Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:4117' (ECDSA) to the list of known hosts.
2025/08/29 11:29:21 fuzzer started
2025/08/29 11:29:22 dialing manager at localhost:43077
syzkaller login: [   50.666759] cgroup: Unknown subsys name 'net'
[   50.720248] cgroup: Unknown subsys name 'cpuset'
[   50.730281] cgroup: Unknown subsys name 'rlimit'
2025/08/29 11:29:32 syscalls: 2214
2025/08/29 11:29:32 code coverage: enabled
2025/08/29 11:29:32 comparison tracing: enabled
2025/08/29 11:29:32 extra coverage: enabled
2025/08/29 11:29:32 setuid sandbox: enabled
2025/08/29 11:29:32 namespace sandbox: enabled
2025/08/29 11:29:32 Android sandbox: enabled
2025/08/29 11:29:32 fault injection: enabled
2025/08/29 11:29:32 leak checking: enabled
2025/08/29 11:29:32 net packet injection: enabled
2025/08/29 11:29:32 net device setup: enabled
2025/08/29 11:29:32 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 11:29:32 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 11:29:32 USB emulation: enabled
2025/08/29 11:29:32 hci packet injection: enabled
2025/08/29 11:29:32 wifi device emulation: enabled
2025/08/29 11:29:32 802.15.4 emulation: enabled
2025/08/29 11:29:32 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 11:29:32 fetching corpus: 50, signal 25182/28638 (executing program)
2025/08/29 11:29:32 fetching corpus: 100, signal 36475/41269 (executing program)
2025/08/29 11:29:32 fetching corpus: 150, signal 41660/47817 (executing program)
2025/08/29 11:29:32 fetching corpus: 200, signal 47899/55348 (executing program)
2025/08/29 11:29:32 fetching corpus: 250, signal 52496/61174 (executing program)
2025/08/29 11:29:32 fetching corpus: 300, signal 56620/66456 (executing program)
2025/08/29 11:29:32 fetching corpus: 350, signal 60640/71534 (executing program)
2025/08/29 11:29:32 fetching corpus: 400, signal 64065/75960 (executing program)
2025/08/29 11:29:33 fetching corpus: 450, signal 67810/80645 (executing program)
2025/08/29 11:29:33 fetching corpus: 500, signal 69551/83516 (executing program)
2025/08/29 11:29:33 fetching corpus: 550, signal 72282/87167 (executing program)
2025/08/29 11:29:33 fetching corpus: 600, signal 75747/91404 (executing program)
2025/08/29 11:29:33 fetching corpus: 650, signal 77897/94441 (executing program)
2025/08/29 11:29:33 fetching corpus: 700, signal 81021/98270 (executing program)
2025/08/29 11:29:33 fetching corpus: 750, signal 84582/102435 (executing program)
2025/08/29 11:29:33 fetching corpus: 800, signal 86224/104831 (executing program)
2025/08/29 11:29:33 fetching corpus: 850, signal 88585/107885 (executing program)
2025/08/29 11:29:33 fetching corpus: 900, signal 90083/110154 (executing program)
2025/08/29 11:29:33 fetching corpus: 950, signal 91383/112187 (executing program)
2025/08/29 11:29:34 fetching corpus: 1000, signal 92885/114385 (executing program)
2025/08/29 11:29:34 fetching corpus: 1050, signal 94890/116957 (executing program)
2025/08/29 11:29:34 fetching corpus: 1100, signal 96603/119235 (executing program)
2025/08/29 11:29:34 fetching corpus: 1150, signal 98256/121429 (executing program)
2025/08/29 11:29:34 fetching corpus: 1200, signal 100324/123888 (executing program)
2025/08/29 11:29:34 fetching corpus: 1250, signal 101418/125614 (executing program)
2025/08/29 11:29:34 fetching corpus: 1300, signal 103303/127854 (executing program)
2025/08/29 11:29:34 fetching corpus: 1350, signal 105120/130135 (executing program)
2025/08/29 11:29:34 fetching corpus: 1400, signal 106825/132206 (executing program)
2025/08/29 11:29:34 fetching corpus: 1450, signal 107776/133751 (executing program)
2025/08/29 11:29:35 fetching corpus: 1500, signal 109389/135688 (executing program)
2025/08/29 11:29:35 fetching corpus: 1550, signal 110268/137148 (executing program)
2025/08/29 11:29:35 fetching corpus: 1600, signal 111521/138809 (executing program)
2025/08/29 11:29:35 fetching corpus: 1650, signal 112843/140462 (executing program)
2025/08/29 11:29:35 fetching corpus: 1700, signal 114406/142266 (executing program)
2025/08/29 11:29:35 fetching corpus: 1750, signal 115583/143807 (executing program)
2025/08/29 11:29:35 fetching corpus: 1800, signal 116725/145300 (executing program)
2025/08/29 11:29:35 fetching corpus: 1850, signal 117422/146468 (executing program)
2025/08/29 11:29:35 fetching corpus: 1900, signal 119128/148222 (executing program)
2025/08/29 11:29:35 fetching corpus: 1950, signal 119938/149487 (executing program)
2025/08/29 11:29:35 fetching corpus: 2000, signal 120788/150698 (executing program)
2025/08/29 11:29:36 fetching corpus: 2050, signal 123518/152938 (executing program)
2025/08/29 11:29:36 fetching corpus: 2100, signal 124803/154300 (executing program)
2025/08/29 11:29:36 fetching corpus: 2150, signal 125925/155593 (executing program)
2025/08/29 11:29:36 fetching corpus: 2200, signal 127218/156983 (executing program)
2025/08/29 11:29:36 fetching corpus: 2250, signal 128134/158123 (executing program)
2025/08/29 11:29:36 fetching corpus: 2300, signal 128671/159090 (executing program)
2025/08/29 11:29:36 fetching corpus: 2350, signal 129725/160261 (executing program)
2025/08/29 11:29:36 fetching corpus: 2400, signal 130708/161352 (executing program)
2025/08/29 11:29:36 fetching corpus: 2450, signal 131749/162484 (executing program)
2025/08/29 11:29:36 fetching corpus: 2500, signal 132679/163503 (executing program)
2025/08/29 11:29:37 fetching corpus: 2550, signal 133677/164601 (executing program)
2025/08/29 11:29:37 fetching corpus: 2600, signal 134359/165447 (executing program)
2025/08/29 11:29:37 fetching corpus: 2650, signal 135118/166365 (executing program)
2025/08/29 11:29:37 fetching corpus: 2700, signal 135680/167187 (executing program)
2025/08/29 11:29:37 fetching corpus: 2750, signal 136671/168177 (executing program)
2025/08/29 11:29:37 fetching corpus: 2800, signal 137439/169091 (executing program)
2025/08/29 11:29:37 fetching corpus: 2850, signal 138203/169924 (executing program)
2025/08/29 11:29:37 fetching corpus: 2900, signal 138740/170660 (executing program)
2025/08/29 11:29:37 fetching corpus: 2950, signal 140167/171675 (executing program)
2025/08/29 11:29:37 fetching corpus: 3000, signal 140618/172344 (executing program)
2025/08/29 11:29:37 fetching corpus: 3050, signal 141226/173046 (executing program)
2025/08/29 11:29:38 fetching corpus: 3100, signal 141924/173803 (executing program)
2025/08/29 11:29:38 fetching corpus: 3150, signal 142700/174531 (executing program)
2025/08/29 11:29:38 fetching corpus: 3200, signal 143180/175157 (executing program)
2025/08/29 11:29:38 fetching corpus: 3250, signal 143853/175814 (executing program)
2025/08/29 11:29:38 fetching corpus: 3300, signal 144464/176503 (executing program)
2025/08/29 11:29:38 fetching corpus: 3350, signal 144911/177138 (executing program)
2025/08/29 11:29:38 fetching corpus: 3400, signal 145624/177867 (executing program)
2025/08/29 11:29:38 fetching corpus: 3450, signal 146382/178557 (executing program)
2025/08/29 11:29:38 fetching corpus: 3500, signal 146847/179206 (executing program)
2025/08/29 11:29:38 fetching corpus: 3550, signal 147343/179812 (executing program)
2025/08/29 11:29:38 fetching corpus: 3600, signal 147976/180391 (executing program)
2025/08/29 11:29:39 fetching corpus: 3650, signal 148518/180966 (executing program)
2025/08/29 11:29:39 fetching corpus: 3700, signal 149107/181558 (executing program)
2025/08/29 11:29:39 fetching corpus: 3750, signal 149954/182456 (executing program)
2025/08/29 11:29:39 fetching corpus: 3800, signal 150522/183037 (executing program)
2025/08/29 11:29:39 fetching corpus: 3850, signal 151121/183576 (executing program)
2025/08/29 11:29:39 fetching corpus: 3900, signal 151562/184069 (executing program)
2025/08/29 11:29:39 fetching corpus: 3950, signal 151967/184529 (executing program)
2025/08/29 11:29:39 fetching corpus: 4000, signal 152485/185010 (executing program)
2025/08/29 11:29:39 fetching corpus: 4050, signal 152871/185496 (executing program)
2025/08/29 11:29:40 fetching corpus: 4100, signal 153526/185989 (executing program)
2025/08/29 11:29:40 fetching corpus: 4150, signal 153994/186421 (executing program)
2025/08/29 11:29:40 fetching corpus: 4200, signal 154638/186881 (executing program)
2025/08/29 11:29:40 fetching corpus: 4250, signal 155333/187350 (executing program)
2025/08/29 11:29:40 fetching corpus: 4300, signal 155780/187748 (executing program)
2025/08/29 11:29:40 fetching corpus: 4350, signal 156196/188111 (executing program)
2025/08/29 11:29:40 fetching corpus: 4400, signal 156477/188523 (executing program)
2025/08/29 11:29:40 fetching corpus: 4450, signal 157011/188870 (executing program)
2025/08/29 11:29:40 fetching corpus: 4500, signal 157506/189224 (executing program)
2025/08/29 11:29:40 fetching corpus: 4550, signal 157804/189580 (executing program)
2025/08/29 11:29:40 fetching corpus: 4600, signal 158750/189759 (executing program)
2025/08/29 11:29:41 fetching corpus: 4650, signal 159143/189782 (executing program)
2025/08/29 11:29:41 fetching corpus: 4700, signal 159523/189795 (executing program)
2025/08/29 11:29:41 fetching corpus: 4750, signal 159919/189806 (executing program)
2025/08/29 11:29:41 fetching corpus: 4800, signal 160340/189806 (executing program)
2025/08/29 11:29:41 fetching corpus: 4850, signal 160790/189822 (executing program)
2025/08/29 11:29:41 fetching corpus: 4900, signal 161186/189873 (executing program)
2025/08/29 11:29:41 fetching corpus: 4950, signal 161581/189874 (executing program)
2025/08/29 11:29:41 fetching corpus: 5000, signal 161915/189876 (executing program)
2025/08/29 11:29:41 fetching corpus: 5050, signal 162317/189898 (executing program)
2025/08/29 11:29:41 fetching corpus: 5100, signal 162933/189984 (executing program)
2025/08/29 11:29:41 fetching corpus: 5150, signal 163401/189994 (executing program)
2025/08/29 11:29:41 fetching corpus: 5200, signal 164113/190039 (executing program)
2025/08/29 11:29:41 fetching corpus: 5250, signal 164543/190060 (executing program)
2025/08/29 11:29:42 fetching corpus: 5300, signal 164959/190067 (executing program)
2025/08/29 11:29:42 fetching corpus: 5350, signal 165378/190070 (executing program)
2025/08/29 11:29:42 fetching corpus: 5400, signal 165969/190097 (executing program)
2025/08/29 11:29:42 fetching corpus: 5450, signal 166419/190098 (executing program)
2025/08/29 11:29:42 fetching corpus: 5500, signal 166791/190124 (executing program)
2025/08/29 11:29:42 fetching corpus: 5550, signal 167399/190154 (executing program)
2025/08/29 11:29:42 fetching corpus: 5600, signal 167783/190158 (executing program)
2025/08/29 11:29:42 fetching corpus: 5650, signal 168213/190158 (executing program)
2025/08/29 11:29:42 fetching corpus: 5700, signal 168587/190268 (executing program)
2025/08/29 11:29:42 fetching corpus: 5750, signal 168923/190276 (executing program)
2025/08/29 11:29:43 fetching corpus: 5800, signal 169236/190289 (executing program)
2025/08/29 11:29:43 fetching corpus: 5850, signal 169646/190307 (executing program)
2025/08/29 11:29:43 fetching corpus: 5900, signal 170113/190319 (executing program)
2025/08/29 11:29:43 fetching corpus: 5950, signal 170504/190330 (executing program)
2025/08/29 11:29:43 fetching corpus: 6000, signal 170849/190333 (executing program)
2025/08/29 11:29:43 fetching corpus: 6050, signal 171451/190352 (executing program)
2025/08/29 11:29:43 fetching corpus: 6100, signal 171884/190355 (executing program)
2025/08/29 11:29:43 fetching corpus: 6150, signal 172292/190463 (executing program)
2025/08/29 11:29:43 fetching corpus: 6200, signal 172701/190473 (executing program)
2025/08/29 11:29:43 fetching corpus: 6250, signal 173022/190485 (executing program)
2025/08/29 11:29:43 fetching corpus: 6300, signal 173246/190496 (executing program)
2025/08/29 11:29:44 fetching corpus: 6350, signal 173649/190500 (executing program)
2025/08/29 11:29:44 fetching corpus: 6400, signal 173932/190524 (executing program)
2025/08/29 11:29:44 fetching corpus: 6450, signal 174440/190566 (executing program)
2025/08/29 11:29:44 fetching corpus: 6500, signal 174792/190566 (executing program)
2025/08/29 11:29:44 fetching corpus: 6550, signal 175089/190571 (executing program)
2025/08/29 11:29:44 fetching corpus: 6600, signal 175498/190572 (executing program)
2025/08/29 11:29:44 fetching corpus: 6650, signal 175763/190579 (executing program)
2025/08/29 11:29:44 fetching corpus: 6700, signal 176176/190583 (executing program)
2025/08/29 11:29:44 fetching corpus: 6750, signal 176434/190585 (executing program)
2025/08/29 11:29:45 fetching corpus: 6800, signal 176679/190595 (executing program)
2025/08/29 11:29:45 fetching corpus: 6850, signal 176958/190604 (executing program)
2025/08/29 11:29:45 fetching corpus: 6900, signal 177462/190712 (executing program)
2025/08/29 11:29:45 fetching corpus: 6950, signal 177796/190721 (executing program)
2025/08/29 11:29:45 fetching corpus: 7000, signal 178346/190739 (executing program)
2025/08/29 11:29:45 fetching corpus: 7050, signal 178563/190740 (executing program)
2025/08/29 11:29:45 fetching corpus: 7100, signal 178897/190743 (executing program)
2025/08/29 11:29:45 fetching corpus: 7150, signal 179113/190751 (executing program)
2025/08/29 11:29:45 fetching corpus: 7200, signal 179603/190764 (executing program)
2025/08/29 11:29:45 fetching corpus: 7250, signal 179851/190770 (executing program)
2025/08/29 11:29:45 fetching corpus: 7300, signal 180091/190775 (executing program)
2025/08/29 11:29:46 fetching corpus: 7350, signal 180406/190795 (executing program)
2025/08/29 11:29:46 fetching corpus: 7400, signal 180716/190795 (executing program)
2025/08/29 11:29:46 fetching corpus: 7450, signal 180908/190803 (executing program)
2025/08/29 11:29:46 fetching corpus: 7500, signal 181254/190832 (executing program)
2025/08/29 11:29:46 fetching corpus: 7550, signal 181539/190834 (executing program)
2025/08/29 11:29:46 fetching corpus: 7600, signal 181855/190863 (executing program)
2025/08/29 11:29:46 fetching corpus: 7650, signal 182248/190863 (executing program)
2025/08/29 11:29:46 fetching corpus: 7700, signal 182500/190868 (executing program)
2025/08/29 11:29:46 fetching corpus: 7750, signal 182816/190868 (executing program)
2025/08/29 11:29:47 fetching corpus: 7800, signal 183080/190871 (executing program)
2025/08/29 11:29:47 fetching corpus: 7850, signal 183414/190911 (executing program)
2025/08/29 11:29:47 fetching corpus: 7900, signal 183761/190911 (executing program)
2025/08/29 11:29:47 fetching corpus: 7950, signal 184040/190913 (executing program)
2025/08/29 11:29:47 fetching corpus: 8000, signal 184302/190948 (executing program)
2025/08/29 11:29:47 fetching corpus: 8050, signal 184550/190969 (executing program)
2025/08/29 11:29:47 fetching corpus: 8100, signal 184841/190969 (executing program)
2025/08/29 11:29:47 fetching corpus: 8150, signal 185186/190970 (executing program)
2025/08/29 11:29:47 fetching corpus: 8200, signal 185900/190994 (executing program)
2025/08/29 11:29:47 fetching corpus: 8250, signal 186204/190999 (executing program)
2025/08/29 11:29:47 fetching corpus: 8300, signal 186594/191017 (executing program)
2025/08/29 11:29:48 fetching corpus: 8350, signal 186836/191017 (executing program)
2025/08/29 11:29:48 fetching corpus: 8400, signal 187103/191021 (executing program)
2025/08/29 11:29:48 fetching corpus: 8450, signal 187377/191028 (executing program)
2025/08/29 11:29:48 fetching corpus: 8500, signal 187673/191078 (executing program)
2025/08/29 11:29:48 fetching corpus: 8516, signal 187838/191088 (executing program)
2025/08/29 11:29:48 fetching corpus: 8516, signal 187838/191088 (executing program)
2025/08/29 11:29:50 starting 8 fuzzer processes
11:29:50 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x2a, &(0x7f0000000000), 0x4)

11:29:50 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
bind$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @empty}, 0x10)

11:29:50 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100))
mknodat$loop(r0, &(0x7f0000000000)='./file2\x00', 0x0, 0x0)
symlinkat(&(0x7f0000003780)='./file0\x00', r0, &(0x7f0000003740)='./file0\x00')
linkat(r0, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file1\x00', 0x0)
unlinkat(r0, &(0x7f0000000200)='./file0\x00', 0x0)

11:29:50 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$get_security(0x11, r0, 0x0, 0x0)

11:29:50 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f0000000b00)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote}, 0x1c)

11:29:50 executing program 5:
syz_io_uring_setup(0x0, &(0x7f0000000100), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000180), 0xfffffffffffffffc)

11:29:50 executing program 3:
pipe2$9p(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RLINK(r1, &(0x7f0000000ac0)={0x7}, 0x7)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
tee(r0, r2, 0x6, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

[   79.321717] audit: type=1400 audit(1756466991.008:7): avc:  denied  { execmem } for  pid=270 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:29:50 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000080)=0x2a82feb1, 0x4)

[   80.571303] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   80.573205] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   80.573206] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   80.576865] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   80.580653] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   80.583011] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   80.591078] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   80.593756] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   80.602037] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   80.615668] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   80.631403] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   80.637075] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   80.638390] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   80.644536] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   80.645906] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   80.653131] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   80.657436] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   80.658407] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   80.664677] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   80.667073] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   80.671454] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   80.677565] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   80.682868] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   80.686264] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   80.687525] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   80.689456] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   80.695179] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   80.697535] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   80.710135] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   80.716900] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   80.718821] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   80.720085] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   80.726861] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   80.740835] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   80.744319] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   80.757139] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   80.758424] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   80.760044] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   80.764484] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   80.766311] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   82.662671] Bluetooth: hci3: command tx timeout
[   82.663239] Bluetooth: hci0: command tx timeout
[   82.663740] Bluetooth: hci1: command tx timeout
[   82.787845] Bluetooth: hci2: command tx timeout
[   82.788543] Bluetooth: hci4: command tx timeout
[   82.789683] Bluetooth: hci5: command tx timeout
[   82.852677] Bluetooth: hci6: command tx timeout
[   82.853312] Bluetooth: hci7: command tx timeout
[   84.708689] Bluetooth: hci1: command tx timeout
[   84.709150] Bluetooth: hci0: command tx timeout
[   84.709533] Bluetooth: hci3: command tx timeout
[   84.836678] Bluetooth: hci4: command tx timeout
[   84.837150] Bluetooth: hci5: command tx timeout
[   84.837549] Bluetooth: hci2: command tx timeout
[   84.901927] Bluetooth: hci7: command tx timeout
[   84.902389] Bluetooth: hci6: command tx timeout
[   86.757622] Bluetooth: hci3: command tx timeout
[   86.758070] Bluetooth: hci0: command tx timeout
[   86.758449] Bluetooth: hci1: command tx timeout
[   86.883669] Bluetooth: hci4: command tx timeout
[   86.884122] Bluetooth: hci2: command tx timeout
[   86.884507] Bluetooth: hci5: command tx timeout
[   86.948702] Bluetooth: hci6: command tx timeout
[   86.949137] Bluetooth: hci7: command tx timeout
[   88.803769] Bluetooth: hci1: command tx timeout
[   88.804243] Bluetooth: hci0: command tx timeout
[   88.805071] Bluetooth: hci3: command tx timeout
[   88.931645] Bluetooth: hci5: command tx timeout
[   88.932117] Bluetooth: hci2: command tx timeout
[   88.932491] Bluetooth: hci4: command tx timeout
[   88.996796] Bluetooth: hci7: command tx timeout
[   88.997255] Bluetooth: hci6: command tx timeout
[  116.256697] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.257363] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.497982] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.499542] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.640982] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.641669] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.788607] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.789221] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.980837] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.981422] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:30:28 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f0000000980)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x64, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}, [@mbim_extended={0x8}]}, {{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0x3f}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200, 0x7f, 0x0, 0x1}}, {{0x9, 0x5, 0x3, 0x2, 0x76f6a3093a7435b1}}}}}}}]}}, 0x0)

11:30:28 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000080)=0x2a82feb1, 0x4)

[  117.107757] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.108374] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.138440] audit: type=1400 audit(1756467028.825:8): avc:  denied  { open } for  pid=3857 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  117.141454] audit: type=1400 audit(1756467028.825:9): avc:  denied  { kernel } for  pid=3857 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
11:30:28 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000080)=0x2a82feb1, 0x4)

[  117.194330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  117.199700] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  117.236471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.237372] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:30:28 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000080)=0x2a82feb1, 0x4)

[  117.338651] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.339298] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:30:29 executing program 6:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000010c0)="bca8f4cc94eaca", 0x7}], 0x1)

11:30:29 executing program 6:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000010c0)="bca8f4cc94eaca", 0x7}], 0x1)

[  117.447815] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.448403] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:30:29 executing program 6:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000010c0)="bca8f4cc94eaca", 0x7}], 0x1)

[  117.497356] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.498188] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:30:29 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff})
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x5446)
close_range(r0, 0xffffffffffffffff, 0x0)

[  117.553568] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.554310] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.599697] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.600274] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.646163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.647511] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.686200] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.687038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.732098] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  117.733042] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  117.738656] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.739207] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.776525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.777286] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.850222] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
11:30:29 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x2a, &(0x7f0000000000), 0x4)

11:30:29 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x84, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080", 0x59, 0x400}, {0x0}, {&(0x7f0000010200)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000000480)="0fb9502b8454ce6d05c8f8dfe4994f027db7400f8b9bbf111d846658e108843b43972b629c285c3b82ffd10e8e0b94eb0021f87b1b3338fa83cef62cc03ba34cd98a3a7eda6f4e1c28c8ea7ac013d483281d1ea9e47f082ecd628399d4ce89a29272279ab1bf558dc22a656cb16c41875dce7ab9704373852f144278eb5a45d3561b8fe827cb08d87fd761170bf0255d1bc81ef169d47693caac9ccb3df4211a281192b575b7df675c3925908ad94d2990b3967dc046fc06685736", 0xbb, 0x800}, {&(0x7f0000011600)="504d4d00504d4dff", 0x8, 0x6000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}], 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="8e3f0644cd329495a93a38f309f7ab5b5616288d43e8bbf2aab8d1b53eda1dec7762c4803a0c4e493e7f81c69c9aa4f7862e50c21066712d950e4a2d4821020b63e29258ca27cf8235867a722429"])
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x400)
setresuid(0x0, r0, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x1100)
setresuid(0x0, r1, 0x0)
getresuid(&(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0))
getgid()
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, <r3=>0x0}, &(0x7f0000008600)=0xc)
syz_mount_image$tmpfs(&(0x7f00000005c0), &(0x7f0000000600)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003c00)={[{@mpol={'mpol', 0x3d, {'interleave', '=static', @void}}}, {@gid={'gid', 0x3d, r3}}]})
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x1100)
setreuid(r4, 0x0)

11:30:29 executing program 5:
syz_io_uring_setup(0x0, &(0x7f0000000100), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000180), 0xfffffffffffffffc)

11:30:29 executing program 6:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000010c0)="bca8f4cc94eaca", 0x7}], 0x1)

11:30:29 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
preadv2(r0, &(0x7f0000000940)=[{&(0x7f00000006c0)=""/94, 0x5e}], 0x1, 0x0, 0x0, 0x52)

11:30:29 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$get_security(0x11, r0, 0x0, 0x0)

11:30:29 executing program 3:
clock_nanosleep(0x7, 0x1, &(0x7f0000000000)={0x0, 0x3938700}, 0x0)

11:30:29 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f0000000b00)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote}, 0x1c)

[  117.972659] loop1: detected capacity change from 0 to 272
[  117.980703] ext4: Unknown parameter '�?D�2���:8�	��[V(�C��ѵ>��wbĀ:NI>�Ɯ����.P�fq-�J-H!c�X�'ς5�zr$)'
11:30:29 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$sock_linger(r0, 0x1, 0x1b, &(0x7f0000000080), 0x8)

11:30:29 executing program 4:
futex(0x0, 0xc, 0x0, 0x0, 0x0, 0x0)

11:30:29 executing program 5:
syz_io_uring_setup(0x0, &(0x7f0000000100), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000180), 0xfffffffffffffffc)

11:30:29 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev}, @redirect={0x5, 0x0, 0x0, @multicast1, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @broadcast}}}}}}, 0x0)

11:30:29 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f0000000b00)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote}, 0x1c)

[  118.052977] loop1: detected capacity change from 0 to 272
[  118.054929] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI
[  118.055800] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[  118.056489] CPU: 0 UID: 0 PID: 3931 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  118.057421] Tainted: [W]=WARN
[  118.057915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  118.059827] RIP: 0010:perf_tp_event+0x175/0xe70
[  118.060881] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  118.065070] RSP: 0018:ffff8880167bf600 EFLAGS: 00010212
[  118.066390] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900036a5000
[  118.066946] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190
[  118.067498] RBP: ffff8880167bf870 R08: ffff88806ce31340 R09: ffffe8ffffc16728
[  118.068050] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  118.068609] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  118.069179] FS:  00007ff44b083700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  118.069816] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  118.070279] CR2: 0000555560908c18 CR3: 000000004623b000 CR4: 0000000000350ef0
[  118.070847] Call Trace:
[  118.071059]  <TASK>
[  118.071258]  ? __pfx_perf_tp_event+0x10/0x10
[  118.071638]  ? perf_trace_run_bpf_submit+0xef/0x180
[  118.072033]  perf_trace_run_bpf_submit+0xef/0x180
[  118.072425]  perf_trace_lock+0x337/0x5d0
[  118.072755]  ? __pfx_perf_trace_lock+0x10/0x10
[  118.073120]  ? lock_acquire+0x15e/0x2f0
[  118.073436]  ? futex_ref_get+0x48/0x300
[  118.073752]  ? futex_ref_get+0x114/0x300
[  118.074068]  ? futex_hash+0x15c/0x390
[  118.074371]  lock_release+0x1ab/0x290
[  118.074682]  ? futex_hash+0x15c/0x390
[  118.074983]  futex_ref_get+0x119/0x300
[  118.075292]  ? futex_hash+0x15c/0x390
[  118.075598]  futex_hash+0x70/0x390
[  118.075884]  futex_wait_setup+0xae/0x550
[  118.076213]  __futex_wait+0x151/0x300
[  118.076527]  ? __pfx___futex_wait+0x10/0x10
[  118.076873]  ? __pfx_futex_wake_mark+0x10/0x10
[  118.077245]  futex_wait+0xde/0x380
[  118.077534]  ? __pfx_futex_wait+0x10/0x10
[  118.077864]  ? perf_trace_lock+0xb5/0x5d0
[  118.078196]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  118.078605]  do_futex+0x2ee/0x370
[  118.078887]  ? __pfx_do_futex+0x10/0x10
[  118.079204]  ? do_raw_spin_lock+0x123/0x260
[  118.079547]  __x64_sys_futex+0x1c9/0x4d0
[  118.079872]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  118.080337]  ? __pfx___x64_sys_futex+0x10/0x10
[  118.080708]  ? kcov_ioctl+0x386/0x6c0
[  118.081014]  ? fput+0x6a/0x100
[  118.081281]  do_syscall_64+0xbf/0x360
[  118.081585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.081990] RIP: 0033:0x7ff44db0db19
[  118.082285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  118.083680] RSP: 002b:00007ff44b083218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  118.084268] RAX: ffffffffffffffda RBX: 00007ff44dc20f68 RCX: 00007ff44db0db19
[  118.084828] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff44dc20f68
[  118.085379] RBP: 00007ff44dc20f60 R08: 00007ff44b083700 R09: 0000000000000000
[  118.085936] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff44dc20f6c
[  118.086489] R13: 00007ffff8b71f7f R14: 00007ff44b083300 R15: 0000000000022000
[  118.087046]  </TASK>
[  118.087233] Modules linked in:
[  118.087530] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI
[  118.088381] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[  118.089056] CPU: 0 UID: 0 PID: 3931 Comm: syz-executor.5 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  118.089970] Tainted: [D]=DIE, [W]=WARN
[  118.090269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  118.090903] RIP: 0010:perf_tp_event+0x175/0xe70
[  118.091271] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  118.092661] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012
[  118.093072] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[  118.093621] RDX: ffff888016bd5280 RSI: ffffffff818995b7 RDI: 0000000100000190
[  118.094170] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc16728
[  118.094715] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000
[  118.095262] R13: 000000000000002c R14: ffff88806ce31490 R15: dffffc0000000000
[  118.095809] FS:  00007ff44b083700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  118.096430] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  118.096880] CR2: 0000555560908c18 CR3: 000000004623b000 CR4: 0000000000350ef0
[  118.097428] Call Trace:
[  118.097635]  <IRQ>
[  118.097814]  ? __pfx_perf_tp_event+0x10/0x10
[  118.098166]  ? stack_depot_save_flags+0x2c/0xa20
[  118.098538]  ? kasan_save_stack+0x34/0x50
[  118.098863]  ? kasan_save_stack+0x24/0x50
[  118.099186]  ? kasan_save_track+0x14/0x30
[  118.099509]  ? __kasan_save_free_info+0x3a/0x60
[  118.099872]  ? __kasan_slab_free+0x3f/0x50
[  118.100201]  ? kmem_cache_free+0x2a1/0x540
[  118.100534]  ? rcu_core+0x7c8/0x1800
[  118.100831]  ? handle_softirqs+0x1b1/0x770
[  118.101168]  ? __irq_exit_rcu+0xc4/0x100
[  118.101490]  ? irq_exit_rcu+0x9/0x20
[  118.101779]  ? sysvec_apic_timer_interrupt+0x70/0x80
[  118.102187]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  118.102615]  ? memset_orig+0x33/0xb0
[  118.102922]  ? inode_init_once+0x1d/0x2a0
[  118.103251]  ? init_once+0x98/0xc0
[  118.103538]  ? setup_object+0x9a/0xc0
[  118.103852]  ? new_slab+0x19f/0x2f0
[  118.104145]  ? ___slab_alloc+0x824/0xf30
[  118.104476]  ? kmem_cache_alloc_lru_noprof+0x482/0x6a0
[  118.104889]  ? ext4_alloc_inode+0x28/0x600
[  118.105227]  ? alloc_inode+0x67/0x250
[  118.105533]  ? new_inode+0x1e/0x160
[  118.105827]  ? __ext4_new_inode+0x35d/0x4d70
[  118.106179]  ? ext4_symlink+0x406/0xb40
[  118.106498]  ? vfs_symlink+0x3fe/0x680
[  118.106813]  ? do_symlinkat+0x144/0x300
[  118.107131]  ? __x64_sys_symlink+0x75/0x90
[  118.107468]  ? do_syscall_64+0xbf/0x360
[  118.107786]  ? lock_is_held_type+0x9e/0x120
[  118.108135]  ? perf_trace_run_bpf_submit+0xef/0x180
[  118.108540]  ? match_held_lock+0xb0/0xd0
[  118.108867]  perf_trace_run_bpf_submit+0xef/0x180
[  118.109257]  perf_trace_lock+0x337/0x5d0
[  118.109585]  ? __pfx_perf_trace_lock+0x10/0x10
[  118.109956]  ? find_held_lock+0x2b/0x80
[  118.110278]  ? hrtimer_interrupt+0x114/0x830
[  118.110633]  lock_release+0x1ab/0x290
[  118.110939]  ktime_get_update_offsets_now+0xab/0x3c0
[  118.111349]  ? hrtimer_interrupt+0x114/0x830
[  118.111705]  hrtimer_interrupt+0x114/0x830
[  118.112041]  ? __pfx_do_sync_core+0x10/0x10
[  118.112386]  ? trace_csd_function_exit+0x134/0x190
[  118.112795]  ? __flush_smp_call_function_queue+0x28c/0x740
[  118.113245]  __sysvec_apic_timer_interrupt+0xbb/0x330
[  118.113660]  sysvec_apic_timer_interrupt+0x6b/0x80
[  118.114052]  </IRQ>
[  118.114234]  <TASK>
[  118.114417]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  118.114835] RIP: 0010:oops_exit+0x0/0x50
[  118.115164] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27
[  118.116590] RSP: 0018:ffff8880167bf490 EFLAGS: 00000202
[  118.117016] RAX: 0000000000026902 RBX: 0000000000000216 RCX: ffffc900036a5000
[  118.117574] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007
[  118.118134] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90
[  118.118697] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880167bf558
[  118.119257] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000
[  118.119824]  ? oops_end+0x4a/0xe0
[  118.120114]  oops_end+0x65/0xe0
[  118.120387]  exc_general_protection+0x1a2/0x330
[  118.120774]  asm_exc_general_protection+0x26/0x30
[  118.121157] RIP: 0010:perf_tp_event+0x175/0xe70
[  118.121531] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  118.122951] RSP: 0018:ffff8880167bf600 EFLAGS: 00010212
[  118.123369] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900036a5000
[  118.123933] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190
[  118.124498] RBP: ffff8880167bf870 R08: ffff88806ce31340 R09: ffffe8ffffc16728
[  118.125061] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  118.125619] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  118.126181]  ? perf_tp_event+0x167/0xe70
[  118.126516]  ? __pfx_perf_tp_event+0x10/0x10
[  118.126894]  ? perf_trace_run_bpf_submit+0xef/0x180
[  118.127291]  perf_trace_run_bpf_submit+0xef/0x180
[  118.127691]  perf_trace_lock+0x337/0x5d0
[  118.128036]  ? __pfx_perf_trace_lock+0x10/0x10
[  118.128430]  ? lock_acquire+0x15e/0x2f0
[  118.128748]  ? futex_ref_get+0x48/0x300
[  118.129064]  ? futex_ref_get+0x114/0x300
[  118.129384]  ? futex_hash+0x15c/0x390
[  118.129687]  lock_release+0x1ab/0x290
[  118.129991]  ? futex_hash+0x15c/0x390
[  118.130293]  futex_ref_get+0x119/0x300
[  118.130600]  ? futex_hash+0x15c/0x390
[  118.130899]  futex_hash+0x70/0x390
[  118.131183]  futex_wait_setup+0xae/0x550
[  118.131513]  __futex_wait+0x151/0x300
[  118.131820]  ? __pfx___futex_wait+0x10/0x10
[  118.132167]  ? __pfx_futex_wake_mark+0x10/0x10
[  118.132546]  futex_wait+0xde/0x380
[  118.132835]  ? __pfx_futex_wait+0x10/0x10
[  118.133166]  ? perf_trace_lock+0xb5/0x5d0
[  118.133495]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  118.133905]  do_futex+0x2ee/0x370
[  118.134186]  ? __pfx_do_futex+0x10/0x10
[  118.134504]  ? do_raw_spin_lock+0x123/0x260
[  118.134848]  __x64_sys_futex+0x1c9/0x4d0
[  118.135171]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  118.135633]  ? __pfx___x64_sys_futex+0x10/0x10
[  118.135998]  ? kcov_ioctl+0x386/0x6c0
[  118.136303]  ? fput+0x6a/0x100
[  118.136579]  do_syscall_64+0xbf/0x360
[  118.136881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.137287] RIP: 0033:0x7ff44db0db19
[  118.137580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  118.138987] RSP: 002b:00007ff44b083218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  118.139577] RAX: ffffffffffffffda RBX: 00007ff44dc20f68 RCX: 00007ff44db0db19
[  118.140133] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff44dc20f68
[  118.140695] RBP: 00007ff44dc20f60 R08: 00007ff44b083700 R09: 0000000000000000
[  118.141252] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff44dc20f6c
[  118.141808] R13: 00007ffff8b71f7f R14: 00007ff44b083300 R15: 0000000000022000
[  118.142370]  </TASK>
[  118.142559] Modules linked in:
[  118.142821] ---[ end trace 0000000000000000 ]---
[  118.143190] RIP: 0010:perf_tp_event+0x175/0xe70
[  118.143560] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  118.144984] RSP: 0018:ffff8880167bf600 EFLAGS: 00010212
[  118.145400] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900036a5000
[  118.145954] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190
[  118.146509] RBP: ffff8880167bf870 R08: ffff88806ce31340 R09: ffffe8ffffc16728
[  118.147069] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  118.147624] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  118.148190] FS:  00007ff44b083700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  118.148824] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  118.149279] CR2: 0000555560908c18 CR3: 000000004623b000 CR4: 0000000000350ef0
[  118.149838] Kernel panic - not syncing: Fatal exception in interrupt
[  118.150419] Kernel Offset: disabled
[  118.150704] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
11:30:29  Registers:
info registers vcpu 0
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880167beef0
R8 =0000000000000000 R9 =ffffed100175e046 R10=0000000000000031 R11=0000000065646f43
R12=0000000000000031 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007ff44b083700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe5100000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555560908c18 CR3=000000004623b000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007ff44dbf47c000007ff44dbf47c8
XMM02=00007ff44dbf47e000007ff44dbf47c0 XMM03=00007ff44dbf47c800007ff44dbf47c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88806ce3de00 RCX=ffffffff816880fc RDX=ffff888045e4b700
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff8880476f7980
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1
R12=ffffed100d9c7bc1 R13=ffff88806ce3de08 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff8173e788 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00005555886aa400 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe4500000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fd8a436c542 CR3=000000001616c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=000000000000000000000000000000ff
XMM02=7463656a6e695f31313230385f7a7973 XMM03=00007fd0da60d7c800007fd0da60d7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000