Warning: Permanently added '[localhost]:2212' (ECDSA) to the list of known hosts. 2026/01/14 09:18:51 fuzzer started 2026/01/14 09:18:51 dialing manager at localhost:46753 syzkaller login: [ 44.159467] cgroup: Unknown subsys name 'net' [ 44.216150] cgroup: Unknown subsys name 'cpuset' [ 44.229637] cgroup: Unknown subsys name 'rlimit' 2026/01/14 09:19:02 syscalls: 2214 2026/01/14 09:19:02 code coverage: enabled 2026/01/14 09:19:02 comparison tracing: enabled 2026/01/14 09:19:02 extra coverage: enabled 2026/01/14 09:19:02 setuid sandbox: enabled 2026/01/14 09:19:02 namespace sandbox: enabled 2026/01/14 09:19:02 Android sandbox: enabled 2026/01/14 09:19:02 fault injection: enabled 2026/01/14 09:19:02 leak checking: enabled 2026/01/14 09:19:02 net packet injection: enabled 2026/01/14 09:19:02 net device setup: enabled 2026/01/14 09:19:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2026/01/14 09:19:02 devlink PCI setup: PCI device 0000:00:10.0 is not available 2026/01/14 09:19:02 USB emulation: enabled 2026/01/14 09:19:02 hci packet injection: enabled 2026/01/14 09:19:02 wifi device emulation: enabled 2026/01/14 09:19:02 802.15.4 emulation: enabled 2026/01/14 09:19:02 fetching corpus: 0, signal 0/2000 (executing program) 2026/01/14 09:19:02 fetching corpus: 50, signal 23829/27410 (executing program) 2026/01/14 09:19:02 fetching corpus: 100, signal 34814/39871 (executing program) 2026/01/14 09:19:02 fetching corpus: 150, signal 45443/51848 (executing program) 2026/01/14 09:19:02 fetching corpus: 200, signal 51402/59113 (executing program) 2026/01/14 09:19:02 fetching corpus: 250, signal 59274/68141 (executing program) 2026/01/14 09:19:02 fetching corpus: 300, signal 64172/74243 (executing program) 2026/01/14 09:19:03 fetching corpus: 350, signal 68699/79847 (executing program) 2026/01/14 09:19:03 fetching corpus: 400, signal 72108/84322 (executing program) 2026/01/14 09:19:03 fetching corpus: 450, signal 76103/89301 (executing program) 2026/01/14 09:19:03 fetching corpus: 500, signal 79312/93591 (executing program) 2026/01/14 09:19:03 fetching corpus: 550, signal 82652/97917 (executing program) 2026/01/14 09:19:03 fetching corpus: 600, signal 85471/101728 (executing program) 2026/01/14 09:19:03 fetching corpus: 650, signal 88481/105569 (executing program) 2026/01/14 09:19:03 fetching corpus: 700, signal 91684/109573 (executing program) 2026/01/14 09:19:03 fetching corpus: 750, signal 94122/112835 (executing program) 2026/01/14 09:19:04 fetching corpus: 798, signal 96599/116148 (executing program) 2026/01/14 09:19:04 fetching corpus: 848, signal 98663/119059 (executing program) 2026/01/14 09:19:04 fetching corpus: 898, signal 101183/122275 (executing program) 2026/01/14 09:19:04 fetching corpus: 947, signal 103474/125273 (executing program) 2026/01/14 09:19:04 fetching corpus: 997, signal 105800/128281 (executing program) 2026/01/14 09:19:04 fetching corpus: 1047, signal 107053/130346 (executing program) 2026/01/14 09:19:04 fetching corpus: 1097, signal 111082/134626 (executing program) 2026/01/14 09:19:04 fetching corpus: 1147, signal 112405/136710 (executing program) 2026/01/14 09:19:04 fetching corpus: 1197, signal 114139/139106 (executing program) 2026/01/14 09:19:04 fetching corpus: 1247, signal 115920/141489 (executing program) 2026/01/14 09:19:05 fetching corpus: 1297, signal 117537/143741 (executing program) 2026/01/14 09:19:05 fetching corpus: 1347, signal 118788/145643 (executing program) 2026/01/14 09:19:05 fetching corpus: 1397, signal 120359/147748 (executing program) 2026/01/14 09:19:05 fetching corpus: 1447, signal 121342/149411 (executing program) 2026/01/14 09:19:05 fetching corpus: 1497, signal 123059/151610 (executing program) 2026/01/14 09:19:05 fetching corpus: 1547, signal 124573/153628 (executing program) 2026/01/14 09:19:05 fetching corpus: 1596, signal 125698/155306 (executing program) 2026/01/14 09:19:05 fetching corpus: 1646, signal 126940/157119 (executing program) 2026/01/14 09:19:05 fetching corpus: 1696, signal 127780/158605 (executing program) 2026/01/14 09:19:05 fetching corpus: 1746, signal 128756/160168 (executing program) 2026/01/14 09:19:06 fetching corpus: 1796, signal 131277/162802 (executing program) 2026/01/14 09:19:06 fetching corpus: 1845, signal 132216/164242 (executing program) 2026/01/14 09:19:06 fetching corpus: 1895, signal 133115/165686 (executing program) 2026/01/14 09:19:06 fetching corpus: 1945, signal 134071/167190 (executing program) 2026/01/14 09:19:06 fetching corpus: 1994, signal 135144/168722 (executing program) 2026/01/14 09:19:06 fetching corpus: 2043, signal 136302/170253 (executing program) 2026/01/14 09:19:06 fetching corpus: 2092, signal 137576/171875 (executing program) 2026/01/14 09:19:06 fetching corpus: 2142, signal 138491/173224 (executing program) 2026/01/14 09:19:06 fetching corpus: 2192, signal 139839/174810 (executing program) 2026/01/14 09:19:06 fetching corpus: 2242, signal 140980/176273 (executing program) 2026/01/14 09:19:07 fetching corpus: 2292, signal 141619/177459 (executing program) 2026/01/14 09:19:07 fetching corpus: 2342, signal 142402/178665 (executing program) 2026/01/14 09:19:07 fetching corpus: 2392, signal 143544/180080 (executing program) 2026/01/14 09:19:07 fetching corpus: 2442, signal 144413/181357 (executing program) 2026/01/14 09:19:07 fetching corpus: 2491, signal 145178/182519 (executing program) 2026/01/14 09:19:07 fetching corpus: 2541, signal 146588/184035 (executing program) 2026/01/14 09:19:07 fetching corpus: 2590, signal 147413/185186 (executing program) 2026/01/14 09:19:07 fetching corpus: 2640, signal 148458/186437 (executing program) 2026/01/14 09:19:07 fetching corpus: 2689, signal 149274/187608 (executing program) 2026/01/14 09:19:07 fetching corpus: 2739, signal 149953/188662 (executing program) 2026/01/14 09:19:08 fetching corpus: 2789, signal 150690/189740 (executing program) 2026/01/14 09:19:08 fetching corpus: 2839, signal 151674/190914 (executing program) 2026/01/14 09:19:08 fetching corpus: 2889, signal 152366/191912 (executing program) 2026/01/14 09:19:08 fetching corpus: 2939, signal 153162/192949 (executing program) 2026/01/14 09:19:08 fetching corpus: 2988, signal 153956/194001 (executing program) 2026/01/14 09:19:08 fetching corpus: 3038, signal 154607/194978 (executing program) 2026/01/14 09:19:08 fetching corpus: 3087, signal 155777/196141 (executing program) 2026/01/14 09:19:08 fetching corpus: 3137, signal 156287/196987 (executing program) 2026/01/14 09:19:08 fetching corpus: 3187, signal 157127/197967 (executing program) 2026/01/14 09:19:09 fetching corpus: 3237, signal 157707/198807 (executing program) 2026/01/14 09:19:09 fetching corpus: 3287, signal 158285/199653 (executing program) 2026/01/14 09:19:09 fetching corpus: 3337, signal 159090/200551 (executing program) 2026/01/14 09:19:09 fetching corpus: 3386, signal 160535/201733 (executing program) 2026/01/14 09:19:09 fetching corpus: 3435, signal 161382/202685 (executing program) 2026/01/14 09:19:09 fetching corpus: 3485, signal 162000/203528 (executing program) 2026/01/14 09:19:09 fetching corpus: 3535, signal 162597/204352 (executing program) 2026/01/14 09:19:09 fetching corpus: 3585, signal 163395/205227 (executing program) 2026/01/14 09:19:09 fetching corpus: 3634, signal 163911/206001 (executing program) 2026/01/14 09:19:09 fetching corpus: 3684, signal 164751/206869 (executing program) 2026/01/14 09:19:10 fetching corpus: 3734, signal 165320/207647 (executing program) 2026/01/14 09:19:10 fetching corpus: 3783, signal 165845/208348 (executing program) 2026/01/14 09:19:10 fetching corpus: 3833, signal 166363/209030 (executing program) 2026/01/14 09:19:10 fetching corpus: 3882, signal 166950/209726 (executing program) 2026/01/14 09:19:10 fetching corpus: 3932, signal 167534/210478 (executing program) 2026/01/14 09:19:10 fetching corpus: 3981, signal 168237/211202 (executing program) 2026/01/14 09:19:10 fetching corpus: 4029, signal 168797/211892 (executing program) 2026/01/14 09:19:10 fetching corpus: 4079, signal 169307/212592 (executing program) 2026/01/14 09:19:10 fetching corpus: 4129, signal 169798/213251 (executing program) 2026/01/14 09:19:11 fetching corpus: 4179, signal 170193/213883 (executing program) 2026/01/14 09:19:11 fetching corpus: 4229, signal 170746/214525 (executing program) 2026/01/14 09:19:11 fetching corpus: 4278, signal 171239/215151 (executing program) 2026/01/14 09:19:11 fetching corpus: 4328, signal 171587/215747 (executing program) 2026/01/14 09:19:11 fetching corpus: 4377, signal 172034/216362 (executing program) 2026/01/14 09:19:11 fetching corpus: 4427, signal 172519/216984 (executing program) 2026/01/14 09:19:11 fetching corpus: 4477, signal 173420/217671 (executing program) 2026/01/14 09:19:11 fetching corpus: 4527, signal 174600/218367 (executing program) 2026/01/14 09:19:11 fetching corpus: 4576, signal 175058/218917 (executing program) 2026/01/14 09:19:12 fetching corpus: 4626, signal 175554/219466 (executing program) 2026/01/14 09:19:12 fetching corpus: 4676, signal 175971/219997 (executing program) 2026/01/14 09:19:12 fetching corpus: 4726, signal 176738/220528 (executing program) 2026/01/14 09:19:12 fetching corpus: 4775, signal 177110/221050 (executing program) 2026/01/14 09:19:12 fetching corpus: 4825, signal 177542/221539 (executing program) 2026/01/14 09:19:12 fetching corpus: 4875, signal 178144/222038 (executing program) 2026/01/14 09:19:12 fetching corpus: 4923, signal 178763/222561 (executing program) 2026/01/14 09:19:12 fetching corpus: 4972, signal 179125/223053 (executing program) 2026/01/14 09:19:12 fetching corpus: 5022, signal 179670/223579 (executing program) 2026/01/14 09:19:13 fetching corpus: 5070, signal 180210/224060 (executing program) 2026/01/14 09:19:13 fetching corpus: 5120, signal 180652/224522 (executing program) 2026/01/14 09:19:13 fetching corpus: 5169, signal 181112/224986 (executing program) 2026/01/14 09:19:13 fetching corpus: 5218, signal 181672/225476 (executing program) 2026/01/14 09:19:13 fetching corpus: 5268, signal 182242/225904 (executing program) 2026/01/14 09:19:13 fetching corpus: 5318, signal 182692/226356 (executing program) 2026/01/14 09:19:13 fetching corpus: 5367, signal 183123/226753 (executing program) 2026/01/14 09:19:13 fetching corpus: 5417, signal 183677/227163 (executing program) 2026/01/14 09:19:13 fetching corpus: 5467, signal 184152/227565 (executing program) 2026/01/14 09:19:14 fetching corpus: 5517, signal 184370/227964 (executing program) 2026/01/14 09:19:14 fetching corpus: 5567, signal 184805/228354 (executing program) 2026/01/14 09:19:14 fetching corpus: 5617, signal 185234/228738 (executing program) 2026/01/14 09:19:14 fetching corpus: 5666, signal 185635/228832 (executing program) 2026/01/14 09:19:14 fetching corpus: 5715, signal 186087/228832 (executing program) 2026/01/14 09:19:14 fetching corpus: 5765, signal 186369/228832 (executing program) 2026/01/14 09:19:14 fetching corpus: 5815, signal 186749/228836 (executing program) 2026/01/14 09:19:14 fetching corpus: 5865, signal 187089/228836 (executing program) 2026/01/14 09:19:14 fetching corpus: 5915, signal 187377/228837 (executing program) 2026/01/14 09:19:15 fetching corpus: 5965, signal 187718/228837 (executing program) 2026/01/14 09:19:15 fetching corpus: 6015, signal 188002/228844 (executing program) 2026/01/14 09:19:15 fetching corpus: 6065, signal 188469/228845 (executing program) 2026/01/14 09:19:15 fetching corpus: 6115, signal 188724/228859 (executing program) 2026/01/14 09:19:15 fetching corpus: 6165, signal 189026/228861 (executing program) 2026/01/14 09:19:15 fetching corpus: 6214, signal 189368/228861 (executing program) 2026/01/14 09:19:15 fetching corpus: 6264, signal 189619/228861 (executing program) 2026/01/14 09:19:15 fetching corpus: 6314, signal 189959/228861 (executing program) 2026/01/14 09:19:15 fetching corpus: 6363, signal 190275/228867 (executing program) 2026/01/14 09:19:15 fetching corpus: 6412, signal 190558/228867 (executing program) 2026/01/14 09:19:16 fetching corpus: 6462, signal 190921/228868 (executing program) 2026/01/14 09:19:16 fetching corpus: 6512, signal 191476/228869 (executing program) 2026/01/14 09:19:16 fetching corpus: 6562, signal 191887/228869 (executing program) 2026/01/14 09:19:16 fetching corpus: 6612, signal 192214/228869 (executing program) 2026/01/14 09:19:16 fetching corpus: 6662, signal 192630/228870 (executing program) 2026/01/14 09:19:16 fetching corpus: 6712, signal 192902/228870 (executing program) 2026/01/14 09:19:16 fetching corpus: 6762, signal 193235/228873 (executing program) 2026/01/14 09:19:16 fetching corpus: 6812, signal 193540/228873 (executing program) 2026/01/14 09:19:16 fetching corpus: 6862, signal 193828/228873 (executing program) 2026/01/14 09:19:16 fetching corpus: 6911, signal 194172/228876 (executing program) 2026/01/14 09:19:16 fetching corpus: 6961, signal 194457/228876 (executing program) 2026/01/14 09:19:17 fetching corpus: 7011, signal 195013/228876 (executing program) 2026/01/14 09:19:17 fetching corpus: 7061, signal 195409/228908 (executing program) 2026/01/14 09:19:17 fetching corpus: 7111, signal 195775/228909 (executing program) 2026/01/14 09:19:17 fetching corpus: 7160, signal 196149/228909 (executing program) 2026/01/14 09:19:17 fetching corpus: 7210, signal 196537/228911 (executing program) 2026/01/14 09:19:17 fetching corpus: 7260, signal 196818/228911 (executing program) 2026/01/14 09:19:17 fetching corpus: 7310, signal 197113/228911 (executing program) 2026/01/14 09:19:17 fetching corpus: 7360, signal 197390/228911 (executing program) 2026/01/14 09:19:18 fetching corpus: 7410, signal 197719/228911 (executing program) 2026/01/14 09:19:18 fetching corpus: 7460, signal 197983/228912 (executing program) 2026/01/14 09:19:18 fetching corpus: 7510, signal 198326/228912 (executing program) 2026/01/14 09:19:18 fetching corpus: 7560, signal 198684/228915 (executing program) 2026/01/14 09:19:18 fetching corpus: 7610, signal 198946/228915 (executing program) 2026/01/14 09:19:18 fetching corpus: 7660, signal 199307/228927 (executing program) 2026/01/14 09:19:18 fetching corpus: 7710, signal 199542/228927 (executing program) 2026/01/14 09:19:18 fetching corpus: 7759, signal 199827/228927 (executing program) 2026/01/14 09:19:18 fetching corpus: 7806, signal 200261/228927 (executing program) 2026/01/14 09:19:18 fetching corpus: 7856, signal 200608/228927 (executing program) 2026/01/14 09:19:19 fetching corpus: 7906, signal 200930/228927 (executing program) 2026/01/14 09:19:19 fetching corpus: 7956, signal 201123/228929 (executing program) 2026/01/14 09:19:19 fetching corpus: 8006, signal 201424/228929 (executing program) 2026/01/14 09:19:19 fetching corpus: 8056, signal 201848/228929 (executing program) 2026/01/14 09:19:19 fetching corpus: 8106, signal 202234/228930 (executing program) 2026/01/14 09:19:19 fetching corpus: 8156, signal 202610/228949 (executing program) 2026/01/14 09:19:19 fetching corpus: 8205, signal 202955/228949 (executing program) 2026/01/14 09:19:19 fetching corpus: 8255, signal 203291/228953 (executing program) 2026/01/14 09:19:20 fetching corpus: 8305, signal 203675/228954 (executing program) 2026/01/14 09:19:20 fetching corpus: 8355, signal 204046/228954 (executing program) 2026/01/14 09:19:20 fetching corpus: 8404, signal 204355/228954 (executing program) 2026/01/14 09:19:20 fetching corpus: 8454, signal 204589/228955 (executing program) 2026/01/14 09:19:20 fetching corpus: 8504, signal 204815/228955 (executing program) 2026/01/14 09:19:20 fetching corpus: 8554, signal 205057/228955 (executing program) 2026/01/14 09:19:20 fetching corpus: 8603, signal 205324/228955 (executing program) 2026/01/14 09:19:20 fetching corpus: 8653, signal 205716/228955 (executing program) 2026/01/14 09:19:20 fetching corpus: 8703, signal 206083/228955 (executing program) 2026/01/14 09:19:21 fetching corpus: 8752, signal 206407/228959 (executing program) 2026/01/14 09:19:21 fetching corpus: 8801, signal 206753/228963 (executing program) 2026/01/14 09:19:21 fetching corpus: 8850, signal 207100/228968 (executing program) 2026/01/14 09:19:21 fetching corpus: 8899, signal 207352/228977 (executing program) 2026/01/14 09:19:21 fetching corpus: 8949, signal 207671/228977 (executing program) 2026/01/14 09:19:21 fetching corpus: 8999, signal 208007/228977 (executing program) 2026/01/14 09:19:21 fetching corpus: 9049, signal 208265/228979 (executing program) 2026/01/14 09:19:21 fetching corpus: 9099, signal 208656/228979 (executing program) 2026/01/14 09:19:21 fetching corpus: 9149, signal 208959/228979 (executing program) 2026/01/14 09:19:22 fetching corpus: 9199, signal 209180/228979 (executing program) 2026/01/14 09:19:22 fetching corpus: 9249, signal 209443/228982 (executing program) 2026/01/14 09:19:22 fetching corpus: 9299, signal 209839/228982 (executing program) 2026/01/14 09:19:22 fetching corpus: 9349, signal 210089/228988 (executing program) 2026/01/14 09:19:22 fetching corpus: 9399, signal 210328/228992 (executing program) 2026/01/14 09:19:22 fetching corpus: 9449, signal 210753/229001 (executing program) 2026/01/14 09:19:22 fetching corpus: 9499, signal 210972/229001 (executing program) 2026/01/14 09:19:22 fetching corpus: 9549, signal 211184/229004 (executing program) 2026/01/14 09:19:22 fetching corpus: 9599, signal 211442/229015 (executing program) 2026/01/14 09:19:22 fetching corpus: 9649, signal 211759/229015 (executing program) 2026/01/14 09:19:23 fetching corpus: 9699, signal 211972/229022 (executing program) 2026/01/14 09:19:23 fetching corpus: 9749, signal 212194/229022 (executing program) 2026/01/14 09:19:23 fetching corpus: 9799, signal 212415/229022 (executing program) 2026/01/14 09:19:23 fetching corpus: 9849, signal 212602/229022 (executing program) 2026/01/14 09:19:23 fetching corpus: 9899, signal 212871/229024 (executing program) 2026/01/14 09:19:23 fetching corpus: 9949, signal 213150/229024 (executing program) 2026/01/14 09:19:23 fetching corpus: 9998, signal 213412/229024 (executing program) 2026/01/14 09:19:23 fetching corpus: 10046, signal 213710/229026 (executing program) 2026/01/14 09:19:23 fetching corpus: 10095, signal 213994/229029 (executing program) 2026/01/14 09:19:23 fetching corpus: 10145, signal 214369/229029 (executing program) 2026/01/14 09:19:24 fetching corpus: 10195, signal 214695/229029 (executing program) 2026/01/14 09:19:24 fetching corpus: 10245, signal 214973/229029 (executing program) 2026/01/14 09:19:24 fetching corpus: 10295, signal 215222/229029 (executing program) 2026/01/14 09:19:24 fetching corpus: 10344, signal 215493/229069 (executing program) 2026/01/14 09:19:24 fetching corpus: 10394, signal 215679/229069 (executing program) 2026/01/14 09:19:24 fetching corpus: 10444, signal 215920/229069 (executing program) 2026/01/14 09:19:24 fetching corpus: 10494, signal 216157/229069 (executing program) 2026/01/14 09:19:24 fetching corpus: 10544, signal 216368/229070 (executing program) 2026/01/14 09:19:24 fetching corpus: 10594, signal 216574/229070 (executing program) 2026/01/14 09:19:24 fetching corpus: 10644, signal 216854/229070 (executing program) 2026/01/14 09:19:25 fetching corpus: 10694, signal 217157/229070 (executing program) 2026/01/14 09:19:25 fetching corpus: 10744, signal 217342/229070 (executing program) 2026/01/14 09:19:25 fetching corpus: 10794, signal 217653/229073 (executing program) 2026/01/14 09:19:25 fetching corpus: 10844, signal 217926/229073 (executing program) 2026/01/14 09:19:25 fetching corpus: 10891, signal 218133/229080 (executing program) 2026/01/14 09:19:25 fetching corpus: 10941, signal 218379/229094 (executing program) 2026/01/14 09:19:25 fetching corpus: 10991, signal 218531/229094 (executing program) 2026/01/14 09:19:25 fetching corpus: 11041, signal 218736/229094 (executing program) 2026/01/14 09:19:25 fetching corpus: 11091, signal 218959/229094 (executing program) 2026/01/14 09:19:26 fetching corpus: 11139, signal 219247/229097 (executing program) 2026/01/14 09:19:26 fetching corpus: 11189, signal 219491/229098 (executing program) 2026/01/14 09:19:26 fetching corpus: 11237, signal 219681/229098 (executing program) 2026/01/14 09:19:26 fetching corpus: 11286, signal 219851/229098 (executing program) 2026/01/14 09:19:26 fetching corpus: 11334, signal 220128/229098 (executing program) 2026/01/14 09:19:26 fetching corpus: 11383, signal 220383/229100 (executing program) 2026/01/14 09:19:26 fetching corpus: 11433, signal 220561/229102 (executing program) 2026/01/14 09:19:26 fetching corpus: 11483, signal 220701/229102 (executing program) 2026/01/14 09:19:26 fetching corpus: 11533, signal 220921/229102 (executing program) 2026/01/14 09:19:26 fetching corpus: 11583, signal 221167/229102 (executing program) 2026/01/14 09:19:27 fetching corpus: 11633, signal 221367/229102 (executing program) 2026/01/14 09:19:27 fetching corpus: 11680, signal 221532/229102 (executing program) 2026/01/14 09:19:27 fetching corpus: 11730, signal 221817/229102 (executing program) 2026/01/14 09:19:27 fetching corpus: 11780, signal 222062/229103 (executing program) 2026/01/14 09:19:27 fetching corpus: 11830, signal 222277/229103 (executing program) 2026/01/14 09:19:27 fetching corpus: 11880, signal 222518/229103 (executing program) 2026/01/14 09:19:27 fetching corpus: 11930, signal 222748/229103 (executing program) 2026/01/14 09:19:27 fetching corpus: 11980, signal 222939/229103 (executing program) 2026/01/14 09:19:27 fetching corpus: 12030, signal 223137/229103 (executing program) 2026/01/14 09:19:28 fetching corpus: 12080, signal 223406/229103 (executing program) 2026/01/14 09:19:28 fetching corpus: 12129, signal 223593/229103 (executing program) 2026/01/14 09:19:28 fetching corpus: 12179, signal 223839/229103 (executing program) 2026/01/14 09:19:28 fetching corpus: 12229, signal 223994/229103 (executing program) 2026/01/14 09:19:28 fetching corpus: 12279, signal 224249/229103 (executing program) 2026/01/14 09:19:28 fetching corpus: 12329, signal 224431/229103 (executing program) 2026/01/14 09:19:28 fetching corpus: 12379, signal 224666/229103 (executing program) 2026/01/14 09:19:28 fetching corpus: 12429, signal 224858/229103 (executing program) 2026/01/14 09:19:28 fetching corpus: 12479, signal 225101/229103 (executing program) 2026/01/14 09:19:29 fetching corpus: 12529, signal 225308/229103 (executing program) 2026/01/14 09:19:29 fetching corpus: 12579, signal 225465/229103 (executing program) 2026/01/14 09:19:29 fetching corpus: 12629, signal 225677/229103 (executing program) 2026/01/14 09:19:29 fetching corpus: 12679, signal 225828/229103 (executing program) 2026/01/14 09:19:29 fetching corpus: 12729, signal 226018/229106 (executing program) 2026/01/14 09:19:29 fetching corpus: 12779, signal 226209/229106 (executing program) 2026/01/14 09:19:29 fetching corpus: 12829, signal 226356/229106 (executing program) 2026/01/14 09:19:29 fetching corpus: 12879, signal 226557/229106 (executing program) 2026/01/14 09:19:29 fetching corpus: 12929, signal 226729/229106 (executing program) 2026/01/14 09:19:29 fetching corpus: 12979, signal 226929/229106 (executing program) 2026/01/14 09:19:29 fetching corpus: 13029, signal 227179/229106 (executing program) 2026/01/14 09:19:29 fetching corpus: 13078, signal 227388/229106 (executing program) 2026/01/14 09:19:30 fetching corpus: 13128, signal 227542/229106 (executing program) 2026/01/14 09:19:30 fetching corpus: 13154, signal 227617/229106 (executing program) 2026/01/14 09:19:30 fetching corpus: 13154, signal 227617/229106 (executing program) 2026/01/14 09:19:32 starting 8 fuzzer processes 09:19:32 executing program 0: creat(0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM(0x23, 0xc, &(0x7f0000ffc000/0x4000)=nil) 09:19:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) close(r0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/current\x00') dup2(r0, r1) 09:19:32 executing program 2: r0 = timerfd_create(0x8, 0x0) r1 = fsopen(&(0x7f0000000080)='proc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x6, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 09:19:32 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) connect$bt_sco(r0, &(0x7f0000000900)={0x1f, @none}, 0x8) [ 84.209882] audit: type=1400 audit(1768382372.163:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 09:19:32 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='devpts\x00', 0x0, 0x0) chroot(&(0x7f0000000140)='./file0\x00') umount2(&(0x7f0000000100)='./file0\x00', 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0xa) chroot(&(0x7f00000004c0)='./file0\x00') 09:19:32 executing program 5: request_key(&(0x7f00000001c0)='rxrpc_s\x00', &(0x7f0000000200)={'syz', 0x0}, 0x0, 0xfffffffffffffffe) r0 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$read(0xb, r0, &(0x7f00000006c0)=""/45, 0x2d) 09:19:32 executing program 6: r0 = syz_io_uring_setup(0x3730, &(0x7f0000000240)={0x0, 0x269e, 0x0, 0x2}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000003ac0)) dup(0xffffffffffffffff) ioctl$BLKSECTGET(0xffffffffffffffff, 0x2270, 0x0) r1 = syz_io_uring_setup(0x2260, &(0x7f0000003a00), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff4000/0x4000)=nil, &(0x7f0000003a80), &(0x7f0000003ac0)) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000063c0)={0x0, 0x0, 0x0}, 0x0) dup2(r0, r1) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) 09:19:32 executing program 7: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00') open_tree(r0, &(0x7f0000000140)='./mnt\x00', 0x8801) [ 85.420592] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.423853] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.426842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.435864] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.439869] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.480313] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.484046] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.485476] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.486648] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.488473] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.489867] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.492498] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.493140] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.494309] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.495022] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.496915] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.504968] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.509554] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.514909] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.536425] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.545414] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 85.548371] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 85.555625] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 85.559464] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 85.566694] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 85.570124] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 85.577618] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 85.579704] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 85.583041] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 85.583891] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 85.616180] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 85.644364] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 85.646127] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 85.655240] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 85.664052] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 85.693270] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 85.717988] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 85.724008] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 85.759903] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 85.763377] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 87.513132] Bluetooth: hci0: command tx timeout [ 87.578734] Bluetooth: hci3: command tx timeout [ 87.579270] Bluetooth: hci1: command tx timeout [ 87.580040] Bluetooth: hci2: command tx timeout [ 87.641855] Bluetooth: hci4: command tx timeout [ 87.642351] Bluetooth: hci5: command tx timeout [ 87.707904] Bluetooth: hci6: command tx timeout [ 87.833060] Bluetooth: hci7: command tx timeout [ 89.560819] Bluetooth: hci0: command tx timeout [ 89.625845] Bluetooth: hci3: command tx timeout [ 89.626269] Bluetooth: hci1: command tx timeout [ 89.626653] Bluetooth: hci2: command tx timeout [ 89.690877] Bluetooth: hci5: command tx timeout [ 89.691303] Bluetooth: hci4: command tx timeout [ 89.753867] Bluetooth: hci6: command tx timeout [ 89.881833] Bluetooth: hci7: command tx timeout [ 91.608879] Bluetooth: hci0: command tx timeout [ 91.672863] Bluetooth: hci2: command tx timeout [ 91.673264] Bluetooth: hci1: command tx timeout [ 91.673638] Bluetooth: hci3: command tx timeout [ 91.736814] Bluetooth: hci4: command tx timeout [ 91.737224] Bluetooth: hci5: command tx timeout [ 91.801942] Bluetooth: hci6: command tx timeout [ 91.929067] Bluetooth: hci7: command tx timeout [ 93.658831] Bluetooth: hci0: command tx timeout [ 93.720975] Bluetooth: hci3: command tx timeout [ 93.721854] Bluetooth: hci1: command tx timeout [ 93.722657] Bluetooth: hci2: command tx timeout [ 93.784867] Bluetooth: hci5: command tx timeout [ 93.785673] Bluetooth: hci4: command tx timeout [ 93.849811] Bluetooth: hci6: command tx timeout [ 93.977899] Bluetooth: hci7: command tx timeout [ 120.327986] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.328642] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.591921] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.592543] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.134433] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 121.135542] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 121.167408] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 121.197233] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 121.198119] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 121.214606] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 121.246058] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 121.246960] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 121.271824] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 121.292352] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 121.293273] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 121.321245] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 121.331566] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 121.332456] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 121.347292] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 121.372034] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 121.372933] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 121.389648] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 121.402951] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 121.403749] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 121.420161] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 121.453972] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 121.461849] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 121.464513] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 121.540792] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 121.541708] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 121.548471] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 121.549408] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 121.553429] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 121.568921] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 121.569872] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 121.570721] Bluetooth: hci7: Opcode 0x0c1a failed: -4 09:20:09 executing program 6: r0 = syz_io_uring_setup(0x3730, &(0x7f0000000240)={0x0, 0x269e, 0x0, 0x2}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000003ac0)) dup(0xffffffffffffffff) ioctl$BLKSECTGET(0xffffffffffffffff, 0x2270, 0x0) r1 = syz_io_uring_setup(0x2260, &(0x7f0000003a00), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff4000/0x4000)=nil, &(0x7f0000003a80), &(0x7f0000003ac0)) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000063c0)={0x0, 0x0, 0x0}, 0x0) dup2(r0, r1) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) [ 121.674302] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 121.675264] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 121.675838] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 121.676361] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 121.676932] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 121.677451] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 121.691036] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 121.691908] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 121.699326] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.699928] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.759784] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.760572] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:20:09 executing program 6: r0 = syz_io_uring_setup(0x3730, &(0x7f0000000240)={0x0, 0x269e, 0x0, 0x2}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000003ac0)) dup(0xffffffffffffffff) ioctl$BLKSECTGET(0xffffffffffffffff, 0x2270, 0x0) r1 = syz_io_uring_setup(0x2260, &(0x7f0000003a00), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff4000/0x4000)=nil, &(0x7f0000003a80), &(0x7f0000003ac0)) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000063c0)={0x0, 0x0, 0x0}, 0x0) dup2(r0, r1) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) [ 121.798090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.798682] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.860042] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 121.860896] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 121.861599] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 121.862326] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 121.863098] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 121.864251] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 121.867304] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 121.872039] Bluetooth: hci7: Opcode 0x0c1a failed: -4 09:20:09 executing program 6: r0 = syz_io_uring_setup(0x3730, &(0x7f0000000240)={0x0, 0x269e, 0x0, 0x2}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000003ac0)) dup(0xffffffffffffffff) ioctl$BLKSECTGET(0xffffffffffffffff, 0x2270, 0x0) r1 = syz_io_uring_setup(0x2260, &(0x7f0000003a00), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff4000/0x4000)=nil, &(0x7f0000003a80), &(0x7f0000003ac0)) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000063c0)={0x0, 0x0, 0x0}, 0x0) dup2(r0, r1) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) [ 121.909920] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.910515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.969981] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 121.974412] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 121.976273] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 121.976861] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 121.977368] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 121.981198] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 121.981730] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 121.984121] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 122.022426] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.023146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.024408] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.024998] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:20:10 executing program 5: request_key(&(0x7f00000001c0)='rxrpc_s\x00', &(0x7f0000000200)={'syz', 0x0}, 0x0, 0xfffffffffffffffe) r0 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$read(0xb, r0, &(0x7f00000006c0)=""/45, 0x2d) 09:20:10 executing program 5: request_key(&(0x7f00000001c0)='rxrpc_s\x00', &(0x7f0000000200)={'syz', 0x0}, 0x0, 0xfffffffffffffffe) r0 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$read(0xb, r0, &(0x7f00000006c0)=""/45, 0x2d) [ 122.161299] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.162053] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:20:10 executing program 6: r0 = syz_open_dev$rtc(&(0x7f0000000800), 0x0, 0x0) ioctl$RTC_WKALM_SET(r0, 0x40187013, &(0x7f00000001c0)={0x1}) 09:20:10 executing program 5: request_key(&(0x7f00000001c0)='rxrpc_s\x00', &(0x7f0000000200)={'syz', 0x0}, 0x0, 0xfffffffffffffffe) r0 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$read(0xb, r0, &(0x7f00000006c0)=""/45, 0x2d) 09:20:10 executing program 6: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed}, 0xe) shutdown(r0, 0x1) [ 122.245796] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.246464] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.269945] audit: type=1400 audit(1768382410.222:8): avc: denied { open } for pid=3879 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.273736] audit: type=1400 audit(1768382410.223:9): avc: denied { kernel } for pid=3879 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.324736] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.325809] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.463014] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.464419] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.474806] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.475926] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.713799] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.714393] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.912543] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.913225] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.943123] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.943696] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:20:11 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) connect$bt_sco(r0, &(0x7f0000000900)={0x1f, @none}, 0x8) 09:20:11 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) close(r0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/current\x00') dup2(r0, r1) 09:20:11 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) dup3(r0, r1, 0x0) 09:20:11 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_buf(r0, 0x0, 0x20, &(0x7f0000000040)="2146c3f1bffff360e76b59d5", 0xc) 09:20:11 executing program 0: creat(0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM(0x23, 0xc, &(0x7f0000ffc000/0x4000)=nil) 09:20:11 executing program 2: syz_mount_image$iso9660(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='devpts\x00', 0x0, 0x0) chroot(&(0x7f0000000140)='./file0\x00') umount2(&(0x7f0000000100)='./file0\x00', 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0xa) chroot(&(0x7f00000004c0)='./file0\x00') 09:20:11 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) close(r0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/current\x00') dup2(r0, r1) 09:20:11 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='devpts\x00', 0x0, 0x0) chroot(&(0x7f0000000140)='./file0\x00') umount2(&(0x7f0000000100)='./file0\x00', 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0xa) chroot(&(0x7f00000004c0)='./file0\x00') 09:20:11 executing program 0: creat(0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM(0x23, 0xc, &(0x7f0000ffc000/0x4000)=nil) [ 123.322837] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list 09:20:11 executing program 2: syz_mount_image$iso9660(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='devpts\x00', 0x0, 0x0) chroot(&(0x7f0000000140)='./file0\x00') umount2(&(0x7f0000000100)='./file0\x00', 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0xa) chroot(&(0x7f00000004c0)='./file0\x00') 09:20:11 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='devpts\x00', 0x0, 0x0) chroot(&(0x7f0000000140)='./file0\x00') umount2(&(0x7f0000000100)='./file0\x00', 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0xa) chroot(&(0x7f00000004c0)='./file0\x00') 09:20:11 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) close(r0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/current\x00') dup2(r0, r1) 09:20:11 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) close(r0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/current\x00') dup2(r0, r1) 09:20:11 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) close(r0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/current\x00') dup2(r0, r1) 09:20:11 executing program 2: syz_mount_image$iso9660(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='devpts\x00', 0x0, 0x0) chroot(&(0x7f0000000140)='./file0\x00') umount2(&(0x7f0000000100)='./file0\x00', 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0xa) chroot(&(0x7f00000004c0)='./file0\x00') 09:20:11 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) dup3(r0, r1, 0x0) 09:20:11 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='devpts\x00', 0x0, 0x0) chroot(&(0x7f0000000140)='./file0\x00') umount2(&(0x7f0000000100)='./file0\x00', 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0xa) chroot(&(0x7f00000004c0)='./file0\x00') 09:20:11 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x40181, 0x0) r1 = getpid() r2 = pidfd_open(r1, 0x0) write$cgroup_pid(r0, &(0x7f0000000040)=r1, 0x12) write$tun(r0, 0x0, 0x0) lseek(r0, 0xfa1, 0x4) open_by_handle_at(r2, &(0x7f0000000080)=@ceph_nfs_confh={0x10, 0x2, {0x25ac, 0x1ff}}, 0x100) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000001700)={{0x1, 0x1, 0x18, r2, {0xee66}}, './file1\x00'}) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'dummy0\x00'}) ioctl$TUNSETSNDBUF(r6, 0x400454d4, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) ppoll(&(0x7f00000000c0)=[{r5, 0x4294}, {r6, 0x200}, {r4, 0x5778}, {r0, 0x1000}], 0x4, &(0x7f0000000180)={r7, r8+10000000}, &(0x7f00000001c0)={[0x5]}, 0x8) syncfs(r4) 09:20:11 executing program 0: creat(0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM(0x23, 0xc, &(0x7f0000ffc000/0x4000)=nil) 09:20:11 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) connect$bt_sco(r0, &(0x7f0000000900)={0x1f, @none}, 0x8) [ 123.583623] kernel profiling enabled (shift: 14) 09:20:11 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) close(r0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/current\x00') dup2(r0, r1) 09:20:11 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x40181, 0x0) r1 = getpid() r2 = pidfd_open(r1, 0x0) write$cgroup_pid(r0, &(0x7f0000000040)=r1, 0x12) write$tun(r0, 0x0, 0x0) lseek(r0, 0xfa1, 0x4) open_by_handle_at(r2, &(0x7f0000000080)=@ceph_nfs_confh={0x10, 0x2, {0x25ac, 0x1ff}}, 0x100) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000001700)={{0x1, 0x1, 0x18, r2, {0xee66}}, './file1\x00'}) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'dummy0\x00'}) ioctl$TUNSETSNDBUF(r6, 0x400454d4, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) ppoll(&(0x7f00000000c0)=[{r5, 0x4294}, {r6, 0x200}, {r4, 0x5778}, {r0, 0x1000}], 0x4, &(0x7f0000000180)={r7, r8+10000000}, &(0x7f00000001c0)={[0x5]}, 0x8) syncfs(r4) 09:20:11 executing program 7: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x40181, 0x0) r1 = getpid() r2 = pidfd_open(r1, 0x0) write$cgroup_pid(r0, &(0x7f0000000040)=r1, 0x12) write$tun(r0, 0x0, 0x0) lseek(r0, 0xfa1, 0x4) open_by_handle_at(r2, &(0x7f0000000080)=@ceph_nfs_confh={0x10, 0x2, {0x25ac, 0x1ff}}, 0x100) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000001700)={{0x1, 0x1, 0x18, r2, {0xee66}}, './file1\x00'}) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'dummy0\x00'}) ioctl$TUNSETSNDBUF(r6, 0x400454d4, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) ppoll(&(0x7f00000000c0)=[{r5, 0x4294}, {r6, 0x200}, {r4, 0x5778}, {r0, 0x1000}], 0x4, &(0x7f0000000180)={r7, r8+10000000}, &(0x7f00000001c0)={[0x5]}, 0x8) syncfs(r4) 09:20:11 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x40181, 0x0) r1 = getpid() r2 = pidfd_open(r1, 0x0) write$cgroup_pid(r0, &(0x7f0000000040)=r1, 0x12) write$tun(r0, 0x0, 0x0) lseek(r0, 0xfa1, 0x4) open_by_handle_at(r2, &(0x7f0000000080)=@ceph_nfs_confh={0x10, 0x2, {0x25ac, 0x1ff}}, 0x100) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000001700)={{0x1, 0x1, 0x18, r2, {0xee66}}, './file1\x00'}) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'dummy0\x00'}) ioctl$TUNSETSNDBUF(r6, 0x400454d4, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) ppoll(&(0x7f00000000c0)=[{r5, 0x4294}, {r6, 0x200}, {r4, 0x5778}, {r0, 0x1000}], 0x4, &(0x7f0000000180)={r7, r8+10000000}, &(0x7f00000001c0)={[0x5]}, 0x8) syncfs(r4) 09:20:11 executing program 7: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x40181, 0x0) r1 = getpid() r2 = pidfd_open(r1, 0x0) write$cgroup_pid(r0, &(0x7f0000000040)=r1, 0x12) write$tun(r0, 0x0, 0x0) lseek(r0, 0xfa1, 0x4) open_by_handle_at(r2, &(0x7f0000000080)=@ceph_nfs_confh={0x10, 0x2, {0x25ac, 0x1ff}}, 0x100) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000001700)={{0x1, 0x1, 0x18, r2, {0xee66}}, './file1\x00'}) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'dummy0\x00'}) ioctl$TUNSETSNDBUF(r6, 0x400454d4, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) ppoll(&(0x7f00000000c0)=[{r5, 0x4294}, {r6, 0x200}, {r4, 0x5778}, {r0, 0x1000}], 0x4, &(0x7f0000000180)={r7, r8+10000000}, &(0x7f00000001c0)={[0x5]}, 0x8) syncfs(r4) 09:20:11 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0), 0x4) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 09:20:11 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) dup3(r0, r1, 0x0) 09:20:11 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) connect$bt_sco(r0, &(0x7f0000000900)={0x1f, @none}, 0x8) 09:20:11 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x4b66, &(0x7f0000000000)) 09:20:11 executing program 1: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x1) chdir(&(0x7f0000000000)='./file0\x00') newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) chown(&(0x7f00000009c0)='./file0\x00', r1, 0x0) creat(&(0x7f0000000080)='./file0\x00', 0x0) 09:20:11 executing program 4: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = fsopen(&(0x7f0000000440)='tracefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x8, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 09:20:11 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x40181, 0x0) r1 = getpid() r2 = pidfd_open(r1, 0x0) write$cgroup_pid(r0, &(0x7f0000000040)=r1, 0x12) write$tun(r0, 0x0, 0x0) lseek(r0, 0xfa1, 0x4) open_by_handle_at(r2, &(0x7f0000000080)=@ceph_nfs_confh={0x10, 0x2, {0x25ac, 0x1ff}}, 0x100) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000001700)={{0x1, 0x1, 0x18, r2, {0xee66}}, './file1\x00'}) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'dummy0\x00'}) ioctl$TUNSETSNDBUF(r6, 0x400454d4, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) ppoll(&(0x7f00000000c0)=[{r5, 0x4294}, {r6, 0x200}, {r4, 0x5778}, {r0, 0x1000}], 0x4, &(0x7f0000000180)={r7, r8+10000000}, &(0x7f00000001c0)={[0x5]}, 0x8) syncfs(r4) 09:20:11 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0), 0x4) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 09:20:11 executing program 7: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x40181, 0x0) r1 = getpid() r2 = pidfd_open(r1, 0x0) write$cgroup_pid(r0, &(0x7f0000000040)=r1, 0x12) write$tun(r0, 0x0, 0x0) lseek(r0, 0xfa1, 0x4) open_by_handle_at(r2, &(0x7f0000000080)=@ceph_nfs_confh={0x10, 0x2, {0x25ac, 0x1ff}}, 0x100) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000001700)={{0x1, 0x1, 0x18, r2, {0xee66}}, './file1\x00'}) r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'dummy0\x00'}) ioctl$TUNSETSNDBUF(r6, 0x400454d4, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) ppoll(&(0x7f00000000c0)=[{r5, 0x4294}, {r6, 0x200}, {r4, 0x5778}, {r0, 0x1000}], 0x4, &(0x7f0000000180)={r7, r8+10000000}, &(0x7f00000001c0)={[0x5]}, 0x8) syncfs(r4) 09:20:11 executing program 5: syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280), 0xc, 0x0}, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x40a00, 0x0) syz_io_uring_setup(0x512, &(0x7f0000000a80)={0x0, 0x0, 0x10, 0x2}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000b00), &(0x7f0000000b40)=0x0) syz_io_uring_submit(0x0, r0, 0x0, 0x7fffffff) 09:20:11 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x401) write$evdev(r0, &(0x7f0000000200)=[{{0x77359400}, 0x11, 0x0, 0x3}], 0x18) 09:20:11 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x4b66, &(0x7f0000000000)) 09:20:11 executing program 7: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x4b66, &(0x7f0000000000)) [ 123.992856] Bluetooth: hci7: command 0x0c1a tx timeout [ 123.993019] Bluetooth: hci6: command 0x0c1a tx timeout [ 123.993037] Bluetooth: hci5: command 0x0c1a tx timeout [ 123.993054] Bluetooth: hci4: command 0x0c1a tx timeout [ 123.993071] Bluetooth: hci3: command 0x0c1a tx timeout [ 123.993088] Bluetooth: hci2: command 0x0c1a tx timeout [ 123.993104] Bluetooth: hci1: command 0x0c1a tx timeout [ 123.993119] Bluetooth: hci0: command 0x0c1a tx timeout 09:20:12 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0), 0x4) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 09:20:12 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) dup3(r0, r1, 0x0) 09:20:12 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x4b66, &(0x7f0000000000)) 09:20:12 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00') pwrite64(r0, 0x0, 0x0, 0x4a8) 09:20:12 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f00000003c0)='./file1\x00', 0x0) pidfd_open(0x0, 0x0) ioctl$BLKRESETZONE(r0, 0x40101283, &(0x7f00000000c0)={0x1f, 0xfffffffffffffff7}) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002b80)={0x0, 0x0, 0x0}, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) pipe2(&(0x7f0000000080), 0x4000) pwritev2(r1, &(0x7f0000000380)=[{&(0x7f0000000180)="bd", 0xfffffdef}], 0x1, 0x0, 0x0, 0x0) 09:20:12 executing program 3: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) write$P9_RMKDIR(r1, &(0x7f0000000300)={0x14}, 0x14) fadvise64(r0, 0xfffffffffffffffe, 0x0, 0x4) 09:20:12 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x91, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000005880)={0x7b804100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, &(0x7f0000000240)=""/10, 0x0}, 0x58) 09:20:12 executing program 7: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x4b66, &(0x7f0000000000)) 09:20:12 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0), 0x4) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 09:20:12 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_MCE_KILL(0x4e, 0x1, 0x0) 09:20:12 executing program 7: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x4b66, &(0x7f0000000000)) 09:20:12 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00') pwrite64(r0, 0x0, 0x0, 0x4a8) 09:20:12 executing program 1: r0 = socket$inet(0x2, 0x3, 0x26) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000080)=0x7ffd, 0x4) bind$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @remote}, 0x10) 09:20:12 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x4b66, &(0x7f0000000000)) 09:20:12 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)={0x1c, 0x4a, 0x1, 0x0, 0x0, "", [@typed={0xa, 0x0, 0x0, 0x0, @str='wlan1\x00'}]}, 0x1c}], 0x1}, 0x0) [ 124.325597] [ 124.325780] ===================================== [ 124.326159] WARNING: bad unlock balance detected! [ 124.326534] 6.19.0-rc5-next-20260114 #1 Not tainted [ 124.326932] ------------------------------------- [ 124.327349] syz-executor.7/284 is trying to release lock (rcu_read_lock) at: [ 124.327939] [] __wait_on_freeing_inode+0x105/0x350 [ 124.328757] but there are no more locks to release! [ 124.329882] [ 124.329882] other info that might help us debug this: [ 124.331246] 4 locks held by syz-executor.7/284: [ 124.332228] #0: ffff88800feca3f8 (sb_writers#3){.+.+}-{0:0}, at: filename_create+0xf7/0x400 [ 124.334432] #1: ffff8880183a2078 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: filename_create+0x1b1/0x400 [ 124.336044] #2: ffff88800fece950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xe32/0x12d0 [ 124.337723] #3: ffffffff85c16898 (inode_hash_lock){+.+.}-{3:3}, at: insert_inode_locked+0xf9/0x890 [ 124.338452] [ 124.338452] stack backtrace: [ 124.338820] CPU: 0 UID: 0 PID: 284 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260114 #1 PREEMPT(lazy) [ 124.338835] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.338842] Call Trace: [ 124.338847] [ 124.338851] dump_stack_lvl+0xca/0x120 [ 124.338881] ? __wait_on_freeing_inode+0x105/0x350 [ 124.338895] print_unlock_imbalance_bug+0x118/0x130 [ 124.338911] ? __wait_on_freeing_inode+0x105/0x350 [ 124.338926] lock_release+0x1ee/0x270 [ 124.338941] __wait_on_freeing_inode+0x10a/0x350 [ 124.338956] ? __pfx___wait_on_freeing_inode+0x10/0x10 [ 124.338971] ? __pfx_var_wake_function+0x10/0x10 [ 124.338989] ? lock_is_held_type+0x9e/0x120 [ 124.339009] insert_inode_locked+0x25f/0x890 [ 124.339026] __ext4_new_inode+0x223d/0x4cd0 [ 124.339044] ? __pfx___ext4_new_inode+0x10/0x10 [ 124.339058] ? __pfx_avc_has_perm+0x10/0x10 [ 124.339072] ? __pfx___dquot_initialize+0x10/0x10 [ 124.339094] ext4_mkdir+0x331/0xb30 [ 124.339113] ? __pfx_ext4_mkdir+0x10/0x10 [ 124.339128] ? security_inode_permission+0x72/0xe0 [ 124.339142] vfs_mkdir+0x6d8/0xc00 [ 124.339159] do_mkdirat+0x11a/0x440 [ 124.339172] ? __pfx_do_mkdirat+0x10/0x10 [ 124.339184] ? strncpy_from_user+0x21b/0x2f0 [ 124.339202] __x64_sys_mkdir+0x65/0x80 [ 124.339214] do_syscall_64+0xbf/0x420 [ 124.339227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.339240] RIP: 0033:0x7fd97da23c27 [ 124.339250] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.339261] RSP: 002b:00007ffc2f40f2b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 124.339272] RAX: ffffffffffffffda RBX: 00007ffc2f40f340 RCX: 00007fd97da23c27 [ 124.339280] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 00007ffc2f40f340 [ 124.339288] RBP: 00007ffc2f40f31c R08: 0000000000000000 R09: 0000000000000004 [ 124.339295] R10: 00007ffc2f40f056 R11: 0000000000000206 R12: 0000000000000032 [ 124.339302] R13: 000000000001e4fb R14: 0000000000000003 R15: 00007ffc2f40f380 [ 124.339313] [ 124.355504] ------------[ cut here ]------------ [ 124.504913] WARNING: kernel/rcu/tree_plugin.h:443 at __rcu_read_unlock+0x25f/0x5c0, CPU#0: syz-executor.7/284 [ 124.505000] Modules linked in: [ 124.505040] CPU: 0 UID: 0 PID: 284 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260114 #1 PREEMPT(lazy) [ 124.505054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.505060] RIP: 0010:__rcu_read_unlock+0x25f/0x5c0 [ 124.505135] Code: f2 02 00 00 c7 43 58 01 00 00 00 bf 09 00 00 00 e8 16 c0 de ff 4d 85 f6 0f 84 73 fe ff ff e8 38 8a 20 00 fb e9 68 fe ff ff 90 <0f> 0b 90 5b 5d 41 5c 41 5d 41 5e e9 81 24 74 03 e8 bc 5c 56 00 e9 [ 124.505146] RSP: 0018:ffff88800a3079e0 EFLAGS: 00010286 [ 124.505156] RAX: 00000000ffffffff RBX: ffff888014843700 RCX: ffffffff81565a27 [ 124.505164] RDX: 0000000000000000 RSI: ffffffff81565a30 RDI: ffff888014843afc [ 124.505171] RBP: ffff888014843700 R08: 0000000000000000 R09: fffffbfff0ba6ffc [ 124.505179] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888014843700 [ 124.505186] R13: 0000000000000001 R14: ffffffff85c0ce80 R15: ffff888049648ca0 [ 124.505196] FS: 00005555657aa400(0000) GS:ffff8880e5343000(0000) knlGS:0000000000000000 [ 124.505207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.505215] CR2: 0000555578df7c58 CR3: 000000000d899000 CR4: 0000000000350ef0 [ 124.505223] Call Trace: [ 124.505257] [ 124.505714] __wait_on_freeing_inode+0x10f/0x350 [ 124.522958] ------------[ cut here ]------------ [ 124.522967] WARNING: kernel/rcu/tree_exp.h:803 at rcu_exp_handler+0x12b/0x570, CPU#0: syz-executor.7/284 [ 124.523056] Modules linked in: [ 124.523098] CPU: 0 UID: 0 PID: 284 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260114 #1 PREEMPT(lazy) [ 124.523113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.523120] RIP: 0010:rcu_exp_handler+0x12b/0x570 [ 124.523200] Code: 03 0f b6 04 02 4c 89 e2 83 e2 07 38 d0 7f 08 84 c0 0f 85 cb 03 00 00 0f b6 43 11 84 c0 75 b6 85 c9 74 1d 0f 8f bf 00 00 00 90 <0f> 0b 90 48 83 c4 10 5b 5d 41 5c 41 5d 41 5e 41 5f e9 6f ae 74 03 [ 124.523211] RSP: 0018:ffff88806ce085f0 EFLAGS: 00010086 [ 124.523221] RAX: 0000000000000000 RBX: ffff88806ce38800 RCX: 00000000ffffffff [ 124.523229] RDX: 0000000000000001 RSI: ffff888014843700 RDI: ffff888014843afc [ 124.523237] RBP: ffffffff85e310c0 R08: 0000000000000000 R09: fffffbfff0ccdc6a [ 124.523245] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88806ce38811 [ 124.523252] R13: ffff88806ce38828 R14: ffffffff85e31138 R15: ffff88806ce38820 [ 124.523261] FS: 00005555657aa400(0000) GS:ffff8880e5343000(0000) knlGS:0000000000000000 [ 124.523272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.523280] CR2: 0000555578df7c58 CR3: 000000000d899000 CR4: 0000000000350ef0 [ 124.523288] Call Trace: [ 124.523326] [ 124.524128] __flush_smp_call_function_queue+0x47e/0xef0 [ 124.524343] ? __pfx_rcu_exp_handler+0x10/0x10 [ 124.525118] __sysvec_call_function_single+0x6d/0x310 [ 124.525333] sysvec_call_function_single+0x5f/0xc0 [ 124.525749] asm_sysvec_call_function_single+0x1a/0x20 [ 124.525862] RIP: 0010:__sanitizer_cov_trace_cmp8+0x8/0x20 [ 124.525948] Code: 00 00 00 e9 da fe ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 0c 24 <48> 89 f2 48 89 fe bf 06 00 00 00 e9 a8 fe ff ff 0f 1f 84 00 00 00 [ 124.525959] RSP: 0018:ffff88806ce08768 EFLAGS: 00000283 [ 124.525969] RAX: 0000000000000003 RBX: ffffffff8667e780 RCX: ffffffff84c51bdf [ 124.525976] RDX: 0000000000000000 RSI: ffffffff814e86cb RDI: ffffffff815d6d6f [ 124.525984] RBP: ffffffff814e86cb R08: 0000000000000000 R09: 0000000000000000 [ 124.525991] R10: ffffffff814e8678 R11: 0000000000000000 R12: ffffffff815d6d6f [ 124.525999] R13: dffffc0000000000 R14: 0000000000000002 R15: 000000000000000b [ 124.526304] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.526384] ? task_tick_dl+0x31b/0x3c0 [ 124.526662] ? task_tick_dl+0x2c8/0x3c0 [ 124.527046] ? __report_bug+0x4cf/0x5b0 [ 124.527229] ? task_tick_dl+0x31b/0x3c0 [ 124.527307] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.527917] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.527996] __report_bug+0x4cf/0x5b0 [ 124.528808] ? __pfx___report_bug+0x10/0x10 [ 124.528991] ? __pfx___report_bug+0x10/0x10 [ 124.529173] ? __is_insn_slot_addr+0x140/0x290 [ 124.529749] ? kernel_text_address+0x5b/0xc0 [ 124.530130] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.530507] ? report_bug+0xa0/0x120 [ 124.530689] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.531075] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.531452] report_bug+0x7c/0x120 [ 124.531667] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.531846] handle_bug+0x2e8/0x4f0 [ 124.532752] exc_invalid_op+0x35/0x80 [ 124.533163] asm_exc_invalid_op+0x1a/0x20 [ 124.533274] RIP: 0010:__rcu_read_unlock+0x25f/0x5c0 [ 124.533354] Code: f2 02 00 00 c7 43 58 01 00 00 00 bf 09 00 00 00 e8 16 c0 de ff 4d 85 f6 0f 84 73 fe ff ff e8 38 8a 20 00 fb e9 68 fe ff ff 90 <0f> 0b 90 5b 5d 41 5c 41 5d 41 5e e9 81 24 74 03 e8 bc 5c 56 00 e9 [ 124.533365] RSP: 0018:ffff88806ce089c0 EFLAGS: 00010286 [ 124.533374] RAX: 00000000ffffffff RBX: ffff888014843700 RCX: 0000000000000001 [ 124.533382] RDX: 0000000000000000 RSI: ffffffff8135f942 RDI: ffff888014843afc [ 124.533390] RBP: ffff888014843700 R08: 0000000000000001 R09: ffff88806ce08aa0 [ 124.533397] R10: 000000000003d1db R11: 00000000000c7b10 R12: ffff888014843700 [ 124.533405] R13: ffff88806ce08aa8 R14: ffff88800a307f48 R15: ffff88806ce08a60 [ 124.534705] ? unwind_next_frame+0x3b2/0x2540 [ 124.535920] unwind_next_frame+0x3bc/0x2540 [ 124.536032] ? do_syscall_64+0xbf/0x420 [ 124.536508] ? kernel_text_address+0x11/0xc0 [ 124.536589] ? _printk+0xbe/0xf0 [ 124.536670] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 124.537252] arch_stack_walk+0x86/0xf0 [ 124.538459] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.539341] stack_trace_save+0x8e/0xc0 [ 124.539654] ? __pfx_stack_trace_save+0x10/0x10 [ 124.540133] ? ieee80211_get_buffered_bc+0x55e/0x890 [ 124.540217] ? is_valid_bugaddr+0x78/0x90 [ 124.540296] ? disable_trace_on_warning+0x1a/0x80 [ 124.541077] kasan_save_stack+0x24/0x50 [ 124.541191] ? kasan_save_stack+0x24/0x50 [ 124.541269] ? kasan_save_track+0x14/0x30 [ 124.541348] ? kasan_save_free_info+0x3a/0x60 [ 124.541433] ? __kasan_slab_free+0x43/0x70 [ 124.541513] ? kmem_cache_free+0x2cd/0x670 [ 124.541598] ? rcu_core+0x543/0x1b30 [ 124.541678] ? handle_softirqs+0x1b1/0x7d0 [ 124.541757] ? __irq_exit_rcu+0xc4/0x100 [ 124.541835] ? irq_exit_rcu+0x9/0x20 [ 124.541912] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 124.541996] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 124.542076] ? vprintk_store+0x17f/0xa30 [ 124.542160] ? vprintk_emit+0x13c/0x680 [ 124.542244] ? _printk+0xbe/0xf0 [ 124.542324] ? __show_trace_log_lvl+0x204/0x380 [ 124.542404] ? __warn+0xfc/0x370 [ 124.542488] ? __report_bug+0x421/0x5b0 [ 124.542570] ? report_bug+0x7c/0x120 [ 124.542653] ? handle_bug+0x2e8/0x4f0 [ 124.542732] ? exc_invalid_op+0x35/0x80 [ 124.542820] ? asm_exc_invalid_op+0x1a/0x20 [ 124.542898] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.542977] ? __wait_on_freeing_inode+0x10f/0x350 [ 124.543058] ? insert_inode_locked+0x25f/0x890 [ 124.543140] ? __ext4_new_inode+0x223d/0x4cd0 [ 124.543220] ? ext4_mkdir+0x331/0xb30 [ 124.543302] ? vfs_mkdir+0x6d8/0xc00 [ 124.543384] ? do_mkdirat+0x11a/0x440 [ 124.543463] ? __x64_sys_mkdir+0x65/0x80 [ 124.543541] ? do_syscall_64+0xbf/0x420 [ 124.543620] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.543798] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.543977] ? handle_bug+0x2e8/0x4f0 [ 124.544552] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 124.545033] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 124.545512] ? trace_rcu_this_gp.constprop.0+0x5e/0x2b0 [ 124.546187] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 124.546765] ? kasan_quarantine_put+0x84/0x1e0 [ 124.547053] kasan_save_track+0x14/0x30 [ 124.547265] kasan_save_free_info+0x3a/0x60 [ 124.547482] __kasan_slab_free+0x43/0x70 [ 124.547893] kmem_cache_free+0x2cd/0x670 [ 124.548110] ? rcu_core+0x543/0x1b30 [ 124.548189] ? trace_raw_output_preemptirq_template+0xa0/0x110 [ 124.548968] ? rcu_core+0x53e/0x1b30 [ 124.549246] ? rcu_core+0x543/0x1b30 [ 124.549326] rcu_core+0x543/0x1b30 [ 124.550432] ? ktime_get_update_offsets_now+0x252/0x3c0 [ 124.550715] ? __pfx_rcu_core+0x10/0x10 [ 124.551896] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 124.552676] handle_softirqs+0x1b1/0x7d0 [ 124.553978] __irq_exit_rcu+0xc4/0x100 [ 124.554188] irq_exit_rcu+0x9/0x20 [ 124.554299] sysvec_apic_timer_interrupt+0x70/0x80 [ 124.554515] [ 124.554519] [ 124.554722] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 124.554841] RIP: 0010:vprintk_store+0x17f/0xa30 [ 124.554926] Code: e8 e6 f6 1f 00 41 80 fd 03 0f 86 ce 00 00 00 e8 17 fc 1f 00 48 89 ee 31 ff 45 31 ff e8 5a f7 1f 00 48 85 ed 0f 85 6c 04 00 00 fc fb 1f 00 48 b8 00 00 00 00 00 fc ff df 48 03 44 24 10 48 c7 [ 124.554936] RSP: 0018:ffff88800a307318 EFLAGS: 00000246 [ 124.554946] RAX: 0000000000000001 RBX: ffff88806ce244a5 RCX: ffffffff817df7eb [ 124.554953] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff81558415 [ 124.554961] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000 [ 124.554968] R10: ffffffff8666e357 R11: 0000000000000001 R12: 0000000000000024 [ 124.554975] R13: 0000000000000002 R14: ffffffff85d49e18 R15: 0000000000000024 [ 124.556075] ? trace_hardirqs_on+0x4b/0x110 [ 124.556355] ? vprintk_store+0x5f5/0xa30 [ 124.556968] ? vprintk_store+0x5f5/0xa30 [ 124.557956] ? __pfx_vprintk_store+0x10/0x10 [ 124.558240] ? __report_bug+0x248/0x5b0 [ 124.559024] ? __pfx___report_bug+0x10/0x10 [ 124.559207] ? __pfx___report_bug+0x10/0x10 [ 124.559687] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 124.559968] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 124.560348] ? do_raw_spin_lock+0x123/0x260 [ 124.560730] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 124.561310] ? is_printk_cpu_sync_owner+0x32/0x40 [ 124.562183] vprintk_emit+0x13c/0x680 [ 124.562599] ? __pfx_vprintk_emit+0x10/0x10 [ 124.564613] _printk+0xbe/0xf0 [ 124.564929] ? __pfx__printk+0x10/0x10 [ 124.566109] ? __is_insn_slot_addr+0x140/0x290 [ 124.566589] ? __wait_on_freeing_inode+0x10f/0x350 [ 124.566982] ? __wait_on_freeing_inode+0x10f/0x350 [ 124.567166] __show_trace_log_lvl+0x204/0x380 [ 124.569306] ? __wait_on_freeing_inode+0x10f/0x350 [ 124.569997] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.570280] __warn+0xfc/0x370 [ 124.570701] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.571097] __report_bug+0x421/0x5b0 [ 124.571924] ? __pfx___report_bug+0x10/0x10 [ 124.572820] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 124.573106] ? __is_insn_slot_addr+0x140/0x290 [ 124.573591] ? __is_insn_slot_addr+0x11b/0x290 [ 124.574279] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.574664] report_bug+0x7c/0x120 [ 124.574891] ? __rcu_read_unlock+0x25f/0x5c0 [ 124.575070] handle_bug+0x2e8/0x4f0 [ 124.575283] ? trace_hardirqs_off_finish+0xe3/0x110 [ 124.575964] exc_invalid_op+0x35/0x80 [ 124.576377] asm_exc_invalid_op+0x1a/0x20 [ 124.576489] RIP: 0010:__rcu_read_unlock+0x25f/0x5c0 [ 124.576570] Code: f2 02 00 00 c7 43 58 01 00 00 00 bf 09 00 00 00 e8 16 c0 de ff 4d 85 f6 0f 84 73 fe ff ff e8 38 8a 20 00 fb e9 68 fe ff ff 90 <0f> 0b 90 5b 5d 41 5c 41 5d 41 5e e9 81 24 74 03 e8 bc 5c 56 00 e9 [ 124.576581] RSP: 0018:ffff88800a3079e0 EFLAGS: 00010286 [ 124.576590] RAX: 00000000ffffffff RBX: ffff888014843700 RCX: ffffffff81565a27 [ 124.576598] RDX: 0000000000000000 RSI: ffffffff81565a30 RDI: ffff888014843afc [ 124.576606] RBP: ffff888014843700 R08: 0000000000000000 R09: fffffbfff0ba6ffc [ 124.576613] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888014843700 [ 124.576621] R13: 0000000000000001 R14: ffffffff85c0ce80 R15: ffff888049648ca0 [ 124.577729] ? nbcon_cpu_emergency_exit+0x117/0x1c0 [ 124.577913] ? nbcon_cpu_emergency_exit+0x120/0x1c0 [ 124.579136] __wait_on_freeing_inode+0x10f/0x350 [ 124.579452] ? __pfx___wait_on_freeing_inode+0x10/0x10 [ 124.580134] ? __pfx_var_wake_function+0x10/0x10 [ 124.581018] ? lock_is_held_type+0x9e/0x120 [ 124.581802] insert_inode_locked+0x25f/0x890 [ 124.583126] __ext4_new_inode+0x223d/0x4cd0 [ 124.585340] ? __pfx___ext4_new_inode+0x10/0x10 [ 124.585920] ? __pfx_avc_has_perm+0x10/0x10 [ 124.586200] ? __pfx___dquot_initialize+0x10/0x10 [ 124.588110] ext4_mkdir+0x331/0xb30 [ 124.589828] ? __pfx_ext4_mkdir+0x10/0x10 [ 124.590111] ? security_inode_permission+0x72/0xe0 [ 124.591396] vfs_mkdir+0x6d8/0xc00 [ 124.592512] do_mkdirat+0x11a/0x440 [ 124.593224] ? __pfx_do_mkdirat+0x10/0x10 [ 124.593604] ? strncpy_from_user+0x21b/0x2f0 [ 124.595192] __x64_sys_mkdir+0x65/0x80 [ 124.595505] do_syscall_64+0xbf/0x420 [ 124.596017] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.596129] RIP: 0033:0x7fd97da23c27 [ 124.596205] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.596216] RSP: 002b:00007ffc2f40f2b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 124.596228] RAX: ffffffffffffffda RBX: 00007ffc2f40f340 RCX: 00007fd97da23c27 [ 124.596235] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 00007ffc2f40f340 [ 124.596243] RBP: 00007ffc2f40f31c R08: 0000000000000000 R09: 0000000000000004 [ 124.596250] R10: 00007ffc2f40f056 R11: 0000000000000206 R12: 0000000000000032 [ 124.596257] R13: 000000000001e4fb R14: 0000000000000003 R15: 00007ffc2f40f380 [ 124.598393] [ 124.598397] irq event stamp: 208969 [ 124.598402] hardirqs last enabled at (208969): [] _raw_spin_unlock_irqrestore+0x2c/0x50 [ 124.598490] hardirqs last disabled at (208968): [] _raw_spin_lock_irqsave+0x53/0x60 [ 124.598575] softirqs last enabled at (208964): [] kernel_fpu_end+0x59/0x70 [ 124.598660] softirqs last disabled at (208962): [] kernel_fpu_begin_mask+0x1bb/0x300 [ 124.598745] ---[ end trace 0000000000000000 ]--- [ 124.609237] ? __pfx___wait_on_freeing_inode+0x10/0x10 [ 124.650215] ? __pfx_var_wake_function+0x10/0x10 [ 124.670273] ? lock_is_held_type+0x9e/0x120 [ 124.722628] insert_inode_locked+0x25f/0x890 [ 124.792604] __ext4_new_inode+0x223d/0x4cd0 [ 124.833525] ? __pfx___ext4_new_inode+0x10/0x10 [ 124.834099] ? __pfx_avc_has_perm+0x10/0x10 [ 124.834354] ? __pfx___dquot_initialize+0x10/0x10 [ 124.836150] ext4_mkdir+0x331/0xb30 [ 124.837746] ? __pfx_ext4_mkdir+0x10/0x10 [ 124.838048] ? security_inode_permission+0x72/0xe0 [ 124.839262] vfs_mkdir+0x6d8/0xc00 [ 124.840361] do_mkdirat+0x11a/0x440 [ 124.841049] ? __pfx_do_mkdirat+0x10/0x10 [ 124.841399] ? strncpy_from_user+0x21b/0x2f0 [ 124.842929] __x64_sys_mkdir+0x65/0x80 [ 124.843214] do_syscall_64+0xbf/0x420 [ 124.843678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.843822] RIP: 0033:0x7fd97da23c27 [ 124.843893] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.843904] RSP: 002b:00007ffc2f40f2b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 124.843917] RAX: ffffffffffffffda RBX: 00007ffc2f40f340 RCX: 00007fd97da23c27 [ 124.843925] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 00007ffc2f40f340 [ 124.843932] RBP: 00007ffc2f40f31c R08: 0000000000000000 R09: 0000000000000004 [ 124.843939] R10: 00007ffc2f40f056 R11: 0000000000000206 R12: 0000000000000032 [ 124.843947] R13: 000000000001e4fb R14: 0000000000000003 R15: 00007ffc2f40f380 [ 124.848188] [ 124.848195] irq event stamp: 208969 [ 124.848200] hardirqs last enabled at (208969): [] _raw_spin_unlock_irqrestore+0x2c/0x50 [ 124.848281] hardirqs last disabled at (208968): [] _raw_spin_lock_irqsave+0x53/0x60 [ 124.848359] softirqs last enabled at (208964): [] kernel_fpu_end+0x59/0x70 [ 124.848441] softirqs last disabled at (208962): [] kernel_fpu_begin_mask+0x1bb/0x300 [ 124.848520] ---[ end trace 0000000000000000 ]--- [ 126.041819] Bluetooth: hci0: command 0x0c1a tx timeout [ 126.042328] Bluetooth: hci1: command 0x0c1a tx timeout [ 126.042751] Bluetooth: hci2: command 0x0c1a tx timeout [ 126.043205] Bluetooth: hci3: command 0x0c1a tx timeout [ 126.043224] Bluetooth: hci4: command 0x0c1a tx timeout [ 126.043619] Bluetooth: hci5: command 0x0c1a tx timeout [ 126.044504] Bluetooth: hci6: command 0x0c1a tx timeout [ 126.044889] Bluetooth: hci7: command 0x0c1a tx timeout [ 128.088890] Bluetooth: hci7: command 0x0c1a tx timeout [ 128.088948] Bluetooth: hci6: command 0x0c1a tx timeout [ 128.089954] Bluetooth: hci4: command 0x0c1a tx timeout [ 128.090923] Bluetooth: hci2: command 0x0c1a tx timeout [ 128.091825] Bluetooth: hci5: command 0x0c1a tx timeout [ 128.092724] Bluetooth: hci3: command 0x0c1a tx timeout [ 128.093623] Bluetooth: hci1: command 0x0c1a tx timeout [ 128.094538] Bluetooth: hci0: command 0x0c1a tx timeout [ 130.136959] Bluetooth: hci7: command 0x0c1a tx timeout [ 132.184949] Bluetooth: hci7: command 0x0c1a tx timeout VM DIAGNOSIS: 09:20:12 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82973905 RDI=ffffffff889c0960 RBP=ffffffff889c0920 RSP=ffff88800a3074c8 R8 =0000000000000000 R9 =ffffed1001699046 R10=0000000000000020 R11=666666203a302320 R12=0000000000000020 R13=0000000000000010 R14=ffffffff889c0920 R15=ffffffff829738f0 RIP=ffffffff8297395d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00005555657aa400 00000000 00000000 GS =0000 ffff8880e5343000 00000000 00000000 LDT=0000 fffffe5100000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000555578df7c58 CR3=000000000d899000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000a60ce07b00000000cec3662e XMM01=000000000000000003515b82db34ca11 XMM02=0000000000000000333bebdfd0a6a21d XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=00000000541b53de RBX=000000000000000e RCX=0000000059422365 RDX=00000000ad5d7743 RSI=ffff8880190e7750 RDI=0000000000000004 RBP=0000000000000001 RSP=ffff8880190e7688 R8 =00000000a30fec7b R9 =0000000000000000 R10=0000000000000000 R11=0000000000000003 R12=0000000000000000 R13=0000000000092cc0 R14=ffff8880190e76f0 R15=000000000000000e RIP=ffffffff826711d9 RFL=00000a92 [-OS-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fc14c26a8c0 00000000 00000000 GS =0000 ffff8880e5443000 00000000 00000000 LDT=0000 fffffe4500000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020636000 CR3=000000000da1f000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000000000002f002f2e2e2f002e2e XMM01=0000000000000000696c61766e49002f XMM02=ffffffffffffff0f0e0d0c0b0a090807 XMM03=00000000000000006c6175747269762f XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00005649e3fb57a000005649e3fea340 XMM06=00000000000000000000000400000003 XMM07=00000000000000000000000000000000 XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000 XMM10=00000000200000000000000020000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000