Warning: Permanently added '[localhost]:33016' (ECDSA) to the list of known hosts.
2025/09/01 10:20:44 fuzzer started
2025/09/01 10:20:44 dialing manager at localhost:35473
syzkaller login: [ 51.736889] cgroup: Unknown subsys name 'net'
[ 51.798215] cgroup: Unknown subsys name 'cpuset'
[ 51.825295] cgroup: Unknown subsys name 'rlimit'
2025/09/01 10:20:56 syscalls: 2214
2025/09/01 10:20:56 code coverage: enabled
2025/09/01 10:20:56 comparison tracing: enabled
2025/09/01 10:20:56 extra coverage: enabled
2025/09/01 10:20:56 setuid sandbox: enabled
2025/09/01 10:20:56 namespace sandbox: enabled
2025/09/01 10:20:56 Android sandbox: enabled
2025/09/01 10:20:56 fault injection: enabled
2025/09/01 10:20:56 leak checking: enabled
2025/09/01 10:20:56 net packet injection: enabled
2025/09/01 10:20:56 net device setup: enabled
2025/09/01 10:20:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 10:20:56 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 10:20:56 USB emulation: enabled
2025/09/01 10:20:56 hci packet injection: enabled
2025/09/01 10:20:56 wifi device emulation: enabled
2025/09/01 10:20:56 802.15.4 emulation: enabled
2025/09/01 10:20:56 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 10:20:56 fetching corpus: 50, signal 22730/26172 (executing program)
2025/09/01 10:20:56 fetching corpus: 100, signal 28376/33341 (executing program)
2025/09/01 10:20:56 fetching corpus: 150, signal 37043/43256 (executing program)
2025/09/01 10:20:56 fetching corpus: 200, signal 41496/49056 (executing program)
2025/09/01 10:20:56 fetching corpus: 250, signal 45071/53898 (executing program)
2025/09/01 10:20:56 fetching corpus: 300, signal 49428/59376 (executing program)
2025/09/01 10:20:57 fetching corpus: 350, signal 53311/64337 (executing program)
2025/09/01 10:20:57 fetching corpus: 400, signal 56594/68669 (executing program)
2025/09/01 10:20:57 fetching corpus: 450, signal 61452/74234 (executing program)
2025/09/01 10:20:57 fetching corpus: 500, signal 67605/80866 (executing program)
2025/09/01 10:20:57 fetching corpus: 550, signal 71026/85016 (executing program)
2025/09/01 10:20:57 fetching corpus: 600, signal 72923/87859 (executing program)
2025/09/01 10:20:57 fetching corpus: 650, signal 75634/91293 (executing program)
2025/09/01 10:20:57 fetching corpus: 700, signal 78163/94565 (executing program)
2025/09/01 10:20:57 fetching corpus: 750, signal 79866/97014 (executing program)
2025/09/01 10:20:57 fetching corpus: 800, signal 82234/99970 (executing program)
2025/09/01 10:20:57 fetching corpus: 850, signal 84715/102985 (executing program)
2025/09/01 10:20:58 fetching corpus: 900, signal 87003/105774 (executing program)
2025/09/01 10:20:58 fetching corpus: 950, signal 88686/108065 (executing program)
2025/09/01 10:20:58 fetching corpus: 1000, signal 90098/110152 (executing program)
2025/09/01 10:20:58 fetching corpus: 1050, signal 91597/112206 (executing program)
2025/09/01 10:20:58 fetching corpus: 1100, signal 93466/114553 (executing program)
2025/09/01 10:20:58 fetching corpus: 1150, signal 95520/116934 (executing program)
2025/09/01 10:20:58 fetching corpus: 1200, signal 96888/118793 (executing program)
2025/09/01 10:20:58 fetching corpus: 1250, signal 98704/120969 (executing program)
2025/09/01 10:20:58 fetching corpus: 1300, signal 100549/123115 (executing program)
2025/09/01 10:20:59 fetching corpus: 1350, signal 102699/125369 (executing program)
2025/09/01 10:20:59 fetching corpus: 1400, signal 104016/127071 (executing program)
2025/09/01 10:20:59 fetching corpus: 1450, signal 105321/128767 (executing program)
2025/09/01 10:20:59 fetching corpus: 1500, signal 106796/130567 (executing program)
2025/09/01 10:20:59 fetching corpus: 1550, signal 108528/132400 (executing program)
2025/09/01 10:20:59 fetching corpus: 1600, signal 109310/133667 (executing program)
2025/09/01 10:20:59 fetching corpus: 1650, signal 110237/134998 (executing program)
2025/09/01 10:20:59 fetching corpus: 1700, signal 111188/136308 (executing program)
2025/09/01 10:20:59 fetching corpus: 1750, signal 112626/137858 (executing program)
2025/09/01 10:20:59 fetching corpus: 1800, signal 113753/139240 (executing program)
2025/09/01 10:21:00 fetching corpus: 1850, signal 114756/140527 (executing program)
2025/09/01 10:21:00 fetching corpus: 1900, signal 115642/141702 (executing program)
2025/09/01 10:21:00 fetching corpus: 1950, signal 117806/143536 (executing program)
2025/09/01 10:21:00 fetching corpus: 2000, signal 119106/144868 (executing program)
2025/09/01 10:21:00 fetching corpus: 2050, signal 119974/145940 (executing program)
2025/09/01 10:21:00 fetching corpus: 2100, signal 120439/146795 (executing program)
2025/09/01 10:21:00 fetching corpus: 2150, signal 121060/147726 (executing program)
2025/09/01 10:21:00 fetching corpus: 2200, signal 124250/149867 (executing program)
2025/09/01 10:21:00 fetching corpus: 2250, signal 126219/151358 (executing program)
2025/09/01 10:21:00 fetching corpus: 2300, signal 127830/152728 (executing program)
2025/09/01 10:21:01 fetching corpus: 2350, signal 128873/153705 (executing program)
2025/09/01 10:21:01 fetching corpus: 2400, signal 129710/154582 (executing program)
2025/09/01 10:21:01 fetching corpus: 2450, signal 130688/155560 (executing program)
2025/09/01 10:21:01 fetching corpus: 2500, signal 131334/156289 (executing program)
2025/09/01 10:21:01 fetching corpus: 2550, signal 132260/157143 (executing program)
2025/09/01 10:21:01 fetching corpus: 2600, signal 132837/157903 (executing program)
2025/09/01 10:21:01 fetching corpus: 2650, signal 133638/158714 (executing program)
2025/09/01 10:21:01 fetching corpus: 2700, signal 134400/159448 (executing program)
2025/09/01 10:21:01 fetching corpus: 2750, signal 135182/160215 (executing program)
2025/09/01 10:21:01 fetching corpus: 2800, signal 135865/160895 (executing program)
2025/09/01 10:21:02 fetching corpus: 2850, signal 136707/161635 (executing program)
2025/09/01 10:21:02 fetching corpus: 2900, signal 137515/162328 (executing program)
2025/09/01 10:21:02 fetching corpus: 2950, signal 138272/162969 (executing program)
2025/09/01 10:21:02 fetching corpus: 3000, signal 138851/163546 (executing program)
2025/09/01 10:21:02 fetching corpus: 3050, signal 139561/164173 (executing program)
2025/09/01 10:21:02 fetching corpus: 3100, signal 140096/164769 (executing program)
2025/09/01 10:21:02 fetching corpus: 3150, signal 140566/165312 (executing program)
2025/09/01 10:21:02 fetching corpus: 3200, signal 141044/165829 (executing program)
2025/09/01 10:21:02 fetching corpus: 3250, signal 141917/166405 (executing program)
2025/09/01 10:21:02 fetching corpus: 3300, signal 142422/166877 (executing program)
2025/09/01 10:21:02 fetching corpus: 3350, signal 142838/167358 (executing program)
2025/09/01 10:21:03 fetching corpus: 3400, signal 143471/167846 (executing program)
2025/09/01 10:21:03 fetching corpus: 3450, signal 144345/168344 (executing program)
2025/09/01 10:21:03 fetching corpus: 3500, signal 144965/168783 (executing program)
2025/09/01 10:21:03 fetching corpus: 3550, signal 145560/169204 (executing program)
2025/09/01 10:21:03 fetching corpus: 3600, signal 146088/169631 (executing program)
2025/09/01 10:21:03 fetching corpus: 3650, signal 146825/170034 (executing program)
2025/09/01 10:21:03 fetching corpus: 3700, signal 147324/170459 (executing program)
2025/09/01 10:21:03 fetching corpus: 3750, signal 147748/170818 (executing program)
2025/09/01 10:21:03 fetching corpus: 3800, signal 148274/171170 (executing program)
2025/09/01 10:21:03 fetching corpus: 3850, signal 148885/171542 (executing program)
2025/09/01 10:21:03 fetching corpus: 3900, signal 149331/171865 (executing program)
2025/09/01 10:21:04 fetching corpus: 3950, signal 150110/172176 (executing program)
2025/09/01 10:21:04 fetching corpus: 4000, signal 150597/172568 (executing program)
2025/09/01 10:21:04 fetching corpus: 4050, signal 151033/172846 (executing program)
2025/09/01 10:21:04 fetching corpus: 4100, signal 151624/173105 (executing program)
2025/09/01 10:21:04 fetching corpus: 4150, signal 152121/173366 (executing program)
2025/09/01 10:21:04 fetching corpus: 4200, signal 152584/173596 (executing program)
2025/09/01 10:21:04 fetching corpus: 4250, signal 152980/173751 (executing program)
2025/09/01 10:21:04 fetching corpus: 4300, signal 153486/173756 (executing program)
2025/09/01 10:21:04 fetching corpus: 4350, signal 153970/173846 (executing program)
2025/09/01 10:21:04 fetching corpus: 4400, signal 155675/173873 (executing program)
2025/09/01 10:21:05 fetching corpus: 4450, signal 156137/173894 (executing program)
2025/09/01 10:21:05 fetching corpus: 4500, signal 156692/173973 (executing program)
2025/09/01 10:21:05 fetching corpus: 4550, signal 157128/173986 (executing program)
2025/09/01 10:21:05 fetching corpus: 4600, signal 157450/173988 (executing program)
2025/09/01 10:21:05 fetching corpus: 4650, signal 158040/173993 (executing program)
2025/09/01 10:21:05 fetching corpus: 4700, signal 158555/174047 (executing program)
2025/09/01 10:21:05 fetching corpus: 4750, signal 158987/174055 (executing program)
2025/09/01 10:21:05 fetching corpus: 4800, signal 159400/174057 (executing program)
2025/09/01 10:21:05 fetching corpus: 4850, signal 159933/174067 (executing program)
2025/09/01 10:21:05 fetching corpus: 4900, signal 160409/174069 (executing program)
2025/09/01 10:21:06 fetching corpus: 4950, signal 160754/174101 (executing program)
2025/09/01 10:21:06 fetching corpus: 5000, signal 161132/174109 (executing program)
2025/09/01 10:21:06 fetching corpus: 5050, signal 161692/174110 (executing program)
2025/09/01 10:21:06 fetching corpus: 5100, signal 162359/174113 (executing program)
2025/09/01 10:21:06 fetching corpus: 5150, signal 162638/174125 (executing program)
2025/09/01 10:21:06 fetching corpus: 5200, signal 163030/174129 (executing program)
2025/09/01 10:21:06 fetching corpus: 5250, signal 163398/174131 (executing program)
2025/09/01 10:21:06 fetching corpus: 5300, signal 163685/174176 (executing program)
2025/09/01 10:21:06 fetching corpus: 5350, signal 164073/174194 (executing program)
2025/09/01 10:21:06 fetching corpus: 5400, signal 164767/174194 (executing program)
2025/09/01 10:21:06 fetching corpus: 5450, signal 165363/174304 (executing program)
2025/09/01 10:21:07 fetching corpus: 5500, signal 165664/174329 (executing program)
2025/09/01 10:21:07 fetching corpus: 5550, signal 166628/174345 (executing program)
2025/09/01 10:21:07 fetching corpus: 5600, signal 167007/174372 (executing program)
2025/09/01 10:21:07 fetching corpus: 5650, signal 167399/174376 (executing program)
2025/09/01 10:21:07 fetching corpus: 5700, signal 167632/174379 (executing program)
2025/09/01 10:21:07 fetching corpus: 5750, signal 168120/174400 (executing program)
2025/09/01 10:21:07 fetching corpus: 5800, signal 168367/174411 (executing program)
2025/09/01 10:21:07 fetching corpus: 5850, signal 168651/174424 (executing program)
2025/09/01 10:21:07 fetching corpus: 5900, signal 168989/174463 (executing program)
2025/09/01 10:21:07 fetching corpus: 5950, signal 169340/174467 (executing program)
2025/09/01 10:21:07 fetching corpus: 6000, signal 169723/174467 (executing program)
2025/09/01 10:21:07 fetching corpus: 6050, signal 170124/174487 (executing program)
2025/09/01 10:21:08 fetching corpus: 6100, signal 170626/174496 (executing program)
2025/09/01 10:21:08 fetching corpus: 6150, signal 171073/174499 (executing program)
2025/09/01 10:21:08 fetching corpus: 6200, signal 171438/174502 (executing program)
2025/09/01 10:21:08 fetching corpus: 6225, signal 171564/174506 (executing program)
2025/09/01 10:21:08 fetching corpus: 6225, signal 171564/174506 (executing program)
2025/09/01 10:21:10 starting 8 fuzzer processes
10:21:10 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000dc0), 0x4)
10:21:10 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)={{0x14, 0x28}, [], {0x14}}, 0x28}}, 0x0)
10:21:10 executing program 3:
clone3(&(0x7f0000002740)={0x84102900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
10:21:10 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$sock_linger(r0, 0x1, 0x9, &(0x7f0000000080), 0x8)
[ 77.671341] audit: type=1400 audit(1756722070.618:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
10:21:10 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
getpid()
kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000006c0)={0x20, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x4}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}]}, 0x20}}, 0x0)
10:21:10 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r0, 0x0)
10:21:10 executing program 7:
syz_emit_ethernet(0x22, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x88, 0x0, @empty, @broadcast}}}}}, 0x0)
10:21:10 executing program 6:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, 0x0, &(0x7f0000000040))
[ 78.838954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 78.842274] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 78.845588] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 78.850524] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 78.855093] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 78.973530] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 78.976426] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 78.978365] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 78.981967] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 78.984052] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 79.099082] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 79.102603] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 79.104866] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 79.109992] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 79.112564] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 79.149987] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 79.165226] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 79.167902] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 79.173791] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 79.177902] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 79.185552] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 79.187577] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 79.192562] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 79.203342] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 79.213308] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 79.218237] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 79.233828] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 79.238131] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 79.249820] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 79.253834] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 79.255552] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 79.260413] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 79.265009] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 79.271178] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 79.277997] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 79.286894] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 79.293570] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 79.303891] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 79.312956] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 79.321548] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 80.934178] Bluetooth: hci0: command tx timeout
[ 81.061975] Bluetooth: hci1: command tx timeout
[ 81.189869] Bluetooth: hci2: command tx timeout
[ 81.254773] Bluetooth: hci3: command tx timeout
[ 81.317725] Bluetooth: hci5: command tx timeout
[ 81.318296] Bluetooth: hci4: command tx timeout
[ 81.381923] Bluetooth: hci6: command tx timeout
[ 81.382926] Bluetooth: hci7: command tx timeout
[ 82.982869] Bluetooth: hci0: command tx timeout
[ 83.110866] Bluetooth: hci1: command tx timeout
[ 83.239110] Bluetooth: hci2: command tx timeout
[ 83.301690] Bluetooth: hci3: command tx timeout
[ 83.366984] Bluetooth: hci5: command tx timeout
[ 83.367409] Bluetooth: hci4: command tx timeout
[ 83.430860] Bluetooth: hci7: command tx timeout
[ 83.431276] Bluetooth: hci6: command tx timeout
[ 85.032665] Bluetooth: hci0: command tx timeout
[ 85.157861] Bluetooth: hci1: command tx timeout
[ 85.286702] Bluetooth: hci2: command tx timeout
[ 85.349739] Bluetooth: hci3: command tx timeout
[ 85.413814] Bluetooth: hci4: command tx timeout
[ 85.413849] Bluetooth: hci5: command tx timeout
[ 85.479683] Bluetooth: hci6: command tx timeout
[ 85.480117] Bluetooth: hci7: command tx timeout
[ 87.078707] Bluetooth: hci0: command tx timeout
[ 87.205769] Bluetooth: hci1: command tx timeout
[ 87.333680] Bluetooth: hci2: command tx timeout
[ 87.397698] Bluetooth: hci3: command tx timeout
[ 87.461759] Bluetooth: hci5: command tx timeout
[ 87.461883] Bluetooth: hci4: command tx timeout
[ 87.525698] Bluetooth: hci7: command tx timeout
[ 87.525774] Bluetooth: hci6: command tx timeout
[ 114.878377] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.879395] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.030005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.030635] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.138176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.138863] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.253677] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.254314] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.312041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.312633] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.341420] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.342084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.411369] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.412003] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.429257] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.429935] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.456324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.457034] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.529825] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.530448] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.569008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.569620] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.625618] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.626708] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.670348] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.671157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.719710] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.720291] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.738476] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.739206] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.827325] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.828040] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.847331] audit: type=1400 audit(1756722108.793:8): avc: denied { open } for pid=3884 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 115.852173] audit: type=1400 audit(1756722108.794:9): avc: denied { kernel } for pid=3884 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
10:21:49 executing program 3:
clone3(&(0x7f0000002740)={0x84102900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
10:21:49 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000dc0), 0x4)
10:21:49 executing program 7:
syz_emit_ethernet(0x22, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x88, 0x0, @empty, @broadcast}}}}}, 0x0)
10:21:49 executing program 6:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, 0x0, &(0x7f0000000040))
10:21:49 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r0, 0x0)
10:21:49 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)={{0x14, 0x28}, [], {0x14}}, 0x28}}, 0x0)
10:21:49 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$sock_linger(r0, 0x1, 0x9, &(0x7f0000000080), 0x8)
10:21:49 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
getpid()
kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000006c0)={0x20, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x4}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}]}, 0x20}}, 0x0)
10:21:49 executing program 3:
clone3(&(0x7f0000002740)={0x84102900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
10:21:49 executing program 7:
syz_emit_ethernet(0x22, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x88, 0x0, @empty, @broadcast}}}}}, 0x0)
10:21:49 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000dc0), 0x4)
10:21:49 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)={{0x14, 0x28}, [], {0x14}}, 0x28}}, 0x0)
10:21:49 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$sock_linger(r0, 0x1, 0x9, &(0x7f0000000080), 0x8)
10:21:49 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r0, 0x0)
10:21:49 executing program 6:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, 0x0, &(0x7f0000000040))
[ 116.248945] kmemleak: Found object by alias at 0x607f1a63f294
[ 116.248965] CPU: 0 UID: 0 PID: 3911 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.248984] Tainted: [W]=WARN
[ 116.248988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.248996] Call Trace:
[ 116.249000]
[ 116.249005] dump_stack_lvl+0xca/0x120
[ 116.249036] __lookup_object+0x94/0xb0
[ 116.249054] delete_object_full+0x27/0x70
[ 116.249071] free_percpu+0x30/0x1160
[ 116.249088] ? arch_uprobe_clear_state+0x16/0x140
[ 116.249109] futex_hash_free+0x38/0xc0
[ 116.249124] mmput+0x2d3/0x390
[ 116.249143] do_exit+0x79d/0x2970
[ 116.249157] ? lock_release+0xc8/0x290
[ 116.249174] ? __pfx_do_exit+0x10/0x10
[ 116.249189] ? find_held_lock+0x2b/0x80
[ 116.249206] ? get_signal+0x835/0x2340
[ 116.249227] do_group_exit+0xd3/0x2a0
[ 116.249242] get_signal+0x2315/0x2340
[ 116.249261] ? __fget_files+0x203/0x3b0
[ 116.249277] ? __pfx_get_signal+0x10/0x10
[ 116.249294] ? do_futex+0x135/0x370
[ 116.249307] ? __pfx_do_futex+0x10/0x10
[ 116.249323] arch_do_signal_or_restart+0x80/0x790
[ 116.249342] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 116.249362] ? __x64_sys_futex+0x1c9/0x4d0
[ 116.249378] ? __x64_sys_futex+0x1d2/0x4d0
[ 116.249393] ? __pfx___x64_sys_futex+0x10/0x10
[ 116.249413] exit_to_user_mode_loop+0x8b/0x110
[ 116.249426] do_syscall_64+0x2f7/0x360
[ 116.249440] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.249455] RIP: 0033:0x7f39504b6b19
[ 116.249464] Code: Unable to access opcode bytes at 0x7f39504b6aef.
[ 116.249470] RSP: 002b:00007f394da2c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 116.249482] RAX: fffffffffffffe00 RBX: 00007f39505c9f68 RCX: 00007f39504b6b19
[ 116.249490] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f39505c9f68
[ 116.249497] RBP: 00007f39505c9f60 R08: 0000000000000000 R09: 0000000000000000
[ 116.249505] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f39505c9f6c
[ 116.249512] R13: 00007ffd2a5e1b4f R14: 00007f394da2c300 R15: 0000000000022000
[ 116.249531]
[ 116.249535] kmemleak: Object (percpu) 0x607f1a63f290 (size 8):
[ 116.249542] kmemleak: comm "syz-executor.5", pid 3924, jiffies 4294783151
[ 116.249549] kmemleak: min_count = 1
[ 116.249554] kmemleak: count = 0
[ 116.249557] kmemleak: flags = 0x21
[ 116.249561] kmemleak: checksum = 0
[ 116.249565] kmemleak: backtrace:
[ 116.249569] pcpu_alloc_noprof+0x87a/0x1170
[ 116.249585] perf_trace_event_init+0x366/0xa10
[ 116.249599] perf_trace_init+0x1a4/0x2f0
[ 116.249617] perf_tp_event_init+0xa6/0x120
[ 116.249635] perf_try_init_event+0x140/0x9f0
[ 116.249649] perf_event_alloc.part.0+0x118e/0x45f0
[ 116.249666] __do_sys_perf_event_open+0x719/0x2c20
[ 116.249679] do_syscall_64+0xbf/0x360
[ 116.249689] entry_SYSCALL_64_after_hwframe+0x77/0x7f
10:21:49 executing program 3:
clone3(&(0x7f0000002740)={0x84102900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
10:21:49 executing program 7:
syz_emit_ethernet(0x22, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x88, 0x0, @empty, @broadcast}}}}}, 0x0)
10:21:49 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
getpid()
kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000006c0)={0x20, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x4}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}]}, 0x20}}, 0x0)
10:21:49 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000dc0), 0x4)
10:21:49 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)={{0x14, 0x28}, [], {0x14}}, 0x28}}, 0x0)
10:21:49 executing program 6:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, 0x0, &(0x7f0000000040))
10:21:49 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r0, 0x0)
10:21:49 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$sock_linger(r0, 0x1, 0x9, &(0x7f0000000080), 0x8)
[ 116.365369] BUG: unable to handle page fault for address: ffffed10212c9746
[ 116.365975] #PF: supervisor read access in kernel mode
[ 116.366410] #PF: error_code(0x0000) - not-present page
[ 116.366844] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0
[ 116.367566] Oops: Oops: 0000 [#1] SMP KASAN NOPTI
[ 116.368627] CPU: 0 UID: 0 PID: 3938 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.371115] Tainted: [W]=WARN
[ 116.372252] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.373766] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.374702] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.377111] RSP: 0018:ffff888045e9f800 EFLAGS: 00010212
[ 116.377556] RAX: 1ffff110212c9746 RBX: ffff88810964b840 RCX: ffffc90005204000
[ 116.378161] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: ffff88810964ba30
[ 116.378773] RBP: ffff888045e9fa70 R08: ffff88806ce31340 R09: ffffe8ffffc17290
[ 116.379369] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 116.379960] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.380549] FS: 00007f394da2c700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.381215] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.381707] CR2: ffffed10212c9746 CR3: 0000000044335000 CR4: 0000000000350ef0
[ 116.382302] Call Trace:
[ 116.382521]
[ 116.382719] ? __pfx_perf_tp_event+0x10/0x10
[ 116.383103] ? perf_tp_event+0x807/0xe70
[ 116.383456] ? lock_is_held_type+0x9e/0x120
[ 116.383830] ? __pfx_perf_tp_event+0x10/0x10
[ 116.384211] ? __pfx_ctx_sched_in+0x10/0x10
[ 116.384576] ? arch_stack_walk+0x9c/0xf0
[ 116.384920] ? find_held_lock+0x2b/0x80
[ 116.385251] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.385686] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.386127] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.386561] perf_trace_run_bpf_submit+0xef/0x180
[ 116.386978] perf_trace_lock_acquire+0x3c2/0x700
[ 116.387389] ? __pfx_perf_trace_lock_acquire+0x10/0x10
[ 116.387844] ? futex_ref_get+0x48/0x300
[ 116.388186] ? find_held_lock+0x2b/0x80
[ 116.388530] lock_acquire+0xc5/0x2f0
[ 116.388846] ? futex_wake+0x228/0x540
[ 116.389186] _raw_spin_lock+0x2b/0x40
[ 116.389513] ? futex_wake+0x228/0x540
[ 116.389837] futex_wake+0x228/0x540
[ 116.390164] ? __pfx_futex_wake+0x10/0x10
[ 116.390525] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 116.390958] ? lock_release+0xc8/0x290
[ 116.391298] do_futex+0x26d/0x370
[ 116.391592] ? __pfx_do_futex+0x10/0x10
[ 116.391932] ? __pfx___do_sys_perf_event_open+0x10/0x10
[ 116.392389] ? find_held_lock+0x2b/0x80
[ 116.392728] __x64_sys_futex+0x1c9/0x4d0
[ 116.393080] ? __pfx___x64_sys_futex+0x10/0x10
[ 116.393468] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.393900] do_syscall_64+0xbf/0x360
[ 116.394236] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.394671] RIP: 0033:0x7f39504b6b19
[ 116.394985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 116.396490] RSP: 002b:00007f394da2c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 116.397107] RAX: ffffffffffffffda RBX: 00007f39505c9f68 RCX: 00007f39504b6b19
[ 116.397685] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f39505c9f6c
[ 116.398267] RBP: 00007f39505c9f60 R08: 000000000000000e R09: 0000000000000000
[ 116.398836] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f39505c9f6c
[ 116.399417] R13: 00007ffd2a5e1b4f R14: 00007f394da2c300 R15: 0000000000022000
[ 116.400009]
[ 116.400204] Modules linked in:
[ 116.400473] CR2: ffffed10212c9746
[ 116.400750] ---[ end trace 0000000000000000 ]---
[ 116.401132] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.401514] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.402980] RSP: 0018:ffff888045e9f800 EFLAGS: 00010212
[ 116.403408] RAX: 1ffff110212c9746 RBX: ffff88810964b840 RCX: ffffc90005204000
[ 116.403987] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: ffff88810964ba30
[ 116.404556] RBP: ffff888045e9fa70 R08: ffff88806ce31340 R09: ffffe8ffffc17290
[ 116.405135] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 116.405701] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.406271] FS: 00007f394da2c700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.406931] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.407419] CR2: ffffed10212c9746 CR3: 0000000044335000 CR4: 0000000000350ef0
[ 116.408003] note: syz-executor.2[3938] exited with irqs disabled
[ 116.408513] BUG: unable to handle page fault for address: ffffed10212c9746
[ 116.409069] #PF: supervisor read access in kernel mode
[ 116.409484] #PF: error_code(0x0000) - not-present page
[ 116.409905] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0
[ 116.410375] Oops: Oops: 0000 [#2] SMP KASAN NOPTI
[ 116.410771] CPU: 0 UID: 0 PID: 3938 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.411724] Tainted: [D]=DIE, [W]=WARN
[ 116.412030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.412690] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.413078] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.414524] RSP: 0018:ffff88806ce08a40 EFLAGS: 00010012
[ 116.414942] RAX: 1ffff110212c9746 RBX: ffff88810964b840 RCX: 0000000000000002
[ 116.415510] RDX: ffff888044c50000 RSI: ffffffff8189a4e7 RDI: ffff88810964ba30
[ 116.416085] RBP: ffff88806ce08cb0 R08: ffff88806ce31490 R09: ffffe8ffffc17290
[ 116.416662] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 116.417241] R13: 0000000000000024 R14: ffff88806ce31490 R15: dffffc0000000000
[ 116.417812] FS: 00007f394da2c700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.418455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.418916] CR2: ffffed10212c9746 CR3: 0000000044335000 CR4: 0000000000350ef0
[ 116.419495] Call Trace:
[ 116.419707]
[ 116.419885] ? __kernel_text_address+0xd/0x40
[ 116.420268] ? __pfx_perf_tp_event+0x10/0x10
[ 116.420638] ? stack_trace_save+0x8e/0xc0
[ 116.420985] ? stack_depot_save_flags+0x2c/0xa20
[ 116.421387] ? kasan_save_stack+0x34/0x50
[ 116.421731] ? kasan_save_stack+0x24/0x50
[ 116.422067] ? kasan_save_track+0x14/0x30
[ 116.422411] ? __kasan_save_free_info+0x3a/0x60
[ 116.422797] ? __kasan_slab_free+0x3f/0x50
[ 116.423141] ? kmem_cache_free+0x2a1/0x540
[ 116.423489] ? rcu_core+0x7c8/0x1800
[ 116.423812] ? handle_softirqs+0x1b1/0x770
[ 116.424158] ? __irq_exit_rcu+0xc4/0x100
[ 116.424506] ? irq_exit_rcu+0x9/0x20
[ 116.424813] ? sysvec_apic_timer_interrupt+0x70/0x80
[ 116.425237] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 116.425675] ? __sanitizer_cov_trace_pc+0x4b/0x80
[ 116.426074] ? ext4_set_inode_flags+0x158/0x4f0
[ 116.426454] ? __ext4_new_inode+0x2159/0x4d70
[ 116.426819] ? ext4_symlink+0x406/0xb40
[ 116.427161] ? vfs_symlink+0x3fe/0x680
[ 116.427484] ? do_symlinkat+0x144/0x300
[ 116.427811] ? __x64_sys_symlink+0x75/0x90
[ 116.428159] ? do_syscall_64+0xbf/0x360
[ 116.428481] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.428917] ? trace_ipi_send_cpu.constprop.0+0x158/0x1c0
[ 116.429367] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.429777] perf_trace_run_bpf_submit+0xef/0x180
[ 116.430182] perf_trace_lock_acquire+0x3c2/0x700
[ 116.430581] ? __pfx_perf_trace_lock_acquire+0x10/0x10
[ 116.431019] ? lock_is_held_type+0x9e/0x120
[ 116.431375] lock_acquire+0xc5/0x2f0
[ 116.431683] ? sched_ttwu_pending+0xa1/0x4a0
[ 116.432054] ? lock_release+0xc8/0x290
[ 116.432376] ? lock_release+0xc8/0x290
[ 116.432696] _raw_spin_lock_nested+0x29/0x40
[ 116.433060] ? sched_ttwu_pending+0xa1/0x4a0
[ 116.433426] sched_ttwu_pending+0xa1/0x4a0
[ 116.433783] ? clockevents_program_event+0x135/0x360
[ 116.434206] ? __pfx_try_to_wake_up+0x10/0x10
[ 116.434577] ? __pfx_sched_ttwu_pending+0x10/0x10
[ 116.434978] ? mark_held_locks+0x49/0x80
[ 116.435305] __flush_smp_call_function_queue+0x434/0x740
[ 116.435758] __sysvec_call_function_single+0x6d/0x370
[ 116.436181] sysvec_call_function_single+0xa1/0xc0
[ 116.436580]
[ 116.436770]
[ 116.436965] asm_sysvec_call_function_single+0x1a/0x20
[ 116.437401] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 116.437789] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de
[ 116.439233] RSP: 0018:ffff888045e9ff28 EFLAGS: 00000246
[ 116.439689] RAX: 0000000000000001 RBX: ffff888044c50000 RCX: ffffffff817c3ab6
[ 116.440255] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 116.440834] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[ 116.441406] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff888044c50000
[ 116.441977] R13: 0000000000000009 R14: ffff888045e9f7e0 R15: 0000000000000000
[ 116.442557] ? trace_irq_enable.constprop.0+0x26/0x100
[ 116.442999] ? make_task_dead+0x214/0x3b0
[ 116.443342] ? make_task_dead+0x214/0x3b0
[ 116.443691] ? do_syscall_64+0xbf/0x360
[ 116.444014] rewind_stack_and_make_dead+0x16/0x20
[ 116.444411] RIP: 0033:0x7f39504b6b19
[ 116.444716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 116.446171] RSP: 002b:00007f394da2c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 116.446779] RAX: ffffffffffffffda RBX: 00007f39505c9f68 RCX: 00007f39504b6b19
[ 116.447358] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f39505c9f6c
[ 116.447925] RBP: 00007f39505c9f60 R08: 000000000000000e R09: 0000000000000000
[ 116.448495] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f39505c9f6c
[ 116.449065] R13: 00007ffd2a5e1b4f R14: 00007f394da2c300 R15: 0000000000022000
[ 116.449634]
[ 116.449822] Modules linked in:
[ 116.450079] CR2: ffffed10212c9746
[ 116.450368] ---[ end trace 0000000000000000 ]---
[ 116.450741] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.451133] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.452583] RSP: 0018:ffff888045e9f800 EFLAGS: 00010212
[ 116.453004] RAX: 1ffff110212c9746 RBX: ffff88810964b840 RCX: ffffc90005204000
[ 116.453576] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: ffff88810964ba30
[ 116.454156] RBP: ffff888045e9fa70 R08: ffff88806ce31340 R09: ffffe8ffffc17290
[ 116.454727] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 116.455302] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.455879] FS: 00007f394da2c700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.456529] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.456999] CR2: ffffed10212c9746 CR3: 0000000044335000 CR4: 0000000000350ef0
[ 116.457584] Kernel panic - not syncing: Fatal exception in interrupt
[ 116.458291] Kernel Offset: disabled
[ 116.458589] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
10:21:49 Registers:
info registers vcpu 0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff828e5070 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888045e9eff0
R8 =0000000000000000 R9 =ffffed1001731046 R10=00000000000fe503 R11=000000000000002c
R12=0000000000000823 R13=0000000000000020 R14=fffffbfff10e52a2 R15=dffffc0000000000
RIP=ffffffff828e50c5 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f394da2c700 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe4f00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=ffffed10212c9746 CR3=0000000044335000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f395059d7c000007f395059d7c8
XMM02=00007f395059d7e000007f395059d7c0 XMM03=00007f395059d7c800007f395059d7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=1ffffffff0b41819 RBX=0000000000000002 RCX=ffffffff813bad3e RDX=0000000000000000
RSI=dffffc0000000000 RDI=ffff88806cf31850 RBP=ffffffff85a0c0c8 RSP=ffff88806cf08f78
R8 =0000000000000000 R9 =fffffbfff0c8768a R10=ffffffff8643b457 R11=ffff88806cf37018
R12=0000000000000101 R13=0000000000000001 R14=0000000000000002 R15=0000000000000001
RIP=ffffffff813bac62 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fb171e24700 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe2f00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb1749c2018 CR3=000000000d3d5000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007fb1749957c000007fb1749957c8
XMM02=00007fb1749957e000007fb1749957c0 XMM03=00007fb1749957c800007fb1749957c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000