Warning: Permanently added '[localhost]:40676' (ECDSA) to the list of known hosts.
2025/08/29 13:08:57 fuzzer started
2025/08/29 13:08:58 dialing manager at localhost:43077
syzkaller login: [   51.031416] cgroup: Unknown subsys name 'net'
[   51.086702] cgroup: Unknown subsys name 'cpuset'
[   51.107624] cgroup: Unknown subsys name 'rlimit'
2025/08/29 13:09:08 syscalls: 2214
2025/08/29 13:09:08 code coverage: enabled
2025/08/29 13:09:08 comparison tracing: enabled
2025/08/29 13:09:08 extra coverage: enabled
2025/08/29 13:09:08 setuid sandbox: enabled
2025/08/29 13:09:08 namespace sandbox: enabled
2025/08/29 13:09:08 Android sandbox: enabled
2025/08/29 13:09:08 fault injection: enabled
2025/08/29 13:09:08 leak checking: enabled
2025/08/29 13:09:08 net packet injection: enabled
2025/08/29 13:09:08 net device setup: enabled
2025/08/29 13:09:08 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 13:09:08 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 13:09:08 USB emulation: enabled
2025/08/29 13:09:08 hci packet injection: enabled
2025/08/29 13:09:08 wifi device emulation: enabled
2025/08/29 13:09:08 802.15.4 emulation: enabled
2025/08/29 13:09:08 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 13:09:08 fetching corpus: 50, signal 19924/23473 (executing program)
2025/08/29 13:09:08 fetching corpus: 100, signal 32154/37119 (executing program)
2025/08/29 13:09:08 fetching corpus: 150, signal 39969/46330 (executing program)
2025/08/29 13:09:08 fetching corpus: 200, signal 48867/56382 (executing program)
2025/08/29 13:09:08 fetching corpus: 250, signal 53410/62149 (executing program)
2025/08/29 13:09:09 fetching corpus: 300, signal 56955/66876 (executing program)
2025/08/29 13:09:09 fetching corpus: 350, signal 62411/73320 (executing program)
2025/08/29 13:09:09 fetching corpus: 400, signal 65765/77790 (executing program)
2025/08/29 13:09:09 fetching corpus: 450, signal 70881/83776 (executing program)
2025/08/29 13:09:09 fetching corpus: 500, signal 73486/87394 (executing program)
2025/08/29 13:09:09 fetching corpus: 550, signal 76847/91599 (executing program)
2025/08/29 13:09:09 fetching corpus: 600, signal 80472/96019 (executing program)
2025/08/29 13:09:09 fetching corpus: 650, signal 84157/100391 (executing program)
2025/08/29 13:09:09 fetching corpus: 700, signal 87246/104167 (executing program)
2025/08/29 13:09:09 fetching corpus: 750, signal 89768/107461 (executing program)
2025/08/29 13:09:10 fetching corpus: 800, signal 92017/110455 (executing program)
2025/08/29 13:09:10 fetching corpus: 850, signal 94174/113334 (executing program)
2025/08/29 13:09:10 fetching corpus: 900, signal 95698/115580 (executing program)
2025/08/29 13:09:10 fetching corpus: 950, signal 97923/118406 (executing program)
2025/08/29 13:09:10 fetching corpus: 1000, signal 99231/120477 (executing program)
2025/08/29 13:09:10 fetching corpus: 1050, signal 103001/124393 (executing program)
2025/08/29 13:09:10 fetching corpus: 1100, signal 104275/126373 (executing program)
2025/08/29 13:09:10 fetching corpus: 1150, signal 105857/128511 (executing program)
2025/08/29 13:09:10 fetching corpus: 1200, signal 107386/130617 (executing program)
2025/08/29 13:09:11 fetching corpus: 1250, signal 108976/132723 (executing program)
2025/08/29 13:09:11 fetching corpus: 1300, signal 110449/134720 (executing program)
2025/08/29 13:09:11 fetching corpus: 1350, signal 111480/136341 (executing program)
2025/08/29 13:09:11 fetching corpus: 1400, signal 112923/138314 (executing program)
2025/08/29 13:09:11 fetching corpus: 1450, signal 113912/139879 (executing program)
2025/08/29 13:09:11 fetching corpus: 1500, signal 114729/141287 (executing program)
2025/08/29 13:09:11 fetching corpus: 1550, signal 116260/143268 (executing program)
2025/08/29 13:09:11 fetching corpus: 1600, signal 117455/144952 (executing program)
2025/08/29 13:09:11 fetching corpus: 1650, signal 118445/146435 (executing program)
2025/08/29 13:09:11 fetching corpus: 1700, signal 119271/147754 (executing program)
2025/08/29 13:09:11 fetching corpus: 1750, signal 119859/148900 (executing program)
2025/08/29 13:09:12 fetching corpus: 1800, signal 121184/150544 (executing program)
2025/08/29 13:09:12 fetching corpus: 1850, signal 121951/151840 (executing program)
2025/08/29 13:09:12 fetching corpus: 1900, signal 123105/153305 (executing program)
2025/08/29 13:09:12 fetching corpus: 1950, signal 124233/154752 (executing program)
2025/08/29 13:09:12 fetching corpus: 2000, signal 125409/156227 (executing program)
2025/08/29 13:09:12 fetching corpus: 2050, signal 126393/157565 (executing program)
2025/08/29 13:09:12 fetching corpus: 2100, signal 127463/158910 (executing program)
2025/08/29 13:09:12 fetching corpus: 2150, signal 128121/160024 (executing program)
2025/08/29 13:09:12 fetching corpus: 2200, signal 129526/161501 (executing program)
2025/08/29 13:09:12 fetching corpus: 2250, signal 130207/162589 (executing program)
2025/08/29 13:09:13 fetching corpus: 2300, signal 131017/163732 (executing program)
2025/08/29 13:09:13 fetching corpus: 2350, signal 131852/164923 (executing program)
2025/08/29 13:09:13 fetching corpus: 2400, signal 132594/165982 (executing program)
2025/08/29 13:09:13 fetching corpus: 2450, signal 133137/166907 (executing program)
2025/08/29 13:09:13 fetching corpus: 2500, signal 133693/167880 (executing program)
2025/08/29 13:09:13 fetching corpus: 2550, signal 134290/168843 (executing program)
2025/08/29 13:09:13 fetching corpus: 2600, signal 135002/169815 (executing program)
2025/08/29 13:09:13 fetching corpus: 2650, signal 135769/170857 (executing program)
2025/08/29 13:09:13 fetching corpus: 2700, signal 136849/171987 (executing program)
2025/08/29 13:09:13 fetching corpus: 2750, signal 137413/172888 (executing program)
2025/08/29 13:09:13 fetching corpus: 2800, signal 138327/173916 (executing program)
2025/08/29 13:09:13 fetching corpus: 2850, signal 139164/174972 (executing program)
2025/08/29 13:09:14 fetching corpus: 2900, signal 139689/175791 (executing program)
2025/08/29 13:09:14 fetching corpus: 2950, signal 140619/176855 (executing program)
2025/08/29 13:09:14 fetching corpus: 3000, signal 141204/177635 (executing program)
2025/08/29 13:09:14 fetching corpus: 3050, signal 141986/178525 (executing program)
2025/08/29 13:09:14 fetching corpus: 3100, signal 142681/179454 (executing program)
2025/08/29 13:09:14 fetching corpus: 3150, signal 143231/180194 (executing program)
2025/08/29 13:09:14 fetching corpus: 3200, signal 144093/181026 (executing program)
2025/08/29 13:09:14 fetching corpus: 3250, signal 144848/181815 (executing program)
2025/08/29 13:09:14 fetching corpus: 3300, signal 145565/182628 (executing program)
2025/08/29 13:09:14 fetching corpus: 3350, signal 146484/183483 (executing program)
2025/08/29 13:09:15 fetching corpus: 3400, signal 146868/184151 (executing program)
2025/08/29 13:09:15 fetching corpus: 3450, signal 147773/184970 (executing program)
2025/08/29 13:09:15 fetching corpus: 3500, signal 148320/185699 (executing program)
2025/08/29 13:09:15 fetching corpus: 3550, signal 148939/186380 (executing program)
2025/08/29 13:09:15 fetching corpus: 3600, signal 149549/187083 (executing program)
2025/08/29 13:09:15 fetching corpus: 3650, signal 150009/187700 (executing program)
2025/08/29 13:09:15 fetching corpus: 3700, signal 150390/188313 (executing program)
2025/08/29 13:09:15 fetching corpus: 3750, signal 151150/189032 (executing program)
2025/08/29 13:09:15 fetching corpus: 3800, signal 151752/189699 (executing program)
2025/08/29 13:09:15 fetching corpus: 3850, signal 152515/190370 (executing program)
2025/08/29 13:09:15 fetching corpus: 3900, signal 152888/190944 (executing program)
2025/08/29 13:09:15 fetching corpus: 3950, signal 153428/191482 (executing program)
2025/08/29 13:09:16 fetching corpus: 4000, signal 153749/192015 (executing program)
2025/08/29 13:09:16 fetching corpus: 4050, signal 154038/192539 (executing program)
2025/08/29 13:09:16 fetching corpus: 4100, signal 154427/193120 (executing program)
2025/08/29 13:09:16 fetching corpus: 4150, signal 155478/193825 (executing program)
2025/08/29 13:09:16 fetching corpus: 4200, signal 155982/194365 (executing program)
2025/08/29 13:09:16 fetching corpus: 4250, signal 156476/194866 (executing program)
2025/08/29 13:09:16 fetching corpus: 4300, signal 156794/195327 (executing program)
2025/08/29 13:09:16 fetching corpus: 4350, signal 157555/195870 (executing program)
2025/08/29 13:09:16 fetching corpus: 4400, signal 158038/196355 (executing program)
2025/08/29 13:09:16 fetching corpus: 4450, signal 158449/196794 (executing program)
2025/08/29 13:09:17 fetching corpus: 4500, signal 159130/197308 (executing program)
2025/08/29 13:09:17 fetching corpus: 4550, signal 159571/197765 (executing program)
2025/08/29 13:09:17 fetching corpus: 4600, signal 160069/198239 (executing program)
2025/08/29 13:09:17 fetching corpus: 4650, signal 160514/198661 (executing program)
2025/08/29 13:09:17 fetching corpus: 4700, signal 161039/199092 (executing program)
2025/08/29 13:09:17 fetching corpus: 4750, signal 161414/199500 (executing program)
2025/08/29 13:09:17 fetching corpus: 4800, signal 161919/199931 (executing program)
2025/08/29 13:09:17 fetching corpus: 4850, signal 162593/200095 (executing program)
2025/08/29 13:09:17 fetching corpus: 4900, signal 163019/200185 (executing program)
2025/08/29 13:09:18 fetching corpus: 4950, signal 163373/200192 (executing program)
2025/08/29 13:09:18 fetching corpus: 5000, signal 163825/200196 (executing program)
2025/08/29 13:09:18 fetching corpus: 5050, signal 164198/200221 (executing program)
2025/08/29 13:09:18 fetching corpus: 5100, signal 164699/200240 (executing program)
2025/08/29 13:09:18 fetching corpus: 5150, signal 165107/200247 (executing program)
2025/08/29 13:09:18 fetching corpus: 5200, signal 165651/200247 (executing program)
2025/08/29 13:09:18 fetching corpus: 5250, signal 166085/200249 (executing program)
2025/08/29 13:09:18 fetching corpus: 5300, signal 166589/200253 (executing program)
2025/08/29 13:09:18 fetching corpus: 5350, signal 166871/200256 (executing program)
2025/08/29 13:09:18 fetching corpus: 5400, signal 167546/200265 (executing program)
2025/08/29 13:09:18 fetching corpus: 5450, signal 167811/200270 (executing program)
2025/08/29 13:09:18 fetching corpus: 5500, signal 168130/200284 (executing program)
2025/08/29 13:09:18 fetching corpus: 5550, signal 168455/200286 (executing program)
2025/08/29 13:09:18 fetching corpus: 5600, signal 168886/200290 (executing program)
2025/08/29 13:09:19 fetching corpus: 5650, signal 169246/200299 (executing program)
2025/08/29 13:09:19 fetching corpus: 5700, signal 169550/200310 (executing program)
2025/08/29 13:09:19 fetching corpus: 5750, signal 169849/200320 (executing program)
2025/08/29 13:09:19 fetching corpus: 5800, signal 170064/200348 (executing program)
2025/08/29 13:09:19 fetching corpus: 5850, signal 170416/200368 (executing program)
2025/08/29 13:09:19 fetching corpus: 5900, signal 170686/200380 (executing program)
2025/08/29 13:09:19 fetching corpus: 5950, signal 171297/200428 (executing program)
2025/08/29 13:09:19 fetching corpus: 6000, signal 171796/200470 (executing program)
2025/08/29 13:09:19 fetching corpus: 6050, signal 172255/200471 (executing program)
2025/08/29 13:09:19 fetching corpus: 6100, signal 172494/200471 (executing program)
2025/08/29 13:09:19 fetching corpus: 6150, signal 173073/200473 (executing program)
2025/08/29 13:09:19 fetching corpus: 6200, signal 173402/200479 (executing program)
2025/08/29 13:09:19 fetching corpus: 6250, signal 173788/200480 (executing program)
2025/08/29 13:09:20 fetching corpus: 6300, signal 174019/200487 (executing program)
2025/08/29 13:09:20 fetching corpus: 6350, signal 174356/200495 (executing program)
2025/08/29 13:09:20 fetching corpus: 6400, signal 174784/200501 (executing program)
2025/08/29 13:09:20 fetching corpus: 6450, signal 175265/200511 (executing program)
2025/08/29 13:09:20 fetching corpus: 6500, signal 175564/200513 (executing program)
2025/08/29 13:09:20 fetching corpus: 6550, signal 176033/200513 (executing program)
2025/08/29 13:09:20 fetching corpus: 6600, signal 176653/200531 (executing program)
2025/08/29 13:09:20 fetching corpus: 6650, signal 176953/200549 (executing program)
2025/08/29 13:09:20 fetching corpus: 6700, signal 177258/200553 (executing program)
2025/08/29 13:09:20 fetching corpus: 6750, signal 177542/200561 (executing program)
2025/08/29 13:09:20 fetching corpus: 6800, signal 177824/200635 (executing program)
2025/08/29 13:09:21 fetching corpus: 6850, signal 178026/200645 (executing program)
2025/08/29 13:09:21 fetching corpus: 6900, signal 178387/200656 (executing program)
2025/08/29 13:09:21 fetching corpus: 6950, signal 178754/200661 (executing program)
2025/08/29 13:09:21 fetching corpus: 7000, signal 179166/200700 (executing program)
2025/08/29 13:09:21 fetching corpus: 7050, signal 179478/200705 (executing program)
2025/08/29 13:09:21 fetching corpus: 7100, signal 179780/200705 (executing program)
2025/08/29 13:09:21 fetching corpus: 7150, signal 180230/200709 (executing program)
2025/08/29 13:09:21 fetching corpus: 7200, signal 180547/200727 (executing program)
2025/08/29 13:09:21 fetching corpus: 7250, signal 180862/200731 (executing program)
2025/08/29 13:09:21 fetching corpus: 7300, signal 181320/200738 (executing program)
2025/08/29 13:09:21 fetching corpus: 7350, signal 181641/200749 (executing program)
2025/08/29 13:09:22 fetching corpus: 7400, signal 181897/200749 (executing program)
2025/08/29 13:09:22 fetching corpus: 7450, signal 182109/200757 (executing program)
2025/08/29 13:09:22 fetching corpus: 7500, signal 182395/200757 (executing program)
2025/08/29 13:09:22 fetching corpus: 7550, signal 182643/200764 (executing program)
2025/08/29 13:09:22 fetching corpus: 7600, signal 182949/200795 (executing program)
2025/08/29 13:09:22 fetching corpus: 7650, signal 183264/200826 (executing program)
2025/08/29 13:09:22 fetching corpus: 7700, signal 183484/200834 (executing program)
2025/08/29 13:09:22 fetching corpus: 7750, signal 183743/200841 (executing program)
2025/08/29 13:09:22 fetching corpus: 7800, signal 183996/200844 (executing program)
2025/08/29 13:09:22 fetching corpus: 7850, signal 184297/200870 (executing program)
2025/08/29 13:09:22 fetching corpus: 7900, signal 184514/200872 (executing program)
2025/08/29 13:09:22 fetching corpus: 7950, signal 184723/200876 (executing program)
2025/08/29 13:09:22 fetching corpus: 8000, signal 184976/200905 (executing program)
2025/08/29 13:09:23 fetching corpus: 8050, signal 185247/200907 (executing program)
2025/08/29 13:09:23 fetching corpus: 8100, signal 186063/200918 (executing program)
2025/08/29 13:09:23 fetching corpus: 8150, signal 186305/200921 (executing program)
2025/08/29 13:09:23 fetching corpus: 8200, signal 186647/200921 (executing program)
2025/08/29 13:09:23 fetching corpus: 8250, signal 186834/200928 (executing program)
2025/08/29 13:09:23 fetching corpus: 8300, signal 187229/200938 (executing program)
2025/08/29 13:09:23 fetching corpus: 8350, signal 187545/200941 (executing program)
2025/08/29 13:09:23 fetching corpus: 8400, signal 187781/200943 (executing program)
2025/08/29 13:09:23 fetching corpus: 8450, signal 188073/200957 (executing program)
2025/08/29 13:09:23 fetching corpus: 8500, signal 188433/200959 (executing program)
2025/08/29 13:09:23 fetching corpus: 8550, signal 188693/200968 (executing program)
2025/08/29 13:09:23 fetching corpus: 8600, signal 188952/200988 (executing program)
2025/08/29 13:09:24 fetching corpus: 8650, signal 189273/201000 (executing program)
2025/08/29 13:09:24 fetching corpus: 8700, signal 189496/201002 (executing program)
2025/08/29 13:09:24 fetching corpus: 8750, signal 189753/201003 (executing program)
2025/08/29 13:09:24 fetching corpus: 8800, signal 189977/201023 (executing program)
2025/08/29 13:09:24 fetching corpus: 8850, signal 190141/201043 (executing program)
2025/08/29 13:09:24 fetching corpus: 8900, signal 190362/201052 (executing program)
2025/08/29 13:09:24 fetching corpus: 8950, signal 190685/201058 (executing program)
2025/08/29 13:09:24 fetching corpus: 9000, signal 191072/201058 (executing program)
2025/08/29 13:09:24 fetching corpus: 9050, signal 191387/201058 (executing program)
2025/08/29 13:09:24 fetching corpus: 9100, signal 191719/201065 (executing program)
2025/08/29 13:09:25 fetching corpus: 9150, signal 191924/201078 (executing program)
2025/08/29 13:09:25 fetching corpus: 9200, signal 192158/201085 (executing program)
2025/08/29 13:09:25 fetching corpus: 9250, signal 192404/201088 (executing program)
2025/08/29 13:09:25 fetching corpus: 9300, signal 192703/201100 (executing program)
2025/08/29 13:09:25 fetching corpus: 9350, signal 192890/201106 (executing program)
2025/08/29 13:09:25 fetching corpus: 9400, signal 193163/201106 (executing program)
2025/08/29 13:09:25 fetching corpus: 9450, signal 193405/201117 (executing program)
2025/08/29 13:09:25 fetching corpus: 9500, signal 193540/201119 (executing program)
2025/08/29 13:09:25 fetching corpus: 9550, signal 193808/201124 (executing program)
2025/08/29 13:09:25 fetching corpus: 9600, signal 194007/201130 (executing program)
2025/08/29 13:09:25 fetching corpus: 9650, signal 194302/201131 (executing program)
2025/08/29 13:09:25 fetching corpus: 9700, signal 194525/201138 (executing program)
2025/08/29 13:09:26 fetching corpus: 9750, signal 194867/201139 (executing program)
2025/08/29 13:09:26 fetching corpus: 9800, signal 195024/201142 (executing program)
2025/08/29 13:09:26 fetching corpus: 9850, signal 195363/201166 (executing program)
2025/08/29 13:09:26 fetching corpus: 9900, signal 195604/201186 (executing program)
2025/08/29 13:09:26 fetching corpus: 9950, signal 195926/201187 (executing program)
2025/08/29 13:09:26 fetching corpus: 10000, signal 196232/201189 (executing program)
2025/08/29 13:09:26 fetching corpus: 10050, signal 196475/201194 (executing program)
2025/08/29 13:09:26 fetching corpus: 10100, signal 196674/201248 (executing program)
2025/08/29 13:09:26 fetching corpus: 10150, signal 196862/201251 (executing program)
2025/08/29 13:09:26 fetching corpus: 10200, signal 197120/201260 (executing program)
2025/08/29 13:09:26 fetching corpus: 10214, signal 197182/201260 (executing program)
2025/08/29 13:09:26 fetching corpus: 10214, signal 197182/201260 (executing program)
2025/08/29 13:09:29 starting 8 fuzzer processes
13:09:29 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="280000002a000102"], 0x28}], 0x1}, 0x0)

13:09:29 executing program 3:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

13:09:29 executing program 7:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETLED(r0, 0x4b64, 0xfffffffffffffffd)

13:09:29 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/crypto\x00', 0x0, 0x0)
pread64(r0, &(0x7f00000000c0)=""/224, 0xe0, 0xe00000000000)

13:09:29 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000300), 0x4)

13:09:29 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000800)={0x28, r2, 0x7, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}]}, 0x28}}, 0x0)

13:09:29 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000000))

13:09:29 executing program 6:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty}, @xdp, @tipc=@name, 0xff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='lo\x00'})

[   82.407523] audit: type=1400 audit(1756472969.574:7): avc:  denied  { execmem } for  pid=272 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   83.687198] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   83.692865] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   83.695176] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   83.700107] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   83.704015] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.705725] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   83.707811] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   83.709685] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.711605] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.715566] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   83.719066] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.722996] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.724243] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.727121] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.729706] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.770290] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.771905] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   83.784367] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   83.786296] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   83.788387] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   83.790273] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   83.791592] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   83.794135] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   83.796376] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   83.801728] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   83.804226] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   83.805795] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   83.807594] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   83.807701] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   83.810180] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   83.810530] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   83.813946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   83.819634] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   83.821727] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   83.823271] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   83.826493] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   83.832794] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   83.834453] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   83.841720] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   83.848513] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   85.782797] Bluetooth: hci0: command tx timeout
[   85.844933] Bluetooth: hci1: command tx timeout
[   85.845473] Bluetooth: hci2: command tx timeout
[   85.909326] Bluetooth: hci7: command tx timeout
[   85.910049] Bluetooth: hci5: command tx timeout
[   85.910523] Bluetooth: hci4: command tx timeout
[   85.911165] Bluetooth: hci3: command tx timeout
[   85.911624] Bluetooth: hci6: command tx timeout
[   87.827919] Bluetooth: hci0: command tx timeout
[   87.892893] Bluetooth: hci2: command tx timeout
[   87.893315] Bluetooth: hci1: command tx timeout
[   87.956772] Bluetooth: hci6: command tx timeout
[   87.957199] Bluetooth: hci3: command tx timeout
[   87.957590] Bluetooth: hci4: command tx timeout
[   87.958008] Bluetooth: hci5: command tx timeout
[   87.958391] Bluetooth: hci7: command tx timeout
[   89.876813] Bluetooth: hci0: command tx timeout
[   89.940847] Bluetooth: hci2: command tx timeout
[   89.941281] Bluetooth: hci1: command tx timeout
[   90.004829] Bluetooth: hci7: command tx timeout
[   90.005250] Bluetooth: hci5: command tx timeout
[   90.005628] Bluetooth: hci4: command tx timeout
[   90.006486] Bluetooth: hci3: command tx timeout
[   90.006900] Bluetooth: hci6: command tx timeout
[   91.924823] Bluetooth: hci0: command tx timeout
[   91.987925] Bluetooth: hci2: command tx timeout
[   91.988381] Bluetooth: hci1: command tx timeout
[   92.051974] Bluetooth: hci3: command tx timeout
[   92.052443] Bluetooth: hci7: command tx timeout
[   92.053800] Bluetooth: hci6: command tx timeout
[   92.054190] Bluetooth: hci4: command tx timeout
[   92.054574] Bluetooth: hci5: command tx timeout
[  121.078456] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.079242] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.318963] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.319564] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.485292] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.486039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.650633] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.651289] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.925631] audit: type=1400 audit(1756473009.092:8): avc:  denied  { open } for  pid=3765 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.935834] audit: type=1400 audit(1756473009.092:9): avc:  denied  { kernel } for  pid=3765 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
13:10:09 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000300), 0x4)

13:10:09 executing program 5:
r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0)
write$binfmt_script(r0, &(0x7f0000000700)={'#! ', './file0'}, 0xb)
ftruncate(r0, 0x8800000)
lseek(r0, 0x0, 0x4)

13:10:09 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000300), 0x4)

13:10:09 executing program 5:
r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0)
write$binfmt_script(r0, &(0x7f0000000700)={'#! ', './file0'}, 0xb)
ftruncate(r0, 0x8800000)
lseek(r0, 0x0, 0x4)

13:10:09 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000300), 0x4)

[  122.261002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.261594] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
13:10:09 executing program 4:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x8, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

13:10:09 executing program 5:
r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0)
write$binfmt_script(r0, &(0x7f0000000700)={'#! ', './file0'}, 0xb)
ftruncate(r0, 0x8800000)
lseek(r0, 0x0, 0x4)

[  122.425369] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.426444] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
13:10:09 executing program 4:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x8, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

[  122.847714] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.848381] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.942521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.943227] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.178826] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.179440] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.340427] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.341129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.490172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.490935] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.590095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.590764] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.692935] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.693565] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.702533] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.703602] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.766796] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.767399] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.786834] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.787453] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
13:10:11 executing program 7:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETLED(r0, 0x4b64, 0xfffffffffffffffd)

13:10:11 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/crypto\x00', 0x0, 0x0)
pread64(r0, &(0x7f00000000c0)=""/224, 0xe0, 0xe00000000000)

13:10:11 executing program 5:
r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0)
write$binfmt_script(r0, &(0x7f0000000700)={'#! ', './file0'}, 0xb)
ftruncate(r0, 0x8800000)
lseek(r0, 0x0, 0x4)

13:10:11 executing program 4:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x8, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

13:10:11 executing program 3:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

13:10:11 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000800)={0x28, r2, 0x7, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}]}, 0x28}}, 0x0)

13:10:11 executing program 6:
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/key-users\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r1=>0x0}, &(0x7f0000000040)=0x5)
setuid(r1)
syz_mount_image$iso9660(&(0x7f0000000000), 0x0, 0x0, 0x0, 0x0, 0xa00000, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TCSETSF2(r2, 0x5423, &(0x7f0000000080)={0x2, 0x0, 0x0, 0x0, 0x0, "f2f3e2a9286b6a770ff8c2b978657df3480824"})

13:10:11 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="280000002a000102"], 0x28}], 0x1}, 0x0)

13:10:11 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/crypto\x00', 0x0, 0x0)
pread64(r0, &(0x7f00000000c0)=""/224, 0xe0, 0xe00000000000)

13:10:11 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x7caf, &(0x7f0000000040), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000280)=[{&(0x7f00000003c0)=""/4096, 0x1000}], 0x1)
io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000043c0)=[{&(0x7f00000013c0)=""/4096, 0x1000}], 0x1)

13:10:11 executing program 7:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETLED(r0, 0x4b64, 0xfffffffffffffffd)

13:10:11 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x7caf, &(0x7f0000000040), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000280)=[{&(0x7f00000003c0)=""/4096, 0x1000}], 0x1)
io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000043c0)=[{&(0x7f00000013c0)=""/4096, 0x1000}], 0x1)

13:10:11 executing program 4:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x8, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

13:10:11 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000800)={0x28, r2, 0x7, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}]}, 0x28}}, 0x0)

13:10:11 executing program 3:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

13:10:11 executing program 6:
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/key-users\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r1=>0x0}, &(0x7f0000000040)=0x5)
setuid(r1)
syz_mount_image$iso9660(&(0x7f0000000000), 0x0, 0x0, 0x0, 0x0, 0xa00000, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TCSETSF2(r2, 0x5423, &(0x7f0000000080)={0x2, 0x0, 0x0, 0x0, 0x0, "f2f3e2a9286b6a770ff8c2b978657df3480824"})

13:10:11 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/crypto\x00', 0x0, 0x0)
pread64(r0, &(0x7f00000000c0)=""/224, 0xe0, 0xe00000000000)

13:10:11 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="280000002a000102"], 0x28}], 0x1}, 0x0)

[  124.177523] Oops: general protection fault, probably for non-canonical address 0xf8fffc0000000032: 0000 [#1] SMP KASAN NOPTI
[  124.178476] KASAN: maybe wild-memory-access in range [0xc800000000000190-0xc800000000000197]
[  124.179153] CPU: 0 UID: 0 PID: 3947 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  124.180692] Tainted: [W]=WARN
[  124.181446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  124.183240] RIP: 0010:perf_tp_event+0x175/0xe70
[  124.184235] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  124.188149] RSP: 0018:ffff888046787800 EFLAGS: 00010212
[  124.189130] RAX: 1900000000000032 RBX: c7ffffffffffffa0 RCX: ffffc900050b2000
[  124.190645] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: c800000000000190
[  124.191207] RBP: ffff888046787a70 R08: ffff88806ce31340 R09: ffffe8ffffc168c8
[  124.191765] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  124.192325] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[  124.192888] FS:  00007ff6ff29e700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  124.193519] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  124.193979] CR2: 0000561d26ec3f20 CR3: 0000000046857000 CR4: 0000000000350ef0
[  124.194545] Call Trace:
[  124.194754]  <TASK>
[  124.194938]  ? perf_swevent_event+0x63/0x3f0
[  124.195307]  ? __pfx_perf_tp_event+0x10/0x10
[  124.195665]  ? tracing_gen_ctx_irq_test+0x167/0x1f0
[  124.196064]  ? tracing_gen_ctx_irq_test+0x167/0x1f0
[  124.196462]  ? perf_swevent_event+0x63/0x3f0
[  124.196821]  ? perf_tp_event+0x807/0xe70
[  124.197151]  ? __pfx_perf_tp_event+0x10/0x10
[  124.197509]  ? __perf_install_in_context+0x503/0xb90
[  124.197916]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  124.198395]  ? do_raw_spin_unlock+0x53/0x220
[  124.198756]  ? perf_trace_run_bpf_submit+0xef/0x180
[  124.199155]  perf_trace_run_bpf_submit+0xef/0x180
[  124.199549]  perf_trace_lock+0x337/0x5d0
[  124.199881]  ? __pfx_perf_trace_lock+0x10/0x10
[  124.200250]  ? lock_acquire+0x15e/0x2f0
[  124.200571]  ? futex_ref_get+0x48/0x300
[  124.200889]  ? futex_ref_get+0x114/0x300
[  124.201213]  ? futex_hash+0x15c/0x390
[  124.201520]  lock_release+0x1ab/0x290
[  124.201829]  ? futex_hash+0x15c/0x390
[  124.202137]  futex_ref_get+0x119/0x300
[  124.202459]  ? futex_hash+0x15c/0x390
[  124.202764]  futex_hash+0x70/0x390
[  124.203051]  futex_wake+0x143/0x540
[  124.203349]  ? __pfx_perf_trace_lock+0x10/0x10
[  124.203721]  ? __pfx_futex_wake+0x10/0x10
[  124.204058]  ? __do_sys_perf_event_open+0x44d/0x2c20
[  124.204464]  ? lock_release+0xc8/0x290
[  124.204782]  do_futex+0x26d/0x370
[  124.205066]  ? __pfx_do_futex+0x10/0x10
[  124.205390]  ? __pfx___do_sys_perf_event_open+0x10/0x10
[  124.205813]  ? __pfx___schedule+0x10/0x10
[  124.206150]  __x64_sys_futex+0x1c9/0x4d0
[  124.206484]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  124.206954]  ? __pfx___x64_sys_futex+0x10/0x10
[  124.207320]  ? xfd_validate_state+0x55/0x180
[  124.207681]  do_syscall_64+0xbf/0x360
[  124.207987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.208394] RIP: 0033:0x7ff701d28b19
[  124.208692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  124.210110] RSP: 002b:00007ff6ff29e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  124.210713] RAX: ffffffffffffffda RBX: 00007ff701e3bf68 RCX: 00007ff701d28b19
[  124.211271] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff701e3bf6c
[  124.211830] RBP: 00007ff701e3bf60 R08: 000000000000000e R09: 0000000000000000
[  124.212388] R10: 0000000000000004 R11: 0000000000000246 R12: 00007ff701e3bf6c
[  124.212944] R13: 00007ffe85cdd93f R14: 00007ff6ff29e300 R15: 0000000000022000
[  124.213513]  </TASK>
[  124.213704] Modules linked in:
[  124.213972] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[  124.214914] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[  124.215534] CPU: 1 UID: 0 PID: 3946 Comm: syz-executor.4 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  124.216486] Tainted: [D]=DIE, [W]=WARN
[  124.216799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  124.217458] RIP: 0010:perf_tp_event+0x175/0xe70
[  124.217855] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  124.219310] RSP: 0018:ffff888016d27780 EFLAGS: 00010012
[  124.219744] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[  124.220320] RDX: ffff888046680000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  124.220891] RBP: ffff888016d279f0 R08: ffff88806cf31340 R09: ffffe8ffffd106c0
[  124.221464] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[  124.222049] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  124.222623] FS:  0000555594b90400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  124.223272] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  124.223743] CR2: 0000555594b91c18 CR3: 000000001e7cd000 CR4: 0000000000350ef0
[  124.224330] Call Trace:
[  124.224546]  <TASK>
[  124.224738]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.225175]  ? __pfx_perf_tp_event+0x10/0x10
[  124.225538]  ? perf_trace_lock+0xb5/0x5d0
[  124.225880]  ? arch_scale_cpu_capacity+0x17/0xa0
[  124.226283]  ? cpu_util.constprop.0+0x17d/0x340
[  124.226674]  ? __asan_memset+0x24/0x50
[  124.226997]  ? sched_balance_find_dst_group+0xa9a/0x1c00
[  124.227445]  ? __pfx_perf_trace_lock+0x10/0x10
[  124.227825]  ? __pfx___mutex_lock+0x10/0x10
[  124.228190]  ? perf_trace_lock+0xb5/0x5d0
[  124.228534]  ? perf_trace_run_bpf_submit+0xef/0x180
[  124.228945]  ? sched_clock+0x37/0x60
[  124.229263]  ? sched_clock_cpu+0x6c/0x4e0
[  124.229609]  perf_trace_run_bpf_submit+0xef/0x180
[  124.230012]  perf_trace_preemptirq_template+0x259/0x430
[  124.230463]  ? __pfx_perf_trace_lock+0x10/0x10
[  124.230838]  ? __pfx_perf_trace_lock+0x10/0x10
[  124.231212]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  124.231690]  ? update_curr+0x39e/0x500
[  124.232010]  ? try_to_wake_up+0x8ae/0x11d0
[  124.232365]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  124.232786]  trace_irq_enable.constprop.0+0xa6/0x100
[  124.233197]  trace_hardirqs_on+0x26/0x40
[  124.233536]  _raw_spin_unlock_irqrestore+0x2c/0x50
[  124.233944]  try_to_wake_up+0x8ae/0x11d0
[  124.234293]  ? __pfx_try_to_wake_up+0x10/0x10
[  124.234669]  ? plist_del+0x122/0x270
[  124.234984]  ? futex_wake+0x474/0x540
[  124.235304]  wake_up_q+0xa1/0x130
[  124.235595]  futex_wake+0x47e/0x540
[  124.235901]  ? __pfx_futex_wake+0x10/0x10
[  124.236247]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  124.236670]  ? finish_task_switch.isra.0+0x206/0x840
[  124.237098]  do_futex+0x26d/0x370
[  124.237394]  ? __pfx_do_futex+0x10/0x10
[  124.237721]  ? __pfx___schedule+0x10/0x10
[  124.238065]  __x64_sys_futex+0x1c9/0x4d0
[  124.238410]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  124.238897]  ? __pfx___x64_sys_futex+0x10/0x10
[  124.239277]  ? xfd_validate_state+0x55/0x180
[  124.239657]  do_syscall_64+0xbf/0x360
[  124.239969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.240386] RIP: 0033:0x7fe275debb19
[  124.240693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  124.242152] RSP: 002b:00007fffb680e808 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  124.242771] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe275debb19
[  124.243342] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe275efef68
[  124.243918] RBP: 00007fe275efef60 R08: 00007fe273361700 R09: 0000000000000000
[  124.244492] R10: 00007fe273361700 R11: 0000000000000246 R12: 00007fe275f030a8
[  124.245071] R13: 00007fffb680e910 R14: 00007fe275efef60 R15: 000000000001e4ad
[  124.245649]  </TASK>
[  124.245850] Modules linked in:
[  124.246122] ---[ end trace 0000000000000000 ]---
[  124.246123] Oops: general protection fault, probably for non-canonical address 0xf8fffc0000000032: 0000 [#3] SMP KASAN NOPTI
[  124.246507] RIP: 0010:perf_tp_event+0x175/0xe70
[  124.247358] KASAN: maybe wild-memory-access in range [0xc800000000000190-0xc800000000000197]
[  124.247727] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  124.248375] CPU: 0 UID: 0 PID: 3947 Comm: syz-executor.6 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  124.249816] RSP: 0018:ffff888046787800 EFLAGS: 00010212
[  124.250740] Tainted: [D]=DIE, [W]=WARN
[  124.251171] RAX: 1900000000000032 RBX: c7ffffffffffffa0 RCX: ffffc900050b2000
[  124.251471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  124.252045] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: c800000000000190
[  124.252680] RIP: 0010:perf_tp_event+0x175/0xe70
[  124.253242] RBP: ffff888046787a70 R08: ffff88806ce31340 R09: ffffe8ffffc168c8
[  124.253600] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  124.254163] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  124.255579] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012
[  124.256150] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[  124.256563] RAX: 1900000000000032 RBX: c7ffffffffffffa0 RCX: ffffffff81898973
[  124.257133] FS:  0000555594b90400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  124.257683] RDX: ffff888046738000 RSI: ffffffff818995b7 RDI: c800000000000190
[  124.258335] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  124.258886] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc168c8
[  124.259350] CR2: 0000555594b91c18 CR3: 000000001e7cd000 CR4: 0000000000350ef0
[  124.259898] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000
[  124.260475] note: syz-executor.4[3946] exited with irqs disabled
[  124.261020] R13: 0000000000000000 R14: ffff88806ce31490 R15: dffffc0000000000
[  124.262064] FS:  00007ff6ff29e700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  124.262701] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  124.263165] CR2: 0000561d26ec3f20 CR3: 0000000046857000 CR4: 0000000000350ef0
[  124.263731] Call Trace:
[  124.263942]  <IRQ>
[  124.264125]  ? __pfx_perf_tp_event+0x10/0x10
[  124.264483]  ? sched_clock_cpu+0x6c/0x4e0
[  124.264822]  ? trace_pelt_se_tp+0xdf/0x130
[  124.265163]  ? __update_load_avg_se+0x428/0xa40
[  124.265541]  ? match_held_lock+0xb1/0xd0
[  124.265872]  ? update_load_avg+0x17d/0x1ef0
[  124.266223]  ? update_cfs_group+0x11d/0x260
[  124.266573]  ? enqueue_task_fair+0xded/0x1e00
[  124.266934]  ? lock_is_held_type+0x9e/0x120
[  124.267286]  ? perf_trace_run_bpf_submit+0xef/0x180
[  124.267687]  perf_trace_run_bpf_submit+0xef/0x180
[  124.268078]  perf_trace_lock+0x337/0x5d0
[  124.268406]  ? place_entity+0x1c/0x410
[  124.268721]  ? kvm_sched_clock_read+0x16/0x30
[  124.269086]  ? __pfx_perf_trace_lock+0x10/0x10
[  124.269451]  ? check_preempt_wakeup_fair+0x6e/0x950
[  124.269852]  ? sched_ttwu_pending+0x2e0/0x4a0
[  124.270225]  lock_release+0x1ab/0x290
[  124.270535]  ? ttwu_do_activate+0x1a4/0x8a0
[  124.270883]  _raw_spin_unlock+0x16/0x40
[  124.271208]  sched_ttwu_pending+0x2e0/0x4a0
[  124.271557]  ? __pfx_sched_ttwu_pending+0x10/0x10
[  124.271945]  ? hrtimer_interrupt+0x652/0x830
[  124.272300]  __flush_smp_call_function_queue+0x434/0x740
[  124.272741]  __sysvec_call_function_single+0x6d/0x370
[  124.273162]  sysvec_call_function_single+0xa1/0xc0
[  124.273556]  </IRQ>
[  124.273741]  <TASK>
[  124.273925]  asm_sysvec_call_function_single+0x1a/0x20
[  124.274357] RIP: 0010:oops_exit+0x0/0x50
[  124.274685] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27
[  124.276103] RSP: 0018:ffff888046787690 EFLAGS: 00000202
[  124.276517] RAX: 000000000002c030 RBX: 0000000000000212 RCX: ffffc900050b2000
[  124.277073] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007
[  124.277626] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90
[  124.278178] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888046787758
[  124.278737] R13: 0000000000000000 R14: f8fffc0000000032 R15: 0000000000000000
[  124.279295]  ? oops_end+0x4a/0xe0
[  124.279581]  oops_end+0x65/0xe0
[  124.279855]  exc_general_protection+0x1a2/0x330
[  124.280229]  asm_exc_general_protection+0x26/0x30
[  124.280613] RIP: 0010:perf_tp_event+0x175/0xe70
[  124.280985] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  124.282406] RSP: 0018:ffff888046787800 EFLAGS: 00010212
[  124.282822] RAX: 1900000000000032 RBX: c7ffffffffffffa0 RCX: ffffc900050b2000
[  124.283378] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: c800000000000190
[  124.283934] RBP: ffff888046787a70 R08: ffff88806ce31340 R09: ffffe8ffffc168c8
[  124.284489] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  124.285052] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[  124.285619]  ? perf_tp_event+0x167/0xe70
[  124.285950]  ? perf_swevent_event+0x63/0x3f0
[  124.286318]  ? __pfx_perf_tp_event+0x10/0x10
[  124.286678]  ? tracing_gen_ctx_irq_test+0x167/0x1f0
[  124.287075]  ? tracing_gen_ctx_irq_test+0x167/0x1f0
[  124.287478]  ? perf_swevent_event+0x63/0x3f0
[  124.287842]  ? perf_tp_event+0x807/0xe70
[  124.288170]  ? __pfx_perf_tp_event+0x10/0x10
[  124.288526]  ? __perf_install_in_context+0x503/0xb90
[  124.288929]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  124.289399]  ? do_raw_spin_unlock+0x53/0x220
[  124.289760]  ? perf_trace_run_bpf_submit+0xef/0x180
[  124.290163]  perf_trace_run_bpf_submit+0xef/0x180
[  124.290566]  perf_trace_lock+0x337/0x5d0
[  124.290897]  ? __pfx_perf_trace_lock+0x10/0x10
[  124.291270]  ? lock_acquire+0x15e/0x2f0
[  124.291593]  ? futex_ref_get+0x48/0x300
[  124.291911]  ? futex_ref_get+0x114/0x300
[  124.292235]  ? futex_hash+0x15c/0x390
[  124.292543]  lock_release+0x1ab/0x290
[  124.292853]  ? futex_hash+0x15c/0x390
[  124.293158]  futex_ref_get+0x119/0x300
[  124.293472]  ? futex_hash+0x15c/0x390
[  124.293785]  futex_hash+0x70/0x390
[  124.294075]  futex_wake+0x143/0x540
[  124.294380]  ? __pfx_perf_trace_lock+0x10/0x10
[  124.294751]  ? __pfx_futex_wake+0x10/0x10
[  124.295090]  ? __do_sys_perf_event_open+0x44d/0x2c20
[  124.295499]  ? lock_release+0xc8/0x290
[  124.295816]  do_futex+0x26d/0x370
[  124.296103]  ? __pfx_do_futex+0x10/0x10
[  124.296423]  ? __pfx___do_sys_perf_event_open+0x10/0x10
[  124.296851]  ? __pfx___schedule+0x10/0x10
[  124.297186]  __x64_sys_futex+0x1c9/0x4d0
[  124.297517]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  124.297988]  ? __pfx___x64_sys_futex+0x10/0x10
[  124.298369]  ? xfd_validate_state+0x55/0x180
[  124.298733]  do_syscall_64+0xbf/0x360
[  124.299046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.299453] RIP: 0033:0x7ff701d28b19
[  124.299751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  124.301172] RSP: 002b:00007ff6ff29e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  124.301769] RAX: ffffffffffffffda RBX: 00007ff701e3bf68 RCX: 00007ff701d28b19
[  124.302332] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff701e3bf6c
[  124.302892] RBP: 00007ff701e3bf60 R08: 000000000000000e R09: 0000000000000000
[  124.303452] R10: 0000000000000004 R11: 0000000000000246 R12: 00007ff701e3bf6c
[  124.304018] R13: 00007ffe85cdd93f R14: 00007ff6ff29e300 R15: 0000000000022000
[  124.304586]  </TASK>
[  124.304777] Modules linked in:
[  124.305039] ---[ end trace 0000000000000000 ]---
[  124.305043] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#4] SMP KASAN NOPTI
[  124.305408] RIP: 0010:perf_tp_event+0x175/0xe70
[  124.306350] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[  124.306713] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  124.307331] CPU: 1 UID: 0 PID: 3946 Comm: syz-executor.4 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  124.308738] RSP: 0018:ffff888046787800 EFLAGS: 00010212
[  124.309700] Tainted: [D]=DIE, [W]=WARN
[  124.310114] RAX: 1900000000000032 RBX: c7ffffffffffffa0 RCX: ffffc900050b2000
[  124.310442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  124.310997] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: c800000000000190
[  124.311672] RIP: 0010:perf_tp_event+0x175/0xe70
[  124.312229] RBP: ffff888046787a70 R08: ffff88806ce31340 R09: ffffe8ffffc168c8
[  124.312602] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  124.313157] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  124.314619] RSP: 0018:ffff88806cf08b80 EFLAGS: 00010012
[  124.315179] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[  124.315181] 
[  124.315615] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[  124.316174] FS:  00007ff6ff29e700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  124.316314] RDX: ffff888046680000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  124.316872] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  124.317512] RBP: ffff88806cf08df0 R08: ffff88806cf313e8 R09: ffffe8ffffd106c0
[  124.318077] CR2: 0000561d26ec3f20 CR3: 0000000046857000 CR4: 0000000000350ef0
[  124.318551] R10: 0000000000000000 R11: ffff88800fd73898 R12: dffffc0000000000
[  124.319112] Kernel panic - not syncing: Fatal exception in interrupt
[  125.380966] Shutting down cpus with NMI
[  125.383720] Kernel Offset: disabled
[  125.384232] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
13:10:11  Registers:
info registers vcpu 0
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880467870f0
R8 =0000000000000000 R9 =ffffed10013ab046 R10=0000000000000034 R11=0000000065646f43
R12=0000000000000034 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007ff6ff29e700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe1600000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000561d26ec3f20 CR3=0000000046857000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007ff701e0f7c000007ff701e0f7c8
XMM02=00007ff701e0f7e000007ff701e0f7c0 XMM03=00007ff701e0f7c800007ff701e0f7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000001 RBX=0000000000000001 RCX=ffffffff84bdec0e RDX=fffffbfff0f0ec09
RSI=0000000000000004 RDI=ffffffff87876044 RBP=ffffffff87876044 RSP=ffff888016d27530
R8 =0000000000000000 R9 =fffffbfff0f0ec08 R10=ffffffff87876047 R11=202c746c75616620
R12=1ffff11002da4ea7 R13=0000000000000007 R14=fffffbfff0f0ec08 R15=ffff888016d27568
RIP=ffffffff84bdeda0 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555594b90400 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe1900000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555594b91c18 CR3=000000001e7cd000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007fe275ed27c000007fe275ed27c8
XMM02=00007fe275ed27e000007fe275ed27c0 XMM03=00007fe275ed27c800007fe275ed27c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000