Warning: Permanently added '[localhost]:33175' (ECDSA) to the list of known hosts.
2025/08/29 11:48:21 fuzzer started
2025/08/29 11:48:21 dialing manager at localhost:43077
syzkaller login: [ 50.405750] cgroup: Unknown subsys name 'net'
[ 50.462454] cgroup: Unknown subsys name 'cpuset'
[ 50.481172] cgroup: Unknown subsys name 'rlimit'
2025/08/29 11:48:31 syscalls: 2214
2025/08/29 11:48:31 code coverage: enabled
2025/08/29 11:48:31 comparison tracing: enabled
2025/08/29 11:48:31 extra coverage: enabled
2025/08/29 11:48:31 setuid sandbox: enabled
2025/08/29 11:48:31 namespace sandbox: enabled
2025/08/29 11:48:31 Android sandbox: enabled
2025/08/29 11:48:31 fault injection: enabled
2025/08/29 11:48:31 leak checking: enabled
2025/08/29 11:48:31 net packet injection: enabled
2025/08/29 11:48:31 net device setup: enabled
2025/08/29 11:48:31 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 11:48:31 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 11:48:31 USB emulation: enabled
2025/08/29 11:48:31 hci packet injection: enabled
2025/08/29 11:48:31 wifi device emulation: enabled
2025/08/29 11:48:31 802.15.4 emulation: enabled
2025/08/29 11:48:31 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 11:48:31 fetching corpus: 50, signal 24935/28387 (executing program)
2025/08/29 11:48:31 fetching corpus: 100, signal 35931/40771 (executing program)
2025/08/29 11:48:31 fetching corpus: 150, signal 42358/48548 (executing program)
2025/08/29 11:48:31 fetching corpus: 200, signal 48327/55714 (executing program)
2025/08/29 11:48:31 fetching corpus: 250, signal 52694/61304 (executing program)
2025/08/29 11:48:31 fetching corpus: 300, signal 57033/66747 (executing program)
2025/08/29 11:48:31 fetching corpus: 350, signal 62234/72924 (executing program)
2025/08/29 11:48:31 fetching corpus: 400, signal 65376/77079 (executing program)
2025/08/29 11:48:32 fetching corpus: 450, signal 69564/82121 (executing program)
2025/08/29 11:48:32 fetching corpus: 500, signal 71777/85381 (executing program)
2025/08/29 11:48:32 fetching corpus: 550, signal 74626/89094 (executing program)
2025/08/29 11:48:32 fetching corpus: 600, signal 77217/92589 (executing program)
2025/08/29 11:48:32 fetching corpus: 650, signal 80013/96202 (executing program)
2025/08/29 11:48:32 fetching corpus: 700, signal 81714/98758 (executing program)
2025/08/29 11:48:32 fetching corpus: 750, signal 83345/101248 (executing program)
2025/08/29 11:48:32 fetching corpus: 800, signal 85930/104510 (executing program)
2025/08/29 11:48:32 fetching corpus: 850, signal 88819/107945 (executing program)
2025/08/29 11:48:33 fetching corpus: 900, signal 94115/113232 (executing program)
2025/08/29 11:48:33 fetching corpus: 950, signal 95752/115514 (executing program)
2025/08/29 11:48:33 fetching corpus: 1000, signal 97359/117767 (executing program)
2025/08/29 11:48:33 fetching corpus: 1050, signal 99776/120648 (executing program)
2025/08/29 11:48:33 fetching corpus: 1100, signal 102448/123738 (executing program)
2025/08/29 11:48:33 fetching corpus: 1150, signal 103526/125481 (executing program)
2025/08/29 11:48:33 fetching corpus: 1200, signal 105232/127650 (executing program)
2025/08/29 11:48:33 fetching corpus: 1250, signal 106373/129374 (executing program)
2025/08/29 11:48:33 fetching corpus: 1300, signal 107509/131118 (executing program)
2025/08/29 11:48:33 fetching corpus: 1350, signal 108695/132880 (executing program)
2025/08/29 11:48:33 fetching corpus: 1400, signal 110602/135091 (executing program)
2025/08/29 11:48:34 fetching corpus: 1450, signal 113239/137697 (executing program)
2025/08/29 11:48:34 fetching corpus: 1500, signal 114226/139251 (executing program)
2025/08/29 11:48:34 fetching corpus: 1550, signal 115623/141136 (executing program)
2025/08/29 11:48:34 fetching corpus: 1600, signal 116993/142904 (executing program)
2025/08/29 11:48:34 fetching corpus: 1650, signal 117986/144331 (executing program)
2025/08/29 11:48:34 fetching corpus: 1700, signal 118956/145737 (executing program)
2025/08/29 11:48:34 fetching corpus: 1750, signal 120239/147318 (executing program)
2025/08/29 11:48:34 fetching corpus: 1800, signal 121355/148775 (executing program)
2025/08/29 11:48:34 fetching corpus: 1850, signal 122880/150435 (executing program)
2025/08/29 11:48:34 fetching corpus: 1900, signal 124003/151814 (executing program)
2025/08/29 11:48:34 fetching corpus: 1950, signal 124922/153053 (executing program)
2025/08/29 11:48:35 fetching corpus: 2000, signal 125981/154413 (executing program)
2025/08/29 11:48:35 fetching corpus: 2050, signal 127420/155928 (executing program)
2025/08/29 11:48:35 fetching corpus: 2100, signal 128266/157091 (executing program)
2025/08/29 11:48:35 fetching corpus: 2150, signal 129055/158190 (executing program)
2025/08/29 11:48:35 fetching corpus: 2200, signal 129876/159277 (executing program)
2025/08/29 11:48:35 fetching corpus: 2250, signal 130636/160324 (executing program)
2025/08/29 11:48:36 fetching corpus: 2300, signal 131477/161435 (executing program)
2025/08/29 11:48:36 fetching corpus: 2350, signal 132129/162421 (executing program)
2025/08/29 11:48:36 fetching corpus: 2400, signal 132934/163441 (executing program)
2025/08/29 11:48:36 fetching corpus: 2450, signal 133355/164260 (executing program)
2025/08/29 11:48:36 fetching corpus: 2500, signal 134023/165156 (executing program)
2025/08/29 11:48:36 fetching corpus: 2550, signal 134664/166068 (executing program)
2025/08/29 11:48:36 fetching corpus: 2600, signal 135522/167036 (executing program)
2025/08/29 11:48:36 fetching corpus: 2650, signal 136090/167894 (executing program)
2025/08/29 11:48:36 fetching corpus: 2700, signal 136647/168695 (executing program)
2025/08/29 11:48:36 fetching corpus: 2750, signal 137253/169550 (executing program)
2025/08/29 11:48:36 fetching corpus: 2800, signal 137998/170452 (executing program)
2025/08/29 11:48:37 fetching corpus: 2850, signal 138388/171140 (executing program)
2025/08/29 11:48:37 fetching corpus: 2900, signal 138983/171982 (executing program)
2025/08/29 11:48:37 fetching corpus: 2950, signal 139464/172711 (executing program)
2025/08/29 11:48:37 fetching corpus: 3000, signal 140039/173446 (executing program)
2025/08/29 11:48:37 fetching corpus: 3050, signal 140612/174200 (executing program)
2025/08/29 11:48:37 fetching corpus: 3100, signal 140980/174865 (executing program)
2025/08/29 11:48:37 fetching corpus: 3150, signal 141904/175819 (executing program)
2025/08/29 11:48:37 fetching corpus: 3200, signal 142837/176650 (executing program)
2025/08/29 11:48:37 fetching corpus: 3250, signal 143736/177485 (executing program)
2025/08/29 11:48:37 fetching corpus: 3300, signal 144726/178287 (executing program)
2025/08/29 11:48:37 fetching corpus: 3350, signal 145161/178879 (executing program)
2025/08/29 11:48:38 fetching corpus: 3400, signal 145895/179571 (executing program)
2025/08/29 11:48:38 fetching corpus: 3450, signal 147010/180275 (executing program)
2025/08/29 11:48:38 fetching corpus: 3500, signal 147460/180887 (executing program)
2025/08/29 11:48:38 fetching corpus: 3550, signal 148084/181566 (executing program)
2025/08/29 11:48:38 fetching corpus: 3600, signal 148497/182153 (executing program)
2025/08/29 11:48:38 fetching corpus: 3650, signal 149040/182797 (executing program)
2025/08/29 11:48:38 fetching corpus: 3700, signal 149653/183416 (executing program)
2025/08/29 11:48:38 fetching corpus: 3750, signal 150028/183961 (executing program)
2025/08/29 11:48:38 fetching corpus: 3800, signal 150618/184503 (executing program)
2025/08/29 11:48:38 fetching corpus: 3850, signal 151403/185093 (executing program)
2025/08/29 11:48:38 fetching corpus: 3900, signal 151897/185602 (executing program)
2025/08/29 11:48:39 fetching corpus: 3950, signal 152487/186157 (executing program)
2025/08/29 11:48:39 fetching corpus: 4000, signal 152977/186628 (executing program)
2025/08/29 11:48:39 fetching corpus: 4050, signal 153552/187131 (executing program)
2025/08/29 11:48:39 fetching corpus: 4100, signal 154650/187670 (executing program)
2025/08/29 11:48:39 fetching corpus: 4150, signal 155175/188151 (executing program)
2025/08/29 11:48:39 fetching corpus: 4200, signal 155565/188553 (executing program)
2025/08/29 11:48:39 fetching corpus: 4250, signal 156062/188957 (executing program)
2025/08/29 11:48:39 fetching corpus: 4300, signal 156768/189390 (executing program)
2025/08/29 11:48:39 fetching corpus: 4350, signal 157213/189800 (executing program)
2025/08/29 11:48:39 fetching corpus: 4400, signal 157789/190219 (executing program)
2025/08/29 11:48:39 fetching corpus: 4450, signal 158347/190612 (executing program)
2025/08/29 11:48:40 fetching corpus: 4500, signal 158781/190981 (executing program)
2025/08/29 11:48:40 fetching corpus: 4550, signal 159131/191352 (executing program)
2025/08/29 11:48:40 fetching corpus: 4600, signal 159619/191735 (executing program)
2025/08/29 11:48:40 fetching corpus: 4650, signal 160154/191850 (executing program)
2025/08/29 11:48:40 fetching corpus: 4700, signal 160443/191862 (executing program)
2025/08/29 11:48:40 fetching corpus: 4750, signal 160930/191870 (executing program)
2025/08/29 11:48:40 fetching corpus: 4800, signal 161401/191878 (executing program)
2025/08/29 11:48:40 fetching corpus: 4850, signal 161859/191911 (executing program)
2025/08/29 11:48:40 fetching corpus: 4900, signal 162268/191922 (executing program)
2025/08/29 11:48:40 fetching corpus: 4950, signal 162653/191973 (executing program)
2025/08/29 11:48:40 fetching corpus: 5000, signal 162997/191975 (executing program)
2025/08/29 11:48:41 fetching corpus: 5050, signal 163631/192080 (executing program)
2025/08/29 11:48:41 fetching corpus: 5100, signal 164073/192080 (executing program)
2025/08/29 11:48:41 fetching corpus: 5150, signal 164519/192089 (executing program)
2025/08/29 11:48:41 fetching corpus: 5200, signal 165032/192092 (executing program)
2025/08/29 11:48:41 fetching corpus: 5250, signal 165418/192100 (executing program)
2025/08/29 11:48:41 fetching corpus: 5300, signal 165890/192129 (executing program)
2025/08/29 11:48:41 fetching corpus: 5350, signal 166359/192143 (executing program)
2025/08/29 11:48:41 fetching corpus: 5400, signal 166713/192147 (executing program)
2025/08/29 11:48:41 fetching corpus: 5450, signal 167367/192189 (executing program)
2025/08/29 11:48:41 fetching corpus: 5500, signal 167771/192196 (executing program)
2025/08/29 11:48:41 fetching corpus: 5550, signal 168283/192208 (executing program)
2025/08/29 11:48:42 fetching corpus: 5600, signal 168787/192208 (executing program)
2025/08/29 11:48:42 fetching corpus: 5650, signal 169167/192214 (executing program)
2025/08/29 11:48:42 fetching corpus: 5700, signal 169512/192216 (executing program)
2025/08/29 11:48:42 fetching corpus: 5750, signal 169886/192251 (executing program)
2025/08/29 11:48:42 fetching corpus: 5800, signal 170295/192294 (executing program)
2025/08/29 11:48:42 fetching corpus: 5850, signal 170695/192300 (executing program)
2025/08/29 11:48:42 fetching corpus: 5900, signal 171071/192300 (executing program)
2025/08/29 11:48:42 fetching corpus: 5950, signal 171436/192308 (executing program)
2025/08/29 11:48:42 fetching corpus: 6000, signal 171712/192311 (executing program)
2025/08/29 11:48:42 fetching corpus: 6050, signal 172055/192313 (executing program)
2025/08/29 11:48:42 fetching corpus: 6100, signal 172572/192317 (executing program)
2025/08/29 11:48:42 fetching corpus: 6150, signal 173255/192334 (executing program)
2025/08/29 11:48:43 fetching corpus: 6200, signal 173590/192335 (executing program)
2025/08/29 11:48:43 fetching corpus: 6250, signal 173941/192348 (executing program)
2025/08/29 11:48:43 fetching corpus: 6300, signal 174220/192351 (executing program)
2025/08/29 11:48:43 fetching corpus: 6350, signal 174760/192358 (executing program)
2025/08/29 11:48:43 fetching corpus: 6400, signal 175233/192359 (executing program)
2025/08/29 11:48:43 fetching corpus: 6450, signal 175525/192359 (executing program)
2025/08/29 11:48:43 fetching corpus: 6500, signal 175967/192395 (executing program)
2025/08/29 11:48:43 fetching corpus: 6550, signal 176257/192401 (executing program)
2025/08/29 11:48:43 fetching corpus: 6600, signal 176586/192430 (executing program)
2025/08/29 11:48:43 fetching corpus: 6650, signal 176905/192430 (executing program)
2025/08/29 11:48:43 fetching corpus: 6700, signal 177134/192458 (executing program)
2025/08/29 11:48:43 fetching corpus: 6750, signal 177518/192491 (executing program)
2025/08/29 11:48:43 fetching corpus: 6800, signal 177777/192549 (executing program)
2025/08/29 11:48:44 fetching corpus: 6850, signal 178073/192549 (executing program)
2025/08/29 11:48:44 fetching corpus: 6900, signal 178293/192568 (executing program)
2025/08/29 11:48:44 fetching corpus: 6950, signal 178602/192578 (executing program)
2025/08/29 11:48:44 fetching corpus: 7000, signal 178891/192588 (executing program)
2025/08/29 11:48:44 fetching corpus: 7050, signal 179179/192598 (executing program)
2025/08/29 11:48:44 fetching corpus: 7100, signal 179504/192605 (executing program)
2025/08/29 11:48:44 fetching corpus: 7150, signal 179764/192645 (executing program)
2025/08/29 11:48:44 fetching corpus: 7200, signal 180287/192675 (executing program)
2025/08/29 11:48:44 fetching corpus: 7250, signal 180531/192685 (executing program)
2025/08/29 11:48:44 fetching corpus: 7300, signal 181128/192690 (executing program)
2025/08/29 11:48:44 fetching corpus: 7350, signal 181783/192716 (executing program)
2025/08/29 11:48:44 fetching corpus: 7400, signal 182014/192744 (executing program)
2025/08/29 11:48:44 fetching corpus: 7450, signal 182355/192750 (executing program)
2025/08/29 11:48:45 fetching corpus: 7500, signal 182594/192756 (executing program)
2025/08/29 11:48:45 fetching corpus: 7550, signal 182830/192766 (executing program)
2025/08/29 11:48:45 fetching corpus: 7600, signal 183056/192773 (executing program)
2025/08/29 11:48:45 fetching corpus: 7650, signal 183317/192785 (executing program)
2025/08/29 11:48:45 fetching corpus: 7700, signal 183905/192813 (executing program)
2025/08/29 11:48:45 fetching corpus: 7750, signal 184145/192818 (executing program)
2025/08/29 11:48:45 fetching corpus: 7800, signal 184288/192822 (executing program)
2025/08/29 11:48:45 fetching corpus: 7850, signal 184505/192835 (executing program)
2025/08/29 11:48:45 fetching corpus: 7900, signal 184797/192847 (executing program)
2025/08/29 11:48:45 fetching corpus: 7950, signal 185045/192851 (executing program)
2025/08/29 11:48:45 fetching corpus: 8000, signal 185294/192852 (executing program)
2025/08/29 11:48:45 fetching corpus: 8050, signal 185546/192856 (executing program)
2025/08/29 11:48:46 fetching corpus: 8100, signal 185791/192865 (executing program)
2025/08/29 11:48:46 fetching corpus: 8150, signal 186085/192874 (executing program)
2025/08/29 11:48:46 fetching corpus: 8200, signal 186409/192882 (executing program)
2025/08/29 11:48:46 fetching corpus: 8250, signal 186704/192897 (executing program)
2025/08/29 11:48:46 fetching corpus: 8300, signal 186908/192899 (executing program)
2025/08/29 11:48:46 fetching corpus: 8350, signal 187153/192902 (executing program)
2025/08/29 11:48:46 fetching corpus: 8400, signal 187336/192910 (executing program)
2025/08/29 11:48:46 fetching corpus: 8450, signal 187604/192922 (executing program)
2025/08/29 11:48:46 fetching corpus: 8500, signal 187827/192928 (executing program)
2025/08/29 11:48:46 fetching corpus: 8550, signal 188062/192937 (executing program)
2025/08/29 11:48:46 fetching corpus: 8600, signal 188537/192941 (executing program)
2025/08/29 11:48:46 fetching corpus: 8650, signal 188746/192947 (executing program)
2025/08/29 11:48:46 fetching corpus: 8700, signal 189029/192948 (executing program)
2025/08/29 11:48:47 fetching corpus: 8750, signal 189390/193044 (executing program)
2025/08/29 11:48:47 fetching corpus: 8793, signal 189654/193048 (executing program)
2025/08/29 11:48:47 fetching corpus: 8793, signal 189654/193048 (executing program)
2025/08/29 11:48:49 starting 8 fuzzer processes
11:48:49 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000873000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000871000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffd000/0x1000)=nil)
11:48:49 executing program 1:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
fsetxattr$security_capability(r0, &(0x7f0000000040), &(0x7f0000000140)=@v3, 0x18, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
11:48:49 executing program 6:
clock_gettime(0x0, &(0x7f0000000000))
r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0)
r1 = dup(r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000010c0)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x9, 0x1000, &(0x7f0000000000)=""/4096}, &(0x7f0000001000)="93a0cb4eef85", 0x0, 0x0, 0x0, 0x0, 0x0})
11:48:49 executing program 2:
r0 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmctl$IPC_RMID(0x0, 0x0)
shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x5000)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = shmget$private(0x0, 0x5000, 0x1800, &(0x7f0000ffb000/0x5000)=nil)
shmctl$IPC_RMID(r1, 0x0)
shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0)
r2 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r3 = shmat(r2, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(r3)
11:48:49 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open$dir(&(0x7f0000000480)='./file0\x00', 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
mkdirat(r0, &(0x7f0000000040)='./file0\x00', 0x0)
11:48:49 executing program 3:
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000400)=ANY=[], 0xb)
ioprio_set$pid(0x1, 0x0, 0x4000)
fcntl$setstatus(r1, 0x4, 0x6800)
sendfile(r0, r1, 0x0, 0x68e146a1)
11:48:49 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000000)={@mcast2}, 0x14)
[ 78.168121] audit: type=1400 audit(1756468129.543:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:48:49 executing program 5:
r0 = fsopen(&(0x7f0000000040)='debugfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x6, 0x0, 0x0, 0xffffffffffffffff)
[ 79.438853] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 79.441214] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 79.444194] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 79.447936] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 79.450269] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 79.455264] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 79.457099] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 79.462774] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 79.467829] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 79.472055] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 79.516312] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 79.527165] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 79.534291] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 79.536300] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 79.538089] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 79.541166] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 79.545381] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 79.551345] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 79.555051] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 79.559423] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 79.601768] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 79.605320] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 79.605847] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 79.610160] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 79.611624] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 79.614619] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 79.618397] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 79.622343] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 79.625780] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 79.627103] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 79.629460] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 79.635928] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 79.642141] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 79.642237] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 79.647455] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 79.654149] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 79.657729] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 79.658888] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 79.676907] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 79.686273] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 81.529857] Bluetooth: hci0: command tx timeout
[ 81.529923] Bluetooth: hci1: command tx timeout
[ 81.593585] Bluetooth: hci3: command tx timeout
[ 81.659688] Bluetooth: hci2: command tx timeout
[ 81.722657] Bluetooth: hci7: command tx timeout
[ 81.723387] Bluetooth: hci4: command tx timeout
[ 81.723879] Bluetooth: hci6: command tx timeout
[ 81.785630] Bluetooth: hci5: command tx timeout
[ 83.578609] Bluetooth: hci1: command tx timeout
[ 83.579374] Bluetooth: hci0: command tx timeout
[ 83.642722] Bluetooth: hci3: command tx timeout
[ 83.705698] Bluetooth: hci2: command tx timeout
[ 83.769722] Bluetooth: hci6: command tx timeout
[ 83.771599] Bluetooth: hci4: command tx timeout
[ 83.771988] Bluetooth: hci7: command tx timeout
[ 83.834746] Bluetooth: hci5: command tx timeout
[ 85.627604] Bluetooth: hci0: command tx timeout
[ 85.628078] Bluetooth: hci1: command tx timeout
[ 85.689673] Bluetooth: hci3: command tx timeout
[ 85.754678] Bluetooth: hci2: command tx timeout
[ 85.820600] Bluetooth: hci7: command tx timeout
[ 85.821380] Bluetooth: hci4: command tx timeout
[ 85.822146] Bluetooth: hci6: command tx timeout
[ 85.881602] Bluetooth: hci5: command tx timeout
[ 87.673605] Bluetooth: hci0: command tx timeout
[ 87.674033] Bluetooth: hci1: command tx timeout
[ 87.737660] Bluetooth: hci3: command tx timeout
[ 87.801570] Bluetooth: hci2: command tx timeout
[ 87.866260] Bluetooth: hci4: command tx timeout
[ 87.866686] Bluetooth: hci7: command tx timeout
[ 87.866709] Bluetooth: hci6: command tx timeout
[ 87.932559] Bluetooth: hci5: command tx timeout
[ 116.147644] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.148277] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.313916] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.314474] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:49:28 executing program 1:
prctl$PR_SET_DUMPABLE(0x4, 0x0)
syz_io_uring_complete(0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpgid(0x0)
capset(&(0x7f0000000280)={0x19980330, r0}, 0x0)
[ 116.828771] audit: type=1400 audit(1756468168.202:8): avc: denied { open } for pid=3722 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 116.830670] audit: type=1400 audit(1756468168.202:9): avc: denied { kernel } for pid=3722 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 116.843811] capability: warning: `syz-executor.1' uses 32-bit capabilities (legacy support in use)
11:49:28 executing program 1:
memfd_create(0x0, 0xf9)
11:49:28 executing program 1:
memfd_create(0x0, 0xf9)
11:49:28 executing program 1:
memfd_create(0x0, 0xf9)
11:49:28 executing program 1:
memfd_create(0x0, 0xf9)
[ 117.430613] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.431272] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:49:28 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f0000000000)=':/\\\x00')
[ 117.496674] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.497294] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:49:28 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f0000000000)=':/\\\x00')
11:49:29 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f0000000000)=':/\\\x00')
[ 117.790871] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.791495] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.945806] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.946410] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.056270] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.056961] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.294556] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.295715] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.785296] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.786427] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.921943] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.923260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.995021] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.995990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.058624] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.059223] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.082583] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.083145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.117562] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.118131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.586450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.587977] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.619478] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.620599] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:49:31 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000873000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000871000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffd000/0x1000)=nil)
11:49:31 executing program 5:
clone3(0x0, 0x3f00)
11:49:31 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f0000000000)=':/\\\x00')
11:49:31 executing program 6:
clock_gettime(0x0, &(0x7f0000000000))
r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0)
r1 = dup(r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000010c0)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x9, 0x1000, &(0x7f0000000000)=""/4096}, &(0x7f0000001000)="93a0cb4eef85", 0x0, 0x0, 0x0, 0x0, 0x0})
11:49:31 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000000)={@mcast2}, 0x14)
11:49:31 executing program 7:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x2, &(0x7f0000000000), 0x8)
11:49:31 executing program 3:
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000400)=ANY=[], 0xb)
ioprio_set$pid(0x1, 0x0, 0x4000)
fcntl$setstatus(r1, 0x4, 0x6800)
sendfile(r0, r1, 0x0, 0x68e146a1)
11:49:31 executing program 2:
r0 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmctl$IPC_RMID(0x0, 0x0)
shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x5000)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = shmget$private(0x0, 0x5000, 0x1800, &(0x7f0000ffb000/0x5000)=nil)
shmctl$IPC_RMID(r1, 0x0)
shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0)
r2 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r3 = shmat(r2, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(r3)
[ 119.868420] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
11:49:31 executing program 7:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x2, &(0x7f0000000000), 0x8)
11:49:31 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000000)={@mcast2}, 0x14)
11:49:31 executing program 5:
clone3(0x0, 0x3f00)
[ 119.980241] Oops: general protection fault, probably for non-canonical address 0xf2fffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 119.981214] KASAN: maybe wild-memory-access in range [0x9800000000000190-0x9800000000000197]
[ 119.981896] CPU: 0 UID: 0 PID: 3932 Comm: syz-executor.4 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 119.983899] Tainted: [W]=WARN
11:49:31 executing program 6:
clock_gettime(0x0, &(0x7f0000000000))
r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0)
r1 = dup(r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000010c0)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x9, 0x1000, &(0x7f0000000000)=""/4096}, &(0x7f0000001000)="93a0cb4eef85", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 119.984565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 119.986304] RIP: 0010:perf_tp_event+0x175/0xe70
[ 119.987653] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 119.991366] RSP: 0018:ffff888047787780 EFLAGS: 00010012
[ 119.991800] RAX: 1300000000000032 RBX: 97ffffffffffffa0 RCX: ffffc900092d3000
[ 119.992365] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 9800000000000190
[ 119.992931] RBP: ffff8880477879f0 R08: ffff88806ce31340 R09: ffffe8ffffc16a98
[ 119.993493] R10: 0000000000000000 R11: ffff8880101ac098 R12: dffffc0000000000
[ 119.994055] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 119.994623] FS: 00007f4e0bbd4700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 119.995262] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 119.995724] CR2: 00007f4e0e772018 CR3: 000000001f326000 CR4: 0000000000350ef0
[ 119.996297] Call Trace:
[ 119.996505]
[ 119.996691] ? __pfx_perf_tp_event+0x10/0x10
[ 119.997057] ? __asan_memcpy+0x3d/0x60
[ 119.997379] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10
[ 119.997905] ? lock_is_held_type+0x9e/0x120
[ 119.998260] ? ctx_sched_in+0x134/0x9b0
[ 119.998577] ? tracing_gen_ctx_irq_test+0x167/0x1f0
[ 119.998982] ? perf_swevent_event+0x63/0x3f0
[ 119.999340] ? perf_tp_event+0x807/0xe70
[ 119.999670] ? perf_trace_run_bpf_submit+0xef/0x180
[ 120.000086] ? perf_trace_run_bpf_submit+0xef/0x180
[ 120.000489] perf_trace_run_bpf_submit+0xef/0x180
[ 120.000893] perf_trace_preemptirq_template+0x259/0x430
[ 120.001333] ? trace_sched_set_need_resched_tp+0xd4/0x110
[ 120.001776] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 120.002255] ? __pfx___resched_curr+0x10/0x10
[ 120.002629] ? find_held_lock+0x2b/0x80
[ 120.002969] ? try_to_wake_up+0x8ae/0x11d0
[ 120.003316] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 120.003726] trace_irq_enable.constprop.0+0xa6/0x100
[ 120.004137] trace_hardirqs_on+0x26/0x40
[ 120.004463] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 120.004863] try_to_wake_up+0x8ae/0x11d0
[ 120.005192] ? __pfx_try_to_wake_up+0x10/0x10
[ 120.005556] ? plist_del+0x122/0x270
[ 120.005867] ? find_held_lock+0x2b/0x80
[ 120.006193] ? futex_wake+0x474/0x540
[ 120.006507] wake_up_q+0xa1/0x130
[ 120.006793] futex_wake+0x47e/0x540
[ 120.007092] ? __pfx_futex_wake+0x10/0x10
[ 120.007430] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 120.007851] ? lock_release+0xc8/0x290
[ 120.008165] do_futex+0x26d/0x370
[ 120.008450] ? __pfx_do_futex+0x10/0x10
[ 120.008773] __x64_sys_futex+0x1c9/0x4d0
[ 120.009104] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 120.009576] ? __pfx___x64_sys_futex+0x10/0x10
[ 120.009953] do_syscall_64+0xbf/0x360
[ 120.010260] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.010669] RIP: 0033:0x7f4e0e65eb19
[ 120.010966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 120.012411] RSP: 002b:00007f4e0bbd4218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 120.013014] RAX: ffffffffffffffda RBX: 00007f4e0e771f68 RCX: 00007f4e0e65eb19
[ 120.013579] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4e0e771f6c
[ 120.014145] RBP: 00007f4e0e771f60 R08: 000000000000000e R09: 0000000000000000
[ 120.014713] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f4e0e771f6c
[ 120.015279] R13: 00007ffea3badb3f R14: 00007f4e0bbd4300 R15: 0000000000022000
[ 120.015864]
[ 120.016056] Modules linked in:
[ 120.016321] ---[ end trace 0000000000000000 ]---
[ 120.016693] RIP: 0010:perf_tp_event+0x175/0xe70
[ 120.017078] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 120.018512] RSP: 0018:ffff888047787780 EFLAGS: 00010012
[ 120.018942] RAX: 1300000000000032 RBX: 97ffffffffffffa0 RCX: ffffc900092d3000
[ 120.019507] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 9800000000000190
[ 120.020083] RBP: ffff8880477879f0 R08: ffff88806ce31340 R09: ffffe8ffffc16a98
[ 120.020649] R10: 0000000000000000 R11: ffff8880101ac098 R12: dffffc0000000000
[ 120.021211] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 120.021776] FS: 00007f4e0bbd4700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 120.022415] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 120.022877] CR2: 00007f4e0e772018 CR3: 000000001f326000 CR4: 0000000000350ef0
[ 120.023445] note: syz-executor.4[3932] exited with irqs disabled
[ 120.023989] Oops: general protection fault, probably for non-canonical address 0xf2fffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 120.024873] KASAN: maybe wild-memory-access in range [0x9800000000000190-0x9800000000000197]
[ 120.025535] CPU: 0 UID: 0 PID: 3932 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 120.026471] Tainted: [D]=DIE, [W]=WARN
[ 120.026776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 120.027421] RIP: 0010:perf_tp_event+0x175/0xe70
[ 120.027809] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 120.029239] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012
[ 120.029661] RAX: 1300000000000032 RBX: 97ffffffffffffa0 RCX: ffffffff81898973
[ 120.030224] RDX: ffff888015488000 RSI: ffffffff818995b7 RDI: 9800000000000190
[ 120.030785] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc16a98
[ 120.031346] R10: 0000000000000000 R11: ffff888017d2cc98 R12: dffffc0000000000
[ 120.031920] R13: 0000000000000000 R14: ffff88806ce313e8 R15: dffffc0000000000
[ 120.032483] FS: 00007f4e0bbd4700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 120.033115] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 120.033579] CR2: 00007f4e0e772018 CR3: 000000001f326000 CR4: 0000000000350ef0
[ 120.034141] Call Trace:
[ 120.034351]
[ 120.034531] ? __pfx_perf_tp_event+0x10/0x10
[ 120.034893] ? check_preempt_wakeup_fair+0x6e/0x950
[ 120.035297] ? wakeup_preempt+0x140/0x2a0
[ 120.035630] ? lock_release+0x1c7/0x290
[ 120.035956] ? lock_release+0x1c7/0x290
[ 120.036278] ? do_raw_spin_unlock+0x53/0x220
[ 120.036638] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 120.037043] ? try_to_wake_up+0x8ae/0x11d0
[ 120.037391] ? do_raw_spin_lock+0x123/0x260
[ 120.037737] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 120.038121] ? perf_trace_run_bpf_submit+0xef/0x180
[ 120.038530] perf_trace_run_bpf_submit+0xef/0x180
[ 120.038919] perf_trace_preemptirq_template+0x259/0x430
[ 120.039348] ? read_tsc+0x9/0x20
[ 120.039631] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 120.040111] ? clockevents_program_event+0x135/0x360
[ 120.040528] ? tick_program_event+0xac/0x140
[ 120.040886] ? handle_softirqs+0x16e/0x770
[ 120.041233] trace_irq_enable.constprop.0+0xa6/0x100
[ 120.041640] trace_hardirqs_on+0x26/0x40
[ 120.041962] handle_softirqs+0x16e/0x770
[ 120.042295] __irq_exit_rcu+0xc4/0x100
[ 120.042615] irq_exit_rcu+0x9/0x20
[ 120.042901] sysvec_apic_timer_interrupt+0x70/0x80
[ 120.043300]
[ 120.043483]
[ 120.043668] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 120.044103] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 120.044482] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de
[ 120.045910] RSP: 0018:ffff888047787f28 EFLAGS: 00000246
[ 120.046330] RAX: 0000000000000001 RBX: ffff888015488000 RCX: ffffffff817c2b86
[ 120.046894] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 120.047457] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 120.048029] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff888015488000
[ 120.048592] R13: 0000000000000000 R14: f2fffc0000000032 R15: 0000000000000000
[ 120.049153] ? trace_irq_enable.constprop.0+0x26/0x100
[ 120.049567] ? make_task_dead+0x214/0x3b0
[ 120.049904] ? make_task_dead+0x214/0x3b0
[ 120.050238] ? do_syscall_64+0xbf/0x360
[ 120.050563] rewind_stack_and_make_dead+0x16/0x20
[ 120.050959] RIP: 0033:0x7f4e0e65eb19
[ 120.051257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 120.052696] RSP: 002b:00007f4e0bbd4218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 120.053299] RAX: ffffffffffffffda RBX: 00007f4e0e771f68 RCX: 00007f4e0e65eb19
[ 120.053874] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4e0e771f6c
[ 120.054441] RBP: 00007f4e0e771f60 R08: 000000000000000e R09: 0000000000000000
[ 120.055012] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f4e0e771f6c
[ 120.055585] R13: 00007ffea3badb3f R14: 00007f4e0bbd4300 R15: 0000000000022000
[ 120.056165]
[ 120.056355] Modules linked in:
[ 120.056615] ---[ end trace 0000000000000000 ]---
[ 120.056988] RIP: 0010:perf_tp_event+0x175/0xe70
[ 120.057369] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 120.058794] RSP: 0018:ffff888047787780 EFLAGS: 00010012
[ 120.059213] RAX: 1300000000000032 RBX: 97ffffffffffffa0 RCX: ffffc900092d3000
[ 120.059786] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 9800000000000190
[ 120.060358] RBP: ffff8880477879f0 R08: ffff88806ce31340 R09: ffffe8ffffc16a98
[ 120.060928] R10: 0000000000000000 R11: ffff8880101ac098 R12: dffffc0000000000
[ 120.061494] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 120.062070] FS: 00007f4e0bbd4700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 120.062705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 120.063171] CR2: 00007f4e0e772018 CR3: 000000001f326000 CR4: 0000000000350ef0
[ 120.063746] Kernel panic - not syncing: Fatal exception in interrupt
[ 120.064375] Kernel Offset: disabled
[ 120.064668] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
11:49:31 Registers:
info registers vcpu 0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880477870d8
R8 =0000000000000000 R9 =ffffed10016d5046 R10=0000000000000030 R11=30376578302f4952
R12=0000000000000030 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f4e0bbd4700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe2500000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4e0e772018 CR3=000000001f326000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f4e0e7457c000007f4e0e7457c8
XMM02=00007f4e0e7457e000007f4e0e7457c0 XMM03=00007f4e0e7457c800007f4e0e7457c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=ffffffff81000130 RBX=0000000000000001 RCX=0000000000000001 RDX=ffff888017047f01
RSI=ffff888017047f50 RDI=ffff888017047f50 RBP=ffff888017047620 RSP=ffff888017047558
R8 =ffffffff86c5d65c R9 =ffff888017047608 R10=000000000003be53 R11=00000000000c5e52
R12=ffff888017047628 R13=ffff888017047610 R14=ffff888017047f58 R15=ffff8880170475c8
RIP=ffffffff81358f0d RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 000055556fcef400 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe4f00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055556fcf8c58 CR3=00000000406ea000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000a60ce07b00000000cec3662e XMM01=000000000000000003515b82db34ca11
XMM02=0000000000000000333bebdfd0a6a21d XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000