ccef3f18373519a2f3df0f7fcc0a7c10cfab87a5cbbd4acee8c48a4a8311dfc48f43fbc28b26c9aad3ffde95027e9b1108a561e2ec54583ab853ff1baf1017ee8d3fdc50461998568c64bfc28eaf43f8aed1d3bf551fc8fcff9c10c2f4d33d98ed46c5ccf9460f922ebf3f7a71ef5cd4265029b933048b4b28f18481395565c94bd003f0c48c48c9980a1b67c69eb24d85f59619c1c57cb89e7dbdb17404d36f97f52e6d062e40070de951219ebcc94ed1eb8ff05a3e3f4c7b11c0c82c8487ccbea548a3794ba723fb17be987168b5435bb2ee0dcfd512d465c6bd9cad57f34b67574589b3a874395abc9b7732e2828ff91030a34577624d9dff546ffbcd7e52793443dc2ee191073ae801d6c992f54bf71bf083aeaea1e7cb6a4c5625f03eee16ff1a80b688d11a2694b77bb3042be7ad53c28778f09b194a95a5f6b523758a5f3755bc0a680ad240851a7b181984a78311ed0261b3285d6ba1f75e7aac5f8eebbf319023a9ec85ef87a8c5d26644dc2fb65dafd092cd83bef52f8e9a0620b5a735c79920cfd732f5255f73bc9c47359ae1c2f580f1c302d7c7b9194b768d3021b4d19b71da9dfa9c04a0fb9bcc3ab5049af9344a1a7b621ea50a7bb85c2d718ca41e2a108153aa4a175aaf2a9a20eb89412f32e42a503f80d186b8b60893f2dfb995be38d391fd09601f751682b137a2c966e5be7be9f13d0a98cd9d93dd9e159e18b609fbb2e69c3c556de444dee5d13eb8844701733c83a197ad13032741b9497769f585cd0b69707340d9dd78d8643ef47f4744d98f5d99c78fe1398ef3b12f4bc5bf9d9e56d74b90dd1fe52c2c52f2c21fea30cfe08daf97d7ff0e0a5186b23a14378b562c3c6b11c358f6bd2f2a6354fd4d7e68c54a79d23be7b23ac4202b78d8c6aa3da1739d8a21fd3527296b0918b3fd78fa9f86f4310e83c47ac4757732090f29585f67879a47b88f7f2c02056426bb4ac78d96acc795ced965180bda57f27a59bc9a215e2f7c6b152043d1a66d412e9bdc7c9bde9893f490636cbb8d41e3cf2ce3f8399c494d47785629f865d36783b58c206ac7119379f9e2492cc1267d03fe82e7ea8e3c378a56e2af79a58e62f449482e085cf481f26c118d8b19d221cffe357e44423a0915c8568304a747473f186a22d2171d2098dd28e02fb9c8a817cb8e344bf900fa6263b98813e1d2913d21eb2c562bbb8c9a9e47956096cee1018b380ad88f86517ae459f17d7745d8b2e963118688c147b397d4d42e44f40b762e988f5a01e585300399d827f2b2f1d961c3884719843f5562bf7660b0c5232bf85b4b14917f5918187c0de66279a3cc2786c3f16ee614e4181e5adb339597c0a7c0b7154f729a0c03b584de598a388537dd6b8f40dcb9828bcad779993f9e1105ced191fb4245304bd5fe4e8e82c2e5823fbbbff2b594b3d4a877deca01553221b028251bb2bd5fb4aef6e425f570878f60919ce509e493a7d86f5387cf9ef447e39235530c2f1c13479adeaa4cb64c202dc65fcafaf011b9cb264c9a55801ad1157392e19c33a34a04cba9869f7723f1bcbb4ee4c69e9e3001df162ca7ec9cf0087758bb999fc1797418d4192b15f274c7cbac603c9964a236033ae4e14b6e8fe4dc9209c9ab253c60491312b43b505fbdf6191191d6becf075b0773b8729f67c89ac3d7e6a424719f126922d0bf53ebe8e8eabc796e67126a02b01076b12f1243b32f13224f0b913738ce3030e316396d1b20f77b6a4c36d7d5b0473240d2c2e940f91972c9feb9b525e0924d2d170b9545c5d2f9c619bb105b65809781ec4de1a7435a3a7e143300aa7d42f0cc9009bf46c4fcb18186b4ccaac13c186fca341981efbc6164f9c3fbaa15c0d8fe3ac0c48f60ddf6f0bf7f700328109e0be3301867629918426867d3b39c2ff1e935a701804aa475062d8593318cdff3a375b6e9a7497b2c40f570ef7b74a49f9c25d51e00d44d3d8c0be3070f22a63afb1437e30c0dd6795261bb253aaa823c2053d8b2c6e3bf2a62784e1c8ff2dbcadbf6de9409ef2a1bf43a78471b3cea04f5947a942ec68f5481426c16ffb93813d23a8bf6b168711de442b103e789f5f9399a9233da4bf05ae5d6e075558db24bb711beb8c71d167cbb6de61effd873491bb2965b205a8d48c83cae2025e6b5b579257256b9d7353c01ee95b8f6bdef2453a96301d306297f1e86328ddbee12dab16460b0d4864786cd953c499b044b64ada7979fa8d2cc75f3f0c49b6533555eea040992567aa323374c957dce81aae3839e22fbd86a183ddc1700dfb28dad75341ae5cf269c0d61d4badc7c775782408b22d658869c535fbff8cde042f3344383d419775363d07c59af537dd5b97f6c872b41fe32d708d68b0c3ce161c5000256f1695c45a87fe2cdbc8d19c6169252feddb399d2eea5c8aa344c476d37e4c691e5acf1ecda502f25fab674eb08d45e0646f247a321a50a728678c44edc6b3167b98f6ed5e4159b70224739887831edac06dfa4d1e8aeed3b7a6531166380e5d8837b311ef841317d49dbc09948b76509650e5b4176509393245898791734a05375fd2620e638787abfcd6b5c1c2f05f0eac17be1cc01a1d2f46d1209e2469c476080d898b2459664adb5fa8c07808275f5a94f683964794ce25cf0e34f292cdfc17fca4f329486520f17bb5d057e6a153dca2c94135d8ef89987874db36ff20abf4c6848330db85973e4680603dc327e5498a8d8215ad12bd91f56a5f6477b5fc743b960dbef4b3ef2eff07d81c6f9380df2e996fa2d8610534fbe96960a35c8a5b76ae34e0af6ce2b23b7cc01c770fc7703adc63a17ec2b08f1b5a79143df724e2a0e55899af77c3dbba36ec1088b95306c4652850e7803ce4ec72c54431de48a9ad9940bf4a327a3c1707df078867a531799f7ae5cd273e950cb79c16c999f955bcfb3b28434e6443830126f006e3ae5a9d77221412e4f6b3522f90e67d617afa398990848cd1fb9036cea7d2b524eddbbb133160b1dc312cddbd131bcf9b7e84c5326ad657657d2ab43aec2738cd642c352d078a1b31c849cf3a96fe03fce85fe9eb2ebaa1b2434d3229b89180d99a25ef54b04a8f1b92e0f59ab5b62b63677f6ff237b54921dc156ede840d9db1972b31c138909bb623fc2a27e2b06fb042dcd2985a45bf240fcdfc70628d69568aefe3df736adbaef8c0b76bb00555b5515ee5711a6a6718b7e86d77f16fddb0ac44c6cd55e5025f3a91f1d787ec36f8d0e8ca1fed277dc2490d804edcea731eb98147dc839c49ee773fb2eb852c70a7c2745047457cd72cd2a6e4bd45e2f62d091ed0ee158cd06cb6f08870c8da06827ca548fbb87bcc1408694bd9b3afc03ecf754857137f5744774ea29d07b5303e5ca0edaa984478857aed367249896b66ec6339dd97740f8aab07b146ad372d6f2d368f44908e12c72d9ffe91fc865d12a9001e05ac48d7d1f9146ed04d2255f7e2a8af7b7809b1daf6f189b513bedd8abdfc75f3887f491747ab23a3d117db99c993d025eb81f5bca89fb2fa7fc852c38ce5a514ce323449bc8741d7a761ae144b5173670f4fef73ec3f4018a8732d3affdbec6887c77d24aaad52cddb6924d924e7dad38c4a98f18e3a99c9f3f680b6d7fe8239c2c58883f744f7e9ae8047fd7a2f2f7bbd33082ba1b2bb7307fd3b3817fc50b3e9c33e87bcee005dd282da1b10a9032887c50493477127748151945a88410b704c9ffc08f9f5dc101de48d08e87c0e88165eb2d2808f5682a4901dd570d640688f656bb61b86a4d288122264bba85f7406dbc274ce2f09d836b41bdbcacbaeb158a372087a7fce8e777ae8d70ce389af8a3819d2612fe316a3034743d39dbbe0dc2ae6e206d4af9cd0e3595b0f832fdfcae0e5c741fbe610ca09e53fc6fec0d7af06b2be0578d948f882c53a2376d0d3ce6fe57797eeb0fa69283b483a3aa523b29f6a8253e1d9f6ced4d695ba6fcd231dd0e95939188cd7db791abb0556a812642801bceeb8627c7a63a7c292aa97dc7f82ea9750f4b5597718d6d2ed5e0fa3e599e101ec581e6b785db28d96fd6e6a1d50dbf6702a65f2cdaf32865fd677590d8a243f253849ae61b84964425361f897ca6245157943b8fb9002468a2f599225604c2912337adbae1537df49c01e85e467923e5dff44e9b57f402c828b967501d6487964569fd1b33d36978112c6662d24b87b71c559813e38b8b84c553a9d2ee17d912104cdeaccd441a3e3c148542554af60d03c46f8253c4945bf4860c753d96b90cef3419447f878137655425165c1cddf5d0309d6cf56956f3a417c7d1ca641de8c05bffe1cbf1f1df0e9b51e2d63796173dc96edb4ac5e94912f6256a367e730055dbb5defb613e34fd57b939359e4a95ba0b2e144cc2634a738be650fb4cba61f91cc5cbb252c222361c61ff2d50ccd402d70c7dfa698b2688266f5329b7486a4c2f7415bf289576d39aa04a3a67cb279bf023da5e26e2163c58d23be204d598a0d63f238438e7d76baab16c52e8ceddccda782d8ea4e4fdc9a73074823ee4f2d5e5c166c8f9a50d586b41e3a056a8feb8ccb21234798bfd98c831305292cb1704dd67665cb41a0345bdd51fce1b4fe217886727ae9aab17a2429d8b9900bcae7740fcf0b48a105ed1ebd67a3164e3abfd7cb784862d343de24079bf5d8c9485f2b928150b82ea252c4f006b63679a20e6f1b63016303f3baacca914813468036227966d10e076e17c10f2c37882e292ceb6d8667d5f5d9e210ad2a9a4617e92235e9ab640a0649aa780c8dd5f42b6295d08c3684f66d675cc88478be5d5860af1a233f9bb53b522136a684c51cf4ae9e309ad2ba76ae8fad164c0e2ca4626b6bdb3b7da04da401ccfba10da5a8b89d4d3f66db0a0f157bdb855d91afa62f7946fb3920df8b77e54d4a05915724195f7a92502ac69f15f9274cdfc2a85f448fc8343a2dd96cabdb133a851add676f422bb406d2076812cbd08eed03b2480ac6329b533488b2c9f47198a90e3f4ccf69ca2b5ec54e4c7424918493be3deb90b3905fa97eb67ffa5555a58a34bfad533b0db8add0ba09707bf78d621fe833c89ba6db59e7374307e7b40200efe6f87316bd7d1b9ea21a54c6b678886306a219fc1d6e80b57ee0e86c2f256212ec672575ed2c0bb802f97a418b27f5293416d2b76755cea9f5a4135e5112e7b2dc38bfcb3d4508d8ebfa4acc82848c4aebad4dfa0c5a8e8a89cd5afd6528aadf68104ebe0b1ebd8049c7814c3a8a60b0c1704fd72f199b2200373138dca1a55066bb7470a6b7c218c6783ee068b340382cccabbe2171d4ac1c4ff68332d15083682512bd4fcb71e00f488e0ea0a15e433a2bc1f94f8fa63f1595e688867ba4b2313f36e794d91e2c1ed602a68e"}, {&(0x7f0000001b80)="312e9bfcc72741cb55e89d49aa45a2cec3a77a7b3f5c81ccc54e3fd3e1d9b8905eec5fc489e42e129cfbaaa5d6d5df5e009c31e9132c4dd4d1e2f4810bdedaba80f2c35a8bcd4c27e7441f41e573df2b7a55dcd8d4e8e7c9175223c69037c057eab6af85a080ad5b71309bcd067b2dab5fadb9e02783b8d00cf997cd0a1ba430c522b9f5eeb6acd9e6f369628e92b1c4d219d77ae67ae1f55f7fa73c0e1252442580fa70f3f5c9218a50112cc5471836a4ecd2e4a8bb4f20186e9f8e01611a64adbf1b238ac9f75ece01ca60160e370555217b4aeebc448f22cadfa3997fe07d27cb907d998a48112db4495a0941ae03ebf2"}, {&(0x7f00000004c0)="b66ab14f2a11c10ee30c545961b87de2cefafeb895bb4ff19476f6174b8d158f1751076a6be2c4968a074b2d083743af7a8a5a397129530e"}, {&(0x7f0000001c80)="f7cd2f8a788fb6367baec77a33c4d891a70b6363856661d5879bd66619b4ec1a064f5b8d86e9939a735b68b1c679321d160a086d387d669d4812a8796c1b6c80053ef1bd3d4d506864e1ab935a689b16df284960bc816bf01314e04cd00a0b8b283938767209544ff33aba1fda16f5b867eb16f4e8662f60d647ebd66270253eac4bf5e89cfeadcc1b05929c53ba704d4d77a43a3a77"}, {&(0x7f0000001d40)="2ccdf0a1e913f69c6c8a596992a2e35918ce4de4a35922b3a21b87a47d46ce5d7cc844cc435e488e768a9b9b560a92d9af0184e56af16f743acaf728d4d86be98163ee63b3347310cdd15e34a4e7c076f676230331cca3c2c209af8763c46d5761ee1596e70d70703fc6860f215a9aa2c880c9f46caa2ec1b9c67e191fcfcccc61374df6d8760ad0ddf2f83da39380ac8942644bb8a71e48a24c22b4c7b5e88310a512f66847f5c5918547cab94a2ceb88e58a5225abca6d64027ba16c60ec640e878268"}, {&(0x7f0000001e40)="b211115c8d09553dd20896eb2babc58b7deb94c444be303c93137ca093ba42700d44c4eadccf2f47b3f90e7c0d23c810f45cd196684a5a1ffcb7d298188166d0fb0758cbbef247713e5bfad70c4519d9195562780f156b88d6c27a5cdf96672b3c8b1d02018673a64d04b9d6571e8884c989e67d90657895e2eadbc6cbfea1965c471f73b377f4f1da880f65507e18e1322cf05c282c03b5c24156"}, {&(0x7f0000000680)="3722c53d0cf86bccf3e638360588947765353c00bc5f115733884eec228a0aa26f96218ac7ff3583d11ef6de234531022cd06c895bd5c637a14b"}], 0x0, &(0x7f0000002340)=[@cred={{0x0, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred, @cred={{0x0, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee01}}}], 0x0, 0xc0}}], 0x277, 0x0) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000001, 0x110, r4, 0x99a1c000) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x200000b, 0x4000010, r3, 0x401000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) syz_clone3(&(0x7f0000000700)={0x800, &(0x7f0000000480), &(0x7f0000000780), &(0x7f0000000500), {0x2b}, &(0x7f0000000540)=""/87, 0x57, &(0x7f00000007c0)=""/262, &(0x7f00000006c0)=[0x0], 0x1}, 0x58) sendfile(r3, r1, &(0x7f00000000c0)=0x2, 0x5d8d9872) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000440)=0xf) (async) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8041, 0xb6445b68d498dd43) (async) ftruncate(r2, 0x401) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0x19) (async) openat$cgroup(r2, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async) sendmmsg$unix(r4, &(0x7f00000023c0)=[{{&(0x7f0000001fc0)=@abs={0x1, 0x0, 0x4e24}, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0, 0x200048c0}}, {{&(0x7f0000000a00)=@file={0x0, './file0\x00'}, 0x0, &(0x7f0000001f00)=[{&(0x7f0000000a80)="aa809bbeef531a4c19388b72b4d598a3ec0b70af67e1b4ecc6c5d71b27aa2fdf6dfea5b51a8d8963f9d7229c67b0363ad3dc9ddf4fb3c41797c2231c1cd7909c75670ab745ba0fd476d3be784537f93debdbf61ce43bdab0a0e5804000a2cf97e3867214d842"}, {&(0x7f0000000400)="3966ef"}, {&(0x7f0000000b00)="2608d7b38a43772d0e3125687a6c57166065f115486777cde28666d56b6243462062f7f0900bd23cf57bbf2e168710a07d8c47e8bb675745fafb1b6282010f6ef3e3eb05a178ba68a15ccc67c0c7a748fa"}, {&(0x7f0000000b80)="6017d1ec51515929ea81db04ae3005fcc7454ccccf2981cb50f7161ae96d906da139987741cd6604f2f943158d30f676f778cd2a7a9fc5def2b52f1dfc195f2e1803d36ba0e3faf0dd3bffe7dd42edc055808c88de376333dea4835d1a4f2f415dd045d2207a7112a96bd60b83dc222aa2027156afdac48ee627d9c53bc9289fa30a114885ce66f0a2d972b4d8c6de2d03b03ccea24fa48c789d5693467621fa024c8318cf3afdc322650eb0b9594f88566b63b745e9e6619745911777ec574407ae2819b8c66afab3c49945c6d525b7971e71e6971b518f483b788998627f554b69e50ae337322d865868ad7c981f7f338249dbbbdf0fb37293008b6d8a38aba2e2657d5ab5f12cd73e5e0ccef3f18373519a2f3df0f7fcc0a7c10cfab87a5cbbd4acee8c48a4a8311dfc48f43fbc28b26c9aad3ffde95027e9b1108a561e2ec54583ab853ff1baf1017ee8d3fdc50461998568c64bfc28eaf43f8aed1d3bf551fc8fcff9c10c2f4d33d98ed46c5ccf9460f922ebf3f7a71ef5cd4265029b933048b4b28f18481395565c94bd003f0c48c48c9980a1b67c69eb24d85f59619c1c57cb89e7dbdb17404d36f97f52e6d062e40070de951219ebcc94ed1eb8ff05a3e3f4c7b11c0c82c8487ccbea548a3794ba723fb17be987168b5435bb2ee0dcfd512d465c6bd9cad57f34b67574589b3a874395abc9b7732e2828ff91030a34577624d9dff546ffbcd7e52793443dc2ee191073ae801d6c992f54bf71bf083aeaea1e7cb6a4c5625f03eee16ff1a80b688d11a2694b77bb3042be7ad53c28778f09b194a95a5f6b523758a5f3755bc0a680ad240851a7b181984a78311ed0261b3285d6ba1f75e7aac5f8eebbf319023a9ec85ef87a8c5d26644dc2fb65dafd092cd83bef52f8e9a0620b5a735c79920cfd732f5255f73bc9c47359ae1c2f580f1c302d7c7b9194b768d3021b4d19b71da9dfa9c04a0fb9bcc3ab5049af9344a1a7b621ea50a7bb85c2d718ca41e2a108153aa4a175aaf2a9a20eb89412f32e42a503f80d186b8b60893f2dfb995be38d391fd09601f751682b137a2c966e5be7be9f13d0a98cd9d93dd9e159e18b609fbb2e69c3c556de444dee5d13eb8844701733c83a197ad13032741b9497769f585cd0b69707340d9dd78d8643ef47f4744d98f5d99c78fe1398ef3b12f4bc5bf9d9e56d74b90dd1fe52c2c52f2c21fea30cfe08daf97d7ff0e0a5186b23a14378b562c3c6b11c358f6bd2f2a6354fd4d7e68c54a79d23be7b23ac4202b78d8c6aa3da1739d8a21fd3527296b0918b3fd78fa9f86f4310e83c47ac4757732090f29585f67879a47b88f7f2c02056426bb4ac78d96acc795ced965180bda57f27a59bc9a215e2f7c6b152043d1a66d412e9bdc7c9bde9893f490636cbb8d41e3cf2ce3f8399c494d47785629f865d36783b58c206ac7119379f9e2492cc1267d03fe82e7ea8e3c378a56e2af79a58e62f449482e085cf481f26c118d8b19d221cffe357e44423a0915c8568304a747473f186a22d2171d2098dd28e02fb9c8a817cb8e344bf900fa6263b98813e1d2913d21eb2c562bbb8c9a9e47956096cee1018b380ad88f86517ae459f17d7745d8b2e963118688c147b397d4d42e44f40b762e988f5a01e585300399d827f2b2f1d961c3884719843f5562bf7660b0c5232bf85b4b14917f5918187c0de66279a3cc2786c3f16ee614e4181e5adb339597c0a7c0b7154f729a0c03b584de598a388537dd6b8f40dcb9828bcad779993f9e1105ced191fb4245304bd5fe4e8e82c2e5823fbbbff2b594b3d4a877deca01553221b028251bb2bd5fb4aef6e425f570878f60919ce509e493a7d86f5387cf9ef447e39235530c2f1c13479adeaa4cb64c202dc65fcafaf011b9cb264c9a55801ad1157392e19c33a34a04cba9869f7723f1bcbb4ee4c69e9e3001df162ca7ec9cf0087758bb999fc1797418d4192b15f274c7cbac603c9964a236033ae4e14b6e8fe4dc9209c9ab253c60491312b43b505fbdf6191191d6becf075b0773b8729f67c89ac3d7e6a424719f126922d0bf53ebe8e8eabc796e67126a02b01076b12f1243b32f13224f0b913738ce3030e316396d1b20f77b6a4c36d7d5b0473240d2c2e940f91972c9feb9b525e0924d2d170b9545c5d2f9c619bb105b65809781ec4de1a7435a3a7e143300aa7d42f0cc9009bf46c4fcb18186b4ccaac13c186fca341981efbc6164f9c3fbaa15c0d8fe3ac0c48f60ddf6f0bf7f700328109e0be3301867629918426867d3b39c2ff1e935a701804aa475062d8593318cdff3a375b6e9a7497b2c40f570ef7b74a49f9c25d51e00d44d3d8c0be3070f22a63afb1437e30c0dd6795261bb253aaa823c2053d8b2c6e3bf2a62784e1c8ff2dbcadbf6de9409ef2a1bf43a78471b3cea04f5947a942ec68f5481426c16ffb93813d23a8bf6b168711de442b103e789f5f9399a9233da4bf05ae5d6e075558db24bb711beb8c71d167cbb6de61effd873491bb2965b205a8d48c83cae2025e6b5b579257256b9d7353c01ee95b8f6bdef2453a96301d306297f1e86328ddbee12dab16460b0d4864786cd953c499b044b64ada7979fa8d2cc75f3f0c49b6533555eea040992567aa323374c957dce81aae3839e22fbd86a183ddc1700dfb28dad75341ae5cf269c0d61d4badc7c775782408b22d658869c535fbff8cde042f3344383d419775363d07c59af537dd5b97f6c872b41fe32d708d68b0c3ce161c5000256f1695c45a87fe2cdbc8d19c6169252feddb399d2eea5c8aa344c476d37e4c691e5acf1ecda502f25fab674eb08d45e0646f247a321a50a728678c44edc6b3167b98f6ed5e4159b70224739887831edac06dfa4d1e8aeed3b7a6531166380e5d8837b311ef841317d49dbc09948b76509650e5b4176509393245898791734a05375fd2620e638787abfcd6b5c1c2f05f0eac17be1cc01a1d2f46d1209e2469c476080d898b2459664adb5fa8c07808275f5a94f683964794ce25cf0e34f292cdfc17fca4f329486520f17bb5d057e6a153dca2c94135d8ef89987874db36ff20abf4c6848330db85973e4680603dc327e5498a8d8215ad12bd91f56a5f6477b5fc743b960dbef4b3ef2eff07d81c6f9380df2e996fa2d8610534fbe96960a35c8a5b76ae34e0af6ce2b23b7cc01c770fc7703adc63a17ec2b08f1b5a79143df724e2a0e55899af77c3dbba36ec1088b95306c4652850e7803ce4ec72c54431de48a9ad9940bf4a327a3c1707df078867a531799f7ae5cd273e950cb79c16c999f955bcfb3b28434e6443830126f006e3ae5a9d77221412e4f6b3522f90e67d617afa398990848cd1fb9036cea7d2b524eddbbb133160b1dc312cddbd131bcf9b7e84c5326ad657657d2ab43aec2738cd642c352d078a1b31c849cf3a96fe03fce85fe9eb2ebaa1b2434d3229b89180d99a25ef54b04a8f1b92e0f59ab5b62b63677f6ff237b54921dc156ede840d9db1972b31c138909bb623fc2a27e2b06fb042dcd2985a45bf240fcdfc70628d69568aefe3df736adbaef8c0b76bb00555b5515ee5711a6a6718b7e86d77f16fddb0ac44c6cd55e5025f3a91f1d787ec36f8d0e8ca1fed277dc2490d804edcea731eb98147dc839c49ee773fb2eb852c70a7c2745047457cd72cd2a6e4bd45e2f62d091ed0ee158cd06cb6f08870c8da06827ca548fbb87bcc1408694bd9b3afc03ecf754857137f5744774ea29d07b5303e5ca0edaa984478857aed367249896b66ec6339dd97740f8aab07b146ad372d6f2d368f44908e12c72d9ffe91fc865d12a9001e05ac48d7d1f9146ed04d2255f7e2a8af7b7809b1daf6f189b513bedd8abdfc75f3887f491747ab23a3d117db99c993d025eb81f5bca89fb2fa7fc852c38ce5a514ce323449bc8741d7a761ae144b5173670f4fef73ec3f4018a8732d3affdbec6887c77d24aaad52cddb6924d924e7dad38c4a98f18e3a99c9f3f680b6d7fe8239c2c58883f744f7e9ae8047fd7a2f2f7bbd33082ba1b2bb7307fd3b3817fc50b3e9c33e87bcee005dd282da1b10a9032887c50493477127748151945a88410b704c9ffc08f9f5dc101de48d08e87c0e88165eb2d2808f5682a4901dd570d640688f656bb61b86a4d288122264bba85f7406dbc274ce2f09d836b41bdbcacbaeb158a372087a7fce8e777ae8d70ce389af8a3819d2612fe316a3034743d39dbbe0dc2ae6e206d4af9cd0e3595b0f832fdfcae0e5c741fbe610ca09e53fc6fec0d7af06b2be0578d948f882c53a2376d0d3ce6fe57797eeb0fa69283b483a3aa523b29f6a8253e1d9f6ced4d695ba6fcd231dd0e95939188cd7db791abb0556a812642801bceeb8627c7a63a7c292aa97dc7f82ea9750f4b5597718d6d2ed5e0fa3e599e101ec581e6b785db28d96fd6e6a1d50dbf6702a65f2cdaf32865fd677590d8a243f253849ae61b84964425361f897ca6245157943b8fb9002468a2f599225604c2912337adbae1537df49c01e85e467923e5dff44e9b57f402c828b967501d6487964569fd1b33d36978112c6662d24b87b71c559813e38b8b84c553a9d2ee17d912104cdeaccd441a3e3c148542554af60d03c46f8253c4945bf4860c753d96b90cef3419447f878137655425165c1cddf5d0309d6cf56956f3a417c7d1ca641de8c05bffe1cbf1f1df0e9b51e2d63796173dc96edb4ac5e94912f6256a367e730055dbb5defb613e34fd57b939359e4a95ba0b2e144cc2634a738be650fb4cba61f91cc5cbb252c222361c61ff2d50ccd402d70c7dfa698b2688266f5329b7486a4c2f7415bf289576d39aa04a3a67cb279bf023da5e26e2163c58d23be204d598a0d63f238438e7d76baab16c52e8ceddccda782d8ea4e4fdc9a73074823ee4f2d5e5c166c8f9a50d586b41e3a056a8feb8ccb21234798bfd98c831305292cb1704dd67665cb41a0345bdd51fce1b4fe217886727ae9aab17a2429d8b9900bcae7740fcf0b48a105ed1ebd67a3164e3abfd7cb784862d343de24079bf5d8c9485f2b928150b82ea252c4f006b63679a20e6f1b63016303f3baacca914813468036227966d10e076e17c10f2c37882e292ceb6d8667d5f5d9e210ad2a9a4617e92235e9ab640a0649aa780c8dd5f42b6295d08c3684f66d675cc88478be5d5860af1a233f9bb53b522136a684c51cf4ae9e309ad2ba76ae8fad164c0e2ca4626b6bdb3b7da04da401ccfba10da5a8b89d4d3f66db0a0f157bdb855d91afa62f7946fb3920df8b77e54d4a05915724195f7a92502ac69f15f9274cdfc2a85f448fc8343a2dd96cabdb133a851add676f422bb406d2076812cbd08eed03b2480ac6329b533488b2c9f47198a90e3f4ccf69ca2b5ec54e4c7424918493be3deb90b3905fa97eb67ffa5555a58a34bfad533b0db8add0ba09707bf78d621fe833c89ba6db59e7374307e7b40200efe6f87316bd7d1b9ea21a54c6b678886306a219fc1d6e80b57ee0e86c2f256212ec672575ed2c0bb802f97a418b27f5293416d2b76755cea9f5a4135e5112e7b2dc38bfcb3d4508d8ebfa4acc82848c4aebad4dfa0c5a8e8a89cd5afd6528aadf68104ebe0b1ebd8049c7814c3a8a60b0c1704fd72f199b2200373138dca1a55066bb7470a6b7c218c6783ee068b340382cccabbe2171d4ac1c4ff68332d15083682512bd4fcb71e00f488e0ea0a15e433a2bc1f94f8fa63f1595e688867ba4b2313f36e794d91e2c1ed602a68e"}, {&(0x7f0000001b80)="312e9bfcc72741cb55e89d49aa45a2cec3a77a7b3f5c81ccc54e3fd3e1d9b8905eec5fc489e42e129cfbaaa5d6d5df5e009c31e9132c4dd4d1e2f4810bdedaba80f2c35a8bcd4c27e7441f41e573df2b7a55dcd8d4e8e7c9175223c69037c057eab6af85a080ad5b71309bcd067b2dab5fadb9e02783b8d00cf997cd0a1ba430c522b9f5eeb6acd9e6f369628e92b1c4d219d77ae67ae1f55f7fa73c0e1252442580fa70f3f5c9218a50112cc5471836a4ecd2e4a8bb4f20186e9f8e01611a64adbf1b238ac9f75ece01ca60160e370555217b4aeebc448f22cadfa3997fe07d27cb907d998a48112db4495a0941ae03ebf2"}, {&(0x7f00000004c0)="b66ab14f2a11c10ee30c545961b87de2cefafeb895bb4ff19476f6174b8d158f1751076a6be2c4968a074b2d083743af7a8a5a397129530e"}, {&(0x7f0000001c80)="f7cd2f8a788fb6367baec77a33c4d891a70b6363856661d5879bd66619b4ec1a064f5b8d86e9939a735b68b1c679321d160a086d387d669d4812a8796c1b6c80053ef1bd3d4d506864e1ab935a689b16df284960bc816bf01314e04cd00a0b8b283938767209544ff33aba1fda16f5b867eb16f4e8662f60d647ebd66270253eac4bf5e89cfeadcc1b05929c53ba704d4d77a43a3a77"}, {&(0x7f0000001d40)="2ccdf0a1e913f69c6c8a596992a2e35918ce4de4a35922b3a21b87a47d46ce5d7cc844cc435e488e768a9b9b560a92d9af0184e56af16f743acaf728d4d86be98163ee63b3347310cdd15e34a4e7c076f676230331cca3c2c209af8763c46d5761ee1596e70d70703fc6860f215a9aa2c880c9f46caa2ec1b9c67e191fcfcccc61374df6d8760ad0ddf2f83da39380ac8942644bb8a71e48a24c22b4c7b5e88310a512f66847f5c5918547cab94a2ceb88e58a5225abca6d64027ba16c60ec640e878268"}, {&(0x7f0000001e40)="b211115c8d09553dd20896eb2babc58b7deb94c444be303c93137ca093ba42700d44c4eadccf2f47b3f90e7c0d23c810f45cd196684a5a1ffcb7d298188166d0fb0758cbbef247713e5bfad70c4519d9195562780f156b88d6c27a5cdf96672b3c8b1d02018673a64d04b9d6571e8884c989e67d90657895e2eadbc6cbfea1965c471f73b377f4f1da880f65507e18e1322cf05c282c03b5c24156"}, {&(0x7f0000000680)="3722c53d0cf86bccf3e638360588947765353c00bc5f115733884eec228a0aa26f96218ac7ff3583d11ef6de234531022cd06c895bd5c637a14b"}], 0x0, &(0x7f0000002340)=[@cred={{0x0, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred, @cred={{0x0, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee01}}}], 0x0, 0xc0}}], 0x277, 0x0) (async) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000001, 0x110, r4, 0x99a1c000) (async) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x200000b, 0x4000010, r3, 0x401000) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) syz_clone3(&(0x7f0000000700)={0x800, &(0x7f0000000480), &(0x7f0000000780), &(0x7f0000000500), {0x2b}, &(0x7f0000000540)=""/87, 0x57, &(0x7f00000007c0)=""/262, &(0x7f00000006c0)=[0x0], 0x1}, 0x58) (async) sendfile(r3, r1, &(0x7f00000000c0)=0x2, 0x5d8d9872) (async) 16:51:21 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$KDADDIO(r2, 0x400455c8, 0x9d65) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async, rerun: 32) lseek(0xffffffffffffffff, 0x200, 0x0) (async, rerun: 32) open(&(0x7f00000000c0)='./bus\x00', 0x20101, 0x19c) (async, rerun: 64) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (rerun: 64) ioctl$TCFLSH(r0, 0x540b, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async, rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 725.809667][ T3684] Bluetooth: hci6: command 0x1003 tx timeout [ 725.810028][ T3642] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 725.874865][ T26] kauditd_printk_skb: 11 callbacks suppressed [ 725.874884][ T26] audit: type=1804 audit(1644684681.208:2181): pid=17078 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/631/bus" dev="sda1" ino=1163 res=1 errno=0 [ 725.907688][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:51:21 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f00000001c0)={0x1, 0x5, 0x1000, 0xc4c8}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) ioctl$TCSETAW(r0, 0x5407, &(0x7f00000000c0)={0xba, 0x400, 0x9, 0x9, 0x1b, "6752fbe287f98eb2"}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r2, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000200)) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 725.911937][ T26] audit: type=1800 audit(1644684681.208:2182): pid=17078 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1163 res=0 errno=0 [ 725.915970][ T8020] Bluetooth: hci7: command tx timeout [ 725.978436][ T26] audit: type=1804 audit(1644684681.308:2183): pid=17084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/631/bus" dev="sda1" ino=1163 res=1 errno=0 [ 726.005191][ T26] audit: type=1804 audit(1644684681.308:2184): pid=17084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/631/bus" dev="sda1" ino=1163 res=1 errno=0 [ 726.035404][ T26] audit: type=1804 audit(1644684681.368:2185): pid=17084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/631/bus" dev="sda1" ino=1163 res=1 errno=0 [ 726.070362][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:51:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x0, '\x00', [{0x1, 0x866, 0x1b, 0x800, 0x7, 0x9}, {0x8, 0x8001, 0xfffffffffffffffc, 0x20, 0x100000001, 0x1}], ['\x00', '\x00']}) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) r4 = syz_open_dev$hidraw(&(0x7f0000000000), 0xf1, 0x0) fgetxattr(r4, &(0x7f0000000040)=@known='user.syz\x00', &(0x7f0000000280)=""/173, 0xad) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) (async) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x0, '\x00', [{0x1, 0x866, 0x1b, 0x800, 0x7, 0x9}, {0x8, 0x8001, 0xfffffffffffffffc, 0x20, 0x100000001, 0x1}], ['\x00', '\x00']}) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) creat(0x0, 0x0) (async) ftruncate(r3, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) syz_open_dev$hidraw(&(0x7f0000000000), 0xf1, 0x0) (async) fgetxattr(r4, &(0x7f0000000040)=@known='user.syz\x00', &(0x7f0000000280)=""/173, 0xad) (async) [ 726.082601][ T26] audit: type=1804 audit(1644684681.408:2186): pid=17084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/631/bus" dev="sda1" ino=1163 res=1 errno=0 [ 726.129715][ T3640] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 726.129866][ T8020] Bluetooth: hci9: command 0x1003 tx timeout [ 726.149091][ T26] audit: type=1804 audit(1644684681.408:2187): pid=17084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/631/bus" dev="sda1" ino=1163 res=1 errno=0 16:51:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 32) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (rerun: 32) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async, rerun: 64) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000180)=0x1f) (rerun: 64) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000240)=0xf) (async) fallocate(r0, 0x65, 0x8000, 0x2) (async) ioctl$KDADDIO(r3, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0x2) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)) [ 726.175390][ T26] audit: type=1804 audit(1644684681.408:2188): pid=17084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/631/bus" dev="sda1" ino=1163 res=1 errno=0 [ 726.223271][ T26] audit: type=1804 audit(1644684681.408:2189): pid=17084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/631/bus" dev="sda1" ino=1163 res=1 errno=0 [ 726.248914][ T26] audit: type=1804 audit(1644684681.408:2190): pid=17084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir753687303/syzkaller.P8uhWH/631/bus" dev="sda1" ino=1163 res=1 errno=0 [ 726.307481][T17112] ptm ptm7: ldisc open failed (-12), clearing slot 7 16:51:21 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$KDADDIO(r2, 0x400455c8, 0x9d65) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x20101, 0x19c) (async, rerun: 64) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async, rerun: 64) ioctl$TCFLSH(r0, 0x540b, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:51:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xf, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x9}, [@cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffd}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x2}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffa}, @exit, @map_val={0x18, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xc}, @func={0x85, 0x0, 0x1, 0x0, 0x1}]}, &(0x7f00000000c0)='GPL\x00', 0x8, 0x59, &(0x7f0000000180)=""/89, 0x40f00, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000280)={0x0, 0xc, 0x1, 0x3}, 0x10}, 0x80) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) ioctl$BTRFS_IOC_RM_DEV(r2, 0x5000940b, &(0x7f0000000340)={{r3}, "2da053b0e17b9da4a5ce5dedd10fb0fcb748993a051495ea971c01df3beb9fb4be0c7afcd5dcdfcaadea14d6dddd1500d7cb46ea4d4bfe0dc4678f96a8f054707d4ae529332266fbec5779ff24367339ff18c071ea5c26e94df48d94b4d1ca1148f74fc18609e2cde8d6546bf612b64602650896e0d37465f593feb4b70bd14674543d452ca89dd0ffeb54d3e7b32dcc39f0e8f2631214f37d1a9e8dc7b478e17597f6c01283efa4f5cb556b3c21ccc59dbe627b89fb065ee3dcba3f5786b0243be935c3104787444e91a48c61a563abffd03360b0cb37f15311b0d3cb036c46bddffebdd369afb0acf7c9274470c12cda965c95a1b8e44e30ed53e3b731aa1e6c70db9ef7b9a8898ff8bb5630da310eead775bdaa2b21c4e80fcb56fdfe09a712ed6532ab51bd13492f80e7ff6df95120ad621cb3ea3ff65d2c881648fa01c678ce2ae2ce03188e7c6ff75e83265903264bdea34f73d836818efc58bb20eca6dace890eb291d5a5e2ffbab7813834f81b6a2718d3f640c8fa1b9ca8e06b8c90d2a83c8681c5ed0936c9595fc263b4778a19dc7468290d2f5a220bb52f3f27db022ccfd8e5fddf41d9140cffbd2a394f6ae8db3069873345e10f573915eaead8546137ae31bec7bfe3f5a263f9ab07032d36a8809008cb45cb6317745f7c1b589025d91029b3be72950ce3f7ff5e91cd56bdd8959c367371ca6f250137f6f8a6c30374a8a9b725f80abb3457107763479696edb39351588cc3e2548724a33340c869d79bf4b2aadc6b9c20af664424c46ce119a15525fa6d3cad2652dff608a1dca3888eb71c5227af67c6249bf7c77c01419f19b3ec898fb7f55b8fa1a39586a479fbbf1fed177d04de7ccd676c1ca3ee73098e23477c6dc1e3dff5a220edf3049667fdf5b3c0edb20ef17a85f66b635b18928ad280d2b271c65f024f16d432c170421097ce25f986d3222feba37826f4c29dba350be62d3567a9c1d0873b8146baaa62394c551b1b357a4e4bcc31ec3e5df81781a524bc53e1aa5a6ecaf17b576b7bd5292dd8ca302036ff288d49554978173d233da63b8c339aaaac773f06644d7eeb198cdb683d20db612204bc9565267ffda3af1609d5c4fb8bdec09c9f31cb59fdfa1a95a71d686eb52d884e3311fbca87662ba4feee1b6febb3d28be1a46b9fec0b04d6a76405d46ac2a122e23738392a479b6b8214024b7d55451633ecdcdf96d35c751888724b8b69d2b1805d1936a6ea41b1008dd03479cc71132e9054a5b4e0e05ac59c41cade629c720da067b31ae734a91e1a3b253a7587bde43285fb618eea0e4f216824e229a81afa7da01492847004a788832bde50d84a52f47dd14f4c0ab0c92df01e2af9057f57ec6ed27e597a145037b7dd5bb9d75c04947ae479dd6faf5a86ac416cbd22427c9534dfe4ff365c32ed3cd5663f4f694b811851fd3b027f8050993357d4e5c7a9ef407de8724cd1bc779459f14c0cdd10f79cd4b0bc6b6ff9fe7727f436e5c4c9d5da4cea05c560610a35dcce3248e0de58eb0cf43b259e390ad1126f4a44a0e29f7c003b227e76a1168a060c61ba47e6e6abe1e2e16d94753e485a5cf5b98daccada8f72e82be839fbdcfa702e9d137aea35b42a59951e1d9dae7f9bbef0367f0fa9f5fbdada4d9772c293aad56a3d4eb129f56a373a5c5886e05fc0313c04be25d19fae4d177ac6447df7c686be2ebe73795f34809cee09850551934a6c7c38c5fd0cf497c87772ac0ce5c14ae6f984ee536bc7311967c75e28316351253bb71d2705b6fab0212021e5af9083925504ecd74577b22430e306106cc10ab7755d0e1fd387092230b4e7f95a04df10660d6399a3b734c868ecf1f1e3a5bd7ef91b6eefb45656e028c2dba8d296be27611c3451af7518de9090814035045b7b9e295770282f32e1612a6da47bbfe7894b052f1e671ac7fee7b3c1f2eb29101d50ad0d65a98492f776693a39d4381d9258bf7824d7898d7dd206a1699227f97dd12576b5bc1b56fd930c380d9a336d4ad2daeaae960100b081b29c462d564cf84d7587ea533d05a2bc705bd15eb5064770f19a0468720ac330023890096198383f8cd8aa1f4a75329c7cd9ba7e1d055d9b0c8c6bb2ecd4f28e14b377eb485dbdf49aeba16e53fcdb3882038363a7eb0e096e3d188993a008ff438845c8d8399d8cd3a4016acae8b6ccb96632eebc99540a6adbe06f2091b9eb5da50523540a5f67537c3618fc3149189fa4cf4d9c7d1a828e96526991c5063bae6f1c1590b900a4f6501435aeac75107ecd56a77454c4c71f42a96e6432b161b1c3a0fc50a4ae333a45ac07da6699ba5e481be33835ed2e4849e11666ef01f175e1612d0a1ee15b2e99c50edd4feddfdd3c7d37c470d95b2a1082a9f740f4379ede4b7ce4770e2c7256ebeab9807651983ca3528e1194df332169cc35aa9917fbb9b62d546e93f43acb2a77509ef2fc2bdf330137ffacb22ac18dd579e0934f3a2a59553d0e3bddabb682678cc7218900d64721c0b39b0ca5c3e10ba58d5834be63634394e3efcd2e40ddc6d6ab1ace44c0800b4e97685c004c0335ea66d6bf51beb8c53829158dd068e8d406e9092c97698ac76e3a03e455a6e7fd4916981076c8d6339fc1b9d19fb59b086342e6265c931ead98220e0490ce968ce7d3dc58178e3917b22cc922d63f16307786636648ab1ea5dc600bbc97d4e8643ba2cf85ac502bc0a1b62f089c37fd376c4617c4cc1eb3f8eb3280fd907f483b27bce07e611d7282933f0e03b39b39b2dbd9a11fa4435a0a636ec2135c90be05b2b7672a138a28cc63ac6141ec98caed5e2d210351348dee4ae6c6526d5ea3b405ce71f99d95715afab5d1d128df7ea82b7673a08747c48cc387e115c75a4d84673c48d32647039e6db90010948f171f11484ac89090c1184adc53e06733a84fd09adb1d07d5c9e2a487d6f535aa6c4eab1c0352980b3cd5ca96c4221a3c1ad4a8f9771ddf0f54d3252c2e9dd0f6153bf9254f1b13fa2b7d1fadca270fb73f2fa96c4229afa15cf6e736aee1a9913960749e9f95bf497df6b1063734feb6ae37c23171c00b4ecf72af3bc85e38cdece59584bb6f2a7c9ec73dbb39bd9eefa18ffc7381c533e93344b1ecd6774ea4b5f6e79ccc5e4bb8c5e6d658072e465c0a9de48d3b53e3453faaaf12a1fd580897996c4b72c6722e6e600250dbaa8aceae30dd601e96e4b361980d2b42f5eb326d8003f2ae4e351bcc36cad310fbe2ab8976e920ad127ed3c3a903d1b4536cb3440605de8ee110c99a92af01983331fd5c4cc9ab5f458246bd1687ddd08eab91aaf9eec39607fc3ad601e1513a00b7c280e52e3f6b3d7df2607ae405736fd99da4a69cca8278f327301586c038d461b102bac852590d7e763ec0610e7bf967ec7e15dac43b87e930adaa8e4f93af2dacc723c74b5ef153770eb51fc694089de68bb520cb5d092a96153eadb21f1e0520cb36fb2e95323700b03d89f68dd8733af804d2e39ade595197cc66bff16745e4309dc9c3f4e4ed85cf7713a07add6d5d8c812347f384fe01ea1b0bbbce38d2416cd33c3bd11f179dee0f17315978e188051b77f424ebb498ab4dcb8d29d274346d943de4700f6ca79e6076d9d7c4971b5d64508b3f5255d9de2717c6e410e42ab9f7bd6c08a16b3896fd3f114385ccfceaba79eaaeb17a0f3507fc4d303eed4f46b0c860bd349c6d95d0b6b22362e0356bab5ca2dff384427e2301c51b3bc926220be3e49ea8bff7c59ece87d0cd6478d11302131aea9d3f8f889cb5efe22d103c4fb0b6e1435cb31252326444c8599afb7240ca9ef7fc904dd94ce4e9af44b7bb34af98e93d187f693b6adc50ef151a5bc45b4a49a82c637ecfeb541e9c90b269a171140c4980b5487e0315a09af97e45a53c6858b42d6a7b817e4ad578941c944eb39508ffd2ce749957d31a0606be270258f7aafc9cb5652cca50eff7678318028ef9ba57d4e8dc5c3aa20478762a2a54310a42bcc7328e75b87d081e20a1b842f28bde229795848d39b8c43d187bc3254330337ad0d999994e1abbcd537b2dc71b98819365dca843333f431c705bd049a277aff24f69a460a4c7ae050e69ac54cb09b45ec648eb82f5b51987ee0e2c27ea71c6ae725a8a75a067bb02cac0c49abe62589d305b5616666d439b74d70a2b1246bede7e33b4f3a36c65fb8bd97f29b1ac081be95d0b32dfc053c24ce85e57fe3110dd654994f0fba3b0b1a117d52417b458c71f6b24dfde664e85890ec84466ad9cf6792d60d6cd97c4ce47c0a20cf09a59ac2c3c209a481352725f1fd2b51a119f3295e80c214c77f11f26d1f42230ed29e2fc4cf2ef23572962325f88eae628d714a96bb4421c2c094a5da7c8f31725ee304197aaa116335b767bad23dc8ae510dd2481b18f4907f1967f854f006115504a18bee9b0cba7929d565997a4bc3f83362b102a73d05d11b750deef0d2e13861b9aeec91a397c8b45206ccefddf0b5b0938a4700249d9c5fdb1a806ea94f21331e70957c986e3ec87feb57b3e856c13d3ac6662536497ab31eaba87d28bcf7b5a4c13046aa6c7cf4531f685dbcb919f8c5d67810cf8fafb1de86ff4423c9ddad0d42be76377cb701429722bd737319ef607aef3c194cd497b95c55d78fa47f0f8a98c80933b125f1e684233e3d68e91563d79156c7e31c2972a1a53814d034fb8b2fe2377fe9d67063a82964f6d799656467b1cdd4341f4b9149b00f9fff27257caf1e9b858bdc603c9a24d045c70da1b9abd1929ecebabef930ffcd77193e4e2ab981b0862630ef755a687a7f70c11ecff7eebb301ba9ff9206f5c259d7797581e086d6415d5d588e27b32211770cf4e4e28638197429aace7d8aec089be2df39fbc32a9bb0e17de7975cd491bc76de30b80a2a5e341b13f032b7d96d6070079af54a99692a7b31c8cba042a493ac2cac4f074a83255ccddaede4b51e580f066d549ea76c21181ea2c1596deb4024c4d2a5ea087ca32cd3bd5ee0de93a90cecf515dc4592ed869bd539ff070bfb8266e2c5e8023ffa00eebf8e86ce58fdeaa7ab448abf52dd2f40f7f887152b35ee0b40146ef1f1aae4e081d0fa7ad04c641b5c16a5afa4391c77dc8dcdf66a69be9ec852bc8b74f1c8b0ec46cae3e9eb51d0657bb57613c3e5e0b0f65c416e911c67acbb8ba6880548335c949c9b89421ee0e39f16d0e0b2a1cd158a859424e758c40c4d34b8a901f203230aa6f4a4705a111e6f8ca79b4f2b816590bb439a6999b5174504b7cb1ada49764c8752e5e6b1186a2f4316d4d76de07999ad03ad65a3d2b89d9c87af3a35e04fa7cc8323dd0565db98d0aae24bd9aec497ddb2a5c4189280b454c3350880f339232ff2ad1c73433568228266bb6baccf0502c93564e637b35b4b028f0da095378db727b403a13728230c926eacee63fe17dc438762e6b07e23655a4ef29f0dd7e74cbadef8e2fb5dfe9a966ea8bc3787b49e7dedfa3bc4864b52befc88d0c5c422654daae9794927805be03c9af3af451f74f85cc2f0c5b806d28d693ffd5882563e7121938c97879ef2fb805e75abeb75f9937322b78358955cfb05000e4306d59a25935c1cc5632ae8ba3475722ead47daecbbb21203cce0021b66460e24b2555e226cc8b7c47ea9059aedfbfa5f93dec6f6d3a6f5711048ea83227ec70fe76f5bf6db16db25c33f73ddd50c82b41802d9ddfa30d1fa4861c0fa2f0bf6a82c5f83d64e98a3429e43eef0741686788a9607c1af23eab3fb4"}) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 726.620054][ T8020] Bluetooth: hci10: command 0x1003 tx timeout [ 726.626364][ T3625] Bluetooth: hci10: Opcode 0x1003 failed: -110 16:51:22 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0) ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f0000000040)={0x4, 0x9, 0x8, 0x401}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 727.969765][ T3676] Bluetooth: hci6: command 0x1003 tx timeout [ 727.982342][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 16:51:23 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f00000001c0)={0x1, 0x5, 0x1000, 0xc4c8}) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) ioctl$TCSETAW(r0, 0x5407, &(0x7f00000000c0)={0xba, 0x400, 0x9, 0x9, 0x1b, "6752fbe287f98eb2"}) (async) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r2, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000200)) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) [ 728.129781][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 728.129921][ T8020] Bluetooth: hci7: command 0x1003 tx timeout 16:51:23 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) (async) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x0, '\x00', [{0x1, 0x866, 0x1b, 0x800, 0x7, 0x9}, {0x8, 0x8001, 0xfffffffffffffffc, 0x20, 0x100000001, 0x1}], ['\x00', '\x00']}) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async, rerun: 32) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async, rerun: 32) r3 = creat(0x0, 0x0) ftruncate(r3, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async, rerun: 64) sendfile(r3, 0xffffffffffffffff, 0x0, 0x10000) (async, rerun: 64) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) r4 = syz_open_dev$hidraw(&(0x7f0000000000), 0xf1, 0x0) fgetxattr(r4, &(0x7f0000000040)=@known='user.syz\x00', &(0x7f0000000280)=""/173, 0xad) [ 728.289771][ T3640] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 728.289772][ T8020] Bluetooth: hci8: command 0x1003 tx timeout 16:51:23 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)=0x19) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2) sendfile(r3, r4, 0x0, 0x10000) ioctl$FS_IOC_SETVERSION(r4, 0x40087602, &(0x7f0000000000)=0xff) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 728.379708][ T8020] Bluetooth: hci9: command 0x1003 tx timeout [ 728.389665][ T46] Bluetooth: hci9: Opcode 0x1003 failed: -110 16:51:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000180)=0x1f) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000240)=0xf) fallocate(r0, 0x65, 0x8000, 0x2) (async) ioctl$KDADDIO(r3, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0x2) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)) [ 728.433538][ T3640] Bluetooth: hci8: sending frame failed (-49) [ 728.441393][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -49 [ 728.487653][T17150] EXT4-fs warning (device sda1): __ext4_ioctl:1175: Setting inode version is not supported with metadata_csum enabled. [ 728.769981][ T7] Bluetooth: hci10: command 0x1003 tx timeout [ 728.770063][ T3625] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 728.859851][ T3636] Bluetooth: hci11: Opcode 0x1003 failed: -110 16:51:25 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r1, 0x80047210, &(0x7f0000000000)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:51:25 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)=0x19) (async) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) (async, rerun: 64) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async, rerun: 64) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2) sendfile(r3, r4, 0x0, 0x10000) (async) ioctl$FS_IOC_SETVERSION(r4, 0x40087602, &(0x7f0000000000)=0xff) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) 16:51:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 64) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 64) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xf, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x9}, [@cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffd}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x2}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffa}, @exit, @map_val={0x18, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xc}, @func={0x85, 0x0, 0x1, 0x0, 0x1}]}, &(0x7f00000000c0)='GPL\x00', 0x8, 0x59, &(0x7f0000000180)=""/89, 0x40f00, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000280)={0x0, 0xc, 0x1, 0x3}, 0x10}, 0x80) (async) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) (async) ioctl$BTRFS_IOC_RM_DEV(r2, 0x5000940b, &(0x7f0000000340)={{r3}, "2da053b0e17b9da4a5ce5dedd10fb0fcb748993a051495ea971c01df3beb9fb4be0c7afcd5dcdfcaadea14d6dddd1500d7cb46ea4d4bfe0dc4678f96a8f054707d4ae529332266fbec5779ff24367339ff18c071ea5c26e94df48d94b4d1ca1148f74fc18609e2cde8d6546bf612b64602650896e0d37465f593feb4b70bd14674543d452ca89dd0ffeb54d3e7b32dcc39f0e8f2631214f37d1a9e8dc7b478e17597f6c01283efa4f5cb556b3c21ccc59dbe627b89fb065ee3dcba3f5786b0243be935c3104787444e91a48c61a563abffd03360b0cb37f15311b0d3cb036c46bddffebdd369afb0acf7c9274470c12cda965c95a1b8e44e30ed53e3b731aa1e6c70db9ef7b9a8898ff8bb5630da310eead775bdaa2b21c4e80fcb56fdfe09a712ed6532ab51bd13492f80e7ff6df95120ad621cb3ea3ff65d2c881648fa01c678ce2ae2ce03188e7c6ff75e83265903264bdea34f73d836818efc58bb20eca6dace890eb291d5a5e2ffbab7813834f81b6a2718d3f640c8fa1b9ca8e06b8c90d2a83c8681c5ed0936c9595fc263b4778a19dc7468290d2f5a220bb52f3f27db022ccfd8e5fddf41d9140cffbd2a394f6ae8db3069873345e10f573915eaead8546137ae31bec7bfe3f5a263f9ab07032d36a8809008cb45cb6317745f7c1b589025d91029b3be72950ce3f7ff5e91cd56bdd8959c367371ca6f250137f6f8a6c30374a8a9b725f80abb3457107763479696edb39351588cc3e2548724a33340c869d79bf4b2aadc6b9c20af664424c46ce119a15525fa6d3cad2652dff608a1dca3888eb71c5227af67c6249bf7c77c01419f19b3ec898fb7f55b8fa1a39586a479fbbf1fed177d04de7ccd676c1ca3ee73098e23477c6dc1e3dff5a220edf3049667fdf5b3c0edb20ef17a85f66b635b18928ad280d2b271c65f024f16d432c170421097ce25f986d3222feba37826f4c29dba350be62d3567a9c1d0873b8146baaa62394c551b1b357a4e4bcc31ec3e5df81781a524bc53e1aa5a6ecaf17b576b7bd5292dd8ca302036ff288d49554978173d233da63b8c339aaaac773f06644d7eeb198cdb683d20db612204bc9565267ffda3af1609d5c4fb8bdec09c9f31cb59fdfa1a95a71d686eb52d884e3311fbca87662ba4feee1b6febb3d28be1a46b9fec0b04d6a76405d46ac2a122e23738392a479b6b8214024b7d55451633ecdcdf96d35c751888724b8b69d2b1805d1936a6ea41b1008dd03479cc71132e9054a5b4e0e05ac59c41cade629c720da067b31ae734a91e1a3b253a7587bde43285fb618eea0e4f216824e229a81afa7da01492847004a788832bde50d84a52f47dd14f4c0ab0c92df01e2af9057f57ec6ed27e597a145037b7dd5bb9d75c04947ae479dd6faf5a86ac416cbd22427c9534dfe4ff365c32ed3cd5663f4f694b811851fd3b027f8050993357d4e5c7a9ef407de8724cd1bc779459f14c0cdd10f79cd4b0bc6b6ff9fe7727f436e5c4c9d5da4cea05c560610a35dcce3248e0de58eb0cf43b259e390ad1126f4a44a0e29f7c003b227e76a1168a060c61ba47e6e6abe1e2e16d94753e485a5cf5b98daccada8f72e82be839fbdcfa702e9d137aea35b42a59951e1d9dae7f9bbef0367f0fa9f5fbdada4d9772c293aad56a3d4eb129f56a373a5c5886e05fc0313c04be25d19fae4d177ac6447df7c686be2ebe73795f34809cee09850551934a6c7c38c5fd0cf497c87772ac0ce5c14ae6f984ee536bc7311967c75e28316351253bb71d2705b6fab0212021e5af9083925504ecd74577b22430e306106cc10ab7755d0e1fd387092230b4e7f95a04df10660d6399a3b734c868ecf1f1e3a5bd7ef91b6eefb45656e028c2dba8d296be27611c3451af7518de9090814035045b7b9e295770282f32e1612a6da47bbfe7894b052f1e671ac7fee7b3c1f2eb29101d50ad0d65a98492f776693a39d4381d9258bf7824d7898d7dd206a1699227f97dd12576b5bc1b56fd930c380d9a336d4ad2daeaae960100b081b29c462d564cf84d7587ea533d05a2bc705bd15eb5064770f19a0468720ac330023890096198383f8cd8aa1f4a75329c7cd9ba7e1d055d9b0c8c6bb2ecd4f28e14b377eb485dbdf49aeba16e53fcdb3882038363a7eb0e096e3d188993a008ff438845c8d8399d8cd3a4016acae8b6ccb96632eebc99540a6adbe06f2091b9eb5da50523540a5f67537c3618fc3149189fa4cf4d9c7d1a828e96526991c5063bae6f1c1590b900a4f6501435aeac75107ecd56a77454c4c71f42a96e6432b161b1c3a0fc50a4ae333a45ac07da6699ba5e481be33835ed2e4849e11666ef01f175e1612d0a1ee15b2e99c50edd4feddfdd3c7d37c470d95b2a1082a9f740f4379ede4b7ce4770e2c7256ebeab9807651983ca3528e1194df332169cc35aa9917fbb9b62d546e93f43acb2a77509ef2fc2bdf330137ffacb22ac18dd579e0934f3a2a59553d0e3bddabb682678cc7218900d64721c0b39b0ca5c3e10ba58d5834be63634394e3efcd2e40ddc6d6ab1ace44c0800b4e97685c004c0335ea66d6bf51beb8c53829158dd068e8d406e9092c97698ac76e3a03e455a6e7fd4916981076c8d6339fc1b9d19fb59b086342e6265c931ead98220e0490ce968ce7d3dc58178e3917b22cc922d63f16307786636648ab1ea5dc600bbc97d4e8643ba2cf85ac502bc0a1b62f089c37fd376c4617c4cc1eb3f8eb3280fd907f483b27bce07e611d7282933f0e03b39b39b2dbd9a11fa4435a0a636ec2135c90be05b2b7672a138a28cc63ac6141ec98caed5e2d210351348dee4ae6c6526d5ea3b405ce71f99d95715afab5d1d128df7ea82b7673a08747c48cc387e115c75a4d84673c48d32647039e6db90010948f171f11484ac89090c1184adc53e06733a84fd09adb1d07d5c9e2a487d6f535aa6c4eab1c0352980b3cd5ca96c4221a3c1ad4a8f9771ddf0f54d3252c2e9dd0f6153bf9254f1b13fa2b7d1fadca270fb73f2fa96c4229afa15cf6e736aee1a9913960749e9f95bf497df6b1063734feb6ae37c23171c00b4ecf72af3bc85e38cdece59584bb6f2a7c9ec73dbb39bd9eefa18ffc7381c533e93344b1ecd6774ea4b5f6e79ccc5e4bb8c5e6d658072e465c0a9de48d3b53e3453faaaf12a1fd580897996c4b72c6722e6e600250dbaa8aceae30dd601e96e4b361980d2b42f5eb326d8003f2ae4e351bcc36cad310fbe2ab8976e920ad127ed3c3a903d1b4536cb3440605de8ee110c99a92af01983331fd5c4cc9ab5f458246bd1687ddd08eab91aaf9eec39607fc3ad601e1513a00b7c280e52e3f6b3d7df2607ae405736fd99da4a69cca8278f327301586c038d461b102bac852590d7e763ec0610e7bf967ec7e15dac43b87e930adaa8e4f93af2dacc723c74b5ef153770eb51fc694089de68bb520cb5d092a96153eadb21f1e0520cb36fb2e95323700b03d89f68dd8733af804d2e39ade595197cc66bff16745e4309dc9c3f4e4ed85cf7713a07add6d5d8c812347f384fe01ea1b0bbbce38d2416cd33c3bd11f179dee0f17315978e188051b77f424ebb498ab4dcb8d29d274346d943de4700f6ca79e6076d9d7c4971b5d64508b3f5255d9de2717c6e410e42ab9f7bd6c08a16b3896fd3f114385ccfceaba79eaaeb17a0f3507fc4d303eed4f46b0c860bd349c6d95d0b6b22362e0356bab5ca2dff384427e2301c51b3bc926220be3e49ea8bff7c59ece87d0cd6478d11302131aea9d3f8f889cb5efe22d103c4fb0b6e1435cb31252326444c8599afb7240ca9ef7fc904dd94ce4e9af44b7bb34af98e93d187f693b6adc50ef151a5bc45b4a49a82c637ecfeb541e9c90b269a171140c4980b5487e0315a09af97e45a53c6858b42d6a7b817e4ad578941c944eb39508ffd2ce749957d31a0606be270258f7aafc9cb5652cca50eff7678318028ef9ba57d4e8dc5c3aa20478762a2a54310a42bcc7328e75b87d081e20a1b842f28bde229795848d39b8c43d187bc3254330337ad0d999994e1abbcd537b2dc71b98819365dca843333f431c705bd049a277aff24f69a460a4c7ae050e69ac54cb09b45ec648eb82f5b51987ee0e2c27ea71c6ae725a8a75a067bb02cac0c49abe62589d305b5616666d439b74d70a2b1246bede7e33b4f3a36c65fb8bd97f29b1ac081be95d0b32dfc053c24ce85e57fe3110dd654994f0fba3b0b1a117d52417b458c71f6b24dfde664e85890ec84466ad9cf6792d60d6cd97c4ce47c0a20cf09a59ac2c3c209a481352725f1fd2b51a119f3295e80c214c77f11f26d1f42230ed29e2fc4cf2ef23572962325f88eae628d714a96bb4421c2c094a5da7c8f31725ee304197aaa116335b767bad23dc8ae510dd2481b18f4907f1967f854f006115504a18bee9b0cba7929d565997a4bc3f83362b102a73d05d11b750deef0d2e13861b9aeec91a397c8b45206ccefddf0b5b0938a4700249d9c5fdb1a806ea94f21331e70957c986e3ec87feb57b3e856c13d3ac6662536497ab31eaba87d28bcf7b5a4c13046aa6c7cf4531f685dbcb919f8c5d67810cf8fafb1de86ff4423c9ddad0d42be76377cb701429722bd737319ef607aef3c194cd497b95c55d78fa47f0f8a98c80933b125f1e684233e3d68e91563d79156c7e31c2972a1a53814d034fb8b2fe2377fe9d67063a82964f6d799656467b1cdd4341f4b9149b00f9fff27257caf1e9b858bdc603c9a24d045c70da1b9abd1929ecebabef930ffcd77193e4e2ab981b0862630ef755a687a7f70c11ecff7eebb301ba9ff9206f5c259d7797581e086d6415d5d588e27b32211770cf4e4e28638197429aace7d8aec089be2df39fbc32a9bb0e17de7975cd491bc76de30b80a2a5e341b13f032b7d96d6070079af54a99692a7b31c8cba042a493ac2cac4f074a83255ccddaede4b51e580f066d549ea76c21181ea2c1596deb4024c4d2a5ea087ca32cd3bd5ee0de93a90cecf515dc4592ed869bd539ff070bfb8266e2c5e8023ffa00eebf8e86ce58fdeaa7ab448abf52dd2f40f7f887152b35ee0b40146ef1f1aae4e081d0fa7ad04c641b5c16a5afa4391c77dc8dcdf66a69be9ec852bc8b74f1c8b0ec46cae3e9eb51d0657bb57613c3e5e0b0f65c416e911c67acbb8ba6880548335c949c9b89421ee0e39f16d0e0b2a1cd158a859424e758c40c4d34b8a901f203230aa6f4a4705a111e6f8ca79b4f2b816590bb439a6999b5174504b7cb1ada49764c8752e5e6b1186a2f4316d4d76de07999ad03ad65a3d2b89d9c87af3a35e04fa7cc8323dd0565db98d0aae24bd9aec497ddb2a5c4189280b454c3350880f339232ff2ad1c73433568228266bb6baccf0502c93564e637b35b4b028f0da095378db727b403a13728230c926eacee63fe17dc438762e6b07e23655a4ef29f0dd7e74cbadef8e2fb5dfe9a966ea8bc3787b49e7dedfa3bc4864b52befc88d0c5c422654daae9794927805be03c9af3af451f74f85cc2f0c5b806d28d693ffd5882563e7121938c97879ef2fb805e75abeb75f9937322b78358955cfb05000e4306d59a25935c1cc5632ae8ba3475722ead47daecbbb21203cce0021b66460e24b2555e226cc8b7c47ea9059aedfbfa5f93dec6f6d3a6f5711048ea83227ec70fe76f5bf6db16db25c33f73ddd50c82b41802d9ddfa30d1fa4861c0fa2f0bf6a82c5f83d64e98a3429e43eef0741686788a9607c1af23eab3fb4"}) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async, rerun: 64) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async, rerun: 64) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:51:25 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) lseek(0xffffffffffffffff, 0x200, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0) ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f0000000040)={0x4, 0x9, 0x8, 0x401}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 730.050000][ T3670] Bluetooth: hci6: command 0x1003 tx timeout [ 730.059944][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 730.110664][ T3636] Bluetooth: hci6: sending frame failed (-49) [ 730.118312][ T3644] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 730.132480][ T3636] Bluetooth: hci9: sending frame failed (-49) [ 730.149571][ T3644] Bluetooth: hci9: Opcode 0x1003 failed: -49 16:51:25 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f00000001c0)={0x1, 0x5, 0x1000, 0xc4c8}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) ioctl$TCSETAW(r0, 0x5407, &(0x7f00000000c0)={0xba, 0x400, 0x9, 0x9, 0x1b, "6752fbe287f98eb2"}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r2, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000200)) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) (async) ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f00000001c0)={0x1, 0x5, 0x1000, 0xc4c8}) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) (async) ioctl$TCSETAW(r0, 0x5407, &(0x7f00000000c0)={0xba, 0x400, 0x9, 0x9, 0x1b, "6752fbe287f98eb2"}) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r2, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r2, 0x5412, 0x0) (async) creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000200)) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) [ 730.176221][T17158] EXT4-fs warning (device sda1): __ext4_ioctl:1175: Setting inode version is not supported with metadata_csum enabled. [ 730.209850][ T3642] Bluetooth: hci7: Opcode 0x1003 failed: -110 16:51:25 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r1, 0x80047210, &(0x7f0000000000)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:51:25 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0x1) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r1, 0x80047210, &(0x7f0000000000)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:51:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) (async) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xf, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x9}, [@cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffd}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x2}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffa}, @exit, @map_val={0x18, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xc}, @func={0x85, 0x0, 0x1, 0x0, 0x1}]}, &(0x7f00000000c0)='GPL\x00', 0x8, 0x59, &(0x7f0000000180)=""/89, 0x40f00, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000280)={0x0, 0xc, 0x1, 0x3}, 0x10}, 0x80) (async) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) ioctl$BTRFS_IOC_RM_DEV(r2, 0x5000940b, &(0x7f0000000340)={{r3}, "2da053b0e17b9da4a5ce5dedd10fb0fcb748993a051495ea971c01df3beb9fb4be0c7afcd5dcdfcaadea14d6dddd1500d7cb46ea4d4bfe0dc4678f96a8f054707d4ae529332266fbec5779ff24367339ff18c071ea5c26e94df48d94b4d1ca1148f74fc18609e2cde8d6546bf612b64602650896e0d37465f593feb4b70bd14674543d452ca89dd0ffeb54d3e7b32dcc39f0e8f2631214f37d1a9e8dc7b478e17597f6c01283efa4f5cb556b3c21ccc59dbe627b89fb065ee3dcba3f5786b0243be935c3104787444e91a48c61a563abffd03360b0cb37f15311b0d3cb036c46bddffebdd369afb0acf7c9274470c12cda965c95a1b8e44e30ed53e3b731aa1e6c70db9ef7b9a8898ff8bb5630da310eead775bdaa2b21c4e80fcb56fdfe09a712ed6532ab51bd13492f80e7ff6df95120ad621cb3ea3ff65d2c881648fa01c678ce2ae2ce03188e7c6ff75e83265903264bdea34f73d836818efc58bb20eca6dace890eb291d5a5e2ffbab7813834f81b6a2718d3f640c8fa1b9ca8e06b8c90d2a83c8681c5ed0936c9595fc263b4778a19dc7468290d2f5a220bb52f3f27db022ccfd8e5fddf41d9140cffbd2a394f6ae8db3069873345e10f573915eaead8546137ae31bec7bfe3f5a263f9ab07032d36a8809008cb45cb6317745f7c1b589025d91029b3be72950ce3f7ff5e91cd56bdd8959c367371ca6f250137f6f8a6c30374a8a9b725f80abb3457107763479696edb39351588cc3e2548724a33340c869d79bf4b2aadc6b9c20af664424c46ce119a15525fa6d3cad2652dff608a1dca3888eb71c5227af67c6249bf7c77c01419f19b3ec898fb7f55b8fa1a39586a479fbbf1fed177d04de7ccd676c1ca3ee73098e23477c6dc1e3dff5a220edf3049667fdf5b3c0edb20ef17a85f66b635b18928ad280d2b271c65f024f16d432c170421097ce25f986d3222feba37826f4c29dba350be62d3567a9c1d0873b8146baaa62394c551b1b357a4e4bcc31ec3e5df81781a524bc53e1aa5a6ecaf17b576b7bd5292dd8ca302036ff288d49554978173d233da63b8c339aaaac773f06644d7eeb198cdb683d20db612204bc9565267ffda3af1609d5c4fb8bdec09c9f31cb59fdfa1a95a71d686eb52d884e3311fbca87662ba4feee1b6febb3d28be1a46b9fec0b04d6a76405d46ac2a122e23738392a479b6b8214024b7d55451633ecdcdf96d35c751888724b8b69d2b1805d1936a6ea41b1008dd03479cc71132e9054a5b4e0e05ac59c41cade629c720da067b31ae734a91e1a3b253a7587bde43285fb618eea0e4f216824e229a81afa7da01492847004a788832bde50d84a52f47dd14f4c0ab0c92df01e2af9057f57ec6ed27e597a145037b7dd5bb9d75c04947ae479dd6faf5a86ac416cbd22427c9534dfe4ff365c32ed3cd5663f4f694b811851fd3b027f8050993357d4e5c7a9ef407de8724cd1bc779459f14c0cdd10f79cd4b0bc6b6ff9fe7727f436e5c4c9d5da4cea05c560610a35dcce3248e0de58eb0cf43b259e390ad1126f4a44a0e29f7c003b227e76a1168a060c61ba47e6e6abe1e2e16d94753e485a5cf5b98daccada8f72e82be839fbdcfa702e9d137aea35b42a59951e1d9dae7f9bbef0367f0fa9f5fbdada4d9772c293aad56a3d4eb129f56a373a5c5886e05fc0313c04be25d19fae4d177ac6447df7c686be2ebe73795f34809cee09850551934a6c7c38c5fd0cf497c87772ac0ce5c14ae6f984ee536bc7311967c75e28316351253bb71d2705b6fab0212021e5af9083925504ecd74577b22430e306106cc10ab7755d0e1fd387092230b4e7f95a04df10660d6399a3b734c868ecf1f1e3a5bd7ef91b6eefb45656e028c2dba8d296be27611c3451af7518de9090814035045b7b9e295770282f32e1612a6da47bbfe7894b052f1e671ac7fee7b3c1f2eb29101d50ad0d65a98492f776693a39d4381d9258bf7824d7898d7dd206a1699227f97dd12576b5bc1b56fd930c380d9a336d4ad2daeaae960100b081b29c462d564cf84d7587ea533d05a2bc705bd15eb5064770f19a0468720ac330023890096198383f8cd8aa1f4a75329c7cd9ba7e1d055d9b0c8c6bb2ecd4f28e14b377eb485dbdf49aeba16e53fcdb3882038363a7eb0e096e3d188993a008ff438845c8d8399d8cd3a4016acae8b6ccb96632eebc99540a6adbe06f2091b9eb5da50523540a5f67537c3618fc3149189fa4cf4d9c7d1a828e96526991c5063bae6f1c1590b900a4f6501435aeac75107ecd56a77454c4c71f42a96e6432b161b1c3a0fc50a4ae333a45ac07da6699ba5e481be33835ed2e4849e11666ef01f175e1612d0a1ee15b2e99c50edd4feddfdd3c7d37c470d95b2a1082a9f740f4379ede4b7ce4770e2c7256ebeab9807651983ca3528e1194df332169cc35aa9917fbb9b62d546e93f43acb2a77509ef2fc2bdf330137ffacb22ac18dd579e0934f3a2a59553d0e3bddabb682678cc7218900d64721c0b39b0ca5c3e10ba58d5834be63634394e3efcd2e40ddc6d6ab1ace44c0800b4e97685c004c0335ea66d6bf51beb8c53829158dd068e8d406e9092c97698ac76e3a03e455a6e7fd4916981076c8d6339fc1b9d19fb59b086342e6265c931ead98220e0490ce968ce7d3dc58178e3917b22cc922d63f16307786636648ab1ea5dc600bbc97d4e8643ba2cf85ac502bc0a1b62f089c37fd376c4617c4cc1eb3f8eb3280fd907f483b27bce07e611d7282933f0e03b39b39b2dbd9a11fa4435a0a636ec2135c90be05b2b7672a138a28cc63ac6141ec98caed5e2d210351348dee4ae6c6526d5ea3b405ce71f99d95715afab5d1d128df7ea82b7673a08747c48cc387e115c75a4d84673c48d32647039e6db90010948f171f11484ac89090c1184adc53e06733a84fd09adb1d07d5c9e2a487d6f535aa6c4eab1c0352980b3cd5ca96c4221a3c1ad4a8f9771ddf0f54d3252c2e9dd0f6153bf9254f1b13fa2b7d1fadca270fb73f2fa96c4229afa15cf6e736aee1a9913960749e9f95bf497df6b1063734feb6ae37c23171c00b4ecf72af3bc85e38cdece59584bb6f2a7c9ec73dbb39bd9eefa18ffc7381c533e93344b1ecd6774ea4b5f6e79ccc5e4bb8c5e6d658072e465c0a9de48d3b53e3453faaaf12a1fd580897996c4b72c6722e6e600250dbaa8aceae30dd601e96e4b361980d2b42f5eb326d8003f2ae4e351bcc36cad310fbe2ab8976e920ad127ed3c3a903d1b4536cb3440605de8ee110c99a92af01983331fd5c4cc9ab5f458246bd1687ddd08eab91aaf9eec39607fc3ad601e1513a00b7c280e52e3f6b3d7df2607ae405736fd99da4a69cca8278f327301586c038d461b102bac852590d7e763ec0610e7bf967ec7e15dac43b87e930adaa8e4f93af2dacc723c74b5ef153770eb51fc694089de68bb520cb5d092a96153eadb21f1e0520cb36fb2e95323700b03d89f68dd8733af804d2e39ade595197cc66bff16745e4309dc9c3f4e4ed85cf7713a07add6d5d8c812347f384fe01ea1b0bbbce38d2416cd33c3bd11f179dee0f17315978e188051b77f424ebb498ab4dcb8d29d274346d943de4700f6ca79e6076d9d7c4971b5d64508b3f5255d9de2717c6e410e42ab9f7bd6c08a16b3896fd3f114385ccfceaba79eaaeb17a0f3507fc4d303eed4f46b0c860bd349c6d95d0b6b22362e0356bab5ca2dff384427e2301c51b3bc926220be3e49ea8bff7c59ece87d0cd6478d11302131aea9d3f8f889cb5efe22d103c4fb0b6e1435cb31252326444c8599afb7240ca9ef7fc904dd94ce4e9af44b7bb34af98e93d187f693b6adc50ef151a5bc45b4a49a82c637ecfeb541e9c90b269a171140c4980b5487e0315a09af97e45a53c6858b42d6a7b817e4ad578941c944eb39508ffd2ce749957d31a0606be270258f7aafc9cb5652cca50eff7678318028ef9ba57d4e8dc5c3aa20478762a2a54310a42bcc7328e75b87d081e20a1b842f28bde229795848d39b8c43d187bc3254330337ad0d999994e1abbcd537b2dc71b98819365dca843333f431c705bd049a277aff24f69a460a4c7ae050e69ac54cb09b45ec648eb82f5b51987ee0e2c27ea71c6ae725a8a75a067bb02cac0c49abe62589d305b5616666d439b74d70a2b1246bede7e33b4f3a36c65fb8bd97f29b1ac081be95d0b32dfc053c24ce85e57fe3110dd654994f0fba3b0b1a117d52417b458c71f6b24dfde664e85890ec84466ad9cf6792d60d6cd97c4ce47c0a20cf09a59ac2c3c209a481352725f1fd2b51a119f3295e80c214c77f11f26d1f42230ed29e2fc4cf2ef23572962325f88eae628d714a96bb4421c2c094a5da7c8f31725ee304197aaa116335b767bad23dc8ae510dd2481b18f4907f1967f854f006115504a18bee9b0cba7929d565997a4bc3f83362b102a73d05d11b750deef0d2e13861b9aeec91a397c8b45206ccefddf0b5b0938a4700249d9c5fdb1a806ea94f21331e70957c986e3ec87feb57b3e856c13d3ac6662536497ab31eaba87d28bcf7b5a4c13046aa6c7cf4531f685dbcb919f8c5d67810cf8fafb1de86ff4423c9ddad0d42be76377cb701429722bd737319ef607aef3c194cd497b95c55d78fa47f0f8a98c80933b125f1e684233e3d68e91563d79156c7e31c2972a1a53814d034fb8b2fe2377fe9d67063a82964f6d799656467b1cdd4341f4b9149b00f9fff27257caf1e9b858bdc603c9a24d045c70da1b9abd1929ecebabef930ffcd77193e4e2ab981b0862630ef755a687a7f70c11ecff7eebb301ba9ff9206f5c259d7797581e086d6415d5d588e27b32211770cf4e4e28638197429aace7d8aec089be2df39fbc32a9bb0e17de7975cd491bc76de30b80a2a5e341b13f032b7d96d6070079af54a99692a7b31c8cba042a493ac2cac4f074a83255ccddaede4b51e580f066d549ea76c21181ea2c1596deb4024c4d2a5ea087ca32cd3bd5ee0de93a90cecf515dc4592ed869bd539ff070bfb8266e2c5e8023ffa00eebf8e86ce58fdeaa7ab448abf52dd2f40f7f887152b35ee0b40146ef1f1aae4e081d0fa7ad04c641b5c16a5afa4391c77dc8dcdf66a69be9ec852bc8b74f1c8b0ec46cae3e9eb51d0657bb57613c3e5e0b0f65c416e911c67acbb8ba6880548335c949c9b89421ee0e39f16d0e0b2a1cd158a859424e758c40c4d34b8a901f203230aa6f4a4705a111e6f8ca79b4f2b816590bb439a6999b5174504b7cb1ada49764c8752e5e6b1186a2f4316d4d76de07999ad03ad65a3d2b89d9c87af3a35e04fa7cc8323dd0565db98d0aae24bd9aec497ddb2a5c4189280b454c3350880f339232ff2ad1c73433568228266bb6baccf0502c93564e637b35b4b028f0da095378db727b403a13728230c926eacee63fe17dc438762e6b07e23655a4ef29f0dd7e74cbadef8e2fb5dfe9a966ea8bc3787b49e7dedfa3bc4864b52befc88d0c5c422654daae9794927805be03c9af3af451f74f85cc2f0c5b806d28d693ffd5882563e7121938c97879ef2fb805e75abeb75f9937322b78358955cfb05000e4306d59a25935c1cc5632ae8ba3475722ead47daecbbb21203cce0021b66460e24b2555e226cc8b7c47ea9059aedfbfa5f93dec6f6d3a6f5711048ea83227ec70fe76f5bf6db16db25c33f73ddd50c82b41802d9ddfa30d1fa4861c0fa2f0bf6a82c5f83d64e98a3429e43eef0741686788a9607c1af23eab3fb4"}) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async, rerun: 32) ftruncate(0xffffffffffffffff, 0x0) (async, rerun: 32) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 730.406904][ T3636] Bluetooth: hci7: sending frame failed (-49) [ 730.415515][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -49 16:51:25 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x81) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f00000000c0)='./bus/file0\x00', 0x18400, 0xad) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCMGET(r3, 0x5415, &(0x7f0000000000)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:51:25 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xc) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x14) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:51:25 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)=0x19) r2 = creat(0x0, 0x0) ftruncate(r2, 0x800) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TIOCSETD(r0, 0x5423, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x200, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2) sendfile(r3, r4, 0x0, 0x10000) ioctl$FS_IOC_SETVERSION(r4, 0x40087602, &(0x7f0000000000)=0xff) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000080)=0x19) (async) creat(0x0, 0x0) (async) ftruncate(r2, 0x800) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TIOCSETD(r0, 0x5423, 0x0) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r3, 0x800) (async) lseek(r3, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) (async) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2) (async) sendfile(r3, r4, 0x0, 0x10000) (async) ioctl$FS_IOC_SETVERSION(r4, 0x40087602, &(0x7f0000000000)=0xff) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) (async) [ 730.609766][T16193] Bluetooth: hci8: command 0x1003 tx timeout [ 730.609842][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -110 16:51:26 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) r1 = dup(r0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)=0x2) open(&(0x7f0000000000)='./bus\x00', 0x40000, 0x10) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x7) ioctl$TCXONC(r1, 0x540a, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 730.739110][T17210] EXT4-fs warning (device sda1): __ext4_ioctl:1175: Setting inode version is not supported with metadata_csum enabled. 16:51:26 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xc) (async) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x14) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 730.967988][ T26] kauditd_printk_skb: 140 callbacks suppressed [ 730.968006][ T26] audit: type=1804 audit(1644684686.298:2331): pid=17222 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/694/bus" dev="sda1" ino=1184 res=1 errno=0 [ 731.001943][ T26] audit: type=1800 audit(1644684686.318:2332): pid=17222 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1184 res=0 errno=0 16:51:26 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xc) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r1, r2, 0x0, 0x10000) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x14) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xc) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ftruncate(r1, 0x800) (async) lseek(r1, 0x200, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) (async) sendfile(r1, r2, 0x0, 0x10000) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x14) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) [ 731.238533][ T26] audit: type=1804 audit(1644684686.568:2333): pid=17229 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/695/bus" dev="sda1" ino=1184 res=1 errno=0 16:51:26 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ftruncate(0xffffffffffffffff, 0x0) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)='devices.deny\x00', 0x2, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendfile(r3, r2, 0x0, 0x9) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 731.271103][ T26] audit: type=1800 audit(1644684686.568:2334): pid=17229 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1184 res=0 errno=0 [ 731.305083][ T26] audit: type=1804 audit(1644684686.638:2335): pid=17234 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir745002301/syzkaller.NpIgvq/695/bus" dev="sda1" ino=1184 res=1 errno=0 [ 731.363390][ T3638] Bluetooth: hci11: sending frame failed (-49) [ 731.371053][ T3640] Bluetooth: hci11: Opcode 0x1003 failed: -49 [ 732.209722][ T3625] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 732.218707][ T3670] Bluetooth: hci10: command tx timeout [ 732.226825][T17160] warn_alloc: 27 callbacks suppressed [ 732.226841][T17160] syz-executor.3: vmalloc error: size 4096, page order 0, failed to allocate pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1 [ 732.268156][T17160] CPU: 0 PID: 17160 Comm: syz-executor.3 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 732.278881][T17160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 732.288930][T17160] Call Trace: [ 732.292198][T17160] [ 732.295122][T17160] dump_stack_lvl+0xcd/0x134 [ 732.299713][T17160] warn_alloc.cold+0x9b/0x189 [ 732.304381][T17160] ? zone_watermark_ok_safe+0x290/0x290 [ 732.310054][T17160] ? __vmalloc_node_range+0x7bf/0x1060 [ 732.315616][T17160] __vmalloc_node_range+0xe1e/0x1060 [ 732.320922][T17160] ? vfree_atomic+0xe0/0xe0 [ 732.325476][T17160] ? n_tty_open+0x16/0x170 [ 732.329898][T17160] vzalloc+0x67/0x80 [ 732.333892][T17160] ? n_tty_open+0x16/0x170 [ 732.338297][T17160] n_tty_open+0x16/0x170 [ 732.342535][T17160] ? n_tty_set_termios+0x1010/0x1010 [ 732.347811][T17160] tty_ldisc_open+0x9b/0x110 [ 732.352577][T17160] tty_set_ldisc+0x2f1/0x680 [ 732.357176][T17160] tty_ioctl+0xae0/0x1660 [ 732.361679][T17160] ? tty_lookup_driver+0x550/0x550 [ 732.366788][T17160] ? find_held_lock+0x2d/0x110 [ 732.369699][ T3642] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 732.371561][T17160] ? __fget_files+0x28c/0x470 [ 732.371601][T17160] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 732.371636][T17160] ? tty_lookup_driver+0x550/0x550 [ 732.371667][T17160] __x64_sys_ioctl+0x193/0x200 [ 732.398723][T17160] do_syscall_64+0x35/0xb0 [ 732.403157][T17160] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 732.409059][T17160] RIP: 0033:0x7fc1aaa11059 [ 732.413496][T17160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 732.436084][T17160] RSP: 002b:00007fc1a9386168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 732.444693][T17160] RAX: ffffffffffffffda RBX: 00007fc1aab23f60 RCX: 00007fc1aaa11059 [ 732.453916][T17160] RDX: 0000000020000100 RSI: 0000000000005423 RDI: 0000000000000003 [ 732.461957][T17160] RBP: 00007fc1aaa6b08d R08: 0000000000000000 R09: 0000000000000000 [ 732.470372][T17160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 732.478443][T17160] R13: 00007fff87efb14f R14: 00007fc1a9386300 R15: 0000000000022000 [ 732.486694][T17160] [ 732.496879][T17160] Mem-Info: [ 732.500231][T17160] active_anon:2667 inactive_anon:147606 isolated_anon:0 [ 732.500231][T17160] active_file:4243 inactive_file:7668 isolated_file:0 [ 732.500231][T17160] unevictable:768 dirty:38 writeback:0 [ 732.500231][T17160] slab_reclaimable:19362 slab_unreclaimable:95832 [ 732.500231][T17160] mapped:27887 shmem:4151 pagetables:814 bounce:0 [ 732.500231][T17160] kernel_misc_reclaimable:0 [ 732.500231][T17160] free:1323887 free_pcp:10598 free_cma:0 [ 732.543573][T17160] Node 0 active_anon:10660kB inactive_anon:589492kB active_file:16896kB inactive_file:30672kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111548kB dirty:148kB writeback:0kB shmem:14128kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 440320kB writeback_tmp:0kB kernel_stack:10716kB pagetables:3252kB all_unreclaimable? no [ 732.575542][T17160] Node 1 active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2476kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:4kB all_unreclaimable? no [ 732.606294][T17160] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 732.609860][T16193] Bluetooth: hci7: command 0x1003 tx timeout [ 732.637176][ T3644] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 732.651377][T17160] lowmem_reserve[]: 0 2645 2645 2645 2645 [ 732.657740][T17160] Node 0 DMA32 free:1328416kB boost:0kB min:35676kB low:44592kB high:53508kB reserved_highatomic:0KB active_anon:10660kB inactive_anon:589492kB active_file:16896kB inactive_file:30672kB unevictable:1536kB writepending:148kB present:3129332kB managed:2716632kB mlocked:0kB bounce:0kB free_pcp:41792kB local_pcp:19916kB free_cma:0kB [ 732.688979][T17160] lowmem_reserve[]: 0 0 0 0 0 [ 732.689637][ T3676] Bluetooth: hci8: command 0x1003 tx timeout [ 732.694305][ T46] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 732.700659][T17160] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:400kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 732.746783][ T3644] Bluetooth: hci6: sending frame failed (-49) [ 732.759330][T17160] lowmem_reserve[]: 0 0 0 0 0 [ 732.759625][ T46] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 732.769833][ T3676] Bluetooth: hci9: command 0x1003 tx timeout [ 732.770406][ T3636] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 732.784576][T17160] Node 1 Normal free:3952508kB boost:0kB min:54224kB low:67780kB high:81336kB reserved_highatomic:0KB active_anon:8kB inactive_anon:932kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 732.814930][T17160] lowmem_reserve[]: 0 0 0 0 0 [ 732.820910][T17160] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 732.834585][T17160] Node 0 DMA32: 321*4kB (UME) 853*8kB (UME) 1664*16kB (UME) 763*32kB (UME) 369*64kB (UME) 167*128kB (UME) 66*256kB (UME) 38*512kB (UME) 22*1024kB (UE) 19*2048kB (UME) 277*4096kB (UM) = 1336524kB [ 732.853990][T17160] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 732.865572][T17160] Node 1 Normal: 149*4kB (UME) 37*8kB (UME) 26*16kB (UME) 163*32kB (UME) 74*64kB (UE) 21*128kB (UME) 9*256kB (UE) 2*512kB (U) 1*1024kB (U) 3*2048kB (ME) 959*4096kB (M) = 3952508kB [ 732.884006][T17160] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 732.893694][T17160] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 732.903105][T17160] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 16:51:28 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) (async, rerun: 64) lseek(0xffffffffffffffff, 0x200, 0x0) (async, rerun: 64) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0) ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f0000000040)={0x4, 0x9, 0x8, 0x401}) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:51:28 executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) (async) ftruncate(0xffffffffffffffff, 0x0) (async) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async) openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)='devices.deny\x00', 0x2, 0x0) (async) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) (async) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000}) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendfile(r3, r2, 0x0, 0x9) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) 16:51:28 executing program 2: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) ioctl$TIOCSETD(r0, 0x5412, 0x0) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(&(0x7f0000001500)='./bus\x00', 0x199fc4, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) r1 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000001480)=0x15) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r2 = syz_mount_image$nfs(&(0x7f00000000c0), &(0x7f0000000180)='./bus\x00', 0x8, 0x3, &(0x7f00000001c0)=[{&(0x7f0000000280)="5438907098e40fa8da03bf0edd7d30f8fc73a09d6bc1bac1326e9e7622cf94e6d7178345ba338ee35b2b50abe2b4022da6b287ec4b8c8babbd1d7fba65e74340aa4f2a2fea2e7fee962bf484042991f1fb5d8ca2fb4fc9ff38b967b908245c9451c30b763cd07f19f35e564d4bb1dd966707ee9dde0ae15bd4ccebab1c47f90eae", 0x81, 0x401}, {&(0x7f0000000340)="962f0c6f92c85de045b1ab064a08b63228aebd1b02efb0be78f8ecc964f1a53cfa7b6438cb7fce39c72f996d0c1becc8c5cf52676e9934a55c99a76482e159f96e394888ce38ea4e4c8570ab2e39b1b021a2b5e17d310a0394b18c70618e65afc8d4cd891b00bdf1e04a9b7b3a45a750b596ecca473202ebbf77354d150de3cf2cab5578e18fed5f343bf726678f957a5ba6908cec6b98280663c1750d09f9a27d7e18b52d441d5cb81da47e104367680346644d1a328e6b57389cdf1d1621e7ffcb8453226b859b294089aed323563ffcdc6ea03be529c8aa346348b0c4572b927b93", 0xe3, 0x4}, {&(0x7f0000000440)="3bec3f0728ca4140b44c23a2789c457b976508599793a321a1ddfdb5a0cdecdbaccf49f248a9a4ab36e54eb2203fcf307bbbf0be43e42161b9e0172a3888d84843a420c0131f8bad21fbbe3a118100ef143df7b60f296d065e84e318f830d0e309476fca2a2f53a3645d7070272ac290253c55554bb4d7cb371497f1cde550dd7eb1d2adc8e1609250cd5b3cfbd65317d2bd1e3a98dc4b63f300d10ec7d3d43f198be1a6e5c4c785e33b4e69d98105e01045a4343b87959c5d4f449f0e8627320e5cacd1ec7bcbde2ee0918ca58f6b1b96205f3eb96087aef8641393647a736189c89c11ea9b52de7a479101a4c0bd2c99d86ebd7bfd5aff0bb9ecd033e29c6848a0250372f7c5ca099d636257593ed08af51fceea84f592eb970125d01f4ecc67e3f2940555b123db07c441f54b1c160a97fec8e0dfd5982f3a0fdfa31c9c5bd2760ab9be7b9e891ac20473be8a4ce3bf8074a0da067de2fb6dad9bd07889ef8df248d912e4f558b17acbdd26a79824e4a85dc5020ec683b0d3f038cd076f743b2c865e0c7edd8688531687a28c5d49c94815c35204dbdbf68898db0b349e82b13fca3a2661a11bb65a6e6a436d2f6de77d0dc300de3201cd6c09865428ce8a50bb74dee6eca937513ecc76aa121bd9bf7fbd3a369c439fabb7fc9249976fb6b7115aa5e60a161d9bc3ab46955039eb96d7dda9f5b9c7fe34f32921ef04f4f824c03ffd53f659008f97a558695ce90029bdae2efd147544e2bfcba87fb3115c740805633652873bf639b133b33c768768470008b6ec547ca72e2a30c691755da0b86a211e20dcb107d075f5096cc6d1be1b27cf11e90e191ce833869a0bce87cfff889d6a1c46322e1e0f253815f32154954cdf6cb5059635af2f6caa128245f42e9ba66fa6b9fd68ff8610779d38eb2f2cebc9422ddf97669f7d4f107ad5a1eeea0928e2deb1fcd6b4c3aa5d0c24b2c0a8f5da639467009f9a72679a135139b5574838f35382965e3ddc30b017b8f4c6a611bf93beb8e04be9309a5bfbef9a8b912c851c962e936c06f4f7699dae4174d54cf381326d091e6cd173196a905376787dc26dbd3eab39825d03a2f4e4053ec9f47b85e992b64fd336b4df908ef75dd68f9ba9c8f2a324744b7137ebcfa77cd447bfc3bd0180a00acc16ad269d004f0458eaa309cacfc33930cef083be0f350e76e61e791fe76bf3a0a9d7a6d50e72e41f99c6d7b317b77f4a8bdfd9db587cefcd732260ae32ca3043df4587e25b04462a51351ed8e09ef9f025b7c7298ddcf2f67c86453fe93778df292d14f80b623ae5a945e0b6f95a6b133cd95c5d9422638be32f60c0ad6984509422e6fbb1a4088108be58ec187a6a77980e323835e1131d4b46b9d7326a4f75a938208bf4204d051d3e704441346271d226b944b9e2a1547f8af772251c05e2002c072060803e107354234d24638dd615e149d777d1843b7da19fbf0c174309b12b717f35c0b2a7db672e21e4f51c4ae1c7fa694d761b11c537ed679e5b21069508a6a186b9d6792ec9d9db9d434c516166e71233d72cae4ea36b07ffc2ed5a1fd3e57ce2cf750bcadc7879ae7f114c0905c0a6ffcc20121cae3b1b96d78227ca3ff0355061825203c6a99ba56b7b63f61cbc0e4aa2054ee03d899a800fc829b6b72c24c9454713159c62f647b9ad6de896f3e6b7268909f79353fad3e28df1ad47a8e32c93ab01f5007592efcb79aa88aa16085047f1e8eebdc4ef22c7aad722ab91772c647cba8df200b73f32f060ed46700cbb200b17474a1e08aae1b1b2814cfb5b33a4ebca375d3cf449d9dfaf3f0d50b9e00876197307bb23ecbed5f5712932838dcf19bc2ed123361d49f373bac9e36546dcd1723b991f0e6dce25b6a6dcb694f5dfa3a12d5c6580d4a54f187033b7e7165c06c9fb6037e2fa0915bf6acbf63b88ac55ef1b0be21640821ff0fd13b8eabaabc4f090b36f2ec982b6c62b9a94b803d55bbbbce5a1df400b23f35eb50e97b124a84215c1c82a3caf3792111db9bd5d4ffbeff2ea08585db93f971a3a753b59d8bc2d328fbb4a623b5957448e6b02589b4623d0ce476bb2522c19d0872300601b611e2355aea85c1f0e59ef0f8c720c9771421d0c96a58e1bb7d08fe9d51e541f5bf940d231e9efb8111a8d013f7b6ef506b55c2801186216f4ee8cdea98f7d962fcff9981ee95ecd2a73d22508015ee9897fd7ccf4d49d57356e03a4626864a0ec6503e8a856a06dbf9dacda55d78593e1eeb0acde6043cf40f8dc5f2170779634222b25ce8b9cd987504577531768546c791e1eae5b4687e02aa1b4a36e0c0de7d290bbcaee2d848bd11b6e92edaa6c539f58bfd45324e5cd978d2503e22e1ee720f3a94c3f3a6111b8fb04579451889ed70cef9c656d880099f9f82fed948afe49935df1071b4b145e6bffb6580bcfe4860aab086aca7387635d05356ace79ae63d20ce9dd42357af758c1bc7362e26e64e5cdf15413d8830575ab1ed61412e55280a7a616b457456e87bc0e9f649c337095a3c878a39c25f9b080e8f7a2f7fffd48af23d4faf007a23534c1d623289725cf6e2a0db4d777b31de92d59484fd2783d9cbc169b482f571a951c8ecce15a7a57049fe88890cdade41de710f891aa2939cfb48941f582c244d8ba541462606b80671917647c88c65d9531341fdf6de081d9419b191c7c5154d337313e26ca15a3b4f2e83821f8459bfed4d8ca7cde8e3977ce4122499b737344baf9c1d1c0157d592920e48a7a82ebb3ec6df05752993843d2976e82486b65ef33b899ea791955767432893b3b127223ea7004cfbf753979dad2ec8039b2fdf1bd394029356a4873eb29e86629d9ad66596e980b248426adf72d034b6a94232e687b260f01d83c880004d0f4ef60a8fdf8687720ca660050ee2ab3fdf46a881c834192e81bcfcc8f1bd5272709d829593521f18447ba7b7e17872dc33166c3aa5b3af0ba92f084d4414a325318be41efb370ad27da9b4c89ed8ea09aab5aaf23985505ff4606523ae7169f35e30ea0ee6838ea443259049e5077e48ff05bec66978f1ea95f45ad75addff24f8a80f5b63b9cd12a8bcdfe4c0a9355f8bfa420f0d6596cac6a8f3b17d81111624278d294b4318ff5f4eb3a4be4c6fa6bdabff93fca55c25cd070b7e69f181e4eace920095e40c580bc09d52065a2b6150d5681051195dd586f17340ecdfeb8b917c6d801d4ec58284a291394b3258bfa1e25de05faaaf636e23173c31264b504e5638d521bfd05245995362e901b4fe5535a605e5503375ba6d41108bbb89e3b60516fbd8751ba414ceddbb66d5e0ba21e6199e6cd970460e92c876cd22b60b0c8a612e181704cd60d12972beaf6a278c29f7b4f8e170de198703e1502912bc5945bdb971b3b4d04fd8eb6750fe107a7d8184362c48b60816902c82eac054f5c420e441abfe0dff0219ce1698b492722a6a4151244087e2ca4e3d19d34932423a5a3c10700cfeb16d5a45eefa01a06932487508de8c994f061745353634943833237552b73e935303d5249f881b9349ba001bc573a9c668f9660bdc8099dc4ae5aa85555dedb11bbe7a88f0250ef48532d8b0a92fa96be183dc7823db597af057c0ad8ca72eb0249cf1a74455a81e6fe704b53c10bb5e77f3eaf0caa601a578af7c57d4acf5ad3f7d1e04eebdba838d7ed5e432df6c87af0ab9460c7e056c4347bccc8f25465a329e40fd97e9ad676cb45ecd57b5da7804eae4a9b972fbbea91d86a9d73b80537d74798c12c40b58e1f2f1c785ed8ad2468d4c91ed24b3709107f01727983b610a83ce580e0b6d9c980c205b89f55b09b71e1a57023b4be9c3fe1e893c982f22f59c8f16cbf2cd42dcf7d54c75a5d06ce311d28de45064050e9a2c475b8c5d30ec64a6512a3cb48d833de1e9decba92929476eac7f7d77408bf1b96b7f8f40cc7f25d94acc85b5f9583527b982cae4a887c4b22c0671361518accff20bfc48a8cb20378136604b00389c5764aa2203548d3b98701145e78d093e79054b201d036a48814cf714d162f64e178cb8ee0acb2420f05ef1be99362509ec65f17194ef0c419be2914ed6b51e35959d1c39d4b9c855a57d2ece250db5c2fd23ff17963ccd9e4e4782bb37fa03deb39c9f377f061deac58a17ce4def1ef719fdaffaf93ee7056b07f8b3056d9277219e83f118816f9d4c352530b178a9227d5e6390fa286a88478d05b1956365ede5c3822e090d3c8c906066e51589ac12b58ebe295aa0bcbc0d49dee270de72802e6263a44265477c81294bea91aa41b4122385dcd9a82b33158535340ff97af6331a8fc0072386cd52e32e05c7f823b26148298fb9a615e20a91161811af575111c8c0988587aee2656cc76b0473336c11aa2be8b56658525038082cd93137094a4e88f4f6760cc0446ddd80f11c4890c37cda96af26899eb9e083f0a31e78fdba9585aadd7662e8c9bfcdfac9c71cdee312444ae9f946c9fcf9d2c6dc94e4ca783934aa661e20b88f18fd8450a0a98036884994d4ae733bffa437c241db6df4db4ccd0c72a839a04b7775fe2f58a54f43a0c3da4b4b1fa08ae42ec2a82e2cf7efc5044e18ff135f21f10001703e70fc97cd0f02818671b608a334624df78cadea3b7c490b913df95dfa6e926301e662a745faaf154ce915d49f24b98729b6720f9c28d0d680b6359a17b0811dd3e7897f7fa2bef2fcb005d41ee5fb5894fff8fed6ee09ec9cb7f86ffef17a1d103973a87d452dc961ec45338fa97be887a11545e075c501eeadb6fecfa58f7d5522f074b9cdc9b1659bd61b00f3837a5941705a4637cf4f26fb3bcac061ba05cbcb38efc681de43a896aa79f02008fb026364438d34479f7724ef3a0e3fca53d5c36dcfc35941adc056b1f5862dcee756feb11cef76446008df638ae152d10866d54a5adcce61fb8ef9d582dcb64cb33d8e3aec5fda98840390b52db9a253d05de12a1bdedcaa7ae69d51a6a4bc37fb741d248936f47e089f713730106182415cee969b8a267577e2a6990156ad740ff58908012b37032084da354af9cfe632204c23c0733d22f941190dc29fd945e483c1dd5d019dbbbc3f7940763af3fb7504b7a587bd0048aa9958c5423ee172588fa057d61c21978310ee7d7e8f7a3b263a4bb348dbbd4f7d2d21b34c3403a578e84b660b0479c4ed4822fec94916bb8b9e0bb2c873c5f165650905dcd0d873595d2cdcf1b05f1755f28b0c17315b247c2e6e751e6f65f9adf7d97517323b090b9aef1dac58b84fc7ba90ab1fc3171eeb3ff7b23de786156ae9a789440ed205ef71549fdfe087abd86e77b39550d77013c01c614d209ac491dadd9daf00807ee8b5186953407942b89b9f2c6aa4391ce8950443bcc2cbc91c8bcb70eb77e2a35dbf41c9d36896a91db192e2007744dccca544cca8c4f5824e4035651979cc78045f182be8d4b146220c903afec2a149846570599a5c041f423de581e3baad31f2f1a2a1d0f3f60be9d892b6bfb0d144843ef2479dc0cb36d46c26c30ca348f164dcac5b5f61bc93d02362bbdafcc511895071cae5bdc36cc1ad4e070dbf347f507b970a89a67db29e2d5d68f4de5ae59392d0c55a46de18794237be9bb0ad43bc1d33b465843467e85bbec844bcb1b86e3e8b53c76a1269b56380bbbc135691782cb041f865b6d54c66256249b5c8e7c1aaaa445661becb447f08e1a3b559c27287346ffe81783a3bc6ca07abeecad444bc12e82cbc9227130f4d94b298732063d756113323172bc1ebe", 0x1000, 0x1}], 0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="2728282c2f6465762f707070002c1228267b25242c6f626c653d2f6465762f707070002c61707072616973652c00"]) fchdir(r2) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 16:51:28 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x81) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f00000000c0)='./bus/file0\x00', 0x18400, 0xad) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCMGET(r3, 0x5415, &(0x7f0000000000)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:51:28 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) r1 = dup(r0) (async) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)=0x2) (async) open(&(0x7f0000000000)='./bus\x00', 0x40000, 0x10) (async) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x0, 0x3, 0x5, 0x0, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r2, r3, 0x0, 0x10000) (async) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x7) (async) ioctl$TCXONC(r1, 0x540a, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:51:28 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1000200000001) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x5, 0x7, 0x1, 0x80, 0x7, "6ed2ab14ff96f9f8aba690dd9964988abb48b3"}) ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000280)="d67c69c9ca45447bf070d59e13d82fe4616d4dc6a2b8cf44f05b32c4fae599f41d2ef9e7ebe44f2c8fb77eca0eb70c5f15913131dbd0c58dc601fe076a61c4df2a9f10447605294a98f2d196affa96a7099a06117525e754f7b3260509459f57250181d2185b16b991bd7ef180d54deeb582debe8b60a015ebbd4caf41b1598a5fc0e9998a3f200f266d225bff7c8ddd62b7d238c3805d25263312b8c46eeee2a1fed05112a333980e5c67425932e87a1a2b0cf9af387bbce637b0349b955b979a46c90ed0487ac436baaa8e00a55c44ef7d611bfe2240d61904ff099688994c4ed71bf6c03b7b2ae5803838dad7fad837") ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)) r2 = creat(0x0, 0x0) ftruncate(r2, 0x801) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000001c0)={0x522, 0x3, 0x5, 0xf921, 0x0, "90ffbf1aac6f56ae8394dcce1f2b6b978e4b60"}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x10000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT(r3, 0x4004f506, &(0x7f0000000040)) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) [ 732.912686][T17160] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 732.922134][T17160] 16062 total pagecache pages [ 732.926799][T17160] 0 pages in swap cache [ 732.932528][T17160] Swap cache stats: add 0, delete 0, find 0/0 [ 732.939246][T17160] Free swap = 0kB [ 732.943109][T17160] Total swap = 0kB [ 732.946895][T17160] 2097051 pages RAM [ 732.950755][T17160] 0 pages HighMem/MovableOnly [ 732.955544][T17160] 384548 pages reserved [ 732.959740][T17160] 0 pages cma reserved [ 732.998811][ T3636] Bluetooth: hci6: sending frame failed (-49) [ 733.005966][ T46] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 733.013713][ T26] audit: type=1800 audit(1644684688.348:2336): pid=17245 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1177 res=0 errno=0 [ 733.023401][ T3636] Bluetooth: hci7: sending frame failed (-49) [ 733.042762][ T46] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 733.050358][ T3642] INFO: trying to register non-static key. [ 733.056260][ T3642] The code is fine but needs lockdep annotation, or maybe [ 733.063388][ T3642] you didn't initialize this object before use? [ 733.069608][ T3642] turning off the locking correctness validator. [ 733.075910][ T3642] CPU: 1 PID: 3642 Comm: kworker/u5:8 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 733.086138][ T3642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 733.096205][ T3642] Workqueue: hci8 hci_cmd_work [ 733.100967][ T3642] Call Trace: [ 733.104229][ T3642] [ 733.107145][ T3642] dump_stack_lvl+0xcd/0x134 [ 733.111728][ T3642] register_lock_class+0xd28/0x1030 [ 733.116919][ T3642] ? lockdep_lock+0x1b7/0x200 [ 733.121585][ T3642] ? is_dynamic_key+0x1a0/0x1a0 [ 733.126425][ T3642] __lock_acquire+0x106/0x5470 [ 733.131210][ T3642] ? mark_lock+0xef/0x17b0 [ 733.135620][ T3642] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 733.141678][ T3642] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 733.147654][ T3642] lock_acquire+0x1ab/0x510 [ 733.152145][ T3642] ? hci_send_frame+0x1c0/0x370 [ 733.157160][ T3642] ? lock_release+0x720/0x720 [ 733.161915][ T3642] hci_uart_send_frame+0x8c/0x6b0 [ 733.166933][ T3642] ? hci_send_frame+0x1c0/0x370 [ 733.171859][ T3642] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 733.178267][ T3642] hci_send_frame+0x1c0/0x370 [ 733.183022][ T3642] hci_cmd_work+0x204/0x3c0 [ 733.187513][ T3642] process_one_work+0x9ac/0x1650 [ 733.192440][ T3642] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 16:51:28 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0xf) (async) ioctl$KDADDIO(r0, 0x400455c8, 0x1000200000001) (async) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) (async) r1 = creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) (async) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) (async) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x81) (async) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) (async) lseek(r2, 0x200, 0x0) (async) r3 = open(&(0x7f00000000c0)='./bus/file0\x00', 0x18400, 0xad) sendfile(r2, r3, 0x0, 0x10000) ioctl$TIOCMGET(r3, 0x5415, &(0x7f0000000000)) (async) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) [ 733.197797][ T3642] ? rwlock_bug.part.0+0x90/0x90 [ 733.202724][ T3642] ? _raw_spin_lock_irq+0x41/0x50 [ 733.207739][ T3642] worker_thread+0x657/0x1110 [ 733.212403][ T3642] ? process_one_work+0x1650/0x1650 [ 733.217585][ T3642] kthread+0x2e9/0x3a0 [ 733.221640][ T3642] ? kthread_complete_and_exit+0x40/0x40 [ 733.227350][ T3642] ret_from_fork+0x1f/0x30 [ 733.231757][ T3642] [ 733.253283][T17256] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 733.265041][T17256] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 733.273458][T17256] CPU: 0 PID: 17256 Comm: syz-executor.4 Not tainted 5.17.0-rc3-syzkaller-00247-g83e396641110 #0 [ 733.283963][T17256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 733.294093][T17256] RIP: 0010:__wake_up_common+0xdf/0x650 [ 733.299633][T17256] Code: 05 00 00 4c 8b 43 40 49 83 e8 18 49 8d 78 18 48 3b 3c 24 0f 84 6a 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 <80> 3c 01 00 0f 85 40 05 00 00 49 8b 40 18 89 54 24 10 31 db 48 bd [ 733.319505][T17256] RSP: 0018:ffffc90002c8fa40 EFLAGS: 00010056 [ 733.325558][T17256] RAX: dffffc0000000000 RBX: ffff888077b540c8 RCX: 0000000000000000 [ 733.333603][T17256] RDX: 0000000000000001 RSI: 1ffffffff1b27fbd RDI: 0000000000000000 [ 733.341557][T17256] RBP: ffff888077b54118 R08: ffffffffffffffe8 R09: 0000000000000000 [ 733.349601][T17256] R10: fffff52000591f42 R11: 0000000000000001 R12: ffff888077b540c0 [ 733.357556][T17256] R13: 0000000000000297 R14: 0000000000000000 R15: 0000000000000000 [ 733.365515][T17256] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 733.374524][T17256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 733.381202][T17256] CR2: 00007fc1aaf28000 CR3: 000000004a266000 CR4: 0000000000350ef0 [ 733.389396][T17256] Call Trace: [ 733.392666][T17256] [ 733.395588][T17256] rcu_sync_func+0x119/0x180 [ 733.400177][T17256] rcu_sync_enter+0x150/0x2e0 [ 733.404843][T17256] ? rcu_sync_enter_start+0x70/0x70 [ 733.410031][T17256] ? rcu_read_lock_sched_held+0xd/0x70 [ 733.415481][T17256] ? lock_release+0x522/0x720 [ 733.420156][T17256] ? hci_uart_close+0x1d/0x70 [ 733.425086][T17256] ? lock_downgrade+0x6e0/0x6e0 [ 733.429933][T17256] percpu_down_write+0x55/0x3e0 [ 733.434774][T17256] ? hci_uart_tty_close+0x162/0x2a0 [ 733.439962][T17256] ? preempt_count_add+0x74/0x140 [ 733.444986][T17256] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 733.451239][T17256] ? hci_uart_flush+0x33e/0x550 [ 733.456087][T17256] hci_uart_tty_close+0x162/0x2a0 [ 733.461100][T17256] ? hci_uart_close+0x70/0x70 [ 733.466204][T17256] tty_ldisc_close+0x110/0x190 [ 733.470960][T17256] tty_ldisc_kill+0x94/0x150 [ 733.475537][T17256] tty_ldisc_release+0xe1/0x2a0 [ 733.480376][T17256] tty_release_struct+0x20/0xe0 [ 733.485217][T17256] tty_release+0xc70/0x1200 [ 733.489711][T17256] __fput+0x286/0x9f0 [ 733.493679][T17256] ? tty_release_struct+0xe0/0xe0 [ 733.498690][T17256] ? _raw_spin_unlock_irq+0x1f/0x40 [ 733.503879][T17256] task_work_run+0xdd/0x1a0 [ 733.508374][T17256] do_exit+0xb29/0x2a30 [ 733.512529][T17256] ? preempt_schedule_thunk+0x16/0x18 [ 733.517891][T17256] ? mm_update_next_owner+0x7a0/0x7a0 [ 733.523334][T17256] ? preempt_schedule_thunk+0x16/0x18 [ 733.528693][T17256] ? trace_hardirqs_on+0x38/0x1c0 [ 733.533705][T17256] do_group_exit+0xd2/0x2f0 [ 733.538287][T17256] __x64_sys_exit_group+0x3a/0x50 [ 733.543299][T17256] do_syscall_64+0x35/0xb0 [ 733.547703][T17256] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 733.553587][T17256] RIP: 0033:0x7f8192773059 [ 733.558157][T17256] Code: Unable to access opcode bytes at RIP 0x7f819277302f. [ 733.565523][T17256] RSP: 002b:00007f8191021bb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 733.574028][T17256] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f8192773059 [ 733.581986][T17256] RDX: 00007f81927ce2de RSI: 0000000000000000 RDI: 000000000000000b [ 733.590029][T17256] RBP: 000000000000000b R08: 00007ffc161f7080 R09: 0000000000000002 [ 733.598263][T17256] R10: 00000000000002dd R11: 0000000000000246 R12: 0000000000000000 [ 733.606394][T17256] R13: 00007ffc161f323f R14: 00007f8191022300 R15: 0000000000022000 [ 733.614362][T17256] [ 733.617367][T17256] Modules linked in: [ 733.621248][T17256] ---[ end trace 0000000000000000 ]--- [ 733.626681][T17256] RIP: 0010:__wake_up_common+0xdf/0x650 [ 733.632218][T17256] Code: 05 00 00 4c 8b 43 40 49 83 e8 18 49 8d 78 18 48 3b 3c 24 0f 84 6a 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 <80> 3c 01 00 0f 85 40 05 00 00 49 8b 40 18 89 54 24 10 31 db 48 bd [ 733.651809][T17256] RSP: 0018:ffffc90002c8fa40 EFLAGS: 00010056 [ 733.658031][T17256] RAX: dffffc0000000000 RBX: ffff888077b540c8 RCX: 0000000000000000 [ 733.665986][T17256] RDX: 0000000000000001 RSI: 1ffffffff1b27fbd RDI: 0000000000000000 [ 733.674026][T17256] RBP: ffff888077b54118 R08: ffffffffffffffe8 R09: 0000000000000000 [ 733.682155][T17256] R10: fffff52000591f42 R11: 0000000000000001 R12: ffff888077b540c0 [ 733.690110][T17256] R13: 0000000000000297 R14: 0000000000000000 R15: 0000000000000000 [ 733.698478][T17256] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 733.707412][T17256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 733.714017][T17256] CR2: 00007fc1aaf28000 CR3: 000000004a266000 CR4: 0000000000350ef0 [ 733.722334][T17256] Kernel panic - not syncing: Fatal exception [ 733.729112][T17256] Kernel Offset: disabled [ 733.733423][T17256] Rebooting in 86400 seconds..