last executing test programs: 7.579892967s ago: executing program 2 (id=396): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = dup(r2) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) socket$rxrpc(0x21, 0x2, 0xa) connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'}) shutdown(r4, 0x1) write$UHID_INPUT(r3, 0x0, 0x0) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 6.704831805s ago: executing program 2 (id=400): syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL) socket$nl_generic(0x10, 0x3, 0x10) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') mkdirat(0xffffffffffffff9c, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00') r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00) dup(r4) write$binfmt_script(r4, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3) 5.828810447s ago: executing program 2 (id=404): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = dup(r2) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810) recvmmsg(r6, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) socket$rxrpc(0x21, 0x2, 0xa) connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'}) shutdown(r4, 0x1) write$UHID_INPUT(r3, 0x0, 0x0) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 4.899634605s ago: executing program 0 (id=408): r0 = socket(0x40000000015, 0x5, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x29, 0x2, 0x8, 0x1, 0x1, @local, @private2, 0x40, 0x20, 0x1, 0x1000}}) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000240)={0x10000000000000, 0x1000000}) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = openat$cdrom(0xffffff9c, &(0x7f00000001c0), 0x200, 0x0) ioctl$CDROMVOLCTRL(r3, 0x530a, &(0x7f0000000240)={0x1, 0x3, 0x6, 0xc}) r4 = dup(r2) r5 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INFO(r4, 0x0, 0x80, &(0x7f00000000c0)={'broute\x00', 0x0, 0x0, 0x0, [0x10001, 0x6, 0xb617, 0x5, 0x9f, 0x6]}, &(0x7f0000000140)=0x50) r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r6, 0xc0045540, &(0x7f0000000080)=0xf) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x4}, 0x64) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), r4) sendmsg$TIPC_NL_BEARER_ADD(r4, &(0x7f0000000600)={&(0x7f0000000200), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x44ea3b8750c01ff9) r8 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x325000, 0x800}, 0x1c) sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="54000000090601020000000000000000020000000900020073797a310000000005000100070000002c0007800c00018008000140ffffffff0500070084000000060004404e2200000c000280080001407f000000"], 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) move_pages(0x0, 0x6, &(0x7f0000000080)=[&(0x7f0000008000/0x1000)=nil, &(0x7f0000007000/0x2000)=nil, &(0x7f0000003000/0x1000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000003000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil], 0x0, &(0x7f0000000600), 0x0) 4.409928508s ago: executing program 0 (id=409): syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00) dup(r5) write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3) 4.409467743s ago: executing program 2 (id=410): syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r1, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0x0) r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r5, 0x40046f41, 0x20000502) r6 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r7 = socket(0x10, 0x2, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10) syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842) write(r7, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r6, &(0x7f0000002ec0), 0x0, 0x2, &(0x7f00000001c0)={0x77359400}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 4.199151638s ago: executing program 3 (id=412): syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL) socket$nl_generic(0x10, 0x3, 0x10) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') mkdirat(0xffffffffffffff9c, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00') r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00) dup(r4) write$binfmt_script(r4, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3) 3.481503079s ago: executing program 2 (id=414): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) ioctl$SNDRV_PCM_IOCTL_DRAIN(0xffffffffffffffff, 0x4144, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7f, 0x0, &(0x7f0000001180)) syz_emit_ethernet(0x85, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaabbaaaaaaaaaa0a884800000200000f0e0000000000004c21e92a076b5eec8cebb498146fae248666abab0aa3fc763ee544652a2e26fcee1d76c4094c77361527677623fe0c2ba7bfb3d3e558d2e59211a6e3e544e3fd55b3da1a61769f7f92da1a9e11680b285a980e151500c97081723716e83719d68c5ab0ed"], &(0x7f0000000340)={0x1, 0x1, [0xdf5, 0x31f, 0x338, 0x79d]}) socket(0x28, 0x2, 0x1) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1ff, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc2c45513, &(0x7f0000000040)={{0x2, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x2, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}) socket$nl_route(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x2, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffde4, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r3, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r5 = io_uring_setup(0x25e, &(0x7f0000000080)) io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x1b, &(0x7f0000003900)=[{0x0, 0x700, 0x0, 0x0, 0x0}], 0x1) write$tun(r4, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00000000002f9078ac1e0001e00000010000655800189000"], 0xfdef) socket(0x22, 0x800, 0x0) io_setup(0x3, 0x0) syz_usb_connect(0x5, 0x6a, 0x0, 0x0) r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000200), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r6, 0xc004500a, &(0x7f0000000000)) ioctl$SNDCTL_DSP_CHANNELS(r6, 0xc0045006, &(0x7f0000000180)=0x6f) write$dsp(r6, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) 3.450505614s ago: executing program 0 (id=415): openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/mdstat\x00', 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffffffffffc8d) syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x50, 0x0, @fd=r0}) r4 = socket$inet(0x2, 0x4000000000000001, 0x40000004) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000000)=0x1, 0x4) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) sendto$inet(r4, &(0x7f0000000700)="09268a60fcd8f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b2f7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88", 0x65, 0x4c009, 0x0, 0x0) socket$packet(0x11, 0xa, 0x300) mq_open(&(0x7f0000000280)='rmdF\x17\x16\xbc\xec\xfd\x9f\x7f\x8f\x8bZ\xb0\x99\x1dC\x8b\xc7\xb2\x16A\xcbT\x99\xfbc\xe8\xa9\xa8ot\x174w\xc8\v&\xb9\xb0\xd6\'_4\x83%\xbckS\x15\xa8L\x10\xa5Q+\xa9\x8f5\xa9\x85u\xb7\xce\x91a\xc8O\xe5V9,\xaf\x1b\x11\xd1\x01\x86\xe9\xd9=_\xa6\b\r$\x06\xbe\xd2\xbb\x03\x90IV\xd1\x11\xd3\xa6\xcf\xd5\xd2\xe1O>@6u\x1a\xae\xbd\xad\x9aw\xf9\\\x97\x16-\xbf\xd2Gt\xc4\xd2?\xac\xc7\x15F%x\xb1\a^\xe0\xdc\xd8\x950x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') mkdirat(0xffffffffffffff9c, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00) dup(r5) write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3) 2.46006249s ago: executing program 0 (id=418): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0x0) r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502) r7 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r8 = socket(0x10, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842) write(r8, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r7, &(0x7f0000002ec0), 0x0, 0x2, &(0x7f00000001c0)={0x77359400}) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004) 2.321775918s ago: executing program 1 (id=419): r0 = add_key(0x0, &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff) request_key(&(0x7f00000010c0)='asymmetric\x00', &(0x7f0000001100)={'syz', 0x3}, &(0x7f0000001140)='/{\x00', 0xfffffffffffffff9) keyctl$read(0x2, r0, &(0x7f00000000c0)=""/4096, 0x1000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x40002) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f00000000c0)={0x9, 0x10, 0x4, 0x9, 0xb, 0xa}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x14, r4, 0x301}, 0x14}}, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f00000006c0)=@ethtool_sfeatures}) 2.210198813s ago: executing program 1 (id=420): bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x30cb, 0x11501}, &(0x7f0000000340), &(0x7f0000000280)) r1 = socket(0x2c, 0x6, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x14, 0x42, 0xa01, 0x0, 0x0, {0xa}}, 0x14}}, 0x0) r2 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder-control\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_READY(r2, 0xc1086201, 0x20002000) io_uring_enter(r0, 0x54, 0x0, 0xf, 0x0, 0x18) mkdir(&(0x7f0000000300)='./bus\x00', 0x90) mount$9p_virtio(&(0x7f0000000440), &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=virtio,mmap,cache=none,]ache=loose,posixacl']) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000700)=@newlink={0x3c, 0x10, 0x401, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x28093}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x3c}}, 0x20000000) connect(r3, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x0, 0x1, 0x3, 0x0, {0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @loopback}, 0xbfc0}}}, 0x80) mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000000) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, &(0x7f0000000080)=0x1003805, 0x4) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r6 = accept4(r5, 0x0, 0x0, 0x0) r7 = fsopen(&(0x7f00000001c0)='pstore\x00', 0x0) r8 = landlock_create_ruleset(&(0x7f0000000000)={0xa99a}, 0x10, 0x0) landlock_restrict_self(r8, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x2001, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r6, @ANYRESOCT=r7, @ANYRESOCT=r5]) socketpair(0x26, 0xe, 0xe941, &(0x7f00000001c0)) syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), r6) lsetxattr$system_posix_acl(&(0x7f0000000040)='./bus\x00', &(0x7f0000000000)='system.posix_acl_default\x00', 0x0, 0x0, 0x3) socket$inet6(0x10, 0x2, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) 1.935371548s ago: executing program 3 (id=421): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0x0) r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502) r7 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r8 = socket(0x10, 0x2, 0x0) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r9}, 0x10) syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842) write(r8, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r7, &(0x7f0000002ec0), 0x0, 0x2, &(0x7f00000001c0)={0x77359400}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r10, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004) 1.779632831s ago: executing program 3 (id=422): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) r0 = openat$mice(0xffffffffffffff9c, 0x0, 0x82) write$P9_RCREATE(r0, &(0x7f0000000180)={0x18, 0x73, 0x2, {{0x8, 0x2, 0x7}, 0x6}}, 0x18) ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f00000000c0)={0x7, "0a43b81781ee52fe5d1318dedf595fea476cc6aab722e8ac16406f5b4c42cc1b", 0x2, 0x1, 0x3ff, 0x7, 0x11, 0x1, 0x3ff, 0x7}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={r1, 0xd14, 0xfff, 0xe}) r2 = socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0x28e, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1a000000, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team0\x00'}) r4 = getpid() r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0) sendmsg$NL80211_CMD_ABORT_SCAN(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x1c, 0x0, 0xd9b2794f6a139537, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}}, 0x0) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x5) ptrace$cont(0x1f, r4, 0x100, 0x4) r8 = msgget$private(0x0, 0x0) msgrcv(r8, 0x0, 0x0, 0x0, 0x0) msgsnd(r8, &(0x7f0000000380)=ANY=[], 0xe, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x40}}, 0x0) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) 1.588053456s ago: executing program 0 (id=423): syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL) socket$nl_generic(0x10, 0x3, 0x10) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') mkdirat(0xffffffffffffff9c, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00') r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00) dup(r4) write$binfmt_script(r4, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3) 1.349728046s ago: executing program 1 (id=424): syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00) dup(r5) write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3) 1.017223065s ago: executing program 1 (id=425): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f00000000c0)='./file1\x00', r3, &(0x7f0000000100)='./file0\x00') openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0) socket$kcm(0x11, 0x3, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{}, {}, {}, {0x1}, {}, {0xfffffffa, 0x6}], 0x0, 0x0, 0x8, 0x0, 0x1}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a) r6 = accept4(r5, 0x0, 0x0, 0x0) write(r6, &(0x7f0000000040)="cb", 0xfffffdef) 729.915501ms ago: executing program 2 (id=426): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = dup(r2) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, 0x0, 0x0, 0x4810) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) socket$rxrpc(0x21, 0x2, 0xa) connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'}) shutdown(r4, 0x1) write$UHID_INPUT(r3, &(0x7f0000001040)={0xfc, {"a2e3ad21ed0d09f91b45090987f70906d038e7ff7fc6e5539b0d3d0e8b089b3f330063090890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b5b070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a6d5e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210380106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b07c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 695.276593ms ago: executing program 0 (id=427): openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/mdstat\x00', 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffffffffffc8d) syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x50, 0x0, @fd=r0}) r4 = socket$inet(0x2, 0x4000000000000001, 0x40000004) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000000)=0x1, 0x4) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) sendto$inet(r4, &(0x7f0000000700)="09268a60fcd8f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b2f7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88", 0x65, 0x4c009, 0x0, 0x0) socket$packet(0x11, 0xa, 0x300) mq_open(&(0x7f0000000280)='rmdF\x17\x16\xbc\xec\xfd\x9f\x7f\x8f\x8bZ\xb0\x99\x1dC\x8b\xc7\xb2\x16A\xcbT\x99\xfbc\xe8\xa9\xa8ot\x174w\xc8\v&\xb9\xb0\xd6\'_4\x83%\xbckS\x15\xa8L\x10\xa5Q+\xa9\x8f5\xa9\x85u\xb7\xce\x91a\xc8O\xe5V9,\xaf\x1b\x11\xd1\x01\x86\xe9\xd9=_\xa6\b\r$\x06\xbe\xd2\xbb\x03\x90IV\xd1\x11\xd3\xa6\xcf\xd5\xd2\xe1O>@6u\x1a\xae\xbd\xad\x9aw\xf9\\\x97\x16-\xbf\xd2Gt\xc4\xd2?\xac\xc7\x15F%x\xb1\a^\xe0\xdc\xd8\x950x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00) dup(r5) write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:37430' (ED25519) to the list of known hosts. [ 32.466351][ T5856] cgroup: Unknown subsys name 'net' [ 32.611073][ T5856] cgroup: Unknown subsys name 'cpuset' [ 32.615725][ T5856] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 33.460267][ T5856] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 35.915731][ T5936] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 35.919824][ T5936] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 35.922363][ T5936] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 35.924849][ T5936] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 35.927527][ T5936] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 35.929851][ T5936] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 35.941725][ T5949] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 35.942230][ T5946] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 35.946834][ T5949] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 35.947462][ T5946] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 35.949343][ T5949] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 35.951290][ T5946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 35.953497][ T5949] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 35.956581][ T5950] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 35.958222][ T5949] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 35.960516][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 35.962672][ T5949] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 35.968087][ T5949] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 35.969782][ T65] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 35.969960][ T5950] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 35.970356][ T5950] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 35.970491][ T5950] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 35.982029][ T65] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 35.984490][ T65] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 36.093400][ T95] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.095777][ T95] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.100226][ T92] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.102530][ T92] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.113362][ T92] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.115726][ T92] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.126143][ T95] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.128814][ T92] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.128832][ T92] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.129878][ T95] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.150343][ T95] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.152737][ T95] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.163343][ T95] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.164423][ T5939] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 36.165776][ T95] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.186702][ T92] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.196547][ T92] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.787735][ T5975] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5 [ 37.226045][ T5995] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 37.270340][ T5995] capability: warning: `syz.1.8' uses deprecated v2 capabilities in a way that may be insecure [ 37.441003][ T6002] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6 [ 37.574728][ T6004] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input7 [ 37.918287][ T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!! [ 38.028122][ T5936] Bluetooth: hci3: command tx timeout [ 38.030139][ T5936] Bluetooth: hci1: command tx timeout [ 38.031895][ T5936] Bluetooth: hci2: command tx timeout [ 38.033651][ T5936] Bluetooth: hci0: command tx timeout [ 38.165798][ T6033] 9pnet_virtio: no channels available for device syz [ 39.184611][ T6048] netlink: 12 bytes leftover after parsing attributes in process `syz.0.18'. [ 39.603613][ T39] audit: type=1326 audit(1737710343.027:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6058 comm="syz.1.21" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f82579 code=0x0 [ 39.699597][ T6063] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 40.097367][ T5949] Bluetooth: hci0: command tx timeout [ 40.099077][ T5949] Bluetooth: hci2: command tx timeout [ 40.100718][ T5949] Bluetooth: hci1: command tx timeout [ 40.102529][ T5949] Bluetooth: hci3: command tx timeout [ 40.619432][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.637390][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.650823][ T6087] FAULT_INJECTION: forcing a failure. [ 40.650823][ T6087] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 40.655205][ T6087] CPU: 3 UID: 0 PID: 6087 Comm: syz.1.30 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0 [ 40.655218][ T6087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 40.655223][ T6087] Call Trace: [ 40.655226][ T6087] [ 40.655230][ T6087] dump_stack_lvl+0x16c/0x1f0 [ 40.655242][ T6087] should_fail_ex+0x497/0x5b0 [ 40.655258][ T6087] _copy_from_user+0x2e/0xd0 [ 40.655267][ T6087] __sys_bpf+0x215/0x57a0 [ 40.655277][ T6087] ? __pfx_lock_release+0x10/0x10 [ 40.655287][ T6087] ? __pfx___sys_bpf+0x10/0x10 [ 40.655295][ T6087] ? vfs_write+0x306/0x1150 [ 40.655309][ T6087] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 40.655325][ T6087] ? fput+0x67/0x440 [ 40.655333][ T6087] ? ksys_write+0x1ba/0x250 [ 40.655344][ T6087] ? __pfx_ksys_write+0x10/0x10 [ 40.655356][ T6087] __ia32_sys_bpf+0x76/0xe0 [ 40.655366][ T6087] __do_fast_syscall_32+0x73/0x120 [ 40.655376][ T6087] do_fast_syscall_32+0x32/0x80 [ 40.655385][ T6087] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 40.655398][ T6087] RIP: 0023:0xf7f82579 [ 40.655405][ T6087] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 40.655413][ T6087] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 40.655422][ T6087] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000500 [ 40.655427][ T6087] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000000 [ 40.655432][ T6087] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 40.655436][ T6087] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 40.655441][ T6087] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 40.655452][ T6087] [ 40.986821][ T6103] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input8 [ 41.027414][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 41.671601][ T6117] pim6reg: entered allmulticast mode [ 41.676412][ T6117] pim6reg: left allmulticast mode [ 41.771996][ T6119] Zero length message leads to an empty skb [ 42.003204][ T6134] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input9 [ 42.187869][ T5949] Bluetooth: hci1: command tx timeout [ 42.187976][ T5936] Bluetooth: hci3: command tx timeout [ 42.189567][ T65] Bluetooth: hci2: command tx timeout [ 42.189595][ T65] Bluetooth: hci0: command tx timeout [ 42.397646][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 42.947421][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 43.158256][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 43.240148][ T6162] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input10 [ 43.281317][ T5944] udevd[5944]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 43.727382][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2c2!!! [ 43.840715][ T6174] netlink: 4 bytes leftover after parsing attributes in process `syz.1.48'. [ 43.975050][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 44.218624][ T6191] /dev/nullb0: Can't open blockdev [ 44.254603][ T6193] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input11 [ 44.287361][ T5941] Bluetooth: hci3: command tx timeout [ 44.289009][ T5941] Bluetooth: hci1: command tx timeout [ 44.290659][ T5941] Bluetooth: hci0: command tx timeout [ 44.292268][ T5941] Bluetooth: hci2: command tx timeout [ 44.897431][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 45.286767][ T6221] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input12 [ 45.398773][ T6224] autofs4:pid:6224:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e) [ 45.961913][ T6235] /dev/nullb0: Can't open blockdev [ 46.192912][ T6237] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input14 [ 46.525132][ T6254] netlink: 188 bytes leftover after parsing attributes in process `syz.3.67'. [ 47.309171][ T6271] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input15 [ 47.714568][ T6290] 9pnet_fd: Insufficient options for proto=fd [ 48.666814][ T6309] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input16 [ 49.759285][ T6338] netlink: 44 bytes leftover after parsing attributes in process `syz.2.87'. [ 49.762157][ T6338] netlink: 'syz.2.87': attribute type 6 has an invalid length. [ 49.764525][ T6338] netlink: 'syz.2.87': attribute type 5 has an invalid length. [ 49.766802][ T6338] netlink: 'syz.2.87': attribute type 4 has an invalid length. [ 49.771085][ T6338] netlink: 8 bytes leftover after parsing attributes in process `syz.2.87'. [ 49.779928][ T6329] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input17 [ 50.321085][ T6347] 9pnet_fd: Insufficient options for proto=fd [ 51.475342][ T6370] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input18 [ 52.317338][ T1451] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 52.346709][ T6396] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input19 [ 52.484123][ T1451] usb 7-1: Using ep0 maxpacket: 8 [ 52.495344][ T1451] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 52.498793][ T1451] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 52.501564][ T1451] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.507558][ T1451] usb 7-1: config 0 descriptor?? [ 52.707954][ T6384] syz.1.97 (6384) used greatest stack depth: 20032 bytes left [ 52.718007][ T6386] x_tables: duplicate underflow at hook 1 [ 52.759863][ T1451] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 52.806043][ T6402] 9pnet_fd: Insufficient options for proto=fd [ 53.148761][ T6386] netlink: 16 bytes leftover after parsing attributes in process `syz.2.98'. [ 53.163109][ T1015] usb 7-1: USB disconnect, device number 2 [ 53.290932][ T6405] qnx6: unable to set blocksize [ 54.004927][ T6439] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input20 [ 54.525093][ T6448] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input21 [ 55.160024][ T6462] 9pnet_virtio: no channels available for device syz [ 55.468165][ T6470] capability: warning: `syz.0.115' uses 32-bit capabilities (legacy support in use) [ 55.516792][ T6473] 9pnet_fd: Insufficient options for proto=fd [ 55.849562][ T6488] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input22 [ 56.481878][ T6503] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input23 [ 57.219915][ T6526] 9pnet_virtio: no channels available for device syz [ 58.123059][ T39] audit: type=1326 audit(1737710361.547:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6533 comm="syz.1.130" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x0 [ 59.232901][ T6567] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input24 [ 59.345401][ T6569] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input25 [ 59.907994][ T6587] 9pnet_virtio: no channels available for device syz [ 61.418436][ T6608] netlink: 36 bytes leftover after parsing attributes in process `syz.3.144'. [ 61.421160][ T6608] netlink: 16 bytes leftover after parsing attributes in process `syz.3.144'. [ 61.424009][ T6608] netlink: 36 bytes leftover after parsing attributes in process `syz.3.144'. [ 61.580738][ T6612] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input26 [ 62.260367][ T6629] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input27 [ 62.296740][ T6632] 9pnet_virtio: no channels available for device syz [ 62.661431][ T6636] netlink: 'syz.3.152': attribute type 4 has an invalid length. [ 63.880835][ T6669] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input28 [ 64.571224][ T6678] binder: 6677:6678 ioctl c0306201 20000680 returned -14 [ 64.759430][ T6686] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input29 [ 66.016408][ T6716] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input30 [ 66.960627][ T6737] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input31 [ 68.968388][ T6780] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input32 [ 69.000329][ T6776] tipc: Started in network mode [ 69.002050][ T6776] tipc: Node identity 7, cluster identity 4711 [ 69.003835][ T6776] tipc: Node number set to 7 [ 69.006056][ T6776] tipc: Cannot configure node identity twice [ 69.470529][ T6790] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input33 [ 69.715170][ T6799] befs: (nullb0): No write support. Marking filesystem read-only [ 69.718829][ T6799] befs: (nullb0): invalid magic header [ 70.820411][ T1412] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.822620][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.507990][ T6833] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input34 [ 72.011139][ T6840] netlink: 4 bytes leftover after parsing attributes in process `syz.0.198'. [ 72.480877][ T6862] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input35 [ 73.514723][ T6887] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input36 [ 75.456042][ T6925] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input37 [ 75.839193][ T6931] Bluetooth: MGMT ver 1.23 [ 75.940029][ T833] cfg80211: failed to load regulatory.db [ 76.315524][ T6947] 9pnet_virtio: no channels available for device syz [ 77.629518][ T6972] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input38 [ 78.755197][ T6997] 9pnet_virtio: no channels available for device syz [ 78.977017][ T7006] xt_connbytes: Forcing CT accounting to be enabled [ 78.977033][ T7007] xt_connbytes: Forcing CT accounting to be enabled [ 78.981819][ T7006] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 78.982066][ T7007] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 80.607626][ T7036] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input39 [ 81.278187][ T7046] 9pnet_virtio: no channels available for device syz [ 81.925716][ T7057] 9pnet_virtio: no channels available for device syz [ 82.296391][ T7064] tipc: Started in network mode [ 82.298003][ T7064] tipc: Node identity 7, cluster identity 4711 [ 82.299877][ T7064] tipc: Node number set to 7 [ 82.301445][ T7064] tipc: Cannot configure node identity twice [ 83.279803][ T7083] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input40 [ 83.609497][ T7101] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input41 [ 83.869689][ T7097] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input42 [ 84.668284][ T7119] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input43 [ 85.480548][ T7141] 9pnet_virtio: no channels available for device syz [ 85.984630][ T39] audit: type=1326 audit(1737710389.407:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.261" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 86.065216][ T7147] syz.2.261 uses obsolete (PF_INET,SOCK_PACKET) [ 89.050672][ T7222] 9pnet_virtio: no channels available for device syz [ 89.703437][ T7238] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input44 [ 90.657792][ T7258] binder: BINDER_SET_CONTEXT_MGR already set [ 90.659670][ T7258] binder: 7257:7258 ioctl 4018620d 20000100 returned -16 [ 90.665675][ T7258] binder: BINDER_SET_CONTEXT_MGR already set [ 90.668349][ T7258] binder: 7257:7258 ioctl 4018620d 20004a80 returned -16 [ 91.202464][ T7264] 9pnet_virtio: no channels available for device syz [ 91.396366][ T7266] can0: slcan on ptm1. [ 91.468289][ T7265] can0 (unregistered): slcan off ptm1. [ 91.584560][ T7275] bpf: Bad value for 'uid' [ 91.801957][ T7287] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input45 [ 94.269419][ T7350] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input46 [ 96.487911][ T39] audit: type=1326 audit(1737710399.917:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.2.323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 96.502059][ T39] audit: type=1326 audit(1737710399.917:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.2.323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 96.515778][ T39] audit: type=1326 audit(1737710399.917:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.2.323" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 96.527015][ T39] audit: type=1326 audit(1737710399.917:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.2.323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 96.533721][ T39] audit: type=1326 audit(1737710399.917:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.2.323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 96.542309][ T39] audit: type=1326 audit(1737710399.917:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.2.323" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 96.566456][ T39] audit: type=1326 audit(1737710399.937:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.2.323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 96.578124][ T39] audit: type=1326 audit(1737710399.937:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.2.323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 96.592338][ T39] audit: type=1326 audit(1737710399.937:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.2.323" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 96.602974][ T39] audit: type=1326 audit(1737710399.937:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.2.323" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 96.740558][ T7400] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input47 [ 96.764570][ T7402] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 96.827543][ T7406] 9pnet_virtio: no channels available for device syz [ 99.236345][ T7454] FAULT_INJECTION: forcing a failure. [ 99.236345][ T7454] name failslab, interval 1, probability 0, space 0, times 1 [ 99.246000][ T7454] CPU: 1 UID: 0 PID: 7454 Comm: syz.1.339 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0 [ 99.246014][ T7454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 99.246019][ T7454] Call Trace: [ 99.246022][ T7454] [ 99.246026][ T7454] dump_stack_lvl+0x16c/0x1f0 [ 99.246039][ T7454] should_fail_ex+0x497/0x5b0 [ 99.246053][ T7454] ? fs_reclaim_acquire+0xae/0x150 [ 99.246072][ T7454] should_failslab+0xc2/0x120 [ 99.246087][ T7454] __kmalloc_cache_node_noprof+0x6f/0x3f0 [ 99.246110][ T7454] ? __get_vm_area_node+0x101/0x2f0 [ 99.246136][ T7454] __get_vm_area_node+0x101/0x2f0 [ 99.246159][ T7454] __vmalloc_node_range_noprof+0x26a/0x1530 [ 99.246176][ T7454] ? __vcalloc_noprof+0x4d/0x80 [ 99.246187][ T7454] ? lock_acquire.part.0+0x11b/0x380 [ 99.246199][ T7454] ? __mutex_trylock_common+0xea/0x250 [ 99.246208][ T7454] ? __vcalloc_noprof+0x4d/0x80 [ 99.246219][ T7454] ? kasan_save_track+0x14/0x30 [ 99.246231][ T7454] ? kvm_set_memslot+0x34/0x1380 [ 99.246242][ T7454] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 99.246255][ T7454] ? __mutex_lock+0x1cc/0xb10 [ 99.246265][ T7454] ? kvm_set_memslot+0x34/0x1380 [ 99.246274][ T7454] ? __vcalloc_noprof+0x4d/0x80 [ 99.246285][ T7454] __vmalloc_noprof+0x6d/0x90 [ 99.246300][ T7454] ? __vcalloc_noprof+0x4d/0x80 [ 99.246311][ T7454] __vcalloc_noprof+0x4d/0x80 [ 99.246322][ T7454] kvm_arch_prepare_memory_region+0x2dc/0x840 [ 99.246336][ T7454] kvm_set_memslot+0x139/0x1380 [ 99.246346][ T7454] ? kasan_save_track+0x14/0x30 [ 99.246358][ T7454] __kvm_set_memory_region+0xe01/0x1580 [ 99.246371][ T7454] ? __pfx___kvm_set_memory_region+0x10/0x10 [ 99.246380][ T7454] ? __might_fault+0xe3/0x190 [ 99.246392][ T7454] kvm_vm_ioctl+0x152e/0x3df0 [ 99.246407][ T7454] ? stack_trace_save+0x95/0xd0 [ 99.246419][ T7454] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 99.246428][ T7454] ? __pfx_mark_lock+0x10/0x10 [ 99.246436][ T7454] ? stack_depot_save_flags+0x28/0x9e0 [ 99.246451][ T7454] ? kasan_save_stack+0x42/0x60 [ 99.246467][ T7454] ? kasan_save_stack+0x33/0x60 [ 99.246478][ T7454] ? kasan_save_track+0x14/0x30 [ 99.246489][ T7454] ? kasan_save_free_info+0x3b/0x60 [ 99.246498][ T7454] ? __kasan_slab_free+0x51/0x70 [ 99.246510][ T7454] ? kfree+0x14f/0x4b0 [ 99.246519][ T7454] ? tomoyo_path_number_perm+0x46d/0x5b0 [ 99.246529][ T7454] ? security_file_ioctl_compat+0x9b/0x240 [ 99.246540][ T7454] ? __do_compat_sys_ioctl+0x4e/0x2c0 [ 99.246550][ T7454] ? __do_fast_syscall_32+0x73/0x120 [ 99.246559][ T7454] ? do_fast_syscall_32+0x32/0x80 [ 99.246567][ T7454] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 99.246580][ T7454] ? kvm_arch_vm_compat_ioctl+0x2d1/0x480 [ 99.246591][ T7454] ? hlock_class+0x4e/0x130 [ 99.246602][ T7454] ? mark_lock+0xb5/0xc60 [ 99.246609][ T7454] ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10 [ 99.246622][ T7454] ? __pfx_mark_lock+0x10/0x10 [ 99.246638][ T7454] ? find_held_lock+0x2d/0x110 [ 99.246650][ T7454] ? tomoyo_path_number_perm+0x298/0x5b0 [ 99.246660][ T7454] ? __pfx_lock_release+0x10/0x10 [ 99.246670][ T7454] ? tomoyo_path_number_perm+0x46d/0x5b0 [ 99.246689][ T7454] ? do_vfs_ioctl+0x513/0x1950 [ 99.246699][ T7454] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 99.246714][ T7454] kvm_vm_compat_ioctl+0x399/0x440 [ 99.246725][ T7454] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 99.246735][ T7454] ? __pfx_lock_release+0x10/0x10 [ 99.246743][ T7454] ? trace_lock_acquire+0x14e/0x1f0 [ 99.246759][ T7454] ? __fget_files+0x206/0x3a0 [ 99.246772][ T7454] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 99.246783][ T7454] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 99.246794][ T7454] __do_fast_syscall_32+0x73/0x120 [ 99.246804][ T7454] do_fast_syscall_32+0x32/0x80 [ 99.246813][ T7454] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 99.246825][ T7454] RIP: 0023:0xf7f82579 [ 99.246832][ T7454] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 99.246840][ T7454] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 99.246849][ T7454] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004020ae46 [ 99.246854][ T7454] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 99.246859][ T7454] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 99.246863][ T7454] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 99.246868][ T7454] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 99.246879][ T7454] [ 99.246984][ T7454] syz.1.339: vmalloc error: size 4, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 99.391941][ T7454] CPU: 1 UID: 0 PID: 7454 Comm: syz.1.339 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0 [ 99.391966][ T7454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 99.391972][ T7454] Call Trace: [ 99.391975][ T7454] [ 99.391979][ T7454] dump_stack_lvl+0x16c/0x1f0 [ 99.391993][ T7454] warn_alloc+0x24d/0x3a0 [ 99.392008][ T7454] ? __pfx_warn_alloc+0x10/0x10 [ 99.392020][ T7454] ? rcu_is_watching+0x12/0xc0 [ 99.392032][ T7454] ? __kmalloc_cache_node_noprof+0x245/0x3f0 [ 99.392047][ T7454] ? __kasan_kmalloc+0x8a/0xb0 [ 99.392060][ T7454] ? __get_vm_area_node+0x1dc/0x2f0 [ 99.392074][ T7454] __vmalloc_node_range_noprof+0xd27/0x1530 [ 99.392086][ T7454] ? lock_acquire.part.0+0x11b/0x380 [ 99.392098][ T7454] ? __mutex_trylock_common+0xea/0x250 [ 99.392108][ T7454] ? __vcalloc_noprof+0x4d/0x80 [ 99.392119][ T7454] ? kasan_save_track+0x14/0x30 [ 99.392131][ T7454] ? kvm_set_memslot+0x34/0x1380 [ 99.392142][ T7454] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 99.392154][ T7454] ? __mutex_lock+0x1cc/0xb10 [ 99.392165][ T7454] ? kvm_set_memslot+0x34/0x1380 [ 99.392174][ T7454] ? __vcalloc_noprof+0x4d/0x80 [ 99.392185][ T7454] __vmalloc_noprof+0x6d/0x90 [ 99.392196][ T7454] ? __vcalloc_noprof+0x4d/0x80 [ 99.392208][ T7454] __vcalloc_noprof+0x4d/0x80 [ 99.392219][ T7454] kvm_arch_prepare_memory_region+0x2dc/0x840 [ 99.392234][ T7454] kvm_set_memslot+0x139/0x1380 [ 99.392243][ T7454] ? kasan_save_track+0x14/0x30 [ 99.392256][ T7454] __kvm_set_memory_region+0xe01/0x1580 [ 99.392270][ T7454] ? __pfx___kvm_set_memory_region+0x10/0x10 [ 99.392279][ T7454] ? __might_fault+0xe3/0x190 [ 99.392291][ T7454] kvm_vm_ioctl+0x152e/0x3df0 [ 99.392306][ T7454] ? stack_trace_save+0x95/0xd0 [ 99.392318][ T7454] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 99.392328][ T7454] ? __pfx_mark_lock+0x10/0x10 [ 99.392335][ T7454] ? stack_depot_save_flags+0x28/0x9e0 [ 99.392351][ T7454] ? kasan_save_stack+0x42/0x60 [ 99.392362][ T7454] ? kasan_save_stack+0x33/0x60 [ 99.392373][ T7454] ? kasan_save_track+0x14/0x30 [ 99.392384][ T7454] ? kasan_save_free_info+0x3b/0x60 [ 99.392393][ T7454] ? __kasan_slab_free+0x51/0x70 [ 99.392405][ T7454] ? kfree+0x14f/0x4b0 [ 99.392414][ T7454] ? tomoyo_path_number_perm+0x46d/0x5b0 [ 99.392424][ T7454] ? security_file_ioctl_compat+0x9b/0x240 [ 99.392435][ T7454] ? __do_compat_sys_ioctl+0x4e/0x2c0 [ 99.392444][ T7454] ? __do_fast_syscall_32+0x73/0x120 [ 99.392453][ T7454] ? do_fast_syscall_32+0x32/0x80 [ 99.392461][ T7454] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 99.392474][ T7454] ? kvm_arch_vm_compat_ioctl+0x2d1/0x480 [ 99.392486][ T7454] ? hlock_class+0x4e/0x130 [ 99.392496][ T7454] ? mark_lock+0xb5/0xc60 [ 99.392504][ T7454] ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10 [ 99.392516][ T7454] ? __pfx_mark_lock+0x10/0x10 [ 99.392532][ T7454] ? find_held_lock+0x2d/0x110 [ 99.392544][ T7454] ? tomoyo_path_number_perm+0x298/0x5b0 [ 99.392554][ T7454] ? __pfx_lock_release+0x10/0x10 [ 99.392564][ T7454] ? tomoyo_path_number_perm+0x46d/0x5b0 [ 99.392581][ T7454] ? do_vfs_ioctl+0x513/0x1950 [ 99.392591][ T7454] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 99.392606][ T7454] kvm_vm_compat_ioctl+0x399/0x440 [ 99.392617][ T7454] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 99.392627][ T7454] ? __pfx_lock_release+0x10/0x10 [ 99.392635][ T7454] ? trace_lock_acquire+0x14e/0x1f0 [ 99.392650][ T7454] ? __fget_files+0x206/0x3a0 [ 99.392664][ T7454] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 99.392675][ T7454] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 99.392686][ T7454] __do_fast_syscall_32+0x73/0x120 [ 99.392696][ T7454] do_fast_syscall_32+0x32/0x80 [ 99.392705][ T7454] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 99.392717][ T7454] RIP: 0023:0xf7f82579 [ 99.392725][ T7454] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 99.392733][ T7454] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 99.392741][ T7454] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004020ae46 [ 99.392746][ T7454] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 99.392751][ T7454] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 99.392756][ T7454] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 99.392761][ T7454] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 99.392772][ T7454] [ 99.392775][ T7454] Mem-Info: [ 99.528715][ T7454] active_anon:9073 inactive_anon:0 isolated_anon:0 [ 99.528715][ T7454] active_file:12839 inactive_file:33951 isolated_file:0 [ 99.528715][ T7454] unevictable:1768 dirty:200 writeback:0 [ 99.528715][ T7454] slab_reclaimable:7707 slab_unreclaimable:47157 [ 99.528715][ T7454] mapped:25676 shmem:7606 pagetables:704 [ 99.528715][ T7454] sec_pagetables:310 bounce:0 [ 99.528715][ T7454] kernel_misc_reclaimable:0 [ 99.528715][ T7454] free:65341 free_pcp:5385 free_cma:0 [ 99.542893][ T7454] Node 0 active_anon:3180kB inactive_anon:0kB active_file:208kB inactive_file:4kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:3916kB dirty:152kB writeback:0kB shmem:6392kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9868kB pagetables:1380kB sec_pagetables:1176kB all_unreclaimable? yes [ 99.552946][ T7454] Node 1 active_anon:34712kB inactive_anon:0kB active_file:51148kB inactive_file:135800kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:98888kB dirty:648kB writeback:0kB shmem:25632kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1388kB pagetables:1436kB sec_pagetables:64kB all_unreclaimable? no [ 99.562905][ T7454] Node 0 DMA free:2296kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:52kB local_pcp:12kB free_cma:0kB [ 99.571408][ T7454] lowmem_reserve[]: 0 296 0 0 0 [ 99.572992][ T7454] Node 0 DMA32 free:17984kB boost:0kB min:13672kB low:17088kB high:20504kB reserved_highatomic:4096KB active_anon:3180kB inactive_anon:0kB active_file:208kB inactive_file:4kB unevictable:3536kB writepending:152kB present:1032196kB managed:303644kB mlocked:0kB bounce:0kB free_pcp:1584kB local_pcp:632kB free_cma:0kB [ 99.582427][ T7454] lowmem_reserve[]: 0 0 0 0 0 [ 99.584106][ T7454] Node 1 DMA32 free:233984kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:38612kB inactive_anon:0kB active_file:51148kB inactive_file:135800kB unevictable:3536kB writepending:648kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:21420kB local_pcp:11168kB free_cma:0kB [ 99.594160][ T7454] lowmem_reserve[]: 0 0 0 0 0 [ 99.595651][ T7454] Node 0 DMA: 70*4kB (U) 54*8kB (U) 29*16kB (U) 33*32kB (U) 1*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2296kB [ 99.600075][ T7454] Node 0 DMA32: 128*4kB (UMEH) 62*8kB (UEH) 17*16kB (UMEH) 86*32kB (UMEH) 30*64kB (UMEH) 22*128kB (UMEH) 10*256kB (M) 9*512kB (MH) 0*1024kB 1*2048kB (U) 0*4096kB = 17984kB [ 99.605458][ T7454] Node 1 DMA32: 0*4kB 5*8kB (UME) 2*16kB (ME) 3*32kB (UME) 101*64kB (ME) 54*128kB (UME) 40*256kB (UME) 18*512kB (UM) 8*1024kB (UME) 4*2048kB (UM) 45*4096kB (M) = 233704kB [ 99.611534][ T7454] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 99.614495][ T7454] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 99.617633][ T7454] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 99.620556][ T7454] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 99.623392][ T7454] 57356 total pagecache pages [ 99.624906][ T7454] 285 pages in swap cache [ 99.626270][ T7454] Free swap = 114128kB [ 99.627943][ T7454] Total swap = 124996kB [ 99.629282][ T7454] 524155 pages RAM [ 99.630455][ T7454] 0 pages HighMem/MovableOnly [ 99.631942][ T7454] 207341 pages reserved [ 99.633265][ T7454] 0 pages cma reserved [ 99.786556][ T7461] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input48 [ 102.129981][ T7500] ALSA: mixer_oss: invalid OSS volume '' [ 102.721970][ T39] kauditd_printk_skb: 33 callbacks suppressed [ 102.721987][ T39] audit: type=1326 audit(1737710406.147:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7506 comm="syz.2.350" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 103.696889][ T7531] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input49 [ 103.717487][ T5941] Bluetooth: hci3: command 0x0405 tx timeout [ 104.568282][ T7543] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input50 [ 106.441063][ T7570] 9pnet_virtio: no channels available for device syz [ 106.547690][ T7571] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input51 [ 106.905716][ T39] audit: type=1326 audit(1737710410.327:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7574 comm="syz.0.365" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0 [ 107.681888][ T7595] sp0: Synchronizing with TNC [ 109.109590][ T7629] netlink: 'syz.0.376': attribute type 1 has an invalid length. [ 109.111937][ T7629] netlink: 4 bytes leftover after parsing attributes in process `syz.0.376'. [ 109.185326][ T7629] process 'syz.0.376' launched './file0' with NULL argv: empty string added [ 109.216665][ T7631] netlink: 24 bytes leftover after parsing attributes in process `syz.0.376'. [ 109.930957][ T7647] netlink: 36 bytes leftover after parsing attributes in process `syz.0.381'. [ 109.933646][ T7647] netlink: 16 bytes leftover after parsing attributes in process `syz.0.381'. [ 109.936257][ T7647] netlink: 36 bytes leftover after parsing attributes in process `syz.0.381'. [ 109.950526][ T7648] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input52 [ 111.071339][ T39] audit: type=1326 audit(1737710414.497:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7658 comm="syz.1.384" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x0 [ 112.190067][ T7696] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input53 [ 113.253259][ T7722] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input54 [ 114.874058][ T7754] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input55 [ 115.525896][ T7765] binder: 7764:7765 ioctl c0306201 20000680 returned -14 [ 115.729866][ T7770] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input56 [ 116.659001][ T7786] 9pnet_virtio: no channels available for device syz [ 116.901094][ T7791] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input57 [ 117.336833][ T39] audit: type=1326 audit(1737710420.757:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7799 comm="syz.0.415" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0 [ 118.297108][ T7818] 9pnet_virtio: no channels available for device syz [ 119.312433][ T7834] 9pnet_virtio: no channels available for device syz [ 120.031210][ T7845] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input58 [ 120.357628][ T39] audit: type=1326 audit(1737710423.787:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.0.427" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0 [ 120.560604][ T5936] ================================================================== [ 120.563070][ T5936] BUG: KASAN: null-ptr-deref in l2cap_sock_resume_cb+0xd0/0x130 [ 120.565400][ T5936] Write of size 8 at addr 0000000000000568 by task kworker/u33:2/5936 [ 120.569150][ T5936] [ 120.569890][ T5936] CPU: 0 UID: 0 PID: 5936 Comm: kworker/u33:2 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0 [ 120.569902][ T5936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 120.569910][ T5936] Workqueue: hci3 hci_rx_work [ 120.569924][ T5936] Call Trace: [ 120.569929][ T5936] [ 120.569933][ T5936] dump_stack_lvl+0x116/0x1f0 [ 120.569944][ T5936] kasan_report+0xd9/0x110 [ 120.569954][ T5936] ? l2cap_sock_resume_cb+0xd0/0x130 [ 120.569965][ T5936] ? l2cap_sock_resume_cb+0xd0/0x130 [ 120.569978][ T5936] kasan_check_range+0xef/0x1a0 [ 120.569989][ T5936] l2cap_sock_resume_cb+0xd0/0x130 [ 120.570000][ T5936] l2cap_security_cfm+0x795/0x11d0 [ 120.570012][ T5936] ? __pfx_l2cap_security_cfm+0x10/0x10 [ 120.570023][ T5936] ? mark_held_locks+0x9f/0xe0 [ 120.570034][ T5936] ? kasan_quarantine_put+0x10a/0x240 [ 120.570048][ T5936] ? lockdep_hardirqs_on+0x7c/0x110 [ 120.570057][ T5936] ? kfree+0x14f/0x4b0 [ 120.570069][ T5936] ? __pfx_rfcomm_security_cfm+0x10/0x10 [ 120.570083][ T5936] ? hci_encrypt_cfm+0x202/0x7d0 [ 120.570097][ T5936] ? __pfx_l2cap_security_cfm+0x10/0x10 [ 120.570106][ T5936] hci_encrypt_cfm+0x1f2/0x7d0 [ 120.570120][ T5936] ? __pfx_hci_encrypt_cfm+0x10/0x10 [ 120.570132][ T5936] ? hci_conn_hash_lookup_handle+0x3b/0x330 [ 120.570146][ T5936] hci_encrypt_change_evt+0x3f3/0x1130 [ 120.570155][ T5936] ? __pfx_hci_encrypt_change_evt+0x10/0x10 [ 120.570165][ T5936] ? skb_pull_data+0x166/0x210 [ 120.570175][ T5936] hci_event_packet+0x9eb/0x1190 [ 120.570184][ T5936] ? __pfx_hci_encrypt_change_evt+0x10/0x10 [ 120.570193][ T5936] ? __pfx_hci_event_packet+0x10/0x10 [ 120.570202][ T5936] ? mark_held_locks+0x9f/0xe0 [ 120.570210][ T5936] ? kcov_remote_start+0x3cf/0x6e0 [ 120.570220][ T5936] ? lockdep_hardirqs_on+0x7c/0x110 [ 120.570229][ T5936] hci_rx_work+0x2c5/0x16b0 [ 120.570240][ T5936] ? process_one_work+0x8bb/0x1b30 [ 120.570255][ T5936] process_one_work+0x958/0x1b30 [ 120.570270][ T5936] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 120.570279][ T5936] ? __pfx_process_one_work+0x10/0x10 [ 120.570292][ T5936] ? rcu_is_watching+0x12/0xc0 [ 120.570305][ T5936] ? assign_work+0x1a0/0x250 [ 120.570319][ T5936] worker_thread+0x6c8/0xf00 [ 120.570328][ T5936] ? __kthread_parkme+0x148/0x220 [ 120.570339][ T5936] ? __pfx_worker_thread+0x10/0x10 [ 120.570347][ T5936] kthread+0x3af/0x750 [ 120.570359][ T5936] ? __pfx_kthread+0x10/0x10 [ 120.570371][ T5936] ? lock_acquire+0x2f/0xb0 [ 120.570380][ T5936] ? __pfx_kthread+0x10/0x10 [ 120.570393][ T5936] ret_from_fork+0x45/0x80 [ 120.570402][ T5936] ? __pfx_kthread+0x10/0x10 [ 120.570414][ T5936] ret_from_fork_asm+0x1a/0x30 [ 120.570430][ T5936] [ 120.570433][ T5936] ================================================================== [ 120.651876][ T5936] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 120.654093][ T5936] CPU: 0 UID: 0 PID: 5936 Comm: kworker/u33:2 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0 [ 120.657299][ T5936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 120.660534][ T5936] Workqueue: hci3 hci_rx_work [ 120.661971][ T5936] Call Trace: [ 120.662994][ T5936] [ 120.663936][ T5936] dump_stack_lvl+0x3d/0x1f0 [ 120.665353][ T5936] panic+0x71d/0x800 [ 120.666557][ T5936] ? __pfx_panic+0x10/0x10 [ 120.667926][ T5936] ? irqentry_exit+0x3b/0x90 [ 120.669333][ T5936] ? lockdep_hardirqs_on+0x7c/0x110 [ 120.670918][ T5936] ? preempt_schedule_thunk+0x1a/0x30 [ 120.672598][ T5936] ? preempt_schedule_common+0x44/0xc0 [ 120.674266][ T5936] check_panic_on_warn+0xab/0xb0 [ 120.675795][ T5936] end_report+0x117/0x180 [ 120.677123][ T5936] kasan_report+0xe9/0x110 [ 120.678486][ T5936] ? l2cap_sock_resume_cb+0xd0/0x130 [ 120.680096][ T5936] ? l2cap_sock_resume_cb+0xd0/0x130 [ 120.681695][ T5936] kasan_check_range+0xef/0x1a0 [ 120.683191][ T5936] l2cap_sock_resume_cb+0xd0/0x130 [ 120.684765][ T5936] l2cap_security_cfm+0x795/0x11d0 [ 120.686322][ T5936] ? __pfx_l2cap_security_cfm+0x10/0x10 [ 120.687999][ T5936] ? mark_held_locks+0x9f/0xe0 [ 120.689466][ T5936] ? kasan_quarantine_put+0x10a/0x240 [ 120.691095][ T5936] ? lockdep_hardirqs_on+0x7c/0x110 [ 120.692677][ T5936] ? kfree+0x14f/0x4b0 [ 120.693926][ T5936] ? __pfx_rfcomm_security_cfm+0x10/0x10 [ 120.695630][ T5936] ? hci_encrypt_cfm+0x202/0x7d0 [ 120.697139][ T5936] ? __pfx_l2cap_security_cfm+0x10/0x10 [ 120.698814][ T5936] hci_encrypt_cfm+0x1f2/0x7d0 [ 120.700289][ T5936] ? __pfx_hci_encrypt_cfm+0x10/0x10 [ 120.701900][ T5936] ? hci_conn_hash_lookup_handle+0x3b/0x330 [ 120.703703][ T5936] hci_encrypt_change_evt+0x3f3/0x1130 [ 120.705358][ T5936] ? __pfx_hci_encrypt_change_evt+0x10/0x10 [ 120.707142][ T5936] ? skb_pull_data+0x166/0x210 [ 120.708610][ T5936] hci_event_packet+0x9eb/0x1190 [ 120.710111][ T5936] ? __pfx_hci_encrypt_change_evt+0x10/0x10 [ 120.711909][ T5936] ? __pfx_hci_event_packet+0x10/0x10 [ 120.713533][ T5936] ? mark_held_locks+0x9f/0xe0 [ 120.714994][ T5936] ? kcov_remote_start+0x3cf/0x6e0 [ 120.716568][ T5936] ? lockdep_hardirqs_on+0x7c/0x110 [ 120.718136][ T5936] hci_rx_work+0x2c5/0x16b0 [ 120.719512][ T5936] ? process_one_work+0x8bb/0x1b30 [ 120.721063][ T5936] process_one_work+0x958/0x1b30 [ 120.722563][ T5936] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 120.724278][ T5936] ? __pfx_process_one_work+0x10/0x10 [ 120.725910][ T5936] ? rcu_is_watching+0x12/0xc0 [ 120.727369][ T5936] ? assign_work+0x1a0/0x250 [ 120.728793][ T5936] worker_thread+0x6c8/0xf00 [ 120.730210][ T5936] ? __kthread_parkme+0x148/0x220 [ 120.731743][ T5936] ? __pfx_worker_thread+0x10/0x10 [ 120.733337][ T5936] kthread+0x3af/0x750 [ 120.734608][ T5936] ? __pfx_kthread+0x10/0x10 [ 120.736031][ T5936] ? lock_acquire+0x2f/0xb0 [ 120.737419][ T5936] ? __pfx_kthread+0x10/0x10 [ 120.738836][ T5936] ret_from_fork+0x45/0x80 [ 120.740210][ T5936] ? __pfx_kthread+0x10/0x10 [ 120.741625][ T5936] ret_from_fork_asm+0x1a/0x30 [ 120.743107][ T5936] [ 120.744507][ T5936] Kernel Offset: disabled [ 120.745817][ T5936] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:20:24 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff851847a5 RDI=ffffffff9aad3540 RBP=ffffffff9aad3500 RSP=ffffc900038f7210 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303030307257 R12=0000000000000000 R13=0000000000000061 R14=ffffffff85184740 R15=0000000000000000 RIP=ffffffff851847cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002ed19ffc CR3=000000006b272000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000628a5b RBX=0000000000000001 RCX=ffffffff8b25f279 RDX=0000000000000000 RSI=ffffffff8b6ccfe0 RDI=ffffffff8bd26800 RBP=ffffed1003a5f910 RSP=ffffc9000047fe08 R8 =0000000000000001 R9 =ffffed10056a6f7d R10=ffff88802b537beb R11=0000000000000000 R12=0000000000000001 R13=ffff88801d2fc880 R14=ffffffff905ff710 R15=0000000000000000 RIP=ffffffff8b26065f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002003e000 CR3=000000004df5e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000026 RCX=ffffffff84a2f69e RDX=ffff8880253f2440 RSI=0000000000000007 RDI=0000000000000001 RBP=ffffc90003727450 RSP=ffffc900037272b0 R8 =0000000000000001 R9 =0000000000000007 R10=0000000000000026 R11=0000000000000002 R12=00000000ffffffff R13=ffffc90003727430 R14=ffff8880644672c4 R15=ffffc90003727458 RIP=ffffffff819907b2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f9571589d00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000562b25b03000 CR3=000000004dd98000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000026dc15 RBX=0000000000000003 RCX=ffffffff8b25f279 RDX=0000000000000000 RSI=ffffffff8b6ccfe0 RDI=ffffffff8bd26800 RBP=ffffed1003ad2488 RSP=ffffc9000049fe08 R8 =0000000000000001 R9 =ffffed10056e6f7d R10=ffff88802b737beb R11=0000000000000000 R12=0000000000000003 R13=ffff88801d692440 R14=ffffffff905ff710 R15=0000000000000000 RIP=ffffffff8b26065f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002089b000 CR3=000000006b0c6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000