Warning: Permanently added '[localhost]:61525' (ECDSA) to the list of known hosts.
2025/09/01 11:21:23 fuzzer started
2025/09/01 11:21:24 dialing manager at localhost:35473
syzkaller login: [ 57.213665] cgroup: Unknown subsys name 'net'
[ 57.286886] cgroup: Unknown subsys name 'cpuset'
[ 57.296865] cgroup: Unknown subsys name 'rlimit'
2025/09/01 11:21:34 syscalls: 2214
2025/09/01 11:21:34 code coverage: enabled
2025/09/01 11:21:34 comparison tracing: enabled
2025/09/01 11:21:34 extra coverage: enabled
2025/09/01 11:21:34 setuid sandbox: enabled
2025/09/01 11:21:34 namespace sandbox: enabled
2025/09/01 11:21:34 Android sandbox: enabled
2025/09/01 11:21:34 fault injection: enabled
2025/09/01 11:21:34 leak checking: enabled
2025/09/01 11:21:34 net packet injection: enabled
2025/09/01 11:21:34 net device setup: enabled
2025/09/01 11:21:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 11:21:34 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 11:21:34 USB emulation: enabled
2025/09/01 11:21:34 hci packet injection: enabled
2025/09/01 11:21:34 wifi device emulation: enabled
2025/09/01 11:21:34 802.15.4 emulation: enabled
2025/09/01 11:21:34 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 11:21:34 fetching corpus: 46, signal 15580/19235 (executing program)
2025/09/01 11:21:34 fetching corpus: 96, signal 27899/32999 (executing program)
2025/09/01 11:21:34 fetching corpus: 146, signal 35072/41585 (executing program)
2025/09/01 11:21:34 fetching corpus: 196, signal 46767/54279 (executing program)
2025/09/01 11:21:34 fetching corpus: 246, signal 51072/59811 (executing program)
2025/09/01 11:21:35 fetching corpus: 296, signal 54513/64473 (executing program)
2025/09/01 11:21:35 fetching corpus: 346, signal 57739/68853 (executing program)
2025/09/01 11:21:35 fetching corpus: 396, signal 62149/74189 (executing program)
2025/09/01 11:21:35 fetching corpus: 445, signal 66128/79060 (executing program)
2025/09/01 11:21:35 fetching corpus: 495, signal 70465/84148 (executing program)
2025/09/01 11:21:35 fetching corpus: 545, signal 73901/88436 (executing program)
2025/09/01 11:21:35 fetching corpus: 595, signal 76158/91614 (executing program)
2025/09/01 11:21:35 fetching corpus: 645, signal 78020/94405 (executing program)
2025/09/01 11:21:35 fetching corpus: 695, signal 81806/98780 (executing program)
2025/09/01 11:21:35 fetching corpus: 745, signal 85133/102677 (executing program)
2025/09/01 11:21:35 fetching corpus: 795, signal 86887/105239 (executing program)
2025/09/01 11:21:36 fetching corpus: 844, signal 88577/107736 (executing program)
2025/09/01 11:21:36 fetching corpus: 894, signal 91155/110901 (executing program)
2025/09/01 11:21:36 fetching corpus: 944, signal 92657/113122 (executing program)
2025/09/01 11:21:36 fetching corpus: 994, signal 95209/116172 (executing program)
2025/09/01 11:21:36 fetching corpus: 1044, signal 97575/118955 (executing program)
2025/09/01 11:21:36 fetching corpus: 1094, signal 99168/121134 (executing program)
2025/09/01 11:21:36 fetching corpus: 1144, signal 100849/123315 (executing program)
2025/09/01 11:21:36 fetching corpus: 1194, signal 102878/125806 (executing program)
2025/09/01 11:21:36 fetching corpus: 1244, signal 104006/127547 (executing program)
2025/09/01 11:21:36 fetching corpus: 1294, signal 105187/129338 (executing program)
2025/09/01 11:21:36 fetching corpus: 1344, signal 106241/131017 (executing program)
2025/09/01 11:21:37 fetching corpus: 1394, signal 107601/132876 (executing program)
2025/09/01 11:21:37 fetching corpus: 1444, signal 109070/134728 (executing program)
2025/09/01 11:21:37 fetching corpus: 1494, signal 110450/136476 (executing program)
2025/09/01 11:21:37 fetching corpus: 1544, signal 111604/138061 (executing program)
2025/09/01 11:21:37 fetching corpus: 1594, signal 112832/139660 (executing program)
2025/09/01 11:21:37 fetching corpus: 1644, signal 113744/141051 (executing program)
2025/09/01 11:21:37 fetching corpus: 1694, signal 115440/142884 (executing program)
2025/09/01 11:21:37 fetching corpus: 1744, signal 116711/144511 (executing program)
2025/09/01 11:21:37 fetching corpus: 1794, signal 117783/145961 (executing program)
2025/09/01 11:21:37 fetching corpus: 1844, signal 119073/147450 (executing program)
2025/09/01 11:21:37 fetching corpus: 1894, signal 122649/150298 (executing program)
2025/09/01 11:21:38 fetching corpus: 1943, signal 123878/151733 (executing program)
2025/09/01 11:21:38 fetching corpus: 1993, signal 124813/152949 (executing program)
2025/09/01 11:21:38 fetching corpus: 2043, signal 126780/154800 (executing program)
2025/09/01 11:21:38 fetching corpus: 2093, signal 127960/156113 (executing program)
2025/09/01 11:21:38 fetching corpus: 2143, signal 128776/157171 (executing program)
2025/09/01 11:21:38 fetching corpus: 2193, signal 130193/158556 (executing program)
2025/09/01 11:21:38 fetching corpus: 2243, signal 130834/159507 (executing program)
2025/09/01 11:21:38 fetching corpus: 2293, signal 131391/160449 (executing program)
2025/09/01 11:21:38 fetching corpus: 2343, signal 132101/161408 (executing program)
2025/09/01 11:21:38 fetching corpus: 2393, signal 132794/162359 (executing program)
2025/09/01 11:21:38 fetching corpus: 2443, signal 133535/163392 (executing program)
2025/09/01 11:21:38 fetching corpus: 2493, signal 134061/164207 (executing program)
2025/09/01 11:21:38 fetching corpus: 2543, signal 135084/165207 (executing program)
2025/09/01 11:21:39 fetching corpus: 2592, signal 135797/166179 (executing program)
2025/09/01 11:21:39 fetching corpus: 2642, signal 136631/167111 (executing program)
2025/09/01 11:21:39 fetching corpus: 2692, signal 137477/168037 (executing program)
2025/09/01 11:21:39 fetching corpus: 2742, signal 138292/168918 (executing program)
2025/09/01 11:21:39 fetching corpus: 2792, signal 138968/169785 (executing program)
2025/09/01 11:21:39 fetching corpus: 2842, signal 139512/170537 (executing program)
2025/09/01 11:21:39 fetching corpus: 2892, signal 140156/171264 (executing program)
2025/09/01 11:21:39 fetching corpus: 2942, signal 140737/171986 (executing program)
2025/09/01 11:21:39 fetching corpus: 2992, signal 141324/172735 (executing program)
2025/09/01 11:21:39 fetching corpus: 3042, signal 142000/173527 (executing program)
2025/09/01 11:21:39 fetching corpus: 3092, signal 142604/174205 (executing program)
2025/09/01 11:21:40 fetching corpus: 3142, signal 143316/174956 (executing program)
2025/09/01 11:21:40 fetching corpus: 3192, signal 143879/175628 (executing program)
2025/09/01 11:21:40 fetching corpus: 3242, signal 145092/176483 (executing program)
2025/09/01 11:21:40 fetching corpus: 3292, signal 145763/177196 (executing program)
2025/09/01 11:21:40 fetching corpus: 3342, signal 146347/177855 (executing program)
2025/09/01 11:21:40 fetching corpus: 3392, signal 147075/178507 (executing program)
2025/09/01 11:21:40 fetching corpus: 3442, signal 147706/179097 (executing program)
2025/09/01 11:21:40 fetching corpus: 3492, signal 148130/179661 (executing program)
2025/09/01 11:21:40 fetching corpus: 3542, signal 148559/180162 (executing program)
2025/09/01 11:21:40 fetching corpus: 3592, signal 149036/180689 (executing program)
2025/09/01 11:21:40 fetching corpus: 3642, signal 149609/181255 (executing program)
2025/09/01 11:21:40 fetching corpus: 3692, signal 150115/181756 (executing program)
2025/09/01 11:21:40 fetching corpus: 3742, signal 150528/182247 (executing program)
2025/09/01 11:21:40 fetching corpus: 3792, signal 151019/182794 (executing program)
2025/09/01 11:21:40 fetching corpus: 3842, signal 151407/183307 (executing program)
2025/09/01 11:21:41 fetching corpus: 3892, signal 151798/183776 (executing program)
2025/09/01 11:21:41 fetching corpus: 3942, signal 152299/184289 (executing program)
2025/09/01 11:21:41 fetching corpus: 3992, signal 152875/184729 (executing program)
2025/09/01 11:21:41 fetching corpus: 4042, signal 153260/185157 (executing program)
2025/09/01 11:21:41 fetching corpus: 4092, signal 153874/185679 (executing program)
2025/09/01 11:21:41 fetching corpus: 4142, signal 154405/186157 (executing program)
2025/09/01 11:21:41 fetching corpus: 4192, signal 154928/186606 (executing program)
2025/09/01 11:21:41 fetching corpus: 4242, signal 155487/187052 (executing program)
2025/09/01 11:21:41 fetching corpus: 4292, signal 155881/187437 (executing program)
2025/09/01 11:21:41 fetching corpus: 4342, signal 156312/187832 (executing program)
2025/09/01 11:21:41 fetching corpus: 4392, signal 156763/188210 (executing program)
2025/09/01 11:21:42 fetching corpus: 4442, signal 157181/188549 (executing program)
2025/09/01 11:21:42 fetching corpus: 4492, signal 157813/188968 (executing program)
2025/09/01 11:21:42 fetching corpus: 4542, signal 158208/189334 (executing program)
2025/09/01 11:21:42 fetching corpus: 4592, signal 158486/189703 (executing program)
2025/09/01 11:21:42 fetching corpus: 4642, signal 158931/189865 (executing program)
2025/09/01 11:21:42 fetching corpus: 4692, signal 159459/189865 (executing program)
2025/09/01 11:21:42 fetching corpus: 4742, signal 159834/189866 (executing program)
2025/09/01 11:21:42 fetching corpus: 4792, signal 160530/189873 (executing program)
2025/09/01 11:21:42 fetching corpus: 4842, signal 160954/189886 (executing program)
2025/09/01 11:21:42 fetching corpus: 4891, signal 161522/189891 (executing program)
2025/09/01 11:21:42 fetching corpus: 4941, signal 161970/189911 (executing program)
2025/09/01 11:21:43 fetching corpus: 4991, signal 162356/189926 (executing program)
2025/09/01 11:21:43 fetching corpus: 5041, signal 163372/189932 (executing program)
2025/09/01 11:21:43 fetching corpus: 5091, signal 163798/189946 (executing program)
2025/09/01 11:21:43 fetching corpus: 5141, signal 164157/189948 (executing program)
2025/09/01 11:21:43 fetching corpus: 5191, signal 164897/189951 (executing program)
2025/09/01 11:21:43 fetching corpus: 5241, signal 165201/189957 (executing program)
2025/09/01 11:21:43 fetching corpus: 5291, signal 165800/189963 (executing program)
2025/09/01 11:21:43 fetching corpus: 5341, signal 166290/189965 (executing program)
2025/09/01 11:21:43 fetching corpus: 5391, signal 166613/190005 (executing program)
2025/09/01 11:21:44 fetching corpus: 5441, signal 166872/190042 (executing program)
2025/09/01 11:21:44 fetching corpus: 5491, signal 167518/190047 (executing program)
2025/09/01 11:21:44 fetching corpus: 5541, signal 167809/190076 (executing program)
2025/09/01 11:21:44 fetching corpus: 5591, signal 168276/190085 (executing program)
2025/09/01 11:21:44 fetching corpus: 5641, signal 168701/190095 (executing program)
2025/09/01 11:21:44 fetching corpus: 5691, signal 169039/190111 (executing program)
2025/09/01 11:21:45 fetching corpus: 5741, signal 169494/190114 (executing program)
2025/09/01 11:21:45 fetching corpus: 5791, signal 169795/190118 (executing program)
2025/09/01 11:21:45 fetching corpus: 5841, signal 170326/190149 (executing program)
2025/09/01 11:21:45 fetching corpus: 5891, signal 170604/190152 (executing program)
2025/09/01 11:21:45 fetching corpus: 5940, signal 170819/190160 (executing program)
2025/09/01 11:21:45 fetching corpus: 5990, signal 171582/190165 (executing program)
2025/09/01 11:21:45 fetching corpus: 6040, signal 171819/190191 (executing program)
2025/09/01 11:21:45 fetching corpus: 6090, signal 172246/190201 (executing program)
2025/09/01 11:21:45 fetching corpus: 6140, signal 172648/190265 (executing program)
2025/09/01 11:21:45 fetching corpus: 6190, signal 172886/190269 (executing program)
2025/09/01 11:21:45 fetching corpus: 6240, signal 173121/190311 (executing program)
2025/09/01 11:21:45 fetching corpus: 6290, signal 173484/190313 (executing program)
2025/09/01 11:21:46 fetching corpus: 6340, signal 173925/190354 (executing program)
2025/09/01 11:21:46 fetching corpus: 6390, signal 174175/190367 (executing program)
2025/09/01 11:21:46 fetching corpus: 6440, signal 174414/190367 (executing program)
2025/09/01 11:21:46 fetching corpus: 6490, signal 174724/190369 (executing program)
2025/09/01 11:21:46 fetching corpus: 6540, signal 175280/190377 (executing program)
2025/09/01 11:21:46 fetching corpus: 6590, signal 175607/190378 (executing program)
2025/09/01 11:21:46 fetching corpus: 6640, signal 176126/190387 (executing program)
2025/09/01 11:21:46 fetching corpus: 6690, signal 176452/190390 (executing program)
2025/09/01 11:21:46 fetching corpus: 6740, signal 176850/190410 (executing program)
2025/09/01 11:21:46 fetching corpus: 6790, signal 177142/190419 (executing program)
2025/09/01 11:21:46 fetching corpus: 6840, signal 177457/190419 (executing program)
2025/09/01 11:21:47 fetching corpus: 6890, signal 177697/190425 (executing program)
2025/09/01 11:21:47 fetching corpus: 6939, signal 177903/190431 (executing program)
2025/09/01 11:21:47 fetching corpus: 6989, signal 178190/190449 (executing program)
2025/09/01 11:21:47 fetching corpus: 7039, signal 178417/190452 (executing program)
2025/09/01 11:21:47 fetching corpus: 7089, signal 179028/190452 (executing program)
2025/09/01 11:21:47 fetching corpus: 7139, signal 179244/190455 (executing program)
2025/09/01 11:21:47 fetching corpus: 7189, signal 179576/190466 (executing program)
2025/09/01 11:21:47 fetching corpus: 7239, signal 179887/190470 (executing program)
2025/09/01 11:21:47 fetching corpus: 7289, signal 180227/190480 (executing program)
2025/09/01 11:21:47 fetching corpus: 7339, signal 180519/190484 (executing program)
2025/09/01 11:21:47 fetching corpus: 7389, signal 180823/190486 (executing program)
2025/09/01 11:21:47 fetching corpus: 7439, signal 181169/190493 (executing program)
2025/09/01 11:21:47 fetching corpus: 7488, signal 181425/190495 (executing program)
2025/09/01 11:21:48 fetching corpus: 7538, signal 181725/190504 (executing program)
2025/09/01 11:21:48 fetching corpus: 7588, signal 182083/190505 (executing program)
2025/09/01 11:21:48 fetching corpus: 7638, signal 182333/190505 (executing program)
2025/09/01 11:21:48 fetching corpus: 7688, signal 182515/190509 (executing program)
2025/09/01 11:21:48 fetching corpus: 7738, signal 182734/190518 (executing program)
2025/09/01 11:21:48 fetching corpus: 7787, signal 183007/190519 (executing program)
2025/09/01 11:21:48 fetching corpus: 7837, signal 183375/190523 (executing program)
2025/09/01 11:21:48 fetching corpus: 7887, signal 183925/190524 (executing program)
2025/09/01 11:21:48 fetching corpus: 7937, signal 184215/190562 (executing program)
2025/09/01 11:21:48 fetching corpus: 7986, signal 184488/190566 (executing program)
2025/09/01 11:21:48 fetching corpus: 8035, signal 184647/190571 (executing program)
2025/09/01 11:21:48 fetching corpus: 8085, signal 184824/190580 (executing program)
2025/09/01 11:21:48 fetching corpus: 8135, signal 185053/190586 (executing program)
2025/09/01 11:21:48 fetching corpus: 8185, signal 185350/190591 (executing program)
2025/09/01 11:21:48 fetching corpus: 8235, signal 185733/190593 (executing program)
2025/09/01 11:21:49 fetching corpus: 8285, signal 186274/190597 (executing program)
2025/09/01 11:21:49 fetching corpus: 8335, signal 186766/190597 (executing program)
2025/09/01 11:21:49 fetching corpus: 8385, signal 187079/190654 (executing program)
2025/09/01 11:21:49 fetching corpus: 8435, signal 187403/190658 (executing program)
2025/09/01 11:21:49 fetching corpus: 8485, signal 187826/190662 (executing program)
2025/09/01 11:21:49 fetching corpus: 8495, signal 187888/190665 (executing program)
2025/09/01 11:21:49 fetching corpus: 8495, signal 187888/190665 (executing program)
2025/09/01 11:21:51 starting 8 fuzzer processes
11:21:51 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)={0x14, 0x62, 0xffffffffffffffff, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)
11:21:51 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x3c}, 0x2, @in=@empty, 0x0, 0x4}}, 0xe8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
11:21:51 executing program 1:
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGKBMETA(r0, 0x4b52, 0x0)
11:21:51 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
11:21:51 executing program 2:
memfd_secret(0x297a4e40b0576ebf)
11:21:51 executing program 5:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r0, 0x4b4b, 0xf0ff1f00000000)
11:21:51 executing program 3:
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000005c0)={0x28, r0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}]}]}]}, 0x28}}, 0x0)
11:21:51 executing program 6:
prctl$PR_SET_ENDIAN(0x26, 0x0)
[ 84.388490] audit: type=1400 audit(1756725711.560:7): avc: denied { execmem } for pid=273 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 85.557239] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 85.560125] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 85.562145] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 85.566784] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 85.570742] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 85.748740] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 85.750861] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 85.752976] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 85.758272] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 85.760299] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 85.788149] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 85.792879] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 85.795758] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 85.801284] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 85.803329] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 85.808667] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 85.815053] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 85.820731] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 85.829017] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 85.833764] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 85.862109] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 85.871452] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 85.873033] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 85.874763] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 85.880369] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 85.883614] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 85.884513] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 85.893761] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 85.898325] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 85.901525] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 85.910721] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 85.919857] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 85.922695] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 85.927063] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 85.930873] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 85.932330] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 85.949720] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 85.953587] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 85.957762] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 85.983788] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 87.656235] Bluetooth: hci0: command tx timeout
[ 87.782236] Bluetooth: hci2: command tx timeout
[ 87.911537] Bluetooth: hci3: command tx timeout
[ 87.912360] Bluetooth: hci1: command tx timeout
[ 87.974231] Bluetooth: hci5: command tx timeout
[ 87.974771] Bluetooth: hci4: command tx timeout
[ 88.037726] Bluetooth: hci6: command tx timeout
[ 88.038302] Bluetooth: hci7: command tx timeout
[ 89.701205] Bluetooth: hci0: command tx timeout
[ 89.829340] Bluetooth: hci2: command tx timeout
[ 89.957347] Bluetooth: hci1: command tx timeout
[ 89.957745] Bluetooth: hci3: command tx timeout
[ 90.021245] Bluetooth: hci4: command tx timeout
[ 90.021620] Bluetooth: hci5: command tx timeout
[ 90.085217] Bluetooth: hci6: command tx timeout
[ 90.085614] Bluetooth: hci7: command tx timeout
[ 91.749444] Bluetooth: hci0: command tx timeout
[ 91.878243] Bluetooth: hci2: command tx timeout
[ 92.007251] Bluetooth: hci1: command tx timeout
[ 92.008050] Bluetooth: hci3: command tx timeout
[ 92.069371] Bluetooth: hci5: command tx timeout
[ 92.070117] Bluetooth: hci4: command tx timeout
[ 92.133283] Bluetooth: hci7: command tx timeout
[ 92.134023] Bluetooth: hci6: command tx timeout
[ 93.797218] Bluetooth: hci0: command tx timeout
[ 93.925276] Bluetooth: hci2: command tx timeout
[ 94.053397] Bluetooth: hci3: command tx timeout
[ 94.053876] Bluetooth: hci1: command tx timeout
[ 94.117583] Bluetooth: hci4: command tx timeout
[ 94.118057] Bluetooth: hci5: command tx timeout
[ 94.181303] Bluetooth: hci7: command tx timeout
[ 94.181735] Bluetooth: hci6: command tx timeout
[ 125.285268] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 125.285917] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 125.522468] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 125.523266] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:22:33 executing program 2:
memfd_secret(0x297a4e40b0576ebf)
11:22:33 executing program 2:
memfd_secret(0x297a4e40b0576ebf)
11:22:33 executing program 2:
memfd_secret(0x297a4e40b0576ebf)
11:22:33 executing program 2:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x401070c9, 0x0)
11:22:34 executing program 2:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x401070c9, 0x0)
11:22:34 executing program 2:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x401070c9, 0x0)
11:22:34 executing program 2:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x401070c9, 0x0)
11:22:34 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448df, &(0x7f0000000080))
[ 127.443040] audit: type=1400 audit(1756725754.614:8): avc: denied { open } for pid=3821 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 127.448120] audit: type=1400 audit(1756725754.614:9): avc: denied { kernel } for pid=3821 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 127.558595] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.559329] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 127.615409] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.616041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 127.717282] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.717912] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 127.777999] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.778657] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 127.884026] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.885459] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.027005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.027671] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.094765] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.095869] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.109032] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.109736] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.203407] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.204045] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.279413] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.280054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.418463] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.419103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.511772] capability: warning: `syz-executor.1' uses deprecated v2 capabilities in a way that may be insecure
[ 128.561342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.561982] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.714640] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.715572] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.749637] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.750269] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.830597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=98 sclass=netlink_route_socket pid=3910 comm=syz-executor.0
[ 128.832773] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=98 sclass=netlink_route_socket pid=3910 comm=syz-executor.0
11:22:36 executing program 6:
prctl$PR_SET_ENDIAN(0x26, 0x0)
11:22:36 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
dup2(r0, r1)
11:22:36 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/time_for_children\x00')
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r2}]}, 0x24}}, 0x0)
11:22:36 executing program 7:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001d00010200000000000000ff07"], 0x1c}], 0x1}, 0x0)
11:22:36 executing program 4:
mbind(&(0x7f0000873000/0x2000)=nil, 0x2000, 0x2000, 0x0, 0x0, 0x0)
11:22:36 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000180)={0x1f, 0x0, 0x4}, 0x6)
11:22:36 executing program 3:
fdatasync(0xffffffffffffffff)
11:22:36 executing program 1:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000100))
11:22:36 executing program 6:
prctl$PR_SET_ENDIAN(0x26, 0x0)
11:22:36 executing program 3:
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000001f40), 0x0, 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000001f80)='cachetag', 0x0, 0xffffffffffffffff)
11:22:36 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000001240)={0x1c, r1, 0x5, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
11:22:36 executing program 7:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001d00010200000000000000ff07"], 0x1c}], 0x1}, 0x0)
11:22:36 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000040)={[{@init_itable}]})
11:22:36 executing program 5:
setresuid(0xee01, 0xee00, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, 0x0, 0x0)
11:22:36 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read$rfkill(r0, &(0x7f0000000240), 0x80000)
11:22:36 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000140)='asymmetric\x00', 0x0)
add_key$keyring(&(0x7f0000000300), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
request_key(&(0x7f00000003c0)='user\x00', &(0x7f0000000400)={'syz', 0x0}, &(0x7f0000000440)='asymmetric\x00', 0x0)
[ 129.012590] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 129.013511] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 129.014115] CPU: 1 UID: 0 PID: 3933 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 129.015610] Tainted: [W]=WARN
[ 129.016357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 129.017995] RIP: 0010:perf_tp_event+0x175/0xe70
[ 129.019084] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 129.023005] RSP: 0018:ffff888046537780 EFLAGS: 00010012
[ 129.023425] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc900040aa000
[ 129.023976] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 129.024569] RBP: ffff8880465379f0 R08: ffff88806cf31340 R09: ffffe8ffffd16940
[ 129.025153] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 129.025726] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 129.026314] FS: 00007fc22af4c700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 129.026967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 129.027449] CR2: 00007fc22daea018 CR3: 000000001d324000 CR4: 0000000000350ef0
[ 129.028026] Call Trace:
[ 129.028241]
[ 129.028436] ? lock_release+0xc8/0x290
[ 129.028770] ? __pfx_perf_tp_event+0x10/0x10
[ 129.029141] ? unwind_get_return_address+0x59/0xa0
[ 129.029549] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 129.030005] ? arch_stack_walk+0x9c/0xf0
[ 129.030340] ? __lock_acquire+0x694/0x1b70
[ 129.030699] ? __lock_acquire+0x694/0x1b70
[ 129.031052] ? css_rstat_updated+0x1b8/0x4d0
[ 129.031434] ? __pfx_css_rstat_updated+0x10/0x10
[ 129.031837] ? lock_is_held_type+0x9e/0x120
[ 129.032204] ? perf_trace_run_bpf_submit+0xef/0x180
[ 129.032629] ? lock_is_held_type+0x9e/0x120
[ 129.032986] perf_trace_run_bpf_submit+0xef/0x180
[ 129.033393] perf_trace_preemptirq_template+0x259/0x430
[ 129.033837] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 129.034325] ? check_preempt_wakeup_fair+0x406/0x950
[ 129.034743] ? find_held_lock+0x2b/0x80
[ 129.035076] ? try_to_wake_up+0x8ae/0x11d0
[ 129.035433] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 129.035851] trace_irq_enable.constprop.0+0xa6/0x100
[ 129.036276] trace_hardirqs_on+0x26/0x40
[ 129.036617] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 129.037023] try_to_wake_up+0x8ae/0x11d0
[ 129.037374] ? __pfx_try_to_wake_up+0x10/0x10
[ 129.037750] ? plist_del+0x122/0x270
[ 129.038063] ? find_held_lock+0x2b/0x80
[ 129.038395] ? futex_wake+0x474/0x540
[ 129.038721] wake_up_q+0xa1/0x130
[ 129.039017] futex_wake+0x47e/0x540
[ 129.039322] ? __pfx_futex_wake+0x10/0x10
[ 129.039668] ? __lock_acquire+0x694/0x1b70
[ 129.040023] ? file_init_path+0x506/0x770
[ 129.040386] do_futex+0x26d/0x370
[ 129.040682] ? __pfx_do_futex+0x10/0x10
[ 129.041017] ? lock_release+0xc8/0x290
[ 129.041347] __x64_sys_futex+0x1c9/0x4d0
[ 129.041682] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 129.042153] ? __pfx___x64_sys_futex+0x10/0x10
[ 129.042522] ? xfd_validate_state+0x55/0x180
[ 129.042888] do_syscall_64+0xbf/0x360
[ 129.043195] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 129.043607] RIP: 0033:0x7fc22d9d6b19
[ 129.043905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 129.045333] RSP: 002b:00007fc22af4c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 129.045932] RAX: ffffffffffffffda RBX: 00007fc22dae9f68 RCX: 00007fc22d9d6b19
[ 129.046497] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc22dae9f6c
[ 129.047063] RBP: 00007fc22dae9f60 R08: 000000000000000e R09: 0000000000000000
[ 129.047625] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc22dae9f6c
[ 129.048185] R13: 00007ffd4509fe0f R14: 00007fc22af4c300 R15: 0000000000022000
[ 129.048753]
[ 129.048943] Modules linked in:
[ 129.049207] ---[ end trace 0000000000000000 ]---
[ 129.049577] RIP: 0010:perf_tp_event+0x175/0xe70
[ 129.049953] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 129.051379] RSP: 0018:ffff888046537780 EFLAGS: 00010012
[ 129.051805] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc900040aa000
[ 129.052374] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 129.052934] RBP: ffff8880465379f0 R08: ffff88806cf31340 R09: ffffe8ffffd16940
[ 129.053490] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 129.054044] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 129.054617] FS: 00007fc22af4c700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 129.055246] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 129.055714] CR2: 00007fc22daea018 CR3: 000000001d324000 CR4: 0000000000350ef0
[ 129.056268] note: syz-executor.7[3933] exited with irqs disabled
[ 129.056847] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 129.057723] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 129.058323] CPU: 1 UID: 0 PID: 3933 Comm: syz-executor.7 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 129.059260] Tainted: [D]=DIE, [W]=WARN
[ 129.059568] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 129.060219] RIP: 0010:perf_tp_event+0x175/0xe70
[ 129.060607] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 129.062027] RSP: 0018:ffff88806cf08b80 EFLAGS: 00010012
[ 129.062451] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 129.062563] loop1: detected capacity change from 0 to 4
[ 129.063008] RDX: ffff888016c7b700 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 129.063018] RBP: ffff88806cf08df0 R08: ffff88806cf313e8 R09: ffffe8ffffd16940
[ 129.063027] R10: 0000000000000000 R11: ffff88801a428c98 R12: dffffc0000000000
[ 129.065115] R13: 0000000000000014 R14: ffff88806cf313e8 R15: dffffc0000000000
[ 129.065680] FS: 00007fc22af4c700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 129.066312] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 129.066767] CR2: 00007fc22daea018 CR3: 000000001d324000 CR4: 0000000000350ef0
[ 129.067327] Call Trace:
[ 129.067535]
[ 129.067713] ? __pfx_perf_tp_event+0x10/0x10
[ 129.068072] ? enqueue_task_fair+0xded/0x1e00
[ 129.068443] ? check_preempt_wakeup_fair+0x6e/0x950
[ 129.068845] ? wakeup_preempt+0x140/0x2a0
[ 129.069178] ? lock_release+0x1c7/0x290
[ 129.069191] EXT4-fs (loop1): bad geometry: block count 64 exceeds size of device (2 blocks)
[ 129.069500] ? lock_release+0x1c7/0x290
[ 129.070442] ? do_raw_spin_unlock+0x53/0x220
[ 129.070804] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 129.071214] ? try_to_wake_up+0x8ae/0x11d0
[ 129.071558] ? do_raw_spin_lock+0x123/0x260
[ 129.071908] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 129.072290] ? perf_trace_run_bpf_submit+0xef/0x180
[ 129.072697] perf_trace_run_bpf_submit+0xef/0x180
[ 129.073088] perf_trace_preemptirq_template+0x259/0x430
[ 129.073515] ? read_tsc+0x9/0x20
[ 129.073797] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 129.074261] ? clockevents_program_event+0x135/0x360
[ 129.074670] ? tick_program_event+0xac/0x140
[ 129.075024] ? handle_softirqs+0x16e/0x770
[ 129.075369] trace_irq_enable.constprop.0+0xa6/0x100
[ 129.075773] trace_hardirqs_on+0x26/0x40
[ 129.076095] handle_softirqs+0x16e/0x770
[ 129.076437] __irq_exit_rcu+0xc4/0x100
[ 129.076757] irq_exit_rcu+0x9/0x20
[ 129.077043] sysvec_apic_timer_interrupt+0x70/0x80
[ 129.077438]
[ 129.077621]
[ 129.077806] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 129.078223] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 129.078602] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de
[ 129.080029] RSP: 0018:ffff888046537f28 EFLAGS: 00000246
[ 129.080458] RAX: 0000000000000001 RBX: ffff888016c7b700 RCX: ffffffff817c3ab6
[ 129.081018] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 129.081578] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 129.082138] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff888016c7b700
[ 129.082698] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[ 129.083258] ? trace_irq_enable.constprop.0+0x26/0x100
[ 129.083673] ? make_task_dead+0x214/0x3b0
[ 129.084004] ? make_task_dead+0x214/0x3b0
[ 129.084336] ? do_syscall_64+0xbf/0x360
[ 129.084666] rewind_stack_and_make_dead+0x16/0x20
[ 129.085054] RIP: 0033:0x7fc22d9d6b19
[ 129.085348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 129.086753] RSP: 002b:00007fc22af4c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 129.087344] RAX: ffffffffffffffda RBX: 00007fc22dae9f68 RCX: 00007fc22d9d6b19
[ 129.087897] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc22dae9f6c
[ 129.088461] RBP: 00007fc22dae9f60 R08: 000000000000000e R09: 0000000000000000
[ 129.089013] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc22dae9f6c
[ 129.089567] R13: 00007ffd4509fe0f R14: 00007fc22af4c300 R15: 0000000000022000
[ 129.090125]
[ 129.090319] Modules linked in:
[ 129.090581] ---[ end trace 0000000000000000 ]---
[ 129.090947] RIP: 0010:perf_tp_event+0x175/0xe70
[ 129.091322] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 129.092734] RSP: 0018:ffff888046537780 EFLAGS: 00010012
[ 129.093153] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc900040aa000
[ 129.093718] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 129.094270] RBP: ffff8880465379f0 R08: ffff88806cf31340 R09: ffffe8ffffd16940
[ 129.094823] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 129.095377] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 129.095932] FS: 00007fc22af4c700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 129.096563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 129.097020] CR2: 00007fc22daea018 CR3: 000000001d324000 CR4: 0000000000350ef0
[ 129.097576] Kernel panic - not syncing: Fatal exception in interrupt
[ 129.098316] Kernel Offset: disabled
[ 129.098603] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
11:22:36 Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=ffff88806cf3c300 RCX=ffffffff816880fc RDX=ffff888015cd0000
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff8880165576f8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9c6bb1
R12=ffffed100d9e7861 R13=ffff88806cf3c308 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00005555887e6400 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe6a00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00005555579d0708 CR3=00000000424e0000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888046537070
R8 =0000000000000000 R9 =ffffed10015fb046 R10=0000000000000038 R11=0000000065646f43
R12=0000000000000038 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fc22af4c700 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe6300000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fc22daea018 CR3=000000001d324000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007fc22dabd7c000007fc22dabd7c8
XMM02=00007fc22dabd7e000007fc22dabd7c0 XMM03=00007fc22dabd7c800007fc22dabd7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000