Warning: Permanently added '[localhost]:55774' (ECDSA) to the list of known hosts. 2025/08/29 09:48:30 fuzzer started 2025/08/29 09:48:30 dialing manager at localhost:43077 syzkaller login: [ 53.040229] cgroup: Unknown subsys name 'net' [ 53.091270] cgroup: Unknown subsys name 'cpuset' [ 53.105827] cgroup: Unknown subsys name 'rlimit' 2025/08/29 09:48:42 syscalls: 2214 2025/08/29 09:48:42 code coverage: enabled 2025/08/29 09:48:42 comparison tracing: enabled 2025/08/29 09:48:42 extra coverage: enabled 2025/08/29 09:48:42 setuid sandbox: enabled 2025/08/29 09:48:42 namespace sandbox: enabled 2025/08/29 09:48:42 Android sandbox: enabled 2025/08/29 09:48:42 fault injection: enabled 2025/08/29 09:48:42 leak checking: enabled 2025/08/29 09:48:42 net packet injection: enabled 2025/08/29 09:48:42 net device setup: enabled 2025/08/29 09:48:42 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 09:48:42 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 09:48:42 USB emulation: enabled 2025/08/29 09:48:42 hci packet injection: enabled 2025/08/29 09:48:42 wifi device emulation: enabled 2025/08/29 09:48:42 802.15.4 emulation: enabled 2025/08/29 09:48:42 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 09:48:42 fetching corpus: 43, signal 16267/19873 (executing program) 2025/08/29 09:48:42 fetching corpus: 93, signal 33912/38644 (executing program) 2025/08/29 09:48:42 fetching corpus: 143, signal 42735/48640 (executing program) 2025/08/29 09:48:42 fetching corpus: 193, signal 47706/54798 (executing program) 2025/08/29 09:48:43 fetching corpus: 243, signal 55779/63698 (executing program) 2025/08/29 09:48:43 fetching corpus: 292, signal 62895/71573 (executing program) 2025/08/29 09:48:43 fetching corpus: 341, signal 67733/77188 (executing program) 2025/08/29 09:48:43 fetching corpus: 391, signal 70965/81298 (executing program) 2025/08/29 09:48:43 fetching corpus: 441, signal 73006/84239 (executing program) 2025/08/29 09:48:43 fetching corpus: 491, signal 76381/88302 (executing program) 2025/08/29 09:48:43 fetching corpus: 541, signal 79543/92089 (executing program) 2025/08/29 09:48:43 fetching corpus: 591, signal 80815/94230 (executing program) 2025/08/29 09:48:43 fetching corpus: 641, signal 84120/98014 (executing program) 2025/08/29 09:48:43 fetching corpus: 691, signal 85814/100405 (executing program) 2025/08/29 09:48:44 fetching corpus: 741, signal 87975/103128 (executing program) 2025/08/29 09:48:44 fetching corpus: 791, signal 89939/105625 (executing program) 2025/08/29 09:48:44 fetching corpus: 841, signal 93167/109050 (executing program) 2025/08/29 09:48:44 fetching corpus: 891, signal 94760/111160 (executing program) 2025/08/29 09:48:44 fetching corpus: 941, signal 96609/113447 (executing program) 2025/08/29 09:48:44 fetching corpus: 991, signal 98296/115578 (executing program) 2025/08/29 09:48:44 fetching corpus: 1041, signal 99575/117335 (executing program) 2025/08/29 09:48:44 fetching corpus: 1091, signal 101596/119678 (executing program) 2025/08/29 09:48:44 fetching corpus: 1141, signal 103490/121829 (executing program) 2025/08/29 09:48:44 fetching corpus: 1191, signal 105595/124272 (executing program) 2025/08/29 09:48:45 fetching corpus: 1241, signal 106650/125711 (executing program) 2025/08/29 09:48:45 fetching corpus: 1290, signal 108160/127477 (executing program) 2025/08/29 09:48:45 fetching corpus: 1340, signal 109127/128858 (executing program) 2025/08/29 09:48:45 fetching corpus: 1390, signal 110284/130331 (executing program) 2025/08/29 09:48:45 fetching corpus: 1440, signal 111364/131723 (executing program) 2025/08/29 09:48:45 fetching corpus: 1490, signal 112812/133332 (executing program) 2025/08/29 09:48:45 fetching corpus: 1540, signal 114170/134822 (executing program) 2025/08/29 09:48:45 fetching corpus: 1590, signal 115036/135987 (executing program) 2025/08/29 09:48:45 fetching corpus: 1640, signal 115928/137161 (executing program) 2025/08/29 09:48:45 fetching corpus: 1690, signal 117075/138449 (executing program) 2025/08/29 09:48:46 fetching corpus: 1740, signal 118320/139762 (executing program) 2025/08/29 09:48:46 fetching corpus: 1790, signal 118960/140711 (executing program) 2025/08/29 09:48:46 fetching corpus: 1840, signal 119633/141659 (executing program) 2025/08/29 09:48:46 fetching corpus: 1890, signal 120632/142771 (executing program) 2025/08/29 09:48:46 fetching corpus: 1939, signal 121563/143853 (executing program) 2025/08/29 09:48:46 fetching corpus: 1989, signal 122462/144876 (executing program) 2025/08/29 09:48:46 fetching corpus: 2039, signal 123193/145805 (executing program) 2025/08/29 09:48:46 fetching corpus: 2089, signal 124599/147039 (executing program) 2025/08/29 09:48:46 fetching corpus: 2139, signal 125302/147906 (executing program) 2025/08/29 09:48:46 fetching corpus: 2189, signal 126118/148763 (executing program) 2025/08/29 09:48:47 fetching corpus: 2239, signal 127120/149681 (executing program) 2025/08/29 09:48:47 fetching corpus: 2288, signal 127817/150495 (executing program) 2025/08/29 09:48:47 fetching corpus: 2338, signal 128331/151186 (executing program) 2025/08/29 09:48:47 fetching corpus: 2388, signal 129121/152000 (executing program) 2025/08/29 09:48:47 fetching corpus: 2438, signal 130129/152879 (executing program) 2025/08/29 09:48:47 fetching corpus: 2487, signal 131036/153739 (executing program) 2025/08/29 09:48:47 fetching corpus: 2537, signal 131839/154531 (executing program) 2025/08/29 09:48:47 fetching corpus: 2587, signal 132629/155273 (executing program) 2025/08/29 09:48:47 fetching corpus: 2637, signal 133237/155928 (executing program) 2025/08/29 09:48:47 fetching corpus: 2686, signal 134827/156874 (executing program) 2025/08/29 09:48:48 fetching corpus: 2735, signal 135905/157632 (executing program) 2025/08/29 09:48:48 fetching corpus: 2784, signal 136576/158226 (executing program) 2025/08/29 09:48:48 fetching corpus: 2832, signal 137614/158883 (executing program) 2025/08/29 09:48:48 fetching corpus: 2882, signal 138401/159466 (executing program) 2025/08/29 09:48:48 fetching corpus: 2932, signal 138966/159998 (executing program) 2025/08/29 09:48:48 fetching corpus: 2982, signal 139796/160599 (executing program) 2025/08/29 09:48:48 fetching corpus: 3031, signal 140430/161096 (executing program) 2025/08/29 09:48:48 fetching corpus: 3080, signal 141203/161619 (executing program) 2025/08/29 09:48:48 fetching corpus: 3129, signal 141770/162064 (executing program) 2025/08/29 09:48:49 fetching corpus: 3179, signal 142336/162499 (executing program) 2025/08/29 09:48:49 fetching corpus: 3229, signal 142985/162953 (executing program) 2025/08/29 09:48:49 fetching corpus: 3279, signal 143437/163352 (executing program) 2025/08/29 09:48:49 fetching corpus: 3329, signal 144060/163762 (executing program) 2025/08/29 09:48:49 fetching corpus: 3377, signal 144708/164160 (executing program) 2025/08/29 09:48:49 fetching corpus: 3427, signal 145451/164557 (executing program) 2025/08/29 09:48:49 fetching corpus: 3475, signal 145993/164915 (executing program) 2025/08/29 09:48:49 fetching corpus: 3525, signal 146444/165305 (executing program) 2025/08/29 09:48:49 fetching corpus: 3575, signal 147084/165632 (executing program) 2025/08/29 09:48:50 fetching corpus: 3623, signal 147653/165953 (executing program) 2025/08/29 09:48:50 fetching corpus: 3673, signal 148074/166225 (executing program) 2025/08/29 09:48:50 fetching corpus: 3723, signal 148652/166533 (executing program) 2025/08/29 09:48:50 fetching corpus: 3773, signal 148992/166773 (executing program) 2025/08/29 09:48:50 fetching corpus: 3823, signal 149897/167085 (executing program) 2025/08/29 09:48:50 fetching corpus: 3873, signal 150536/167322 (executing program) 2025/08/29 09:48:50 fetching corpus: 3923, signal 150958/167541 (executing program) 2025/08/29 09:48:50 fetching corpus: 3973, signal 151503/167789 (executing program) 2025/08/29 09:48:50 fetching corpus: 4023, signal 152352/167920 (executing program) 2025/08/29 09:48:50 fetching corpus: 4072, signal 152705/167933 (executing program) 2025/08/29 09:48:50 fetching corpus: 4121, signal 153086/167953 (executing program) 2025/08/29 09:48:51 fetching corpus: 4171, signal 154233/168095 (executing program) 2025/08/29 09:48:51 fetching corpus: 4220, signal 154592/168107 (executing program) 2025/08/29 09:48:51 fetching corpus: 4270, signal 155180/168121 (executing program) 2025/08/29 09:48:51 fetching corpus: 4320, signal 155663/168172 (executing program) 2025/08/29 09:48:51 fetching corpus: 4370, signal 156029/168172 (executing program) 2025/08/29 09:48:51 fetching corpus: 4420, signal 156401/168184 (executing program) 2025/08/29 09:48:51 fetching corpus: 4470, signal 156945/168184 (executing program) 2025/08/29 09:48:51 fetching corpus: 4520, signal 157377/168194 (executing program) 2025/08/29 09:48:51 fetching corpus: 4570, signal 157817/168201 (executing program) 2025/08/29 09:48:51 fetching corpus: 4619, signal 158502/168212 (executing program) 2025/08/29 09:48:51 fetching corpus: 4669, signal 158974/168220 (executing program) 2025/08/29 09:48:51 fetching corpus: 4719, signal 159480/168221 (executing program) 2025/08/29 09:48:52 fetching corpus: 4769, signal 160032/168230 (executing program) 2025/08/29 09:48:52 fetching corpus: 4818, signal 160407/168253 (executing program) 2025/08/29 09:48:52 fetching corpus: 4868, signal 161096/168265 (executing program) 2025/08/29 09:48:52 fetching corpus: 4918, signal 161546/168269 (executing program) 2025/08/29 09:48:52 fetching corpus: 4968, signal 161939/168271 (executing program) 2025/08/29 09:48:52 fetching corpus: 5018, signal 162372/168281 (executing program) 2025/08/29 09:48:52 fetching corpus: 5068, signal 162695/168286 (executing program) 2025/08/29 09:48:52 fetching corpus: 5118, signal 163149/168298 (executing program) 2025/08/29 09:48:52 fetching corpus: 5168, signal 164084/168345 (executing program) 2025/08/29 09:48:53 fetching corpus: 5217, signal 164404/168345 (executing program) 2025/08/29 09:48:53 fetching corpus: 5267, signal 165157/168347 (executing program) 2025/08/29 09:48:53 fetching corpus: 5317, signal 165576/168366 (executing program) 2025/08/29 09:48:53 fetching corpus: 5367, signal 165972/168422 (executing program) 2025/08/29 09:48:53 fetching corpus: 5409, signal 166376/168502 (executing program) 2025/08/29 09:48:53 fetching corpus: 5410, signal 166380/168502 (executing program) 2025/08/29 09:48:53 fetching corpus: 5410, signal 166380/168502 (executing program) 2025/08/29 09:48:55 starting 8 fuzzer processes 09:48:55 executing program 0: r0 = creat(&(0x7f0000000800)='./file0\x00', 0x0) pipe(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0x200) close_range(r0, r1, 0x0) pipe(&(0x7f0000000880)={0xffffffffffffffff}) close_range(r3, 0xffffffffffffffff, 0x0) 09:48:55 executing program 1: getpriority(0x2, 0x0) 09:48:55 executing program 7: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pread64(r0, &(0x7f00000000c0)=""/148, 0x94, 0x0) 09:48:55 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) connect$unix(r0, &(0x7f0000000180)=@abs={0x1}, 0x6e) [ 76.611848] audit: type=1400 audit(1756460935.239:7): avc: denied { execmem } for pid=275 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 09:48:55 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) dup2(0xffffffffffffffff, r0) 09:48:55 executing program 4: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xb1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) r1 = fork() ptrace(0x10, r1) r2 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = getpid() r4 = getpid() r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(r3, r4, 0x7, r2, &(0x7f0000000000)={r5}) getpriority(0x1, r4) r6 = fork() ptrace(0x10, r6) fcntl$getownex(r0, 0x10, &(0x7f00000001c0)={0x0, 0x0}) pidfd_open(r7, 0x0) ptrace$setsig(0x4203, r6, 0xf738, &(0x7f0000000100)={0xc, 0x0, 0x1}) ptrace$setregs(0xf, r6, 0x3, &(0x7f0000000180)="89c8a8e7673e954ade969f0d89412d396a1847e2c8532bec") perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0xfc, 0x8, 0x5, 0x44, 0x0, 0xffffffffffffffe1, 0x400, 0xe, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7fffffff, 0x1, @perf_config_ext={0x7ff}, 0x12000, 0x4, 0x0, 0x4, 0x1, 0x0, 0x4, 0x0, 0x1ff, 0x0, 0x5}, r6, 0xe, r0, 0x9) ptrace$setsig(0x4203, r1, 0xf738, &(0x7f0000000100)={0xc, 0x0, 0x1}) io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000)="fa", 0x80000}]) 09:48:55 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f00000003c0)={0x81, 0x0, 'client0\x00', 0x0, "be020b6ddfc64197", "8bd26414e9717e9bce7f67f15f1037789da384c7d953c8d70529cf2bfc27085f"}) 09:48:55 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_buf(r0, 0x29, 0x3d, &(0x7f00000003c0)=""/4096, &(0x7f0000000100)=0x1000) [ 77.749811] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.752676] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.754544] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.765416] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.768144] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.939040] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.943516] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.945184] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.951981] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.959825] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 77.961316] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.964238] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.967880] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.981056] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.987866] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 78.010856] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 78.012415] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 78.014095] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 78.016584] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 78.019122] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 78.020892] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 78.022219] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 78.023642] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 78.025190] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 78.026949] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 78.034914] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 78.048890] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 78.051270] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 78.053124] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 78.056241] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 78.058569] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 78.061846] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 78.063816] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 78.068256] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 78.072700] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 78.074199] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 78.074611] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 78.081187] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 78.087776] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 78.091738] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 79.842016] Bluetooth: hci0: command tx timeout [ 80.033307] Bluetooth: hci1: command tx timeout [ 80.096847] Bluetooth: hci2: command tx timeout [ 80.160811] Bluetooth: hci7: command tx timeout [ 80.164640] Bluetooth: hci6: command tx timeout [ 80.165659] Bluetooth: hci5: command tx timeout [ 80.166988] Bluetooth: hci3: command tx timeout [ 80.224596] Bluetooth: hci4: command tx timeout [ 81.888740] Bluetooth: hci0: command tx timeout [ 82.081544] Bluetooth: hci1: command tx timeout [ 82.144872] Bluetooth: hci2: command tx timeout [ 82.209764] Bluetooth: hci6: command tx timeout [ 82.211035] Bluetooth: hci5: command tx timeout [ 82.211935] Bluetooth: hci7: command tx timeout [ 82.213057] Bluetooth: hci3: command tx timeout [ 82.272635] Bluetooth: hci4: command tx timeout [ 83.936553] Bluetooth: hci0: command tx timeout [ 84.128614] Bluetooth: hci1: command tx timeout [ 84.192707] Bluetooth: hci2: command tx timeout [ 84.256654] Bluetooth: hci3: command tx timeout [ 84.257098] Bluetooth: hci5: command tx timeout [ 84.257289] Bluetooth: hci7: command tx timeout [ 84.257983] Bluetooth: hci6: command tx timeout [ 84.322515] Bluetooth: hci4: command tx timeout [ 85.984635] Bluetooth: hci0: command tx timeout [ 86.176652] Bluetooth: hci1: command tx timeout [ 86.240530] Bluetooth: hci2: command tx timeout [ 86.305595] Bluetooth: hci6: command tx timeout [ 86.306069] Bluetooth: hci5: command tx timeout [ 86.306462] Bluetooth: hci7: command tx timeout [ 86.307987] Bluetooth: hci3: command tx timeout [ 86.368629] Bluetooth: hci4: command tx timeout [ 119.974654] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.975308] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.177375] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.179367] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.802049] audit: type=1400 audit(1756460979.427:8): avc: denied { open } for pid=3692 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.819542] audit: type=1400 audit(1756460979.427:9): avc: denied { kernel } for pid=3692 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.824640] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list 09:49:39 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x14, 0x2, 0x2, 0x3}, 0x14}}, 0x0) 09:49:39 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x14, 0x2, 0x2, 0x3}, 0x14}}, 0x0) 09:49:39 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x14, 0x2, 0x2, 0x3}, 0x14}}, 0x0) 09:49:39 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x14, 0x2, 0x2, 0x3}, 0x14}}, 0x0) 09:49:40 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) preadv2(r0, &(0x7f0000000940)=[{&(0x7f00000006c0)=""/94, 0x5e}], 0x1, 0x300, 0x0, 0x0) 09:49:40 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) preadv2(r0, &(0x7f0000000940)=[{&(0x7f00000006c0)=""/94, 0x5e}], 0x1, 0x300, 0x0, 0x0) 09:49:40 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) preadv2(r0, &(0x7f0000000940)=[{&(0x7f00000006c0)=""/94, 0x5e}], 0x1, 0x300, 0x0, 0x0) 09:49:40 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) preadv2(r0, &(0x7f0000000940)=[{&(0x7f00000006c0)=""/94, 0x5e}], 0x1, 0x300, 0x0, 0x0) [ 122.021908] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.022521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.145860] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.146454] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.894588] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.895760] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.150573] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.151794] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.415427] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.416958] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.503156] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.504630] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.695443] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.696966] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.872728] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.874108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.053049] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.055631] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.234890] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.236112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.847323] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.847980] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.885836] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.886504] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.948138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.949453] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.017297] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.018513] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 03:33:20 executing program 1: getpriority(0x2, 0x0) 03:33:20 executing program 7: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pread64(r0, &(0x7f00000000c0)=""/148, 0x94, 0x0) 03:33:20 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x200480c0) close_range(r0, 0xffffffffffffffff, 0x0) 03:33:20 executing program 4: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xb1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) r1 = fork() ptrace(0x10, r1) r2 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = getpid() r4 = getpid() r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(r3, r4, 0x7, r2, &(0x7f0000000000)={r5}) getpriority(0x1, r4) r6 = fork() ptrace(0x10, r6) fcntl$getownex(r0, 0x10, &(0x7f00000001c0)={0x0, 0x0}) pidfd_open(r7, 0x0) ptrace$setsig(0x4203, r6, 0xf738, &(0x7f0000000100)={0xc, 0x0, 0x1}) ptrace$setregs(0xf, r6, 0x3, &(0x7f0000000180)="89c8a8e7673e954ade969f0d89412d396a1847e2c8532bec") perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0xfc, 0x8, 0x5, 0x44, 0x0, 0xffffffffffffffe1, 0x400, 0xe, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7fffffff, 0x1, @perf_config_ext={0x7ff}, 0x12000, 0x4, 0x0, 0x4, 0x1, 0x0, 0x4, 0x0, 0x1ff, 0x0, 0x5}, r6, 0xe, r0, 0x9) ptrace$setsig(0x4203, r1, 0xf738, &(0x7f0000000100)={0xc, 0x0, 0x1}) io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000)="fa", 0x80000}]) 03:33:20 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) connect$unix(r0, &(0x7f0000000180)=@abs={0x1}, 0x6e) 03:33:20 executing program 0: r0 = creat(&(0x7f0000000800)='./file0\x00', 0x0) pipe(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0x200) close_range(r0, r1, 0x0) pipe(&(0x7f0000000880)={0xffffffffffffffff}) close_range(r3, 0xffffffffffffffff, 0x0) 03:33:20 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_buf(r0, 0x29, 0x3d, &(0x7f00000003c0)=""/4096, &(0x7f0000000100)=0x1000) 03:33:20 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f00000003c0)={0x81, 0x0, 'client0\x00', 0x0, "be020b6ddfc64197", "8bd26414e9717e9bce7f67f15f1037789da384c7d953c8d70529cf2bfc27085f"}) 03:33:20 executing program 0: r0 = creat(&(0x7f0000000800)='./file0\x00', 0x0) pipe(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0x200) close_range(r0, r1, 0x0) pipe(&(0x7f0000000880)={0xffffffffffffffff}) close_range(r3, 0xffffffffffffffff, 0x0) 03:33:20 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f00000003c0)={0x81, 0x0, 'client0\x00', 0x0, "be020b6ddfc64197", "8bd26414e9717e9bce7f67f15f1037789da384c7d953c8d70529cf2bfc27085f"}) 03:33:20 executing program 7: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pread64(r0, &(0x7f00000000c0)=""/148, 0x94, 0x0) [ 125.520023] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI [ 125.521402] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 125.522280] CPU: 1 UID: 0 PID: 3947 Comm: syz-executor.5 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 125.528282] Tainted: [W]=WARN [ 125.529146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 125.530088] RIP: 0010:perf_tp_event+0x175/0xe70 [ 125.530650] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 125.532764] RSP: 0018:ffff888019e67780 EFLAGS: 00010012 [ 125.533390] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90005417000 [ 125.534209] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 125.535033] RBP: ffff888019e679f0 R08: ffff88806cf31340 R09: ffffe8ffffd16738 [ 125.535871] R10: 0000000000000000 R11: ffff888015ab5c98 R12: dffffc0000000000 [ 125.536698] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 125.537525] FS: 00007f7dc7d95700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 125.538467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.539135] CR2: 00007f7dca933018 CR3: 000000000df5b000 CR4: 0000000000350ef0 [ 125.539948] Call Trace: [ 125.540255] [ 125.540534] ? __pfx_perf_tp_event+0x10/0x10 [ 125.541065] ? lock_acquire+0x15e/0x2f0 [ 125.541538] ? __is_insn_slot_addr+0x2e/0x290 [ 125.542078] ? find_held_lock+0x2b/0x80 [ 125.542554] ? __is_insn_slot_addr+0x136/0x290 [ 125.543098] ? lock_release+0xc8/0x290 [ 125.543557] ? __is_insn_slot_addr+0x140/0x290 [ 125.544098] ? kernel_text_address+0x5b/0xc0 [ 125.544628] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 125.545252] ? __kernel_text_address+0xd/0x40 [ 125.545773] ? unwind_get_return_address+0x59/0xa0 [ 125.546351] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 125.546977] ? arch_stack_walk+0x9c/0xf0 [ 125.547447] ? perf_trace_run_bpf_submit+0xef/0x180 [ 125.548026] perf_trace_run_bpf_submit+0xef/0x180 [ 125.548593] perf_trace_preemptirq_template+0x259/0x430 [ 125.549217] ? trace_sched_set_need_resched_tp+0xd4/0x110 [ 125.549850] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 125.550537] ? __pfx___resched_curr+0x10/0x10 [ 125.551077] ? find_held_lock+0x2b/0x80 [ 125.551553] ? try_to_wake_up+0x8ae/0x11d0 [ 125.552050] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 125.552643] trace_irq_enable.constprop.0+0xa6/0x100 [ 125.553233] trace_hardirqs_on+0x26/0x40 [ 125.553711] _raw_spin_unlock_irqrestore+0x2c/0x50 [ 125.554482] try_to_wake_up+0x8ae/0x11d0 [ 125.555121] ? __pfx_try_to_wake_up+0x10/0x10 [ 125.555660] ? plist_del+0x122/0x270 [ 125.556107] ? find_held_lock+0x2b/0x80 [ 125.556594] ? futex_wake+0x474/0x540 [ 125.557191] wake_up_q+0xa1/0x130 [ 125.557675] futex_wake+0x47e/0x540 [ 125.558258] ? __pfx_futex_wake+0x10/0x10 [ 125.558871] ? kmem_cache_free+0x2a1/0x540 [ 125.559521] ? fd_install+0x1d8/0x660 [ 125.560047] do_futex+0x26d/0x370 [ 125.560578] ? __pfx_do_futex+0x10/0x10 [ 125.561114] ? lock_acquire+0x15e/0x2f0 [ 125.561590] __x64_sys_futex+0x1c9/0x4d0 [ 125.562192] ? __pfx___x64_sys_futex+0x10/0x10 [ 125.562813] ? lock_release+0xc8/0x290 [ 125.563279] ? __might_fault+0xe0/0x190 [ 125.563754] ? __might_fault+0x151/0x190 [ 125.564230] do_syscall_64+0xbf/0x360 [ 125.564684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.565476] RIP: 0033:0x7f7dca81fb19 [ 125.566000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.568707] RSP: 002b:00007f7dc7d95218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.569833] RAX: ffffffffffffffda RBX: 00007f7dca932f68 RCX: 00007f7dca81fb19 [ 125.570834] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7dca932f6c [ 125.571867] RBP: 00007f7dca932f60 R08: 000000000000000e R09: 0000000000000000 [ 125.572688] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f7dca932f6c [ 125.573571] R13: 00007ffff6b9220f R14: 00007f7dc7d95300 R15: 0000000000022000 [ 125.574605] [ 125.574917] Modules linked in: [ 125.575402] ---[ end trace 0000000000000000 ]--- [ 125.576147] RIP: 0010:perf_tp_event+0x175/0xe70 [ 125.576845] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 125.579494] RSP: 0018:ffff888019e67780 EFLAGS: 00010012 [ 125.580110] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90005417000 [ 125.581018] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 125.582001] RBP: ffff888019e679f0 R08: ffff88806cf31340 R09: ffffe8ffffd16738 [ 125.583028] R10: 0000000000000000 R11: ffff888015ab5c98 R12: dffffc0000000000 [ 125.584076] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 125.585168] FS: 00007f7dc7d95700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 125.586347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.587135] CR2: 00007f7dca933018 CR3: 000000000df5b000 CR4: 0000000000350ef0 [ 125.588099] note: syz-executor.5[3947] exited with irqs disabled [ 125.589071] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI [ 125.590334] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 125.591193] CPU: 1 UID: 0 PID: 3947 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 125.592825] Tainted: [D]=DIE, [W]=WARN [ 125.593263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 125.594188] RIP: 0010:perf_tp_event+0x175/0xe70 [ 125.594866] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 125.597371] RSP: 0018:ffff88806cf08b80 EFLAGS: 00010012 [ 125.598133] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 125.599156] RDX: ffff88800f665280 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 125.600188] RBP: ffff88806cf08df0 R08: ffff88806cf313e8 R09: ffffe8ffffd16738 [ 125.601236] R10: 0000000000000000 R11: ffff888015ab5c98 R12: dffffc0000000000 [ 125.602254] R13: 0000000000000014 R14: ffff88806cf313e8 R15: dffffc0000000000 [ 125.603322] FS: 00007f7dc7d95700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 125.604374] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.605037] CR2: 00007f7dca933018 CR3: 000000000df5b000 CR4: 0000000000350ef0 [ 125.606059] Call Trace: [ 125.606402] [ 125.606660] ? __pfx_perf_tp_event+0x10/0x10 [ 125.607173] ? trace_pelt_se_tp+0xdf/0x130 [ 125.607698] ? do_raw_spin_lock+0x123/0x260 [ 125.608284] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 125.608818] ? lock_acquire+0x18c/0x2f0 [ 125.609274] ? update_cfs_group+0x11d/0x260 [ 125.609767] ? lock_release+0x1c7/0x290 [ 125.610225] ? do_raw_spin_unlock+0x53/0x220 [ 125.610742] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 125.611322] ? try_to_wake_up+0x128/0x11d0 [ 125.611806] ? do_raw_spin_lock+0x123/0x260 [ 125.612306] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 125.612840] ? perf_trace_run_bpf_submit+0xef/0x180 [ 125.613407] perf_trace_run_bpf_submit+0xef/0x180 [ 125.613965] perf_trace_preemptirq_template+0x259/0x430 [ 125.614579] ? read_tsc+0x9/0x20 [ 125.614975] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 125.615645] ? clockevents_program_event+0x135/0x360 [ 125.616226] ? tick_program_event+0xac/0x140 [ 125.616735] ? handle_softirqs+0x16e/0x770 [ 125.617225] trace_irq_enable.constprop.0+0xa6/0x100 [ 125.617793] trace_hardirqs_on+0x26/0x40 [ 125.618248] handle_softirqs+0x16e/0x770 [ 125.618721] __irq_exit_rcu+0xc4/0x100 [ 125.619173] irq_exit_rcu+0x9/0x20 [ 125.619582] sysvec_apic_timer_interrupt+0x70/0x80 [ 125.620145] [ 125.620413] [ 125.620674] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 125.621268] RIP: 0010:make_task_dead+0xa2/0x3b0 [ 125.621800] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de [ 125.623792] RSP: 0018:ffff888019e67f28 EFLAGS: 00000246 [ 125.624390] RAX: 0000000000000001 RBX: ffff88800f665280 RCX: ffffffff817c2b86 [ 125.625183] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234 [ 125.625970] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000 [ 125.626754] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff88800f665280 [ 125.627538] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000 [ 125.628331] ? trace_irq_enable.constprop.0+0x26/0x100 [ 125.628913] ? make_task_dead+0x214/0x3b0 [ 125.629382] ? make_task_dead+0x214/0x3b0 [ 125.629852] ? do_syscall_64+0xbf/0x360 [ 125.630300] rewind_stack_and_make_dead+0x16/0x20 [ 125.630849] RIP: 0033:0x7f7dca81fb19 [ 125.631269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.633265] RSP: 002b:00007f7dc7d95218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.634100] RAX: ffffffffffffffda RBX: 00007f7dca932f68 RCX: 00007f7dca81fb19 [ 125.634895] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7dca932f6c [ 125.635687] RBP: 00007f7dca932f60 R08: 000000000000000e R09: 0000000000000000 [ 125.636477] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f7dca932f6c [ 125.637252] R13: 00007ffff6b9220f R14: 00007f7dc7d95300 R15: 0000000000022000 [ 125.638032] [ 125.638291] Modules linked in: [ 125.638649] ---[ end trace 0000000000000000 ]--- [ 125.639156] RIP: 0010:perf_tp_event+0x175/0xe70 [ 125.639673] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 125.641624] RSP: 0018:ffff888019e67780 EFLAGS: 00010012 [ 125.642200] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90005417000 [ 125.642967] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 125.643737] RBP: ffff888019e679f0 R08: ffff88806cf31340 R09: ffffe8ffffd16738 [ 125.644510] R10: 0000000000000000 R11: ffff888015ab5c98 R12: dffffc0000000000 [ 125.645277] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 125.646044] FS: 00007f7dc7d95700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 125.646914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.647546] CR2: 00007f7dca933018 CR3: 000000000df5b000 CR4: 0000000000350ef0 [ 125.648327] Kernel panic - not syncing: Fatal exception in interrupt [ 125.649241] Kernel Offset: disabled [ 125.649638] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 09:49:44 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff81ae84b5 RDX=ffff888016471b80 RSI=ffffffff81ae84c4 RDI=0000000000000003 RBP=0000000000052810 RSP=ffff88801436f530 R8 =0000000000000000 R9 =fffffbfff0c8758a R10=0000000000000001 R11=ffff88806ce3be40 R12=1ffff1100286dea8 R13=ffffea000073d200 R14=ffffffff8835c2a4 R15=0000000000000002 RIP=ffffffff8173e788 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f3fe1d53900 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe5800000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f78e4367360 CR3=000000000e301000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888019e67118 R8 =0000000000000000 R9 =ffffed1001522046 R10=000000000000005b R11=3a6465746e696154 R12=000000000000005b R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f7dc7d95700 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe2800000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f7dca933018 CR3=000000000df5b000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f7dca9067c000007f7dca9067c8 XMM02=00007f7dca9067e000007f7dca9067c0 XMM03=00007f7dca9067c800007f7dca9067c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000