Warning: Permanently added '[localhost]:40230' (ECDSA) to the list of known hosts. 2025/08/29 08:36:12 fuzzer started 2025/08/29 08:36:13 dialing manager at localhost:43077 syzkaller login: [ 45.422105] cgroup: Unknown subsys name 'net' [ 45.484287] cgroup: Unknown subsys name 'cpuset' [ 45.499763] cgroup: Unknown subsys name 'rlimit' 2025/08/29 08:36:23 syscalls: 2214 2025/08/29 08:36:23 code coverage: enabled 2025/08/29 08:36:23 comparison tracing: enabled 2025/08/29 08:36:23 extra coverage: enabled 2025/08/29 08:36:23 setuid sandbox: enabled 2025/08/29 08:36:23 namespace sandbox: enabled 2025/08/29 08:36:23 Android sandbox: enabled 2025/08/29 08:36:23 fault injection: enabled 2025/08/29 08:36:23 leak checking: enabled 2025/08/29 08:36:23 net packet injection: enabled 2025/08/29 08:36:23 net device setup: enabled 2025/08/29 08:36:23 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 08:36:23 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 08:36:23 USB emulation: enabled 2025/08/29 08:36:23 hci packet injection: enabled 2025/08/29 08:36:23 wifi device emulation: enabled 2025/08/29 08:36:23 802.15.4 emulation: enabled 2025/08/29 08:36:23 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 08:36:23 fetching corpus: 38, signal 13126/16611 (executing program) 2025/08/29 08:36:23 fetching corpus: 83, signal 27257/31700 (executing program) 2025/08/29 08:36:23 fetching corpus: 133, signal 40328/45303 (executing program) 2025/08/29 08:36:23 fetching corpus: 183, signal 45926/51654 (executing program) 2025/08/29 08:36:23 fetching corpus: 232, signal 51613/57865 (executing program) 2025/08/29 08:36:24 fetching corpus: 282, signal 56043/62757 (executing program) 2025/08/29 08:36:24 fetching corpus: 332, signal 59899/66982 (executing program) 2025/08/29 08:36:24 fetching corpus: 382, signal 65227/72306 (executing program) 2025/08/29 08:36:24 fetching corpus: 432, signal 67626/75087 (executing program) 2025/08/29 08:36:24 fetching corpus: 482, signal 71253/78758 (executing program) 2025/08/29 08:36:24 fetching corpus: 532, signal 74853/82209 (executing program) 2025/08/29 08:36:24 fetching corpus: 581, signal 78229/85423 (executing program) 2025/08/29 08:36:24 fetching corpus: 631, signal 81162/88106 (executing program) 2025/08/29 08:36:25 fetching corpus: 681, signal 83437/90213 (executing program) 2025/08/29 08:36:25 fetching corpus: 731, signal 85105/91807 (executing program) 2025/08/29 08:36:25 fetching corpus: 781, signal 87245/93711 (executing program) 2025/08/29 08:36:25 fetching corpus: 831, signal 88647/94998 (executing program) 2025/08/29 08:36:25 fetching corpus: 881, signal 91883/97451 (executing program) 2025/08/29 08:36:25 fetching corpus: 931, signal 93717/98887 (executing program) 2025/08/29 08:36:25 fetching corpus: 981, signal 95585/100335 (executing program) 2025/08/29 08:36:25 fetching corpus: 1031, signal 97032/101490 (executing program) 2025/08/29 08:36:26 fetching corpus: 1081, signal 99979/103503 (executing program) 2025/08/29 08:36:26 fetching corpus: 1131, signal 101102/104285 (executing program) 2025/08/29 08:36:26 fetching corpus: 1180, signal 102164/104993 (executing program) 2025/08/29 08:36:26 fetching corpus: 1230, signal 103413/105758 (executing program) 2025/08/29 08:36:26 fetching corpus: 1280, signal 104447/106368 (executing program) 2025/08/29 08:36:26 fetching corpus: 1330, signal 105439/106916 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106015/107252 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106015/107286 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106015/107334 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106015/107373 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106015/107411 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106015/107448 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106015/107498 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106020/107550 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106020/107591 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106020/107638 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106020/107671 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106020/107728 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106020/107766 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106023/107811 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106023/107854 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106023/107880 (executing program) 2025/08/29 08:36:26 fetching corpus: 1348, signal 106023/107921 (executing program) 2025/08/29 08:36:27 fetching corpus: 1348, signal 106023/107960 (executing program) 2025/08/29 08:36:27 fetching corpus: 1348, signal 106023/107994 (executing program) 2025/08/29 08:36:27 fetching corpus: 1348, signal 106023/108028 (executing program) 2025/08/29 08:36:27 fetching corpus: 1348, signal 106023/108075 (executing program) 2025/08/29 08:36:27 fetching corpus: 1348, signal 106023/108116 (executing program) 2025/08/29 08:36:27 fetching corpus: 1348, signal 106023/108157 (executing program) 2025/08/29 08:36:27 fetching corpus: 1348, signal 106023/108195 (executing program) 2025/08/29 08:36:27 fetching corpus: 1348, signal 106023/108212 (executing program) 2025/08/29 08:36:27 fetching corpus: 1348, signal 106023/108212 (executing program) 2025/08/29 08:36:28 starting 8 fuzzer processes 08:36:28 executing program 0: name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', &(0x7f0000000040)=@orangefs_parent={0x28, 0x2, {{"9550c5769f983ff93da9d274d211ce3d"}, {"cb5b24ee5bea979b1802bc1a9a98cac8"}}}, &(0x7f0000000080), 0x0) 08:36:28 executing program 1: r0 = io_uring_setup(0x1ff, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_FILES(r0, 0x1b, 0x0, 0x0) 08:36:28 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f000000abc0)={0xffffffffffffffff, 0xffffffffffffffff}) fchmod(r0, 0x0) 08:36:28 executing program 2: r0 = socket$inet(0x2, 0x80003, 0xff) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0xa7, 0x4) sendto$inet(r0, &(0x7f0000000000)="60da7056a593ccc8bd2563073c967f6a9af19d7a", 0x14, 0x0, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10) recvmmsg(r0, &(0x7f0000007c40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000027c0)=""/16, 0x10}}], 0x1, 0x2102, 0x0) 08:36:28 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000040), 0x4) [ 60.687626] audit: type=1400 audit(1756456588.937:7): avc: denied { execmem } for pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 08:36:28 executing program 4: set_mempolicy(0x2005, 0x0, 0x0) 08:36:29 executing program 5: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@GFS2_LARGE_FH_SIZE={0x20}, &(0x7f0000000280), 0x0) 08:36:29 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) [ 61.806513] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 61.809812] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 61.811645] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 61.815984] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 61.818808] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 61.927676] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 61.932601] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 61.934257] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 61.936139] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 61.937451] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 61.940380] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 61.951075] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 61.957186] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 61.960097] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 61.964413] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 61.977719] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 61.981198] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 61.984751] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 61.997551] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 62.006449] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 62.070403] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 62.073507] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 62.077140] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 62.080956] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 62.082856] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 62.105860] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 62.112240] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 62.114637] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 62.124487] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 62.132745] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 62.141365] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 62.149787] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 62.152796] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 62.156263] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 62.163854] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 62.167106] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 62.177197] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 62.179670] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 62.181550] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 62.186759] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 63.896364] Bluetooth: hci0: command tx timeout [ 64.024057] Bluetooth: hci2: command tx timeout [ 64.024457] Bluetooth: hci1: command tx timeout [ 64.088047] Bluetooth: hci3: command tx timeout [ 64.153992] Bluetooth: hci4: command tx timeout [ 64.216013] Bluetooth: hci5: command tx timeout [ 64.217133] Bluetooth: hci6: command tx timeout [ 64.280491] Bluetooth: hci7: command tx timeout [ 65.944087] Bluetooth: hci0: command tx timeout [ 66.071968] Bluetooth: hci2: command tx timeout [ 66.071991] Bluetooth: hci1: command tx timeout [ 66.135951] Bluetooth: hci3: command tx timeout [ 66.199989] Bluetooth: hci4: command tx timeout [ 66.264109] Bluetooth: hci6: command tx timeout [ 66.265074] Bluetooth: hci5: command tx timeout [ 66.328060] Bluetooth: hci7: command tx timeout [ 67.993905] Bluetooth: hci0: command tx timeout [ 68.119991] Bluetooth: hci2: command tx timeout [ 68.120305] Bluetooth: hci1: command tx timeout [ 68.185026] Bluetooth: hci3: command tx timeout [ 68.249916] Bluetooth: hci4: command tx timeout [ 68.313060] Bluetooth: hci5: command tx timeout [ 68.313222] Bluetooth: hci6: command tx timeout [ 68.377020] Bluetooth: hci7: command tx timeout [ 70.040988] Bluetooth: hci0: command tx timeout [ 70.167995] Bluetooth: hci1: command tx timeout [ 70.170960] Bluetooth: hci2: command tx timeout [ 70.232005] Bluetooth: hci3: command tx timeout [ 70.298012] Bluetooth: hci4: command tx timeout [ 70.360005] Bluetooth: hci5: command tx timeout [ 70.361017] Bluetooth: hci6: command tx timeout [ 70.424934] Bluetooth: hci7: command tx timeout [ 98.763227] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.764843] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.030931] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.032041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:37:07 executing program 2: r0 = socket$inet(0x2, 0x80003, 0xff) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0xa7, 0x4) sendto$inet(r0, &(0x7f0000000000)="60da7056a593ccc8bd2563073c967f6a9af19d7a", 0x14, 0x0, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10) recvmmsg(r0, &(0x7f0000007c40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000027c0)=""/16, 0x10}}], 0x1, 0x2102, 0x0) 08:37:08 executing program 2: r0 = socket$inet(0x2, 0x80003, 0xff) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0xa7, 0x4) sendto$inet(r0, &(0x7f0000000000)="60da7056a593ccc8bd2563073c967f6a9af19d7a", 0x14, 0x0, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10) recvmmsg(r0, &(0x7f0000007c40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000027c0)=""/16, 0x10}}], 0x1, 0x2102, 0x0) 08:37:08 executing program 2: r0 = socket$inet(0x2, 0x80003, 0xff) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0xa7, 0x4) sendto$inet(r0, &(0x7f0000000000)="60da7056a593ccc8bd2563073c967f6a9af19d7a", 0x14, 0x0, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10) recvmmsg(r0, &(0x7f0000007c40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000027c0)=""/16, 0x10}}], 0x1, 0x2102, 0x0) 08:37:08 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c) [ 100.145587] audit: type=1400 audit(1756456628.391:8): avc: denied { open } for pid=3768 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 100.154092] audit: type=1400 audit(1756456628.392:9): avc: denied { kernel } for pid=3768 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 08:37:08 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c) 08:37:08 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c) 08:37:08 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c) 08:37:08 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) io_setup(0x7d, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000100)="fea51a9e67d4507d826bf2303a798bc3f66ee921bbe83d0a407b94852f64a3fc4923dad5f331301405925b1c577718967504ccba3822b753b25ab5f7df3e9c26b1826f2f7fa55d471eacda3f66c482557c33c376c89bcdffacc5f1b5d1318d466d2609ef88e1f47a36f5aafb63b7fc022cacc3bfdf56ae3fc3defe0a33cffe372fea594ccec3ccb178ae637d070bb34e539f472776cb48cbfa5bc5ade288f775d2dadd7ad1dcf2db71beb1066c163dc0ae149184f8616dd4a63f55df3f72b5b5d0b3df33cbfa6d18b63e2df72271c49d47fbd6baec11e98491739bf9c401c33182116a2d0e3bc9394b4cde69bd4ceb3bd35ee09509630dc53de26b94382f790298", 0x101, 0x300}]) signalfd(0xffffffffffffffff, &(0x7f0000000040), 0x8) [ 100.734276] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 100.734839] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 100.745158] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 100.745678] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 100.806980] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.807720] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.930416] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.931035] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.106751] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.108142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.194971] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.195589] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.302448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.303440] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.360762] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.361665] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.463282] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.463934] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.547559] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.548574] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.600295] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.600935] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.673408] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.674637] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.834468] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.835211] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.854666] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.855360] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.915746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.916381] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.953454] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.954336] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:37:10 executing program 5: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@GFS2_LARGE_FH_SIZE={0x20}, &(0x7f0000000280), 0x0) 08:37:10 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) io_setup(0x7d, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000100)="fea51a9e67d4507d826bf2303a798bc3f66ee921bbe83d0a407b94852f64a3fc4923dad5f331301405925b1c577718967504ccba3822b753b25ab5f7df3e9c26b1826f2f7fa55d471eacda3f66c482557c33c376c89bcdffacc5f1b5d1318d466d2609ef88e1f47a36f5aafb63b7fc022cacc3bfdf56ae3fc3defe0a33cffe372fea594ccec3ccb178ae637d070bb34e539f472776cb48cbfa5bc5ade288f775d2dadd7ad1dcf2db71beb1066c163dc0ae149184f8616dd4a63f55df3f72b5b5d0b3df33cbfa6d18b63e2df72271c49d47fbd6baec11e98491739bf9c401c33182116a2d0e3bc9394b4cde69bd4ceb3bd35ee09509630dc53de26b94382f790298", 0x101, 0x300}]) signalfd(0xffffffffffffffff, &(0x7f0000000040), 0x8) 08:37:10 executing program 0: name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', &(0x7f0000000040)=@orangefs_parent={0x28, 0x2, {{"9550c5769f983ff93da9d274d211ce3d"}, {"cb5b24ee5bea979b1802bc1a9a98cac8"}}}, &(0x7f0000000080), 0x0) 08:37:10 executing program 4: set_mempolicy(0x2005, 0x0, 0x0) 08:37:10 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) io_setup(0x7d, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000100)="fea51a9e67d4507d826bf2303a798bc3f66ee921bbe83d0a407b94852f64a3fc4923dad5f331301405925b1c577718967504ccba3822b753b25ab5f7df3e9c26b1826f2f7fa55d471eacda3f66c482557c33c376c89bcdffacc5f1b5d1318d466d2609ef88e1f47a36f5aafb63b7fc022cacc3bfdf56ae3fc3defe0a33cffe372fea594ccec3ccb178ae637d070bb34e539f472776cb48cbfa5bc5ade288f775d2dadd7ad1dcf2db71beb1066c163dc0ae149184f8616dd4a63f55df3f72b5b5d0b3df33cbfa6d18b63e2df72271c49d47fbd6baec11e98491739bf9c401c33182116a2d0e3bc9394b4cde69bd4ceb3bd35ee09509630dc53de26b94382f790298", 0x101, 0x300}]) signalfd(0xffffffffffffffff, &(0x7f0000000040), 0x8) 08:37:10 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) 08:37:10 executing program 1: r0 = io_uring_setup(0x1ff, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_FILES(r0, 0x1b, 0x0, 0x0) 08:37:10 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f000000abc0)={0xffffffffffffffff, 0xffffffffffffffff}) fchmod(r0, 0x0) 08:37:10 executing program 1: r0 = io_uring_setup(0x1ff, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_FILES(r0, 0x1b, 0x0, 0x0) [ 102.246495] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 102.247119] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 102.259187] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 102.259660] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 08:37:10 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f000000abc0)={0xffffffffffffffff, 0xffffffffffffffff}) fchmod(r0, 0x0) [ 102.297606] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 102.298672] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 2 prio class 2 08:37:10 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) io_setup(0x7d, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000100)="fea51a9e67d4507d826bf2303a798bc3f66ee921bbe83d0a407b94852f64a3fc4923dad5f331301405925b1c577718967504ccba3822b753b25ab5f7df3e9c26b1826f2f7fa55d471eacda3f66c482557c33c376c89bcdffacc5f1b5d1318d466d2609ef88e1f47a36f5aafb63b7fc022cacc3bfdf56ae3fc3defe0a33cffe372fea594ccec3ccb178ae637d070bb34e539f472776cb48cbfa5bc5ade288f775d2dadd7ad1dcf2db71beb1066c163dc0ae149184f8616dd4a63f55df3f72b5b5d0b3df33cbfa6d18b63e2df72271c49d47fbd6baec11e98491739bf9c401c33182116a2d0e3bc9394b4cde69bd4ceb3bd35ee09509630dc53de26b94382f790298", 0x101, 0x300}]) signalfd(0xffffffffffffffff, &(0x7f0000000040), 0x8) [ 102.370780] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 102.371272] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 102.373244] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 102.373693] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 08:37:10 executing program 4: set_mempolicy(0x2005, 0x0, 0x0) 08:37:10 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) 08:37:10 executing program 0: name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', &(0x7f0000000040)=@orangefs_parent={0x28, 0x2, {{"9550c5769f983ff93da9d274d211ce3d"}, {"cb5b24ee5bea979b1802bc1a9a98cac8"}}}, &(0x7f0000000080), 0x0) 08:37:10 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) io_setup(0x7d, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000100)="fea51a9e67d4507d826bf2303a798bc3f66ee921bbe83d0a407b94852f64a3fc4923dad5f331301405925b1c577718967504ccba3822b753b25ab5f7df3e9c26b1826f2f7fa55d471eacda3f66c482557c33c376c89bcdffacc5f1b5d1318d466d2609ef88e1f47a36f5aafb63b7fc022cacc3bfdf56ae3fc3defe0a33cffe372fea594ccec3ccb178ae637d070bb34e539f472776cb48cbfa5bc5ade288f775d2dadd7ad1dcf2db71beb1066c163dc0ae149184f8616dd4a63f55df3f72b5b5d0b3df33cbfa6d18b63e2df72271c49d47fbd6baec11e98491739bf9c401c33182116a2d0e3bc9394b4cde69bd4ceb3bd35ee09509630dc53de26b94382f790298", 0x101, 0x300}]) signalfd(0xffffffffffffffff, &(0x7f0000000040), 0x8) 08:37:10 executing program 1: r0 = io_uring_setup(0x1ff, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_FILES(r0, 0x1b, 0x0, 0x0) [ 102.479091] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 102.479566] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 102.486772] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 102.487265] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 08:37:10 executing program 5: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@GFS2_LARGE_FH_SIZE={0x20}, &(0x7f0000000280), 0x0) 08:37:10 executing program 1: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@GFS2_LARGE_FH_SIZE={0x20}, &(0x7f0000000280), 0x0) 08:37:10 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) io_setup(0x7d, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000100)="fea51a9e67d4507d826bf2303a798bc3f66ee921bbe83d0a407b94852f64a3fc4923dad5f331301405925b1c577718967504ccba3822b753b25ab5f7df3e9c26b1826f2f7fa55d471eacda3f66c482557c33c376c89bcdffacc5f1b5d1318d466d2609ef88e1f47a36f5aafb63b7fc022cacc3bfdf56ae3fc3defe0a33cffe372fea594ccec3ccb178ae637d070bb34e539f472776cb48cbfa5bc5ade288f775d2dadd7ad1dcf2db71beb1066c163dc0ae149184f8616dd4a63f55df3f72b5b5d0b3df33cbfa6d18b63e2df72271c49d47fbd6baec11e98491739bf9c401c33182116a2d0e3bc9394b4cde69bd4ceb3bd35ee09509630dc53de26b94382f790298", 0x101, 0x300}]) signalfd(0xffffffffffffffff, &(0x7f0000000040), 0x8) 08:37:10 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f000000abc0)={0xffffffffffffffff, 0xffffffffffffffff}) fchmod(r0, 0x0) 08:37:10 executing program 0: name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', &(0x7f0000000040)=@orangefs_parent={0x28, 0x2, {{"9550c5769f983ff93da9d274d211ce3d"}, {"cb5b24ee5bea979b1802bc1a9a98cac8"}}}, &(0x7f0000000080), 0x0) 08:37:10 executing program 4: set_mempolicy(0x2005, 0x0, 0x0) 08:37:10 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) io_setup(0x7d, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000100)="fea51a9e67d4507d826bf2303a798bc3f66ee921bbe83d0a407b94852f64a3fc4923dad5f331301405925b1c577718967504ccba3822b753b25ab5f7df3e9c26b1826f2f7fa55d471eacda3f66c482557c33c376c89bcdffacc5f1b5d1318d466d2609ef88e1f47a36f5aafb63b7fc022cacc3bfdf56ae3fc3defe0a33cffe372fea594ccec3ccb178ae637d070bb34e539f472776cb48cbfa5bc5ade288f775d2dadd7ad1dcf2db71beb1066c163dc0ae149184f8616dd4a63f55df3f72b5b5d0b3df33cbfa6d18b63e2df72271c49d47fbd6baec11e98491739bf9c401c33182116a2d0e3bc9394b4cde69bd4ceb3bd35ee09509630dc53de26b94382f790298", 0x101, 0x300}]) signalfd(0xffffffffffffffff, &(0x7f0000000040), 0x8) 08:37:10 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) [ 102.647735] BUG: unable to handle page fault for address: ffffed10212c935e [ 102.648768] #PF: supervisor read access in kernel mode [ 102.649653] #PF: error_code(0x0000) - not-present page [ 102.650968] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0 [ 102.652370] Oops: Oops: 0000 [#1] SMP KASAN NOPTI [ 102.653674] CPU: 0 UID: 0 PID: 3955 Comm: syz-executor.7 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 102.657319] Tainted: [W]=WARN [ 102.658221] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 102.660491] RIP: 0010:perf_tp_event+0x175/0xe70 [ 102.661584] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 102.664096] RSP: 0018:ffff8880447d7800 EFLAGS: 00010212 [ 102.664836] RAX: 1ffff110212c935e RBX: ffff888109649900 RCX: ffffc900019ee000 [ 102.665814] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff888109649af0 [ 102.666789] RBP: ffff8880447d7a70 R08: ffff88806ce31340 R09: ffffe8ffffc15b78 [ 102.667770] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000 [ 102.668770] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000 [ 102.669753] FS: 00007f74b6d64700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 102.670856] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.671660] CR2: ffffed10212c935e CR3: 000000001fce6000 CR4: 0000000000350ef0 [ 102.672655] Call Trace: [ 102.673020] [ 102.673358] ? __pfx_perf_tp_event+0x10/0x10 [ 102.673995] ? perf_tp_event+0x807/0xe70 [ 102.674575] ? lock_is_held_type+0x9e/0x120 [ 102.675199] ? __pfx_perf_tp_event+0x10/0x10 [ 102.675832] ? __pfx_perf_trace_lock+0x10/0x10 [ 102.676493] ? find_held_lock+0x2b/0x80 [ 102.677072] ? perf_trace_run_bpf_submit+0xef/0x180 [ 102.677780] ? perf_trace_run_bpf_submit+0xef/0x180 [ 102.678491] ? perf_trace_run_bpf_submit+0xef/0x180 [ 102.679195] perf_trace_run_bpf_submit+0xef/0x180 [ 102.679888] perf_trace_lock_acquire+0x3c2/0x700 [ 102.680576] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 102.681305] ? __pfx_perf_trace_lock+0x10/0x10 [ 102.681950] ? futex_ref_get+0x48/0x300 [ 102.682518] ? find_held_lock+0x2b/0x80 [ 102.683094] lock_acquire+0xc5/0x2f0 [ 102.683623] ? futex_wake+0x228/0x540 [ 102.684196] _raw_spin_lock+0x2b/0x40 [ 102.684739] ? futex_wake+0x228/0x540 [ 102.685280] futex_wake+0x228/0x540 [ 102.685799] ? __pfx_perf_trace_lock+0x10/0x10 [ 102.686446] ? __pfx_futex_wake+0x10/0x10 [ 102.687038] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 102.687750] ? lock_release+0xc8/0x290 [ 102.688316] do_futex+0x26d/0x370 [ 102.688820] ? __pfx_do_futex+0x10/0x10 [ 102.689387] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 102.690136] ? find_held_lock+0x2b/0x80 [ 102.690708] __x64_sys_futex+0x1c9/0x4d0 [ 102.691285] ? __pfx___x64_sys_futex+0x10/0x10 [ 102.691932] ? xfd_validate_state+0x55/0x180 [ 102.692586] do_syscall_64+0xbf/0x360 [ 102.693128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.693850] RIP: 0033:0x7f74b97eeb19 [ 102.694378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 102.696856] RSP: 002b:00007f74b6d64218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 102.697899] RAX: ffffffffffffffda RBX: 00007f74b9901f68 RCX: 00007f74b97eeb19 [ 102.698872] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f74b9901f6c [ 102.699847] RBP: 00007f74b9901f60 R08: 000000000000000e R09: 0000000000000000 [ 102.700829] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f74b9901f6c [ 102.701810] R13: 00007fff855630af R14: 00007f74b6d64300 R15: 0000000000022000 [ 102.702800] [ 102.703133] Modules linked in: [ 102.703595] CR2: ffffed10212c935e [ 102.704089] ---[ end trace 0000000000000000 ]--- [ 102.704092] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI [ 102.704735] RIP: 0010:perf_tp_event+0x175/0xe70 [ 102.705626] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 102.706266] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 102.706864] CPU: 1 UID: 0 PID: 3957 Comm: syz-executor.3 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 102.709338] RSP: 0018:ffff8880447d7800 EFLAGS: 00010212 [ 102.710270] Tainted: [D]=DIE, [W]=WARN [ 102.710277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 102.710999] RAX: 1ffff110212c935e RBX: ffff888109649900 RCX: ffffc900019ee000 [ 102.711304] RIP: 0010:perf_tp_event+0x175/0xe70 [ 102.712441] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff888109649af0 [ 102.713000] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 102.713637] RBP: ffff8880447d7a70 R08: ffff88806ce31340 R09: ffffe8ffffc15b78 [ 102.714195] RSP: 0018:ffff8880448c77c0 EFLAGS: 00010212 [ 102.716663] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000 [ 102.717221] [ 102.717227] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 102.717945] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000 [ 102.718499] RDX: ffff8880432f3700 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 102.718752] FS: 00007f74b6d64700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 102.719303] RBP: ffff8880448c7a30 R08: ffff88806cf31340 R09: ffffe8ffffd15b78 [ 102.720283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.720836] R10: 0000000000000000 R11: 000000000000002c R12: dffffc0000000000 [ 102.721930] CR2: ffffed10212c935e CR3: 000000001fce6000 CR4: 0000000000350ef0 [ 102.722488] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 102.723289] note: syz-executor.7[3955] exited with irqs disabled [ 102.723843] FS: 000055556acc2400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 102.726467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.726925] CR2: 000055556acc3c18 CR3: 0000000042466000 CR4: 0000000000350ef0 [ 102.727492] Call Trace: [ 102.727702] [ 102.727892] ? __pfx_perf_tp_event+0x10/0x10 [ 102.728269] ? cpu_util.constprop.0+0x17d/0x340 [ 102.728656] ? __asan_memset+0x24/0x50 [ 102.728973] ? sched_balance_find_dst_group+0xa9a/0x1c00 [ 102.729418] ? __pfx_perf_trace_lock+0x10/0x10 [ 102.729797] ? perf_trace_lock+0xb5/0x5d0 [ 102.730138] ? perf_trace_run_bpf_submit+0xef/0x180 [ 102.730546] perf_trace_run_bpf_submit+0xef/0x180 [ 102.730939] perf_trace_lock_acquire+0x3c2/0x700 [ 102.731327] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 102.731737] ? __pfx_perf_trace_lock+0x10/0x10 [ 102.732111] ? __pfx_perf_trace_lock+0x10/0x10 [ 102.732479] lock_acquire+0xc5/0x2f0 [ 102.732775] ? futex_private_hash_put+0x4c/0x2d0 [ 102.733153] ? futex_hash+0x15c/0x390 [ 102.733454] ? lock_release+0x1c7/0x290 [ 102.733770] futex_private_hash_put+0x5d/0x2d0 [ 102.734129] ? futex_private_hash_put+0x4c/0x2d0 [ 102.734502] futex_hash_put+0x3f/0x50 [ 102.734803] futex_wake+0x1bb/0x540 [ 102.735101] ? kernel_clone+0x204/0x7f0 [ 102.735416] ? __pfx_futex_wake+0x10/0x10 [ 102.735745] ? __pfx_kernel_clone+0x10/0x10 [ 102.736094] ? perf_trace_lock+0xb5/0x5d0 [ 102.736420] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 102.736829] ? __pfx___handle_mm_fault+0x10/0x10 [ 102.737218] do_futex+0x26d/0x370 [ 102.737499] ? __pfx_do_futex+0x10/0x10 [ 102.737819] ? __pfx___do_sys_clone+0x10/0x10 [ 102.738176] ? handle_mm_fault+0x590/0x9b0 [ 102.738516] __x64_sys_futex+0x1c9/0x4d0 [ 102.738840] ? __pfx___x64_sys_futex+0x10/0x10 [ 102.739208] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 102.739621] do_syscall_64+0xbf/0x360 [ 102.739926] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.740339] RIP: 0033:0x7ff6f3ab5b19 [ 102.740632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 102.742026] RSP: 002b:00007ffd791614d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 102.742613] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff6f3ab5b19 [ 102.743162] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff6f3bc8f68 [ 102.743719] RBP: 00007ff6f3bc8f60 R08: 00007ff6f102b700 R09: 0000000000000000 [ 102.744276] R10: 00007ff6f102b700 R11: 0000000000000246 R12: 00007ff6f3bcda68 [ 102.744830] R13: 00007ffd791615e0 R14: 00007ff6f3bc8f60 R15: 0000000000019092 [ 102.745389] [ 102.745575] Modules linked in: [ 102.745834] BUG: unable to handle page fault for address: ffffed10212c935e [ 102.746826] #PF: supervisor read access in kernel mode [ 102.747582] #PF: error_code(0x0000) - not-present page [ 102.748331] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0 [ 102.749154] Oops: Oops: 0000 [#3] SMP KASAN NOPTI [ 102.749863] CPU: 0 UID: 0 PID: 3955 Comm: syz-executor.7 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 102.751576] Tainted: [D]=DIE, [W]=WARN [ 102.752149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 102.753323] RIP: 0010:perf_tp_event+0x175/0xe70 [ 102.754013] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 102.756593] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012 [ 102.757360] RAX: 1ffff110212c935e RBX: ffff888109649900 RCX: 0000000000000002 [ 102.758374] RDX: ffff888043685280 RSI: ffffffff818995b7 RDI: ffff888109649af0 [ 102.759389] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc15b78 [ 102.760412] R10: 0000000000000000 R11: 000000000000002c R12: dffffc0000000000 [ 102.761435] R13: 000000000000002c R14: ffff88806ce31490 R15: dffffc0000000000 [ 102.762458] FS: 00007f74b6d64700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 102.763610] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.764448] CR2: ffffed10212c935e CR3: 000000001fce6000 CR4: 0000000000350ef0 [ 102.765469] Call Trace: [ 102.765847] [ 102.766182] ? __pfx_perf_tp_event+0x10/0x10 [ 102.766835] ? stack_depot_save_flags+0x2c/0xa20 [ 102.767532] ? kasan_save_stack+0x34/0x50 [ 102.768145] ? kasan_save_stack+0x24/0x50 [ 102.768752] ? kasan_save_track+0x14/0x30 [ 102.769372] ? __kasan_save_free_info+0x3a/0x60 [ 102.770053] ? __kasan_slab_free+0x3f/0x50 [ 102.770678] ? kmem_cache_free+0x2a1/0x540 [ 102.771289] ? rcu_core+0x7c8/0x1800 [ 102.771843] ? handle_softirqs+0x1b1/0x770 [ 102.772479] ? __irq_exit_rcu+0xc4/0x100 [ 102.773077] ? irq_exit_rcu+0x9/0x20 [ 102.773616] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 102.774357] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 102.775134] ? __rcu_read_unlock+0x30/0x4b0 [ 102.775755] ? unwind_next_frame+0x3bc/0x2540 [ 102.776434] ? arch_stack_walk+0x86/0xf0 [ 102.777025] ? stack_trace_save+0x8e/0xc0 [ 102.777639] ? kasan_save_stack+0x24/0x50 [ 102.778253] ? kasan_record_aux_stack+0x89/0xa0 [ 102.778927] ? __call_rcu_common.constprop.0+0x70/0x960 [ 102.779698] ? kmem_cache_free+0x33a/0x540 [ 102.780317] ? kfree_skbmem+0x18a/0x1f0 [ 102.780905] ? sk_skb_reason_drop+0x10e/0x1b0 [ 102.781582] ? ieee80211_iface_work+0x43c/0x1220 [ 102.782276] ? cfg80211_wiphy_work+0x245/0x480 [ 102.782939] ? process_one_work+0x8e1/0x19c0 [ 102.783584] ? worker_thread+0x67e/0xe90 [ 102.784196] ? kthread+0x3c8/0x740 [ 102.784722] ? ret_from_fork+0x34b/0x430 [ 102.785333] ? ret_from_fork_asm+0x1a/0x30 [ 102.785953] ? perf_trace_lock_acquire+0xc9/0x700 [ 102.786673] ? perf_trace_run_bpf_submit+0xef/0x180 [ 102.787410] perf_trace_run_bpf_submit+0xef/0x180 [ 102.788130] perf_trace_lock_acquire+0x3c2/0x700 [ 102.788838] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 102.789602] ? trace_rcu_utilization+0x26/0x190 [ 102.790299] lock_acquire+0xc5/0x2f0 [ 102.790853] ? hrtimer_interrupt+0xd6/0x830 [ 102.791486] ? __pfx_rcu_core+0x10/0x10 [ 102.792083] _raw_spin_lock_irqsave+0x3a/0x60 [ 102.792741] ? hrtimer_interrupt+0xd6/0x830 [ 102.793368] hrtimer_interrupt+0xd6/0x830 [ 102.793973] ? __local_bh_enable+0x7b/0x90 [ 102.794598] ? handle_softirqs+0x50c/0x770 [ 102.795230] __sysvec_apic_timer_interrupt+0xbb/0x330 [ 102.795982] sysvec_apic_timer_interrupt+0x6b/0x80 [ 102.796708] [ 102.797041] [ 102.797377] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 102.798135] RIP: 0010:make_task_dead+0xa2/0x3b0 [ 102.798821] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de [ 102.801402] RSP: 0018:ffff8880447d7f28 EFLAGS: 00000246 [ 102.802164] RAX: 0000000000000001 RBX: ffff888043685280 RCX: ffffffff817c2b86 [ 102.803185] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234 [ 102.804208] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000 [ 102.805228] R10: ffffffff8643ac57 R11: 000000000000002c R12: ffff888043685280 [ 102.806248] R13: 0000000000000009 R14: ffff8880447d77e0 R15: 0000000000000000 [ 102.807276] ? trace_irq_enable.constprop.0+0x26/0x100 [ 102.808039] ? make_task_dead+0x214/0x3b0 [ 102.808649] ? make_task_dead+0x214/0x3b0 [ 102.809253] ? do_syscall_64+0xbf/0x360 [ 102.809831] rewind_stack_and_make_dead+0x16/0x20 [ 102.810541] RIP: 0033:0x7f74b97eeb19 [ 102.811080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 102.813670] RSP: 002b:00007f74b6d64218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 102.814748] RAX: ffffffffffffffda RBX: 00007f74b9901f68 RCX: 00007f74b97eeb19 [ 102.815759] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f74b9901f6c [ 102.816791] RBP: 00007f74b9901f60 R08: 000000000000000e R09: 0000000000000000 [ 102.817814] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f74b9901f6c [ 102.818844] R13: 00007fff855630af R14: 00007f74b6d64300 R15: 0000000000022000 [ 102.819881] [ 102.820234] Modules linked in: [ 102.820712] CR2: ffffed10212c935e [ 102.821214] ---[ end trace 0000000000000000 ]--- [ 102.821214] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#4] SMP KASAN NOPTI [ 102.821888] RIP: 0010:perf_tp_event+0x175/0xe70 [ 102.822733] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 102.823387] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 102.823966] CPU: 1 UID: 0 PID: 3957 Comm: syz-executor.3 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 102.826540] RSP: 0018:ffff8880447d7800 EFLAGS: 00010212 [ 102.827448] Tainted: [D]=DIE, [W]=WARN [ 102.827448] [ 102.827457] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 102.828205] RAX: 1ffff110212c935e RBX: ffff888109649900 RCX: ffffc900019ee000 [ 102.828503] RIP: 0010:perf_tp_event+0x175/0xe70 [ 102.828763] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff888109649af0 [ 102.829414] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 102.830415] RBP: ffff8880447d7a70 R08: ffff88806ce31340 R09: ffffe8ffffc15b78 [ 102.830781] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012 [ 102.831812] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000 [ 102.833243] [ 102.833249] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 102.834257] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000 [ 102.834679] RDX: ffff8880432f3700 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 102.835702] FS: 00007f74b6d64700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 102.835842] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd15b78 [ 102.836870] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.837428] R10: 0000000000000000 R11: 000000000000002c R12: dffffc0000000000 [ 102.838445] CR2: ffffed10212c935e CR3: 000000001fce6000 CR4: 0000000000350ef0 [ 102.839084] R13: 000000000000002c R14: ffff88806cf31490 R15: dffffc0000000000 [ 102.840113] Kernel panic - not syncing: Fatal exception in interrupt [ 103.941912] Shutting down cpus with NMI [ 103.956348] Kernel Offset: disabled [ 103.956789] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 08:37:11 Registers: info registers vcpu 0 RAX=0000000000000050 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880447d7010 R8 =0000000000000000 R9 =ffffed10016bb046 R10=0000000000000050 R11=000000000000002c R12=0000000000000050 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f74b6d64700 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe2c00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=ffffed10212c935e CR3=000000001fce6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f74b98d57c000007f74b98d57c8 XMM02=00007f74b98d57e000007f74b98d57c0 XMM03=00007f74b98d57c800007f74b98d57c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=fffffbfff0f0ec08 RBX=fffffbfff0f0ec09 RCX=ffffffff84bdec0e RDX=fffffbfff0f0ec09 RSI=0000000000000004 RDI=ffffffff87876044 RBP=fffffbfff0f0ec08 RSP=ffff8880448c7550 R8 =0000000000000000 R9 =fffffbfff0f0ec08 R10=ffffffff87876047 R11=202c746c75616620 R12=1ffff11008918eaf R13=0000000000000007 R14=fffffbfff0f0ec08 R15=ffff8880448c75a8 RIP=ffffffff81afefd1 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055556acc2400 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe2c00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055556acc3c18 CR3=0000000042466000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007ff6f3b9c7c000007ff6f3b9c7c8 XMM02=00007ff6f3b9c7e000007ff6f3b9c7c0 XMM03=00007ff6f3b9c7c800007ff6f3b9c7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000