Warning: Permanently added '[localhost]:15428' (ECDSA) to the list of known hosts. 2025/09/01 09:30:51 fuzzer started 2025/09/01 09:30:52 dialing manager at localhost:35473 syzkaller login: [ 50.889639] cgroup: Unknown subsys name 'net' [ 51.058184] cgroup: Unknown subsys name 'cpuset' [ 51.088987] cgroup: Unknown subsys name 'rlimit' 2025/09/01 09:31:02 syscalls: 2214 2025/09/01 09:31:02 code coverage: enabled 2025/09/01 09:31:02 comparison tracing: enabled 2025/09/01 09:31:02 extra coverage: enabled 2025/09/01 09:31:02 setuid sandbox: enabled 2025/09/01 09:31:02 namespace sandbox: enabled 2025/09/01 09:31:02 Android sandbox: enabled 2025/09/01 09:31:02 fault injection: enabled 2025/09/01 09:31:02 leak checking: enabled 2025/09/01 09:31:02 net packet injection: enabled 2025/09/01 09:31:02 net device setup: enabled 2025/09/01 09:31:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 09:31:02 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 09:31:02 USB emulation: enabled 2025/09/01 09:31:02 hci packet injection: enabled 2025/09/01 09:31:02 wifi device emulation: enabled 2025/09/01 09:31:02 802.15.4 emulation: enabled 2025/09/01 09:31:02 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 09:31:02 fetching corpus: 50, signal 24505/27854 (executing program) 2025/09/01 09:31:02 fetching corpus: 100, signal 37018/41542 (executing program) 2025/09/01 09:31:02 fetching corpus: 150, signal 44603/50208 (executing program) 2025/09/01 09:31:02 fetching corpus: 200, signal 51595/58204 (executing program) 2025/09/01 09:31:02 fetching corpus: 250, signal 55902/63477 (executing program) 2025/09/01 09:31:02 fetching corpus: 300, signal 59774/68292 (executing program) 2025/09/01 09:31:02 fetching corpus: 350, signal 63579/72864 (executing program) 2025/09/01 09:31:02 fetching corpus: 400, signal 66829/76883 (executing program) 2025/09/01 09:31:03 fetching corpus: 450, signal 70461/81150 (executing program) 2025/09/01 09:31:03 fetching corpus: 500, signal 72301/83749 (executing program) 2025/09/01 09:31:03 fetching corpus: 550, signal 75096/87146 (executing program) 2025/09/01 09:31:03 fetching corpus: 600, signal 78839/91271 (executing program) 2025/09/01 09:31:03 fetching corpus: 650, signal 81008/93989 (executing program) 2025/09/01 09:31:03 fetching corpus: 700, signal 82853/96408 (executing program) 2025/09/01 09:31:03 fetching corpus: 750, signal 88479/101717 (executing program) 2025/09/01 09:31:03 fetching corpus: 800, signal 91449/104908 (executing program) 2025/09/01 09:31:03 fetching corpus: 850, signal 93524/107301 (executing program) 2025/09/01 09:31:03 fetching corpus: 900, signal 96172/110026 (executing program) 2025/09/01 09:31:04 fetching corpus: 950, signal 98014/112110 (executing program) 2025/09/01 09:31:04 fetching corpus: 1000, signal 100426/114578 (executing program) 2025/09/01 09:31:04 fetching corpus: 1050, signal 101711/116137 (executing program) 2025/09/01 09:31:04 fetching corpus: 1100, signal 102955/117632 (executing program) 2025/09/01 09:31:04 fetching corpus: 1150, signal 104450/119240 (executing program) 2025/09/01 09:31:04 fetching corpus: 1200, signal 106706/121334 (executing program) 2025/09/01 09:31:04 fetching corpus: 1250, signal 108258/122972 (executing program) 2025/09/01 09:31:04 fetching corpus: 1300, signal 109872/124558 (executing program) 2025/09/01 09:31:04 fetching corpus: 1350, signal 111431/126121 (executing program) 2025/09/01 09:31:05 fetching corpus: 1400, signal 112826/127488 (executing program) 2025/09/01 09:31:05 fetching corpus: 1450, signal 113775/128563 (executing program) 2025/09/01 09:31:05 fetching corpus: 1500, signal 114379/129365 (executing program) 2025/09/01 09:31:05 fetching corpus: 1550, signal 115386/130466 (executing program) 2025/09/01 09:31:05 fetching corpus: 1600, signal 117350/132042 (executing program) 2025/09/01 09:31:05 fetching corpus: 1650, signal 118257/132984 (executing program) 2025/09/01 09:31:05 fetching corpus: 1700, signal 119054/133859 (executing program) 2025/09/01 09:31:05 fetching corpus: 1750, signal 120084/134792 (executing program) 2025/09/01 09:31:05 fetching corpus: 1800, signal 120770/135562 (executing program) 2025/09/01 09:31:05 fetching corpus: 1850, signal 121788/136447 (executing program) 2025/09/01 09:31:05 fetching corpus: 1900, signal 123263/137550 (executing program) 2025/09/01 09:31:06 fetching corpus: 1950, signal 124236/138381 (executing program) 2025/09/01 09:31:06 fetching corpus: 2000, signal 125023/139067 (executing program) 2025/09/01 09:31:06 fetching corpus: 2050, signal 125988/139822 (executing program) 2025/09/01 09:31:06 fetching corpus: 2100, signal 126987/140628 (executing program) 2025/09/01 09:31:06 fetching corpus: 2150, signal 127877/141293 (executing program) 2025/09/01 09:31:06 fetching corpus: 2200, signal 128406/141848 (executing program) 2025/09/01 09:31:06 fetching corpus: 2250, signal 129641/142698 (executing program) 2025/09/01 09:31:06 fetching corpus: 2300, signal 130353/143267 (executing program) 2025/09/01 09:31:06 fetching corpus: 2350, signal 131069/143814 (executing program) 2025/09/01 09:31:07 fetching corpus: 2400, signal 132201/144567 (executing program) 2025/09/01 09:31:07 fetching corpus: 2450, signal 132944/145093 (executing program) 2025/09/01 09:31:07 fetching corpus: 2500, signal 133755/145682 (executing program) 2025/09/01 09:31:07 fetching corpus: 2550, signal 134828/146259 (executing program) 2025/09/01 09:31:07 fetching corpus: 2600, signal 135635/146759 (executing program) 2025/09/01 09:31:07 fetching corpus: 2650, signal 136181/147132 (executing program) 2025/09/01 09:31:07 fetching corpus: 2700, signal 136888/147530 (executing program) 2025/09/01 09:31:07 fetching corpus: 2750, signal 137509/147896 (executing program) 2025/09/01 09:31:07 fetching corpus: 2800, signal 138280/148284 (executing program) 2025/09/01 09:31:07 fetching corpus: 2850, signal 138859/148619 (executing program) 2025/09/01 09:31:08 fetching corpus: 2900, signal 139775/148978 (executing program) 2025/09/01 09:31:08 fetching corpus: 2950, signal 140537/149315 (executing program) 2025/09/01 09:31:08 fetching corpus: 3000, signal 141259/149602 (executing program) 2025/09/01 09:31:08 fetching corpus: 3050, signal 142079/149877 (executing program) 2025/09/01 09:31:08 fetching corpus: 3100, signal 142870/150170 (executing program) 2025/09/01 09:31:08 fetching corpus: 3150, signal 143267/150371 (executing program) 2025/09/01 09:31:08 fetching corpus: 3200, signal 143603/150541 (executing program) 2025/09/01 09:31:08 fetching corpus: 3250, signal 144445/150736 (executing program) 2025/09/01 09:31:08 fetching corpus: 3300, signal 145079/150930 (executing program) 2025/09/01 09:31:08 fetching corpus: 3350, signal 145897/151092 (executing program) 2025/09/01 09:31:09 fetching corpus: 3400, signal 146379/151212 (executing program) 2025/09/01 09:31:09 fetching corpus: 3450, signal 147341/151338 (executing program) 2025/09/01 09:31:09 fetching corpus: 3500, signal 147828/151441 (executing program) 2025/09/01 09:31:09 fetching corpus: 3550, signal 148455/151522 (executing program) 2025/09/01 09:31:09 fetching corpus: 3565, signal 148702/151560 (executing program) 2025/09/01 09:31:09 fetching corpus: 3565, signal 148702/151593 (executing program) 2025/09/01 09:31:09 fetching corpus: 3565, signal 148702/151612 (executing program) 2025/09/01 09:31:09 fetching corpus: 3565, signal 148702/151612 (executing program) 2025/09/01 09:31:11 starting 8 fuzzer processes 09:31:11 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_int(r0, 0x1, 0x1, 0xfffffffffffffffe, &(0x7f00000026c0)) 09:31:11 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0x40086607, &(0x7f0000000640)=ANY=[]) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) 09:31:11 executing program 7: setresuid(0xee01, 0xee00, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) fremovexattr(r0, &(0x7f0000000080)=@random={'security.', '\x00'}) 09:31:11 executing program 2: name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000) 09:31:11 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5f000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000be000000000000be000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000181400000000000000000000160000000022001c0000000000001c00080000000008007809140b2a3a08020000010000010100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202073797a6b616c6c65722020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202047454e49534f494d4147452049534f20393636302f4846532046494c4553595354454d2043524541544f5220284329203139393320452e594f554e4744414c452028432920313939372d32303036204a2e50454152534f4e2f4a2e534348494c4c494e472028432920323030362d32303037204344524b4954205445414d202066696c6533202020202020202020202020202020202020202020202020202020202020202066696c6531202020202020202020202020202020202020202020202020202020202020202066696c6532202020202020202020202020202020202020202020202020202020202020202032303230303932303131343235383030083230323030393230313134323538303008303030303030303030303030303030300032303230303932303131343235383030080100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202000"/1408, 0x580, 0x8000}, {&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e0000000000001e00080000000008007809140b2a3a08020000010000010100002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000730079007a006b0061006c006c006500720020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000470045004e00490053004f0049004d004100470045002000490053004f00200039003600360030005f004800460053002000460049004c004500530059005300540045004d002000430052004500410054004f005200200028004300290020003100390039003300200045002e0059004f0055004e004700440041004c004500660069006c0065003300200020002000200020002000200020002000200020002000200000660069006c0065003100200020002000200020002000200020002000200020002000200000660069006c0065003200200020002000200020002000200020002000200020002000200032303230303932303131343235383030083230323030393230313134323538303008303030303030303030303030303030300032303230303932303131343235383030080100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202000"/1408, 0x580, 0x8800}, {&(0x7f0000010c00)="ff43443030310100"/32, 0x20, 0x9000}, {&(0x7f0000010d00)="01001c0000000100000005001d000000010046494c4530000000000000000000", 0x20, 0xa000}, {&(0x7f0000010e00)="01000000001c0001000005000000001d000146494c4530000000000000000000", 0x20, 0xb000}, {&(0x7f0000010f00)="01001e000000010000000a001f000000010000660069006c0065003000000000", 0x20, 0xc000}, {&(0x7f0000011000)="01000000001e000100000a000000001f000100660069006c0065003000000000", 0x20, 0xd000}, {&(0x7f0000011100)="22001c0000000000001c00080000000008007809140b2a3a0802000001000001010022001c0000000000001c00080000000008007809140b2a3a080200000100000101012c00200000000000002064000000000000647809140b2a3a08000000010000010a46494c452e434f4c3b310026001d0000000000001d00080000000008007809140b2a3a08020000010000010546494c45302a0021000000000000210a0000000000000a7809140b2a3a08000000010000010846494c45312e3b31002a00220000000000002228230000000023287809140b2a3a08000000010000010846494c45322e3b31002a00220000000000002228230000000023287809140b2a3a08000000010000010846494c45332e3b3100"/288, 0x120, 0xe000}, {&(0x7f0000011300)="22001d0000000000001d00080000000008007809140b2a3a0802000001000001010022001c0000000000001c00080000000008007809140b2a3a080200000100000101012a0027000000000000271a0400000000041a7809140b2a3a08000000010000010846494c45302e3b3100"/128, 0x80, 0xe800}, {&(0x7f0000011400)="22001e0000000000001e00080000000008007809140b2a3a0802000001000001010022001e0000000000001e00080000000008007809140b2a3a080200000100000101013400200000000000002064000000000000647809140b2a3a08000000010000011200660069006c0065002e0063006f006c0064002c001f0000000000001f00080000000008007809140b2a3a08020000010000010a00660069006c00650030002c0021000000000000210a0000000000000a7809140b2a3a08000000010000010a00660069006c00650031002c00220000000000002228230000000023287809140b2a3a08000000010000010a00660069006c00650032002c00220000000000002228230000000023287809140b2a3a08000000010000010a00660069006c0065003300"/320, 0x140, 0xf000}, {&(0x7f0000011600)="22001f0000000000001f00080000000008007809140b2a3a0802000001000001010022001e0000000000001e00080000000008007809140b2a3a080200000100000101012c0027000000000000271a0400000000041a7809140b2a3a08000000010000010a00660069006c0065003000"/128, 0x80, 0xf800}, {&(0x7f0000011700)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x10000}, {&(0x7f0000011800)='syzkallers\x00'/32, 0x20, 0x10800}, {&(0x7f0000011900)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x13800}], 0x0, &(0x7f0000011e00)) 09:31:11 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='attr\x00') unlinkat(r0, &(0x7f0000000240)='./file0\x00', 0x0) 09:31:11 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) ioprio_get$uid(0x3, r0) [ 70.420740] audit: type=1400 audit(1756719071.790:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 09:31:11 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file1\x00') lchown(&(0x7f0000000140)='./file1\x00', 0xffffffffffffffff, 0xee01) [ 71.677881] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.680087] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.682770] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.684512] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.686295] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.691571] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.694950] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.698141] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.699821] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.705195] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.748722] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 71.752804] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 71.755734] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 71.757499] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 71.759461] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 71.760832] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 71.763671] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 71.765590] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 71.767204] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 71.770606] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 71.773065] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.775616] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 71.781949] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 71.783545] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 71.788644] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 71.836955] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 71.843623] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 71.848850] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 71.850831] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 71.852286] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 71.855449] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 71.857997] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 71.859687] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 71.875298] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 71.878779] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 71.882918] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 71.893721] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 71.895901] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 71.899615] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 71.901592] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 73.767766] Bluetooth: hci1: command tx timeout [ 73.768660] Bluetooth: hci0: command tx timeout [ 73.831476] Bluetooth: hci2: command tx timeout [ 73.895468] Bluetooth: hci7: command tx timeout [ 73.896035] Bluetooth: hci3: command tx timeout [ 73.896659] Bluetooth: hci4: command tx timeout [ 73.960360] Bluetooth: hci5: command tx timeout [ 74.023478] Bluetooth: hci6: command tx timeout [ 75.816803] Bluetooth: hci0: command tx timeout [ 75.817267] Bluetooth: hci1: command tx timeout [ 75.880348] Bluetooth: hci2: command tx timeout [ 75.943471] Bluetooth: hci7: command tx timeout [ 75.943902] Bluetooth: hci3: command tx timeout [ 75.944279] Bluetooth: hci4: command tx timeout [ 76.007379] Bluetooth: hci5: command tx timeout [ 76.073346] Bluetooth: hci6: command tx timeout [ 77.864450] Bluetooth: hci1: command tx timeout [ 77.864910] Bluetooth: hci0: command tx timeout [ 77.928533] Bluetooth: hci2: command tx timeout [ 77.992488] Bluetooth: hci4: command tx timeout [ 77.992882] Bluetooth: hci3: command tx timeout [ 77.993401] Bluetooth: hci7: command tx timeout [ 78.056431] Bluetooth: hci5: command tx timeout [ 78.120425] Bluetooth: hci6: command tx timeout [ 79.911395] Bluetooth: hci1: command tx timeout [ 79.911868] Bluetooth: hci0: command tx timeout [ 79.976408] Bluetooth: hci2: command tx timeout [ 80.040371] Bluetooth: hci4: command tx timeout [ 80.040768] Bluetooth: hci3: command tx timeout [ 80.041154] Bluetooth: hci7: command tx timeout [ 80.104344] Bluetooth: hci5: command tx timeout [ 80.168356] Bluetooth: hci6: command tx timeout [ 108.952124] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.952820] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.135254] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.135881] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.751438] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.752573] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.988508] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.989873] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.035632] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.036399] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.251423] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.252631] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.253462] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.254279] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.398386] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.399004] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.657137] audit: type=1400 audit(1756719113.025:8): avc: denied { open } for pid=3818 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 111.662877] audit: type=1400 audit(1756719113.025:9): avc: denied { kernel } for pid=3818 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 111.717017] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.717642] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.821987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.822655] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.467398] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.469151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.530586] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.531211] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.693388] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.693996] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.719646] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.720250] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.864286] loop6: detected capacity change from 0 to 760 [ 113.072789] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.074797] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.109765] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.111098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:31:54 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5f000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000be000000000000be000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000181400000000000000000000160000000022001c0000000000001c00080000000008007809140b2a3a08020000010000010100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202073797a6b616c6c65722020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202047454e49534f494d4147452049534f20393636302f4846532046494c4553595354454d2043524541544f5220284329203139393320452e594f554e4744414c452028432920313939372d32303036204a2e50454152534f4e2f4a2e534348494c4c494e472028432920323030362d32303037204344524b4954205445414d202066696c6533202020202020202020202020202020202020202020202020202020202020202066696c6531202020202020202020202020202020202020202020202020202020202020202066696c6532202020202020202020202020202020202020202020202020202020202020202032303230303932303131343235383030083230323030393230313134323538303008303030303030303030303030303030300032303230303932303131343235383030080100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202000"/1408, 0x580, 0x8000}, {&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e0000000000001e00080000000008007809140b2a3a08020000010000010100002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000730079007a006b0061006c006c006500720020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000470045004e00490053004f0049004d004100470045002000490053004f00200039003600360030005f004800460053002000460049004c004500530059005300540045004d002000430052004500410054004f005200200028004300290020003100390039003300200045002e0059004f0055004e004700440041004c004500660069006c0065003300200020002000200020002000200020002000200020002000200000660069006c0065003100200020002000200020002000200020002000200020002000200000660069006c0065003200200020002000200020002000200020002000200020002000200032303230303932303131343235383030083230323030393230313134323538303008303030303030303030303030303030300032303230303932303131343235383030080100202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202000"/1408, 0x580, 0x8800}, {&(0x7f0000010c00)="ff43443030310100"/32, 0x20, 0x9000}, {&(0x7f0000010d00)="01001c0000000100000005001d000000010046494c4530000000000000000000", 0x20, 0xa000}, {&(0x7f0000010e00)="01000000001c0001000005000000001d000146494c4530000000000000000000", 0x20, 0xb000}, {&(0x7f0000010f00)="01001e000000010000000a001f000000010000660069006c0065003000000000", 0x20, 0xc000}, {&(0x7f0000011000)="01000000001e000100000a000000001f000100660069006c0065003000000000", 0x20, 0xd000}, {&(0x7f0000011100)="22001c0000000000001c00080000000008007809140b2a3a0802000001000001010022001c0000000000001c00080000000008007809140b2a3a080200000100000101012c00200000000000002064000000000000647809140b2a3a08000000010000010a46494c452e434f4c3b310026001d0000000000001d00080000000008007809140b2a3a08020000010000010546494c45302a0021000000000000210a0000000000000a7809140b2a3a08000000010000010846494c45312e3b31002a00220000000000002228230000000023287809140b2a3a08000000010000010846494c45322e3b31002a00220000000000002228230000000023287809140b2a3a08000000010000010846494c45332e3b3100"/288, 0x120, 0xe000}, {&(0x7f0000011300)="22001d0000000000001d00080000000008007809140b2a3a0802000001000001010022001c0000000000001c00080000000008007809140b2a3a080200000100000101012a0027000000000000271a0400000000041a7809140b2a3a08000000010000010846494c45302e3b3100"/128, 0x80, 0xe800}, {&(0x7f0000011400)="22001e0000000000001e00080000000008007809140b2a3a0802000001000001010022001e0000000000001e00080000000008007809140b2a3a080200000100000101013400200000000000002064000000000000647809140b2a3a08000000010000011200660069006c0065002e0063006f006c0064002c001f0000000000001f00080000000008007809140b2a3a08020000010000010a00660069006c00650030002c0021000000000000210a0000000000000a7809140b2a3a08000000010000010a00660069006c00650031002c00220000000000002228230000000023287809140b2a3a08000000010000010a00660069006c00650032002c00220000000000002228230000000023287809140b2a3a08000000010000010a00660069006c0065003300"/320, 0x140, 0xf000}, {&(0x7f0000011600)="22001f0000000000001f00080000000008007809140b2a3a0802000001000001010022001e0000000000001e00080000000008007809140b2a3a080200000100000101012c0027000000000000271a0400000000041a7809140b2a3a08000000010000010a00660069006c0065003000"/128, 0x80, 0xf800}, {&(0x7f0000011700)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x10000}, {&(0x7f0000011800)='syzkallers\x00'/32, 0x20, 0x10800}, {&(0x7f0000011900)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x13800}], 0x0, &(0x7f0000011e00)) 09:31:54 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='attr\x00') unlinkat(r0, &(0x7f0000000240)='./file0\x00', 0x0) 09:31:54 executing program 7: setresuid(0xee01, 0xee00, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) fremovexattr(r0, &(0x7f0000000080)=@random={'security.', '\x00'}) 09:31:54 executing program 2: name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000) 09:31:54 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_int(r0, 0x1, 0x1, 0xfffffffffffffffe, &(0x7f00000026c0)) 09:31:54 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) ioprio_get$uid(0x3, r0) 09:31:54 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0x40086607, &(0x7f0000000640)=ANY=[]) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) 09:31:54 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file1\x00') lchown(&(0x7f0000000140)='./file1\x00', 0xffffffffffffffff, 0xee01) [ 113.330160] loop6: detected capacity change from 0 to 760 09:31:54 executing program 2: name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000) 09:31:54 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_int(r0, 0x1, 0x1, 0xfffffffffffffffe, &(0x7f00000026c0)) 09:31:54 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) ioprio_get$uid(0x3, r0) 09:31:54 executing program 7: setresuid(0xee01, 0xee00, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) fremovexattr(r0, &(0x7f0000000080)=@random={'security.', '\x00'}) 09:31:54 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0x40086607, &(0x7f0000000640)=ANY=[]) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) 09:31:54 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='attr\x00') unlinkat(r0, &(0x7f0000000240)='./file0\x00', 0x0) 09:31:54 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file1\x00') lchown(&(0x7f0000000140)='./file1\x00', 0xffffffffffffffff, 0xee01) [ 113.490073] BUG: unable to handle page fault for address: ffffed10287fd106 [ 113.490695] #PF: supervisor read access in kernel mode [ 113.491122] #PF: error_code(0x0000) - not-present page [ 113.491551] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0 [ 113.492541] Oops: Oops: 0000 [#1] SMP KASAN NOPTI [ 113.493419] CPU: 1 UID: 0 PID: 3908 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 113.495899] Tainted: [W]=WARN [ 113.496557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.498614] RIP: 0010:perf_tp_event+0x175/0xe70 [ 113.499622] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 113.503205] RSP: 0018:ffff888043f07780 EFLAGS: 00010016 [ 113.503637] RAX: 1ffff110287fd106 RBX: ffff888143fe8640 RCX: ffffc9000c246000 [ 113.504197] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: ffff888143fe8830 [ 113.504758] RBP: ffff888043f079f0 R08: ffff88806cf31340 R09: ffffe8ffffd10800 [ 113.505319] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 113.505886] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 113.506457] FS: 00007fbb7152b700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 113.507092] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.507601] CR2: ffffed10287fd106 CR3: 00000000437c0000 CR4: 0000000000350ef0 [ 113.508164] Call Trace: [ 113.508377] [ 113.508570] ? merge_sched_in+0xcb/0x1810 [ 113.508926] ? __pfx_perf_tp_event+0x10/0x10 [ 113.509296] ? __asan_memcpy+0x3d/0x60 [ 113.509613] ? visit_groups_merge.constprop.0.isra.0+0x6e7/0x1150 [ 113.510139] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10 [ 113.510682] ? lock_is_held_type+0x9e/0x120 [ 113.511038] ? ctx_sched_in+0x134/0x9b0 [ 113.511388] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 113.511788] ? perf_swevent_event+0x63/0x3f0 [ 113.512144] ? perf_tp_event+0x807/0xe70 [ 113.512474] ? perf_trace_run_bpf_submit+0xef/0x180 [ 113.512888] perf_trace_run_bpf_submit+0xef/0x180 [ 113.513288] perf_trace_preemptirq_template+0x259/0x430 [ 113.513759] ? mark_held_locks+0x49/0x80 [ 113.514105] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 113.514573] ? _raw_spin_lock_irqsave+0x53/0x60 [ 113.514959] trace_irq_disable.constprop.0+0xa6/0x100 [ 113.515377] _raw_spin_lock_irqsave+0x53/0x60 [ 113.515739] try_to_wake_up+0xa0/0x11d0 [ 113.516067] ? __pfx_try_to_wake_up+0x10/0x10 [ 113.516429] ? plist_del+0x122/0x270 [ 113.516732] ? find_held_lock+0x2b/0x80 [ 113.517056] ? futex_wake+0x474/0x540 [ 113.517369] wake_up_q+0xa1/0x130 [ 113.517655] futex_wake+0x47e/0x540 [ 113.517953] ? __pfx_futex_wake+0x10/0x10 [ 113.518287] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 113.518693] ? lock_release+0xc8/0x290 [ 113.519027] do_futex+0x26d/0x370 [ 113.519333] ? __pfx_do_futex+0x10/0x10 [ 113.519689] ? perf_trace_run_bpf_submit+0xef/0x180 [ 113.520107] __x64_sys_futex+0x1c9/0x4d0 [ 113.520461] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 113.520926] ? __pfx___x64_sys_futex+0x10/0x10 [ 113.521311] do_syscall_64+0xbf/0x360 [ 113.521623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.522039] RIP: 0033:0x7fbb73fb5b19 [ 113.522340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 113.523769] RSP: 002b:00007fbb7152b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 113.524368] RAX: ffffffffffffffda RBX: 00007fbb740c8f68 RCX: 00007fbb73fb5b19 [ 113.524933] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fbb740c8f6c [ 113.525494] RBP: 00007fbb740c8f60 R08: 000000000000000e R09: 0000000000000000 [ 113.526054] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fbb740c8f6c [ 113.526619] R13: 00007ffe415a9aef R14: 00007fbb7152b300 R15: 0000000000022000 [ 113.527181] [ 113.527378] Modules linked in: [ 113.527643] CR2: ffffed10287fd106 [ 113.527918] ---[ end trace 0000000000000000 ]--- [ 113.528292] RIP: 0010:perf_tp_event+0x175/0xe70 [ 113.528669] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 113.530091] RSP: 0018:ffff888043f07780 EFLAGS: 00010016 [ 113.530513] RAX: 1ffff110287fd106 RBX: ffff888143fe8640 RCX: ffffc9000c246000 [ 113.531072] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: ffff888143fe8830 [ 113.531641] RBP: ffff888043f079f0 R08: ffff88806cf31340 R09: ffffe8ffffd10800 [ 113.532200] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 113.532761] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 113.533322] FS: 00007fbb7152b700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 113.533955] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.534414] CR2: ffffed10287fd106 CR3: 00000000437c0000 CR4: 0000000000350ef0 [ 113.534980] note: syz-executor.4[3908] exited with irqs disabled [ 113.535577] BUG: unable to handle page fault for address: ffffed10287fd106 [ 113.536128] #PF: supervisor read access in kernel mode [ 113.536552] #PF: error_code(0x0000) - not-present page [ 113.536960] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0 [ 113.537410] Oops: Oops: 0000 [#2] SMP KASAN NOPTI [ 113.537797] CPU: 1 UID: 0 PID: 3908 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 113.538732] Tainted: [D]=DIE, [W]=WARN [ 113.539036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.539696] RIP: 0010:perf_tp_event+0x175/0xe70 [ 113.540075] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 113.541500] RSP: 0018:ffff88806cf08b40 EFLAGS: 00010016 [ 113.541921] RAX: 1ffff110287fd106 RBX: ffff888143fe8640 RCX: 0000000000000002 [ 113.542483] RDX: ffff888018c88000 RSI: ffffffff8189a4e7 RDI: ffff888143fe8830 [ 113.543042] RBP: ffff88806cf08db0 R08: ffff88806cf313e8 R09: ffffe8ffffd10800 [ 113.543609] R10: 0000000000000000 R11: ffff888016218c98 R12: dffffc0000000000 [ 113.544177] R13: 0000000000000014 R14: ffff88806cf313e8 R15: dffffc0000000000 [ 113.544742] FS: 00007fbb7152b700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 113.545373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.545833] CR2: ffffed10287fd106 CR3: 00000000437c0000 CR4: 0000000000350ef0 [ 113.546400] Call Trace: [ 113.546615] [ 113.546796] ? __pfx_perf_tp_event+0x10/0x10 [ 113.547156] ? update_load_avg+0x17d/0x1ef0 [ 113.547511] ? update_cfs_group+0x11d/0x260 [ 113.547858] ? kvm_sched_clock_read+0x16/0x30 [ 113.548230] ? enqueue_task_fair+0xded/0x1e00 [ 113.548594] ? check_preempt_wakeup_fair+0x6e/0x950 [ 113.548997] ? wakeup_preempt+0x140/0x2a0 [ 113.549329] ? lock_release+0x1c7/0x290 [ 113.549650] ? lock_release+0x1c7/0x290 [ 113.549968] ? do_raw_spin_unlock+0x53/0x220 [ 113.550331] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 113.550745] ? try_to_wake_up+0x8ae/0x11d0 [ 113.551099] ? perf_trace_run_bpf_submit+0xef/0x180 [ 113.551518] ? lock_release+0x1c7/0x290 [ 113.551846] perf_trace_run_bpf_submit+0xef/0x180 [ 113.552245] perf_trace_preemptirq_template+0x259/0x430 [ 113.552688] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 113.553162] ? read_tsc+0x9/0x20 [ 113.553448] ? ktime_get+0x16d/0x270 [ 113.553756] ? __pfx_lapic_next_deadline+0x10/0x10 [ 113.554157] ? clockevents_program_event+0x135/0x360 [ 113.554574] ? _raw_spin_lock_irq+0x42/0x50 [ 113.554923] trace_irq_disable.constprop.0+0xa6/0x100 [ 113.555351] _raw_spin_lock_irq+0x42/0x50 [ 113.555732] run_timer_softirq+0x190/0x210 [ 113.556108] handle_softirqs+0x1b1/0x770 [ 113.556466] __irq_exit_rcu+0xc4/0x100 [ 113.556800] irq_exit_rcu+0x9/0x20 [ 113.557098] sysvec_apic_timer_interrupt+0x70/0x80 [ 113.557513] [ 113.557713] [ 113.557899] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 113.558337] RIP: 0010:make_task_dead+0xa2/0x3b0 [ 113.558734] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de [ 113.560257] RSP: 0018:ffff888043f07f28 EFLAGS: 00000246 [ 113.560705] RAX: 0000000000000001 RBX: ffff888018c88000 RCX: ffffffff817c3ab6 [ 113.561304] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234 [ 113.561881] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000 [ 113.562444] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff888018c88000 [ 113.563011] R13: 0000000000000009 R14: ffff888043f07760 R15: 0000000000000000 [ 113.563580] ? trace_irq_enable.constprop.0+0x26/0x100 [ 113.563994] ? make_task_dead+0x214/0x3b0 [ 113.564328] ? make_task_dead+0x214/0x3b0 [ 113.564662] ? do_syscall_64+0xbf/0x360 [ 113.564981] rewind_stack_and_make_dead+0x16/0x20 [ 113.565377] RIP: 0033:0x7fbb73fb5b19 [ 113.565673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 113.567091] RSP: 002b:00007fbb7152b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 113.567697] RAX: ffffffffffffffda RBX: 00007fbb740c8f68 RCX: 00007fbb73fb5b19 [ 113.568256] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fbb740c8f6c [ 113.568822] RBP: 00007fbb740c8f60 R08: 000000000000000e R09: 0000000000000000 [ 113.569381] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fbb740c8f6c [ 113.569941] R13: 00007ffe415a9aef R14: 00007fbb7152b300 R15: 0000000000022000 [ 113.570503] [ 113.570691] Modules linked in: [ 113.570951] CR2: ffffed10287fd106 [ 113.571228] ---[ end trace 0000000000000000 ]--- [ 113.571613] RIP: 0010:perf_tp_event+0x175/0xe70 [ 113.571994] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 113.573420] RSP: 0018:ffff888043f07780 EFLAGS: 00010016 [ 113.573839] RAX: 1ffff110287fd106 RBX: ffff888143fe8640 RCX: ffffc9000c246000 [ 113.574400] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: ffff888143fe8830 [ 113.574961] RBP: ffff888043f079f0 R08: ffff88806cf31340 R09: ffffe8ffffd10800 [ 113.575527] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 113.576088] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 113.576654] FS: 00007fbb7152b700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 113.577295] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.577765] CR2: ffffed10287fd106 CR3: 00000000437c0000 CR4: 0000000000350ef0 [ 113.578345] Kernel panic - not syncing: Fatal exception in interrupt [ 113.579114] Kernel Offset: disabled [ 113.579430] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 09:31:55 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88806cf3c300 RCX=ffffffff816880fc RDX=ffff888016e63700 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff88800f7b76f8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9c6bb1 R12=ffffed100d9e7861 R13=ffff88806cf3c308 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555580750400 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe3b00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6ff9559000 CR3=000000003dc3a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f6ff95307c000007f6ff95307c8 XMM02=00007f6ff95307e000007f6ff95307c0 XMM03=00007f6ff95307c800007f6ff95307c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888043f06f20 R8 =0000000000000000 R9 =ffffed10016d4046 R10=0000000000000020 R11=0000000065646f43 R12=0000000000000020 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fbb7152b700 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe2300000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=ffffed10287fd106 CR3=00000000437c0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fbb7409c7c000007fbb7409c7c8 XMM02=00007fbb7409c7e000007fbb7409c7c0 XMM03=00007fbb7409c7c800007fbb7409c7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000