Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:51563' (ECDSA) to the list of known hosts.
2025/08/29 12:29:06 fuzzer started
2025/08/29 12:29:06 dialing manager at localhost:43077
syzkaller login: [   51.599764] cgroup: Unknown subsys name 'net'
[   51.676293] cgroup: Unknown subsys name 'cpuset'
[   51.697060] cgroup: Unknown subsys name 'rlimit'
2025/08/29 12:29:17 syscalls: 2214
2025/08/29 12:29:17 code coverage: enabled
2025/08/29 12:29:17 comparison tracing: enabled
2025/08/29 12:29:17 extra coverage: enabled
2025/08/29 12:29:17 setuid sandbox: enabled
2025/08/29 12:29:17 namespace sandbox: enabled
2025/08/29 12:29:17 Android sandbox: enabled
2025/08/29 12:29:17 fault injection: enabled
2025/08/29 12:29:17 leak checking: enabled
2025/08/29 12:29:17 net packet injection: enabled
2025/08/29 12:29:17 net device setup: enabled
2025/08/29 12:29:17 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 12:29:17 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 12:29:17 USB emulation: enabled
2025/08/29 12:29:17 hci packet injection: enabled
2025/08/29 12:29:17 wifi device emulation: enabled
2025/08/29 12:29:17 802.15.4 emulation: enabled
2025/08/29 12:29:17 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 12:29:17 fetching corpus: 50, signal 21480/25050 (executing program)
2025/08/29 12:29:17 fetching corpus: 100, signal 30226/35302 (executing program)
2025/08/29 12:29:17 fetching corpus: 150, signal 39076/45487 (executing program)
2025/08/29 12:29:17 fetching corpus: 200, signal 46036/53717 (executing program)
2025/08/29 12:29:17 fetching corpus: 250, signal 52790/61586 (executing program)
2025/08/29 12:29:17 fetching corpus: 300, signal 57584/67469 (executing program)
2025/08/29 12:29:17 fetching corpus: 350, signal 62119/73026 (executing program)
2025/08/29 12:29:17 fetching corpus: 400, signal 65921/77805 (executing program)
2025/08/29 12:29:17 fetching corpus: 450, signal 68774/81696 (executing program)
2025/08/29 12:29:18 fetching corpus: 500, signal 71528/85448 (executing program)
2025/08/29 12:29:18 fetching corpus: 550, signal 74376/89293 (executing program)
2025/08/29 12:29:18 fetching corpus: 600, signal 77392/93128 (executing program)
2025/08/29 12:29:18 fetching corpus: 650, signal 81492/97837 (executing program)
2025/08/29 12:29:18 fetching corpus: 700, signal 83663/100817 (executing program)
2025/08/29 12:29:18 fetching corpus: 750, signal 85428/103484 (executing program)
2025/08/29 12:29:18 fetching corpus: 800, signal 87209/106077 (executing program)
2025/08/29 12:29:18 fetching corpus: 850, signal 89592/109185 (executing program)
2025/08/29 12:29:18 fetching corpus: 900, signal 91076/111482 (executing program)
2025/08/29 12:29:18 fetching corpus: 950, signal 92900/114017 (executing program)
2025/08/29 12:29:18 fetching corpus: 1000, signal 95773/117380 (executing program)
2025/08/29 12:29:19 fetching corpus: 1050, signal 97396/119683 (executing program)
2025/08/29 12:29:19 fetching corpus: 1100, signal 98742/121774 (executing program)
2025/08/29 12:29:19 fetching corpus: 1150, signal 100297/123942 (executing program)
2025/08/29 12:29:19 fetching corpus: 1200, signal 101434/125806 (executing program)
2025/08/29 12:29:19 fetching corpus: 1250, signal 103160/128084 (executing program)
2025/08/29 12:29:19 fetching corpus: 1300, signal 104339/129909 (executing program)
2025/08/29 12:29:19 fetching corpus: 1350, signal 105554/131757 (executing program)
2025/08/29 12:29:19 fetching corpus: 1400, signal 106673/133477 (executing program)
2025/08/29 12:29:19 fetching corpus: 1450, signal 107773/135173 (executing program)
2025/08/29 12:29:19 fetching corpus: 1500, signal 108841/136827 (executing program)
2025/08/29 12:29:19 fetching corpus: 1550, signal 109556/138212 (executing program)
2025/08/29 12:29:20 fetching corpus: 1600, signal 110990/140039 (executing program)
2025/08/29 12:29:20 fetching corpus: 1650, signal 113058/142303 (executing program)
2025/08/29 12:29:20 fetching corpus: 1700, signal 114067/143781 (executing program)
2025/08/29 12:29:20 fetching corpus: 1750, signal 114999/145199 (executing program)
2025/08/29 12:29:20 fetching corpus: 1800, signal 115960/146639 (executing program)
2025/08/29 12:29:20 fetching corpus: 1850, signal 117299/148210 (executing program)
2025/08/29 12:29:20 fetching corpus: 1900, signal 117983/149416 (executing program)
2025/08/29 12:29:20 fetching corpus: 1950, signal 118722/150672 (executing program)
2025/08/29 12:29:20 fetching corpus: 2000, signal 119754/152073 (executing program)
2025/08/29 12:29:20 fetching corpus: 2050, signal 121352/153753 (executing program)
2025/08/29 12:29:21 fetching corpus: 2100, signal 122403/155165 (executing program)
2025/08/29 12:29:21 fetching corpus: 2150, signal 123349/156457 (executing program)
2025/08/29 12:29:21 fetching corpus: 2200, signal 124357/157744 (executing program)
2025/08/29 12:29:21 fetching corpus: 2250, signal 125121/158869 (executing program)
2025/08/29 12:29:21 fetching corpus: 2300, signal 125934/160005 (executing program)
2025/08/29 12:29:21 fetching corpus: 2350, signal 127222/161484 (executing program)
2025/08/29 12:29:21 fetching corpus: 2400, signal 128155/162609 (executing program)
2025/08/29 12:29:21 fetching corpus: 2450, signal 129107/163840 (executing program)
2025/08/29 12:29:21 fetching corpus: 2500, signal 129899/164878 (executing program)
2025/08/29 12:29:21 fetching corpus: 2550, signal 130835/166017 (executing program)
2025/08/29 12:29:22 fetching corpus: 2600, signal 131697/167087 (executing program)
2025/08/29 12:29:22 fetching corpus: 2650, signal 132524/168107 (executing program)
2025/08/29 12:29:22 fetching corpus: 2700, signal 133277/169113 (executing program)
2025/08/29 12:29:22 fetching corpus: 2750, signal 133917/170002 (executing program)
2025/08/29 12:29:22 fetching corpus: 2800, signal 134645/171011 (executing program)
2025/08/29 12:29:22 fetching corpus: 2850, signal 135308/171907 (executing program)
2025/08/29 12:29:22 fetching corpus: 2900, signal 136430/172993 (executing program)
2025/08/29 12:29:22 fetching corpus: 2950, signal 137127/173889 (executing program)
2025/08/29 12:29:22 fetching corpus: 3000, signal 138507/175033 (executing program)
2025/08/29 12:29:22 fetching corpus: 3050, signal 139427/176081 (executing program)
2025/08/29 12:29:23 fetching corpus: 3100, signal 141046/177239 (executing program)
2025/08/29 12:29:23 fetching corpus: 3150, signal 141691/178051 (executing program)
2025/08/29 12:29:23 fetching corpus: 3200, signal 143025/179156 (executing program)
2025/08/29 12:29:23 fetching corpus: 3250, signal 143502/179854 (executing program)
2025/08/29 12:29:23 fetching corpus: 3300, signal 143917/180515 (executing program)
2025/08/29 12:29:23 fetching corpus: 3350, signal 144365/181184 (executing program)
2025/08/29 12:29:23 fetching corpus: 3400, signal 145048/181957 (executing program)
2025/08/29 12:29:23 fetching corpus: 3450, signal 145657/182756 (executing program)
2025/08/29 12:29:23 fetching corpus: 3500, signal 146348/183473 (executing program)
2025/08/29 12:29:23 fetching corpus: 3550, signal 146762/184094 (executing program)
2025/08/29 12:29:23 fetching corpus: 3600, signal 147587/184839 (executing program)
2025/08/29 12:29:24 fetching corpus: 3650, signal 149898/185910 (executing program)
2025/08/29 12:29:24 fetching corpus: 3700, signal 150758/186605 (executing program)
2025/08/29 12:29:24 fetching corpus: 3750, signal 151103/187179 (executing program)
2025/08/29 12:29:24 fetching corpus: 3800, signal 151708/187779 (executing program)
2025/08/29 12:29:24 fetching corpus: 3850, signal 152130/188367 (executing program)
2025/08/29 12:29:24 fetching corpus: 3900, signal 152790/188992 (executing program)
2025/08/29 12:29:24 fetching corpus: 3950, signal 153393/189572 (executing program)
2025/08/29 12:29:24 fetching corpus: 4000, signal 153912/190099 (executing program)
2025/08/29 12:29:24 fetching corpus: 4050, signal 154386/190642 (executing program)
2025/08/29 12:29:24 fetching corpus: 4100, signal 154959/191174 (executing program)
2025/08/29 12:29:24 fetching corpus: 4150, signal 155381/191691 (executing program)
2025/08/29 12:29:25 fetching corpus: 4200, signal 156010/192214 (executing program)
2025/08/29 12:29:25 fetching corpus: 4250, signal 156800/192728 (executing program)
2025/08/29 12:29:25 fetching corpus: 4300, signal 157239/193238 (executing program)
2025/08/29 12:29:25 fetching corpus: 4350, signal 157812/193672 (executing program)
2025/08/29 12:29:25 fetching corpus: 4400, signal 158499/194135 (executing program)
2025/08/29 12:29:25 fetching corpus: 4450, signal 159019/194592 (executing program)
2025/08/29 12:29:25 fetching corpus: 4500, signal 159556/195035 (executing program)
2025/08/29 12:29:25 fetching corpus: 4550, signal 160022/195432 (executing program)
2025/08/29 12:29:25 fetching corpus: 4600, signal 160572/195829 (executing program)
2025/08/29 12:29:25 fetching corpus: 4650, signal 161318/196231 (executing program)
2025/08/29 12:29:26 fetching corpus: 4700, signal 161727/196608 (executing program)
2025/08/29 12:29:26 fetching corpus: 4750, signal 162334/196934 (executing program)
2025/08/29 12:29:26 fetching corpus: 4800, signal 162781/196964 (executing program)
2025/08/29 12:29:26 fetching corpus: 4850, signal 163205/196985 (executing program)
2025/08/29 12:29:26 fetching corpus: 4900, signal 163559/197047 (executing program)
2025/08/29 12:29:26 fetching corpus: 4950, signal 164113/197087 (executing program)
2025/08/29 12:29:26 fetching corpus: 5000, signal 164529/197091 (executing program)
2025/08/29 12:29:26 fetching corpus: 5050, signal 164962/197094 (executing program)
2025/08/29 12:29:26 fetching corpus: 5100, signal 165394/197177 (executing program)
2025/08/29 12:29:26 fetching corpus: 5150, signal 165738/197177 (executing program)
2025/08/29 12:29:27 fetching corpus: 5200, signal 166103/197186 (executing program)
2025/08/29 12:29:27 fetching corpus: 5250, signal 166396/197188 (executing program)
2025/08/29 12:29:27 fetching corpus: 5300, signal 167027/197204 (executing program)
2025/08/29 12:29:27 fetching corpus: 5350, signal 167341/197212 (executing program)
2025/08/29 12:29:27 fetching corpus: 5400, signal 167703/197219 (executing program)
2025/08/29 12:29:27 fetching corpus: 5450, signal 168125/197220 (executing program)
2025/08/29 12:29:27 fetching corpus: 5500, signal 168432/197230 (executing program)
2025/08/29 12:29:27 fetching corpus: 5550, signal 168963/197242 (executing program)
2025/08/29 12:29:27 fetching corpus: 5600, signal 169338/197260 (executing program)
2025/08/29 12:29:27 fetching corpus: 5650, signal 169647/197261 (executing program)
2025/08/29 12:29:28 fetching corpus: 5700, signal 170024/197264 (executing program)
2025/08/29 12:29:28 fetching corpus: 5750, signal 170472/197270 (executing program)
2025/08/29 12:29:28 fetching corpus: 5800, signal 170752/197277 (executing program)
2025/08/29 12:29:28 fetching corpus: 5850, signal 171033/197288 (executing program)
2025/08/29 12:29:28 fetching corpus: 5900, signal 171409/197291 (executing program)
2025/08/29 12:29:28 fetching corpus: 5950, signal 171955/197298 (executing program)
2025/08/29 12:29:28 fetching corpus: 6000, signal 172350/197299 (executing program)
2025/08/29 12:29:28 fetching corpus: 6050, signal 172794/197343 (executing program)
2025/08/29 12:29:28 fetching corpus: 6100, signal 173064/197348 (executing program)
2025/08/29 12:29:28 fetching corpus: 6150, signal 173448/197359 (executing program)
2025/08/29 12:29:29 fetching corpus: 6200, signal 173782/197383 (executing program)
2025/08/29 12:29:29 fetching corpus: 6250, signal 174110/197386 (executing program)
2025/08/29 12:29:29 fetching corpus: 6300, signal 174519/197394 (executing program)
2025/08/29 12:29:29 fetching corpus: 6350, signal 174832/197418 (executing program)
2025/08/29 12:29:29 fetching corpus: 6400, signal 175145/197423 (executing program)
2025/08/29 12:29:29 fetching corpus: 6450, signal 175409/197430 (executing program)
2025/08/29 12:29:29 fetching corpus: 6500, signal 175658/197438 (executing program)
2025/08/29 12:29:29 fetching corpus: 6550, signal 176016/197441 (executing program)
2025/08/29 12:29:29 fetching corpus: 6600, signal 176397/197444 (executing program)
2025/08/29 12:29:29 fetching corpus: 6650, signal 176731/197459 (executing program)
2025/08/29 12:29:30 fetching corpus: 6700, signal 177037/197554 (executing program)
2025/08/29 12:29:30 fetching corpus: 6750, signal 177387/197573 (executing program)
2025/08/29 12:29:30 fetching corpus: 6800, signal 177675/197584 (executing program)
2025/08/29 12:29:30 fetching corpus: 6850, signal 177882/197596 (executing program)
2025/08/29 12:29:30 fetching corpus: 6900, signal 178195/197605 (executing program)
2025/08/29 12:29:30 fetching corpus: 6950, signal 178456/197606 (executing program)
2025/08/29 12:29:30 fetching corpus: 7000, signal 178660/197619 (executing program)
2025/08/29 12:29:30 fetching corpus: 7050, signal 179119/197670 (executing program)
2025/08/29 12:29:30 fetching corpus: 7100, signal 179614/197799 (executing program)
2025/08/29 12:29:31 fetching corpus: 7150, signal 179967/197810 (executing program)
2025/08/29 12:29:31 fetching corpus: 7200, signal 180255/197812 (executing program)
2025/08/29 12:29:31 fetching corpus: 7250, signal 180551/197812 (executing program)
2025/08/29 12:29:31 fetching corpus: 7300, signal 180812/197825 (executing program)
2025/08/29 12:29:31 fetching corpus: 7350, signal 181093/197831 (executing program)
2025/08/29 12:29:31 fetching corpus: 7400, signal 181388/197835 (executing program)
2025/08/29 12:29:31 fetching corpus: 7450, signal 181639/197838 (executing program)
2025/08/29 12:29:31 fetching corpus: 7500, signal 181925/197855 (executing program)
2025/08/29 12:29:31 fetching corpus: 7550, signal 182170/197863 (executing program)
2025/08/29 12:29:31 fetching corpus: 7600, signal 182784/197874 (executing program)
2025/08/29 12:29:31 fetching corpus: 7650, signal 183023/197884 (executing program)
2025/08/29 12:29:31 fetching corpus: 7700, signal 183271/197889 (executing program)
2025/08/29 12:29:32 fetching corpus: 7750, signal 183530/197910 (executing program)
2025/08/29 12:29:32 fetching corpus: 7800, signal 183786/197915 (executing program)
2025/08/29 12:29:32 fetching corpus: 7850, signal 184016/197925 (executing program)
2025/08/29 12:29:32 fetching corpus: 7900, signal 184226/197961 (executing program)
2025/08/29 12:29:32 fetching corpus: 7950, signal 184571/197964 (executing program)
2025/08/29 12:29:32 fetching corpus: 8000, signal 184917/197973 (executing program)
2025/08/29 12:29:32 fetching corpus: 8050, signal 185342/197977 (executing program)
2025/08/29 12:29:32 fetching corpus: 8100, signal 185647/197977 (executing program)
2025/08/29 12:29:32 fetching corpus: 8150, signal 186022/197984 (executing program)
2025/08/29 12:29:32 fetching corpus: 8200, signal 186309/197984 (executing program)
2025/08/29 12:29:32 fetching corpus: 8250, signal 186572/197992 (executing program)
2025/08/29 12:29:32 fetching corpus: 8300, signal 187065/198018 (executing program)
2025/08/29 12:29:32 fetching corpus: 8350, signal 187315/198020 (executing program)
2025/08/29 12:29:33 fetching corpus: 8400, signal 187537/198027 (executing program)
2025/08/29 12:29:33 fetching corpus: 8450, signal 187805/198033 (executing program)
2025/08/29 12:29:33 fetching corpus: 8500, signal 188005/198036 (executing program)
2025/08/29 12:29:33 fetching corpus: 8550, signal 188251/198068 (executing program)
2025/08/29 12:29:33 fetching corpus: 8600, signal 188904/198071 (executing program)
2025/08/29 12:29:33 fetching corpus: 8650, signal 189203/198072 (executing program)
2025/08/29 12:29:33 fetching corpus: 8700, signal 189422/198115 (executing program)
2025/08/29 12:29:33 fetching corpus: 8750, signal 189665/198117 (executing program)
2025/08/29 12:29:33 fetching corpus: 8800, signal 189944/198119 (executing program)
2025/08/29 12:29:33 fetching corpus: 8850, signal 190195/198120 (executing program)
2025/08/29 12:29:34 fetching corpus: 8900, signal 190558/198120 (executing program)
2025/08/29 12:29:34 fetching corpus: 8950, signal 190785/198123 (executing program)
2025/08/29 12:29:34 fetching corpus: 9000, signal 191075/198126 (executing program)
2025/08/29 12:29:34 fetching corpus: 9050, signal 191299/198159 (executing program)
2025/08/29 12:29:34 fetching corpus: 9100, signal 191502/198159 (executing program)
2025/08/29 12:29:34 fetching corpus: 9150, signal 191736/198181 (executing program)
2025/08/29 12:29:34 fetching corpus: 9200, signal 191978/198185 (executing program)
2025/08/29 12:29:34 fetching corpus: 9250, signal 192293/198189 (executing program)
2025/08/29 12:29:34 fetching corpus: 9300, signal 192517/198191 (executing program)
2025/08/29 12:29:35 fetching corpus: 9350, signal 192875/198213 (executing program)
2025/08/29 12:29:35 fetching corpus: 9400, signal 193176/198213 (executing program)
2025/08/29 12:29:35 fetching corpus: 9450, signal 193395/198221 (executing program)
2025/08/29 12:29:35 fetching corpus: 9500, signal 193584/198228 (executing program)
2025/08/29 12:29:35 fetching corpus: 9550, signal 193915/198230 (executing program)
2025/08/29 12:29:35 fetching corpus: 9600, signal 194094/198231 (executing program)
2025/08/29 12:29:35 fetching corpus: 9650, signal 194373/198239 (executing program)
2025/08/29 12:29:35 fetching corpus: 9664, signal 194428/198239 (executing program)
2025/08/29 12:29:35 fetching corpus: 9664, signal 194428/198239 (executing program)
2025/08/29 12:29:38 starting 8 fuzzer processes
12:29:38 executing program 0:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
connect(r0, &(0x7f0000000080)=@nl=@unspec, 0x80)

12:29:38 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2)

12:29:38 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$inet_buf(r1, 0x0, 0x4, 0x0, 0x0)

[   83.258671] audit: type=1400 audit(1756470578.196:7): avc:  denied  { execmem } for  pid=280 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
12:29:38 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
lseek(r0, 0x0, 0x1)

12:29:38 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
sendfile(r0, r0, 0x0, 0x80000001)

12:29:38 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x401)
write$evdev(r0, &(0x7f0000000200)=[{{0x77359400}, 0x14, 0x7}], 0x18)

12:29:38 executing program 3:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00))
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000)

12:29:38 executing program 6:
r0 = io_uring_setup(0x5053, &(0x7f0000000140))
io_uring_register$IORING_REGISTER_FILES(r0, 0x22, &(0x7f0000000580)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2)

[   84.448739] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   84.454393] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   84.455883] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   84.459535] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   84.461153] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   84.464493] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   84.466707] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   84.472123] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   84.473857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   84.482877] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   84.515851] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   84.520398] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   84.525915] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   84.545359] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   84.547607] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   84.662669] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   84.668875] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   84.678472] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   84.712529] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   84.728030] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   84.809329] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   84.831718] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   84.847078] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   84.881750] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   84.887978] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   84.892397] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   84.892498] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   84.902843] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   84.909924] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   84.914937] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   84.920524] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   84.923071] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   84.924421] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   84.928593] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   84.930685] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   84.952351] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   84.957730] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   84.964000] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   84.969816] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   84.983655] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   86.543767] Bluetooth: hci1: command tx timeout
[   86.545125] Bluetooth: hci0: command tx timeout
[   86.607345] Bluetooth: hci2: command tx timeout
[   86.863280] Bluetooth: hci3: command tx timeout
[   86.991455] Bluetooth: hci5: command tx timeout
[   86.991510] Bluetooth: hci6: command tx timeout
[   87.055269] Bluetooth: hci4: command tx timeout
[   87.119298] Bluetooth: hci7: command tx timeout
[   88.592382] Bluetooth: hci0: command tx timeout
[   88.592854] Bluetooth: hci1: command tx timeout
[   88.655313] Bluetooth: hci2: command tx timeout
[   88.911365] Bluetooth: hci3: command tx timeout
[   89.040251] Bluetooth: hci5: command tx timeout
[   89.040704] Bluetooth: hci6: command tx timeout
[   89.103282] Bluetooth: hci4: command tx timeout
[   89.167292] Bluetooth: hci7: command tx timeout
[   90.639266] Bluetooth: hci1: command tx timeout
[   90.640259] Bluetooth: hci0: command tx timeout
[   90.703246] Bluetooth: hci2: command tx timeout
[   90.959280] Bluetooth: hci3: command tx timeout
[   91.087295] Bluetooth: hci6: command tx timeout
[   91.087329] Bluetooth: hci5: command tx timeout
[   91.152316] Bluetooth: hci4: command tx timeout
[   91.216298] Bluetooth: hci7: command tx timeout
[   92.688331] Bluetooth: hci0: command tx timeout
[   92.688350] Bluetooth: hci1: command tx timeout
[   92.751334] Bluetooth: hci2: command tx timeout
[   93.008305] Bluetooth: hci3: command tx timeout
[   93.137270] Bluetooth: hci5: command tx timeout
[   93.137324] Bluetooth: hci6: command tx timeout
[   93.199283] Bluetooth: hci4: command tx timeout
[   93.263537] Bluetooth: hci7: command tx timeout
[  121.145372] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.146035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.327369] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.327995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.456730] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.457370] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.582246] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.582831] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.729533] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.730138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:30:16 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000001740)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000001000/0x4000)=nil, 0x0}, 0x68)

[  121.810148] audit: type=1400 audit(1756470616.747:8): avc:  denied  { open } for  pid=3835 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.819378] audit: type=1400 audit(1756470616.747:9): avc:  denied  { kernel } for  pid=3835 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.870143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.870785] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:30:16 executing program 3:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
creat(&(0x7f0000000000)='./file0/file0\x00', 0x0)

[  121.986703] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.987469] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:30:16 executing program 3:
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGKBMETA(r0, 0x4b52, 0x0)

[  122.034772] capability: warning: `syz-executor.3' uses deprecated v2 capabilities in a way that may be insecure
12:30:17 executing program 3:
perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', <r6=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={@private1, 0x6f, r6})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r8 = dup(r7)
recvmsg$unix(r8, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x40000060)
setsockopt$inet6_udp_int(r8, 0x11, 0xb, &(0x7f0000000080)=0x39f9, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

[  122.098149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.098765] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:30:17 executing program 6:
r0 = io_uring_setup(0x5053, &(0x7f0000000140))
io_uring_register$IORING_REGISTER_FILES(r0, 0x22, &(0x7f0000000580)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2)

[  122.221345] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.221950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:30:17 executing program 3:
perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', <r6=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={@private1, 0x6f, r6})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r8 = dup(r7)
recvmsg$unix(r8, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x40000060)
setsockopt$inet6_udp_int(r8, 0x11, 0xb, &(0x7f0000000080)=0x39f9, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

12:30:17 executing program 6:
r0 = io_uring_setup(0x5053, &(0x7f0000000140))
io_uring_register$IORING_REGISTER_FILES(r0, 0x22, &(0x7f0000000580)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2)

12:30:17 executing program 3:
perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', <r6=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={@private1, 0x6f, r6})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r8 = dup(r7)
recvmsg$unix(r8, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x40000060)
setsockopt$inet6_udp_int(r8, 0x11, 0xb, &(0x7f0000000080)=0x39f9, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

[  122.376497] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.377098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.445270] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.445832] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.511728] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.512580] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.821483] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.822126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.853889] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.854780] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.885221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.885838] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.943569] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.944183] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.083737] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  123.084656] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[  123.085347] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[  123.085875] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[  123.086577] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 16 prio class 2
[  123.087862] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.088439] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  123.089171] Buffer I/O error on dev sr0, logical block 0, async page read
[  123.092596] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.093060] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  123.093854] Buffer I/O error on dev sr0, logical block 1, async page read
[  123.097829] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.098317] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  123.098960] Buffer I/O error on dev sr0, logical block 2, async page read
[  123.101916] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.102410] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  123.103065] Buffer I/O error on dev sr0, logical block 3, async page read
[  123.105045] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.105517] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  123.106180] Buffer I/O error on dev sr0, logical block 4, async page read
[  123.116416] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.116865] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  123.118038] Buffer I/O error on dev sr0, logical block 5, async page read
[  123.120120] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.120917] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  123.121726] Buffer I/O error on dev sr0, logical block 6, async page read
[  123.131175] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.131653] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  123.132445] Buffer I/O error on dev sr0, logical block 7, async page read
[  123.178271] syz-executor.5 (3923) used greatest stack depth: 24048 bytes left
12:30:18 executing program 0:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
connect(r0, &(0x7f0000000080)=@nl=@unspec, 0x80)

12:30:18 executing program 2:
perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', <r6=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={@private1, 0x6f, r6})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r8 = dup(r7)
recvmsg$unix(r8, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x40000060)
setsockopt$inet6_udp_int(r8, 0x11, 0xb, &(0x7f0000000080)=0x39f9, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

12:30:18 executing program 1:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x40605346, &(0x7f0000000080))

12:30:18 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2)

12:30:18 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
sendfile(r0, r0, 0x0, 0x80000001)

12:30:18 executing program 4:
perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', <r6=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={@private1, 0x6f, r6})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r8 = dup(r7)
recvmsg$unix(r8, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x40000060)
setsockopt$inet6_udp_int(r8, 0x11, 0xb, &(0x7f0000000080)=0x39f9, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

12:30:18 executing program 6:
r0 = io_uring_setup(0x5053, &(0x7f0000000140))
io_uring_register$IORING_REGISTER_FILES(r0, 0x22, &(0x7f0000000580)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2)

12:30:18 executing program 3:
perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', <r6=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={@private1, 0x6f, r6})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r8 = dup(r7)
recvmsg$unix(r8, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x40000060)
setsockopt$inet6_udp_int(r8, 0x11, 0xb, &(0x7f0000000080)=0x39f9, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

[  123.257538] ALSA: seq fatal error: cannot create timer (-22)
[  123.264662] ALSA: seq fatal error: cannot create timer (-22)
[  123.270513] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  123.271382] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[  123.271918] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[  123.272559] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[  123.273139] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[  123.274154] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.274687] Buffer I/O error on dev sr0, logical block 0, async page read
[  123.291460] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.291915] Buffer I/O error on dev sr0, logical block 1, async page read
[  123.295656] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.296440] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.304567] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.305149] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.307326] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.311341] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:30:18 executing program 0:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
connect(r0, &(0x7f0000000080)=@nl=@unspec, 0x80)

12:30:18 executing program 4:
perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', <r6=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={@private1, 0x6f, r6})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r8 = dup(r7)
recvmsg$unix(r8, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x40000060)
setsockopt$inet6_udp_int(r8, 0x11, 0xb, &(0x7f0000000080)=0x39f9, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

12:30:18 executing program 2:
perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', <r6=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={@private1, 0x6f, r6})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r8 = dup(r7)
recvmsg$unix(r8, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x40000060)
setsockopt$inet6_udp_int(r8, 0x11, 0xb, &(0x7f0000000080)=0x39f9, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

12:30:18 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2)

12:30:18 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000140)='asymmetric\x00', &(0x7f0000000040)=@keyring={'key_or_keyring:', 0x0, 0x2})

12:30:18 executing program 1:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x40605346, &(0x7f0000000080))

12:30:18 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
sendfile(r0, r0, 0x0, 0x80000001)

12:30:18 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0)

[  123.424806] ALSA: seq fatal error: cannot create timer (-22)
12:30:18 executing program 1:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x40605346, &(0x7f0000000080))

12:30:18 executing program 0:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
connect(r0, &(0x7f0000000080)=@nl=@unspec, 0x80)

12:30:18 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2)

[  123.487630] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  123.488518] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[  123.489098] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[  123.489664] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[  123.491488] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.492090] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.492674] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.493247] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.501298] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.501882] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:30:18 executing program 2:
perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', <r6=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={@private1, 0x6f, r6})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r8 = dup(r7)
recvmsg$unix(r8, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x40000060)
setsockopt$inet6_udp_int(r8, 0x11, 0xb, &(0x7f0000000080)=0x39f9, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

12:30:18 executing program 4:
perf_event_open(&(0x7f0000000100)={0x7, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00', <r6=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={@private1, 0x6f, r6})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r8 = dup(r7)
recvmsg$unix(r8, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x40000060)
setsockopt$inet6_udp_int(r8, 0x11, 0xb, &(0x7f0000000080)=0x39f9, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

[  123.508063] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  123.511358] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:30:18 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x5, &(0x7f0000000500)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000000000000000000000000000000000000000000005178aedb0300000013000000230000002b0005", 0x2f, 0x7e0}, {&(0x7f00000108c0)="ff07", 0x2, 0x4c00}, {&(0x7f0000010ce0)="00000000000000000000000000000000000000000000000000000000c99b0000ed410000000400009f09c75f9f09c75f9f09c75f00000000000003000200000000000800000000000af301000400000000000000000000000100000004", 0x5d, 0x8c60}, {&(0x7f0000000140)="c94e71feffcd", 0x6, 0x1000}], 0x0, &(0x7f0000000240)=ANY=[])
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='mnt/encrypted_dir\x00', 0x0)

[  123.529158] ALSA: seq fatal error: cannot create timer (-22)
12:30:18 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0)

[  123.564325] loop6: detected capacity change from 0 to 140
[  123.587449] kmemleak: Found object by alias at 0x607f1a63812c
[  123.587464] CPU: 0 UID: 0 PID: 3967 Comm: syz-executor.7 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  123.587482] Tainted: [W]=WARN
[  123.587486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  123.587493] Call Trace:
[  123.587497]  <TASK>
[  123.587501]  dump_stack_lvl+0xca/0x120
[  123.587527]  __lookup_object+0x94/0xb0
[  123.587544]  delete_object_full+0x27/0x70
[  123.587564]  free_percpu+0x30/0x1160
[  123.587580]  ? arch_uprobe_clear_state+0x16/0x140
[  123.587599]  futex_hash_free+0x38/0xc0
[  123.587613]  mmput+0x2d3/0x390
[  123.587632]  do_exit+0x79d/0x2970
[  123.587645]  ? signal_wake_up_state+0x85/0x120
[  123.587661]  ? zap_other_threads+0x2b9/0x3a0
[  123.587677]  ? __pfx_do_exit+0x10/0x10
[  123.587689]  ? do_group_exit+0x1c3/0x2a0
[  123.587702]  ? lock_release+0xc8/0x290
[  123.587719]  do_group_exit+0xd3/0x2a0
[  123.587734]  __x64_sys_exit_group+0x3e/0x50
[  123.587747]  x64_sys_call+0x18c5/0x18d0
[  123.587762]  do_syscall_64+0xbf/0x360
[  123.587774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.587785] RIP: 0033:0x7f3385bbeb19
[  123.587794] Code: Unable to access opcode bytes at 0x7f3385bbeaef.
[  123.587799] RSP: 002b:00007ffdd2a7ee38 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  123.587810] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f3385bbeb19
[  123.587818] RDX: 00007f3385b7172b RSI: ffffffffffffffbc RDI: 0000000000000000
[  123.587825] RBP: 0000000000000000 R08: 0000001b2d529f7c R09: 0000000000000000
[  123.587832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.587839] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffdd2a7ef20
[  123.587854]  </TASK>
[  123.587858] kmemleak: Object (percpu) 0x607f1a638128 (size 8):
[  123.587864] kmemleak:   comm "syz-executor.2", pid 3974, jiffies 4294790503
[  123.587871] kmemleak:   min_count = 1
[  123.587875] kmemleak:   count = 0
[  123.587879] kmemleak:   flags = 0x21
[  123.587883] kmemleak:   checksum = 0
[  123.587886] kmemleak:   backtrace:
[  123.587890]  pcpu_alloc_noprof+0x87a/0x1170
[  123.587904]  fib_nh_common_init+0x30/0xd0
[  123.587917]  fib6_nh_init+0x968/0x1a00
[  123.587927]  ip6_route_info_create_nh+0x530/0xf80
[  123.587937]  addrconf_f6i_alloc+0x208/0x430
[  123.587947]  __ipv6_dev_ac_inc+0x2fc/0xd80
[  123.587961]  ipv6_sock_ac_join+0x8aa/0x1100
[  123.587974]  do_ipv6_setsockopt+0x3f54/0x47b0
[  123.587990]  ipv6_setsockopt+0xcb/0x170
[  123.588004]  udpv6_setsockopt+0x84/0xd0
[  123.588014]  do_sock_setsockopt+0xf7/0x1e0
[  123.588025]  __sys_setsockopt+0x11f/0x1a0
[  123.588039]  __x64_sys_setsockopt+0xbe/0x160
[  123.588053]  do_syscall_64+0xbf/0x360
[  123.588061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.611283] kmemleak: Cannot insert 0x607f1a63812c into the object search tree (overlaps existing)
[  123.611296] CPU: 0 UID: 0 PID: 3973 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  123.611313] Tainted: [W]=WARN
[  123.611317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  123.611323] Call Trace:
[  123.611326]  <TASK>
[  123.611331]  dump_stack_lvl+0xca/0x120
[  123.611349]  __link_object+0x190/0x210
[  123.611366]  __create_object+0x48/0x80
[  123.611383]  pcpu_alloc_noprof+0x87a/0x1170
[  123.611406]  __percpu_counter_init_many+0x44/0x360
[  123.611424]  ext4_es_register_shrinker+0x107/0x430
[  123.611447]  ext4_fill_super+0x6ab3/0xba20
[  123.611477]  ? __pfx_ext4_fill_super+0x10/0x10
[  123.611494]  ? find_held_lock+0x2b/0x80
[  123.611512]  ? setup_bdev_super+0x2ed/0x6e0
[  123.611530]  ? set_blocksize+0x1b4/0x470
[  123.611541]  ? lock_release+0xc8/0x290
[  123.611556]  ? sb_set_blocksize+0x177/0x1c0
[  123.611567]  ? setup_bdev_super+0x31f/0x6e0
[  123.611587]  get_tree_bdev_flags+0x38a/0x620
[  123.611598]  ? __pfx_ext4_fill_super+0x10/0x10
[  123.611616]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  123.611627]  ? cap_capable+0xdb/0x3b0
[  123.611645]  ? security_capable+0x2f/0x90
[  123.611661]  vfs_get_tree+0x93/0x340
[  123.611679]  path_mount+0x132d/0x1dd0
[  123.611693]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  123.611708]  ? __pfx_path_mount+0x10/0x10
[  123.611721]  ? kmem_cache_free+0x2a1/0x540
[  123.611732]  ? putname.part.0+0x11b/0x160
[  123.611749]  ? getname_flags.part.0+0x1c6/0x540
[  123.611766]  ? putname.part.0+0x11b/0x160
[  123.611784]  __x64_sys_mount+0x27b/0x300
[  123.611797]  ? __pfx___x64_sys_mount+0x10/0x10
[  123.611816]  do_syscall_64+0xbf/0x360
[  123.611827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.611839] RIP: 0033:0x7f99f83f504a
[  123.611848] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.611859] RSP: 002b:00007f99f5968fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  123.611870] RAX: ffffffffffffffda RBX: 0000000020000500 RCX: 00007f99f83f504a
[  123.611878] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f99f5969000
[  123.611885] RBP: 00007f99f5969040 R08: 00007f99f5969040 R09: 0000000020000000
[  123.611893] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[  123.611900] R13: 0000000020000100 R14: 00007f99f5969000 R15: 0000000020000240
[  123.611916]  </TASK>
[  123.612215] kmemleak: Kernel memory leak detector disabled
[  123.612219] kmemleak: Object (percpu) 0x607f1a638128 (size 8):
[  123.612226] kmemleak:   comm "syz-executor.2", pid 3974, jiffies 4294790503
[  123.612233] kmemleak:   min_count = 1
[  123.612237] kmemleak:   count = 0
[  123.612240] kmemleak:   flags = 0x21
[  123.612244] kmemleak:   checksum = 0
[  123.612248] kmemleak:   backtrace:
[  123.612251]  pcpu_alloc_noprof+0x87a/0x1170
[  123.612266]  fib_nh_common_init+0x30/0xd0
[  123.612277]  fib6_nh_init+0x968/0x1a00
[  123.612286]  ip6_route_info_create_nh+0x530/0xf80
[  123.612297]  addrconf_f6i_alloc+0x208/0x430
[  123.612307]  __ipv6_dev_ac_inc+0x2fc/0xd80
[  123.612322]  ipv6_sock_ac_join+0x8aa/0x1100
[  123.612336]  do_ipv6_setsockopt+0x3f54/0x47b0
[  123.612351]  ipv6_setsockopt+0xcb/0x170
[  123.612367]  udpv6_setsockopt+0x84/0xd0
[  123.612377]  do_sock_setsockopt+0xf7/0x1e0
[  123.612386]  __sys_setsockopt+0x11f/0x1a0
[  123.612401]  __x64_sys_setsockopt+0xbe/0x160
[  123.612415]  do_syscall_64+0xbf/0x360
[  123.612424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.659364] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[  123.674564] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.705991] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
12:30:18 executing program 1:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x40605346, &(0x7f0000000080))

12:30:18 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
sendfile(r0, r0, 0x0, 0x80000001)

12:30:18 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
ioctl$CDROM_SEND_PACKET(r0, 0x5393, &(0x7f00000001c0)={"861f03afa931a56aa387860a", &(0x7f0000000000)='\n', 0x1, 0x6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, "0bc4af35", 0x6, "b3cefa74", 0x0, 0x0, 0x0, "0fba6d", "e98a465a1d2c2e9b0c2f2beec5e214819b30cc3fbf0db723429642f85d9aabab1e9f873dc4bf7d3165989df1d6a2"}, 0x2, 0x0, 0x0, 0x0})
dup2(0xffffffffffffffff, 0xffffffffffffffff)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)

12:30:18 executing program 7:
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$EXT4_IOC_GETSTATE(r0, 0x40086607, &(0x7f0000002a00))

12:30:18 executing program 2:
mlockall(0x2)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x1100)
setresuid(0x0, r0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10031, 0xffffffffffffffff, 0x0)

12:30:18 executing program 6:
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000440), 0x1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

12:30:18 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0)

[  123.773690] BUG: unable to handle page fault for address: ffffed10212c9b2e
[  123.774299] #PF: supervisor read access in kernel mode
[  123.774717] #PF: error_code(0x0000) - not-present page
[  123.775133] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0 
[  123.775586] Oops: Oops: 0000 [#1] SMP KASAN NOPTI
[  123.776774] CPU: 0 UID: 0 PID: 3987 Comm: syz-executor.7 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  123.779630] Tainted: [W]=WARN
[  123.780723] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  123.782560] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.783853] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.785300] RSP: 0018:ffff888046ab77c0 EFLAGS: 00010216
[  123.785723] RAX: 1ffff110212c9b2e RBX: ffff88810964d780 RCX: ffffc9000121e000
[  123.786306] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff88810964d970
[  123.786871] RBP: ffff888046ab7a30 R08: ffff88806ce31340 R09: ffffe8ffffc15128
[  123.787442] R10: 0000000000000000 R11: 000000000000002c R12: dffffc0000000000
[  123.788009] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  123.788572] FS:  00007f3383134700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  123.789198] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.789655] CR2: ffffed10212c9b2e CR3: 000000000d96d000 CR4: 0000000000350ef0
[  123.790223] Call Trace:
[  123.790430]  <TASK>
[  123.790613]  ? merge_sched_in+0xcb/0x1810
[  123.790946]  ? __pfx_perf_tp_event+0x10/0x10
[  123.791304]  ? tracing_gen_ctx_irq_test+0x167/0x1f0
[  123.791710]  ? perf_tp_event+0x807/0xe70
[  123.792035]  ? lock_is_held_type+0x9e/0x120
[  123.792389]  ? __pfx_perf_tp_event+0x10/0x10
[  123.792745]  ? kasan_addr_to_slab+0x70/0xa0
[  123.793093]  ? __pfx_ctx_sched_in+0x10/0x10
[  123.793436]  ? init_file+0x95/0x4c0
[  123.793735]  ? find_held_lock+0x2b/0x80
[  123.794064]  ? perf_trace_run_bpf_submit+0xef/0x180
[  123.794470]  perf_trace_run_bpf_submit+0xef/0x180
[  123.794866]  perf_trace_lock_acquire+0x3c2/0x700
[  123.795250]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[  123.795668]  ? lock_acquire+0x15e/0x2f0
[  123.795988]  lock_acquire+0xc5/0x2f0
[  123.796288]  ? futex_private_hash_put+0x4c/0x2d0
[  123.796666]  ? futex_hash+0x2d8/0x390
[  123.796971]  ? lock_release+0xc8/0x290
[  123.797286]  futex_private_hash_put+0x5d/0x2d0
[  123.797650]  ? futex_private_hash_put+0x4c/0x2d0
[  123.798026]  futex_hash_put+0x3f/0x50
[  123.798341]  futex_wake+0x1bb/0x540
[  123.798649]  ? __pfx_futex_wake+0x10/0x10
[  123.798990]  ? __do_sys_perf_event_open+0x44d/0x2c20
[  123.799402]  ? lock_release+0xc8/0x290
[  123.799720]  do_futex+0x26d/0x370
[  123.800008]  ? __pfx_do_futex+0x10/0x10
[  123.800333]  ? __pfx___do_sys_perf_event_open+0x10/0x10
[  123.800769]  __x64_sys_futex+0x1c9/0x4d0
[  123.801101]  ? __pfx___x64_sys_futex+0x10/0x10
[  123.801472]  ? xfd_validate_state+0x55/0x180
[  123.801842]  do_syscall_64+0xbf/0x360
[  123.802152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.802572] RIP: 0033:0x7f3385bbeb19
[  123.802871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.804305] RSP: 002b:00007f3383134218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  123.804908] RAX: ffffffffffffffda RBX: 00007f3385cd1f68 RCX: 00007f3385bbeb19
[  123.805474] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3385cd1f6c
[  123.806038] RBP: 00007f3385cd1f60 R08: 000000000000000e R09: 0000000000000000
[  123.806612] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f3385cd1f6c
[  123.807174] R13: 00007ffdd2a7ec0f R14: 00007f3383134300 R15: 0000000000022000
[  123.807747]  </TASK>
[  123.807940] Modules linked in:
[  123.808203] CR2: ffffed10212c9b2e
[  123.808483] ---[ end trace 0000000000000000 ]---
[  123.808858] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.809238] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.810685] RSP: 0018:ffff888046ab77c0 EFLAGS: 00010216
[  123.811110] RAX: 1ffff110212c9b2e RBX: ffff88810964d780 RCX: ffffc9000121e000
[  123.811676] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff88810964d970
[  123.812241] RBP: ffff888046ab7a30 R08: ffff88806ce31340 R09: ffffe8ffffc15128
[  123.812806] R10: 0000000000000000 R11: 000000000000002c R12: dffffc0000000000
[  123.813375] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  123.813939] FS:  00007f3383134700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  123.814580] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.815044] CR2: ffffed10212c9b2e CR3: 000000000d96d000 CR4: 0000000000350ef0
[  123.815612] note: syz-executor.7[3987] exited with irqs disabled
[  123.816108] BUG: unable to handle page fault for address: ffffed10212c9b2e
[  123.816654] #PF: supervisor read access in kernel mode
[  123.817067] #PF: error_code(0x0000) - not-present page
[  123.817479] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0 
[  123.817926] Oops: Oops: 0000 [#2] SMP KASAN NOPTI
[  123.818320] CPU: 0 UID: 0 PID: 3987 Comm: syz-executor.7 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  123.819258] Tainted: [D]=DIE, [W]=WARN
[  123.819567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  123.820215] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.820595] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.822027] RSP: 0018:ffff88806ce08a40 EFLAGS: 00010016
[  123.822459] RAX: 1ffff110212c9b2e RBX: ffff88810964d780 RCX: 0000000000000002
[  123.823026] RDX: ffff888017b43700 RSI: ffffffff818995b7 RDI: ffff88810964d970
[  123.823588] RBP: ffff88806ce08cb0 R08: ffff88806ce31490 R09: ffffe8ffffc15128
[  123.824148] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[  123.824709] R13: 0000000000000024 R14: ffff88806ce31490 R15: dffffc0000000000
[  123.825271] FS:  00007f3383134700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  123.825906] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.826375] CR2: ffffed10212c9b2e CR3: 000000000d96d000 CR4: 0000000000350ef0
[  123.826941] Call Trace:
[  123.827151]  <IRQ>
[  123.827334]  ? __kernel_text_address+0xd/0x40
[  123.827708]  ? __pfx_perf_tp_event+0x10/0x10
[  123.828076]  ? __lock_acquire+0xc65/0x1b70
[  123.828422]  ? __lock_acquire+0x694/0x1b70
[  123.828772]  ? perf_trace_run_bpf_submit+0xef/0x180
[  123.829173]  perf_trace_run_bpf_submit+0xef/0x180
[  123.829575]  perf_trace_lock_acquire+0x3c2/0x700
[  123.829963]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[  123.830399]  lock_acquire+0xc5/0x2f0
[  123.830706]  ? sched_ttwu_pending+0xa1/0x4a0
[  123.831066]  ? lock_release+0xc8/0x290
[  123.831385]  _raw_spin_lock_nested+0x29/0x40
[  123.831744]  ? sched_ttwu_pending+0xa1/0x4a0
[  123.832104]  sched_ttwu_pending+0xa1/0x4a0
[  123.832448]  ? __pfx_lapic_next_deadline+0x10/0x10
[  123.832846]  ? clockevents_program_event+0x135/0x360
[  123.833255]  ? __pfx_sched_ttwu_pending+0x10/0x10
[  123.833645]  ? hrtimer_interrupt+0x652/0x830
[  123.834003]  __flush_smp_call_function_queue+0x434/0x740
[  123.834452]  __sysvec_call_function_single+0x6d/0x370
[  123.834872]  sysvec_call_function_single+0xa1/0xc0
[  123.835270]  </IRQ>
[  123.835453]  <TASK>
[  123.835637]  asm_sysvec_call_function_single+0x1a/0x20
[  123.836061] RIP: 0010:make_task_dead+0xa2/0x3b0
[  123.836444] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 <e8> b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de
[  123.837871] RSP: 0018:ffff888046ab7f28 EFLAGS: 00000246
[  123.838301] RAX: 0000000000000001 RBX: ffff888017b43700 RCX: ffffffff817c2b86
[  123.838870] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[  123.839440] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  123.840010] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff888017b43700
[  123.840572] R13: 0000000000000009 R14: ffff888046ab77a0 R15: 0000000000000000
[  123.841137]  ? trace_irq_enable.constprop.0+0x26/0x100
[  123.841560]  ? make_task_dead+0x214/0x3b0
[  123.841897]  ? make_task_dead+0x214/0x3b0
[  123.842236]  ? do_syscall_64+0xbf/0x360
[  123.842559]  rewind_stack_and_make_dead+0x16/0x20
[  123.842953] RIP: 0033:0x7f3385bbeb19
[  123.843250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.844687] RSP: 002b:00007f3383134218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  123.845295] RAX: ffffffffffffffda RBX: 00007f3385cd1f68 RCX: 00007f3385bbeb19
[  123.845859] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3385cd1f6c
[  123.846429] RBP: 00007f3385cd1f60 R08: 000000000000000e R09: 0000000000000000
[  123.846995] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f3385cd1f6c
[  123.847557] R13: 00007ffdd2a7ec0f R14: 00007f3383134300 R15: 0000000000022000
[  123.848133]  </TASK>
[  123.848323] Modules linked in:
[  123.848582] CR2: ffffed10212c9b2e
[  123.848858] ---[ end trace 0000000000000000 ]---
[  123.849232] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.849614] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.851042] RSP: 0018:ffff888046ab77c0 EFLAGS: 00010216
[  123.851462] RAX: 1ffff110212c9b2e RBX: ffff88810964d780 RCX: ffffc9000121e000
[  123.852018] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: ffff88810964d970
[  123.852572] RBP: ffff888046ab7a30 R08: ffff88806ce31340 R09: ffffe8ffffc15128
[  123.853128] R10: 0000000000000000 R11: 000000000000002c R12: dffffc0000000000
[  123.853685] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  123.854246] FS:  00007f3383134700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  123.854874] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.855330] CR2: ffffed10212c9b2e CR3: 000000000d96d000 CR4: 0000000000350ef0
[  123.855888] Kernel panic - not syncing: Fatal exception in interrupt
[  123.856476] Kernel Offset: disabled
[  123.856762] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
12:30:18  Registers:
info registers vcpu 0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888046ab7008
R8 =0000000000000000 R9 =ffffed100164f046 R10=0000000000000020 R11=000000000000002c
R12=0000000000000020 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f3383134700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe6300000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=ffffed10212c9b2e CR3=000000000d96d000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f3385ca57c000007f3385ca57c8
XMM02=00007f3385ca57e000007f3385ca57c0 XMM03=00007f3385ca57c800007f3385ca57c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=dffffc0000000000 RCX=ffffffff81aa3ab6 RDX=ffff88800b670000
RSI=ffffffff81aa3ac4 RDI=0000000000000007 RBP=ffffea0000eb6a00 RSP=ffff888046dbf6d8
R8 =0000000000000000 R9 =fffff940001d6d38 R10=0000000000000000 R11=1ffff1100d9e6bb1
R12=ffff888043cdf138 R13=ffffea0000eb6a00 R14=0000000000000000 R15=00000000000001fd
RIP=ffffffff8173e788 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe0b00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2dc21000 CR3=0000000042940000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000