Warning: Permanently added '[localhost]:55113' (ECDSA) to the list of known hosts. 2025/08/29 10:56:13 fuzzer started 2025/08/29 10:56:14 dialing manager at localhost:43077 syzkaller login: [ 51.018801] cgroup: Unknown subsys name 'net' [ 51.087817] cgroup: Unknown subsys name 'cpuset' [ 51.106968] cgroup: Unknown subsys name 'rlimit' 2025/08/29 10:56:24 syscalls: 2214 2025/08/29 10:56:24 code coverage: enabled 2025/08/29 10:56:24 comparison tracing: enabled 2025/08/29 10:56:24 extra coverage: enabled 2025/08/29 10:56:24 setuid sandbox: enabled 2025/08/29 10:56:24 namespace sandbox: enabled 2025/08/29 10:56:24 Android sandbox: enabled 2025/08/29 10:56:24 fault injection: enabled 2025/08/29 10:56:24 leak checking: enabled 2025/08/29 10:56:24 net packet injection: enabled 2025/08/29 10:56:24 net device setup: enabled 2025/08/29 10:56:24 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 10:56:24 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 10:56:24 USB emulation: enabled 2025/08/29 10:56:24 hci packet injection: enabled 2025/08/29 10:56:24 wifi device emulation: enabled 2025/08/29 10:56:24 802.15.4 emulation: enabled 2025/08/29 10:56:24 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 10:56:24 fetching corpus: 39, signal 18172/21735 (executing program) 2025/08/29 10:56:24 fetching corpus: 81, signal 25479/30622 (executing program) 2025/08/29 10:56:24 fetching corpus: 130, signal 36390/42759 (executing program) 2025/08/29 10:56:24 fetching corpus: 180, signal 44077/51621 (executing program) 2025/08/29 10:56:24 fetching corpus: 230, signal 48088/56854 (executing program) 2025/08/29 10:56:25 fetching corpus: 280, signal 52705/62528 (executing program) 2025/08/29 10:56:25 fetching corpus: 330, signal 56978/67826 (executing program) 2025/08/29 10:56:25 fetching corpus: 380, signal 61721/73524 (executing program) 2025/08/29 10:56:25 fetching corpus: 430, signal 65158/77872 (executing program) 2025/08/29 10:56:25 fetching corpus: 480, signal 68830/82361 (executing program) 2025/08/29 10:56:25 fetching corpus: 530, signal 73037/87235 (executing program) 2025/08/29 10:56:25 fetching corpus: 578, signal 77336/92128 (executing program) 2025/08/29 10:56:25 fetching corpus: 628, signal 80399/95829 (executing program) 2025/08/29 10:56:25 fetching corpus: 678, signal 83237/99343 (executing program) 2025/08/29 10:56:25 fetching corpus: 728, signal 86517/103054 (executing program) 2025/08/29 10:56:26 fetching corpus: 778, signal 87774/105092 (executing program) 2025/08/29 10:56:26 fetching corpus: 828, signal 91170/108840 (executing program) 2025/08/29 10:56:26 fetching corpus: 878, signal 92950/111195 (executing program) 2025/08/29 10:56:26 fetching corpus: 927, signal 94663/113468 (executing program) 2025/08/29 10:56:26 fetching corpus: 977, signal 96750/116067 (executing program) 2025/08/29 10:56:26 fetching corpus: 1026, signal 97989/117917 (executing program) 2025/08/29 10:56:26 fetching corpus: 1076, signal 99732/120157 (executing program) 2025/08/29 10:56:26 fetching corpus: 1126, signal 100555/121669 (executing program) 2025/08/29 10:56:26 fetching corpus: 1176, signal 102092/123707 (executing program) 2025/08/29 10:56:26 fetching corpus: 1226, signal 103351/125498 (executing program) 2025/08/29 10:56:27 fetching corpus: 1276, signal 104752/127340 (executing program) 2025/08/29 10:56:27 fetching corpus: 1326, signal 106332/129224 (executing program) 2025/08/29 10:56:27 fetching corpus: 1376, signal 107312/130724 (executing program) 2025/08/29 10:56:27 fetching corpus: 1426, signal 108470/132276 (executing program) 2025/08/29 10:56:27 fetching corpus: 1476, signal 109528/133826 (executing program) 2025/08/29 10:56:27 fetching corpus: 1526, signal 110391/135163 (executing program) 2025/08/29 10:56:27 fetching corpus: 1576, signal 112003/137104 (executing program) 2025/08/29 10:56:27 fetching corpus: 1626, signal 113678/138928 (executing program) 2025/08/29 10:56:27 fetching corpus: 1676, signal 114887/140434 (executing program) 2025/08/29 10:56:27 fetching corpus: 1726, signal 115842/141706 (executing program) 2025/08/29 10:56:28 fetching corpus: 1776, signal 117001/143213 (executing program) 2025/08/29 10:56:28 fetching corpus: 1826, signal 118538/144851 (executing program) 2025/08/29 10:56:28 fetching corpus: 1876, signal 119973/146314 (executing program) 2025/08/29 10:56:28 fetching corpus: 1926, signal 121658/147857 (executing program) 2025/08/29 10:56:28 fetching corpus: 1976, signal 122517/148957 (executing program) 2025/08/29 10:56:28 fetching corpus: 2025, signal 124014/150439 (executing program) 2025/08/29 10:56:28 fetching corpus: 2075, signal 124599/151398 (executing program) 2025/08/29 10:56:28 fetching corpus: 2124, signal 125461/152430 (executing program) 2025/08/29 10:56:28 fetching corpus: 2174, signal 126479/153588 (executing program) 2025/08/29 10:56:28 fetching corpus: 2224, signal 127355/154621 (executing program) 2025/08/29 10:56:28 fetching corpus: 2274, signal 128094/155565 (executing program) 2025/08/29 10:56:28 fetching corpus: 2324, signal 128894/156550 (executing program) 2025/08/29 10:56:29 fetching corpus: 2374, signal 129672/157544 (executing program) 2025/08/29 10:56:29 fetching corpus: 2424, signal 130488/158461 (executing program) 2025/08/29 10:56:29 fetching corpus: 2474, signal 131309/159369 (executing program) 2025/08/29 10:56:29 fetching corpus: 2524, signal 132398/160362 (executing program) 2025/08/29 10:56:29 fetching corpus: 2574, signal 133421/161356 (executing program) 2025/08/29 10:56:29 fetching corpus: 2624, signal 134107/162107 (executing program) 2025/08/29 10:56:29 fetching corpus: 2674, signal 134873/162857 (executing program) 2025/08/29 10:56:29 fetching corpus: 2723, signal 135679/163692 (executing program) 2025/08/29 10:56:29 fetching corpus: 2773, signal 136115/164356 (executing program) 2025/08/29 10:56:29 fetching corpus: 2823, signal 137042/165146 (executing program) 2025/08/29 10:56:30 fetching corpus: 2873, signal 137679/165828 (executing program) 2025/08/29 10:56:30 fetching corpus: 2923, signal 138315/166592 (executing program) 2025/08/29 10:56:30 fetching corpus: 2973, signal 139211/167366 (executing program) 2025/08/29 10:56:30 fetching corpus: 3023, signal 139992/168111 (executing program) 2025/08/29 10:56:30 fetching corpus: 3073, signal 140580/168763 (executing program) 2025/08/29 10:56:30 fetching corpus: 3123, signal 141137/169484 (executing program) 2025/08/29 10:56:30 fetching corpus: 3173, signal 141992/170185 (executing program) 2025/08/29 10:56:30 fetching corpus: 3223, signal 142726/170822 (executing program) 2025/08/29 10:56:30 fetching corpus: 3273, signal 143289/171410 (executing program) 2025/08/29 10:56:30 fetching corpus: 3323, signal 143822/172002 (executing program) 2025/08/29 10:56:30 fetching corpus: 3373, signal 144473/172558 (executing program) 2025/08/29 10:56:31 fetching corpus: 3423, signal 145242/173210 (executing program) 2025/08/29 10:56:31 fetching corpus: 3473, signal 145969/173748 (executing program) 2025/08/29 10:56:31 fetching corpus: 3523, signal 146381/174212 (executing program) 2025/08/29 10:56:31 fetching corpus: 3573, signal 146933/174721 (executing program) 2025/08/29 10:56:31 fetching corpus: 3623, signal 147841/175263 (executing program) 2025/08/29 10:56:31 fetching corpus: 3672, signal 148476/175809 (executing program) 2025/08/29 10:56:31 fetching corpus: 3722, signal 148959/176241 (executing program) 2025/08/29 10:56:31 fetching corpus: 3772, signal 149395/176707 (executing program) 2025/08/29 10:56:31 fetching corpus: 3822, signal 150342/177159 (executing program) 2025/08/29 10:56:31 fetching corpus: 3872, signal 151233/177598 (executing program) 2025/08/29 10:56:32 fetching corpus: 3922, signal 153162/178184 (executing program) 2025/08/29 10:56:32 fetching corpus: 3972, signal 153525/178541 (executing program) 2025/08/29 10:56:32 fetching corpus: 4022, signal 153972/178934 (executing program) 2025/08/29 10:56:32 fetching corpus: 4072, signal 154405/179270 (executing program) 2025/08/29 10:56:32 fetching corpus: 4122, signal 154833/179602 (executing program) 2025/08/29 10:56:32 fetching corpus: 4172, signal 155217/179955 (executing program) 2025/08/29 10:56:32 fetching corpus: 4222, signal 155824/180262 (executing program) 2025/08/29 10:56:32 fetching corpus: 4272, signal 156295/180556 (executing program) 2025/08/29 10:56:32 fetching corpus: 4322, signal 156592/180759 (executing program) 2025/08/29 10:56:32 fetching corpus: 4372, signal 157000/180780 (executing program) 2025/08/29 10:56:32 fetching corpus: 4422, signal 157461/180788 (executing program) 2025/08/29 10:56:32 fetching corpus: 4472, signal 157866/180794 (executing program) 2025/08/29 10:56:33 fetching corpus: 4522, signal 158524/180796 (executing program) 2025/08/29 10:56:33 fetching corpus: 4572, signal 158980/180800 (executing program) 2025/08/29 10:56:33 fetching corpus: 4622, signal 159545/180861 (executing program) 2025/08/29 10:56:33 fetching corpus: 4672, signal 160130/180877 (executing program) 2025/08/29 10:56:33 fetching corpus: 4722, signal 160582/180900 (executing program) 2025/08/29 10:56:33 fetching corpus: 4772, signal 161105/180908 (executing program) 2025/08/29 10:56:33 fetching corpus: 4822, signal 161693/180912 (executing program) 2025/08/29 10:56:33 fetching corpus: 4872, signal 161956/180912 (executing program) 2025/08/29 10:56:33 fetching corpus: 4922, signal 162275/180913 (executing program) 2025/08/29 10:56:33 fetching corpus: 4972, signal 162784/180917 (executing program) 2025/08/29 10:56:34 fetching corpus: 5022, signal 163356/180921 (executing program) 2025/08/29 10:56:34 fetching corpus: 5072, signal 163778/180990 (executing program) 2025/08/29 10:56:34 fetching corpus: 5122, signal 164423/181006 (executing program) 2025/08/29 10:56:34 fetching corpus: 5172, signal 164729/181006 (executing program) 2025/08/29 10:56:34 fetching corpus: 5221, signal 165200/181017 (executing program) 2025/08/29 10:56:34 fetching corpus: 5271, signal 165600/181018 (executing program) 2025/08/29 10:56:34 fetching corpus: 5321, signal 166194/181024 (executing program) 2025/08/29 10:56:34 fetching corpus: 5371, signal 166678/181070 (executing program) 2025/08/29 10:56:34 fetching corpus: 5421, signal 167024/181091 (executing program) 2025/08/29 10:56:34 fetching corpus: 5471, signal 167369/181093 (executing program) 2025/08/29 10:56:34 fetching corpus: 5521, signal 167991/181145 (executing program) 2025/08/29 10:56:35 fetching corpus: 5571, signal 168534/181235 (executing program) 2025/08/29 10:56:35 fetching corpus: 5621, signal 168966/181250 (executing program) 2025/08/29 10:56:35 fetching corpus: 5671, signal 169303/181258 (executing program) 2025/08/29 10:56:35 fetching corpus: 5721, signal 169818/181273 (executing program) 2025/08/29 10:56:35 fetching corpus: 5771, signal 170098/181289 (executing program) 2025/08/29 10:56:35 fetching corpus: 5821, signal 170653/181294 (executing program) 2025/08/29 10:56:35 fetching corpus: 5871, signal 171008/181326 (executing program) 2025/08/29 10:56:35 fetching corpus: 5921, signal 171373/181342 (executing program) 2025/08/29 10:56:35 fetching corpus: 5971, signal 171632/181381 (executing program) 2025/08/29 10:56:35 fetching corpus: 6021, signal 171994/181404 (executing program) 2025/08/29 10:56:36 fetching corpus: 6071, signal 172290/181407 (executing program) 2025/08/29 10:56:36 fetching corpus: 6121, signal 172544/181415 (executing program) 2025/08/29 10:56:36 fetching corpus: 6171, signal 172896/181462 (executing program) 2025/08/29 10:56:36 fetching corpus: 6221, signal 173193/181469 (executing program) 2025/08/29 10:56:36 fetching corpus: 6270, signal 173615/181474 (executing program) 2025/08/29 10:56:36 fetching corpus: 6320, signal 173867/181488 (executing program) 2025/08/29 10:56:36 fetching corpus: 6370, signal 174178/181541 (executing program) 2025/08/29 10:56:36 fetching corpus: 6420, signal 174539/181541 (executing program) 2025/08/29 10:56:36 fetching corpus: 6470, signal 174880/181541 (executing program) 2025/08/29 10:56:36 fetching corpus: 6520, signal 175139/181549 (executing program) 2025/08/29 10:56:36 fetching corpus: 6570, signal 175447/181549 (executing program) 2025/08/29 10:56:37 fetching corpus: 6620, signal 175744/181588 (executing program) 2025/08/29 10:56:37 fetching corpus: 6669, signal 176048/181589 (executing program) 2025/08/29 10:56:37 fetching corpus: 6719, signal 176323/181634 (executing program) 2025/08/29 10:56:37 fetching corpus: 6769, signal 176610/181649 (executing program) 2025/08/29 10:56:37 fetching corpus: 6818, signal 176861/181661 (executing program) 2025/08/29 10:56:37 fetching corpus: 6867, signal 177122/181666 (executing program) 2025/08/29 10:56:37 fetching corpus: 6917, signal 177350/181672 (executing program) 2025/08/29 10:56:37 fetching corpus: 6967, signal 177631/181682 (executing program) 2025/08/29 10:56:37 fetching corpus: 7017, signal 177849/181695 (executing program) 2025/08/29 10:56:37 fetching corpus: 7067, signal 178357/181743 (executing program) 2025/08/29 10:56:37 fetching corpus: 7077, signal 178409/181743 (executing program) 2025/08/29 10:56:37 fetching corpus: 7077, signal 178409/181743 (executing program) 2025/08/29 10:56:40 starting 8 fuzzer processes 10:56:40 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x800448d4, &(0x7f0000000200)="ef4abd") 10:56:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000000)={'netdevsim0\x00', {0x2, 0x0, @initdev}}) 10:56:40 executing program 6: r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) fsmount(r1, 0x0, 0x0) 10:56:40 executing program 7: r0 = eventfd2(0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00') close(r0) pread64(r1, &(0x7f0000000100)=""/147, 0x93, 0x0) 10:56:40 executing program 2: r0 = epoll_create(0x1) r1 = epoll_create(0x6) r2 = epoll_create(0x6) r3 = epoll_create(0x6) r4 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)) r5 = dup3(r3, r1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f00000000c0)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000080)) 10:56:40 executing program 3: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) ioctl$CDROM_SEND_PACKET(r0, 0x1269, &(0x7f0000000340)={"9aa04bb5181700d0f7d4c0ae", &(0x7f0000000240), 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0}) 10:56:40 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f00000000c0)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000470008000f801", 0x17}, {0x0, 0x0, 0xa20}], 0x0, &(0x7f0000000300)=ANY=[]) io_setup(0x572, &(0x7f0000000140)=0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) io_submit(r1, 0x1, &(0x7f00000002c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3, 0x0, r2, 0x0}]) unlinkat(r2, &(0x7f0000000200)='./file0\x00', 0x200) mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0x80, 0x1) openat$incfs(r0, &(0x7f0000000000)='.log\x00', 0xf0, 0x0) [ 76.987388] audit: type=1400 audit(1756465000.213:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 10:56:40 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = syz_open_pts(r0, 0x2af02) read(r1, &(0x7f00000001c0)=""/66, 0x42) [ 78.152416] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.157160] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.159067] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 78.163957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 78.167025] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 78.214850] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 78.216584] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 78.218494] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 78.226481] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 78.230145] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 78.305857] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 78.311798] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 78.313079] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 78.321416] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 78.325420] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 78.341850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 78.347161] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 78.354911] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 78.364384] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 78.369062] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 78.373011] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 78.379120] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 78.381969] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 78.383919] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 78.390438] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 78.392542] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 78.393801] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 78.397433] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 78.399304] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 78.404232] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 78.408932] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 78.408985] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 78.414873] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 78.416567] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 78.418387] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 78.419149] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 78.434015] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 78.437380] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 78.439820] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 78.456539] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 80.247304] Bluetooth: hci1: command tx timeout [ 80.248189] Bluetooth: hci0: command tx timeout [ 80.438824] Bluetooth: hci2: command tx timeout [ 80.439811] Bluetooth: hci4: command tx timeout [ 80.503820] Bluetooth: hci5: command tx timeout [ 80.504421] Bluetooth: hci3: command tx timeout [ 80.567735] Bluetooth: hci6: command tx timeout [ 80.568448] Bluetooth: hci7: command tx timeout [ 82.296656] Bluetooth: hci1: command tx timeout [ 82.297104] Bluetooth: hci0: command tx timeout [ 82.487791] Bluetooth: hci2: command tx timeout [ 82.488344] Bluetooth: hci4: command tx timeout [ 82.551789] Bluetooth: hci5: command tx timeout [ 82.552213] Bluetooth: hci3: command tx timeout [ 82.616649] Bluetooth: hci6: command tx timeout [ 82.617067] Bluetooth: hci7: command tx timeout [ 84.342730] Bluetooth: hci0: command tx timeout [ 84.343582] Bluetooth: hci1: command tx timeout [ 84.535690] Bluetooth: hci2: command tx timeout [ 84.536502] Bluetooth: hci4: command tx timeout [ 84.599948] Bluetooth: hci3: command tx timeout [ 84.600767] Bluetooth: hci5: command tx timeout [ 84.664020] Bluetooth: hci7: command tx timeout [ 84.665004] Bluetooth: hci6: command tx timeout [ 86.392682] Bluetooth: hci1: command tx timeout [ 86.393457] Bluetooth: hci0: command tx timeout [ 86.582737] Bluetooth: hci4: command tx timeout [ 86.583524] Bluetooth: hci2: command tx timeout [ 86.647984] Bluetooth: hci3: command tx timeout [ 86.649211] Bluetooth: hci5: command tx timeout [ 86.710978] Bluetooth: hci7: command tx timeout [ 86.712749] Bluetooth: hci6: command tx timeout [ 114.430024] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.430788] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.571804] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.572454] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.645660] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.646250] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.746659] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.747257] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.864937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.865544] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.956365] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.957081] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.971021] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.972715] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.013770] audit: type=1400 audit(1756465038.234:8): avc: denied { open } for pid=3862 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 115.017698] audit: type=1400 audit(1756465038.235:9): avc: denied { kernel } for pid=3862 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 115.070365] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.070962] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.104359] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.105019] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:57:18 executing program 3: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) ioctl$CDROM_SEND_PACKET(r0, 0x1269, &(0x7f0000000340)={"9aa04bb5181700d0f7d4c0ae", &(0x7f0000000240), 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0}) [ 115.156450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.157153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.178114] loop4: detected capacity change from 0 to 10 [ 115.190123] FAT-fs (loop4): Directory bread(block 10) failed [ 115.191640] FAT-fs (loop4): Directory bread(block 11) failed [ 115.202884] FAT-fs (loop4): Directory bread(block 10) failed [ 115.205378] FAT-fs (loop4): Directory bread(block 11) failed [ 115.206569] FAT-fs (loop4): Directory bread(block 10) failed [ 115.207100] FAT-fs (loop4): Directory bread(block 11) failed 10:57:18 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = syz_open_pts(r0, 0x2af02) read(r1, &(0x7f00000001c0)=""/66, 0x42) [ 115.229902] FAT-fs (loop4): Directory bread(block 10) failed [ 115.235354] FAT-fs (loop4): Directory bread(block 11) failed [ 115.236530] FAT-fs (loop4): Directory bread(block 10) failed [ 115.238669] FAT-fs (loop4): Directory bread(block 11) failed 10:57:18 executing program 3: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) ioctl$CDROM_SEND_PACKET(r0, 0x1269, &(0x7f0000000340)={"9aa04bb5181700d0f7d4c0ae", &(0x7f0000000240), 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0}) 10:57:18 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f00000000c0)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000470008000f801", 0x17}, {0x0, 0x0, 0xa20}], 0x0, &(0x7f0000000300)=ANY=[]) io_setup(0x572, &(0x7f0000000140)=0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) io_submit(r1, 0x1, &(0x7f00000002c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3, 0x0, r2, 0x0}]) unlinkat(r2, &(0x7f0000000200)='./file0\x00', 0x200) mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0x80, 0x1) openat$incfs(r0, &(0x7f0000000000)='.log\x00', 0xf0, 0x0) 10:57:18 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = syz_open_pts(r0, 0x2af02) read(r1, &(0x7f00000001c0)=""/66, 0x42) 10:57:18 executing program 3: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) ioctl$CDROM_SEND_PACKET(r0, 0x1269, &(0x7f0000000340)={"9aa04bb5181700d0f7d4c0ae", &(0x7f0000000240), 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0}) [ 115.362436] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.363127] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:57:18 executing program 2: r0 = epoll_create(0x1) r1 = epoll_create(0x6) r2 = epoll_create(0x6) r3 = epoll_create(0x6) r4 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)) r5 = dup3(r3, r1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f00000000c0)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000080)) [ 115.387415] loop4: detected capacity change from 0 to 10 [ 115.401687] FAT-fs (loop4): Directory bread(block 10) failed [ 115.402149] FAT-fs (loop4): Directory bread(block 11) failed [ 115.417770] FAT-fs (loop4): Directory bread(block 10) failed [ 115.418253] FAT-fs (loop4): Directory bread(block 11) failed [ 115.418985] FAT-fs (loop4): Directory bread(block 10) failed [ 115.419421] FAT-fs (loop4): Directory bread(block 11) failed [ 115.427447] FAT-fs (loop4): Directory bread(block 10) failed [ 115.428925] FAT-fs (loop4): Directory bread(block 11) failed [ 115.429744] FAT-fs (loop4): Directory bread(block 10) failed [ 115.430181] FAT-fs (loop4): Directory bread(block 11) failed 10:57:18 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)) r1 = syz_open_pts(r0, 0x2af02) read(r1, &(0x7f00000001c0)=""/66, 0x42) [ 115.438122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.438678] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.512574] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 115.530758] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.531320] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.583663] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.584222] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.607927] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.608524] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.627493] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.628138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:57:19 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x800448d4, &(0x7f0000000200)="ef4abd") 10:57:19 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f00000000c0)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000470008000f801", 0x17}, {0x0, 0x0, 0xa20}], 0x0, &(0x7f0000000300)=ANY=[]) io_setup(0x572, &(0x7f0000000140)=0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) io_submit(r1, 0x1, &(0x7f00000002c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3, 0x0, r2, 0x0}]) unlinkat(r2, &(0x7f0000000200)='./file0\x00', 0x200) mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0x80, 0x1) openat$incfs(r0, &(0x7f0000000000)='.log\x00', 0xf0, 0x0) 10:57:19 executing program 2: r0 = epoll_create(0x1) r1 = epoll_create(0x6) r2 = epoll_create(0x6) r3 = epoll_create(0x6) r4 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)) r5 = dup3(r3, r1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f00000000c0)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000080)) 10:57:19 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f00000000c0)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000470008000f801", 0x17}, {0x0, 0x0, 0xa20}], 0x0, &(0x7f0000000300)=ANY=[]) io_setup(0x572, &(0x7f0000000140)=0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) io_submit(r1, 0x1, &(0x7f00000002c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3, 0x0, r2, 0x0}]) unlinkat(r2, &(0x7f0000000200)='./file0\x00', 0x200) mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0x80, 0x1) openat$incfs(r0, &(0x7f0000000000)='.log\x00', 0xf0, 0x0) 10:57:19 executing program 5: ioperm(0x0, 0x7, 0x1) syz_mount_image$vfat(0x0, 0x0, 0x0, 0x1, &(0x7f0000001300)=[{0x0}], 0x0, 0x0) 10:57:19 executing program 7: r0 = eventfd2(0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00') close(r0) pread64(r1, &(0x7f0000000100)=""/147, 0x93, 0x0) 10:57:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000000)={'netdevsim0\x00', {0x2, 0x0, @initdev}}) 10:57:19 executing program 6: r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) fsmount(r1, 0x0, 0x0) [ 115.828440] loop3: detected capacity change from 0 to 10 [ 115.839994] loop4: detected capacity change from 0 to 10 [ 115.844079] FAT-fs (loop3): Directory bread(block 10) failed [ 115.844713] FAT-fs (loop3): Directory bread(block 11) failed [ 115.849381] FAT-fs (loop4): Directory bread(block 10) failed [ 115.853968] FAT-fs (loop4): Directory bread(block 11) failed 10:57:19 executing program 6: r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) fsmount(r1, 0x0, 0x0) [ 115.872727] FAT-fs (loop3): Directory bread(block 10) failed [ 115.874399] FAT-fs (loop4): Directory bread(block 10) failed [ 115.876522] FAT-fs (loop3): Directory bread(block 11) failed [ 115.877039] FAT-fs (loop4): Directory bread(block 11) failed [ 115.878725] FAT-fs (loop3): Directory bread(block 10) failed [ 115.879165] FAT-fs (loop3): Directory bread(block 11) failed [ 115.881659] FAT-fs (loop4): Directory bread(block 10) failed [ 115.882099] FAT-fs (loop4): Directory bread(block 11) failed 10:57:19 executing program 2: r0 = epoll_create(0x1) r1 = epoll_create(0x6) r2 = epoll_create(0x6) r3 = epoll_create(0x6) r4 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)) r5 = dup3(r3, r1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f00000000c0)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000080)) 10:57:19 executing program 5: ioperm(0x0, 0x7, 0x1) syz_mount_image$vfat(0x0, 0x0, 0x0, 0x1, &(0x7f0000001300)=[{0x0}], 0x0, 0x0) 10:57:19 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x800448d4, &(0x7f0000000200)="ef4abd") 10:57:19 executing program 7: r0 = eventfd2(0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00') close(r0) pread64(r1, &(0x7f0000000100)=""/147, 0x93, 0x0) [ 115.900139] FAT-fs (loop3): Directory bread(block 10) failed [ 115.902694] FAT-fs (loop4): Directory bread(block 10) failed [ 115.903243] FAT-fs (loop4): Directory bread(block 11) failed [ 115.906437] FAT-fs (loop3): Directory bread(block 11) failed [ 115.907936] FAT-fs (loop3): Directory bread(block 10) failed [ 115.908657] FAT-fs (loop3): Directory bread(block 11) failed [ 115.924761] FAT-fs (loop4): Directory bread(block 10) failed [ 115.925241] FAT-fs (loop4): Directory bread(block 11) failed 10:57:19 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f00000000c0)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000470008000f801", 0x17}, {0x0, 0x0, 0xa20}], 0x0, &(0x7f0000000300)=ANY=[]) io_setup(0x572, &(0x7f0000000140)=0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) io_submit(r1, 0x1, &(0x7f00000002c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3, 0x0, r2, 0x0}]) unlinkat(r2, &(0x7f0000000200)='./file0\x00', 0x200) mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0x80, 0x1) openat$incfs(r0, &(0x7f0000000000)='.log\x00', 0xf0, 0x0) 10:57:19 executing program 7: r0 = eventfd2(0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00') close(r0) pread64(r1, &(0x7f0000000100)=""/147, 0x93, 0x0) 10:57:19 executing program 6: r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) fsmount(r1, 0x0, 0x0) 10:57:19 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x800448d4, &(0x7f0000000200)="ef4abd") 10:57:19 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f00000000c0)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000470008000f801", 0x17}, {0x0, 0x0, 0xa20}], 0x0, &(0x7f0000000300)=ANY=[]) io_setup(0x572, &(0x7f0000000140)=0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) io_submit(r1, 0x1, &(0x7f00000002c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3, 0x0, r2, 0x0}]) unlinkat(r2, &(0x7f0000000200)='./file0\x00', 0x200) mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0x80, 0x1) openat$incfs(r0, &(0x7f0000000000)='.log\x00', 0xf0, 0x0) 10:57:19 executing program 5: ioperm(0x0, 0x7, 0x1) syz_mount_image$vfat(0x0, 0x0, 0x0, 0x1, &(0x7f0000001300)=[{0x0}], 0x0, 0x0) 10:57:19 executing program 2: r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) fsmount(r1, 0x0, 0x0) 10:57:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000000)={'netdevsim0\x00', {0x2, 0x0, @initdev}}) [ 116.079656] loop3: detected capacity change from 0 to 10 [ 116.083351] loop4: detected capacity change from 0 to 10 [ 116.095219] FAT-fs (loop4): Directory bread(block 10) failed [ 116.095706] FAT-fs (loop4): Directory bread(block 11) failed [ 116.098169] FAT-fs (loop3): Directory bread(block 10) failed [ 116.098635] FAT-fs (loop3): Directory bread(block 11) failed [ 116.108797] FAT-fs (loop4): Directory bread(block 10) failed [ 116.109241] FAT-fs (loop4): Directory bread(block 11) failed [ 116.112838] FAT-fs (loop3): Directory bread(block 10) failed [ 116.113407] FAT-fs (loop4): Directory bread(block 10) failed [ 116.113862] FAT-fs (loop4): Directory bread(block 11) failed [ 116.115535] FAT-fs (loop3): Directory bread(block 11) failed [ 116.116429] FAT-fs (loop3): Directory bread(block 10) failed [ 116.118039] FAT-fs (loop3): Directory bread(block 11) failed [ 116.118789] FAT-fs (loop4): Directory bread(block 10) failed 10:57:19 executing program 5: ioperm(0x0, 0x7, 0x1) syz_mount_image$vfat(0x0, 0x0, 0x0, 0x1, &(0x7f0000001300)=[{0x0}], 0x0, 0x0) 10:57:19 executing program 2: r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) fsmount(r1, 0x0, 0x0) [ 116.122111] FAT-fs (loop4): Directory bread(block 11) failed [ 116.122973] FAT-fs (loop3): Directory bread(block 10) failed [ 116.123427] FAT-fs (loop3): Directory bread(block 11) failed [ 116.124944] FAT-fs (loop4): Directory bread(block 10) failed [ 116.125834] FAT-fs (loop4): Directory bread(block 11) failed [ 116.126374] FAT-fs (loop3): Directory bread(block 10) failed [ 116.128790] FAT-fs (loop3): Directory bread(block 11) failed [ 116.137781] kmemleak: Found object by alias at 0x607f1a639978 [ 116.137800] CPU: 1 UID: 0 PID: 3948 Comm: syz-executor.6 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 116.137819] Tainted: [W]=WARN [ 116.137822] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 116.137830] Call Trace: [ 116.137834] [ 116.137839] dump_stack_lvl+0xca/0x120 [ 116.137869] __lookup_object+0x94/0xb0 [ 116.137887] delete_object_full+0x27/0x70 [ 116.137904] free_percpu+0x30/0x1160 [ 116.137920] ? arch_uprobe_clear_state+0x16/0x140 [ 116.137941] futex_hash_free+0x38/0xc0 [ 116.137956] mmput+0x2d3/0x390 [ 116.137975] do_exit+0x79d/0x2970 [ 116.137993] ? __pfx_do_exit+0x10/0x10 [ 116.138006] ? find_held_lock+0x2b/0x80 [ 116.138024] ? get_signal+0x835/0x2340 [ 116.138044] do_group_exit+0xd3/0x2a0 [ 116.138059] get_signal+0x2315/0x2340 [ 116.138076] ? put_task_stack+0xd2/0x240 [ 116.138090] ? __pfx_get_signal+0x10/0x10 [ 116.138106] ? __schedule+0xe91/0x3590 [ 116.138126] arch_do_signal_or_restart+0x80/0x790 [ 116.138144] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 116.138160] ? __x64_sys_futex+0x1c9/0x4d0 [ 116.138172] ? __x64_sys_futex+0x1d2/0x4d0 [ 116.138187] ? __pfx___x64_sys_futex+0x10/0x10 [ 116.138200] ? xfd_validate_state+0x55/0x180 [ 116.138221] exit_to_user_mode_loop+0x8b/0x110 [ 116.138234] do_syscall_64+0x2f7/0x360 [ 116.138247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.138260] RIP: 0033:0x7fe4d8b0ab19 [ 116.138269] Code: Unable to access opcode bytes at 0x7fe4d8b0aaef. [ 116.138274] RSP: 002b:00007fe4d6080218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 116.138286] RAX: 0000000000000001 RBX: 00007fe4d8c1df68 RCX: 00007fe4d8b0ab19 [ 116.138293] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe4d8c1df6c [ 116.138300] RBP: 00007fe4d8c1df60 R08: 0000000000000018 R09: 0000000000000000 [ 116.138307] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fe4d8c1df6c [ 116.138314] R13: 00007ffc7f0de50f R14: 00007fe4d6080300 R15: 0000000000022000 [ 116.138330] [ 116.138334] kmemleak: Object (percpu) 0x607f1a639974 (size 8): [ 116.138341] kmemleak: comm "syz-executor.4", pid 3951, jiffies 4294782922 [ 116.138348] kmemleak: min_count = 1 [ 116.138351] kmemleak: count = 0 [ 116.138355] kmemleak: flags = 0x21 [ 116.138359] kmemleak: checksum = 0 [ 116.138362] kmemleak: backtrace: [ 116.138366] pcpu_alloc_noprof+0x87a/0x1170 [ 116.138380] alloc_vfsmnt+0x135/0x6e0 [ 116.138394] vfs_create_mount.part.0+0x40/0x440 [ 116.138408] path_mount+0x1637/0x1dd0 [ 116.138420] __x64_sys_mount+0x27b/0x300 [ 116.138431] do_syscall_64+0xbf/0x360 [ 116.138439] entry_SYSCALL_64_after_hwframe+0x77/0x7f 10:57:19 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f00000000c0)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000470008000f801", 0x17}, {0x0, 0x0, 0xa20}], 0x0, &(0x7f0000000300)=ANY=[]) io_setup(0x572, &(0x7f0000000140)=0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) io_submit(r1, 0x1, &(0x7f00000002c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3, 0x0, r2, 0x0}]) unlinkat(r2, &(0x7f0000000200)='./file0\x00', 0x200) mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0x80, 0x1) openat$incfs(r0, &(0x7f0000000000)='.log\x00', 0xf0, 0x0) 10:57:19 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@hopopts_2292={{0x28, 0x29, 0x2, {0x0, 0x1, '\x00', [@ra, @pad1, @pad1]}}}], 0x28}}], 0x2, 0x0) 10:57:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000000)={'netdevsim0\x00', {0x2, 0x0, @initdev}}) 10:57:19 executing program 2: r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = dup2(r0, r0) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) fsmount(r1, 0x0, 0x0) 10:57:19 executing program 6: r0 = getpid() ptrace$peeksig(0x4209, r0, &(0x7f0000000000)={0x3ff, 0x1}, 0x0) ptrace$peekuser(0x3, r0, 0x3) clock_getres(0xe29806b62ad3cfbb, &(0x7f00000002c0)) r1 = getpid() ptrace$peeksig(0x4209, r1, &(0x7f0000000300)={0x0, 0x0, 0x6}, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}]) openat$binderfs(0xffffffffffffff9c, &(0x7f00000007c0)='./binderfs2/binder0\x00', 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) openat$nvram(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0) 10:57:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c) [ 116.286725] loop3: detected capacity change from 0 to 10 [ 116.299027] FAT-fs (loop3): Directory bread(block 10) failed [ 116.299474] FAT-fs (loop3): Directory bread(block 11) failed [ 116.309084] FAT-fs (loop3): Directory bread(block 10) failed [ 116.311025] FAT-fs (loop3): Directory bread(block 11) failed [ 116.313740] FAT-fs (loop3): Directory bread(block 10) failed [ 116.314182] FAT-fs (loop3): Directory bread(block 11) failed [ 116.319019] FAT-fs (loop3): Directory bread(block 10) failed [ 116.319462] FAT-fs (loop3): Directory bread(block 11) failed [ 116.322801] FAT-fs (loop3): Directory bread(block 10) failed [ 116.324393] FAT-fs (loop3): Directory bread(block 11) failed 10:57:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c) [ 116.355887] kmemleak: Found object by alias at 0x607f1a639974 [ 116.355905] CPU: 0 UID: 0 PID: 3962 Comm: syz-executor.3 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 116.355923] Tainted: [W]=WARN [ 116.355927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 116.355935] Call Trace: [ 116.355939] [ 116.355943] dump_stack_lvl+0xca/0x120 [ 116.355972] __lookup_object+0x94/0xb0 [ 116.355989] delete_object_full+0x27/0x70 [ 116.356006] free_percpu+0x30/0x1160 [ 116.356022] ? arch_uprobe_clear_state+0x16/0x140 [ 116.356042] futex_hash_free+0x38/0xc0 [ 116.356057] mmput+0x2d3/0x390 [ 116.356076] do_exit+0x79d/0x2970 [ 116.356089] ? signal_wake_up_state+0x85/0x120 [ 116.356105] ? zap_other_threads+0x2b9/0x3a0 [ 116.356121] ? __pfx_do_exit+0x10/0x10 [ 116.356145] ? do_group_exit+0x1c3/0x2a0 [ 116.356158] ? lock_release+0xc8/0x290 [ 116.356176] do_group_exit+0xd3/0x2a0 [ 116.356190] __x64_sys_exit_group+0x3e/0x50 [ 116.356204] x64_sys_call+0x18c5/0x18d0 [ 116.356219] do_syscall_64+0xbf/0x360 [ 116.356231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.356243] RIP: 0033:0x7f221a9fab19 [ 116.356252] Code: Unable to access opcode bytes at 0x7f221a9faaef. [ 116.356257] RSP: 002b:00007ffe57d5b368 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.356269] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f221a9fab19 [ 116.356277] RDX: 00007f221a9ad72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 116.356284] RBP: 0000000000000000 R08: 0000001b2cf2e9b8 R09: 0000000000000000 [ 116.356291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 116.356298] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe57d5b450 [ 116.356314] [ 116.356318] kmemleak: Object (percpu) 0x607f1a639970 (size 8): [ 116.356325] kmemleak: comm "syz-executor.3", pid 3967, jiffies 4294783125 [ 116.356332] kmemleak: min_count = 1 [ 116.356336] kmemleak: count = 0 [ 116.356340] kmemleak: flags = 0x21 [ 116.356344] kmemleak: checksum = 0 [ 116.356347] kmemleak: backtrace: [ 116.356351] pcpu_alloc_noprof+0x87a/0x1170 [ 116.356366] alloc_vfsmnt+0x135/0x6e0 [ 116.356379] vfs_create_mount.part.0+0x40/0x440 [ 116.356394] path_mount+0x1637/0x1dd0 [ 116.356406] __x64_sys_mount+0x27b/0x300 [ 116.356416] do_syscall_64+0xbf/0x360 [ 116.356425] entry_SYSCALL_64_after_hwframe+0x77/0x7f 10:57:19 executing program 6: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) write$binfmt_aout(r0, &(0x7f0000000000), 0x20) 10:57:19 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@hopopts_2292={{0x28, 0x29, 0x2, {0x0, 0x1, '\x00', [@ra, @pad1, @pad1]}}}], 0x28}}], 0x2, 0x0) 10:57:19 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@hopopts_2292={{0x28, 0x29, 0x2, {0x0, 0x1, '\x00', [@ra, @pad1, @pad1]}}}], 0x28}}], 0x2, 0x0) 10:57:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c) 10:57:19 executing program 6: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) write$binfmt_aout(r0, &(0x7f0000000000), 0x20) 10:57:19 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)={0x1c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 10:57:19 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) migrate_pages(0x0, 0x40, 0x0, &(0x7f00000000c0)=0x7fffffff00) 10:57:19 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x2, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) write(r2, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08", 0x1ba) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) fcntl$setstatus(r2, 0x4, 0x44000) sendfile(r2, r3, 0x0, 0xfdef) sendfile(r0, r1, 0x0, 0xfdef) [ 116.735196] Oops: general protection fault, probably for non-canonical address 0xdffffc0060000032: 0000 [#1] SMP KASAN NOPTI [ 116.736117] KASAN: probably user-memory-access in range [0x0000000300000190-0x0000000300000197] [ 116.736815] CPU: 1 UID: 0 PID: 3995 Comm: syz-executor.2 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 116.738388] Tainted: [W]=WARN [ 116.741453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 116.742097] RIP: 0010:perf_tp_event+0x175/0xe70 [ 116.742482] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 116.743909] RSP: 0018:ffff8880454b71c0 EFLAGS: 00010212 [ 116.744339] RAX: 0000000060000032 RBX: 00000002ffffffa0 RCX: ffffc9000360c000 [ 116.744894] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000300000190 [ 116.745451] RBP: ffff8880454b7430 R08: ffff88806cf31340 R09: ffffe8ffffd16970 [ 116.746015] R10: 0000000000000000 R11: f9e7d9be4ff6b31c R12: dffffc0000000000 [ 116.746564] R13: 0000000000000024 R14: ffff88806cf31340 R15: dffffc0000000000 [ 116.747121] FS: 00007ffaabe2d700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 116.747745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.748211] CR2: 0000001b2d026000 CR3: 000000001f3f1000 CR4: 0000000000350ef0 [ 116.748772] Call Trace: [ 116.748980] [ 116.749163] ? __schedule+0xe91/0x3590 [ 116.749481] ? __pfx_perf_tp_event+0x10/0x10 [ 116.749834] ? __pfx___schedule+0x10/0x10 [ 116.750166] ? lock_acquire+0x15e/0x2f0 [ 116.750487] ? find_held_lock+0x2b/0x80 [ 116.750810] ? schedule+0x2c7/0x390 [ 116.751104] ? lock_release+0xc8/0x290 [ 116.751415] ? schedule+0xdb/0x390 [ 116.751701] ? __wait_on_bit+0x145/0x1b0 [ 116.752027] ? __pfx_bit_wait_io+0x10/0x10 [ 116.752375] ? out_of_line_wait_on_bit+0xd7/0x110 [ 116.752763] ? perf_trace_run_bpf_submit+0xef/0x180 [ 116.753161] perf_trace_run_bpf_submit+0xef/0x180 [ 116.753548] perf_trace_block_buffer+0x2f8/0x4b0 [ 116.753930] ? __pfx_perf_trace_block_buffer+0x10/0x10 [ 116.754346] ? __asan_memcpy+0x3d/0x60 [ 116.754666] mark_buffer_dirty+0x1f7/0x3a0 [ 116.755009] block_commit_write+0x11d/0x270 [ 116.755357] block_write_end+0x78/0x120 [ 116.755680] ext4_da_write_end+0x196/0xe70 [ 116.756025] generic_perform_write+0x223/0x810 [ 116.756406] ? __pfx_generic_perform_write+0x10/0x10 [ 116.756810] ? __mark_inode_dirty+0x254/0xd00 [ 116.757176] ? generic_update_time+0xcb/0xf0 [ 116.757532] ? mnt_put_write_access_file+0x45/0xe0 [ 116.757935] ext4_buffered_write_iter+0x11a/0x430 [ 116.758316] ? __ext4_journal_stop+0x10b/0x1f0 [ 116.758683] ext4_file_write_iter+0xff6/0x1990 [ 116.759049] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 116.759441] ? trace_kmalloc+0x1f/0xb0 [ 116.759754] ? __kmalloc_noprof+0x29d/0x6e0 [ 116.760102] ? iter_file_splice_write+0x1cd/0x11f0 [ 116.760503] ? splice_from_pipe_next.part.0+0x165/0x510 [ 116.760929] iter_file_splice_write+0xa3b/0x11f0 [ 116.761311] ? trace_sched_exit_tp+0xbf/0x100 [ 116.761685] ? __pfx_iter_file_splice_write+0x10/0x10 [ 116.762102] ? lock_is_held_type+0x9e/0x120 [ 116.762452] ? __pfx_iter_file_splice_write+0x10/0x10 [ 116.762864] direct_splice_actor+0x192/0x7b0 [ 116.763226] splice_direct_to_actor+0x347/0x9d0 [ 116.763603] ? __pfx_direct_splice_actor+0x10/0x10 [ 116.764003] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 116.764426] ? lock_acquire+0x15e/0x2f0 [ 116.764749] do_splice_direct+0x179/0x250 [ 116.765083] ? __pfx_do_splice_direct+0x10/0x10 [ 116.765462] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 116.765876] ? security_file_permission+0x22/0x90 [ 116.766264] do_sendfile+0xa8e/0xdc0 [ 116.766564] ? __pfx_do_sendfile+0x10/0x10 [ 116.766905] ? __x64_sys_futex+0x1c9/0x4d0 [ 116.767246] ? __x64_sys_futex+0x1d2/0x4d0 [ 116.767581] __x64_sys_sendfile64+0x1d3/0x210 [ 116.767947] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 116.768355] do_syscall_64+0xbf/0x360 [ 116.768661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.769068] RIP: 0033:0x7ffaae8b7b19 [ 116.769362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 116.770781] RSP: 002b:00007ffaabe2d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 116.771368] RAX: ffffffffffffffda RBX: 00007ffaae9caf60 RCX: 00007ffaae8b7b19 [ 116.771925] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006 [ 116.772490] RBP: 00007ffaae911f6d R08: 0000000000000000 R09: 0000000000000000 [ 116.773042] R10: 000000000000fdef R11: 0000000000000246 R12: 0000000000000000 [ 116.773598] R13: 00007ffd33ca8e7f R14: 00007ffaabe2d300 R15: 0000000000022000 [ 116.774162] [ 116.774351] Modules linked in: [ 116.775648] ---[ end trace 0000000000000000 ]--- [ 116.776027] RIP: 0010:perf_tp_event+0x175/0xe70 [ 116.776412] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 116.778567] RSP: 0018:ffff8880454b71c0 EFLAGS: 00010212 [ 116.779018] RAX: 0000000060000032 RBX: 00000002ffffffa0 RCX: ffffc9000360c000 [ 116.779585] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000300000190 [ 116.780177] RBP: ffff8880454b7430 R08: ffff88806cf31340 R09: ffffe8ffffd16970 [ 116.780833] R10: 0000000000000000 R11: f9e7d9be4ff6b31c R12: dffffc0000000000 [ 116.781395] R13: 0000000000000024 R14: ffff88806cf31340 R15: dffffc0000000000 [ 116.782040] FS: 00007ffaabe2d700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 116.783652] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.784122] CR2: 0000001b2d026000 CR3: 000000001f3f1000 CR4: 0000000000350ef0 [ 116.784789] note: syz-executor.2[3995] exited with preempt_count 1 [ 116.788215] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 116.789099] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 116.789777] CPU: 1 UID: 0 PID: 99 Comm: systemd-journal Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 116.790704] Tainted: [D]=DIE, [W]=WARN [ 116.791008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 116.791650] RIP: 0010:perf_tp_event+0x175/0xe70 [ 116.792026] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 116.793450] RSP: 0000:ffff888015a1f640 EFLAGS: 00010212 [ 116.793867] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 116.794419] RDX: ffff888017f19b80 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 116.794974] RBP: ffff888015a1f8b0 R08: ffff88806cf31340 R09: ffffe8ffffd16970 [ 116.795531] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 116.796092] R13: 0000000000000024 R14: ffff88806cf31340 R15: dffffc0000000000 [ 116.796659] FS: 00007f5096ba3900(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 116.797287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.797742] CR2: 00007f5095ff0e30 CR3: 0000000009ea7000 CR4: 0000000000350ef0 [ 116.798301] Call Trace: [ 116.798506] [ 116.798690] ? kmem_cache_free+0x2a1/0x540 [ 116.799028] ? jbd2_journal_stop+0x5d5/0xe20 [ 116.799392] ? __ext4_journal_stop+0xe2/0x1f0 [ 116.799750] ? do_wp_page+0xff4/0x3430 [ 116.800065] ? __pfx_perf_tp_event+0x10/0x10 [ 116.800434] ? from_kprojid+0x92/0xd0 [ 116.800750] ? jbd2_journal_dirty_metadata+0x1bf/0xdb0 [ 116.801172] ? lock_acquire+0x18c/0x2f0 [ 116.801493] ? lock_release+0x1c7/0x290 [ 116.801809] ? __virt_addr_valid+0x100/0x5d0 [ 116.802170] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 116.802588] ? kasan_quarantine_put+0x84/0x1e0 [ 116.802954] ? kmem_cache_free+0x2a1/0x540 [ 116.803290] ? perf_trace_run_bpf_submit+0xef/0x180 [ 116.803705] perf_trace_run_bpf_submit+0xef/0x180 [ 116.804105] perf_trace_block_buffer+0x2f8/0x4b0 [ 116.804495] ? __pfx_perf_trace_block_buffer+0x10/0x10 [ 116.804908] mark_buffer_dirty+0x1f7/0x3a0 [ 116.805249] block_commit_write+0x11d/0x270 [ 116.805595] ? __pfx_ext4_da_get_block_prep+0x10/0x10 [ 116.806012] block_page_mkwrite+0x3bb/0x470 [ 116.806355] ext4_page_mkwrite+0x9cd/0x1710 [ 116.806699] ? __kasan_save_free_info+0x3a/0x60 [ 116.807066] ? __kasan_slab_free+0x3f/0x50 [ 116.807407] ? kmem_cache_free+0x2a1/0x540 [ 116.807745] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 116.808121] ? __x64_sys_openat+0x142/0x200 [ 116.808479] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.808897] ? vm_normal_page+0x154/0x270 [ 116.809229] ? __pfx_vm_normal_page+0x10/0x10 [ 116.809586] do_page_mkwrite+0x17a/0x370 [ 116.809910] do_wp_page+0xff4/0x3430 [ 116.810209] ? lock_acquire+0x18c/0x2f0 [ 116.810525] ? lock_acquire+0x18c/0x2f0 [ 116.810842] ? __pfx_do_wp_page+0x10/0x10 [ 116.811175] ? lock_release+0x1c7/0x290 [ 116.811488] ? do_raw_spin_lock+0x123/0x260 [ 116.811838] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 116.812218] ? ___pte_offset_map+0x176/0x370 [ 116.812571] __handle_mm_fault+0xde1/0x3260 [ 116.812919] ? vma_start_read+0x25e/0x8e0 [ 116.813245] ? vma_start_read+0x304/0x8e0 [ 116.813573] ? __pfx___handle_mm_fault+0x10/0x10 [ 116.813952] ? __pfx_vma_start_read+0x10/0x10 [ 116.814310] handle_mm_fault+0x2c3/0x9b0 [ 116.814634] ? access_error+0x17d/0x380 [ 116.814953] do_user_addr_fault+0x4fa/0xeb0 [ 116.815298] exc_page_fault+0xb0/0x180 [ 116.815612] asm_exc_page_fault+0x26/0x30 [ 116.815939] RIP: 0033:0x7f5097727ace [ 116.816242] Code: 40 38 00 00 00 00 4c 89 e8 48 f7 f1 48 8b 85 d8 00 00 00 48 c1 e2 04 48 01 d0 49 89 d5 48 8b 50 08 48 85 d2 0f 85 32 03 00 00 <4c> 89 00 48 8b 85 d8 00 00 00 4e 89 44 28 08 48 8b 85 d0 00 00 00 [ 116.817647] RSP: 002b:00007ffe983e7000 EFLAGS: 00010246 [ 116.818060] RAX: 00007f5095ff0e30 RBX: 0000561ad2e6aea0 RCX: 000000000000acf8 [ 116.818620] RDX: 0000000000000000 RSI: 0000561ad2e6aea0 RDI: 00007f5096104ee8 [ 116.819176] RBP: 0000561ad2e5b400 R08: 000000000016cea8 R09: 000000000016cea8 [ 116.819728] R10: 0000000000000002 R11: 0000000000034fb0 R12: 0000000000000033 [ 116.820287] R13: 0000000000057840 R14: 0000000000000000 R15: 00007ffe983e7020 [ 116.820844] [ 116.821030] Modules linked in: [ 116.821320] ---[ end trace 0000000000000000 ]--- [ 116.821759] RIP: 0010:perf_tp_event+0x175/0xe70 [ 116.822136] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 116.823662] RSP: 0018:ffff8880454b71c0 EFLAGS: 00010212 [ 116.824081] RAX: 0000000060000032 RBX: 00000002ffffffa0 RCX: ffffc9000360c000 [ 116.824750] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000300000190 [ 116.825307] RBP: ffff8880454b7430 R08: ffff88806cf31340 R09: ffffe8ffffd16970 [ 116.826016] R10: 0000000000000000 R11: f9e7d9be4ff6b31c R12: dffffc0000000000 [ 116.826756] R13: 0000000000000024 R14: ffff88806cf31340 R15: dffffc0000000000 [ 116.827391] FS: 00007f5096ba3900(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 116.828206] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.828755] CR2: 00007f5095ff0e30 CR3: 0000000009ea7000 CR4: 0000000000350ef0 [ 116.829405] note: systemd-journal[99] exited with preempt_count 1 [ 117.364950] Oops: general protection fault, probably for non-canonical address 0xdffffc0040000032: 0000 [#3] SMP KASAN NOPTI [ 117.366009] KASAN: probably user-memory-access in range [0x0000000200000190-0x0000000200000197] [ 117.366778] CPU: 1 UID: 0 PID: 3993 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 117.367843] Tainted: [D]=DIE, [W]=WARN [ 117.368196] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 117.368929] RIP: 0010:perf_tp_event+0x175/0xe70 [ 117.369360] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 117.370959] RSP: 0000:ffff888018387680 EFLAGS: 00010212 [ 117.371431] RAX: 0000000040000032 RBX: 00000001ffffffa2 RCX: 0000000000000002 [ 117.372065] RDX: ffff888015dc8000 RSI: ffffffff818995b7 RDI: 0000000200000192 [ 117.372703] RBP: ffff8880183878f0 R08: ffff88806cf31340 R09: ffffe8ffffd16970 [ 117.373331] R10: 0000000000000000 R11: ffffffff81b26105 R12: dffffc0000000000 [ 117.373961] R13: 0000000000000024 R14: ffff88806cf31340 R15: dffffc0000000000 [ 117.374591] FS: 00005555852a3400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 117.375300] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.375817] CR2: 0000001b2d027000 CR3: 000000001f3f1000 CR4: 0000000000350ef0 [ 117.376460] Call Trace: [ 117.376695] [ 117.376903] ? xas_load+0x67/0x4f0 [ 117.377228] ? __pfx_perf_tp_event+0x10/0x10 [ 117.377627] ? __pfx___es_remove_extent+0x10/0x10 [ 117.378071] ? filemap_get_folios_tag+0x820/0xad0 [ 117.378511] ? __pfx_filemap_get_folios_tag+0x10/0x10 [ 117.378986] ? _raw_write_unlock+0x1e/0x40 [ 117.379378] ? ext4_es_insert_delayed_extent+0x548/0x8a0 [ 117.379859] ? clean_bdev_aliases+0x4c7/0x5c0 [ 117.380289] ? ext4_has_free_clusters+0x294/0x570 [ 117.380735] ? perf_trace_run_bpf_submit+0xef/0x180 [ 117.381186] perf_trace_run_bpf_submit+0xef/0x180 [ 117.381626] perf_trace_block_buffer+0x2f8/0x4b0 [ 117.382057] ? __pfx_perf_trace_block_buffer+0x10/0x10 [ 117.382529] ? do_raw_spin_unlock+0x53/0x220 [ 117.382935] ? create_empty_buffers+0x219/0x460 [ 117.383355] mark_buffer_dirty+0x1f7/0x3a0 [ 117.383739] __block_write_begin_int+0xa1f/0x1570 [ 117.384188] ? __pfx_ext4_da_get_block_prep+0x10/0x10 [ 117.384665] ? __pfx___block_write_begin_int+0x10/0x10 [ 117.385137] ? __pfx_ext4_convert_inline_data+0x10/0x10 [ 117.385615] ? __pfx_down_read+0x10/0x10 [ 117.385984] ? __pfx_ext4_da_get_block_prep+0x10/0x10 [ 117.386448] block_page_mkwrite+0x394/0x470 [ 117.386838] ext4_page_mkwrite+0x9cd/0x1710 [ 117.387228] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 117.387665] do_page_mkwrite+0x17a/0x370 [ 117.388038] __handle_mm_fault+0x10cc/0x3260 [ 117.388454] ? vma_start_read+0x25e/0x8e0 [ 117.388830] ? vma_start_read+0x304/0x8e0 [ 117.389201] ? __pfx___handle_mm_fault+0x10/0x10 [ 117.389635] ? __pfx_vma_start_read+0x10/0x10 [ 117.390047] ? __pfx_get_timespec64+0x10/0x10 [ 117.390458] handle_mm_fault+0x2c3/0x9b0 [ 117.390832] ? access_error+0x17d/0x380 [ 117.391195] do_user_addr_fault+0x4fa/0xeb0 [ 117.391587] exc_page_fault+0xb0/0x180 [ 117.391955] asm_exc_page_fault+0x26/0x30 [ 117.392342] RIP: 0033:0x7ffaae855673 [ 117.392678] Code: 5d c3 0f 1f 44 00 00 48 8b 0d 59 ed 0a 01 48 8b 05 4a ed 0a 01 4c 8d 81 00 00 00 01 48 39 c8 72 13 4c 39 c0 73 0e 48 8d 50 04 <89> 38 48 89 15 2c ed 0a 01 c3 52 48 8d 35 77 b7 0b 00 48 89 c2 48 [ 117.394270] RSP: 002b:00007ffd33ca8e48 EFLAGS: 00010287 [ 117.394739] RAX: 0000001b2d027000 RBX: 00007ffaae62f008 RCX: 0000001b2d020000 [ 117.395372] RDX: 0000001b2d027004 RSI: ffffffff81e931b1 RDI: 00000000c548ffc9 [ 117.396004] RBP: 0000000000000001 R08: 0000001b2e020000 R09: 0000001b2d026900 [ 117.397175] R10: 0000000000001fca R11: 00000000c548ffcd R12: 0000000000001421 [ 117.398408] R13: 00007ffaae9bf000 R14: ffffffff81e931b1 R15: 00007ffaae9caff0 [ 117.399632] ? ext4_do_writepages+0xde1/0x38b0 [ 117.400461] ? ext4_do_writepages+0xde1/0x38b0 [ 117.401227] [ 117.401596] Modules linked in: [ 117.402298] ---[ end trace 0000000000000000 ]--- [ 117.403171] RIP: 0010:perf_tp_event+0x175/0xe70 [ 117.404044] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 117.406867] RSP: 0018:ffff8880454b71c0 EFLAGS: 00010212 [ 117.407724] RAX: 0000000060000032 RBX: 00000002ffffffa0 RCX: ffffc9000360c000 [ 117.408862] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000300000190 [ 117.409985] RBP: ffff8880454b7430 R08: ffff88806cf31340 R09: ffffe8ffffd16970 [ 117.411109] R10: 0000000000000000 R11: f9e7d9be4ff6b31c R12: dffffc0000000000 [ 117.412239] R13: 0000000000000024 R14: ffff88806cf31340 R15: dffffc0000000000 [ 117.413367] FS: 00005555852a3400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 117.414634] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.415535] CR2: 0000001b2d027000 CR3: 000000001f3f1000 CR4: 0000000000350ef0 [ 117.416672] note: syz-executor.2[3993] exited with preempt_count 1 VM DIAGNOSIS: 10:57:20 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff81b9c70b RDX=ffff888017f1d280 RSI=ffffffff81b9c718 RDI=0000000000000001 RBP=0000000000000007 RSP=ffff888009d57b80 R8 =0000000000000001 R9 =ffffed10011fbb36 R10=0000000000000000 R11=0000000000000000 R12=0073656369766564 R13=ffff888009d57cc0 R14=ffff888009d57cb0 R15=ffff88804494442c RIP=ffffffff8173e788 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa4827e58c0 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe0600000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fcc7dd89000 CR3=000000000f7fd000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=7269762f736563697665642f7379732f XMM03=6c622f6c6175747269762f7365636976 XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00005619f3b2433000005619f3b243a0 XMM06=00005619f3b266200000000000000000 XMM07=00000000000000000000000000000000 XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000 XMM10=00000000000020000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff828e3230 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880454b6b00 R8 =0000000000000000 R9 =ffffed1001766046 R10=00000000000fe503 R11=3a6465746e696154 R12=0000000000000823 R13=0000000000000020 R14=fffffbfff10e4882 R15=dffffc0000000000 RIP=ffffffff828e3285 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007ffaabe2d700 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe6000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2d026000 CR3=000000001f3f1000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000a60ce07b00000000cec3662e XMM01=00000000000000005a22d39081d9a60f XMM02=000000000000000072216263b0b79aa1 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000