Warning: Permanently added '[localhost]:7308' (ECDSA) to the list of known hosts.
2025/08/29 09:23:35 fuzzer started
2025/08/29 09:23:35 dialing manager at localhost:43077
syzkaller login: [ 50.764384] cgroup: Unknown subsys name 'net'
[ 50.843901] cgroup: Unknown subsys name 'cpuset'
[ 50.862272] cgroup: Unknown subsys name 'rlimit'
2025/08/29 09:23:45 syscalls: 2214
2025/08/29 09:23:45 code coverage: enabled
2025/08/29 09:23:45 comparison tracing: enabled
2025/08/29 09:23:45 extra coverage: enabled
2025/08/29 09:23:45 setuid sandbox: enabled
2025/08/29 09:23:45 namespace sandbox: enabled
2025/08/29 09:23:45 Android sandbox: enabled
2025/08/29 09:23:45 fault injection: enabled
2025/08/29 09:23:45 leak checking: enabled
2025/08/29 09:23:45 net packet injection: enabled
2025/08/29 09:23:45 net device setup: enabled
2025/08/29 09:23:45 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 09:23:45 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 09:23:45 USB emulation: enabled
2025/08/29 09:23:45 hci packet injection: enabled
2025/08/29 09:23:45 wifi device emulation: enabled
2025/08/29 09:23:45 802.15.4 emulation: enabled
2025/08/29 09:23:45 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 09:23:45 fetching corpus: 50, signal 28924/32145 (executing program)
2025/08/29 09:23:45 fetching corpus: 100, signal 38483/42894 (executing program)
2025/08/29 09:23:45 fetching corpus: 150, signal 47243/52648 (executing program)
2025/08/29 09:23:46 fetching corpus: 200, signal 53398/59761 (executing program)
2025/08/29 09:23:46 fetching corpus: 250, signal 59409/66567 (executing program)
2025/08/29 09:23:46 fetching corpus: 300, signal 63701/71716 (executing program)
2025/08/29 09:23:46 fetching corpus: 350, signal 67231/76051 (executing program)
2025/08/29 09:23:46 fetching corpus: 400, signal 69633/79304 (executing program)
2025/08/29 09:23:46 fetching corpus: 449, signal 72548/82863 (executing program)
2025/08/29 09:23:46 fetching corpus: 499, signal 75383/86262 (executing program)
2025/08/29 09:23:46 fetching corpus: 549, signal 79223/90486 (executing program)
2025/08/29 09:23:47 fetching corpus: 599, signal 82342/94015 (executing program)
2025/08/29 09:23:47 fetching corpus: 649, signal 85314/97383 (executing program)
2025/08/29 09:23:47 fetching corpus: 699, signal 87463/99866 (executing program)
2025/08/29 09:23:47 fetching corpus: 749, signal 89039/101892 (executing program)
2025/08/29 09:23:47 fetching corpus: 799, signal 90913/104132 (executing program)
2025/08/29 09:23:47 fetching corpus: 849, signal 92973/106552 (executing program)
2025/08/29 09:23:47 fetching corpus: 899, signal 94752/108612 (executing program)
2025/08/29 09:23:47 fetching corpus: 949, signal 95991/110259 (executing program)
2025/08/29 09:23:48 fetching corpus: 999, signal 97820/112354 (executing program)
2025/08/29 09:23:48 fetching corpus: 1049, signal 99756/114455 (executing program)
2025/08/29 09:23:48 fetching corpus: 1099, signal 100946/115940 (executing program)
2025/08/29 09:23:48 fetching corpus: 1149, signal 102350/117545 (executing program)
2025/08/29 09:23:48 fetching corpus: 1199, signal 103896/119243 (executing program)
2025/08/29 09:23:48 fetching corpus: 1249, signal 105273/120711 (executing program)
2025/08/29 09:23:48 fetching corpus: 1299, signal 106440/122042 (executing program)
2025/08/29 09:23:48 fetching corpus: 1349, signal 108204/123783 (executing program)
2025/08/29 09:23:48 fetching corpus: 1399, signal 109414/125057 (executing program)
2025/08/29 09:23:48 fetching corpus: 1449, signal 110723/126356 (executing program)
2025/08/29 09:23:48 fetching corpus: 1499, signal 112156/127736 (executing program)
2025/08/29 09:23:49 fetching corpus: 1549, signal 113503/128981 (executing program)
2025/08/29 09:23:49 fetching corpus: 1599, signal 114501/130044 (executing program)
2025/08/29 09:23:49 fetching corpus: 1649, signal 115667/131106 (executing program)
2025/08/29 09:23:49 fetching corpus: 1699, signal 116433/131981 (executing program)
2025/08/29 09:23:49 fetching corpus: 1749, signal 117593/133021 (executing program)
2025/08/29 09:23:49 fetching corpus: 1799, signal 118662/133973 (executing program)
2025/08/29 09:23:49 fetching corpus: 1849, signal 119803/134965 (executing program)
2025/08/29 09:23:50 fetching corpus: 1899, signal 120446/135670 (executing program)
2025/08/29 09:23:50 fetching corpus: 1949, signal 121957/136734 (executing program)
2025/08/29 09:23:50 fetching corpus: 1999, signal 123136/137617 (executing program)
2025/08/29 09:23:50 fetching corpus: 2049, signal 123993/138356 (executing program)
2025/08/29 09:23:50 fetching corpus: 2099, signal 124991/139210 (executing program)
2025/08/29 09:23:50 fetching corpus: 2149, signal 126181/140016 (executing program)
2025/08/29 09:23:50 fetching corpus: 2199, signal 127180/140752 (executing program)
2025/08/29 09:23:50 fetching corpus: 2249, signal 127902/141342 (executing program)
2025/08/29 09:23:50 fetching corpus: 2299, signal 129079/142034 (executing program)
2025/08/29 09:23:51 fetching corpus: 2349, signal 130364/142757 (executing program)
2025/08/29 09:23:51 fetching corpus: 2399, signal 130923/143186 (executing program)
2025/08/29 09:23:51 fetching corpus: 2449, signal 131513/143611 (executing program)
2025/08/29 09:23:51 fetching corpus: 2499, signal 132125/144020 (executing program)
2025/08/29 09:23:51 fetching corpus: 2549, signal 133123/144571 (executing program)
2025/08/29 09:23:52 fetching corpus: 2599, signal 133849/144981 (executing program)
2025/08/29 09:23:52 fetching corpus: 2649, signal 134808/145476 (executing program)
2025/08/29 09:23:52 fetching corpus: 2699, signal 135305/145804 (executing program)
2025/08/29 09:23:52 fetching corpus: 2749, signal 136097/146208 (executing program)
2025/08/29 09:23:52 fetching corpus: 2799, signal 136846/146570 (executing program)
2025/08/29 09:23:52 fetching corpus: 2849, signal 137615/146859 (executing program)
2025/08/29 09:23:52 fetching corpus: 2899, signal 138187/147188 (executing program)
2025/08/29 09:23:52 fetching corpus: 2949, signal 139005/147542 (executing program)
2025/08/29 09:23:52 fetching corpus: 2999, signal 139497/147780 (executing program)
2025/08/29 09:23:52 fetching corpus: 3049, signal 140241/148036 (executing program)
2025/08/29 09:23:53 fetching corpus: 3099, signal 140898/148263 (executing program)
2025/08/29 09:23:53 fetching corpus: 3149, signal 141327/148428 (executing program)
2025/08/29 09:23:53 fetching corpus: 3199, signal 141934/148698 (executing program)
2025/08/29 09:23:53 fetching corpus: 3249, signal 142665/148891 (executing program)
2025/08/29 09:23:53 fetching corpus: 3299, signal 143564/149077 (executing program)
2025/08/29 09:23:53 fetching corpus: 3349, signal 143991/149172 (executing program)
2025/08/29 09:23:53 fetching corpus: 3399, signal 144403/149260 (executing program)
2025/08/29 09:23:53 fetching corpus: 3449, signal 145289/149409 (executing program)
2025/08/29 09:23:53 fetching corpus: 3499, signal 145933/149588 (executing program)
2025/08/29 09:23:53 fetching corpus: 3549, signal 146259/149648 (executing program)
2025/08/29 09:23:53 fetching corpus: 3599, signal 147413/149832 (executing program)
2025/08/29 09:23:53 fetching corpus: 3611, signal 147550/149832 (executing program)
2025/08/29 09:23:53 fetching corpus: 3611, signal 147550/149832 (executing program)
2025/08/29 09:23:55 starting 8 fuzzer processes
09:23:55 executing program 0:
r0 = socket$nl_audit(0x10, 0x3, 0x9)
fcntl$addseals(r0, 0x403, 0x4808fad37bc57d73)
09:23:55 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x12, r0, 0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000100), 0x0, 0x4)
r2 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0)
r3 = dup(r2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, 0x12, r3, 0x0)
09:23:55 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000280)=0x2)
09:23:55 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, 0x0, 0x0)
09:23:55 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffff7, 0x0, "5eff720600"})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000280))
09:23:55 executing program 6:
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000001c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x1d, &(0x7f0000000040)=""/29}, &(0x7f0000000080)="1de52d1b11ad", 0x0, 0x0, 0x0, 0x0, 0x0})
09:23:55 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='loginuid\x00')
pread64(r0, 0x0, 0xfffffd06, 0x7ffffffffffffffa)
09:23:55 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r0, 0x4b36, 0x0)
[ 70.719981] audit: type=1400 audit(1756459435.819:7): avc: denied { execmem } for pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 72.018259] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 72.025575] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 72.032875] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 72.038598] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 72.040245] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 72.042767] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 72.044314] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 72.050823] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 72.052916] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 72.055237] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 72.056895] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 72.064927] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 72.077556] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 72.085278] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 72.094573] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 72.095799] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 72.097773] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 72.099779] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 72.099861] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 72.102414] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 72.103085] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 72.105075] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 72.107629] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 72.110834] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 72.113813] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 72.116162] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 72.117854] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 72.121178] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 72.123659] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 72.126587] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 72.130649] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 72.146823] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 72.150699] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 72.152169] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 72.153058] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 72.156287] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 72.158301] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 72.160299] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 72.171745] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 72.179178] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 74.115826] Bluetooth: hci0: command tx timeout
[ 74.177575] Bluetooth: hci4: command tx timeout
[ 74.178065] Bluetooth: hci1: command tx timeout
[ 74.179279] Bluetooth: hci2: command tx timeout
[ 74.241596] Bluetooth: hci6: command tx timeout
[ 74.241631] Bluetooth: hci5: command tx timeout
[ 74.243312] Bluetooth: hci7: command tx timeout
[ 74.244395] Bluetooth: hci3: command tx timeout
[ 76.161400] Bluetooth: hci0: command tx timeout
[ 76.225490] Bluetooth: hci1: command tx timeout
[ 76.225951] Bluetooth: hci4: command tx timeout
[ 76.226380] Bluetooth: hci2: command tx timeout
[ 76.289474] Bluetooth: hci7: command tx timeout
[ 76.290440] Bluetooth: hci3: command tx timeout
[ 76.290828] Bluetooth: hci5: command tx timeout
[ 76.291218] Bluetooth: hci6: command tx timeout
[ 78.209603] Bluetooth: hci0: command tx timeout
[ 78.273448] Bluetooth: hci4: command tx timeout
[ 78.273473] Bluetooth: hci1: command tx timeout
[ 78.274525] Bluetooth: hci2: command tx timeout
[ 78.337486] Bluetooth: hci6: command tx timeout
[ 78.337520] Bluetooth: hci5: command tx timeout
[ 78.337912] Bluetooth: hci3: command tx timeout
[ 78.339155] Bluetooth: hci7: command tx timeout
[ 80.257474] Bluetooth: hci0: command tx timeout
[ 80.321547] Bluetooth: hci2: command tx timeout
[ 80.321980] Bluetooth: hci4: command tx timeout
[ 80.322014] Bluetooth: hci1: command tx timeout
[ 80.385517] Bluetooth: hci5: command tx timeout
[ 80.385608] Bluetooth: hci3: command tx timeout
[ 80.386100] Bluetooth: hci6: command tx timeout
[ 80.386588] Bluetooth: hci7: command tx timeout
[ 109.295019] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.295692] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.476036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.476661] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.428729] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.430015] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.551917] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.552957] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.813593] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.814203] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.834465] audit: type=1400 audit(1756459475.933:8): avc: denied { open } for pid=3756 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 110.844430] audit: type=1400 audit(1756459475.933:9): avc: denied { kernel } for pid=3756 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 110.965073] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.965752] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.313863] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.314509] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.412308] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.412967] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.713483] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[ 111.714423] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current]
[ 111.714984] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 111.715625] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[ 111.716219] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[ 111.717241] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.717784] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 111.718458] Buffer I/O error on dev sr0, logical block 0, async page read
[ 111.719235] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.719953] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 111.720615] Buffer I/O error on dev sr0, logical block 1, async page read
[ 111.724207] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.724685] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 111.725334] Buffer I/O error on dev sr0, logical block 2, async page read
[ 111.728451] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.728897] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 111.729639] Buffer I/O error on dev sr0, logical block 3, async page read
[ 111.735621] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.736062] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 111.736809] Buffer I/O error on dev sr0, logical block 4, async page read
[ 111.740773] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.741207] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 111.741915] Buffer I/O error on dev sr0, logical block 5, async page read
[ 111.744948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.745528] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 111.746451] Buffer I/O error on dev sr0, logical block 6, async page read
[ 111.748637] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.749072] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 111.749834] Buffer I/O error on dev sr0, logical block 7, async page read
[ 111.787419] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.787994] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.885452] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.886087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.007368] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.007995] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.060138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.061010] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.575056] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.575718] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.621258] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.621917] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.004976] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.005670] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.028929] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.029619] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:24:38 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='loginuid\x00')
pread64(r0, 0x0, 0xfffffd06, 0x7ffffffffffffffa)
09:24:38 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, 0x0, 0x0)
09:24:38 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x12, r0, 0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000100), 0x0, 0x4)
r2 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0)
r3 = dup(r2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, 0x12, r3, 0x0)
09:24:38 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r0, 0x4b36, 0x0)
09:24:38 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r0, 0x4b36, 0x0)
09:24:38 executing program 6:
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000001c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x1d, &(0x7f0000000040)=""/29}, &(0x7f0000000080)="1de52d1b11ad", 0x0, 0x0, 0x0, 0x0, 0x0})
09:24:38 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000280)=0x2)
09:24:38 executing program 0:
r0 = socket$nl_audit(0x10, 0x3, 0x9)
fcntl$addseals(r0, 0x403, 0x4808fad37bc57d73)
[ 113.204158] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[ 113.204964] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current]
[ 113.205530] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 113.206074] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[ 113.206712] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[ 113.207724] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 113.208162] Buffer I/O error on dev sr0, logical block 0, async page read
[ 113.209178] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 113.209669] Buffer I/O error on dev sr0, logical block 1, async page read
[ 113.214677] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
09:24:38 executing program 6:
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000001c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x1d, &(0x7f0000000040)=""/29}, &(0x7f0000000080)="1de52d1b11ad", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 113.225809] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 113.227769] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
09:24:38 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='loginuid\x00')
pread64(r0, 0x0, 0xfffffd06, 0x7ffffffffffffffa)
[ 113.228519] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 113.239846] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 113.246537] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 113.247628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
09:24:38 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000280)=0x2)
09:24:38 executing program 0:
r0 = socket$nl_audit(0x10, 0x3, 0x9)
fcntl$addseals(r0, 0x403, 0x4808fad37bc57d73)
[ 113.256609] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 113.257172] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
09:24:38 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r0, 0x4b36, 0x0)
[ 113.265747] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 113.266311] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 113.269446] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 113.270134] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 113.274481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
09:24:38 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r0, 0x4b36, 0x0)
09:24:38 executing program 0:
r0 = socket$nl_audit(0x10, 0x3, 0x9)
fcntl$addseals(r0, 0x403, 0x4808fad37bc57d73)
09:24:38 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, 0x0, 0x0)
[ 113.359940] BUG: unable to handle page fault for address: ffffed10212c980e
[ 113.360535] #PF: supervisor read access in kernel mode
[ 113.360949] #PF: error_code(0x0000) - not-present page
[ 113.361362] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0
[ 113.362394] Oops: Oops: 0000 [#1] SMP KASAN NOPTI
[ 113.363474] CPU: 0 UID: 0 PID: 3927 Comm: syz-executor.2 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 113.366013] Tainted: [W]=WARN
[ 113.367044] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 113.368813] RIP: 0010:perf_tp_event+0x175/0xe70
[ 113.369996] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 113.371434] RSP: 0018:ffff888045bc7780 EFLAGS: 00010012
[ 113.371853] RAX: 1ffff110212c980e RBX: ffff88810964be80 RCX: ffffc90001c07000
[ 113.372413] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff88810964c070
[ 113.372969] RBP: ffff888045bc79f0 R08: ffff88806ce31340 R09: ffffe8ffffc15208
[ 113.373529] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000
[ 113.374092] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 113.374656] FS: 00007fb701807700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 113.375287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.375741] CR2: ffffed10212c980e CR3: 00000000446d0000 CR4: 0000000000350ef0
[ 113.376296] Call Trace:
[ 113.376503]
[ 113.376687] ? __pfx_perf_tp_event+0x10/0x10
[ 113.377042] ? __asan_memcpy+0x3d/0x60
[ 113.377353] ? visit_groups_merge.constprop.0.isra.0+0x6e7/0x1150
[ 113.377839] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10
[ 113.378343] ? lock_is_held_type+0x9e/0x120
[ 113.378698] ? ctx_sched_in+0x134/0x9b0
[ 113.379017] ? kvm_sched_clock_read+0x16/0x30
[ 113.379378] ? sched_clock+0x37/0x60
[ 113.379685] ? sched_clock_cpu+0x6c/0x4e0
[ 113.380018] ? lock_is_held_type+0x9e/0x120
[ 113.380367] ? perf_trace_run_bpf_submit+0xef/0x180
[ 113.380766] ? lock_is_held_type+0x9e/0x120
[ 113.381111] perf_trace_run_bpf_submit+0xef/0x180
[ 113.381500] perf_trace_preemptirq_template+0x259/0x430
[ 113.381928] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 113.382396] ? check_preempt_wakeup_fair+0x406/0x950
[ 113.382808] ? find_held_lock+0x2b/0x80
[ 113.383131] ? try_to_wake_up+0x8ae/0x11d0
[ 113.383473] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 113.383876] trace_irq_enable.constprop.0+0xa6/0x100
[ 113.384276] trace_hardirqs_on+0x26/0x40
[ 113.384598] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 113.384990] try_to_wake_up+0x8ae/0x11d0
[ 113.385319] ? __pfx_try_to_wake_up+0x10/0x10
[ 113.385685] ? plist_del+0x122/0x270
[ 113.385986] ? find_held_lock+0x2b/0x80
[ 113.386307] ? futex_wake+0x474/0x540
[ 113.386617] wake_up_q+0xa1/0x130
[ 113.386911] futex_wake+0x47e/0x540
[ 113.387207] ? __pfx_futex_wake+0x10/0x10
[ 113.387542] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 113.387943] ? lock_release+0xc8/0x290
[ 113.388254] do_futex+0x26d/0x370
[ 113.388532] ? __pfx_do_futex+0x10/0x10
[ 113.388853] __x64_sys_futex+0x1c9/0x4d0
[ 113.389180] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 113.389652] ? __pfx___x64_sys_futex+0x10/0x10
[ 113.390017] ? xfd_validate_state+0x55/0x180
[ 113.390378] do_syscall_64+0xbf/0x360
[ 113.390686] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.391096] RIP: 0033:0x7fb704291b19
[ 113.391391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 113.392815] RSP: 002b:00007fb701807218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 113.393408] RAX: ffffffffffffffda RBX: 00007fb7043a4f68 RCX: 00007fb704291b19
[ 113.393963] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb7043a4f6c
[ 113.394520] RBP: 00007fb7043a4f60 R08: 000000000000000e R09: 0000000000000000
[ 113.395084] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fb7043a4f6c
[ 113.395641] R13: 00007fff378601df R14: 00007fb701807300 R15: 0000000000022000
[ 113.396200]
[ 113.396388] Modules linked in:
[ 113.396644] CR2: ffffed10212c980e
[ 113.396921] ---[ end trace 0000000000000000 ]---
[ 113.397290] RIP: 0010:perf_tp_event+0x175/0xe70
[ 113.397664] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 113.399079] RSP: 0018:ffff888045bc7780 EFLAGS: 00010012
[ 113.399497] RAX: 1ffff110212c980e RBX: ffff88810964be80 RCX: ffffc90001c07000
[ 113.400061] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff88810964c070
[ 113.400614] RBP: ffff888045bc79f0 R08: ffff88806ce31340 R09: ffffe8ffffc15208
[ 113.401173] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000
[ 113.401732] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 113.402296] FS: 00007fb701807700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 113.402937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.403398] CR2: ffffed10212c980e CR3: 00000000446d0000 CR4: 0000000000350ef0
[ 113.403959] note: syz-executor.2[3927] exited with irqs disabled
[ 113.404445] BUG: unable to handle page fault for address: ffffed10212c980e
[ 113.404985] #PF: supervisor read access in kernel mode
[ 113.405393] #PF: error_code(0x0000) - not-present page
[ 113.405802] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0
[ 113.406247] Oops: Oops: 0000 [#2] SMP KASAN NOPTI
[ 113.406628] CPU: 0 UID: 0 PID: 3927 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 113.407566] Tainted: [D]=DIE, [W]=WARN
[ 113.407869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 113.408506] RIP: 0010:perf_tp_event+0x175/0xe70
[ 113.408882] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 113.410298] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012
[ 113.410725] RAX: 1ffff110212c980e RBX: ffff88810964be80 RCX: 0000000000000002
[ 113.411286] RDX: ffff888016269b80 RSI: ffffffff818995b7 RDI: ffff88810964c070
[ 113.411848] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc15208
[ 113.412406] R10: 0000000000000000 R11: ffff88806ce08ff8 R12: dffffc0000000000
[ 113.412972] R13: 0000000000000014 R14: ffff88806ce313e8 R15: dffffc0000000000
[ 113.413532] FS: 00007fb701807700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 113.414160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.414623] CR2: ffffed10212c980e CR3: 00000000446d0000 CR4: 0000000000350ef0
[ 113.415195] Call Trace:
[ 113.415403]
[ 113.415580] ? __kasan_slab_free+0x3f/0x50
[ 113.415925] ? __pfx_perf_tp_event+0x10/0x10
[ 113.416284] ? sysvec_apic_timer_interrupt+0x70/0x80
[ 113.416693] ? unmap_single_vma.constprop.0+0x153/0x230
[ 113.417119] ? unmap_vmas+0x1d6/0x430
[ 113.417431] ? exit_mmap+0x181/0xaa0
[ 113.417734] ? mmput+0xd5/0x390
[ 113.418008] ? do_exit+0x79d/0x2970
[ 113.418304] ? do_group_exit+0xd3/0x2a0
[ 113.418623] ? __x64_sys_exit_group+0x3e/0x50
[ 113.419008] ? x64_sys_call+0x18c5/0x18d0
[ 113.419340] ? do_syscall_64+0xbf/0x360
[ 113.419653] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.420072] ? lock_acquire+0x15e/0x2f0
[ 113.420395] ? __virt_addr_valid+0x1c6/0x5d0
[ 113.420758] ? find_held_lock+0x2b/0x80
[ 113.421080] ? __virt_addr_valid+0x2e8/0x5d0
[ 113.421441] ? __lock_acquire+0xc65/0x1b70
[ 113.421780] ? perf_trace_run_bpf_submit+0xef/0x180
[ 113.422176] perf_trace_run_bpf_submit+0xef/0x180
[ 113.422564] perf_trace_preemptirq_template+0x259/0x430
[ 113.422999] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 113.423471] ? clockevents_program_event+0x135/0x360
[ 113.423875] ? __pfx_try_to_wake_up+0x10/0x10
[ 113.424239] ? handle_softirqs+0x16e/0x770
[ 113.424582] trace_irq_enable.constprop.0+0xa6/0x100
[ 113.424987] trace_hardirqs_on+0x26/0x40
[ 113.425307] handle_softirqs+0x16e/0x770
[ 113.425641] __irq_exit_rcu+0xc4/0x100
[ 113.425960] irq_exit_rcu+0x9/0x20
[ 113.426245] sysvec_call_function_single+0xa6/0xc0
[ 113.426642]
[ 113.426824]
[ 113.427005] asm_sysvec_call_function_single+0x1a/0x20
[ 113.427421] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 113.427791] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de
[ 113.429197] RSP: 0018:ffff888045bc7f28 EFLAGS: 00000246
[ 113.429617] RAX: 0000000000000001 RBX: ffff888016269b80 RCX: ffffffff817c2b86
[ 113.430173] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 113.430736] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[ 113.431295] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff888016269b80
[ 113.431849] R13: 0000000000000009 R14: ffff888045bc7760 R15: 0000000000000000
[ 113.432409] ? trace_irq_enable.constprop.0+0x26/0x100
[ 113.432820] ? make_task_dead+0x214/0x3b0
[ 113.433148] ? make_task_dead+0x214/0x3b0
[ 113.433480] ? do_syscall_64+0xbf/0x360
[ 113.433795] rewind_stack_and_make_dead+0x16/0x20
[ 113.434180] RIP: 0033:0x7fb704291b19
[ 113.434475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 113.435899] RSP: 002b:00007fb701807218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 113.436496] RAX: ffffffffffffffda RBX: 00007fb7043a4f68 RCX: 00007fb704291b19
[ 113.437054] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb7043a4f6c
[ 113.437613] RBP: 00007fb7043a4f60 R08: 000000000000000e R09: 0000000000000000
[ 113.438173] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fb7043a4f6c
[ 113.438741] R13: 00007fff378601df R14: 00007fb701807300 R15: 0000000000022000
[ 113.439303]
[ 113.439489] Modules linked in:
[ 113.439748] CR2: ffffed10212c980e
[ 113.440022] ---[ end trace 0000000000000000 ]---
[ 113.440025] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#3] SMP KASAN NOPTI
[ 113.440392] RIP: 0010:perf_tp_event+0x175/0xe70
[ 113.441277] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 113.441633] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 113.442218] CPU: 1 UID: 0 PID: 3929 Comm: syz-executor.0 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 113.443622] RSP: 0018:ffff888045bc7780 EFLAGS: 00010012
[ 113.444541] Tainted: [D]=DIE, [W]=WARN
[ 113.444946] RAX: 1ffff110212c980e RBX: ffff88810964be80 RCX: ffffc90001c07000
[ 113.445249] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 113.445798] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff88810964c070
[ 113.446433] RIP: 0010:perf_tp_event+0x175/0xe70
[ 113.446983] RBP: ffff888045bc79f0 R08: ffff88806ce31340 R09: ffffe8ffffc15208
[ 113.447348] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 113.447901] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000
[ 113.449305] RSP: 0018:ffff888045b17780 EFLAGS: 00010012
[ 113.449863] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 113.449875] FS: 00007fb701807700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 113.450280] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc900007fd000
[ 113.450841] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.451459] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 113.452013] CR2: ffffed10212c980e CR3: 00000000446d0000 CR4: 0000000000350ef0
[ 113.452459] RBP: ffff888045b179f0 R08: ffff88806cf31340 R09: ffffe8ffffd15208
[ 113.453016] Kernel panic - not syncing: Fatal exception in interrupt
[ 113.454854] Kernel Offset: disabled
[ 113.455141] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
09:24:38 Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888045bc6fa8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=3a6465746e696154
R12=0000000000000000 R13=ffffffff88724190 R14=ffffffff88724140 R15=ffffffff88724400
RIP=ffffffff828e331d RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fb701807700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe6d00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=ffffed10212c980e CR3=00000000446d0000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007fb7043787c000007fb7043787c8
XMM02=00007fb7043787e000007fb7043787c0 XMM03=00007fb7043787c800007fb7043787c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88806ce3de00 RCX=ffffffff816880fc RDX=ffff888043870000
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888043c876f8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1
R12=ffffed100d9c7bc1 R13=ffff88806ce3de08 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe4f00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055558e3edc18 CR3=000000003e6f8000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000