Warning: Permanently added '[localhost]:54736' (ECDSA) to the list of known hosts.
2025/08/29 12:59:48 fuzzer started
2025/08/29 12:59:49 dialing manager at localhost:43077
syzkaller login: [ 49.076380] cgroup: Unknown subsys name 'net'
[ 49.238324] cgroup: Unknown subsys name 'cpuset'
[ 49.260087] cgroup: Unknown subsys name 'rlimit'
2025/08/29 13:00:00 syscalls: 2214
2025/08/29 13:00:00 code coverage: enabled
2025/08/29 13:00:00 comparison tracing: enabled
2025/08/29 13:00:00 extra coverage: enabled
2025/08/29 13:00:00 setuid sandbox: enabled
2025/08/29 13:00:00 namespace sandbox: enabled
2025/08/29 13:00:00 Android sandbox: enabled
2025/08/29 13:00:00 fault injection: enabled
2025/08/29 13:00:00 leak checking: enabled
2025/08/29 13:00:00 net packet injection: enabled
2025/08/29 13:00:00 net device setup: enabled
2025/08/29 13:00:00 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 13:00:00 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 13:00:00 USB emulation: enabled
2025/08/29 13:00:00 hci packet injection: enabled
2025/08/29 13:00:00 wifi device emulation: enabled
2025/08/29 13:00:00 802.15.4 emulation: enabled
2025/08/29 13:00:00 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 13:00:00 fetching corpus: 50, signal 23746/27246 (executing program)
2025/08/29 13:00:00 fetching corpus: 100, signal 33962/38896 (executing program)
2025/08/29 13:00:00 fetching corpus: 150, signal 42123/48383 (executing program)
2025/08/29 13:00:01 fetching corpus: 200, signal 47887/55441 (executing program)
2025/08/29 13:00:01 fetching corpus: 250, signal 50708/59614 (executing program)
2025/08/29 13:00:01 fetching corpus: 300, signal 54141/64265 (executing program)
2025/08/29 13:00:01 fetching corpus: 350, signal 59467/70586 (executing program)
2025/08/29 13:00:01 fetching corpus: 400, signal 63324/75474 (executing program)
2025/08/29 13:00:01 fetching corpus: 450, signal 65805/79056 (executing program)
2025/08/29 13:00:01 fetching corpus: 500, signal 69450/83573 (executing program)
2025/08/29 13:00:01 fetching corpus: 550, signal 70697/86018 (executing program)
2025/08/29 13:00:01 fetching corpus: 600, signal 75059/91150 (executing program)
2025/08/29 13:00:01 fetching corpus: 650, signal 78093/94962 (executing program)
2025/08/29 13:00:01 fetching corpus: 700, signal 80367/98079 (executing program)
2025/08/29 13:00:02 fetching corpus: 750, signal 84599/102884 (executing program)
2025/08/29 13:00:02 fetching corpus: 800, signal 86617/105749 (executing program)
2025/08/29 13:00:02 fetching corpus: 850, signal 88103/108093 (executing program)
2025/08/29 13:00:02 fetching corpus: 900, signal 91473/111923 (executing program)
2025/08/29 13:00:02 fetching corpus: 950, signal 93074/114295 (executing program)
2025/08/29 13:00:02 fetching corpus: 1000, signal 94744/116665 (executing program)
2025/08/29 13:00:02 fetching corpus: 1050, signal 95833/118546 (executing program)
2025/08/29 13:00:02 fetching corpus: 1100, signal 97152/120623 (executing program)
2025/08/29 13:00:02 fetching corpus: 1150, signal 99608/123505 (executing program)
2025/08/29 13:00:02 fetching corpus: 1200, signal 101899/126232 (executing program)
2025/08/29 13:00:02 fetching corpus: 1250, signal 103974/128706 (executing program)
2025/08/29 13:00:03 fetching corpus: 1300, signal 106010/131178 (executing program)
2025/08/29 13:00:03 fetching corpus: 1350, signal 107441/133205 (executing program)
2025/08/29 13:00:03 fetching corpus: 1400, signal 109256/135451 (executing program)
2025/08/29 13:00:03 fetching corpus: 1450, signal 110432/137175 (executing program)
2025/08/29 13:00:03 fetching corpus: 1500, signal 111687/138920 (executing program)
2025/08/29 13:00:03 fetching corpus: 1550, signal 112978/140721 (executing program)
2025/08/29 13:00:03 fetching corpus: 1600, signal 113866/142180 (executing program)
2025/08/29 13:00:03 fetching corpus: 1650, signal 114910/143712 (executing program)
2025/08/29 13:00:03 fetching corpus: 1700, signal 116182/145349 (executing program)
2025/08/29 13:00:03 fetching corpus: 1750, signal 117077/146784 (executing program)
2025/08/29 13:00:04 fetching corpus: 1800, signal 118401/148435 (executing program)
2025/08/29 13:00:04 fetching corpus: 1850, signal 119347/149818 (executing program)
2025/08/29 13:00:04 fetching corpus: 1900, signal 120169/151174 (executing program)
2025/08/29 13:00:04 fetching corpus: 1950, signal 121095/152582 (executing program)
2025/08/29 13:00:04 fetching corpus: 2000, signal 122182/154048 (executing program)
2025/08/29 13:00:04 fetching corpus: 2050, signal 123545/155686 (executing program)
2025/08/29 13:00:04 fetching corpus: 2100, signal 124479/156965 (executing program)
2025/08/29 13:00:04 fetching corpus: 2150, signal 125198/158076 (executing program)
2025/08/29 13:00:04 fetching corpus: 2200, signal 125815/159134 (executing program)
2025/08/29 13:00:04 fetching corpus: 2250, signal 126879/160421 (executing program)
2025/08/29 13:00:04 fetching corpus: 2300, signal 127914/161758 (executing program)
2025/08/29 13:00:04 fetching corpus: 2350, signal 128648/162885 (executing program)
2025/08/29 13:00:05 fetching corpus: 2400, signal 129799/164242 (executing program)
2025/08/29 13:00:05 fetching corpus: 2450, signal 130331/165219 (executing program)
2025/08/29 13:00:05 fetching corpus: 2500, signal 131300/166376 (executing program)
2025/08/29 13:00:05 fetching corpus: 2550, signal 132217/167518 (executing program)
2025/08/29 13:00:05 fetching corpus: 2600, signal 132790/168469 (executing program)
2025/08/29 13:00:05 fetching corpus: 2650, signal 133644/169499 (executing program)
2025/08/29 13:00:05 fetching corpus: 2700, signal 134296/170476 (executing program)
2025/08/29 13:00:05 fetching corpus: 2750, signal 134868/171373 (executing program)
2025/08/29 13:00:05 fetching corpus: 2800, signal 135570/172339 (executing program)
2025/08/29 13:00:05 fetching corpus: 2850, signal 138461/174207 (executing program)
2025/08/29 13:00:06 fetching corpus: 2900, signal 139147/175105 (executing program)
2025/08/29 13:00:06 fetching corpus: 2950, signal 139939/176037 (executing program)
2025/08/29 13:00:06 fetching corpus: 3000, signal 140483/176863 (executing program)
2025/08/29 13:00:06 fetching corpus: 3050, signal 141102/177669 (executing program)
2025/08/29 13:00:06 fetching corpus: 3100, signal 141729/178487 (executing program)
2025/08/29 13:00:06 fetching corpus: 3150, signal 142433/179382 (executing program)
2025/08/29 13:00:06 fetching corpus: 3200, signal 143286/180291 (executing program)
2025/08/29 13:00:06 fetching corpus: 3250, signal 143981/181090 (executing program)
2025/08/29 13:00:06 fetching corpus: 3300, signal 144611/181911 (executing program)
2025/08/29 13:00:06 fetching corpus: 3350, signal 145223/182682 (executing program)
2025/08/29 13:00:06 fetching corpus: 3400, signal 145870/183454 (executing program)
2025/08/29 13:00:06 fetching corpus: 3450, signal 146489/184212 (executing program)
2025/08/29 13:00:07 fetching corpus: 3500, signal 147028/184940 (executing program)
2025/08/29 13:00:07 fetching corpus: 3550, signal 147396/185629 (executing program)
2025/08/29 13:00:07 fetching corpus: 3600, signal 147749/186278 (executing program)
2025/08/29 13:00:07 fetching corpus: 3650, signal 148661/187039 (executing program)
2025/08/29 13:00:07 fetching corpus: 3700, signal 149461/187777 (executing program)
2025/08/29 13:00:07 fetching corpus: 3750, signal 150045/188403 (executing program)
2025/08/29 13:00:07 fetching corpus: 3800, signal 150529/189005 (executing program)
2025/08/29 13:00:07 fetching corpus: 3850, signal 151063/189660 (executing program)
2025/08/29 13:00:07 fetching corpus: 3900, signal 151711/190309 (executing program)
2025/08/29 13:00:07 fetching corpus: 3950, signal 152237/190911 (executing program)
2025/08/29 13:00:08 fetching corpus: 4000, signal 152859/191489 (executing program)
2025/08/29 13:00:08 fetching corpus: 4050, signal 153479/192067 (executing program)
2025/08/29 13:00:08 fetching corpus: 4100, signal 153861/192589 (executing program)
2025/08/29 13:00:08 fetching corpus: 4150, signal 154336/193132 (executing program)
2025/08/29 13:00:08 fetching corpus: 4200, signal 154868/193689 (executing program)
2025/08/29 13:00:08 fetching corpus: 4250, signal 155287/194230 (executing program)
2025/08/29 13:00:08 fetching corpus: 4300, signal 155939/194751 (executing program)
2025/08/29 13:00:08 fetching corpus: 4350, signal 156512/195291 (executing program)
2025/08/29 13:00:08 fetching corpus: 4400, signal 157194/195796 (executing program)
2025/08/29 13:00:08 fetching corpus: 4450, signal 157657/196274 (executing program)
2025/08/29 13:00:08 fetching corpus: 4500, signal 158217/196749 (executing program)
2025/08/29 13:00:08 fetching corpus: 4550, signal 158594/197240 (executing program)
2025/08/29 13:00:09 fetching corpus: 4600, signal 159049/197682 (executing program)
2025/08/29 13:00:09 fetching corpus: 4650, signal 159856/198196 (executing program)
2025/08/29 13:00:09 fetching corpus: 4700, signal 160308/198608 (executing program)
2025/08/29 13:00:09 fetching corpus: 4750, signal 160836/198993 (executing program)
2025/08/29 13:00:09 fetching corpus: 4800, signal 161312/199446 (executing program)
2025/08/29 13:00:09 fetching corpus: 4850, signal 161864/199588 (executing program)
2025/08/29 13:00:09 fetching corpus: 4900, signal 162366/199604 (executing program)
2025/08/29 13:00:09 fetching corpus: 4950, signal 163147/199608 (executing program)
2025/08/29 13:00:09 fetching corpus: 5000, signal 163536/199632 (executing program)
2025/08/29 13:00:10 fetching corpus: 5050, signal 163986/199633 (executing program)
2025/08/29 13:00:10 fetching corpus: 5100, signal 164532/199636 (executing program)
2025/08/29 13:00:10 fetching corpus: 5150, signal 165069/199759 (executing program)
2025/08/29 13:00:10 fetching corpus: 5200, signal 165445/199763 (executing program)
2025/08/29 13:00:10 fetching corpus: 5250, signal 165794/199764 (executing program)
2025/08/29 13:00:10 fetching corpus: 5300, signal 166427/199784 (executing program)
2025/08/29 13:00:10 fetching corpus: 5350, signal 166764/199785 (executing program)
2025/08/29 13:00:10 fetching corpus: 5400, signal 167387/199793 (executing program)
2025/08/29 13:00:10 fetching corpus: 5450, signal 167735/199803 (executing program)
2025/08/29 13:00:10 fetching corpus: 5500, signal 168172/199859 (executing program)
2025/08/29 13:00:10 fetching corpus: 5550, signal 168605/199873 (executing program)
2025/08/29 13:00:11 fetching corpus: 5600, signal 169095/199880 (executing program)
2025/08/29 13:00:11 fetching corpus: 5650, signal 169453/199894 (executing program)
2025/08/29 13:00:11 fetching corpus: 5700, signal 170002/199923 (executing program)
2025/08/29 13:00:11 fetching corpus: 5750, signal 170508/199942 (executing program)
2025/08/29 13:00:11 fetching corpus: 5800, signal 170762/199966 (executing program)
2025/08/29 13:00:11 fetching corpus: 5850, signal 171211/199967 (executing program)
2025/08/29 13:00:11 fetching corpus: 5900, signal 171546/199970 (executing program)
2025/08/29 13:00:11 fetching corpus: 5950, signal 171823/199973 (executing program)
2025/08/29 13:00:11 fetching corpus: 6000, signal 172764/199974 (executing program)
2025/08/29 13:00:11 fetching corpus: 6050, signal 173094/199974 (executing program)
2025/08/29 13:00:11 fetching corpus: 6100, signal 173349/200013 (executing program)
2025/08/29 13:00:12 fetching corpus: 6150, signal 173704/200014 (executing program)
2025/08/29 13:00:12 fetching corpus: 6200, signal 174080/200050 (executing program)
2025/08/29 13:00:12 fetching corpus: 6250, signal 174401/200056 (executing program)
2025/08/29 13:00:12 fetching corpus: 6300, signal 174698/200067 (executing program)
2025/08/29 13:00:12 fetching corpus: 6350, signal 175076/200147 (executing program)
2025/08/29 13:00:12 fetching corpus: 6400, signal 175371/200150 (executing program)
2025/08/29 13:00:12 fetching corpus: 6450, signal 175627/200152 (executing program)
2025/08/29 13:00:12 fetching corpus: 6500, signal 176038/200162 (executing program)
2025/08/29 13:00:12 fetching corpus: 6550, signal 176416/200179 (executing program)
2025/08/29 13:00:12 fetching corpus: 6600, signal 176611/200186 (executing program)
2025/08/29 13:00:12 fetching corpus: 6650, signal 176853/200188 (executing program)
2025/08/29 13:00:13 fetching corpus: 6700, signal 177091/200193 (executing program)
2025/08/29 13:00:13 fetching corpus: 6750, signal 177393/200207 (executing program)
2025/08/29 13:00:13 fetching corpus: 6800, signal 177687/200207 (executing program)
2025/08/29 13:00:13 fetching corpus: 6850, signal 178100/200213 (executing program)
2025/08/29 13:00:13 fetching corpus: 6900, signal 178379/200213 (executing program)
2025/08/29 13:00:13 fetching corpus: 6950, signal 178737/200228 (executing program)
2025/08/29 13:00:13 fetching corpus: 7000, signal 179098/200241 (executing program)
2025/08/29 13:00:13 fetching corpus: 7050, signal 179593/200241 (executing program)
2025/08/29 13:00:13 fetching corpus: 7100, signal 179800/200246 (executing program)
2025/08/29 13:00:13 fetching corpus: 7150, signal 180204/200249 (executing program)
2025/08/29 13:00:13 fetching corpus: 7200, signal 180453/200260 (executing program)
2025/08/29 13:00:14 fetching corpus: 7250, signal 180814/200286 (executing program)
2025/08/29 13:00:14 fetching corpus: 7300, signal 181076/200294 (executing program)
2025/08/29 13:00:14 fetching corpus: 7350, signal 181446/200300 (executing program)
2025/08/29 13:00:14 fetching corpus: 7400, signal 181751/200318 (executing program)
2025/08/29 13:00:14 fetching corpus: 7450, signal 181994/200319 (executing program)
2025/08/29 13:00:14 fetching corpus: 7500, signal 182301/200322 (executing program)
2025/08/29 13:00:14 fetching corpus: 7550, signal 182537/200323 (executing program)
2025/08/29 13:00:14 fetching corpus: 7600, signal 182787/200334 (executing program)
2025/08/29 13:00:14 fetching corpus: 7650, signal 183147/200380 (executing program)
2025/08/29 13:00:14 fetching corpus: 7700, signal 183381/200380 (executing program)
2025/08/29 13:00:14 fetching corpus: 7750, signal 183624/200387 (executing program)
2025/08/29 13:00:14 fetching corpus: 7800, signal 183914/200505 (executing program)
2025/08/29 13:00:14 fetching corpus: 7850, signal 184088/200508 (executing program)
2025/08/29 13:00:14 fetching corpus: 7900, signal 184475/200519 (executing program)
2025/08/29 13:00:15 fetching corpus: 7950, signal 184690/200525 (executing program)
2025/08/29 13:00:15 fetching corpus: 8000, signal 185034/200528 (executing program)
2025/08/29 13:00:15 fetching corpus: 8050, signal 185291/200535 (executing program)
2025/08/29 13:00:15 fetching corpus: 8100, signal 185588/200546 (executing program)
2025/08/29 13:00:15 fetching corpus: 8150, signal 185983/200548 (executing program)
2025/08/29 13:00:15 fetching corpus: 8200, signal 186274/200554 (executing program)
2025/08/29 13:00:15 fetching corpus: 8250, signal 186707/200571 (executing program)
2025/08/29 13:00:15 fetching corpus: 8300, signal 187083/200573 (executing program)
2025/08/29 13:00:15 fetching corpus: 8350, signal 187305/200576 (executing program)
2025/08/29 13:00:15 fetching corpus: 8400, signal 187745/200576 (executing program)
2025/08/29 13:00:15 fetching corpus: 8450, signal 187952/200586 (executing program)
2025/08/29 13:00:15 fetching corpus: 8500, signal 188236/200587 (executing program)
2025/08/29 13:00:16 fetching corpus: 8550, signal 188449/200590 (executing program)
2025/08/29 13:00:16 fetching corpus: 8600, signal 188664/200606 (executing program)
2025/08/29 13:00:16 fetching corpus: 8650, signal 188864/200612 (executing program)
2025/08/29 13:00:16 fetching corpus: 8700, signal 189127/200622 (executing program)
2025/08/29 13:00:16 fetching corpus: 8750, signal 189410/200648 (executing program)
2025/08/29 13:00:16 fetching corpus: 8800, signal 189728/200660 (executing program)
2025/08/29 13:00:16 fetching corpus: 8850, signal 189970/200675 (executing program)
2025/08/29 13:00:16 fetching corpus: 8900, signal 190261/200683 (executing program)
2025/08/29 13:00:16 fetching corpus: 8950, signal 190432/200686 (executing program)
2025/08/29 13:00:16 fetching corpus: 9000, signal 190624/200694 (executing program)
2025/08/29 13:00:16 fetching corpus: 9050, signal 190853/200713 (executing program)
2025/08/29 13:00:16 fetching corpus: 9099, signal 191547/200799 (executing program)
2025/08/29 13:00:16 fetching corpus: 9149, signal 191792/200810 (executing program)
2025/08/29 13:00:17 fetching corpus: 9199, signal 191923/200813 (executing program)
2025/08/29 13:00:17 fetching corpus: 9249, signal 192116/200819 (executing program)
2025/08/29 13:00:17 fetching corpus: 9299, signal 192540/200833 (executing program)
2025/08/29 13:00:17 fetching corpus: 9348, signal 192885/200835 (executing program)
2025/08/29 13:00:17 fetching corpus: 9398, signal 193108/200850 (executing program)
2025/08/29 13:00:17 fetching corpus: 9448, signal 193458/200878 (executing program)
2025/08/29 13:00:17 fetching corpus: 9498, signal 193657/200888 (executing program)
2025/08/29 13:00:17 fetching corpus: 9547, signal 193944/200892 (executing program)
2025/08/29 13:00:17 fetching corpus: 9597, signal 194168/200897 (executing program)
2025/08/29 13:00:17 fetching corpus: 9647, signal 194415/200898 (executing program)
2025/08/29 13:00:18 fetching corpus: 9697, signal 194644/200900 (executing program)
2025/08/29 13:00:18 fetching corpus: 9747, signal 194897/200939 (executing program)
2025/08/29 13:00:18 fetching corpus: 9797, signal 195309/200949 (executing program)
2025/08/29 13:00:18 fetching corpus: 9847, signal 195524/200954 (executing program)
2025/08/29 13:00:18 fetching corpus: 9897, signal 195684/200955 (executing program)
2025/08/29 13:00:18 fetching corpus: 9947, signal 195925/200957 (executing program)
2025/08/29 13:00:18 fetching corpus: 9997, signal 196129/200964 (executing program)
2025/08/29 13:00:18 fetching corpus: 10047, signal 196354/200973 (executing program)
2025/08/29 13:00:18 fetching corpus: 10097, signal 196590/200978 (executing program)
2025/08/29 13:00:18 fetching corpus: 10146, signal 196869/200984 (executing program)
2025/08/29 13:00:18 fetching corpus: 10187, signal 197075/200992 (executing program)
2025/08/29 13:00:18 fetching corpus: 10187, signal 197075/200992 (executing program)
2025/08/29 13:00:21 starting 8 fuzzer processes
13:00:21 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, 0x0)
13:00:21 executing program 1:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000080))
13:00:21 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
readahead(0xffffffffffffffff, 0x0, 0x0)
13:00:21 executing program 2:
r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x4000)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000100)=0x1ff, 0x2, 0x2)
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)
shmctl$IPC_RMID(r0, 0x0)
r1 = shmget(0x2, 0x2000, 0x40, &(0x7f0000ffb000/0x2000)=nil)
shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x5000)
shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/214)
13:00:21 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x5607, 0x1)
13:00:21 executing program 3:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x3}, 0xc)
[ 81.064096] audit: type=1400 audit(1756472421.381:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
13:00:21 executing program 4:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6002, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xa0103)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6002, 0x0)
sendfile(r2, r0, 0x0, 0xa0103)
13:00:21 executing program 5:
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0xa)
[ 82.301762] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 82.306060] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 82.311235] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 82.319216] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 82.323258] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 82.365174] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 82.370844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 82.372150] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 82.374025] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 82.376335] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 82.383960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 82.385220] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 82.388653] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 82.397400] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 82.405223] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 82.433706] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 82.438794] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 82.441146] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 82.443864] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 82.444986] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 82.447419] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 82.448674] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 82.453914] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 82.456873] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 82.457292] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 82.458668] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 82.460671] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 82.467285] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 82.476337] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 82.478097] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 82.487064] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 82.490005] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 82.491216] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 82.492410] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 82.497816] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 82.509898] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 82.515823] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 82.519205] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 82.521949] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 82.533237] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 84.398111] Bluetooth: hci0: command tx timeout
[ 84.462666] Bluetooth: hci1: command tx timeout
[ 84.463155] Bluetooth: hci2: command tx timeout
[ 84.526519] Bluetooth: hci3: command tx timeout
[ 84.527002] Bluetooth: hci5: command tx timeout
[ 84.589703] Bluetooth: hci7: command tx timeout
[ 84.590185] Bluetooth: hci4: command tx timeout
[ 84.591567] Bluetooth: hci6: command tx timeout
[ 86.445594] Bluetooth: hci0: command tx timeout
[ 86.511538] Bluetooth: hci1: command tx timeout
[ 86.511931] Bluetooth: hci2: command tx timeout
[ 86.573673] Bluetooth: hci5: command tx timeout
[ 86.574064] Bluetooth: hci3: command tx timeout
[ 86.637576] Bluetooth: hci4: command tx timeout
[ 86.637984] Bluetooth: hci6: command tx timeout
[ 86.638937] Bluetooth: hci7: command tx timeout
[ 88.493639] Bluetooth: hci0: command tx timeout
[ 88.558846] Bluetooth: hci2: command tx timeout
[ 88.559240] Bluetooth: hci1: command tx timeout
[ 88.623533] Bluetooth: hci5: command tx timeout
[ 88.623928] Bluetooth: hci3: command tx timeout
[ 88.685627] Bluetooth: hci7: command tx timeout
[ 88.686027] Bluetooth: hci6: command tx timeout
[ 88.686398] Bluetooth: hci4: command tx timeout
[ 90.541551] Bluetooth: hci0: command tx timeout
[ 90.605640] Bluetooth: hci1: command tx timeout
[ 90.606046] Bluetooth: hci2: command tx timeout
[ 90.669564] Bluetooth: hci3: command tx timeout
[ 90.670024] Bluetooth: hci5: command tx timeout
[ 90.734535] Bluetooth: hci4: command tx timeout
[ 90.734975] Bluetooth: hci6: command tx timeout
[ 90.735363] Bluetooth: hci7: command tx timeout
[ 116.919092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.919745] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.131055] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.131972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.447977] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.448583] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.551459] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.552085] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.666634] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.667229] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.702827] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.703405] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.792255] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.792896] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.793447] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.793450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.829768] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.830345] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.856190] audit: type=1400 audit(1756472458.173:8): avc: denied { open } for pid=3871 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 117.857873] audit: type=1400 audit(1756472458.173:9): avc: denied { kernel } for pid=3871 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 117.873397] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.874015] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.935577] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.936135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.953591] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.954193] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.004913] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.005515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.056403] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.057003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.122440] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.123057] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.151132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.151822] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.305526] syz-executor.4 (3892) used greatest stack depth: 24368 bytes left
13:00:58 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000080)={{0x2, 0x0, @remote}, {}, 0xe, {0x2, 0x0, @empty}, 'lo\x00'})
13:00:58 executing program 2:
r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x4000)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000100)=0x1ff, 0x2, 0x2)
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)
shmctl$IPC_RMID(r0, 0x0)
r1 = shmget(0x2, 0x2000, 0x40, &(0x7f0000ffb000/0x2000)=nil)
shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x5000)
shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/214)
13:00:58 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x5607, 0x1)
13:00:58 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSETLED(r0, 0x4b48, 0x0)
13:00:58 executing program 5:
r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x4000)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000100)=0x1ff, 0x2, 0x2)
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)
shmctl$IPC_RMID(r0, 0x0)
r1 = shmget(0x2, 0x2000, 0x40, &(0x7f0000ffb000/0x2000)=nil)
shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x5000)
shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/214)
13:00:58 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
13:00:58 executing program 3:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x17}, './file0\x00'})
13:00:58 executing program 4:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6002, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xa0103)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6002, 0x0)
sendfile(r2, r0, 0x0, 0xa0103)
13:00:58 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x0)
llistxattr(&(0x7f0000001700)='./file0\x00', &(0x7f0000001740)=""/198, 0xc6)
13:00:58 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000080)={{0x2, 0x0, @remote}, {}, 0xe, {0x2, 0x0, @empty}, 'lo\x00'})
13:00:58 executing program 2:
r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x4000)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000100)=0x1ff, 0x2, 0x2)
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)
shmctl$IPC_RMID(r0, 0x0)
r1 = shmget(0x2, 0x2000, 0x40, &(0x7f0000ffb000/0x2000)=nil)
shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x5000)
shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/214)
13:00:58 executing program 5:
r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x4000)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000100)=0x1ff, 0x2, 0x2)
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)
shmctl$IPC_RMID(r0, 0x0)
r1 = shmget(0x2, 0x2000, 0x40, &(0x7f0000ffb000/0x2000)=nil)
shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x5000)
shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/214)
13:00:58 executing program 1:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
13:00:58 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSETLED(r0, 0x4b48, 0x0)
13:00:58 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x5607, 0x1)
13:00:58 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000080)={{0x2, 0x0, @remote}, {}, 0xe, {0x2, 0x0, @empty}, 'lo\x00'})
13:00:58 executing program 2:
r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x4000)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000100)=0x1ff, 0x2, 0x2)
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)
shmctl$IPC_RMID(r0, 0x0)
r1 = shmget(0x2, 0x2000, 0x40, &(0x7f0000ffb000/0x2000)=nil)
shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x5000)
shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/214)
[ 118.569855] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 118.570740] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 118.571341] CPU: 0 UID: 0 PID: 3924 Comm: syz-executor.1 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 118.572721] Tainted: [W]=WARN
[ 118.573191] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 118.574613] RIP: 0010:perf_tp_event+0x175/0xe70
[ 118.575630] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 118.578826] RSP: 0018:ffff88801bca7800 EFLAGS: 00010212
[ 118.579594] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc900021f2000
[ 118.580630] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 118.581658] RBP: ffff88801bca7a70 R08: ffff88806ce31340 R09: ffffe8ffffc15af8
[ 118.582697] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 118.583845] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[ 118.584383] FS: 00007f6310212700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 118.584975] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 118.585416] CR2: 00007efd465ea018 CR3: 000000001f2df000 CR4: 0000000000350ef0
[ 118.585947] Call Trace:
[ 118.586156]
[ 118.586331] ? kasan_save_stack+0x24/0x50
[ 118.586655] ? kasan_save_track+0x14/0x30
[ 118.586974] ? __kasan_save_free_info+0x3a/0x60
[ 118.587327] ? rtmsg_ifinfo+0x173/0x1b0
[ 118.587650] ? __pfx_perf_tp_event+0x10/0x10
[ 118.587990] ? __lock_acquire+0x694/0x1b70
[ 118.588318] ? lock_acquire+0x15e/0x2f0
[ 118.588626] ? perf_trace_lock_acquire+0xc9/0x700
[ 118.588996] ? find_held_lock+0x2b/0x80
[ 118.589307] ? perf_trace_lock_acquire+0xc9/0x700
[ 118.589680] ? __lock_acquire+0xc65/0x1b70
[ 118.590042] ? perf_trace_run_bpf_submit+0xef/0x180
[ 118.590421] perf_trace_run_bpf_submit+0xef/0x180
[ 118.590798] perf_trace_lock_acquire+0x3c2/0x700
[ 118.591164] ? __pfx_perf_trace_lock_acquire+0x10/0x10
[ 118.591561] ? futex_ref_get+0x48/0x300
[ 118.591868] ? find_held_lock+0x2b/0x80
[ 118.592177] lock_acquire+0xc5/0x2f0
[ 118.592461] ? futex_wake+0x228/0x540
[ 118.592763] _raw_spin_lock+0x2b/0x40
[ 118.593060] ? futex_wake+0x228/0x540
[ 118.593353] futex_wake+0x228/0x540
[ 118.593643] ? __pfx_futex_wake+0x10/0x10
[ 118.593970] do_futex+0x26d/0x370
[ 118.594252] ? __pfx_do_futex+0x10/0x10
[ 118.594558] ? __fget_files+0x34/0x3b0
[ 118.594854] ? find_held_lock+0x2b/0x80
[ 118.595165] __x64_sys_futex+0x1c9/0x4d0
[ 118.595478] ? __pfx___x64_sys_futex+0x10/0x10
[ 118.595826] ? selinux_file_ioctl+0xb9/0x280
[ 118.596169] ? xfd_validate_state+0x55/0x180
[ 118.596520] do_syscall_64+0xbf/0x360
[ 118.596810] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.597199] RIP: 0033:0x7f6312c9cb19
[ 118.597480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 118.598857] RSP: 002b:00007f6310212218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 118.599423] RAX: ffffffffffffffda RBX: 00007f6312daff68 RCX: 00007f6312c9cb19
[ 118.599961] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6312daff6c
[ 118.600492] RBP: 00007f6312daff60 R08: 000000000000000e R09: 0000000000000000
[ 118.601023] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6312daff6c
[ 118.601557] R13: 00007ffec869c3ff R14: 00007f6310212300 R15: 0000000000022000
[ 118.602106]
[ 118.602285] Modules linked in:
[ 118.602557] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 118.603366] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 118.603924] CPU: 0 UID: 0 PID: 3924 Comm: syz-executor.1 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 118.604804] Tainted: [D]=DIE, [W]=WARN
[ 118.605094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 118.605699] RIP: 0010:perf_tp_event+0x175/0xe70
[ 118.606064] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 118.607398] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012
[ 118.607793] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 118.608316] RDX: ffff8880457c0000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 118.608844] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc15af8
[ 118.609368] R10: 0000000000000000 R11: 000000000000002c R12: dffffc0000000000
[ 118.609902] R13: 000000000000002c R14: ffff88806ce31490 R15: dffffc0000000000
[ 118.610436] FS: 00007f6310212700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 118.611029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 118.611457] CR2: 00007efd465ea018 CR3: 000000001f2df000 CR4: 0000000000350ef0
[ 118.611986] Call Trace:
[ 118.612186]
[ 118.612357] ? __pfx_perf_tp_event+0x10/0x10
[ 118.612700] ? __lock_acquire+0x694/0x1b70
[ 118.613022] ? trace_softirq_raise+0xbe/0x100
[ 118.613371] ? lock_acquire+0x15e/0x2f0
[ 118.613676] ? select_task_rq_fair+0x2b6/0x38b0
[ 118.614036] ? find_held_lock+0x2b/0x80
[ 118.614342] ? select_task_rq_fair+0x48c/0x38b0
[ 118.614690] ? __pfx_call_function_single_prep_ipi+0x10/0x10
[ 118.615123] ? trace_ipi_send_cpu.constprop.0+0x158/0x1c0
[ 118.615538] ? __smp_call_single_queue+0x15b/0x2f0
[ 118.615910] ? __pfx___smp_call_single_queue+0x10/0x10
[ 118.616303] ? perf_trace_run_bpf_submit+0xef/0x180
[ 118.616680] ? lock_release+0xc8/0x290
[ 118.616975] perf_trace_run_bpf_submit+0xef/0x180
[ 118.617340] perf_trace_lock_acquire+0x3c2/0x700
[ 118.617702] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 118.618069] ? __pfx_perf_trace_lock_acquire+0x10/0x10
[ 118.618457] ? mark_held_locks+0x49/0x80
[ 118.618770] ? trace_rcu_utilization+0x26/0x190
[ 118.619128] lock_acquire+0xc5/0x2f0
[ 118.619408] ? hrtimer_interrupt+0xd6/0x830
[ 118.619738] ? __pfx_rcu_core+0x10/0x10
[ 118.620043] _raw_spin_lock_irqsave+0x3a/0x60
[ 118.620381] ? hrtimer_interrupt+0xd6/0x830
[ 118.620706] hrtimer_interrupt+0xd6/0x830
[ 118.621017] ? __pfx_flush_tlb_func+0x10/0x10
[ 118.621353] ? trace_csd_function_exit+0x134/0x190
[ 118.621727] ? __flush_smp_call_function_queue+0x28c/0x740
[ 118.622156] __sysvec_apic_timer_interrupt+0xbb/0x330
[ 118.622548] sysvec_apic_timer_interrupt+0x6b/0x80
[ 118.622921]
[ 118.623092]
[ 118.623263] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 118.623653] RIP: 0010:oops_exit+0x0/0x50
[ 118.623963] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27
[ 118.625276] RSP: 0018:ffff88801bca7690 EFLAGS: 00000202
[ 118.625666] RAX: 0000000000033c75 RBX: 0000000000000212 RCX: ffffc900021f2000
[ 118.626197] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007
[ 118.626715] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90
[ 118.627239] R10: 0000000000000000 R11: 000000000000002c R12: ffff88801bca7758
[ 118.627761] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[ 118.628287] ? oops_end+0x4a/0xe0
[ 118.628566] oops_end+0x65/0xe0
[ 118.628822] exc_general_protection+0x1a2/0x330
[ 118.629178] asm_exc_general_protection+0x26/0x30
[ 118.629537] RIP: 0010:perf_tp_event+0x175/0xe70
[ 118.629887] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 118.631250] RSP: 0018:ffff88801bca7800 EFLAGS: 00010212
[ 118.631653] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc900021f2000
[ 118.632171] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 118.632693] RBP: ffff88801bca7a70 R08: ffff88806ce31340 R09: ffffe8ffffc15af8
[ 118.633212] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 118.633737] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[ 118.634272] ? perf_tp_event+0x167/0xe70
[ 118.634584] ? kasan_save_stack+0x24/0x50
[ 118.634892] ? kasan_save_track+0x14/0x30
[ 118.635202] ? __kasan_save_free_info+0x3a/0x60
[ 118.635558] ? rtmsg_ifinfo+0x173/0x1b0
[ 118.635865] ? __pfx_perf_tp_event+0x10/0x10
[ 118.636196] ? __lock_acquire+0x694/0x1b70
[ 118.636517] ? lock_acquire+0x15e/0x2f0
[ 118.636819] ? perf_trace_lock_acquire+0xc9/0x700
[ 118.637179] ? find_held_lock+0x2b/0x80
[ 118.637482] ? perf_trace_lock_acquire+0xc9/0x700
[ 118.637848] ? __lock_acquire+0xc65/0x1b70
[ 118.638183] ? perf_trace_run_bpf_submit+0xef/0x180
[ 118.638557] perf_trace_run_bpf_submit+0xef/0x180
[ 118.638925] perf_trace_lock_acquire+0x3c2/0x700
[ 118.639286] ? __pfx_perf_trace_lock_acquire+0x10/0x10
[ 118.639680] ? futex_ref_get+0x48/0x300
[ 118.639980] ? find_held_lock+0x2b/0x80
[ 118.640286] lock_acquire+0xc5/0x2f0
[ 118.640570] ? futex_wake+0x228/0x540
[ 118.640864] _raw_spin_lock+0x2b/0x40
[ 118.641156] ? futex_wake+0x228/0x540
[ 118.641443] futex_wake+0x228/0x540
[ 118.641729] ? __pfx_futex_wake+0x10/0x10
[ 118.642060] do_futex+0x26d/0x370
[ 118.642326] ? __pfx_do_futex+0x10/0x10
[ 118.642624] ? __fget_files+0x34/0x3b0
[ 118.642914] ? find_held_lock+0x2b/0x80
[ 118.643224] __x64_sys_futex+0x1c9/0x4d0
[ 118.643533] ? __pfx___x64_sys_futex+0x10/0x10
[ 118.643874] ? selinux_file_ioctl+0xb9/0x280
[ 118.644207] ? xfd_validate_state+0x55/0x180
[ 118.644546] do_syscall_64+0xbf/0x360
[ 118.644831] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.645214] RIP: 0033:0x7f6312c9cb19
[ 118.645492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 118.646835] RSP: 002b:00007f6310212218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 118.647392] RAX: ffffffffffffffda RBX: 00007f6312daff68 RCX: 00007f6312c9cb19
[ 118.647918] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6312daff6c
[ 118.648438] RBP: 00007f6312daff60 R08: 000000000000000e R09: 0000000000000000
[ 118.648963] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6312daff6c
[ 118.649484] R13: 00007ffec869c3ff R14: 00007f6310212300 R15: 0000000000022000
[ 118.650028]
[ 118.650207] Modules linked in:
[ 118.650453] ---[ end trace 0000000000000000 ]---
[ 118.650803] RIP: 0010:perf_tp_event+0x175/0xe70
[ 118.651155] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 118.652488] RSP: 0018:ffff88801bca7800 EFLAGS: 00010212
[ 118.652885] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc900021f2000
[ 118.653406] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 118.653939] RBP: ffff88801bca7a70 R08: ffff88806ce31340 R09: ffffe8ffffc15af8
[ 118.654475] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 118.655000] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[ 118.655527] FS: 00007f6310212700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 118.656117] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 118.656550] CR2: 00007efd465ea018 CR3: 000000001f2df000 CR4: 0000000000350ef0
[ 118.657078] Kernel panic - not syncing: Fatal exception in interrupt
[ 118.657733] Kernel Offset: disabled
[ 118.658015] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
13:00:59 Registers:
info registers vcpu 0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff88801bca70f0
R8 =0000000000000000 R9 =ffffed1001491046 R10=0000000000000030 R11=000000000000002c
R12=0000000000000030 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f6310212700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe2300000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007efd465ea018 CR3=000000001f2df000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f6312d837c000007f6312d837c8
XMM02=00007f6312d837e000007f6312d837c0 XMM03=00007f6312d837c800007f6312d837c0
XMM04=c57ae012ab85034ebcf945b07ce40af0 XMM05=1c4533dba468f2773d043b4207ca6676
XMM06=1e72d05e27a5a432bbf8ee19d38051f9 XMM07=121da5a1eb3281a26c6551e012be302e
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88806ce3de00 RCX=ffffffff816880fc RDX=ffff8880162bb700
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888018daf6f8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1
R12=ffffed100d9c7bc1 R13=ffff88806ce3de08 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555587ec4400 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe5100000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007efd465e6000 CR3=00000000442e1000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=000000000000000000000000ffffffff
XMM02=7463656a6e695f31313230385f7a7973 XMM03=00007efd465bd7c800007efd465bd7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000