Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:39160' (ECDSA) to the list of known hosts. 2025/08/29 11:49:58 fuzzer started 2025/08/29 11:49:58 dialing manager at localhost:43077 syzkaller login: [ 49.925505] cgroup: Unknown subsys name 'net' [ 49.993479] cgroup: Unknown subsys name 'cpuset' [ 50.011848] cgroup: Unknown subsys name 'rlimit' 2025/08/29 11:50:08 syscalls: 2214 2025/08/29 11:50:08 code coverage: enabled 2025/08/29 11:50:08 comparison tracing: enabled 2025/08/29 11:50:08 extra coverage: enabled 2025/08/29 11:50:08 setuid sandbox: enabled 2025/08/29 11:50:08 namespace sandbox: enabled 2025/08/29 11:50:08 Android sandbox: enabled 2025/08/29 11:50:08 fault injection: enabled 2025/08/29 11:50:08 leak checking: enabled 2025/08/29 11:50:08 net packet injection: enabled 2025/08/29 11:50:08 net device setup: enabled 2025/08/29 11:50:08 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 11:50:08 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 11:50:08 USB emulation: enabled 2025/08/29 11:50:08 hci packet injection: enabled 2025/08/29 11:50:08 wifi device emulation: enabled 2025/08/29 11:50:08 802.15.4 emulation: enabled 2025/08/29 11:50:08 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 11:50:08 fetching corpus: 50, signal 22732/26241 (executing program) 2025/08/29 11:50:08 fetching corpus: 100, signal 33789/38710 (executing program) 2025/08/29 11:50:08 fetching corpus: 150, signal 39751/46068 (executing program) 2025/08/29 11:50:09 fetching corpus: 200, signal 48746/56181 (executing program) 2025/08/29 11:50:09 fetching corpus: 250, signal 52504/61160 (executing program) 2025/08/29 11:50:09 fetching corpus: 300, signal 56996/66799 (executing program) 2025/08/29 11:50:09 fetching corpus: 350, signal 61108/72001 (executing program) 2025/08/29 11:50:09 fetching corpus: 400, signal 63583/75638 (executing program) 2025/08/29 11:50:09 fetching corpus: 450, signal 66847/79882 (executing program) 2025/08/29 11:50:09 fetching corpus: 500, signal 69343/83381 (executing program) 2025/08/29 11:50:09 fetching corpus: 550, signal 74742/89405 (executing program) 2025/08/29 11:50:09 fetching corpus: 600, signal 77288/92777 (executing program) 2025/08/29 11:50:09 fetching corpus: 650, signal 81184/97292 (executing program) 2025/08/29 11:50:10 fetching corpus: 700, signal 83773/100609 (executing program) 2025/08/29 11:50:10 fetching corpus: 750, signal 85444/103185 (executing program) 2025/08/29 11:50:10 fetching corpus: 800, signal 89076/107327 (executing program) 2025/08/29 11:50:10 fetching corpus: 850, signal 91501/110412 (executing program) 2025/08/29 11:50:10 fetching corpus: 900, signal 93404/112981 (executing program) 2025/08/29 11:50:10 fetching corpus: 950, signal 94955/115175 (executing program) 2025/08/29 11:50:10 fetching corpus: 1000, signal 97418/118120 (executing program) 2025/08/29 11:50:10 fetching corpus: 1050, signal 99236/120484 (executing program) 2025/08/29 11:50:10 fetching corpus: 1100, signal 101073/122833 (executing program) 2025/08/29 11:50:10 fetching corpus: 1150, signal 103581/125645 (executing program) 2025/08/29 11:50:10 fetching corpus: 1200, signal 104990/127624 (executing program) 2025/08/29 11:50:11 fetching corpus: 1250, signal 106518/129676 (executing program) 2025/08/29 11:50:11 fetching corpus: 1300, signal 107590/131335 (executing program) 2025/08/29 11:50:11 fetching corpus: 1350, signal 108879/133188 (executing program) 2025/08/29 11:50:11 fetching corpus: 1400, signal 110627/135280 (executing program) 2025/08/29 11:50:11 fetching corpus: 1450, signal 112667/137539 (executing program) 2025/08/29 11:50:11 fetching corpus: 1500, signal 114295/139498 (executing program) 2025/08/29 11:50:11 fetching corpus: 1550, signal 115081/140869 (executing program) 2025/08/29 11:50:11 fetching corpus: 1600, signal 116350/142560 (executing program) 2025/08/29 11:50:11 fetching corpus: 1650, signal 117962/144370 (executing program) 2025/08/29 11:50:11 fetching corpus: 1700, signal 119091/145840 (executing program) 2025/08/29 11:50:12 fetching corpus: 1750, signal 120143/147237 (executing program) 2025/08/29 11:50:12 fetching corpus: 1800, signal 120961/148478 (executing program) 2025/08/29 11:50:12 fetching corpus: 1850, signal 122148/149954 (executing program) 2025/08/29 11:50:12 fetching corpus: 1900, signal 122803/151125 (executing program) 2025/08/29 11:50:12 fetching corpus: 1950, signal 124066/152534 (executing program) 2025/08/29 11:50:12 fetching corpus: 2000, signal 124908/153707 (executing program) 2025/08/29 11:50:12 fetching corpus: 2050, signal 126296/155191 (executing program) 2025/08/29 11:50:12 fetching corpus: 2100, signal 127323/156498 (executing program) 2025/08/29 11:50:12 fetching corpus: 2150, signal 128380/157783 (executing program) 2025/08/29 11:50:12 fetching corpus: 2200, signal 129303/158924 (executing program) 2025/08/29 11:50:13 fetching corpus: 2250, signal 129887/159905 (executing program) 2025/08/29 11:50:13 fetching corpus: 2300, signal 130748/161022 (executing program) 2025/08/29 11:50:13 fetching corpus: 2350, signal 131700/162171 (executing program) 2025/08/29 11:50:13 fetching corpus: 2400, signal 132424/163162 (executing program) 2025/08/29 11:50:13 fetching corpus: 2450, signal 133547/164294 (executing program) 2025/08/29 11:50:13 fetching corpus: 2500, signal 134745/165469 (executing program) 2025/08/29 11:50:13 fetching corpus: 2550, signal 136559/166896 (executing program) 2025/08/29 11:50:13 fetching corpus: 2600, signal 137227/167764 (executing program) 2025/08/29 11:50:13 fetching corpus: 2650, signal 137731/168589 (executing program) 2025/08/29 11:50:13 fetching corpus: 2700, signal 138628/169526 (executing program) 2025/08/29 11:50:13 fetching corpus: 2750, signal 139973/170669 (executing program) 2025/08/29 11:50:14 fetching corpus: 2800, signal 140777/171601 (executing program) 2025/08/29 11:50:14 fetching corpus: 2850, signal 141358/172374 (executing program) 2025/08/29 11:50:14 fetching corpus: 2900, signal 141906/173083 (executing program) 2025/08/29 11:50:14 fetching corpus: 2950, signal 142480/173859 (executing program) 2025/08/29 11:50:14 fetching corpus: 3000, signal 143076/174634 (executing program) 2025/08/29 11:50:14 fetching corpus: 3050, signal 143746/175372 (executing program) 2025/08/29 11:50:14 fetching corpus: 3100, signal 144358/176172 (executing program) 2025/08/29 11:50:14 fetching corpus: 3150, signal 145523/177030 (executing program) 2025/08/29 11:50:14 fetching corpus: 3200, signal 146106/177771 (executing program) 2025/08/29 11:50:14 fetching corpus: 3250, signal 146918/178689 (executing program) 2025/08/29 11:50:14 fetching corpus: 3300, signal 147556/179382 (executing program) 2025/08/29 11:50:14 fetching corpus: 3350, signal 148059/180014 (executing program) 2025/08/29 11:50:14 fetching corpus: 3400, signal 148756/180640 (executing program) 2025/08/29 11:50:14 fetching corpus: 3450, signal 149270/181272 (executing program) 2025/08/29 11:50:15 fetching corpus: 3500, signal 150006/181895 (executing program) 2025/08/29 11:50:15 fetching corpus: 3550, signal 150586/182452 (executing program) 2025/08/29 11:50:15 fetching corpus: 3600, signal 151200/183003 (executing program) 2025/08/29 11:50:15 fetching corpus: 3650, signal 151733/183569 (executing program) 2025/08/29 11:50:15 fetching corpus: 3700, signal 152755/184221 (executing program) 2025/08/29 11:50:15 fetching corpus: 3750, signal 153209/184729 (executing program) 2025/08/29 11:50:15 fetching corpus: 3800, signal 153707/185256 (executing program) 2025/08/29 11:50:15 fetching corpus: 3850, signal 154308/185744 (executing program) 2025/08/29 11:50:15 fetching corpus: 3900, signal 154707/186203 (executing program) 2025/08/29 11:50:15 fetching corpus: 3950, signal 155212/186692 (executing program) 2025/08/29 11:50:16 fetching corpus: 4000, signal 155837/187191 (executing program) 2025/08/29 11:50:16 fetching corpus: 4050, signal 156175/187635 (executing program) 2025/08/29 11:50:16 fetching corpus: 4100, signal 156643/188045 (executing program) 2025/08/29 11:50:16 fetching corpus: 4150, signal 156877/188478 (executing program) 2025/08/29 11:50:16 fetching corpus: 4200, signal 157445/188924 (executing program) 2025/08/29 11:50:16 fetching corpus: 4250, signal 158098/189356 (executing program) 2025/08/29 11:50:16 fetching corpus: 4300, signal 158481/189782 (executing program) 2025/08/29 11:50:16 fetching corpus: 4350, signal 158903/190165 (executing program) 2025/08/29 11:50:16 fetching corpus: 4400, signal 159224/190538 (executing program) 2025/08/29 11:50:16 fetching corpus: 4450, signal 159707/190898 (executing program) 2025/08/29 11:50:16 fetching corpus: 4500, signal 160105/191256 (executing program) 2025/08/29 11:50:17 fetching corpus: 4550, signal 160394/191611 (executing program) 2025/08/29 11:50:17 fetching corpus: 4600, signal 160824/191988 (executing program) 2025/08/29 11:50:17 fetching corpus: 4650, signal 161169/192123 (executing program) 2025/08/29 11:50:17 fetching corpus: 4700, signal 161544/192129 (executing program) 2025/08/29 11:50:17 fetching corpus: 4750, signal 161878/192144 (executing program) 2025/08/29 11:50:17 fetching corpus: 4800, signal 162220/192155 (executing program) 2025/08/29 11:50:17 fetching corpus: 4850, signal 162828/192161 (executing program) 2025/08/29 11:50:17 fetching corpus: 4900, signal 163617/192165 (executing program) 2025/08/29 11:50:17 fetching corpus: 4950, signal 164044/192186 (executing program) 2025/08/29 11:50:17 fetching corpus: 5000, signal 164521/192188 (executing program) 2025/08/29 11:50:17 fetching corpus: 5050, signal 164788/192203 (executing program) 2025/08/29 11:50:17 fetching corpus: 5100, signal 165373/192208 (executing program) 2025/08/29 11:50:18 fetching corpus: 5150, signal 165747/192210 (executing program) 2025/08/29 11:50:18 fetching corpus: 5200, signal 166120/192213 (executing program) 2025/08/29 11:50:18 fetching corpus: 5250, signal 166646/192222 (executing program) 2025/08/29 11:50:18 fetching corpus: 5300, signal 167011/192249 (executing program) 2025/08/29 11:50:18 fetching corpus: 5350, signal 167415/192267 (executing program) 2025/08/29 11:50:18 fetching corpus: 5400, signal 167694/192303 (executing program) 2025/08/29 11:50:18 fetching corpus: 5450, signal 168132/192314 (executing program) 2025/08/29 11:50:18 fetching corpus: 5500, signal 168640/192342 (executing program) 2025/08/29 11:50:18 fetching corpus: 5550, signal 168859/192348 (executing program) 2025/08/29 11:50:18 fetching corpus: 5600, signal 169233/192352 (executing program) 2025/08/29 11:50:18 fetching corpus: 5650, signal 169594/192398 (executing program) 2025/08/29 11:50:18 fetching corpus: 5700, signal 169939/192423 (executing program) 2025/08/29 11:50:19 fetching corpus: 5750, signal 170571/192432 (executing program) 2025/08/29 11:50:19 fetching corpus: 5800, signal 170978/192436 (executing program) 2025/08/29 11:50:19 fetching corpus: 5850, signal 171258/192446 (executing program) 2025/08/29 11:50:19 fetching corpus: 5900, signal 171613/192460 (executing program) 2025/08/29 11:50:19 fetching corpus: 5950, signal 172052/192461 (executing program) 2025/08/29 11:50:19 fetching corpus: 6000, signal 172434/192480 (executing program) 2025/08/29 11:50:19 fetching corpus: 6050, signal 172745/192488 (executing program) 2025/08/29 11:50:19 fetching corpus: 6100, signal 173212/192492 (executing program) 2025/08/29 11:50:19 fetching corpus: 6150, signal 173598/192494 (executing program) 2025/08/29 11:50:19 fetching corpus: 6200, signal 173928/192506 (executing program) 2025/08/29 11:50:19 fetching corpus: 6250, signal 174255/192509 (executing program) 2025/08/29 11:50:19 fetching corpus: 6300, signal 174590/192514 (executing program) 2025/08/29 11:50:20 fetching corpus: 6350, signal 174852/192518 (executing program) 2025/08/29 11:50:20 fetching corpus: 6400, signal 175170/192528 (executing program) 2025/08/29 11:50:20 fetching corpus: 6450, signal 175520/192531 (executing program) 2025/08/29 11:50:20 fetching corpus: 6500, signal 175838/192549 (executing program) 2025/08/29 11:50:20 fetching corpus: 6550, signal 176221/192566 (executing program) 2025/08/29 11:50:20 fetching corpus: 6600, signal 176457/192577 (executing program) 2025/08/29 11:50:20 fetching corpus: 6650, signal 176769/192577 (executing program) 2025/08/29 11:50:20 fetching corpus: 6700, signal 177157/192662 (executing program) 2025/08/29 11:50:20 fetching corpus: 6750, signal 177546/192662 (executing program) 2025/08/29 11:50:20 fetching corpus: 6800, signal 177894/192662 (executing program) 2025/08/29 11:50:20 fetching corpus: 6850, signal 178209/192671 (executing program) 2025/08/29 11:50:20 fetching corpus: 6900, signal 178557/192674 (executing program) 2025/08/29 11:50:21 fetching corpus: 6950, signal 178978/192680 (executing program) 2025/08/29 11:50:21 fetching corpus: 7000, signal 179246/192700 (executing program) 2025/08/29 11:50:21 fetching corpus: 7050, signal 179526/192718 (executing program) 2025/08/29 11:50:21 fetching corpus: 7100, signal 179864/192746 (executing program) 2025/08/29 11:50:21 fetching corpus: 7150, signal 180302/192753 (executing program) 2025/08/29 11:50:21 fetching corpus: 7200, signal 180671/192759 (executing program) 2025/08/29 11:50:21 fetching corpus: 7250, signal 180882/192763 (executing program) 2025/08/29 11:50:21 fetching corpus: 7300, signal 181199/192768 (executing program) 2025/08/29 11:50:21 fetching corpus: 7350, signal 181532/192769 (executing program) 2025/08/29 11:50:21 fetching corpus: 7400, signal 181850/192771 (executing program) 2025/08/29 11:50:22 fetching corpus: 7450, signal 182106/192832 (executing program) 2025/08/29 11:50:22 fetching corpus: 7500, signal 182343/192834 (executing program) 2025/08/29 11:50:22 fetching corpus: 7550, signal 182581/192840 (executing program) 2025/08/29 11:50:22 fetching corpus: 7600, signal 182849/192846 (executing program) 2025/08/29 11:50:22 fetching corpus: 7650, signal 183112/192850 (executing program) 2025/08/29 11:50:22 fetching corpus: 7700, signal 183421/192851 (executing program) 2025/08/29 11:50:22 fetching corpus: 7750, signal 183731/192854 (executing program) 2025/08/29 11:50:22 fetching corpus: 7800, signal 184214/192855 (executing program) 2025/08/29 11:50:22 fetching corpus: 7850, signal 184593/192856 (executing program) 2025/08/29 11:50:22 fetching corpus: 7900, signal 184872/192860 (executing program) 2025/08/29 11:50:22 fetching corpus: 7950, signal 185168/192865 (executing program) 2025/08/29 11:50:22 fetching corpus: 8000, signal 185378/192875 (executing program) 2025/08/29 11:50:22 fetching corpus: 8050, signal 185757/192875 (executing program) 2025/08/29 11:50:23 fetching corpus: 8100, signal 185998/192876 (executing program) 2025/08/29 11:50:23 fetching corpus: 8150, signal 186314/192876 (executing program) 2025/08/29 11:50:23 fetching corpus: 8200, signal 186613/192876 (executing program) 2025/08/29 11:50:23 fetching corpus: 8250, signal 186899/192882 (executing program) 2025/08/29 11:50:23 fetching corpus: 8300, signal 187134/192904 (executing program) 2025/08/29 11:50:23 fetching corpus: 8350, signal 187391/192910 (executing program) 2025/08/29 11:50:23 fetching corpus: 8400, signal 187680/192952 (executing program) 2025/08/29 11:50:23 fetching corpus: 8450, signal 187968/193006 (executing program) 2025/08/29 11:50:23 fetching corpus: 8500, signal 188162/193018 (executing program) 2025/08/29 11:50:23 fetching corpus: 8550, signal 188464/193035 (executing program) 2025/08/29 11:50:23 fetching corpus: 8600, signal 188718/193044 (executing program) 2025/08/29 11:50:24 fetching corpus: 8650, signal 188940/193047 (executing program) 2025/08/29 11:50:24 fetching corpus: 8700, signal 189173/193056 (executing program) 2025/08/29 11:50:24 fetching corpus: 8750, signal 189438/193068 (executing program) 2025/08/29 11:50:24 fetching corpus: 8796, signal 189659/193072 (executing program) 2025/08/29 11:50:24 fetching corpus: 8796, signal 189659/193072 (executing program) 2025/08/29 11:50:26 starting 8 fuzzer processes 11:50:26 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000100)) 11:50:26 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0xc, 0x0, &(0x7f00000023c0)) 11:50:26 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/warn_count', 0x0, 0x0) pread64(r0, &(0x7f0000000040)=""/54, 0x36, 0x0) 11:50:26 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) name_to_handle_at(r0, &(0x7f00000015c0)='./file0\x00', &(0x7f0000001600)=@ceph_nfs_confh={0x10}, &(0x7f0000001640), 0x0) 11:50:26 executing program 4: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x541b, 0x0) 11:50:26 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = dup(r0) recvmsg$unix(r1, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x40010140) 11:50:26 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000580)=0x36, 0x4) signalfd(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14) 11:50:26 executing program 7: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x40181, 0x0) pwritev2(r0, &(0x7f0000000000)=[{&(0x7f0000000400)='2', 0x1}], 0x1, 0x0, 0x0, 0x300) [ 77.884896] audit: type=1400 audit(1756468226.708:7): avc: denied { execmem } for pid=273 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 79.118566] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 79.122314] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 79.124510] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 79.127449] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 79.129340] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 79.132435] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 79.134141] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 79.137757] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.139986] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 79.142144] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.144341] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.154394] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.157917] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.167297] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.179418] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 79.190291] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 79.197727] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 79.202197] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 79.204816] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 79.207009] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 79.214804] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 79.234296] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.237103] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.247307] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 79.251445] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 79.256497] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 79.260900] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 79.262315] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 79.264579] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 79.267296] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.268429] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 79.272230] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.279418] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 79.281810] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 79.286572] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 79.299807] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 79.301282] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 79.310417] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 79.313246] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 79.330756] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 81.211492] Bluetooth: hci0: command tx timeout [ 81.211499] Bluetooth: hci1: command tx timeout [ 81.272433] Bluetooth: hci2: command tx timeout [ 81.273041] Bluetooth: hci4: command tx timeout [ 81.336287] Bluetooth: hci5: command tx timeout [ 81.336912] Bluetooth: hci3: command tx timeout [ 81.400043] Bluetooth: hci7: command tx timeout [ 81.400074] Bluetooth: hci6: command tx timeout [ 83.256065] Bluetooth: hci0: command tx timeout [ 83.257064] Bluetooth: hci1: command tx timeout [ 83.320012] Bluetooth: hci4: command tx timeout [ 83.320478] Bluetooth: hci2: command tx timeout [ 83.386590] Bluetooth: hci3: command tx timeout [ 83.388083] Bluetooth: hci5: command tx timeout [ 83.448016] Bluetooth: hci6: command tx timeout [ 83.448467] Bluetooth: hci7: command tx timeout [ 85.305113] Bluetooth: hci1: command tx timeout [ 85.305482] Bluetooth: hci0: command tx timeout [ 85.369021] Bluetooth: hci2: command tx timeout [ 85.369046] Bluetooth: hci4: command tx timeout [ 85.433063] Bluetooth: hci3: command tx timeout [ 85.433109] Bluetooth: hci5: command tx timeout [ 85.496187] Bluetooth: hci7: command tx timeout [ 85.496266] Bluetooth: hci6: command tx timeout [ 87.352054] Bluetooth: hci0: command tx timeout [ 87.354090] Bluetooth: hci1: command tx timeout [ 87.416126] Bluetooth: hci2: command tx timeout [ 87.417952] Bluetooth: hci4: command tx timeout [ 87.480994] Bluetooth: hci5: command tx timeout [ 87.481019] Bluetooth: hci3: command tx timeout [ 87.545220] Bluetooth: hci6: command tx timeout [ 87.545252] Bluetooth: hci7: command tx timeout [ 118.229149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.229802] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.409520] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.410141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.831215] audit: type=1400 audit(1756468267.653:8): avc: denied { open } for pid=3676 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 118.841148] audit: type=1400 audit(1756468267.653:9): avc: denied { kernel } for pid=3676 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 11:51:07 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = dup(r0) recvmsg$unix(r1, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x40010140) [ 119.056733] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.057850] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:51:07 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = dup(r0) recvmsg$unix(r1, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x40010140) 11:51:08 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = dup(r0) recvmsg$unix(r1, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x40010140) [ 119.236978] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.237592] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:51:08 executing program 6: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000100)={0xffff8000}) 11:51:08 executing program 6: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000100)={0xffff8000}) 11:51:08 executing program 6: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000100)={0xffff8000}) 11:51:08 executing program 6: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000100)={0xffff8000}) 11:51:08 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='mounts\x00') preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/200, 0xc8}], 0x1, 0x0, 0x0) [ 120.257247] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.257883] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.345675] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.346339] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.475951] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.476545] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.566750] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.567634] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.763649] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.764442] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.856855] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.857493] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.930462] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.931390] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.029968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.030577] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.332112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.332726] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.374348] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.375154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.714259] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.714897] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.759424] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.760892] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:51:10 executing program 5: mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040), 0x20) 11:51:10 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000100)) 11:51:10 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCFLSH(r0, 0x4b68, 0x0) 11:51:10 executing program 4: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x12, r0, 0x0) syz_io_uring_submit(r1, 0x0, 0x0, 0x0) 11:51:10 executing program 6: syz_mount_image$nfs(&(0x7f0000000680), &(0x7f00000006c0)='./file0\x00', 0x0, 0x0, &(0x7f00000009c0), 0x0, &(0x7f0000000a40)={[{'\x00'}]}) 11:51:10 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='mounts\x00') preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/200, 0xc8}], 0x1, 0x0, 0x0) 11:51:10 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x34000}}, {{&(0x7f0000000000)={0x2, 0x4e20, @private}, 0x10, 0x0, 0x0, &(0x7f0000000100)=[@ip_retopts={{0x10}}, @ip_ttl={{0x14}}], 0x28}}], 0x2, 0x0) 11:51:10 executing program 2: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x100000001}) creat(&(0x7f00000000c0)='./file0\x00', 0x0) [ 122.031881] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 122.033410] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 122.034470] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 122.035461] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 122.036606] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 122.038543] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.039160] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 122.039893] Buffer I/O error on dev sr0, logical block 0, async page read [ 122.046224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.046686] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 122.047617] Buffer I/O error on dev sr0, logical block 1, async page read 11:51:10 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000100)) [ 122.060191] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.060651] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 122.061558] Buffer I/O error on dev sr0, logical block 2, async page read 11:51:10 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x3e, &(0x7f0000000000), 0x0) [ 122.076391] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.076865] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 122.077565] Buffer I/O error on dev sr0, logical block 3, async page read [ 122.091091] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.091784] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 122.092591] Buffer I/O error on dev sr0, logical block 4, async page read [ 122.108146] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.108655] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 122.109472] Buffer I/O error on dev sr0, logical block 5, async page read [ 122.125393] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.125880] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 122.126715] Buffer I/O error on dev sr0, logical block 6, async page read [ 122.132468] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.133083] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 122.133759] Buffer I/O error on dev sr0, logical block 7, async page read 11:51:10 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='mounts\x00') preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/200, 0xc8}], 0x1, 0x0, 0x0) [ 122.142641] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.143338] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 122.144059] Buffer I/O error on dev sr0, logical block 0, async page read [ 122.153406] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.153878] Buffer I/O error on dev sr0, logical block 1, async page read [ 122.160352] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.162066] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.164888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.168727] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.172456] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.173080] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 11:51:11 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000100)) [ 122.200644] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.217472] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.235060] BUG: unable to handle page fault for address: ffffed10212c95b6 [ 122.236126] #PF: supervisor read access in kernel mode [ 122.236877] #PF: error_code(0x0000) - not-present page [ 122.238699] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0 [ 122.241257] Oops: Oops: 0000 [#1] SMP KASAN NOPTI [ 122.243245] CPU: 0 UID: 0 PID: 3935 Comm: syz-executor.0 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 122.246583] Tainted: [W]=WARN [ 122.247377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.248548] RIP: 0010:perf_tp_event+0x175/0xe70 [ 122.249234] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 122.251798] RSP: 0018:ffff888047de7780 EFLAGS: 00010012 [ 122.252559] RAX: 1ffff110212c95b6 RBX: ffff88810964abc0 RCX: ffffc9000742b000 [ 122.253577] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff88810964adb0 [ 122.254610] RBP: ffff888047de79f0 R08: ffff88806ce31340 R09: ffffe8ffffc169b0 [ 122.255624] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 122.256627] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 122.257855] FS: 00007f9ddb1db700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 122.259339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.260303] CR2: ffffed10212c95b6 CR3: 0000000045ca2000 CR4: 0000000000350ef0 [ 122.261340] Call Trace: [ 122.261728] [ 122.262084] ? __pfx_perf_tp_event+0x10/0x10 [ 122.262755] ? __asan_memcpy+0x3d/0x60 [ 122.263348] ? visit_groups_merge.constprop.0.isra.0+0x6e7/0x1150 [ 122.264314] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10 [ 122.265245] ? lock_is_held_type+0x9e/0x120 [ 122.265879] ? ctx_sched_in+0x134/0x9b0 [ 122.266466] ? __lock_acquire+0x694/0x1b70 [ 122.267087] ? perf_trace_run_bpf_submit+0xef/0x180 [ 122.267808] ? find_held_lock+0x2b/0x80 [ 122.268404] perf_trace_run_bpf_submit+0xef/0x180 [ 122.269121] perf_trace_preemptirq_template+0x259/0x430 [ 122.269908] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 122.270768] ? __pfx___smp_call_single_queue+0x10/0x10 [ 122.271536] ? find_held_lock+0x2b/0x80 [ 122.272122] ? try_to_wake_up+0x8ae/0x11d0 [ 122.272740] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 122.273474] trace_irq_enable.constprop.0+0xa6/0x100 [ 122.274208] trace_hardirqs_on+0x26/0x40 [ 122.274796] _raw_spin_unlock_irqrestore+0x2c/0x50 [ 122.275502] try_to_wake_up+0x8ae/0x11d0 [ 122.276096] ? __pfx_try_to_wake_up+0x10/0x10 [ 122.276754] ? plist_del+0x122/0x270 [ 122.277301] ? find_held_lock+0x2b/0x80 [ 122.277884] ? futex_wake+0x474/0x540 [ 122.278456] wake_up_q+0xa1/0x130 [ 122.279010] futex_wake+0x47e/0x540 [ 122.279559] ? __pfx_futex_wake+0x10/0x10 [ 122.280185] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 122.280944] ? lock_release+0xc8/0x290 [ 122.281512] do_futex+0x26d/0x370 [ 122.282047] ? __pfx_do_futex+0x10/0x10 [ 122.282647] __x64_sys_futex+0x1c9/0x4d0 [ 122.283289] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 122.284170] ? __pfx___x64_sys_futex+0x10/0x10 [ 122.284854] do_syscall_64+0xbf/0x360 [ 122.285418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.286187] RIP: 0033:0x7f9dddc65b19 [ 122.286744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.289365] RSP: 002b:00007f9ddb1db218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.290445] RAX: ffffffffffffffda RBX: 00007f9dddd78f68 RCX: 00007f9dddc65b19 [ 122.291491] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9dddd78f6c [ 122.292501] RBP: 00007f9dddd78f60 R08: 000000000000000e R09: 0000000000000000 [ 122.293504] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f9dddd78f6c [ 122.294511] R13: 00007ffe0448237f R14: 00007f9ddb1db300 R15: 0000000000022000 [ 122.295530] [ 122.295868] Modules linked in: [ 122.296334] CR2: ffffed10212c95b6 [ 122.296832] ---[ end trace 0000000000000000 ]--- [ 122.297501] RIP: 0010:perf_tp_event+0x175/0xe70 [ 122.298178] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 122.300739] RSP: 0018:ffff888047de7780 EFLAGS: 00010012 [ 122.301501] RAX: 1ffff110212c95b6 RBX: ffff88810964abc0 RCX: ffffc9000742b000 [ 122.302519] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff88810964adb0 [ 122.303536] RBP: ffff888047de79f0 R08: ffff88806ce31340 R09: ffffe8ffffc169b0 [ 122.304553] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 122.305560] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 122.306574] FS: 00007f9ddb1db700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 122.307707] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.308542] CR2: ffffed10212c95b6 CR3: 0000000045ca2000 CR4: 0000000000350ef0 [ 122.309561] note: syz-executor.0[3935] exited with irqs disabled [ 122.310490] BUG: unable to handle page fault for address: ffffed10212c95b6 [ 122.311474] #PF: supervisor read access in kernel mode [ 122.312210] #PF: error_code(0x0000) - not-present page [ 122.312944] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0 [ 122.313758] Oops: Oops: 0000 [#2] SMP KASAN NOPTI [ 122.314465] CPU: 0 UID: 0 PID: 3935 Comm: syz-executor.0 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 122.316156] Tainted: [D]=DIE, [W]=WARN [ 122.316716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.317874] RIP: 0010:perf_tp_event+0x175/0xe70 [ 122.318559] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 122.321136] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012 [ 122.321898] RAX: 1ffff110212c95b6 RBX: ffff88810964abc0 RCX: 0000000000000002 [ 122.322921] RDX: ffff88804750b700 RSI: ffffffff818995b7 RDI: ffff88810964adb0 [ 122.323926] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc169b0 [ 122.324934] R10: 0000000000000000 R11: ffff88800d1b4498 R12: dffffc0000000000 [ 122.325954] R13: 0000000000000014 R14: ffff88806ce313e8 R15: dffffc0000000000 [ 122.326970] FS: 00007f9ddb1db700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 122.328100] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.328929] CR2: ffffed10212c95b6 CR3: 0000000045ca2000 CR4: 0000000000350ef0 [ 122.329942] Call Trace: [ 122.330332] [ 122.330657] ? __pfx_perf_tp_event+0x10/0x10 [ 122.331308] ? trace_pelt_se_tp+0xdf/0x130 [ 122.331916] ? place_entity+0x300/0x410 [ 122.332502] ? lock_acquire+0x18c/0x2f0 [ 122.333080] ? update_cfs_group+0x11d/0x260 [ 122.333707] ? lock_release+0x1c7/0x290 [ 122.334291] ? trace_softirq_raise+0xbe/0x100 [ 122.334949] ? run_posix_cpu_timers+0x160/0x7d0 [ 122.335634] ? __raise_softirq_irqoff+0x5f/0x90 [ 122.336301] ? __pfx_run_posix_cpu_timers+0x10/0x10 [ 122.337008] ? sched_balance_trigger+0x1ac/0xcb0 [ 122.337700] ? sched_tick+0x27c/0x6c0 [ 122.338264] ? do_raw_spin_lock+0x123/0x260 [ 122.338902] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 122.339576] ? perf_trace_run_bpf_submit+0xef/0x180 [ 122.340304] perf_trace_run_bpf_submit+0xef/0x180 [ 122.341003] perf_trace_preemptirq_template+0x259/0x430 [ 122.341777] ? read_tsc+0x9/0x20 [ 122.342285] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 122.343145] ? clockevents_program_event+0x135/0x360 [ 122.343961] ? tick_program_event+0xac/0x140 [ 122.344593] ? handle_softirqs+0x16e/0x770 [ 122.345202] trace_irq_enable.constprop.0+0xa6/0x100 [ 122.345929] trace_hardirqs_on+0x26/0x40 [ 122.346521] handle_softirqs+0x16e/0x770 [ 122.347115] __irq_exit_rcu+0xc4/0x100 [ 122.347690] irq_exit_rcu+0x9/0x20 [ 122.348201] sysvec_apic_timer_interrupt+0x70/0x80 [ 122.348904] [ 122.349230] [ 122.349555] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 122.350303] RIP: 0010:make_task_dead+0xa2/0x3b0 [ 122.350971] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de [ 122.353506] RSP: 0018:ffff888047de7f28 EFLAGS: 00000246 [ 122.354259] RAX: 0000000000000001 RBX: ffff88804750b700 RCX: ffffffff817c2b86 [ 122.355271] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234 [ 122.356290] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000 [ 122.357318] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff88804750b700 [ 122.358350] R13: 0000000000000009 R14: ffff888047de7760 R15: 0000000000000000 [ 122.359413] ? trace_irq_enable.constprop.0+0x26/0x100 [ 122.360413] ? make_task_dead+0x214/0x3b0 [ 122.361218] ? make_task_dead+0x214/0x3b0 [ 122.362028] ? do_syscall_64+0xbf/0x360 [ 122.362689] rewind_stack_and_make_dead+0x16/0x20 [ 122.363430] RIP: 0033:0x7f9dddc65b19 [ 122.364019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.366711] RSP: 002b:00007f9ddb1db218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.367801] RAX: ffffffffffffffda RBX: 00007f9dddd78f68 RCX: 00007f9dddc65b19 [ 122.368822] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9dddd78f6c [ 122.369841] RBP: 00007f9dddd78f60 R08: 000000000000000e R09: 0000000000000000 [ 122.370874] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f9dddd78f6c [ 122.371897] R13: 00007ffe0448237f R14: 00007f9ddb1db300 R15: 0000000000022000 [ 122.372921] [ 122.373265] Modules linked in: [ 122.373736] CR2: ffffed10212c95b6 [ 122.374236] ---[ end trace 0000000000000000 ]--- [ 122.374924] RIP: 0010:perf_tp_event+0x175/0xe70 [ 122.375610] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 122.378188] RSP: 0018:ffff888047de7780 EFLAGS: 00010012 [ 122.378952] RAX: 1ffff110212c95b6 RBX: ffff88810964abc0 RCX: ffffc9000742b000 [ 122.379965] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff88810964adb0 [ 122.380973] RBP: ffff888047de79f0 R08: ffff88806ce31340 R09: ffffe8ffffc169b0 [ 122.382017] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 122.383071] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 122.384113] FS: 00007f9ddb1db700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 122.385283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.386164] CR2: ffffed10212c95b6 CR3: 0000000045ca2000 CR4: 0000000000350ef0 [ 122.387233] Kernel panic - not syncing: Fatal exception in interrupt [ 122.388384] Kernel Offset: disabled [ 122.388934] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 11:51:11 Registers: info registers vcpu 0 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888047de7008 R8 =0000000000000000 R9 =ffffed100140e046 R10=000000000000005b R11=0000000073706f4f R12=000000000000005b R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f9ddb1db700 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe4900000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=ffffed10212c95b6 CR3=0000000045ca2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f9dddd4c7c000007f9dddd4c7c8 XMM02=00007f9dddd4c7e000007f9dddd4c7c0 XMM03=00007f9dddd4c7c800007f9dddd4c7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88806ce3de00 RCX=ffffffff816880fc RDX=ffff88804750d280 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff8880170278d8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1 R12=ffffed100d9c7bc1 R13=ffff88806ce3de08 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555586e76400 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe2400000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f9dddd750a0 CR3=0000000045ca2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f9dddd4c7c000007f9dddd4c7c8 XMM02=00007f9dddd4c7e000007f9dddd4c7c0 XMM03=00007f9dddd4c7c800007f9dddd4c7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000