Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:12189' (ECDSA) to the list of known hosts. 2025/06/14 12:02:16 fuzzer started 2025/06/14 12:02:16 dialing manager at localhost:42061 syzkaller login: [ 94.561348] cgroup: Unknown subsys name 'net' [ 94.696029] cgroup: Unknown subsys name 'cpuset' [ 94.731613] cgroup: Unknown subsys name 'rlimit' 2025/06/14 12:02:31 syscalls: 207 2025/06/14 12:02:31 code coverage: enabled 2025/06/14 12:02:31 comparison tracing: enabled 2025/06/14 12:02:31 extra coverage: enabled 2025/06/14 12:02:31 setuid sandbox: enabled 2025/06/14 12:02:31 namespace sandbox: enabled 2025/06/14 12:02:31 Android sandbox: enabled 2025/06/14 12:02:31 fault injection: enabled 2025/06/14 12:02:31 leak checking: enabled 2025/06/14 12:02:31 net packet injection: enabled 2025/06/14 12:02:31 net device setup: enabled 2025/06/14 12:02:31 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/06/14 12:02:31 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/06/14 12:02:31 USB emulation: enabled 2025/06/14 12:02:31 hci packet injection: enabled 2025/06/14 12:02:31 wifi device emulation: enabled 2025/06/14 12:02:31 802.15.4 emulation: enabled 2025/06/14 12:02:31 fetching corpus: 0, signal 0/0 (executing program) 2025/06/14 12:02:32 starting 8 fuzzer processes 12:02:32 executing program 0: ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000440)={0x2, 0x1, 0x1c, 0x9, 0xf5, &(0x7f0000000040)="bee17995dfbfe0405a1388f2aa31dfa95f81e15be943a204d49ded0aec255533b0a9228b62b39136f5bbb35062f421a4a678f66db2502b17c7b167249e84b0990522a205e80e00f9eeb251beb3309bf22f7e881af28d143d07116aadeb9ade9f4897e34a5c29af45ecc94aad9dab21b2d2db55460c207d5aa8280fea07258d64ed5555ec9d8acd288337fc3676afb5f46b3676885a28068e9ecbf7efb6642a07faaee0c61f4e16aa3db19402b328ec5969476904bb636989a2f5949f2552c741ccdf772e516a4586f488eeca712ff54fe54e9aa836debe4f479c76dccee6ed87332593fb65a88df193864c784b632493a817b34a197e68c0601e88a2881d93e660d63b98d8ef82e7be164856ed1e42ee9147ce51705c5cca8857748eb3de49baa380d645ccf5711ad37d7f97a6a883493cafc35ee4e88d8ac47c87c8d6b1b223ce042afd9894468e6b4783eb2995adbeaea299594f3ebad830e97e65f00bae5931f7e39d155783a9ceca943082f5e09c49b038659feb10b2cf2f14fa4d9557c595b5231461ebda0eba4c25dc4f2123ec55a06f4e52ac6fbeffa9f01974765a4914f4957966d2e7ea95b4ea43ac059ccc7d3d3e9bc9c30cef76944d8037f9b3a550da076155cda4292d75a1c0c05c1a64e2384095cb574caf9d7d6cb3921e0554b1575dd3cc834f6498e2e3fc4b065f5fbe53c250f565faec72ab83daf6a06cbbd534fe08ad76578f94f4b553080c3c39743684d2f4d3b8dc71594eff8328591dd8f0284af415fa00827532f497b3eed72a16f2e50fa252b77b86a6f77355d1408141fa0592576dec1cf8927a5c3d5ca21fa259a2f3e2e4506ebc1cd3f4cbe56b9f27377819307e14ebb8db2896d0b50ddb1252cde1b75c5847bcd58055d72890466c3b9a193022066e828076ee6f39fe3d8b23d6648d02a2bf2171c361ffbb280ef8a5585c53a65e705168a44a10698ac79c0f87077a0feffc0061d5dd8ba4e46361879ac47809f9b9c041ea2b58ab8581a5211481d3274d513c5fa8e54dc108b93825de209980cfe69ab4e2634812708b27dfb7fcd212ee2f8fd19a60750d5a0e9f1ae19f0c10379d07ae3702e3fad6023e39b96c1600f9852994dba5d04e0819eb65d63c395aad646024c02f78783e6c73995f29b365429cf95101db853b21fcbd12588d9c93e53dc8fef25b98e87958358c1483fb17ce0ba49a1a98f024bc795a3b319175c9a367b6130af136b977b36e79a7d576fa076c60468f07e08b588eb1581ec253d230d5c6537c29d821644009ca2083a7bbe682f54a5628a09208026889bb6aab1b6eea430d9a590ebd69caa851f597172bd647efb659b0f8699a81ab3a24df8b24deb99030e4cbbd28ee959cc72786d52ad828cdba8f7f831d403ba4b983005ce1e1997619afc9093a16a82986788b8f578079d7b32859bd9126"}) ioctl$KDSKBMETA(0xffffffffffffffff, 0x4b63, &(0x7f0000000480)=0x4) r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xcdcb) ioctl$TIOCCBRK(r0, 0x5428) r1 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$TCGETS2(r1, 0x802c542a, &(0x7f00000004c0)) ioctl$TCSBRK(r0, 0x5409, 0x2e5) r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0) ioctl$CDROMREADALL(r2, 0x5318, &(0x7f0000000540)) ioctl$TIOCL_GETSHIFTSTATE(r1, 0x541c, &(0x7f0000000fc0)={0x6, 0xfd}) ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f0000001000)) ioctl$KDSKBLED(r0, 0x4b65, 0xce95) ioctl$KDSKBLED(r1, 0x4b65, 0x8) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001040), 0x10201, 0x0) ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000001080)={0xf6, 0x80, 0x4}) r4 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$TCSBRKP(r4, 0x5425, 0xffff) r5 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000010c0), 0x80002, 0x0) ioctl$DVD_READ_STRUCT(r5, 0x5390, &(0x7f0000001100)=@manufact={0x4, 0x1, 0x800, "184d29660645add3781cdb3ce36b9b8f1186bcf34e6e5bd137e158a9db995aa944a9feb9815bcc5e7a1e1003ffa0030b3a7aae8532490f4e82e3cb31edc8d1e17cfe39c24858c374a8a9c09ad2b9a905f0b00a45e1a5ec1fe6ff5baea4b5470ed5b33edc3b0af0d11f2162af5d9269cdcecfa2f8c8ee696739a1cbad57cf91dfb377fff1a5595176814238f568478ef61b56121495f2998fa0ad14cdbf260d3ff8a4d88d9d56fce811aa508bd310d6569c9d7476dd438359d369685ff7b79b2176e50faa89c005003ae32123111376cea130627d16b37281da240553fa4815b56e195eba7472d9334f92598fbf9f7d7a2f0896b841bc0ce68d9cf267f263413d1108381fb62dcc0aa9f6e2201d9977d5b11f2db5bf95f606f23a70ad6cb831ee0b3a5fdd588e7826f1ba88148f5d8ea5006d4a91c183c4561ae5ca2c71e9e311a694886ceefdf2614419fbf70734b7883a2df6a25cc904fe998834e5798c4adae9bc6e32337641b4466dd48687cd82029d54365c1d76afaa551f7d4391f708827c98d9dc0f7117efe0c431222dd0a745080c3590170b7af3bc0c26f59e0c616175bb53549f2d3ed472455810548c109425285a62d74e609c7798bb91b84236c0abd35da9a71f9e058b01f251562287b0d8541addd41f8a4b661e5c382236936c6ba86b47778c72818997ac8e598c09b7ab02e1b27823c9176cd96de43c8160751e57ddc15135b9391592e745a2ef18f8d443538cb11e09857867c6589e9a38ccb2f414e46a2e168d6eb24f7bfb2334efb5dd357981ffc9868469ab1cec6f72ff4b95f28d426cdfcfd3b834c6b79cf0fa130cd303ca7fff13cc6a2f270e9657cfd66493fde70a9d7c1a74c41850141b5b60a5afbda18f4778959f16af20e176c7ab9c0db7b7ead42ac865227ce4940243fd2b1e0b251ebf99d3abf61eeaffb1234341ce7ee9db80229c7da7f9af471152127f0035fa8c4d25d3cef4fdc59b9ae5476305956cc72080beda471923221005904ecc26971086d7a656af4920e8013b27d745bf3625960c8e9e13c57fb02daec37dbd0139111b122e9d656cb467cc015c848f7f08750bdac2bd6541f412d8fd1392ceba04d58e8da37ef1defc3e108edee4eedd4db61f44689a8ad86b1568dafc15722b98ddb0f0b273064ac311d8a3091498aaeb5b321819ddf86bbc69e9a207e24d33494f526c6bc5202729f9d901024b2c8a31968aa90aae8a4dc0866b09ef04195392de1090b78b2231d182022796c083084c19b539331db3a60dae867734f52ecf3b7c40ee0f92929366c8a6a9d785970c09177f04b2cea3fe53a287ec513ae42b48edda19abd1622085f922fa0e81b234ab3c409392a7557bca489e383a7ebf220b1c71759f3b1ed8102ca58c9e692adc97af00669cd779dd1ac82d09475d685dcab0195218b494b2d1e112a36916d25d2f78e58e5787adbaf9c5fbf12ab6e667ce691282737d4f1d832bd283d0713c75daa3da198e95cf480084eee9e3f8c2c2fdd7018562c5d3ad0fff81d383685ceab70a5e39885e0160d6cdc984a5ebc610cdb4729ff286c134ec1ddf08fae5a39e68038968fe520bc31641f1ae4555d8dda83a1c0311d10729e7f9521efe03e98481a86b7e4306061e540672b804cc390507159f3aa2df3a9f1580add20c2683713b1a4b13a74459492f57c2b9b5ab89628c082b4c6ee2f6b194ab725d50e537cc35e569f58e6feab334a15583a0be3e53c4f3b4d633a957755c410f49d54835770ce0463adbc1b8026d136fa2b8bc7550fa5749d31293f663dcccec714a16db51394ad3b5cfc0ad43fae23425236a4bcce97c9db95d4b84735693ab4355304c532feee9d05cba96723f933162d29d97d485617a816f3edff03001bf16c029b8f9e893e38f24768a535d3dad4551406996fcd31d8dd7eecbb6c7a2ce2508356bcf86d88f355d57c8b547c51af29ac8a0a873f7912de7f031070126d0d09233322593c77f859d9ca9733e4fd34e34712f816132991df24950c92f2da97ccc9c7625603a2eb9179b4af709ff23b5b5595accc08e86b6d9c76b82420959c505e135baf916b236fbf92fb73700b561616938caaa45762080b0a1bb3637c8eb4323c68a6c7a2de8f4e6506424e3b8433f031770f34ccf56cd6d551fcb13bc472850c97e687a5bfca2b6914a0663b83dab2e42233f13647e8732e0333c1cdd42a6d59ff7082a103060b2c64fbbf4cce6c21452586fa064890c7a93a79fe520cfcbfd792e8385c81759e91bfab85e0b0774298683aa01e5fc44b9285c3570e0175c239e980fe161741485a8c47bc394f9dcee9c3939985a02b3ac754be11949eb64d73d7a4b4e1120c3b639318bf010b3c954f630fc954de24b7149b972c02357b6915be78cc06b227cf4aa2697f8b14f6793ad43dad3d92140d8d03714e9071e9a58f8c3d04af78509e48a81c434b79e1bddbfdef5151ac307022217b18a1fb3654aeeba7316c4b92786cff5c1a8f0cdb87d28cea00cb4cfc82e8666e5d2b6c46ac275538a3e60769b26b784768ecd72f3b1b2558794c7c9de996826f678c10822e2fa7709a808f2ee71e515d4929f7d01e42863ebbd0043dab8282390ca3ea12ef78c5f38b6db404ac57d00ba0e87d88c404d7485cd59dbaa4f4cf7c6a4cf561e507bc0ce7db7b5bcf1fc233e69950382a7f08815ad9abfc098f8ff582707e9292942cb282369b7bd4a1fb5de127b1b89fbabc3dbc6cf815ea3a76a334b07d1dd814ddfc3e0257258d6c4a7f620067497202857baa94d431048aa71c9651eb985d262341c69083779088e17fd2fdba2e63b016cba6177de763aeb8ca895054ad24e0253a5759bb85fb176616685d9532494cc50ec0c33b7037750fe236b24bc"}) 12:02:32 executing program 1: ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f0000000000)=0x3) r0 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000040)) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x4}, 0x6) ioctl$TIOCGPKT(r0, 0x80045438, &(0x7f00000000c0)) sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x70, 0x0, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_macvtap\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x70}, 0x1, 0x0, 0x0, 0x40}, 0x41) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$smc(&(0x7f0000000240), r1) r2 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000280)=0x40) ioctl$TIOCGRS485(r2, 0x542e, &(0x7f00000002c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_DEL_DEST(r3, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x7c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x20, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xfffffffd}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2a, 0x10}}]}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bridge_slave_1\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x2000}, 0x4008004) r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x20300, 0x0) ioctl$TIOCSRS485(r4, 0x542f, &(0x7f0000000480)={0x7f, 0x2008}) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f00000004c0)) ioctl$PIO_FONTRESET(r4, 0x4b6d, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500), 0x501400, 0x0) sendmsg$IPVS_CMD_SET_DEST(r4, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x28, 0x0, 0x800, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x8}]}]}, 0x28}, 0x1, 0x0, 0x0, 0xc010}, 0x80000) ioctl$VT_WAITACTIVE(r2, 0x5607) 12:02:32 executing program 2: bind$802154_raw(0xffffffffffffffff, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14) openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCMBIS(r0, 0x5416, &(0x7f0000000080)=0x1ff) socketpair(0x1d, 0xa, 0x5e3, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), r1) r2 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$KDSKBMETA(r2, 0x4b63, &(0x7f0000000140)=0x4) ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000180)={0x6, 0x1}) r3 = inotify_init1(0x80000) inotify_add_watch(r3, &(0x7f00000001c0)='./file0\x00', 0x9) ioctl$TCSBRKP(r2, 0x5425, 0x5) ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x8040450a, &(0x7f0000000200)=""/51) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280), r1) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0xc4, r4, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x38, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'wg1\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x6}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x807}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x101}, @IPVS_CMD_ATTR_SERVICE={0x68, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x1d}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x3f}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x67}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xffff125c}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x36, 0x8}}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'none\x00'}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x40010}, 0x0) r5 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x7) ioctl$KDSKBMETA(r5, 0x4b63, &(0x7f0000000440)=0x3) r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000480), 0x20000, 0x0) ioctl$EVIOCSABS0(r6, 0x401845c0, &(0x7f00000004c0)={0x2, 0x60, 0x4, 0x1, 0xaf, 0xffffffff}) ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000900)={0x2, 0x1, 0x0, 0x1a, 0x15b, &(0x7f0000000500)="4b4ecfbf9243bb2e246c654683c14cf6911a449f0ed6e2fa65b43e85a70cf5ff52046d7cdb8ceb5819e40d91d4bd2194aafd3f2b22d3143b410216b9203d250986e2d3ba9c04e83fa08f55a1170cf0ef738f940cfd2037194bf677becb9daaa4ff2719d4cd9b01ecd01c42284d515bc919d6094bcd3fbccc00f4fea93034d1295870f98ad06a49284a2f8ab074dfb04a0ce73721bb311a69b2409a40ff181ad757434fb7d3c84f57caa1a227ef7d414a952143df8721bd27157fe1e55889743120500bd99439e14f191965545ad5915d994f0bd43385652d31bf06c10c0b75874f2397c616f833c3dce6f00f6972ddd780ea552f4ba9df28cc2f17eeb7e632196791e31bca74b40cd82d09b5f530fcf8a4495dc94b282c7ae07fdfb0abac83c1b8b8074f58fd6b3f05c7fbe2fb02b7f3d7f4b0d7b39a53fb11a6c29adc384ae9f3133bc489d799c62c38639cc53bc239c7b4921f421538eeaa6c6f3bf9acf213c738f6d000142989e924cf7b7d48ee585400b8910e3cc22166eda8317fb467bfa7f5dda72e5bc89a38a3246764db1993dbc6dc7bf6b18ab8897182ea606f5c0bb0e0f606e15dc1dd2fbb6bcc4a8980394743e5ca08b7d7a5e4d66ec6833c4467f2c5c2bd68077585c49eee43ce56cb33b10e00099701025d2d9d77a74fd869681a97881b3d05a003328d6c2ef33fec4801e5578d93d78d2cfe72c8f2f0b6175b73b9ae4f82233fa013c0e2ec24a0ee59f05b699d6d84b5e0f00b673737d8283e57cbaab53392f289e92362abf63cb9632d3fc27b9fe8e6ae45ed3704fd71e6bafb87134fbdfb5849ca7db60659aac14451d3a62072d13bc032bd4ab49beaf10d8896732463fd435c5b0fb3f3fc45a2842e0bd805a6e20f8f3d28aa76877347405dc27c941df994dc05747e7defa14812bce620007b4397099c4e5c45a489e4a075ae817980def12a48df1299f7515ecf9a44ecf42718760dd4a77a366af52d80606018b36609a3a7c126febb18df055d3dfc1190fc25d4767ac3481e78a07f23a3ab99d174e0294c8cb74eeb86ff23754f52b9434c576f5344cccd6c460d17438c519d2b55e22e58cea199b86f3100ac7db69835703f4b551ff4a53a7699d20faafc35fdd64ed4cef95560c20dc935c28e629fde3b99bf2449f0e56fb76cc30886c406d973d2acc29435fda177db4866a551b65ef89d232479e16b6eec8cc428d535ee719527de14ed3c7340e598e29557e55fbf4c907723dc3abf5e9f80075a3d365b300312221456390ba5793f661f350e99302e71f5a682c80e5bb5398a3b25f8abaad71409c34200eb228166c3ab5407cec38eb8cd9c96b81a0b45e96525089115ed0951a26032a322f87f584d828019f226ef282a0a9569587e70809fac531ba43febc5bf0d1a9f2aacf992335aea80279082fe99b3bd0ea2ae5be30bd3"}) [ 110.326166] audit: type=1400 audit(1749902552.673:7): avc: denied { execmem } for pid=284 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 12:02:32 executing program 3: r0 = io_uring_setup(0x27f6, &(0x7f0000000000)={0x0, 0x4836, 0x20, 0x2, 0xf2}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x110, r0, 0x0) ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000080)=""/194) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000180)=0x3) ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, &(0x7f00000001c0)=0x200) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x102, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000001, 0x1010, r2, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) sendmsg$IPVS_CMD_SET_DEST(r2, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x50, 0x0, 0x20, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffff7}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x67}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x1}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x8001}, 0x0) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0x6) r3 = syz_open_dev$evdev(&(0x7f0000000380), 0x1, 0x2001) ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f00000003c0)=""/232) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000004c0)) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000540), r2) sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000580)={0x134, r5, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x20, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@loopback}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}]}, @IPVS_CMD_ATTR_SERVICE={0x3c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x8, 0x11}}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xfffffff8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x200}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xc}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2a}, @IPVS_SVC_ATTR_SCHED_NAME={0xa, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x68, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipvlan0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x35}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x6}]}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xffffffff}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xe65}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xffffffff}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xffff7fff}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e23}]}]}, 0x134}, 0x1, 0x0, 0x0, 0x4000000}, 0x40080) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x12, r2, 0x10000000) r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000740), 0xa000, 0x0) ioctl$RTC_UIE_ON(r6, 0x7003) 12:02:32 executing program 4: openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) r0 = socket(0x2c, 0xa, 0x8) sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb0, 0x0, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syz_tun\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x80}}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffffa}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x3, 0x1}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}]}, 0xb0}, 0x1, 0x0, 0x0, 0x11}, 0x4c040) ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f00000001c0)=""/230) socketpair(0x26, 0x5, 0xe19a, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x6c, 0x0, 0x300, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x26}}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xfff}, @IPVS_SVC_ATTR_NETMASK={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) socket$inet6_udplite(0xa, 0x2, 0x88) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x20000, 0x0) sendmsg$SMC_PNETID_FLUSH(r3, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x2c, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008800}, 0x20008891) sendmsg$SMC_PNETID_ADD(r3, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x60, 0x0, 0x800, 0x70bd2b, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'nr0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x60}, 0x1, 0x0, 0x0, 0x4008010}, 0x24009000) sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x4c, 0x0, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x1b}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0xb000}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40004}, 0x800) bind$802154_raw(r2, &(0x7f0000000800)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0302}}}, 0x14) write$bt_hci(r0, &(0x7f0000000840)={0x1, @le_set_ext_scan_enable={{0x2042, 0x6}, {0x3, 0x9, 0x4, 0x7fff}}}, 0xa) sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f00000009c0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000980)={&(0x7f00000008c0)={0xa4, 0x0, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8000}, @IPVS_CMD_ATTR_DAEMON={0x44, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1_to_hsr\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @private=0xa010101}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @empty}}]}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0xa97}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x80}, 0x20000882) sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x44, 0x0, 0x324, 0x70bd2b, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xa5d1}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0xc}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@local}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40800}, 0x4004054) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000c80)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000b80)={0xb8, 0x0, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'rr\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x30, 0x8}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x21, 0x20}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x55ea9411}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@broadcast}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x20}}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1f}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}]}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x20000885) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000cc0)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_netprio_ifpriomap(r4, &(0x7f0000000d00), 0x2, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000d40)='./cgroup.net/syz1\x00', 0x200002, 0x0) openat$cgroup_pressure(r5, &(0x7f0000000d80)='memory.pressure\x00', 0x2, 0x0) 12:02:32 executing program 5: ioctl$TIOCGRS485(0xffffffffffffffff, 0x542e, &(0x7f0000000000)) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8400, 0x0) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x7) ioctl$PIO_UNIMAP(r1, 0x4b67, &(0x7f00000000c0)={0x4, &(0x7f0000000080)=[{0x6, 0xffff}, {0x2, 0x3f}, {0x8, 0x2}, {0x3, 0x2}]}) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000100)=0x3ff) r3 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x6) ioctl$TCFLSH(r3, 0x540b, 0x2) r4 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCCBRK(r4, 0x5428) ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000140)) ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f0000000180)=0x89) ioctl$INOTIFY_IOC_SETNEXTWD(0xffffffffffffffff, 0x40044900, 0x80000000) r5 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0) ioctl$RTC_AIE_ON(r5, 0x7001) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000200)={0x4, 0x2, 0xffff}) ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000000240)={0x3ff, 0x4, 0x5}) r6 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCFLSH(r6, 0x540b, 0x0) 12:02:32 executing program 6: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000000)) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) ioctl$CDROMREADTOCENTRY(r1, 0x5306, &(0x7f0000000080)={0x8c, 0xb, 0x4, 0x2, @lba=0x4}) r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0xffff) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$CDROMSEEK(r3, 0x5316, &(0x7f0000000100)={0x7, 0x1, 0xc1, 0x7, 0x5, 0x7}) socketpair(0x5, 0x6, 0x1, &(0x7f0000000180)={0xffffffffffffffff}) syz_genetlink_get_family_id$gtp(&(0x7f0000000140), r4) ioctl$KDSKBLED(r1, 0x4b65, 0x0) socketpair(0x22, 0x5, 0x10000, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r1) sendmsg$IPVS_CMD_SET_CONFIG(r5, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x5c, r6, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xfffffff8}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x68}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x20}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) ioctl$TIOCNOTTY(r2, 0x5422) ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000380)={0x3fe0, 0x1}) ioctl$TCGETS2(0xffffffffffffffff, 0x802c542a, &(0x7f00000003c0)) r7 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBLED(r7, 0x4b65, 0x2) sendmsg$SMC_PNETID_FLUSH(r3, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x78, 0x0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'ip6gre0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'team0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x1}, 0x20000004) mkdirat$cgroup(r1, &(0x7f0000000540)='syz1\x00', 0x1ff) 12:02:32 executing program 7: r0 = socket(0x8, 0x3, 0x8) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x20, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80000000}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000841}, 0x1) getresuid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x74, 0x0, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x50, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xd273}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x62}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x4}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7f}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6d79}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2c}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x3a}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffffff00}]}, 0x74}, 0x1, 0x0, 0x0, 0x91}, 0x8000) sendmsg$IPVS_CMD_FLUSH(r0, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x4c, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0xe}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x40}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1ff}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20004040}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x28, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4010) ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000540)) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0), r2) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x80, r3, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3ff}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e20}, @IPVS_DEST_ATTR_U_THRESH={0x8}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x38}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x3}]}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xffff}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_SCHED_NAME={0xa, 0x6, 'lblcr\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1ff}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e22}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x20008010}, 0x44) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000740), r2) sendmsg$IPVS_CMD_GET_SERVICE(r2, &(0x7f0000000880)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000840)={&(0x7f0000000780)={0xb4, r4, 0x8, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0x60, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x14}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@local}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_SCHED_NAME={0xa, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}]}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x4b}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x800}, 0x20000040) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000900), r2) sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000a40)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000a00)={&(0x7f0000000940)={0xb8, r5, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x64}, @IPVS_CMD_ATTR_DAEMON={0x44, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x5}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x44, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'ovf\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x8}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x32}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xb1}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x8094}, 0x8800) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_SET_DEST(r6, &(0x7f0000000b40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x24004208}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x1c, r5, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xb67}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20014044}, 0x20000814) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) socketpair(0xa, 0xc, 0x4, &(0x7f0000000b80)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$IPVS_CMD_DEL_SERVICE(r7, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, 0x0, 0x4, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4004001) [ 111.557003] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 111.560031] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 111.564780] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 111.571707] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 111.577469] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 111.679403] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 111.681841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 111.699773] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 111.706769] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 111.713743] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 111.750483] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 111.761823] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 111.773847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 111.785148] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 111.790445] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 111.811895] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 111.819386] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 111.821807] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 111.827042] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 111.830538] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 111.883050] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 111.885812] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 111.887984] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 111.892858] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 111.901877] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 111.908892] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 111.922563] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 111.935295] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 111.967758] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 111.985695] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 111.998217] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 112.008697] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 112.018101] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 112.028808] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 112.030642] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 112.049807] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 112.059135] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 112.099855] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 112.107397] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 112.108962] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 113.641711] Bluetooth: hci0: command tx timeout [ 113.771620] Bluetooth: hci1: command tx timeout [ 113.897516] Bluetooth: hci3: command tx timeout [ 113.961358] Bluetooth: hci2: command tx timeout [ 113.962404] Bluetooth: hci5: command tx timeout [ 114.153333] Bluetooth: hci4: command tx timeout [ 114.217690] Bluetooth: hci7: command tx timeout [ 114.282343] Bluetooth: hci6: command tx timeout [ 115.692407] Bluetooth: hci0: command tx timeout [ 115.818456] Bluetooth: hci1: command tx timeout [ 115.946457] Bluetooth: hci3: command tx timeout [ 116.010305] Bluetooth: hci5: command tx timeout [ 116.010734] Bluetooth: hci2: command tx timeout [ 116.201550] Bluetooth: hci4: command tx timeout [ 116.266744] Bluetooth: hci7: command tx timeout [ 116.329491] Bluetooth: hci6: command tx timeout [ 117.738336] Bluetooth: hci0: command tx timeout [ 117.865295] Bluetooth: hci1: command tx timeout [ 117.994299] Bluetooth: hci3: command tx timeout [ 118.058496] Bluetooth: hci2: command tx timeout [ 118.058931] Bluetooth: hci5: command tx timeout [ 118.250308] Bluetooth: hci4: command tx timeout [ 118.313575] Bluetooth: hci7: command tx timeout [ 118.378647] Bluetooth: hci6: command tx timeout [ 119.786596] Bluetooth: hci0: command tx timeout [ 119.914420] Bluetooth: hci1: command tx timeout [ 120.042302] Bluetooth: hci3: command tx timeout [ 120.106348] Bluetooth: hci5: command tx timeout [ 120.106801] Bluetooth: hci2: command tx timeout [ 120.300284] Bluetooth: hci4: command tx timeout [ 120.362545] Bluetooth: hci7: command tx timeout [ 120.426290] Bluetooth: hci6: command tx timeout [ 171.599774] syz-executor.0 (297) used greatest stack depth: 25024 bytes left [ 171.840452] syz-executor.5 (295) used greatest stack depth: 24976 bytes left [ 173.880984] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 173.883007] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 173.884788] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 173.891842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 173.894400] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 174.074697] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 174.080782] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 174.083623] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 174.094883] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 174.099051] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 174.112183] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 174.118705] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 174.127907] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 174.127976] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 174.133955] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 174.139835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 174.152714] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 174.163066] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 174.167532] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 174.169541] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 174.170983] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 174.180079] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 174.182091] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 174.182253] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 174.196107] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 174.198600] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 174.202327] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 174.204838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 174.207150] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 174.236414] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 174.294879] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 174.302757] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 174.315613] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 174.316859] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 174.331817] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 174.334045] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 174.347016] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 174.348728] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 174.353561] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 174.376409] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 175.978289] Bluetooth: hci0: command tx timeout [ 176.169786] Bluetooth: hci2: command tx timeout [ 176.233382] Bluetooth: hci3: command tx timeout [ 176.233415] Bluetooth: hci1: command tx timeout [ 176.297342] Bluetooth: hci4: command tx timeout [ 176.297370] Bluetooth: hci5: command tx timeout [ 176.361346] Bluetooth: hci6: command tx timeout [ 176.425463] Bluetooth: hci7: command tx timeout [ 178.026562] Bluetooth: hci0: command tx timeout [ 178.218340] Bluetooth: hci2: command tx timeout [ 178.282280] Bluetooth: hci3: command tx timeout [ 178.282404] Bluetooth: hci1: command tx timeout [ 178.347335] Bluetooth: hci4: command tx timeout [ 178.347369] Bluetooth: hci5: command tx timeout [ 178.409804] Bluetooth: hci6: command tx timeout [ 178.473344] Bluetooth: hci7: command tx timeout [ 180.073677] Bluetooth: hci0: command tx timeout [ 180.265645] Bluetooth: hci2: command tx timeout [ 180.329380] Bluetooth: hci1: command tx timeout [ 180.331296] Bluetooth: hci3: command tx timeout [ 180.393542] Bluetooth: hci5: command tx timeout [ 180.394018] Bluetooth: hci4: command tx timeout [ 180.457377] Bluetooth: hci6: command tx timeout [ 180.521317] Bluetooth: hci7: command tx timeout [ 182.121502] Bluetooth: hci0: command tx timeout [ 182.313557] Bluetooth: hci2: command tx timeout [ 182.378309] Bluetooth: hci3: command tx timeout [ 182.378452] Bluetooth: hci1: command tx timeout [ 182.441339] Bluetooth: hci4: command tx timeout [ 182.441810] Bluetooth: hci5: command tx timeout [ 182.505700] Bluetooth: hci6: command tx timeout [ 182.569476] Bluetooth: hci7: command tx timeout [ 234.817944] syz-executor.2 (2856) used greatest stack depth: 24912 bytes left [ 236.980648] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 236.988112] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 236.991144] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 237.002382] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 237.028403] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 237.118958] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 237.120894] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 237.122409] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 237.134365] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 237.139473] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 237.191807] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 237.193554] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 237.195127] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 237.218588] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 237.220767] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 237.249061] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 237.253095] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 237.272821] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 237.280333] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 237.285460] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 237.311566] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 237.319830] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 237.331644] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 237.366672] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 237.376837] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 237.496205] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 237.512749] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 237.556819] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 237.561780] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 237.564657] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 237.573985] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 237.579162] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 237.586764] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 237.603122] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 237.605556] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 237.609489] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 237.613609] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 237.618342] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 237.638082] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 237.665724] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 239.081880] Bluetooth: hci0: command tx timeout [ 239.210303] Bluetooth: hci1: command tx timeout [ 239.273330] Bluetooth: hci2: command tx timeout [ 239.338418] Bluetooth: hci3: command tx timeout [ 239.466300] Bluetooth: hci4: command tx timeout [ 239.657755] Bluetooth: hci6: command tx timeout [ 239.721408] Bluetooth: hci7: command tx timeout [ 239.722422] Bluetooth: hci5: command tx timeout [ 241.131344] Bluetooth: hci0: command tx timeout [ 241.257342] Bluetooth: hci1: command tx timeout [ 241.322445] Bluetooth: hci2: command tx timeout [ 241.387299] Bluetooth: hci3: command tx timeout [ 241.513361] Bluetooth: hci4: command tx timeout [ 241.705452] Bluetooth: hci6: command tx timeout [ 241.769892] Bluetooth: hci5: command tx timeout [ 241.769931] Bluetooth: hci7: command tx timeout [ 243.178601] Bluetooth: hci0: command tx timeout [ 243.305384] Bluetooth: hci1: command tx timeout [ 243.371254] Bluetooth: hci2: command tx timeout [ 243.434316] Bluetooth: hci3: command tx timeout [ 243.563280] Bluetooth: hci4: command tx timeout [ 243.753366] Bluetooth: hci6: command tx timeout [ 243.817301] Bluetooth: hci5: command tx timeout [ 243.817742] Bluetooth: hci7: command tx timeout [ 245.225355] Bluetooth: hci0: command tx timeout [ 245.353483] Bluetooth: hci1: command tx timeout [ 245.417528] Bluetooth: hci2: command tx timeout [ 245.482293] Bluetooth: hci3: command tx timeout [ 245.609798] Bluetooth: hci4: command tx timeout [ 245.803489] Bluetooth: hci6: command tx timeout [ 245.865338] Bluetooth: hci7: command tx timeout [ 245.865814] Bluetooth: hci5: command tx timeout [ 299.838674] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 299.841857] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 299.847786] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 299.863948] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 299.876060] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 300.044414] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 300.050180] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 300.059881] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 300.064969] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 300.077844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 300.080033] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 300.084019] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 300.094462] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 300.116774] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 300.126689] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 300.149007] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 300.156744] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 300.160518] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 300.169361] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 300.195527] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 300.198061] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 300.203056] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 300.221869] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 300.233507] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 300.233821] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 300.241751] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 300.249553] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 300.275871] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 300.335504] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 300.344691] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 300.354755] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 300.389167] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 300.395912] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 300.405529] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 300.437423] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 300.441989] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 300.445923] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 300.450947] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 300.478051] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 300.483168] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 301.929559] Bluetooth: hci0: command tx timeout [ 302.186550] Bluetooth: hci2: command tx timeout [ 302.187991] Bluetooth: hci1: command tx timeout [ 302.315289] Bluetooth: hci3: command tx timeout [ 302.315344] Bluetooth: hci4: command tx timeout [ 302.441347] Bluetooth: hci5: command tx timeout [ 302.569382] Bluetooth: hci7: command tx timeout [ 302.569420] Bluetooth: hci6: command tx timeout [ 303.977317] Bluetooth: hci0: command tx timeout [ 304.235375] Bluetooth: hci1: command tx timeout [ 304.235912] Bluetooth: hci2: command tx timeout [ 304.361570] Bluetooth: hci4: command tx timeout [ 304.361797] Bluetooth: hci3: command tx timeout [ 304.491026] Bluetooth: hci5: command tx timeout [ 304.617511] Bluetooth: hci6: command tx timeout [ 304.618561] Bluetooth: hci7: command tx timeout [ 306.025517] Bluetooth: hci0: command tx timeout [ 306.282344] Bluetooth: hci2: command tx timeout [ 306.282907] Bluetooth: hci1: command tx timeout [ 306.409398] Bluetooth: hci3: command tx timeout [ 306.411986] Bluetooth: hci4: command tx timeout [ 306.537501] Bluetooth: hci5: command tx timeout [ 306.665360] Bluetooth: hci7: command tx timeout [ 306.665837] Bluetooth: hci6: command tx timeout [ 308.073321] Bluetooth: hci0: command tx timeout [ 308.330280] Bluetooth: hci1: command tx timeout [ 308.330304] Bluetooth: hci2: command tx timeout [ 308.458491] Bluetooth: hci4: command tx timeout [ 308.459121] Bluetooth: hci3: command tx timeout [ 308.586500] Bluetooth: hci5: command tx timeout [ 308.713343] Bluetooth: hci6: command tx timeout [ 308.713415] Bluetooth: hci7: command tx timeout [ 362.234675] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 362.243989] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 362.249005] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 362.262812] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 362.276559] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 362.433341] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 362.435688] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 362.444452] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 362.455505] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 362.460757] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 362.649091] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 362.650438] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 362.654594] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 362.665895] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 362.669492] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 362.674708] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 362.687671] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 362.692975] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 362.711654] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 362.713048] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 362.801910] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 362.815378] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 362.834045] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 362.837705] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 362.843902] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 362.845837] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 362.849033] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 362.857651] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 362.868177] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 362.884776] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 362.886744] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 362.892133] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 362.899927] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 362.905618] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 362.906544] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 362.919073] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 362.946689] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 362.950457] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 362.951911] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 362.969452] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 364.329446] Bluetooth: hci0: command tx timeout [ 364.521966] Bluetooth: hci1: command tx timeout [ 364.777396] Bluetooth: hci3: command tx timeout [ 364.778638] Bluetooth: hci2: command tx timeout [ 365.036293] Bluetooth: hci6: command tx timeout [ 365.098337] Bluetooth: hci7: command tx timeout [ 365.099452] Bluetooth: hci4: command tx timeout [ 365.100310] Bluetooth: hci5: command tx timeout [ 366.378088] Bluetooth: hci0: command tx timeout [ 366.569544] Bluetooth: hci1: command tx timeout [ 366.825375] Bluetooth: hci3: command tx timeout [ 366.826166] Bluetooth: hci2: command tx timeout [ 367.081582] Bluetooth: hci6: command tx timeout [ 367.146033] Bluetooth: hci7: command tx timeout [ 367.146822] Bluetooth: hci5: command tx timeout [ 367.147445] Bluetooth: hci4: command tx timeout [ 368.426337] Bluetooth: hci0: command tx timeout [ 368.617344] Bluetooth: hci1: command tx timeout [ 368.873502] Bluetooth: hci2: command tx timeout [ 368.873988] Bluetooth: hci3: command tx timeout [ 369.130028] Bluetooth: hci6: command tx timeout [ 369.194568] Bluetooth: hci7: command tx timeout [ 369.194992] Bluetooth: hci4: command tx timeout [ 369.195496] Bluetooth: hci5: command tx timeout [ 370.475264] Bluetooth: hci0: command tx timeout [ 370.666367] Bluetooth: hci1: command tx timeout [ 370.923602] Bluetooth: hci2: command tx timeout [ 370.924123] Bluetooth: hci3: command tx timeout [ 371.177331] Bluetooth: hci6: command tx timeout [ 371.241321] Bluetooth: hci7: command tx timeout [ 371.241812] Bluetooth: hci5: command tx timeout [ 371.242334] Bluetooth: hci4: command tx timeout VM DIAGNOSIS: 12:07:35 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff819093cd RDX=ffff88801622d280 RSI=ffffffff819096d9 RDI=0000000000000001 RBP=ffffea00006139c0 RSP=ffff8880297afb70 R8 =0000000000000000 R9 =fffffbfff0c82b2a R10=0000000000000001 R11=0000000000000001 R12=0000000000000000 R13=ffff8880094b4040 R14=ffffea00006139c8 R15=0000000000000001 RIP=ffffffff81738d38 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e562f000 00000000 00000000 LDT=0000 fffffe1600000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffcca73ff70 CR3=000000003080c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=00362e6f732e6362696c2f756e672d78 XMM02=ffff0000000000ffffffffffffffffff XMM03=ffffffffffffffffffffffffffffffff XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffff888036118a80 RBX=ffff888034ec73c8 RCX=ffff888034ec6fbc RDX=0000000000000002 RSI=ffffffff85c1cc40 RDI=ffff888036118a80 RBP=ffffffff85c1cc40 RSP=ffff888034ec6fb0 R8 =ffffffff86869398 R9 =ffff888034ec70a8 R10=000000000003b4ed R11=00000000000249a5 R12=ffffffff81354012 R13=0000000000000202 R14=ffff888036118000 R15=0000000000000002 RIP=ffffffff8151ac6b RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e572f000 00000000 00000000 LDT=0000 fffffe2300000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f168c633368 CR3=0000000031997000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=322e6f732e6c6462696c2f756e672d78 XMM02=00322e6f732e6c6462696c2f756e672d XMM03=78756e696c2d34365f3638782f62696c XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000