Warning: Permanently added '[localhost]:30955' (ECDSA) to the list of known hosts.
2025/09/01 09:54:15 fuzzer started
2025/09/01 09:54:15 dialing manager at localhost:35473
syzkaller login: [ 51.904644] cgroup: Unknown subsys name 'net'
[ 52.109927] cgroup: Unknown subsys name 'cpuset'
[ 52.140576] cgroup: Unknown subsys name 'rlimit'
2025/09/01 09:54:26 syscalls: 2214
2025/09/01 09:54:26 code coverage: enabled
2025/09/01 09:54:26 comparison tracing: enabled
2025/09/01 09:54:26 extra coverage: enabled
2025/09/01 09:54:26 setuid sandbox: enabled
2025/09/01 09:54:26 namespace sandbox: enabled
2025/09/01 09:54:26 Android sandbox: enabled
2025/09/01 09:54:26 fault injection: enabled
2025/09/01 09:54:26 leak checking: enabled
2025/09/01 09:54:26 net packet injection: enabled
2025/09/01 09:54:26 net device setup: enabled
2025/09/01 09:54:26 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 09:54:26 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 09:54:26 USB emulation: enabled
2025/09/01 09:54:26 hci packet injection: enabled
2025/09/01 09:54:26 wifi device emulation: enabled
2025/09/01 09:54:26 802.15.4 emulation: enabled
2025/09/01 09:54:26 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 09:54:27 fetching corpus: 43, signal 23750/27165 (executing program)
2025/09/01 09:54:27 fetching corpus: 93, signal 38389/42984 (executing program)
2025/09/01 09:54:27 fetching corpus: 143, signal 48796/54403 (executing program)
2025/09/01 09:54:27 fetching corpus: 193, signal 55000/61608 (executing program)
2025/09/01 09:54:27 fetching corpus: 243, signal 58518/66181 (executing program)
2025/09/01 09:54:27 fetching corpus: 292, signal 62687/71297 (executing program)
2025/09/01 09:54:27 fetching corpus: 342, signal 65105/74679 (executing program)
2025/09/01 09:54:27 fetching corpus: 392, signal 68373/78794 (executing program)
2025/09/01 09:54:27 fetching corpus: 442, signal 71916/83059 (executing program)
2025/09/01 09:54:28 fetching corpus: 492, signal 75432/87205 (executing program)
2025/09/01 09:54:28 fetching corpus: 542, signal 78863/91198 (executing program)
2025/09/01 09:54:28 fetching corpus: 592, signal 81898/94788 (executing program)
2025/09/01 09:54:28 fetching corpus: 642, signal 86355/99453 (executing program)
2025/09/01 09:54:28 fetching corpus: 692, signal 89131/102634 (executing program)
2025/09/01 09:54:28 fetching corpus: 742, signal 90945/105040 (executing program)
2025/09/01 09:54:28 fetching corpus: 792, signal 93153/107682 (executing program)
2025/09/01 09:54:28 fetching corpus: 842, signal 94849/109810 (executing program)
2025/09/01 09:54:28 fetching corpus: 892, signal 97207/112490 (executing program)
2025/09/01 09:54:28 fetching corpus: 942, signal 98342/114201 (executing program)
2025/09/01 09:54:28 fetching corpus: 992, signal 100288/116472 (executing program)
2025/09/01 09:54:29 fetching corpus: 1042, signal 102238/118673 (executing program)
2025/09/01 09:54:29 fetching corpus: 1092, signal 104018/120714 (executing program)
2025/09/01 09:54:29 fetching corpus: 1141, signal 106120/122900 (executing program)
2025/09/01 09:54:29 fetching corpus: 1190, signal 107186/124294 (executing program)
2025/09/01 09:54:29 fetching corpus: 1240, signal 108879/126170 (executing program)
2025/09/01 09:54:29 fetching corpus: 1290, signal 110894/128155 (executing program)
2025/09/01 09:54:29 fetching corpus: 1340, signal 112205/129669 (executing program)
2025/09/01 09:54:29 fetching corpus: 1388, signal 113149/130880 (executing program)
2025/09/01 09:54:29 fetching corpus: 1438, signal 113888/131968 (executing program)
2025/09/01 09:54:29 fetching corpus: 1488, signal 114781/133130 (executing program)
2025/09/01 09:54:30 fetching corpus: 1538, signal 115943/134466 (executing program)
2025/09/01 09:54:30 fetching corpus: 1588, signal 116749/135549 (executing program)
2025/09/01 09:54:30 fetching corpus: 1638, signal 117736/136708 (executing program)
2025/09/01 09:54:30 fetching corpus: 1687, signal 118776/137879 (executing program)
2025/09/01 09:54:30 fetching corpus: 1737, signal 119901/139052 (executing program)
2025/09/01 09:54:30 fetching corpus: 1787, signal 120602/139974 (executing program)
2025/09/01 09:54:30 fetching corpus: 1837, signal 121351/140905 (executing program)
2025/09/01 09:54:30 fetching corpus: 1887, signal 122947/142350 (executing program)
2025/09/01 09:54:30 fetching corpus: 1937, signal 123990/143409 (executing program)
2025/09/01 09:54:30 fetching corpus: 1987, signal 124924/144397 (executing program)
2025/09/01 09:54:30 fetching corpus: 2037, signal 125953/145415 (executing program)
2025/09/01 09:54:31 fetching corpus: 2087, signal 127070/146454 (executing program)
2025/09/01 09:54:31 fetching corpus: 2137, signal 127793/147256 (executing program)
2025/09/01 09:54:31 fetching corpus: 2186, signal 128278/147946 (executing program)
2025/09/01 09:54:31 fetching corpus: 2236, signal 128822/148611 (executing program)
2025/09/01 09:54:31 fetching corpus: 2286, signal 129752/149457 (executing program)
2025/09/01 09:54:31 fetching corpus: 2336, signal 130696/150267 (executing program)
2025/09/01 09:54:31 fetching corpus: 2386, signal 131558/150993 (executing program)
2025/09/01 09:54:31 fetching corpus: 2436, signal 132454/151722 (executing program)
2025/09/01 09:54:31 fetching corpus: 2486, signal 134082/152774 (executing program)
2025/09/01 09:54:31 fetching corpus: 2536, signal 134984/153462 (executing program)
2025/09/01 09:54:32 fetching corpus: 2586, signal 135844/154151 (executing program)
2025/09/01 09:54:32 fetching corpus: 2636, signal 136436/154697 (executing program)
2025/09/01 09:54:32 fetching corpus: 2686, signal 137468/155370 (executing program)
2025/09/01 09:54:32 fetching corpus: 2736, signal 138018/155861 (executing program)
2025/09/01 09:54:32 fetching corpus: 2786, signal 138616/156373 (executing program)
2025/09/01 09:54:32 fetching corpus: 2836, signal 139407/156893 (executing program)
2025/09/01 09:54:32 fetching corpus: 2886, signal 140107/157385 (executing program)
2025/09/01 09:54:32 fetching corpus: 2936, signal 140742/157822 (executing program)
2025/09/01 09:54:32 fetching corpus: 2986, signal 141413/158279 (executing program)
2025/09/01 09:54:32 fetching corpus: 3036, signal 142120/158735 (executing program)
2025/09/01 09:54:32 fetching corpus: 3086, signal 142531/159074 (executing program)
2025/09/01 09:54:33 fetching corpus: 3136, signal 143165/159505 (executing program)
2025/09/01 09:54:33 fetching corpus: 3186, signal 143752/159933 (executing program)
2025/09/01 09:54:33 fetching corpus: 3236, signal 144530/160336 (executing program)
2025/09/01 09:54:33 fetching corpus: 3286, signal 145595/160768 (executing program)
2025/09/01 09:54:33 fetching corpus: 3336, signal 146077/161083 (executing program)
2025/09/01 09:54:33 fetching corpus: 3386, signal 146412/161351 (executing program)
2025/09/01 09:54:33 fetching corpus: 3436, signal 146857/161641 (executing program)
2025/09/01 09:54:33 fetching corpus: 3486, signal 147539/161961 (executing program)
2025/09/01 09:54:33 fetching corpus: 3536, signal 148144/162236 (executing program)
2025/09/01 09:54:33 fetching corpus: 3586, signal 148702/162528 (executing program)
2025/09/01 09:54:34 fetching corpus: 3636, signal 149385/162802 (executing program)
2025/09/01 09:54:34 fetching corpus: 3686, signal 149935/163046 (executing program)
2025/09/01 09:54:34 fetching corpus: 3736, signal 150754/163289 (executing program)
2025/09/01 09:54:34 fetching corpus: 3786, signal 151286/163518 (executing program)
2025/09/01 09:54:34 fetching corpus: 3836, signal 151693/163707 (executing program)
2025/09/01 09:54:34 fetching corpus: 3886, signal 152209/163898 (executing program)
2025/09/01 09:54:34 fetching corpus: 3936, signal 153087/164113 (executing program)
2025/09/01 09:54:34 fetching corpus: 3986, signal 153617/164207 (executing program)
2025/09/01 09:54:34 fetching corpus: 4036, signal 154171/164256 (executing program)
2025/09/01 09:54:35 fetching corpus: 4086, signal 154777/164261 (executing program)
2025/09/01 09:54:35 fetching corpus: 4136, signal 155265/164265 (executing program)
2025/09/01 09:54:35 fetching corpus: 4186, signal 155602/164270 (executing program)
2025/09/01 09:54:35 fetching corpus: 4236, signal 156057/164281 (executing program)
2025/09/01 09:54:35 fetching corpus: 4286, signal 156735/164289 (executing program)
2025/09/01 09:54:35 fetching corpus: 4336, signal 157100/164297 (executing program)
2025/09/01 09:54:35 fetching corpus: 4386, signal 157508/164304 (executing program)
2025/09/01 09:54:35 fetching corpus: 4436, signal 158092/164382 (executing program)
2025/09/01 09:54:35 fetching corpus: 4486, signal 158467/164395 (executing program)
2025/09/01 09:54:35 fetching corpus: 4536, signal 158793/164420 (executing program)
2025/09/01 09:54:35 fetching corpus: 4586, signal 159204/164473 (executing program)
2025/09/01 09:54:35 fetching corpus: 4636, signal 159494/164475 (executing program)
2025/09/01 09:54:36 fetching corpus: 4686, signal 159928/164497 (executing program)
2025/09/01 09:54:36 fetching corpus: 4736, signal 160473/164497 (executing program)
2025/09/01 09:54:36 fetching corpus: 4786, signal 160860/164508 (executing program)
2025/09/01 09:54:36 fetching corpus: 4836, signal 161188/164550 (executing program)
2025/09/01 09:54:36 fetching corpus: 4886, signal 161505/164553 (executing program)
2025/09/01 09:54:36 fetching corpus: 4909, signal 161692/164553 (executing program)
2025/09/01 09:54:36 fetching corpus: 4909, signal 161692/164553 (executing program)
2025/09/01 09:54:38 starting 8 fuzzer processes
09:54:38 executing program 0:
r0 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000040)=0x80000001)
09:54:38 executing program 3:
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000000)={{{@in6=@private2, @in=@private}, {0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x5}}, {{@in6=@private0}, 0x0, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xe24}}, 0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000100)={{{@in=@private, @in6=@remote}}, {{@in6}, 0x0, @in6=@private2}}, 0x0)
syz_read_part_table(0x0, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000500))
r0 = socket$inet6(0xa, 0x0, 0x0)
getsockname(r0, 0x0, 0x0)
ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
09:54:38 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x40181, 0x0)
write$P9_RREAD(r0, &(0x7f0000000100)={0x30, 0x75, 0x0, {0xa000000}}, 0xb)
09:54:38 executing program 4:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
r0 = getpid()
tkill(r0, 0x0)
09:54:38 executing program 1:
syz_mount_image$nfs4(0x0, 0x0, 0x0, 0x3, &(0x7f0000002ec0)=[{&(0x7f0000000ac0)='a', 0x1}, {&(0x7f0000000b80)="a2", 0x1}, {&(0x7f0000000d40)='w', 0x1}], 0x0, 0x0)
[ 73.250901] audit: type=1400 audit(1756720478.584:7): avc: denied { execmem } for pid=270 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
09:54:38 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffc000/0x2000)=nil)
09:54:38 executing program 2:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x80082407, 0xffffffffffffffff)
09:54:38 executing program 6:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = dup(r0)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r1, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={0x0, 0x2}}, 0x0)
[ 74.345595] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 74.349442] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 74.351410] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 74.355278] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 74.357757] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 74.605906] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 74.617161] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 74.618935] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 74.624655] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 74.631300] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 74.633230] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 74.634753] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 74.637569] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 74.639489] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 74.641342] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 74.645257] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 74.647632] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 74.649241] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 74.650319] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 74.652817] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 74.656578] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 74.660574] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 74.661950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 74.663930] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 74.665227] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 74.667378] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 74.668777] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 74.670475] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 74.671711] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 74.673884] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 74.675328] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 74.686193] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 74.701360] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 74.703958] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 74.705077] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 74.708688] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 74.711192] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 74.722254] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 74.727529] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 74.737288] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 76.378534] Bluetooth: hci0: command tx timeout
[ 76.699281] Bluetooth: hci1: command tx timeout
[ 76.761235] Bluetooth: hci2: command tx timeout
[ 76.761913] Bluetooth: hci6: command tx timeout
[ 76.763081] Bluetooth: hci3: command tx timeout
[ 76.826270] Bluetooth: hci7: command tx timeout
[ 76.827794] Bluetooth: hci4: command tx timeout
[ 76.828304] Bluetooth: hci5: command tx timeout
[ 78.426265] Bluetooth: hci0: command tx timeout
[ 78.746084] Bluetooth: hci1: command tx timeout
[ 78.809131] Bluetooth: hci3: command tx timeout
[ 78.810312] Bluetooth: hci2: command tx timeout
[ 78.810445] Bluetooth: hci6: command tx timeout
[ 78.874102] Bluetooth: hci4: command tx timeout
[ 78.874840] Bluetooth: hci5: command tx timeout
[ 78.875637] Bluetooth: hci7: command tx timeout
[ 80.473170] Bluetooth: hci0: command tx timeout
[ 80.793167] Bluetooth: hci1: command tx timeout
[ 80.857102] Bluetooth: hci6: command tx timeout
[ 80.857132] Bluetooth: hci2: command tx timeout
[ 80.857531] Bluetooth: hci3: command tx timeout
[ 80.921205] Bluetooth: hci5: command tx timeout
[ 80.924169] Bluetooth: hci7: command tx timeout
[ 80.924189] Bluetooth: hci4: command tx timeout
[ 82.522345] Bluetooth: hci0: command tx timeout
[ 82.841120] Bluetooth: hci1: command tx timeout
[ 82.905098] Bluetooth: hci3: command tx timeout
[ 82.907120] Bluetooth: hci2: command tx timeout
[ 82.907153] Bluetooth: hci6: command tx timeout
[ 82.969138] Bluetooth: hci7: command tx timeout
[ 82.969160] Bluetooth: hci5: command tx timeout
[ 82.970305] Bluetooth: hci4: command tx timeout
[ 110.997374] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.998240] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.154249] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.154857] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.468920] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.469589] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.622077] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.622662] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:55:17 executing program 6:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = dup(r0)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r1, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={0x0, 0x2}}, 0x0)
[ 111.857179] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.857777] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:55:17 executing program 6:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = dup(r0)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r1, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={0x0, 0x2}}, 0x0)
09:55:17 executing program 6:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = dup(r0)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r1, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={0x0, 0x2}}, 0x0)
[ 112.016653] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.017654] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.076563] audit: type=1400 audit(1756720517.408:8): avc: denied { open } for pid=3781 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 112.084157] audit: type=1400 audit(1756720517.408:9): avc: denied { kernel } for pid=3781 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
09:55:17 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x496, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000080)=0x6)
r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r1, r1)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000005, 0x13, 0xffffffffffffffff, 0x3000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32])
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000200), 0xd2100, 0x0)
recvfrom(r2, &(0x7f0000000240)=""/238, 0xee, 0x40002040, 0x0, 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
write(r3, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aa", 0x1b2)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setstatus(r3, 0x4, 0x44000)
sendfile(r3, r4, 0x0, 0xfdef)
09:55:17 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x40181, 0x0)
write$P9_RREAD(r0, &(0x7f0000000100)={0x30, 0x75, 0x0, {0xa000000}}, 0xb)
[ 112.940295] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.940903] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.073325] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.073925] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.252884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.253923] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.356264] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.356835] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.661475] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.662612] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.717528] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.718125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.776933] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.777563] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.792119] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.792643] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.840405] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.840941] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.868578] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.869148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.005919] audit: type=1400 audit(1756720519.339:10): avc: denied { write } for pid=3915 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
09:55:19 executing program 0:
r0 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000040)=0x80000001)
09:55:19 executing program 1:
mlock2(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0)
mlock2(&(0x7f00007df000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f00005bf000/0x4000)=nil, 0x4000)
mbind(&(0x7f0000e2e000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f00007f6000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f00009a9000/0x2000)=nil, 0x2000)
mlock(&(0x7f00007be000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000400000/0xc00000)=nil, 0xc0000f)
09:55:19 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x40181, 0x0)
write$P9_RREAD(r0, &(0x7f0000000100)={0x30, 0x75, 0x0, {0xa000000}}, 0xb)
09:55:19 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x496, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000080)=0x6)
r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r1, r1)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000005, 0x13, 0xffffffffffffffff, 0x3000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32])
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000200), 0xd2100, 0x0)
recvfrom(r2, &(0x7f0000000240)=""/238, 0xee, 0x40002040, 0x0, 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
write(r3, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aa", 0x1b2)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setstatus(r3, 0x4, 0x44000)
sendfile(r3, r4, 0x0, 0xfdef)
09:55:19 executing program 4:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
r0 = getpid()
tkill(r0, 0x0)
09:55:19 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffc000/0x2000)=nil)
09:55:19 executing program 2:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x80082407, 0xffffffffffffffff)
09:55:19 executing program 3:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0)
09:55:19 executing program 1:
mlock2(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0)
mlock2(&(0x7f00007df000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f00005bf000/0x4000)=nil, 0x4000)
mbind(&(0x7f0000e2e000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f00007f6000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f00009a9000/0x2000)=nil, 0x2000)
mlock(&(0x7f00007be000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000400000/0xc00000)=nil, 0xc0000f)
09:55:19 executing program 4:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
r0 = getpid()
tkill(r0, 0x0)
09:55:19 executing program 0:
r0 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000040)=0x80000001)
09:55:19 executing program 3:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0)
09:55:19 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffc000/0x2000)=nil)
09:55:19 executing program 2:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x80082407, 0xffffffffffffffff)
09:55:19 executing program 1:
mlock2(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0)
mlock2(&(0x7f00007df000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f00005bf000/0x4000)=nil, 0x4000)
mbind(&(0x7f0000e2e000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f00007f6000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f00009a9000/0x2000)=nil, 0x2000)
mlock(&(0x7f00007be000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000400000/0xc00000)=nil, 0xc0000f)
09:55:19 executing program 4:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
r0 = getpid()
tkill(r0, 0x0)
09:55:19 executing program 3:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0)
09:55:19 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x40181, 0x0)
write$P9_RREAD(r0, &(0x7f0000000100)={0x30, 0x75, 0x0, {0xa000000}}, 0xb)
09:55:19 executing program 0:
r0 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000040)=0x80000001)
[ 114.354464] kmemleak: Found object by alias at 0x607f1a63ea54
[ 114.354484] CPU: 1 UID: 0 PID: 3948 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 114.354503] Tainted: [W]=WARN
[ 114.354507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 114.354515] Call Trace:
[ 114.354519]
[ 114.354523] dump_stack_lvl+0xca/0x120
[ 114.354550] __lookup_object+0x94/0xb0
[ 114.354568] delete_object_full+0x27/0x70
[ 114.354585] free_percpu+0x30/0x1160
[ 114.354603] ? arch_uprobe_clear_state+0x16/0x140
[ 114.354624] futex_hash_free+0x38/0xc0
[ 114.354639] mmput+0x2d3/0x390
[ 114.354658] do_exit+0x79d/0x2970
[ 114.354672] ? signal_wake_up_state+0x85/0x120
[ 114.354689] ? zap_other_threads+0x2b9/0x3a0
[ 114.354705] ? __pfx_do_exit+0x10/0x10
[ 114.354718] ? do_group_exit+0x1c3/0x2a0
[ 114.354732] ? lock_release+0xc8/0x290
[ 114.354750] do_group_exit+0xd3/0x2a0
[ 114.354765] __x64_sys_exit_group+0x3e/0x50
[ 114.354779] x64_sys_call+0x18c5/0x18d0
[ 114.354796] do_syscall_64+0xbf/0x360
[ 114.354809] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 114.354820] RIP: 0033:0x7fd16c51cb19
[ 114.354830] Code: Unable to access opcode bytes at 0x7fd16c51caef.
[ 114.354835] RSP: 002b:00007fff0baa3078 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 114.354847] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fd16c51cb19
[ 114.354854] RDX: 00007fd16c4cf72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 114.354862] RBP: 0000000000000000 R08: 0000001b2cd22988 R09: 0000000000000000
[ 114.354869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 114.354875] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff0baa3160
[ 114.354891]
[ 114.354895] kmemleak: Object (percpu) 0x607f1a63ea50 (size 16):
[ 114.354903] kmemleak: comm "syz-executor.7", pid 282, jiffies 4294781238
[ 114.354910] kmemleak: min_count = 1
[ 114.354913] kmemleak: count = 0
[ 114.354917] kmemleak: flags = 0x21
[ 114.354921] kmemleak: checksum = 0
[ 114.354925] kmemleak: backtrace:
[ 114.354928] pcpu_alloc_noprof+0x87a/0x1170
[ 114.354944] mm_init+0x99b/0x1170
[ 114.354952] copy_process+0x3ab7/0x73c0
[ 114.354963] kernel_clone+0xea/0x7f0
[ 114.354973] __do_sys_clone+0xce/0x120
[ 114.354983] do_syscall_64+0xbf/0x360
[ 114.354993] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 114.363040] kmemleak: Found object by alias at 0x607f1a63ea5c
[ 114.363059] CPU: 0 UID: 0 PID: 3956 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 114.363078] Tainted: [W]=WARN
[ 114.363082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 114.363089] Call Trace:
[ 114.363093]
[ 114.363098] dump_stack_lvl+0xca/0x120
[ 114.363128] __lookup_object+0x94/0xb0
[ 114.363147] delete_object_full+0x27/0x70
[ 114.363163] free_percpu+0x30/0x1160
[ 114.363180] ? arch_uprobe_clear_state+0x16/0x140
[ 114.363201] futex_hash_free+0x38/0xc0
[ 114.363216] mmput+0x2d3/0x390
[ 114.363236] do_exit+0x79d/0x2970
[ 114.363254] ? __pfx_do_exit+0x10/0x10
[ 114.363268] ? find_held_lock+0x2b/0x80
[ 114.363287] ? get_signal+0x835/0x2340
[ 114.363307] do_group_exit+0xd3/0x2a0
[ 114.363323] get_signal+0x2315/0x2340
[ 114.363345] ? put_task_stack+0xd2/0x240
[ 114.363360] ? __pfx_get_signal+0x10/0x10
[ 114.363377] ? __schedule+0xe91/0x3590
[ 114.363398] arch_do_signal_or_restart+0x80/0x790
[ 114.363419] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 114.363436] ? __x64_sys_futex+0x1c9/0x4d0
[ 114.363449] ? __x64_sys_futex+0x1d2/0x4d0
[ 114.363464] ? __pfx___x64_sys_futex+0x10/0x10
[ 114.363483] exit_to_user_mode_loop+0x8b/0x110
[ 114.363496] do_syscall_64+0x2f7/0x360
[ 114.363510] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 114.363523] RIP: 0033:0x7f234a263b19
[ 114.363531] Code: Unable to access opcode bytes at 0x7f234a263aef.
[ 114.363537] RSP: 002b:00007f23477d9218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 114.363549] RAX: 0000000000000001 RBX: 00007f234a376f68 RCX: 00007f234a263b19
[ 114.363557] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f234a376f6c
[ 114.363564] RBP: 00007f234a376f60 R08: 000000000000000e R09: 0000000000000000
[ 114.363572] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f234a376f6c
[ 114.363579] R13: 00007ffc132dd60f R14: 00007f23477d9300 R15: 0000000000022000
[ 114.363595]
[ 114.363599] kmemleak: Object (percpu) 0x607f1a63ea50 (size 16):
[ 114.363606] kmemleak: comm "syz-executor.7", pid 282, jiffies 4294781238
[ 114.363614] kmemleak: min_count = 1
[ 114.363618] kmemleak: count = 0
[ 114.363622] kmemleak: flags = 0x21
[ 114.363626] kmemleak: checksum = 0
[ 114.363629] kmemleak: backtrace:
[ 114.363633] pcpu_alloc_noprof+0x87a/0x1170
[ 114.363649] mm_init+0x99b/0x1170
[ 114.363657] copy_process+0x3ab7/0x73c0
[ 114.363668] kernel_clone+0xea/0x7f0
[ 114.363678] __do_sys_clone+0xce/0x120
[ 114.363688] do_syscall_64+0xbf/0x360
[ 114.363698] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 114.395767] Oops: general protection fault, probably for non-canonical address 0xdffffc0354508ac1: 0000 [#1] SMP KASAN NOPTI
[ 114.396666] KASAN: probably user-memory-access in range [0x0000001aa2845608-0x0000001aa284560f]
[ 114.397369] CPU: 1 UID: 0 PID: 3960 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 114.401783] Tainted: [W]=WARN
[ 114.402030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 114.402662] RIP: 0010:perf_tp_event+0x175/0xe70
[ 114.403041] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 114.404447] RSP: 0018:ffff8880467ef940 EFLAGS: 00010012
[ 114.404988] RAX: 0000000354508ac1 RBX: 0000001aa284541b RCX: 0000000000000002
[ 114.405725] RDX: ffff88801ae38000 RSI: ffffffff8189a4e7 RDI: 0000001aa284560b
[ 114.406278] RBP: ffff8880467efbb0 R08: ffff88806cf31340 R09: ffffe8ffffd16a50
[ 114.406882] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 114.407604] R13: 0000000000000024 R14: ffff88806cf31340 R15: dffffc0000000000
[ 114.408249] FS: 00007f9eddb0d700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 114.408867] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 114.409403] CR2: 00007f9ee06ab018 CR3: 0000000042a3c000 CR4: 0000000000350ef0
[ 114.410140] Call Trace:
[ 114.410347]
[ 114.410527] ? __pfx_perf_trace_lock+0x10/0x10
[ 114.410897] ? __pfx_perf_tp_event+0x10/0x10
[ 114.411248] ? __pfx_css_rstat_updated+0x10/0x10
[ 114.411625] ? lock_is_held_type+0x9e/0x120
[ 114.411985] ? perf_trace_lock+0xb5/0x5d0
[ 114.412350] ? perf_trace_lock+0xb5/0x5d0
[ 114.412763] ? __cgroup_account_cputime+0x88/0xc0
[ 114.413276] ? __pfx_perf_trace_lock+0x10/0x10
[ 114.413636] ? __pfx_perf_trace_lock+0x10/0x10
[ 114.413999] ? __resched_curr+0x2a2/0x330
[ 114.414337] ? perf_trace_lock+0xb5/0x5d0
[ 114.414665] ? __pfx_perf_trace_lock+0x10/0x10
[ 114.415029] ? lock_is_held_type+0x9e/0x120
[ 114.415459] ? perf_trace_run_bpf_submit+0xef/0x180
[ 114.415989] ? find_held_lock+0x2b/0x80
[ 114.416311] ? __perf_event_task_sched_out+0x461/0x14e0
[ 114.416825] perf_trace_run_bpf_submit+0xef/0x180
[ 114.417345] perf_trace_lock+0x337/0x5d0
[ 114.417671] ? __pfx_perf_trace_lock+0x10/0x10
[ 114.418038] ? mm_cid_get.isra.0+0x46c/0x570
[ 114.418391] ? set_next_entity+0x331/0x940
[ 114.418766] ? __schedule+0xe4b/0x3590
[ 114.419165] lock_release+0x1ab/0x290
[ 114.419518] ? lock_unpin_lock+0x9f/0x140
[ 114.419851] __schedule+0xe50/0x3590
[ 114.420166] ? __pfx___schedule+0x10/0x10
[ 114.420497] ? __x64_sys_futex+0x1c9/0x4d0
[ 114.420831] ? __x64_sys_futex+0x1d2/0x4d0
[ 114.421230] ? __pfx___x64_sys_futex+0x10/0x10
[ 114.421728] schedule+0xdb/0x390
[ 114.422009] exit_to_user_mode_loop+0x69/0x110
[ 114.422429] do_syscall_64+0x2f7/0x360
[ 114.422833] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 114.423316] RIP: 0033:0x7f9ee0597b19
[ 114.423608] Code: Unable to access opcode bytes at 0x7f9ee0597aef.
[ 114.424095] RSP: 002b:00007f9eddb0d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 114.424739] RAX: 0000000000000001 RBX: 00007f9ee06aaf68 RCX: 00007f9ee0597b19
[ 114.425491] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9ee06aaf6c
[ 114.426152] RBP: 00007f9ee06aaf60 R08: 000000000000000e R09: 0000000000000000
[ 114.426872] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f9ee06aaf6c
[ 114.427504] R13: 00007ffe6c9187df R14: 00007f9eddb0d300 R15: 0000000000022000
[ 114.428266]
[ 114.428466] Modules linked in:
[ 114.428740] ---[ end trace 0000000000000000 ]---
[ 114.429124] RIP: 0010:perf_tp_event+0x175/0xe70
[ 114.429591] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 114.431415] RSP: 0018:ffff8880467ef940 EFLAGS: 00010012
[ 114.431988] RAX: 0000000354508ac1 RBX: 0000001aa284541b RCX: 0000000000000002
[ 114.432610] RDX: ffff88801ae38000 RSI: ffffffff8189a4e7 RDI: 0000001aa284560b
[ 114.433327] RBP: ffff8880467efbb0 R08: ffff88806cf31340 R09: ffffe8ffffd16a50
[ 114.434050] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 114.434745] R13: 0000000000000024 R14: ffff88806cf31340 R15: dffffc0000000000
[ 114.435451] FS: 00007f9eddb0d700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 114.436111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 114.436569] CR2: 00007f9ee06ab018 CR3: 0000000042a3c000 CR4: 0000000000350ef0
[ 114.437281] note: syz-executor.7[3960] exited with irqs disabled
VM DIAGNOSIS:
09:55:19 Registers:
info registers vcpu 0
RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffffff8100012f RDX=0000000000000001
RSI=0000000000000001 RDI=ffffffff86c9a5f0 RBP=ffff88800f69f878 RSP=ffff88800f69f7b0
R8 =0000000000000000 R9 =0000000000000000 R10=000000000003bea3 R11=00000000000c5f1c
R12=ffff88800f69f880 R13=ffff88800f69f868 R14=ffff88800f69f861 R15=ffff88800f69f820
RIP=ffffffff81358542 RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f44db1248c0 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe4400000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055556bad5708 CR3=000000000d413000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=000000000000002f002f2e2e2f002e2e XMM01=0000000000000000696c61766e49002f
XMM02=ffffffffffffff0f0e0d0c0b0a090807 XMM03=30706f6f6c2f6b636f6c622f6c617574
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=000055e8487792f0000055e84873a550
XMM06=000055e84877b7f00000000000000002 XMM07=0000000300000001000055e84876a790
XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000
XMM10=00000020000000000000002000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff8880467ef2a0
R8 =0000000000000000 R9 =ffffed1001733046 R10=0000000000000030 R11=552031203a555043
R12=0000000000000030 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f9eddb0d700 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe6d00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9ee06ab018 CR3=0000000042a3c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f9ee067e7c000007f9ee067e7c8
XMM02=00007f9ee067e7e000007f9ee067e7c0 XMM03=00007f9ee067e7c800007f9ee067e7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000