Debian GNU/Linux 11 syzkaller ttyS0
Warning: Permanently added '[localhost]:16702' (ECDSA) to the list of known hosts.
2025/08/29 10:26:34 fuzzer started
2025/08/29 10:26:34 dialing manager at localhost:43077
syzkaller login: [ 53.777694] cgroup: Unknown subsys name 'net'
[ 53.862359] cgroup: Unknown subsys name 'cpuset'
[ 53.879115] cgroup: Unknown subsys name 'rlimit'
2025/08/29 10:26:47 syscalls: 2214
2025/08/29 10:26:47 code coverage: enabled
2025/08/29 10:26:47 comparison tracing: enabled
2025/08/29 10:26:47 extra coverage: enabled
2025/08/29 10:26:47 setuid sandbox: enabled
2025/08/29 10:26:47 namespace sandbox: enabled
2025/08/29 10:26:47 Android sandbox: enabled
2025/08/29 10:26:47 fault injection: enabled
2025/08/29 10:26:47 leak checking: enabled
2025/08/29 10:26:47 net packet injection: enabled
2025/08/29 10:26:47 net device setup: enabled
2025/08/29 10:26:47 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 10:26:47 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 10:26:47 USB emulation: enabled
2025/08/29 10:26:47 hci packet injection: enabled
2025/08/29 10:26:47 wifi device emulation: enabled
2025/08/29 10:26:47 802.15.4 emulation: enabled
2025/08/29 10:26:47 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 10:26:47 fetching corpus: 50, signal 23605/27081 (executing program)
2025/08/29 10:26:47 fetching corpus: 100, signal 32430/37337 (executing program)
2025/08/29 10:26:47 fetching corpus: 150, signal 41826/47931 (executing program)
2025/08/29 10:26:47 fetching corpus: 200, signal 47078/54377 (executing program)
2025/08/29 10:26:47 fetching corpus: 250, signal 55154/63332 (executing program)
2025/08/29 10:26:48 fetching corpus: 300, signal 60294/69471 (executing program)
2025/08/29 10:26:48 fetching corpus: 350, signal 63318/73491 (executing program)
2025/08/29 10:26:48 fetching corpus: 400, signal 65701/76888 (executing program)
2025/08/29 10:26:48 fetching corpus: 450, signal 68923/81039 (executing program)
2025/08/29 10:26:48 fetching corpus: 500, signal 72227/85184 (executing program)
2025/08/29 10:26:48 fetching corpus: 550, signal 74906/88679 (executing program)
2025/08/29 10:26:48 fetching corpus: 600, signal 77967/92457 (executing program)
2025/08/29 10:26:48 fetching corpus: 650, signal 81621/96726 (executing program)
2025/08/29 10:26:48 fetching corpus: 700, signal 82910/98805 (executing program)
2025/08/29 10:26:48 fetching corpus: 750, signal 85196/101833 (executing program)
2025/08/29 10:26:48 fetching corpus: 800, signal 87198/104451 (executing program)
2025/08/29 10:26:49 fetching corpus: 850, signal 88968/106910 (executing program)
2025/08/29 10:26:49 fetching corpus: 900, signal 91263/109714 (executing program)
2025/08/29 10:26:49 fetching corpus: 950, signal 93116/112137 (executing program)
2025/08/29 10:26:49 fetching corpus: 1000, signal 95510/114893 (executing program)
2025/08/29 10:26:49 fetching corpus: 1050, signal 97958/117621 (executing program)
2025/08/29 10:26:49 fetching corpus: 1100, signal 99488/119618 (executing program)
2025/08/29 10:26:49 fetching corpus: 1150, signal 101283/121841 (executing program)
2025/08/29 10:26:49 fetching corpus: 1200, signal 102440/123485 (executing program)
2025/08/29 10:26:49 fetching corpus: 1250, signal 104497/125859 (executing program)
2025/08/29 10:26:49 fetching corpus: 1300, signal 105584/127406 (executing program)
2025/08/29 10:26:50 fetching corpus: 1350, signal 106827/129091 (executing program)
2025/08/29 10:26:50 fetching corpus: 1400, signal 108122/130709 (executing program)
2025/08/29 10:26:50 fetching corpus: 1450, signal 110479/132984 (executing program)
2025/08/29 10:26:50 fetching corpus: 1500, signal 112103/134931 (executing program)
2025/08/29 10:26:50 fetching corpus: 1550, signal 113488/136553 (executing program)
2025/08/29 10:26:50 fetching corpus: 1600, signal 114482/137884 (executing program)
2025/08/29 10:26:50 fetching corpus: 1650, signal 115623/139296 (executing program)
2025/08/29 10:26:50 fetching corpus: 1700, signal 116692/140672 (executing program)
2025/08/29 10:26:50 fetching corpus: 1750, signal 117852/142035 (executing program)
2025/08/29 10:26:50 fetching corpus: 1800, signal 119028/143373 (executing program)
2025/08/29 10:26:51 fetching corpus: 1850, signal 120122/144618 (executing program)
2025/08/29 10:26:51 fetching corpus: 1900, signal 121129/145856 (executing program)
2025/08/29 10:26:51 fetching corpus: 1950, signal 122040/146970 (executing program)
2025/08/29 10:26:51 fetching corpus: 2000, signal 122977/148058 (executing program)
2025/08/29 10:26:51 fetching corpus: 2050, signal 124140/149265 (executing program)
2025/08/29 10:26:51 fetching corpus: 2100, signal 124766/150223 (executing program)
2025/08/29 10:26:51 fetching corpus: 2150, signal 125680/151283 (executing program)
2025/08/29 10:26:51 fetching corpus: 2200, signal 127240/152626 (executing program)
2025/08/29 10:26:51 fetching corpus: 2250, signal 128149/153710 (executing program)
2025/08/29 10:26:51 fetching corpus: 2300, signal 129225/154807 (executing program)
2025/08/29 10:26:52 fetching corpus: 2350, signal 130125/155764 (executing program)
2025/08/29 10:26:52 fetching corpus: 2400, signal 130897/156613 (executing program)
2025/08/29 10:26:52 fetching corpus: 2450, signal 131603/157502 (executing program)
2025/08/29 10:26:52 fetching corpus: 2500, signal 132367/158397 (executing program)
2025/08/29 10:26:52 fetching corpus: 2550, signal 133261/159280 (executing program)
2025/08/29 10:26:52 fetching corpus: 2600, signal 133804/159982 (executing program)
2025/08/29 10:26:52 fetching corpus: 2650, signal 134398/160688 (executing program)
2025/08/29 10:26:52 fetching corpus: 2700, signal 135119/161494 (executing program)
2025/08/29 10:26:52 fetching corpus: 2750, signal 135720/162211 (executing program)
2025/08/29 10:26:52 fetching corpus: 2800, signal 136426/162929 (executing program)
2025/08/29 10:26:52 fetching corpus: 2850, signal 137330/163709 (executing program)
2025/08/29 10:26:53 fetching corpus: 2900, signal 138177/164459 (executing program)
2025/08/29 10:26:53 fetching corpus: 2950, signal 138669/165042 (executing program)
2025/08/29 10:26:53 fetching corpus: 3000, signal 139446/165739 (executing program)
2025/08/29 10:26:53 fetching corpus: 3050, signal 140326/166388 (executing program)
2025/08/29 10:26:53 fetching corpus: 3100, signal 141089/167012 (executing program)
2025/08/29 10:26:53 fetching corpus: 3150, signal 141649/167621 (executing program)
2025/08/29 10:26:53 fetching corpus: 3200, signal 142420/168205 (executing program)
2025/08/29 10:26:53 fetching corpus: 3250, signal 143180/168791 (executing program)
2025/08/29 10:26:53 fetching corpus: 3300, signal 143869/169339 (executing program)
2025/08/29 10:26:53 fetching corpus: 3350, signal 144243/169824 (executing program)
2025/08/29 10:26:53 fetching corpus: 3400, signal 144963/170394 (executing program)
2025/08/29 10:26:54 fetching corpus: 3450, signal 146031/170985 (executing program)
2025/08/29 10:26:54 fetching corpus: 3500, signal 146970/171531 (executing program)
2025/08/29 10:26:54 fetching corpus: 3550, signal 147638/172062 (executing program)
2025/08/29 10:26:54 fetching corpus: 3600, signal 148253/172510 (executing program)
2025/08/29 10:26:54 fetching corpus: 3650, signal 148844/172953 (executing program)
2025/08/29 10:26:54 fetching corpus: 3700, signal 149273/173316 (executing program)
2025/08/29 10:26:54 fetching corpus: 3750, signal 150037/173686 (executing program)
2025/08/29 10:26:54 fetching corpus: 3800, signal 150747/174078 (executing program)
2025/08/29 10:26:54 fetching corpus: 3850, signal 151561/174473 (executing program)
2025/08/29 10:26:54 fetching corpus: 3900, signal 151955/174779 (executing program)
2025/08/29 10:26:55 fetching corpus: 3950, signal 152885/175162 (executing program)
2025/08/29 10:26:55 fetching corpus: 4000, signal 153461/175517 (executing program)
2025/08/29 10:26:55 fetching corpus: 4050, signal 153882/175835 (executing program)
2025/08/29 10:26:55 fetching corpus: 4100, signal 154289/176104 (executing program)
2025/08/29 10:26:55 fetching corpus: 4150, signal 154688/176361 (executing program)
2025/08/29 10:26:55 fetching corpus: 4200, signal 155396/176648 (executing program)
2025/08/29 10:26:55 fetching corpus: 4250, signal 156094/176868 (executing program)
2025/08/29 10:26:55 fetching corpus: 4300, signal 156456/176876 (executing program)
2025/08/29 10:26:56 fetching corpus: 4350, signal 156847/176883 (executing program)
2025/08/29 10:26:56 fetching corpus: 4400, signal 157284/176896 (executing program)
2025/08/29 10:26:56 fetching corpus: 4450, signal 157672/176910 (executing program)
2025/08/29 10:26:56 fetching corpus: 4500, signal 158051/176910 (executing program)
2025/08/29 10:26:56 fetching corpus: 4550, signal 158660/176919 (executing program)
2025/08/29 10:26:56 fetching corpus: 4600, signal 158947/176956 (executing program)
2025/08/29 10:26:56 fetching corpus: 4650, signal 159460/176988 (executing program)
2025/08/29 10:26:56 fetching corpus: 4700, signal 159830/176993 (executing program)
2025/08/29 10:26:56 fetching corpus: 4750, signal 160211/177008 (executing program)
2025/08/29 10:26:56 fetching corpus: 4800, signal 161839/177020 (executing program)
2025/08/29 10:26:57 fetching corpus: 4850, signal 162080/177063 (executing program)
2025/08/29 10:26:57 fetching corpus: 4900, signal 162492/177065 (executing program)
2025/08/29 10:26:57 fetching corpus: 4950, signal 163104/177065 (executing program)
2025/08/29 10:26:57 fetching corpus: 5000, signal 163696/177121 (executing program)
2025/08/29 10:26:57 fetching corpus: 5050, signal 164188/177146 (executing program)
2025/08/29 10:26:57 fetching corpus: 5100, signal 164614/177163 (executing program)
2025/08/29 10:26:57 fetching corpus: 5150, signal 165021/177179 (executing program)
2025/08/29 10:26:57 fetching corpus: 5200, signal 165328/177179 (executing program)
2025/08/29 10:26:57 fetching corpus: 5250, signal 165752/177188 (executing program)
2025/08/29 10:26:57 fetching corpus: 5300, signal 166242/177274 (executing program)
2025/08/29 10:26:57 fetching corpus: 5350, signal 166671/177373 (executing program)
2025/08/29 10:26:57 fetching corpus: 5400, signal 167099/177378 (executing program)
2025/08/29 10:26:58 fetching corpus: 5450, signal 167468/177384 (executing program)
2025/08/29 10:26:58 fetching corpus: 5500, signal 167902/177426 (executing program)
2025/08/29 10:26:58 fetching corpus: 5550, signal 168305/177466 (executing program)
2025/08/29 10:26:58 fetching corpus: 5600, signal 168628/177467 (executing program)
2025/08/29 10:26:58 fetching corpus: 5650, signal 168947/177482 (executing program)
2025/08/29 10:26:58 fetching corpus: 5700, signal 169284/177486 (executing program)
2025/08/29 10:26:58 fetching corpus: 5750, signal 169498/177501 (executing program)
2025/08/29 10:26:58 fetching corpus: 5800, signal 169777/177513 (executing program)
2025/08/29 10:26:58 fetching corpus: 5850, signal 170185/177515 (executing program)
2025/08/29 10:26:58 fetching corpus: 5900, signal 170477/177515 (executing program)
2025/08/29 10:26:59 fetching corpus: 5950, signal 170826/177516 (executing program)
2025/08/29 10:26:59 fetching corpus: 6000, signal 171242/177517 (executing program)
2025/08/29 10:26:59 fetching corpus: 6050, signal 171617/177528 (executing program)
2025/08/29 10:26:59 fetching corpus: 6100, signal 172029/177533 (executing program)
2025/08/29 10:26:59 fetching corpus: 6150, signal 172344/177542 (executing program)
2025/08/29 10:26:59 fetching corpus: 6200, signal 172832/177557 (executing program)
2025/08/29 10:26:59 fetching corpus: 6250, signal 173130/177586 (executing program)
2025/08/29 10:26:59 fetching corpus: 6300, signal 173592/177595 (executing program)
2025/08/29 10:26:59 fetching corpus: 6350, signal 173910/177595 (executing program)
2025/08/29 10:26:59 fetching corpus: 6400, signal 174136/177598 (executing program)
2025/08/29 10:26:59 fetching corpus: 6450, signal 174412/177613 (executing program)
2025/08/29 10:27:00 fetching corpus: 6500, signal 174710/177614 (executing program)
2025/08/29 10:27:00 fetching corpus: 6550, signal 175063/177628 (executing program)
2025/08/29 10:27:00 fetching corpus: 6590, signal 175362/177631 (executing program)
2025/08/29 10:27:00 fetching corpus: 6590, signal 175362/177631 (executing program)
2025/08/29 10:27:02 starting 8 fuzzer processes
10:27:02 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000640)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810, 0x1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
syz_mount_image$tmpfs(&(0x7f00000009c0), &(0x7f0000000a00)='./file0\x00', 0x0, 0x1, &(0x7f0000000e40)=[{&(0x7f0000000a40)="88", 0x1}], 0x0, &(0x7f0000000ec0)={[{@huge_within_size}]})
syz_mount_image$tmpfs(&(0x7f0000001080), &(0x7f00000010c0)='./file0\x00', 0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000001100)="1c", 0x1}], 0x108000, &(0x7f0000001300))
10:27:02 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000000)=0xc46f, 0x4)
sendto$inet(r0, 0x0, 0x33, 0x0, &(0x7f0000000080)={0x2, 0x4e22, @local}, 0x10)
10:27:02 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x2)
connect$netlink(r0, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x8000000}, 0xc)
[ 80.240353] audit: type=1400 audit(1756463222.481:7): avc: denied { execmem } for pid=272 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
10:27:02 executing program 2:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='sysfs\x00', 0x3000108, 0x0)
statfs(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=""/182)
10:27:02 executing program 3:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = epoll_create1(0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
close(r1)
r2 = dup2(r0, r0)
inotify_init()
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000001800)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
10:27:02 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080))
10:27:02 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000140)={0x1f, 0x0, @fixed}, 0xe)
listen(r0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
accept(r0, 0x0, 0x0)
10:27:02 executing program 6:
prctl$PR_MCE_KILL(0x21, 0x1, 0x7)
[ 81.385184] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 81.389492] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 81.391619] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 81.395412] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 81.398821] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 81.446175] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 81.450840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 81.452590] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 81.463920] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 81.469559] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 81.474001] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 81.476215] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 81.477926] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 81.485802] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 81.488643] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 81.584846] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 81.615641] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 81.636482] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 81.638313] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 81.641847] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 81.644521] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 81.647790] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 81.649216] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 81.651218] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 81.654034] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 81.665412] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 81.668133] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 81.683178] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 81.684482] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 81.687537] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 81.693154] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 81.695021] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 81.696825] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 81.705620] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 81.707503] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 81.710210] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 81.718007] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 81.749620] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 81.754171] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 81.758482] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 83.478796] Bluetooth: hci0: command tx timeout
[ 83.542341] Bluetooth: hci2: command tx timeout
[ 83.543103] Bluetooth: hci1: command tx timeout
[ 83.735413] Bluetooth: hci3: command tx timeout
[ 83.736491] Bluetooth: hci7: command tx timeout
[ 83.798313] Bluetooth: hci4: command tx timeout
[ 83.862847] Bluetooth: hci6: command tx timeout
[ 83.926310] Bluetooth: hci5: command tx timeout
[ 85.526448] Bluetooth: hci0: command tx timeout
[ 85.590311] Bluetooth: hci2: command tx timeout
[ 85.590785] Bluetooth: hci1: command tx timeout
[ 85.782360] Bluetooth: hci3: command tx timeout
[ 85.782827] Bluetooth: hci7: command tx timeout
[ 85.846412] Bluetooth: hci4: command tx timeout
[ 85.910456] Bluetooth: hci6: command tx timeout
[ 85.974347] Bluetooth: hci5: command tx timeout
[ 87.574730] Bluetooth: hci0: command tx timeout
[ 87.638310] Bluetooth: hci1: command tx timeout
[ 87.638789] Bluetooth: hci2: command tx timeout
[ 87.830400] Bluetooth: hci3: command tx timeout
[ 87.830865] Bluetooth: hci7: command tx timeout
[ 87.894432] Bluetooth: hci4: command tx timeout
[ 87.958756] Bluetooth: hci6: command tx timeout
[ 88.022351] Bluetooth: hci5: command tx timeout
[ 89.622360] Bluetooth: hci0: command tx timeout
[ 89.686384] Bluetooth: hci2: command tx timeout
[ 89.686818] Bluetooth: hci1: command tx timeout
[ 89.878364] Bluetooth: hci7: command tx timeout
[ 89.878825] Bluetooth: hci3: command tx timeout
[ 89.943282] Bluetooth: hci4: command tx timeout
[ 90.006396] Bluetooth: hci6: command tx timeout
[ 90.070368] Bluetooth: hci5: command tx timeout
[ 116.643517] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.644181] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.837203] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.837847] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.163550] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.164190] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.263872] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 117.269657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 117.287820] tmpfs: Unsupported parameter 'huge'
[ 117.323518] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.324105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.364278] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.364874] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.466979] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.467731] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.564183] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.564955] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:27:39 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x2)
connect$netlink(r0, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x8000000}, 0xc)
10:27:39 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x2)
connect$netlink(r0, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x8000000}, 0xc)
[ 117.663789] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.664427] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.703343] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.703987] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:27:39 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x2)
connect$netlink(r0, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x8000000}, 0xc)
10:27:40 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="db4d31d6805ecdac87307b14c169d9d9", 0x7ffff000}, {&(0x7f0000000200)="ee91b199cbde153a80cc89fff10933ca330cad7d5e0f004c6e6896c0909b95c3eebca1ddbf38aeb052c2cf7f3c5445bfa4c9cc966edb83bd3436a22c2a8e1cafade0533901774eb216d833be627e96c9a9c78fc0ad06be165d206fdd35dbde963942c7cb29ed300d6551b21ee9c57532", 0x70}], 0x2}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)="ea", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000a00)='m', 0x1}], 0x1}}], 0x3, 0x44894)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
[ 117.775818] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.776455] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.818969] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 117.821571] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 117.823122] tmpfs: Unsupported parameter 'huge'
[ 117.849026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.849803] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.857441] audit: type=1400 audit(1756463260.098:8): avc: denied { open } for pid=3886 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 117.860061] audit: type=1400 audit(1756463260.098:9): avc: denied { kernel } for pid=3886 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 117.899903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.900567] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.927778] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.928425] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.999468] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.000096] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.094468] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.095097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.157284] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.157905] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.212722] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
10:27:40 executing program 3:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = epoll_create1(0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
close(r1)
r2 = dup2(r0, r0)
inotify_init()
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000001800)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
10:27:40 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000140)={0x1f, 0x0, @fixed}, 0xe)
listen(r0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
accept(r0, 0x0, 0x0)
10:27:40 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000000)=0xc46f, 0x4)
sendto$inet(r0, 0x0, 0x33, 0x0, &(0x7f0000000080)={0x2, 0x4e22, @local}, 0x10)
10:27:40 executing program 2:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='sysfs\x00', 0x3000108, 0x0)
statfs(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=""/182)
10:27:40 executing program 6:
prctl$PR_MCE_KILL(0x21, 0x1, 0x7)
10:27:40 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080))
10:27:40 executing program 7:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='sysfs\x00', 0x3000108, 0x0)
statfs(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=""/182)
10:27:40 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000640)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810, 0x1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
syz_mount_image$tmpfs(&(0x7f00000009c0), &(0x7f0000000a00)='./file0\x00', 0x0, 0x1, &(0x7f0000000e40)=[{&(0x7f0000000a40)="88", 0x1}], 0x0, &(0x7f0000000ec0)={[{@huge_within_size}]})
syz_mount_image$tmpfs(&(0x7f0000001080), &(0x7f00000010c0)='./file0\x00', 0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000001100)="1c", 0x1}], 0x108000, &(0x7f0000001300))
[ 118.791111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 118.797562] misc raw-gadget: fail, usb_gadget_register_driver returned -16
10:27:41 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000000)=0xc46f, 0x4)
sendto$inet(r0, 0x0, 0x33, 0x0, &(0x7f0000000080)={0x2, 0x4e22, @local}, 0x10)
[ 118.814549] tmpfs: Unsupported parameter 'huge'
10:27:41 executing program 6:
prctl$PR_MCE_KILL(0x21, 0x1, 0x7)
10:27:41 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000140)={0x1f, 0x0, @fixed}, 0xe)
listen(r0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
accept(r0, 0x0, 0x0)
10:27:41 executing program 3:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = epoll_create1(0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
close(r1)
r2 = dup2(r0, r0)
inotify_init()
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000001800)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
10:27:41 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080))
10:27:41 executing program 2:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='sysfs\x00', 0x3000108, 0x0)
statfs(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=""/182)
10:27:41 executing program 7:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='sysfs\x00', 0x3000108, 0x0)
statfs(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=""/182)
10:27:41 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000000)=0xc46f, 0x4)
sendto$inet(r0, 0x0, 0x33, 0x0, &(0x7f0000000080)={0x2, 0x4e22, @local}, 0x10)
10:27:41 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000640)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810, 0x1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
syz_mount_image$tmpfs(&(0x7f00000009c0), &(0x7f0000000a00)='./file0\x00', 0x0, 0x1, &(0x7f0000000e40)=[{&(0x7f0000000a40)="88", 0x1}], 0x0, &(0x7f0000000ec0)={[{@huge_within_size}]})
syz_mount_image$tmpfs(&(0x7f0000001080), &(0x7f00000010c0)='./file0\x00', 0x0, 0x1, &(0x7f0000001280)=[{&(0x7f0000001100)="1c", 0x1}], 0x108000, &(0x7f0000001300))
[ 119.747418] Oops: general protection fault, probably for non-canonical address 0xe6fffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 119.748330] KASAN: maybe wild-memory-access in range [0x3800000000000190-0x3800000000000197]
[ 119.749028] CPU: 0 UID: 0 PID: 3947 Comm: syz-executor.5 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 119.750526] Tainted: [W]=WARN
[ 119.751340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 119.751481] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 119.752995] RIP: 0010:perf_tp_event+0x175/0xe70
[ 119.755992] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 119.759351] RSP: 0018:ffff888046397780 EFLAGS: 00010012
[ 119.759777] RAX: 0700000000000032 RBX: 37ffffffffffffa0 RCX: ffffc900093df000
[ 119.760338] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 3800000000000190
[ 119.760919] RBP: ffff8880463979f0 R08: ffff88806ce31340 R09: ffffe8ffffc16138
[ 119.761485] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000
[ 119.762054] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 119.762620] FS: 00007f934442a700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 119.763259] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 119.763726] CR2: 0000000020000640 CR3: 000000001f58d000 CR4: 0000000000350ef0
[ 119.764289] Call Trace:
[ 119.764502]
[ 119.764688] ? __pfx_perf_tp_event+0x10/0x10
[ 119.765062] ? __asan_memcpy+0x3d/0x60
[ 119.765385] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10
[ 119.765898] ? lock_is_held_type+0x9e/0x120
[ 119.766254] ? ctx_sched_in+0x134/0x9b0
[ 119.766576] ? kvm_sched_clock_read+0x16/0x30
[ 119.766688] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 119.766939] ? sched_clock+0x37/0x60
[ 119.767826] ? lock_is_held_type+0x9e/0x120
[ 119.768177] ? perf_trace_run_bpf_submit+0xef/0x180
[ 119.768582] ? lock_is_held_type+0x9e/0x120
[ 119.768941] perf_trace_run_bpf_submit+0xef/0x180
[ 119.769336] perf_trace_preemptirq_template+0x259/0x430
[ 119.769773] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 119.770244] ? check_preempt_wakeup_fair+0x406/0x950
[ 119.770855] ? find_held_lock+0x2b/0x80
[ 119.771162] ? try_to_wake_up+0x8ae/0x11d0
[ 119.771516] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 119.771927] kmemleak: Found object by alias at 0x607f1a63913c
[ 119.771944] CPU: 1 UID: 0 PID: 3942 Comm: syz-executor.4 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 119.771964] Tainted: [W]=WARN
[ 119.771968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 119.771976] Call Trace:
[ 119.771980]
[ 119.771984] dump_stack_lvl+0xca/0x120
[ 119.772010] __lookup_object+0x94/0xb0
[ 119.772028] delete_object_full+0x27/0x70
[ 119.772043] free_percpu+0x30/0x1160
[ 119.772062] ? arch_uprobe_clear_state+0x16/0x140
[ 119.772081] futex_hash_free+0x38/0xc0
[ 119.772096] mmput+0x2d3/0x390
[ 119.772114] do_exit+0x79d/0x2970
[ 119.772130] ? __pfx_do_exit+0x10/0x10
[ 119.772144] ? find_held_lock+0x2b/0x80
[ 119.772164] ? get_signal+0x835/0x2340
[ 119.772184] do_group_exit+0xd3/0x2a0
[ 119.772198] get_signal+0x2315/0x2340
[ 119.772216] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 119.772236] ? __pfx_get_signal+0x10/0x10
[ 119.772253] ? __schedule+0xe91/0x3590
[ 119.772271] arch_do_signal_or_restart+0x80/0x790
[ 119.772289] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 119.772306] ? __x64_sys_futex+0x1c9/0x4d0
[ 119.772318] ? __x64_sys_futex+0x1d2/0x4d0
[ 119.772332] ? __pfx___x64_sys_futex+0x10/0x10
[ 119.772346] ? __x64_sys_epoll_ctl+0x14a/0x1c0
[ 119.772362] ? xfd_validate_state+0x55/0x180
[ 119.772382] exit_to_user_mode_loop+0x8b/0x110
[ 119.772395] do_syscall_64+0x2f7/0x360
[ 119.772406] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 119.772419] RIP: 0033:0x7fe7e545db19
[ 119.772429] Code: Unable to access opcode bytes at 0x7fe7e545daef.
[ 119.772434] RSP: 002b:00007fe7e29d3218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 119.772447] RAX: 0000000000000001 RBX: 00007fe7e5570f68 RCX: 00007fe7e545db19
[ 119.772455] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe7e5570f6c
[ 119.772462] RBP: 00007fe7e5570f60 R08: 000000000000000e R09: 0000000000000000
[ 119.772469] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe7e5570f6c
[ 119.772477] R13: 00007fff7680b16f R14: 00007fe7e29d3300 R15: 0000000000022000
[ 119.772488]
[ 119.772492] kmemleak: Object (percpu) 0x607f1a639138 (size 8):
[ 119.772499] kmemleak: comm "syz-executor.5", pid 3947, jiffies 4294786343
[ 119.772506] kmemleak: min_count = 1
[ 119.772510] kmemleak: count = 0
[ 119.772514] kmemleak: flags = 0x21
[ 119.772518] kmemleak: checksum = 0
[ 119.772522] kmemleak: backtrace:
[ 119.772526] pcpu_alloc_noprof+0x87a/0x1170
[ 119.772542] perf_trace_event_init+0x366/0xa10
[ 119.772556] perf_trace_init+0x1a4/0x2f0
[ 119.772569] perf_tp_event_init+0xa6/0x120
[ 119.772585] perf_try_init_event+0x140/0x9f0
[ 119.772599] perf_event_alloc.part.0+0x118e/0x45f0
[ 119.772617] __do_sys_perf_event_open+0x719/0x2c20
[ 119.772630] do_syscall_64+0xbf/0x360
[ 119.772639] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 119.773049] kmemleak: Found object by alias at 0x607f1a638f4c
[ 119.773060] CPU: 1 UID: 0 PID: 3939 Comm: syz-executor.2 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 119.773077] Tainted: [W]=WARN
[ 119.773081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 119.773087] Call Trace:
[ 119.773091]
[ 119.773095] dump_stack_lvl+0xca/0x120
[ 119.773112] __lookup_object+0x94/0xb0
[ 119.773127] delete_object_full+0x27/0x70
[ 119.773143] free_percpu+0x30/0x1160
[ 119.773158] ? arch_uprobe_clear_state+0x16/0x140
[ 119.773175] futex_hash_free+0x38/0xc0
[ 119.773188] mmput+0x2d3/0x390
[ 119.773206] do_exit+0x79d/0x2970
[ 119.773224] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 119.773245] ? zap_other_threads+0x2b9/0x3a0
[ 119.773261] ? __pfx_do_exit+0x10/0x10
[ 119.773274] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 119.773290] ? _raw_spin_unlock_irq+0x23/0x40
[ 119.773307] do_group_exit+0xd3/0x2a0
[ 119.773321] __x64_sys_exit_group+0x3e/0x50
[ 119.773336] x64_sys_call+0x18c5/0x18d0
[ 119.773351] do_syscall_64+0xbf/0x360
[ 119.773361] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 119.773373] RIP: 0033:0x7fe51877cb19
[ 119.773382] Code: Unable to access opcode bytes at 0x7fe51877caef.
[ 119.773387] RSP: 002b:00007ffcd4580f78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 119.773398] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe51877cb19
[ 119.773406] RDX: 00007fe51872f72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 119.773414] RBP: 0000000000000000 R08: 0000001b2d02a7bc R09: 0000000000000000
[ 119.773421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 119.773428] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffcd4581060
[ 119.773439]
[ 119.773443] kmemleak: Object (percpu) 0x607f1a638f48 (size 8):
[ 119.773449] kmemleak: comm "syz-executor.7", pid 3936, jiffies 4294786314
[ 119.773457] kmemleak: min_count = 1
[ 119.773461] kmemleak: count = 0
[ 119.773465] kmemleak: flags = 0x21
[ 119.773469] kmemleak: checksum = 0
[ 119.773473] kmemleak: backtrace:
[ 119.773476] pcpu_alloc_noprof+0x87a/0x1170
[ 119.773491] alloc_vfsmnt+0x135/0x6e0
[ 119.773506] vfs_create_mount.part.0+0x40/0x440
[ 119.773521] path_mount+0x1637/0x1dd0
[ 119.773533] __x64_sys_mount+0x27b/0x300
[ 119.773545] do_syscall_64+0xbf/0x360
[ 119.773554] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 119.810200] trace_irq_enable.constprop.0+0xa6/0x100
[ 119.810606] trace_hardirqs_on+0x26/0x40
[ 119.810929] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 119.811320] try_to_wake_up+0x8ae/0x11d0
[ 119.811647] ? __pfx_try_to_wake_up+0x10/0x10
[ 119.812009] ? plist_del+0x122/0x270
[ 119.812313] ? find_held_lock+0x2b/0x80
[ 119.812632] ? futex_wake+0x474/0x540
[ 119.812952] wake_up_q+0xa1/0x130
[ 119.813237] futex_wake+0x47e/0x540
[ 119.813533] ? __pfx_futex_wake+0x10/0x10
[ 119.813866] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 119.814271] ? lock_release+0xc8/0x290
[ 119.814584] do_futex+0x26d/0x370
[ 119.814864] ? __pfx_do_futex+0x10/0x10
[ 119.815183] __x64_sys_futex+0x1c9/0x4d0
[ 119.815511] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 119.815977] ? __pfx___x64_sys_futex+0x10/0x10
[ 119.816343] ? xfd_validate_state+0x55/0x180
[ 119.816702] do_syscall_64+0xbf/0x360
[ 119.817012] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 119.817419] RIP: 0033:0x7f9346eb4b19
[ 119.817717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 119.819126] RSP: 002b:00007f934442a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 119.819722] RAX: ffffffffffffffda RBX: 00007f9346fc7f68 RCX: 00007f9346eb4b19
[ 119.820276] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9346fc7f6c
[ 119.820840] RBP: 00007f9346fc7f60 R08: 000000000000000e R09: 0000000000000000
[ 119.821393] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f9346fc7f6c
[ 119.821948] R13: 00007ffdf24a7c4f R14: 00007f934442a300 R15: 0000000000022000
[ 119.822506]
[ 119.822695] Modules linked in:
[ 119.822955] ---[ end trace 0000000000000000 ]---
[ 119.823324] RIP: 0010:perf_tp_event+0x175/0xe70
[ 119.823696] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 119.825110] RSP: 0018:ffff888046397780 EFLAGS: 00010012
[ 119.825530] RAX: 0700000000000032 RBX: 37ffffffffffffa0 RCX: ffffc900093df000
[ 119.826084] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 3800000000000190
[ 119.826640] RBP: ffff8880463979f0 R08: ffff88806ce31340 R09: ffffe8ffffc16138
[ 119.827193] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000
[ 119.827749] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 119.828304] FS: 00007f934442a700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 119.828935] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 119.829393] CR2: 0000000020000640 CR3: 000000001f58d000 CR4: 0000000000350ef0
[ 119.829950] note: syz-executor.5[3947] exited with irqs disabled
[ 119.830552] Oops: general protection fault, probably for non-canonical address 0xe6fffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 119.831423] KASAN: maybe wild-memory-access in range [0x3800000000000190-0x3800000000000197]
[ 119.832082] CPU: 0 UID: 0 PID: 3947 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 119.833040] Tainted: [D]=DIE, [W]=WARN
[ 119.833347] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 119.833996] RIP: 0010:perf_tp_event+0x175/0xe70
[ 119.834383] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 119.835815] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012
[ 119.836239] RAX: 0700000000000032 RBX: 37ffffffffffffa0 RCX: ffffffff81898973
[ 119.836814] RDX: ffff8880164c1b80 RSI: ffffffff818995b7 RDI: 3800000000000190
[ 119.837382] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc16138
[ 119.837945] R10: 0000000000000000 R11: ffff88801792cc98 R12: dffffc0000000000
[ 119.838522] R13: 0000000000000000 R14: ffff88806ce313e8 R15: dffffc0000000000
[ 119.839085] FS: 00007f934442a700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 119.839738] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 119.840200] CR2: 0000000020000640 CR3: 000000001f58d000 CR4: 0000000000350ef0
[ 119.840780] Call Trace:
[ 119.840991]
[ 119.841174] ? __pfx_perf_tp_event+0x10/0x10
[ 119.841540] ? do_raw_spin_lock+0x123/0x260
[ 119.841894] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 119.842273] ? lock_acquire+0x18c/0x2f0
[ 119.842599] ? lock_release+0x1c7/0x290
[ 119.842916] ? do_raw_spin_unlock+0x53/0x220
[ 119.843272] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 119.843673] ? try_to_wake_up+0x128/0x11d0
[ 119.844020] ? do_raw_spin_lock+0x123/0x260
[ 119.844365] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 119.844746] ? perf_trace_run_bpf_submit+0xef/0x180
[ 119.845148] perf_trace_run_bpf_submit+0xef/0x180
[ 119.845538] perf_trace_preemptirq_template+0x259/0x430
[ 119.845964] ? read_tsc+0x9/0x20
[ 119.846242] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 119.846708] ? clockevents_program_event+0x135/0x360
[ 119.847112] ? tick_program_event+0xac/0x140
[ 119.847463] ? handle_softirqs+0x16e/0x770
[ 119.847806] trace_irq_enable.constprop.0+0xa6/0x100
[ 119.848205] trace_hardirqs_on+0x26/0x40
[ 119.848527] handle_softirqs+0x16e/0x770
[ 119.848863] __irq_exit_rcu+0xc4/0x100
[ 119.849180] irq_exit_rcu+0x9/0x20
[ 119.849464] sysvec_apic_timer_interrupt+0x70/0x80
[ 119.849856]
[ 119.850037]
[ 119.850218] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 119.850631] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 119.851005] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de
[ 119.852420] RSP: 0018:ffff888046397f28 EFLAGS: 00000246
[ 119.852843] RAX: 0000000000000001 RBX: ffff8880164c1b80 RCX: ffffffff817c2b86
[ 119.853398] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 119.853953] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 119.854506] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff8880164c1b80
[ 119.855058] R13: 0000000000000000 R14: e6fffc0000000032 R15: 0000000000000000
[ 119.855612] ? trace_irq_enable.constprop.0+0x26/0x100
[ 119.856022] ? make_task_dead+0x214/0x3b0
[ 119.856352] ? make_task_dead+0x214/0x3b0
[ 119.856682] ? do_syscall_64+0xbf/0x360
[ 119.857004] rewind_stack_and_make_dead+0x16/0x20
[ 119.857391] RIP: 0033:0x7f9346eb4b19
[ 119.857684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 119.859094] RSP: 002b:00007f934442a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 119.859685] RAX: ffffffffffffffda RBX: 00007f9346fc7f68 RCX: 00007f9346eb4b19
[ 119.860241] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9346fc7f6c
[ 119.860804] RBP: 00007f9346fc7f60 R08: 000000000000000e R09: 0000000000000000
[ 119.861361] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f9346fc7f6c
[ 119.861915] R13: 00007ffdf24a7c4f R14: 00007f934442a300 R15: 0000000000022000
[ 119.862476]
[ 119.862662] Modules linked in:
[ 119.862921] ---[ end trace 0000000000000000 ]---
[ 119.863287] RIP: 0010:perf_tp_event+0x175/0xe70
[ 119.863662] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 119.865072] RSP: 0018:ffff888046397780 EFLAGS: 00010012
[ 119.865487] RAX: 0700000000000032 RBX: 37ffffffffffffa0 RCX: ffffc900093df000
[ 119.866044] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 3800000000000190
[ 119.866598] RBP: ffff8880463979f0 R08: ffff88806ce31340 R09: ffffe8ffffc16138
[ 119.867155] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000
[ 119.867710] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 119.868268] FS: 00007f934442a700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 119.868897] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 119.869350] CR2: 0000000020000640 CR3: 000000001f58d000 CR4: 0000000000350ef0
[ 119.869916] Kernel panic - not syncing: Fatal exception in interrupt
[ 119.870624] Kernel Offset: disabled
[ 119.870919] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
10:27:42 Registers:
info registers vcpu 0
RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff828e3230 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880463970e0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=30376578302f4952
R12=0000000000000033 R13=ffffffff88724190 R14=ffffffff88724140 R15=ffffffff88724400
RIP=ffffffff828e3285 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f934442a700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe2c00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000000020000640 CR3=000000001f58d000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f9346f9b7c000007f9346f9b7c8
XMM02=00007f9346f9b7e000007f9346f9b7c0 XMM03=00007f9346f9b7c800007f9346f9b7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff888016d97ce0 RCX=ffffffff81a029c4 RDX=0000000000000007
RSI=00000000000001fd RDI=00000000000000c3 RBP=00000000000001fd RSP=ffff888016d97828
R8 =0000000000000000 R9 =fffff940001dd69e R10=0000000000000001 R11=1ffff1100d9e6f7b
R12=00000000000000c3 R13=0000000000000001 R14=ffff88800d123000 R15=00000000000000c2
RIP=ffffffff8173e1f8 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe6300000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f5314086910 CR3=00000000412d6000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000