Warning: Permanently added '[localhost]:13115' (ECDSA) to the list of known hosts.
2025/09/01 08:35:24 fuzzer started
2025/09/01 08:35:24 dialing manager at localhost:35473
syzkaller login: [ 58.638462] cgroup: Unknown subsys name 'net'
[ 58.702707] cgroup: Unknown subsys name 'cpuset'
[ 58.723201] cgroup: Unknown subsys name 'rlimit'
2025/09/01 08:35:35 syscalls: 2214
2025/09/01 08:35:35 code coverage: enabled
2025/09/01 08:35:35 comparison tracing: enabled
2025/09/01 08:35:35 extra coverage: enabled
2025/09/01 08:35:35 setuid sandbox: enabled
2025/09/01 08:35:35 namespace sandbox: enabled
2025/09/01 08:35:35 Android sandbox: enabled
2025/09/01 08:35:35 fault injection: enabled
2025/09/01 08:35:35 leak checking: enabled
2025/09/01 08:35:35 net packet injection: enabled
2025/09/01 08:35:35 net device setup: enabled
2025/09/01 08:35:35 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 08:35:35 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 08:35:35 USB emulation: enabled
2025/09/01 08:35:35 hci packet injection: enabled
2025/09/01 08:35:35 wifi device emulation: enabled
2025/09/01 08:35:35 802.15.4 emulation: enabled
2025/09/01 08:35:35 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 08:35:35 fetching corpus: 50, signal 22124/25381 (executing program)
2025/09/01 08:35:35 fetching corpus: 100, signal 37983/42095 (executing program)
2025/09/01 08:35:35 fetching corpus: 150, signal 45555/50560 (executing program)
2025/09/01 08:35:35 fetching corpus: 200, signal 52404/58082 (executing program)
2025/09/01 08:35:35 fetching corpus: 250, signal 57865/64133 (executing program)
2025/09/01 08:35:35 fetching corpus: 300, signal 63731/70302 (executing program)
2025/09/01 08:35:36 fetching corpus: 350, signal 66278/73474 (executing program)
2025/09/01 08:35:36 fetching corpus: 400, signal 70852/78267 (executing program)
2025/09/01 08:35:36 fetching corpus: 450, signal 73662/81465 (executing program)
2025/09/01 08:35:36 fetching corpus: 500, signal 75881/84026 (executing program)
2025/09/01 08:35:36 fetching corpus: 550, signal 78954/87205 (executing program)
2025/09/01 08:35:36 fetching corpus: 600, signal 82390/90538 (executing program)
2025/09/01 08:35:36 fetching corpus: 650, signal 85122/93253 (executing program)
2025/09/01 08:35:36 fetching corpus: 700, signal 89807/97368 (executing program)
2025/09/01 08:35:37 fetching corpus: 750, signal 91543/99136 (executing program)
2025/09/01 08:35:37 fetching corpus: 800, signal 93850/101266 (executing program)
2025/09/01 08:35:37 fetching corpus: 850, signal 96509/103556 (executing program)
2025/09/01 08:35:37 fetching corpus: 900, signal 97802/104842 (executing program)
2025/09/01 08:35:37 fetching corpus: 950, signal 100812/107217 (executing program)
2025/09/01 08:35:37 fetching corpus: 1000, signal 103342/109144 (executing program)
2025/09/01 08:35:37 fetching corpus: 1050, signal 104586/110199 (executing program)
2025/09/01 08:35:37 fetching corpus: 1100, signal 105673/111169 (executing program)
2025/09/01 08:35:38 fetching corpus: 1150, signal 107525/112537 (executing program)
2025/09/01 08:35:38 fetching corpus: 1200, signal 108984/113619 (executing program)
2025/09/01 08:35:38 fetching corpus: 1250, signal 110296/114591 (executing program)
2025/09/01 08:35:38 fetching corpus: 1300, signal 111904/115642 (executing program)
2025/09/01 08:35:38 fetching corpus: 1350, signal 112939/116364 (executing program)
2025/09/01 08:35:38 fetching corpus: 1400, signal 114444/117262 (executing program)
2025/09/01 08:35:38 fetching corpus: 1450, signal 115593/117974 (executing program)
2025/09/01 08:35:39 fetching corpus: 1500, signal 117044/118841 (executing program)
2025/09/01 08:35:39 fetching corpus: 1550, signal 117898/119311 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119448 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119486 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119535 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119575 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119611 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119648 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119693 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119735 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119775 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119820 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119867 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119900 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119951 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/119989 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120023 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120059 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120098 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120128 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120171 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120202 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120245 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120286 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120330 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120365 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120410 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120449 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120483 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120501 (executing program)
2025/09/01 08:35:39 fetching corpus: 1566, signal 118124/120501 (executing program)
2025/09/01 08:35:41 starting 8 fuzzer processes
08:35:41 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x2000)
close_range(r0, 0xffffffffffffffff, 0x0)
08:35:41 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f0000000000), 0x4)
08:35:41 executing program 6:
futex(0x0, 0xa, 0x0, 0x0, 0x0, 0x0)
08:35:41 executing program 7:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='\t\x00')
08:35:41 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0xeb, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x101002, 0x0)
sendfile(r0, r0, 0x0, 0x5)
08:35:41 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000000)=0x100, 0x4)
syz_emit_ethernet(0x10c, &(0x7f0000000280)=ANY=[], 0x0)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
[ 74.964161] audit: type=1400 audit(1756715741.426:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
08:35:41 executing program 4:
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @empty}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x220, 0x4000}}}}}}, 0x0)
08:35:41 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
getdents(r0, &(0x7f0000000380)=""/108, 0x6c)
[ 76.265967] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 76.268559] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 76.270427] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 76.276049] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 76.278832] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 76.324963] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 76.339619] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 76.341483] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 76.345086] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 76.349753] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 76.351707] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 76.352018] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 76.356344] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 76.357987] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 76.364299] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 76.405384] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 76.413514] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 76.417234] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 76.420362] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 76.422066] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 76.427514] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 76.431131] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 76.432563] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 76.438226] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 76.440162] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 76.445577] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 76.446780] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 76.449011] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 76.450222] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 76.452252] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 76.453494] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 76.457975] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 76.460023] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 76.461852] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 76.471912] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 76.476079] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 76.493619] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 76.495407] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 76.509882] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 76.512087] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 78.297687] Bluetooth: hci0: command tx timeout
[ 78.425253] Bluetooth: hci2: command tx timeout
[ 78.425916] Bluetooth: hci1: command tx timeout
[ 78.488713] Bluetooth: hci4: command tx timeout
[ 78.489523] Bluetooth: hci3: command tx timeout
[ 78.552755] Bluetooth: hci7: command tx timeout
[ 78.553398] Bluetooth: hci6: command tx timeout
[ 78.553890] Bluetooth: hci5: command tx timeout
[ 80.344413] Bluetooth: hci0: command tx timeout
[ 80.471996] Bluetooth: hci1: command tx timeout
[ 80.473582] Bluetooth: hci2: command tx timeout
[ 80.536143] Bluetooth: hci3: command tx timeout
[ 80.537279] Bluetooth: hci4: command tx timeout
[ 80.600134] Bluetooth: hci5: command tx timeout
[ 80.601227] Bluetooth: hci6: command tx timeout
[ 80.602252] Bluetooth: hci7: command tx timeout
[ 82.391711] Bluetooth: hci0: command tx timeout
[ 82.520673] Bluetooth: hci2: command tx timeout
[ 82.521254] Bluetooth: hci1: command tx timeout
[ 82.584105] Bluetooth: hci3: command tx timeout
[ 82.584707] Bluetooth: hci4: command tx timeout
[ 82.647726] Bluetooth: hci7: command tx timeout
[ 82.648317] Bluetooth: hci5: command tx timeout
[ 82.648865] Bluetooth: hci6: command tx timeout
[ 84.441339] Bluetooth: hci0: command tx timeout
[ 84.568852] Bluetooth: hci1: command tx timeout
[ 84.569339] Bluetooth: hci2: command tx timeout
[ 84.632695] Bluetooth: hci4: command tx timeout
[ 84.633177] Bluetooth: hci3: command tx timeout
[ 84.696756] Bluetooth: hci6: command tx timeout
[ 84.697249] Bluetooth: hci5: command tx timeout
[ 84.698312] Bluetooth: hci7: command tx timeout
[ 115.905802] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.906440] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.113494] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.114136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.258870] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.259495] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.490079] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.490721] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.497833] audit: type=1400 audit(1756715782.960:8): avc: denied { open } for pid=3838 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 116.507350] audit: type=1400 audit(1756715782.960:9): avc: denied { kernel } for pid=3838 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 116.597334] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.597989] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.684463] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.685769] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.788384] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.789046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.859786] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.860386] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.945455] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.946371] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.975728] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.976348] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.013087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.013735] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.081878] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.082505] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.136136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.136767] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.239530] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.240204] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.252726] audit: type=1400 audit(1756715783.715:10): avc: denied { write } for pid=3888 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 117.306774] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.307393] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.346232] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.346836] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.466698] sit: Src spoofed 0.0.0.0/2002:0:40:: -> 0.0.0.0/::
[ 117.469730] sit: Src spoofed 0.0.0.0/2002:0:40:: -> 0.0.0.0/::
08:36:23 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f0000000000), 0x4)
08:36:23 executing program 6:
futex(0x0, 0xa, 0x0, 0x0, 0x0, 0x0)
08:36:23 executing program 7:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='\t\x00')
08:36:23 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
getdents(r0, &(0x7f0000000380)=""/108, 0x6c)
08:36:23 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000000)=0x100, 0x4)
syz_emit_ethernet(0x10c, &(0x7f0000000280)=ANY=[], 0x0)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
08:36:23 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0xeb, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x101002, 0x0)
sendfile(r0, r0, 0x0, 0x5)
08:36:23 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x2000)
close_range(r0, 0xffffffffffffffff, 0x0)
08:36:23 executing program 4:
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @empty}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x220, 0x4000}}}}}}, 0x0)
08:36:24 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000000)=0x100, 0x4)
syz_emit_ethernet(0x10c, &(0x7f0000000280)=ANY=[], 0x0)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
[ 117.568669] sit: Src spoofed 0.0.0.0/2002:0:40:: -> 0.0.0.0/::
08:36:24 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f0000000000), 0x4)
08:36:24 executing program 6:
futex(0x0, 0xa, 0x0, 0x0, 0x0, 0x0)
08:36:24 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
getdents(r0, &(0x7f0000000380)=""/108, 0x6c)
08:36:24 executing program 4:
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @empty}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x220, 0x4000}}}}}}, 0x0)
08:36:24 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x2000)
close_range(r0, 0xffffffffffffffff, 0x0)
08:36:24 executing program 7:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='\t\x00')
08:36:24 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0xeb, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x101002, 0x0)
sendfile(r0, r0, 0x0, 0x5)
[ 117.652830] sit: Src spoofed 0.0.0.0/2002:0:40:: -> 0.0.0.0/::
[ 117.671846] kmemleak: Found object by alias at 0x607f1a63df04
[ 117.671863] CPU: 0 UID: 0 PID: 3922 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.671882] Tainted: [W]=WARN
[ 117.671886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.671894] Call Trace:
[ 117.671898]
[ 117.671902] dump_stack_lvl+0xca/0x120
[ 117.671928] __lookup_object+0x94/0xb0
[ 117.671946] delete_object_full+0x27/0x70
[ 117.671962] free_percpu+0x30/0x1160
[ 117.671979] ? arch_uprobe_clear_state+0x16/0x140
[ 117.672000] futex_hash_free+0x38/0xc0
[ 117.672015] mmput+0x2d3/0x390
[ 117.672034] do_exit+0x79d/0x2970
[ 117.672052] ? __pfx_do_exit+0x10/0x10
[ 117.672067] ? find_held_lock+0x2b/0x80
[ 117.672086] ? get_signal+0x835/0x2340
[ 117.672106] do_group_exit+0xd3/0x2a0
[ 117.672122] get_signal+0x2315/0x2340
[ 117.672140] ? put_task_stack+0xd2/0x240
[ 117.672155] ? __pfx_get_signal+0x10/0x10
[ 117.672171] ? __schedule+0xe91/0x3590
[ 117.672193] arch_do_signal_or_restart+0x80/0x790
[ 117.672211] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 117.672228] ? __x64_sys_futex+0x1c9/0x4d0
[ 117.672241] ? __x64_sys_futex+0x1d2/0x4d0
[ 117.672255] ? exc_page_fault+0xb0/0x180
[ 117.672272] ? __pfx___x64_sys_futex+0x10/0x10
[ 117.672292] exit_to_user_mode_loop+0x8b/0x110
[ 117.672305] do_syscall_64+0x2f7/0x360
[ 117.672318] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.672338] RIP: 0033:0x7f8ad3f49b19
[ 117.672346] Code: Unable to access opcode bytes at 0x7f8ad3f49aef.
[ 117.672352] RSP: 002b:00007f8ad14bf218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 117.672363] RAX: 0000000000000001 RBX: 00007f8ad405cf68 RCX: 00007f8ad3f49b19
[ 117.672371] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8ad405cf6c
[ 117.672378] RBP: 00007f8ad405cf60 R08: 0000000000000016 R09: 0000000000000000
[ 117.672385] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f8ad405cf6c
[ 117.672392] R13: 00007ffee9ae660f R14: 00007f8ad14bf300 R15: 0000000000022000
[ 117.672408]
[ 117.672412] kmemleak: Object (percpu) 0x607f1a63df00 (size 8):
[ 117.672419] kmemleak: comm "syz-executor.0", pid 3928, jiffies 4294784592
[ 117.672426] kmemleak: min_count = 1
[ 117.672430] kmemleak: count = 0
[ 117.672434] kmemleak: flags = 0x21
[ 117.672438] kmemleak: checksum = 0
[ 117.672441] kmemleak: backtrace:
[ 117.672445] pcpu_alloc_noprof+0x87a/0x1170
[ 117.672460] perf_trace_event_init+0x366/0xa10
[ 117.672475] perf_trace_init+0x1a4/0x2f0
[ 117.672487] perf_tp_event_init+0xa6/0x120
[ 117.672503] perf_try_init_event+0x140/0x9f0
[ 117.672517] perf_event_alloc.part.0+0x118e/0x45f0
[ 117.672534] __do_sys_perf_event_open+0x719/0x2c20
[ 117.672547] do_syscall_64+0xbf/0x360
[ 117.672557] entry_SYSCALL_64_after_hwframe+0x77/0x7f
08:36:24 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f0000000000), 0x4)
[ 117.727732] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI
[ 117.728672] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 117.729376] CPU: 1 UID: 0 PID: 63 Comm: kworker/1:2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.733832] Tainted: [W]=WARN
[ 117.734101] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.734731] Workqueue: mld mld_ifc_work
[ 117.735055] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.735426] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.736798] RSP: 0018:ffff88806cf08340 EFLAGS: 00010212
[ 117.737205] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 117.737743] RDX: ffff888009fd8000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 117.738281] RBP: ffff88806cf085b0 R08: ffff88806cf313e8 R09: ffffe8ffffd15f00
[ 117.738822] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.739372] R13: 000000000000002c R14: ffff88806cf313e8 R15: dffffc0000000000
[ 117.739913] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.740527] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.740968] CR2: 00007f983c2715d0 CR3: 000000003dc5a000 CR4: 0000000000350ef0
[ 117.741506] Call Trace:
[ 117.741707]
[ 117.741881] ? __pfx_perf_trace_lock+0x10/0x10
[ 117.742247] ? unwind_next_frame+0xb9/0x2540
[ 117.742599] ? lock_acquire+0x15e/0x2f0
[ 117.742911] ? __pfx_perf_tp_event+0x10/0x10
[ 117.743257] ? lock_release+0xc8/0x290
[ 117.743565] ? unwind_next_frame+0x3bc/0x2540
[ 117.743916] ? handle_softirqs+0x1b1/0x770
[ 117.744250] ? do_softirq+0x48/0x80
[ 117.744542] ? kernel_text_address+0x11/0xc0
[ 117.744885] ? ip6_finish_output2+0xf61/0x1780
[ 117.745246] ? __kernel_text_address+0xd/0x40
[ 117.745593] ? unwind_get_return_address+0x59/0xa0
[ 117.745974] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 117.746394] ? arch_stack_walk+0x76/0xf0
[ 117.746712] ? __dev_queue_xmit+0xe19/0x3cc0
[ 117.747059] ? perf_trace_lock+0xb5/0x5d0
[ 117.747385] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.747774] ? do_raw_spin_lock+0x123/0x260
[ 117.748108] perf_trace_run_bpf_submit+0xef/0x180
[ 117.748520] perf_trace_lock+0x337/0x5d0
[ 117.748842] ? __pfx_perf_trace_lock+0x10/0x10
[ 117.749199] ? kmem_cache_alloc_noprof+0x264/0x690
[ 117.749580] ? ip6_pol_route+0x9cd/0x11a0
[ 117.749902] lock_release+0x1ab/0x290
[ 117.750199] ? dst_alloc+0x44f/0x620
[ 117.750495] ip6_pol_route+0x9d2/0x11a0
[ 117.750803] ? __pfx_ip6_pol_route+0x10/0x10
[ 117.751143] ? eth_type_trans+0x2d1/0x600
[ 117.751468] ? __pfx_ip6_pol_route_input+0x10/0x10
[ 117.751845] fib6_rule_lookup+0x20d/0x300
[ 117.752169] ip6_route_input+0x606/0xb30
[ 117.752494] ? __pfx_ip6_route_input+0x10/0x10
[ 117.752849] ? perf_trace_lock+0xb5/0x5d0
[ 117.753174] ip6_rcv_finish_core.constprop.0+0x1a4/0x5e0
[ 117.753589] ip6_list_rcv_finish.constprop.0+0x15f/0x9a0
[ 117.754007] ? __pfx_ip6_list_rcv_finish.constprop.0+0x10/0x10
[ 117.754462] ? ip6_rcv_core+0xc07/0x1bb0
[ 117.754778] ipv6_list_rcv+0x2c7/0x3f0
[ 117.755085] ? __pfx_ipv6_list_rcv+0x10/0x10
[ 117.755428] ? __pfx_ipv6_list_rcv+0x10/0x10
[ 117.755772] __netif_receive_skb_list_core+0x4c1/0x8d0
[ 117.756179] ? __pfx___netif_receive_skb_list_core+0x10/0x10
[ 117.756628] ? lock_acquire+0x15e/0x2f0
[ 117.756946] netif_receive_skb_list_internal+0x6c1/0xc90
[ 117.757364] ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[ 117.757822] ? __pfx_perf_trace_lock+0x10/0x10
[ 117.758181] ? find_held_lock+0x2b/0x80
[ 117.758496] netif_receive_skb_list+0x4f/0x410
[ 117.758855] ieee80211_rx_napi+0x356/0x3c0
[ 117.759187] ? __pfx_ieee80211_rx_napi+0x10/0x10
[ 117.759556] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 117.759951] ieee80211_handle_queued_frames+0xd9/0x130
[ 117.760368] tasklet_action_common+0x235/0x3b0
[ 117.760724] ? workqueue_softirq_action+0x1a/0x170
[ 117.761107] handle_softirqs+0x1b1/0x770
[ 117.761431] ? __dev_queue_xmit+0xe19/0x3cc0
[ 117.761776] do_softirq+0x48/0x80
[ 117.762046]
[ 117.762233]
[ 117.762417] __local_bh_enable_ip+0xf1/0x110
[ 117.762757] ? __dev_queue_xmit+0xe19/0x3cc0
[ 117.763096] __dev_queue_xmit+0xe2e/0x3cc0
[ 117.763430] ? selinux_ip_postroute+0x629/0xcd0
[ 117.763795] ? __pfx_selinux_ip_postroute+0x10/0x10
[ 117.764185] ? __pfx___dev_queue_xmit+0x10/0x10
[ 117.764557] ? register_lock_class+0x41/0x560
[ 117.764905] ? perf_trace_lock+0xb5/0x5d0
[ 117.765229] ? perf_trace_lock+0xb5/0x5d0
[ 117.765554] ? __pfx_perf_trace_lock+0x10/0x10
[ 117.765906] ? ipv6_chk_mcast_addr+0x38/0x990
[ 117.766263] ? lock_acquire+0x15e/0x2f0
[ 117.766576] ? mark_held_locks+0x49/0x80
[ 117.766893] ip6_finish_output2+0xf61/0x1780
[ 117.767246] __ip6_finish_output+0x5d5/0xd10
[ 117.767589] ip6_output+0x24d/0x700
[ 117.767878] mld_sendpack+0x95f/0x11b0
[ 117.768185] ? __pfx_mld_sendpack+0x10/0x10
[ 117.768534] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.768937] ? lock_is_held_type+0x9e/0x120
[ 117.769278] mld_ifc_work+0x726/0xb60
[ 117.769575] ? trace_irq_enable.constprop.0+0x26/0x100
[ 117.769983] process_one_work+0x8e1/0x19c0
[ 117.770317] ? __pfx_process_one_work+0x10/0x10
[ 117.770679] ? move_linked_works+0x172/0x270
[ 117.771027] ? assign_work+0x196/0x240
[ 117.771333] worker_thread+0x67e/0xe90
[ 117.771636] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.772037] ? __pfx_worker_thread+0x10/0x10
[ 117.772389] kthread+0x3c8/0x740
[ 117.772662] ? __pfx_kthread+0x10/0x10
[ 117.772963] ? ret_from_fork+0x23/0x430
[ 117.773278] ? lock_release+0xc8/0x290
[ 117.773581] ? __pfx_kthread+0x10/0x10
[ 117.773884] ret_from_fork+0x34b/0x430
[ 117.774190] ? __pfx_kthread+0x10/0x10
[ 117.774491] ret_from_fork_asm+0x1a/0x30
[ 117.774815]
[ 117.774997] Modules linked in:
[ 117.775273] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI
[ 117.776101] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 117.776757] CPU: 1 UID: 0 PID: 63 Comm: kworker/1:2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.777619] Tainted: [D]=DIE, [W]=WARN
[ 117.777911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.778526] Workqueue: mld mld_ifc_work
[ 117.778836] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.779197] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.780553] RSP: 0018:ffff88806cf07b80 EFLAGS: 00010012
[ 117.780960] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 117.781541] RDX: ffff888009fd8000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 117.782111] RBP: ffff88806cf07df0 R08: ffff88806cf31490 R09: ffffe8ffffd15f00
[ 117.782693] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000
[ 117.783272] R13: 000000000000002c R14: ffff88806cf31490 R15: dffffc0000000000
[ 117.783845] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.784500] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.784969] CR2: 00007f983c2715d0 CR3: 000000003dc5a000 CR4: 0000000000350ef0
[ 117.785546] Call Trace:
[ 117.785763]
[ 117.785951] ? __pfx_prb_read_valid+0x10/0x10
[ 117.786329] ? __pfx_perf_tp_event+0x10/0x10
[ 117.786700] ? desc_read+0x285/0x350
[ 117.787014] ? desc_read_finalized_seq+0x129/0x1c0
[ 117.787421] ? __asan_memcpy+0x3d/0x60
[ 117.787744] ? desc_read+0x285/0x350
[ 117.788058] ? panic_on_this_cpu+0x32/0x40
[ 117.788418] ? _prb_read_valid+0x6e9/0x830
[ 117.788776] ? __pfx__prb_read_valid+0x10/0x10
[ 117.789160] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.789578] ? do_raw_spin_unlock+0x53/0x220
[ 117.789945] perf_trace_run_bpf_submit+0xef/0x180
[ 117.790358] perf_trace_lock+0x337/0x5d0
[ 117.790697] ? __pfx_prb_read_valid+0x10/0x10
[ 117.791069] ? lock_release+0x1c7/0x290
[ 117.791401] ? __pfx_perf_trace_lock+0x10/0x10
[ 117.791783] ? console_unlock+0x16e/0x1f0
[ 117.792129] ? __pfx_console_unlock+0x10/0x10
[ 117.792515] ? do_raw_spin_unlock+0x53/0x220
[ 117.792888] ? hrtimer_interrupt+0x114/0x830
[ 117.793253] lock_release+0x1ab/0x290
[ 117.793579] ktime_get_update_offsets_now+0xab/0x3c0
[ 117.793995] ? hrtimer_interrupt+0x114/0x830
[ 117.794372] hrtimer_interrupt+0x114/0x830
[ 117.794721] ? trace_csd_function_exit+0x134/0x190
[ 117.795133] __sysvec_apic_timer_interrupt+0xbb/0x330
[ 117.795562] sysvec_apic_timer_interrupt+0x34/0x80
[ 117.795973] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 117.796410] RIP: 0010:oops_exit+0x0/0x50
[ 117.796753] Code: 00 3a 00 be ff ff ff ff 48 c7 c7 50 b4 43 86 e8 c6 0f f9 ff 5b e9 50 00 3a 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 36 00 3a 00 8b 1d c0 3d 4f 06 31 ff 89 de e8 57
[ 117.798223] RSP: 0018:ffff88806cf081d0 EFLAGS: 00000202
[ 117.798665] RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff8139f06f
[ 117.799242] RDX: ffff888009fd8000 RSI: ffffffff812a3dca RDI: 0000000000000007
[ 117.799822] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f12690
[ 117.800412] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88806cf08298
[ 117.800988] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000
[ 117.801583] ? add_taint+0x5f/0xd0
[ 117.801883] ? oops_end+0x4a/0xe0
[ 117.802186] oops_end+0x65/0xe0
[ 117.802473] exc_general_protection+0x1a2/0x330
[ 117.802866] asm_exc_general_protection+0x26/0x30
[ 117.803264] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.803652] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.805127] RSP: 0018:ffff88806cf08340 EFLAGS: 00010212
[ 117.805555] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 117.806136] RDX: ffff888009fd8000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 117.806711] RBP: ffff88806cf085b0 R08: ffff88806cf313e8 R09: ffffe8ffffd15f00
[ 117.807290] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.807865] R13: 000000000000002c R14: ffff88806cf313e8 R15: dffffc0000000000
[ 117.808456] ? perf_tp_event+0x167/0xe70
[ 117.808798] ? __pfx_perf_trace_lock+0x10/0x10
[ 117.809174] ? unwind_next_frame+0xb9/0x2540
[ 117.809546] ? lock_acquire+0x15e/0x2f0
[ 117.809890] ? __pfx_perf_tp_event+0x10/0x10
[ 117.810266] ? lock_release+0xc8/0x290
[ 117.810590] ? unwind_next_frame+0x3bc/0x2540
[ 117.810967] ? handle_softirqs+0x1b1/0x770
[ 117.811319] ? do_softirq+0x48/0x80
[ 117.811619] ? kernel_text_address+0x11/0xc0
[ 117.811986] ? ip6_finish_output2+0xf61/0x1780
[ 117.812383] ? __kernel_text_address+0xd/0x40
[ 117.812755] ? unwind_get_return_address+0x59/0xa0
[ 117.813164] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 117.813603] ? arch_stack_walk+0x76/0xf0
[ 117.813938] ? __dev_queue_xmit+0xe19/0x3cc0
[ 117.814304] ? perf_trace_lock+0xb5/0x5d0
[ 117.814647] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.815061] ? do_raw_spin_lock+0x123/0x260
[ 117.815425] perf_trace_run_bpf_submit+0xef/0x180
[ 117.815832] perf_trace_lock+0x337/0x5d0
[ 117.816171] ? __pfx_perf_trace_lock+0x10/0x10
[ 117.816558] ? kmem_cache_alloc_noprof+0x264/0x690
[ 117.816965] ? ip6_pol_route+0x9cd/0x11a0
[ 117.817302] lock_release+0x1ab/0x290
[ 117.817621] ? dst_alloc+0x44f/0x620
[ 117.817931] ip6_pol_route+0x9d2/0x11a0
[ 117.818259] ? __pfx_ip6_pol_route+0x10/0x10
[ 117.818625] ? eth_type_trans+0x2d1/0x600
[ 117.818966] ? __pfx_ip6_pol_route_input+0x10/0x10
[ 117.819372] fib6_rule_lookup+0x20d/0x300
[ 117.819718] ip6_route_input+0x606/0xb30
[ 117.820056] ? __pfx_ip6_route_input+0x10/0x10
[ 117.820448] ? perf_trace_lock+0xb5/0x5d0
[ 117.820793] ip6_rcv_finish_core.constprop.0+0x1a4/0x5e0
[ 117.821243] ip6_list_rcv_finish.constprop.0+0x15f/0x9a0
[ 117.821688] ? __pfx_ip6_list_rcv_finish.constprop.0+0x10/0x10
[ 117.822176] ? ip6_rcv_core+0xc07/0x1bb0
[ 117.822512] ipv6_list_rcv+0x2c7/0x3f0
[ 117.822838] ? __pfx_ipv6_list_rcv+0x10/0x10
[ 117.823208] ? __pfx_ipv6_list_rcv+0x10/0x10
[ 117.823571] __netif_receive_skb_list_core+0x4c1/0x8d0
[ 117.824014] ? __pfx___netif_receive_skb_list_core+0x10/0x10
[ 117.824504] ? lock_acquire+0x15e/0x2f0
[ 117.824844] netif_receive_skb_list_internal+0x6c1/0xc90
[ 117.825289] ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[ 117.825776] ? __pfx_perf_trace_lock+0x10/0x10
[ 117.826163] ? find_held_lock+0x2b/0x80
[ 117.826498] netif_receive_skb_list+0x4f/0x410
[ 117.826881] ieee80211_rx_napi+0x356/0x3c0
[ 117.827232] ? __pfx_ieee80211_rx_napi+0x10/0x10
[ 117.827633] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 117.828055] ieee80211_handle_queued_frames+0xd9/0x130
[ 117.828496] tasklet_action_common+0x235/0x3b0
[ 117.828878] ? workqueue_softirq_action+0x1a/0x170
[ 117.829286] handle_softirqs+0x1b1/0x770
[ 117.829629] ? __dev_queue_xmit+0xe19/0x3cc0
[ 117.830000] do_softirq+0x48/0x80
[ 117.830290]
[ 117.830477]
[ 117.830671] __local_bh_enable_ip+0xf1/0x110
[ 117.831035] ? __dev_queue_xmit+0xe19/0x3cc0
[ 117.831402] __dev_queue_xmit+0xe2e/0x3cc0
[ 117.831754] ? selinux_ip_postroute+0x629/0xcd0
[ 117.832147] ? __pfx_selinux_ip_postroute+0x10/0x10
[ 117.832571] ? __pfx___dev_queue_xmit+0x10/0x10
[ 117.832959] ? register_lock_class+0x41/0x560
[ 117.833332] ? perf_trace_lock+0xb5/0x5d0
[ 117.833675] ? perf_trace_lock+0xb5/0x5d0
[ 117.834019] ? __pfx_perf_trace_lock+0x10/0x10
[ 117.834402] ? ipv6_chk_mcast_addr+0x38/0x990
[ 117.834775] ? lock_acquire+0x15e/0x2f0
[ 117.835108] ? mark_held_locks+0x49/0x80
[ 117.835446] ip6_finish_output2+0xf61/0x1780
[ 117.835828] __ip6_finish_output+0x5d5/0xd10
[ 117.836192] ip6_output+0x24d/0x700
[ 117.836500] mld_sendpack+0x95f/0x11b0
[ 117.836823] ? __pfx_mld_sendpack+0x10/0x10
[ 117.837183] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.837614] ? lock_is_held_type+0x9e/0x120
[ 117.837976] mld_ifc_work+0x726/0xb60
[ 117.838296] ? trace_irq_enable.constprop.0+0x26/0x100
[ 117.838735] process_one_work+0x8e1/0x19c0
[ 117.839090] ? __pfx_process_one_work+0x10/0x10
[ 117.839479] ? move_linked_works+0x172/0x270
[ 117.839848] ? assign_work+0x196/0x240
[ 117.840179] worker_thread+0x67e/0xe90
[ 117.840513] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.840945] ? __pfx_worker_thread+0x10/0x10
[ 117.841317] kthread+0x3c8/0x740
[ 117.841599] ? __pfx_kthread+0x10/0x10
[ 117.841926] ? ret_from_fork+0x23/0x430
[ 117.842266] ? lock_release+0xc8/0x290
[ 117.842592] ? __pfx_kthread+0x10/0x10
[ 117.842916] ret_from_fork+0x34b/0x430
[ 117.843230] ? __pfx_kthread+0x10/0x10
[ 117.843537] ret_from_fork_asm+0x1a/0x30
[ 117.843862]
[ 117.844045] Modules linked in:
[ 117.844299] ---[ end trace 0000000000000000 ]---
[ 117.844302] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#3] SMP KASAN NOPTI
[ 117.844660] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.845545] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 117.845892] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.846467] CPU: 0 UID: 0 PID: 3931 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.847825] RSP: 0018:ffff88806cf08340 EFLAGS: 00010212
[ 117.848734] Tainted: [D]=DIE, [W]=WARN
[ 117.849130] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 117.849428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.849956] RDX: ffff888009fd8000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 117.850584] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.851108] RBP: ffff88806cf085b0 R08: ffff88806cf313e8 R09: ffffe8ffffd15f00
[ 117.851462] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.851990] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.853379] RSP: 0018:ffff888043da7800 EFLAGS: 00010212
[ 117.853913] R13: 000000000000002c R14: ffff88806cf313e8 R15: dffffc0000000000
[ 117.854323] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 117.854850] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.855392] RDX: ffff88801622d280 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 117.855987] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.856535] RBP: ffff888043da7a70 R08: ffff88806ce31340 R09: ffffe8ffffc15f00
[ 117.856967] CR2: 00007f983c2715d0 CR3: 000000003dc5a000 CR4: 0000000000350ef0
[ 117.857508] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 117.858038] Kernel panic - not syncing: Fatal exception in interrupt
[ 117.859340] Kernel Offset: disabled
[ 117.859617] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
08:36:24 Registers:
info registers vcpu 0
RAX=000000000000c0dc RBX=ffff88806cf3c300 RCX=ffffc90004e2c000 RDX=0000000000040000
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888043dc7708
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9c6bb1
R12=ffffed100d9e7861 R13=ffff88806cf3c308 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880d8 RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f3e7888c700 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe5800000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f983c28dcf0 CR3=000000001cb19000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff828e5070 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88806cf07c48
R8 =0000000000000000 R9 =ffffed10016d4046 R10=00000000000fe503 R11=552031203a555043
R12=0000000000000823 R13=0000000000000020 R14=fffffbfff10e52a2 R15=dffffc0000000000
RIP=ffffffff828e50c5 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe4c00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f983c2715d0 CR3=000000003dc5a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000