Warning: Permanently added '[localhost]:29613' (ECDSA) to the list of known hosts.
2025/09/01 08:42:11 fuzzer started
2025/09/01 08:42:11 dialing manager at localhost:35473
syzkaller login: [ 58.561028] cgroup: Unknown subsys name 'net'
[ 58.618664] cgroup: Unknown subsys name 'cpuset'
[ 58.634646] cgroup: Unknown subsys name 'rlimit'
2025/09/01 08:42:21 syscalls: 2214
2025/09/01 08:42:21 code coverage: enabled
2025/09/01 08:42:21 comparison tracing: enabled
2025/09/01 08:42:21 extra coverage: enabled
2025/09/01 08:42:21 setuid sandbox: enabled
2025/09/01 08:42:21 namespace sandbox: enabled
2025/09/01 08:42:21 Android sandbox: enabled
2025/09/01 08:42:21 fault injection: enabled
2025/09/01 08:42:21 leak checking: enabled
2025/09/01 08:42:21 net packet injection: enabled
2025/09/01 08:42:21 net device setup: enabled
2025/09/01 08:42:21 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 08:42:21 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 08:42:21 USB emulation: enabled
2025/09/01 08:42:21 hci packet injection: enabled
2025/09/01 08:42:21 wifi device emulation: enabled
2025/09/01 08:42:21 802.15.4 emulation: enabled
2025/09/01 08:42:21 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 08:42:21 fetching corpus: 50, signal 30907/33983 (executing program)
2025/09/01 08:42:22 fetching corpus: 100, signal 42239/46363 (executing program)
2025/09/01 08:42:22 fetching corpus: 150, signal 50139/55222 (executing program)
2025/09/01 08:42:22 fetching corpus: 200, signal 54865/60865 (executing program)
2025/09/01 08:42:22 fetching corpus: 250, signal 59134/65934 (executing program)
2025/09/01 08:42:22 fetching corpus: 300, signal 64552/71866 (executing program)
2025/09/01 08:42:22 fetching corpus: 350, signal 67405/75426 (executing program)
2025/09/01 08:42:22 fetching corpus: 400, signal 70914/79474 (executing program)
2025/09/01 08:42:22 fetching corpus: 450, signal 73164/82362 (executing program)
2025/09/01 08:42:22 fetching corpus: 500, signal 77690/87052 (executing program)
2025/09/01 08:42:23 fetching corpus: 550, signal 79442/89353 (executing program)
2025/09/01 08:42:23 fetching corpus: 600, signal 81031/91441 (executing program)
2025/09/01 08:42:23 fetching corpus: 650, signal 83481/94162 (executing program)
2025/09/01 08:42:23 fetching corpus: 700, signal 85892/96809 (executing program)
2025/09/01 08:42:23 fetching corpus: 750, signal 89082/99978 (executing program)
2025/09/01 08:42:23 fetching corpus: 800, signal 90757/101872 (executing program)
2025/09/01 08:42:23 fetching corpus: 850, signal 92815/104054 (executing program)
2025/09/01 08:42:24 fetching corpus: 900, signal 95232/106400 (executing program)
2025/09/01 08:42:24 fetching corpus: 950, signal 96717/108032 (executing program)
2025/09/01 08:42:24 fetching corpus: 1000, signal 98361/109765 (executing program)
2025/09/01 08:42:24 fetching corpus: 1050, signal 99914/111360 (executing program)
2025/09/01 08:42:24 fetching corpus: 1100, signal 101454/112925 (executing program)
2025/09/01 08:42:24 fetching corpus: 1150, signal 103590/114822 (executing program)
2025/09/01 08:42:24 fetching corpus: 1200, signal 105657/116523 (executing program)
2025/09/01 08:42:24 fetching corpus: 1250, signal 107074/117832 (executing program)
2025/09/01 08:42:24 fetching corpus: 1300, signal 108640/119176 (executing program)
2025/09/01 08:42:25 fetching corpus: 1350, signal 110054/120397 (executing program)
2025/09/01 08:42:25 fetching corpus: 1400, signal 112375/122066 (executing program)
2025/09/01 08:42:25 fetching corpus: 1450, signal 113661/123104 (executing program)
2025/09/01 08:42:25 fetching corpus: 1500, signal 116273/124851 (executing program)
2025/09/01 08:42:25 fetching corpus: 1550, signal 117328/125657 (executing program)
2025/09/01 08:42:25 fetching corpus: 1600, signal 118408/126521 (executing program)
2025/09/01 08:42:25 fetching corpus: 1650, signal 119288/127179 (executing program)
2025/09/01 08:42:25 fetching corpus: 1700, signal 120136/127824 (executing program)
2025/09/01 08:42:26 fetching corpus: 1750, signal 122013/128870 (executing program)
2025/09/01 08:42:26 fetching corpus: 1800, signal 123041/129490 (executing program)
2025/09/01 08:42:26 fetching corpus: 1850, signal 124564/130301 (executing program)
2025/09/01 08:42:26 fetching corpus: 1900, signal 125234/130721 (executing program)
2025/09/01 08:42:26 fetching corpus: 1950, signal 125901/131123 (executing program)
2025/09/01 08:42:26 fetching corpus: 2000, signal 126898/131655 (executing program)
2025/09/01 08:42:26 fetching corpus: 2050, signal 127907/132100 (executing program)
2025/09/01 08:42:26 fetching corpus: 2100, signal 128814/132524 (executing program)
2025/09/01 08:42:26 fetching corpus: 2150, signal 129462/132827 (executing program)
2025/09/01 08:42:27 fetching corpus: 2200, signal 130977/133387 (executing program)
2025/09/01 08:42:27 fetching corpus: 2250, signal 131825/133711 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/133899 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/133925 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/133962 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/133997 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134037 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134074 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134108 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134141 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134166 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134196 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134223 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134259 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134301 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134328 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134364 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134393 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134414 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134443 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134484 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134515 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134531 (executing program)
2025/09/01 08:42:27 fetching corpus: 2285, signal 132345/134531 (executing program)
2025/09/01 08:42:29 starting 8 fuzzer processes
08:42:29 executing program 0:
semctl$SEM_STAT(0x0, 0x0, 0x10, 0x0)
08:42:29 executing program 1:
syz_emit_ethernet(0x6e, &(0x7f00000000c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c770cc", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @time_exceed={0x5, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '\x00', 0x0, 0x2c, 0x0, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [@fragment]}}}}}}}, 0x0)
08:42:29 executing program 7:
rt_sigqueueinfo(0x0, 0x0, &(0x7f0000008180)={0x0, 0x0, 0x40})
08:42:29 executing program 2:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, 0x0)
[ 76.753011] audit: type=1400 audit(1756716149.615:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
08:42:29 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0xc, 0x0, &(0x7f00000000c0))
08:42:29 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000400)={0x14, 0x4, 0x1, 0x3}, 0x14}}, 0x0)
08:42:29 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
08:42:29 executing program 4:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffc, 0x1)
[ 77.901328] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 77.904074] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 77.906350] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 77.911899] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 77.915641] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 77.963486] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 77.974079] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 77.982080] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 77.983685] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 77.985971] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 77.989400] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 77.991811] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 77.994234] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 78.017060] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 78.029198] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 78.082647] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 78.086522] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 78.090141] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 78.135381] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 78.146261] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 78.147799] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 78.151212] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 78.153221] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 78.157682] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 78.159539] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 78.164353] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 78.165718] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 78.167123] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 78.171544] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 78.173295] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 78.209252] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 78.211245] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 78.216185] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 78.220192] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 78.222222] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 78.227638] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 78.230788] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 78.232630] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 78.243760] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 78.245265] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 79.992982] Bluetooth: hci0: command tx timeout
[ 80.055058] Bluetooth: hci1: command tx timeout
[ 80.055626] Bluetooth: hci2: command tx timeout
[ 80.247049] Bluetooth: hci3: command tx timeout
[ 80.248337] Bluetooth: hci6: command tx timeout
[ 80.312382] Bluetooth: hci4: command tx timeout
[ 80.313325] Bluetooth: hci7: command tx timeout
[ 80.314212] Bluetooth: hci5: command tx timeout
[ 82.040777] Bluetooth: hci0: command tx timeout
[ 82.103184] Bluetooth: hci2: command tx timeout
[ 82.103841] Bluetooth: hci1: command tx timeout
[ 82.295086] Bluetooth: hci6: command tx timeout
[ 82.295103] Bluetooth: hci3: command tx timeout
[ 82.360018] Bluetooth: hci7: command tx timeout
[ 82.360066] Bluetooth: hci5: command tx timeout
[ 82.360484] Bluetooth: hci4: command tx timeout
[ 84.087983] Bluetooth: hci0: command tx timeout
[ 84.151091] Bluetooth: hci1: command tx timeout
[ 84.151917] Bluetooth: hci2: command tx timeout
[ 84.343501] Bluetooth: hci6: command tx timeout
[ 84.344411] Bluetooth: hci3: command tx timeout
[ 84.407197] Bluetooth: hci5: command tx timeout
[ 84.409115] Bluetooth: hci7: command tx timeout
[ 84.409172] Bluetooth: hci4: command tx timeout
[ 86.135091] Bluetooth: hci0: command tx timeout
[ 86.199982] Bluetooth: hci2: command tx timeout
[ 86.200434] Bluetooth: hci1: command tx timeout
[ 86.392086] Bluetooth: hci3: command tx timeout
[ 86.392563] Bluetooth: hci6: command tx timeout
[ 86.455139] Bluetooth: hci4: command tx timeout
[ 86.455984] Bluetooth: hci5: command tx timeout
[ 86.456044] Bluetooth: hci7: command tx timeout
[ 121.176052] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.176705] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.359191] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.359823] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.798833] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.799610] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:43:14 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000400)={0x14, 0x4, 0x1, 0x3}, 0x14}}, 0x0)
08:43:14 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000400)={0x14, 0x4, 0x1, 0x3}, 0x14}}, 0x0)
[ 121.956880] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.957512] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:43:14 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000400)={0x14, 0x4, 0x1, 0x3}, 0x14}}, 0x0)
08:43:15 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f00000003c0)={0x0, "6fe543df4b0bfc0f438bae2f798b810b15d68168d10a0ed8f449ace1573ba90ad8bdd0703d0303f3ab9e31a4d697b94e20153b44a6dc8ea1995fb2bfd38c7aa90c011f2e48d706770a1bee46299e19a19c1a25c693ff61166bf0c19a2c9716e46cf7baaa5f9fb9c6cd5a5c756c3ba3eafab874182fe6cfaa58b0e4a930e075f09ce01dd0bfddffed49447782e07454fb040e3277c4d640bec2c93566f065c2e0e3f068b51454da41cd5dc19ad5c69618a879a0766a8231a1663a979f18d5e1ac237911f2d6cec72c6fa3cd7ec852b0ec4547336e19f2e24dd3006f65af32bb74d45d75dd8c0246b7d51459a6df21865945603e44dfcf86cf7f6778b0be57769d17a21eafbe18b7f08cae15761fc8c2ed861871c2946a1683884d68dead690d1290fc744dbfd5287183fa5f5ceec2175f310fd91d24c518fb48e804a86f0cb26919d4dc005a84c127704872d23a6f86fb71cc1cabd1db66d9e271aecc8afa616a166507221a7e260c836b8335175ac62bd696ed559594c7e30541490f036b291fabfefa9983c4436406ede0bf287379c7a00627eb1b91395287b4e9e6df6223e0ec8d6b0e4f443a31991c3def02e7b5acf06083d2addbef2872e62cfc82939c0bb150663f8ceb86f574c17c098f2ac8a49a578204f493e145e25a11251e546031151b216a2184169ac538bf32a529650bab26c86e378a282c2d13a57430fd5164"})
[ 122.271030] audit: type=1400 audit(1756716195.129:8): avc: denied { open } for pid=3750 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 122.278093] audit: type=1400 audit(1756716195.129:9): avc: denied { kernel } for pid=3750 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
08:43:15 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f00000003c0)={0x0, "6fe543df4b0bfc0f438bae2f798b810b15d68168d10a0ed8f449ace1573ba90ad8bdd0703d0303f3ab9e31a4d697b94e20153b44a6dc8ea1995fb2bfd38c7aa90c011f2e48d706770a1bee46299e19a19c1a25c693ff61166bf0c19a2c9716e46cf7baaa5f9fb9c6cd5a5c756c3ba3eafab874182fe6cfaa58b0e4a930e075f09ce01dd0bfddffed49447782e07454fb040e3277c4d640bec2c93566f065c2e0e3f068b51454da41cd5dc19ad5c69618a879a0766a8231a1663a979f18d5e1ac237911f2d6cec72c6fa3cd7ec852b0ec4547336e19f2e24dd3006f65af32bb74d45d75dd8c0246b7d51459a6df21865945603e44dfcf86cf7f6778b0be57769d17a21eafbe18b7f08cae15761fc8c2ed861871c2946a1683884d68dead690d1290fc744dbfd5287183fa5f5ceec2175f310fd91d24c518fb48e804a86f0cb26919d4dc005a84c127704872d23a6f86fb71cc1cabd1db66d9e271aecc8afa616a166507221a7e260c836b8335175ac62bd696ed559594c7e30541490f036b291fabfefa9983c4436406ede0bf287379c7a00627eb1b91395287b4e9e6df6223e0ec8d6b0e4f443a31991c3def02e7b5acf06083d2addbef2872e62cfc82939c0bb150663f8ceb86f574c17c098f2ac8a49a578204f493e145e25a11251e546031151b216a2184169ac538bf32a529650bab26c86e378a282c2d13a57430fd5164"})
08:43:15 executing program 2:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, 0x0)
08:43:15 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f00000003c0)={0x0, "6fe543df4b0bfc0f438bae2f798b810b15d68168d10a0ed8f449ace1573ba90ad8bdd0703d0303f3ab9e31a4d697b94e20153b44a6dc8ea1995fb2bfd38c7aa90c011f2e48d706770a1bee46299e19a19c1a25c693ff61166bf0c19a2c9716e46cf7baaa5f9fb9c6cd5a5c756c3ba3eafab874182fe6cfaa58b0e4a930e075f09ce01dd0bfddffed49447782e07454fb040e3277c4d640bec2c93566f065c2e0e3f068b51454da41cd5dc19ad5c69618a879a0766a8231a1663a979f18d5e1ac237911f2d6cec72c6fa3cd7ec852b0ec4547336e19f2e24dd3006f65af32bb74d45d75dd8c0246b7d51459a6df21865945603e44dfcf86cf7f6778b0be57769d17a21eafbe18b7f08cae15761fc8c2ed861871c2946a1683884d68dead690d1290fc744dbfd5287183fa5f5ceec2175f310fd91d24c518fb48e804a86f0cb26919d4dc005a84c127704872d23a6f86fb71cc1cabd1db66d9e271aecc8afa616a166507221a7e260c836b8335175ac62bd696ed559594c7e30541490f036b291fabfefa9983c4436406ede0bf287379c7a00627eb1b91395287b4e9e6df6223e0ec8d6b0e4f443a31991c3def02e7b5acf06083d2addbef2872e62cfc82939c0bb150663f8ceb86f574c17c098f2ac8a49a578204f493e145e25a11251e546031151b216a2184169ac538bf32a529650bab26c86e378a282c2d13a57430fd5164"})
08:43:15 executing program 2:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, 0x0)
[ 123.200601] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.201929] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.344151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.344745] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.410144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.410731] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.473957] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.474545] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.600315] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.601287] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.634820] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.635487] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.696735] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.697405] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.743820] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.744471] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.779241] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.779871] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.872184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.872801] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 124.324968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 124.325566] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 124.365277] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 124.365901] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:43:17 executing program 7:
rt_sigqueueinfo(0x0, 0x0, &(0x7f0000008180)={0x0, 0x0, 0x40})
08:43:17 executing program 1:
syz_emit_ethernet(0x6e, &(0x7f00000000c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c770cc", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @time_exceed={0x5, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '\x00', 0x0, 0x2c, 0x0, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [@fragment]}}}}}}}, 0x0)
08:43:17 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f00000003c0)={0x0, "6fe543df4b0bfc0f438bae2f798b810b15d68168d10a0ed8f449ace1573ba90ad8bdd0703d0303f3ab9e31a4d697b94e20153b44a6dc8ea1995fb2bfd38c7aa90c011f2e48d706770a1bee46299e19a19c1a25c693ff61166bf0c19a2c9716e46cf7baaa5f9fb9c6cd5a5c756c3ba3eafab874182fe6cfaa58b0e4a930e075f09ce01dd0bfddffed49447782e07454fb040e3277c4d640bec2c93566f065c2e0e3f068b51454da41cd5dc19ad5c69618a879a0766a8231a1663a979f18d5e1ac237911f2d6cec72c6fa3cd7ec852b0ec4547336e19f2e24dd3006f65af32bb74d45d75dd8c0246b7d51459a6df21865945603e44dfcf86cf7f6778b0be57769d17a21eafbe18b7f08cae15761fc8c2ed861871c2946a1683884d68dead690d1290fc744dbfd5287183fa5f5ceec2175f310fd91d24c518fb48e804a86f0cb26919d4dc005a84c127704872d23a6f86fb71cc1cabd1db66d9e271aecc8afa616a166507221a7e260c836b8335175ac62bd696ed559594c7e30541490f036b291fabfefa9983c4436406ede0bf287379c7a00627eb1b91395287b4e9e6df6223e0ec8d6b0e4f443a31991c3def02e7b5acf06083d2addbef2872e62cfc82939c0bb150663f8ceb86f574c17c098f2ac8a49a578204f493e145e25a11251e546031151b216a2184169ac538bf32a529650bab26c86e378a282c2d13a57430fd5164"})
08:43:17 executing program 2:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, 0x0)
08:43:17 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0xc, 0x0, &(0x7f00000000c0))
08:43:17 executing program 0:
semctl$SEM_STAT(0x0, 0x0, 0x10, 0x0)
08:43:17 executing program 4:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffc, 0x1)
08:43:17 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
08:43:17 executing program 4:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffc, 0x1)
08:43:17 executing program 1:
syz_emit_ethernet(0x6e, &(0x7f00000000c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c770cc", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @time_exceed={0x5, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '\x00', 0x0, 0x2c, 0x0, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [@fragment]}}}}}}}, 0x0)
08:43:17 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0xc, 0x0, &(0x7f00000000c0))
08:43:17 executing program 0:
semctl$SEM_STAT(0x0, 0x0, 0x10, 0x0)
08:43:17 executing program 7:
rt_sigqueueinfo(0x0, 0x0, &(0x7f0000008180)={0x0, 0x0, 0x40})
08:43:17 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
08:43:17 executing program 2:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffc, 0x1)
08:43:17 executing program 1:
syz_emit_ethernet(0x6e, &(0x7f00000000c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c770cc", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @time_exceed={0x5, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '\x00', 0x0, 0x2c, 0x0, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [@fragment]}}}}}}}, 0x0)
08:43:17 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
08:43:17 executing program 4:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffc, 0x1)
08:43:17 executing program 0:
semctl$SEM_STAT(0x0, 0x0, 0x10, 0x0)
08:43:17 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0xc, 0x0, &(0x7f00000000c0))
[ 124.788786] BUG: unable to handle page fault for address: ffffed10212c9746
[ 124.789404] #PF: supervisor read access in kernel mode
[ 124.789831] #PF: error_code(0x0000) - not-present page
[ 124.790241] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0
[ 124.791103] Oops: Oops: 0000 [#1] SMP KASAN NOPTI
[ 124.792232] CPU: 0 UID: 0 PID: 3950 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 124.794729] Tainted: [W]=WARN
[ 124.796036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 124.797679] RIP: 0010:perf_tp_event+0x175/0xe70
[ 124.798649] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 124.800603] RSP: 0018:ffff888044ca7780 EFLAGS: 00010012
[ 124.801044] RAX: 1ffff110212c9746 RBX: ffff88810964b840 RCX: ffffc900090d2000
[ 124.801630] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: ffff88810964ba30
[ 124.802225] RBP: ffff888044ca79f0 R08: ffff88806ce31340 R09: ffffe8ffffc16070
[ 124.802813] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 124.803399] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 124.803993] FS: 00007f3f72b43700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 124.804656] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 124.805137] CR2: ffffed10212c9746 CR3: 000000000bb6e000 CR4: 0000000000350ef0
[ 124.805725] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 124.806314] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 124.806901] Call Trace:
[ 124.807122]
[ 124.807313] ? __pfx_perf_tp_event+0x10/0x10
[ 124.807696] ? __asan_memcpy+0x3d/0x60
[ 124.808028] ? visit_groups_merge.constprop.0.isra.0+0x6e7/0x1150
[ 124.808548] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10
[ 124.809086] ? lock_is_held_type+0x9e/0x120
[ 124.809463] ? ctx_sched_in+0x134/0x9b0
[ 124.809799] ? css_rstat_updated+0x1b8/0x4d0
[ 124.810177] ? __pfx_css_rstat_updated+0x10/0x10
[ 124.810583] ? lock_is_held_type+0x9e/0x120
[ 124.810957] ? perf_trace_run_bpf_submit+0xef/0x180
[ 124.811389] ? lock_is_held_type+0x9e/0x120
[ 124.811758] perf_trace_run_bpf_submit+0xef/0x180
[ 124.812169] perf_trace_preemptirq_template+0x259/0x430
[ 124.812618] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 124.813115] ? check_preempt_wakeup_fair+0x406/0x950
[ 124.813548] ? find_held_lock+0x2b/0x80
[ 124.813892] ? try_to_wake_up+0x8ae/0x11d0
[ 124.814255] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 124.814690] trace_irq_enable.constprop.0+0xa6/0x100
[ 124.815116] trace_hardirqs_on+0x26/0x40
[ 124.815462] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 124.815880] try_to_wake_up+0x8ae/0x11d0
[ 124.816225] ? __pfx_try_to_wake_up+0x10/0x10
[ 124.816604] ? plist_del+0x122/0x270
[ 124.816923] ? find_held_lock+0x2b/0x80
[ 124.817266] ? futex_wake+0x474/0x540
[ 124.817598] wake_up_q+0xa1/0x130
[ 124.817902] futex_wake+0x47e/0x540
[ 124.818218] ? __pfx_futex_wake+0x10/0x10
[ 124.818569] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 124.818997] ? lock_release+0xc8/0x290
[ 124.819330] do_futex+0x26d/0x370
[ 124.819634] ? __pfx_do_futex+0x10/0x10
[ 124.819975] __x64_sys_futex+0x1c9/0x4d0
[ 124.820324] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 124.820814] ? __pfx___x64_sys_futex+0x10/0x10
[ 124.821199] ? xfd_validate_state+0x55/0x180
[ 124.821584] do_syscall_64+0xbf/0x360
[ 124.821907] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 124.822341] RIP: 0033:0x7f3f755cdb19
[ 124.822652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 124.824158] RSP: 002b:00007f3f72b43218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 124.824788] RAX: ffffffffffffffda RBX: 00007f3f756e0f68 RCX: 00007f3f755cdb19
[ 124.825379] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3f756e0f6c
[ 124.825976] RBP: 00007f3f756e0f60 R08: 000000000000000e R09: 0000000000000000
[ 124.826573] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f3f756e0f6c
[ 124.827170] R13: 00007ffd1962ef8f R14: 00007f3f72b43300 R15: 0000000000022000
[ 124.827773]
[ 124.827971] Modules linked in:
[ 124.828246] CR2: ffffed10212c9746
[ 124.828533] ---[ end trace 0000000000000000 ]---
[ 124.828928] RIP: 0010:perf_tp_event+0x175/0xe70
[ 124.829336] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 124.830847] RSP: 0018:ffff888044ca7780 EFLAGS: 00010012
[ 124.831289] RAX: 1ffff110212c9746 RBX: ffff88810964b840 RCX: ffffc900090d2000
[ 124.831884] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: ffff88810964ba30
[ 124.832474] RBP: ffff888044ca79f0 R08: ffff88806ce31340 R09: ffffe8ffffc16070
[ 124.833070] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 124.833661] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 124.834256] FS: 00007f3f72b43700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 124.834926] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 124.835420] CR2: ffffed10212c9746 CR3: 000000000bb6e000 CR4: 0000000000350ef0
[ 124.836014] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 124.836604] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 124.837201] note: syz-executor.6[3950] exited with irqs disabled
[ 124.837752] BUG: unable to handle page fault for address: ffffed10212c9746
[ 124.838331] #PF: supervisor read access in kernel mode
[ 124.838764] #PF: error_code(0x0000) - not-present page
[ 124.839194] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0
[ 124.839655] Oops: Oops: 0000 [#2] SMP KASAN NOPTI
[ 124.840043] CPU: 0 UID: 0 PID: 3950 Comm: syz-executor.6 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 124.840995] Tainted: [D]=DIE, [W]=WARN
[ 124.841303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 124.841952] RIP: 0010:perf_tp_event+0x175/0xe70
[ 124.842335] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 124.843775] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012
[ 124.844201] RAX: 1ffff110212c9746 RBX: ffff88810964b840 RCX: 0000000000000002
[ 124.844768] RDX: ffff8880438bd280 RSI: ffffffff8189a4e7 RDI: ffff88810964ba30
[ 124.845335] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc16070
[ 124.845906] R10: 0000000000000000 R11: ffff88801404a098 R12: dffffc0000000000
[ 124.846471] R13: 0000000000000014 R14: ffff88806ce313e8 R15: dffffc0000000000
[ 124.847037] FS: 00007f3f72b43700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 124.847677] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 124.848141] CR2: ffffed10212c9746 CR3: 000000000bb6e000 CR4: 0000000000350ef0
[ 124.848714] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 124.849277] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 124.849845] Call Trace:
[ 124.850054]
[ 124.850238] ? __pfx_perf_tp_event+0x10/0x10
[ 124.850602] ? update_load_avg+0x17d/0x1ef0
[ 124.850951] ? check_preempt_wakeup_fair+0x6e/0x950
[ 124.851353] ? lock_release+0x1c7/0x290
[ 124.851684] ? lock_release+0x1c7/0x290
[ 124.852011] ? do_raw_spin_unlock+0x53/0x220
[ 124.852372] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 124.852785] ? try_to_wake_up+0x8ae/0x11d0
[ 124.853130] ? do_raw_spin_lock+0x123/0x260
[ 124.853482] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 124.853864] ? perf_trace_run_bpf_submit+0xef/0x180
[ 124.854273] perf_trace_run_bpf_submit+0xef/0x180
[ 124.854666] perf_trace_preemptirq_template+0x259/0x430
[ 124.855092] ? read_tsc+0x9/0x20
[ 124.855386] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 124.855856] ? clockevents_program_event+0x135/0x360
[ 124.856272] ? tick_program_event+0xac/0x140
[ 124.856629] ? handle_softirqs+0x16e/0x770
[ 124.856977] trace_irq_enable.constprop.0+0xa6/0x100
[ 124.857385] trace_hardirqs_on+0x26/0x40
[ 124.857719] handle_softirqs+0x16e/0x770
[ 124.858054] __irq_exit_rcu+0xc4/0x100
[ 124.858377] irq_exit_rcu+0x9/0x20
[ 124.858666] sysvec_apic_timer_interrupt+0x70/0x80
[ 124.859070]
[ 124.859254]
[ 124.859442] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 124.859861] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 124.860239] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de
[ 124.861669] RSP: 0018:ffff888044ca7f28 EFLAGS: 00000246
[ 124.862089] RAX: 0000000000000001 RBX: ffff8880438bd280 RCX: ffffffff817c3ab6
[ 124.862655] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 124.863218] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[ 124.863788] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff8880438bd280
[ 124.864351] R13: 0000000000000009 R14: ffff888044ca7760 R15: 0000000000000000
[ 124.864920] ? trace_irq_enable.constprop.0+0x26/0x100
[ 124.865340] ? make_task_dead+0x214/0x3b0
[ 124.865677] ? make_task_dead+0x214/0x3b0
[ 124.866011] ? do_syscall_64+0xbf/0x360
[ 124.866334] rewind_stack_and_make_dead+0x16/0x20
[ 124.866728] RIP: 0033:0x7f3f755cdb19
[ 124.867029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 124.868470] RSP: 002b:00007f3f72b43218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 124.869068] RAX: ffffffffffffffda RBX: 00007f3f756e0f68 RCX: 00007f3f755cdb19
[ 124.869634] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3f756e0f6c
[ 124.870200] RBP: 00007f3f756e0f60 R08: 000000000000000e R09: 0000000000000000
[ 124.870762] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f3f756e0f6c
[ 124.871327] R13: 00007ffd1962ef8f R14: 00007f3f72b43300 R15: 0000000000022000
[ 124.871901]
[ 124.872096] Modules linked in:
[ 124.872354] CR2: ffffed10212c9746
[ 124.872628] ---[ end trace 0000000000000000 ]---
[ 124.873002] RIP: 0010:perf_tp_event+0x175/0xe70
[ 124.873384] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 124.874815] RSP: 0018:ffff888044ca7780 EFLAGS: 00010012
[ 124.875243] RAX: 1ffff110212c9746 RBX: ffff88810964b840 RCX: ffffc900090d2000
[ 124.875816] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: ffff88810964ba30
[ 124.876384] RBP: ffff888044ca79f0 R08: ffff88806ce31340 R09: ffffe8ffffc16070
[ 124.876945] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 124.877510] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 124.878082] FS: 00007f3f72b43700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 124.878717] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 124.879180] CR2: ffffed10212c9746 CR3: 000000000bb6e000 CR4: 0000000000350ef0
[ 124.879750] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 124.880322] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 124.880884] Kernel panic - not syncing: Fatal exception in interrupt
[ 124.881581] Kernel Offset: disabled
[ 124.881871] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
08:43:17 Registers:
info registers vcpu 0
RAX=000000000000006e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888044ca6fc8
R8 =0000000000000000 R9 =ffffed100141d046 R10=000000000000006e R11=3a6465746e696154
R12=000000000000006e R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f3f72b43700 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe4400000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=ffffed10212c9746 CR3=000000000bb6e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f3f756b47c000007f3f756b47c8
XMM02=00007f3f756b47e000007f3f756b47c0 XMM03=00007f3f756b47c800007f3f756b47c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000001 RBX=0000000000000000 RCX=ffffffff817c3ab6 RDX=0000000000000000
RSI=0000000000000040 RDI=ffffffff815c4f81 RBP=ffff88801b5a7db0 RSP=ffff88801b5a7d50
R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff8643b457 R11=0000000000000000
R12=ffff888008c418c0 R13=0000000000000000 R14=ffff88800ccaf680 R15=ffffea0000332bc0
RIP=ffffffff81a87805 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555579c1f400 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe5100000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000555589e61c58 CR3=00000000383c2000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000ff000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000