Warning: Permanently added '[localhost]:50139' (ECDSA) to the list of known hosts.
2025/09/01 09:39:39 fuzzer started
2025/09/01 09:39:39 dialing manager at localhost:35473
syzkaller login: [ 65.264965] cgroup: Unknown subsys name 'net'
[ 65.302307] cgroup: Unknown subsys name 'cpuset'
[ 65.308977] cgroup: Unknown subsys name 'rlimit'
2025/09/01 09:39:49 syscalls: 2214
2025/09/01 09:39:49 code coverage: enabled
2025/09/01 09:39:49 comparison tracing: enabled
2025/09/01 09:39:49 extra coverage: enabled
2025/09/01 09:39:49 setuid sandbox: enabled
2025/09/01 09:39:49 namespace sandbox: enabled
2025/09/01 09:39:49 Android sandbox: enabled
2025/09/01 09:39:49 fault injection: enabled
2025/09/01 09:39:49 leak checking: enabled
2025/09/01 09:39:49 net packet injection: enabled
2025/09/01 09:39:49 net device setup: enabled
2025/09/01 09:39:49 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 09:39:49 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 09:39:49 USB emulation: enabled
2025/09/01 09:39:49 hci packet injection: enabled
2025/09/01 09:39:49 wifi device emulation: enabled
2025/09/01 09:39:49 802.15.4 emulation: enabled
2025/09/01 09:39:49 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 09:39:49 fetching corpus: 50, signal 18837/22319 (executing program)
2025/09/01 09:39:49 fetching corpus: 100, signal 31932/36645 (executing program)
2025/09/01 09:39:49 fetching corpus: 150, signal 42085/47800 (executing program)
2025/09/01 09:39:50 fetching corpus: 200, signal 49481/56156 (executing program)
2025/09/01 09:39:50 fetching corpus: 250, signal 56640/64097 (executing program)
2025/09/01 09:39:50 fetching corpus: 300, signal 63780/71842 (executing program)
2025/09/01 09:39:50 fetching corpus: 350, signal 66851/75783 (executing program)
2025/09/01 09:39:50 fetching corpus: 400, signal 70447/80095 (executing program)
2025/09/01 09:39:50 fetching corpus: 450, signal 73773/84099 (executing program)
2025/09/01 09:39:50 fetching corpus: 500, signal 76093/87148 (executing program)
2025/09/01 09:39:50 fetching corpus: 550, signal 78303/90053 (executing program)
2025/09/01 09:39:50 fetching corpus: 600, signal 80072/92470 (executing program)
2025/09/01 09:39:50 fetching corpus: 650, signal 82538/95445 (executing program)
2025/09/01 09:39:50 fetching corpus: 700, signal 85538/98756 (executing program)
2025/09/01 09:39:50 fetching corpus: 750, signal 87365/101058 (executing program)
2025/09/01 09:39:51 fetching corpus: 800, signal 89957/103901 (executing program)
2025/09/01 09:39:51 fetching corpus: 850, signal 93136/107186 (executing program)
2025/09/01 09:39:51 fetching corpus: 900, signal 95491/109705 (executing program)
2025/09/01 09:39:51 fetching corpus: 950, signal 97153/111689 (executing program)
2025/09/01 09:39:51 fetching corpus: 1000, signal 98620/113493 (executing program)
2025/09/01 09:39:51 fetching corpus: 1050, signal 101056/115953 (executing program)
2025/09/01 09:39:51 fetching corpus: 1100, signal 102319/117515 (executing program)
2025/09/01 09:39:51 fetching corpus: 1150, signal 103512/118987 (executing program)
2025/09/01 09:39:51 fetching corpus: 1200, signal 104771/120526 (executing program)
2025/09/01 09:39:51 fetching corpus: 1250, signal 106260/122172 (executing program)
2025/09/01 09:39:51 fetching corpus: 1300, signal 107918/123890 (executing program)
2025/09/01 09:39:52 fetching corpus: 1350, signal 108903/125215 (executing program)
2025/09/01 09:39:52 fetching corpus: 1400, signal 111658/127503 (executing program)
2025/09/01 09:39:52 fetching corpus: 1450, signal 112557/128593 (executing program)
2025/09/01 09:39:52 fetching corpus: 1500, signal 113781/129911 (executing program)
2025/09/01 09:39:52 fetching corpus: 1550, signal 114859/131002 (executing program)
2025/09/01 09:39:52 fetching corpus: 1600, signal 116479/132396 (executing program)
2025/09/01 09:39:52 fetching corpus: 1650, signal 117836/133635 (executing program)
2025/09/01 09:39:52 fetching corpus: 1700, signal 119371/134955 (executing program)
2025/09/01 09:39:53 fetching corpus: 1750, signal 120201/135844 (executing program)
2025/09/01 09:39:53 fetching corpus: 1800, signal 121332/136806 (executing program)
2025/09/01 09:39:53 fetching corpus: 1850, signal 122471/137817 (executing program)
2025/09/01 09:39:53 fetching corpus: 1900, signal 123926/138972 (executing program)
2025/09/01 09:39:53 fetching corpus: 1950, signal 124404/139583 (executing program)
2025/09/01 09:39:53 fetching corpus: 2000, signal 126140/140764 (executing program)
2025/09/01 09:39:53 fetching corpus: 2050, signal 127054/141559 (executing program)
2025/09/01 09:39:53 fetching corpus: 2100, signal 127885/142278 (executing program)
2025/09/01 09:39:53 fetching corpus: 2150, signal 128914/143035 (executing program)
2025/09/01 09:39:53 fetching corpus: 2200, signal 129869/143698 (executing program)
2025/09/01 09:39:54 fetching corpus: 2250, signal 130480/144250 (executing program)
2025/09/01 09:39:54 fetching corpus: 2300, signal 131610/144967 (executing program)
2025/09/01 09:39:54 fetching corpus: 2350, signal 132219/145516 (executing program)
2025/09/01 09:39:54 fetching corpus: 2400, signal 132991/146148 (executing program)
2025/09/01 09:39:54 fetching corpus: 2450, signal 133564/146621 (executing program)
2025/09/01 09:39:54 fetching corpus: 2500, signal 134247/147104 (executing program)
2025/09/01 09:39:54 fetching corpus: 2550, signal 135066/147622 (executing program)
2025/09/01 09:39:54 fetching corpus: 2600, signal 136052/148170 (executing program)
2025/09/01 09:39:55 fetching corpus: 2650, signal 136718/148650 (executing program)
2025/09/01 09:39:55 fetching corpus: 2700, signal 137528/149096 (executing program)
2025/09/01 09:39:55 fetching corpus: 2750, signal 138076/149483 (executing program)
2025/09/01 09:39:55 fetching corpus: 2800, signal 138632/149821 (executing program)
2025/09/01 09:39:55 fetching corpus: 2850, signal 139317/150186 (executing program)
2025/09/01 09:39:55 fetching corpus: 2900, signal 139802/150506 (executing program)
2025/09/01 09:39:55 fetching corpus: 2950, signal 140345/150809 (executing program)
2025/09/01 09:39:55 fetching corpus: 3000, signal 140870/151087 (executing program)
2025/09/01 09:39:55 fetching corpus: 3050, signal 141462/151367 (executing program)
2025/09/01 09:39:55 fetching corpus: 3100, signal 142112/151682 (executing program)
2025/09/01 09:39:55 fetching corpus: 3150, signal 142600/151916 (executing program)
2025/09/01 09:39:56 fetching corpus: 3200, signal 143338/152149 (executing program)
2025/09/01 09:39:56 fetching corpus: 3250, signal 143919/152371 (executing program)
2025/09/01 09:39:56 fetching corpus: 3300, signal 144453/152606 (executing program)
2025/09/01 09:39:56 fetching corpus: 3350, signal 144937/152764 (executing program)
2025/09/01 09:39:56 fetching corpus: 3400, signal 146970/153155 (executing program)
2025/09/01 09:39:56 fetching corpus: 3450, signal 147540/153302 (executing program)
2025/09/01 09:39:56 fetching corpus: 3500, signal 148360/153473 (executing program)
2025/09/01 09:39:56 fetching corpus: 3550, signal 148854/153589 (executing program)
2025/09/01 09:39:56 fetching corpus: 3600, signal 149402/153672 (executing program)
2025/09/01 09:39:57 fetching corpus: 3650, signal 149812/153779 (executing program)
2025/09/01 09:39:57 fetching corpus: 3700, signal 150216/153847 (executing program)
2025/09/01 09:39:57 fetching corpus: 3750, signal 150694/153895 (executing program)
2025/09/01 09:39:57 fetching corpus: 3772, signal 150822/153904 (executing program)
2025/09/01 09:39:57 fetching corpus: 3772, signal 150822/153904 (executing program)
2025/09/01 09:39:59 starting 8 fuzzer processes
09:39:59 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getpeername$inet(r0, 0x0, 0x0)
09:39:59 executing program 2:
r0 = memfd_create(&(0x7f0000001280)='\x00', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x401c5820, &(0x7f0000000000)={0x0, 0x1, 0x0, 0xffff})
09:39:59 executing program 1:
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000bc0)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c0000000000000000fd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172edcf090a5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55", 0x155)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601781c53677b642fa92a7b767d76e208d17a13940ff013466264e16a26d7f004dfb575a75317d1eded2d32cbd9c6789c474435873ebc769bfbf0a064e61b363a4c45bc4b5fc77b81c120bbd2ecf508e7485bfcf1facea6f5763bb13023aed4cd7ff200554cb5d3307dfc43e8fc49878f7ac27e2226a48d87471708d036d5448c20207731438839301058c114dce8bd59355705c1d94d99aa6a2a394a94ddd456c3b66ea43e84253bab73e0699ea6778861b1cf71ce86ffe512040a7c274b", 0x2bd)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f00000002c0)={'#! ', './file0/../file0', [{0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}], 0xa, "93d6ec912ff13599f216333d147d3da799832c93de88736aa65a36e8687c1e7e78d02c9f0ac090d95f9f9689fa619b964ce88d876eed3dad1bb78653edfefadee8d96fae9188bc9e9e42665b2065177b215381f9034f8af6bf2442d498f4bd8721b481bcf36bea439b9395fb93b878d0c792f2a798bdc3da5336c45d7fe1b30b0165748c1d3e08ca36f0d8b7a206f1"}, 0xab)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000040)=0x7, 0x9)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r1, 0x0, 0xfdef)
09:39:59 executing program 7:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
getdents64(r0, &(0x7f00000000c0)=""/32, 0x20)
getdents(r0, &(0x7f0000000000)=""/87, 0x57)
09:39:59 executing program 3:
syz_emit_ethernet(0x83, &(0x7f0000000400)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "409d26", 0x4d, 0x88, 0x0, @private0, @mcast2, {[], {0x0, 0x0, 0x4d, 0x0, @gue={{0x2}, "37020e94febd24d51dc3e7aa99f4babd49c5a89bb9076365751d31e1db2d9f4806589ffa8c4e0ff7a2172b76deba9435db55aa771dff42662679ca3f79"}}}}}}}, 0x0)
09:39:59 executing program 4:
prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0x0)
[ 85.128110] audit: type=1400 audit(1756719599.398:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
09:39:59 executing program 5:
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
09:39:59 executing program 6:
sync()
creat(0x0, 0x2)
[ 86.377222] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 86.384210] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 86.385877] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 86.387764] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 86.389833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 86.392145] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 86.395132] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 86.397868] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 86.401167] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 86.402645] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 86.441527] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 86.443444] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 86.445052] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 86.449500] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 86.452818] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 86.513808] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 86.541496] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 86.543890] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 86.545754] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 86.550902] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 86.552407] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 86.565900] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 86.567143] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 86.576762] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 86.578452] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 86.580454] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 86.581776] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 86.583428] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 86.591203] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 86.595180] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 86.599471] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 86.602302] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 86.603313] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 86.607090] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 86.607132] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 86.611235] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 86.636308] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 86.643138] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 86.651467] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 86.685710] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 88.468644] Bluetooth: hci2: command tx timeout
[ 88.469415] Bluetooth: hci0: command tx timeout
[ 88.470430] Bluetooth: hci1: command tx timeout
[ 88.660974] Bluetooth: hci7: command tx timeout
[ 88.661743] Bluetooth: hci4: command tx timeout
[ 88.724178] Bluetooth: hci6: command tx timeout
[ 88.724798] Bluetooth: hci3: command tx timeout
[ 88.726002] Bluetooth: hci5: command tx timeout
[ 90.519008] Bluetooth: hci2: command tx timeout
[ 90.519438] Bluetooth: hci1: command tx timeout
[ 90.519816] Bluetooth: hci0: command tx timeout
[ 90.708290] Bluetooth: hci4: command tx timeout
[ 90.708752] Bluetooth: hci7: command tx timeout
[ 90.772391] Bluetooth: hci3: command tx timeout
[ 90.772850] Bluetooth: hci6: command tx timeout
[ 90.773341] Bluetooth: hci5: command tx timeout
[ 92.565138] Bluetooth: hci0: command tx timeout
[ 92.565582] Bluetooth: hci1: command tx timeout
[ 92.566116] Bluetooth: hci2: command tx timeout
[ 92.756448] Bluetooth: hci7: command tx timeout
[ 92.756896] Bluetooth: hci4: command tx timeout
[ 92.820948] Bluetooth: hci5: command tx timeout
[ 92.821382] Bluetooth: hci6: command tx timeout
[ 92.821772] Bluetooth: hci3: command tx timeout
[ 94.613974] Bluetooth: hci2: command tx timeout
[ 94.614406] Bluetooth: hci1: command tx timeout
[ 94.614778] Bluetooth: hci0: command tx timeout
[ 94.805100] Bluetooth: hci4: command tx timeout
[ 94.805542] Bluetooth: hci7: command tx timeout
[ 94.868013] Bluetooth: hci3: command tx timeout
[ 94.868448] Bluetooth: hci6: command tx timeout
[ 94.868824] Bluetooth: hci5: command tx timeout
[ 123.816861] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.818171] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.981053] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.981689] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 124.161791] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 124.162477] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 124.319010] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 124.319621] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 124.414887] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 124.415517] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 124.544520] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 124.545363] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:40:39 executing program 2:
r0 = memfd_create(&(0x7f0000001280)='\x00', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x401c5820, &(0x7f0000000000)={0x0, 0x1, 0x0, 0xffff})
09:40:39 executing program 5:
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
09:40:39 executing program 4:
prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0x0)
09:40:39 executing program 2:
r0 = memfd_create(&(0x7f0000001280)='\x00', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x401c5820, &(0x7f0000000000)={0x0, 0x1, 0x0, 0xffff})
09:40:39 executing program 4:
prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0x0)
[ 124.949465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 124.950076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:40:39 executing program 5:
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
09:40:39 executing program 4:
prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0x0)
09:40:39 executing program 2:
r0 = memfd_create(&(0x7f0000001280)='\x00', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x401c5820, &(0x7f0000000000)={0x0, 0x1, 0x0, 0xffff})
[ 125.073070] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 125.073805] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 125.730962] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 125.731578] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 125.795290] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 125.795884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 126.141181] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.141821] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 126.238163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.238807] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 126.275356] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.276057] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 126.370301] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.370949] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 126.411528] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.412360] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 126.435709] audit: type=1400 audit(1756719640.707:8): avc: denied { open } for pid=3906 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 126.438107] audit: type=1400 audit(1756719640.707:9): avc: denied { kernel } for pid=3906 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 126.445611] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.446280] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 126.873549] syz-executor.1 (3907) used greatest stack depth: 23792 bytes left
09:40:41 executing program 4:
munmap(&(0x7f0000a89000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000525000/0x4000)=nil, 0x4000)
mlock2(&(0x7f00007df000/0x3000)=nil, 0x3000, 0x0)
mlock2(&(0x7f000073f000/0x2000)=nil, 0x2000, 0x0)
munmap(&(0x7f000066b000/0x1000)=nil, 0x1000)
mlock(&(0x7f00005bf000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000cb7000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000eb3000/0x2000)=nil)
09:40:41 executing program 3:
syz_emit_ethernet(0x83, &(0x7f0000000400)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "409d26", 0x4d, 0x88, 0x0, @private0, @mcast2, {[], {0x0, 0x0, 0x4d, 0x0, @gue={{0x2}, "37020e94febd24d51dc3e7aa99f4babd49c5a89bb9076365751d31e1db2d9f4806589ffa8c4e0ff7a2172b76deba9435db55aa771dff42662679ca3f79"}}}}}}}, 0x0)
09:40:41 executing program 2:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='pagemap\x00')
ioctl$TUNSETIFF(r0, 0xc0606610, 0x0)
09:40:41 executing program 5:
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
09:40:41 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getpeername$inet(r0, 0x0, 0x0)
09:40:41 executing program 7:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
getdents64(r0, &(0x7f00000000c0)=""/32, 0x20)
getdents(r0, &(0x7f0000000000)=""/87, 0x57)
09:40:41 executing program 6:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
getdents64(r0, &(0x7f00000000c0)=""/32, 0x20)
getdents(r0, &(0x7f0000000000)=""/87, 0x57)
09:40:41 executing program 1:
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000bc0)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c0000000000000000fd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172edcf090a5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55", 0x155)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601781c53677b642fa92a7b767d76e208d17a13940ff013466264e16a26d7f004dfb575a75317d1eded2d32cbd9c6789c474435873ebc769bfbf0a064e61b363a4c45bc4b5fc77b81c120bbd2ecf508e7485bfcf1facea6f5763bb13023aed4cd7ff200554cb5d3307dfc43e8fc49878f7ac27e2226a48d87471708d036d5448c20207731438839301058c114dce8bd59355705c1d94d99aa6a2a394a94ddd456c3b66ea43e84253bab73e0699ea6778861b1cf71ce86ffe512040a7c274b", 0x2bd)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f00000002c0)={'#! ', './file0/../file0', [{0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}], 0xa, "93d6ec912ff13599f216333d147d3da799832c93de88736aa65a36e8687c1e7e78d02c9f0ac090d95f9f9689fa619b964ce88d876eed3dad1bb78653edfefadee8d96fae9188bc9e9e42665b2065177b215381f9034f8af6bf2442d498f4bd8721b481bcf36bea439b9395fb93b878d0c792f2a798bdc3da5336c45d7fe1b30b0165748c1d3e08ca36f0d8b7a206f1"}, 0xab)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000040)=0x7, 0x9)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r1, 0x0, 0xfdef)
09:40:41 executing program 3:
syz_emit_ethernet(0x83, &(0x7f0000000400)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "409d26", 0x4d, 0x88, 0x0, @private0, @mcast2, {[], {0x0, 0x0, 0x4d, 0x0, @gue={{0x2}, "37020e94febd24d51dc3e7aa99f4babd49c5a89bb9076365751d31e1db2d9f4806589ffa8c4e0ff7a2172b76deba9435db55aa771dff42662679ca3f79"}}}}}}}, 0x0)
09:40:41 executing program 2:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='pagemap\x00')
ioctl$TUNSETIFF(r0, 0xc0606610, 0x0)
09:40:41 executing program 6:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
getdents64(r0, &(0x7f00000000c0)=""/32, 0x20)
getdents(r0, &(0x7f0000000000)=""/87, 0x57)
09:40:41 executing program 7:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
getdents64(r0, &(0x7f00000000c0)=""/32, 0x20)
getdents(r0, &(0x7f0000000000)=""/87, 0x57)
09:40:41 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getpeername$inet(r0, 0x0, 0x0)
09:40:41 executing program 5:
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000bc0)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c0000000000000000fd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172edcf090a5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55", 0x155)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601781c53677b642fa92a7b767d76e208d17a13940ff013466264e16a26d7f004dfb575a75317d1eded2d32cbd9c6789c474435873ebc769bfbf0a064e61b363a4c45bc4b5fc77b81c120bbd2ecf508e7485bfcf1facea6f5763bb13023aed4cd7ff200554cb5d3307dfc43e8fc49878f7ac27e2226a48d87471708d036d5448c20207731438839301058c114dce8bd59355705c1d94d99aa6a2a394a94ddd456c3b66ea43e84253bab73e0699ea6778861b1cf71ce86ffe512040a7c274b", 0x2bd)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f00000002c0)={'#! ', './file0/../file0', [{0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}], 0xa, "93d6ec912ff13599f216333d147d3da799832c93de88736aa65a36e8687c1e7e78d02c9f0ac090d95f9f9689fa619b964ce88d876eed3dad1bb78653edfefadee8d96fae9188bc9e9e42665b2065177b215381f9034f8af6bf2442d498f4bd8721b481bcf36bea439b9395fb93b878d0c792f2a798bdc3da5336c45d7fe1b30b0165748c1d3e08ca36f0d8b7a206f1"}, 0xab)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000040)=0x7, 0x9)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r1, 0x0, 0xfdef)
09:40:41 executing program 4:
munmap(&(0x7f0000a89000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000525000/0x4000)=nil, 0x4000)
mlock2(&(0x7f00007df000/0x3000)=nil, 0x3000, 0x0)
mlock2(&(0x7f000073f000/0x2000)=nil, 0x2000, 0x0)
munmap(&(0x7f000066b000/0x1000)=nil, 0x1000)
mlock(&(0x7f00005bf000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000cb7000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000eb3000/0x2000)=nil)
09:40:41 executing program 6:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
getdents64(r0, &(0x7f00000000c0)=""/32, 0x20)
getdents(r0, &(0x7f0000000000)=""/87, 0x57)
09:40:41 executing program 2:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='pagemap\x00')
ioctl$TUNSETIFF(r0, 0xc0606610, 0x0)
09:40:41 executing program 3:
syz_emit_ethernet(0x83, &(0x7f0000000400)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "409d26", 0x4d, 0x88, 0x0, @private0, @mcast2, {[], {0x0, 0x0, 0x4d, 0x0, @gue={{0x2}, "37020e94febd24d51dc3e7aa99f4babd49c5a89bb9076365751d31e1db2d9f4806589ffa8c4e0ff7a2172b76deba9435db55aa771dff42662679ca3f79"}}}}}}}, 0x0)
09:40:41 executing program 7:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
getdents64(r0, &(0x7f00000000c0)=""/32, 0x20)
getdents(r0, &(0x7f0000000000)=""/87, 0x57)
09:40:41 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getpeername$inet(r0, 0x0, 0x0)
09:40:41 executing program 5:
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000bc0)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c0000000000000000fd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172edcf090a5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55", 0x155)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601781c53677b642fa92a7b767d76e208d17a13940ff013466264e16a26d7f004dfb575a75317d1eded2d32cbd9c6789c474435873ebc769bfbf0a064e61b363a4c45bc4b5fc77b81c120bbd2ecf508e7485bfcf1facea6f5763bb13023aed4cd7ff200554cb5d3307dfc43e8fc49878f7ac27e2226a48d87471708d036d5448c20207731438839301058c114dce8bd59355705c1d94d99aa6a2a394a94ddd456c3b66ea43e84253bab73e0699ea6778861b1cf71ce86ffe512040a7c274b", 0x2bd)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f00000002c0)={'#! ', './file0/../file0', [{0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}], 0xa, "93d6ec912ff13599f216333d147d3da799832c93de88736aa65a36e8687c1e7e78d02c9f0ac090d95f9f9689fa619b964ce88d876eed3dad1bb78653edfefadee8d96fae9188bc9e9e42665b2065177b215381f9034f8af6bf2442d498f4bd8721b481bcf36bea439b9395fb93b878d0c792f2a798bdc3da5336c45d7fe1b30b0165748c1d3e08ca36f0d8b7a206f1"}, 0xab)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000040)=0x7, 0x9)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r1, 0x0, 0xfdef)
09:40:41 executing program 1:
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000bc0)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c0000000000000000fd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172edcf090a5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55", 0x155)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601781c53677b642fa92a7b767d76e208d17a13940ff013466264e16a26d7f004dfb575a75317d1eded2d32cbd9c6789c474435873ebc769bfbf0a064e61b363a4c45bc4b5fc77b81c120bbd2ecf508e7485bfcf1facea6f5763bb13023aed4cd7ff200554cb5d3307dfc43e8fc49878f7ac27e2226a48d87471708d036d5448c20207731438839301058c114dce8bd59355705c1d94d99aa6a2a394a94ddd456c3b66ea43e84253bab73e0699ea6778861b1cf71ce86ffe512040a7c274b", 0x2bd)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f00000002c0)={'#! ', './file0/../file0', [{0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}], 0xa, "93d6ec912ff13599f216333d147d3da799832c93de88736aa65a36e8687c1e7e78d02c9f0ac090d95f9f9689fa619b964ce88d876eed3dad1bb78653edfefadee8d96fae9188bc9e9e42665b2065177b215381f9034f8af6bf2442d498f4bd8721b481bcf36bea439b9395fb93b878d0c792f2a798bdc3da5336c45d7fe1b30b0165748c1d3e08ca36f0d8b7a206f1"}, 0xab)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000040)=0x7, 0x9)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r1, 0x0, 0xfdef)
09:40:42 executing program 2:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='pagemap\x00')
ioctl$TUNSETIFF(r0, 0xc0606610, 0x0)
09:40:42 executing program 6:
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000bc0)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c0000000000000000fd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172edcf090a5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55", 0x155)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601781c53677b642fa92a7b767d76e208d17a13940ff013466264e16a26d7f004dfb575a75317d1eded2d32cbd9c6789c474435873ebc769bfbf0a064e61b363a4c45bc4b5fc77b81c120bbd2ecf508e7485bfcf1facea6f5763bb13023aed4cd7ff200554cb5d3307dfc43e8fc49878f7ac27e2226a48d87471708d036d5448c20207731438839301058c114dce8bd59355705c1d94d99aa6a2a394a94ddd456c3b66ea43e84253bab73e0699ea6778861b1cf71ce86ffe512040a7c274b", 0x2bd)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f00000002c0)={'#! ', './file0/../file0', [{0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}], 0xa, "93d6ec912ff13599f216333d147d3da799832c93de88736aa65a36e8687c1e7e78d02c9f0ac090d95f9f9689fa619b964ce88d876eed3dad1bb78653edfefadee8d96fae9188bc9e9e42665b2065177b215381f9034f8af6bf2442d498f4bd8721b481bcf36bea439b9395fb93b878d0c792f2a798bdc3da5336c45d7fe1b30b0165748c1d3e08ca36f0d8b7a206f1"}, 0xab)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000040)=0x7, 0x9)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r1, 0x0, 0xfdef)
09:40:42 executing program 3:
setresuid(0x0, 0xee01, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}, 0x20)
09:40:42 executing program 4:
munmap(&(0x7f0000a89000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000525000/0x4000)=nil, 0x4000)
mlock2(&(0x7f00007df000/0x3000)=nil, 0x3000, 0x0)
mlock2(&(0x7f000073f000/0x2000)=nil, 0x2000, 0x0)
munmap(&(0x7f000066b000/0x1000)=nil, 0x1000)
mlock(&(0x7f00005bf000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000cb7000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000eb3000/0x2000)=nil)
09:40:42 executing program 7:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x7a, &(0x7f00000007c0)={@broadcast, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "d104e0", 0x44, 0x2f, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @loopback}}}}, 0x0)
09:40:42 executing program 5:
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000bc0)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c0000000000000000fd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172edcf090a5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55", 0x155)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601781c53677b642fa92a7b767d76e208d17a13940ff013466264e16a26d7f004dfb575a75317d1eded2d32cbd9c6789c474435873ebc769bfbf0a064e61b363a4c45bc4b5fc77b81c120bbd2ecf508e7485bfcf1facea6f5763bb13023aed4cd7ff200554cb5d3307dfc43e8fc49878f7ac27e2226a48d87471708d036d5448c20207731438839301058c114dce8bd59355705c1d94d99aa6a2a394a94ddd456c3b66ea43e84253bab73e0699ea6778861b1cf71ce86ffe512040a7c274b", 0x2bd)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f00000002c0)={'#! ', './file0/../file0', [{0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}], 0xa, "93d6ec912ff13599f216333d147d3da799832c93de88736aa65a36e8687c1e7e78d02c9f0ac090d95f9f9689fa619b964ce88d876eed3dad1bb78653edfefadee8d96fae9188bc9e9e42665b2065177b215381f9034f8af6bf2442d498f4bd8721b481bcf36bea439b9395fb93b878d0c792f2a798bdc3da5336c45d7fe1b30b0165748c1d3e08ca36f0d8b7a206f1"}, 0xab)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000040)=0x7, 0x9)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r1, 0x0, 0xfdef)
09:40:42 executing program 0:
r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0)
write$binfmt_script(r0, &(0x7f0000000700)={'#! ', './file0'}, 0xb)
ftruncate(r0, 0x8800000)
lseek(r0, 0x0, 0x4)
09:40:42 executing program 1:
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000bc0)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c0000000000000000fd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172edcf090a5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55", 0x155)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601781c53677b642fa92a7b767d76e208d17a13940ff013466264e16a26d7f004dfb575a75317d1eded2d32cbd9c6789c474435873ebc769bfbf0a064e61b363a4c45bc4b5fc77b81c120bbd2ecf508e7485bfcf1facea6f5763bb13023aed4cd7ff200554cb5d3307dfc43e8fc49878f7ac27e2226a48d87471708d036d5448c20207731438839301058c114dce8bd59355705c1d94d99aa6a2a394a94ddd456c3b66ea43e84253bab73e0699ea6778861b1cf71ce86ffe512040a7c274b", 0x2bd)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f00000002c0)={'#! ', './file0/../file0', [{0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}, {0x20, '\x00'}], 0xa, "93d6ec912ff13599f216333d147d3da799832c93de88736aa65a36e8687c1e7e78d02c9f0ac090d95f9f9689fa619b964ce88d876eed3dad1bb78653edfefadee8d96fae9188bc9e9e42665b2065177b215381f9034f8af6bf2442d498f4bd8721b481bcf36bea439b9395fb93b878d0c792f2a798bdc3da5336c45d7fe1b30b0165748c1d3e08ca36f0d8b7a206f1"}, 0xab)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000040)=0x7, 0x9)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r1, 0x0, 0xfdef)
[ 128.015685] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI
[ 128.016611] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 128.017285] CPU: 1 UID: 0 PID: 3978 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 128.018804] Tainted: [W]=WARN
[ 128.019573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 128.021202] RIP: 0010:perf_tp_event+0x175/0xe70
[ 128.022294] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 128.026289] RSP: 0018:ffff88804423f780 EFLAGS: 00010012
[ 128.026712] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90006e64000
[ 128.027268] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 128.027832] RBP: ffff88804423f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd16a60
[ 128.028387] R10: 0000000000000000 R11: ffff88800ce9dc98 R12: dffffc0000000000
[ 128.028939] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 128.029494] FS: 00007f8d399ec700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 128.030124] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 128.030579] CR2: 00007f8d3c58a018 CR3: 0000000042819000 CR4: 0000000000350ef0
[ 128.031134] Call Trace:
[ 128.031338]
[ 128.031523] ? __pfx_perf_tp_event+0x10/0x10
[ 128.031876] ? visit_groups_merge.constprop.0.isra.0+0x6e7/0x1150
[ 128.032357] ? lock_acquire+0x15e/0x2f0
[ 128.032677] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10
[ 128.033178] ? lock_is_held_type+0x9e/0x120
[ 128.033524] ? lock_is_held_type+0x9e/0x120
[ 128.033868] ? ctx_sched_in+0x134/0x9b0
[ 128.034190] ? __pfx_ctx_sched_in+0x10/0x10
[ 128.034529] ? arch_stack_walk+0x9c/0xf0
[ 128.034859] ? find_held_lock+0x2b/0x80
[ 128.035180] ? perf_trace_run_bpf_submit+0xef/0x180
[ 128.035577] perf_trace_run_bpf_submit+0xef/0x180
[ 128.035962] perf_trace_preemptirq_template+0x259/0x430
[ 128.036381] ? trace_sched_set_need_resched_tp+0xd4/0x110
[ 128.036818] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 128.037275] ? __pfx___resched_curr+0x10/0x10
[ 128.037638] ? find_held_lock+0x2b/0x80
[ 128.037964] ? try_to_wake_up+0x8ae/0x11d0
[ 128.038303] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 128.038704] trace_irq_enable.constprop.0+0xa6/0x100
[ 128.039105] trace_hardirqs_on+0x26/0x40
[ 128.039430] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 128.039819] try_to_wake_up+0x8ae/0x11d0
[ 128.040144] ? __pfx_try_to_wake_up+0x10/0x10
[ 128.040504] ? plist_del+0x122/0x270
[ 128.040806] ? find_held_lock+0x2b/0x80
[ 128.041127] ? futex_wake+0x474/0x540
[ 128.041434] wake_up_q+0xa1/0x130
[ 128.041718] futex_wake+0x47e/0x540
[ 128.042020] ? __pfx_futex_wake+0x10/0x10
[ 128.042358] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 128.042756] ? lock_release+0xc8/0x290
[ 128.043067] do_futex+0x26d/0x370
[ 128.043349] ? __pfx_do_futex+0x10/0x10
[ 128.043665] ? __pfx___do_sys_perf_event_open+0x10/0x10
[ 128.044083] ? find_held_lock+0x2b/0x80
[ 128.044403] __x64_sys_futex+0x1c9/0x4d0
[ 128.044725] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 128.045181] ? __pfx___x64_sys_futex+0x10/0x10
[ 128.045545] do_syscall_64+0xbf/0x360
[ 128.045847] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 128.046256] RIP: 0033:0x7f8d3c476b19
[ 128.046552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 128.047955] RSP: 002b:00007f8d399ec218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 128.048544] RAX: ffffffffffffffda RBX: 00007f8d3c589f68 RCX: 00007f8d3c476b19
[ 128.049095] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8d3c589f6c
[ 128.049645] RBP: 00007f8d3c589f60 R08: 000000000000000e R09: 0000000000000000
[ 128.050206] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8d3c589f6c
[ 128.050756] R13: 00007ffebf9d48df R14: 00007f8d399ec300 R15: 0000000000022000
[ 128.051316]
[ 128.051501] Modules linked in:
[ 128.051756] ---[ end trace 0000000000000000 ]---
[ 128.051759] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 128.052124] RIP: 0010:perf_tp_event+0x175/0xe70
[ 128.052988] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 128.053347] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 128.053946] CPU: 0 UID: 0 PID: 3977 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 128.055333] RSP: 0018:ffff88804423f780 EFLAGS: 00010012
[ 128.056238] Tainted: [D]=DIE, [W]=WARN
[ 128.056645] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90006e64000
[ 128.056941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 128.057487] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 128.058122] RIP: 0010:perf_tp_event+0x175/0xe70
[ 128.058672] RBP: ffff88804423f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd16a60
[ 128.059030] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 128.059578] R10: 0000000000000000 R11: ffff88800ce9dc98 R12: dffffc0000000000
[ 128.060979] RSP: 0018:ffff888044a7f780 EFLAGS: 00010012
[ 128.061525] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 128.061528]
[ 128.061538] FS: 00007f8d399ec700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 128.061957] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90007065000
[ 128.062503] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 128.062637] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 128.063255] CR2: 00007f8d3c58a018 CR3: 0000000042819000 CR4: 0000000000350ef0
[ 128.063798] RBP: ffff888044a7f9f0 R08: ffff88806ce31340 R09: ffffe8ffffc16a60
[ 128.064250] note: syz-executor.7[3978] exited with irqs disabled
[ 128.064796] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 128.066914] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 128.067476] FS: 00007fcdb72e2700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 128.068106] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 128.068558] CR2: 0000001b2d023000 CR3: 0000000042904000 CR4: 0000000000350ef0
[ 128.069122] Call Trace:
[ 128.069327]
[ 128.069508] ? __pfx_perf_tp_event+0x10/0x10
[ 128.069860] ? do_raw_spin_lock+0x123/0x260
[ 128.070221] ? lock_acquire+0x18c/0x2f0
[ 128.070542] ? lock_release+0x1c7/0x290
[ 128.070859] ? lock_release+0x1c7/0x290
[ 128.071179] ? mlock_new_folio+0x3dd/0x6f0
[ 128.071525] ? lock_release+0x1c7/0x290
[ 128.071828] ? do_raw_spin_lock+0x123/0x260
[ 128.072155] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 128.072505] ? perf_trace_run_bpf_submit+0xef/0x180
[ 128.072878] ? lock_release+0x1c7/0x290
[ 128.073173] perf_trace_run_bpf_submit+0xef/0x180
[ 128.073531] perf_trace_preemptirq_template+0x259/0x430
[ 128.073925] ? trace_sched_set_need_resched_tp+0xd4/0x110
[ 128.074348] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 128.074776] ? __pfx___resched_curr+0x10/0x10
[ 128.075113] ? check_preempt_wakeup_fair+0x406/0x950
[ 128.075493] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 128.075872] trace_irq_enable.constprop.0+0xa6/0x100
[ 128.076246] trace_hardirqs_on+0x26/0x40
[ 128.076546] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 128.076914] try_to_wake_up+0x8ae/0x11d0
[ 128.077221] ? __pfx_try_to_wake_up+0x10/0x10
[ 128.077557] ? plist_del+0x122/0x270
[ 128.077842] ? __futex_unqueue+0xda/0x1c0
[ 128.078163] wake_up_q+0xa1/0x130
[ 128.078432] futex_wake+0x47e/0x540
[ 128.078714] ? __pfx_futex_wake+0x10/0x10
[ 128.079025] ? __pfx_apply_vma_lock_flags+0x10/0x10
[ 128.079396] ? __mm_populate+0x2bb/0x3a0
[ 128.079700] do_futex+0x26d/0x370
[ 128.079961] ? __pfx_do_futex+0x10/0x10
[ 128.080259] ? do_mlock+0x392/0x800
[ 128.080529] ? __pfx___schedule+0x10/0x10
[ 128.080844] __x64_sys_futex+0x1c9/0x4d0
[ 128.081145] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 128.081572] ? __pfx___x64_sys_futex+0x10/0x10
[ 128.081913] ? xfd_validate_state+0x55/0x180
[ 128.082266] do_syscall_64+0xbf/0x360
[ 128.082554] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 128.082932] RIP: 0033:0x7fcdb9d6cb19
[ 128.083207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 128.084499] RSP: 002b:00007fcdb72e2218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 128.085049] RAX: ffffffffffffffda RBX: 00007fcdb9e7ff68 RCX: 00007fcdb9d6cb19
[ 128.085563] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcdb9e7ff6c
[ 128.086085] RBP: 00007fcdb9e7ff60 R08: 000000000000000e R09: 0000000000000000
[ 128.086599] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcdb9e7ff6c
[ 128.087109] R13: 00007ffc6fe5a39f R14: 00007fcdb72e2300 R15: 0000000000022000
[ 128.087627]
[ 128.087802] Modules linked in:
[ 128.088053] ---[ end trace 0000000000000000 ]---
[ 128.088054] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#3] SMP KASAN NOPTI
[ 128.088393] RIP: 0010:perf_tp_event+0x175/0xe70
[ 128.089240] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 128.089581] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 128.090251] CPU: 1 UID: 0 PID: 3978 Comm: syz-executor.7 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 128.091538] RSP: 0018:ffff88804423f780 EFLAGS: 00010012
[ 128.092451] Tainted: [D]=DIE, [W]=WARN
[ 128.092457] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 128.092832] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90006e64000
[ 128.093129] RIP: 0010:perf_tp_event+0x175/0xe70
[ 128.093714] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 128.094268] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 128.094599] RBP: ffff88804423f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd16a60
[ 128.095145] RSP: 0018:ffff88806cf08b80 EFLAGS: 00010012
[ 128.096431] R10: 0000000000000000 R11: ffff88800ce9dc98 R12: dffffc0000000000
[ 128.096977]
[ 128.097355] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 128.097898] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 128.098042] FS: 00007fcdb72e2700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 128.098586] RDX: ffff888042a30000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 128.099101] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 128.099711] RBP: ffff88806cf08df0 R08: ffff88806cf313e8 R09: ffffe8ffffd16a60
[ 128.100220] CR2: 0000001b2d023000 CR3: 0000000042904000 CR4: 0000000000350ef0
[ 128.100664] R10: 0000000000000000 R11: ffff8880141a7898 R12: dffffc0000000000
[ 128.101173] note: syz-executor.4[3977] exited with irqs disabled
[ 128.101713] R13: 0000000000000014 R14: ffff88806cf313e8 R15: dffffc0000000000
[ 128.103237] FS: 00007f8d399ec700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 128.103859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 128.104312] CR2: 00007f8d3c58a018 CR3: 0000000042819000 CR4: 0000000000350ef0
[ 128.104867] Call Trace:
[ 128.105070]
[ 128.105248] ? __pfx_perf_tp_event+0x10/0x10
[ 128.105601] ? enqueue_task_fair+0xded/0x1e00
[ 128.105965] ? do_raw_spin_lock+0x123/0x260
[ 128.106309] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 128.106682] ? lock_acquire+0x18c/0x2f0
[ 128.106998] ? lock_release+0x1c7/0x290
[ 128.107315] ? do_raw_spin_unlock+0x53/0x220
[ 128.107669] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 128.108071] ? try_to_wake_up+0x128/0x11d0
[ 128.108409] ? do_raw_spin_lock+0x123/0x260
[ 128.108753] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 128.109127] ? perf_trace_run_bpf_submit+0xef/0x180
[ 128.109523] perf_trace_run_bpf_submit+0xef/0x180
[ 128.109908] perf_trace_preemptirq_template+0x259/0x430
[ 128.110334] ? read_tsc+0x9/0x20
[ 128.110610] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 128.111069] ? clockevents_program_event+0x135/0x360
[ 128.111478] ? tick_program_event+0xac/0x140
[ 128.111828] ? handle_softirqs+0x16e/0x770
[ 128.112167] trace_irq_enable.constprop.0+0xa6/0x100
[ 128.112566] trace_hardirqs_on+0x26/0x40
[ 128.112885] handle_softirqs+0x16e/0x770
[ 128.113215] __irq_exit_rcu+0xc4/0x100
[ 128.113528] irq_exit_rcu+0x9/0x20
[ 128.113810] sysvec_apic_timer_interrupt+0x70/0x80
[ 128.114207]
[ 128.114388]
[ 128.114570] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 128.114984] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 128.115355] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de
[ 128.116752] RSP: 0018:ffff88804423ff28 EFLAGS: 00000246
[ 128.117165] RAX: 0000000000000001 RBX: ffff888042a30000 RCX: ffffffff817c3ab6
[ 128.117720] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 128.118286] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 128.118837] R10: ffffffff8643b457 R11: 3030303030302043 R12: ffff888042a30000
[ 128.119388] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000
[ 128.119941] ? trace_irq_enable.constprop.0+0x26/0x100
[ 128.120351] ? make_task_dead+0x214/0x3b0
[ 128.120681] ? make_task_dead+0x214/0x3b0
[ 128.121011] ? do_syscall_64+0xbf/0x360
[ 128.121327] rewind_stack_and_make_dead+0x16/0x20
[ 128.121716] RIP: 0033:0x7f8d3c476b19
[ 128.122016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 128.123420] RSP: 002b:00007f8d399ec218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 128.124011] RAX: ffffffffffffffda RBX: 00007f8d3c589f68 RCX: 00007f8d3c476b19
[ 128.124565] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8d3c589f6c
[ 128.125119] RBP: 00007f8d3c589f60 R08: 000000000000000e R09: 0000000000000000
[ 128.125671] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8d3c589f6c
[ 128.126235] R13: 00007ffebf9d48df R14: 00007f8d399ec300 R15: 0000000000022000
[ 128.126794]
[ 128.126981] Modules linked in:
[ 128.127238] ---[ end trace 0000000000000000 ]---
[ 128.127239] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#4] SMP KASAN NOPTI
[ 128.127602] RIP: 0010:perf_tp_event+0x175/0xe70
[ 128.128395] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 128.128750] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 128.129288] CPU: 0 UID: 0 PID: 3977 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 128.130684] RSP: 0018:ffff88804423f780 EFLAGS: 00010012
[ 128.131525] Tainted: [D]=DIE, [W]=WARN
[ 128.131929] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90006e64000
[ 128.132216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 128.132763] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 128.133350] RIP: 0010:perf_tp_event+0x175/0xe70
[ 128.133895] RBP: ffff88804423f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd16a60
[ 128.134237] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 128.134782] R10: 0000000000000000 R11: ffff88800ce9dc98 R12: dffffc0000000000
[ 128.136064] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012
[ 128.136610] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 128.136622] FS: 00007f8d399ec700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 128.136994] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 128.137543] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 128.138122] RDX: ffff8880173e9b80 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 128.138667] CR2: 00007f8d3c58a018 CR3: 0000000042819000 CR4: 0000000000350ef0
[ 128.139080] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc16a60
[ 128.139629] Kernel panic - not syncing: Fatal exception in interrupt
[ 129.183677] Shutting down cpus with NMI
[ 129.185228] Kernel Offset: disabled
[ 129.185514] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
09:40:42 Registers:
info registers vcpu 0
RAX=0000000000000001 RBX=0000000000000001 RCX=ffffffff84be3c0e RDX=fffffbfff0f0f609
RSI=0000000000000004 RDI=ffffffff8787b044 RBP=ffffffff8787b044 RSP=ffff888044a7f530
R8 =0000000000000000 R9 =fffffbfff0f0f608 R10=ffffffff8787b047 R11=202c746c75616620
R12=1ffff1100894fea7 R13=0000000000000007 R14=fffffbfff0f0f608 R15=ffff888044a7f568
RIP=ffffffff84be3da0 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fcdb72e2700 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe6000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2d023000 CR3=0000000042904000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007fcdb9e537c000007fcdb9e537c8
XMM02=00007fcdb9e537e000007fcdb9e537c0 XMM03=00007fcdb9e537c800007fcdb9e537c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88804423f070
R8 =0000000000000000 R9 =ffffed1001758046 R10=0000000000000020 R11=0000000065646f43
R12=0000000000000020 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f8d399ec700 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe0e00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f8d3c58a018 CR3=0000000042819000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f8d3c55d7c000007f8d3c55d7c8
XMM02=00007f8d3c55d7e000007f8d3c55d7c0 XMM03=00007f8d3c55d7c800007f8d3c55d7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000