program: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000041c0)={0x4}, 0x2) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0408e200c8"], 0x7) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_VFIO_IOAS$SET(r1, 0x3b88, &(0x7f00000000c0)={0xc, r3}) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001900)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1000806, &(0x7f0000001c40)={[{@gid}, {}, {@gid}, {@allow_utime={'allow_utime', 0x3d, 0x10000}}, {@gid}, {@dmask={'dmask', 0x3d, 0x7}}, {@umask={'umask', 0x3d, 0x7}}, {@errors_remount}, {@errors_remount}, {@errors_remount}, {}, {@errors_remount}, {@fmask={'fmask', 0x3d, 0x8000}}], [{@audit}, {@subj_role={'subj_role', 0x3d, '\'\\$\xfb\x18\x00\x00![:,@}[Y'}}, {@fowner_lt}, {@fsname={'fsname', 0x3d, 'part'}}]}, 0x1, 0x1505, &(0x7f0000000180)="$eJzs3Au4jdX2MPAx5pwvm9BKcp9jjpeVXCZJEknIJUmSJMktIUmSJCS33JKQhNyT3ENyC8n9fss9SY4kSUJCwvweHefzndPp9P2/0/mc59nj9zzz2XPstcZY411jr9u7n72/azewUp3K5WsxM/xb8K9fugJACgD0AYBrASACgOKZi2e+dHk6jV3/vRsRf66Hp1ztDsTVJPNP3WT+qZvMP3WT+aduMv/UTeafusn8UzeZvxCp2ZapOa6TlXqXnP9PzeT1P3WT+aduMv/UTeafusn8UzOW+adyMv/UTeafusn8hUjN/pTzyGkvF/svOJ/9H1h/u6uudh9/sKL/p7yr95MnhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECI1ORuuMADwt/3V7ksIIYQQQgghhBB/npD2ancghBBCCCGEEEKI/zwEMBoMRJAG0kIKpIP0cA1kgIyQCa6FBFwHmeF6yAI3QFbIBtkhB+SEXJAbLBA4YIghD+SFJNwI+eAmyA8FoCAUAg+FoQjcDEXhFigGt0JxuA1KwO1QEkrBHVAa7oQycBeUhXJQHu6GClARKkFluAeqwL1QFe6DanA/VIcHoAY8CDXhIagFD0NteATqwKNQFx6DelAfGkBDaPTP8/W/zn8JOsHL0Bm66Ev3QHd4BXpAT+gFvaEPvAp94TXoB69DfxgAA+ENGARvwmB4C4bAUBgGb8NwGAEjYRSMhjEwFt6BcfAujIf3YAJMhEkwGabAVJgG78N0mAEz4QOYBR/CbJgDc2EezIePYAEshEXwMSyGT2AJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQt8ClthG2yHHbATdsFu+Az2wOewF76AffDl/zD/zD/kt0dAQIUKDRpMg2kwBVMwPabHDJgBM2EmTGACM2NmzIJZMCtmxeyYHXNiTsyNuZGQkJExD+bBJCYxH+bD/JgfC2JB9OixCBbBongLFsNiWByLYwksgSWxFJbC0lgay2AZLItlsfztcwCwAlbCSngP3oP3YlWsitWwGlbH6lgDa2BNrIm1sBbWxtpYB+tgXayL9bAeNsAG2AgbYWNsjE2wCTbDZtgcm2MLbIEtsSW2wlbYGltjG2yDbbEttsN22B47YAd8CV/Cl/Fl7IIVVDfsjt2xB/bAXtgbe+Or2Bdfw9fwdeyPA3AgvoFv4Js4GE/jEByKw3AYllEjcCSOQlZjcCyOxXE4DsfjeJyAE3EiTsYpOBWn4TScjjNwBn6As/BD/BDn4Bych/NxPi7AhbgIF+FiPINLcCkuw+W4AlfiClyNa3A1rlN/e2huxs34KX6K23Ab7sAduAt34Wf4GX6On2N/3If7cD/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOJ7Ak3gCT+EpPI1n8CyexXN4Ds/jCzm/qb2rwNr+oC4xyqg0Ko1KUSkqvUqvMqgMKpPKpBIqoTKrzCqLyqKyqqwqu8qucqqcKrfKrUiRYhWrPCqPSqqkyqfyAUBXVVAVVF55VUQVUUVVUVVMFVPF1W2qhLpdlVSlVFNfWpVWZVQzX1aVU+VVeVVBVVSVVGVVWVVRVVRVVVVVU9VUdVVd1VAPqpqqG/bCh9WlydRRA7CuGoj1VH3VQDVUb+LjqrEajE1UU9VMPamG4hBsoRr7luoZ1UqNxNbqOTUKn1dt1Rhsp15U7VUH1VG9pDqpJr6z6qImYDfVXU3GHqqn6qV6q+lYUV2aWCX1uuqvBqiB6g01D99Ug9Vbaogaqoapt9VwNUKNVKPUaDVGjVXvqHHqXTVevacmqIlqkpqspqipapp6X01XM9RM9YGapT5Us9UcNVfNU/PVR2qBWqgWqY/VYvWJWqKWqmVquVqhVqpVarVao9aqdWq92qA2qk1qs9qiPlVb1Ta1Xe1QO9UutVt9pvaoz9Ve9YXap75U+9Vf1AH1lTqovlaH1DfqsPpWHVHfqaPqe3VMdVHH1Ql1Uv2oTqmf1Gl1Rp1VP6tz6hd1Xl1QF1VQoFErrbXRkU6j0+oUnU6n19foDDqjzqSv1Ql9nc6sr9dZ9A06q86ms+scOqfOpXNrq0k7zTrWeXRendQ36nz6Jp1fF9AFdSHtdWFdRN+si+pbdDF9qy6ub9Ml9O26pC6l79Cl9Z26jL5Ll9XldHl9t66gK+pKurK+R1fR9+qq+j5dTd+vq+sHdA39oK6pH9K19MO6tn5E19GP6rr6MV1P19cNdEPdSD+uG+sndBPdVDfTT+rm+indQj+tW+pndCv9rG6tn9Nt9PO6rX5Bt9Mv6va6g+6oL+iLOujOuovuqrvp7voV3UP31L10b91Hv6r76td0P/267q8H6IH6DT1Iv6kH67f0ED1UD9Nv6+F6hB6pR+nReoweq9/R4/S7erx+T0/QE/UkPVlP0VN1r8uVZl7KN/Av89/9J/n9fr31zXqL/lRv1dv0dr1D79S79G69W+/Re/RevVfv0/v0fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qv+sf9Sn9E/6tD6jz+if9Tl9Tp+/fB+AQaOMNsZEJo1Ja1JMOpPeXGMymIwmk7nWJMx1JrO53mQxN5isJpvJbnKYnCaXyW2sIeMMm9jkMXlN0txo8pmbTH5TwBQ0hYw3hU0Rc/Pv5UeXn+H+MP93+ls+6XJ+I9PINDaNTRPTxDQzzUxz09y0MC1MS9PStDKtTGvT2rQxbUxb09a0M+1Me9PedDQdTSfTyXRGMF1NV9PdvGJ6mJ6ml+lt+phXTV/T1/Qz/Ux/098MNAPNIDPIDDaDzRAzxAwzw8xwM9yMNCPNaDPajDVjzTgzzow3480EM8FMMpPMFDPFXHphvWSmmWlmmVlmtplt5pq5Zr6ZbxaYBWaRWWQWm8VmiVlqlprlZrlZaVaa1Wa1WWvWmvVmvdloNpolZovZYraarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloDplD5rA5bI6YI+aoOWqOmWPmuDluTpqT5pQ5ZU6b0+asOWvOmXPmvDlvLpqLl972RSpSkYlMlCZKE6VEKVH6KH2UIcoQZYoyRYkoEWWOMkdZohuirFG2KHuUI8oZ5YpyRzaiyEUcxVGeKG+UjG6M8kU3RfmjAlHBqFDko8JRkejmqGh0S1QsujUqHt0WlYhuj0pGpaI7otLRnVGZ6K6obFQuKh/dHVWIKkaVosrRPVGV6N6oanRfVC26P6oePRDViB6MakYPRbWih6Pa0SNRnejRqG70WFQvqh81iBpGjf7U+iGczvaE72y72LTQzXa3r9getqftZXvbPvZV29e+ZvvZ121/O8AOtG/YQfZNO9i+ZYfYoXaYfdsOtyPsSDvKjrZj7Fj7jh1n37Xj7Xt2gp1oJ9nJdoqdaqfZ9+10O8POtB/YWfZDO9vOsXPtPDvffmQX2IV2kf3YLraf2CV2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9st9lO71W6z2+0Ou9PusrvtZ3aP/dzutV/YffZLu9/+xR6wX9mD9mt7yH5jD9tv7RH7nT1qv7fH7A/2uD1hT9of7Sn7kz1tz9iz9md7zv5iz9sL9qINl97cX3p5J0OG0lAaSqEUSk/pKQNloEyUiRKUoMyUmbJQFspKWSk7ZaeclJNyU266hIkpD+WhJCUpH+Wj/JSfClJB8uSpCBWholSUilExKk7FqQSVuPxoAbqT7qS76C4qR+XobrqbKlJFqkyVqQpVoapUlapRNapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqBE1osbUmJpQE2pGzag5NacW1IJaUktqRa2oNbWmNtSG2lJbakftqD21p47UkTpRJ+pMnakrdaXu1J16UA/qRb2oD/WhvtSX+lE/6k/9aSANpEE0iAbTYBpCQ2kYvU3DaQSNpFE0msbQWBpL42gcjafxNIEm0CSaRFNoCk2jaTSdptNMmkmzaBbNptk0l+bSfJpPC2gBLaJFtJgW0xJaQstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpCW2krbafttJN20m7aTXtoD+2lvbSP9tF+2k8H6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifpJJ2iU3SaTtNZOkvn6Bc6TxfoIgVKcelceneNy+AyukzuWvePcXaXw+V0uVxuZ11Wl+3vYnLO5XcFXEFXyHlX2BVxN/8mLulKuTtcaXenK+PucmV/E1dx97qq7j5Xzd3vKrt7/i6u7h5wNdyjrqZ7zNVy9V1t19DVcY+6uu4xV8/Vdw1cQ9fcPeVauKddS/eMa+We/U28wC10a9xat86td3vc5+6s+9kdcd+5c+4X19l1cX3cq66ve831c6+7/m7Ab+Jh7m033I1wI90oN9qN+U08yU12U9xUN82976a7Gb+J57uP3Cy3yM12c9xcN+/X+FJPi9zHbrH7xC1xS90yt9ytcCvdKrf6f/e63G10m9xmt9t95ra6bW672+F2ul2/xpeOY6/7wu1zX7rD7lt3wH3lDrqj7pD75tf40vEddd+7Y+4Hd9ydcCfdj+6U+8mddmd+Pf5Lx/6ju+AuuuCAkRVrNhxxGk7LKZyO0/M1nIEzcia+lhN8HWfm6zkL38BZORtn5xyck3NxbrZM7Jg55jycl5N8I+fjmzg/F+CCXIg9F+YifDMX5Vu4GN/Kxfk2LsG3c0kuxXdwab6Ty/BdXJbLcXm+mytwRa7ElfkersL3clW+j6vx/VydH+Aa/CDX5Ie4Fj/MtfkRrsOPcl1+jOtxfW7ADbkRP86N+Qluwk25GT/JzfkpbsFPc0t+hlvxs9yan+M2/Dy35Re4Hb/I7bkDd+SXuBO/zJ25C3flbtydX+Ee3JN7cW/uw69yX36N+/Hr3J8H8EB+gwfxmzyY3+IhPJSH8ds8nEfwSB7Fo3kMj+V3eBy/y+P5PZ7AE3kST+YpPJWn8fs8nWfwTP6AZ/GHPJvn8Fyex/P5I17AC3kRf8yL+RNewkt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7Cn/JW3sbIO3gn7+Ld/Bnv4c95L3/B+/hL3s9/4QP8FR/kr/kQf8OH+Vs+wt/xUf6ej/EPfJxP8En+kU/xT3yaz/BZ/pnP8S98ni/wRQ4MMcYq1rGJozhNnDZOidPF6eNr4gxxxjhTfG2ciK+LM8fXx1niG+KscbY4e5wjzhnninPHNqbYxRzHcZ44b5yMb4zzxTfF+eMCccG4UOzjwnGR+Oa4aHxLXCy+NS4e3xaXiG+PS8al4kfvLx3fGZeJ74rLxuXi8vHdcYW4YlwprhzfE1eJ742rxvfF1eL742LxA3GN+MG4ZvxQXCt+OK4dPxLXiR+N68aPxfXi+nGDuGHcKH48bhw/ETeJm8bN4ifj5vFTcYv46bhl/EzcKn72Dy/vGneLu8evxK/EIdyn5ybnJecnP0ouSC5MLkp+nFyc/CS5JLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ORlC5bTg0SuvvfGRT+PT+hSfzqf31/gMPqPP5K/1CX+dz+yv91n8DT6rz+az+xw+p8/lc3vryTvPPvZ5fF6f9Df6fP4mn98X8AV9Ie99YV/EN/SNfCPf2D/hm/imvpl/0j/pn/JP+af90/4Z38o/61v753wb/7xv61/wL/gXfXvfwXf0L/lO/mXf2XfxXX1X39139z18D9/L9/J9fB/f1/f1/Xw/399f8AP9QD/ID/KD/WA/xA/xw/wwP9wP9yP9SD/aj/Zj/Vg/zo/z4/14PyFlgp/kJ/kpfoqf5qf56X66n+ln+ln5Z/nZfraf6+f6+X6+X+AX+EV+kV/sF/slfolf5pf5FX6FX+VX+TV+jV/n1/kNfoPf5Df5LX6L3+q3+u1+u9/pd/rdfrff4/f4vX6v3+dDCF32nw3+gD/ov/aH/Df+sP/WH/Hf+aP+e3/M/+CP+xP+pP/Rn/I/+dP+jD/rf/bn/C/+vL/gL/rgxybeSYxLvJsYn3gvMSExMTEpMTkxJTE1MS3xfmJ6YkZiZuKDxKzEh4nZiTmJuYl5ifmJjxILEgsTixIfJxYnPkksSSxNLEssT6xIrEyEkGtrHPKEvCEZbgz5wk0hfygQCoZCwYfCoUi4ORQNt4Ri4dZQPNwWSoTbQ8lQKtwRHgv1Qv3QIDQMjcLjoXF4IjQJTUOz8GRoHp4KLcLToWV4JrQKz4bW4bnQJjwf2oYXQrvwYmgfOoSO4aXQKbwcOocuoWvoFrqHV0KP0DP8EnqHPuHV0De8FvqF10P/MCAMDG+EQeHNMDi8FYaEoWFYeDsMDyPCyDAqjA5jwtjwThgX3g3jw3thQpgYJoXJYUqYGqaF98P0MCPMDB+EWeHDMDvMCXPDvDA/fBQWhIVhUfg4LA6fhCVhaVgWlgdIWRlWhdVhTVgb1oX1YUPYGDaFzWFL+DRsDdvC9rAj7Ay7wu7wWdgTPg97wxdhX/gy7A9/CQfCV+Fg+DocCt+Ew+HbcCR8F46G78Ox8EM4Hk6EkwHDqfBTOB3OhLPh53Au/BLOhwvhovzNmhBCCCHE/xX9B5d3+yffU5cX/Pq7c4CM23Ic+seaG7L+dd9T5WyeAIBnurR7+G+rQoWuXbtevu4SDVHeOQCQuJKfBq7ES6EZPAUtoSkU/af99VQdzvG/rv8bKQCQHv6x/i2/U3/ErD+oHyXnAOTPeyUnHVyJr9Qv9jv1szX+g/rpvhoL0OT/yMkAV+Ir9YvAE/AstPy7awohhBBCCCGEEH/VU93R5o8+3176fJ7TXMlJC1fiP/p8LoQQQgghhBBCiKvv+Q4dn368ZcumbWRzFTbtMv51Cv8t/fzOJs1/Rxt/3gYvn736b+nnP70pd/nR/j/JumpPSUIIIYQQQoj/kCtv+q92J0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghROr1/+OfkF3tYxRCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGutv8VAAD//zmwHF0=") openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0) (async) r4 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0) sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4, 0x700000000000000}, 0x0) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0xfffffffffffffc7e) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b708"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24) (async) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e1f1b"], 0x22) openat$cgroup_ro(r4, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) (async) r6 = openat$cgroup_ro(r4, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000300), 0x1000a) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r6, 0x0) (async) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r6, 0x0) ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r1, 0x3b70, &(0x7f0000000100)={0x10, 0x0, 0x0}) (async) ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r1, 0x3b70, &(0x7f0000000100)={0x10, 0x0, 0x0}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) r9 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r9, &(0x7f0000000200)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000400)={0x2, 0x3, 0x0, 0x3, 0xa, 0x0, 0x70bd2c, 0x25dfdbfb, [@sadb_key={0x2, 0x9, 0x8, 0x0, "e9"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xd}, @sadb_x_nat_t_type={0x1, 0x14, 0x6}]}, 0x50}, 0x1, 0x7}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2a005}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0xa54, 0x18}}, @IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r8}]}, 0x50}, 0x1, 0xba01}, 0x0) (async) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2a005}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0xa54, 0x18}}, @IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r8}]}, 0x50}, 0x1, 0xba01}, 0x0) socket$netlink(0x10, 0x3, 0x0) (async) socket$netlink(0x10, 0x3, 0x0) r10 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_NO_ENOBUFS(r10, 0x10e, 0x5, 0x0, 0x0) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000016c0)=ANY=[@ANYRESOCT=r6, @ANYRESDEC, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00\x00\x00'], 0x14}}, 0x4000080) (async) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000016c0)=ANY=[@ANYRESOCT=r6, @ANYRESDEC, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00\x00\x00'], 0x14}}, 0x4000080) [ 59.579694][ T5321] loop0: detected capacity change from 0 to 256 [ 59.605455][ T5321] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 59.613816][ T5307] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585 [ 59.617316][ T5307] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5307, name: kworker/u5:2 [ 59.620204][ T5307] preempt_count: 0, expected: 0 [ 59.624341][ T5307] RCU nest depth: 1, expected: 0 [ 59.626236][ T5307] 4 locks held by kworker/u5:2/5307: [ 59.628313][ T5307] #0: ffff8880423fa148 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 59.633161][ T5307] #1: ffffc9000d11fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 59.637456][ T5307] #2: ffff88804ef38078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 [ 59.642338][ T5307] #3: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 [ 59.646529][ T5307] CPU: 0 UID: 0 PID: 5307 Comm: kworker/u5:2 Not tainted 6.12.0-syzkaller #0 [ 59.649858][ T5307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.653943][ T5307] Workqueue: hci0 hci_rx_work [ 59.655790][ T5307] Call Trace: [ 59.657051][ T5307] [ 59.658171][ T5307] dump_stack_lvl+0x241/0x360 [ 59.660006][ T5307] ? __pfx_dump_stack_lvl+0x10/0x10 [ 59.661995][ T5307] ? __pfx__printk+0x10/0x10 [ 59.663800][ T5307] __might_resched+0x5d4/0x780 [ 59.665619][ T5307] ? __mutex_lock+0x112/0xd70 [ 59.667436][ T5307] ? __pfx___might_resched+0x10/0x10 [ 59.669460][ T5307] __mutex_lock+0xc1/0xd70 [ 59.671171][ T5307] ? __pfx_lock_acquire+0x10/0x10 [ 59.673070][ T5307] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.675406][ T5307] ? __pfx_lock_release+0x10/0x10 [ 59.677313][ T5307] ? __pfx___mutex_lock+0x10/0x10 [ 59.679175][ T5307] ? trace_contention_end+0x3c/0x120 [ 59.681208][ T5307] ? skb_pull_data+0x112/0x230 [ 59.683005][ T5307] ? hci_conn_set_handle+0x9a/0x270 [ 59.684929][ T5307] hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.687176][ T5307] ? __copy_skb_header+0x437/0x5b0 [ 59.689174][ T5307] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 59.691253][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.693596][ T5307] ? hci_le_meta_evt+0x366/0x580 [ 59.695383][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.697896][ T5307] hci_event_packet+0xa55/0x1540 [ 59.699770][ T5307] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 59.701745][ T5307] ? __pfx_hci_event_packet+0x10/0x10 [ 59.703744][ T5307] ? do_raw_spin_unlock+0x58/0x8b0 [ 59.705687][ T5307] ? hci_send_to_monitor+0xd8/0x7f0 [ 59.707667][ T5307] ? kcov_remote_start+0x97/0x7d0 [ 59.709494][ T5307] hci_rx_work+0x3e8/0xca0 [ 59.711167][ T5307] ? process_scheduled_works+0x976/0x1850 [ 59.713354][ T5307] process_scheduled_works+0xa63/0x1850 [ 59.715494][ T5307] ? __pfx_process_scheduled_works+0x10/0x10 [ 59.717757][ T5307] ? assign_work+0x364/0x3d0 [ 59.719482][ T5307] worker_thread+0x870/0xd30 [ 59.721197][ T5307] ? __kthread_parkme+0x169/0x1d0 [ 59.723051][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.724878][ T5307] kthread+0x2f0/0x390 [ 59.726344][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.728261][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.729887][ T5307] ret_from_fork+0x4b/0x80 [ 59.731547][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.733232][ T5307] ret_from_fork_asm+0x1a/0x30 [ 59.735101][ T5307] [ 59.744441][ T5307] [ 59.745437][ T5307] ============================= [ 59.747385][ T5307] [ BUG: Invalid wait context ] [ 59.749163][ T5307] 6.12.0-syzkaller #0 Tainted: G W [ 59.751554][ T5307] ----------------------------- [ 59.753037][ T5307] kworker/u5:2/5307 is trying to lock: [ 59.755080][ T5307] ffffffff8fe406a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.759041][ T5307] other info that might help us debug this: [ 59.761139][ T5307] context-{4:4} [ 59.762408][ T5307] 4 locks held by kworker/u5:2/5307: [ 59.764308][ T5307] #0: ffff8880423fa148 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 59.768147][ T5307] #1: ffffc9000d11fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 59.772479][ T5307] #2: ffff88804ef38078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 [ 59.776236][ T5307] #3: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 [ 59.780147][ T5307] stack backtrace: [ 59.781596][ T5307] CPU: 0 UID: 0 PID: 5307 Comm: kworker/u5:2 Tainted: G W 6.12.0-syzkaller #0 [ 59.785337][ T5307] Tainted: [W]=WARN [ 59.786792][ T5307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.790425][ T5307] Workqueue: hci0 hci_rx_work [ 59.792281][ T5307] Call Trace: [ 59.793535][ T5307] [ 59.794631][ T5307] dump_stack_lvl+0x241/0x360 [ 59.796434][ T5307] ? __pfx_dump_stack_lvl+0x10/0x10 [ 59.798434][ T5307] ? __pfx__printk+0x10/0x10 [ 59.800174][ T5307] __lock_acquire+0x154a/0x2050 [ 59.801982][ T5307] lock_acquire+0x1ed/0x550 [ 59.803629][ T5307] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.805818][ T5307] ? __pfx_lock_acquire+0x10/0x10 [ 59.807681][ T5307] ? __mutex_lock+0x112/0xd70 [ 59.809457][ T5307] ? __pfx___might_resched+0x10/0x10 [ 59.811528][ T5307] __mutex_lock+0x136/0xd70 [ 59.813285][ T5307] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.815653][ T5307] ? __pfx_lock_acquire+0x10/0x10 [ 59.817616][ T5307] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.820009][ T5307] ? __pfx_lock_release+0x10/0x10 [ 59.821858][ T5307] ? __pfx___mutex_lock+0x10/0x10 [ 59.823620][ T5307] ? trace_contention_end+0x3c/0x120 [ 59.825501][ T5307] ? skb_pull_data+0x112/0x230 [ 59.827177][ T5307] ? hci_conn_set_handle+0x9a/0x270 [ 59.829149][ T5307] hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.831394][ T5307] ? __copy_skb_header+0x437/0x5b0 [ 59.833243][ T5307] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 59.835566][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.838006][ T5307] ? hci_le_meta_evt+0x366/0x580 [ 59.839876][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.842339][ T5307] hci_event_packet+0xa55/0x1540 [ 59.844192][ T5307] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 59.846146][ T5307] ? __pfx_hci_event_packet+0x10/0x10 [ 59.848136][ T5307] ? do_raw_spin_unlock+0x58/0x8b0 [ 59.850049][ T5307] ? hci_send_to_monitor+0xd8/0x7f0 [ 59.851889][ T5307] ? kcov_remote_start+0x97/0x7d0 [ 59.853767][ T5307] hci_rx_work+0x3e8/0xca0 [ 59.855376][ T5307] ? process_scheduled_works+0x976/0x1850 [ 59.857323][ T5307] process_scheduled_works+0xa63/0x1850 [ 59.859139][ T5307] ? __pfx_process_scheduled_works+0x10/0x10 [ 59.861265][ T5307] ? assign_work+0x364/0x3d0 [ 59.862979][ T5307] worker_thread+0x870/0xd30 [ 59.864835][ T5307] ? __kthread_parkme+0x169/0x1d0 [ 59.866745][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.868678][ T5307] kthread+0x2f0/0x390 [ 59.870243][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.872154][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.873752][ T5307] ret_from_fork+0x4b/0x80 [ 59.875438][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.877099][ T5307] ret_from_fork_asm+0x1a/0x30 [ 59.878671][ T5307] [ 59.884401][ T5307] ================================================================== [ 59.887356][ T5307] BUG: KASAN: slab-use-after-free in hci_le_create_big_complete_evt+0x383/0xae0 [ 59.890810][ T5307] Read of size 8 at addr ffff8880432bc000 by task kworker/u5:2/5307 [ 59.893766][ T5307] [ 59.894641][ T5307] CPU: 0 UID: 0 PID: 5307 Comm: kworker/u5:2 Tainted: G W 6.12.0-syzkaller #0 [ 59.898553][ T5307] Tainted: [W]=WARN [ 59.899943][ T5307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.903950][ T5307] Workqueue: hci0 hci_rx_work [ 59.905795][ T5307] Call Trace: [ 59.906937][ T5307] [ 59.908082][ T5307] dump_stack_lvl+0x241/0x360 [ 59.909892][ T5307] ? __pfx_dump_stack_lvl+0x10/0x10 [ 59.911899][ T5307] ? __pfx__printk+0x10/0x10 [ 59.913625][ T5307] ? _printk+0xd5/0x120 [ 59.915212][ T5307] ? __virt_addr_valid+0x183/0x530 [ 59.917062][ T5307] ? __virt_addr_valid+0x183/0x530 [ 59.918780][ T5307] print_report+0x169/0x550 [ 59.920378][ T5307] ? __virt_addr_valid+0x183/0x530 [ 59.922465][ T5307] ? __virt_addr_valid+0x183/0x530 [ 59.924377][ T5307] ? __virt_addr_valid+0x45f/0x530 [ 59.926168][ T5307] ? __phys_addr+0xba/0x170 [ 59.927772][ T5307] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 59.930093][ T5307] kasan_report+0x143/0x180 [ 59.932303][ T5307] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 59.935056][ T5307] hci_le_create_big_complete_evt+0x383/0xae0 [ 59.937605][ T5307] ? __copy_skb_header+0x437/0x5b0 [ 59.939543][ T5307] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 59.941815][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.944236][ T5307] ? hci_le_meta_evt+0x366/0x580 [ 59.946114][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.948710][ T5307] hci_event_packet+0xa55/0x1540 [ 59.950604][ T5307] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 59.952505][ T5307] ? __pfx_hci_event_packet+0x10/0x10 [ 59.954559][ T5307] ? do_raw_spin_unlock+0x58/0x8b0 [ 59.956516][ T5307] ? hci_send_to_monitor+0xd8/0x7f0 [ 59.958448][ T5307] ? kcov_remote_start+0x97/0x7d0 [ 59.960416][ T5307] hci_rx_work+0x3e8/0xca0 [ 59.962023][ T5307] ? process_scheduled_works+0x976/0x1850 [ 59.964172][ T5307] process_scheduled_works+0xa63/0x1850 [ 59.966228][ T5307] ? __pfx_process_scheduled_works+0x10/0x10 [ 59.968395][ T5307] ? assign_work+0x364/0x3d0 [ 59.970120][ T5307] worker_thread+0x870/0xd30 [ 59.971830][ T5307] ? __kthread_parkme+0x169/0x1d0 [ 59.973646][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.975509][ T5307] kthread+0x2f0/0x390 [ 59.977051][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.979005][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.980715][ T5307] ret_from_fork+0x4b/0x80 [ 59.982415][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.984153][ T5307] ret_from_fork_asm+0x1a/0x30 [ 59.985988][ T5307] [ 59.987403][ T5307] [ 59.988369][ T5307] Allocated by task 5307: [ 59.990000][ T5307] kasan_save_track+0x3f/0x80 [ 59.991655][ T5307] __kasan_kmalloc+0x98/0xb0 [ 59.993372][ T5307] __kmalloc_cache_noprof+0x19c/0x2c0 [ 59.995404][ T5307] __hci_conn_add+0x2f9/0x1850 [ 59.997127][ T5307] hci_le_big_sync_established_evt+0x414/0xc20 [ 59.999345][ T5307] hci_event_packet+0xa55/0x1540 [ 60.001156][ T5307] hci_rx_work+0x3e8/0xca0 [ 60.002844][ T5307] process_scheduled_works+0xa63/0x1850 [ 60.004860][ T5307] worker_thread+0x870/0xd30 [ 60.006648][ T5307] kthread+0x2f0/0x390 [ 60.008256][ T5307] ret_from_fork+0x4b/0x80 [ 60.009885][ T5307] ret_from_fork_asm+0x1a/0x30 [ 60.011940][ T5307] [ 60.012842][ T5307] Freed by task 5307: [ 60.014326][ T5307] kasan_save_track+0x3f/0x80 [ 60.016930][ T5307] kasan_save_free_info+0x40/0x50 [ 60.018942][ T5307] __kasan_slab_free+0x59/0x70 [ 60.020749][ T5307] kfree+0x1a0/0x440 [ 60.022225][ T5307] device_release+0x99/0x1c0 [ 60.024069][ T5307] kobject_put+0x22f/0x480 [ 60.025776][ T5307] hci_conn_del+0x8c4/0xc40 [ 60.027324][ T5307] hci_le_create_big_complete_evt+0x619/0xae0 [ 60.029484][ T5307] hci_event_packet+0xa55/0x1540 [ 60.031373][ T5307] hci_rx_work+0x3e8/0xca0 [ 60.033058][ T5307] process_scheduled_works+0xa63/0x1850 [ 60.034934][ T5307] worker_thread+0x870/0xd30 [ 60.036378][ T5307] kthread+0x2f0/0x390 [ 60.037636][ T5307] ret_from_fork+0x4b/0x80 [ 60.039228][ T5307] ret_from_fork_asm+0x1a/0x30 [ 60.040881][ T5307] [ 60.041668][ T5307] The buggy address belongs to the object at ffff8880432bc000 [ 60.041668][ T5307] which belongs to the cache kmalloc-8k of size 8192 [ 60.046563][ T5307] The buggy address is located 0 bytes inside of [ 60.046563][ T5307] freed 8192-byte region [ffff8880432bc000, ffff8880432be000) [ 60.051385][ T5307] [ 60.052194][ T5307] The buggy address belongs to the physical page: [ 60.054491][ T5307] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x432b8 [ 60.057566][ T5307] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 60.060576][ T5307] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 60.063369][ T5307] page_type: f5(slab) [ 60.064882][ T5307] raw: 04fff00000000040 ffff88801ac42280 ffffea00010cc800 0000000000000006 [ 60.068106][ T5307] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 60.071208][ T5307] head: 04fff00000000040 ffff88801ac42280 ffffea00010cc800 0000000000000006 [ 60.074283][ T5307] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 60.077171][ T5307] head: 04fff00000000003 ffffea00010cae01 ffffffffffffffff 0000000000000000 [ 60.080258][ T5307] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 60.083393][ T5307] page dumped because: kasan: bad access detected [ 60.085752][ T5307] page_owner tracks the page as allocated [ 60.087795][ T5307] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5301, tgid 5301 (sh), ts 56662805718, free_ts 56662396128 [ 60.094411][ T5307] post_alloc_hook+0x1f3/0x230 [ 60.096072][ T5307] get_page_from_freelist+0x3649/0x3790 [ 60.097963][ T5307] __alloc_pages_noprof+0x292/0x710 [ 60.099692][ T5307] alloc_pages_mpol_noprof+0x3e8/0x680 [ 60.101491][ T5307] alloc_slab_page+0x6a/0x140 [ 60.103043][ T5307] allocate_slab+0x5a/0x2f0 [ 60.104740][ T5307] ___slab_alloc+0xcd1/0x14b0 [ 60.106256][ T5307] __slab_alloc+0x58/0xa0 [ 60.107849][ T5307] __kmalloc_cache_noprof+0x1d5/0x2c0 [ 60.109704][ T5307] tomoyo_init_log+0x11cd/0x2050 [ 60.111693][ T5307] tomoyo_supervisor+0x38a/0x11f0 [ 60.113816][ T5307] tomoyo_env_perm+0x178/0x210 [ 60.115633][ T5307] tomoyo_find_next_domain+0x146e/0x1d40 [ 60.117598][ T5307] tomoyo_bprm_check_security+0x114/0x180 [ 60.119852][ T5307] security_bprm_check+0x86/0x250 [ 60.121709][ T5307] bprm_execve+0xa56/0x1770 [ 60.123280][ T5307] page last free pid 5301 tgid 5301 stack trace: [ 60.125483][ T5307] free_unref_page+0xdf9/0x1140 [ 60.127347][ T5307] __put_partials+0xeb/0x130 [ 60.129083][ T5307] put_cpu_partial+0x17c/0x250 [ 60.130674][ T5307] __slab_free+0x2ea/0x3d0 [ 60.132288][ T5307] qlist_free_all+0x9a/0x140 [ 60.133722][ T5307] kasan_quarantine_reduce+0x14f/0x170 [ 60.135403][ T5307] __kasan_slab_alloc+0x23/0x80 [ 60.136944][ T5307] __kmalloc_noprof+0x1a6/0x400 [ 60.138835][ T5307] tomoyo_supervisor+0xe0d/0x11f0 [ 60.140780][ T5307] tomoyo_env_perm+0x178/0x210 [ 60.142594][ T5307] tomoyo_find_next_domain+0x146e/0x1d40 [ 60.144656][ T5307] tomoyo_bprm_check_security+0x114/0x180 [ 60.146829][ T5307] security_bprm_check+0x86/0x250 [ 60.148726][ T5307] bprm_execve+0xa56/0x1770 [ 60.150515][ T5307] do_execveat_common+0x55f/0x6f0 [ 60.152603][ T5307] __x64_sys_execve+0x92/0xb0 [ 60.154422][ T5307] [ 60.155378][ T5307] Memory state around the buggy address: [ 60.157411][ T5307] ffff8880432bbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.160377][ T5307] ffff8880432bbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.163414][ T5307] >ffff8880432bc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 60.166483][ T5307] ^ [ 60.167965][ T5307] ffff8880432bc080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 60.170998][ T5307] ffff8880432bc100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 60.174090][ T5307] ================================================================== [ 60.191278][ T5307] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 60.194078][ T5307] CPU: 0 UID: 0 PID: 5307 Comm: kworker/u5:2 Tainted: G W 6.12.0-syzkaller #0 [ 60.197917][ T5307] Tainted: [W]=WARN [ 60.199375][ T5307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.203431][ T5307] Workqueue: hci0 hci_rx_work [ 60.205297][ T5307] Call Trace: [ 60.206602][ T5307] [ 60.207778][ T5307] dump_stack_lvl+0x241/0x360 [ 60.209579][ T5307] ? __pfx_dump_stack_lvl+0x10/0x10 [ 60.211650][ T5307] ? __pfx__printk+0x10/0x10 [ 60.213337][ T5307] ? rcu_is_watching+0x15/0xb0 [ 60.215137][ T5307] ? preempt_schedule+0xe1/0xf0 [ 60.217086][ T5307] ? vscnprintf+0x5d/0x90 [ 60.218668][ T5307] panic+0x349/0x880 [ 60.220133][ T5307] ? check_panic_on_warn+0x21/0xb0 [ 60.222003][ T5307] ? __pfx_panic+0x10/0x10 [ 60.223737][ T5307] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 60.225999][ T5307] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 60.228296][ T5307] ? print_report+0x502/0x550 [ 60.230097][ T5307] check_panic_on_warn+0x86/0xb0 [ 60.231990][ T5307] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 60.234422][ T5307] end_report+0x77/0x160 [ 60.236020][ T5307] kasan_report+0x154/0x180 [ 60.237715][ T5307] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 60.239993][ T5307] hci_le_create_big_complete_evt+0x383/0xae0 [ 60.242328][ T5307] ? __copy_skb_header+0x437/0x5b0 [ 60.244199][ T5307] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 60.246387][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 60.248787][ T5307] ? hci_le_meta_evt+0x366/0x580 [ 60.250645][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 60.253130][ T5307] hci_event_packet+0xa55/0x1540 [ 60.255041][ T5307] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 60.257065][ T5307] ? __pfx_hci_event_packet+0x10/0x10 [ 60.259168][ T5307] ? do_raw_spin_unlock+0x58/0x8b0 [ 60.261124][ T5307] ? hci_send_to_monitor+0xd8/0x7f0 [ 60.263080][ T5307] ? kcov_remote_start+0x97/0x7d0 [ 60.264984][ T5307] hci_rx_work+0x3e8/0xca0 [ 60.266618][ T5307] ? process_scheduled_works+0x976/0x1850 [ 60.268681][ T5307] process_scheduled_works+0xa63/0x1850 [ 60.270882][ T5307] ? __pfx_process_scheduled_works+0x10/0x10 [ 60.273170][ T5307] ? assign_work+0x364/0x3d0 [ 60.274849][ T5307] worker_thread+0x870/0xd30 [ 60.276572][ T5307] ? __kthread_parkme+0x169/0x1d0 [ 60.278398][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 60.280229][ T5307] kthread+0x2f0/0x390 [ 60.281701][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 60.283584][ T5307] ? __pfx_kthread+0x10/0x10 [ 60.285213][ T5307] ret_from_fork+0x4b/0x80 [ 60.286836][ T5307] ? __pfx_kthread+0x10/0x10 [ 60.288621][ T5307] ret_from_fork_asm+0x1a/0x30 [ 60.290304][ T5307] [ 60.291722][ T5307] Kernel Offset: disabled [ 60.293274][ T5307] Rebooting in 86400 seconds..