Warning: Permanently added '[localhost]:63322' (ECDSA) to the list of known hosts.
2025/08/29 11:51:50 fuzzer started
2025/08/29 11:51:50 dialing manager at localhost:43077
syzkaller login: [   58.402466] cgroup: Unknown subsys name 'net'
[   58.466008] cgroup: Unknown subsys name 'cpuset'
[   58.496630] cgroup: Unknown subsys name 'rlimit'
2025/08/29 11:52:01 syscalls: 2214
2025/08/29 11:52:01 code coverage: enabled
2025/08/29 11:52:01 comparison tracing: enabled
2025/08/29 11:52:01 extra coverage: enabled
2025/08/29 11:52:01 setuid sandbox: enabled
2025/08/29 11:52:01 namespace sandbox: enabled
2025/08/29 11:52:01 Android sandbox: enabled
2025/08/29 11:52:01 fault injection: enabled
2025/08/29 11:52:01 leak checking: enabled
2025/08/29 11:52:01 net packet injection: enabled
2025/08/29 11:52:01 net device setup: enabled
2025/08/29 11:52:01 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 11:52:01 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 11:52:01 USB emulation: enabled
2025/08/29 11:52:01 hci packet injection: enabled
2025/08/29 11:52:01 wifi device emulation: enabled
2025/08/29 11:52:01 802.15.4 emulation: enabled
2025/08/29 11:52:01 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 11:52:01 fetching corpus: 50, signal 25274/28724 (executing program)
2025/08/29 11:52:01 fetching corpus: 100, signal 32850/37816 (executing program)
2025/08/29 11:52:01 fetching corpus: 150, signal 40631/46968 (executing program)
2025/08/29 11:52:01 fetching corpus: 200, signal 46736/54350 (executing program)
2025/08/29 11:52:01 fetching corpus: 250, signal 53814/62481 (executing program)
2025/08/29 11:52:01 fetching corpus: 300, signal 58611/68390 (executing program)
2025/08/29 11:52:01 fetching corpus: 350, signal 63230/73990 (executing program)
2025/08/29 11:52:02 fetching corpus: 400, signal 65744/77589 (executing program)
2025/08/29 11:52:02 fetching corpus: 450, signal 69900/82616 (executing program)
2025/08/29 11:52:02 fetching corpus: 500, signal 74031/87486 (executing program)
2025/08/29 11:52:02 fetching corpus: 550, signal 76677/90976 (executing program)
2025/08/29 11:52:02 fetching corpus: 600, signal 79818/94805 (executing program)
2025/08/29 11:52:02 fetching corpus: 650, signal 82130/97969 (executing program)
2025/08/29 11:52:02 fetching corpus: 700, signal 83777/100502 (executing program)
2025/08/29 11:52:02 fetching corpus: 750, signal 86060/103537 (executing program)
2025/08/29 11:52:02 fetching corpus: 800, signal 88961/107019 (executing program)
2025/08/29 11:52:02 fetching corpus: 850, signal 91294/109975 (executing program)
2025/08/29 11:52:03 fetching corpus: 900, signal 93656/112897 (executing program)
2025/08/29 11:52:03 fetching corpus: 950, signal 95256/115189 (executing program)
2025/08/29 11:52:03 fetching corpus: 1000, signal 97270/117840 (executing program)
2025/08/29 11:52:03 fetching corpus: 1050, signal 98782/119946 (executing program)
2025/08/29 11:52:03 fetching corpus: 1100, signal 101216/122804 (executing program)
2025/08/29 11:52:03 fetching corpus: 1150, signal 102280/124547 (executing program)
2025/08/29 11:52:03 fetching corpus: 1200, signal 103571/126411 (executing program)
2025/08/29 11:52:03 fetching corpus: 1250, signal 104843/128281 (executing program)
2025/08/29 11:52:03 fetching corpus: 1300, signal 105769/129856 (executing program)
2025/08/29 11:52:03 fetching corpus: 1350, signal 107007/131643 (executing program)
2025/08/29 11:52:03 fetching corpus: 1400, signal 107746/133020 (executing program)
2025/08/29 11:52:04 fetching corpus: 1450, signal 109696/135213 (executing program)
2025/08/29 11:52:04 fetching corpus: 1500, signal 111079/137004 (executing program)
2025/08/29 11:52:04 fetching corpus: 1550, signal 112630/138889 (executing program)
2025/08/29 11:52:04 fetching corpus: 1600, signal 113578/140330 (executing program)
2025/08/29 11:52:04 fetching corpus: 1650, signal 114672/141857 (executing program)
2025/08/29 11:52:04 fetching corpus: 1700, signal 115841/143433 (executing program)
2025/08/29 11:52:04 fetching corpus: 1750, signal 116758/144834 (executing program)
2025/08/29 11:52:04 fetching corpus: 1800, signal 117905/146335 (executing program)
2025/08/29 11:52:04 fetching corpus: 1850, signal 118794/147601 (executing program)
2025/08/29 11:52:04 fetching corpus: 1900, signal 119693/148898 (executing program)
2025/08/29 11:52:04 fetching corpus: 1950, signal 120653/150201 (executing program)
2025/08/29 11:52:05 fetching corpus: 2000, signal 121678/151597 (executing program)
2025/08/29 11:52:05 fetching corpus: 2050, signal 122714/153026 (executing program)
2025/08/29 11:52:05 fetching corpus: 2100, signal 123558/154296 (executing program)
2025/08/29 11:52:05 fetching corpus: 2150, signal 124150/155300 (executing program)
2025/08/29 11:52:05 fetching corpus: 2200, signal 125581/156918 (executing program)
2025/08/29 11:52:05 fetching corpus: 2250, signal 126566/158155 (executing program)
2025/08/29 11:52:05 fetching corpus: 2300, signal 127321/159178 (executing program)
2025/08/29 11:52:05 fetching corpus: 2350, signal 128190/160269 (executing program)
2025/08/29 11:52:05 fetching corpus: 2400, signal 129191/161439 (executing program)
2025/08/29 11:52:05 fetching corpus: 2450, signal 129815/162449 (executing program)
2025/08/29 11:52:05 fetching corpus: 2500, signal 130578/163488 (executing program)
2025/08/29 11:52:06 fetching corpus: 2550, signal 131426/164608 (executing program)
2025/08/29 11:52:06 fetching corpus: 2600, signal 132399/165667 (executing program)
2025/08/29 11:52:06 fetching corpus: 2650, signal 134876/167357 (executing program)
2025/08/29 11:52:06 fetching corpus: 2700, signal 135476/168256 (executing program)
2025/08/29 11:52:06 fetching corpus: 2750, signal 136202/169254 (executing program)
2025/08/29 11:52:06 fetching corpus: 2800, signal 136973/170204 (executing program)
2025/08/29 11:52:06 fetching corpus: 2850, signal 137466/170972 (executing program)
2025/08/29 11:52:06 fetching corpus: 2900, signal 138012/171784 (executing program)
2025/08/29 11:52:06 fetching corpus: 2950, signal 138608/172578 (executing program)
2025/08/29 11:52:06 fetching corpus: 3000, signal 139928/173655 (executing program)
2025/08/29 11:52:06 fetching corpus: 3050, signal 140666/174476 (executing program)
2025/08/29 11:52:07 fetching corpus: 3100, signal 141498/175349 (executing program)
2025/08/29 11:52:07 fetching corpus: 3150, signal 142038/176066 (executing program)
2025/08/29 11:52:07 fetching corpus: 3200, signal 142593/176790 (executing program)
2025/08/29 11:52:07 fetching corpus: 3250, signal 143559/177600 (executing program)
2025/08/29 11:52:07 fetching corpus: 3300, signal 144272/178315 (executing program)
2025/08/29 11:52:07 fetching corpus: 3350, signal 144782/178945 (executing program)
2025/08/29 11:52:07 fetching corpus: 3400, signal 145293/179645 (executing program)
2025/08/29 11:52:07 fetching corpus: 3450, signal 146071/180301 (executing program)
2025/08/29 11:52:07 fetching corpus: 3500, signal 146871/181002 (executing program)
2025/08/29 11:52:07 fetching corpus: 3550, signal 147809/181682 (executing program)
2025/08/29 11:52:07 fetching corpus: 3600, signal 148497/182329 (executing program)
2025/08/29 11:52:08 fetching corpus: 3650, signal 149130/182913 (executing program)
2025/08/29 11:52:08 fetching corpus: 3700, signal 149544/183445 (executing program)
2025/08/29 11:52:08 fetching corpus: 3750, signal 150004/184029 (executing program)
2025/08/29 11:52:08 fetching corpus: 3800, signal 150651/184715 (executing program)
2025/08/29 11:52:08 fetching corpus: 3850, signal 151328/185298 (executing program)
2025/08/29 11:52:08 fetching corpus: 3900, signal 152165/185856 (executing program)
2025/08/29 11:52:08 fetching corpus: 3950, signal 152942/186401 (executing program)
2025/08/29 11:52:08 fetching corpus: 4000, signal 153381/186888 (executing program)
2025/08/29 11:52:08 fetching corpus: 4050, signal 153889/187413 (executing program)
2025/08/29 11:52:08 fetching corpus: 4100, signal 154577/187989 (executing program)
2025/08/29 11:52:09 fetching corpus: 4150, signal 155075/188442 (executing program)
2025/08/29 11:52:09 fetching corpus: 4200, signal 155581/188890 (executing program)
2025/08/29 11:52:09 fetching corpus: 4250, signal 156166/189290 (executing program)
2025/08/29 11:52:09 fetching corpus: 4300, signal 156787/189788 (executing program)
2025/08/29 11:52:09 fetching corpus: 4350, signal 157072/190178 (executing program)
2025/08/29 11:52:09 fetching corpus: 4400, signal 157775/190604 (executing program)
2025/08/29 11:52:09 fetching corpus: 4450, signal 158217/191012 (executing program)
2025/08/29 11:52:09 fetching corpus: 4500, signal 158807/191394 (executing program)
2025/08/29 11:52:09 fetching corpus: 4550, signal 159219/191756 (executing program)
2025/08/29 11:52:09 fetching corpus: 4600, signal 159847/192129 (executing program)
2025/08/29 11:52:10 fetching corpus: 4650, signal 160314/192342 (executing program)
2025/08/29 11:52:10 fetching corpus: 4700, signal 160731/192354 (executing program)
2025/08/29 11:52:10 fetching corpus: 4750, signal 161221/192366 (executing program)
2025/08/29 11:52:10 fetching corpus: 4800, signal 161739/192370 (executing program)
2025/08/29 11:52:10 fetching corpus: 4850, signal 162222/192379 (executing program)
2025/08/29 11:52:10 fetching corpus: 4900, signal 162902/192382 (executing program)
2025/08/29 11:52:10 fetching corpus: 4950, signal 163339/192382 (executing program)
2025/08/29 11:52:10 fetching corpus: 5000, signal 164774/192388 (executing program)
2025/08/29 11:52:10 fetching corpus: 5050, signal 165291/192389 (executing program)
2025/08/29 11:52:10 fetching corpus: 5100, signal 165698/192438 (executing program)
2025/08/29 11:52:10 fetching corpus: 5150, signal 166088/192439 (executing program)
2025/08/29 11:52:11 fetching corpus: 5200, signal 166785/192480 (executing program)
2025/08/29 11:52:11 fetching corpus: 5250, signal 167348/192569 (executing program)
2025/08/29 11:52:11 fetching corpus: 5300, signal 167741/192591 (executing program)
2025/08/29 11:52:11 fetching corpus: 5350, signal 168083/192592 (executing program)
2025/08/29 11:52:11 fetching corpus: 5400, signal 168499/192612 (executing program)
2025/08/29 11:52:11 fetching corpus: 5450, signal 168780/192626 (executing program)
2025/08/29 11:52:11 fetching corpus: 5500, signal 169312/192629 (executing program)
2025/08/29 11:52:11 fetching corpus: 5550, signal 169742/192689 (executing program)
2025/08/29 11:52:11 fetching corpus: 5600, signal 170167/192694 (executing program)
2025/08/29 11:52:11 fetching corpus: 5650, signal 170418/192703 (executing program)
2025/08/29 11:52:11 fetching corpus: 5700, signal 170805/192757 (executing program)
2025/08/29 11:52:11 fetching corpus: 5750, signal 171160/192771 (executing program)
2025/08/29 11:52:12 fetching corpus: 5800, signal 171547/192782 (executing program)
2025/08/29 11:52:12 fetching corpus: 5850, signal 171792/192788 (executing program)
2025/08/29 11:52:12 fetching corpus: 5900, signal 172147/192792 (executing program)
2025/08/29 11:52:12 fetching corpus: 5950, signal 172531/192792 (executing program)
2025/08/29 11:52:12 fetching corpus: 6000, signal 172878/192804 (executing program)
2025/08/29 11:52:12 fetching corpus: 6050, signal 173237/192811 (executing program)
2025/08/29 11:52:12 fetching corpus: 6100, signal 173553/192813 (executing program)
2025/08/29 11:52:12 fetching corpus: 6150, signal 174223/192819 (executing program)
2025/08/29 11:52:12 fetching corpus: 6200, signal 174650/192851 (executing program)
2025/08/29 11:52:12 fetching corpus: 6250, signal 174954/192856 (executing program)
2025/08/29 11:52:12 fetching corpus: 6300, signal 175300/192866 (executing program)
2025/08/29 11:52:12 fetching corpus: 6350, signal 175592/192878 (executing program)
2025/08/29 11:52:13 fetching corpus: 6400, signal 175965/192880 (executing program)
2025/08/29 11:52:13 fetching corpus: 6450, signal 176417/192883 (executing program)
2025/08/29 11:52:13 fetching corpus: 6500, signal 176635/192902 (executing program)
2025/08/29 11:52:13 fetching corpus: 6550, signal 176901/192911 (executing program)
2025/08/29 11:52:13 fetching corpus: 6600, signal 177055/192923 (executing program)
2025/08/29 11:52:13 fetching corpus: 6650, signal 177360/192923 (executing program)
2025/08/29 11:52:13 fetching corpus: 6700, signal 177662/192928 (executing program)
2025/08/29 11:52:13 fetching corpus: 6750, signal 178069/192956 (executing program)
2025/08/29 11:52:13 fetching corpus: 6800, signal 178326/192960 (executing program)
2025/08/29 11:52:13 fetching corpus: 6850, signal 178636/192973 (executing program)
2025/08/29 11:52:13 fetching corpus: 6900, signal 178976/192977 (executing program)
2025/08/29 11:52:13 fetching corpus: 6950, signal 179342/192978 (executing program)
2025/08/29 11:52:13 fetching corpus: 7000, signal 179522/192988 (executing program)
2025/08/29 11:52:14 fetching corpus: 7050, signal 179839/193013 (executing program)
2025/08/29 11:52:14 fetching corpus: 7100, signal 180109/193024 (executing program)
2025/08/29 11:52:14 fetching corpus: 7150, signal 180369/193025 (executing program)
2025/08/29 11:52:14 fetching corpus: 7200, signal 180657/193042 (executing program)
2025/08/29 11:52:14 fetching corpus: 7250, signal 180877/193045 (executing program)
2025/08/29 11:52:14 fetching corpus: 7300, signal 181301/193055 (executing program)
2025/08/29 11:52:14 fetching corpus: 7350, signal 181692/193057 (executing program)
2025/08/29 11:52:14 fetching corpus: 7400, signal 182157/193057 (executing program)
2025/08/29 11:52:14 fetching corpus: 7450, signal 182483/193079 (executing program)
2025/08/29 11:52:14 fetching corpus: 7500, signal 182722/193085 (executing program)
2025/08/29 11:52:14 fetching corpus: 7550, signal 182974/193093 (executing program)
2025/08/29 11:52:15 fetching corpus: 7600, signal 183196/193099 (executing program)
2025/08/29 11:52:15 fetching corpus: 7650, signal 183435/193099 (executing program)
2025/08/29 11:52:15 fetching corpus: 7700, signal 183838/193108 (executing program)
2025/08/29 11:52:15 fetching corpus: 7750, signal 184084/193119 (executing program)
2025/08/29 11:52:15 fetching corpus: 7800, signal 184326/193137 (executing program)
2025/08/29 11:52:15 fetching corpus: 7850, signal 184529/193168 (executing program)
2025/08/29 11:52:15 fetching corpus: 7900, signal 184777/193176 (executing program)
2025/08/29 11:52:15 fetching corpus: 7950, signal 185064/193181 (executing program)
2025/08/29 11:52:15 fetching corpus: 8000, signal 185251/193201 (executing program)
2025/08/29 11:52:15 fetching corpus: 8050, signal 185493/193204 (executing program)
2025/08/29 11:52:15 fetching corpus: 8100, signal 185782/193206 (executing program)
2025/08/29 11:52:16 fetching corpus: 8150, signal 186078/193226 (executing program)
2025/08/29 11:52:16 fetching corpus: 8200, signal 186342/193249 (executing program)
2025/08/29 11:52:16 fetching corpus: 8250, signal 186809/193255 (executing program)
2025/08/29 11:52:16 fetching corpus: 8300, signal 187150/193256 (executing program)
2025/08/29 11:52:16 fetching corpus: 8350, signal 187389/193271 (executing program)
2025/08/29 11:52:16 fetching corpus: 8400, signal 187615/193274 (executing program)
2025/08/29 11:52:16 fetching corpus: 8450, signal 187968/193275 (executing program)
2025/08/29 11:52:16 fetching corpus: 8500, signal 188236/193294 (executing program)
2025/08/29 11:52:16 fetching corpus: 8550, signal 188541/193297 (executing program)
2025/08/29 11:52:16 fetching corpus: 8600, signal 188849/193300 (executing program)
2025/08/29 11:52:16 fetching corpus: 8650, signal 189079/193305 (executing program)
2025/08/29 11:52:17 fetching corpus: 8700, signal 189273/193313 (executing program)
2025/08/29 11:52:17 fetching corpus: 8750, signal 189516/193316 (executing program)
2025/08/29 11:52:17 fetching corpus: 8800, signal 189730/193321 (executing program)
2025/08/29 11:52:17 fetching corpus: 8850, signal 189908/193333 (executing program)
2025/08/29 11:52:17 fetching corpus: 8852, signal 189916/193333 (executing program)
2025/08/29 11:52:17 fetching corpus: 8852, signal 189916/193333 (executing program)
2025/08/29 11:52:18 starting 8 fuzzer processes
11:52:18 executing program 0:
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000c80), 0x80000, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640), 0x1100)

11:52:18 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_u}]}})

11:52:19 executing program 7:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000000)=@ethtool_rx_ntuple={0x3d, {0x0, @tcp_ip4_spec={@rand_addr, @private}, @esp_ip4_spec={@multicast1, @local}}}})

11:52:19 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x0)

11:52:19 executing program 6:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000000)=0x100, 0x4)
syz_emit_ethernet(0x10c, &(0x7f0000000280)=ANY=[], 0x0)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

11:52:19 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$sock_linger(r0, 0x1, 0x5, 0x0, &(0x7f0000000140))

[   86.599847] audit: type=1400 audit(1756468339.056:7): avc:  denied  { execmem } for  pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:52:19 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
getsockopt$packet_buf(r0, 0x107, 0xb, &(0x7f00000000c0)=""/97, &(0x7f0000000140)=0x61)

11:52:19 executing program 4:
futex(0x0, 0x10b, 0x0, 0x0, 0x0, 0x0)

[   87.744140] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   87.746430] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   87.750697] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   87.755467] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   87.758581] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   87.896484] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   87.898216] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   87.900217] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   87.904150] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   87.907576] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   87.939742] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   87.941398] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   87.947141] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   87.950151] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   87.951592] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   87.952945] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   87.954739] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   87.956548] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   87.958108] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   87.966745] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   87.969064] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   87.974288] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   87.975830] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   87.977661] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   87.982703] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   87.984222] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   87.987611] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   87.989634] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   88.002810] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   88.010697] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   88.043147] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   88.049545] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   88.060043] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   88.061299] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   88.069965] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   88.073684] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   88.076795] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   88.077894] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   88.098663] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   88.105559] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   89.837747] Bluetooth: hci0: command tx timeout
[   89.965449] Bluetooth: hci1: command tx timeout
[   90.030754] Bluetooth: hci4: command tx timeout
[   90.033572] Bluetooth: hci3: command tx timeout
[   90.093614] Bluetooth: hci2: command tx timeout
[   90.094138] Bluetooth: hci6: command tx timeout
[   90.157355] Bluetooth: hci5: command tx timeout
[   90.157899] Bluetooth: hci7: command tx timeout
[   91.886277] Bluetooth: hci0: command tx timeout
[   92.013573] Bluetooth: hci1: command tx timeout
[   92.077352] Bluetooth: hci3: command tx timeout
[   92.077829] Bluetooth: hci4: command tx timeout
[   92.141766] Bluetooth: hci6: command tx timeout
[   92.142671] Bluetooth: hci2: command tx timeout
[   92.205507] Bluetooth: hci7: command tx timeout
[   92.206574] Bluetooth: hci5: command tx timeout
[   93.933350] Bluetooth: hci0: command tx timeout
[   94.061388] Bluetooth: hci1: command tx timeout
[   94.127401] Bluetooth: hci3: command tx timeout
[   94.128130] Bluetooth: hci4: command tx timeout
[   94.189561] Bluetooth: hci2: command tx timeout
[   94.190709] Bluetooth: hci6: command tx timeout
[   94.253610] Bluetooth: hci7: command tx timeout
[   94.254683] Bluetooth: hci5: command tx timeout
[   95.981994] Bluetooth: hci0: command tx timeout
[   96.111303] Bluetooth: hci1: command tx timeout
[   96.173335] Bluetooth: hci4: command tx timeout
[   96.173791] Bluetooth: hci3: command tx timeout
[   96.237390] Bluetooth: hci6: command tx timeout
[   96.238170] Bluetooth: hci2: command tx timeout
[   96.301372] Bluetooth: hci5: command tx timeout
[   96.302161] Bluetooth: hci7: command tx timeout
[  126.312024] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.312697] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.319042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.319677] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.565295] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.565919] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.568571] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.569192] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.995415] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.996051] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:52:59 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r0, &(0x7f0000001140)={0x11, 0xd}, 0x14)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)

11:52:59 executing program 6:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000000)=0x100, 0x4)
syz_emit_ethernet(0x10c, &(0x7f0000000280)=ANY=[], 0x0)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

[  127.113599] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.114189] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:52:59 executing program 6:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000000)=0x100, 0x4)
syz_emit_ethernet(0x10c, &(0x7f0000000280)=ANY=[], 0x0)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

11:52:59 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r0, &(0x7f0000001140)={0x11, 0xd}, 0x14)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)

11:52:59 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r0, &(0x7f0000001140)={0x11, 0xd}, 0x14)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)

11:52:59 executing program 6:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000000)=0x100, 0x4)
syz_emit_ethernet(0x10c, &(0x7f0000000280)=ANY=[], 0x0)
recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

11:52:59 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$sock_linger(r0, 0x1, 0x5, 0x0, &(0x7f0000000140))

11:52:59 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r0, &(0x7f0000001140)={0x11, 0xd}, 0x14)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)

[  127.595418] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.596058] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.677328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.677957] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.785834] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.786478] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.884632] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.885237] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.909503] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.910069] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.970380] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.971007] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.290496] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.291117] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.353021] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.353669] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.495231] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.495865] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.521878] audit: type=1400 audit(1756468380.977:8): avc:  denied  { open } for  pid=3909 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  128.526722] audit: type=1400 audit(1756468380.979:9): avc:  denied  { kernel } for  pid=3909 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  128.556380] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.556969] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:53:01 executing program 1:
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x300489830ddf23be, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78)
write$binfmt_elf64(r0, 0x0, 0xfffffdef)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000140)=""/137, 0x89}], 0x1, 0x0, 0x0)

11:53:01 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setresuid(0x0, 0xee01, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8993, &(0x7f0000000000)={'bridge0\x00'})

11:53:01 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$sock_linger(r0, 0x1, 0x5, 0x0, &(0x7f0000000140))

11:53:01 executing program 7:
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000080))
syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0)
syz_80211_inject_frame(&(0x7f00000014c0)=@device_b, 0x0, 0x0)
syz_80211_inject_frame(&(0x7f00000018c0), 0x0, 0x0)
syz_80211_inject_frame(&(0x7f0000000100), &(0x7f0000000140)=@data_frame={@no_qos=@type01={{0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {}, @broadcast, @initial, @device_b, {0x3, 0x2}}, @a_msdu=[{@device_b}]}, 0x28)

11:53:01 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x401c5820, &(0x7f0000000bc0)={'wlan1\x00'})

11:53:01 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_u}]}})

11:53:01 executing program 0:
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000c80), 0x80000, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640), 0x1100)

11:53:01 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x42, 0x4)
sendmmsg$inet6(r0, &(0x7f00000043c0)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x0, @loopback={0xffffff7f00000000}}, 0x1c, 0x0}}], 0x1, 0x0)
recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x2140)

[  129.514179] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
11:53:01 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$sock_linger(r0, 0x1, 0x5, 0x0, &(0x7f0000000140))

[  129.541238] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.567870] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
11:53:02 executing program 3:
rseq(&(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)}, 0x20, 0x0, 0x0)

[  129.605574] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.918471] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.922190] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.925419] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.929090] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
11:53:02 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
lchown(&(0x7f00000000c0)='./file0\x00', 0xee00, 0x0)

11:53:02 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x15, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000d6f4655fd6f4655f0100ffff53ef010001000000d5f4655f000000000000000001000000000000000b0000000001000018000000c28500002b0200000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e34393038313534303400"/192, 0xc0, 0x400}, {&(0x7f0000010100)="00000000000000000000000028305c8a835f4f4da440baa59e2884cb010040000c00000000000000d5f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000500400000000000000000000000000000005a00000000000000", 0x40, 0x540}, {&(0x7f0000010300)="02000000030000000400000019000f0003000400"/32, 0x20, 0x1000}, {&(0x7f0000010400)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d5f4655fd5f4655fd5f4655f00"/8224, 0x2020, 0x2000}, {&(0x7f0000012500)="ed41000000100000d5f4655fd6f4655fd6f4655f00000000000004008000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x4100}, {&(0x7f0000012600)="200000003413ec503413ec5000000000d5f4655f00"/32, 0x20, 0x4180}, {&(0x7f0000012700)="8081000000c04000d5f4655fd5f4655fd5f4655f00000000000001008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000010000000000000000000000000000000000000020000000000000000000000000000000d5f4655f00"/160, 0xa0, 0x4600}, {&(0x7f0000012800)="c041000000300000d5f4655fd5f4655fd5f4655f00000000000002008000000000000800000000000af301000400000000000000000000000300000020000000", 0x40, 0x4a00}, {&(0x7f0000012900)="20000000000000000000000000000000d5f4655f000000000000000000000000000002ea00"/64, 0x40, 0x4a80}, {&(0x7f0000012a00)="ed4100003c000000d6f4655fd6f4655fd6f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c65310000000000000000000000000000000000000000000000000000003ba2b893000000000000000000000000000000000000000000000000200000003413ec503413ec503413ec50d6f4655f3413ec500000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x4b00}, {&(0x7f0000012b00)="ed8100001a040000d6f4655fd6f4655fd6f4655f00000000000001008000000000000800010000000af301000400000000000000000000000100000050000000000000000000000000000000000000000000000000000000000000000000000000000000c37da192000000000000000000000000000000000000000000000000200000003413ec503413ec503413ec50d6f4655f3413ec500000000000000000", 0xa0, 0x4c00}, {&(0x7f0000012c00)="ffa1000026000000d6f4655fd6f4655fd6f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3439303831353430342f66696c65302f66696c653000000000000000000000000000000000000000000000da927999000000000000000000000000000000000000000000000000200000003413ec503413ec503413ec50d6f4655f3413ec500000000000000000", 0xa0, 0x4d00}, {&(0x7f0000012d00)="ed8100000a000000d6f4655fd6f4655fd6f4655f000000000000010000000000000000100100000073797a6b616c6c65727300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006ab3c717000000000000000000000000000000000000000000000000200000003413ec503413ec503413ec50d6f4655f3413ec500000000000000000000002ea040700000000000000000000000000006461746106015400000000000600000000000000786174747231000006014c000000000006000000000000007861747472320000000000000000000078617474723200007861747472310000ed81000028230000d6f4655fd6f4655fd6f4655f00000000000002008000000000000800010000000af301000400000000000000000000000300000060000000020000000100000062000000020000000180000062000000000000000000000000000000a52b9220000000000000000000000000000000000000000000000000200000003413ec503413ec503413ec50d6f4655f3413ec500000000000000000", 0x1a0, 0x4e00}, {&(0x7f0000012f00)="ed81000064000000d6f4655fd6f4655fd6f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616cd6d71767000000000000000000000000000000000000000000000000200000003413ec503413ec503413ec50d6f4655f3413ec500000000000000000000002ea040734000000000028000000000000006461746100000000000000000000000000000000000000000000000000000000000000006c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273", 0x100, 0x5000}, {&(0x7f0000013000)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c653300000011000000940f090166696c652e636f6c64000000", 0x80, 0x10000}, {&(0x7f0000013100)="0b0000000c0001022e000000020000000c0002022e2e000000000000e80f0000", 0x20, 0x20000}, {&(0x7f0000013200)="00000000001000"/32, 0x20, 0x21000}, {&(0x7f0000013300)="00000000001000"/32, 0x20, 0x22000}, {&(0x7f0000013400)="504d4d00504d4dffd6f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7033350075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x40000}, {&(0x7f0000013500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x50000}], 0x0, &(0x7f0000013a00))

11:53:02 executing program 2:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000080)={0x0, 0xfffffffffffffff7, 0x10000})

11:53:02 executing program 4:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
rt_sigpending(0x0, 0x0)

11:53:02 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_u}]}})

11:53:02 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000200)={0x9})
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x7, 0x13, r0, 0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000000), 0x0, 0x4)

11:53:02 executing program 3:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000080)=@ocfs2={0xc, 0x1, {0x2, 0x2}}, 0x0)

11:53:02 executing program 0:
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000c80), 0x80000, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640), 0x1100)

[  129.986877] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI
[  129.987826] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[  129.988533] CPU: 0 UID: 0 PID: 3947 Comm: syz-executor.3 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  129.989483] Tainted: [W]=WARN
[  129.990465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  129.992379] RIP: 0010:perf_tp_event+0x175/0xe70
[  129.993570] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  129.998004] RSP: 0018:ffff888047a6f600 EFLAGS: 00010212
[  129.998438] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[  129.999002] RDX: ffff88801b8a3700 RSI: ffffffff818995b7 RDI: 0000000100000190
[  129.999570] RBP: ffff888047a6f870 R08: ffff88806ce31340 R09: ffffe8ffffc06228
[  130.000149] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[  130.000716] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[  130.001286] FS:  000055558e3ff400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  130.001927] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  130.002395] CR2: 0000001b2d122000 CR3: 000000000a351000 CR4: 0000000000350ef0
[  130.002962] Call Trace:
[  130.003174]  <TASK>
[  130.003371]  ? __pfx_perf_tp_event+0x10/0x10
[  130.003746]  ? __lock_acquire+0x694/0x1b70
[  130.004106]  ? __lock_acquire+0x694/0x1b70
[  130.004462]  ? lock_acquire+0x15e/0x2f0
[  130.004795]  ? __is_insn_slot_addr+0x2e/0x290
[  130.005174]  ? __lock_acquire+0x694/0x1b70
[  130.005530]  ? perf_trace_run_bpf_submit+0xef/0x180
[  130.005938]  perf_trace_run_bpf_submit+0xef/0x180
[  130.006333]  perf_trace_lock_acquire+0x3c2/0x700
[  130.006729]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[  130.007155]  ? futex_ref_get+0x48/0x300
[  130.007484]  ? find_held_lock+0x2b/0x80
[  130.007816]  lock_acquire+0xc5/0x2f0
[  130.008136]  ? futex_wait_setup+0xbe/0x550
[  130.008498]  _raw_spin_lock+0x2b/0x40
[  130.008827]  ? futex_wait_setup+0xbe/0x550
[  130.009181]  futex_wait_setup+0xbe/0x550
[  130.009522]  __futex_wait+0x151/0x300
[  130.009842]  ? __pfx___futex_wait+0x10/0x10
[  130.010205]  ? __pfx_futex_wake_mark+0x10/0x10
[  130.010591]  ? __hrtimer_setup+0x1a4/0x2c0
[  130.010945]  ? ktime_add_safe+0x5f/0x70
[  130.011273]  futex_wait+0xde/0x380
[  130.011571]  ? __pfx_futex_wait+0x10/0x10
[  130.011933]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  130.012304]  ? lock_release+0xc8/0x290
[  130.012628]  do_futex+0x2ee/0x370
[  130.012917]  ? __pfx_do_futex+0x10/0x10
[  130.013243]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  130.013674]  ? read_tsc+0x9/0x20
[  130.013966]  __x64_sys_futex+0x1c9/0x4d0
[  130.014307]  ? __pfx___x64_sys_futex+0x10/0x10
[  130.014690]  ? lock_release+0xc8/0x290
[  130.015011]  ? xfd_validate_state+0x55/0x180
[  130.015391]  do_syscall_64+0xbf/0x360
[  130.015713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.016152] RIP: 0033:0x7fbd64196b19
[  130.016468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  130.017949] RSP: 002b:00007fffbc0a5c48 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  130.018571] RAX: ffffffffffffffda RBX: 0000000000000032 RCX: 00007fbd64196b19
[  130.019155] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbd642a9f6c
[  130.019740] RBP: 00007fbd642a9f6c R08: 00007fbd64286000 R09: 0000000000000000
[  130.020328] R10: 00007fffbc0a5d20 R11: 0000000000000246 R12: 000000000001fb01
[  130.020907] R13: 00000000000003e8 R14: 00007fbd642a9f60 R15: 000000000001fafe
[  130.021502]  </TASK>
[  130.021696] Modules linked in:
[  130.022000] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI
[  130.022905] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[  130.023615] CPU: 0 UID: 0 PID: 3947 Comm: syz-executor.3 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  130.024628] Tainted: [D]=DIE, [W]=WARN
[  130.024946] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  130.025634] RIP: 0010:perf_tp_event+0x175/0xe70
[  130.026059] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  130.027572] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012
[  130.028039] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[  130.028666] RDX: ffff88801b8a3700 RSI: ffffffff818995b7 RDI: 0000000100000190
[  130.029262] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc06228
[  130.029858] R10: 0000000000000000 R11: 000000000000002c R12: dffffc0000000000
[  130.030457] R13: 000000000000002c R14: ffff88806ce31490 R15: dffffc0000000000
[  130.031074] FS:  000055558e3ff400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  130.031757] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  130.032253] CR2: 0000001b2d122000 CR3: 000000000a351000 CR4: 0000000000350ef0
[  130.032865] Call Trace:
[  130.033101]  <IRQ>
[  130.033282]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  130.033755]  ? __pfx_perf_tp_event+0x10/0x10
[  130.034145]  ? __lock_acquire+0xc65/0x1b70
[  130.034512]  ? trace_rcu_utilization+0x26/0x190
[  130.034918]  ? rcu_sched_clock_irq+0x7a0/0x2b40
[  130.035338]  ? __lock_acquire+0x694/0x1b70
[  130.035719]  ? lock_acquire+0x15e/0x2f0
[  130.036087]  ? perf_trace_run_bpf_submit+0xef/0x180
[  130.036519]  perf_trace_run_bpf_submit+0xef/0x180
[  130.036933]  perf_trace_lock_acquire+0x3c2/0x700
[  130.037342]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  130.037748]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[  130.038181]  ? lock_acquire+0x15e/0x2f0
[  130.038534]  ? find_held_lock+0x2b/0x80
[  130.038883]  ? clockevents_program_event+0x14f/0x360
[  130.039316]  ? lock_release+0xc8/0x290
[  130.039656]  lock_acquire+0xc5/0x2f0
[  130.039970]  ? hrtimer_interrupt+0xd6/0x830
[  130.040333]  ? __pfx_lapic_next_deadline+0x10/0x10
[  130.040750]  _raw_spin_lock_irqsave+0x3a/0x60
[  130.041138]  ? hrtimer_interrupt+0xd6/0x830
[  130.041505]  hrtimer_interrupt+0xd6/0x830
[  130.041863]  ? __pfx_flush_tlb_func+0x10/0x10
[  130.042249]  ? trace_csd_function_exit+0x134/0x190
[  130.042693]  ? __flush_smp_call_function_queue+0x28c/0x740
[  130.043167]  __sysvec_apic_timer_interrupt+0xbb/0x330
[  130.043610]  sysvec_apic_timer_interrupt+0x6b/0x80
[  130.044037]  </IRQ>
[  130.044240]  <TASK>
[  130.044445]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  130.044903] RIP: 0010:oops_exit+0x0/0x50
[  130.045252] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27
[  130.046817] RSP: 0018:ffff888047a6f490 EFLAGS: 00000202
[  130.047276] RAX: 0000000000000000 RBX: 0000000000000293 RCX: ffffffff8139f06f
[  130.047864] RDX: ffff88801b8a3700 RSI: ffffffff812a3dca RDI: 0000000000000007
[  130.048484] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90
[  130.049109] R10: 0000000000000000 R11: 000000000000002c R12: ffff888047a6f558
[  130.049733] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000
[  130.050371]  ? add_taint+0x5f/0xd0
[  130.050691]  ? oops_end+0x4a/0xe0
[  130.050997]  oops_end+0x65/0xe0
[  130.051284]  exc_general_protection+0x1a2/0x330
[  130.051686]  asm_exc_general_protection+0x26/0x30
[  130.052098] RIP: 0010:perf_tp_event+0x175/0xe70
[  130.052506] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  130.054048] RSP: 0018:ffff888047a6f600 EFLAGS: 00010212
[  130.054520] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[  130.055139] RDX: ffff88801b8a3700 RSI: ffffffff818995b7 RDI: 0000000100000190
[  130.055755] RBP: ffff888047a6f870 R08: ffff88806ce31340 R09: ffffe8ffffc06228
[  130.056364] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[  130.056972] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[  130.057583]  ? perf_tp_event+0x167/0xe70
[  130.057944]  ? __pfx_perf_tp_event+0x10/0x10
[  130.058320]  ? __lock_acquire+0x694/0x1b70
[  130.058705]  ? __lock_acquire+0x694/0x1b70
[  130.059087]  ? lock_acquire+0x15e/0x2f0
[  130.059428]  ? __is_insn_slot_addr+0x2e/0x290
[  130.059797]  ? __lock_acquire+0x694/0x1b70
[  130.060149]  ? perf_trace_run_bpf_submit+0xef/0x180
[  130.060550]  perf_trace_run_bpf_submit+0xef/0x180
[  130.060939]  perf_trace_lock_acquire+0x3c2/0x700
[  130.061321]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[  130.061738]  ? futex_ref_get+0x48/0x300
[  130.062051]  ? find_held_lock+0x2b/0x80
[  130.062374]  lock_acquire+0xc5/0x2f0
[  130.062672]  ? futex_wait_setup+0xbe/0x550
[  130.063020]  _raw_spin_lock+0x2b/0x40
[  130.063328]  ? futex_wait_setup+0xbe/0x550
[  130.063665]  futex_wait_setup+0xbe/0x550
[  130.064001]  __futex_wait+0x151/0x300
[  130.064311]  ? __pfx___futex_wait+0x10/0x10
[  130.064658]  ? __pfx_futex_wake_mark+0x10/0x10
[  130.065031]  ? __hrtimer_setup+0x1a4/0x2c0
[  130.065377]  ? ktime_add_safe+0x5f/0x70
[  130.065703]  futex_wait+0xde/0x380
[  130.065995]  ? __pfx_futex_wait+0x10/0x10
[  130.066332]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  130.066696]  ? lock_release+0xc8/0x290
[  130.067014]  do_futex+0x2ee/0x370
[  130.067296]  ? __pfx_do_futex+0x10/0x10
[  130.067614]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  130.068032]  ? read_tsc+0x9/0x20
[  130.068316]  __x64_sys_futex+0x1c9/0x4d0
[  130.068645]  ? __pfx___x64_sys_futex+0x10/0x10
[  130.069012]  ? lock_release+0xc8/0x290
[  130.069323]  ? xfd_validate_state+0x55/0x180
[  130.069687]  do_syscall_64+0xbf/0x360
[  130.069993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.070402] RIP: 0033:0x7fbd64196b19
[  130.070699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  130.072126] RSP: 002b:00007fffbc0a5c48 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  130.072721] RAX: ffffffffffffffda RBX: 0000000000000032 RCX: 00007fbd64196b19
[  130.073279] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbd642a9f6c
[  130.073840] RBP: 00007fbd642a9f6c R08: 00007fbd64286000 R09: 0000000000000000
[  130.074399] R10: 00007fffbc0a5d20 R11: 0000000000000246 R12: 000000000001fb01
[  130.074966] R13: 00000000000003e8 R14: 00007fbd642a9f60 R15: 000000000001fafe
[  130.075537]  </TASK>
[  130.075727] Modules linked in:
[  130.075997] ---[ end trace 0000000000000000 ]---
[  130.076370] RIP: 0010:perf_tp_event+0x175/0xe70
[  130.076743] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  130.078166] RSP: 0018:ffff888047a6f600 EFLAGS: 00010212
[  130.078587] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[  130.079147] RDX: ffff88801b8a3700 RSI: ffffffff818995b7 RDI: 0000000100000190
[  130.079704] RBP: ffff888047a6f870 R08: ffff88806ce31340 R09: ffffe8ffffc06228
[  130.080271] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[  130.080852] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[  130.081419] FS:  000055558e3ff400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  130.082057] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  130.082518] CR2: 0000001b2d122000 CR3: 000000000a351000 CR4: 0000000000350ef0
[  130.083123] Kernel panic - not syncing: Fatal exception in interrupt
[  130.083924] Kernel Offset: disabled
[  130.084243] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
11:53:02  Registers:
info registers vcpu 0
RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888047a6eef0
R8 =0000000000000000 R9 =ffffed100148b046 R10=0000000000000033 R11=000000000000002c
R12=0000000000000033 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 000055558e3ff400 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe3d00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2d122000 CR3=000000000a351000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000ff0000000000 XMM01=00000000000000000000010000000000
XMM02=7463656a6e695f31313230385f7a7973 XMM03=00007fbd6427d7c800007fbd6427d7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88806ce3de00 RCX=ffffffff816880fc RDX=ffff88801ba89b80
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff8880169176f8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1
R12=ffffed100d9c7bc1 R13=ffff88806ce3de08 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555567557400 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe4900000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055555beac708 CR3=0000000034732000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000