Warning: Permanently added '[localhost]:1695' (ECDSA) to the list of known hosts.
2025/08/29 12:08:14 fuzzer started
2025/08/29 12:08:14 dialing manager at localhost:43077
syzkaller login: [   50.894973] cgroup: Unknown subsys name 'net'
[   50.938688] cgroup: Unknown subsys name 'cpuset'
[   50.951622] cgroup: Unknown subsys name 'rlimit'
2025/08/29 12:08:25 syscalls: 2214
2025/08/29 12:08:25 code coverage: enabled
2025/08/29 12:08:25 comparison tracing: enabled
2025/08/29 12:08:25 extra coverage: enabled
2025/08/29 12:08:25 setuid sandbox: enabled
2025/08/29 12:08:25 namespace sandbox: enabled
2025/08/29 12:08:25 Android sandbox: enabled
2025/08/29 12:08:25 fault injection: enabled
2025/08/29 12:08:25 leak checking: enabled
2025/08/29 12:08:25 net packet injection: enabled
2025/08/29 12:08:25 net device setup: enabled
2025/08/29 12:08:25 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 12:08:25 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 12:08:25 USB emulation: enabled
2025/08/29 12:08:25 hci packet injection: enabled
2025/08/29 12:08:25 wifi device emulation: enabled
2025/08/29 12:08:25 802.15.4 emulation: enabled
2025/08/29 12:08:25 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 12:08:25 fetching corpus: 50, signal 25371/28843 (executing program)
2025/08/29 12:08:25 fetching corpus: 100, signal 37479/42332 (executing program)
2025/08/29 12:08:26 fetching corpus: 150, signal 41124/47435 (executing program)
2025/08/29 12:08:26 fetching corpus: 200, signal 47927/55415 (executing program)
2025/08/29 12:08:26 fetching corpus: 250, signal 53450/62058 (executing program)
2025/08/29 12:08:26 fetching corpus: 300, signal 56642/66421 (executing program)
2025/08/29 12:08:26 fetching corpus: 350, signal 61029/71888 (executing program)
2025/08/29 12:08:26 fetching corpus: 400, signal 65929/77687 (executing program)
2025/08/29 12:08:26 fetching corpus: 450, signal 69682/82357 (executing program)
2025/08/29 12:08:26 fetching corpus: 500, signal 73035/86630 (executing program)
2025/08/29 12:08:26 fetching corpus: 550, signal 75509/90034 (executing program)
2025/08/29 12:08:26 fetching corpus: 600, signal 78185/93575 (executing program)
2025/08/29 12:08:26 fetching corpus: 650, signal 80835/97024 (executing program)
2025/08/29 12:08:26 fetching corpus: 700, signal 82959/99973 (executing program)
2025/08/29 12:08:27 fetching corpus: 750, signal 85161/102983 (executing program)
2025/08/29 12:08:27 fetching corpus: 800, signal 87477/106025 (executing program)
2025/08/29 12:08:27 fetching corpus: 850, signal 90318/109436 (executing program)
2025/08/29 12:08:27 fetching corpus: 900, signal 92749/112432 (executing program)
2025/08/29 12:08:27 fetching corpus: 950, signal 95523/115672 (executing program)
2025/08/29 12:08:27 fetching corpus: 1000, signal 96894/117759 (executing program)
2025/08/29 12:08:27 fetching corpus: 1050, signal 99072/120437 (executing program)
2025/08/29 12:08:27 fetching corpus: 1100, signal 100430/122521 (executing program)
2025/08/29 12:08:27 fetching corpus: 1150, signal 101813/124504 (executing program)
2025/08/29 12:08:27 fetching corpus: 1200, signal 102883/126243 (executing program)
2025/08/29 12:08:28 fetching corpus: 1250, signal 105511/129043 (executing program)
2025/08/29 12:08:28 fetching corpus: 1300, signal 108325/131955 (executing program)
2025/08/29 12:08:28 fetching corpus: 1350, signal 109297/133492 (executing program)
2025/08/29 12:08:28 fetching corpus: 1400, signal 110685/135340 (executing program)
2025/08/29 12:08:28 fetching corpus: 1450, signal 111947/137063 (executing program)
2025/08/29 12:08:28 fetching corpus: 1500, signal 112767/138462 (executing program)
2025/08/29 12:08:28 fetching corpus: 1550, signal 113555/139837 (executing program)
2025/08/29 12:08:28 fetching corpus: 1600, signal 114913/141538 (executing program)
2025/08/29 12:08:28 fetching corpus: 1650, signal 116241/143202 (executing program)
2025/08/29 12:08:28 fetching corpus: 1700, signal 117549/144826 (executing program)
2025/08/29 12:08:28 fetching corpus: 1750, signal 118954/146526 (executing program)
2025/08/29 12:08:29 fetching corpus: 1800, signal 119829/147859 (executing program)
2025/08/29 12:08:29 fetching corpus: 1850, signal 120739/149203 (executing program)
2025/08/29 12:08:29 fetching corpus: 1900, signal 122404/150937 (executing program)
2025/08/29 12:08:29 fetching corpus: 1950, signal 123506/152309 (executing program)
2025/08/29 12:08:29 fetching corpus: 2000, signal 124472/153567 (executing program)
2025/08/29 12:08:29 fetching corpus: 2050, signal 125218/154722 (executing program)
2025/08/29 12:08:29 fetching corpus: 2100, signal 126195/155960 (executing program)
2025/08/29 12:08:29 fetching corpus: 2150, signal 127395/157301 (executing program)
2025/08/29 12:08:29 fetching corpus: 2200, signal 128929/158807 (executing program)
2025/08/29 12:08:29 fetching corpus: 2250, signal 129714/159873 (executing program)
2025/08/29 12:08:29 fetching corpus: 2300, signal 130520/160931 (executing program)
2025/08/29 12:08:30 fetching corpus: 2350, signal 131217/161893 (executing program)
2025/08/29 12:08:30 fetching corpus: 2400, signal 131950/162872 (executing program)
2025/08/29 12:08:30 fetching corpus: 2450, signal 132873/164012 (executing program)
2025/08/29 12:08:30 fetching corpus: 2500, signal 133814/165080 (executing program)
2025/08/29 12:08:30 fetching corpus: 2550, signal 134864/166204 (executing program)
2025/08/29 12:08:30 fetching corpus: 2600, signal 136060/167365 (executing program)
2025/08/29 12:08:30 fetching corpus: 2650, signal 136581/168213 (executing program)
2025/08/29 12:08:30 fetching corpus: 2700, signal 137302/169111 (executing program)
2025/08/29 12:08:30 fetching corpus: 2750, signal 138225/170083 (executing program)
2025/08/29 12:08:31 fetching corpus: 2800, signal 138819/170954 (executing program)
2025/08/29 12:08:31 fetching corpus: 2850, signal 139614/171864 (executing program)
2025/08/29 12:08:31 fetching corpus: 2900, signal 140404/172717 (executing program)
2025/08/29 12:08:31 fetching corpus: 2950, signal 141194/173584 (executing program)
2025/08/29 12:08:31 fetching corpus: 3000, signal 141653/174307 (executing program)
2025/08/29 12:08:31 fetching corpus: 3050, signal 142513/175132 (executing program)
2025/08/29 12:08:31 fetching corpus: 3100, signal 143075/175854 (executing program)
2025/08/29 12:08:31 fetching corpus: 3150, signal 143876/176640 (executing program)
2025/08/29 12:08:31 fetching corpus: 3200, signal 144379/177336 (executing program)
2025/08/29 12:08:31 fetching corpus: 3250, signal 145119/178033 (executing program)
2025/08/29 12:08:32 fetching corpus: 3300, signal 145821/178774 (executing program)
2025/08/29 12:08:32 fetching corpus: 3350, signal 146255/179374 (executing program)
2025/08/29 12:08:32 fetching corpus: 3400, signal 146927/180053 (executing program)
2025/08/29 12:08:32 fetching corpus: 3450, signal 147625/180704 (executing program)
2025/08/29 12:08:32 fetching corpus: 3500, signal 148152/181320 (executing program)
2025/08/29 12:08:32 fetching corpus: 3550, signal 149067/182015 (executing program)
2025/08/29 12:08:32 fetching corpus: 3600, signal 149679/182612 (executing program)
2025/08/29 12:08:32 fetching corpus: 3650, signal 151263/183434 (executing program)
2025/08/29 12:08:32 fetching corpus: 3700, signal 152001/183993 (executing program)
2025/08/29 12:08:32 fetching corpus: 3750, signal 152492/184556 (executing program)
2025/08/29 12:08:32 fetching corpus: 3800, signal 152970/185107 (executing program)
2025/08/29 12:08:33 fetching corpus: 3850, signal 153859/185725 (executing program)
2025/08/29 12:08:33 fetching corpus: 3900, signal 154527/186337 (executing program)
2025/08/29 12:08:33 fetching corpus: 3950, signal 155119/186854 (executing program)
2025/08/29 12:08:33 fetching corpus: 4000, signal 155540/187316 (executing program)
2025/08/29 12:08:33 fetching corpus: 4050, signal 156011/187809 (executing program)
2025/08/29 12:08:33 fetching corpus: 4100, signal 156361/188323 (executing program)
2025/08/29 12:08:33 fetching corpus: 4150, signal 156921/188756 (executing program)
2025/08/29 12:08:33 fetching corpus: 4200, signal 157481/189259 (executing program)
2025/08/29 12:08:33 fetching corpus: 4250, signal 158333/189711 (executing program)
2025/08/29 12:08:33 fetching corpus: 4300, signal 158681/190093 (executing program)
2025/08/29 12:08:33 fetching corpus: 4350, signal 159138/190599 (executing program)
2025/08/29 12:08:33 fetching corpus: 4400, signal 159544/191014 (executing program)
2025/08/29 12:08:34 fetching corpus: 4450, signal 160014/191372 (executing program)
2025/08/29 12:08:34 fetching corpus: 4500, signal 160439/191773 (executing program)
2025/08/29 12:08:34 fetching corpus: 4550, signal 160934/192151 (executing program)
2025/08/29 12:08:34 fetching corpus: 4600, signal 161501/192498 (executing program)
2025/08/29 12:08:34 fetching corpus: 4650, signal 162029/192744 (executing program)
2025/08/29 12:08:34 fetching corpus: 4700, signal 162406/192751 (executing program)
2025/08/29 12:08:34 fetching corpus: 4750, signal 162826/192765 (executing program)
2025/08/29 12:08:34 fetching corpus: 4800, signal 163351/192769 (executing program)
2025/08/29 12:08:34 fetching corpus: 4850, signal 164114/192802 (executing program)
2025/08/29 12:08:34 fetching corpus: 4900, signal 164508/192809 (executing program)
2025/08/29 12:08:34 fetching corpus: 4950, signal 164914/192819 (executing program)
2025/08/29 12:08:35 fetching corpus: 5000, signal 165379/192839 (executing program)
2025/08/29 12:08:35 fetching corpus: 5050, signal 165757/192842 (executing program)
2025/08/29 12:08:35 fetching corpus: 5100, signal 166164/192844 (executing program)
2025/08/29 12:08:35 fetching corpus: 5150, signal 166608/192858 (executing program)
2025/08/29 12:08:35 fetching corpus: 5200, signal 166890/192872 (executing program)
2025/08/29 12:08:35 fetching corpus: 5250, signal 167144/192886 (executing program)
2025/08/29 12:08:35 fetching corpus: 5300, signal 167477/192887 (executing program)
2025/08/29 12:08:35 fetching corpus: 5350, signal 167859/192892 (executing program)
2025/08/29 12:08:35 fetching corpus: 5400, signal 168360/192916 (executing program)
2025/08/29 12:08:35 fetching corpus: 5450, signal 168653/192923 (executing program)
2025/08/29 12:08:35 fetching corpus: 5500, signal 168946/192931 (executing program)
2025/08/29 12:08:36 fetching corpus: 5550, signal 169266/192941 (executing program)
2025/08/29 12:08:36 fetching corpus: 5600, signal 169717/192946 (executing program)
2025/08/29 12:08:36 fetching corpus: 5650, signal 170018/192955 (executing program)
2025/08/29 12:08:36 fetching corpus: 5700, signal 170302/192981 (executing program)
2025/08/29 12:08:36 fetching corpus: 5750, signal 170620/192981 (executing program)
2025/08/29 12:08:36 fetching corpus: 5800, signal 170908/192993 (executing program)
2025/08/29 12:08:36 fetching corpus: 5850, signal 171277/192999 (executing program)
2025/08/29 12:08:36 fetching corpus: 5900, signal 171548/193014 (executing program)
2025/08/29 12:08:36 fetching corpus: 5950, signal 171933/193021 (executing program)
2025/08/29 12:08:36 fetching corpus: 6000, signal 172460/193026 (executing program)
2025/08/29 12:08:36 fetching corpus: 6050, signal 173042/193027 (executing program)
2025/08/29 12:08:37 fetching corpus: 6100, signal 173437/193048 (executing program)
2025/08/29 12:08:37 fetching corpus: 6150, signal 173808/193051 (executing program)
2025/08/29 12:08:37 fetching corpus: 6200, signal 174032/193063 (executing program)
2025/08/29 12:08:37 fetching corpus: 6250, signal 174318/193068 (executing program)
2025/08/29 12:08:37 fetching corpus: 6300, signal 174555/193072 (executing program)
2025/08/29 12:08:37 fetching corpus: 6350, signal 174914/193074 (executing program)
2025/08/29 12:08:37 fetching corpus: 6400, signal 175370/193083 (executing program)
2025/08/29 12:08:37 fetching corpus: 6450, signal 175667/193123 (executing program)
2025/08/29 12:08:37 fetching corpus: 6500, signal 175919/193130 (executing program)
2025/08/29 12:08:37 fetching corpus: 6550, signal 176137/193161 (executing program)
2025/08/29 12:08:37 fetching corpus: 6600, signal 176505/193172 (executing program)
2025/08/29 12:08:37 fetching corpus: 6650, signal 176946/193199 (executing program)
2025/08/29 12:08:37 fetching corpus: 6700, signal 177170/193207 (executing program)
2025/08/29 12:08:37 fetching corpus: 6750, signal 177479/193211 (executing program)
2025/08/29 12:08:38 fetching corpus: 6800, signal 177812/193257 (executing program)
2025/08/29 12:08:38 fetching corpus: 6850, signal 178147/193279 (executing program)
2025/08/29 12:08:38 fetching corpus: 6900, signal 178445/193284 (executing program)
2025/08/29 12:08:38 fetching corpus: 6950, signal 179050/193289 (executing program)
2025/08/29 12:08:38 fetching corpus: 7000, signal 179287/193290 (executing program)
2025/08/29 12:08:38 fetching corpus: 7050, signal 179609/193307 (executing program)
2025/08/29 12:08:38 fetching corpus: 7100, signal 179919/193312 (executing program)
2025/08/29 12:08:38 fetching corpus: 7150, signal 180327/193326 (executing program)
2025/08/29 12:08:38 fetching corpus: 7200, signal 180581/193335 (executing program)
2025/08/29 12:08:39 fetching corpus: 7250, signal 180942/193341 (executing program)
2025/08/29 12:08:39 fetching corpus: 7300, signal 181333/193343 (executing program)
2025/08/29 12:08:39 fetching corpus: 7350, signal 181628/193346 (executing program)
2025/08/29 12:08:39 fetching corpus: 7400, signal 181870/193357 (executing program)
2025/08/29 12:08:39 fetching corpus: 7450, signal 182144/193360 (executing program)
2025/08/29 12:08:39 fetching corpus: 7500, signal 182376/193366 (executing program)
2025/08/29 12:08:39 fetching corpus: 7550, signal 182582/193378 (executing program)
2025/08/29 12:08:39 fetching corpus: 7600, signal 182936/193382 (executing program)
2025/08/29 12:08:39 fetching corpus: 7650, signal 183301/193398 (executing program)
2025/08/29 12:08:39 fetching corpus: 7700, signal 183583/193413 (executing program)
2025/08/29 12:08:39 fetching corpus: 7750, signal 183847/193421 (executing program)
2025/08/29 12:08:39 fetching corpus: 7800, signal 184111/193424 (executing program)
2025/08/29 12:08:40 fetching corpus: 7850, signal 184339/193425 (executing program)
2025/08/29 12:08:40 fetching corpus: 7900, signal 184787/193507 (executing program)
2025/08/29 12:08:40 fetching corpus: 7950, signal 185034/193507 (executing program)
2025/08/29 12:08:40 fetching corpus: 8000, signal 185288/193516 (executing program)
2025/08/29 12:08:40 fetching corpus: 8050, signal 185586/193519 (executing program)
2025/08/29 12:08:40 fetching corpus: 8100, signal 185854/193519 (executing program)
2025/08/29 12:08:40 fetching corpus: 8150, signal 186232/193544 (executing program)
2025/08/29 12:08:40 fetching corpus: 8200, signal 186449/193558 (executing program)
2025/08/29 12:08:40 fetching corpus: 8250, signal 186769/193562 (executing program)
2025/08/29 12:08:40 fetching corpus: 8300, signal 187074/193595 (executing program)
2025/08/29 12:08:40 fetching corpus: 8350, signal 187355/193599 (executing program)
2025/08/29 12:08:41 fetching corpus: 8400, signal 187667/193607 (executing program)
2025/08/29 12:08:41 fetching corpus: 8450, signal 187847/193607 (executing program)
2025/08/29 12:08:41 fetching corpus: 8500, signal 188136/193613 (executing program)
2025/08/29 12:08:41 fetching corpus: 8550, signal 188362/193613 (executing program)
2025/08/29 12:08:41 fetching corpus: 8600, signal 188643/193643 (executing program)
2025/08/29 12:08:41 fetching corpus: 8650, signal 188919/193674 (executing program)
2025/08/29 12:08:41 fetching corpus: 8700, signal 189100/193674 (executing program)
2025/08/29 12:08:41 fetching corpus: 8750, signal 189317/193680 (executing program)
2025/08/29 12:08:41 fetching corpus: 8800, signal 189588/193686 (executing program)
2025/08/29 12:08:41 fetching corpus: 8850, signal 189784/193691 (executing program)
2025/08/29 12:08:41 fetching corpus: 8900, signal 190071/193692 (executing program)
2025/08/29 12:08:42 fetching corpus: 8921, signal 190137/193692 (executing program)
2025/08/29 12:08:42 fetching corpus: 8921, signal 190137/193692 (executing program)
2025/08/29 12:08:44 starting 8 fuzzer processes
12:08:44 executing program 0:
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40045402, &(0x7f0000000040)={{0x1}})
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x4afc7bdf})

12:08:44 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='sysfs\x00', 0x0, 0x0)
mount(&(0x7f0000000180)=@filename='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x10100c, 0x0)
openat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x16}, 0x18)

12:08:44 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, 0x0)

12:08:44 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c)
close(r0)

[   80.738981] audit: type=1400 audit(1756469324.895:7): avc:  denied  { execmem } for  pid=272 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
12:08:44 executing program 3:
mlockall(0x7)
mlockall(0x1)
mlockall(0x5)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000161)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000880)=<r0=>0x0)
setreuid(r0, 0x0)

12:08:44 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='a '], 0x8)

12:08:45 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000008700)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}, {{&(0x7f00000001c0)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000001640)=[@ip_pktinfo={{0x1c, 0x0, 0x5, {0x0, @broadcast, @broadcast}}}], 0x20}}], 0x2, 0x0)

12:08:45 executing program 6:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x801, 0x0)
fcntl$setstatus(r0, 0x407, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

[   81.932759] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   81.935760] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   81.938658] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   81.945771] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   81.948465] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   82.049228] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   82.051277] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   82.053368] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   82.057241] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   82.059859] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   82.114967] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   82.117716] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   82.121947] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   82.131764] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   82.137599] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   82.139284] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   82.141373] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   82.151592] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   82.172613] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   82.181080] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   82.269214] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   82.276146] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   82.278765] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   82.285859] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   82.294720] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   82.298746] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   82.299975] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   82.302015] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   82.304914] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   82.307148] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   82.309516] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   82.315593] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   82.322529] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   82.322606] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   82.324512] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   82.331704] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   82.340919] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   82.342266] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   82.384615] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   82.406689] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   84.023032] Bluetooth: hci0: command tx timeout
[   84.085437] Bluetooth: hci1: command tx timeout
[   84.215676] Bluetooth: hci2: command tx timeout
[   84.215999] Bluetooth: hci3: command tx timeout
[   84.407360] Bluetooth: hci6: command tx timeout
[   84.407600] Bluetooth: hci5: command tx timeout
[   84.469476] Bluetooth: hci7: command tx timeout
[   84.470455] Bluetooth: hci4: command tx timeout
[   86.069949] Bluetooth: hci0: command tx timeout
[   86.133416] Bluetooth: hci1: command tx timeout
[   86.261379] Bluetooth: hci2: command tx timeout
[   86.261405] Bluetooth: hci3: command tx timeout
[   86.453492] Bluetooth: hci5: command tx timeout
[   86.454516] Bluetooth: hci6: command tx timeout
[   86.517440] Bluetooth: hci7: command tx timeout
[   86.518579] Bluetooth: hci4: command tx timeout
[   88.117451] Bluetooth: hci0: command tx timeout
[   88.181705] Bluetooth: hci1: command tx timeout
[   88.309480] Bluetooth: hci3: command tx timeout
[   88.309879] Bluetooth: hci2: command tx timeout
[   88.501414] Bluetooth: hci6: command tx timeout
[   88.501435] Bluetooth: hci5: command tx timeout
[   88.565467] Bluetooth: hci4: command tx timeout
[   88.565871] Bluetooth: hci7: command tx timeout
[   90.165489] Bluetooth: hci0: command tx timeout
[   90.230444] Bluetooth: hci1: command tx timeout
[   90.359362] Bluetooth: hci2: command tx timeout
[   90.359445] Bluetooth: hci3: command tx timeout
[   90.549380] Bluetooth: hci5: command tx timeout
[   90.550530] Bluetooth: hci6: command tx timeout
[   90.614360] Bluetooth: hci7: command tx timeout
[   90.614386] Bluetooth: hci4: command tx timeout
[  117.616581] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.617244] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.792544] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.793156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:09:22 executing program 2:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
copy_file_range(r0, &(0x7f0000000000), r0, &(0x7f00000000c0), 0x0, 0x0)

12:09:22 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000001380), r0)

[  118.369546] audit: type=1400 audit(1756469362.523:8): avc:  denied  { open } for  pid=3819 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  118.379387] audit: type=1400 audit(1756469362.523:9): avc:  denied  { kernel } for  pid=3819 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  118.390393] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.390967] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:09:22 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000003ec0)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @remote, 0x2}, 0x1c, 0x0, 0x0, &(0x7f00000001c0)=[@hopopts={{0x20, 0x29, 0x36, {0x0, 0x0, '\x00', [@generic]}}}], 0x20}}], 0x1, 0x2000c0c0)
sendmmsg$inet6(r0, &(0x7f0000005380)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000004280)={0xa, 0x4e21, 0xe4b, @local, 0xa3b}, 0x1c, &(0x7f0000005340)}}], 0x2, 0x0)

[  118.503368] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.503953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.551195] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
12:09:22 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000003ec0)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @remote, 0x2}, 0x1c, 0x0, 0x0, &(0x7f00000001c0)=[@hopopts={{0x20, 0x29, 0x36, {0x0, 0x0, '\x00', [@generic]}}}], 0x20}}], 0x1, 0x2000c0c0)
sendmmsg$inet6(r0, &(0x7f0000005380)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000004280)={0xa, 0x4e21, 0xe4b, @local, 0xa3b}, 0x1c, &(0x7f0000005340)}}], 0x2, 0x0)

12:09:22 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000003ec0)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @remote, 0x2}, 0x1c, 0x0, 0x0, &(0x7f00000001c0)=[@hopopts={{0x20, 0x29, 0x36, {0x0, 0x0, '\x00', [@generic]}}}], 0x20}}], 0x1, 0x2000c0c0)
sendmmsg$inet6(r0, &(0x7f0000005380)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000004280)={0xa, 0x4e21, 0xe4b, @local, 0xa3b}, 0x1c, &(0x7f0000005340)}}], 0x2, 0x0)

[  118.780022] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.780632] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:09:22 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000003ec0)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @remote, 0x2}, 0x1c, 0x0, 0x0, &(0x7f00000001c0)=[@hopopts={{0x20, 0x29, 0x36, {0x0, 0x0, '\x00', [@generic]}}}], 0x20}}], 0x1, 0x2000c0c0)
sendmmsg$inet6(r0, &(0x7f0000005380)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000004280)={0xa, 0x4e21, 0xe4b, @local, 0xa3b}, 0x1c, &(0x7f0000005340)}}], 0x2, 0x0)

[  118.871532] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.872132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.955992] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.956602] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:09:23 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000003ec0)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @remote, 0x2}, 0x1c, 0x0, 0x0, &(0x7f00000001c0)=[@hopopts={{0x20, 0x29, 0x36, {0x0, 0x0, '\x00', [@generic]}}}], 0x20}}], 0x1, 0x2000c0c0)
sendmmsg$inet6(r0, &(0x7f0000005380)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000004280)={0xa, 0x4e21, 0xe4b, @local, 0xa3b}, 0x1c, &(0x7f0000005340)}}], 0x2, 0x0)

[  119.020074] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.020718] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:09:23 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000003ec0)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @remote, 0x2}, 0x1c, 0x0, 0x0, &(0x7f00000001c0)=[@hopopts={{0x20, 0x29, 0x36, {0x0, 0x0, '\x00', [@generic]}}}], 0x20}}], 0x1, 0x2000c0c0)
sendmmsg$inet6(r0, &(0x7f0000005380)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000004280)={0xa, 0x4e21, 0xe4b, @local, 0xa3b}, 0x1c, &(0x7f0000005340)}}], 0x2, 0x0)

[  119.141439] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.142046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.225855] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.226495] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.284779] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.285391] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.313199] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.313823] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.371595] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.372186] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.436706] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.437349] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.486356] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.486987] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.533034] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.533690] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:09:23 executing program 0:
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40045402, &(0x7f0000000040)={{0x1}})
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x4afc7bdf})

12:09:23 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000008700)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}, {{&(0x7f00000001c0)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000001640)=[@ip_pktinfo={{0x1c, 0x0, 0x5, {0x0, @broadcast, @broadcast}}}], 0x20}}], 0x2, 0x0)

12:09:23 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x801, 0x0)
fcntl$setstatus(r0, 0x407, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

12:09:23 executing program 4:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
ioctl$FIBMAP(r0, 0x530a, &(0x7f0000000000))

12:09:23 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000003ec0)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @remote, 0x2}, 0x1c, 0x0, 0x0, &(0x7f00000001c0)=[@hopopts={{0x20, 0x29, 0x36, {0x0, 0x0, '\x00', [@generic]}}}], 0x20}}], 0x1, 0x2000c0c0)
sendmmsg$inet6(r0, &(0x7f0000005380)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000004280)={0xa, 0x4e21, 0xe4b, @local, 0xa3b}, 0x1c, &(0x7f0000005340)}}], 0x2, 0x0)

12:09:23 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000000400)={0x40084100, 0x0, 0x0, 0x0, {}, &(0x7f0000000200)=""/174, 0xae, &(0x7f00000002c0)=""/88, &(0x7f00000003c0)=[0x0], 0x1}, 0x58)

12:09:23 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c)
close(r0)

12:09:23 executing program 6:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x801, 0x0)
fcntl$setstatus(r0, 0x407, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

12:09:24 executing program 0:
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40045402, &(0x7f0000000040)={{0x1}})
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x4afc7bdf})

12:09:24 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000008700)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}, {{&(0x7f00000001c0)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000001640)=[@ip_pktinfo={{0x1c, 0x0, 0x5, {0x0, @broadcast, @broadcast}}}], 0x20}}], 0x2, 0x0)

12:09:24 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c)
close(r0)

12:09:24 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c)
close(r0)

12:09:24 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c)
close(r0)

12:09:24 executing program 6:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x801, 0x0)
fcntl$setstatus(r0, 0x407, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

12:09:24 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x801, 0x0)
fcntl$setstatus(r0, 0x407, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

12:09:24 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000000400)={0x40084100, 0x0, 0x0, 0x0, {}, &(0x7f0000000200)=""/174, 0xae, &(0x7f00000002c0)=""/88, &(0x7f00000003c0)=[0x0], 0x1}, 0x58)

12:09:24 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000008700)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}, {{&(0x7f00000001c0)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000001640)=[@ip_pktinfo={{0x1c, 0x0, 0x5, {0x0, @broadcast, @broadcast}}}], 0x20}}], 0x2, 0x0)

12:09:24 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c)
close(r0)

12:09:24 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c)
close(r0)

12:09:24 executing program 0:
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40045402, &(0x7f0000000040)={{0x1}})
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x4afc7bdf})

12:09:24 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c)
close(r0)

12:09:24 executing program 6:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x801, 0x0)
fcntl$setstatus(r0, 0x407, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

12:09:24 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c)
close(r0)

12:09:24 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r1 = dup(r0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f00000000c0))
unshare(0x0)

12:09:24 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000000400)={0x40084100, 0x0, 0x0, 0x0, {}, &(0x7f0000000200)=""/174, 0xae, &(0x7f00000002c0)=""/88, &(0x7f00000003c0)=[0x0], 0x1}, 0x58)

12:09:24 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x801, 0x0)
fcntl$setstatus(r0, 0x407, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

12:09:24 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c)
close(r0)

12:09:24 executing program 7:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
preadv(r0, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/200, 0xc8}], 0x1, 0x0, 0x0)

12:09:24 executing program 5:
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x2c, &(0x7f0000000140)={0x0, 0x0}, 0x10)

[  120.246513] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI
[  120.247479] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[  120.248173] CPU: 0 UID: 0 PID: 3971 Comm: syz-executor.3 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  120.250399] Tainted: [W]=WARN
[  120.251208] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  120.253206] RIP: 0010:perf_tp_event+0x175/0xe70
[  120.254834] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  120.258404] RSP: 0018:ffff8880163a7800 EFLAGS: 00010212
[  120.258836] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc9000420a000
[  120.259396] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190
[  120.259949] RBP: ffff8880163a7a70 R08: ffff88806ce31340 R09: ffffe8ffffc16320
[  120.260509] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  120.261065] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  120.261626] FS:  00007f995997c700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  120.262258] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  120.262724] CR2: 00007f30df41f547 CR3: 00000000461fc000 CR4: 0000000000350ef0
[  120.263281] Call Trace:
[  120.263491]  <TASK>
[  120.263680]  ? __pfx_perf_tp_event+0x10/0x10
[  120.264041]  ? perf_tp_event+0x807/0xe70
[  120.264372]  ? lock_is_held_type+0x9e/0x120
[  120.264734]  ? __pfx_perf_tp_event+0x10/0x10
[  120.265093]  ? __pfx_perf_trace_lock+0x10/0x10
[  120.265470]  ? find_held_lock+0x2b/0x80
[  120.265804]  ? perf_trace_run_bpf_submit+0xef/0x180
[  120.266205]  ? perf_trace_run_bpf_submit+0xef/0x180
[  120.266617]  ? perf_trace_run_bpf_submit+0xef/0x180
[  120.267018]  perf_trace_run_bpf_submit+0xef/0x180
[  120.267414]  perf_trace_lock+0x337/0x5d0
[  120.267747]  ? __pfx_perf_trace_lock+0x10/0x10
[  120.268121]  ? lock_acquire+0x15e/0x2f0
[  120.268444]  ? futex_ref_get+0x48/0x300
[  120.268764]  ? futex_ref_get+0x114/0x300
[  120.269088]  ? futex_hash+0x15c/0x390
[  120.269397]  lock_release+0x1ab/0x290
[  120.269711]  ? futex_hash+0x15c/0x390
[  120.270018]  futex_ref_get+0x119/0x300
[  120.270333]  ? futex_hash+0x15c/0x390
[  120.270644]  futex_hash+0x70/0x390
[  120.270933]  futex_wake+0x143/0x540
[  120.271230]  ? __pfx_perf_trace_lock+0x10/0x10
[  120.271601]  ? __pfx_futex_wake+0x10/0x10
[  120.271940]  ? __do_sys_perf_event_open+0x44d/0x2c20
[  120.272346]  ? lock_release+0xc8/0x290
[  120.272668]  do_futex+0x26d/0x370
[  120.272952]  ? __pfx_do_futex+0x10/0x10
[  120.273276]  ? __pfx___do_sys_perf_event_open+0x10/0x10
[  120.273698]  ? find_held_lock+0x2b/0x80
[  120.274025]  __x64_sys_futex+0x1c9/0x4d0
[  120.274356]  ? __pfx___x64_sys_futex+0x10/0x10
[  120.274731]  ? xfd_validate_state+0x55/0x180
[  120.275098]  do_syscall_64+0xbf/0x360
[  120.275411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.275822] RIP: 0033:0x7f995c406b19
[  120.276118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  120.277536] RSP: 002b:00007f995997c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  120.278128] RAX: ffffffffffffffda RBX: 00007f995c519f68 RCX: 00007f995c406b19
[  120.278694] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f995c519f6c
[  120.279253] RBP: 00007f995c519f60 R08: 000000000000000e R09: 0000000000000000
[  120.279814] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f995c519f6c
[  120.280369] R13: 00007ffccbde9a2f R14: 00007f995997c300 R15: 0000000000022000
[  120.280939]  </TASK>
[  120.281126] Modules linked in:
[  120.281413] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI
[  120.282268] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[  120.282946] CPU: 0 UID: 0 PID: 3971 Comm: syz-executor.3 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  120.283867] Tainted: [D]=DIE, [W]=WARN
[  120.284172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  120.284811] RIP: 0010:perf_tp_event+0x175/0xe70
[  120.285183] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  120.286591] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012
[  120.287007] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[  120.287559] RDX: ffff888046df1b80 RSI: ffffffff818995b7 RDI: 0000000100000190
[  120.288118] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc16320
[  120.288673] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000
[  120.289226] R13: 000000000000002c R14: ffff88806ce31490 R15: dffffc0000000000
[  120.289782] FS:  00007f995997c700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  120.290405] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  120.290864] CR2: 00007f30df41f547 CR3: 00000000461fc000 CR4: 0000000000350ef0
[  120.291421] Call Trace:
[  120.291625]  <IRQ>
[  120.291810]  ? __pfx_perf_tp_event+0x10/0x10
[  120.292163]  ? handle_softirqs+0x1b1/0x770
[  120.292507]  ? perf_trace_lock+0xb5/0x5d0
[  120.292840]  ? __pfx_perf_trace_lock+0x10/0x10
[  120.293206]  ? perf_trace_lock_acquire+0xc9/0x700
[  120.293589]  ? perf_trace_lock_acquire+0xc9/0x700
[  120.293974]  ? perf_trace_lock+0xb5/0x5d0
[  120.294305]  ? __pfx_perf_trace_lock+0x10/0x10
[  120.294686]  ? perf_trace_run_bpf_submit+0xef/0x180
[  120.295086]  perf_trace_run_bpf_submit+0xef/0x180
[  120.295474]  perf_trace_lock+0x337/0x5d0
[  120.295799]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[  120.296216]  ? __pfx_perf_trace_lock+0x10/0x10
[  120.296583]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[  120.296998]  ? hrtimer_interrupt+0x114/0x830
[  120.297349]  lock_release+0x1ab/0x290
[  120.297658]  ktime_get_update_offsets_now+0xab/0x3c0
[  120.298061]  ? hrtimer_interrupt+0x114/0x830
[  120.298416]  hrtimer_interrupt+0x114/0x830
[  120.298756]  ? __pfx_do_sync_core+0x10/0x10
[  120.299098]  ? trace_csd_function_exit+0x134/0x190
[  120.299492]  ? __flush_smp_call_function_queue+0x28c/0x740
[  120.299935]  __sysvec_apic_timer_interrupt+0xbb/0x330
[  120.300352]  sysvec_apic_timer_interrupt+0x6b/0x80
[  120.300745]  </IRQ>
[  120.300925]  <TASK>
[  120.301108]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  120.301523] RIP: 0010:oops_exit+0x0/0x50
[  120.301850] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27
[  120.303263] RSP: 0018:ffff8880163a7690 EFLAGS: 00000202
[  120.303680] RAX: 000000000002b74c RBX: 0000000000000212 RCX: ffffc9000420a000
[  120.304232] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007
[  120.304783] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90
[  120.305334] R10: 0000000000000000 R11: 000000000000002c R12: ffff8880163a7758
[  120.305884] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000
[  120.306440]  ? oops_end+0x4a/0xe0
[  120.306737]  oops_end+0x65/0xe0
[  120.307009]  exc_general_protection+0x1a2/0x330
[  120.307387]  asm_exc_general_protection+0x26/0x30
[  120.307766] RIP: 0010:perf_tp_event+0x175/0xe70
[  120.308136] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  120.309539] RSP: 0018:ffff8880163a7800 EFLAGS: 00010212
[  120.309955] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc9000420a000
[  120.310505] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190
[  120.311061] RBP: ffff8880163a7a70 R08: ffff88806ce31340 R09: ffffe8ffffc16320
[  120.311613] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  120.312164] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  120.312726]  ? perf_tp_event+0x167/0xe70
[  120.313058]  ? __pfx_perf_tp_event+0x10/0x10
[  120.313416]  ? perf_tp_event+0x807/0xe70
[  120.313742]  ? lock_is_held_type+0x9e/0x120
[  120.314090]  ? __pfx_perf_tp_event+0x10/0x10
[  120.314445]  ? __pfx_perf_trace_lock+0x10/0x10
[  120.314816]  ? find_held_lock+0x2b/0x80
[  120.315139]  ? perf_trace_run_bpf_submit+0xef/0x180
[  120.315537]  ? perf_trace_run_bpf_submit+0xef/0x180
[  120.315940]  ? perf_trace_run_bpf_submit+0xef/0x180
[  120.316334]  perf_trace_run_bpf_submit+0xef/0x180
[  120.316720]  perf_trace_lock+0x337/0x5d0
[  120.317043]  ? __pfx_perf_trace_lock+0x10/0x10
[  120.317407]  ? lock_acquire+0x15e/0x2f0
[  120.317722]  ? futex_ref_get+0x48/0x300
[  120.318037]  ? futex_ref_get+0x114/0x300
[  120.318354]  ? futex_hash+0x15c/0x390
[  120.318663]  lock_release+0x1ab/0x290
[  120.318969]  ? futex_hash+0x15c/0x390
[  120.319270]  futex_ref_get+0x119/0x300
[  120.319579]  ? futex_hash+0x15c/0x390
[  120.319882]  futex_hash+0x70/0x390
[  120.320166]  futex_wake+0x143/0x540
[  120.320458]  ? __pfx_perf_trace_lock+0x10/0x10
[  120.320823]  ? __pfx_futex_wake+0x10/0x10
[  120.321157]  ? __do_sys_perf_event_open+0x44d/0x2c20
[  120.321557]  ? lock_release+0xc8/0x290
[  120.321872]  do_futex+0x26d/0x370
[  120.322151]  ? __pfx_do_futex+0x10/0x10
[  120.322467]  ? __pfx___do_sys_perf_event_open+0x10/0x10
[  120.322887]  ? find_held_lock+0x2b/0x80
[  120.323212]  __x64_sys_futex+0x1c9/0x4d0
[  120.323539]  ? __pfx___x64_sys_futex+0x10/0x10
[  120.323900]  ? xfd_validate_state+0x55/0x180
[  120.324257]  do_syscall_64+0xbf/0x360
[  120.324560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.324963] RIP: 0033:0x7f995c406b19
[  120.325254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  120.326660] RSP: 002b:00007f995997c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  120.327247] RAX: ffffffffffffffda RBX: 00007f995c519f68 RCX: 00007f995c406b19
[  120.327797] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f995c519f6c
[  120.328346] RBP: 00007f995c519f60 R08: 000000000000000e R09: 0000000000000000
[  120.328896] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f995c519f6c
[  120.329449] R13: 00007ffccbde9a2f R14: 00007f995997c300 R15: 0000000000022000
[  120.330012]  </TASK>
[  120.330203] Modules linked in:
[  120.330478] ---[ end trace 0000000000000000 ]---
[  120.330871] RIP: 0010:perf_tp_event+0x175/0xe70
[  120.331256] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  120.332730] RSP: 0018:ffff8880163a7800 EFLAGS: 00010212
[  120.333165] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc9000420a000
[  120.333738] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190
[  120.334318] RBP: ffff8880163a7a70 R08: ffff88806ce31340 R09: ffffe8ffffc16320
[  120.334904] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  120.335477] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[  120.336046] FS:  00007f995997c700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  120.336691] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  120.337155] CR2: 00007f30df41f547 CR3: 00000000461fc000 CR4: 0000000000350ef0
[  120.337735] Kernel panic - not syncing: Fatal exception in interrupt
[  120.338428] Kernel Offset: disabled
[  120.338735] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
12:09:24  Registers:
info registers vcpu 0
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880163a7158
R8 =0000000000000000 R9 =ffffed1001725046 R10=0000000000000032 R11=000000000000002c
R12=0000000000000032 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f995997c700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe5000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f30df41f547 CR3=00000000461fc000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f995c4ed7c000007f995c4ed7c8
XMM02=00007f995c4ed7e000007f995c4ed7c0 XMM03=00007f995c4ed7c800007f995c4ed7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=1ffff1100d9e1192 RCX=0000000000000000 RDX=1ffffffff09950e4
RSI=ffffffff85a112d8 RDI=ffffffff84ca8720 RBP=ffffffff84ca8720 RSP=ffff88806cf08c28
R8 =0000000000000000 R9 =0000000000000001 R10=ffffffff85b23640 R11=ffff88806cf08ff8
R12=ffffffff85a112f0 R13=ffff88806cf08d10 R14=0000000000000000 R15=ffff88806cf289c8
RIP=ffffffff84b7a412 RFL=00000096 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fef6cc5d700 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe0600000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fef6f7fb018 CR3=000000000f0f4000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007fef6f7ce7c000007fef6f7ce7c8
XMM02=00007fef6f7ce7e000007fef6f7ce7c0 XMM03=00007fef6f7ce7c800007fef6f7ce7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000