Warning: Permanently added '[localhost]:16837' (ECDSA) to the list of known hosts.
2025/09/01 11:36:51 fuzzer started
2025/09/01 11:36:52 dialing manager at localhost:35473
syzkaller login: [ 58.879928] cgroup: Unknown subsys name 'net'
[ 58.956912] cgroup: Unknown subsys name 'cpuset'
[ 58.977562] cgroup: Unknown subsys name 'rlimit'
2025/09/01 11:37:03 syscalls: 2214
2025/09/01 11:37:03 code coverage: enabled
2025/09/01 11:37:03 comparison tracing: enabled
2025/09/01 11:37:03 extra coverage: enabled
2025/09/01 11:37:03 setuid sandbox: enabled
2025/09/01 11:37:03 namespace sandbox: enabled
2025/09/01 11:37:03 Android sandbox: enabled
2025/09/01 11:37:03 fault injection: enabled
2025/09/01 11:37:03 leak checking: enabled
2025/09/01 11:37:03 net packet injection: enabled
2025/09/01 11:37:03 net device setup: enabled
2025/09/01 11:37:03 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 11:37:03 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 11:37:03 USB emulation: enabled
2025/09/01 11:37:03 hci packet injection: enabled
2025/09/01 11:37:03 wifi device emulation: enabled
2025/09/01 11:37:03 802.15.4 emulation: enabled
2025/09/01 11:37:03 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 11:37:03 fetching corpus: 50, signal 22993/26486 (executing program)
2025/09/01 11:37:03 fetching corpus: 100, signal 36153/40987 (executing program)
2025/09/01 11:37:03 fetching corpus: 150, signal 44684/50828 (executing program)
2025/09/01 11:37:03 fetching corpus: 200, signal 50437/57861 (executing program)
2025/09/01 11:37:03 fetching corpus: 250, signal 55853/64422 (executing program)
2025/09/01 11:37:03 fetching corpus: 300, signal 59000/68761 (executing program)
2025/09/01 11:37:03 fetching corpus: 350, signal 64071/74794 (executing program)
2025/09/01 11:37:03 fetching corpus: 400, signal 68027/79690 (executing program)
2025/09/01 11:37:04 fetching corpus: 450, signal 71510/84093 (executing program)
2025/09/01 11:37:04 fetching corpus: 500, signal 74089/87635 (executing program)
2025/09/01 11:37:04 fetching corpus: 550, signal 76967/91372 (executing program)
2025/09/01 11:37:04 fetching corpus: 600, signal 78690/94042 (executing program)
2025/09/01 11:37:04 fetching corpus: 650, signal 81429/97542 (executing program)
2025/09/01 11:37:04 fetching corpus: 700, signal 85456/102113 (executing program)
2025/09/01 11:37:04 fetching corpus: 750, signal 87196/104727 (executing program)
2025/09/01 11:37:04 fetching corpus: 800, signal 88987/107284 (executing program)
2025/09/01 11:37:04 fetching corpus: 850, signal 91285/110215 (executing program)
2025/09/01 11:37:04 fetching corpus: 900, signal 95025/114240 (executing program)
2025/09/01 11:37:05 fetching corpus: 950, signal 96122/116122 (executing program)
2025/09/01 11:37:05 fetching corpus: 1000, signal 97403/118132 (executing program)
2025/09/01 11:37:05 fetching corpus: 1050, signal 99179/120518 (executing program)
2025/09/01 11:37:05 fetching corpus: 1100, signal 100321/122387 (executing program)
2025/09/01 11:37:05 fetching corpus: 1150, signal 101305/124081 (executing program)
2025/09/01 11:37:05 fetching corpus: 1200, signal 103895/126976 (executing program)
2025/09/01 11:37:05 fetching corpus: 1250, signal 104879/128587 (executing program)
2025/09/01 11:37:05 fetching corpus: 1300, signal 106282/130544 (executing program)
2025/09/01 11:37:05 fetching corpus: 1350, signal 107426/132287 (executing program)
2025/09/01 11:37:06 fetching corpus: 1400, signal 108989/134292 (executing program)
2025/09/01 11:37:06 fetching corpus: 1450, signal 110027/135864 (executing program)
2025/09/01 11:37:06 fetching corpus: 1500, signal 111495/137698 (executing program)
2025/09/01 11:37:06 fetching corpus: 1550, signal 112625/139282 (executing program)
2025/09/01 11:37:06 fetching corpus: 1600, signal 114067/141127 (executing program)
2025/09/01 11:37:06 fetching corpus: 1650, signal 115369/142765 (executing program)
2025/09/01 11:37:06 fetching corpus: 1700, signal 116536/144316 (executing program)
2025/09/01 11:37:06 fetching corpus: 1750, signal 117642/145799 (executing program)
2025/09/01 11:37:06 fetching corpus: 1800, signal 118688/147194 (executing program)
2025/09/01 11:37:06 fetching corpus: 1850, signal 119669/148564 (executing program)
2025/09/01 11:37:07 fetching corpus: 1900, signal 120442/149774 (executing program)
2025/09/01 11:37:07 fetching corpus: 1950, signal 121551/151237 (executing program)
2025/09/01 11:37:07 fetching corpus: 2000, signal 122352/152447 (executing program)
2025/09/01 11:37:07 fetching corpus: 2050, signal 123690/153911 (executing program)
2025/09/01 11:37:07 fetching corpus: 2100, signal 124565/155078 (executing program)
2025/09/01 11:37:07 fetching corpus: 2150, signal 125344/156188 (executing program)
2025/09/01 11:37:07 fetching corpus: 2200, signal 126527/157539 (executing program)
2025/09/01 11:37:07 fetching corpus: 2250, signal 127416/158762 (executing program)
2025/09/01 11:37:07 fetching corpus: 2300, signal 128489/159945 (executing program)
2025/09/01 11:37:07 fetching corpus: 2350, signal 129105/160924 (executing program)
2025/09/01 11:37:07 fetching corpus: 2400, signal 129887/162087 (executing program)
2025/09/01 11:37:08 fetching corpus: 2450, signal 130840/163184 (executing program)
2025/09/01 11:37:08 fetching corpus: 2500, signal 131483/164162 (executing program)
2025/09/01 11:37:08 fetching corpus: 2550, signal 132339/165143 (executing program)
2025/09/01 11:37:08 fetching corpus: 2600, signal 133509/166332 (executing program)
2025/09/01 11:37:08 fetching corpus: 2650, signal 134211/167280 (executing program)
2025/09/01 11:37:08 fetching corpus: 2700, signal 135251/168355 (executing program)
2025/09/01 11:37:08 fetching corpus: 2750, signal 135950/169246 (executing program)
2025/09/01 11:37:08 fetching corpus: 2800, signal 136677/170127 (executing program)
2025/09/01 11:37:08 fetching corpus: 2850, signal 137734/171153 (executing program)
2025/09/01 11:37:08 fetching corpus: 2900, signal 138482/172020 (executing program)
2025/09/01 11:37:08 fetching corpus: 2950, signal 139091/172895 (executing program)
2025/09/01 11:37:08 fetching corpus: 3000, signal 139954/173774 (executing program)
2025/09/01 11:37:09 fetching corpus: 3050, signal 140558/174566 (executing program)
2025/09/01 11:37:09 fetching corpus: 3100, signal 141553/175441 (executing program)
2025/09/01 11:37:09 fetching corpus: 3150, signal 142232/176233 (executing program)
2025/09/01 11:37:09 fetching corpus: 3200, signal 142857/176951 (executing program)
2025/09/01 11:37:09 fetching corpus: 3250, signal 143647/177708 (executing program)
2025/09/01 11:37:09 fetching corpus: 3300, signal 144172/178390 (executing program)
2025/09/01 11:37:09 fetching corpus: 3350, signal 144827/179054 (executing program)
2025/09/01 11:37:09 fetching corpus: 3400, signal 145309/179699 (executing program)
2025/09/01 11:37:09 fetching corpus: 3450, signal 146126/180416 (executing program)
2025/09/01 11:37:09 fetching corpus: 3500, signal 146670/181038 (executing program)
2025/09/01 11:37:09 fetching corpus: 3550, signal 147783/181805 (executing program)
2025/09/01 11:37:10 fetching corpus: 3600, signal 148495/182466 (executing program)
2025/09/01 11:37:10 fetching corpus: 3650, signal 148958/183029 (executing program)
2025/09/01 11:37:10 fetching corpus: 3700, signal 149382/183580 (executing program)
2025/09/01 11:37:10 fetching corpus: 3750, signal 149810/184125 (executing program)
2025/09/01 11:37:10 fetching corpus: 3800, signal 150421/184713 (executing program)
2025/09/01 11:37:10 fetching corpus: 3850, signal 153226/185713 (executing program)
2025/09/01 11:37:10 fetching corpus: 3900, signal 153863/186272 (executing program)
2025/09/01 11:37:10 fetching corpus: 3950, signal 154629/186778 (executing program)
2025/09/01 11:37:10 fetching corpus: 4000, signal 155282/187290 (executing program)
2025/09/01 11:37:10 fetching corpus: 4050, signal 155719/187717 (executing program)
2025/09/01 11:37:11 fetching corpus: 4100, signal 156135/188169 (executing program)
2025/09/01 11:37:11 fetching corpus: 4150, signal 156669/188634 (executing program)
2025/09/01 11:37:11 fetching corpus: 4200, signal 157294/189137 (executing program)
2025/09/01 11:37:11 fetching corpus: 4250, signal 157794/189582 (executing program)
2025/09/01 11:37:11 fetching corpus: 4300, signal 158287/190028 (executing program)
2025/09/01 11:37:11 fetching corpus: 4350, signal 158691/190444 (executing program)
2025/09/01 11:37:11 fetching corpus: 4400, signal 159348/190871 (executing program)
2025/09/01 11:37:11 fetching corpus: 4450, signal 159951/191369 (executing program)
2025/09/01 11:37:11 fetching corpus: 4500, signal 160321/191755 (executing program)
2025/09/01 11:37:11 fetching corpus: 4550, signal 160899/192135 (executing program)
2025/09/01 11:37:11 fetching corpus: 4600, signal 161458/192597 (executing program)
2025/09/01 11:37:11 fetching corpus: 4650, signal 161775/192945 (executing program)
2025/09/01 11:37:12 fetching corpus: 4700, signal 162241/193265 (executing program)
2025/09/01 11:37:12 fetching corpus: 4750, signal 162667/193394 (executing program)
2025/09/01 11:37:12 fetching corpus: 4800, signal 163013/193399 (executing program)
2025/09/01 11:37:12 fetching corpus: 4850, signal 163410/193401 (executing program)
2025/09/01 11:37:12 fetching corpus: 4900, signal 163781/193412 (executing program)
2025/09/01 11:37:12 fetching corpus: 4950, signal 164292/193454 (executing program)
2025/09/01 11:37:12 fetching corpus: 5000, signal 164612/193470 (executing program)
2025/09/01 11:37:12 fetching corpus: 5050, signal 165000/193477 (executing program)
2025/09/01 11:37:12 fetching corpus: 5100, signal 165469/193484 (executing program)
2025/09/01 11:37:12 fetching corpus: 5150, signal 166083/193484 (executing program)
2025/09/01 11:37:12 fetching corpus: 5200, signal 166351/193485 (executing program)
2025/09/01 11:37:13 fetching corpus: 5250, signal 166901/193489 (executing program)
2025/09/01 11:37:13 fetching corpus: 5300, signal 167281/193491 (executing program)
2025/09/01 11:37:13 fetching corpus: 5350, signal 167594/193494 (executing program)
2025/09/01 11:37:13 fetching corpus: 5400, signal 167953/193499 (executing program)
2025/09/01 11:37:13 fetching corpus: 5450, signal 168304/193503 (executing program)
2025/09/01 11:37:13 fetching corpus: 5500, signal 168740/193514 (executing program)
2025/09/01 11:37:13 fetching corpus: 5550, signal 169449/193522 (executing program)
2025/09/01 11:37:13 fetching corpus: 5600, signal 169799/193524 (executing program)
2025/09/01 11:37:13 fetching corpus: 5650, signal 170104/193536 (executing program)
2025/09/01 11:37:13 fetching corpus: 5700, signal 170402/193539 (executing program)
2025/09/01 11:37:13 fetching corpus: 5750, signal 170771/193543 (executing program)
2025/09/01 11:37:13 fetching corpus: 5800, signal 171281/193564 (executing program)
2025/09/01 11:37:13 fetching corpus: 5850, signal 171725/193570 (executing program)
2025/09/01 11:37:14 fetching corpus: 5900, signal 171996/193574 (executing program)
2025/09/01 11:37:14 fetching corpus: 5950, signal 172379/193586 (executing program)
2025/09/01 11:37:14 fetching corpus: 6000, signal 172666/193600 (executing program)
2025/09/01 11:37:14 fetching corpus: 6050, signal 173081/193600 (executing program)
2025/09/01 11:37:14 fetching corpus: 6100, signal 173585/193607 (executing program)
2025/09/01 11:37:14 fetching corpus: 6150, signal 174035/193665 (executing program)
2025/09/01 11:37:14 fetching corpus: 6200, signal 174313/193665 (executing program)
2025/09/01 11:37:14 fetching corpus: 6250, signal 174707/193692 (executing program)
2025/09/01 11:37:14 fetching corpus: 6300, signal 175056/193699 (executing program)
2025/09/01 11:37:14 fetching corpus: 6350, signal 175450/193704 (executing program)
2025/09/01 11:37:14 fetching corpus: 6400, signal 175721/193709 (executing program)
2025/09/01 11:37:15 fetching corpus: 6450, signal 175964/193711 (executing program)
2025/09/01 11:37:15 fetching corpus: 6500, signal 176359/193716 (executing program)
2025/09/01 11:37:15 fetching corpus: 6550, signal 176737/193725 (executing program)
2025/09/01 11:37:15 fetching corpus: 6600, signal 177129/193802 (executing program)
2025/09/01 11:37:15 fetching corpus: 6650, signal 177452/193804 (executing program)
2025/09/01 11:37:15 fetching corpus: 6700, signal 177710/193811 (executing program)
2025/09/01 11:37:15 fetching corpus: 6750, signal 178084/193812 (executing program)
2025/09/01 11:37:15 fetching corpus: 6800, signal 178513/193896 (executing program)
2025/09/01 11:37:15 fetching corpus: 6850, signal 178774/193908 (executing program)
2025/09/01 11:37:15 fetching corpus: 6900, signal 179100/193919 (executing program)
2025/09/01 11:37:15 fetching corpus: 6950, signal 179461/193921 (executing program)
2025/09/01 11:37:15 fetching corpus: 7000, signal 179819/193927 (executing program)
2025/09/01 11:37:16 fetching corpus: 7050, signal 180089/193929 (executing program)
2025/09/01 11:37:16 fetching corpus: 7100, signal 180391/193933 (executing program)
2025/09/01 11:37:16 fetching corpus: 7150, signal 180693/193935 (executing program)
2025/09/01 11:37:16 fetching corpus: 7200, signal 180966/193936 (executing program)
2025/09/01 11:37:16 fetching corpus: 7250, signal 181280/193940 (executing program)
2025/09/01 11:37:16 fetching corpus: 7300, signal 181529/193946 (executing program)
2025/09/01 11:37:16 fetching corpus: 7350, signal 181836/193947 (executing program)
2025/09/01 11:37:16 fetching corpus: 7400, signal 182107/193971 (executing program)
2025/09/01 11:37:16 fetching corpus: 7450, signal 182434/193983 (executing program)
2025/09/01 11:37:16 fetching corpus: 7500, signal 182639/193990 (executing program)
2025/09/01 11:37:16 fetching corpus: 7550, signal 182991/193991 (executing program)
2025/09/01 11:37:16 fetching corpus: 7600, signal 183227/194022 (executing program)
2025/09/01 11:37:16 fetching corpus: 7650, signal 183485/194052 (executing program)
2025/09/01 11:37:17 fetching corpus: 7700, signal 183697/194062 (executing program)
2025/09/01 11:37:17 fetching corpus: 7750, signal 184049/194064 (executing program)
2025/09/01 11:37:17 fetching corpus: 7800, signal 184292/194073 (executing program)
2025/09/01 11:37:17 fetching corpus: 7850, signal 184509/194081 (executing program)
2025/09/01 11:37:17 fetching corpus: 7900, signal 184714/194088 (executing program)
2025/09/01 11:37:17 fetching corpus: 7950, signal 185017/194093 (executing program)
2025/09/01 11:37:17 fetching corpus: 8000, signal 185392/194096 (executing program)
2025/09/01 11:37:17 fetching corpus: 8050, signal 185794/194112 (executing program)
2025/09/01 11:37:17 fetching corpus: 8100, signal 186176/194122 (executing program)
2025/09/01 11:37:17 fetching corpus: 8150, signal 186456/194136 (executing program)
2025/09/01 11:37:17 fetching corpus: 8200, signal 186817/194138 (executing program)
2025/09/01 11:37:17 fetching corpus: 8250, signal 187057/194149 (executing program)
2025/09/01 11:37:17 fetching corpus: 8300, signal 187330/194176 (executing program)
2025/09/01 11:37:17 fetching corpus: 8350, signal 187655/194179 (executing program)
2025/09/01 11:37:18 fetching corpus: 8400, signal 187924/194179 (executing program)
2025/09/01 11:37:18 fetching corpus: 8450, signal 188266/194186 (executing program)
2025/09/01 11:37:18 fetching corpus: 8500, signal 188498/194186 (executing program)
2025/09/01 11:37:18 fetching corpus: 8550, signal 188790/194187 (executing program)
2025/09/01 11:37:18 fetching corpus: 8600, signal 189076/194188 (executing program)
2025/09/01 11:37:18 fetching corpus: 8650, signal 189315/194188 (executing program)
2025/09/01 11:37:18 fetching corpus: 8700, signal 189596/194192 (executing program)
2025/09/01 11:37:18 fetching corpus: 8750, signal 190045/194193 (executing program)
2025/09/01 11:37:18 fetching corpus: 8800, signal 190243/194206 (executing program)
2025/09/01 11:37:18 fetching corpus: 8850, signal 190579/194211 (executing program)
2025/09/01 11:37:18 fetching corpus: 8900, signal 190844/194212 (executing program)
2025/09/01 11:37:18 fetching corpus: 8950, signal 191004/194213 (executing program)
2025/09/01 11:37:18 fetching corpus: 9000, signal 191290/194217 (executing program)
2025/09/01 11:37:19 fetching corpus: 9032, signal 191454/194255 (executing program)
2025/09/01 11:37:19 fetching corpus: 9032, signal 191454/194255 (executing program)
2025/09/01 11:37:21 starting 8 fuzzer processes
11:37:21 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r2, r0, r1, 0x0)
11:37:21 executing program 1:
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/mnt\x00')
ioctl$BTRFS_IOC_ADD_DEV(r0, 0x5000940a, &(0x7f00000001c0)={{}, "ee0ebceecc761cec1dbf263211bab894b962331082fa21a6d24471a082fb5a9fcdd0fcfcf883a7bebffce49f5206f754c14df15e18ff6c8a03608ee8cef3e5a997d324265a10764840fae10b5799cac62bc42fb7a18564f768d45eb313c4c719f745788b516178b47062e07120bce7ff065a1ce31453abc201fc4ae9756aa97be8f667f3f0cb41ba902e7be28c1603b15b0b2693008328236f5e8c2c2f8cd3587bcc2ea2122951708d01d7d8390c1e1f6a23d2a08aafceab92c7792eae32d523e5b942595ef10a037c641d10671bc410c489e4f3de49626d00703c4d908ec5b44fa7012923c781e8880f29a770dc733a216c7a6c686f3670f54a90211d1676710e909645965eb52b53ff5ea8ad08272c15470d041f03387bf24e5006b4d10dcfbf2aecc5225d7affab8c910fa8435d16e9b1c6c40ea5ca6a6743256ebfee7567b744829facdba6505c82c4a85fc6967881a78efefe0a487974712c06aa294b4f75e85c05af54823440f96930daa14a0c938d1f741e74ba0798ab680e6372820a9794b22e91abad942c6775c303c5df81fbafa10eb0c665df44cc0fc9ed8dccc76af8ff85a602c7d1a5df128590af5b0a321c8bd6a204e404e083be0a21f61ad28a8efec107607b13c18475d3be6352cd72a3e8f0cb6bb271c346562af242153aaabe4de79a3760effdd6791773cd293504a09448798ba9c3b4d8f36469848aca5b8288676623f40aff15436d40b8e238ffa9484e2c99c1e20582e72944262aadb989af096a3b30cb039dba9f19001c069fbdcd903b6fcb5cd8ac82685e9587fc202b9e53713869a9e262ae4486ed11100e0a45e206a0a5b221ed08a24708e284873e965a751bf666399ba33dc063be05b2a9f9de00d0fa5478b19aeb2b354018dd8f8917f8c53379047c4bba155bc7435789f3ca2efd35b1f5ba5044b7e86e77541fd5fc1f270ea6d926d76663b753f78b99afa00b0af92fa60393254a58c9524faaa8dc381bb95467c1f5dfc709f5212da7711314b2237d100c6dea3d68df3ac3da97d9bc0d25429f3e29e340f6f47045d0514e6ac25bcf4e8903a8a44726a4023342a771cafb36c58cb12c7188a4f4ed2e23121635cf86d17844f2a015dcc8f24203a640379d3e4722934e440936ef369d7c8d53cda9313b40eb4a2ddfb56baea0e6f158bc58546b0254f344d2cfa9699a9807c3a8a85ff47284cb5bfc5f20a1a44fdc40bccbf9b27f95b6ab6f35f8cc9442b55dae96e9b48aa1570ece327e309e6e1b3b7bd0a6e009c1432f894b29c9a45498bcc2309abd2aeb0aa88ac27e88d9289fa5d44e9233b962af0a4d61f01fe31ed40668a18317062d8290af07c9e0e79f5ff58d3e3a290f336dc695645ce06f1fc651f2235100d0cf59524a138db6dfd602bec1474fe485cf70af1de9dae965e9479f21ec6a0faf0816710dbd5e694456f850329400ae600f9358ff5158c18d0ae5ac56cfdbba8396d2238c5a2f83ecef2a739249900a474b0255f2e24f6bda32ce12f2a860849e4d85915943e0ad848517c4b3bca707b4585f185615b90c43e85f7c01800d2c5f66bd78cf9c2b2bf102ff2ab7b2a77537e0c4843e345ecaeaf37c75019ed17b99a8dadcd61cee817b9eadf08e799a876e29bb582bd5d23bfe2ea98b07d7a953637220d9b6866c5567f8c5d0266c12fd6b6f71f8ba9ad189cdbb2e3f4b876f7f3c5caab8edd2e82eb53d94effccedb1eba43ede54fb4b972d9c69f30f0e1b6ecc4fa5fa207ad42eb6987178c846c27ce4b8ae4b4198e6b17a9a90400f3723c0934ca87591e943efabf61086faec7c691e6166bcec40449f819e561024a613a03418559eb2152a102696a420065ab379db0635edb19ad87d6f4ff03dd960f599d7731896b342da62902b3eedb3835489fae818d7c85ca89b1ffd2efda1f830b310a5dfca63ffb17ed4eea5a2a77384599de8bd8461cc38a594f041834fa3d841fb92980d9600627a0cd9134b31340e6f30ee8ede413c6538cfe08f17b9abfb5db72b9579b0d97837221ef8665e35b43aba757b6f2a85fef07ee6fbb6e788560858137ca6d57da3c75d9a9fceb0b4539ee15f30819ede59e7d716a9b4286e58265c01252bc18cde558e0f5021a0096c1c0ae082ae9ee3076e73f0144dabc1f2952b956336f769816443f484fd94e85a6f66ce3d5d4ba0eb321199368701031dfccbe69a61bd58de5319778daee41848b4937af4cee507e3210222fbb3523b7ab076c09b5a8efa76367acf7bdc524e5f3df6de8e1a6550f160b124a530fc8a244f8a7c4f39b39e433ce07f723216f20326b409eb6fbf797bda5f73396b0fa53f2c830b0af64a14b4676487a77ab7e8a47cb6bbb7e73bcb07101d39ba3265c73c4844194794628f474d71116cda53741c76a33d2d2aeb0c7a3c65b816b88e5f088a21265cf858ed48be109ed9a73211ffa986545bc09a2b5a52669551ffe89dcc0d397efd0df36dc67191b1e5b29bc216cf18f7b6a7d91ea08e3878a8009f2aaea2532cee1e16f5a86dedf05d16a47cf1c95c12b4eee0a4721e4006e889b60bd04e353179cc2a6a33c685ead83653feb509a0fab4ff6d08fffbef736a8cacff77150449752539b93699c9839bc40a14b85f79251bece365abe0c11b1f7b03861ef28a9f441ff3b9309d66d1bb901d78f332a0e1393b7a083dc4cb368fa6d83a92374f09a89d84d999a270f3a34fb5b31f0a32c8e8cc81129213b754b580ebad727bffdf527b3a062d974b5c177dc5ba5127206cf11ff11b1a573a901f0ec284272d2c72f7911aac8b4f1b1b5abe3c02a89662eeaabec49182ddbe5222294b1a53fb4c1e61f1d0fc95672b79d09323e70d0cfbb84d4e3a5896865220d99f6e971fcdfabe6167714155d29d30def63653655917ce9c089405e62744e9b744af0a8549dcc8c99a5c946bdfa8efc5993e09aac19d65c318aa74520aed3faf0094ac25110ac626867c3b5e7e0b3f951a96191b81f586f804184127aa99ddc14785fcb9e3f4ec5c134674d9ffd55618a4636de585b0c7fc8fb0eeeb42269d68cc933b75bf294b52e684585b473c58d563bf20ff35b233d88d95680a9bc57ca6f58b207395dace1377c6f7590ce3232107cf3aeb794a7de9c7cc2b76eecbe08d1407f9f9dba37f96a4be3457fad6bcd235f0d5aaeb2707e2a71a9676dab254766a637b3f3b917dd4f4c38908f75555dcda01ff871ab704059dbcd81cb2a0d5bc466a602f4116435cbfcd819607a7befb2d137b1db30b27d95c73eb8dcb8ab3e96d553eed867f64c6f4f5dcc406b62e80e956aeb40bae388953b5b6e6d2750adfbe370a16d4309a63b67660f5e3ccc2f23ac2bb7b3e18b17dff952cb996e6a340344534cb6eaee3950ef9c0af159af6f475c487b605f6b9cb4cb7c88319f6bddfceb043bc2ab72a8416f9f4b5713d0ec3bcbb483516b9de3abfff84544abaa6e582632645f37f27690246dc01c42f6130a11a338ffcbaf6ab06ed62d81a17f2ae348dee2d66188e8ded70fcc8ddb07780aa9cfb3caaccdcab10acec0923316653ba60930ce9f4df956780a448f7de65942c2d827561f48a4a561755acc04c1ae6c877847b86ea097f4fa3da7f580eb85371f0bb975fae07534dcad7e8d0a7b6cdcda14aa83a35f2c8f3f8ff3a98d6e56225600dd550752a238b8688ba7258d857dbf3baa9f01a002a5a405b2e024c55ae03953407128c8dd8ae1f1cf74804966250d1e28975fc8a28ff40eaff56c7c5a97697aa8dd33d4afc3904efe7f3ff423ba38049d182dec04427d123983bf9cc571dd85b0559807a333e9b4bff92b0dc0f6868d0693fdcd064a6eb5df26f8a5fc17bab7ea83b7a672b71537e769ba1e0b8c69dd42784d91709f17bb752bd70209711927363ee2e051e4edc5c4eef6b193413d602ba55e61fc33f68f823357c16ca12db6fc8bf2dcd5d3acf8b400e64855b1f5c9118503017f2015d60628ff36d22b5f362fdb5f4d3c13b6b1ac93b389bdc6b7bfa973adf34ac018222d2bf9d79ecce935c35df3218a9e39a6fd9fcfd4d4fd5909f3966ce4a1ee7049f701fd835a259cb8ac550f42fade7325d1dcee8089c0873c4751d55e93d962fa5149f070fc385dbef9584add5d69ceacea67a0ab122fea575310d47f43fe215d8e69e22703b924234457fbb681409deb7f61d46d97a8e27ff2f45e3f430b99f813fcc65a316d213d41e71f14adff9c3a4e4e902ca9416b066ed571f1f6615320284119296667d4e53da2e3e9453c1ba0ec1597b5fff47555eae2b18b21c183381dd7bfe3ed5ef6c0b29743410cfc2b3cd42ddec61a93d39116347e686dfa406c15f6f7f95367552dc9dc356eb1edf74258a8a729191b09420c9064482c1322823e879b2b9367956a8a554178a5558ed8b460415e1245d51a0362aaed7703a87d357a85291797d5816013de118a0264ca15fbc2abefe29ee3701bf6a636f41c1a1b51c874b8a9cc40b142324b927087e0885cc55d4cd64d07429db8766d9cf9c15677d5f7cd682fc7ac5a6376b8fc67ac05b4f767a4c2f4cec346f8fe5c264550cba4262e4dd0fb22f01bbd3cc924fc696d94462c803f8c4ad5a0afc2a4a20e4b2fbbcaebc312bc14e4a1a920b487b0529f67363de39e6b72fd6b8ee72cc24e5523acb15c26dd7925aa82e954be0b76433148e580d973ecfc54b064498c7bb10b62ccd3dbddd44abe15cddbf020823128d6cf150386bd4498a6166da60dc9a96c6d2faab19a33434081ef70b62d19d9e77135392e6dd0c8c10fe8b73eac9ce5100c0c22ae0040fbd2a5f63f7fc123fc5d7d1cc2dbdb0c61e60763145e319fd96bf2143295d64f18cdbfd06932baeda5c8adcfdb863a6f6976b45f367c0bab93b40c81346329350b106435be4214a642f660254caaf42672235e193f046528455ead0237528d417ba124d288f2dccf4c162dba24b0efd40c4374c57950162c1f4eb25e044265ddfe86a21f7d0c2b724ef9b3cf67dd1aae691024b821ed1fd5e53ebc828f39f608c2b0c9f9210f27caadcdb7f8194805085c6c1a09c22d6058048940f7a217edfbb12de374c5124929b50059f3f97c1c48dbb99487bfd25274a25969eff97b6a5ba2823a89ffb2e32969958205e4aaa510892d22327b9277b151f7bf3018278d64917a58522ac43ad8d8b93eebd23c41d4d21107245eac7a0190115475161642303a2ac33cd1c64c29e231139a3e4cb1e092255e24199546dd6fe45048fa6eedd0d9f3cbf5d7dbd29a8447154de047a9ff4f0f720e223546bd237871e54e6341c9a7d2373d2aca07caf25b5a70ae27342b24ecbd1a79bfe7f8e96768f52edc5abc15be85a6100cc19d0da7aa78bb5019b2e440235b96eba82433a57188c734464a76166b882fd9e98782eaf2b3ea34fcebd685f6c1f77d366d1a7971de276719012b4c87d7468c515cc1711e862423577a4686ce933669b45774e5bb23dfbd8ed85cbf5b3ea8735a02c642c19f2ddc1ad6cd9feec8712c75317f8d4233610b871f3634b00b873a9eedf4833fa5b0f29a7961e62abc9cb73febe33b8612c6b0108c92e8dfe2147f2eab2a66e069789cd387c9e04030e3df8ff5965060bd4bd980f4201315cfda46af20c4e1198a77683fb691e9dc83348377b7aa905437fce088a4d2f505b18ee359421ba19434c02970a2b0ae364b9b5c69e135e56f8d0685774df9e4bc264c33ac8dc19736437c684cc432c91dbc231cb754521929dfdbe58625c24975e19dab91eb1b93cbbd32bb5bb86ed52faa"})
11:37:21 executing program 3:
r0 = syz_open_dev$rtc(&(0x7f0000000800), 0x0, 0x0)
ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1f, 0x8, 0xf5})
11:37:21 executing program 2:
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e)
bind$unix(r0, &(0x7f0000000140)=@abs={0x1}, 0x2)
11:37:21 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000580), r0)
sendmsg$IEEE802154_ASSOCIATE_REQ(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x2c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6}, @IEEE802154_ATTR_CHANNEL={0x5}]}, 0x2c}}, 0x0)
11:37:21 executing program 4:
syz_emit_ethernet(0x62, &(0x7f0000000180)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "708329", 0x2c, 0x3c, 0x0, @remote, @mcast2, {[@routing={0x0, 0x2, 0x0, 0x0, 0x0, [@private2]}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
[ 88.044155] audit: type=1400 audit(1756726641.482:7): avc: denied { execmem } for pid=281 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:37:21 executing program 5:
socket$inet6_udplite(0xa, 0x2, 0x88)
11:37:21 executing program 6:
syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={[{@name={'name', 0x3d, 'all'}}, {@name={'name', 0x3d, 'name'}}]})
[ 89.225623] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 89.227558] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 89.229932] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 89.231637] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 89.236634] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 89.238903] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 89.244826] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 89.246036] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 89.250890] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 89.252933] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 89.420052] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 89.436068] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 89.437939] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 89.441575] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 89.444622] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 89.448031] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 89.450090] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 89.451826] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 89.465578] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 89.469779] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 89.473737] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 89.474858] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 89.495619] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 89.497160] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 89.498666] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 89.500791] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 89.510046] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 89.519687] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 89.522633] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 89.524712] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 89.524829] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 89.529596] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 89.533719] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 89.535160] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 89.546675] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 89.548486] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 89.554025] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 89.570992] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 89.573591] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 89.589732] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 91.315681] Bluetooth: hci0: command tx timeout
[ 91.315775] Bluetooth: hci1: command tx timeout
[ 91.508583] Bluetooth: hci2: command tx timeout
[ 91.572863] Bluetooth: hci3: command tx timeout
[ 91.572867] Bluetooth: hci4: command tx timeout
[ 91.635617] Bluetooth: hci7: command tx timeout
[ 91.635737] Bluetooth: hci6: command tx timeout
[ 91.699417] Bluetooth: hci5: command tx timeout
[ 93.363443] Bluetooth: hci0: command tx timeout
[ 93.364755] Bluetooth: hci1: command tx timeout
[ 93.555458] Bluetooth: hci2: command tx timeout
[ 93.619454] Bluetooth: hci4: command tx timeout
[ 93.620459] Bluetooth: hci3: command tx timeout
[ 93.683379] Bluetooth: hci7: command tx timeout
[ 93.684494] Bluetooth: hci6: command tx timeout
[ 93.748393] Bluetooth: hci5: command tx timeout
[ 95.412503] Bluetooth: hci1: command tx timeout
[ 95.412958] Bluetooth: hci0: command tx timeout
[ 95.606169] Bluetooth: hci2: command tx timeout
[ 95.668430] Bluetooth: hci3: command tx timeout
[ 95.668446] Bluetooth: hci4: command tx timeout
[ 95.732399] Bluetooth: hci6: command tx timeout
[ 95.732826] Bluetooth: hci7: command tx timeout
[ 95.798255] Bluetooth: hci5: command tx timeout
[ 97.460380] Bluetooth: hci0: command tx timeout
[ 97.460410] Bluetooth: hci1: command tx timeout
[ 97.652365] Bluetooth: hci2: command tx timeout
[ 97.715486] Bluetooth: hci4: command tx timeout
[ 97.715520] Bluetooth: hci3: command tx timeout
[ 97.780385] Bluetooth: hci7: command tx timeout
[ 97.780910] Bluetooth: hci6: command tx timeout
[ 97.843489] Bluetooth: hci5: command tx timeout
[ 127.584397] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.585051] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 127.835647] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.836254] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.225394] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
11:38:01 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
set_mempolicy(0x5, &(0x7f0000000040)=0x40205, 0x6)
[ 128.354455] audit: type=1400 audit(1756726681.787:8): avc: denied { open } for pid=3799 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 128.363990] audit: type=1400 audit(1756726681.787:9): avc: denied { kernel } for pid=3799 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
11:38:01 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
set_mempolicy(0x5, &(0x7f0000000040)=0x40205, 0x6)
[ 128.527533] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.528141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:38:02 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
set_mempolicy(0x5, &(0x7f0000000040)=0x40205, 0x6)
11:38:02 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
set_mempolicy(0x5, &(0x7f0000000040)=0x40205, 0x6)
[ 128.690551] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.691160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:38:02 executing program 5:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/pm_trace', 0x28001, 0x0)
write$tcp_mem(r0, &(0x7f0000000280), 0x48)
11:38:02 executing program 5:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/pm_trace', 0x28001, 0x0)
write$tcp_mem(r0, &(0x7f0000000280), 0x48)
11:38:02 executing program 5:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/pm_trace', 0x28001, 0x0)
write$tcp_mem(r0, &(0x7f0000000280), 0x48)
[ 128.959669] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.960269] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:38:02 executing program 5:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/pm_trace', 0x28001, 0x0)
write$tcp_mem(r0, &(0x7f0000000280), 0x48)
[ 129.031357] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.031950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.099869] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.100506] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.118911] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.119516] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.233818] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.234459] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.303093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.303732] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.407663] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.408259] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.472919] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.473987] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.554085] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.554715] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.650871] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.651594] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.806678] cgroup: name respecified
[ 130.011490] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 130.012056] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 130.035601] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 130.036150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:38:03 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r2, r0, r1, 0x0)
11:38:03 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200), 0x0, &(0x7f0000000240)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x10001}}]}})
11:38:03 executing program 1:
r0 = getpid()
r1 = getpid()
kcmp(r1, r0, 0x6, 0xffffffffffffffff, 0xffffffffffffffff)
11:38:03 executing program 6:
syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={[{@name={'name', 0x3d, 'all'}}, {@name={'name', 0x3d, 'name'}}]})
11:38:03 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000400)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000fbffffffffff20000000050020000300000009001f"], 0x28}}, 0x0)
11:38:03 executing program 3:
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140))
11:38:03 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x64, 0x0, 0x0, 0x29c}]})
11:38:03 executing program 4:
syz_emit_ethernet(0x62, &(0x7f0000000180)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "708329", 0x2c, 0x3c, 0x0, @remote, @mcast2, {[@routing={0x0, 0x2, 0x0, 0x0, 0x0, [@private2]}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
[ 130.181646] 9pnet_fd: Insufficient options for proto=fd
[ 130.185263] cgroup: name respecified
[ 130.189071] 9pnet_fd: Insufficient options for proto=fd
[ 130.202991] kmemleak: Found object by alias at 0x607f1a636404
[ 130.203013] CPU: 1 UID: 0 PID: 3916 Comm: syz-executor.1 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 130.203032] Tainted: [W]=WARN
[ 130.203036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 130.203044] Call Trace:
[ 130.203048]
[ 130.203053] dump_stack_lvl+0xca/0x120
[ 130.203079] __lookup_object+0x94/0xb0
[ 130.203098] delete_object_full+0x27/0x70
[ 130.203123] free_percpu+0x30/0x1160
[ 130.203141] ? arch_uprobe_clear_state+0x16/0x140
[ 130.203162] futex_hash_free+0x38/0xc0
[ 130.203177] mmput+0x2d3/0x390
[ 130.203196] do_exit+0x79d/0x2970
[ 130.203210] ? signal_wake_up_state+0x85/0x120
[ 130.203227] ? zap_other_threads+0x2b9/0x3a0
[ 130.203243] ? __pfx_do_exit+0x10/0x10
[ 130.203256] ? do_group_exit+0x1c3/0x2a0
[ 130.203270] ? lock_release+0xc8/0x290
[ 130.203292] do_group_exit+0xd3/0x2a0
[ 130.203307] __x64_sys_exit_group+0x3e/0x50
[ 130.203322] x64_sys_call+0x18c5/0x18d0
[ 130.203338] do_syscall_64+0xbf/0x360
[ 130.203352] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 130.203364] RIP: 0033:0x7ff3e8556b19
[ 130.203373] Code: Unable to access opcode bytes at 0x7ff3e8556aef.
[ 130.203378] RSP: 002b:00007ffd9259b3a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 130.203390] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007ff3e8556b19
[ 130.203398] RDX: 00007ff3e850972b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 130.203405] RBP: 0000000000000000 R08: 00007ff3e866e0f8 R09: 0000000000000001
[ 130.203412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 130.203419] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd9259b490
[ 130.203434]
[ 130.203438] kmemleak: Object (percpu) 0x607f1a636400 (size 8):
[ 130.203445] kmemleak: comm "syz-executor.3", pid 291, jiffies 4294796796
[ 130.203452] kmemleak: min_count = 1
[ 130.203456] kmemleak: count = 0
[ 130.203460] kmemleak: flags = 0x21
[ 130.203464] kmemleak: checksum = 0
[ 130.203467] kmemleak: backtrace:
[ 130.203471] pcpu_alloc_noprof+0x87a/0x1170
[ 130.203487] __alloc_workqueue+0x74b/0x1820
[ 130.203505] alloc_workqueue_noprof+0xc7/0x200
[ 130.203515] ieee80211_register_hw+0x1ec5/0x3e00
[ 130.203528] mac80211_hwsim_new_radio+0x2758/0x4ef0
[ 130.203543] hwsim_new_radio_nl+0xb0d/0x1250
[ 130.203555] genl_family_rcv_msg_doit+0x1fe/0x2f0
[ 130.203567] genl_rcv_msg+0x532/0x7e0
[ 130.203577] netlink_rcv_skb+0x147/0x430
[ 130.203594] genl_rcv+0x28/0x40
[ 130.203603] netlink_unicast+0x5a7/0x870
[ 130.203619] netlink_sendmsg+0x8ac/0xd80
[ 130.203635] __sys_sendto+0x506/0x570
[ 130.203651] __x64_sys_sendto+0xe1/0x1c0
[ 130.203665] do_syscall_64+0xbf/0x360
[ 130.203674] entry_SYSCALL_64_after_hwframe+0x77/0x7f
11:38:03 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x64, 0x0, 0x0, 0x29c}]})
11:38:03 executing program 6:
syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={[{@name={'name', 0x3d, 'all'}}, {@name={'name', 0x3d, 'name'}}]})
11:38:03 executing program 4:
syz_emit_ethernet(0x62, &(0x7f0000000180)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "708329", 0x2c, 0x3c, 0x0, @remote, @mcast2, {[@routing={0x0, 0x2, 0x0, 0x0, 0x0, [@private2]}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
11:38:03 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r2, r0, r1, 0x0)
11:38:03 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000400)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000fbffffffffff20000000050020000300000009001f"], 0x28}}, 0x0)
11:38:03 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
[ 130.302608] cgroup: name respecified
11:38:03 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r2, r0, r1, 0x0)
11:38:03 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x64, 0x0, 0x0, 0x29c}]})
11:38:03 executing program 3:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x3}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000540)="ae98d7aa", 0x4}], 0x1}}, {{&(0x7f0000001700)={0xa, 0x4e23, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c, 0x0}}], 0x2, 0x0)
11:38:03 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000400)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000fbffffffffff20000000050020000300000009001f"], 0x28}}, 0x0)
11:38:03 executing program 4:
syz_emit_ethernet(0x62, &(0x7f0000000180)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "708329", 0x2c, 0x3c, 0x0, @remote, @mcast2, {[@routing={0x0, 0x2, 0x0, 0x0, 0x0, [@private2]}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
11:38:03 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r2, r0, r1, 0x0)
11:38:03 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
11:38:03 executing program 6:
syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={[{@name={'name', 0x3d, 'all'}}, {@name={'name', 0x3d, 'name'}}]})
[ 130.422227] cgroup: name respecified
11:38:03 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x64, 0x0, 0x0, 0x29c}]})
11:38:03 executing program 3:
pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000001b80)="68eb", 0x2}], 0x1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff})
splice(r0, 0x0, r2, 0x0, 0x2, 0x0)
11:38:03 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000400)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000fbffffffffff20000000050020000300000009001f"], 0x28}}, 0x0)
11:38:03 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
11:38:03 executing program 6:
pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0)
timerfd_gettime(r0, 0x0)
11:38:03 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r2, r0, r1, 0x0)
11:38:03 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r2, r0, r1, 0x0)
11:38:04 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x1000, 0x1, 0x400, 0x4}, 0x1c)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req={0x0, 0x8}, 0x10)
[ 130.608787] kmemleak: Found object by alias at 0x607f1a636404
[ 130.608807] CPU: 0 UID: 0 PID: 3971 Comm: syz-executor.1 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 130.608826] Tainted: [W]=WARN
[ 130.608830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 130.608838] Call Trace:
[ 130.608842]
[ 130.608847] dump_stack_lvl+0xca/0x120
[ 130.608878] __lookup_object+0x94/0xb0
[ 130.608896] delete_object_full+0x27/0x70
[ 130.608913] free_percpu+0x30/0x1160
[ 130.608931] ? arch_uprobe_clear_state+0x16/0x140
[ 130.608952] futex_hash_free+0x38/0xc0
[ 130.608967] mmput+0x2d3/0x390
[ 130.608987] do_exit+0x79d/0x2970
[ 130.609005] ? __pfx_do_exit+0x10/0x10
[ 130.609019] ? find_held_lock+0x2b/0x80
[ 130.609038] ? get_signal+0x835/0x2340
[ 130.609058] do_group_exit+0xd3/0x2a0
[ 130.609074] get_signal+0x2315/0x2340
[ 130.609091] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 130.609110] ? __pfx_get_signal+0x10/0x10
[ 130.609126] ? __schedule+0xe91/0x3590
[ 130.609148] arch_do_signal_or_restart+0x80/0x790
[ 130.609166] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 130.609183] ? __x64_sys_futex+0x1c9/0x4d0
[ 130.609195] ? __x64_sys_futex+0x1d2/0x4d0
[ 130.609211] ? __pfx___x64_sys_futex+0x10/0x10
[ 130.609225] ? xfd_validate_state+0x55/0x180
[ 130.609246] exit_to_user_mode_loop+0x8b/0x110
[ 130.609260] do_syscall_64+0x2f7/0x360
[ 130.609273] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 130.609286] RIP: 0033:0x7ff3e8556b19
[ 130.609295] Code: Unable to access opcode bytes at 0x7ff3e8556aef.
[ 130.609301] RSP: 002b:00007ff3e5acc218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 130.609317] RAX: 0000000000000001 RBX: 00007ff3e8669f68 RCX: 00007ff3e8556b19
[ 130.609324] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff3e8669f6c
[ 130.609332] RBP: 00007ff3e8669f60 R08: 000000000000000e R09: 0000000000000000
[ 130.609339] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff3e8669f6c
[ 130.609349] R13: 00007ffd9259b17f R14: 00007ff3e5acc300 R15: 0000000000022000
[ 130.609366]
[ 130.609370] kmemleak: Object (percpu) 0x607f1a636400 (size 8):
[ 130.609377] kmemleak: comm "syz-executor.2", pid 3974, jiffies 4294797418
[ 130.609385] kmemleak: min_count = 1
[ 130.609389] kmemleak: count = 0
[ 130.609392] kmemleak: flags = 0x21
[ 130.609396] kmemleak: checksum = 0
[ 130.609400] kmemleak: backtrace:
[ 130.609404] pcpu_alloc_noprof+0x87a/0x1170
[ 130.609419] perf_trace_event_init+0x366/0xa10
[ 130.609433] perf_trace_init+0x1a4/0x2f0
[ 130.609446] perf_tp_event_init+0xa6/0x120
[ 130.609462] perf_try_init_event+0x140/0x9f0
[ 130.609476] perf_event_alloc.part.0+0x118e/0x45f0
[ 130.609493] __do_sys_perf_event_open+0x719/0x2c20
[ 130.609506] do_syscall_64+0xbf/0x360
[ 130.609516] entry_SYSCALL_64_after_hwframe+0x77/0x7f
11:38:04 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
ioctl$CDROM_SEND_PACKET(r0, 0x5393, &(0x7f0000000340)={"9aa04bb5181700d0f7d4c0ae", &(0x7f0000000240)='`', 0x20000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0})
11:38:04 executing program 3:
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
unlink(&(0x7f0000000040)='./file0\x00')
[ 130.654761] kmemleak: Cannot insert 0x607f1a636404 into the object search tree (overlaps existing)
[ 130.654786] CPU: 1 UID: 0 PID: 3977 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 130.654812] Tainted: [W]=WARN
[ 130.654818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 130.654827] Call Trace:
[ 130.654833]
[ 130.654840] dump_stack_lvl+0xca/0x120
[ 130.654873] __link_object+0x190/0x210
[ 130.654899] __create_object+0x48/0x80
[ 130.654924] pcpu_alloc_noprof+0x87a/0x1170
[ 130.654958] packet_create+0x1f1/0x8d0
[ 130.654988] __sock_create+0x369/0x810
[ 130.655014] __sys_socket+0x145/0x260
[ 130.655034] ? __pfx___sys_socket+0x10/0x10
[ 130.655055] ? xfd_validate_state+0x55/0x180
[ 130.655093] __x64_sys_socket+0x73/0xb0
[ 130.655122] do_syscall_64+0xbf/0x360
[ 130.655139] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 130.655156] RIP: 0033:0x7f08c03ddb19
[ 130.655169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 130.655185] RSP: 002b:00007f08bd953188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 130.655201] RAX: ffffffffffffffda RBX: 00007f08c04f0f60 RCX: 00007f08c03ddb19
[ 130.655213] RDX: 0000000000000300 RSI: 0000000000000002 RDI: 0000000000000011
[ 130.655222] RBP: 00007f08c0437f6d R08: 0000000000000000 R09: 0000000000000000
[ 130.655232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 130.655242] R13: 00007ffee8dda0df R14: 00007f08bd953300 R15: 0000000000022000
[ 130.655264]
[ 130.655759] kmemleak: Kernel memory leak detector disabled
[ 130.655764] kmemleak: Object (percpu) 0x607f1a636400 (size 8):
[ 130.655774] kmemleak: comm "syz-executor.2", pid 3974, jiffies 4294797418
[ 130.655784] kmemleak: min_count = 1
[ 130.655790] kmemleak: count = 0
[ 130.655795] kmemleak: flags = 0x21
[ 130.655800] kmemleak: checksum = 0
[ 130.655805] kmemleak: backtrace:
[ 130.655810] pcpu_alloc_noprof+0x87a/0x1170
[ 130.655833] perf_trace_event_init+0x366/0xa10
[ 130.655853] perf_trace_init+0x1a4/0x2f0
[ 130.655870] perf_tp_event_init+0xa6/0x120
[ 130.655893] perf_try_init_event+0x140/0x9f0
[ 130.655913] perf_event_alloc.part.0+0x118e/0x45f0
[ 130.655937] __do_sys_perf_event_open+0x719/0x2c20
[ 130.655955] do_syscall_64+0xbf/0x360
[ 130.655969] entry_SYSCALL_64_after_hwframe+0x77/0x7f
11:38:04 executing program 6:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r0, &(0x7f0000000000)=ANY=[], 0x6)
11:38:04 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
ioctl$CDROMPAUSE(r0, 0x5301)
11:38:04 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_NILFS_WITHOUT_PARENT={0x20}, 0x0)
11:38:04 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
11:38:04 executing program 0:
modify_ldt$write2(0x11, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x10)
11:38:04 executing program 6:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
ioctl$CDROMPAUSE(r0, 0x5301)
11:38:04 executing program 2:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x0)
11:38:04 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/route\x00')
fcntl$setlease(r0, 0x400, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
11:38:04 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_NILFS_WITHOUT_PARENT={0x20}, 0x0)
11:38:04 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_NILFS_WITHOUT_PARENT={0x20}, 0x0)
11:38:04 executing program 0:
modify_ldt$write2(0x11, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x10)
11:38:04 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
ioctl$CDROMPAUSE(r0, 0x5301)
11:38:04 executing program 5:
prctl$PR_SET_PDEATHSIG(0x1, 0x41)
11:38:04 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_NILFS_WITHOUT_PARENT={0x20}, 0x0)
11:38:04 executing program 0:
modify_ldt$write2(0x11, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x10)
11:38:04 executing program 5:
prctl$PR_SET_PDEATHSIG(0x1, 0x41)
11:38:04 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_NILFS_WITHOUT_PARENT={0x20}, 0x0)
11:38:04 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/route\x00')
fcntl$setlease(r0, 0x400, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
11:38:04 executing program 6:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
ioctl$CDROMPAUSE(r0, 0x5301)
11:38:04 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_NILFS_WITHOUT_PARENT={0x20}, 0x0)
11:38:04 executing program 2:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip_mr_vif\x00')
pread64(r0, &(0x7f0000000240)=""/217, 0xd9, 0x1)
11:38:04 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
ioctl$CDROMPAUSE(r0, 0x5301)
11:38:04 executing program 0:
modify_ldt$write2(0x11, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x10)
11:38:04 executing program 5:
prctl$PR_SET_PDEATHSIG(0x1, 0x41)
11:38:04 executing program 6:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
ioctl$CDROMPAUSE(r0, 0x5301)
11:38:04 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_NILFS_WITHOUT_PARENT={0x20}, 0x0)
11:38:04 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/route\x00')
fcntl$setlease(r0, 0x400, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
11:38:04 executing program 4:
r0 = perf_event_open(&(0x7f0000000600)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYRESDEC=r0, @ANYRES32, @ANYBLOB="24b67fd401737e49c7087b05246926ef53da6d84022cbed5bd7e4fe4cbcb828e69e8078757fc130ed7ec3e60533f0b2fab1845e59c7915c6536267fee48312abf65a6e4766a2ca73288a9961b291a3f83df20529d39f1949b3ba2661ee1dc0c31e843c765feec90c533df667166c48ada8136425194d827a2c040acfa1857252395c91faf122a406b3a8bc03bdc9df1238e2329559f520edb35b60ecaec967a9074f90555b743440d8bc1f2225ac182150dd56f3c4aaa46a99c544e6dd2bfa25cb3f42c775c6e0853dc18c894e2b0b87e3bdd0a9ddb17369f680ce649c78b800d7c02e7e10e4bc17b943e138"], 0x11)
perf_event_open(&(0x7f0000000600)={0x0, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x102, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fork()
11:38:04 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@polexpire={0xc0, 0x13, 0x3, 0x0, 0x0, {{{@in=@loopback, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}}, 0xc0}}, 0x0)
11:38:04 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
ioctl$CDROMPAUSE(r0, 0x5301)
11:38:04 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fallocate(0xffffffffffffffff, 0x40, 0x0, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSETLED(r0, 0x5600, 0xf0ff1f00000000)
11:38:04 executing program 5:
prctl$PR_SET_PDEATHSIG(0x1, 0x41)
[ 131.295070] audit: type=1400 audit(1756726684.731:10): avc: denied { write } for pid=4039 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
11:38:04 executing program 6:
set_mempolicy(0x1, 0x0, 0x0)
[ 131.347390] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 131.354026] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI
[ 131.355635] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 131.356868] CPU: 0 UID: 0 PID: 4046 Comm: syz-executor.1 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 131.356902] Tainted: [W]=WARN
[ 131.356910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 131.356923] RIP: 0010:perf_tp_event+0x175/0xe70
[ 131.356961] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 131.356982] RSP: 0018:ffff888015d0f780 EFLAGS: 00010012
[ 131.357001] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 131.357016] RDX: ffff88801c15d280 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 131.357031] RBP: ffff888015d0f9f0 R08: ffff88806ce31340 R09: ffffe8ffffc0e400
[ 131.357045] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 131.357059] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 131.357076] FS: 000055558a29e400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 131.357098] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 131.357112] CR2: 0000001b2d524000 CR3: 000000004585c000 CR4: 0000000000350ef0
[ 131.357127] Call Trace:
[ 131.357134]
[ 131.357141] ? __ext4_journal_stop+0xe2/0x1f0
[ 131.357168] ? ext4_dirty_inode+0xf1/0x130
[ 131.357195] ? __mark_inode_dirty+0x1b7/0xd00
[ 131.357223] ? do_user_addr_fault+0x4fa/0xeb0
[ 131.357252] ? __pfx_perf_tp_event+0x10/0x10
[ 131.357282] ? __lock_acquire+0xc65/0x1b70
[ 131.357311] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 131.357338] ? __lock_acquire+0x694/0x1b70
[ 131.357365] ? css_rstat_updated+0x1b8/0x4d0
[ 131.357397] ? __pfx_css_rstat_updated+0x10/0x10
[ 131.357427] ? lock_is_held_type+0x9e/0x120
[ 131.357461] ? trace_pelt_se_tp+0xdf/0x130
[ 131.357485] ? perf_trace_run_bpf_submit+0xef/0x180
[ 131.357515] ? lock_is_held_type+0x9e/0x120
[ 131.357546] perf_trace_run_bpf_submit+0xef/0x180
[ 131.357579] perf_trace_preemptirq_template+0x259/0x430
[ 131.357604] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 131.357627] ? lock_is_held_type+0x9e/0x120
[ 131.357659] ? find_held_lock+0x2b/0x80
[ 131.357691] ? try_to_wake_up+0x8ae/0x11d0
[ 131.357723] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 131.357753] trace_irq_enable.constprop.0+0xa6/0x100
[ 131.357776] trace_hardirqs_on+0x26/0x40
[ 131.357796] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 131.357826] try_to_wake_up+0x8ae/0x11d0
[ 131.357858] ? __pfx_try_to_wake_up+0x10/0x10
[ 131.357888] ? plist_del+0x122/0x270
[ 131.357916] ? find_held_lock+0x2b/0x80
[ 131.357947] ? futex_wake+0x474/0x540
[ 131.357977] wake_up_q+0xa1/0x130
[ 131.358008] futex_wake+0x47e/0x540
[ 131.358037] ? __pfx_futex_wake+0x10/0x10
[ 131.358065] ? __handle_mm_fault+0x753/0x3260
[ 131.358099] ? __lock_acquire+0x694/0x1b70
[ 131.358126] do_futex+0x26d/0x370
[ 131.358151] ? __pfx_do_futex+0x10/0x10
[ 131.358175] ? find_held_lock+0x2b/0x80
[ 131.358209] __x64_sys_futex+0x1c9/0x4d0
[ 131.358234] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 131.358258] ? __pfx___x64_sys_futex+0x10/0x10
[ 131.358288] do_syscall_64+0xbf/0x360
[ 131.358309] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 131.358332] RIP: 0033:0x7ff3e8556b19
[ 131.358348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 131.358368] RSP: 002b:00007ffd9259b1f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 131.358389] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff3e8556b19
[ 131.358403] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff3e8669f68
[ 131.358417] RBP: 00007ff3e8669f60 R08: 00007ff3e86660a0 R09: 0000000000000000
[ 131.358431] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff3e866e0f0
[ 131.358444] R13: 00007ffd9259b300 R14: 00007ff3e8669f60 R15: 000000000002009f
[ 131.358465]
[ 131.358472] Modules linked in:
[ 131.358485] ---[ end trace 0000000000000000 ]---
[ 131.358495] RIP: 0010:perf_tp_event+0x175/0xe70
[ 131.358525] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 131.358545] RSP: 0018:ffff888015d0f780 EFLAGS: 00010012
[ 131.358562] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 131.358575] RDX: ffff88801c15d280 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 131.358590] RBP: ffff888015d0f9f0 R08: ffff88806ce31340 R09: ffffe8ffffc0e400
[ 131.358604] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 131.358618] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 131.358636] FS: 000055558a29e400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 131.358656] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 131.358670] CR2: 0000001b2d524000 CR3: 000000004585c000 CR4: 0000000000350ef0
[ 131.358686] note: syz-executor.1[4046] exited with irqs disabled
[ 131.358771] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI
[ 131.358799] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 131.358823] CPU: 0 UID: 0 PID: 4046 Comm: syz-executor.1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 131.358865] Tainted: [D]=DIE, [W]=WARN
[ 131.358874] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 131.358887] RIP: 0010:perf_tp_event+0x175/0xe70
[ 131.358922] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 131.358944] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012
[ 131.358964] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 131.358979] RDX: ffff88801c15d280 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 131.358995] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc0e400
[ 131.359011] R10: 0000000000000000 R11: ffff88801804ec98 R12: dffffc0000000000
[ 131.359026] R13: 0000000000000014 R14: ffff88806ce313e8 R15: dffffc0000000000
[ 131.359044] FS: 000055558a29e400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 131.359066] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 131.359081] CR2: 0000001b2d524000 CR3: 000000004585c000 CR4: 0000000000350ef0
[ 131.359096] Call Trace:
[ 131.359103]
[ 131.359116] ? __pfx_perf_tp_event+0x10/0x10
[ 131.359162] ? enqueue_task_fair+0xded/0x1e00
[ 131.359191] ? check_preempt_wakeup_fair+0x6e/0x950
[ 131.359220] ? wakeup_preempt+0x140/0x2a0
[ 131.359243] ? lock_release+0x1c7/0x290
[ 131.359268] ? lock_release+0x1c7/0x290
[ 131.359294] ? do_raw_spin_unlock+0x53/0x220
[ 131.359332] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 131.359365] ? try_to_wake_up+0x8ae/0x11d0
[ 131.359399] ? do_raw_spin_lock+0x123/0x260
[ 131.359430] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 131.359464] ? perf_trace_run_bpf_submit+0xef/0x180
[ 131.359497] perf_trace_run_bpf_submit+0xef/0x180
[ 131.359533] perf_trace_preemptirq_template+0x259/0x430
[ 131.359557] ? read_tsc+0x9/0x20
[ 131.359587] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 131.359612] ? clockevents_program_event+0x135/0x360
[ 131.359644] ? tick_program_event+0xac/0x140
[ 131.359668] ? handle_softirqs+0x16e/0x770
[ 131.359703] trace_irq_enable.constprop.0+0xa6/0x100
[ 131.359728] trace_hardirqs_on+0x26/0x40
[ 131.359749] handle_softirqs+0x16e/0x770
[ 131.359788] __irq_exit_rcu+0xc4/0x100
[ 131.359823] irq_exit_rcu+0x9/0x20
[ 131.359843] sysvec_apic_timer_interrupt+0x70/0x80
[ 131.359877]
[ 131.359884]
[ 131.359892] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 131.359917] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 131.359946] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de
[ 131.359968] RSP: 0018:ffff888015d0ff28 EFLAGS: 00000246
[ 131.359986] RAX: 0000000000000001 RBX: ffff88801c15d280 RCX: ffffffff817c3ab6
[ 131.360002] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 131.360016] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 131.360030] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff88801c15d280
[ 131.360045] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000
[ 131.360063] ? trace_irq_enable.constprop.0+0x26/0x100
[ 131.360088] ? make_task_dead+0x214/0x3b0
[ 131.360118] ? make_task_dead+0x214/0x3b0
[ 131.360144] ? do_syscall_64+0xbf/0x360
[ 131.360167] rewind_stack_and_make_dead+0x16/0x20
[ 131.360199] RIP: 0033:0x7ff3e8556b19
[ 131.360215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 131.360237] RSP: 002b:00007ffd9259b1f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 131.360259] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff3e8556b19
[ 131.360274] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff3e8669f68
[ 131.360289] RBP: 00007ff3e8669f60 R08: 00007ff3e86660a0 R09: 0000000000000000
[ 131.360304] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff3e866e0f0
[ 131.360320] R13: 00007ffd9259b300 R14: 00007ff3e8669f60 R15: 000000000002009f
[ 131.360344]
[ 131.360352] Modules linked in:
[ 131.360366] ---[ end trace 0000000000000000 ]---
[ 131.360376] RIP: 0010:perf_tp_event+0x175/0xe70
[ 131.360408] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 131.360429] RSP: 0018:ffff888015d0f780 EFLAGS: 00010012
[ 131.360447] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 131.360462] RDX: ffff88801c15d280 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 131.360477] RBP: ffff888015d0f9f0 R08: ffff88806ce31340 R09: ffffe8ffffc0e400
[ 131.360493] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 131.360507] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 131.360525] FS: 000055558a29e400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 131.360547] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 131.360701] CR2: 0000001b2d524000 CR3: 000000004585c000 CR4: 0000000000350ef0
[ 131.360719] Kernel panic - not syncing: Fatal exception in interrupt
[ 131.361011] Kernel Offset: disabled
[ 131.497905] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
11:38:04 Registers:
info registers vcpu 0
RAX=0000000000000007 RBX=00000000ffffffff RCX=ffffffff84b82a19 RDX=ffff88801c15d280
RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000030 RSP=ffff88806ce08468
R8 =0000000000000007 R9 =ffffed100d9c10f8 R10=00000000ffffffff R11=0000000080050033
R12=ffff88806ce087e9 R13=0000000000000008 R14=ffff88806ce087c8 R15=ffff88806ce087e1
RIP=ffffffff84b82a22 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 000055558a29e400 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe1600000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2d524000 CR3=000000004585c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00ff0000000000000000000000000000 XMM01=0001ff00000000000000000000000000
XMM02=7463656a6e695f31313230385f7a7973 XMM03=00007ff3e863d7c800007ff3e863d7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000080010000 RBX=0000000000000000 RCX=ffffffff812c6331 RDX=ffff888046331b80
RSI=ffffffff812c6379 RDI=ffffffff8787dd20 RBP=0000000000000001 RSP=ffff88806cf08fd0
R8 =0000000000000001 R9 =fffffbfff0f0fba4 R10=ffffffff8787dd27 R11=ffff88806cf08ff8
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff812c637a RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007ff50a75d700 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe4300000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff50a75cd58 CR3=000000000f86b000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000