Warning: Permanently added '[localhost]:21993' (ECDSA) to the list of known hosts.
2022/11/01 11:50:16 fuzzer started
2022/11/01 11:50:16 dialing manager at localhost:42881
syzkaller login: [   42.503524] cgroup: Unknown subsys name 'net'
[   42.616526] cgroup: Unknown subsys name 'rlimit'
2022/11/01 11:50:30 syscalls: 2217
2022/11/01 11:50:30 code coverage: enabled
2022/11/01 11:50:30 comparison tracing: enabled
2022/11/01 11:50:30 extra coverage: enabled
2022/11/01 11:50:30 setuid sandbox: enabled
2022/11/01 11:50:30 namespace sandbox: enabled
2022/11/01 11:50:30 Android sandbox: enabled
2022/11/01 11:50:30 fault injection: enabled
2022/11/01 11:50:30 leak checking: enabled
2022/11/01 11:50:30 net packet injection: enabled
2022/11/01 11:50:30 net device setup: enabled
2022/11/01 11:50:30 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/11/01 11:50:30 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/11/01 11:50:30 USB emulation: enabled
2022/11/01 11:50:30 hci packet injection: enabled
2022/11/01 11:50:30 wifi device emulation: enabled
2022/11/01 11:50:30 802.15.4 emulation: enabled
2022/11/01 11:50:30 fetching corpus: 0, signal 0/2000 (executing program)
2022/11/01 11:50:31 fetching corpus: 42, signal 26288/29923 (executing program)
2022/11/01 11:50:31 fetching corpus: 88, signal 39947/45060 (executing program)
2022/11/01 11:50:31 fetching corpus: 138, signal 47653/54245 (executing program)
2022/11/01 11:50:31 fetching corpus: 188, signal 60688/68383 (executing program)
2022/11/01 11:50:31 fetching corpus: 238, signal 64733/73809 (executing program)
2022/11/01 11:50:31 fetching corpus: 288, signal 69025/79349 (executing program)
2022/11/01 11:50:31 fetching corpus: 338, signal 73802/85290 (executing program)
2022/11/01 11:50:31 fetching corpus: 388, signal 77426/90121 (executing program)
2022/11/01 11:50:31 fetching corpus: 438, signal 81098/94892 (executing program)
2022/11/01 11:50:32 fetching corpus: 488, signal 84083/98984 (executing program)
2022/11/01 11:50:32 fetching corpus: 538, signal 87261/103208 (executing program)
2022/11/01 11:50:32 fetching corpus: 588, signal 90963/107873 (executing program)
2022/11/01 11:50:32 fetching corpus: 638, signal 95491/113226 (executing program)
2022/11/01 11:50:32 fetching corpus: 688, signal 98439/117134 (executing program)
2022/11/01 11:50:32 fetching corpus: 738, signal 102215/121697 (executing program)
2022/11/01 11:50:32 fetching corpus: 788, signal 104138/124585 (executing program)
2022/11/01 11:50:32 fetching corpus: 838, signal 107865/129064 (executing program)
2022/11/01 11:50:33 fetching corpus: 888, signal 111218/133092 (executing program)
2022/11/01 11:50:33 fetching corpus: 938, signal 113541/136215 (executing program)
2022/11/01 11:50:33 fetching corpus: 988, signal 118864/141813 (executing program)
2022/11/01 11:50:33 fetching corpus: 1038, signal 121168/144807 (executing program)
2022/11/01 11:50:33 fetching corpus: 1088, signal 123079/147456 (executing program)
2022/11/01 11:50:33 fetching corpus: 1138, signal 124932/150022 (executing program)
2022/11/01 11:50:33 fetching corpus: 1188, signal 127492/153185 (executing program)
2022/11/01 11:50:33 fetching corpus: 1238, signal 129219/155609 (executing program)
2022/11/01 11:50:33 fetching corpus: 1288, signal 130965/158045 (executing program)
2022/11/01 11:50:34 fetching corpus: 1338, signal 132472/160244 (executing program)
2022/11/01 11:50:34 fetching corpus: 1388, signal 134760/163078 (executing program)
2022/11/01 11:50:34 fetching corpus: 1438, signal 137825/166463 (executing program)
2022/11/01 11:50:34 fetching corpus: 1488, signal 140288/169313 (executing program)
2022/11/01 11:50:34 fetching corpus: 1538, signal 142565/171972 (executing program)
2022/11/01 11:50:34 fetching corpus: 1588, signal 144291/174209 (executing program)
2022/11/01 11:50:34 fetching corpus: 1638, signal 146234/176527 (executing program)
2022/11/01 11:50:35 fetching corpus: 1688, signal 148114/178790 (executing program)
2022/11/01 11:50:35 fetching corpus: 1738, signal 150443/181352 (executing program)
2022/11/01 11:50:35 fetching corpus: 1788, signal 152567/183698 (executing program)
2022/11/01 11:50:35 fetching corpus: 1838, signal 154082/185656 (executing program)
2022/11/01 11:50:35 fetching corpus: 1888, signal 155387/187423 (executing program)
2022/11/01 11:50:35 fetching corpus: 1938, signal 157920/189998 (executing program)
2022/11/01 11:50:35 fetching corpus: 1988, signal 158781/191419 (executing program)
2022/11/01 11:50:35 fetching corpus: 2038, signal 160629/193500 (executing program)
2022/11/01 11:50:36 fetching corpus: 2088, signal 161724/195053 (executing program)
2022/11/01 11:50:36 fetching corpus: 2138, signal 163095/196764 (executing program)
2022/11/01 11:50:36 fetching corpus: 2188, signal 164612/198512 (executing program)
2022/11/01 11:50:36 fetching corpus: 2238, signal 165651/199951 (executing program)
2022/11/01 11:50:36 fetching corpus: 2288, signal 166488/201228 (executing program)
2022/11/01 11:50:36 fetching corpus: 2338, signal 168449/203176 (executing program)
2022/11/01 11:50:36 fetching corpus: 2388, signal 169467/204506 (executing program)
2022/11/01 11:50:37 fetching corpus: 2438, signal 171014/206118 (executing program)
2022/11/01 11:50:37 fetching corpus: 2488, signal 172041/207420 (executing program)
2022/11/01 11:50:37 fetching corpus: 2538, signal 173087/208752 (executing program)
2022/11/01 11:50:37 fetching corpus: 2588, signal 175052/210596 (executing program)
2022/11/01 11:50:37 fetching corpus: 2638, signal 176214/211922 (executing program)
2022/11/01 11:50:37 fetching corpus: 2688, signal 177305/213224 (executing program)
2022/11/01 11:50:37 fetching corpus: 2738, signal 178387/214515 (executing program)
2022/11/01 11:50:37 fetching corpus: 2788, signal 179427/215715 (executing program)
2022/11/01 11:50:37 fetching corpus: 2838, signal 180532/216970 (executing program)
2022/11/01 11:50:38 fetching corpus: 2888, signal 181359/218064 (executing program)
2022/11/01 11:50:38 fetching corpus: 2938, signal 182153/219076 (executing program)
2022/11/01 11:50:38 fetching corpus: 2988, signal 182803/220080 (executing program)
2022/11/01 11:50:38 fetching corpus: 3038, signal 183740/221143 (executing program)
2022/11/01 11:50:38 fetching corpus: 3088, signal 185205/222470 (executing program)
2022/11/01 11:50:38 fetching corpus: 3138, signal 186179/223544 (executing program)
2022/11/01 11:50:38 fetching corpus: 3188, signal 187215/224635 (executing program)
2022/11/01 11:50:38 fetching corpus: 3238, signal 188015/225680 (executing program)
2022/11/01 11:50:39 fetching corpus: 3288, signal 188796/226592 (executing program)
2022/11/01 11:50:39 fetching corpus: 3338, signal 189711/227598 (executing program)
2022/11/01 11:50:39 fetching corpus: 3388, signal 190899/228742 (executing program)
2022/11/01 11:50:39 fetching corpus: 3438, signal 191844/229748 (executing program)
2022/11/01 11:50:39 fetching corpus: 3488, signal 192987/230828 (executing program)
2022/11/01 11:50:39 fetching corpus: 3538, signal 193985/231810 (executing program)
2022/11/01 11:50:39 fetching corpus: 3588, signal 194710/232663 (executing program)
2022/11/01 11:50:39 fetching corpus: 3638, signal 195370/233461 (executing program)
2022/11/01 11:50:39 fetching corpus: 3688, signal 196275/234409 (executing program)
2022/11/01 11:50:40 fetching corpus: 3738, signal 197546/235464 (executing program)
2022/11/01 11:50:40 fetching corpus: 3788, signal 198290/236286 (executing program)
2022/11/01 11:50:40 fetching corpus: 3838, signal 198958/237039 (executing program)
2022/11/01 11:50:40 fetching corpus: 3888, signal 199484/237721 (executing program)
2022/11/01 11:50:40 fetching corpus: 3938, signal 200808/238734 (executing program)
2022/11/01 11:50:40 fetching corpus: 3988, signal 201642/239539 (executing program)
2022/11/01 11:50:40 fetching corpus: 4038, signal 202604/240392 (executing program)
2022/11/01 11:50:40 fetching corpus: 4088, signal 203387/241156 (executing program)
2022/11/01 11:50:41 fetching corpus: 4138, signal 204126/241851 (executing program)
2022/11/01 11:50:41 fetching corpus: 4188, signal 204825/242551 (executing program)
2022/11/01 11:50:41 fetching corpus: 4238, signal 205495/243245 (executing program)
2022/11/01 11:50:41 fetching corpus: 4288, signal 206089/243913 (executing program)
2022/11/01 11:50:41 fetching corpus: 4338, signal 206907/244654 (executing program)
2022/11/01 11:50:41 fetching corpus: 4388, signal 207667/245340 (executing program)
2022/11/01 11:50:41 fetching corpus: 4438, signal 208622/246111 (executing program)
2022/11/01 11:50:41 fetching corpus: 4488, signal 209189/246702 (executing program)
2022/11/01 11:50:42 fetching corpus: 4538, signal 209932/247329 (executing program)
2022/11/01 11:50:42 fetching corpus: 4588, signal 210571/247908 (executing program)
2022/11/01 11:50:42 fetching corpus: 4638, signal 211061/248483 (executing program)
2022/11/01 11:50:42 fetching corpus: 4688, signal 211728/249114 (executing program)
2022/11/01 11:50:42 fetching corpus: 4738, signal 212162/249654 (executing program)
2022/11/01 11:50:42 fetching corpus: 4788, signal 212780/250217 (executing program)
2022/11/01 11:50:42 fetching corpus: 4838, signal 213383/250763 (executing program)
2022/11/01 11:50:42 fetching corpus: 4888, signal 214123/251347 (executing program)
2022/11/01 11:50:43 fetching corpus: 4938, signal 214698/251838 (executing program)
2022/11/01 11:50:43 fetching corpus: 4988, signal 215404/252351 (executing program)
2022/11/01 11:50:43 fetching corpus: 5038, signal 216015/252840 (executing program)
2022/11/01 11:50:43 fetching corpus: 5088, signal 216674/253348 (executing program)
2022/11/01 11:50:43 fetching corpus: 5138, signal 217310/253837 (executing program)
2022/11/01 11:50:43 fetching corpus: 5188, signal 217887/254311 (executing program)
2022/11/01 11:50:43 fetching corpus: 5238, signal 218469/254779 (executing program)
2022/11/01 11:50:43 fetching corpus: 5288, signal 219029/255224 (executing program)
2022/11/01 11:50:44 fetching corpus: 5338, signal 219740/255692 (executing program)
2022/11/01 11:50:44 fetching corpus: 5388, signal 220607/256180 (executing program)
2022/11/01 11:50:44 fetching corpus: 5438, signal 220954/256556 (executing program)
2022/11/01 11:50:44 fetching corpus: 5488, signal 221443/256960 (executing program)
2022/11/01 11:50:44 fetching corpus: 5538, signal 222424/257395 (executing program)
2022/11/01 11:50:44 fetching corpus: 5588, signal 223063/257785 (executing program)
2022/11/01 11:50:44 fetching corpus: 5638, signal 223955/258255 (executing program)
2022/11/01 11:50:44 fetching corpus: 5688, signal 224758/258642 (executing program)
2022/11/01 11:50:44 fetching corpus: 5738, signal 225151/258989 (executing program)
2022/11/01 11:50:45 fetching corpus: 5788, signal 226058/259379 (executing program)
2022/11/01 11:50:45 fetching corpus: 5838, signal 226522/259679 (executing program)
2022/11/01 11:50:45 fetching corpus: 5888, signal 226967/259979 (executing program)
2022/11/01 11:50:45 fetching corpus: 5938, signal 227726/260342 (executing program)
2022/11/01 11:50:45 fetching corpus: 5988, signal 228324/260659 (executing program)
2022/11/01 11:50:45 fetching corpus: 6038, signal 228872/260955 (executing program)
2022/11/01 11:50:45 fetching corpus: 6088, signal 229654/261266 (executing program)
2022/11/01 11:50:45 fetching corpus: 6138, signal 230308/261590 (executing program)
2022/11/01 11:50:45 fetching corpus: 6188, signal 230772/261864 (executing program)
2022/11/01 11:50:46 fetching corpus: 6238, signal 231355/262164 (executing program)
2022/11/01 11:50:46 fetching corpus: 6288, signal 232391/262455 (executing program)
2022/11/01 11:50:46 fetching corpus: 6338, signal 232792/262694 (executing program)
2022/11/01 11:50:46 fetching corpus: 6388, signal 233464/262931 (executing program)
2022/11/01 11:50:46 fetching corpus: 6438, signal 234021/263162 (executing program)
2022/11/01 11:50:46 fetching corpus: 6488, signal 234485/263405 (executing program)
2022/11/01 11:50:46 fetching corpus: 6538, signal 235204/263484 (executing program)
2022/11/01 11:50:46 fetching corpus: 6588, signal 235612/263484 (executing program)
2022/11/01 11:50:47 fetching corpus: 6638, signal 236323/263484 (executing program)
2022/11/01 11:50:47 fetching corpus: 6688, signal 236694/263484 (executing program)
2022/11/01 11:50:47 fetching corpus: 6738, signal 237191/263513 (executing program)
2022/11/01 11:50:47 fetching corpus: 6788, signal 237910/263513 (executing program)
2022/11/01 11:50:47 fetching corpus: 6838, signal 238315/263513 (executing program)
2022/11/01 11:50:47 fetching corpus: 6888, signal 238806/263513 (executing program)
2022/11/01 11:50:47 fetching corpus: 6938, signal 239445/263513 (executing program)
2022/11/01 11:50:47 fetching corpus: 6988, signal 240061/263513 (executing program)
2022/11/01 11:50:47 fetching corpus: 7038, signal 240760/263513 (executing program)
2022/11/01 11:50:48 fetching corpus: 7088, signal 241083/263513 (executing program)
2022/11/01 11:50:48 fetching corpus: 7138, signal 241738/263513 (executing program)
2022/11/01 11:50:48 fetching corpus: 7188, signal 242337/263515 (executing program)
2022/11/01 11:50:48 fetching corpus: 7238, signal 242771/263515 (executing program)
2022/11/01 11:50:48 fetching corpus: 7288, signal 243261/263522 (executing program)
2022/11/01 11:50:48 fetching corpus: 7338, signal 243675/263522 (executing program)
2022/11/01 11:50:48 fetching corpus: 7388, signal 244142/263523 (executing program)
2022/11/01 11:50:48 fetching corpus: 7438, signal 244483/263524 (executing program)
2022/11/01 11:50:49 fetching corpus: 7488, signal 244841/263526 (executing program)
2022/11/01 11:50:49 fetching corpus: 7538, signal 245359/263526 (executing program)
2022/11/01 11:50:49 fetching corpus: 7588, signal 245856/263526 (executing program)
2022/11/01 11:50:49 fetching corpus: 7638, signal 246277/263526 (executing program)
2022/11/01 11:50:49 fetching corpus: 7688, signal 246563/263526 (executing program)
2022/11/01 11:50:49 fetching corpus: 7738, signal 246986/263526 (executing program)
2022/11/01 11:50:49 fetching corpus: 7788, signal 247270/263526 (executing program)
2022/11/01 11:50:49 fetching corpus: 7838, signal 247707/263528 (executing program)
2022/11/01 11:50:50 fetching corpus: 7888, signal 248444/263528 (executing program)
2022/11/01 11:50:50 fetching corpus: 7938, signal 248788/263528 (executing program)
2022/11/01 11:50:50 fetching corpus: 7988, signal 249219/263528 (executing program)
2022/11/01 11:50:50 fetching corpus: 8038, signal 249610/263528 (executing program)
2022/11/01 11:50:50 fetching corpus: 8088, signal 250193/263528 (executing program)
2022/11/01 11:50:50 fetching corpus: 8138, signal 250624/263528 (executing program)
2022/11/01 11:50:50 fetching corpus: 8188, signal 250991/263528 (executing program)
2022/11/01 11:50:50 fetching corpus: 8238, signal 251528/263528 (executing program)
2022/11/01 11:50:51 fetching corpus: 8288, signal 251872/263529 (executing program)
2022/11/01 11:50:51 fetching corpus: 8338, signal 252380/263529 (executing program)
2022/11/01 11:50:51 fetching corpus: 8388, signal 252778/263529 (executing program)
2022/11/01 11:50:51 fetching corpus: 8438, signal 253299/263530 (executing program)
2022/11/01 11:50:51 fetching corpus: 8488, signal 253698/263530 (executing program)
2022/11/01 11:50:51 fetching corpus: 8538, signal 253955/263530 (executing program)
2022/11/01 11:50:51 fetching corpus: 8588, signal 254256/263530 (executing program)
2022/11/01 11:50:51 fetching corpus: 8638, signal 254615/263530 (executing program)
2022/11/01 11:50:51 fetching corpus: 8688, signal 254917/263530 (executing program)
2022/11/01 11:50:52 fetching corpus: 8738, signal 255240/263532 (executing program)
2022/11/01 11:50:52 fetching corpus: 8788, signal 255670/263532 (executing program)
2022/11/01 11:50:52 fetching corpus: 8838, signal 255985/263532 (executing program)
2022/11/01 11:50:52 fetching corpus: 8888, signal 256405/263563 (executing program)
2022/11/01 11:50:52 fetching corpus: 8938, signal 257544/263563 (executing program)
2022/11/01 11:50:52 fetching corpus: 8988, signal 257835/263563 (executing program)
2022/11/01 11:50:52 fetching corpus: 9037, signal 258588/263563 (executing program)
2022/11/01 11:50:52 fetching corpus: 9037, signal 258588/263563 (executing program)
2022/11/01 11:50:54 starting 8 fuzzer processes
11:50:54 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$FICLONE(r0, 0x40049409, r0)

11:50:54 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f00000000c0))

11:50:54 executing program 1:
syz_io_uring_setup(0x4be0, 0x0, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000000580), 0x0)

11:50:54 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0)
pwrite64(r0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)

[   80.286868] audit: type=1400 audit(1667303454.791:6): avc:  denied  { execmem } for  pid=282 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:50:54 executing program 5:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x47, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x3, 0xffffffffffffffff, 0xa)
mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0x1000000004)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00')
pread64(r1, &(0x7f0000000080)=""/39, 0x27, 0x610)
ioctl$EXT4_IOC_MIGRATE(r1, 0x6609)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4)

11:50:54 executing program 4:
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x0)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000))

11:50:54 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000001b80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0}}], 0x2, 0x0)

11:50:54 executing program 6:
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc3}, &(0x7f0000000080)={0x0, "be52c58e23fffc8e3137f5652f08ad0fbc860ffdef5764ecc2babdf4532bd3481826cf6eef3eda8fb88f66cf58d882bd67f6b5830b6a36cb74fe0fd62f8aea60"}, 0x48, 0xfffffffffffffffd)
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r1, r0, r2, 0x0)
keyctl$chown(0x4, r0, 0xee00, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000c40)=ANY=[], 0x820)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
ioctl$BTRFS_IOC_QUOTA_RESCAN(r5, 0x4040942c, &(0x7f0000000040)={0x0, 0xf, [0x2, 0x156280000000000, 0x8001, 0x1, 0x7a]})
ioctl$EXT4_IOC_CHECKPOINT(r3, 0x4004662b, &(0x7f0000000380)=0x1)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000140)={0x2b, 0x6, 0x1, 0x0, 0x0, [@local, @local, @private1]}, 0x38)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r6, 0x4004662b, &(0x7f0000000340))

[   81.622738] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   81.625129] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   81.626008] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   81.629122] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   81.630285] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   81.631948] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   81.637438] Bluetooth: hci0: HCI_REQ-0x0c1a
[   81.684665] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   81.685686] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   81.686513] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   81.687320] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   81.688512] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   81.689215] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   81.689800] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   81.690382] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   81.691155] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   81.691657] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   81.692207] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   81.692838] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   81.693397] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   81.697265] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   81.698331] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   81.698454] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   81.700101] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   81.700528] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   81.700739] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   81.702443] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   81.703043] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   81.704667] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   81.705169] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   81.706090] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   81.706662] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   81.707172] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   81.707763] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   81.708916] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   81.712427] Bluetooth: hci6: HCI_REQ-0x0c1a
[   81.716422] Bluetooth: hci3: HCI_REQ-0x0c1a
[   81.721012] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   81.721686] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   81.723464] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   81.724355] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   81.726280] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   81.726301] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   81.727962] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   81.728449] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   81.729294] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   81.736956] Bluetooth: hci2: HCI_REQ-0x0c1a
[   81.738200] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   81.745649] Bluetooth: hci4: HCI_REQ-0x0c1a
[   81.746194] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   81.747911] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   81.754675] Bluetooth: hci7: HCI_REQ-0x0c1a
[   81.773208] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   81.780067] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   81.782964] Bluetooth: hci1: HCI_REQ-0x0c1a
[   81.786249] Bluetooth: hci5: HCI_REQ-0x0c1a
[   83.701957] Bluetooth: hci0: command 0x0409 tx timeout
[   83.766629] Bluetooth: hci7: command 0x0409 tx timeout
[   83.767169] Bluetooth: hci6: command 0x0409 tx timeout
[   83.829680] Bluetooth: hci3: command 0x0409 tx timeout
[   83.830177] Bluetooth: hci5: command 0x0409 tx timeout
[   83.830630] Bluetooth: hci2: command 0x0409 tx timeout
[   83.831152] Bluetooth: hci1: command 0x0409 tx timeout
[   83.831641] Bluetooth: hci4: command 0x0409 tx timeout
[   85.750081] Bluetooth: hci0: command 0x041b tx timeout
[   85.813843] Bluetooth: hci6: command 0x041b tx timeout
[   85.814609] Bluetooth: hci7: command 0x041b tx timeout
[   85.877753] Bluetooth: hci4: command 0x041b tx timeout
[   85.878473] Bluetooth: hci1: command 0x041b tx timeout
[   85.879231] Bluetooth: hci2: command 0x041b tx timeout
[   85.879934] Bluetooth: hci5: command 0x041b tx timeout
[   85.880630] Bluetooth: hci3: command 0x041b tx timeout
[   87.797597] Bluetooth: hci0: command 0x040f tx timeout
[   87.861680] Bluetooth: hci7: command 0x040f tx timeout
[   87.862133] Bluetooth: hci6: command 0x040f tx timeout
[   87.925640] Bluetooth: hci3: command 0x040f tx timeout
[   87.926080] Bluetooth: hci5: command 0x040f tx timeout
[   87.926445] Bluetooth: hci2: command 0x040f tx timeout
[   87.926866] Bluetooth: hci1: command 0x040f tx timeout
[   87.927229] Bluetooth: hci4: command 0x040f tx timeout
[   89.845623] Bluetooth: hci0: command 0x0419 tx timeout
[   89.909622] Bluetooth: hci6: command 0x0419 tx timeout
[   89.910051] Bluetooth: hci7: command 0x0419 tx timeout
[   89.973641] Bluetooth: hci4: command 0x0419 tx timeout
[   89.974088] Bluetooth: hci1: command 0x0419 tx timeout
[   89.974524] Bluetooth: hci2: command 0x0419 tx timeout
[   89.975400] Bluetooth: hci5: command 0x0419 tx timeout
[   89.975829] Bluetooth: hci3: command 0x0419 tx timeout
[  137.222737] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.223894] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.226731] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  137.375824] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.377083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.378988] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  137.733796] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.734857] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.737074] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  138.084451] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.085418] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.087948] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  138.650441] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.651374] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.653132] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  138.900104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.901422] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.903833] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
11:51:53 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000001b80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0}}], 0x2, 0x0)

[  139.366278] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.367046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.368955] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
11:51:53 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000001b80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0}}], 0x2, 0x0)

11:51:54 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000001b80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0}}], 0x2, 0x0)

[  139.575492] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.576099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.578010] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  139.691108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.692230] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.694597] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  139.710627] audit: type=1400 audit(1667303514.218:7): avc:  denied  { open } for  pid=3872 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  139.713145] audit: type=1400 audit(1667303514.219:8): avc:  denied  { kernel } for  pid=3872 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  139.734012] audit: type=1400 audit(1667303514.242:9): avc:  denied  { write } for  pid=3872 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  139.776782] BUG: unable to handle page fault for address: ffffed100fffc000
[  139.777263] #PF: supervisor write access in kernel mode
[  139.777606] #PF: error_code(0x0002) - not-present page
[  139.777937] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  139.778361] Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI
[  139.778676] CPU: 0 PID: 3874 Comm: syz-executor.5 Not tainted 6.1.0-rc3-next-20221101 #1
[  139.779540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  139.780852] RIP: 0010:__memset+0x24/0x50
[  139.782107] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  139.785916] RSP: 0018:ffff888040dd7cc0 EFLAGS: 00010216
[  139.786695] RAX: 0000000000000000 RBX: ffff88800bf4f0c0 RCX: 1ffffe21fe5fb697
[  139.787719] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  139.788743] RBP: ffff88800bf6b500 R08: 0000000000000005 R09: ffffed10017e9e18
[  139.789808] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bf6b500
[  139.790833] R13: ffff88800bf4f0c0 R14: ffffffff815f2620 R15: 1ffff11001126e1f
[  139.791861] FS:  00007fe55a98f700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000
[  139.793015] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  139.793895] CR2: ffffed100fffc000 CR3: 0000000013eea000 CR4: 0000000000350ef0
[  139.794814] Call Trace:
[  139.795155]  <TASK>
[  139.795454]  kasan_unpoison+0x23/0x60
[  139.795962]  mempool_exit+0x1c2/0x330
[  139.796473]  bioset_exit+0x2c9/0x630
[  139.796973]  ? _raw_spin_unlock_irq+0x1f/0x60
[  139.797591]  disk_release+0x143/0x490
[  139.798124]  ? disk_release+0x0/0x490
[  139.798638]  ? device_release+0x0/0x250
[  139.799165]  device_release+0xa2/0x250
[  139.799680]  ? device_release+0x0/0x250
[  139.800204]  kobject_put+0x173/0x280
[  139.800704]  put_device+0x1b/0x40
[  139.801169]  put_disk+0x41/0x60
[  139.801639]  loop_control_ioctl+0x4d1/0x630
[  139.802216]  ? loop_control_ioctl+0x0/0x630
[  139.802782]  ? selinux_file_ioctl+0xb1/0x270
[  139.803377]  ? loop_control_ioctl+0x0/0x630
[  139.803944]  __x64_sys_ioctl+0x19a/0x220
[  139.804490]  do_syscall_64+0x3b/0xa0
[  139.804989]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  139.805300] ieee80211 phy12: Selected rate control algorithm 'minstrel_ht'
[  139.805683] RIP: 0033:0x7fe55d419b19
[  139.805705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  139.809203] RSP: 002b:00007fe55a98f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  139.810188] RAX: ffffffffffffffda RBX: 00007fe55d52cf60 RCX: 00007fe55d419b19
[  139.811091] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000005
[  139.811987] RBP: 00007fe55d473f6d R08: 0000000000000000 R09: 0000000000000000
[  139.812888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  139.813824] R13: 00007ffcf4d6ffff R14: 00007fe55a98f300 R15: 0000000000022000
[  139.814739]  </TASK>
[  139.815045] Modules linked in:
[  139.815468] CR2: ffffed100fffc000
[  139.815915] ---[ end trace 0000000000000000 ]---
[  139.816512] RIP: 0010:__memset+0x24/0x50
[  139.817064] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  139.819354] RSP: 0018:ffff888040dd7cc0 EFLAGS: 00010216
[  139.820038] RAX: 0000000000000000 RBX: ffff88800bf4f0c0 RCX: 1ffffe21fe5fb697
[  139.820938] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  139.821875] RBP: ffff88800bf6b500 R08: 0000000000000005 R09: ffffed10017e9e18
[  139.822780] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bf6b500
[  139.823683] R13: ffff88800bf4f0c0 R14: ffffffff815f2620 R15: 1ffff11001126e1f
[  139.824587] FS:  00007fe55a98f700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000
[  139.825616] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  139.826361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.826371] CR2: ffffed100fffc000 CR3: 0000000013eea000 CR4: 0000000000350ef0
[  139.827189] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.829212] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
11:51:54 executing program 7:
ptrace(0x10, 0x1)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0)

[  139.908477] ieee80211 phy13: Selected rate control algorithm 'minstrel_ht'
[  139.949716] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.950661] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.951978] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  140.045027] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  140.045941] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  140.046927] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  140.061601] hrtimer: interrupt took 25358 ns
11:51:54 executing program 6:
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc3}, &(0x7f0000000080)={0x0, "be52c58e23fffc8e3137f5652f08ad0fbc860ffdef5764ecc2babdf4532bd3481826cf6eef3eda8fb88f66cf58d882bd67f6b5830b6a36cb74fe0fd62f8aea60"}, 0x48, 0xfffffffffffffffd)
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r1, r0, r2, 0x0)
keyctl$chown(0x4, r0, 0xee00, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000c40)=ANY=[], 0x820)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
ioctl$BTRFS_IOC_QUOTA_RESCAN(r5, 0x4040942c, &(0x7f0000000040)={0x0, 0xf, [0x2, 0x156280000000000, 0x8001, 0x1, 0x7a]})
ioctl$EXT4_IOC_CHECKPOINT(r3, 0x4004662b, &(0x7f0000000380)=0x1)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000140)={0x2b, 0x6, 0x1, 0x0, 0x0, [@local, @local, @private1]}, 0x38)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r6, 0x4004662b, &(0x7f0000000340))

[  140.580962] BUG: unable to handle page fault for address: ffffed100fffc000
[  140.581517] #PF: supervisor write access in kernel mode
[  140.581910] #PF: error_code(0x0002) - not-present page
[  140.582294] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  140.582790] Oops: 0002 [#2] PREEMPT SMP KASAN NOPTI
[  140.583157] CPU: 1 PID: 3915 Comm: syz-executor.5 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  140.583849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  140.584452] RIP: 0010:__memset+0x24/0x50
[  140.584774] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  140.586111] RSP: 0018:ffff8880412c7cc0 EFLAGS: 00010216
[  140.586509] RAX: 0000000000000000 RBX: ffff88800bf4f240 RCX: 1ffffe21fe5fb69d
[  140.587040] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  140.587577] RBP: ffff88800bf6b500 R08: 0000000000000005 R09: ffffed10017e9e48
[  140.588109] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bf6b500
[  140.588630] R13: ffff88800bf4f240 R14: ffffffff815f2620 R15: 1ffff11001126a1f
[  140.589147] FS:  00007fe55a96e700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  140.589751] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  140.590183] CR2: ffffed100fffc000 CR3: 0000000013eea000 CR4: 0000000000350ee0
[  140.590701] Call Trace:
[  140.590894]  <TASK>
[  140.591062]  kasan_unpoison+0x23/0x60
[  140.591345]  mempool_exit+0x1c2/0x330
[  140.591636]  bioset_exit+0x2c9/0x630
[  140.591919]  ? _raw_spin_unlock+0x24/0x50
[  140.592231]  ? blkg_destroy_all.isra.0+0x157/0x230
[  140.592603]  disk_release+0x143/0x490
[  140.592884]  ? disk_release+0x0/0x490
[  140.593168]  ? device_release+0x0/0x250
[  140.593460]  device_release+0xa2/0x250
[  140.593759]  ? device_release+0x0/0x250
[  140.594051]  kobject_put+0x173/0x280
[  140.594326]  put_device+0x1b/0x40
[  140.594582]  put_disk+0x41/0x60
[  140.594830]  loop_control_ioctl+0x4d1/0x630
[  140.595148]  ? loop_control_ioctl+0x0/0x630
[  140.595466]  ? selinux_file_ioctl+0xb1/0x270
[  140.595798]  ? loop_control_ioctl+0x0/0x630
[  140.596114]  __x64_sys_ioctl+0x19a/0x220
[  140.596419]  do_syscall_64+0x3b/0xa0
[  140.596698]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  140.597072] RIP: 0033:0x7fe55d419b19
[  140.597344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  140.598612] RSP: 002b:00007fe55a96e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  140.599145] RAX: ffffffffffffffda RBX: 00007fe55d52d020 RCX: 00007fe55d419b19
[  140.599641] RDX: 0000000000000001 RSI: 0000000000004c81 RDI: 0000000000000005
[  140.600141] RBP: 00007fe55d473f6d R08: 0000000000000000 R09: 0000000000000000
[  140.600645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  140.601148] R13: 00007ffcf4d6ffff R14: 00007fe55a96e300 R15: 0000000000022000
[  140.601662]  </TASK>
[  140.601834] Modules linked in:
[  140.602067] CR2: ffffed100fffc000
[  140.602317] ---[ end trace 0000000000000000 ]---
[  140.602651] RIP: 0010:__memset+0x24/0x50
[  140.602953] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  140.604210] RSP: 0018:ffff888040dd7cc0 EFLAGS: 00010216
[  140.604591] RAX: 0000000000000000 RBX: ffff88800bf4f0c0 RCX: 1ffffe21fe5fb697
[  140.605088] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  140.605614] RBP: ffff88800bf6b500 R08: 0000000000000005 R09: ffffed10017e9e18
[  140.606113] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bf6b500
[  140.606604] R13: ffff88800bf4f0c0 R14: ffffffff815f2620 R15: 1ffff11001126e1f
[  140.607100] FS:  00007fe55a96e700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000
[  140.607664] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  140.608071] CR2: ffffed100fffc000 CR3: 0000000013eea000 CR4: 0000000000350ee0
[  140.620311] ieee80211 phy14: Selected rate control algorithm 'minstrel_ht'
11:51:55 executing program 6:
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc3}, &(0x7f0000000080)={0x0, "be52c58e23fffc8e3137f5652f08ad0fbc860ffdef5764ecc2babdf4532bd3481826cf6eef3eda8fb88f66cf58d882bd67f6b5830b6a36cb74fe0fd62f8aea60"}, 0x48, 0xfffffffffffffffd)
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r1, r0, r2, 0x0)
keyctl$chown(0x4, r0, 0xee00, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000c40)=ANY=[], 0x820)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
ioctl$BTRFS_IOC_QUOTA_RESCAN(r5, 0x4040942c, &(0x7f0000000040)={0x0, 0xf, [0x2, 0x156280000000000, 0x8001, 0x1, 0x7a]})
ioctl$EXT4_IOC_CHECKPOINT(r3, 0x4004662b, &(0x7f0000000380)=0x1)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000140)={0x2b, 0x6, 0x1, 0x0, 0x0, [@local, @local, @private1]}, 0x38)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r6, 0x4004662b, &(0x7f0000000340))

11:51:55 executing program 6:
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc3}, &(0x7f0000000080)={0x0, "be52c58e23fffc8e3137f5652f08ad0fbc860ffdef5764ecc2babdf4532bd3481826cf6eef3eda8fb88f66cf58d882bd67f6b5830b6a36cb74fe0fd62f8aea60"}, 0x48, 0xfffffffffffffffd)
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r1, r0, r2, 0x0)
keyctl$chown(0x4, r0, 0xee00, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000c40)=ANY=[], 0x820)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000000))
ioctl$BTRFS_IOC_QUOTA_RESCAN(r5, 0x4040942c, &(0x7f0000000040)={0x0, 0xf, [0x2, 0x156280000000000, 0x8001, 0x1, 0x7a]})
ioctl$EXT4_IOC_CHECKPOINT(r3, 0x4004662b, &(0x7f0000000380)=0x1)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000140)={0x2b, 0x6, 0x1, 0x0, 0x0, [@local, @local, @private1]}, 0x38)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r6, 0x4004662b, &(0x7f0000000340))

11:51:55 executing program 5:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x47, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x3, 0xffffffffffffffff, 0xa)
mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0x1000000004)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00')
pread64(r1, &(0x7f0000000080)=""/39, 0x27, 0x610)
ioctl$EXT4_IOC_MIGRATE(r1, 0x6609)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4)

[  140.892321] BUG: unable to handle page fault for address: ffffed100fffc000
[  140.893219] #PF: supervisor write access in kernel mode
[  140.893893] #PF: error_code(0x0002) - not-present page
[  140.894540] PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0
[  140.895377] Oops: 0002 [#3] PREEMPT SMP KASAN NOPTI
[  140.896019] CPU: 0 PID: 3929 Comm: syz-executor.5 Tainted: G      D            6.1.0-rc3-next-20221101 #1
[  140.897295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  140.898425] RIP: 0010:__memset+0x24/0x50
[  140.899022] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  140.901484] RSP: 0018:ffff8880367b7cc0 EFLAGS: 00010216
[  140.902224] RAX: 0000000000000000 RBX: ffff88800bf4f3c0 RCX: 1ffffe21fe5fb6a3
[  140.903192] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  140.904161] RBP: ffff88800bf6b500 R08: 0000000000000005 R09: ffffed10017e9e78
[  140.905138] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bf6b500
[  140.906106] R13: ffff88800bf4f3c0 R14: ffffffff815f2620 R15: 1ffff1100112661f
[  140.907083] FS:  00007fe55a98f700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000
[  140.908181] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  140.908977] CR2: ffffed100fffc000 CR3: 0000000034d80000 CR4: 0000000000350ef0
[  140.909991] Call Trace:
[  140.910363]  <TASK>
[  140.910683]  kasan_unpoison+0x23/0x60
[  140.911232]  mempool_exit+0x1c2/0x330
[  140.911778]  bioset_exit+0x2c9/0x630
[  140.912315]  ? _raw_spin_unlock+0x24/0x50
[  140.912912]  ? blkg_destroy_all.isra.0+0x157/0x230
[  140.913632]  disk_release+0x143/0x490
[  140.914168]  ? disk_release+0x0/0x490
[  140.914717]  ? device_release+0x0/0x250
[  140.915277]  device_release+0xa2/0x250
[  140.915829]  ? device_release+0x0/0x250
[  140.916392]  kobject_put+0x173/0x280
[  140.916921]  put_device+0x1b/0x40
[  140.917417]  put_disk+0x41/0x60
[  140.917893]  loop_control_ioctl+0x4d1/0x630
[  140.918509]  ? loop_control_ioctl+0x0/0x630
[  140.919122]  ? selinux_file_ioctl+0xb1/0x270
[  140.919762]  ? loop_control_ioctl+0x0/0x630
[  140.920366]  __x64_sys_ioctl+0x19a/0x220
[  140.920950]  do_syscall_64+0x3b/0xa0
[  140.921500]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[  140.922227] RIP: 0033:0x7fe55d419b19
[  140.922745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  140.925190] RSP: 002b:00007fe55a98f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  140.926233] RAX: ffffffffffffffda RBX: 00007fe55d52cf60 RCX: 00007fe55d419b19
[  140.927196] RDX: 0000000000000002 RSI: 0000000000004c81 RDI: 0000000000000005
[  140.928162] RBP: 00007fe55d473f6d R08: 0000000000000000 R09: 0000000000000000
[  140.929124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  140.930096] R13: 00007ffcf4d6ffff R14: 00007fe55a98f300 R15: 0000000000022000
[  140.931070]  </TASK>
[  140.931402] Modules linked in:
[  140.931852] CR2: ffffed100fffc000
[  140.932334] ---[ end trace 0000000000000000 ]---
[  140.932977] RIP: 0010:__memset+0x24/0x50
[  140.933565] Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00
[  140.936033] RSP: 0018:ffff888040dd7cc0 EFLAGS: 00010216
[  140.936756] RAX: 0000000000000000 RBX: ffff88800bf4f0c0 RCX: 1ffffe21fe5fb697
[  140.937732] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000
[  140.938698] RBP: ffff88800bf6b500 R08: 0000000000000005 R09: ffffed10017e9e18
[  140.939659] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800bf6b500
[  140.940620] R13: ffff88800bf4f0c0 R14: ffffffff815f2620 R15: 1ffff11001126e1f
[  140.941575] FS:  00007fe55a98f700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000
[  140.942691] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  140.943487] CR2: ffffed100fffc000 CR3: 0000000034d80000 CR4: 0000000000350ef0
[  143.360273] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  143.362049] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  143.363016] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  143.364984] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  143.366458] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  143.367462] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  143.371143] Bluetooth: hci2: HCI_REQ-0x0c1a
[  145.333663] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  145.397569] Bluetooth: hci3: Opcode 0x c03 failed: -110
[  145.397600] Bluetooth: hci2: command 0x0409 tx timeout
[  145.461583] Bluetooth: hci4: Opcode 0x c03 failed: -110
[  145.461586] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  147.445605] Bluetooth: hci2: command 0x041b tx timeout
[  149.493619] Bluetooth: hci2: command 0x040f tx timeout
[  149.685631] Bluetooth: hci0: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
11:51:54  Registers:
info registers vcpu 0
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff82451491 RDI=ffffffff879a19e0 RBP=ffffffff879a19a0 RSP=ffff888040dd74d8
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000034 R11=0000000000000001
R12=0000000000000034 R13=ffffffff879a19a0 R14=0000000000000010 R15=ffffffff82451480
RIP=ffffffff824514e9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fe55a98f700 00000000 00000000
GS =0000 ffff88806d000000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe6e64bd5000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe6e64bd3000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=ffffed100fffc000 CR3=0000000013eea000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff
XMM02=00524f52524500400000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff888040d8fc60 RCX=ffffffff815df21f RDX=ffff88800f669ac0
RSI=0000000000000008 RDI=ffffea0001b11a40 RBP=ffffea0001b11a40 RSP=ffff888040d8fb40
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=dffffc0000000000 R14=ffffea0001b11a74 R15=0000000000000103
RIP=ffffffff817bbc54 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 00000000 00000000
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fa9c4dae540 00000000 00000000
GS =0000 ffff88806d100000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe044ec11000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe044ec0f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fa9c5093f00 CR3=000000003fdee000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=2d0065626f7270646f6d2f6e6962732f
XMM02=00ff0000000000000000000000000000 XMM03=00000000000000000000ff00000000ff
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000