Warning: Permanently added '[localhost]:30431' (ECDSA) to the list of known hosts. 2025/08/29 12:31:22 fuzzer started 2025/08/29 12:31:22 dialing manager at localhost:43077 syzkaller login: [ 51.018305] cgroup: Unknown subsys name 'net' [ 51.067856] cgroup: Unknown subsys name 'cpuset' [ 51.082522] cgroup: Unknown subsys name 'rlimit' 2025/08/29 12:31:32 syscalls: 2214 2025/08/29 12:31:32 code coverage: enabled 2025/08/29 12:31:32 comparison tracing: enabled 2025/08/29 12:31:32 extra coverage: enabled 2025/08/29 12:31:32 setuid sandbox: enabled 2025/08/29 12:31:32 namespace sandbox: enabled 2025/08/29 12:31:32 Android sandbox: enabled 2025/08/29 12:31:32 fault injection: enabled 2025/08/29 12:31:32 leak checking: enabled 2025/08/29 12:31:32 net packet injection: enabled 2025/08/29 12:31:32 net device setup: enabled 2025/08/29 12:31:32 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 12:31:32 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 12:31:32 USB emulation: enabled 2025/08/29 12:31:32 hci packet injection: enabled 2025/08/29 12:31:32 wifi device emulation: enabled 2025/08/29 12:31:32 802.15.4 emulation: enabled 2025/08/29 12:31:32 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 12:31:32 fetching corpus: 50, signal 20174/23757 (executing program) 2025/08/29 12:31:32 fetching corpus: 100, signal 33168/38108 (executing program) 2025/08/29 12:31:32 fetching corpus: 150, signal 41143/47396 (executing program) 2025/08/29 12:31:32 fetching corpus: 200, signal 49012/56505 (executing program) 2025/08/29 12:31:33 fetching corpus: 250, signal 55317/63981 (executing program) 2025/08/29 12:31:33 fetching corpus: 300, signal 59952/69750 (executing program) 2025/08/29 12:31:33 fetching corpus: 350, signal 62768/73695 (executing program) 2025/08/29 12:31:33 fetching corpus: 400, signal 65280/77329 (executing program) 2025/08/29 12:31:33 fetching corpus: 450, signal 68280/81367 (executing program) 2025/08/29 12:31:33 fetching corpus: 500, signal 71024/85110 (executing program) 2025/08/29 12:31:33 fetching corpus: 550, signal 73983/88949 (executing program) 2025/08/29 12:31:33 fetching corpus: 600, signal 76573/92456 (executing program) 2025/08/29 12:31:33 fetching corpus: 650, signal 78116/94978 (executing program) 2025/08/29 12:31:33 fetching corpus: 700, signal 80500/98192 (executing program) 2025/08/29 12:31:33 fetching corpus: 750, signal 83788/102175 (executing program) 2025/08/29 12:31:33 fetching corpus: 800, signal 86228/105401 (executing program) 2025/08/29 12:31:34 fetching corpus: 850, signal 87773/107748 (executing program) 2025/08/29 12:31:34 fetching corpus: 900, signal 89418/110187 (executing program) 2025/08/29 12:31:34 fetching corpus: 950, signal 91541/113030 (executing program) 2025/08/29 12:31:34 fetching corpus: 1000, signal 93712/115738 (executing program) 2025/08/29 12:31:34 fetching corpus: 1050, signal 96578/119032 (executing program) 2025/08/29 12:31:34 fetching corpus: 1100, signal 98677/121668 (executing program) 2025/08/29 12:31:34 fetching corpus: 1150, signal 100917/124380 (executing program) 2025/08/29 12:31:34 fetching corpus: 1200, signal 102621/126648 (executing program) 2025/08/29 12:31:34 fetching corpus: 1250, signal 105666/129812 (executing program) 2025/08/29 12:31:35 fetching corpus: 1300, signal 106636/131414 (executing program) 2025/08/29 12:31:35 fetching corpus: 1350, signal 108885/133962 (executing program) 2025/08/29 12:31:35 fetching corpus: 1400, signal 110087/135701 (executing program) 2025/08/29 12:31:35 fetching corpus: 1450, signal 110995/137197 (executing program) 2025/08/29 12:31:35 fetching corpus: 1500, signal 111942/138708 (executing program) 2025/08/29 12:31:35 fetching corpus: 1550, signal 113424/140561 (executing program) 2025/08/29 12:31:35 fetching corpus: 1600, signal 114620/142277 (executing program) 2025/08/29 12:31:35 fetching corpus: 1650, signal 115887/143934 (executing program) 2025/08/29 12:31:35 fetching corpus: 1700, signal 116812/145357 (executing program) 2025/08/29 12:31:35 fetching corpus: 1750, signal 118341/147143 (executing program) 2025/08/29 12:31:35 fetching corpus: 1800, signal 121084/149584 (executing program) 2025/08/29 12:31:36 fetching corpus: 1850, signal 122390/151145 (executing program) 2025/08/29 12:31:36 fetching corpus: 1900, signal 122931/152251 (executing program) 2025/08/29 12:31:36 fetching corpus: 1950, signal 123717/153493 (executing program) 2025/08/29 12:31:36 fetching corpus: 2000, signal 124443/154659 (executing program) 2025/08/29 12:31:36 fetching corpus: 2050, signal 125929/156246 (executing program) 2025/08/29 12:31:36 fetching corpus: 2100, signal 127225/157700 (executing program) 2025/08/29 12:31:36 fetching corpus: 2150, signal 128028/158858 (executing program) 2025/08/29 12:31:36 fetching corpus: 2200, signal 128734/159955 (executing program) 2025/08/29 12:31:36 fetching corpus: 2250, signal 129730/161174 (executing program) 2025/08/29 12:31:36 fetching corpus: 2300, signal 130460/162282 (executing program) 2025/08/29 12:31:36 fetching corpus: 2350, signal 131551/163509 (executing program) 2025/08/29 12:31:36 fetching corpus: 2400, signal 132385/164615 (executing program) 2025/08/29 12:31:37 fetching corpus: 2450, signal 133806/165991 (executing program) 2025/08/29 12:31:37 fetching corpus: 2500, signal 134887/167148 (executing program) 2025/08/29 12:31:37 fetching corpus: 2550, signal 135674/168172 (executing program) 2025/08/29 12:31:37 fetching corpus: 2600, signal 136675/169260 (executing program) 2025/08/29 12:31:37 fetching corpus: 2650, signal 137462/170200 (executing program) 2025/08/29 12:31:37 fetching corpus: 2700, signal 138163/171105 (executing program) 2025/08/29 12:31:37 fetching corpus: 2750, signal 139148/172110 (executing program) 2025/08/29 12:31:37 fetching corpus: 2800, signal 140010/173032 (executing program) 2025/08/29 12:31:37 fetching corpus: 2850, signal 140636/173846 (executing program) 2025/08/29 12:31:37 fetching corpus: 2900, signal 141499/174778 (executing program) 2025/08/29 12:31:37 fetching corpus: 2950, signal 142128/175600 (executing program) 2025/08/29 12:31:38 fetching corpus: 3000, signal 142775/176401 (executing program) 2025/08/29 12:31:38 fetching corpus: 3050, signal 143570/177457 (executing program) 2025/08/29 12:31:38 fetching corpus: 3100, signal 144290/178267 (executing program) 2025/08/29 12:31:38 fetching corpus: 3150, signal 144810/178958 (executing program) 2025/08/29 12:31:38 fetching corpus: 3200, signal 145529/179738 (executing program) 2025/08/29 12:31:38 fetching corpus: 3250, signal 146303/180563 (executing program) 2025/08/29 12:31:38 fetching corpus: 3300, signal 146897/181231 (executing program) 2025/08/29 12:31:38 fetching corpus: 3350, signal 147553/181971 (executing program) 2025/08/29 12:31:38 fetching corpus: 3400, signal 148149/182646 (executing program) 2025/08/29 12:31:38 fetching corpus: 3450, signal 148911/183369 (executing program) 2025/08/29 12:31:39 fetching corpus: 3500, signal 149607/184029 (executing program) 2025/08/29 12:31:39 fetching corpus: 3550, signal 150145/184689 (executing program) 2025/08/29 12:31:39 fetching corpus: 3600, signal 150834/185360 (executing program) 2025/08/29 12:31:39 fetching corpus: 3650, signal 151270/185931 (executing program) 2025/08/29 12:31:39 fetching corpus: 3700, signal 152025/186566 (executing program) 2025/08/29 12:31:39 fetching corpus: 3750, signal 152579/187190 (executing program) 2025/08/29 12:31:39 fetching corpus: 3800, signal 152990/187794 (executing program) 2025/08/29 12:31:40 fetching corpus: 3850, signal 153632/188436 (executing program) 2025/08/29 12:31:40 fetching corpus: 3900, signal 154287/188990 (executing program) 2025/08/29 12:31:40 fetching corpus: 3950, signal 154679/189492 (executing program) 2025/08/29 12:31:40 fetching corpus: 4000, signal 155151/189973 (executing program) 2025/08/29 12:31:40 fetching corpus: 4050, signal 155672/190491 (executing program) 2025/08/29 12:31:40 fetching corpus: 4100, signal 156346/191027 (executing program) 2025/08/29 12:31:40 fetching corpus: 4150, signal 156863/191511 (executing program) 2025/08/29 12:31:40 fetching corpus: 4200, signal 157519/192062 (executing program) 2025/08/29 12:31:40 fetching corpus: 4250, signal 157945/192491 (executing program) 2025/08/29 12:31:41 fetching corpus: 4300, signal 158413/192929 (executing program) 2025/08/29 12:31:41 fetching corpus: 4350, signal 158916/193412 (executing program) 2025/08/29 12:31:41 fetching corpus: 4400, signal 159369/193847 (executing program) 2025/08/29 12:31:41 fetching corpus: 4450, signal 159890/194260 (executing program) 2025/08/29 12:31:41 fetching corpus: 4500, signal 160269/194682 (executing program) 2025/08/29 12:31:41 fetching corpus: 4550, signal 160676/195109 (executing program) 2025/08/29 12:31:41 fetching corpus: 4600, signal 161023/195517 (executing program) 2025/08/29 12:31:41 fetching corpus: 4650, signal 161344/195923 (executing program) 2025/08/29 12:31:41 fetching corpus: 4700, signal 161771/196298 (executing program) 2025/08/29 12:31:41 fetching corpus: 4750, signal 162300/196688 (executing program) 2025/08/29 12:31:41 fetching corpus: 4800, signal 162900/196755 (executing program) 2025/08/29 12:31:41 fetching corpus: 4850, signal 163300/196854 (executing program) 2025/08/29 12:31:42 fetching corpus: 4900, signal 163769/196874 (executing program) 2025/08/29 12:31:42 fetching corpus: 4950, signal 164157/196885 (executing program) 2025/08/29 12:31:42 fetching corpus: 5000, signal 164484/196897 (executing program) 2025/08/29 12:31:42 fetching corpus: 5050, signal 164863/196907 (executing program) 2025/08/29 12:31:42 fetching corpus: 5100, signal 165263/196918 (executing program) 2025/08/29 12:31:42 fetching corpus: 5150, signal 165544/196958 (executing program) 2025/08/29 12:31:42 fetching corpus: 5200, signal 166113/197010 (executing program) 2025/08/29 12:31:42 fetching corpus: 5250, signal 166677/197139 (executing program) 2025/08/29 12:31:42 fetching corpus: 5300, signal 167099/197159 (executing program) 2025/08/29 12:31:42 fetching corpus: 5350, signal 167519/197240 (executing program) 2025/08/29 12:31:42 fetching corpus: 5400, signal 167871/197244 (executing program) 2025/08/29 12:31:43 fetching corpus: 5450, signal 168193/197255 (executing program) 2025/08/29 12:31:43 fetching corpus: 5500, signal 168664/197276 (executing program) 2025/08/29 12:31:43 fetching corpus: 5550, signal 168952/197281 (executing program) 2025/08/29 12:31:43 fetching corpus: 5600, signal 169272/197288 (executing program) 2025/08/29 12:31:43 fetching corpus: 5650, signal 169597/197306 (executing program) 2025/08/29 12:31:43 fetching corpus: 5700, signal 169983/197314 (executing program) 2025/08/29 12:31:43 fetching corpus: 5750, signal 170651/197327 (executing program) 2025/08/29 12:31:43 fetching corpus: 5800, signal 170961/197339 (executing program) 2025/08/29 12:31:43 fetching corpus: 5850, signal 171274/197344 (executing program) 2025/08/29 12:31:43 fetching corpus: 5900, signal 171604/197365 (executing program) 2025/08/29 12:31:43 fetching corpus: 5950, signal 172000/197403 (executing program) 2025/08/29 12:31:43 fetching corpus: 6000, signal 172295/197416 (executing program) 2025/08/29 12:31:44 fetching corpus: 6050, signal 172557/197453 (executing program) 2025/08/29 12:31:44 fetching corpus: 6100, signal 172938/197464 (executing program) 2025/08/29 12:31:44 fetching corpus: 6150, signal 173308/197473 (executing program) 2025/08/29 12:31:44 fetching corpus: 6200, signal 173749/197477 (executing program) 2025/08/29 12:31:44 fetching corpus: 6250, signal 174188/197477 (executing program) 2025/08/29 12:31:44 fetching corpus: 6300, signal 174617/197486 (executing program) 2025/08/29 12:31:44 fetching corpus: 6350, signal 175013/197486 (executing program) 2025/08/29 12:31:44 fetching corpus: 6400, signal 175382/197494 (executing program) 2025/08/29 12:31:44 fetching corpus: 6450, signal 175977/197613 (executing program) 2025/08/29 12:31:44 fetching corpus: 6500, signal 176277/197619 (executing program) 2025/08/29 12:31:44 fetching corpus: 6550, signal 176575/197627 (executing program) 2025/08/29 12:31:45 fetching corpus: 6600, signal 176890/197633 (executing program) 2025/08/29 12:31:45 fetching corpus: 6650, signal 177269/197636 (executing program) 2025/08/29 12:31:45 fetching corpus: 6700, signal 177571/197671 (executing program) 2025/08/29 12:31:45 fetching corpus: 6750, signal 178289/197674 (executing program) 2025/08/29 12:31:45 fetching corpus: 6800, signal 178659/197675 (executing program) 2025/08/29 12:31:45 fetching corpus: 6850, signal 178953/197719 (executing program) 2025/08/29 12:31:45 fetching corpus: 6900, signal 179223/197721 (executing program) 2025/08/29 12:31:45 fetching corpus: 6950, signal 179543/197723 (executing program) 2025/08/29 12:31:45 fetching corpus: 7000, signal 179869/197724 (executing program) 2025/08/29 12:31:45 fetching corpus: 7050, signal 180287/197724 (executing program) 2025/08/29 12:31:45 fetching corpus: 7100, signal 180581/197727 (executing program) 2025/08/29 12:31:45 fetching corpus: 7150, signal 180905/197730 (executing program) 2025/08/29 12:31:46 fetching corpus: 7200, signal 181184/197778 (executing program) 2025/08/29 12:31:46 fetching corpus: 7250, signal 181428/197780 (executing program) 2025/08/29 12:31:46 fetching corpus: 7300, signal 181766/197801 (executing program) 2025/08/29 12:31:46 fetching corpus: 7350, signal 182143/197805 (executing program) 2025/08/29 12:31:46 fetching corpus: 7400, signal 182518/197810 (executing program) 2025/08/29 12:31:46 fetching corpus: 7450, signal 182790/197813 (executing program) 2025/08/29 12:31:46 fetching corpus: 7500, signal 183155/197840 (executing program) 2025/08/29 12:31:46 fetching corpus: 7550, signal 183540/197840 (executing program) 2025/08/29 12:31:46 fetching corpus: 7600, signal 183793/197848 (executing program) 2025/08/29 12:31:46 fetching corpus: 7650, signal 184053/197858 (executing program) 2025/08/29 12:31:46 fetching corpus: 7700, signal 184443/197860 (executing program) 2025/08/29 12:31:47 fetching corpus: 7750, signal 184646/197861 (executing program) 2025/08/29 12:31:47 fetching corpus: 7800, signal 185022/197869 (executing program) 2025/08/29 12:31:47 fetching corpus: 7850, signal 185294/197898 (executing program) 2025/08/29 12:31:47 fetching corpus: 7900, signal 185586/197901 (executing program) 2025/08/29 12:31:47 fetching corpus: 7950, signal 185729/197906 (executing program) 2025/08/29 12:31:47 fetching corpus: 8000, signal 185987/197921 (executing program) 2025/08/29 12:31:47 fetching corpus: 8050, signal 186220/197926 (executing program) 2025/08/29 12:31:47 fetching corpus: 8100, signal 186450/197937 (executing program) 2025/08/29 12:31:47 fetching corpus: 8150, signal 186650/197938 (executing program) 2025/08/29 12:31:47 fetching corpus: 8200, signal 186858/197949 (executing program) 2025/08/29 12:31:47 fetching corpus: 8250, signal 187158/197954 (executing program) 2025/08/29 12:31:47 fetching corpus: 8300, signal 187422/197958 (executing program) 2025/08/29 12:31:48 fetching corpus: 8350, signal 187812/197964 (executing program) 2025/08/29 12:31:48 fetching corpus: 8400, signal 188020/197969 (executing program) 2025/08/29 12:31:48 fetching corpus: 8450, signal 188369/197969 (executing program) 2025/08/29 12:31:48 fetching corpus: 8500, signal 188567/197972 (executing program) 2025/08/29 12:31:48 fetching corpus: 8550, signal 188871/197981 (executing program) 2025/08/29 12:31:48 fetching corpus: 8600, signal 189193/197996 (executing program) 2025/08/29 12:31:48 fetching corpus: 8650, signal 189477/198004 (executing program) 2025/08/29 12:31:48 fetching corpus: 8700, signal 189744/198017 (executing program) 2025/08/29 12:31:48 fetching corpus: 8750, signal 190058/198018 (executing program) 2025/08/29 12:31:48 fetching corpus: 8800, signal 190237/198023 (executing program) 2025/08/29 12:31:48 fetching corpus: 8850, signal 190512/198090 (executing program) 2025/08/29 12:31:48 fetching corpus: 8900, signal 190761/198139 (executing program) 2025/08/29 12:31:48 fetching corpus: 8950, signal 190996/198168 (executing program) 2025/08/29 12:31:49 fetching corpus: 9000, signal 191231/198175 (executing program) 2025/08/29 12:31:49 fetching corpus: 9050, signal 191394/198180 (executing program) 2025/08/29 12:31:49 fetching corpus: 9100, signal 191677/198190 (executing program) 2025/08/29 12:31:49 fetching corpus: 9150, signal 191919/198197 (executing program) 2025/08/29 12:31:49 fetching corpus: 9200, signal 192121/198197 (executing program) 2025/08/29 12:31:49 fetching corpus: 9250, signal 192391/198200 (executing program) 2025/08/29 12:31:49 fetching corpus: 9300, signal 192654/198203 (executing program) 2025/08/29 12:31:49 fetching corpus: 9350, signal 192946/198231 (executing program) 2025/08/29 12:31:49 fetching corpus: 9400, signal 193193/198257 (executing program) 2025/08/29 12:31:50 fetching corpus: 9450, signal 193427/198259 (executing program) 2025/08/29 12:31:50 fetching corpus: 9500, signal 193625/198261 (executing program) 2025/08/29 12:31:50 fetching corpus: 9550, signal 193871/198269 (executing program) 2025/08/29 12:31:50 fetching corpus: 9600, signal 194104/198270 (executing program) 2025/08/29 12:31:50 fetching corpus: 9650, signal 194353/198275 (executing program) 2025/08/29 12:31:50 fetching corpus: 9669, signal 194455/198279 (executing program) 2025/08/29 12:31:50 fetching corpus: 9669, signal 194455/198279 (executing program) 2025/08/29 12:31:52 starting 8 fuzzer processes 12:31:52 executing program 0: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) times(0x0) 12:31:52 executing program 1: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x100) fcntl$setstatus(r0, 0x4, 0x2c00) unlink(&(0x7f0000000340)='./file0\x00') 12:31:52 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/raw6\x00') pread64(r0, &(0x7f0000000140)=""/217, 0xd9, 0x300) [ 81.239788] audit: type=1400 audit(1756470712.730:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 12:31:52 executing program 7: r0 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$set_timeout(0x6, r0, 0x2) 12:31:52 executing program 3: mlockall(0x7) mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0) 12:31:52 executing program 4: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0xd}, {0x3, [{0xc9, 0x800}, {0xc9}, {}]}}}, 0x10) syz_emit_vhci(0x0, 0x0) 12:31:52 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, 0x0, 0x0) 12:31:52 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'syz_tun\x00'}) [ 82.336807] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.340039] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.342759] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.348530] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.350943] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 82.463137] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 82.467152] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 82.469505] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 82.473602] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 82.478750] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 82.489197] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 82.494619] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 82.497817] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 82.505075] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 82.506898] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 82.616950] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 82.631816] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 82.634004] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 82.636773] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 82.640287] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 82.645718] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 82.646880] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 82.648308] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 82.650493] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 82.657980] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 82.661847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 82.664299] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 82.664304] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 82.666105] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 82.668195] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 82.669659] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 82.674513] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 82.676853] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 82.679027] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 82.680470] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 82.700485] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 82.701855] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 82.705534] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 82.707132] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 82.717710] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 84.367907] Bluetooth: hci0: command tx timeout [ 84.495403] Bluetooth: hci2: command tx timeout [ 84.559420] Bluetooth: hci1: command tx timeout [ 84.751462] Bluetooth: hci5: command tx timeout [ 84.752148] Bluetooth: hci6: command tx timeout [ 84.752661] Bluetooth: hci3: command tx timeout [ 84.753114] Bluetooth: hci4: command tx timeout [ 84.815403] Bluetooth: hci7: command tx timeout [ 86.416052] Bluetooth: hci0: command tx timeout [ 86.543539] Bluetooth: hci2: command tx timeout [ 86.607445] Bluetooth: hci1: command tx timeout [ 86.799592] Bluetooth: hci4: command tx timeout [ 86.800569] Bluetooth: hci3: command tx timeout [ 86.801334] Bluetooth: hci6: command tx timeout [ 86.802141] Bluetooth: hci5: command tx timeout [ 86.863423] Bluetooth: hci7: command tx timeout [ 88.463484] Bluetooth: hci0: command tx timeout [ 88.592408] Bluetooth: hci2: command tx timeout [ 88.655405] Bluetooth: hci1: command tx timeout [ 88.847582] Bluetooth: hci5: command tx timeout [ 88.848052] Bluetooth: hci4: command tx timeout [ 88.848644] Bluetooth: hci6: command tx timeout [ 88.849031] Bluetooth: hci3: command tx timeout [ 88.912420] Bluetooth: hci7: command tx timeout [ 90.512425] Bluetooth: hci0: command tx timeout [ 90.639396] Bluetooth: hci2: command tx timeout [ 90.704542] Bluetooth: hci1: command tx timeout [ 90.896729] Bluetooth: hci4: command tx timeout [ 90.897167] Bluetooth: hci5: command tx timeout [ 90.897582] Bluetooth: hci3: command tx timeout [ 90.897971] Bluetooth: hci6: command tx timeout [ 90.960538] Bluetooth: hci7: command tx timeout [ 119.557849] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.558607] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.713710] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.714768] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.907973] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.908618] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.170441] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.171544] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.220127] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.221239] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.443827] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.444497] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.540046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.540666] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.657369] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.658036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.713482] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.714095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.749683] Bluetooth: hci6: hcon 00000000c71b4219 sent 1 < count 2048 [ 120.753444] Bluetooth: hci6: hcon 00000000c71b4219 sent 0 < count 2048 [ 120.920925] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.921678] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.921812] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.923438] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.960010] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.960628] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.123032] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.124059] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.310960] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.311542] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.475101] audit: type=1400 audit(1756470752.965:8): avc: denied { open } for pid=3890 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 121.478448] audit: type=1400 audit(1756470752.965:9): avc: denied { kernel } for pid=3890 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 121.519236] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.520551] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.580024] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.580807] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:32:33 executing program 0: socket$inet6(0xa, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0) read(r0, &(0x7f00000000c0)=""/125, 0x7d) 12:32:33 executing program 4: syz_mount_image$tmpfs(&(0x7f0000000380), &(0x7f0000000540)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001980)=ANY=[]) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000140)) 12:32:33 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) lremovexattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=@random={'os2.', 'nl80211\x00'}) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getgroups(0x1, &(0x7f0000000080)=[0xffffffffffffffff]) getgroups(0x2, &(0x7f0000000240)=[r0, r0]) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280), &(0x7f00000002c0)=0xc) getresgid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440)) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r2 = dup(r1) sendmsg$TIPC_CMD_GET_NODES(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x2}, 0xb, &(0x7f0000000240)={0x0}}, 0x0) getsockname$unix(r2, &(0x7f00000004c0), &(0x7f0000000300)=0x6e) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000001240)={0x1c, r5, 0x5, 0x0, 0x25dfdbfd, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_SET_QOS_MAP(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r5, 0x200, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_QOS_MAP={0x12, 0xc7, {[{0x9, 0x1}, {0x5c, 0x1}, {0x0, 0x4}], "df5f66ca4f0ec51d"}}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x850) r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000001340), 0x3, 0x0) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r6, 0x80083313, &(0x7f0000000000)) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r6, 0xf502, 0x0) 12:32:33 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x2, 0x1, 0x5, 0x0, 0x0, {}, [@CTA_MARK={0x8}]}, 0x1c}}, 0x0) 12:32:33 executing program 1: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f00000000c0), 0x141882, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 12:32:33 executing program 7: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000180)=""/44) 12:32:33 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ipv6_route\x00') pread64(r0, &(0x7f00000000c0)=""/194, 0xc2, 0x40000000000000) 12:32:33 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'syz_tun\x00'}) [ 121.795373] 9pnet_fd: p9_fd_create_unix (3911): problem connecting socket: ./file0: -30 [ 121.797398] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2 [ 121.802623] random: crng reseeded on system resumption 12:32:33 executing program 5: mbind(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x1, 0x0) 12:32:33 executing program 7: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000180)=""/44) 12:32:33 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'syz_tun\x00'}) [ 121.875837] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI [ 121.876965] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 121.877702] CPU: 1 UID: 0 PID: 3915 Comm: syz-executor.2 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 121.880809] Tainted: [W]=WARN 12:32:33 executing program 4: r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ftruncate(r0, 0x8007) finit_module(r0, 0x0, 0x5) [ 121.881635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.884922] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.886906] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.888576] RSP: 0018:ffff8880476ef800 EFLAGS: 00010212 [ 121.889118] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90002a06000 12:32:33 executing program 1: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f00000000c0), 0x141882, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) [ 121.889672] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 121.890458] RBP: ffff8880476efa70 R08: ffff88806cf31340 R09: ffffe8ffffd114c0 [ 121.891027] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 121.891561] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 121.892117] FS: 00007f607b4b5700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 121.892868] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.893358] CR2: 00007fcf11eb36f4 CR3: 000000001c385000 CR4: 0000000000350ef0 [ 121.893893] Call Trace: [ 121.894102] [ 121.894291] ? __pfx_perf_tp_event+0x10/0x10 [ 121.894651] ? lock_is_held_type+0x9e/0x120 [ 121.895102] ? lock_is_held_type+0x9e/0x120 [ 121.895562] ? perf_trace_lock+0xb5/0x5d0 [ 121.895976] ? perf_trace_lock+0xb5/0x5d0 [ 121.896321] ? __pfx_perf_trace_lock+0x10/0x10 [ 121.896700] ? __pfx_perf_trace_lock+0x10/0x10 [ 121.897086] ? find_held_lock+0x2b/0x80 [ 121.897417] ? find_held_lock+0x2b/0x80 [ 121.897750] ? __perf_install_in_context+0x503/0xb90 [ 121.898266] ? lock_release+0xc8/0x290 [ 121.898682] ? do_raw_spin_unlock+0x53/0x220 [ 121.899136] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.899541] perf_trace_run_bpf_submit+0xef/0x180 [ 121.899938] perf_trace_lock+0x337/0x5d0 [ 121.900273] ? __pfx_perf_trace_lock+0x10/0x10 [ 121.900646] ? lock_acquire+0x15e/0x2f0 [ 121.900976] ? futex_ref_get+0x48/0x300 [ 121.901361] ? futex_ref_get+0x114/0x300 [ 121.901776] ? futex_hash+0x15c/0x390 [ 121.902178] lock_release+0x1ab/0x290 [ 121.902536] ? futex_hash+0x15c/0x390 [ 121.902846] futex_ref_get+0x119/0x300 [ 121.903166] ? futex_hash+0x15c/0x390 [ 121.903473] futex_hash+0x70/0x390 [ 121.903764] futex_wake+0x143/0x540 [ 121.904111] ? __pfx_perf_trace_lock+0x10/0x10 [ 121.904588] ? __pfx_futex_wake+0x10/0x10 [ 121.905027] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 121.905456] ? lock_release+0xc8/0x290 [ 121.905768] do_futex+0x26d/0x370 [ 121.906065] ? __pfx_do_futex+0x10/0x10 [ 121.906459] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 121.906996] ? __fget_files+0x20d/0x3b0 [ 121.907372] __x64_sys_futex+0x1c9/0x4d0 [ 121.907718] ? __pfx___x64_sys_futex+0x10/0x10 [ 121.908103] ? xfd_validate_state+0x55/0x180 [ 121.908464] ? __pfx___x64_sys_pread64+0x10/0x10 [ 121.908941] do_syscall_64+0xbf/0x360 [ 121.909337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.909839] RIP: 0033:0x7f607df3fb19 [ 121.910146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.911580] RSP: 002b:00007f607b4b5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 121.912193] RAX: ffffffffffffffda RBX: 00007f607e052f68 RCX: 00007f607df3fb19 [ 121.912910] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f607e052f6c [ 121.913625] RBP: 00007f607e052f60 R08: 000000000000000e R09: 0000000000000000 [ 121.914213] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f607e052f6c [ 121.914786] R13: 00007ffe8999620f R14: 00007f607b4b5300 R15: 0000000000022000 [ 121.915355] [ 121.915545] Modules linked in: [ 121.915829] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 121.916858] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 121.917653] CPU: 1 UID: 0 PID: 3915 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 121.918611] Tainted: [D]=DIE, [W]=WARN [ 121.918925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.919591] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.919971] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.921422] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012 [ 121.921847] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 121.922424] RDX: ffff88800a2f9b80 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 121.922994] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd114c0 [ 121.923575] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000 [ 121.924162] R13: 000000000000002c R14: ffff88806cf31490 R15: dffffc0000000000 [ 121.924736] FS: 00007f607b4b5700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 121.925397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.925855] CR2: 00007fcf11eb36f4 CR3: 000000001c385000 CR4: 0000000000350ef0 [ 121.926445] Call Trace: [ 121.926657] [ 121.926845] ? __pfx_perf_tp_event+0x10/0x10 [ 121.927214] ? stack_depot_save_flags+0x2c/0xa20 [ 121.927594] ? kasan_save_stack+0x34/0x50 [ 121.927927] ? kasan_save_stack+0x24/0x50 [ 121.928268] ? kasan_save_track+0x14/0x30 [ 121.928603] ? __kasan_save_free_info+0x3a/0x60 [ 121.928990] ? __kasan_slab_free+0x3f/0x50 [ 121.929334] ? kmem_cache_free+0x2a1/0x540 [ 121.929672] ? rcu_core+0x7c8/0x1800 [ 121.929977] ? handle_softirqs+0x1b1/0x770 [ 121.930325] ? __irq_exit_rcu+0xc4/0x100 [ 121.930661] ? irq_exit_rcu+0x9/0x20 [ 121.930967] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 121.931375] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 121.931815] ? __sanitizer_cov_trace_pc+0x8/0x80 [ 121.932199] ? copy_page_range+0x150b/0x5140 [ 121.932566] ? dup_mmap+0xd2f/0x1d10 [ 121.932871] ? copy_process+0x3ad5/0x73c0 [ 121.933213] ? kernel_clone+0xea/0x7f0 [ 121.933537] ? __do_sys_clone+0xce/0x120 [ 121.933867] ? do_syscall_64+0xbf/0x360 [ 121.934183] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.934615] ? lock_acquire+0x15e/0x2f0 [ 121.934943] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.935342] perf_trace_run_bpf_submit+0xef/0x180 [ 121.935722] perf_trace_lock+0x337/0x5d0 [ 121.936057] ? __pfx_perf_trace_lock+0x10/0x10 [ 121.936439] ? hrtimer_interrupt+0x114/0x830 [ 121.936796] lock_release+0x1ab/0x290 [ 121.937116] ktime_get_update_offsets_now+0xab/0x3c0 [ 121.937535] ? hrtimer_interrupt+0x114/0x830 [ 121.937887] hrtimer_interrupt+0x114/0x830 [ 121.938233] ? __pfx_flush_tlb_func+0x10/0x10 [ 121.938594] ? trace_csd_function_exit+0x134/0x190 [ 121.938982] ? __flush_smp_call_function_queue+0x28c/0x740 [ 121.939426] __sysvec_apic_timer_interrupt+0xbb/0x330 [ 121.939847] sysvec_apic_timer_interrupt+0x6b/0x80 [ 121.940253] [ 121.940438] [ 121.940624] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 121.941039] RIP: 0010:oops_exit+0x0/0x50 [ 121.941379] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27 [ 121.942810] RSP: 0018:ffff8880476ef690 EFLAGS: 00000202 [ 121.943250] RAX: 000000000002ca5d RBX: 0000000000000212 RCX: ffffc90002a06000 [ 121.943821] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 121.944391] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90 [ 121.944969] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880476ef758 [ 121.945541] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000 [ 121.946116] ? oops_end+0x4a/0xe0 [ 121.946418] oops_end+0x65/0xe0 [ 121.946702] exc_general_protection+0x1a2/0x330 [ 121.947090] asm_exc_general_protection+0x26/0x30 [ 121.947488] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.947864] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.949308] RSP: 0018:ffff8880476ef800 EFLAGS: 00010212 [ 121.949731] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90002a06000 [ 121.950291] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 121.950860] RBP: ffff8880476efa70 R08: ffff88806cf31340 R09: ffffe8ffffd114c0 [ 121.951433] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 121.952014] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 121.952571] ? perf_tp_event+0x167/0xe70 [ 121.952929] ? __pfx_perf_tp_event+0x10/0x10 [ 121.953289] ? lock_is_held_type+0x9e/0x120 [ 121.953642] ? lock_is_held_type+0x9e/0x120 [ 121.953988] ? perf_trace_lock+0xb5/0x5d0 [ 121.954324] ? perf_trace_lock+0xb5/0x5d0 [ 121.954658] ? __pfx_perf_trace_lock+0x10/0x10 [ 121.955029] ? __pfx_perf_trace_lock+0x10/0x10 [ 121.955410] ? find_held_lock+0x2b/0x80 [ 121.955739] ? find_held_lock+0x2b/0x80 [ 121.956062] ? __perf_install_in_context+0x503/0xb90 [ 121.956468] ? lock_release+0xc8/0x290 [ 121.956784] ? do_raw_spin_unlock+0x53/0x220 [ 121.957161] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.957572] perf_trace_run_bpf_submit+0xef/0x180 [ 121.957963] perf_trace_lock+0x337/0x5d0 [ 121.958293] ? __pfx_perf_trace_lock+0x10/0x10 [ 121.958667] ? lock_acquire+0x15e/0x2f0 [ 121.958989] ? futex_ref_get+0x48/0x300 [ 121.959309] ? futex_ref_get+0x114/0x300 [ 121.959632] ? futex_hash+0x15c/0x390 [ 121.959939] lock_release+0x1ab/0x290 [ 121.960253] ? futex_hash+0x15c/0x390 [ 121.960556] futex_ref_get+0x119/0x300 [ 121.960869] ? futex_hash+0x15c/0x390 [ 121.961174] futex_hash+0x70/0x390 [ 121.961458] futex_wake+0x143/0x540 [ 121.961754] ? __pfx_perf_trace_lock+0x10/0x10 [ 121.962127] ? __pfx_futex_wake+0x10/0x10 [ 121.962461] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 121.962864] ? lock_release+0xc8/0x290 [ 121.963180] do_futex+0x26d/0x370 [ 121.963466] ? __pfx_do_futex+0x10/0x10 [ 121.963788] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 121.964208] ? __fget_files+0x20d/0x3b0 [ 121.964524] __x64_sys_futex+0x1c9/0x4d0 [ 121.964851] ? __pfx___x64_sys_futex+0x10/0x10 [ 121.965231] ? xfd_validate_state+0x55/0x180 [ 121.965578] ? __pfx___x64_sys_pread64+0x10/0x10 [ 121.965956] do_syscall_64+0xbf/0x360 [ 121.966268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.966673] RIP: 0033:0x7f607df3fb19 [ 121.966973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.968414] RSP: 002b:00007f607b4b5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 121.969006] RAX: ffffffffffffffda RBX: 00007f607e052f68 RCX: 00007f607df3fb19 [ 121.969572] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f607e052f6c [ 121.970138] RBP: 00007f607e052f60 R08: 000000000000000e R09: 0000000000000000 [ 121.970711] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f607e052f6c [ 121.971289] R13: 00007ffe8999620f R14: 00007f607b4b5300 R15: 0000000000022000 [ 121.971863] [ 121.972059] Modules linked in: [ 121.972321] ---[ end trace 0000000000000000 ]--- [ 121.972705] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.973094] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.974538] RSP: 0018:ffff8880476ef800 EFLAGS: 00010212 [ 121.974963] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90002a06000 [ 121.975541] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 121.976126] RBP: ffff8880476efa70 R08: ffff88806cf31340 R09: ffffe8ffffd114c0 [ 121.976704] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 121.977299] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 121.977879] FS: 00007f607b4b5700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 121.978528] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.979000] CR2: 00007fcf11eb36f4 CR3: 000000001c385000 CR4: 0000000000350ef0 [ 121.979575] Kernel panic - not syncing: Fatal exception in interrupt [ 121.980309] Kernel Offset: disabled [ 121.980606] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 12:32:33 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88800c1be500 RCX=000000000000000d RDX=0000000000000000 RSI=ffffffff85c1c760 RDI=0000000000000000 RBP=0000000000000013 RSP=ffff8880162af5e8 R8 =ffffffff84c93ca0 R9 =fffffbfff10e9961 R10=0000000000000000 R11=0000000000000160 R12=ffff88800c1be500 R13=0000000000000013 R14=ffff888017fa1020 R15=ffff888017fa1250 RIP=ffffffff815beaa4 RFL=00000296 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000000c000030410 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe7c00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055556f979c58 CR3=000000001e59f000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000009000000070000000400000003 XMM02=00000004000000000000000000000000 XMM03=0000001c0000001c0000001c00000016 XMM04=65672063657865080073747261747365 XMM05=74616469646e616320636578650e006e XMM06=657a696d696e696d20636578650d0965 XMM07=7865090c6c61746f7420636578650a00 XMM08=650800737472617473657220726f7475 XMM09=616320636578650e006e656720636578 XMM10=696d20636578650d096574616469646e XMM11=746f7420636578650a00657a696d696e XMM12=650b007a7a75662063657865090c6c61 XMM13=636578650a0365676169727420636578 XMM14=6e696820636578650a006873616d7320 XMM15=0000736465657320636578650a007374 info registers vcpu 1 RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880476ef158 R8 =0000000000000000 R9 =ffffed100134a046 R10=0000000000000065 R11=30376578302f4952 R12=0000000000000065 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f607b4b5700 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe4400000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fcf11eb36f4 CR3=000000001c385000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000000000000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000