Warning: Permanently added '[localhost]:17306' (ECDSA) to the list of known hosts. 2025/09/01 11:04:30 fuzzer started 2025/09/01 11:04:31 dialing manager at localhost:35473 syzkaller login: [ 51.942654] cgroup: Unknown subsys name 'net' [ 52.020208] cgroup: Unknown subsys name 'cpuset' [ 52.033614] cgroup: Unknown subsys name 'rlimit' 2025/09/01 11:04:41 syscalls: 2214 2025/09/01 11:04:41 code coverage: enabled 2025/09/01 11:04:41 comparison tracing: enabled 2025/09/01 11:04:41 extra coverage: enabled 2025/09/01 11:04:41 setuid sandbox: enabled 2025/09/01 11:04:41 namespace sandbox: enabled 2025/09/01 11:04:41 Android sandbox: enabled 2025/09/01 11:04:41 fault injection: enabled 2025/09/01 11:04:41 leak checking: enabled 2025/09/01 11:04:41 net packet injection: enabled 2025/09/01 11:04:41 net device setup: enabled 2025/09/01 11:04:41 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 11:04:41 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 11:04:41 USB emulation: enabled 2025/09/01 11:04:41 hci packet injection: enabled 2025/09/01 11:04:41 wifi device emulation: enabled 2025/09/01 11:04:41 802.15.4 emulation: enabled 2025/09/01 11:04:41 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 11:04:41 fetching corpus: 50, signal 22209/25726 (executing program) 2025/09/01 11:04:41 fetching corpus: 100, signal 31861/36811 (executing program) 2025/09/01 11:04:41 fetching corpus: 150, signal 42978/49065 (executing program) 2025/09/01 11:04:42 fetching corpus: 200, signal 49447/56714 (executing program) 2025/09/01 11:04:42 fetching corpus: 250, signal 59661/67730 (executing program) 2025/09/01 11:04:42 fetching corpus: 300, signal 62803/71979 (executing program) 2025/09/01 11:04:42 fetching corpus: 350, signal 66931/77117 (executing program) 2025/09/01 11:04:42 fetching corpus: 400, signal 70508/81655 (executing program) 2025/09/01 11:04:42 fetching corpus: 450, signal 72411/84625 (executing program) 2025/09/01 11:04:42 fetching corpus: 500, signal 74678/87855 (executing program) 2025/09/01 11:04:42 fetching corpus: 550, signal 77733/91717 (executing program) 2025/09/01 11:04:42 fetching corpus: 600, signal 79282/94202 (executing program) 2025/09/01 11:04:42 fetching corpus: 650, signal 81122/96923 (executing program) 2025/09/01 11:04:43 fetching corpus: 700, signal 83545/100099 (executing program) 2025/09/01 11:04:43 fetching corpus: 750, signal 85920/103195 (executing program) 2025/09/01 11:04:43 fetching corpus: 800, signal 87543/105645 (executing program) 2025/09/01 11:04:43 fetching corpus: 850, signal 90499/109153 (executing program) 2025/09/01 11:04:43 fetching corpus: 900, signal 93003/112191 (executing program) 2025/09/01 11:04:43 fetching corpus: 950, signal 94350/114242 (executing program) 2025/09/01 11:04:43 fetching corpus: 1000, signal 95478/116098 (executing program) 2025/09/01 11:04:43 fetching corpus: 1050, signal 97314/118484 (executing program) 2025/09/01 11:04:43 fetching corpus: 1100, signal 99220/120890 (executing program) 2025/09/01 11:04:44 fetching corpus: 1150, signal 100255/122586 (executing program) 2025/09/01 11:04:44 fetching corpus: 1200, signal 103835/126152 (executing program) 2025/09/01 11:04:44 fetching corpus: 1250, signal 105067/127960 (executing program) 2025/09/01 11:04:44 fetching corpus: 1300, signal 106844/130112 (executing program) 2025/09/01 11:04:44 fetching corpus: 1350, signal 108275/131925 (executing program) 2025/09/01 11:04:44 fetching corpus: 1400, signal 109670/133713 (executing program) 2025/09/01 11:04:44 fetching corpus: 1450, signal 110389/135027 (executing program) 2025/09/01 11:04:44 fetching corpus: 1500, signal 111324/136531 (executing program) 2025/09/01 11:04:44 fetching corpus: 1550, signal 113464/138740 (executing program) 2025/09/01 11:04:44 fetching corpus: 1600, signal 114587/140251 (executing program) 2025/09/01 11:04:44 fetching corpus: 1650, signal 115929/141921 (executing program) 2025/09/01 11:04:45 fetching corpus: 1700, signal 117014/143378 (executing program) 2025/09/01 11:04:45 fetching corpus: 1750, signal 118360/145000 (executing program) 2025/09/01 11:04:45 fetching corpus: 1800, signal 119631/146454 (executing program) 2025/09/01 11:04:45 fetching corpus: 1850, signal 121793/148540 (executing program) 2025/09/01 11:04:45 fetching corpus: 1900, signal 122894/149847 (executing program) 2025/09/01 11:04:45 fetching corpus: 1950, signal 124106/151316 (executing program) 2025/09/01 11:04:45 fetching corpus: 2000, signal 125537/152825 (executing program) 2025/09/01 11:04:45 fetching corpus: 2050, signal 126116/153834 (executing program) 2025/09/01 11:04:45 fetching corpus: 2100, signal 127031/155008 (executing program) 2025/09/01 11:04:46 fetching corpus: 2150, signal 127898/156062 (executing program) 2025/09/01 11:04:46 fetching corpus: 2200, signal 128995/157310 (executing program) 2025/09/01 11:04:46 fetching corpus: 2250, signal 130218/158603 (executing program) 2025/09/01 11:04:46 fetching corpus: 2300, signal 130888/159564 (executing program) 2025/09/01 11:04:46 fetching corpus: 2350, signal 131435/160416 (executing program) 2025/09/01 11:04:46 fetching corpus: 2400, signal 132094/161325 (executing program) 2025/09/01 11:04:46 fetching corpus: 2450, signal 132882/162283 (executing program) 2025/09/01 11:04:46 fetching corpus: 2500, signal 133719/163255 (executing program) 2025/09/01 11:04:46 fetching corpus: 2550, signal 134448/164178 (executing program) 2025/09/01 11:04:46 fetching corpus: 2600, signal 135042/164985 (executing program) 2025/09/01 11:04:46 fetching corpus: 2650, signal 135588/165787 (executing program) 2025/09/01 11:04:46 fetching corpus: 2700, signal 136461/166735 (executing program) 2025/09/01 11:04:47 fetching corpus: 2750, signal 137101/167559 (executing program) 2025/09/01 11:04:47 fetching corpus: 2800, signal 137622/168321 (executing program) 2025/09/01 11:04:47 fetching corpus: 2850, signal 138169/169031 (executing program) 2025/09/01 11:04:47 fetching corpus: 2900, signal 138739/169783 (executing program) 2025/09/01 11:04:47 fetching corpus: 2950, signal 139424/170566 (executing program) 2025/09/01 11:04:47 fetching corpus: 3000, signal 139955/171272 (executing program) 2025/09/01 11:04:47 fetching corpus: 3050, signal 140482/172030 (executing program) 2025/09/01 11:04:47 fetching corpus: 3100, signal 141217/172791 (executing program) 2025/09/01 11:04:47 fetching corpus: 3150, signal 141806/173524 (executing program) 2025/09/01 11:04:47 fetching corpus: 3200, signal 142297/174198 (executing program) 2025/09/01 11:04:47 fetching corpus: 3250, signal 143292/174972 (executing program) 2025/09/01 11:04:48 fetching corpus: 3300, signal 143786/175608 (executing program) 2025/09/01 11:04:48 fetching corpus: 3350, signal 144347/176249 (executing program) 2025/09/01 11:04:48 fetching corpus: 3400, signal 145062/176940 (executing program) 2025/09/01 11:04:48 fetching corpus: 3450, signal 145920/177583 (executing program) 2025/09/01 11:04:48 fetching corpus: 3500, signal 147156/178374 (executing program) 2025/09/01 11:04:48 fetching corpus: 3550, signal 147773/178944 (executing program) 2025/09/01 11:04:48 fetching corpus: 3600, signal 148176/179443 (executing program) 2025/09/01 11:04:48 fetching corpus: 3650, signal 148492/179919 (executing program) 2025/09/01 11:04:48 fetching corpus: 3700, signal 148899/180435 (executing program) 2025/09/01 11:04:48 fetching corpus: 3750, signal 149555/180958 (executing program) 2025/09/01 11:04:49 fetching corpus: 3800, signal 150166/181502 (executing program) 2025/09/01 11:04:49 fetching corpus: 3850, signal 150891/182076 (executing program) 2025/09/01 11:04:49 fetching corpus: 3900, signal 151456/182567 (executing program) 2025/09/01 11:04:49 fetching corpus: 3950, signal 151910/183050 (executing program) 2025/09/01 11:04:49 fetching corpus: 4000, signal 152263/183451 (executing program) 2025/09/01 11:04:49 fetching corpus: 4050, signal 154486/184078 (executing program) 2025/09/01 11:04:49 fetching corpus: 4100, signal 154897/184532 (executing program) 2025/09/01 11:04:49 fetching corpus: 4150, signal 155479/184953 (executing program) 2025/09/01 11:04:49 fetching corpus: 4200, signal 155974/185349 (executing program) 2025/09/01 11:04:49 fetching corpus: 4250, signal 156572/185741 (executing program) 2025/09/01 11:04:50 fetching corpus: 4300, signal 157023/186137 (executing program) 2025/09/01 11:04:50 fetching corpus: 4350, signal 157500/186590 (executing program) 2025/09/01 11:04:50 fetching corpus: 4400, signal 158076/186935 (executing program) 2025/09/01 11:04:50 fetching corpus: 4450, signal 158538/187294 (executing program) 2025/09/01 11:04:50 fetching corpus: 4500, signal 158858/187606 (executing program) 2025/09/01 11:04:50 fetching corpus: 4550, signal 159378/187966 (executing program) 2025/09/01 11:04:50 fetching corpus: 4600, signal 159822/188176 (executing program) 2025/09/01 11:04:50 fetching corpus: 4650, signal 160317/188177 (executing program) 2025/09/01 11:04:50 fetching corpus: 4700, signal 160775/188180 (executing program) 2025/09/01 11:04:50 fetching corpus: 4750, signal 161233/188180 (executing program) 2025/09/01 11:04:51 fetching corpus: 4800, signal 161670/188188 (executing program) 2025/09/01 11:04:51 fetching corpus: 4850, signal 162032/188251 (executing program) 2025/09/01 11:04:51 fetching corpus: 4900, signal 162548/188258 (executing program) 2025/09/01 11:04:51 fetching corpus: 4950, signal 162938/188281 (executing program) 2025/09/01 11:04:51 fetching corpus: 5000, signal 163384/188293 (executing program) 2025/09/01 11:04:51 fetching corpus: 5050, signal 164003/188326 (executing program) 2025/09/01 11:04:51 fetching corpus: 5100, signal 164658/188329 (executing program) 2025/09/01 11:04:51 fetching corpus: 5150, signal 165695/188353 (executing program) 2025/09/01 11:04:51 fetching corpus: 5200, signal 166140/188353 (executing program) 2025/09/01 11:04:51 fetching corpus: 5250, signal 166401/188370 (executing program) 2025/09/01 11:04:51 fetching corpus: 5300, signal 166770/188372 (executing program) 2025/09/01 11:04:51 fetching corpus: 5350, signal 167195/188374 (executing program) 2025/09/01 11:04:52 fetching corpus: 5400, signal 167617/188375 (executing program) 2025/09/01 11:04:52 fetching corpus: 5450, signal 168056/188380 (executing program) 2025/09/01 11:04:52 fetching corpus: 5500, signal 168321/188388 (executing program) 2025/09/01 11:04:52 fetching corpus: 5550, signal 168705/188391 (executing program) 2025/09/01 11:04:52 fetching corpus: 5600, signal 168939/188400 (executing program) 2025/09/01 11:04:52 fetching corpus: 5650, signal 169312/188415 (executing program) 2025/09/01 11:04:52 fetching corpus: 5700, signal 169715/188420 (executing program) 2025/09/01 11:04:52 fetching corpus: 5750, signal 169996/188431 (executing program) 2025/09/01 11:04:52 fetching corpus: 5800, signal 170216/188445 (executing program) 2025/09/01 11:04:52 fetching corpus: 5850, signal 170547/188445 (executing program) 2025/09/01 11:04:52 fetching corpus: 5900, signal 170900/188477 (executing program) 2025/09/01 11:04:52 fetching corpus: 5950, signal 171177/188489 (executing program) 2025/09/01 11:04:52 fetching corpus: 6000, signal 171545/188490 (executing program) 2025/09/01 11:04:52 fetching corpus: 6050, signal 171954/188491 (executing program) 2025/09/01 11:04:53 fetching corpus: 6100, signal 172267/188495 (executing program) 2025/09/01 11:04:53 fetching corpus: 6150, signal 172709/188499 (executing program) 2025/09/01 11:04:53 fetching corpus: 6200, signal 173046/188506 (executing program) 2025/09/01 11:04:53 fetching corpus: 6250, signal 173236/188507 (executing program) 2025/09/01 11:04:53 fetching corpus: 6300, signal 173678/188550 (executing program) 2025/09/01 11:04:53 fetching corpus: 6350, signal 174055/188551 (executing program) 2025/09/01 11:04:53 fetching corpus: 6400, signal 174533/188555 (executing program) 2025/09/01 11:04:53 fetching corpus: 6450, signal 174903/188560 (executing program) 2025/09/01 11:04:53 fetching corpus: 6500, signal 175270/188562 (executing program) 2025/09/01 11:04:53 fetching corpus: 6550, signal 175703/188566 (executing program) 2025/09/01 11:04:53 fetching corpus: 6600, signal 175981/188568 (executing program) 2025/09/01 11:04:53 fetching corpus: 6650, signal 176302/188572 (executing program) 2025/09/01 11:04:53 fetching corpus: 6700, signal 176603/188577 (executing program) 2025/09/01 11:04:54 fetching corpus: 6750, signal 176944/188581 (executing program) 2025/09/01 11:04:54 fetching corpus: 6800, signal 177438/188597 (executing program) 2025/09/01 11:04:54 fetching corpus: 6850, signal 178024/188598 (executing program) 2025/09/01 11:04:54 fetching corpus: 6900, signal 178510/188603 (executing program) 2025/09/01 11:04:54 fetching corpus: 6950, signal 178939/188613 (executing program) 2025/09/01 11:04:54 fetching corpus: 7000, signal 179116/188619 (executing program) 2025/09/01 11:04:54 fetching corpus: 7050, signal 179414/188627 (executing program) 2025/09/01 11:04:54 fetching corpus: 7100, signal 179709/188632 (executing program) 2025/09/01 11:04:54 fetching corpus: 7150, signal 180133/188634 (executing program) 2025/09/01 11:04:54 fetching corpus: 7200, signal 180366/188637 (executing program) 2025/09/01 11:04:54 fetching corpus: 7250, signal 180686/188691 (executing program) 2025/09/01 11:04:54 fetching corpus: 7300, signal 181012/188695 (executing program) 2025/09/01 11:04:54 fetching corpus: 7350, signal 181525/188702 (executing program) 2025/09/01 11:04:55 fetching corpus: 7400, signal 181940/188702 (executing program) 2025/09/01 11:04:55 fetching corpus: 7450, signal 182181/188712 (executing program) 2025/09/01 11:04:55 fetching corpus: 7500, signal 182502/188715 (executing program) 2025/09/01 11:04:55 fetching corpus: 7550, signal 182744/188717 (executing program) 2025/09/01 11:04:55 fetching corpus: 7600, signal 183001/188728 (executing program) 2025/09/01 11:04:55 fetching corpus: 7650, signal 183233/188734 (executing program) 2025/09/01 11:04:55 fetching corpus: 7700, signal 183632/188740 (executing program) 2025/09/01 11:04:55 fetching corpus: 7750, signal 183834/188746 (executing program) 2025/09/01 11:04:55 fetching corpus: 7800, signal 184038/188756 (executing program) 2025/09/01 11:04:55 fetching corpus: 7850, signal 184269/188757 (executing program) 2025/09/01 11:04:55 fetching corpus: 7900, signal 184429/188758 (executing program) 2025/09/01 11:04:55 fetching corpus: 7950, signal 184742/188785 (executing program) 2025/09/01 11:04:55 fetching corpus: 8000, signal 184996/188800 (executing program) 2025/09/01 11:04:56 fetching corpus: 8050, signal 185476/188802 (executing program) 2025/09/01 11:04:56 fetching corpus: 8100, signal 185681/188833 (executing program) 2025/09/01 11:04:56 fetching corpus: 8150, signal 185925/188857 (executing program) 2025/09/01 11:04:56 fetching corpus: 8200, signal 186284/188865 (executing program) 2025/09/01 11:04:56 fetching corpus: 8214, signal 186357/188870 (executing program) 2025/09/01 11:04:56 fetching corpus: 8214, signal 186357/188870 (executing program) 2025/09/01 11:04:58 starting 8 fuzzer processes 11:04:58 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$IP_SET_OP_GET_BYNAME(r0, 0x1, 0x48, 0x0, &(0x7f0000000000)) 11:04:58 executing program 1: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x80081280, &(0x7f0000002040)) 11:04:58 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) ioctl$CDROM_SELECT_SPEED(r0, 0x5322, 0x9) 11:04:58 executing program 4: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) fcntl$setstatus(r0, 0x4, 0x2000) close(r0) 11:04:58 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2(0x0, 0x0) syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000f00)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) 11:04:58 executing program 3: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f00000000c0)) 11:04:59 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x3, 0xffffffffffffffff, 0xcb3}) [ 79.684796] audit: type=1400 audit(1756724699.013:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:04:59 executing program 6: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/mcfilter6\x00') pread64(r0, &(0x7f0000000000)=""/56, 0x38, 0x69) [ 80.867109] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 80.869384] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 80.873439] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 80.877235] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 80.879562] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 81.073027] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 81.078384] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 81.080465] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 81.083475] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 81.085441] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 81.091092] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 81.100645] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 81.103540] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 81.107005] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 81.108656] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 81.112934] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 81.115623] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 81.117450] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 81.123486] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 81.127008] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 81.131453] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 81.133394] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 81.136622] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 81.140446] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 81.145681] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 81.151526] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 81.154289] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 81.156467] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 81.156466] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 81.157840] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 81.166358] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 81.168724] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 81.174519] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 81.175808] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 81.181662] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 81.191582] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 81.192810] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 81.194581] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 81.229424] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 81.232066] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 82.905132] Bluetooth: hci0: command tx timeout [ 83.160224] Bluetooth: hci1: command tx timeout [ 83.223229] Bluetooth: hci3: command tx timeout [ 83.223879] Bluetooth: hci6: command tx timeout [ 83.224374] Bluetooth: hci4: command tx timeout [ 83.224818] Bluetooth: hci2: command tx timeout [ 83.287744] Bluetooth: hci7: command tx timeout [ 83.288532] Bluetooth: hci5: command tx timeout [ 84.951598] Bluetooth: hci0: command tx timeout [ 85.207367] Bluetooth: hci1: command tx timeout [ 85.270493] Bluetooth: hci2: command tx timeout [ 85.271604] Bluetooth: hci4: command tx timeout [ 85.272858] Bluetooth: hci6: command tx timeout [ 85.273667] Bluetooth: hci3: command tx timeout [ 85.336188] Bluetooth: hci7: command tx timeout [ 85.336981] Bluetooth: hci5: command tx timeout [ 86.998284] Bluetooth: hci0: command tx timeout [ 87.255275] Bluetooth: hci1: command tx timeout [ 87.319212] Bluetooth: hci6: command tx timeout [ 87.319668] Bluetooth: hci2: command tx timeout [ 87.320075] Bluetooth: hci3: command tx timeout [ 87.320518] Bluetooth: hci4: command tx timeout [ 87.383248] Bluetooth: hci5: command tx timeout [ 87.383680] Bluetooth: hci7: command tx timeout [ 89.049322] Bluetooth: hci0: command tx timeout [ 89.303203] Bluetooth: hci1: command tx timeout [ 89.366267] Bluetooth: hci6: command tx timeout [ 89.366698] Bluetooth: hci4: command tx timeout [ 89.367089] Bluetooth: hci3: command tx timeout [ 89.368212] Bluetooth: hci2: command tx timeout [ 89.431179] Bluetooth: hci5: command tx timeout [ 89.431609] Bluetooth: hci7: command tx timeout [ 122.358286] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.358938] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.550248] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.550853] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:05:42 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSSOFTCAR(r0, 0x540b, &(0x7f0000000140)) 11:05:42 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSSOFTCAR(r0, 0x540b, &(0x7f0000000140)) 11:05:42 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSSOFTCAR(r0, 0x540b, &(0x7f0000000140)) 11:05:42 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSSOFTCAR(r0, 0x540b, &(0x7f0000000140)) 11:05:42 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000100)) 11:05:42 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000100)) 11:05:42 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000100)) 11:05:43 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000100)) [ 123.972552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.973180] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.076616] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.078158] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.231218] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.231836] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.345960] audit: type=1400 audit(1756724743.673:8): avc: denied { open } for pid=3883 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.349889] audit: type=1400 audit(1756724743.673:9): avc: denied { kernel } for pid=3883 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.354173] audit: type=1400 audit(1756724743.682:10): avc: denied { write } for pid=3883 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.398823] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.399493] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.444861] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.445792] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.519815] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.521438] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.560922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 124.565248] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 124.580443] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.581075] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.628754] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.629464] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.660299] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.660909] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.692956] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.693639] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.807300] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.807911] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.828581] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.829288] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.840301] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.840904] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.903612] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.904350] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.072585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 125.073667] misc raw-gadget: fail, usb_gadget_register_driver returned -16 11:05:44 executing program 0: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000600), 0xe) 11:05:44 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=@getspdinfo={0x14, 0x25, 0x1}, 0x33fe0}}, 0x0) 11:05:44 executing program 6: creat(&(0x7f00000003c0)='./file0\x00', 0x0) openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x27}, 0x21) 11:05:44 executing program 3: creat(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6002, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r0, r1, 0x0, 0x400) creat(&(0x7f0000000080)='./file0\x00', 0x0) sendfile(r0, r1, 0x0, 0x10400) 11:05:44 executing program 4: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) fcntl$setstatus(r0, 0x4, 0x2000) close(r0) 11:05:44 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x3, 0xffffffffffffffff, 0xcb3}) 11:05:44 executing program 5: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x100010, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, 0x0, 0x24045890) ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, 0x0) clone3(&(0x7f0000001c00)={0x4000, 0x0, 0x0, &(0x7f0000001a40), {0x20}, &(0x7f0000001a80)=""/188, 0xbc, &(0x7f0000001b40)=""/95, &(0x7f0000001bc0)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff], 0x3}, 0x58) 11:05:44 executing program 1: keyctl$restrict_keyring(0xc, 0x0, &(0x7f0000000140)='asymmetric\x00', &(0x7f0000000180)='0\xf87Z)\x95\xa0\x9f\xfc\x84\xcf') 11:05:44 executing program 6: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00') io_setup(0x9, &(0x7f0000000180)=0x0) r2 = inotify_init1(0x0) dup2(r2, r0) io_submit(r1, 0x1, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 11:05:44 executing program 4: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) fcntl$setstatus(r0, 0x4, 0x2000) close(r0) 11:05:44 executing program 1: syz_mount_image$ext4(0x0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080)=@v3, 0x18, 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=""/17, 0x11) 11:05:44 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x3, 0xffffffffffffffff, 0xcb3}) 11:05:44 executing program 3: creat(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6002, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r0, r1, 0x0, 0x400) creat(&(0x7f0000000080)='./file0\x00', 0x0) sendfile(r0, r1, 0x0, 0x10400) 11:05:44 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/partitions\x00', 0x0, 0x0) pread64(r0, &(0x7f0000000200)=""/4096, 0x1000, 0x3) 11:05:44 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x3, 0xffffffffffffffff, 0xcb3}) [ 125.296595] kmemleak: Found object by alias at 0x607f1a63e87c [ 125.296618] CPU: 0 UID: 0 PID: 3936 Comm: syz-executor.1 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 125.296638] Tainted: [W]=WARN [ 125.296641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 125.296649] Call Trace: [ 125.296653] [ 125.296658] dump_stack_lvl+0xca/0x120 [ 125.296684] __lookup_object+0x94/0xb0 [ 125.296702] delete_object_full+0x27/0x70 [ 125.296718] free_percpu+0x30/0x1160 [ 125.296737] ? arch_uprobe_clear_state+0x16/0x140 [ 125.296758] futex_hash_free+0x38/0xc0 [ 125.296773] mmput+0x2d3/0x390 [ 125.296792] do_exit+0x79d/0x2970 [ 125.296807] ? lock_release+0xc8/0x290 [ 125.296824] ? __pfx_do_exit+0x10/0x10 [ 125.296839] ? find_held_lock+0x2b/0x80 [ 125.296857] ? get_signal+0x835/0x2340 [ 125.296878] do_group_exit+0xd3/0x2a0 [ 125.296893] get_signal+0x2315/0x2340 [ 125.296916] ? __pfx_get_signal+0x10/0x10 [ 125.296933] ? do_futex+0x135/0x370 [ 125.296947] ? __pfx_do_futex+0x10/0x10 [ 125.296962] arch_do_signal_or_restart+0x80/0x790 [ 125.296981] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 125.296998] ? __x64_sys_futex+0x1c9/0x4d0 [ 125.297010] ? __x64_sys_futex+0x1d2/0x4d0 [ 125.297024] ? putname+0x3c/0x50 [ 125.297041] ? __pfx___x64_sys_futex+0x10/0x10 [ 125.297055] ? __pfx_path_listxattrat+0x10/0x10 [ 125.297071] exit_to_user_mode_loop+0x8b/0x110 [ 125.297084] do_syscall_64+0x2f7/0x360 [ 125.297098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.297110] RIP: 0033:0x7f30a921ab19 [ 125.297124] Code: Unable to access opcode bytes at 0x7f30a921aaef. [ 125.297129] RSP: 002b:00007f30a676f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.297141] RAX: fffffffffffffe00 RBX: 00007f30a932e028 RCX: 00007f30a921ab19 [ 125.297149] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f30a932e028 [ 125.297156] RBP: 00007f30a932e020 R08: 0000000000000000 R09: 0000000000000000 [ 125.297163] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f30a932e02c [ 125.297170] R13: 00007ffde342c95f R14: 00007f30a676f300 R15: 0000000000022000 [ 125.297185] [ 125.297189] kmemleak: Object (percpu) 0x607f1a63e878 (size 8): [ 125.297196] kmemleak: comm "syz-executor.6", pid 3933, jiffies 4294792123 [ 125.297203] kmemleak: min_count = 1 [ 125.297207] kmemleak: count = 0 [ 125.297211] kmemleak: flags = 0x21 [ 125.297215] kmemleak: checksum = 0 [ 125.297219] kmemleak: backtrace: [ 125.297222] pcpu_alloc_noprof+0x87a/0x1170 [ 125.297238] percpu_ref_init+0x37/0x400 [ 125.297249] ioctx_alloc+0x368/0x1e10 [ 125.297262] __x64_sys_io_setup+0xc8/0x1f0 [ 125.297275] do_syscall_64+0xbf/0x360 [ 125.297284] entry_SYSCALL_64_after_hwframe+0x77/0x7f 11:05:44 executing program 4: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) fcntl$setstatus(r0, 0x4, 0x2000) close(r0) 11:05:45 executing program 0: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f0000000040)) 11:05:45 executing program 2: setresuid(0xee01, 0xee00, 0x0) r0 = socket$nl_audit(0x10, 0x3, 0x9) open_by_handle_at(r0, &(0x7f0000000140)=@GFS2_SMALL_FH_SIZE={0x10}, 0x0) 11:05:45 executing program 7: syz_mount_image$ext4(&(0x7f0000000300)='ext3\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000800)=[{&(0x7f0000000380)=':', 0x1, 0x80000001}, {&(0x7f0000000400)='U', 0x1}], 0x80430, &(0x7f0000000900)) 11:05:45 executing program 3: creat(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6002, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r0, r1, 0x0, 0x400) creat(&(0x7f0000000080)='./file0\x00', 0x0) sendfile(r0, r1, 0x0, 0x10400) 11:05:45 executing program 5: r0 = memfd_create(&(0x7f0000001280)='\x00', 0x0) r1 = memfd_create(&(0x7f0000000080)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x10) copy_file_range(r0, 0x0, r1, 0x0, 0x0, 0x0) 11:05:45 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$sock(r0, &(0x7f00000045c0)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000940)="e4", 0x1}], 0x1, &(0x7f0000000a80)=[@txtime={{0x18}}], 0x18}}], 0x1, 0x0) 11:05:45 executing program 1: syz_mount_image$ext4(0x0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080)=@v3, 0x18, 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=""/17, 0x11) 11:05:45 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000003680)={0xffffffffffffffff}) connect$unix(r0, &(0x7f00000036c0)=@abs, 0x6e) [ 126.031639] loop7: detected capacity change from 0 to 264192 [ 126.056396] loop7: detected capacity change from 0 to 264192 11:05:45 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000280)={0x20, r1, 0x1, 0x0, 0x0, {0x6}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}}, 0x0) [ 126.170209] BUG: unable to handle page fault for address: ffffffff00000190 [ 126.170809] #PF: supervisor read access in kernel mode [ 126.171228] #PF: error_code(0x0000) - not-present page [ 126.171647] PGD 5a8b067 P4D 5a8b067 PUD 0 [ 126.171992] Oops: Oops: 0000 [#1] SMP KASAN NOPTI [ 126.173025] CPU: 1 UID: 0 PID: 66 Comm: kmemleak Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 126.175527] Tainted: [W]=WARN [ 126.176223] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.178371] RIP: 0010:perf_tp_event+0x186/0xe70 [ 126.179446] Code: 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 <44> 8b ab f0 01 00 00 31 ff 41 83 e5 01 44 89 ee e8 c5 4c ea ff 45 [ 126.181623] RSP: 0018:ffff88806cf089c0 EFLAGS: 00010046 [ 126.182047] RAX: 0000000000000000 RBX: fffffffeffffffa0 RCX: 0000000000000002 [ 126.182626] RDX: ffff88800f133700 RSI: ffffffff8189a4e7 RDI: ffffffff00000190 [ 126.183186] RBP: ffff88806cf08c30 R08: ffff88806cf313e8 R09: ffffe8ffffd15b10 [ 126.183754] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.184318] R13: 0000000000000014 R14: ffff88806cf313e8 R15: dffffc0000000000 [ 126.184883] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 126.185515] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.185979] CR2: ffffffff00000190 CR3: 000000004533f000 CR4: 0000000000350ef0 [ 126.186542] Call Trace: [ 126.186752] [ 126.186929] ? ret_from_fork_asm+0x1a/0x30 [ 126.187283] ? kernel_text_address+0x11/0xc0 [ 126.187645] ? __pfx_perf_tp_event+0x10/0x10 [ 126.188002] ? ret_from_fork_asm+0x1a/0x30 [ 126.188345] ? stack_trace_save+0x8e/0xc0 [ 126.188678] ? stack_depot_save_flags+0x2c/0xa20 [ 126.189061] ? kasan_save_stack+0x34/0x50 [ 126.189398] ? kasan_save_stack+0x24/0x50 [ 126.189735] ? kasan_save_track+0x14/0x30 [ 126.190068] ? __kasan_save_free_info+0x3a/0x60 [ 126.190443] ? __kasan_slab_free+0x3f/0x50 [ 126.190783] ? kfree+0x281/0x550 [ 126.191063] ? ip6_dst_destroy+0x2e2/0x380 [ 126.191413] ? dst_destroy+0xc1/0x340 [ 126.191727] ? rcu_core+0x7c8/0x1800 [ 126.192029] ? handle_softirqs+0x1b1/0x770 [ 126.192374] ? __irq_exit_rcu+0xc4/0x100 [ 126.192705] ? irq_exit_rcu+0x9/0x20 [ 126.193001] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 126.193410] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 126.193838] ? _raw_spin_unlock_irqrestore+0x34/0x50 [ 126.194243] ? scan_gray_list+0x213/0x290 [ 126.194583] ? kmemleak_scan+0x574/0xe00 [ 126.194910] ? kmemleak_scan_thread+0x78/0xc0 [ 126.195282] ? kthread+0x3c8/0x740 [ 126.195573] ? ret_from_fork+0x34b/0x430 [ 126.195906] ? ret_from_fork_asm+0x1a/0x30 [ 126.196246] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.196646] perf_trace_run_bpf_submit+0xef/0x180 [ 126.197037] perf_trace_preemptirq_template+0x259/0x430 [ 126.197463] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 126.197930] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 126.198392] ? _raw_spin_lock_irqsave+0x53/0x60 [ 126.198768] trace_irq_disable.constprop.0+0xa6/0x100 [ 126.199180] _raw_spin_lock_irqsave+0x53/0x60 [ 126.199554] delete_object_full+0x17/0x70 [ 126.199889] kmem_cache_free+0x33a/0x540 [ 126.200214] ? dst_destroy+0x23c/0x340 [ 126.200531] ? rcu_core+0x7c3/0x1800 [ 126.200835] dst_destroy+0x23c/0x340 [ 126.201139] rcu_core+0x7c8/0x1800 [ 126.201431] ? __pfx_rcu_core+0x10/0x10 [ 126.201751] ? mark_held_locks+0x49/0x80 [ 126.202088] handle_softirqs+0x1b1/0x770 [ 126.202424] __irq_exit_rcu+0xc4/0x100 [ 126.202744] irq_exit_rcu+0x9/0x20 [ 126.203027] sysvec_apic_timer_interrupt+0x70/0x80 [ 126.203439] [ 126.203624] [ 126.203809] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 126.204233] RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50 [ 126.204697] Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 16 a5 93 fc 48 89 ef e8 4e f0 93 fc 80 e7 02 74 06 e8 e4 07 be fc fb 65 ff 0d 6c 4c c6 02 <74> 07 5b 5d e9 33 23 00 00 0f 1f 44 00 00 5b 5d e9 27 23 00 00 0f [ 126.206150] RSP: 0018:ffff88800f57fdf0 EFLAGS: 00000286 [ 126.206577] RAX: 000000000014fa73 RBX: 0000000000000246 RCX: 0000000000000040 [ 126.207150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff84be33bc [ 126.207716] RBP: ffffffff886ef920 R08: 0000000000000001 R09: 0000000000000001 [ 126.208274] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff88800f133700 [ 126.208836] R13: ffff888070de1000 R14: 0000000000000246 R15: ffff888070e00000 [ 126.209401] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 126.209811] scan_gray_list+0x213/0x290 [ 126.210138] kmemleak_scan+0x574/0xe00 [ 126.210455] ? __pfx_kmemleak_scan_thread+0x10/0x10 [ 126.210856] kmemleak_scan_thread+0x78/0xc0 [ 126.211209] kthread+0x3c8/0x740 [ 126.211492] ? __pfx_kthread+0x10/0x10 [ 126.211804] ? ret_from_fork+0x23/0x430 [ 126.212134] ? lock_release+0xc8/0x290 [ 126.212448] ? __pfx_kthread+0x10/0x10 [ 126.212760] ret_from_fork+0x34b/0x430 [ 126.213078] ? __pfx_kthread+0x10/0x10 [ 126.213391] ret_from_fork_asm+0x1a/0x30 [ 126.213722] [ 126.213910] Modules linked in: [ 126.214178] CR2: ffffffff00000190 [ 126.214453] ---[ end trace 0000000000000000 ]--- [ 126.214824] RIP: 0010:perf_tp_event+0x186/0xe70 [ 126.215201] Code: 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 <44> 8b ab f0 01 00 00 31 ff 41 83 e5 01 44 89 ee e8 c5 4c ea ff 45 [ 126.216621] RSP: 0018:ffff88806cf089c0 EFLAGS: 00010046 [ 126.217039] RAX: 0000000000000000 RBX: fffffffeffffffa0 RCX: 0000000000000002 [ 126.217596] RDX: ffff88800f133700 RSI: ffffffff8189a4e7 RDI: ffffffff00000190 [ 126.218162] RBP: ffff88806cf08c30 R08: ffff88806cf313e8 R09: ffffe8ffffd15b10 [ 126.218723] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.219290] R13: 0000000000000014 R14: ffff88806cf313e8 R15: dffffc0000000000 [ 126.219855] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 126.220488] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.220951] CR2: ffffffff00000190 CR3: 000000004533f000 CR4: 0000000000350ef0 [ 126.221520] Kernel panic - not syncing: Fatal exception in interrupt [ 126.222216] Kernel Offset: disabled [ 126.222508] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 11:05:45 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff8880188b7a98 RCX=0000000000000001 RDX=1ffff11003116f54 RSI=ffffffff81a8d1ea RDI=ffff8880188b7aa0 RBP=0000000000000003 RSP=ffff8880188b79b0 R8 =0000000000000001 R9 =ffff8880188b7a10 R10=000000000003bea3 R11=000000000001193c R12=ffff8880188b7a98 R13=0000000000000000 R14=ffff88800f135280 R15=ffffea00004ea740 RIP=ffffffff816087fe RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa9c2de68c0 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe2400000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007efc71547718 CR3=000000000ecb9000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000000000002f002f2e2e2f002e2e XMM01=0000000000000000696c61766e49002f XMM02=ffffffffffffff0f0e0d0c0b0a090807 XMM03=696e656420737365636341002f737973 XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=000055f4342ff2c0000055f434304fd0 XMM06=000055f434329180ffffffff00000002 XMM07=00000000000000000000000000000000 XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88806cf08160 R8 =0000000000000000 R9 =ffffed10014ed046 R10=0000000000000020 R11=0000000065646f43 R12=0000000000000020 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe1900000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=ffffffff00000190 CR3=000000004533f000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffffffff00000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=ffffffffffffffffffffffffffffffff XMM03=ffffffffffffffffffffffffffffffff XMM04=ff000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000