Warning: Permanently added '[localhost]:28304' (ECDSA) to the list of known hosts.
2025/08/29 12:07:08 fuzzer started
2025/08/29 12:07:08 dialing manager at localhost:43077
syzkaller login: [   50.524469] cgroup: Unknown subsys name 'net'
[   50.610898] cgroup: Unknown subsys name 'cpuset'
[   50.626616] cgroup: Unknown subsys name 'rlimit'
2025/08/29 12:07:19 syscalls: 2214
2025/08/29 12:07:19 code coverage: enabled
2025/08/29 12:07:19 comparison tracing: enabled
2025/08/29 12:07:19 extra coverage: enabled
2025/08/29 12:07:19 setuid sandbox: enabled
2025/08/29 12:07:19 namespace sandbox: enabled
2025/08/29 12:07:19 Android sandbox: enabled
2025/08/29 12:07:19 fault injection: enabled
2025/08/29 12:07:19 leak checking: enabled
2025/08/29 12:07:19 net packet injection: enabled
2025/08/29 12:07:19 net device setup: enabled
2025/08/29 12:07:19 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 12:07:19 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 12:07:19 USB emulation: enabled
2025/08/29 12:07:19 hci packet injection: enabled
2025/08/29 12:07:19 wifi device emulation: enabled
2025/08/29 12:07:19 802.15.4 emulation: enabled
2025/08/29 12:07:19 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 12:07:19 fetching corpus: 48, signal 16508/20174 (executing program)
2025/08/29 12:07:19 fetching corpus: 98, signal 35224/40093 (executing program)
2025/08/29 12:07:19 fetching corpus: 148, signal 41881/48094 (executing program)
2025/08/29 12:07:19 fetching corpus: 198, signal 48510/55889 (executing program)
2025/08/29 12:07:19 fetching corpus: 248, signal 53521/62068 (executing program)
2025/08/29 12:07:19 fetching corpus: 298, signal 58668/68259 (executing program)
2025/08/29 12:07:19 fetching corpus: 348, signal 61975/72684 (executing program)
2025/08/29 12:07:19 fetching corpus: 398, signal 64669/76524 (executing program)
2025/08/29 12:07:20 fetching corpus: 448, signal 67385/80294 (executing program)
2025/08/29 12:07:20 fetching corpus: 498, signal 72321/85974 (executing program)
2025/08/29 12:07:20 fetching corpus: 548, signal 75133/89714 (executing program)
2025/08/29 12:07:20 fetching corpus: 598, signal 77951/93330 (executing program)
2025/08/29 12:07:20 fetching corpus: 648, signal 84757/100301 (executing program)
2025/08/29 12:07:20 fetching corpus: 698, signal 86613/102980 (executing program)
2025/08/29 12:07:20 fetching corpus: 748, signal 88219/105439 (executing program)
2025/08/29 12:07:20 fetching corpus: 798, signal 91050/108827 (executing program)
2025/08/29 12:07:20 fetching corpus: 848, signal 93864/112179 (executing program)
2025/08/29 12:07:20 fetching corpus: 898, signal 95535/114554 (executing program)
2025/08/29 12:07:20 fetching corpus: 948, signal 97300/116936 (executing program)
2025/08/29 12:07:21 fetching corpus: 998, signal 99255/119442 (executing program)
2025/08/29 12:07:21 fetching corpus: 1048, signal 100374/121292 (executing program)
2025/08/29 12:07:21 fetching corpus: 1098, signal 101979/123478 (executing program)
2025/08/29 12:07:21 fetching corpus: 1148, signal 103803/125798 (executing program)
2025/08/29 12:07:21 fetching corpus: 1198, signal 106206/128541 (executing program)
2025/08/29 12:07:21 fetching corpus: 1248, signal 108700/131271 (executing program)
2025/08/29 12:07:21 fetching corpus: 1298, signal 109618/132811 (executing program)
2025/08/29 12:07:21 fetching corpus: 1348, signal 111219/134859 (executing program)
2025/08/29 12:07:21 fetching corpus: 1398, signal 112565/136711 (executing program)
2025/08/29 12:07:21 fetching corpus: 1448, signal 113576/138237 (executing program)
2025/08/29 12:07:22 fetching corpus: 1498, signal 114949/140033 (executing program)
2025/08/29 12:07:22 fetching corpus: 1548, signal 115863/141469 (executing program)
2025/08/29 12:07:22 fetching corpus: 1598, signal 117452/143388 (executing program)
2025/08/29 12:07:22 fetching corpus: 1648, signal 118862/145088 (executing program)
2025/08/29 12:07:22 fetching corpus: 1698, signal 119770/146434 (executing program)
2025/08/29 12:07:22 fetching corpus: 1748, signal 120691/147817 (executing program)
2025/08/29 12:07:22 fetching corpus: 1798, signal 122425/149643 (executing program)
2025/08/29 12:07:22 fetching corpus: 1848, signal 123294/150967 (executing program)
2025/08/29 12:07:22 fetching corpus: 1898, signal 124193/152228 (executing program)
2025/08/29 12:07:22 fetching corpus: 1948, signal 125121/153538 (executing program)
2025/08/29 12:07:22 fetching corpus: 1998, signal 125846/154649 (executing program)
2025/08/29 12:07:22 fetching corpus: 2048, signal 126583/155754 (executing program)
2025/08/29 12:07:23 fetching corpus: 2098, signal 127596/157023 (executing program)
2025/08/29 12:07:23 fetching corpus: 2148, signal 128242/158089 (executing program)
2025/08/29 12:07:23 fetching corpus: 2198, signal 129112/159197 (executing program)
2025/08/29 12:07:23 fetching corpus: 2248, signal 129486/160048 (executing program)
2025/08/29 12:07:23 fetching corpus: 2298, signal 130343/161141 (executing program)
2025/08/29 12:07:23 fetching corpus: 2348, signal 131135/162198 (executing program)
2025/08/29 12:07:23 fetching corpus: 2398, signal 131845/163213 (executing program)
2025/08/29 12:07:23 fetching corpus: 2448, signal 132411/164106 (executing program)
2025/08/29 12:07:23 fetching corpus: 2498, signal 132936/165041 (executing program)
2025/08/29 12:07:23 fetching corpus: 2548, signal 133654/166027 (executing program)
2025/08/29 12:07:23 fetching corpus: 2598, signal 134368/166953 (executing program)
2025/08/29 12:07:24 fetching corpus: 2648, signal 134847/167770 (executing program)
2025/08/29 12:07:24 fetching corpus: 2698, signal 135438/168679 (executing program)
2025/08/29 12:07:24 fetching corpus: 2748, signal 136023/169523 (executing program)
2025/08/29 12:07:24 fetching corpus: 2798, signal 136607/170369 (executing program)
2025/08/29 12:07:24 fetching corpus: 2848, signal 137203/171149 (executing program)
2025/08/29 12:07:24 fetching corpus: 2898, signal 137709/171928 (executing program)
2025/08/29 12:07:24 fetching corpus: 2948, signal 138703/172957 (executing program)
2025/08/29 12:07:24 fetching corpus: 2998, signal 139646/173748 (executing program)
2025/08/29 12:07:24 fetching corpus: 3048, signal 140630/174596 (executing program)
2025/08/29 12:07:24 fetching corpus: 3098, signal 141724/175545 (executing program)
2025/08/29 12:07:24 fetching corpus: 3148, signal 142294/176329 (executing program)
2025/08/29 12:07:25 fetching corpus: 3198, signal 143039/177115 (executing program)
2025/08/29 12:07:25 fetching corpus: 3248, signal 144200/177951 (executing program)
2025/08/29 12:07:25 fetching corpus: 3298, signal 144671/178607 (executing program)
2025/08/29 12:07:25 fetching corpus: 3348, signal 145334/179294 (executing program)
2025/08/29 12:07:25 fetching corpus: 3398, signal 145754/179879 (executing program)
2025/08/29 12:07:25 fetching corpus: 3448, signal 146257/180540 (executing program)
2025/08/29 12:07:25 fetching corpus: 3498, signal 146917/181265 (executing program)
2025/08/29 12:07:25 fetching corpus: 3548, signal 147370/181882 (executing program)
2025/08/29 12:07:25 fetching corpus: 3598, signal 147937/182510 (executing program)
2025/08/29 12:07:25 fetching corpus: 3648, signal 148804/183197 (executing program)
2025/08/29 12:07:25 fetching corpus: 3698, signal 149328/183776 (executing program)
2025/08/29 12:07:25 fetching corpus: 3748, signal 149967/184351 (executing program)
2025/08/29 12:07:26 fetching corpus: 3798, signal 150533/184949 (executing program)
2025/08/29 12:07:26 fetching corpus: 3848, signal 151079/185535 (executing program)
2025/08/29 12:07:26 fetching corpus: 3898, signal 152275/186171 (executing program)
2025/08/29 12:07:26 fetching corpus: 3948, signal 152835/186684 (executing program)
2025/08/29 12:07:26 fetching corpus: 3998, signal 153286/187156 (executing program)
2025/08/29 12:07:26 fetching corpus: 4048, signal 153677/187615 (executing program)
2025/08/29 12:07:26 fetching corpus: 4098, signal 154437/188101 (executing program)
2025/08/29 12:07:26 fetching corpus: 4148, signal 154980/188580 (executing program)
2025/08/29 12:07:26 fetching corpus: 4198, signal 155543/189022 (executing program)
2025/08/29 12:07:26 fetching corpus: 4248, signal 156130/189476 (executing program)
2025/08/29 12:07:27 fetching corpus: 4298, signal 156601/189899 (executing program)
2025/08/29 12:07:27 fetching corpus: 4348, signal 157012/190314 (executing program)
2025/08/29 12:07:27 fetching corpus: 4398, signal 157467/190737 (executing program)
2025/08/29 12:07:27 fetching corpus: 4448, signal 158027/191123 (executing program)
2025/08/29 12:07:27 fetching corpus: 4498, signal 158341/191487 (executing program)
2025/08/29 12:07:27 fetching corpus: 4548, signal 158782/191882 (executing program)
2025/08/29 12:07:27 fetching corpus: 4598, signal 159268/192231 (executing program)
2025/08/29 12:07:27 fetching corpus: 4648, signal 159671/192495 (executing program)
2025/08/29 12:07:27 fetching corpus: 4698, signal 160307/192500 (executing program)
2025/08/29 12:07:27 fetching corpus: 4748, signal 160769/192521 (executing program)
2025/08/29 12:07:27 fetching corpus: 4798, signal 161152/192559 (executing program)
2025/08/29 12:07:28 fetching corpus: 4847, signal 161724/192666 (executing program)
2025/08/29 12:07:28 fetching corpus: 4897, signal 162310/192666 (executing program)
2025/08/29 12:07:28 fetching corpus: 4947, signal 162794/192668 (executing program)
2025/08/29 12:07:28 fetching corpus: 4997, signal 163199/192678 (executing program)
2025/08/29 12:07:28 fetching corpus: 5047, signal 163691/192685 (executing program)
2025/08/29 12:07:28 fetching corpus: 5097, signal 164173/192695 (executing program)
2025/08/29 12:07:28 fetching corpus: 5147, signal 164537/192718 (executing program)
2025/08/29 12:07:28 fetching corpus: 5197, signal 164979/192736 (executing program)
2025/08/29 12:07:28 fetching corpus: 5247, signal 165478/192773 (executing program)
2025/08/29 12:07:28 fetching corpus: 5297, signal 166009/192783 (executing program)
2025/08/29 12:07:29 fetching corpus: 5347, signal 166591/192789 (executing program)
2025/08/29 12:07:29 fetching corpus: 5397, signal 166884/192797 (executing program)
2025/08/29 12:07:29 fetching corpus: 5447, signal 167408/192802 (executing program)
2025/08/29 12:07:29 fetching corpus: 5497, signal 167835/192803 (executing program)
2025/08/29 12:07:29 fetching corpus: 5547, signal 168260/192805 (executing program)
2025/08/29 12:07:29 fetching corpus: 5597, signal 168603/192881 (executing program)
2025/08/29 12:07:29 fetching corpus: 5647, signal 168990/192883 (executing program)
2025/08/29 12:07:29 fetching corpus: 5697, signal 169465/192889 (executing program)
2025/08/29 12:07:30 fetching corpus: 5747, signal 169766/192893 (executing program)
2025/08/29 12:07:30 fetching corpus: 5797, signal 170120/192898 (executing program)
2025/08/29 12:07:30 fetching corpus: 5847, signal 170380/192900 (executing program)
2025/08/29 12:07:30 fetching corpus: 5897, signal 170816/192902 (executing program)
2025/08/29 12:07:30 fetching corpus: 5947, signal 171414/192907 (executing program)
2025/08/29 12:07:30 fetching corpus: 5997, signal 171969/192923 (executing program)
2025/08/29 12:07:30 fetching corpus: 6047, signal 172266/192927 (executing program)
2025/08/29 12:07:30 fetching corpus: 6097, signal 172665/192937 (executing program)
2025/08/29 12:07:30 fetching corpus: 6147, signal 172951/192947 (executing program)
2025/08/29 12:07:31 fetching corpus: 6197, signal 173535/192947 (executing program)
2025/08/29 12:07:31 fetching corpus: 6247, signal 173927/192948 (executing program)
2025/08/29 12:07:31 fetching corpus: 6297, signal 174323/192984 (executing program)
2025/08/29 12:07:31 fetching corpus: 6347, signal 174701/192984 (executing program)
2025/08/29 12:07:31 fetching corpus: 6397, signal 175008/192990 (executing program)
2025/08/29 12:07:31 fetching corpus: 6447, signal 175318/193019 (executing program)
2025/08/29 12:07:31 fetching corpus: 6497, signal 175659/193022 (executing program)
2025/08/29 12:07:31 fetching corpus: 6547, signal 175884/193055 (executing program)
2025/08/29 12:07:31 fetching corpus: 6597, signal 176245/193082 (executing program)
2025/08/29 12:07:31 fetching corpus: 6647, signal 176514/193139 (executing program)
2025/08/29 12:07:31 fetching corpus: 6697, signal 176791/193156 (executing program)
2025/08/29 12:07:32 fetching corpus: 6747, signal 177059/193158 (executing program)
2025/08/29 12:07:32 fetching corpus: 6797, signal 177367/193168 (executing program)
2025/08/29 12:07:32 fetching corpus: 6847, signal 177652/193178 (executing program)
2025/08/29 12:07:32 fetching corpus: 6897, signal 177955/193188 (executing program)
2025/08/29 12:07:32 fetching corpus: 6947, signal 178256/193195 (executing program)
2025/08/29 12:07:32 fetching corpus: 6997, signal 178509/193212 (executing program)
2025/08/29 12:07:32 fetching corpus: 7047, signal 179031/193240 (executing program)
2025/08/29 12:07:32 fetching corpus: 7097, signal 179277/193250 (executing program)
2025/08/29 12:07:32 fetching corpus: 7147, signal 179731/193255 (executing program)
2025/08/29 12:07:32 fetching corpus: 7197, signal 180391/193281 (executing program)
2025/08/29 12:07:32 fetching corpus: 7247, signal 180602/193309 (executing program)
2025/08/29 12:07:33 fetching corpus: 7297, signal 180983/193314 (executing program)
2025/08/29 12:07:33 fetching corpus: 7347, signal 181236/193321 (executing program)
2025/08/29 12:07:33 fetching corpus: 7397, signal 181547/193330 (executing program)
2025/08/29 12:07:33 fetching corpus: 7447, signal 181769/193336 (executing program)
2025/08/29 12:07:33 fetching corpus: 7497, signal 182019/193350 (executing program)
2025/08/29 12:07:33 fetching corpus: 7547, signal 182638/193375 (executing program)
2025/08/29 12:07:33 fetching corpus: 7597, signal 182879/193383 (executing program)
2025/08/29 12:07:33 fetching corpus: 7647, signal 183052/193387 (executing program)
2025/08/29 12:07:33 fetching corpus: 7697, signal 183244/193400 (executing program)
2025/08/29 12:07:33 fetching corpus: 7747, signal 183543/193412 (executing program)
2025/08/29 12:07:33 fetching corpus: 7797, signal 183813/193416 (executing program)
2025/08/29 12:07:33 fetching corpus: 7847, signal 184072/193417 (executing program)
2025/08/29 12:07:34 fetching corpus: 7897, signal 184311/193421 (executing program)
2025/08/29 12:07:34 fetching corpus: 7946, signal 184555/193430 (executing program)
2025/08/29 12:07:34 fetching corpus: 7996, signal 184811/193432 (executing program)
2025/08/29 12:07:34 fetching corpus: 8046, signal 185147/193447 (executing program)
2025/08/29 12:07:34 fetching corpus: 8096, signal 185477/193462 (executing program)
2025/08/29 12:07:34 fetching corpus: 8146, signal 185697/193464 (executing program)
2025/08/29 12:07:34 fetching corpus: 8196, signal 185930/193469 (executing program)
2025/08/29 12:07:34 fetching corpus: 8246, signal 186160/193477 (executing program)
2025/08/29 12:07:34 fetching corpus: 8296, signal 186434/193489 (executing program)
2025/08/29 12:07:34 fetching corpus: 8346, signal 186596/193492 (executing program)
2025/08/29 12:07:34 fetching corpus: 8396, signal 186874/193509 (executing program)
2025/08/29 12:07:35 fetching corpus: 8446, signal 187285/193513 (executing program)
2025/08/29 12:07:35 fetching corpus: 8496, signal 187548/193519 (executing program)
2025/08/29 12:07:35 fetching corpus: 8546, signal 187792/193520 (executing program)
2025/08/29 12:07:35 fetching corpus: 8596, signal 188128/193529 (executing program)
2025/08/29 12:07:35 fetching corpus: 8646, signal 188537/193618 (executing program)
2025/08/29 12:07:35 fetching corpus: 8696, signal 188771/193621 (executing program)
2025/08/29 12:07:35 fetching corpus: 8746, signal 189098/193622 (executing program)
2025/08/29 12:07:35 fetching corpus: 8796, signal 189394/193662 (executing program)
2025/08/29 12:07:35 fetching corpus: 8846, signal 189651/193677 (executing program)
2025/08/29 12:07:36 fetching corpus: 8896, signal 189938/193689 (executing program)
2025/08/29 12:07:36 fetching corpus: 8920, signal 190135/193690 (executing program)
2025/08/29 12:07:36 fetching corpus: 8920, signal 190135/193690 (executing program)
2025/08/29 12:07:38 starting 8 fuzzer processes
12:07:38 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = inotify_init()
r1 = inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0xd4000a8b)
inotify_rm_watch(r0, r1)

12:07:38 executing program 6:
r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)

12:07:38 executing program 1:
timer_create(0x0, 0xfffffffffffffffc, 0x0)

12:07:38 executing program 2:
ioprio_set$pid(0x2, 0x0, 0x0)
r0 = eventfd2(0x0, 0x0)
io_setup(0x2, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000007c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}])

12:07:38 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000600)={0x1c, r3, 0x1, 0x0, 0x0, {{0x3e}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}}, 0x0)

12:07:38 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{}]})

12:07:38 executing program 5:
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
splice(r1, 0x0, r0, 0x0, 0xfffffffffffffffa, 0x0)

12:07:38 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000240)={&(0x7f0000000100), 0x4, &(0x7f0000000280)={&(0x7f0000000340)={0x64, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc}}}, [@NL80211_ATTR_AIRTIME_WEIGHT={0x6}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_STA_CAPABILITY={0x6}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x4}, @NL80211_ATTR_MGMT_SUBTYPE={0x5}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6}, @NL80211_ATTR_STA_CAPABILITY={0x6}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_AIRTIME_WEIGHT, @NL80211_ATTR_STA_VLAN, @NL80211_ATTR_STA_PLINK_ACTION, @NL80211_ATTR_STA_LISTEN_INTERVAL]}, 0x64}}, 0x0)

[   80.595317] audit: type=1400 audit(1756469258.649:7): avc:  denied  { execmem } for  pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   81.851233] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   81.853843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   81.859159] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   81.868548] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   81.874287] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   81.916374] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   81.919194] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   81.925055] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   81.928624] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   81.932031] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   81.983127] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   81.988997] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   81.990960] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   81.995887] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   81.998471] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   82.002885] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   82.005003] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   82.007333] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   82.014532] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   82.024906] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   82.038122] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   82.041336] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   82.051381] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   82.063806] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   82.065795] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   82.068264] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   82.068997] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   82.076368] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   82.082165] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   82.088233] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   82.094351] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   82.099969] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   82.101083] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   82.102424] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   82.104505] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   82.131044] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   82.143504] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   82.149356] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   82.151796] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   82.166183] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   83.946583] Bluetooth: hci0: command tx timeout
[   84.008738] Bluetooth: hci1: command tx timeout
[   84.073839] Bluetooth: hci3: command tx timeout
[   84.136889] Bluetooth: hci2: command tx timeout
[   84.137554] Bluetooth: hci4: command tx timeout
[   84.201190] Bluetooth: hci7: command tx timeout
[   84.201944] Bluetooth: hci5: command tx timeout
[   84.264758] Bluetooth: hci6: command tx timeout
[   85.994686] Bluetooth: hci0: command tx timeout
[   86.057747] Bluetooth: hci1: command tx timeout
[   86.121800] Bluetooth: hci3: command tx timeout
[   86.186758] Bluetooth: hci4: command tx timeout
[   86.187199] Bluetooth: hci2: command tx timeout
[   86.249826] Bluetooth: hci7: command tx timeout
[   86.250248] Bluetooth: hci5: command tx timeout
[   86.313931] Bluetooth: hci6: command tx timeout
[   88.040813] Bluetooth: hci0: command tx timeout
[   88.105752] Bluetooth: hci1: command tx timeout
[   88.168757] Bluetooth: hci3: command tx timeout
[   88.233729] Bluetooth: hci4: command tx timeout
[   88.234153] Bluetooth: hci2: command tx timeout
[   88.297813] Bluetooth: hci7: command tx timeout
[   88.298238] Bluetooth: hci5: command tx timeout
[   88.361048] Bluetooth: hci6: command tx timeout
[   90.089760] Bluetooth: hci0: command tx timeout
[   90.152846] Bluetooth: hci1: command tx timeout
[   90.217714] Bluetooth: hci3: command tx timeout
[   90.281700] Bluetooth: hci2: command tx timeout
[   90.282132] Bluetooth: hci4: command tx timeout
[   90.345945] Bluetooth: hci5: command tx timeout
[   90.346386] Bluetooth: hci7: command tx timeout
[   90.410770] Bluetooth: hci6: command tx timeout
[  119.916060] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.917068] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.100377] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.101404] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:08:18 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000320000000f000000000000000200000002000000008000000080000020000000dbf4655fdbf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000001640)="02d1", 0x2, 0x1000}], 0x0, &(0x7f0000013800))

[  120.670259] loop7: detected capacity change from 0 to 512
[  120.724945] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 not in group (block 53506)!
[  120.726504] EXT4-fs (loop7): group descriptors corrupted!
12:08:18 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000320000000f000000000000000200000002000000008000000080000020000000dbf4655fdbf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000001640)="02d1", 0x2, 0x1000}], 0x0, &(0x7f0000013800))

12:08:18 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000320000000f000000000000000200000002000000008000000080000020000000dbf4655fdbf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000001640)="02d1", 0x2, 0x1000}], 0x0, &(0x7f0000013800))

[  120.934863] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.935918] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.992576] loop7: detected capacity change from 0 to 512
[  121.015196] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 not in group (block 53506)!
[  121.016096] EXT4-fs (loop7): group descriptors corrupted!
12:08:19 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000320000000f000000000000000200000002000000008000000080000020000000dbf4655fdbf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000001640)="02d1", 0x2, 0x1000}], 0x0, &(0x7f0000013800))

[  121.116116] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.116800] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.141309] loop7: detected capacity change from 0 to 512
[  121.158789] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 not in group (block 53506)!
[  121.159555] EXT4-fs (loop7): group descriptors corrupted!
[  121.357834] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.358382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:08:19 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10)
ustat(0x0, &(0x7f0000000340))

[  121.448363] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.448942] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.453454] audit: type=1400 audit(1756469299.505:8): avc:  denied  { watch_reads } for  pid=3840 comm="syz-executor.0" path="/syzkaller-testdir289072334/syzkaller.YLO91W/0" dev="sda" ino=15971 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir permissive=1
[  121.511452] audit: type=1400 audit(1756469299.565:9): avc:  denied  { open } for  pid=3846 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.516750] audit: type=1400 audit(1756469299.565:10): avc:  denied  { kernel } for  pid=3846 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.524571] audit: type=1400 audit(1756469299.569:11): avc:  denied  { tracepoint } for  pid=3846 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.729340] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.730596] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.844945] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.845633] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.902634] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.903304] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.992554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.993209] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.076311] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.077203] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.138226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.138898] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.212258] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.212951] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.260557] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.261328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.348057] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.348894] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.410082] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.410752] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.450554] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
12:08:20 executing program 6:
r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)

12:08:20 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10)
ustat(0x0, &(0x7f0000000340))

12:08:20 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000600)={0x1c, r3, 0x1, 0x0, 0x0, {{0x3e}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}}, 0x0)

12:08:20 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10)
ustat(0x0, &(0x7f0000000340))

12:08:20 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = inotify_init()
r1 = inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0xd4000a8b)
inotify_rm_watch(r0, r1)

12:08:20 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10)
ustat(0x0, &(0x7f0000000340))

12:08:20 executing program 2:
ioprio_set$pid(0x2, 0x0, 0x0)
r0 = eventfd2(0x0, 0x0)
io_setup(0x2, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000007c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}])

12:08:20 executing program 5:
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
splice(r1, 0x0, r0, 0x0, 0xfffffffffffffffa, 0x0)

12:08:20 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000600)={0x1c, r3, 0x1, 0x0, 0x0, {{0x3e}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}}, 0x0)

12:08:20 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10)
ustat(0x0, &(0x7f0000000340))

12:08:20 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = inotify_init()
r1 = inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0xd4000a8b)
inotify_rm_watch(r0, r1)

[  122.782132] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI
[  122.783163] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[  122.783998] CPU: 0 UID: 0 PID: 3923 Comm: syz-executor.3 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.786825] Tainted: [W]=WARN
[  122.787610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.790068] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.791499] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.792815] RSP: 0018:ffff8880473077c0 EFLAGS: 00010212
[  122.793208] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[  122.793728] RDX: ffff8880176e5280 RSI: ffffffff818995b7 RDI: 0000000100000190
[  122.794248] RBP: ffff888047307a30 R08: ffff88806ce31340 R09: ffffe8ffffc16468
[  122.794767] R10: 0000000000000000 R11: 000000000000002c R12: dffffc0000000000
[  122.795285] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  122.795814] FS:  0000555573237400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  122.796399] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.796826] CR2: 0000555573238c18 CR3: 000000001be80000 CR4: 0000000000350ef0
[  122.797347] Call Trace:
[  122.797541]  <TASK>
[  122.797718]  ? __pfx_perf_tp_event+0x10/0x10
[  122.798053]  ? cpu_util.constprop.0+0x17d/0x340
[  122.798414]  ? __asan_memset+0x24/0x50
[  122.798709]  ? sched_balance_find_dst_group+0xa9a/0x1c00
[  122.799115]  ? lock_release+0xc8/0x290
[  122.799415]  ? __pfx_sched_balance_find_dst_group+0x10/0x10
[  122.799837]  ? __lock_acquire+0x694/0x1b70
[  122.800158]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.800531]  perf_trace_run_bpf_submit+0xef/0x180
[  122.800896]  perf_trace_lock_acquire+0x3c2/0x700
[  122.801258]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[  122.801651]  ? lock_acquire+0x15e/0x2f0
[  122.801953]  lock_acquire+0xc5/0x2f0
[  122.802234]  ? futex_private_hash_put+0x4c/0x2d0
[  122.802587]  ? futex_hash+0x2d8/0x390
[  122.802877]  ? lock_release+0xc8/0x290
[  122.803171]  futex_private_hash_put+0x5d/0x2d0
[  122.803544]  ? futex_private_hash_put+0x4c/0x2d0
[  122.803946]  futex_hash_put+0x3f/0x50
[  122.804282]  futex_wake+0x1bb/0x540
[  122.804582]  ? kernel_clone+0x204/0x7f0
[  122.804907]  ? __pfx_futex_wake+0x10/0x10
[  122.805244]  ? __pfx_kernel_clone+0x10/0x10
[  122.805593]  ? __lock_acquire+0x694/0x1b70
[  122.805964]  do_futex+0x26d/0x370
[  122.806276]  ? __pfx_do_futex+0x10/0x10
[  122.806616]  ? __pfx___do_sys_clone+0x10/0x10
[  122.806958]  ? find_held_lock+0x2b/0x80
[  122.807270]  __x64_sys_futex+0x1c9/0x4d0
[  122.807592]  ? __pfx___x64_sys_futex+0x10/0x10
[  122.807947]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  122.808342]  do_syscall_64+0xbf/0x360
[  122.808637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.809021] RIP: 0033:0x7f664aa42b19
[  122.809305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  122.810628] RSP: 002b:00007ffea443c708 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  122.811189] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f664aa42b19
[  122.811726] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f664ab55f68
[  122.812254] RBP: 00007f664ab55f60 R08: 00007f6647fb8700 R09: 0000000000000000
[  122.812779] R10: 00007f6647fb8700 R11: 0000000000000246 R12: 00007f664ab5a060
[  122.813328] R13: 00007ffea443c810 R14: 00007f664ab55f60 R15: 000000000001df10
[  122.813910]  </TASK>
[  122.814102] Modules linked in:
[  122.814395] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI
[  122.815269] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[  122.815970] CPU: 0 UID: 0 PID: 3923 Comm: syz-executor.3 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.816910] Tainted: [D]=DIE, [W]=WARN
[  122.817219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.817870] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.818250] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.819686] RSP: 0018:ffff88806ce08a40 EFLAGS: 00010012
[  122.820112] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[  122.820682] RDX: ffff8880176e5280 RSI: ffffffff818995b7 RDI: 0000000100000190
[  122.821248] RBP: ffff88806ce08cb0 R08: ffff88806ce31490 R09: ffffe8ffffc16468
[  122.821813] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[  122.822377] R13: 0000000000000024 R14: ffff88806ce31490 R15: dffffc0000000000
[  122.822952] FS:  0000555573237400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  122.823597] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.824064] CR2: 0000555573238c18 CR3: 000000001be80000 CR4: 0000000000350ef0
[  122.824639] Call Trace:
[  122.824854]  <IRQ>
[  122.825037]  ? kernel_text_address+0x5b/0xc0
[  122.825407]  ? __pfx_perf_tp_event+0x10/0x10
[  122.825772]  ? __lock_acquire+0x694/0x1b70
[  122.826127]  ? trace_pelt_se_tp+0xdf/0x130
[  122.826521]  ? __update_load_avg_se+0x428/0xa40
[  122.826954]  ? lock_is_held_type+0x9e/0x120
[  122.827355]  ? __pick_eevdf+0x326/0x570
[  122.827732]  ? update_curr+0x1b9/0x500
[  122.828093]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.828546]  perf_trace_run_bpf_submit+0xef/0x180
[  122.828994]  perf_trace_lock_acquire+0x3c2/0x700
[  122.829430]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[  122.829918]  lock_acquire+0xc5/0x2f0
[  122.830262]  ? sched_ttwu_pending+0xa1/0x4a0
[  122.830667]  ? lock_release+0xc8/0x290
[  122.831027]  _raw_spin_lock_nested+0x29/0x40
[  122.831439]  ? sched_ttwu_pending+0xa1/0x4a0
[  122.831843]  sched_ttwu_pending+0xa1/0x4a0
[  122.832225]  ? __pfx_lapic_next_deadline+0x10/0x10
[  122.832673]  ? clockevents_program_event+0x135/0x360
[  122.833131]  ? __pfx_sched_ttwu_pending+0x10/0x10
[  122.833576]  ? flush_tlb_func+0x24d/0x560
[  122.833955]  __flush_smp_call_function_queue+0x434/0x740
[  122.834445]  __sysvec_call_function_single+0x6d/0x370
[  122.834916]  sysvec_call_function_single+0xa1/0xc0
[  122.835360]  </IRQ>
[  122.835582]  <TASK>
[  122.835793]  asm_sysvec_call_function_single+0x1a/0x20
[  122.836264] RIP: 0010:oops_exit+0x0/0x50
[  122.836635] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27
[  122.838233] RSP: 0018:ffff888047307650 EFLAGS: 00000202
[  122.838702] RAX: 0000000000000000 RBX: 0000000000000293 RCX: ffffffff8139f06f
[  122.839329] RDX: ffff8880176e5280 RSI: ffffffff812a3dca RDI: 0000000000000007
[  122.839972] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90
[  122.840602] R10: 0000000000000000 R11: 000000000000002c R12: ffff888047307718
[  122.841231] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000
[  122.841867]  ? add_taint+0x5f/0xd0
[  122.842192]  ? oops_end+0x4a/0xe0
[  122.842523]  oops_end+0x65/0xe0
[  122.842833]  exc_general_protection+0x1a2/0x330
[  122.843258]  asm_exc_general_protection+0x26/0x30
[  122.843702] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.844123] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.845709] RSP: 0018:ffff8880473077c0 EFLAGS: 00010212
[  122.846180] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[  122.846808] RDX: ffff8880176e5280 RSI: ffffffff818995b7 RDI: 0000000100000190
[  122.847446] RBP: ffff888047307a30 R08: ffff88806ce31340 R09: ffffe8ffffc16468
[  122.848080] R10: 0000000000000000 R11: 000000000000002c R12: dffffc0000000000
[  122.848716] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  122.849350]  ? perf_tp_event+0x167/0xe70
[  122.849728]  ? __pfx_perf_tp_event+0x10/0x10
[  122.850130]  ? cpu_util.constprop.0+0x17d/0x340
[  122.850554]  ? __asan_memset+0x24/0x50
[  122.850908]  ? sched_balance_find_dst_group+0xa9a/0x1c00
[  122.851395]  ? lock_release+0xc8/0x290
[  122.851764]  ? __pfx_sched_balance_find_dst_group+0x10/0x10
[  122.852268]  ? __lock_acquire+0x694/0x1b70
[  122.852655]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.853107]  perf_trace_run_bpf_submit+0xef/0x180
[  122.853545]  perf_trace_lock_acquire+0x3c2/0x700
[  122.853978]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[  122.854450]  ? lock_acquire+0x15e/0x2f0
[  122.854814]  lock_acquire+0xc5/0x2f0
[  122.855152]  ? futex_private_hash_put+0x4c/0x2d0
[  122.855588]  ? futex_hash+0x2d8/0x390
[  122.855933]  ? lock_release+0xc8/0x290
[  122.856285]  futex_private_hash_put+0x5d/0x2d0
[  122.856699]  ? futex_private_hash_put+0x4c/0x2d0
[  122.857124]  futex_hash_put+0x3f/0x50
[  122.857468]  futex_wake+0x1bb/0x540
[  122.857806]  ? kernel_clone+0x204/0x7f0
[  122.858167]  ? __pfx_futex_wake+0x10/0x10
[  122.858541]  ? __pfx_kernel_clone+0x10/0x10
[  122.858928]  ? __lock_acquire+0x694/0x1b70
[  122.859316]  do_futex+0x26d/0x370
[  122.859649]  ? __pfx_do_futex+0x10/0x10
[  122.860009]  ? __pfx___do_sys_clone+0x10/0x10
[  122.860414]  ? find_held_lock+0x2b/0x80
[  122.860781]  __x64_sys_futex+0x1c9/0x4d0
[  122.861150]  ? __pfx___x64_sys_futex+0x10/0x10
[  122.861570]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  122.862040]  do_syscall_64+0xbf/0x360
[  122.862388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.862848] RIP: 0033:0x7f664aa42b19
[  122.863181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  122.864786] RSP: 002b:00007ffea443c708 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  122.865453] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f664aa42b19
[  122.866082] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f664ab55f68
[  122.866715] RBP: 00007f664ab55f60 R08: 00007f6647fb8700 R09: 0000000000000000
[  122.867346] R10: 00007f6647fb8700 R11: 0000000000000246 R12: 00007f664ab5a060
[  122.868541] R13: 00007ffea443c810 R14: 00007f664ab55f60 R15: 000000000001df10
[  122.869800]  </TASK>
[  122.870217] Modules linked in:
[  122.870789] ---[ end trace 0000000000000000 ]---
[  122.871628] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.872460] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.875255] RSP: 0018:ffff8880473077c0 EFLAGS: 00010212
[  122.876096] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[  122.877193] RDX: ffff8880176e5280 RSI: ffffffff818995b7 RDI: 0000000100000190
[  122.878296] RBP: ffff888047307a30 R08: ffff88806ce31340 R09: ffffe8ffffc16468
[  122.879400] R10: 0000000000000000 R11: 000000000000002c R12: dffffc0000000000
[  122.880510] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  122.881613] FS:  0000555573237400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  122.882856] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.883768] CR2: 0000555573238c18 CR3: 000000001be80000 CR4: 0000000000350ef0
[  122.884871] Kernel panic - not syncing: Fatal exception in interrupt
[  122.886138] Kernel Offset: disabled
[  122.886706] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
12:08:21  Registers:
info registers vcpu 0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888047307158
R8 =0000000000000000 R9 =ffffed10016bb046 R10=0000000000000020 R11=000000000000002c
R12=0000000000000020 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555573237400 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe6000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555573238c18 CR3=000000001be80000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f664ab297c000007f664ab297c8
XMM02=00007f664ab297e000007f664ab297c0 XMM03=00007f664ab297c800007f664ab297c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=dffffc0000000000 RBX=ffffffff819ff00c RCX=0000000000000001 RDX=1ffff11001eb6ef3
RSI=ffffffff81358702 RDI=ffffffff819ff00c RBP=ffffffff819ff00c RSP=ffff88800f5b76f0
R8 =0000000000000001 R9 =ffff88800f5b7780 R10=000000000003be53 R11=0000000000021081
R12=0000000000000001 R13=0000000000000000 R14=ffff888046845280 R15=ffff888008c41780
RIP=ffffffff81434d82 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe1900000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fffe74b8da8 CR3=00000000448c4000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000