Warning: Permanently added '[localhost]:19375' (ECDSA) to the list of known hosts.
2025/09/01 10:34:36 fuzzer started
2025/09/01 10:34:37 dialing manager at localhost:35473
syzkaller login: [ 49.496596] cgroup: Unknown subsys name 'net'
[ 49.882442] cgroup: Unknown subsys name 'cpuset'
[ 49.898070] cgroup: Unknown subsys name 'rlimit'
2025/09/01 10:34:47 syscalls: 2214
2025/09/01 10:34:47 code coverage: enabled
2025/09/01 10:34:47 comparison tracing: enabled
2025/09/01 10:34:47 extra coverage: enabled
2025/09/01 10:34:47 setuid sandbox: enabled
2025/09/01 10:34:47 namespace sandbox: enabled
2025/09/01 10:34:47 Android sandbox: enabled
2025/09/01 10:34:47 fault injection: enabled
2025/09/01 10:34:47 leak checking: enabled
2025/09/01 10:34:47 net packet injection: enabled
2025/09/01 10:34:47 net device setup: enabled
2025/09/01 10:34:47 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 10:34:47 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 10:34:47 USB emulation: enabled
2025/09/01 10:34:47 hci packet injection: enabled
2025/09/01 10:34:47 wifi device emulation: enabled
2025/09/01 10:34:47 802.15.4 emulation: enabled
2025/09/01 10:34:47 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 10:34:47 fetching corpus: 50, signal 22302/25782 (executing program)
2025/09/01 10:34:47 fetching corpus: 100, signal 31592/36513 (executing program)
2025/09/01 10:34:47 fetching corpus: 150, signal 41186/47337 (executing program)
2025/09/01 10:34:48 fetching corpus: 200, signal 44961/52444 (executing program)
2025/09/01 10:34:48 fetching corpus: 250, signal 47346/56187 (executing program)
2025/09/01 10:34:48 fetching corpus: 300, signal 51827/61790 (executing program)
2025/09/01 10:34:48 fetching corpus: 350, signal 55518/66569 (executing program)
2025/09/01 10:34:48 fetching corpus: 400, signal 61306/73137 (executing program)
2025/09/01 10:34:48 fetching corpus: 450, signal 64707/77481 (executing program)
2025/09/01 10:34:48 fetching corpus: 500, signal 67876/81547 (executing program)
2025/09/01 10:34:48 fetching corpus: 550, signal 71298/85766 (executing program)
2025/09/01 10:34:48 fetching corpus: 600, signal 74582/89769 (executing program)
2025/09/01 10:34:49 fetching corpus: 650, signal 77675/93529 (executing program)
2025/09/01 10:34:49 fetching corpus: 700, signal 80456/96959 (executing program)
2025/09/01 10:34:49 fetching corpus: 750, signal 86032/102627 (executing program)
2025/09/01 10:34:49 fetching corpus: 800, signal 89091/106150 (executing program)
2025/09/01 10:34:49 fetching corpus: 850, signal 90934/108629 (executing program)
2025/09/01 10:34:49 fetching corpus: 900, signal 94085/112117 (executing program)
2025/09/01 10:34:49 fetching corpus: 950, signal 95583/114313 (executing program)
2025/09/01 10:34:49 fetching corpus: 1000, signal 97660/116873 (executing program)
2025/09/01 10:34:49 fetching corpus: 1050, signal 99454/119180 (executing program)
2025/09/01 10:34:50 fetching corpus: 1100, signal 101473/121595 (executing program)
2025/09/01 10:34:50 fetching corpus: 1150, signal 103921/124236 (executing program)
2025/09/01 10:34:50 fetching corpus: 1200, signal 105487/126251 (executing program)
2025/09/01 10:34:50 fetching corpus: 1250, signal 108197/129053 (executing program)
2025/09/01 10:34:50 fetching corpus: 1300, signal 109418/130662 (executing program)
2025/09/01 10:34:50 fetching corpus: 1350, signal 110828/132470 (executing program)
2025/09/01 10:34:50 fetching corpus: 1400, signal 112131/134090 (executing program)
2025/09/01 10:34:50 fetching corpus: 1450, signal 113309/135667 (executing program)
2025/09/01 10:34:50 fetching corpus: 1500, signal 114189/137001 (executing program)
2025/09/01 10:34:50 fetching corpus: 1550, signal 115183/138394 (executing program)
2025/09/01 10:34:51 fetching corpus: 1600, signal 116322/139846 (executing program)
2025/09/01 10:34:51 fetching corpus: 1650, signal 117433/141334 (executing program)
2025/09/01 10:34:51 fetching corpus: 1700, signal 118412/142646 (executing program)
2025/09/01 10:34:51 fetching corpus: 1750, signal 119521/144078 (executing program)
2025/09/01 10:34:51 fetching corpus: 1800, signal 121009/145644 (executing program)
2025/09/01 10:34:51 fetching corpus: 1850, signal 121944/146863 (executing program)
2025/09/01 10:34:51 fetching corpus: 1900, signal 123208/148276 (executing program)
2025/09/01 10:34:51 fetching corpus: 1950, signal 124011/149372 (executing program)
2025/09/01 10:34:51 fetching corpus: 2000, signal 125106/150563 (executing program)
2025/09/01 10:34:52 fetching corpus: 2050, signal 125918/151603 (executing program)
2025/09/01 10:34:52 fetching corpus: 2100, signal 126682/152613 (executing program)
2025/09/01 10:34:52 fetching corpus: 2150, signal 127380/153594 (executing program)
2025/09/01 10:34:52 fetching corpus: 2200, signal 128145/154581 (executing program)
2025/09/01 10:34:52 fetching corpus: 2250, signal 128996/155596 (executing program)
2025/09/01 10:34:52 fetching corpus: 2300, signal 129706/156547 (executing program)
2025/09/01 10:34:52 fetching corpus: 2350, signal 130575/157544 (executing program)
2025/09/01 10:34:52 fetching corpus: 2400, signal 131376/158446 (executing program)
2025/09/01 10:34:52 fetching corpus: 2450, signal 132140/159350 (executing program)
2025/09/01 10:34:52 fetching corpus: 2500, signal 132675/160108 (executing program)
2025/09/01 10:34:52 fetching corpus: 2550, signal 133356/160906 (executing program)
2025/09/01 10:34:52 fetching corpus: 2600, signal 134198/161804 (executing program)
2025/09/01 10:34:52 fetching corpus: 2650, signal 134925/162553 (executing program)
2025/09/01 10:34:53 fetching corpus: 2700, signal 135755/163382 (executing program)
2025/09/01 10:34:53 fetching corpus: 2750, signal 136593/164251 (executing program)
2025/09/01 10:34:53 fetching corpus: 2800, signal 137127/164950 (executing program)
2025/09/01 10:34:53 fetching corpus: 2850, signal 137632/165627 (executing program)
2025/09/01 10:34:53 fetching corpus: 2900, signal 138283/166304 (executing program)
2025/09/01 10:34:53 fetching corpus: 2950, signal 138843/166972 (executing program)
2025/09/01 10:34:53 fetching corpus: 3000, signal 139472/167649 (executing program)
2025/09/01 10:34:53 fetching corpus: 3050, signal 140164/168304 (executing program)
2025/09/01 10:34:53 fetching corpus: 3100, signal 140676/168985 (executing program)
2025/09/01 10:34:53 fetching corpus: 3150, signal 141084/169519 (executing program)
2025/09/01 10:34:53 fetching corpus: 3200, signal 141582/170074 (executing program)
2025/09/01 10:34:54 fetching corpus: 3250, signal 142263/170701 (executing program)
2025/09/01 10:34:54 fetching corpus: 3300, signal 143040/171372 (executing program)
2025/09/01 10:34:54 fetching corpus: 3350, signal 144078/172071 (executing program)
2025/09/01 10:34:54 fetching corpus: 3400, signal 144869/172653 (executing program)
2025/09/01 10:34:54 fetching corpus: 3450, signal 145792/173235 (executing program)
2025/09/01 10:34:54 fetching corpus: 3500, signal 146358/173763 (executing program)
2025/09/01 10:34:54 fetching corpus: 3550, signal 146774/174240 (executing program)
2025/09/01 10:34:54 fetching corpus: 3600, signal 147228/174706 (executing program)
2025/09/01 10:34:54 fetching corpus: 3650, signal 148041/175232 (executing program)
2025/09/01 10:34:54 fetching corpus: 3700, signal 148741/175733 (executing program)
2025/09/01 10:34:54 fetching corpus: 3750, signal 149206/176206 (executing program)
2025/09/01 10:34:55 fetching corpus: 3800, signal 149667/176623 (executing program)
2025/09/01 10:34:55 fetching corpus: 3850, signal 150147/177026 (executing program)
2025/09/01 10:34:55 fetching corpus: 3900, signal 150826/177453 (executing program)
2025/09/01 10:34:55 fetching corpus: 3950, signal 151470/177963 (executing program)
2025/09/01 10:34:55 fetching corpus: 4000, signal 152150/178356 (executing program)
2025/09/01 10:34:55 fetching corpus: 4050, signal 152687/178749 (executing program)
2025/09/01 10:34:55 fetching corpus: 4100, signal 153254/179150 (executing program)
2025/09/01 10:34:55 fetching corpus: 4150, signal 153837/179506 (executing program)
2025/09/01 10:34:55 fetching corpus: 4200, signal 154468/179850 (executing program)
2025/09/01 10:34:55 fetching corpus: 4250, signal 154904/180212 (executing program)
2025/09/01 10:34:55 fetching corpus: 4300, signal 155483/180533 (executing program)
2025/09/01 10:34:56 fetching corpus: 4350, signal 155857/180815 (executing program)
2025/09/01 10:34:56 fetching corpus: 4400, signal 156200/181092 (executing program)
2025/09/01 10:34:56 fetching corpus: 4450, signal 156599/181116 (executing program)
2025/09/01 10:34:56 fetching corpus: 4500, signal 156941/181121 (executing program)
2025/09/01 10:34:56 fetching corpus: 4550, signal 157206/181132 (executing program)
2025/09/01 10:34:56 fetching corpus: 4600, signal 157606/181132 (executing program)
2025/09/01 10:34:56 fetching corpus: 4650, signal 157935/181137 (executing program)
2025/09/01 10:34:56 fetching corpus: 4700, signal 158318/181145 (executing program)
2025/09/01 10:34:56 fetching corpus: 4750, signal 159430/181160 (executing program)
2025/09/01 10:34:56 fetching corpus: 4800, signal 160170/181161 (executing program)
2025/09/01 10:34:56 fetching corpus: 4850, signal 160553/181164 (executing program)
2025/09/01 10:34:57 fetching corpus: 4900, signal 161225/181186 (executing program)
2025/09/01 10:34:57 fetching corpus: 4950, signal 161647/181189 (executing program)
2025/09/01 10:34:57 fetching corpus: 5000, signal 162135/181194 (executing program)
2025/09/01 10:34:57 fetching corpus: 5050, signal 162420/181217 (executing program)
2025/09/01 10:34:57 fetching corpus: 5100, signal 162856/181224 (executing program)
2025/09/01 10:34:57 fetching corpus: 5150, signal 163250/181248 (executing program)
2025/09/01 10:34:57 fetching corpus: 5200, signal 163624/181251 (executing program)
2025/09/01 10:34:57 fetching corpus: 5250, signal 163957/181259 (executing program)
2025/09/01 10:34:57 fetching corpus: 5300, signal 164466/181262 (executing program)
2025/09/01 10:34:57 fetching corpus: 5350, signal 164745/181278 (executing program)
2025/09/01 10:34:57 fetching corpus: 5400, signal 165140/181288 (executing program)
2025/09/01 10:34:58 fetching corpus: 5450, signal 165477/181298 (executing program)
2025/09/01 10:34:58 fetching corpus: 5500, signal 165891/181299 (executing program)
2025/09/01 10:34:58 fetching corpus: 5550, signal 166194/181308 (executing program)
2025/09/01 10:34:58 fetching corpus: 5600, signal 166572/181317 (executing program)
2025/09/01 10:34:58 fetching corpus: 5650, signal 166797/181322 (executing program)
2025/09/01 10:34:58 fetching corpus: 5700, signal 167439/181326 (executing program)
2025/09/01 10:34:58 fetching corpus: 5750, signal 168016/181335 (executing program)
2025/09/01 10:34:58 fetching corpus: 5800, signal 168368/181338 (executing program)
2025/09/01 10:34:58 fetching corpus: 5850, signal 168740/181345 (executing program)
2025/09/01 10:34:58 fetching corpus: 5900, signal 169065/181393 (executing program)
2025/09/01 10:34:58 fetching corpus: 5950, signal 169296/181393 (executing program)
2025/09/01 10:34:59 fetching corpus: 6000, signal 169858/181400 (executing program)
2025/09/01 10:34:59 fetching corpus: 6050, signal 170104/181401 (executing program)
2025/09/01 10:34:59 fetching corpus: 6100, signal 170441/181412 (executing program)
2025/09/01 10:34:59 fetching corpus: 6150, signal 170661/181422 (executing program)
2025/09/01 10:34:59 fetching corpus: 6200, signal 170968/181430 (executing program)
2025/09/01 10:34:59 fetching corpus: 6250, signal 171343/181446 (executing program)
2025/09/01 10:34:59 fetching corpus: 6300, signal 171728/181463 (executing program)
2025/09/01 10:34:59 fetching corpus: 6350, signal 172061/181466 (executing program)
2025/09/01 10:34:59 fetching corpus: 6400, signal 172392/181471 (executing program)
2025/09/01 10:34:59 fetching corpus: 6450, signal 172653/181477 (executing program)
2025/09/01 10:34:59 fetching corpus: 6500, signal 172938/181480 (executing program)
2025/09/01 10:34:59 fetching corpus: 6550, signal 173419/181505 (executing program)
2025/09/01 10:35:00 fetching corpus: 6600, signal 173825/181511 (executing program)
2025/09/01 10:35:00 fetching corpus: 6650, signal 174171/181515 (executing program)
2025/09/01 10:35:00 fetching corpus: 6700, signal 174459/181519 (executing program)
2025/09/01 10:35:00 fetching corpus: 6750, signal 174712/181522 (executing program)
2025/09/01 10:35:00 fetching corpus: 6800, signal 174957/181526 (executing program)
2025/09/01 10:35:00 fetching corpus: 6850, signal 175369/181596 (executing program)
2025/09/01 10:35:00 fetching corpus: 6900, signal 175777/181600 (executing program)
2025/09/01 10:35:00 fetching corpus: 6950, signal 176089/181608 (executing program)
2025/09/01 10:35:00 fetching corpus: 7000, signal 176572/181632 (executing program)
2025/09/01 10:35:00 fetching corpus: 7050, signal 176931/181632 (executing program)
2025/09/01 10:35:00 fetching corpus: 7100, signal 177217/181647 (executing program)
2025/09/01 10:35:01 fetching corpus: 7150, signal 177456/181650 (executing program)
2025/09/01 10:35:01 fetching corpus: 7200, signal 177769/181663 (executing program)
2025/09/01 10:35:01 fetching corpus: 7250, signal 178047/181666 (executing program)
2025/09/01 10:35:01 fetching corpus: 7300, signal 178456/181693 (executing program)
2025/09/01 10:35:01 fetching corpus: 7350, signal 178866/181819 (executing program)
2025/09/01 10:35:01 fetching corpus: 7387, signal 179126/181820 (executing program)
2025/09/01 10:35:01 fetching corpus: 7387, signal 179126/181820 (executing program)
2025/09/01 10:35:03 starting 8 fuzzer processes
10:35:03 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448d4, &(0x7f0000000040)={0x0, 0x8})
10:35:03 executing program 7:
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @empty, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @remote, @rand_addr=0xe0000016, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0)
10:35:03 executing program 1:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
setgid(0x0)
10:35:03 executing program 2:
syz_io_uring_setup(0x46d4, &(0x7f0000000000), &(0x7f0000939000/0x1000)=nil, &(0x7f0000f0d000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))
10:35:03 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
fcntl$setownex(r0, 0xf, &(0x7f0000000300))
10:35:03 executing program 4:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETOWNER(r0, 0x401054d6, 0xffffffffffffffff)
10:35:03 executing program 5:
futex(&(0x7f0000000580), 0xb, 0x0, 0x0, 0x0, 0x0)
[ 75.382004] audit: type=1400 audit(1756722903.322:7): avc: denied { execmem } for pid=274 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
10:35:03 executing program 6:
socket$inet6(0xa, 0x106, 0x0)
[ 76.513841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 76.520925] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 76.522822] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 76.527175] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 76.531296] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 76.575829] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 76.580084] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 76.582780] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 76.595190] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 76.597874] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 76.649480] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 76.651438] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 76.653479] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 76.657327] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 76.661319] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 76.665227] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 76.667095] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 76.674412] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 76.676284] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 76.677758] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 76.680194] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 76.683415] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 76.685903] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 76.687380] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 76.689138] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 76.693145] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 76.700339] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 76.702548] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 76.704508] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 76.709544] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 76.711986] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 76.713287] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 76.714757] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 76.716093] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 76.722861] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 76.724474] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 76.734207] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 76.740137] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 76.752968] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 76.755942] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 78.610268] Bluetooth: hci0: command tx timeout
[ 78.675651] Bluetooth: hci1: command tx timeout
[ 78.737674] Bluetooth: hci3: command tx timeout
[ 78.739714] Bluetooth: hci5: command tx timeout
[ 78.801719] Bluetooth: hci2: command tx timeout
[ 78.802335] Bluetooth: hci6: command tx timeout
[ 78.803446] Bluetooth: hci7: command tx timeout
[ 78.803933] Bluetooth: hci4: command tx timeout
[ 80.657815] Bluetooth: hci0: command tx timeout
[ 80.721680] Bluetooth: hci1: command tx timeout
[ 80.785704] Bluetooth: hci5: command tx timeout
[ 80.786139] Bluetooth: hci3: command tx timeout
[ 80.850646] Bluetooth: hci7: command tx timeout
[ 80.851054] Bluetooth: hci4: command tx timeout
[ 80.851411] Bluetooth: hci6: command tx timeout
[ 80.852033] Bluetooth: hci2: command tx timeout
[ 82.705760] Bluetooth: hci0: command tx timeout
[ 82.770213] Bluetooth: hci1: command tx timeout
[ 82.833776] Bluetooth: hci5: command tx timeout
[ 82.834188] Bluetooth: hci3: command tx timeout
[ 82.897703] Bluetooth: hci2: command tx timeout
[ 82.898116] Bluetooth: hci6: command tx timeout
[ 82.898490] Bluetooth: hci4: command tx timeout
[ 82.899275] Bluetooth: hci7: command tx timeout
[ 84.753702] Bluetooth: hci0: command tx timeout
[ 84.817804] Bluetooth: hci1: command tx timeout
[ 84.881681] Bluetooth: hci3: command tx timeout
[ 84.882089] Bluetooth: hci5: command tx timeout
[ 84.945757] Bluetooth: hci4: command tx timeout
[ 84.946171] Bluetooth: hci7: command tx timeout
[ 84.946529] Bluetooth: hci6: command tx timeout
[ 84.946988] Bluetooth: hci2: command tx timeout
[ 113.396168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.396853] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.455308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.455975] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.571466] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.572118] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.648336] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.649475] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.706802] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.707431] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.746288] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.746903] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.799518] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.800160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.865564] audit: type=1400 audit(1756722941.806:8): avc: denied { open } for pid=3868 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 113.870715] audit: type=1400 audit(1756722941.806:9): avc: denied { kernel } for pid=3868 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 113.876546] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.877216] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.885330] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.886049] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:35:41 executing program 1:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
setgid(0x0)
[ 113.946076] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.946811] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:35:41 executing program 3:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000380), 0x101001, 0x0)
write$vga_arbiter(r0, &(0x7f0000000000)=@other={'decodes', ' ', 'none'}, 0xd)
write$vga_arbiter(r0, &(0x7f0000000100)=ANY=[@ANYBLOB='decodes mem'], 0xc)
10:35:41 executing program 1:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
setgid(0x0)
[ 113.983475] pci 0000:00:02.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[ 113.987823] pci 0000:00:02.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[ 113.989133] pci 0000:00:02.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[ 113.990487] pci 0000:00:02.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
10:35:41 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x40181, 0x0)
pwritev2(r0, &(0x7f00000013c0)=[{&(0x7f0000000080)="f3", 0x1}], 0x1, 0x0, 0x0, 0x0)
10:35:41 executing program 1:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
setgid(0x0)
[ 114.042030] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.042845] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:35:42 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x6, 0x0, 0x1, 0x8}, 0x14)
[ 114.067916] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.068958] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:35:42 executing program 3:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pwritev2(r1, &(0x7f0000000b80)=[{&(0x7f00000008c0)='!', 0x1}], 0x1, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
sendfile(r2, r0, 0x0, 0x3)
[ 114.165252] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.165936] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:35:42 executing program 3:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pwritev2(r1, &(0x7f0000000b80)=[{&(0x7f00000008c0)='!', 0x1}], 0x1, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
sendfile(r2, r0, 0x0, 0x3)
[ 114.280477] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.281538] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.335318] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.336693] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.520207] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.521380] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:35:42 executing program 6:
socket$inet6(0xa, 0x106, 0x0)
10:35:42 executing program 4:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETOWNER(r0, 0x401054d6, 0xffffffffffffffff)
10:35:42 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448d4, &(0x7f0000000040)={0x0, 0x8})
10:35:42 executing program 2:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETOWNER(r0, 0x401054d6, 0xffffffffffffffff)
10:35:42 executing program 7:
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x1, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @remote}}}}}}, 0x0)
10:35:42 executing program 5:
futex(&(0x7f0000000580), 0xb, 0x0, 0x0, 0x0, 0x0)
10:35:42 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x6, 0x0, 0x1, 0x8}, 0x14)
10:35:42 executing program 3:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pwritev2(r1, &(0x7f0000000b80)=[{&(0x7f00000008c0)='!', 0x1}], 0x1, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
sendfile(r2, r0, 0x0, 0x3)
10:35:42 executing program 3:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pwritev2(r1, &(0x7f0000000b80)=[{&(0x7f00000008c0)='!', 0x1}], 0x1, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
sendfile(r2, r0, 0x0, 0x3)
10:35:42 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x6, 0x0, 0x1, 0x8}, 0x14)
10:35:42 executing program 4:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETOWNER(r0, 0x401054d6, 0xffffffffffffffff)
10:35:42 executing program 7:
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@delsa={0x3c, 0x11, 0x1, 0x0, 0x0, {@in, 0x0, 0xa}, [@srcaddr={0x14, 0xd, @in6=@private1}]}, 0x3c}}, 0x0)
ioctl$BTRFS_IOC_FS_INFO(0xffffffffffffffff, 0x8400941f, &(0x7f0000000400))
10:35:42 executing program 5:
futex(&(0x7f0000000580), 0xb, 0x0, 0x0, 0x0, 0x0)
10:35:42 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448d4, &(0x7f0000000040)={0x0, 0x8})
10:35:43 executing program 6:
socket$inet6(0xa, 0x106, 0x0)
10:35:43 executing program 2:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETOWNER(r0, 0x401054d6, 0xffffffffffffffff)
10:35:43 executing program 5:
futex(&(0x7f0000000580), 0xb, 0x0, 0x0, 0x0, 0x0)
10:35:43 executing program 3:
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_GET_PDEATHSIG(0x25, &(0x7f0000001400))
10:35:43 executing program 4:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETOWNER(r0, 0x401054d6, 0xffffffffffffffff)
10:35:43 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448d4, &(0x7f0000000040)={0x0, 0x8})
10:35:43 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x6, 0x0, 0x1, 0x8}, 0x14)
10:35:43 executing program 7:
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@delsa={0x3c, 0x11, 0x1, 0x0, 0x0, {@in, 0x0, 0xa}, [@srcaddr={0x14, 0xd, @in6=@private1}]}, 0x3c}}, 0x0)
ioctl$BTRFS_IOC_FS_INFO(0xffffffffffffffff, 0x8400941f, &(0x7f0000000400))
[ 115.123621] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 115.124568] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 115.125193] CPU: 1 UID: 0 PID: 3943 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 115.126555] Tainted: [W]=WARN
[ 115.127326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 115.129404] RIP: 0010:perf_tp_event+0x175/0xe70
[ 115.130489] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 115.134919] RSP: 0018:ffff88801592f780 EFLAGS: 00010012
[ 115.136009] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 115.136566] RDX: ffff888044ef3700 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 115.137135] RBP: ffff88801592f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd16910
[ 115.137693] R10: 0000000000000000 R11: ffff88806cf37018 R12: dffffc0000000000
[ 115.138251] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 115.138810] FS: 000055556167c400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 115.139441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 115.139895] CR2: 0000001b2cf26000 CR3: 000000001d7b6000 CR4: 0000000000350ef0
[ 115.140452] Call Trace:
[ 115.140660]
[ 115.140841] ? __ext4_journal_stop+0xe2/0x1f0
[ 115.141211] ? ext4_dirty_inode+0xf1/0x130
[ 115.141552] ? __mark_inode_dirty+0x1b7/0xd00
[ 115.141918] ? do_user_addr_fault+0x4fa/0xeb0
[ 115.142281] ? __pfx_perf_tp_event+0x10/0x10
[ 115.142639] ? lock_acquire+0x15e/0x2f0
[ 115.142964] ? __virt_addr_valid+0x1c6/0x5d0
[ 115.143321] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 115.143782] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 115.144243] ? __lock_acquire+0x694/0x1b70
[ 115.144580] ? kvm_sched_clock_read+0x16/0x30
[ 115.144947] ? sched_clock+0x37/0x60
[ 115.145261] ? sched_clock_cpu+0x6c/0x4e0
[ 115.145599] ? lock_is_held_type+0x9e/0x120
[ 115.145952] ? perf_trace_run_bpf_submit+0xef/0x180
[ 115.146353] ? lock_is_held_type+0x9e/0x120
[ 115.146699] perf_trace_run_bpf_submit+0xef/0x180
[ 115.147085] perf_trace_preemptirq_template+0x259/0x430
[ 115.147508] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 115.147972] ? lock_is_held_type+0x9e/0x120
[ 115.148321] ? find_held_lock+0x2b/0x80
[ 115.148645] ? try_to_wake_up+0x8ae/0x11d0
[ 115.148988] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 115.149403] trace_irq_enable.constprop.0+0xa6/0x100
[ 115.149808] trace_hardirqs_on+0x26/0x40
[ 115.150131] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 115.150523] try_to_wake_up+0x8ae/0x11d0
[ 115.150850] ? __pfx_try_to_wake_up+0x10/0x10
[ 115.151211] ? plist_del+0x122/0x270
[ 115.151514] ? find_held_lock+0x2b/0x80
[ 115.151839] ? futex_wake+0x474/0x540
[ 115.152151] wake_up_q+0xa1/0x130
[ 115.152438] futex_wake+0x47e/0x540
[ 115.152735] ? __pfx_futex_wake+0x10/0x10
[ 115.153073] ? __handle_mm_fault+0x753/0x3260
[ 115.153447] ? __lock_acquire+0x694/0x1b70
[ 115.153785] do_futex+0x26d/0x370
[ 115.154068] ? __pfx_do_futex+0x10/0x10
[ 115.154386] ? find_held_lock+0x2b/0x80
[ 115.154710] __x64_sys_futex+0x1c9/0x4d0
[ 115.155037] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 115.155497] ? __pfx___x64_sys_futex+0x10/0x10
[ 115.155870] do_syscall_64+0xbf/0x360
[ 115.156177] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 115.156583] RIP: 0033:0x7f36fc3c2b19
[ 115.156878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 115.158307] RSP: 002b:00007fff93e80918 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 115.158899] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f36fc3c2b19
[ 115.159460] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f36fc4d5f68
[ 115.160017] RBP: 00007f36fc4d5f60 R08: 00007f36fc4d20a0 R09: 0000000000000000
[ 115.160575] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f36fc4da2d0
[ 115.161139] R13: 00007fff93e80a20 R14: 00007f36fc4d5f60 R15: 000000000001c12f
[ 115.161700]
[ 115.161888] Modules linked in:
[ 115.162151] ---[ end trace 0000000000000000 ]---
[ 115.162519] RIP: 0010:perf_tp_event+0x175/0xe70
[ 115.162899] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 115.164320] RSP: 0018:ffff88801592f780 EFLAGS: 00010012
[ 115.164742] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 115.165302] RDX: ffff888044ef3700 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 115.165862] RBP: ffff88801592f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd16910
[ 115.166423] R10: 0000000000000000 R11: ffff88806cf37018 R12: dffffc0000000000
[ 115.166982] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 115.167541] FS: 000055556167c400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 115.168174] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 115.168631] CR2: 0000001b2cf26000 CR3: 000000001d7b6000 CR4: 0000000000350ef0
[ 115.169201] note: syz-executor.2[3943] exited with irqs disabled
[ 115.169720] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 115.170595] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 115.171198] CPU: 1 UID: 0 PID: 3943 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 115.172140] Tainted: [D]=DIE, [W]=WARN
[ 115.172444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 115.173093] RIP: 0010:perf_tp_event+0x175/0xe70
[ 115.173475] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 115.174900] RSP: 0018:ffff88806cf08b80 EFLAGS: 00010012
[ 115.175321] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 115.175878] RDX: ffff888044ef3700 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 115.176443] RBP: ffff88806cf08df0 R08: ffff88806cf313e8 R09: ffffe8ffffd16910
[ 115.177003] R10: 0000000000000000 R11: ffff88806cf37018 R12: dffffc0000000000
[ 115.177572] R13: 0000000000000014 R14: ffff88806cf313e8 R15: dffffc0000000000
[ 115.178141] FS: 000055556167c400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 115.178770] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 115.179232] CR2: 0000001b2cf26000 CR3: 000000001d7b6000 CR4: 0000000000350ef0
[ 115.179795] Call Trace:
[ 115.180001]
[ 115.180180] ? __pfx_perf_tp_event+0x10/0x10
[ 115.180541] ? __resched_curr+0x2a2/0x330
[ 115.180881] ? __pfx___resched_curr+0x10/0x10
[ 115.181258] ? lock_is_held_type+0x9e/0x120
[ 115.181610] ? trace_pelt_se_tp+0xdf/0x130
[ 115.181951] ? __update_load_avg_cfs_rq+0x636/0x950
[ 115.182353] ? cpufreq_update_util+0x91/0x240
[ 115.182715] ? place_entity+0x1c/0x410
[ 115.183027] ? kvm_sched_clock_read+0x16/0x30
[ 115.183391] ? perf_trace_run_bpf_submit+0xef/0x180
[ 115.183790] perf_trace_run_bpf_submit+0xef/0x180
[ 115.184181] perf_trace_preemptirq_template+0x259/0x430
[ 115.184602] ? do_raw_spin_unlock+0x53/0x220
[ 115.184964] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 115.185451] ? sched_ttwu_pending+0x2e0/0x4a0
[ 115.185826] ? __pfx_sched_ttwu_pending+0x10/0x10
[ 115.186226] ? handle_softirqs+0x16e/0x770
[ 115.186578] trace_irq_enable.constprop.0+0xa6/0x100
[ 115.186992] trace_hardirqs_on+0x26/0x40
[ 115.187326] handle_softirqs+0x16e/0x770
[ 115.187668] __irq_exit_rcu+0xc4/0x100
[ 115.187995] irq_exit_rcu+0x9/0x20
[ 115.188288] sysvec_call_function_single+0xa6/0xc0
[ 115.188694]
[ 115.188881]
[ 115.189067] asm_sysvec_call_function_single+0x1a/0x20
[ 115.189498] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 115.189883] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de
[ 115.191343] RSP: 0018:ffff88801592ff28 EFLAGS: 00000246
[ 115.191775] RAX: 0000000000000001 RBX: ffff888044ef3700 RCX: ffffffff817c3ab6
[ 115.192349] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 115.192924] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 115.193511] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff888044ef3700
[ 115.194085] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[ 115.194657] ? trace_irq_enable.constprop.0+0x26/0x100
[ 115.195085] ? make_task_dead+0x214/0x3b0
[ 115.195426] ? make_task_dead+0x214/0x3b0
[ 115.195768] ? do_syscall_64+0xbf/0x360
[ 115.196092] rewind_stack_and_make_dead+0x16/0x20
[ 115.196494] RIP: 0033:0x7f36fc3c2b19
[ 115.196796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 115.198269] RSP: 002b:00007fff93e80918 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 115.198879] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f36fc3c2b19
[ 115.199455] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f36fc4d5f68
[ 115.200036] RBP: 00007f36fc4d5f60 R08: 00007f36fc4d20a0 R09: 0000000000000000
[ 115.200614] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f36fc4da2d0
[ 115.201191] R13: 00007fff93e80a20 R14: 00007f36fc4d5f60 R15: 000000000001c12f
[ 115.201770]
[ 115.201964] Modules linked in:
[ 115.202230] ---[ end trace 0000000000000000 ]---
[ 115.202610] RIP: 0010:perf_tp_event+0x175/0xe70
[ 115.202996] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 115.204458] RSP: 0018:ffff88801592f780 EFLAGS: 00010012
[ 115.204890] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 115.205470] RDX: ffff888044ef3700 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 115.206045] RBP: ffff88801592f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd16910
[ 115.206622] R10: 0000000000000000 R11: ffff88806cf37018 R12: dffffc0000000000
[ 115.207192] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 115.207767] FS: 000055556167c400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 115.208414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 115.208884] CR2: 0000001b2cf26000 CR3: 000000001d7b6000 CR4: 0000000000350ef0
[ 115.209483] Kernel panic - not syncing: Fatal exception in interrupt
[ 115.210278] Kernel Offset: disabled
[ 115.210603] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
10:35:43 Registers:
info registers vcpu 0
RAX=fffff94000229f28 RBX=fffff94000229f29 RCX=ffffffff81a29940 RDX=fffff94000229f29
RSI=0000000000000008 RDI=ffffea000114f940 RBP=fffff94000229f28 RSP=ffff88800cbc7818
R8 =0000000000000000 R9 =fffff94000229f28 R10=ffffea000114f947 R11=1ffff1100d9c6f7b
R12=ffffea000114f940 R13=0000000000000000 R14=ffff888021051140 R15=ffffea000114f970
RIP=ffffffff81b00961 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe7c00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2cd24000 CR3=00000000449df000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88801592f0f0
R8 =0000000000000000 R9 =ffffed100172f046 R10=0000000000000033 R11=313030203a505352
R12=0000000000000033 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 000055556167c400 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe0600000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2cf26000 CR3=000000001d7b6000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=7463656a6e695f31313230385f7a7973 XMM03=00007f36fc4a97c800007f36fc4a97c0
XMM04=c57ae012ab85034ebcf945b07ce40af0 XMM05=1c4533dba468f2773d043b4207ca6676
XMM06=1e72d05e27a5a432bbf8ee19d38051f9 XMM07=121da5a1eb3281a26c6551e012be302e
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000