Warning: Permanently added '[localhost]:3393' (ECDSA) to the list of known hosts.
2025/08/29 10:32:14 fuzzer started
2025/08/29 10:32:15 dialing manager at localhost:43077
syzkaller login: [ 49.913512] cgroup: Unknown subsys name 'net'
[ 50.016956] cgroup: Unknown subsys name 'cpuset'
[ 50.045331] cgroup: Unknown subsys name 'rlimit'
2025/08/29 10:32:26 syscalls: 2214
2025/08/29 10:32:26 code coverage: enabled
2025/08/29 10:32:26 comparison tracing: enabled
2025/08/29 10:32:26 extra coverage: enabled
2025/08/29 10:32:26 setuid sandbox: enabled
2025/08/29 10:32:26 namespace sandbox: enabled
2025/08/29 10:32:26 Android sandbox: enabled
2025/08/29 10:32:26 fault injection: enabled
2025/08/29 10:32:26 leak checking: enabled
2025/08/29 10:32:26 net packet injection: enabled
2025/08/29 10:32:26 net device setup: enabled
2025/08/29 10:32:26 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 10:32:26 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 10:32:26 USB emulation: enabled
2025/08/29 10:32:26 hci packet injection: enabled
2025/08/29 10:32:26 wifi device emulation: enabled
2025/08/29 10:32:26 802.15.4 emulation: enabled
2025/08/29 10:32:26 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 10:32:26 fetching corpus: 50, signal 22731/26227 (executing program)
2025/08/29 10:32:26 fetching corpus: 100, signal 31312/36271 (executing program)
2025/08/29 10:32:26 fetching corpus: 150, signal 44303/50330 (executing program)
2025/08/29 10:32:26 fetching corpus: 200, signal 47452/54800 (executing program)
2025/08/29 10:32:26 fetching corpus: 250, signal 52235/60702 (executing program)
2025/08/29 10:32:26 fetching corpus: 300, signal 55331/64981 (executing program)
2025/08/29 10:32:26 fetching corpus: 350, signal 61361/71830 (executing program)
2025/08/29 10:32:26 fetching corpus: 400, signal 65663/77035 (executing program)
2025/08/29 10:32:26 fetching corpus: 450, signal 68653/80905 (executing program)
2025/08/29 10:32:26 fetching corpus: 500, signal 72183/85225 (executing program)
2025/08/29 10:32:27 fetching corpus: 550, signal 75912/89668 (executing program)
2025/08/29 10:32:27 fetching corpus: 600, signal 78258/92843 (executing program)
2025/08/29 10:32:27 fetching corpus: 650, signal 80851/96146 (executing program)
2025/08/29 10:32:27 fetching corpus: 700, signal 82897/98923 (executing program)
2025/08/29 10:32:27 fetching corpus: 749, signal 85721/102310 (executing program)
2025/08/29 10:32:27 fetching corpus: 799, signal 87506/104778 (executing program)
2025/08/29 10:32:27 fetching corpus: 849, signal 89400/107291 (executing program)
2025/08/29 10:32:27 fetching corpus: 899, signal 90777/109384 (executing program)
2025/08/29 10:32:27 fetching corpus: 949, signal 92731/111874 (executing program)
2025/08/29 10:32:27 fetching corpus: 999, signal 94722/114371 (executing program)
2025/08/29 10:32:27 fetching corpus: 1049, signal 96189/116437 (executing program)
2025/08/29 10:32:28 fetching corpus: 1099, signal 98847/119273 (executing program)
2025/08/29 10:32:28 fetching corpus: 1149, signal 100184/121178 (executing program)
2025/08/29 10:32:28 fetching corpus: 1199, signal 102141/123397 (executing program)
2025/08/29 10:32:28 fetching corpus: 1249, signal 104233/125722 (executing program)
2025/08/29 10:32:28 fetching corpus: 1299, signal 105729/127597 (executing program)
2025/08/29 10:32:28 fetching corpus: 1349, signal 107166/129400 (executing program)
2025/08/29 10:32:28 fetching corpus: 1399, signal 108255/130866 (executing program)
2025/08/29 10:32:28 fetching corpus: 1449, signal 109379/132371 (executing program)
2025/08/29 10:32:28 fetching corpus: 1499, signal 110347/133822 (executing program)
2025/08/29 10:32:28 fetching corpus: 1549, signal 111627/135385 (executing program)
2025/08/29 10:32:29 fetching corpus: 1599, signal 112602/136752 (executing program)
2025/08/29 10:32:29 fetching corpus: 1649, signal 113421/137979 (executing program)
2025/08/29 10:32:29 fetching corpus: 1699, signal 114784/139533 (executing program)
2025/08/29 10:32:29 fetching corpus: 1749, signal 116093/141074 (executing program)
2025/08/29 10:32:29 fetching corpus: 1799, signal 117341/142501 (executing program)
2025/08/29 10:32:29 fetching corpus: 1849, signal 118091/143666 (executing program)
2025/08/29 10:32:29 fetching corpus: 1899, signal 119358/145047 (executing program)
2025/08/29 10:32:29 fetching corpus: 1949, signal 120731/146437 (executing program)
2025/08/29 10:32:29 fetching corpus: 1999, signal 121808/147611 (executing program)
2025/08/29 10:32:29 fetching corpus: 2049, signal 122642/148649 (executing program)
2025/08/29 10:32:29 fetching corpus: 2099, signal 123517/149681 (executing program)
2025/08/29 10:32:30 fetching corpus: 2149, signal 124847/150942 (executing program)
2025/08/29 10:32:30 fetching corpus: 2199, signal 125642/151941 (executing program)
2025/08/29 10:32:30 fetching corpus: 2249, signal 126297/152890 (executing program)
2025/08/29 10:32:30 fetching corpus: 2299, signal 127155/153959 (executing program)
2025/08/29 10:32:30 fetching corpus: 2349, signal 128980/155318 (executing program)
2025/08/29 10:32:30 fetching corpus: 2399, signal 130331/156412 (executing program)
2025/08/29 10:32:30 fetching corpus: 2449, signal 131147/157346 (executing program)
2025/08/29 10:32:30 fetching corpus: 2499, signal 132132/158292 (executing program)
2025/08/29 10:32:30 fetching corpus: 2549, signal 133004/159150 (executing program)
2025/08/29 10:32:30 fetching corpus: 2599, signal 133943/160011 (executing program)
2025/08/29 10:32:31 fetching corpus: 2649, signal 135088/160914 (executing program)
2025/08/29 10:32:31 fetching corpus: 2699, signal 136224/161828 (executing program)
2025/08/29 10:32:31 fetching corpus: 2749, signal 137306/162706 (executing program)
2025/08/29 10:32:31 fetching corpus: 2799, signal 137775/163331 (executing program)
2025/08/29 10:32:31 fetching corpus: 2849, signal 138705/164047 (executing program)
2025/08/29 10:32:31 fetching corpus: 2899, signal 139693/164849 (executing program)
2025/08/29 10:32:31 fetching corpus: 2949, signal 140393/165552 (executing program)
2025/08/29 10:32:31 fetching corpus: 2999, signal 140906/166134 (executing program)
2025/08/29 10:32:31 fetching corpus: 3049, signal 141281/166660 (executing program)
2025/08/29 10:32:31 fetching corpus: 3099, signal 142120/167264 (executing program)
2025/08/29 10:32:32 fetching corpus: 3149, signal 142899/167875 (executing program)
2025/08/29 10:32:32 fetching corpus: 3199, signal 143508/168448 (executing program)
2025/08/29 10:32:32 fetching corpus: 3249, signal 144038/168971 (executing program)
2025/08/29 10:32:32 fetching corpus: 3299, signal 144564/169491 (executing program)
2025/08/29 10:32:32 fetching corpus: 3349, signal 145076/169981 (executing program)
2025/08/29 10:32:32 fetching corpus: 3399, signal 145635/170469 (executing program)
2025/08/29 10:32:32 fetching corpus: 3449, signal 146226/170937 (executing program)
2025/08/29 10:32:32 fetching corpus: 3499, signal 146744/171410 (executing program)
2025/08/29 10:32:32 fetching corpus: 3549, signal 147162/171840 (executing program)
2025/08/29 10:32:32 fetching corpus: 3599, signal 147796/172377 (executing program)
2025/08/29 10:32:33 fetching corpus: 3649, signal 148293/172825 (executing program)
2025/08/29 10:32:33 fetching corpus: 3699, signal 150242/173438 (executing program)
2025/08/29 10:32:33 fetching corpus: 3749, signal 150714/173925 (executing program)
2025/08/29 10:32:33 fetching corpus: 3799, signal 151154/174270 (executing program)
2025/08/29 10:32:33 fetching corpus: 3849, signal 151657/174632 (executing program)
2025/08/29 10:32:33 fetching corpus: 3899, signal 152438/175006 (executing program)
2025/08/29 10:32:33 fetching corpus: 3949, signal 153271/175490 (executing program)
2025/08/29 10:32:33 fetching corpus: 3999, signal 153771/175797 (executing program)
2025/08/29 10:32:33 fetching corpus: 4049, signal 154331/176109 (executing program)
2025/08/29 10:32:33 fetching corpus: 4099, signal 154742/176396 (executing program)
2025/08/29 10:32:33 fetching corpus: 4149, signal 155270/176642 (executing program)
2025/08/29 10:32:34 fetching corpus: 4199, signal 155883/176982 (executing program)
2025/08/29 10:32:34 fetching corpus: 4249, signal 156482/177335 (executing program)
2025/08/29 10:32:34 fetching corpus: 4299, signal 157140/177438 (executing program)
2025/08/29 10:32:34 fetching corpus: 4349, signal 157501/177443 (executing program)
2025/08/29 10:32:34 fetching corpus: 4399, signal 157922/177447 (executing program)
2025/08/29 10:32:34 fetching corpus: 4449, signal 158501/177515 (executing program)
2025/08/29 10:32:34 fetching corpus: 4499, signal 159008/177565 (executing program)
2025/08/29 10:32:34 fetching corpus: 4549, signal 159261/177566 (executing program)
2025/08/29 10:32:34 fetching corpus: 4599, signal 159725/177581 (executing program)
2025/08/29 10:32:34 fetching corpus: 4649, signal 160002/177598 (executing program)
2025/08/29 10:32:35 fetching corpus: 4699, signal 160290/177600 (executing program)
2025/08/29 10:32:35 fetching corpus: 4749, signal 160633/177612 (executing program)
2025/08/29 10:32:35 fetching corpus: 4799, signal 161181/177640 (executing program)
2025/08/29 10:32:35 fetching corpus: 4849, signal 161559/177642 (executing program)
2025/08/29 10:32:35 fetching corpus: 4899, signal 162075/177643 (executing program)
2025/08/29 10:32:35 fetching corpus: 4949, signal 162529/177652 (executing program)
2025/08/29 10:32:35 fetching corpus: 4999, signal 162978/177655 (executing program)
2025/08/29 10:32:35 fetching corpus: 5049, signal 163428/177662 (executing program)
2025/08/29 10:32:35 fetching corpus: 5099, signal 163885/177686 (executing program)
2025/08/29 10:32:35 fetching corpus: 5149, signal 164324/177707 (executing program)
2025/08/29 10:32:35 fetching corpus: 5199, signal 164709/177745 (executing program)
2025/08/29 10:32:35 fetching corpus: 5249, signal 165240/177745 (executing program)
2025/08/29 10:32:36 fetching corpus: 5299, signal 165580/177745 (executing program)
2025/08/29 10:32:36 fetching corpus: 5349, signal 165828/177763 (executing program)
2025/08/29 10:32:36 fetching corpus: 5399, signal 166139/177766 (executing program)
2025/08/29 10:32:36 fetching corpus: 5449, signal 166537/177768 (executing program)
2025/08/29 10:32:36 fetching corpus: 5499, signal 166862/177786 (executing program)
2025/08/29 10:32:36 fetching corpus: 5549, signal 167291/177787 (executing program)
2025/08/29 10:32:36 fetching corpus: 5599, signal 167794/177791 (executing program)
2025/08/29 10:32:36 fetching corpus: 5649, signal 168207/177807 (executing program)
2025/08/29 10:32:36 fetching corpus: 5699, signal 168715/177915 (executing program)
2025/08/29 10:32:36 fetching corpus: 5749, signal 169113/177923 (executing program)
2025/08/29 10:32:36 fetching corpus: 5799, signal 169400/177945 (executing program)
2025/08/29 10:32:37 fetching corpus: 5849, signal 170177/177946 (executing program)
2025/08/29 10:32:37 fetching corpus: 5899, signal 170521/177983 (executing program)
2025/08/29 10:32:37 fetching corpus: 5949, signal 170807/177992 (executing program)
2025/08/29 10:32:37 fetching corpus: 5999, signal 171019/178006 (executing program)
2025/08/29 10:32:37 fetching corpus: 6049, signal 171256/178011 (executing program)
2025/08/29 10:32:37 fetching corpus: 6099, signal 171723/178011 (executing program)
2025/08/29 10:32:37 fetching corpus: 6149, signal 172181/178023 (executing program)
2025/08/29 10:32:37 fetching corpus: 6199, signal 172504/178023 (executing program)
2025/08/29 10:32:37 fetching corpus: 6249, signal 172798/178067 (executing program)
2025/08/29 10:32:37 fetching corpus: 6299, signal 173263/178107 (executing program)
2025/08/29 10:32:37 fetching corpus: 6349, signal 173582/178112 (executing program)
2025/08/29 10:32:38 fetching corpus: 6399, signal 173881/178122 (executing program)
2025/08/29 10:32:38 fetching corpus: 6449, signal 174137/178122 (executing program)
2025/08/29 10:32:38 fetching corpus: 6499, signal 174459/178123 (executing program)
2025/08/29 10:32:38 fetching corpus: 6549, signal 174829/178129 (executing program)
2025/08/29 10:32:38 fetching corpus: 6599, signal 175196/178131 (executing program)
2025/08/29 10:32:38 fetching corpus: 6637, signal 175549/178140 (executing program)
2025/08/29 10:32:38 fetching corpus: 6637, signal 175549/178140 (executing program)
2025/08/29 10:32:40 starting 8 fuzzer processes
10:32:40 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0)
write$binfmt_aout(r0, &(0x7f00000003c0)={{}, "", ['\x00']}, 0x120)
ftruncate(r0, 0x0)
10:32:40 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x4, &(0x7f0000001bc0))
10:32:40 executing program 6:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r0, 0x80083313, &(0x7f0000000000))
10:32:40 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCGSID(r0, 0x5429, 0x0)
10:32:40 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
10:32:40 executing program 4:
times(0x0)
10:32:40 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/tcp6\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0)
10:32:40 executing program 5:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
[ 75.547712] audit: type=1400 audit(1756463561.062:7): avc: denied { execmem } for pid=273 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 76.818526] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 76.821330] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 76.823050] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 76.825372] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 76.826928] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 76.828953] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 76.831047] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 76.833104] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 76.834739] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 76.834877] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 76.840142] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 76.840386] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 76.842456] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 76.845313] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 76.845374] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 76.849112] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 76.855306] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 76.856740] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 76.857956] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 76.858017] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 76.859657] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 76.863630] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 76.865884] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 76.869490] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 76.871227] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 76.874381] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 76.877431] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 76.878980] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 76.882407] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 76.887179] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 76.889539] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 76.891206] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 76.893499] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 76.898110] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 76.903445] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 76.906144] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 76.951137] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 76.960939] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 76.965905] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 76.971076] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 78.950195] Bluetooth: hci2: command tx timeout
[ 78.950897] Bluetooth: hci1: command tx timeout
[ 78.951438] Bluetooth: hci6: command tx timeout
[ 78.952082] Bluetooth: hci5: command tx timeout
[ 78.952617] Bluetooth: hci4: command tx timeout
[ 79.014272] Bluetooth: hci7: command tx timeout
[ 79.015678] Bluetooth: hci3: command tx timeout
[ 79.016323] Bluetooth: hci0: command tx timeout
[ 80.998116] Bluetooth: hci6: command tx timeout
[ 80.998616] Bluetooth: hci4: command tx timeout
[ 80.999217] Bluetooth: hci5: command tx timeout
[ 80.999623] Bluetooth: hci1: command tx timeout
[ 81.000300] Bluetooth: hci2: command tx timeout
[ 81.063079] Bluetooth: hci3: command tx timeout
[ 81.063554] Bluetooth: hci0: command tx timeout
[ 81.064851] Bluetooth: hci7: command tx timeout
[ 83.047847] Bluetooth: hci6: command tx timeout
[ 83.048659] Bluetooth: hci2: command tx timeout
[ 83.049469] Bluetooth: hci1: command tx timeout
[ 83.050254] Bluetooth: hci5: command tx timeout
[ 83.051033] Bluetooth: hci4: command tx timeout
[ 83.109864] Bluetooth: hci3: command tx timeout
[ 83.110640] Bluetooth: hci0: command tx timeout
[ 83.111447] Bluetooth: hci7: command tx timeout
[ 85.094259] Bluetooth: hci5: command tx timeout
[ 85.095300] Bluetooth: hci4: command tx timeout
[ 85.096175] Bluetooth: hci2: command tx timeout
[ 85.097075] Bluetooth: hci1: command tx timeout
[ 85.097994] Bluetooth: hci6: command tx timeout
[ 85.157866] Bluetooth: hci0: command tx timeout
[ 85.158729] Bluetooth: hci7: command tx timeout
[ 85.159541] Bluetooth: hci3: command tx timeout
[ 118.012542] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.013222] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.075542] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.076201] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.200330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.200963] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.301754] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.302721] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.348525] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.349169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.475811] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.476454] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.527521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.528426] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.563646] Bluetooth: hci7: Received unexpected HCI Event 0x00
[ 118.581985] Bluetooth: hci7: Received unexpected HCI Event 0x00
10:33:24 executing program 5:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
[ 118.674124] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.674717] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.694175] Bluetooth: hci7: Received unexpected HCI Event 0x00
10:33:24 executing program 5:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
[ 118.788931] Bluetooth: hci7: Received unexpected HCI Event 0x00
[ 118.797542] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.798134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.809898] audit: type=1400 audit(1756463604.327:8): avc: denied { open } for pid=3853 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 118.814210] audit: type=1400 audit(1756463604.327:9): avc: denied { kernel } for pid=3853 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 118.816205] mmap: syz-executor.3 (3854) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
10:33:24 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
10:33:24 executing program 5:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
[ 118.925126] Bluetooth: hci7: Received unexpected HCI Event 0x00
10:33:24 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/tcp6\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0)
[ 118.981670] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.982266] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:33:24 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
10:33:24 executing program 5:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
10:33:24 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/tcp6\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0)
[ 119.047981] Bluetooth: hci7: Received unexpected HCI Event 0x00
[ 119.069715] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.070420] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.133366] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.134349] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.183850] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.184636] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.265418] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.266689] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.484045] random: crng reseeded on system resumption
[ 119.490237] random: crng reseeded on system resumption
[ 119.824811] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.825417] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.845698] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.846370] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:33:25 executing program 2:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
10:33:25 executing program 6:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
10:33:25 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/tcp6\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0)
10:33:25 executing program 4:
times(0x0)
10:33:25 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x4, &(0x7f0000001bc0))
10:33:25 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCGSID(r0, 0x5429, 0x0)
10:33:25 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
10:33:25 executing program 5:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
[ 119.976624] Bluetooth: hci7: Received unexpected HCI Event 0x00
10:33:25 executing program 4:
times(0x0)
[ 120.006914] Bluetooth: hci6: Received unexpected HCI Event 0x00
[ 120.028423] Bluetooth: hci5: Received unexpected HCI Event 0x00
10:33:25 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCGSID(r0, 0x5429, 0x0)
10:33:25 executing program 5:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
[ 120.113541] Bluetooth: hci7: Received unexpected HCI Event 0x00
10:33:25 executing program 2:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
10:33:25 executing program 7:
syz_emit_ethernet(0x2a, &(0x7f0000000300)={@local, @multicast, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @private, @multicast1}, {0x0, 0x0, 0x0, @dev}}}}}, 0x0)
10:33:25 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x4, &(0x7f0000001bc0))
10:33:25 executing program 6:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
10:33:25 executing program 5:
signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x40800)
10:33:25 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@getspdinfo={0x14, 0x1c, 0x1}, 0x14}}, 0x0)
10:33:25 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCGSID(r0, 0x5429, 0x0)
10:33:25 executing program 4:
times(0x0)
[ 120.204001] Bluetooth: hci5: Received unexpected HCI Event 0x00
[ 120.234368] kmemleak: Found object by alias at 0x607f1a63360c
[ 120.234384] CPU: 0 UID: 0 PID: 3941 Comm: syz-executor.4 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 120.234403] Tainted: [W]=WARN
[ 120.234406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 120.234413] Call Trace:
[ 120.234417]
[ 120.234422] dump_stack_lvl+0xca/0x120
[ 120.234448] __lookup_object+0x94/0xb0
[ 120.234465] delete_object_full+0x27/0x70
[ 120.234480] free_percpu+0x30/0x1160
[ 120.234497] ? arch_uprobe_clear_state+0x16/0x140
[ 120.234517] futex_hash_free+0x38/0xc0
[ 120.234531] mmput+0x2d3/0x390
[ 120.234549] do_exit+0x79d/0x2970
[ 120.234563] ? lock_release+0xc8/0x290
[ 120.234579] ? __pfx_do_exit+0x10/0x10
[ 120.234593] ? find_held_lock+0x2b/0x80
[ 120.234609] ? get_signal+0x835/0x2340
[ 120.234629] do_group_exit+0xd3/0x2a0
[ 120.234644] get_signal+0x2315/0x2340
[ 120.234666] ? __pfx_get_signal+0x10/0x10
[ 120.234681] ? do_futex+0x135/0x370
[ 120.234695] ? __pfx_do_futex+0x10/0x10
[ 120.234710] arch_do_signal_or_restart+0x80/0x790
[ 120.234727] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 120.234743] ? __x64_sys_futex+0x1c9/0x4d0
[ 120.234755] ? __x64_sys_futex+0x1d2/0x4d0
[ 120.234773] ? exc_page_fault+0xb0/0x180
[ 120.234789] ? __pfx___x64_sys_futex+0x10/0x10
[ 120.234802] ? __pfx___x64_sys_times+0x10/0x10
[ 120.234818] exit_to_user_mode_loop+0x8b/0x110
[ 120.234831] do_syscall_64+0x2f7/0x360
[ 120.234843] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.234855] RIP: 0033:0x7f080f75db19
[ 120.234864] Code: Unable to access opcode bytes at 0x7f080f75daef.
[ 120.234869] RSP: 002b:00007f080ccd3218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 120.234880] RAX: fffffffffffffe00 RBX: 00007f080f870f68 RCX: 00007f080f75db19
[ 120.234887] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f080f870f68
[ 120.234894] RBP: 00007f080f870f60 R08: 0000000000000000 R09: 0000000000000000
[ 120.234901] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f080f870f6c
[ 120.234908] R13: 00007ffc2b1354df R14: 00007f080ccd3300 R15: 0000000000022000
[ 120.234924]
[ 120.234927] kmemleak: Object (percpu) 0x607f1a633608 (size 8):
[ 120.234934] kmemleak: comm "syz-executor.0", pid 3948, jiffies 4294786877
[ 120.234941] kmemleak: min_count = 1
[ 120.234945] kmemleak: count = 0
[ 120.234948] kmemleak: flags = 0x21
[ 120.234952] kmemleak: checksum = 0
[ 120.234956] kmemleak: backtrace:
[ 120.234959] pcpu_alloc_noprof+0x87a/0x1170
[ 120.234974] perf_trace_event_init+0x366/0xa10
[ 120.234988] perf_trace_init+0x1a4/0x2f0
[ 120.234999] perf_tp_event_init+0xa6/0x120
[ 120.235014] perf_try_init_event+0x140/0x9f0
[ 120.235027] perf_event_alloc.part.0+0x118e/0x45f0
[ 120.235043] __do_sys_perf_event_open+0x719/0x2c20
[ 120.235055] do_syscall_64+0xbf/0x360
[ 120.235064] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.272641] Bluetooth: hci6: Received unexpected HCI Event 0x00
10:33:25 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@getspdinfo={0x14, 0x1c, 0x1}, 0x14}}, 0x0)
10:33:25 executing program 5:
signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x40800)
10:33:25 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x0)
syz_80211_join_ibss(&(0x7f0000000080)='wlan1\x00', 0x0, 0x0, 0x0)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, 0x0, 0x0)
10:33:25 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x4, &(0x7f0000001bc0))
10:33:25 executing program 7:
syz_emit_ethernet(0x2a, &(0x7f0000000300)={@local, @multicast, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @private, @multicast1}, {0x0, 0x0, 0x0, @dev}}}}}, 0x0)
10:33:25 executing program 2:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
10:33:25 executing program 6:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c9e012000e000520153f0a0003000010b90007000400"], 0x17)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03c80024d0a4f59906c11a26eaec30126ea2650838b69877c8fa4b2915a255a1000801000700a23b012515fc1a260979e1003e5ec1134905ae3527ff6192"], 0x3e)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x1a)
init_module(0x0, 0xfffc2, 0x0)
init_module(&(0x7f0000000180)='9u\x10\xac`)\xbe\a\xb2<^{}\xdc)\x00', 0xc, &(0x7f0000000200)='-\x00\x02T\xb0V>\x8d\x99\xcb\x94\xd5\xb0\x01\x98\x01\xa5x\xf7v8q\xf1P\xf4(\x7f\xbc\r\x1e$\r\xcf\'\x8aGQR`\xad\x1fT\xfc\x1a\x06\xe7\xb8vva\x11\xb7\x19\xd8\xc9\xa35D\xf6g\xa2\x8fU<\xcc\x01\x9b~2\x12\xc3y\x87>\xbc\xbd\xf8\xc7\x86\xaa\xcaHv)l\xc4\x1b$\x8e}\x03\x00,')
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x406}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES64], 0x9)
r1 = syz_open_dev$vcsa(&(0x7f0000000400), 0x8, 0x40000)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000440)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000700000000"], 0x6)
syz_open_dev$vcsa(&(0x7f00000000c0), 0x1ff0000000000000, 0x200000)
bind$802154_dgram(r0, &(0x7f00000001c0)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0xfffffffffffffe78)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000200)={0x81, 0x0, 0x40})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000600))
syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb8}, "d133c9e09cc40737df92573b1a92858ddbbec0d4db659b3492aa8d5c8c20b4d42ea8c08637dea9f54deb236116de135f75e9aecd02db1587641c58a591cb3d4fc86475e0a748b4683d76e41f04444e6080d0dbf85f9325de44a36cc630d66a51438b12e2ca5c5a064094988853d562ff7b4fd17598b2990c7c2588f7790c00bb9d288b1776dc401022626fb5cff26509372de57addd5530615adc98ad0cf6a422e0be3a6bc8ba64b8e4de6fb197d89b9ac4a04b63ed76a3a"}, 0xbc)
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa)
close_range(r2, r1, 0x0)
10:33:25 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)={0x14, r1, 0x1, 0x0, 0x0, {0x2c}}, 0x14}}, 0x0)
[ 120.381976] Bluetooth: hci5: Received unexpected HCI Event 0x00
[ 120.420447] Bluetooth: hci6: Received unexpected HCI Event 0x00
[ 120.431678] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 120.432770] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 120.433408] CPU: 0 UID: 0 PID: 3963 Comm: syz-executor.2 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 120.435103] Tainted: [W]=WARN
[ 120.436054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 120.438033] RIP: 0010:perf_tp_event+0x175/0xe70
[ 120.439672] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 120.443572] RSP: 0018:ffff88801915f780 EFLAGS: 00010012
[ 120.444006] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 120.444596] RDX: ffff8880162e8000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 120.445215] RBP: ffff88801915f9f0 R08: ffff88806ce31340 R09: ffffe8ffffc10608
[ 120.445949] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 120.446578] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 120.447161] FS: 0000555565751400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 120.447812] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 120.448297] CR2: 0000001b2cf2b000 CR3: 000000001a1e3000 CR4: 0000000000350ef0
[ 120.448871] Call Trace:
[ 120.449082]
[ 120.449270] ? __ext4_journal_stop+0xe2/0x1f0
[ 120.449644] ? ext4_dirty_inode+0xf1/0x130
[ 120.450068] ? __mark_inode_dirty+0x1b7/0xd00
[ 120.450544] ? do_user_addr_fault+0x4fa/0xeb0
[ 120.451020] ? __pfx_perf_tp_event+0x10/0x10
[ 120.451390] ? lock_acquire+0x15e/0x2f0
[ 120.451724] ? __virt_addr_valid+0x1c6/0x5d0
[ 120.452214] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 120.452804] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 120.453290] ? __lock_acquire+0x694/0x1b70
[ 120.453708] ? __lock_acquire+0xc65/0x1b70
[ 120.454160] ? page_ref_add_unless.constprop.0+0x25/0x390
[ 120.454653] ? perf_trace_run_bpf_submit+0xef/0x180
[ 120.455068] perf_trace_run_bpf_submit+0xef/0x180
[ 120.455505] perf_trace_preemptirq_template+0x259/0x430
[ 120.456060] ? trace_sched_set_need_resched_tp+0xd4/0x110
[ 120.456597] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 120.457085] ? __pfx___resched_curr+0x10/0x10
[ 120.457463] ? find_held_lock+0x2b/0x80
[ 120.457861] ? try_to_wake_up+0x8ae/0x11d0
[ 120.458321] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 120.458794] trace_irq_enable.constprop.0+0xa6/0x100
[ 120.459214] trace_hardirqs_on+0x26/0x40
[ 120.459547] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 120.459955] try_to_wake_up+0x8ae/0x11d0
[ 120.460311] ? __pfx_try_to_wake_up+0x10/0x10
[ 120.460779] ? plist_del+0x122/0x270
[ 120.461176] ? find_held_lock+0x2b/0x80
[ 120.461603] ? futex_wake+0x474/0x540
[ 120.461928] wake_up_q+0xa1/0x130
[ 120.462223] futex_wake+0x47e/0x540
[ 120.462527] ? __pfx_futex_wake+0x10/0x10
[ 120.462868] ? __handle_mm_fault+0x753/0x3260
[ 120.463249] ? __lock_acquire+0x694/0x1b70
[ 120.463598] do_futex+0x26d/0x370
[ 120.463891] ? __pfx_do_futex+0x10/0x10
[ 120.464304] ? find_held_lock+0x2b/0x80
[ 120.464734] __x64_sys_futex+0x1c9/0x4d0
[ 120.465163] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 120.465687] ? __pfx___x64_sys_futex+0x10/0x10
[ 120.466070] do_syscall_64+0xbf/0x360
[ 120.466382] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.466874] RIP: 0033:0x7fb772b4ab19
[ 120.467259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 120.468875] RSP: 002b:00007ffe1297b9b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 120.469621] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb772b4ab19
[ 120.470206] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb772c5df68
[ 120.470859] RBP: 00007fb772c5df60 R08: 0000000000000007 R09: 0000000000000000
[ 120.471586] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb772c62870
[ 120.472182] R13: 00007ffe1297bac0 R14: 00007fb772c5df60 R15: 000000000001d595
[ 120.472786]
[ 120.473032] Modules linked in:
[ 120.473375] ---[ end trace 0000000000000000 ]---
[ 120.473814] RIP: 0010:perf_tp_event+0x175/0xe70
[ 120.474203] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 120.475669] RSP: 0018:ffff88801915f780 EFLAGS: 00010012
[ 120.476112] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 120.476715] RDX: ffff8880162e8000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 120.477328] RBP: ffff88801915f9f0 R08: ffff88806ce31340 R09: ffffe8ffffc10608
[ 120.477955] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 120.478564] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 120.479178] FS: 0000555565751400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 120.479886] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 120.480409] CR2: 0000001b2cf2b000 CR3: 000000001a1e3000 CR4: 0000000000350ef0
[ 120.481067] note: syz-executor.2[3963] exited with irqs disabled
[ 120.481748] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 120.482756] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 120.483483] CPU: 0 UID: 0 PID: 3963 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 120.484603] Tainted: [D]=DIE, [W]=WARN
[ 120.484914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 120.485560] RIP: 0010:perf_tp_event+0x175/0xe70
[ 120.485939] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 120.487365] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012
[ 120.487791] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 120.488427] RDX: ffff8880162e8000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 120.488957] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc10608
[ 120.489482] R10: 0000000000000000 R11: ffff88801a33f898 R12: dffffc0000000000
[ 120.490009] R13: 0000000000000014 R14: ffff88806ce313e8 R15: dffffc0000000000
[ 120.490536] FS: 0000555565751400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 120.491125] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 120.491555] CR2: 0000001b2cf2b000 CR3: 000000001a1e3000 CR4: 0000000000350ef0
[ 120.492090] Call Trace:
[ 120.492298]
[ 120.492468] ? __pfx_perf_tp_event+0x10/0x10
[ 120.492805] ? trace_pelt_se_tp+0xdf/0x130
[ 120.493123] ? do_raw_spin_lock+0x123/0x260
[ 120.493450] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 120.493801] ? lock_acquire+0x18c/0x2f0
[ 120.494101] ? update_cfs_group+0x11d/0x260
[ 120.494423] ? lock_release+0x1c7/0x290
[ 120.494724] ? do_raw_spin_unlock+0x53/0x220
[ 120.495056] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 120.495437] ? try_to_wake_up+0x128/0x11d0
[ 120.495756] ? do_raw_spin_lock+0x123/0x260
[ 120.496091] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 120.496470] ? perf_trace_run_bpf_submit+0xef/0x180
[ 120.496854] perf_trace_run_bpf_submit+0xef/0x180
[ 120.497219] perf_trace_preemptirq_template+0x259/0x430
[ 120.497622] ? read_tsc+0x9/0x20
[ 120.497885] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 120.498326] ? clockevents_program_event+0x135/0x360
[ 120.498707] ? tick_program_event+0xac/0x140
[ 120.499038] ? handle_softirqs+0x16e/0x770
[ 120.499361] trace_irq_enable.constprop.0+0xa6/0x100
[ 120.499737] trace_hardirqs_on+0x26/0x40
[ 120.500040] handle_softirqs+0x16e/0x770
[ 120.500372] __irq_exit_rcu+0xc4/0x100
[ 120.500671] irq_exit_rcu+0x9/0x20
[ 120.500938] sysvec_apic_timer_interrupt+0x70/0x80
[ 120.501307]
[ 120.501478]
[ 120.501650] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 120.502038] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 120.502388] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de
[ 120.503709] RSP: 0018:ffff88801915ff28 EFLAGS: 00000246
[ 120.504114] RAX: 0000000000000001 RBX: ffff8880162e8000 RCX: ffffffff817c2b86
[ 120.504648] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 120.505171] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 120.505693] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff8880162e8000
[ 120.506215] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[ 120.506739] ? trace_irq_enable.constprop.0+0x26/0x100
[ 120.507126] ? make_task_dead+0x214/0x3b0
[ 120.507439] ? make_task_dead+0x214/0x3b0
[ 120.507750] ? do_syscall_64+0xbf/0x360
[ 120.508047] rewind_stack_and_make_dead+0x16/0x20
[ 120.508428] RIP: 0033:0x7fb772b4ab19
[ 120.508706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 120.510025] RSP: 002b:00007ffe1297b9b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 120.510582] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb772b4ab19
[ 120.511106] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb772c5df68
[ 120.511630] RBP: 00007fb772c5df60 R08: 0000000000000007 R09: 0000000000000000
[ 120.512167] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb772c62870
[ 120.512691] R13: 00007ffe1297bac0 R14: 00007fb772c5df60 R15: 000000000001d595
[ 120.513221]
[ 120.513404] Modules linked in:
[ 120.513648] ---[ end trace 0000000000000000 ]---
[ 120.514002] RIP: 0010:perf_tp_event+0x175/0xe70
[ 120.514365] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 120.515752] RSP: 0018:ffff88801915f780 EFLAGS: 00010012
[ 120.516199] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 120.516764] RDX: ffff8880162e8000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 120.517325] RBP: ffff88801915f9f0 R08: ffff88806ce31340 R09: ffffe8ffffc10608
[ 120.517890] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 120.518453] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 120.519017] FS: 0000555565751400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 120.519651] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 120.520169] CR2: 0000001b2cf2b000 CR3: 000000001a1e3000 CR4: 0000000000350ef0
[ 120.520740] Kernel panic - not syncing: Fatal exception in interrupt
[ 120.521506] Kernel Offset: disabled
[ 120.521801] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
10:33:26 Registers:
info registers vcpu 0
RAX=000000000000005f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff88801915f0d8
R8 =0000000000000000 R9 =ffffed10015d7046 R10=000000000000005f R11=30376578302f4952
R12=000000000000005f R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555565751400 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe2400000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2cf2b000 CR3=000000001a1e3000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000ff00000000000000000000000000 XMM01=0000010000ff00000000000000000000
XMM02=6172665f7463656a6e695f3131323038 XMM03=000000000000006a6e695f3131323038
XMM04=253d7367726100656d6172665f746365 XMM05=f8bdbc3e8779c312327e9b01cc3c558f
XMM06=a267f64435a3c9d819b711617676b8e7 XMM07=061afc541fad605251478a27cf0d241e
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88806ce3de00 RCX=ffffffff816880fc RDX=ffff888045849b80
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888044f1eec8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1
R12=ffffed100d9c7bc1 R13=ffff88806ce3de08 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f7548ad1700 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe4000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f7548b5d180 CR3=000000000ba4f000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ff000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=ef63d2b7339aa72c00000000001542d8 XMM05=d3fdd5f48436fbd700000000000aead0
XMM06=23a65338222ed9be00000000000ae988 XMM07=a1fcdcf819d7e1e500000000000ae728
XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000
XMM10=00000000000000000020000020000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000