Warning: Permanently added '[localhost]:33642' (ECDSA) to the list of known hosts. 2025/08/29 12:43:56 fuzzer started 2025/08/29 12:43:57 dialing manager at localhost:43077 syzkaller login: [ 50.760897] cgroup: Unknown subsys name 'net' [ 50.792447] cgroup: Unknown subsys name 'cpuset' [ 50.801064] cgroup: Unknown subsys name 'rlimit' 2025/08/29 12:44:07 syscalls: 2214 2025/08/29 12:44:07 code coverage: enabled 2025/08/29 12:44:07 comparison tracing: enabled 2025/08/29 12:44:07 extra coverage: enabled 2025/08/29 12:44:07 setuid sandbox: enabled 2025/08/29 12:44:07 namespace sandbox: enabled 2025/08/29 12:44:07 Android sandbox: enabled 2025/08/29 12:44:07 fault injection: enabled 2025/08/29 12:44:07 leak checking: enabled 2025/08/29 12:44:07 net packet injection: enabled 2025/08/29 12:44:07 net device setup: enabled 2025/08/29 12:44:07 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 12:44:07 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 12:44:07 USB emulation: enabled 2025/08/29 12:44:07 hci packet injection: enabled 2025/08/29 12:44:07 wifi device emulation: enabled 2025/08/29 12:44:07 802.15.4 emulation: enabled 2025/08/29 12:44:07 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 12:44:07 fetching corpus: 50, signal 20626/24226 (executing program) 2025/08/29 12:44:07 fetching corpus: 100, signal 37222/42107 (executing program) 2025/08/29 12:44:07 fetching corpus: 150, signal 42769/49084 (executing program) 2025/08/29 12:44:08 fetching corpus: 200, signal 47880/55498 (executing program) 2025/08/29 12:44:08 fetching corpus: 250, signal 52954/61734 (executing program) 2025/08/29 12:44:08 fetching corpus: 300, signal 57273/67234 (executing program) 2025/08/29 12:44:08 fetching corpus: 350, signal 61001/72069 (executing program) 2025/08/29 12:44:08 fetching corpus: 400, signal 64213/76372 (executing program) 2025/08/29 12:44:08 fetching corpus: 450, signal 69583/82536 (executing program) 2025/08/29 12:44:08 fetching corpus: 500, signal 72449/86384 (executing program) 2025/08/29 12:44:08 fetching corpus: 550, signal 74857/89788 (executing program) 2025/08/29 12:44:08 fetching corpus: 600, signal 77198/93145 (executing program) 2025/08/29 12:44:08 fetching corpus: 650, signal 78682/95633 (executing program) 2025/08/29 12:44:08 fetching corpus: 700, signal 80950/98789 (executing program) 2025/08/29 12:44:08 fetching corpus: 750, signal 83581/102161 (executing program) 2025/08/29 12:44:09 fetching corpus: 800, signal 85594/104998 (executing program) 2025/08/29 12:44:09 fetching corpus: 850, signal 86817/107094 (executing program) 2025/08/29 12:44:09 fetching corpus: 900, signal 88942/109984 (executing program) 2025/08/29 12:44:09 fetching corpus: 950, signal 91088/112725 (executing program) 2025/08/29 12:44:09 fetching corpus: 1000, signal 92203/114667 (executing program) 2025/08/29 12:44:09 fetching corpus: 1050, signal 94602/117635 (executing program) 2025/08/29 12:44:09 fetching corpus: 1100, signal 97249/120689 (executing program) 2025/08/29 12:44:09 fetching corpus: 1150, signal 100252/123929 (executing program) 2025/08/29 12:44:09 fetching corpus: 1200, signal 101775/126009 (executing program) 2025/08/29 12:44:09 fetching corpus: 1250, signal 102826/127747 (executing program) 2025/08/29 12:44:09 fetching corpus: 1300, signal 104178/129696 (executing program) 2025/08/29 12:44:09 fetching corpus: 1350, signal 105375/131532 (executing program) 2025/08/29 12:44:10 fetching corpus: 1400, signal 106479/133207 (executing program) 2025/08/29 12:44:10 fetching corpus: 1450, signal 107712/134966 (executing program) 2025/08/29 12:44:10 fetching corpus: 1500, signal 109563/137158 (executing program) 2025/08/29 12:44:10 fetching corpus: 1550, signal 111396/139249 (executing program) 2025/08/29 12:44:10 fetching corpus: 1600, signal 112437/140809 (executing program) 2025/08/29 12:44:10 fetching corpus: 1650, signal 113528/142395 (executing program) 2025/08/29 12:44:10 fetching corpus: 1700, signal 114454/143854 (executing program) 2025/08/29 12:44:10 fetching corpus: 1750, signal 115434/145331 (executing program) 2025/08/29 12:44:10 fetching corpus: 1800, signal 116895/147145 (executing program) 2025/08/29 12:44:10 fetching corpus: 1850, signal 117995/148614 (executing program) 2025/08/29 12:44:11 fetching corpus: 1900, signal 119265/150241 (executing program) 2025/08/29 12:44:11 fetching corpus: 1950, signal 120217/151629 (executing program) 2025/08/29 12:44:11 fetching corpus: 2000, signal 121154/152930 (executing program) 2025/08/29 12:44:11 fetching corpus: 2050, signal 122062/154229 (executing program) 2025/08/29 12:44:11 fetching corpus: 2100, signal 123255/155734 (executing program) 2025/08/29 12:44:11 fetching corpus: 2150, signal 124357/157073 (executing program) 2025/08/29 12:44:11 fetching corpus: 2200, signal 125192/158254 (executing program) 2025/08/29 12:44:11 fetching corpus: 2250, signal 125968/159406 (executing program) 2025/08/29 12:44:11 fetching corpus: 2300, signal 126742/160590 (executing program) 2025/08/29 12:44:11 fetching corpus: 2350, signal 127860/161944 (executing program) 2025/08/29 12:44:12 fetching corpus: 2400, signal 128849/163188 (executing program) 2025/08/29 12:44:12 fetching corpus: 2450, signal 129992/164394 (executing program) 2025/08/29 12:44:12 fetching corpus: 2500, signal 131053/165547 (executing program) 2025/08/29 12:44:12 fetching corpus: 2550, signal 132262/166862 (executing program) 2025/08/29 12:44:12 fetching corpus: 2600, signal 133865/168315 (executing program) 2025/08/29 12:44:12 fetching corpus: 2650, signal 135164/169537 (executing program) 2025/08/29 12:44:12 fetching corpus: 2700, signal 136177/170688 (executing program) 2025/08/29 12:44:12 fetching corpus: 2750, signal 136679/171536 (executing program) 2025/08/29 12:44:12 fetching corpus: 2800, signal 137075/172329 (executing program) 2025/08/29 12:44:12 fetching corpus: 2850, signal 137768/173277 (executing program) 2025/08/29 12:44:12 fetching corpus: 2900, signal 138453/174158 (executing program) 2025/08/29 12:44:12 fetching corpus: 2950, signal 139007/175028 (executing program) 2025/08/29 12:44:13 fetching corpus: 3000, signal 139796/175908 (executing program) 2025/08/29 12:44:13 fetching corpus: 3050, signal 140620/176751 (executing program) 2025/08/29 12:44:13 fetching corpus: 3100, signal 141511/177621 (executing program) 2025/08/29 12:44:13 fetching corpus: 3150, signal 144254/179156 (executing program) 2025/08/29 12:44:13 fetching corpus: 3200, signal 144955/179980 (executing program) 2025/08/29 12:44:13 fetching corpus: 3250, signal 145357/180642 (executing program) 2025/08/29 12:44:13 fetching corpus: 3300, signal 145874/181328 (executing program) 2025/08/29 12:44:13 fetching corpus: 3350, signal 146482/182050 (executing program) 2025/08/29 12:44:13 fetching corpus: 3400, signal 147405/182969 (executing program) 2025/08/29 12:44:13 fetching corpus: 3450, signal 148128/183724 (executing program) 2025/08/29 12:44:13 fetching corpus: 3500, signal 148609/184378 (executing program) 2025/08/29 12:44:14 fetching corpus: 3550, signal 149104/185017 (executing program) 2025/08/29 12:44:14 fetching corpus: 3600, signal 149767/185698 (executing program) 2025/08/29 12:44:14 fetching corpus: 3650, signal 150205/186325 (executing program) 2025/08/29 12:44:14 fetching corpus: 3700, signal 150853/186964 (executing program) 2025/08/29 12:44:14 fetching corpus: 3750, signal 151723/187649 (executing program) 2025/08/29 12:44:14 fetching corpus: 3800, signal 152152/188240 (executing program) 2025/08/29 12:44:14 fetching corpus: 3850, signal 152714/188824 (executing program) 2025/08/29 12:44:14 fetching corpus: 3900, signal 153492/189418 (executing program) 2025/08/29 12:44:14 fetching corpus: 3950, signal 154149/190012 (executing program) 2025/08/29 12:44:14 fetching corpus: 4000, signal 154623/190559 (executing program) 2025/08/29 12:44:14 fetching corpus: 4050, signal 155217/191091 (executing program) 2025/08/29 12:44:15 fetching corpus: 4100, signal 155738/191594 (executing program) 2025/08/29 12:44:15 fetching corpus: 4149, signal 156551/192120 (executing program) 2025/08/29 12:44:15 fetching corpus: 4199, signal 157024/192595 (executing program) 2025/08/29 12:44:15 fetching corpus: 4249, signal 157762/193119 (executing program) 2025/08/29 12:44:15 fetching corpus: 4299, signal 158197/193588 (executing program) 2025/08/29 12:44:15 fetching corpus: 4349, signal 158678/194064 (executing program) 2025/08/29 12:44:15 fetching corpus: 4399, signal 159075/194586 (executing program) 2025/08/29 12:44:15 fetching corpus: 4449, signal 159660/195049 (executing program) 2025/08/29 12:44:15 fetching corpus: 4499, signal 160108/195473 (executing program) 2025/08/29 12:44:15 fetching corpus: 4549, signal 160527/195886 (executing program) 2025/08/29 12:44:15 fetching corpus: 4599, signal 160953/196289 (executing program) 2025/08/29 12:44:15 fetching corpus: 4649, signal 161426/196765 (executing program) 2025/08/29 12:44:16 fetching corpus: 4699, signal 161825/197140 (executing program) 2025/08/29 12:44:16 fetching corpus: 4749, signal 162288/197533 (executing program) 2025/08/29 12:44:16 fetching corpus: 4799, signal 163076/197642 (executing program) 2025/08/29 12:44:16 fetching corpus: 4849, signal 163393/197663 (executing program) 2025/08/29 12:44:16 fetching corpus: 4899, signal 163766/197663 (executing program) 2025/08/29 12:44:16 fetching corpus: 4949, signal 164246/197694 (executing program) 2025/08/29 12:44:16 fetching corpus: 4999, signal 164658/197696 (executing program) 2025/08/29 12:44:16 fetching corpus: 5049, signal 164951/197714 (executing program) 2025/08/29 12:44:16 fetching corpus: 5098, signal 165610/197728 (executing program) 2025/08/29 12:44:16 fetching corpus: 5148, signal 165968/197742 (executing program) 2025/08/29 12:44:17 fetching corpus: 5198, signal 166329/197743 (executing program) 2025/08/29 12:44:17 fetching corpus: 5248, signal 166793/197751 (executing program) 2025/08/29 12:44:17 fetching corpus: 5298, signal 167133/197760 (executing program) 2025/08/29 12:44:17 fetching corpus: 5348, signal 167481/197766 (executing program) 2025/08/29 12:44:17 fetching corpus: 5398, signal 167817/197773 (executing program) 2025/08/29 12:44:17 fetching corpus: 5448, signal 168164/197778 (executing program) 2025/08/29 12:44:17 fetching corpus: 5498, signal 168739/197786 (executing program) 2025/08/29 12:44:17 fetching corpus: 5548, signal 169371/197831 (executing program) 2025/08/29 12:44:17 fetching corpus: 5598, signal 169740/197834 (executing program) 2025/08/29 12:44:17 fetching corpus: 5648, signal 170035/197840 (executing program) 2025/08/29 12:44:17 fetching corpus: 5698, signal 170489/197870 (executing program) 2025/08/29 12:44:18 fetching corpus: 5748, signal 170932/197924 (executing program) 2025/08/29 12:44:18 fetching corpus: 5798, signal 171246/197927 (executing program) 2025/08/29 12:44:18 fetching corpus: 5848, signal 171696/197954 (executing program) 2025/08/29 12:44:18 fetching corpus: 5898, signal 172003/197962 (executing program) 2025/08/29 12:44:18 fetching corpus: 5948, signal 172284/197965 (executing program) 2025/08/29 12:44:18 fetching corpus: 5998, signal 172593/197974 (executing program) 2025/08/29 12:44:18 fetching corpus: 6048, signal 173003/197987 (executing program) 2025/08/29 12:44:18 fetching corpus: 6097, signal 173284/197991 (executing program) 2025/08/29 12:44:18 fetching corpus: 6146, signal 173671/197994 (executing program) 2025/08/29 12:44:18 fetching corpus: 6196, signal 174007/198009 (executing program) 2025/08/29 12:44:18 fetching corpus: 6245, signal 174340/198104 (executing program) 2025/08/29 12:44:18 fetching corpus: 6295, signal 174712/198123 (executing program) 2025/08/29 12:44:19 fetching corpus: 6344, signal 174984/198150 (executing program) 2025/08/29 12:44:19 fetching corpus: 6394, signal 175196/198162 (executing program) 2025/08/29 12:44:19 fetching corpus: 6444, signal 175516/198172 (executing program) 2025/08/29 12:44:19 fetching corpus: 6494, signal 175808/198183 (executing program) 2025/08/29 12:44:19 fetching corpus: 6542, signal 176033/198214 (executing program) 2025/08/29 12:44:19 fetching corpus: 6592, signal 176529/198265 (executing program) 2025/08/29 12:44:19 fetching corpus: 6642, signal 177027/198403 (executing program) 2025/08/29 12:44:19 fetching corpus: 6692, signal 177398/198414 (executing program) 2025/08/29 12:44:19 fetching corpus: 6742, signal 177647/198416 (executing program) 2025/08/29 12:44:19 fetching corpus: 6791, signal 177966/198416 (executing program) 2025/08/29 12:44:20 fetching corpus: 6841, signal 178265/198439 (executing program) 2025/08/29 12:44:20 fetching corpus: 6891, signal 178566/198447 (executing program) 2025/08/29 12:44:20 fetching corpus: 6941, signal 178832/198463 (executing program) 2025/08/29 12:44:20 fetching corpus: 6991, signal 179147/198467 (executing program) 2025/08/29 12:44:20 fetching corpus: 7041, signal 179415/198479 (executing program) 2025/08/29 12:44:20 fetching corpus: 7090, signal 179612/198484 (executing program) 2025/08/29 12:44:20 fetching corpus: 7140, signal 180236/198505 (executing program) 2025/08/29 12:44:20 fetching corpus: 7189, signal 180514/198514 (executing program) 2025/08/29 12:44:20 fetching corpus: 7238, signal 180795/198545 (executing program) 2025/08/29 12:44:20 fetching corpus: 7287, signal 181076/198568 (executing program) 2025/08/29 12:44:20 fetching corpus: 7337, signal 181330/198579 (executing program) 2025/08/29 12:44:20 fetching corpus: 7387, signal 181580/198588 (executing program) 2025/08/29 12:44:21 fetching corpus: 7437, signal 181835/198595 (executing program) 2025/08/29 12:44:21 fetching corpus: 7487, signal 182133/198636 (executing program) 2025/08/29 12:44:21 fetching corpus: 7537, signal 182505/198646 (executing program) 2025/08/29 12:44:21 fetching corpus: 7587, signal 182898/198648 (executing program) 2025/08/29 12:44:21 fetching corpus: 7637, signal 183303/198652 (executing program) 2025/08/29 12:44:21 fetching corpus: 7686, signal 183635/198657 (executing program) 2025/08/29 12:44:21 fetching corpus: 7736, signal 184012/198659 (executing program) 2025/08/29 12:44:21 fetching corpus: 7786, signal 184271/198665 (executing program) 2025/08/29 12:44:21 fetching corpus: 7836, signal 184609/198677 (executing program) 2025/08/29 12:44:21 fetching corpus: 7886, signal 185079/198694 (executing program) 2025/08/29 12:44:21 fetching corpus: 7936, signal 185358/198716 (executing program) 2025/08/29 12:44:21 fetching corpus: 7986, signal 185569/198719 (executing program) 2025/08/29 12:44:22 fetching corpus: 8036, signal 185817/198725 (executing program) 2025/08/29 12:44:22 fetching corpus: 8085, signal 186050/198750 (executing program) 2025/08/29 12:44:22 fetching corpus: 8135, signal 186309/198770 (executing program) 2025/08/29 12:44:22 fetching corpus: 8185, signal 186978/198773 (executing program) 2025/08/29 12:44:22 fetching corpus: 8235, signal 187260/198813 (executing program) 2025/08/29 12:44:22 fetching corpus: 8285, signal 187484/198817 (executing program) 2025/08/29 12:44:22 fetching corpus: 8334, signal 187727/198819 (executing program) 2025/08/29 12:44:22 fetching corpus: 8384, signal 188040/198821 (executing program) 2025/08/29 12:44:22 fetching corpus: 8434, signal 188267/198822 (executing program) 2025/08/29 12:44:22 fetching corpus: 8484, signal 188637/198822 (executing program) 2025/08/29 12:44:22 fetching corpus: 8534, signal 188921/198825 (executing program) 2025/08/29 12:44:22 fetching corpus: 8584, signal 189133/198828 (executing program) 2025/08/29 12:44:23 fetching corpus: 8633, signal 189409/198872 (executing program) 2025/08/29 12:44:23 fetching corpus: 8683, signal 189591/198872 (executing program) 2025/08/29 12:44:23 fetching corpus: 8733, signal 189900/198894 (executing program) 2025/08/29 12:44:23 fetching corpus: 8783, signal 190149/198898 (executing program) 2025/08/29 12:44:23 fetching corpus: 8833, signal 190485/198902 (executing program) 2025/08/29 12:44:23 fetching corpus: 8883, signal 190745/198904 (executing program) 2025/08/29 12:44:23 fetching corpus: 8933, signal 191091/198926 (executing program) 2025/08/29 12:44:23 fetching corpus: 8983, signal 191438/198926 (executing program) 2025/08/29 12:44:23 fetching corpus: 9033, signal 191653/198934 (executing program) 2025/08/29 12:44:23 fetching corpus: 9082, signal 191852/198944 (executing program) 2025/08/29 12:44:23 fetching corpus: 9132, signal 192190/198946 (executing program) 2025/08/29 12:44:24 fetching corpus: 9182, signal 192379/198947 (executing program) 2025/08/29 12:44:24 fetching corpus: 9232, signal 192655/198955 (executing program) 2025/08/29 12:44:24 fetching corpus: 9282, signal 192906/198981 (executing program) 2025/08/29 12:44:24 fetching corpus: 9332, signal 193155/198985 (executing program) 2025/08/29 12:44:24 fetching corpus: 9382, signal 193291/198990 (executing program) 2025/08/29 12:44:24 fetching corpus: 9431, signal 193494/199003 (executing program) 2025/08/29 12:44:24 fetching corpus: 9481, signal 193704/199007 (executing program) 2025/08/29 12:44:24 fetching corpus: 9531, signal 193937/199020 (executing program) 2025/08/29 12:44:24 fetching corpus: 9581, signal 194135/199028 (executing program) 2025/08/29 12:44:24 fetching corpus: 9631, signal 194334/199035 (executing program) 2025/08/29 12:44:24 fetching corpus: 9681, signal 194572/199042 (executing program) 2025/08/29 12:44:24 fetching corpus: 9731, signal 194795/199045 (executing program) 2025/08/29 12:44:25 fetching corpus: 9781, signal 195053/199051 (executing program) 2025/08/29 12:44:25 fetching corpus: 9805, signal 195117/199052 (executing program) 2025/08/29 12:44:25 fetching corpus: 9805, signal 195117/199052 (executing program) 2025/08/29 12:44:26 starting 8 fuzzer processes 12:44:26 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x24}}, 0x0) 12:44:26 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) umount2(0x0, 0x0) 12:44:26 executing program 1: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$FS_IOC_SETFSLABEL(r0, 0x4004662b, &(0x7f0000000200)="db4a991ba205010cbf9f556f65e9c529c6affd76c7a76f638cea9ef49be20be1f0cc2c3d707c79b64c0fd413f623008d8f4f95ddd52e3d3f12cd2ceb143f160e0be60f88c838eaa7103573ec0a3aebdbecd0594480adce693b2b4b58a291f6991d6d70dea1e825515f1df31be653690081ff19fcbc9ff4bfb4cffd1a87bb6d042cc0d4484c6b028308c4f653b11a79cfe2b7c823044051a753effa6798c346714014ca6a6fde7e0a070b0f59805487db3afb7dadb55ab763c1825638415dbef3613d155399bcf3671d22832d96f65ade339ba39a379cd24eeedb24cfd7b16e3397cb3415aeb2c89964b9c36f2d2fbc97b2af2ab27912479ee5fb7d78dab9728d") 12:44:26 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000080)=@abs={0x1}, 0x2) bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) 12:44:26 executing program 3: syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7409b8", 0x14, 0x11, 0x0, @private2, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 12:44:26 executing program 4: perf_event_open(&(0x7f0000000340)={0x2, 0xeb, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000440)) 12:44:26 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f00000000c0)) [ 80.479049] audit: type=1400 audit(1756471466.946:7): avc: denied { execmem } for pid=272 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 12:44:26 executing program 6: prctl$PR_GET_IO_FLUSHER(0x3a) [ 81.733447] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 81.735559] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 81.737739] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 81.739826] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 81.744276] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 81.744465] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 81.746865] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 81.749710] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 81.751709] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 81.753654] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 81.755185] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 81.756767] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 81.761848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 81.763789] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 81.766859] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 81.776182] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 81.787071] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 81.791679] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 81.794751] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 81.797065] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 81.798353] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 81.801292] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 81.804639] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 81.808805] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 81.812171] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 81.812811] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 81.817540] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 81.820612] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 81.822292] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 81.823776] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 81.829957] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 81.832461] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 81.834683] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 81.842701] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 81.846604] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 81.847924] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 81.853639] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 81.862866] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 81.880057] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 81.904156] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 83.812681] Bluetooth: hci3: command tx timeout [ 83.877121] Bluetooth: hci0: command tx timeout [ 83.941430] Bluetooth: hci7: command tx timeout [ 83.941482] Bluetooth: hci4: command tx timeout [ 83.941996] Bluetooth: hci5: command tx timeout [ 83.943458] Bluetooth: hci6: command tx timeout [ 83.943591] Bluetooth: hci1: command tx timeout [ 83.944056] Bluetooth: hci2: command tx timeout [ 85.860264] Bluetooth: hci3: command tx timeout [ 85.924277] Bluetooth: hci0: command tx timeout [ 85.988305] Bluetooth: hci2: command tx timeout [ 85.988740] Bluetooth: hci4: command tx timeout [ 85.988882] Bluetooth: hci1: command tx timeout [ 85.989124] Bluetooth: hci5: command tx timeout [ 85.989955] Bluetooth: hci6: command tx timeout [ 85.990419] Bluetooth: hci7: command tx timeout [ 87.908308] Bluetooth: hci3: command tx timeout [ 87.972255] Bluetooth: hci0: command tx timeout [ 88.036309] Bluetooth: hci2: command tx timeout [ 88.036836] Bluetooth: hci7: command tx timeout [ 88.037347] Bluetooth: hci6: command tx timeout [ 88.037820] Bluetooth: hci5: command tx timeout [ 88.038331] Bluetooth: hci1: command tx timeout [ 88.038374] Bluetooth: hci4: command tx timeout [ 89.956722] Bluetooth: hci3: command tx timeout [ 90.020267] Bluetooth: hci0: command tx timeout [ 90.084356] Bluetooth: hci4: command tx timeout [ 90.084867] Bluetooth: hci5: command tx timeout [ 90.086224] Bluetooth: hci1: command tx timeout [ 90.086253] Bluetooth: hci6: command tx timeout [ 90.087018] Bluetooth: hci7: command tx timeout [ 90.087510] Bluetooth: hci2: command tx timeout [ 118.802082] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.802797] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.008919] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.009563] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:45:05 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) umount2(0x0, 0x0) 12:45:06 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) umount2(0x0, 0x0) 12:45:06 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) umount2(0x0, 0x0) 12:45:06 executing program 7: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x21084, 0x0) chroot(&(0x7f0000000000)='./file0\x00') umount2(&(0x7f00000001c0)='./file0\x00', 0x0) 12:45:06 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001600)={0x1c, 0x19, 0x1, 0x0, 0x0, "", [@generic="02", @nested={0x25, 0x0, 0x0, 0x1, [@generic="f2"]}]}, 0x1c}], 0x1}, 0x0) 12:45:06 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001600)={0x1c, 0x19, 0x1, 0x0, 0x0, "", [@generic="02", @nested={0x25, 0x0, 0x0, 0x1, [@generic="f2"]}]}, 0x1c}], 0x1}, 0x0) 12:45:06 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001600)={0x1c, 0x19, 0x1, 0x0, 0x0, "", [@generic="02", @nested={0x25, 0x0, 0x0, 0x1, [@generic="f2"]}]}, 0x1c}], 0x1}, 0x0) [ 120.250614] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.251321] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:45:06 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001600)={0x1c, 0x19, 0x1, 0x0, 0x0, "", [@generic="02", @nested={0x25, 0x0, 0x0, 0x1, [@generic="f2"]}]}, 0x1c}], 0x1}, 0x0) [ 120.393905] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.394549] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.211997] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.213126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.338569] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.339265] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.627309] audit: type=1400 audit(1756471508.094:8): avc: denied { open } for pid=3772 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 121.628978] audit: type=1400 audit(1756471508.095:9): avc: denied { kernel } for pid=3772 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.417687] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.418722] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.515099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.516348] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.714010] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.714834] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.806118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.806780] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.009736] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.010407] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.074877] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.075512] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.284216] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.284857] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.329525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.330123] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.710341] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.711024] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.755549] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.756181] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:45:10 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000740)=@ocfs2={0xc}, 0x0) 12:45:10 executing program 4: perf_event_open(&(0x7f0000000340)={0x2, 0xeb, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000440)) 12:45:10 executing program 5: perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff81202c80}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 12:45:10 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='maps\x00') lseek(r0, 0xc52, 0x0) 12:45:10 executing program 1: pivot_root(0x0, 0x0) 12:45:10 executing program 3: syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7409b8", 0x14, 0x11, 0x0, @private2, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 12:45:10 executing program 2: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create(0x9) r2 = socket$inet6_udp(0xa, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x5}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)) epoll_pwait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x0, 0x0, 0x0) 12:45:10 executing program 6: prctl$PR_GET_IO_FLUSHER(0x3a) 12:45:10 executing program 6: prctl$PR_GET_IO_FLUSHER(0x3a) 12:45:10 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fsetxattr$security_selinux(r0, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:memory_device_t:s0\x00', 0x25, 0x0) 12:45:10 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='maps\x00') lseek(r0, 0xc52, 0x0) 12:45:10 executing program 4: perf_event_open(&(0x7f0000000340)={0x2, 0xeb, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000440)) 12:45:10 executing program 3: syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7409b8", 0x14, 0x11, 0x0, @private2, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 12:45:10 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000740)=@ocfs2={0xc}, 0x0) 12:45:10 executing program 5: perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff81202c80}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 12:45:10 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) msync(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0) 12:45:10 executing program 6: prctl$PR_GET_IO_FLUSHER(0x3a) 12:45:10 executing program 4: perf_event_open(&(0x7f0000000340)={0x2, 0xeb, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000440)) 12:45:10 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='maps\x00') lseek(r0, 0xc52, 0x0) 12:45:10 executing program 3: syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7409b8", 0x14, 0x11, 0x0, @private2, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 12:45:10 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) ioctl$FIBMAP(r0, 0x5310, &(0x7f0000000000)) [ 124.158865] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI [ 124.159751] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 124.160352] CPU: 0 UID: 0 PID: 3944 Comm: syz-executor.7 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 124.161291] Tainted: [W]=WARN [ 124.161544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.163476] RIP: 0010:perf_tp_event+0x175/0xe70 [ 124.164475] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 124.168043] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012 [ 124.168900] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 124.170447] RDX: ffff88801a6d9b80 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 124.171005] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc0e4d0 [ 124.171569] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000 [ 124.172128] R13: 000000000000002c R14: ffff88806ce31490 R15: dffffc0000000000 [ 124.172652] FS: 000055557d70e400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 124.173239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.173665] CR2: 000055557d70fc18 CR3: 0000000017e8d000 CR4: 0000000000350ef0 [ 124.174187] Call Trace: [ 124.174391] [ 124.174570] ? __pfx_perf_tp_event+0x10/0x10 [ 124.174929] ? lock_is_held_type+0x9e/0x120 [ 124.175291] ? lock_is_held_type+0x9e/0x120 [ 124.175659] ? perf_trace_lock+0xb5/0x5d0 [ 124.175996] ? perf_trace_lock+0xb5/0x5d0 [ 124.176326] ? __pfx_perf_trace_lock+0x10/0x10 [ 124.176686] ? __pfx_perf_trace_lock+0x10/0x10 [ 124.177051] ? check_preempt_wakeup_fair+0x406/0x950 [ 124.177461] ? perf_trace_run_bpf_submit+0xef/0x180 [ 124.177861] perf_trace_run_bpf_submit+0xef/0x180 [ 124.178247] perf_trace_lock+0x337/0x5d0 [ 124.178584] ? __pfx_perf_trace_lock+0x10/0x10 [ 124.178947] ? lock_acquire+0x15e/0x2f0 [ 124.179267] ? hrtimer_interrupt+0x114/0x830 [ 124.179624] ? hrtimer_interrupt+0x114/0x830 [ 124.179987] lock_release+0x1ab/0x290 [ 124.180293] ktime_get_update_offsets_now+0xab/0x3c0 [ 124.180692] ? hrtimer_interrupt+0x114/0x830 [ 124.181019] ? __pfx_lapic_next_deadline+0x10/0x10 [ 124.181389] hrtimer_interrupt+0x114/0x830 [ 124.181711] __sysvec_apic_timer_interrupt+0xbb/0x330 [ 124.182093] sysvec_apic_timer_interrupt+0x6b/0x80 [ 124.182477] [ 124.182658] [ 124.182839] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 124.183258] RIP: 0010:inat_get_opcode_attribute+0x2c/0x60 [ 124.183717] Code: 1f 00 53 89 fb 0f b6 db e8 a1 7a b9 fc 48 8d 3c 9d 40 2d 32 85 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 14 02 <48> 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 0d 8b 04 9d 40 2d [ 124.185128] RSP: 0018:ffff88804875f458 EFLAGS: 00000216 [ 124.185546] RAX: dffffc0000000000 RBX: 0000000000000042 RCX: ffffffff84bad9ef [ 124.186101] RDX: 0000000000000000 RSI: ffffffff84ba6cdf RDI: ffffffff85322e48 [ 124.186668] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 124.187224] R10: 000000000000000f R11: 0000000000000001 R12: dffffc0000000000 [ 124.187796] R13: 0000000000000000 R14: 0000000000000042 R15: dffffc0000000000 [ 124.188360] ? insn_get_prefixes.part.0+0x1bf/0x1450 [ 124.188768] ? inat_get_opcode_attribute+0xf/0x60 [ 124.189159] ? inat_get_opcode_attribute+0xf/0x60 [ 124.189548] insn_get_prefixes.part.0+0x27a/0x1450 [ 124.189949] insn_get_modrm+0x37d/0x870 [ 124.190274] ? hw_breakpoint_exceptions_notify+0x38/0x370 [ 124.190728] insn_get_displacement+0x31a/0x950 [ 124.191102] insn_decode+0x262/0x350 [ 124.191408] get_kernel_gp_address+0x131/0x230 [ 124.191799] ? __pfx_get_kernel_gp_address+0x10/0x10 [ 124.192207] ? atomic_notifier_call_chain+0xa9/0x1c0 [ 124.192613] ? search_exception_tables+0x37/0x50 [ 124.192996] ? fixup_exception+0x10d/0xc00 [ 124.193320] exc_general_protection+0x259/0x330 [ 124.193673] asm_exc_general_protection+0x26/0x30 [ 124.194028] RIP: 0010:perf_tp_event+0x175/0xe70 [ 124.194383] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 124.195703] RSP: 0018:ffff88804875f800 EFLAGS: 00010212 [ 124.196092] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 124.196642] RDX: ffff88801a6d9b80 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 124.197195] RBP: ffff88804875fa70 R08: ffff88806ce31340 R09: ffffe8ffffc0e4d0 [ 124.197712] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 124.198227] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 124.198757] ? perf_tp_event+0x167/0xe70 [ 124.199067] ? arch_scale_cpu_capacity+0x17/0xa0 [ 124.199426] ? __pfx_perf_tp_event+0x10/0x10 [ 124.199773] ? __asan_memset+0x24/0x50 [ 124.200099] ? perf_trace_lock+0xb5/0x5d0 [ 124.200441] ? kvm_sched_clock_read+0x16/0x30 [ 124.200803] ? sched_clock+0x37/0x60 [ 124.201102] ? sched_clock_cpu+0x6c/0x4e0 [ 124.201432] ? lock_is_held_type+0x9e/0x120 [ 124.201776] ? perf_trace_run_bpf_submit+0xef/0x180 [ 124.202171] perf_trace_run_bpf_submit+0xef/0x180 [ 124.202566] perf_trace_lock+0x337/0x5d0 [ 124.202873] ? __pfx_perf_trace_lock+0x10/0x10 [ 124.203214] ? lock_acquire+0x15e/0x2f0 [ 124.203510] ? futex_ref_get+0x48/0x300 [ 124.203806] ? futex_ref_get+0x114/0x300 [ 124.204110] ? futex_hash+0x15c/0x390 [ 124.204394] lock_release+0x1ab/0x290 [ 124.204678] ? futex_hash+0x15c/0x390 [ 124.204961] futex_ref_get+0x119/0x300 [ 124.205271] ? futex_hash+0x15c/0x390 [ 124.205575] futex_hash+0x70/0x390 [ 124.205860] futex_wake+0x143/0x540 [ 124.206153] ? put_pid+0x1f/0x30 [ 124.206429] ? kernel_clone+0x204/0x7f0 [ 124.206744] ? __pfx_futex_wake+0x10/0x10 [ 124.207074] ? __pfx_kernel_clone+0x10/0x10 [ 124.207421] ? perf_trace_lock+0xb5/0x5d0 [ 124.207741] do_futex+0x26d/0x370 [ 124.208004] ? __pfx_do_futex+0x10/0x10 [ 124.208300] ? __pfx___do_sys_clone+0x10/0x10 [ 124.208641] ? find_held_lock+0x2b/0x80 [ 124.208967] __x64_sys_futex+0x1c9/0x4d0 [ 124.209292] ? __pfx___x64_sys_futex+0x10/0x10 [ 124.209634] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 124.210022] do_syscall_64+0xbf/0x360 [ 124.210307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.210691] RIP: 0033:0x7f3ac90cab19 [ 124.210987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.212399] RSP: 002b:00007fffed14fd58 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.212994] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3ac90cab19 [ 124.213558] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3ac91ddf68 [ 124.214111] RBP: 00007f3ac91ddf60 R08: 00007f3ac6640700 R09: 0000000000000000 [ 124.214667] R10: 00007f3ac6640700 R11: 0000000000000246 R12: 00007f3ac91e2070 [ 124.215184] R13: 00007fffed14fe60 R14: 00007f3ac91ddf60 R15: 000000000001e46b [ 124.215708] [ 124.215885] Modules linked in: [ 124.216131] ---[ end trace 0000000000000000 ]--- [ 124.216477] RIP: 0010:perf_tp_event+0x175/0xe70 [ 124.216841] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 124.218161] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012 [ 124.218557] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 124.219088] RDX: ffff88801a6d9b80 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 124.219639] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc0e4d0 [ 124.220197] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000 [ 124.220752] R13: 000000000000002c R14: ffff88806ce31490 R15: dffffc0000000000 [ 124.221315] FS: 000055557d70e400(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 124.222037] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.222603] CR2: 000055557d70fc18 CR3: 0000000017e8d000 CR4: 0000000000350ef0 [ 124.223268] Kernel panic - not syncing: Fatal exception in interrupt [ 124.223987] Kernel Offset: disabled [ 124.224276] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 12:45:10 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff88806ce08370 R8 =0000000000000000 R9 =ffffed100161f046 R10=0000000000000020 R11=0000000065646f43 R12=0000000000000020 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055557d70e400 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe2400000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055557d70fc18 CR3=0000000017e8d000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f3ac91b17c000007f3ac91b17c8 XMM02=00007f3ac91b17e000007f3ac91b17c0 XMM03=00007f3ac91b17c800007f3ac91b17c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88806ce3de00 RCX=ffffffff816880fc RDX=ffff88800dd83700 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888016b576f8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1 R12=ffffed100d9c7bc1 R13=ffff88806ce3de08 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555558358400 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe4c00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000555559619c18 CR3=0000000040506000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fc77f2db7c000007fc77f2db7c8 XMM02=00007fc77f2db7e000007fc77f2db7c0 XMM03=00007fc77f2db7c800007fc77f2db7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000