Warning: Permanently added '[localhost]:62521' (ECDSA) to the list of known hosts.
2025/08/29 08:39:27 fuzzer started
2025/08/29 08:39:27 dialing manager at localhost:43077
syzkaller login: [ 59.602171] cgroup: Unknown subsys name 'net'
[ 59.667505] cgroup: Unknown subsys name 'cpuset'
[ 59.688139] cgroup: Unknown subsys name 'rlimit'
2025/08/29 08:39:39 syscalls: 2214
2025/08/29 08:39:39 code coverage: enabled
2025/08/29 08:39:39 comparison tracing: enabled
2025/08/29 08:39:39 extra coverage: enabled
2025/08/29 08:39:39 setuid sandbox: enabled
2025/08/29 08:39:39 namespace sandbox: enabled
2025/08/29 08:39:39 Android sandbox: enabled
2025/08/29 08:39:39 fault injection: enabled
2025/08/29 08:39:39 leak checking: enabled
2025/08/29 08:39:39 net packet injection: enabled
2025/08/29 08:39:39 net device setup: enabled
2025/08/29 08:39:39 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 08:39:39 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 08:39:39 USB emulation: enabled
2025/08/29 08:39:39 hci packet injection: enabled
2025/08/29 08:39:39 wifi device emulation: enabled
2025/08/29 08:39:39 802.15.4 emulation: enabled
2025/08/29 08:39:39 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 08:39:39 fetching corpus: 32, signal 25297/28349 (executing program)
2025/08/29 08:39:39 fetching corpus: 81, signal 36732/40761 (executing program)
2025/08/29 08:39:39 fetching corpus: 131, signal 45561/50307 (executing program)
2025/08/29 08:39:39 fetching corpus: 181, signal 49874/55406 (executing program)
2025/08/29 08:39:39 fetching corpus: 231, signal 56284/62225 (executing program)
2025/08/29 08:39:40 fetching corpus: 281, signal 60430/66823 (executing program)
2025/08/29 08:39:40 fetching corpus: 331, signal 64594/71306 (executing program)
2025/08/29 08:39:40 fetching corpus: 381, signal 68123/75125 (executing program)
2025/08/29 08:39:40 fetching corpus: 431, signal 70919/78302 (executing program)
2025/08/29 08:39:40 fetching corpus: 480, signal 74039/81565 (executing program)
2025/08/29 08:39:40 fetching corpus: 530, signal 77077/84642 (executing program)
2025/08/29 08:39:40 fetching corpus: 580, signal 79162/86858 (executing program)
2025/08/29 08:39:40 fetching corpus: 629, signal 80823/88695 (executing program)
2025/08/29 08:39:41 fetching corpus: 678, signal 82691/90613 (executing program)
2025/08/29 08:39:41 fetching corpus: 727, signal 85425/93076 (executing program)
2025/08/29 08:39:41 fetching corpus: 775, signal 89411/96277 (executing program)
2025/08/29 08:39:41 fetching corpus: 824, signal 91592/98291 (executing program)
2025/08/29 08:39:41 fetching corpus: 874, signal 93377/99822 (executing program)
2025/08/29 08:39:41 fetching corpus: 924, signal 94565/100961 (executing program)
2025/08/29 08:39:41 fetching corpus: 974, signal 96083/102251 (executing program)
2025/08/29 08:39:42 fetching corpus: 1024, signal 98096/104098 (executing program)
2025/08/29 08:39:42 fetching corpus: 1074, signal 99556/105212 (executing program)
2025/08/29 08:39:42 fetching corpus: 1124, signal 101268/106410 (executing program)
2025/08/29 08:39:42 fetching corpus: 1174, signal 102284/107210 (executing program)
2025/08/29 08:39:42 fetching corpus: 1224, signal 103902/108265 (executing program)
2025/08/29 08:39:42 fetching corpus: 1274, signal 105196/109126 (executing program)
2025/08/29 08:39:42 fetching corpus: 1324, signal 106844/110081 (executing program)
2025/08/29 08:39:43 fetching corpus: 1373, signal 107707/110633 (executing program)
2025/08/29 08:39:43 fetching corpus: 1423, signal 109592/111658 (executing program)
2025/08/29 08:39:43 fetching corpus: 1468, signal 111079/112393 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112448 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112493 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112547 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112583 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112631 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112679 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112723 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112758 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112797 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112843 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112886 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112922 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112957 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/112997 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/113026 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/113061 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/113114 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/113147 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/113187 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/113226 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/113271 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/113305 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/113338 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/113370 (executing program)
2025/08/29 08:39:43 fetching corpus: 1469, signal 111116/113370 (executing program)
2025/08/29 08:39:46 starting 8 fuzzer processes
08:39:46 executing program 0:
close(0xffffffffffffffff)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r0, &(0x7f0000000000)=ANY=[@ANYRES16=r0], 0x6)
08:39:46 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x401)
write$evdev(r0, &(0x7f00000000c0)=[{{0x77359400}, 0x4}, {{0x77359400}, 0x4, 0x4000}], 0x30)
08:39:46 executing program 7:
pselect6(0x639, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3938700}, 0x0)
08:39:46 executing program 2:
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={0x0, 0x0, r0})
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
08:39:46 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0xf, 0x0, &(0x7f0000000100))
08:39:46 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)={0x28, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x380, 0x0, 0x0, 0x0, @fd}, @nested={0x10, 0x0, 0x0, 0x1, [@typed={0x4}, @typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0)
08:39:46 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x145802, 0x0)
ioctl$FIBMAP(r0, 0x530d, &(0x7f0000000080)=0x400)
08:39:46 executing program 6:
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x400, 0x1)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xee00)
[ 77.472491] audit: type=1400 audit(1756456786.403:7): avc: denied { execmem } for pid=282 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 78.645526] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 78.647901] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 78.649804] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 78.654584] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 78.656244] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 78.659043] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 78.660621] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 78.669500] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 78.683955] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 78.686230] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 78.717476] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 78.723161] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 78.725230] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 78.730103] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 78.733781] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 78.737412] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 78.739633] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 78.743408] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 78.745480] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 78.757134] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 78.758367] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 78.759807] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 78.762097] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 78.792877] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 78.792903] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 78.801371] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 78.804315] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 78.805630] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 78.807263] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 78.810249] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 78.813946] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 78.819906] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 78.822252] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 78.827891] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 78.829970] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 78.831612] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 78.837515] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 78.842562] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 78.859106] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 78.869306] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 80.738167] Bluetooth: hci0: command tx timeout
[ 80.738901] Bluetooth: hci1: command tx timeout
[ 80.865761] Bluetooth: hci3: command tx timeout
[ 80.866452] Bluetooth: hci2: command tx timeout
[ 80.929763] Bluetooth: hci7: command tx timeout
[ 80.930416] Bluetooth: hci5: command tx timeout
[ 80.931120] Bluetooth: hci4: command tx timeout
[ 80.931643] Bluetooth: hci6: command tx timeout
[ 82.785775] Bluetooth: hci1: command tx timeout
[ 82.785941] Bluetooth: hci0: command tx timeout
[ 82.912816] Bluetooth: hci2: command tx timeout
[ 82.912871] Bluetooth: hci3: command tx timeout
[ 82.977812] Bluetooth: hci6: command tx timeout
[ 82.978172] Bluetooth: hci4: command tx timeout
[ 82.978217] Bluetooth: hci5: command tx timeout
[ 82.978647] Bluetooth: hci7: command tx timeout
[ 84.832825] Bluetooth: hci1: command tx timeout
[ 84.833612] Bluetooth: hci0: command tx timeout
[ 84.961138] Bluetooth: hci2: command tx timeout
[ 84.962159] Bluetooth: hci3: command tx timeout
[ 85.024842] Bluetooth: hci5: command tx timeout
[ 85.025648] Bluetooth: hci4: command tx timeout
[ 85.026636] Bluetooth: hci7: command tx timeout
[ 85.026658] Bluetooth: hci6: command tx timeout
[ 86.881187] Bluetooth: hci0: command tx timeout
[ 86.881209] Bluetooth: hci1: command tx timeout
[ 87.010848] Bluetooth: hci2: command tx timeout
[ 87.011297] Bluetooth: hci3: command tx timeout
[ 87.073787] Bluetooth: hci6: command tx timeout
[ 87.074631] Bluetooth: hci4: command tx timeout
[ 87.075409] Bluetooth: hci7: command tx timeout
[ 87.075453] Bluetooth: hci5: command tx timeout
[ 116.584149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.584853] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.787937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.788580] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.214750] Bluetooth: MGMT ver 1.23
[ 117.670759] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.671366] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.801794] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.802408] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.918764] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.919407] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.972459] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.973067] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.055290] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.055918] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.119686] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.120428] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.193180] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.193858] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.206373] audit: type=1400 audit(1756456827.137:8): avc: denied { open } for pid=3883 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 118.212877] audit: type=1400 audit(1756456827.137:9): avc: denied { kernel } for pid=3883 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 118.213974] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.215169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.229389] sr 1:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive.
[ 118.235010] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.235584] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.303882] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.304500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.374977] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.375609] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.432371] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.433069] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.459213] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.461035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 118.525223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.525856] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:40:27 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x401)
write$evdev(r0, &(0x7f00000000c0)=[{{0x77359400}, 0x4}, {{0x77359400}, 0x4, 0x4000}], 0x30)
08:40:27 executing program 7:
pselect6(0x639, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3938700}, 0x0)
08:40:27 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x145802, 0x0)
ioctl$FIBMAP(r0, 0x530d, &(0x7f0000000080)=0x400)
08:40:27 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)={0x28, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x380, 0x0, 0x0, 0x0, @fd}, @nested={0x10, 0x0, 0x0, 0x1, [@typed={0x4}, @typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0)
08:40:27 executing program 2:
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={0x0, 0x0, r0})
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
08:40:27 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0xf, 0x0, &(0x7f0000000100))
08:40:27 executing program 6:
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x400, 0x1)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xee00)
08:40:27 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0xf, 0x0, &(0x7f0000000100))
08:40:27 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)={0x28, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x380, 0x0, 0x0, 0x0, @fd}, @nested={0x10, 0x0, 0x0, 0x1, [@typed={0x4}, @typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0)
[ 118.751655] sr 1:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive.
08:40:27 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0xf, 0x0, &(0x7f0000000100))
08:40:27 executing program 6:
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x400, 0x1)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xee00)
08:40:27 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x401)
write$evdev(r0, &(0x7f00000000c0)=[{{0x77359400}, 0x4}, {{0x77359400}, 0x4, 0x4000}], 0x30)
08:40:27 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0xf, 0x0, &(0x7f0000000100))
08:40:27 executing program 2:
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={0x0, 0x0, r0})
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
08:40:27 executing program 7:
pselect6(0x639, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3938700}, 0x0)
08:40:27 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0xf, 0x0, &(0x7f0000000100))
08:40:27 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x145802, 0x0)
ioctl$FIBMAP(r0, 0x530d, &(0x7f0000000080)=0x400)
08:40:27 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0xf, 0x0, &(0x7f0000000100))
[ 118.909840] sr 1:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive.
08:40:27 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)={0x28, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x380, 0x0, 0x0, 0x0, @fd}, @nested={0x10, 0x0, 0x0, 0x1, [@typed={0x4}, @typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0)
08:40:27 executing program 6:
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x400, 0x1)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xee00)
08:40:27 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x401)
write$evdev(r0, &(0x7f00000000c0)=[{{0x77359400}, 0x4}, {{0x77359400}, 0x4, 0x4000}], 0x30)
08:40:27 executing program 2:
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={0x0, 0x0, r0})
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
08:40:27 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x145802, 0x0)
ioctl$FIBMAP(r0, 0x530d, &(0x7f0000000080)=0x400)
08:40:27 executing program 7:
pselect6(0x639, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3938700}, 0x0)
08:40:27 executing program 3:
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={0x0, 0x0, r0})
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
08:40:27 executing program 0:
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={0x0, 0x0, r0})
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
[ 119.037138] Oops: general protection fault, probably for non-canonical address 0xf3fffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 119.038075] KASAN: maybe wild-memory-access in range [0xa000000000000190-0xa000000000000197]
[ 119.038743] CPU: 0 UID: 0 PID: 3952 Comm: syz-executor.5 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 119.041090] Tainted: [W]=WARN
[ 119.041773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 119.043463] RIP: 0010:perf_tp_event+0x175/0xe70
[ 119.044990] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 119.048558] RSP: 0018:ffff888043957780 EFLAGS: 00010012
[ 119.048990] RAX: 1400000000000032 RBX: 9fffffffffffffa0 RCX: ffffc900088ce000
[ 119.049568] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: a000000000000190
[ 119.050143] RBP: ffff8880439579f0 R08: ffff88806ce31340 R09: ffffe8ffffc168a0
[ 119.050717] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 119.051289] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 119.051872] FS: 00007f10c998f700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 119.052525] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 119.052994] CR2: 00007f10cc52d018 CR3: 0000000045695000 CR4: 0000000000350ef0
[ 119.053570] Call Trace:
[ 119.053782]
[ 119.053970] ? __pfx_perf_tp_event+0x10/0x10
[ 119.054342] ? __asan_memcpy+0x3d/0x60
[ 119.054665] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10
[ 119.055190] ? lock_is_held_type+0x9e/0x120
[ 119.055551] ? ctx_sched_in+0x134/0x9b0
[ 119.055877] ? css_rstat_updated+0x1b8/0x4d0
[ 119.056245] ? lock_is_held_type+0x9e/0x120
[ 119.056607] ? perf_trace_run_bpf_submit+0xef/0x180
[ 119.057019] ? lock_is_held_type+0x9e/0x120
[ 119.057374] perf_trace_run_bpf_submit+0xef/0x180
[ 119.057770] perf_trace_preemptirq_template+0x259/0x430
[ 119.058212] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 119.058694] ? check_preempt_wakeup_fair+0x406/0x950
[ 119.059112] ? find_held_lock+0x2b/0x80
[ 119.059447] ? try_to_wake_up+0x8ae/0x11d0
[ 119.059797] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 119.060216] trace_irq_enable.constprop.0+0xa6/0x100
[ 119.060636] trace_hardirqs_on+0x26/0x40
[ 119.060968] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 119.061367] try_to_wake_up+0x8ae/0x11d0
[ 119.061708] ? __pfx_try_to_wake_up+0x10/0x10
[ 119.062081] ? plist_del+0x122/0x270
[ 119.062389] ? find_held_lock+0x2b/0x80
[ 119.062719] ? futex_wake+0x474/0x540
[ 119.063036] wake_up_q+0xa1/0x130
[ 119.063327] futex_wake+0x47e/0x540
[ 119.063629] ? __pfx_futex_wake+0x10/0x10
[ 119.063977] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 119.064393] ? lock_release+0xc8/0x290
[ 119.064724] do_futex+0x26d/0x370
[ 119.065018] ? __pfx_do_futex+0x10/0x10
[ 119.065346] __x64_sys_futex+0x1c9/0x4d0
[ 119.065677] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 119.066157] ? __pfx___x64_sys_futex+0x10/0x10
[ 119.066531] ? xfd_validate_state+0x55/0x180
[ 119.066903] do_syscall_64+0xbf/0x360
[ 119.067216] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 119.067635] RIP: 0033:0x7f10cc419b19
[ 119.067938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 119.069393] RSP: 002b:00007f10c998f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 119.070001] RAX: ffffffffffffffda RBX: 00007f10cc52cf68 RCX: 00007f10cc419b19
[ 119.070575] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f10cc52cf6c
[ 119.071150] RBP: 00007f10cc52cf60 R08: 000000000000000e R09: 0000000000000000
[ 119.071731] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f10cc52cf6c
[ 119.072303] R13: 00007fffb86845cf R14: 00007f10c998f300 R15: 0000000000022000
[ 119.072885]
[ 119.073078] Modules linked in:
[ 119.073342] ---[ end trace 0000000000000000 ]---
[ 119.073723] RIP: 0010:perf_tp_event+0x175/0xe70
[ 119.074115] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 119.075581] RSP: 0018:ffff888043957780 EFLAGS: 00010012
[ 119.076017] RAX: 1400000000000032 RBX: 9fffffffffffffa0 RCX: ffffc900088ce000
[ 119.076599] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: a000000000000190
[ 119.077173] RBP: ffff8880439579f0 R08: ffff88806ce31340 R09: ffffe8ffffc168a0
[ 119.077745] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 119.078314] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 119.078888] FS: 00007f10c998f700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 119.079535] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 119.080006] CR2: 00007f10cc52d018 CR3: 0000000045695000 CR4: 0000000000350ef0
[ 119.080584] note: syz-executor.5[3952] exited with irqs disabled
[ 119.081130] Oops: general protection fault, probably for non-canonical address 0xf3fffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 119.082032] KASAN: maybe wild-memory-access in range [0xa000000000000190-0xa000000000000197]
[ 119.082711] CPU: 0 UID: 0 PID: 3952 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 119.083670] Tainted: [D]=DIE, [W]=WARN
[ 119.083991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 119.084664] RIP: 0010:perf_tp_event+0x175/0xe70
[ 119.085048] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 119.086513] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012
[ 119.086937] RAX: 1400000000000032 RBX: 9fffffffffffffa0 RCX: ffffffff81898973
[ 119.087507] RDX: ffff8880168e5280 RSI: ffffffff818995b7 RDI: a000000000000190
[ 119.088081] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc168a0
[ 119.088662] R10: 0000000000000000 R11: ffff88801c1c8498 R12: dffffc0000000000
[ 119.089240] R13: 0000000000000000 R14: ffff88806ce313e8 R15: dffffc0000000000
[ 119.089810] FS: 00007f10c998f700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 119.090455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 119.090928] CR2: 00007f10cc52d018 CR3: 0000000045695000 CR4: 0000000000350ef0
[ 119.091505] Call Trace:
[ 119.091717]
[ 119.091900] ? __pfx_perf_tp_event+0x10/0x10
[ 119.092268] ? trace_pelt_se_tp+0xdf/0x130
[ 119.092624] ? place_entity+0x1c/0x410
[ 119.092947] ? lock_acquire+0x18c/0x2f0
[ 119.093274] ? update_cfs_group+0x11d/0x260
[ 119.093627] ? lock_release+0x1c7/0x290
[ 119.093952] ? run_posix_cpu_timers+0x160/0x7d0
[ 119.094331] ? __pfx_run_posix_cpu_timers+0x10/0x10
[ 119.094738] ? sched_balance_trigger+0x1ac/0xcb0
[ 119.095128] ? sched_tick+0x27c/0x6c0
[ 119.095449] ? do_raw_spin_lock+0x123/0x260
[ 119.095810] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 119.096197] ? perf_trace_run_bpf_submit+0xef/0x180
[ 119.096615] perf_trace_run_bpf_submit+0xef/0x180
[ 119.097015] perf_trace_preemptirq_template+0x259/0x430
[ 119.097459] ? read_tsc+0x9/0x20
[ 119.097745] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 119.098225] ? clockevents_program_event+0x135/0x360
[ 119.098641] ? tick_program_event+0xac/0x140
[ 119.099003] ? handle_softirqs+0x16e/0x770
[ 119.099356] trace_irq_enable.constprop.0+0xa6/0x100
[ 119.099769] trace_hardirqs_on+0x26/0x40
[ 119.100107] handle_softirqs+0x16e/0x770
[ 119.100453] __irq_exit_rcu+0xc4/0x100
[ 119.100780] irq_exit_rcu+0x9/0x20
[ 119.101077] sysvec_apic_timer_interrupt+0x70/0x80
[ 119.101483]
[ 119.101670]
[ 119.101859] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 119.102287] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 119.102672] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de
[ 119.104129] RSP: 0018:ffff888043957f28 EFLAGS: 00000246
[ 119.104571] RAX: 0000000000000001 RBX: ffff8880168e5280 RCX: ffffffff817c2b86
[ 119.105152] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 119.105725] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 119.106294] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff8880168e5280
[ 119.106873] R13: 0000000000000000 R14: f3fffc0000000032 R15: 0000000000000000
[ 119.107446] ? trace_irq_enable.constprop.0+0x26/0x100
[ 119.107874] ? make_task_dead+0x214/0x3b0
[ 119.108213] ? make_task_dead+0x214/0x3b0
[ 119.108563] ? do_syscall_64+0xbf/0x360
[ 119.108895] rewind_stack_and_make_dead+0x16/0x20
[ 119.109292] RIP: 0033:0x7f10cc419b19
[ 119.109597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 119.111056] RSP: 002b:00007f10c998f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 119.111668] RAX: ffffffffffffffda RBX: 00007f10cc52cf68 RCX: 00007f10cc419b19
[ 119.112242] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f10cc52cf6c
[ 119.112818] RBP: 00007f10cc52cf60 R08: 000000000000000e R09: 0000000000000000
[ 119.113390] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f10cc52cf6c
[ 119.113959] R13: 00007fffb86845cf R14: 00007f10c998f300 R15: 0000000000022000
[ 119.114538]
[ 119.114730] Modules linked in:
[ 119.114994] ---[ end trace 0000000000000000 ]---
[ 119.115376] RIP: 0010:perf_tp_event+0x175/0xe70
[ 119.115764] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 119.117217] RSP: 0018:ffff888043957780 EFLAGS: 00010012
[ 119.117647] RAX: 1400000000000032 RBX: 9fffffffffffffa0 RCX: ffffc900088ce000
[ 119.118221] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: a000000000000190
[ 119.118792] RBP: ffff8880439579f0 R08: ffff88806ce31340 R09: ffffe8ffffc168a0
[ 119.119363] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 119.119940] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 119.120523] FS: 00007f10c998f700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 119.121167] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 119.121634] CR2: 00007f10cc52d018 CR3: 0000000045695000 CR4: 0000000000350ef0
[ 119.122208] Kernel panic - not syncing: Fatal exception in interrupt
[ 119.122909] Kernel Offset: disabled
[ 119.123204] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
08:40:28 Registers:
info registers vcpu 0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880439570d8
R8 =0000000000000000 R9 =ffffed10013bf046 R10=0000000000000030 R11=30376578302f4952
R12=0000000000000030 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f10c998f700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe0b00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f10cc52d018 CR3=0000000045695000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f10cc5007c000007f10cc5007c8
XMM02=00007f10cc5007e000007f10cc5007c0 XMM03=00007f10cc5007c800007f10cc5007c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=000000000000000f RBX=0000000000000001 RCX=ffffffff81b34b3c RDX=000000000000001e
RSI=ffffffff8689c8ae RDI=ffffffff865117dc RBP=ffffffff865117dc RSP=ffff888015fdf718
R8 =ffffffff8689c8ae R9 =0000000000000000 R10=000000000003be53 R11=0000000000025c0f
R12=ffffffff86511854 R13=ffffffff865117dc R14=ffffffff865117dc R15=dffffc0000000000
RIP=ffffffff813579fe RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f3f8d06e8c0 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe6a00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055556027cc58 CR3=000000000df89000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=7269762f736563697665642f7379732f XMM01=622f6c6175747269762f736563697665
XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=0000560195861d300000560195834a10
XMM06=00005601958688b00000000300000002 XMM07=00000000000000000000000000000000
XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000