Warning: Permanently added '[localhost]:55548' (ECDSA) to the list of known hosts.
2025/09/01 11:45:21 fuzzer started
2025/09/01 11:45:22 dialing manager at localhost:35473
syzkaller login: [   59.314094] cgroup: Unknown subsys name 'net'
[   59.448434] cgroup: Unknown subsys name 'cpuset'
[   59.459389] cgroup: Unknown subsys name 'rlimit'
2025/09/01 11:45:32 syscalls: 2214
2025/09/01 11:45:32 code coverage: enabled
2025/09/01 11:45:32 comparison tracing: enabled
2025/09/01 11:45:32 extra coverage: enabled
2025/09/01 11:45:32 setuid sandbox: enabled
2025/09/01 11:45:32 namespace sandbox: enabled
2025/09/01 11:45:32 Android sandbox: enabled
2025/09/01 11:45:32 fault injection: enabled
2025/09/01 11:45:32 leak checking: enabled
2025/09/01 11:45:32 net packet injection: enabled
2025/09/01 11:45:32 net device setup: enabled
2025/09/01 11:45:32 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 11:45:32 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 11:45:32 USB emulation: enabled
2025/09/01 11:45:32 hci packet injection: enabled
2025/09/01 11:45:32 wifi device emulation: enabled
2025/09/01 11:45:32 802.15.4 emulation: enabled
2025/09/01 11:45:33 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 11:45:33 fetching corpus: 50, signal 26568/30027 (executing program)
2025/09/01 11:45:33 fetching corpus: 100, signal 36710/41581 (executing program)
2025/09/01 11:45:33 fetching corpus: 150, signal 45055/51128 (executing program)
2025/09/01 11:45:33 fetching corpus: 200, signal 50473/57829 (executing program)
2025/09/01 11:45:33 fetching corpus: 250, signal 54273/62872 (executing program)
2025/09/01 11:45:33 fetching corpus: 300, signal 57470/67252 (executing program)
2025/09/01 11:45:33 fetching corpus: 350, signal 63225/73992 (executing program)
2025/09/01 11:45:33 fetching corpus: 400, signal 67321/79072 (executing program)
2025/09/01 11:45:33 fetching corpus: 450, signal 70104/82911 (executing program)
2025/09/01 11:45:34 fetching corpus: 500, signal 72953/86720 (executing program)
2025/09/01 11:45:34 fetching corpus: 550, signal 75956/90602 (executing program)
2025/09/01 11:45:34 fetching corpus: 600, signal 78622/94128 (executing program)
2025/09/01 11:45:34 fetching corpus: 650, signal 80308/96735 (executing program)
2025/09/01 11:45:34 fetching corpus: 700, signal 82857/100053 (executing program)
2025/09/01 11:45:34 fetching corpus: 750, signal 85682/103573 (executing program)
2025/09/01 11:45:34 fetching corpus: 800, signal 87245/105945 (executing program)
2025/09/01 11:45:34 fetching corpus: 850, signal 88960/108470 (executing program)
2025/09/01 11:45:34 fetching corpus: 900, signal 91320/111429 (executing program)
2025/09/01 11:45:34 fetching corpus: 950, signal 94763/115129 (executing program)
2025/09/01 11:45:34 fetching corpus: 1000, signal 96333/117343 (executing program)
2025/09/01 11:45:35 fetching corpus: 1050, signal 98100/119681 (executing program)
2025/09/01 11:45:35 fetching corpus: 1100, signal 99814/121913 (executing program)
2025/09/01 11:45:35 fetching corpus: 1150, signal 101583/124216 (executing program)
2025/09/01 11:45:35 fetching corpus: 1200, signal 102409/125769 (executing program)
2025/09/01 11:45:35 fetching corpus: 1250, signal 104056/127871 (executing program)
2025/09/01 11:45:35 fetching corpus: 1300, signal 105828/130107 (executing program)
2025/09/01 11:45:35 fetching corpus: 1350, signal 108895/133248 (executing program)
2025/09/01 11:45:35 fetching corpus: 1400, signal 111734/136110 (executing program)
2025/09/01 11:45:35 fetching corpus: 1450, signal 113381/138178 (executing program)
2025/09/01 11:45:35 fetching corpus: 1500, signal 114623/139784 (executing program)
2025/09/01 11:45:36 fetching corpus: 1550, signal 115707/141323 (executing program)
2025/09/01 11:45:36 fetching corpus: 1600, signal 116781/142828 (executing program)
2025/09/01 11:45:36 fetching corpus: 1650, signal 117578/144103 (executing program)
2025/09/01 11:45:36 fetching corpus: 1700, signal 118850/145712 (executing program)
2025/09/01 11:45:36 fetching corpus: 1750, signal 119899/147159 (executing program)
2025/09/01 11:45:36 fetching corpus: 1800, signal 121231/148806 (executing program)
2025/09/01 11:45:36 fetching corpus: 1850, signal 121956/150006 (executing program)
2025/09/01 11:45:36 fetching corpus: 1900, signal 123153/151455 (executing program)
2025/09/01 11:45:36 fetching corpus: 1950, signal 124114/152754 (executing program)
2025/09/01 11:45:36 fetching corpus: 2000, signal 125034/154060 (executing program)
2025/09/01 11:45:36 fetching corpus: 2050, signal 126132/155367 (executing program)
2025/09/01 11:45:37 fetching corpus: 2100, signal 127133/156597 (executing program)
2025/09/01 11:45:37 fetching corpus: 2150, signal 128362/158016 (executing program)
2025/09/01 11:45:37 fetching corpus: 2200, signal 129039/159052 (executing program)
2025/09/01 11:45:37 fetching corpus: 2250, signal 129873/160103 (executing program)
2025/09/01 11:45:37 fetching corpus: 2300, signal 130612/161121 (executing program)
2025/09/01 11:45:37 fetching corpus: 2350, signal 131469/162229 (executing program)
2025/09/01 11:45:37 fetching corpus: 2400, signal 132284/163263 (executing program)
2025/09/01 11:45:37 fetching corpus: 2450, signal 133144/164288 (executing program)
2025/09/01 11:45:37 fetching corpus: 2500, signal 133919/165296 (executing program)
2025/09/01 11:45:37 fetching corpus: 2550, signal 134569/166266 (executing program)
2025/09/01 11:45:38 fetching corpus: 2600, signal 135200/167142 (executing program)
2025/09/01 11:45:38 fetching corpus: 2650, signal 136417/168302 (executing program)
2025/09/01 11:45:38 fetching corpus: 2700, signal 136945/169177 (executing program)
2025/09/01 11:45:38 fetching corpus: 2750, signal 137817/170126 (executing program)
2025/09/01 11:45:38 fetching corpus: 2800, signal 138621/171021 (executing program)
2025/09/01 11:45:38 fetching corpus: 2850, signal 139448/171903 (executing program)
2025/09/01 11:45:38 fetching corpus: 2900, signal 140028/172696 (executing program)
2025/09/01 11:45:38 fetching corpus: 2950, signal 140748/173579 (executing program)
2025/09/01 11:45:38 fetching corpus: 3000, signal 141633/174419 (executing program)
2025/09/01 11:45:38 fetching corpus: 3050, signal 142368/175231 (executing program)
2025/09/01 11:45:39 fetching corpus: 3100, signal 143155/176029 (executing program)
2025/09/01 11:45:39 fetching corpus: 3150, signal 143795/176779 (executing program)
2025/09/01 11:45:39 fetching corpus: 3200, signal 144260/177460 (executing program)
2025/09/01 11:45:39 fetching corpus: 3250, signal 144849/178151 (executing program)
2025/09/01 11:45:39 fetching corpus: 3300, signal 145600/178931 (executing program)
2025/09/01 11:45:39 fetching corpus: 3350, signal 146253/179591 (executing program)
2025/09/01 11:45:39 fetching corpus: 3400, signal 146641/180183 (executing program)
2025/09/01 11:45:39 fetching corpus: 3450, signal 147321/180900 (executing program)
2025/09/01 11:45:39 fetching corpus: 3500, signal 147891/181496 (executing program)
2025/09/01 11:45:39 fetching corpus: 3550, signal 148540/182142 (executing program)
2025/09/01 11:45:39 fetching corpus: 3600, signal 149071/182755 (executing program)
2025/09/01 11:45:39 fetching corpus: 3650, signal 150039/183507 (executing program)
2025/09/01 11:45:39 fetching corpus: 3700, signal 150784/184120 (executing program)
2025/09/01 11:45:40 fetching corpus: 3750, signal 151222/184680 (executing program)
2025/09/01 11:45:40 fetching corpus: 3800, signal 151941/185367 (executing program)
2025/09/01 11:45:40 fetching corpus: 3850, signal 152585/185903 (executing program)
2025/09/01 11:45:40 fetching corpus: 3900, signal 153097/186420 (executing program)
2025/09/01 11:45:40 fetching corpus: 3950, signal 153645/186978 (executing program)
2025/09/01 11:45:40 fetching corpus: 4000, signal 154167/187470 (executing program)
2025/09/01 11:45:40 fetching corpus: 4050, signal 154728/187954 (executing program)
2025/09/01 11:45:40 fetching corpus: 4100, signal 155216/188402 (executing program)
2025/09/01 11:45:40 fetching corpus: 4150, signal 155694/188932 (executing program)
2025/09/01 11:45:40 fetching corpus: 4200, signal 156124/189390 (executing program)
2025/09/01 11:45:40 fetching corpus: 4250, signal 156603/189832 (executing program)
2025/09/01 11:45:40 fetching corpus: 4300, signal 157098/190359 (executing program)
2025/09/01 11:45:40 fetching corpus: 4350, signal 157551/190776 (executing program)
2025/09/01 11:45:41 fetching corpus: 4400, signal 157910/191198 (executing program)
2025/09/01 11:45:41 fetching corpus: 4450, signal 158536/191601 (executing program)
2025/09/01 11:45:41 fetching corpus: 4500, signal 159052/192001 (executing program)
2025/09/01 11:45:41 fetching corpus: 4550, signal 159487/192387 (executing program)
2025/09/01 11:45:41 fetching corpus: 4600, signal 159886/192763 (executing program)
2025/09/01 11:45:41 fetching corpus: 4650, signal 160281/193127 (executing program)
2025/09/01 11:45:41 fetching corpus: 4700, signal 160611/193474 (executing program)
2025/09/01 11:45:41 fetching corpus: 4750, signal 160981/193627 (executing program)
2025/09/01 11:45:41 fetching corpus: 4800, signal 161390/193631 (executing program)
2025/09/01 11:45:41 fetching corpus: 4850, signal 161817/193637 (executing program)
2025/09/01 11:45:41 fetching corpus: 4900, signal 162143/193638 (executing program)
2025/09/01 11:45:41 fetching corpus: 4950, signal 162705/193703 (executing program)
2025/09/01 11:45:42 fetching corpus: 5000, signal 163140/193705 (executing program)
2025/09/01 11:45:42 fetching corpus: 5050, signal 163761/193788 (executing program)
2025/09/01 11:45:42 fetching corpus: 5100, signal 164253/193816 (executing program)
2025/09/01 11:45:42 fetching corpus: 5150, signal 164710/193880 (executing program)
2025/09/01 11:45:42 fetching corpus: 5200, signal 165030/193894 (executing program)
2025/09/01 11:45:42 fetching corpus: 5250, signal 165306/193900 (executing program)
2025/09/01 11:45:42 fetching corpus: 5300, signal 165762/193915 (executing program)
2025/09/01 11:45:42 fetching corpus: 5350, signal 166109/193938 (executing program)
2025/09/01 11:45:42 fetching corpus: 5400, signal 166340/193960 (executing program)
2025/09/01 11:45:42 fetching corpus: 5450, signal 166693/193964 (executing program)
2025/09/01 11:45:42 fetching corpus: 5500, signal 167080/193969 (executing program)
2025/09/01 11:45:42 fetching corpus: 5550, signal 167557/193999 (executing program)
2025/09/01 11:45:42 fetching corpus: 5600, signal 168058/194019 (executing program)
2025/09/01 11:45:43 fetching corpus: 5650, signal 168493/194031 (executing program)
2025/09/01 11:45:43 fetching corpus: 5700, signal 168893/194048 (executing program)
2025/09/01 11:45:43 fetching corpus: 5750, signal 169309/194058 (executing program)
2025/09/01 11:45:43 fetching corpus: 5800, signal 169678/194059 (executing program)
2025/09/01 11:45:43 fetching corpus: 5850, signal 170179/194086 (executing program)
2025/09/01 11:45:43 fetching corpus: 5900, signal 170675/194089 (executing program)
2025/09/01 11:45:43 fetching corpus: 5950, signal 171118/194096 (executing program)
2025/09/01 11:45:43 fetching corpus: 6000, signal 171485/194096 (executing program)
2025/09/01 11:45:43 fetching corpus: 6050, signal 171777/194096 (executing program)
2025/09/01 11:45:43 fetching corpus: 6100, signal 172149/194097 (executing program)
2025/09/01 11:45:43 fetching corpus: 6150, signal 172499/194098 (executing program)
2025/09/01 11:45:43 fetching corpus: 6200, signal 172772/194099 (executing program)
2025/09/01 11:45:44 fetching corpus: 6250, signal 173309/194111 (executing program)
2025/09/01 11:45:44 fetching corpus: 6300, signal 173794/194118 (executing program)
2025/09/01 11:45:44 fetching corpus: 6350, signal 174069/194140 (executing program)
2025/09/01 11:45:44 fetching corpus: 6400, signal 174464/194146 (executing program)
2025/09/01 11:45:44 fetching corpus: 6450, signal 174789/194147 (executing program)
2025/09/01 11:45:44 fetching corpus: 6500, signal 175104/194148 (executing program)
2025/09/01 11:45:44 fetching corpus: 6550, signal 175465/194185 (executing program)
2025/09/01 11:45:44 fetching corpus: 6600, signal 175721/194195 (executing program)
2025/09/01 11:45:44 fetching corpus: 6650, signal 176031/194199 (executing program)
2025/09/01 11:45:44 fetching corpus: 6700, signal 176471/194204 (executing program)
2025/09/01 11:45:44 fetching corpus: 6750, signal 176788/194212 (executing program)
2025/09/01 11:45:44 fetching corpus: 6800, signal 176975/194229 (executing program)
2025/09/01 11:45:45 fetching corpus: 6850, signal 177255/194230 (executing program)
2025/09/01 11:45:45 fetching corpus: 6900, signal 177620/194237 (executing program)
2025/09/01 11:45:45 fetching corpus: 6950, signal 178132/194262 (executing program)
2025/09/01 11:45:45 fetching corpus: 7000, signal 178592/194268 (executing program)
2025/09/01 11:45:45 fetching corpus: 7050, signal 178886/194276 (executing program)
2025/09/01 11:45:45 fetching corpus: 7100, signal 179214/194286 (executing program)
2025/09/01 11:45:45 fetching corpus: 7150, signal 179497/194293 (executing program)
2025/09/01 11:45:45 fetching corpus: 7200, signal 179666/194295 (executing program)
2025/09/01 11:45:45 fetching corpus: 7250, signal 179957/194296 (executing program)
2025/09/01 11:45:45 fetching corpus: 7300, signal 180756/194323 (executing program)
2025/09/01 11:45:45 fetching corpus: 7350, signal 181116/194344 (executing program)
2025/09/01 11:45:45 fetching corpus: 7400, signal 181431/194350 (executing program)
2025/09/01 11:45:46 fetching corpus: 7450, signal 182016/194370 (executing program)
2025/09/01 11:45:46 fetching corpus: 7500, signal 182525/194371 (executing program)
2025/09/01 11:45:46 fetching corpus: 7550, signal 182892/194372 (executing program)
2025/09/01 11:45:46 fetching corpus: 7600, signal 183155/194374 (executing program)
2025/09/01 11:45:46 fetching corpus: 7650, signal 183472/194374 (executing program)
2025/09/01 11:45:46 fetching corpus: 7700, signal 183653/194376 (executing program)
2025/09/01 11:45:46 fetching corpus: 7750, signal 184126/194379 (executing program)
2025/09/01 11:45:46 fetching corpus: 7800, signal 184569/194385 (executing program)
2025/09/01 11:45:46 fetching corpus: 7850, signal 184821/194394 (executing program)
2025/09/01 11:45:46 fetching corpus: 7900, signal 185056/194405 (executing program)
2025/09/01 11:45:46 fetching corpus: 7950, signal 185448/194410 (executing program)
2025/09/01 11:45:46 fetching corpus: 8000, signal 185744/194410 (executing program)
2025/09/01 11:45:47 fetching corpus: 8050, signal 185968/194410 (executing program)
2025/09/01 11:45:47 fetching corpus: 8100, signal 186287/194422 (executing program)
2025/09/01 11:45:47 fetching corpus: 8150, signal 186788/194439 (executing program)
2025/09/01 11:45:47 fetching corpus: 8200, signal 186975/194440 (executing program)
2025/09/01 11:45:47 fetching corpus: 8250, signal 187224/194441 (executing program)
2025/09/01 11:45:47 fetching corpus: 8300, signal 187474/194442 (executing program)
2025/09/01 11:45:47 fetching corpus: 8350, signal 187784/194486 (executing program)
2025/09/01 11:45:47 fetching corpus: 8400, signal 188064/194493 (executing program)
2025/09/01 11:45:47 fetching corpus: 8450, signal 188360/194497 (executing program)
2025/09/01 11:45:47 fetching corpus: 8500, signal 188587/194507 (executing program)
2025/09/01 11:45:47 fetching corpus: 8550, signal 188766/194511 (executing program)
2025/09/01 11:45:48 fetching corpus: 8600, signal 189038/194530 (executing program)
2025/09/01 11:45:48 fetching corpus: 8650, signal 189281/194531 (executing program)
2025/09/01 11:45:48 fetching corpus: 8700, signal 189600/194534 (executing program)
2025/09/01 11:45:48 fetching corpus: 8750, signal 189886/194539 (executing program)
2025/09/01 11:45:48 fetching corpus: 8800, signal 190232/194542 (executing program)
2025/09/01 11:45:48 fetching corpus: 8850, signal 190627/194579 (executing program)
2025/09/01 11:45:48 fetching corpus: 8900, signal 190824/194584 (executing program)
2025/09/01 11:45:48 fetching corpus: 8950, signal 190963/194590 (executing program)
2025/09/01 11:45:48 fetching corpus: 9000, signal 191345/194594 (executing program)
2025/09/01 11:45:49 fetching corpus: 9050, signal 191675/194594 (executing program)
2025/09/01 11:45:49 fetching corpus: 9073, signal 191741/194594 (executing program)
2025/09/01 11:45:49 fetching corpus: 9073, signal 191741/194594 (executing program)
2025/09/01 11:45:51 starting 8 fuzzer processes
11:45:51 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x0, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)

11:45:51 executing program 1:
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', &(0x7f0000000040)=@orangefs_parent={0x28, 0x2, {{"9550c5769f983ff93da9d274d211ce3d"}, {"cb5b24ee5bea979b1802bc1a9a98cac8"}}}, &(0x7f0000000080), 0x0)

11:45:51 executing program 2:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000006c40)={0x0, 0x0, 0x0, 'queue0\x00'})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000})

11:45:51 executing program 3:
syz_mount_image$iso9660(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
chroot(&(0x7f0000000680)='./file0/../file0\x00')
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='cgroup2\x00', 0x0, 0x0)
creat(&(0x7f0000000200)='./file0/../file0\x00', 0x0)

11:45:51 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000), &(0x7f0000000100)=0x4)

11:45:51 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000000)=0xcb, 0x4)

11:45:51 executing program 5:
r0 = syz_open_dev$rtc(&(0x7f0000000800), 0x0, 0x0)
ioctl$RTC_SET_TIME(r0, 0x7005, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x958)

11:45:51 executing program 6:
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000001f40), 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

[   88.391193] audit: type=1400 audit(1756727151.487:7): avc:  denied  { execmem } for  pid=275 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   89.610696] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   89.614180] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   89.619063] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   89.623644] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   89.626098] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   89.646325] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   89.649124] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   89.652004] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   89.660400] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   89.666030] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   89.684125] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   89.686033] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   89.689919] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   89.691246] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   89.695063] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   89.696330] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   89.702107] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   89.704381] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   89.706132] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   89.708243] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   89.711633] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   89.720100] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   89.728288] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   89.729663] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   89.735447] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   89.737963] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   89.740013] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   89.741780] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   89.751522] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   89.758448] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   89.764118] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   89.768250] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   89.771219] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   89.774982] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   89.776421] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   89.780009] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   89.788626] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   89.789818] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   89.792488] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   89.802341] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   91.700047] Bluetooth: hci0: command tx timeout
[   91.764798] Bluetooth: hci3: command tx timeout
[   91.765568] Bluetooth: hci1: command tx timeout
[   91.766111] Bluetooth: hci4: command tx timeout
[   91.828152] Bluetooth: hci2: command tx timeout
[   91.828265] Bluetooth: hci5: command tx timeout
[   91.892792] Bluetooth: hci6: command tx timeout
[   91.892862] Bluetooth: hci7: command tx timeout
[   93.747800] Bluetooth: hci0: command tx timeout
[   93.811792] Bluetooth: hci4: command tx timeout
[   93.812897] Bluetooth: hci3: command tx timeout
[   93.812939] Bluetooth: hci1: command tx timeout
[   93.875852] Bluetooth: hci2: command tx timeout
[   93.877822] Bluetooth: hci5: command tx timeout
[   93.939926] Bluetooth: hci7: command tx timeout
[   93.941388] Bluetooth: hci6: command tx timeout
[   95.796053] Bluetooth: hci0: command tx timeout
[   95.861800] Bluetooth: hci3: command tx timeout
[   95.861818] Bluetooth: hci4: command tx timeout
[   95.862258] Bluetooth: hci1: command tx timeout
[   95.923791] Bluetooth: hci5: command tx timeout
[   95.923865] Bluetooth: hci2: command tx timeout
[   95.987929] Bluetooth: hci6: command tx timeout
[   95.988632] Bluetooth: hci7: command tx timeout
[   97.843898] Bluetooth: hci0: command tx timeout
[   97.907808] Bluetooth: hci3: command tx timeout
[   97.908165] Bluetooth: hci4: command tx timeout
[   97.908329] Bluetooth: hci1: command tx timeout
[   97.971808] Bluetooth: hci5: command tx timeout
[   97.971878] Bluetooth: hci2: command tx timeout
[   98.035858] Bluetooth: hci7: command tx timeout
[   98.035929] Bluetooth: hci6: command tx timeout
[  127.874898] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.875855] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.131668] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.132422] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.321756] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.322403] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.503892] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.504537] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.873753] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.874379] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.018318] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.018960] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.043576] audit: type=1400 audit(1756727192.140:8): avc:  denied  { open } for  pid=3812 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  129.048972] audit: type=1400 audit(1756727192.140:9): avc:  denied  { kernel } for  pid=3812 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  129.065980] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.066559] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.283764] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.284377] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.379995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.380603] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.411348] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.412346] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.698412] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.699093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.729266] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.729868] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.087110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.088763] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.240543] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.241832] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.871438] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.872392] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.926428] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.927693] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:46:34 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000280))

11:46:34 executing program 6:
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000001f40), 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

11:46:34 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x43, 0x4)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x3, 0x7, 0x301}, 0x14}}, 0x0)

11:46:34 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='proc\x00', 0xc009, 0x0)
umount2(&(0x7f0000000080)='./file0/../file0\x00', 0x0)

11:46:34 executing program 2:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2401, 0x0)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, 0x0)

11:46:34 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xb2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

11:46:34 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000), &(0x7f0000000100)=0x4)

11:46:34 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpgrp(0xffffffffffffffff)
tgkill(r0, r0, 0x0)

11:46:34 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000), &(0x7f0000000100)=0x4)

[  131.146423] audit: type=1400 audit(1756727194.241:10): avc:  denied  { write } for  pid=3898 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
11:46:34 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/softnet_stat\x00')
pread64(r0, &(0x7f0000000140)=""/4086, 0xff6, 0x0)

11:46:34 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xb2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

11:46:34 executing program 6:
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000001f40), 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

11:46:34 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000), &(0x7f0000000100)=0x4)

11:46:34 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000000)=""/36)

11:46:34 executing program 1:
prctl$PR_SET_TIMERSLACK(0x1d, 0xfffffffffffffeff)
nanosleep(&(0x7f0000000080)={0x0, 0x4c4b40}, 0x0)

11:46:34 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpgrp(0xffffffffffffffff)
tgkill(r0, r0, 0x0)

11:46:34 executing program 6:
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000001f40), 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

11:46:34 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xb2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

11:46:34 executing program 0:
get_robust_list(0x0, 0xfffffffffffffffd, &(0x7f00000000c0))

11:46:34 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x43, 0x4)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x3, 0x7, 0x301}, 0x14}}, 0x0)

11:46:34 executing program 0:
get_robust_list(0x0, 0xfffffffffffffffd, &(0x7f00000000c0))

11:46:34 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(&(0x7f0000000080)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xae}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)

[  131.494665] kmemleak: Found object by alias at 0x607f1a63e55c
[  131.494694] CPU: 1 UID: 0 PID: 3935 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) 
[  131.494731] Tainted: [W]=WARN
[  131.494737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  131.494749] Call Trace:
[  131.494755]  <TASK>
[  131.494763]  dump_stack_lvl+0xca/0x120
[  131.494808]  __lookup_object+0x94/0xb0
[  131.494837]  delete_object_full+0x27/0x70
[  131.494865]  free_percpu+0x30/0x1160
[  131.494893]  ? arch_uprobe_clear_state+0x16/0x140
[  131.494927]  futex_hash_free+0x38/0xc0
[  131.494952]  mmput+0x2d3/0x390
[  131.494984]  do_exit+0x79d/0x2970
[  131.495007]  ? signal_wake_up_state+0x85/0x120
[  131.495034]  ? zap_other_threads+0x2b9/0x3a0
[  131.495061]  ? __pfx_do_exit+0x10/0x10
[  131.495083]  ? do_group_exit+0x1c3/0x2a0
[  131.495106]  ? lock_release+0xc8/0x290
[  131.495134]  do_group_exit+0xd3/0x2a0
[  131.495160]  __x64_sys_exit_group+0x3e/0x50
[  131.495184]  x64_sys_call+0x18c5/0x18d0
[  131.495210]  do_syscall_64+0xbf/0x360
[  131.495232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.495252] RIP: 0033:0x7fe02d365b19
[  131.495266] Code: Unable to access opcode bytes at 0x7fe02d365aef.
[  131.495275] RSP: 002b:00007fff9e034868 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  131.495294] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe02d365b19
[  131.495307] RDX: 00007fe02d31872b RSI: ffffffffffffffbc RDI: 0000000000000000
[  131.495319] RBP: 0000000000000000 R08: 0000001b2d4211b0 R09: 0000000000000000
[  131.495331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.495343] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff9e034950
[  131.495369]  </TASK>
[  131.495375] kmemleak: Object (percpu) 0x607f1a63e550 (size 16):
[  131.495386] kmemleak:   comm "syz-executor.2", pid 286, jiffies 4294798230
[  131.495398] kmemleak:   min_count = 1
[  131.495405] kmemleak:   count = 0
[  131.495411] kmemleak:   flags = 0x21
[  131.495418] kmemleak:   checksum = 0
[  131.495424] kmemleak:   backtrace:
[  131.495429]  pcpu_alloc_noprof+0x87a/0x1170
[  131.495456]  mm_init+0x99b/0x1170
[  131.495470]  copy_process+0x3ab7/0x73c0
[  131.495487]  kernel_clone+0xea/0x7f0
[  131.495504]  __do_sys_clone+0xce/0x120
[  131.495521]  do_syscall_64+0xbf/0x360
[  131.495536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
11:46:34 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000000)=""/36)

11:46:34 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x43, 0x4)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x3, 0x7, 0x301}, 0x14}}, 0x0)

11:46:34 executing program 6:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x21084, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='./file0\x00')

[  131.591491] Oops: general protection fault, probably for non-canonical address 0xdffffc03d46eaf57: 0000 [#1] SMP KASAN NOPTI
[  131.592991] KASAN: probably user-memory-access in range [0x0000001ea3757ab8-0x0000001ea3757abf]
[  131.593991] CPU: 1 UID: 0 PID: 3932 Comm: syz-executor.1 Tainted: G        W           6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) 
[  131.597145] Tainted: [W]=WARN
[  131.598095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  131.599955] RIP: 0010:perf_tp_event+0x175/0xe70
[  131.600919] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  131.605014] RSP: 0018:ffff88801af876c0 EFLAGS: 00010013
[  131.606112] RAX: 00000003d46eaf57 RBX: 0000001ea37578cd RCX: 0000000000000002
[  131.607474] RDX: ffff888016288000 RSI: ffffffff8189a4e7 RDI: 0000001ea3757abd
[  131.609198] RBP: ffff88801af87930 R08: ffff88806cf31340 R09: ffffe8ffffd16550
[  131.610300] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  131.611179] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  131.612031] FS:  000055556991f400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[  131.613004] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  131.613702] CR2: 00007fff9e032fb8 CR3: 0000000009ea8000 CR4: 0000000000350ef0
[  131.614570] Call Trace:
[  131.614905]  <TASK>
[  131.615190]  ? find_held_lock+0x2b/0x80
[  131.615695]  ? __pfx_perf_tp_event+0x10/0x10
[  131.616247]  ? __lock_acquire+0x694/0x1b70
[  131.616768]  ? lock_is_held_type+0x9e/0x120
[  131.617312]  ? __lock_acquire+0xc65/0x1b70
[  131.617837]  ? perf_trace_lock_acquire+0xc9/0x700
[  131.618438]  ? __lock_acquire+0x694/0x1b70
[  131.618967]  ? perf_trace_run_bpf_submit+0xef/0x180
[  131.619584]  perf_trace_run_bpf_submit+0xef/0x180
[  131.620182]  perf_trace_preemptirq_template+0x259/0x430
[  131.620838]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  131.621550]  ? find_held_lock+0x2b/0x80
[  131.622053]  ? finish_task_switch.isra.0+0x201/0x840
[  131.622692]  ? finish_task_switch.isra.0+0x206/0x840
[  131.623330]  trace_irq_enable.constprop.0+0xa6/0x100
[  131.623952]  trace_hardirqs_on+0x26/0x40
[  131.624443]  finish_task_switch.isra.0+0x206/0x840
[  131.625050]  __schedule+0xe86/0x3590
[  131.625514]  ? __pfx___schedule+0x10/0x10
[  131.626029]  ? lock_acquire+0x15e/0x2f0
[  131.626521]  ? find_held_lock+0x2b/0x80
[  131.627027]  ? schedule+0x2c7/0x390
[  131.627479]  ? lock_release+0xc8/0x290
[  131.627952]  schedule+0xdb/0x390
[  131.628377]  do_nanosleep+0x15e/0x560
[  131.628861]  ? __pfx_do_nanosleep+0x10/0x10
[  131.629385]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  131.630008]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  131.630567]  ? __hrtimer_setup+0x1a4/0x2c0
[  131.631102]  hrtimer_nanosleep+0x13a/0x340
[  131.631612]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  131.632188]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  131.632743]  ? get_timespec64+0x11c/0x190
[  131.633254]  ? __pfx_get_timespec64+0x10/0x10
[  131.633813]  common_nsleep+0xaa/0xd0
[  131.634277]  __x64_sys_clock_nanosleep+0x331/0x470
[  131.634890]  ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[  131.635557]  do_syscall_64+0xbf/0x360
[  131.636026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.636647] RIP: 0033:0x7f44dbe508e1
[  131.637103] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 aa e7 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 e3 e7 ff ff 48 8b 04 24 eb 97 66 2e 0f 1f
[  131.639271] RSP: 002b:00007ffea202cc50 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  131.640238] RAX: ffffffffffffffda RBX: 0000000000020453 RCX: 00007f44dbe508e1
[  131.641130] RDX: 00007ffea202cc90 RSI: 0000000000000000 RDI: 0000000000000000
[  131.641990] RBP: 0000000000000001 R08: 0000000000000000 R09: 00007f44dbf1b000
[  131.642852] R10: 0000000000000000 R11: 0000000000000293 R12: 00007f44dbf3ef60
[  131.643697] R13: 00007f44dbf3fb60 R14: 00007f44dbf3ef60 R15: 0000000000020112
[  131.644555]  </TASK>
[  131.644841] Modules linked in:
[  131.645233] ---[ end trace 0000000000000000 ]---
[  131.645790] RIP: 0010:perf_tp_event+0x175/0xe70
[  131.646359] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  131.648512] RSP: 0018:ffff88801af876c0 EFLAGS: 00010013
[  131.649178] RAX: 00000003d46eaf57 RBX: 0000001ea37578cd RCX: 0000000000000002
[  131.650040] RDX: ffff888016288000 RSI: ffffffff8189a4e7 RDI: 0000001ea3757abd
[  131.650943] RBP: ffff88801af87930 R08: ffff88806cf31340 R09: ffffe8ffffd16550
[  131.651790] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  131.652644] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  131.653494] FS:  000055556991f400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[  131.654454] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  131.655151] CR2: 00007fff9e032fb8 CR3: 0000000009ea8000 CR4: 0000000000350ef0
[  131.656012] note: syz-executor.1[3932] exited with irqs disabled
[  131.656824] Oops: general protection fault, probably for non-canonical address 0xdffffc03d46eaf57: 0000 [#2] SMP KASAN NOPTI
[  131.658148] KASAN: probably user-memory-access in range [0x0000001ea3757ab8-0x0000001ea3757abf]
[  131.659192] CPU: 1 UID: 0 PID: 3932 Comm: syz-executor.1 Tainted: G      D W           6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) 
[  131.660590] Tainted: [D]=DIE, [W]=WARN
[  131.661044] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  131.662003] RIP: 0010:perf_tp_event+0x175/0xe70
[  131.662564] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  131.664696] RSP: 0018:ffff88806cf08b80 EFLAGS: 00010013
[  131.665326] RAX: 00000003d46eaf57 RBX: 0000001ea37578cd RCX: 0000000000000002
[  131.666156] RDX: ffff888016288000 RSI: ffffffff8189a4e7 RDI: 0000001ea3757abd
[  131.666998] RBP: ffff88806cf08df0 R08: ffff88806cf313e8 R09: ffffe8ffffd16550
[  131.667838] R10: 0000000000000000 R11: ffff88801f674098 R12: dffffc0000000000
[  131.668677] R13: 0000000000000014 R14: ffff88806cf313e8 R15: dffffc0000000000
[  131.669533] FS:  000055556991f400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[  131.670480] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  131.671173] CR2: 00007fff9e032fb8 CR3: 0000000009ea8000 CR4: 0000000000350ef0
[  131.672020] Call Trace:
[  131.672326]  <IRQ>
[  131.672593]  ? __pfx_perf_tp_event+0x10/0x10
[  131.673130]  ? enqueue_task_fair+0xded/0x1e00
[  131.673708]  ? check_preempt_wakeup_fair+0x6e/0x950
[  131.674315]  ? wakeup_preempt+0x140/0x2a0
[  131.674823]  ? lock_release+0x1c7/0x290
[  131.675301]  ? lock_release+0x1c7/0x290
[  131.675769]  ? do_raw_spin_unlock+0x53/0x220
[  131.676298]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[  131.676905]  ? try_to_wake_up+0x8ae/0x11d0
[  131.677414]  ? do_raw_spin_lock+0x123/0x260
[  131.677930]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  131.678483]  ? perf_trace_run_bpf_submit+0xef/0x180
[  131.679085]  perf_trace_run_bpf_submit+0xef/0x180
[  131.679655]  perf_trace_preemptirq_template+0x259/0x430
[  131.680279]  ? read_tsc+0x9/0x20
[  131.680686]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  131.681370]  ? clockevents_program_event+0x135/0x360
[  131.681976]  ? tick_program_event+0xac/0x140
[  131.682508]  ? handle_softirqs+0x16e/0x770
[  131.683024]  trace_irq_enable.constprop.0+0xa6/0x100
[  131.683629]  trace_hardirqs_on+0x26/0x40
[  131.684114]  handle_softirqs+0x16e/0x770
[  131.684610]  __irq_exit_rcu+0xc4/0x100
[  131.685090]  irq_exit_rcu+0x9/0x20
[  131.685516]  sysvec_apic_timer_interrupt+0x70/0x80
[  131.686101]  </IRQ>
[  131.686368]  <TASK>
[  131.686642]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  131.687275] RIP: 0010:make_task_dead+0xa2/0x3b0
[  131.687835] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 <e8> e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de
[  131.689984] RSP: 0018:ffff88801af87f28 EFLAGS: 00000246
[  131.690616] RAX: 0000000000000001 RBX: ffff888016288000 RCX: ffffffff817c3ab6
[  131.691444] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[  131.692284] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[  131.693106] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff888016288000
[  131.693920] R13: 0000000000000000 R14: dffffc03d46eaf57 R15: 0000000000000000
[  131.694753]  ? trace_irq_enable.constprop.0+0x26/0x100
[  131.695384]  ? make_task_dead+0x214/0x3b0
[  131.695899]  ? make_task_dead+0x214/0x3b0
[  131.696411]  ? do_syscall_64+0xbf/0x360
[  131.696880]  rewind_stack_and_make_dead+0x16/0x20
[  131.697462] RIP: 0033:0x7f44dbe508e1
[  131.697897] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 aa e7 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 e3 e7 ff ff 48 8b 04 24 eb 97 66 2e 0f 1f
[  131.700028] RSP: 002b:00007ffea202cc50 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  131.700928] RAX: ffffffffffffffda RBX: 0000000000020453 RCX: 00007f44dbe508e1
[  131.701748] RDX: 00007ffea202cc90 RSI: 0000000000000000 RDI: 0000000000000000
[  131.702580] RBP: 0000000000000001 R08: 0000000000000000 R09: 00007f44dbf1b000
[  131.703417] R10: 0000000000000000 R11: 0000000000000293 R12: 00007f44dbf3ef60
[  131.704238] R13: 00007f44dbf3fb60 R14: 00007f44dbf3ef60 R15: 0000000000020112
[  131.705066]  </TASK>
[  131.705340] Modules linked in:
[  131.705726] ---[ end trace 0000000000000000 ]---
[  131.706267] RIP: 0010:perf_tp_event+0x175/0xe70
[  131.706823] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  131.708871] RSP: 0018:ffff88801af876c0 EFLAGS: 00010013
[  131.709474] RAX: 00000003d46eaf57 RBX: 0000001ea37578cd RCX: 0000000000000002
[  131.710281] RDX: ffff888016288000 RSI: ffffffff8189a4e7 RDI: 0000001ea3757abd
[  131.711096] RBP: ffff88801af87930 R08: ffff88806cf31340 R09: ffffe8ffffd16550
[  131.711899] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  131.712706] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  131.713514] FS:  000055556991f400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[  131.714418] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  131.715085] CR2: 00007fff9e032fb8 CR3: 0000000009ea8000 CR4: 0000000000350ef0
[  131.715899] Kernel panic - not syncing: Fatal exception in interrupt
[  131.716820] Kernel Offset: disabled
[  131.717236] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
11:46:34  Registers:
info registers vcpu 0
RAX=0000000000036eb4 RBX=ffff88806cf3c300 RCX=ffffc90003226000 RDX=0000000000040000
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff88801a5775a8
R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000001 R11=1ffff1100d9c6bb1
R12=ffffed100d9e7861 R13=ffff88806cf3c308 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880d8 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fb803eea700 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe0e00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f75f9735ad0 CR3=0000000020033000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007fb806a5b7c000007fb806a5b7c8
XMM02=00007fb806a5b7e000007fb806a5b7c0 XMM03=00007fb806a5b7c800007fb806a5b7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88801af87030
R8 =0000000000000000 R9 =ffffed1001727046 R10=0000000000000000 R11=6666666666662052
R12=0000000000000005 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 000055556991f400 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe2800000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fff9e032fb8 CR3=0000000009ea8000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000