Warning: Permanently added '[localhost]:48355' (ECDSA) to the list of known hosts. 2025/08/29 13:27:16 fuzzer started 2025/08/29 13:27:17 dialing manager at localhost:43077 syzkaller login: [ 59.241788] cgroup: Unknown subsys name 'net' [ 59.309357] cgroup: Unknown subsys name 'cpuset' [ 59.329385] cgroup: Unknown subsys name 'rlimit' 2025/08/29 13:27:27 syscalls: 2214 2025/08/29 13:27:27 code coverage: enabled 2025/08/29 13:27:27 comparison tracing: enabled 2025/08/29 13:27:27 extra coverage: enabled 2025/08/29 13:27:27 setuid sandbox: enabled 2025/08/29 13:27:27 namespace sandbox: enabled 2025/08/29 13:27:27 Android sandbox: enabled 2025/08/29 13:27:27 fault injection: enabled 2025/08/29 13:27:27 leak checking: enabled 2025/08/29 13:27:27 net packet injection: enabled 2025/08/29 13:27:27 net device setup: enabled 2025/08/29 13:27:27 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 13:27:27 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 13:27:27 USB emulation: enabled 2025/08/29 13:27:27 hci packet injection: enabled 2025/08/29 13:27:27 wifi device emulation: enabled 2025/08/29 13:27:27 802.15.4 emulation: enabled 2025/08/29 13:27:27 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 13:27:27 fetching corpus: 50, signal 23066/26575 (executing program) 2025/08/29 13:27:27 fetching corpus: 100, signal 36886/41770 (executing program) 2025/08/29 13:27:27 fetching corpus: 150, signal 43061/49359 (executing program) 2025/08/29 13:27:27 fetching corpus: 200, signal 50143/57723 (executing program) 2025/08/29 13:27:27 fetching corpus: 250, signal 53506/62386 (executing program) 2025/08/29 13:27:27 fetching corpus: 300, signal 59333/69215 (executing program) 2025/08/29 13:27:28 fetching corpus: 350, signal 63434/74432 (executing program) 2025/08/29 13:27:28 fetching corpus: 400, signal 67079/79084 (executing program) 2025/08/29 13:27:28 fetching corpus: 450, signal 71391/84282 (executing program) 2025/08/29 13:27:28 fetching corpus: 500, signal 73676/87649 (executing program) 2025/08/29 13:27:28 fetching corpus: 550, signal 75677/90682 (executing program) 2025/08/29 13:27:28 fetching corpus: 600, signal 78764/94652 (executing program) 2025/08/29 13:27:28 fetching corpus: 650, signal 81231/97990 (executing program) 2025/08/29 13:27:28 fetching corpus: 700, signal 83599/101256 (executing program) 2025/08/29 13:27:28 fetching corpus: 750, signal 85762/104260 (executing program) 2025/08/29 13:27:28 fetching corpus: 800, signal 88665/107848 (executing program) 2025/08/29 13:27:28 fetching corpus: 850, signal 91358/111213 (executing program) 2025/08/29 13:27:29 fetching corpus: 900, signal 94041/114530 (executing program) 2025/08/29 13:27:29 fetching corpus: 950, signal 95581/116845 (executing program) 2025/08/29 13:27:29 fetching corpus: 1000, signal 96912/119018 (executing program) 2025/08/29 13:27:29 fetching corpus: 1050, signal 98000/120910 (executing program) 2025/08/29 13:27:29 fetching corpus: 1100, signal 100975/124204 (executing program) 2025/08/29 13:27:29 fetching corpus: 1150, signal 102552/126402 (executing program) 2025/08/29 13:27:29 fetching corpus: 1200, signal 103530/128208 (executing program) 2025/08/29 13:27:29 fetching corpus: 1250, signal 105014/130334 (executing program) 2025/08/29 13:27:29 fetching corpus: 1300, signal 105824/131931 (executing program) 2025/08/29 13:27:29 fetching corpus: 1350, signal 107702/134262 (executing program) 2025/08/29 13:27:29 fetching corpus: 1400, signal 109063/136257 (executing program) 2025/08/29 13:27:30 fetching corpus: 1450, signal 110567/138243 (executing program) 2025/08/29 13:27:30 fetching corpus: 1500, signal 112143/140281 (executing program) 2025/08/29 13:27:30 fetching corpus: 1550, signal 113579/142195 (executing program) 2025/08/29 13:27:30 fetching corpus: 1600, signal 114682/143862 (executing program) 2025/08/29 13:27:30 fetching corpus: 1650, signal 115860/145540 (executing program) 2025/08/29 13:27:30 fetching corpus: 1700, signal 116884/147101 (executing program) 2025/08/29 13:27:30 fetching corpus: 1750, signal 117716/148531 (executing program) 2025/08/29 13:27:30 fetching corpus: 1800, signal 118892/150149 (executing program) 2025/08/29 13:27:30 fetching corpus: 1850, signal 119721/151481 (executing program) 2025/08/29 13:27:31 fetching corpus: 1900, signal 120625/152842 (executing program) 2025/08/29 13:27:31 fetching corpus: 1950, signal 123458/155302 (executing program) 2025/08/29 13:27:31 fetching corpus: 2000, signal 124185/156519 (executing program) 2025/08/29 13:27:31 fetching corpus: 2050, signal 125435/158007 (executing program) 2025/08/29 13:27:31 fetching corpus: 2100, signal 125860/159028 (executing program) 2025/08/29 13:27:31 fetching corpus: 2150, signal 127262/160619 (executing program) 2025/08/29 13:27:31 fetching corpus: 2200, signal 128445/162008 (executing program) 2025/08/29 13:27:31 fetching corpus: 2250, signal 129204/163189 (executing program) 2025/08/29 13:27:31 fetching corpus: 2300, signal 129847/164260 (executing program) 2025/08/29 13:27:31 fetching corpus: 2350, signal 130511/165336 (executing program) 2025/08/29 13:27:31 fetching corpus: 2400, signal 131076/166372 (executing program) 2025/08/29 13:27:31 fetching corpus: 2450, signal 132270/167666 (executing program) 2025/08/29 13:27:32 fetching corpus: 2500, signal 132995/168773 (executing program) 2025/08/29 13:27:32 fetching corpus: 2550, signal 133590/169739 (executing program) 2025/08/29 13:27:32 fetching corpus: 2600, signal 134331/170790 (executing program) 2025/08/29 13:27:32 fetching corpus: 2650, signal 135009/171779 (executing program) 2025/08/29 13:27:32 fetching corpus: 2700, signal 135567/172739 (executing program) 2025/08/29 13:27:32 fetching corpus: 2750, signal 136261/173696 (executing program) 2025/08/29 13:27:32 fetching corpus: 2800, signal 136864/174635 (executing program) 2025/08/29 13:27:32 fetching corpus: 2850, signal 137695/175608 (executing program) 2025/08/29 13:27:32 fetching corpus: 2900, signal 138742/176697 (executing program) 2025/08/29 13:27:32 fetching corpus: 2950, signal 139941/177880 (executing program) 2025/08/29 13:27:32 fetching corpus: 3000, signal 140685/178773 (executing program) 2025/08/29 13:27:33 fetching corpus: 3050, signal 141327/179603 (executing program) 2025/08/29 13:27:33 fetching corpus: 3100, signal 141909/180473 (executing program) 2025/08/29 13:27:33 fetching corpus: 3150, signal 142853/181449 (executing program) 2025/08/29 13:27:33 fetching corpus: 3200, signal 143428/182226 (executing program) 2025/08/29 13:27:33 fetching corpus: 3250, signal 144068/183020 (executing program) 2025/08/29 13:27:33 fetching corpus: 3300, signal 144924/183909 (executing program) 2025/08/29 13:27:33 fetching corpus: 3350, signal 145825/184794 (executing program) 2025/08/29 13:27:33 fetching corpus: 3400, signal 146703/185616 (executing program) 2025/08/29 13:27:33 fetching corpus: 3450, signal 147437/186371 (executing program) 2025/08/29 13:27:33 fetching corpus: 3500, signal 147852/187031 (executing program) 2025/08/29 13:27:34 fetching corpus: 3550, signal 148706/187821 (executing program) 2025/08/29 13:27:34 fetching corpus: 3600, signal 149316/188533 (executing program) 2025/08/29 13:27:34 fetching corpus: 3650, signal 149862/189166 (executing program) 2025/08/29 13:27:34 fetching corpus: 3700, signal 150378/189829 (executing program) 2025/08/29 13:27:34 fetching corpus: 3750, signal 151004/190552 (executing program) 2025/08/29 13:27:34 fetching corpus: 3800, signal 151563/191226 (executing program) 2025/08/29 13:27:34 fetching corpus: 3850, signal 152045/191882 (executing program) 2025/08/29 13:27:34 fetching corpus: 3900, signal 152406/192481 (executing program) 2025/08/29 13:27:34 fetching corpus: 3950, signal 153063/193253 (executing program) 2025/08/29 13:27:34 fetching corpus: 4000, signal 153383/193808 (executing program) 2025/08/29 13:27:34 fetching corpus: 4050, signal 153719/194365 (executing program) 2025/08/29 13:27:34 fetching corpus: 4100, signal 154149/194918 (executing program) 2025/08/29 13:27:35 fetching corpus: 4150, signal 154527/195472 (executing program) 2025/08/29 13:27:35 fetching corpus: 4200, signal 155116/196084 (executing program) 2025/08/29 13:27:35 fetching corpus: 4250, signal 155695/196715 (executing program) 2025/08/29 13:27:35 fetching corpus: 4300, signal 156198/197254 (executing program) 2025/08/29 13:27:35 fetching corpus: 4350, signal 156829/197780 (executing program) 2025/08/29 13:27:35 fetching corpus: 4400, signal 157215/198266 (executing program) 2025/08/29 13:27:35 fetching corpus: 4450, signal 157677/198740 (executing program) 2025/08/29 13:27:35 fetching corpus: 4500, signal 158517/199245 (executing program) 2025/08/29 13:27:35 fetching corpus: 4550, signal 159070/199765 (executing program) 2025/08/29 13:27:35 fetching corpus: 4600, signal 159514/200229 (executing program) 2025/08/29 13:27:35 fetching corpus: 4650, signal 159966/200685 (executing program) 2025/08/29 13:27:35 fetching corpus: 4700, signal 160859/201182 (executing program) 2025/08/29 13:27:36 fetching corpus: 4750, signal 161269/201630 (executing program) 2025/08/29 13:27:36 fetching corpus: 4800, signal 161771/202073 (executing program) 2025/08/29 13:27:36 fetching corpus: 4850, signal 162069/202491 (executing program) 2025/08/29 13:27:36 fetching corpus: 4900, signal 162362/202774 (executing program) 2025/08/29 13:27:36 fetching corpus: 4950, signal 162813/202785 (executing program) 2025/08/29 13:27:36 fetching corpus: 5000, signal 163268/202785 (executing program) 2025/08/29 13:27:36 fetching corpus: 5050, signal 163730/202796 (executing program) 2025/08/29 13:27:36 fetching corpus: 5100, signal 164187/202806 (executing program) 2025/08/29 13:27:36 fetching corpus: 5150, signal 164601/202812 (executing program) 2025/08/29 13:27:36 fetching corpus: 5200, signal 165254/202900 (executing program) 2025/08/29 13:27:37 fetching corpus: 5250, signal 165662/202933 (executing program) 2025/08/29 13:27:37 fetching corpus: 5300, signal 166122/202956 (executing program) 2025/08/29 13:27:37 fetching corpus: 5350, signal 166649/202969 (executing program) 2025/08/29 13:27:37 fetching corpus: 5400, signal 166994/202991 (executing program) 2025/08/29 13:27:37 fetching corpus: 5450, signal 167438/202991 (executing program) 2025/08/29 13:27:37 fetching corpus: 5500, signal 167795/202995 (executing program) 2025/08/29 13:27:37 fetching corpus: 5550, signal 168322/203028 (executing program) 2025/08/29 13:27:37 fetching corpus: 5600, signal 168770/203057 (executing program) 2025/08/29 13:27:37 fetching corpus: 5650, signal 169179/203062 (executing program) 2025/08/29 13:27:37 fetching corpus: 5700, signal 169587/203064 (executing program) 2025/08/29 13:27:37 fetching corpus: 5750, signal 169950/203072 (executing program) 2025/08/29 13:27:37 fetching corpus: 5800, signal 170304/203076 (executing program) 2025/08/29 13:27:38 fetching corpus: 5850, signal 170605/203103 (executing program) 2025/08/29 13:27:38 fetching corpus: 5900, signal 170954/203106 (executing program) 2025/08/29 13:27:38 fetching corpus: 5950, signal 171348/203106 (executing program) 2025/08/29 13:27:38 fetching corpus: 6000, signal 171773/203109 (executing program) 2025/08/29 13:27:38 fetching corpus: 6050, signal 172036/203114 (executing program) 2025/08/29 13:27:38 fetching corpus: 6100, signal 172454/203114 (executing program) 2025/08/29 13:27:38 fetching corpus: 6150, signal 172816/203126 (executing program) 2025/08/29 13:27:38 fetching corpus: 6200, signal 173136/203135 (executing program) 2025/08/29 13:27:38 fetching corpus: 6250, signal 173450/203154 (executing program) 2025/08/29 13:27:38 fetching corpus: 6300, signal 173886/203158 (executing program) 2025/08/29 13:27:38 fetching corpus: 6350, signal 174150/203163 (executing program) 2025/08/29 13:27:39 fetching corpus: 6400, signal 174408/203177 (executing program) 2025/08/29 13:27:39 fetching corpus: 6450, signal 174726/203181 (executing program) 2025/08/29 13:27:39 fetching corpus: 6500, signal 175057/203213 (executing program) 2025/08/29 13:27:39 fetching corpus: 6550, signal 175233/203219 (executing program) 2025/08/29 13:27:39 fetching corpus: 6600, signal 175603/203244 (executing program) 2025/08/29 13:27:39 fetching corpus: 6650, signal 176133/203253 (executing program) 2025/08/29 13:27:39 fetching corpus: 6700, signal 176582/203306 (executing program) 2025/08/29 13:27:39 fetching corpus: 6750, signal 177049/203369 (executing program) 2025/08/29 13:27:39 fetching corpus: 6800, signal 177294/203378 (executing program) 2025/08/29 13:27:39 fetching corpus: 6850, signal 177625/203384 (executing program) 2025/08/29 13:27:39 fetching corpus: 6900, signal 177948/203400 (executing program) 2025/08/29 13:27:39 fetching corpus: 6950, signal 178248/203429 (executing program) 2025/08/29 13:27:40 fetching corpus: 7000, signal 178961/203431 (executing program) 2025/08/29 13:27:40 fetching corpus: 7050, signal 179346/203432 (executing program) 2025/08/29 13:27:40 fetching corpus: 7100, signal 179909/203456 (executing program) 2025/08/29 13:27:40 fetching corpus: 7150, signal 180196/203458 (executing program) 2025/08/29 13:27:40 fetching corpus: 7200, signal 180531/203470 (executing program) 2025/08/29 13:27:40 fetching corpus: 7250, signal 180862/203473 (executing program) 2025/08/29 13:27:40 fetching corpus: 7300, signal 181141/203473 (executing program) 2025/08/29 13:27:40 fetching corpus: 7350, signal 181381/203477 (executing program) 2025/08/29 13:27:40 fetching corpus: 7400, signal 181675/203480 (executing program) 2025/08/29 13:27:40 fetching corpus: 7450, signal 182111/203486 (executing program) 2025/08/29 13:27:40 fetching corpus: 7500, signal 182353/203490 (executing program) 2025/08/29 13:27:41 fetching corpus: 7550, signal 182618/203499 (executing program) 2025/08/29 13:27:41 fetching corpus: 7600, signal 183207/203500 (executing program) 2025/08/29 13:27:41 fetching corpus: 7650, signal 183516/203503 (executing program) 2025/08/29 13:27:41 fetching corpus: 7700, signal 183843/203520 (executing program) 2025/08/29 13:27:41 fetching corpus: 7750, signal 184180/203521 (executing program) 2025/08/29 13:27:41 fetching corpus: 7800, signal 184391/203522 (executing program) 2025/08/29 13:27:41 fetching corpus: 7850, signal 184707/203525 (executing program) 2025/08/29 13:27:41 fetching corpus: 7900, signal 184946/203534 (executing program) 2025/08/29 13:27:41 fetching corpus: 7950, signal 185199/203536 (executing program) 2025/08/29 13:27:41 fetching corpus: 8000, signal 185562/203581 (executing program) 2025/08/29 13:27:41 fetching corpus: 8050, signal 185896/203595 (executing program) 2025/08/29 13:27:42 fetching corpus: 8100, signal 186343/203595 (executing program) 2025/08/29 13:27:42 fetching corpus: 8150, signal 186688/203595 (executing program) 2025/08/29 13:27:42 fetching corpus: 8200, signal 187069/203610 (executing program) 2025/08/29 13:27:42 fetching corpus: 8250, signal 187304/203610 (executing program) 2025/08/29 13:27:42 fetching corpus: 8300, signal 187598/203611 (executing program) 2025/08/29 13:27:42 fetching corpus: 8350, signal 187880/203620 (executing program) 2025/08/29 13:27:42 fetching corpus: 8400, signal 188150/203621 (executing program) 2025/08/29 13:27:42 fetching corpus: 8450, signal 188471/203621 (executing program) 2025/08/29 13:27:42 fetching corpus: 8500, signal 188771/203632 (executing program) 2025/08/29 13:27:42 fetching corpus: 8550, signal 189035/203637 (executing program) 2025/08/29 13:27:43 fetching corpus: 8600, signal 189223/203642 (executing program) 2025/08/29 13:27:43 fetching corpus: 8650, signal 189613/203647 (executing program) 2025/08/29 13:27:43 fetching corpus: 8700, signal 189864/203650 (executing program) 2025/08/29 13:27:43 fetching corpus: 8750, signal 190050/203654 (executing program) 2025/08/29 13:27:43 fetching corpus: 8800, signal 190296/203672 (executing program) 2025/08/29 13:27:43 fetching corpus: 8850, signal 190522/203679 (executing program) 2025/08/29 13:27:43 fetching corpus: 8900, signal 190755/203690 (executing program) 2025/08/29 13:27:43 fetching corpus: 8950, signal 190959/203708 (executing program) 2025/08/29 13:27:43 fetching corpus: 9000, signal 191199/203710 (executing program) 2025/08/29 13:27:43 fetching corpus: 9050, signal 191454/203722 (executing program) 2025/08/29 13:27:43 fetching corpus: 9100, signal 191695/203731 (executing program) 2025/08/29 13:27:43 fetching corpus: 9150, signal 191927/203735 (executing program) 2025/08/29 13:27:43 fetching corpus: 9200, signal 192354/203735 (executing program) 2025/08/29 13:27:44 fetching corpus: 9250, signal 192556/203742 (executing program) 2025/08/29 13:27:44 fetching corpus: 9300, signal 192805/203745 (executing program) 2025/08/29 13:27:44 fetching corpus: 9350, signal 192998/203755 (executing program) 2025/08/29 13:27:44 fetching corpus: 9400, signal 193286/203775 (executing program) 2025/08/29 13:27:44 fetching corpus: 9450, signal 193467/203777 (executing program) 2025/08/29 13:27:44 fetching corpus: 9500, signal 193762/203777 (executing program) 2025/08/29 13:27:44 fetching corpus: 9550, signal 194037/203781 (executing program) 2025/08/29 13:27:44 fetching corpus: 9600, signal 194323/203783 (executing program) 2025/08/29 13:27:44 fetching corpus: 9650, signal 194566/203795 (executing program) 2025/08/29 13:27:44 fetching corpus: 9700, signal 194749/203795 (executing program) 2025/08/29 13:27:44 fetching corpus: 9750, signal 194962/203800 (executing program) 2025/08/29 13:27:45 fetching corpus: 9800, signal 195224/203802 (executing program) 2025/08/29 13:27:45 fetching corpus: 9850, signal 195438/203809 (executing program) 2025/08/29 13:27:45 fetching corpus: 9900, signal 195652/203819 (executing program) 2025/08/29 13:27:45 fetching corpus: 9950, signal 195826/203829 (executing program) 2025/08/29 13:27:45 fetching corpus: 10000, signal 196090/203863 (executing program) 2025/08/29 13:27:45 fetching corpus: 10050, signal 196294/203868 (executing program) 2025/08/29 13:27:45 fetching corpus: 10100, signal 196519/203868 (executing program) 2025/08/29 13:27:45 fetching corpus: 10150, signal 196835/203883 (executing program) 2025/08/29 13:27:45 fetching corpus: 10200, signal 197080/203883 (executing program) 2025/08/29 13:27:45 fetching corpus: 10250, signal 197421/203883 (executing program) 2025/08/29 13:27:45 fetching corpus: 10300, signal 197646/203890 (executing program) 2025/08/29 13:27:45 fetching corpus: 10350, signal 197840/203895 (executing program) 2025/08/29 13:27:45 fetching corpus: 10400, signal 198017/203895 (executing program) 2025/08/29 13:27:46 fetching corpus: 10450, signal 198238/203906 (executing program) 2025/08/29 13:27:46 fetching corpus: 10500, signal 198453/203906 (executing program) 2025/08/29 13:27:46 fetching corpus: 10550, signal 198600/203911 (executing program) 2025/08/29 13:27:46 fetching corpus: 10600, signal 198970/203920 (executing program) 2025/08/29 13:27:46 fetching corpus: 10650, signal 199220/203923 (executing program) 2025/08/29 13:27:46 fetching corpus: 10700, signal 199475/203927 (executing program) 2025/08/29 13:27:46 fetching corpus: 10750, signal 199722/203928 (executing program) 2025/08/29 13:27:46 fetching corpus: 10783, signal 199821/203928 (executing program) 2025/08/29 13:27:46 fetching corpus: 10783, signal 199821/203928 (executing program) 2025/08/29 13:27:48 starting 8 fuzzer processes 13:27:48 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) read(r0, 0x0, 0x0) 13:27:48 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00') pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0) 13:27:48 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000400), 0x0, 0x2) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000540)="e551acd9be83652599c34fdbc3f075add89d8855f7ca978bd240e36ef8a64a10f13e40aa5709093a2889e1959dcf4b2f769658788234d0a85901ae791c561aadab173be5fc2aaeeac28cb751f898503e56916557d2a99ae9ce845989aed00ab3a5ea392a834ad8d97b9014f0fb3b48c0d57ae194d9d58a32fee4a9fd56bdb09b0c64904d47ad3e59053b79af2a760eb579da126e5a941488df027575a90c4d2c0f2b1d603fd5fae22ba1bf2a13958492d8ffa35b9a881ba893d249aa99b72c67bfee95caa584090906b771f64be556a9fd0f4778cc45ebd06caa773c6ca7ef7920003c015dec3db15189ccca25af7bb513c0cdeca7a13750140f1e811115da8c3b26f1c2e29a7d067b09fc8d", 0xfb}, {&(0x7f0000000000)="460915ce6396b98c9420a762e0af120af24e41ea26c4f2b058ed87782bffd7cc35d55e0d5c21044d72b41341efc1101669d7b5838662c9f2d12a4b9b4dabe2240c82a208e4d0f8ce605667a72e8c74e9e83529dd506715111cbd0000000000000000", 0x62}, {&(0x7f0000000080)="8e8612844497e1175c0a6d2aec665070057debed77f3e3f25e3526ca8a3c606a3a8ba2b2456e28a0a6ab815c3e77d50000000067eb273e5777b52e6404541e30e5b679a2e7baf08cfe2f3caffc8325c5740937981be474f7ba9f301aa1c40aff6933c3f5dca9255fb15cce2d66635b175d96c293eb34ea658434cf1537028b862b5074fe5e6258da15795e534df1f004a25f2971411763a6ddeb1eae70226f9cec3115416e0f5a81bd2da0ef32526c3848b69087209bceeb2d5f9f54a4e76f0d53154045213d7cb5e355e0bbc04f169739cb64668ffbce", 0xd7}], 0x32) 13:27:48 executing program 7: perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() capset(&(0x7f0000000000)={0x19980330, r0}, 0x0) 13:27:48 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x12f1) 13:27:48 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000004ec0)={0x0, 0x0, &(0x7f0000004e00)=[{&(0x7f0000001b00)="92f9bb2609946db45b11ace96b378630c44325e8d807303a676683ce270c3da0a872cd3f7e22ceca19db1af1ad13fc6b2ea9373a978dd481779fddbfbe8d73b26fcdce83f430b1f94d7b1f5cf44335a3ac365b20ced55177f26b8faff3adf355b9f636602448779349fc626d5f0cb4e256f8bb9d979827fb9d0657e1090345b1b521a901e73a89bd961fc710b542dcbffb72efe39b00f4ce5f6983da667a01f147303ff669736144374c8cc84f66cf09725a4d8842e87cdf08f6cb9e1c224a55869b50c2ef5f6dc01e5d86ade34b06acbf5db2f649c1120164194cfa9f917607c973d192726cb74275e9d634b4090d01b500f0662244296198ca45b262aa77d33efa872ec00840da1e8c6392222f29b2760a8fb099662c0389301e4b5b8b57548407ac0f507981897f1a20d7ee69d476cec28fff83f3594df22720343296e1a951dd0a80cec76e803d27d02dad2fed493e150fc16045ee647d1e3497316d528903189d8485f26284cd1153c3525228348517c1c6f3bcc5a929880aa281403a227e497be080e0d0c4d0a582839e2cd64dc0e44a93f37a061b10028f39b68ccc61a90b158553a46dd89f5f77facdb95b796fe7a399d25cb67c2d2ba3d54841690340e1f41dc8ce162fb21b31a2d767759b008304e366e74e8aed540af8609bfe4c425610eb7a60c04be5adca296e097712c64beaab1253d5b75c2fa4b2a6f8021a54610ee3a274b65797226bbca23f719664710833505dab120dc694a7a009f397d5f86dcc00caa6390906e210c52f05631359990512ea687cfb57acf8363ea7374fd6254c41e81870d2cfa24a77a9dfcb71b4d058320c95c3d54c8f15e8f4558042fa3b1855cdf949762a079fceb79d16cd2900768bb52cc9ea50e07acf8ff3d0a6525740e8c187de854379b8b57dac68ccb583126e55614764ae64401111de461b8f683fc4a4735496305e837cec307897042be35ba51b5f442e0f6ba7c00f146fa648c7e24aef00798f9902e1fd23bffcfc7e8bb6efc9b3350afd3ba61d192abcaa85eb1defa4e4aab465c03a3c5afabf313aaceb6f2f1fb5698730a36ffbbe420541541e74970c03e8f8f41876027574a2ea51cb1f53be4d62c188deed94f732b533f792bd1eca70937478f3a6b6b3f487eeb78d12cb0b52550181a13b37ced7e4ec0b71c92dde65d28c610244405d38403c47906b4ab13b188205f4ee7c1ec5f9e3906173e6b35038deb14411a6cb8ad1abd47e81d082799476632a250b211e793850ef0d3face40a27cee3a406c1933651db33410f7a06a578ac4f9627fe46d73552dadcd59f6f34db1270ff5b1d5b2a50c884b209f172cbc78ff0ce7633903589b1d5bd29e97197f161becff5942c316c3b84a7f3198884311a431c20a20977dcff6c86b49a58b78d9b677c6ad90f073e7865240bb5e739ed1b4c079e0405d4b78e515848ce7e2d6354eaffe86ba6e59f14b0d4f1c438a6bd4135827a425768c0b220e24e06da7e0599f05388947a369899dfe0480b1e7a8cd413f1f3f80a047368174d5eb1b81d7e6f8b184efe1ac28fff5f4681890e0a843359045e94bf4623dfbc46c2e1d3a7d424446684e08fce2c33ee0c85f47ae5e07ebb38a87cc3f89eab9e25bbda895ca43b9230891e7bb77e4a3b57893a0490035e0d8bdc5597b98293c34cb2e249a9f0ef552f6299b21630685e6fa0abebff4ac406c57f9e179643a5967dfb801c7a6a96478ee5445c91ab1467018713395112c1f1b1a09ce6837155fd0b86795c023ce698ef84ed578c8a4b54cdce1949bdf89fad45c386687747021dd978a2e545bd6a087c7f350831b813336cb88cfc8d980a15f9135812eeac825ea0d56a54d1a99f3f5841763fd6f476a1e9958410d8b9acb6097e453f0022b58983c5f2bf833ac7116debb22a44b15ed7466d131a404e22df86d791045b17ae73f753857106fe9da95b7ad336a998efff10050f44952fb211d85db795c3c6bff10cd6f688ee5dd32571eb9d04b2af2cbe6a310d2f8bde4677cafe610368c3f0146836ef0d90f105a34de91495d40112fe0efdeefacbaee5ddd24d289395a791db4522f1e4c9b18ed5ad910a70c36bc2276700751492dd95bb52b003bd94e19b21a6ae6b1e6120f665f77334d2385ea4960c868c1fd5af8c7dc0edcac48ddf64272a6d3e4d25cf699f08621eb0b940cbb527cbeb6dadd5ad397eb0106b92e28dd05c562924eeef56d90a8d40897e2a302952b95eee85ebecbb5ffb4bee1cd560fd5684ee3c9e73202921e38e4c7d7987d99438ac2cad9f87ceaf71f187e2d302b71f14eb407d943821c8f27e77a370c88364bc8b2c2f48341f249ed13cf75bb8d14d16df8e492e2006996dd8ee2d5ca59f3917f47014c370c51869f5a1771bc67a1c1cea2aaefa695fc6c819239267233796f144fa92c44b0a01e2a85bb8b4bd59c1efd095cef0f24b62b2dcf6bfc9959d613a9cd6c4486cc77e2955020e6e0ae7e24189d1b9ce70c545712bbb3cdf1cf3abe1b2fc22c02d82424d0aed54cc22f049eed0350fc405bbdf59a0e1f4f53dd3c8d6583d97e9d62f1fa67ab5f35ed649b0a7e765d7431c3c1fc20ca117a6498f58708f7a37b0e10779a774c4fbd4273cb0cc16602b6c84dc404c52d778672a2ecc6fceac343e2166eca74c069480966152361ef2e917a7044ee57a223ff5066f6fac1178d887aa323520046d2325cf6858ce115cd6cf878d619adea7316dfda266d227b747f6e52985dfacd810e3e528652cd778abdbd5deb1ca943a53d6f30de72f362a79d0daf03757cd753b41da1b8a1b634bf92f6ea784d51951f3a7b3ce5ed13466c58002cba81a489fbc7ebaa27457c28b34986ddeb21b2e07b13a2d7519f07014af00453bc4a674937e2cf485299bee43ed27637b6b56e2dfef67cb31ed38e89be4f4a2d70807ec368886d183f5b9ba22ee26bf83c129163d20b5863d4925bc79436dff6fec2280a183b2c8ef3dc48ff09b2e15d97aad79ad229f6a33c23debeb10b7e944ca0b11e0b7dc8e559b0abdf37b9edd29c80b5705465f35be2c3da3cbc7975126b45f510c05ccc663c598d100672f61b5bf75aa8397544f2222b6bc9648c28be788ac89fa7d926a5326550ec62b681f060d132c2a5198bd7a611259851832aa844fa252760d558d1222d270b4bfb1f1a2e2b5ce70e503c43ed7164892942d4f9246551110acab7801e43d5f7e95e5879b39810876fc611ef4b969c8d64ea45e8548a8bda62278b54991031a1e0f195f0c04deca07faa1638a776e9580073932645d14b19a93acc08c21beceb68cd63f048ae5feacff1d2432bd92907f6a5bed3ead162b25ac2a9d687fd3f77547b43344e117debc80a0a574d0f0c0b1b0c8b05726859bce794590b4229272fab01573c99e6aec06d5f4af562bf44854dd52cefcd043c04b641da9e56513a37b0ee3d370e9c10068b34e5c1ed3541308b04937db5c3439a557bf91ffee3817e702cc9fcb34db840261a7c137c3f40143044cce0bad5919c0aae8f90fb07f04439cc037f86acac5926b14c4fcbf334b483c69e327c3e722f296b46b1c0ce9721e621bbab02d24fc437ea94ddfd30cf5a6747a0f0c7ae55a1859e28a842191e173b224820f50dce3107c15869c79c82d93efe9099663d1530548d5bceea5daba8eaf75e1b6397665a442467a1f5d552593378ea2e81fd285ba2bbabf988a801dc418d839a059dc1edd60daa0b658f0e8a6768deff8eb55ab5ce97525cf0fbf33aed913431cae08648a3645767eec0a2e57ee52ed7bd18aa0758ca778a510e616367a9cd58f26e681e101ea5bf20b218de7e80d52bf936a62841a7c3e99e26345ae36c622b189d6e25c45c2f3543cd924279fec1169d745bb3bdef0fd5d4180e87de2e2769616055e601fdfa6254c534bcbdbede7eb57bbd7ca5f317789959134b3779e1ea39d6d6aba47e6d68ed3c97fbbe1ed03425cb61e79d5e9fd7334e2d2210e93811c20a610abb1175ceb967a16faa65ca8d2b2a352f0660928a86fe97dec45e18ceb4c324138080d139404ed6d4ebcff07270c4b87124fbb485f5dbcd3ba79bf2adb6a2749821c4aae790152576c68765d814917824056152431b9730ef7bfd599f3d6b65da6fe4dff9c3da53f3be70b78a13060a3f837f7d1983dbac1bb2e2e577761cf37a092b1d93537a066819268da83a6520b2e0c9f52dac60297d49b1c5233d77127e324c0f00f8aa214f677e71e483725a55ba2d57715e7afd4d43d12b5afd3c44c91308e47285189d5c5cfb0de46dad651c27dc9c50c39f0ce59afae5ed0ad58238b19bb4f4adea899e4fcae797bd8d712c279d9e6c5c7eab0828780b9371de1b880219620c1683625d76ddc9e2f763a67ba94aa270d6b9bbdb3badd55139d7735bd052a06e8dbba32b95629084fd36e25d8ed742a207d760ccf6a76af354b088e05bc9d9a1b6c5263473589cba5c1c440a265a6cecf0be3c50990eb86ae5d2c28fe56dcb19dfae707fee1c96cfdc429bba67cbb3ba577f833efb1c8c2b2189604e63eb2162fed624ef949d017764ae68a625a524964b555647e59cb083460c42f6b08ac56abcaaea90d618b143e8983cd1058498f00cebd50ee0abb03cc519cafdba0195464201606c2272a8e86397439d938a834570f68c05061a53f042c5bb853add9bbd02ec6d7b767026ef13b0fdc3e07585532ad2457d0ab1e600351ba3457846c2e239eeb114f6f98ea907cd91c97701ef3614150b307b9e373b534d49a879a3bd07360b66798a1a1c9acce744294ee7cb49b79106daa5775cca5bc3d296dbec402fde9fd31edbd6db90ceb6a8264eeba11cffe3f7372dbb6a6ec4cd170f1bac292654a21dd6b6639be3851af1d8e087f84218777d44cdf6db5b8300662c4b38f4f3f93e446f0eeb9efcefe9fa954a1871273ecc11dc8b873ac819e9369a6ac09cc4bb60cc2cdf5b74d514be20586812cde0f1ed9a569e3fb7eeaf4e72acb5d58e6cca50ef938f9835c342cf494e7d272b1921fe2d134f17ea2ef557115cc8a12de6cf875e952b83c29e557388ac4f2ffb382d3c59b72d4ba36466262f300fef867dfd4c21bceb7c9669828f615d62dfb8215d372bf4e622448be54c86a4c26b74745eb171582b898294e8c869718505f470a642f101647ff727605f1005c4f3ec7934313f56a59d1f0a47ccfffa246a589c9e89980b96d76a4d7eda4eaa4fa0e7b79052316e14e79e51c26b38c059ce1cffe0007d59749bb4c5cb0866d22b80e6760dbba312a76e7bc882755df4f38ddafcdb69fb4b1679eee3bd78da565f13ca37fc64f08525184196d46de36ce4d7ad9d82f7b1652b97b65aa7e73e15b6232cad8f726d786324ff84314af8da68698fd5dc4d9fdaa01bc3675cb31dad39ae8a29ff46ddb1b0508f5ecd6e0d3701fd47694c15df3421ec17089aa86a4927048ab7e307cd3fcfde8f8bfca2f724c4a8df8369d25b0268abb96b734d8d2b6f08260a32cd935e779f0ab82328ea1a3f45a0f57adab677727f79d56aa44d944f20c3075d03be77818b6f0ad85e23008b4a57074b89be3a088bad4425fb026840f74c828b5fae9ef52570621b0093b5ac3ee70bdcab82bd0c4c22e1af0c13a26406d5530b567a0763912681ad1f31b5c9e6da9e170496489a0428d78c550c39e143bdb98cbe88c711e20aad9a55af1941f030ba1be39c2e309f770653fb6d0f090e0e023fa0de77c8c78b4b75a9b02e9dbe7545150cb73b6f3e708284a76744136d6d890420bc9ec63f18a34147486", 0x1000}, {&(0x7f0000002b00)="5b8e601236948fb18a93803f867f79ec202ca1842ae9f96b13bc6baf0d25bf4e58c958d5e6b6f87cd3eca7f4fbd0a4305a9e44965daaa9e6f0c3acc9bfa429a1147f85fe0e27651bdf01f3485b2cb5d3c608cc96fe1fb350ddf48f3408cc44a58e033b6baebc324efc520f79e22e001b844537d3699b6aef53fc3975875480928a9b9b75494b149a155be91b5661120a345bd4e03be369ee10bba088d98a868777b960c67de875ab886d0cd14f", 0xad}, {&(0x7f0000002bc0)="00edf465b4be5a90e70947c5f309439d05c3324ba1fae7c2f8977d8ffeeca29b7c11c5d51b115dee139618ccbb6dd260dfe02bcfa53038d8d4643ec7bebaf743472f0b82f6e99eaf6f2f7e29c5ad1fe5a48e2ff6bc308a512c62c1bada78b8fe2c22de69658719a81fd072b60dd4fa52c44fa8b7d7e4645f1591304c0a6f58892750f0305c1906f0c0e79c359a8268a18d1f7742405e66e05bbcf5879c5a8dcc4109ec611914305a07b5e1c6b87a002c678865c0d91ce124d9887b33c77815ef24be800e68aca52b0ec68282c52dbbf952216ae7faf35700a787d50b2b77d6e035b675d05cc23bbf1c48ea8bbe4bbc2261e1073b5763db0645bbff7acdcb96b6fd48f5473e969e66580e503cd903100bdab888d8063c782fd346ba6e4a027e0bc5babd1c3bf451eee4a9a1b9eac1db125847caf0a5e0d38c09045753f2fcda27909448cc46de42a0f3a55759235c28a124b879700b962c2b28358041c8d9e9fa7e7076bc68db51352bd2bcb34efa7bc49fea5ba04c6e7f890e5f8742a79eb5db75be5d8f34635c1817702d3236e557acda771b63e750000e190b5e1176d1594032d02a412fa34ff11470307b03f707e95aa11b22f6a9c6baee88f4684631662159080d8fa9d387f4e04537885986c76eb97d9466c561287817b5bb7d52695d169896b8c892a4da48c4545195b05519eb5fbab484f7c1dd1bc0109045b8741e832a2e78055b0ab3b9fbd4ef0747127125ba39b4a30371e59bb86887326bda1f9450118cf174702ccb2c0cbb41c3cb9509a7612f06674f8f674acec4f71afdcc0f6e2d2705d30ecee447a98d31dd798352e1f05ac6b4bc8aca0e0077a7c5bec2298e191e2d2e6527143570fb734b0b77eebeb1bc18b6509e49cca861bb9ff195f8d664bf77b1aa5c9320262b43af7afe94bba08d02bf6d3c317d5537ebed2e289fdce6f9124c8500703e973423be96b6fdcf62c7e771b9f57c53d62b0bf4bcf5330b390a80aa0f51e58b603f013c41842a7001c0e4740e339d85109242f8b10feebea9adf080cb51e960b4ea5600ba0beb350fd9f826f9843604b9dbedef3d215af44c1cce98281ce5d0a1d649bfb9a1850c90ee52223c2f8d417708b6805d0296e33b471d4fa89cf3623bea4d6027d471b6bbf986e5cc70d4530118e7b99aabcac01c318cc8a30eabb0345a8242d6202ef175697e68af15149f47245bfd742f819bd638995c5322e2d85f3d51aad5c99ce216f1246aa695fb5befdf4576ca173da97bcdf70c083e82f26e614c7d7a04ee3fa05465578536669877791e3f8aa28e28046cd3e1020e30d7d5af5b4715cf4d57555605a978b128a5bed9fdfda791356e451e2fc2c3ee204e108979056f81941e67da57ee2a985f4512a2e7a0f21cfae8ce91f547d0264a0eb343c828505eea66da0c944180d96bf4bec5612759fb3ebb5f50089c76ea99a73535dfe5f7267cfc0f6f12775ee20a6dc4091d7a25dafa8e19209825aa300fd37800613c47cbbc1377a20c7e7821b4a91db83cb6bd3d6c076e838c2ac0143428a496c83dd2850b8574a1294da6becebb407912f7615a4a5c6a7bc4891c6811e88f4e6c6d6f99eaba50793c0a41eedb4b6091a82bc96a1aae6e0866949672c1071731a2100bd3bf9ed98235479b6f8950b7657c494989721c66a6287426697e1025a95797c3dd837f83ca218f6bcc1c304e7c74190a3e5d667683846bd18ce699a131250975964fe62a5ed480600dbbc9b0cb286a9b6757f9ddde8b014bbdb986705552619e86d89b76d051628402a4a0469e30f651ef3ad060ec591a41f1170329e283f7de57caa08347c2c191f23e6fd240299cda2a32b506901a21c9446e6aadc6465fff504bfc4efd94a65847b62065baf8124c368965c16822d7d06182689373b9f7c2a9727be167aa85aef719ee039286055f2d7958a14339516a8c8e70928939cb98e666db4bbc9d01b8aaaa88f045cfc96f057d25026dc9e5a735501635adf1cfff3a21d5a8f5ee32056ac5c31fffea3cbcd593dcd0654ad855471fbdaa3aa8536a787ae885e50fd8893a09c53480a6ccc744785ab81c2774b24ea57b6d9f264ae3a62073589bed2b00cce8d678e6a7ef21b33fcbb4216addbfe200292bfc48a36e8aa7f84e42351138b15530008e95dd032dafdd074ab25370b4d9794fa1e646c59e4790276595d2cb6a97d6dc26e02b8813c510beb20986b0b1414ef94c46981d6f4999905d7f44ba298a810d9466387bf939198d434565cda35669632de34970379c637255a9a3b13b56412ef59a12f30065d1cce903216f479e4e23e3777d2cdb2989c8b3ba983475f9537ab0045fa593757ffbe4e14732c87d2288518216942b19f5c70fec41075bde6ecf7164af0c6b429059341fae463a936a59e83cbdc1c75a087df9b3f19724036036bc3109adb4d5e4634a6e2c409b229814a1ee1666b1ffc8d4f42769638d99050d16cbefb4fd558f7cbe30849ec1d3ff081af6b3c3e051184de968064c4833b78fa746922ce1a60e9e77b75b7ab7c17bda582558ba87ac32a829d91d208de528f5c4bbf0842304be14acd0665eb2033807023056c1d8faef6e93336a936c7bf11921b7e200756926771b5fcb0273affad760f505be5494afeadfa6c96771439c0894233438ab07fd50cc6feb94c93e7f24b1ed786abda1e8198fab9514adb7718f4c8052a85e913019e2d583dda2e0a71ac00f04aff08fc47c8f8a3a8fe9e9e2dd8164cf4c1e91da5de9e6bca389c472e1886926597fe723f704bacea5602897fddfee9beb3b20fc4bb74b1d7d259496ea7088caf0148f21a1004b27d6ea2313dee36a5d1be3d701369ddacf9eb4a4ceb2ffe6ca2ad6d2fe846af035ef6384f3fef357b38857bd217e98c2be4e6c05ddf138fbb00aa7c92cf3ae4f4095847df6fc8125ec9c33e1654fcf9e8c6bc50953c71c0e9e97a5965d5901d8d13246897b1eaff1510900a3ae11d970f24d9395a6ed62c5266da76db769ad2c987d57a4b0896c3df8326e319cf99c32167e40ea923deedae9d2803c2f62e69e3b552b9f1ba604dd758c2fce609b22155b4755fcb0bed6e59dc2f1f7218d992790ad6723ed3b81f98bfee8091d08c2f457dde5534c0fc0cad506e9820430078c98f8f9cbf2677b9b5c27be51b40cfa252a1644ae4c7a755d1a7715c4e8b0064f7f9377790e46efcf2d5d66938b0583487ef0540dac6560faff8935d89e1022dfe12b7d22734016aff2366c662c33a418377082cededb3ab1187be3603a1b318959e351cc3c9a2342a965e08c2d7662da8fdbb81c9197ea978b9e9cfbb6597739021a05ca1669920cc39bec35121b89867692064691961563b5325a19f0987ae0bd3a804b254d34f4f20714b50c2f2008a74f3fd37e08aec4f880dfa1d9c6d3ba52a36369e057f9de5f0cd73e50dc334cfded5864a71dd65b9e4d861f3df3ce8da8c8c24615d275b9e5132b186f3ded6429035c62fb4e3086b8e09398f4fdae8c5cc920815be133f403810ee6d2d09ff221623779efa454f4051ac8a66a43b79039d8ceb63e98fac705780945deca858a2d22731e94cf56f37e1ded2a101a8fbdd767d936eb2ec930471d1b103688f7df836bf0ef04fcaa3d08711d8f5d30ed73be979819cbbec9d69c539bdfabf1664f077e78e8b6ac22ee33bdf5012e2dc289b07affcbfa750247b36f759e32533446d8b6bed37d164f5d369a6eeaba7d0bbe76da17fa4484edc9eb0cef7c97885a392e2a405e3d5e49e5ff99d140a9ba7e619e2ccc35cf002d9b612b6144f0a9645f2518acb630fd66977505a2349752b4047f4476d382570f28649ff134311764c1da3c5e683477979b268d80e3821c6a85e181a80ceb678c29b926123091902fc40a9db4b3bf49bb1cc783bd3d49b86fdb474c01521ff482ca8035e828428c5813d78ed47e74147d988af7702bd277f215379546615915c8e1f167270b32d20fe79bbcba2546abf89f36309f20403e1590d77d36e3577f980664c7c2d19c5855178a0346e594401be44eb1188390b241e6e27ef8872fa57b504b99508006b17640790488ab315b6f01d1e84814af5433167255d9321493c64293a3009a1d5e95432ff8a8f6d57f350544cf6c2997c812b31c80f67df960a0f24bdf26feb70b940e3d56495ecdb997b93afd27179e68e2667a2be3c31fc3092a33623ab54f20d82a97868a086998bac55abfb8e1cdabf722fb5a8783b5686c89a33b438c12a32512d4205427159a2b84a998c7ecf6654a82676e06940bb8271a289ec20d197d056cc8a0b0a970f64f20180654261c101901db99d5e951e9ce63abb60fe069c0db1b1994f741af899c80c284ff1b08e05f6bb1bc3e150679a0fc20441772f1e03036f20ef62687ac749d202d6e2d1553e88eef58b9847d8f08215d58f6f64e153c6f08569d8c568599fa6d39c3619b966e4da8533b73d9fa8cb61fedf87f9da734b6816245dd2fbed0cfb4b0325dca0bd254dac81274b49f55d259dfaf181bfe171a329468ad291b4ed3af40e0542c799545883d2244d3d0014a29b09b5a6bd2afbb1d38fe60da6f2140c4a14cf4325bdf4e05af80ce8d5761a6d2493b4f6a27e5264c3cb9c5e1ff4e6b23747bec469104c33ea156242743368db00bdcb8955bc5709b14243791714f9c20cbd3595fce8185b03f743300801eb3bf093b863d81d2f43e39010961e885f5f02c9a91fcd445bd9cc1a1e3a83cb355a6d4b491ac38a569086570fd5fc2956880de82612a60bb7883f461161a0a77f4d30956b0b96d67bf1dc3d72d99fb289318ce84c96d402b73044eb7f6a11f678a619545f633aa7e0a0a6279811fd29ac2e7bf0d39bdb2370b33b8459d5dc7c535967782cfb620225c5820ada7b5d084a48371633fca5ce4fa982a1c9753a56b9a6d00c1e705a2ba0f4a10e8539f43d1d33371c44bae9fe92110f66b13f3a0b2b4e3c43c6a53c89e0e47aea5564dc35ca6753f73d3187dda02a643b9b22582f1994b4a7333f7db9f421988ff24ddbefd708ad8237b2078c23f9b7ed744fb9b9b83ff5a80227a38f8190b3b48deccbb45787378eb083235a4cd", 0xe14}], 0x3}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) [ 90.646305] audit: type=1400 audit(1756474068.618:7): avc: denied { execmem } for pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:27:48 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SCROLLCONSOLE(r0, 0x4b72, &(0x7f0000000140)) 13:27:48 executing program 6: syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)) chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f00000000c0)='./file0\x00', 0x0) creat(&(0x7f0000000080)='./file1\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0) [ 91.814426] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 91.817909] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 91.819736] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 91.824413] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 91.830235] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 91.919893] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 91.929900] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 91.933778] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 91.943060] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 91.946266] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 91.989352] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 91.996400] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 92.001869] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.005889] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 92.007704] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 92.014329] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 92.016073] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 92.018955] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 92.023751] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.025509] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 92.028065] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 92.036801] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 92.045806] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 92.046931] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 92.050085] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 92.051456] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 92.054208] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 92.055919] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 92.059723] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 92.061657] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 92.064733] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 92.066329] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 92.072872] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 92.084290] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 92.086901] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 92.088805] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 92.095799] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 92.097233] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 92.149793] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 92.160726] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 93.890735] Bluetooth: hci0: command tx timeout [ 94.016772] Bluetooth: hci1: command tx timeout [ 94.080739] Bluetooth: hci3: command tx timeout [ 94.144643] Bluetooth: hci2: command tx timeout [ 94.144673] Bluetooth: hci5: command tx timeout [ 94.208936] Bluetooth: hci7: command tx timeout [ 94.209014] Bluetooth: hci6: command tx timeout [ 94.209845] Bluetooth: hci4: command tx timeout [ 95.938526] Bluetooth: hci0: command tx timeout [ 96.064584] Bluetooth: hci1: command tx timeout [ 96.128717] Bluetooth: hci3: command tx timeout [ 96.192585] Bluetooth: hci5: command tx timeout [ 96.192899] Bluetooth: hci2: command tx timeout [ 96.256954] Bluetooth: hci4: command tx timeout [ 96.256983] Bluetooth: hci6: command tx timeout [ 96.257012] Bluetooth: hci7: command tx timeout [ 97.984565] Bluetooth: hci0: command tx timeout [ 98.112662] Bluetooth: hci1: command tx timeout [ 98.176575] Bluetooth: hci3: command tx timeout [ 98.241280] Bluetooth: hci5: command tx timeout [ 98.241552] Bluetooth: hci2: command tx timeout [ 98.304616] Bluetooth: hci7: command tx timeout [ 98.306528] Bluetooth: hci4: command tx timeout [ 98.306797] Bluetooth: hci6: command tx timeout [ 100.032523] Bluetooth: hci0: command tx timeout [ 100.160582] Bluetooth: hci1: command tx timeout [ 100.225509] Bluetooth: hci3: command tx timeout [ 100.288520] Bluetooth: hci5: command tx timeout [ 100.288540] Bluetooth: hci2: command tx timeout [ 100.352659] Bluetooth: hci6: command tx timeout [ 100.352755] Bluetooth: hci4: command tx timeout [ 100.353215] Bluetooth: hci7: command tx timeout [ 132.404763] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 132.405431] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 132.546701] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 132.547315] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 132.675616] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 132.676234] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 132.823685] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 132.824301] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 133.183610] audit: type=1400 audit(1756474111.151:8): avc: denied { open } for pid=3812 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 133.188935] audit: type=1400 audit(1756474111.152:9): avc: denied { kernel } for pid=3812 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 133.198175] capability: warning: `syz-executor.7' uses 32-bit capabilities (legacy support in use) [ 133.213773] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.214393] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:28:31 executing program 7: modify_ldt$write(0x1, &(0x7f0000000080), 0x10) modify_ldt$write(0x1, &(0x7f0000000040)={0x80000001, 0x1000, 0x1000, 0x1, 0x3, 0x1}, 0x10) modify_ldt$write(0x1, &(0x7f0000000100)={0xffffffc1, 0x1000, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1}, 0x10) modify_ldt$write(0xffffc90000000000, &(0x7f0000000180), 0x10) 13:28:31 executing program 3: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000400)={'#! ', './file0'}, 0xb) r2 = dup(r1) fcntl$setstatus(r1, 0x4, 0x4c00) copy_file_range(r2, 0x0, r0, 0x0, 0x401, 0x0) [ 133.384136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.385067] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 133.415151] kmemleak: Found object by alias at 0x607f1a63996c [ 133.415169] CPU: 1 UID: 0 PID: 3829 Comm: syz-executor.7 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 133.415187] Tainted: [W]=WARN [ 133.415191] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 133.415197] Call Trace: [ 133.415201] [ 133.415206] dump_stack_lvl+0xca/0x120 [ 133.415231] __lookup_object+0x94/0xb0 [ 133.415248] delete_object_full+0x27/0x70 [ 133.415263] free_percpu+0x30/0x1160 [ 133.415279] ? arch_uprobe_clear_state+0x16/0x140 [ 133.415299] futex_hash_free+0x38/0xc0 [ 133.415313] mmput+0x2d3/0x390 [ 133.415330] do_exit+0x79d/0x2970 [ 133.415344] ? lock_release+0xc8/0x290 [ 133.415360] ? __pfx_do_exit+0x10/0x10 [ 133.415374] ? find_held_lock+0x2b/0x80 [ 133.415390] ? get_signal+0x835/0x2340 [ 133.415410] do_group_exit+0xd3/0x2a0 [ 133.415424] get_signal+0x2315/0x2340 [ 133.415441] ? find_held_lock+0x2b/0x80 [ 133.415463] ? lock_release+0xc8/0x290 [ 133.415477] ? __pfx_get_signal+0x10/0x10 [ 133.415492] ? do_futex+0x135/0x370 [ 133.415506] ? __pfx_do_futex+0x10/0x10 [ 133.415520] arch_do_signal_or_restart+0x80/0x790 [ 133.415537] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 133.415553] ? __x64_sys_futex+0x1c9/0x4d0 [ 133.415565] ? __x64_sys_futex+0x1d2/0x4d0 [ 133.415578] ? lock_release+0xc8/0x290 [ 133.415590] ? __pfx___x64_sys_futex+0x10/0x10 [ 133.415609] exit_to_user_mode_loop+0x8b/0x110 [ 133.415621] do_syscall_64+0x2f7/0x360 [ 133.415633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.415644] RIP: 0033:0x7f2fd6a6bb19 [ 133.415653] Code: Unable to access opcode bytes at 0x7f2fd6a6baef. [ 133.415658] RSP: 002b:00007f2fd3fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 133.415669] RAX: 0000000000000000 RBX: 00007f2fd6b7ef68 RCX: 00007f2fd6a6bb19 [ 133.415677] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2fd6b7ef68 [ 133.415684] RBP: 00007f2fd6b7ef60 R08: 0000000000000000 R09: 0000000000000000 [ 133.415690] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2fd6b7ef6c [ 133.415697] R13: 00007fffecfed5bf R14: 00007f2fd3fe1300 R15: 0000000000022000 [ 133.415712] [ 133.415716] kmemleak: Object (percpu) 0x607f1a639968 (size 8): [ 133.415722] kmemleak: comm "kworker/u9:2", pid 40, jiffies 4294800017 [ 133.415729] kmemleak: min_count = 1 [ 133.415733] kmemleak: count = 0 [ 133.415736] kmemleak: flags = 0x21 [ 133.415740] kmemleak: checksum = 0 [ 133.415743] kmemleak: backtrace: [ 133.415747] pcpu_alloc_noprof+0x87a/0x1170 [ 133.415761] fib_nh_common_init+0x30/0xd0 [ 133.415773] fib6_nh_init+0x968/0x1a00 [ 133.415783] ip6_route_info_create_nh+0x530/0xf80 [ 133.415793] ip6_route_add.part.0+0x59/0x170 [ 133.415802] ip6_route_add+0x48/0x60 [ 133.415811] addrconf_add_mroute+0x12d/0x190 [ 133.415821] addrconf_add_dev+0x148/0x1c0 [ 133.415834] addrconf_dev_config+0x1e9/0x430 [ 133.415847] addrconf_notify+0xa70/0x1920 [ 133.415862] notifier_call_chain+0xc0/0x360 [ 133.415872] call_netdevice_notifiers_info+0xbe/0x140 [ 133.415884] netif_state_change+0x157/0x330 [ 133.415892] linkwatch_do_dev+0x111/0x150 [ 133.415903] __linkwatch_run_queue+0x2ab/0x710 [ 133.415912] linkwatch_event+0x4e/0x70 13:28:31 executing program 3: shmget$private(0x0, 0x2000, 0x78000c26, &(0x7f000067f000/0x2000)=nil) 13:28:31 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, 0x0, 0x0) [ 133.570564] kmemleak: Found object by alias at 0x607f1a63996c [ 133.570582] CPU: 1 UID: 0 PID: 3850 Comm: syz-executor.7 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 133.570599] Tainted: [W]=WARN [ 133.570603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 133.570613] Call Trace: [ 133.570617] [ 133.570622] dump_stack_lvl+0xca/0x120 [ 133.570645] __lookup_object+0x94/0xb0 [ 133.570662] delete_object_full+0x27/0x70 [ 133.570677] free_percpu+0x30/0x1160 [ 133.570693] ? arch_uprobe_clear_state+0x16/0x140 [ 133.570712] futex_hash_free+0x38/0xc0 [ 133.570727] mmput+0x2d3/0x390 [ 133.570745] do_exit+0x79d/0x2970 [ 133.570762] ? __pfx_do_exit+0x10/0x10 [ 133.570776] ? find_held_lock+0x2b/0x80 [ 133.570793] ? get_signal+0x835/0x2340 [ 133.570813] do_group_exit+0xd3/0x2a0 [ 133.570827] get_signal+0x2315/0x2340 [ 133.570844] ? put_task_stack+0xd2/0x240 [ 133.570858] ? __pfx_get_signal+0x10/0x10 [ 133.570874] ? __schedule+0xe91/0x3590 [ 133.570893] arch_do_signal_or_restart+0x80/0x790 [ 133.570910] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 133.570926] ? __x64_sys_futex+0x1c9/0x4d0 [ 133.570938] ? __x64_sys_futex+0x1d2/0x4d0 [ 133.570951] ? __sys_socket+0x9f/0x260 [ 133.570965] ? __pfx___x64_sys_futex+0x10/0x10 [ 133.570978] ? xfd_validate_state+0x55/0x180 [ 133.570999] exit_to_user_mode_loop+0x8b/0x110 [ 133.571011] do_syscall_64+0x2f7/0x360 [ 133.571023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.571034] RIP: 0033:0x7f2fd6a6bb19 [ 133.571043] Code: Unable to access opcode bytes at 0x7f2fd6a6baef. [ 133.571048] RSP: 002b:00007f2fd3fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 133.571059] RAX: 0000000000000001 RBX: 00007f2fd6b7ef68 RCX: 00007f2fd6a6bb19 [ 133.571066] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2fd6b7ef6c [ 133.571073] RBP: 00007f2fd6b7ef60 R08: 000000000000000e R09: 0000000000000000 [ 133.571080] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f2fd6b7ef6c [ 133.571086] R13: 00007fffecfed5bf R14: 00007f2fd3fe1300 R15: 0000000000022000 [ 133.571102] [ 133.571106] kmemleak: Object (percpu) 0x607f1a639968 (size 8): [ 133.571112] kmemleak: comm "syz-executor.0", pid 274, jiffies 4294800129 [ 133.571119] kmemleak: min_count = 1 [ 133.571122] kmemleak: count = 0 [ 133.571126] kmemleak: flags = 0x21 [ 133.571129] kmemleak: checksum = 0 [ 133.571133] kmemleak: backtrace: [ 133.571136] pcpu_alloc_noprof+0x87a/0x1170 [ 133.571151] percpu_ref_init+0x37/0x400 [ 133.571168] cgroup_mkdir+0x28a/0x1110 [ 133.571181] kernfs_iop_mkdir+0x111/0x190 [ 133.571195] vfs_mkdir+0x59a/0x8d0 [ 133.571210] do_mkdirat+0x19f/0x3d0 [ 133.571220] __x64_sys_mkdir+0xf3/0x140 [ 133.571230] do_syscall_64+0xbf/0x360 [ 133.571238] entry_SYSCALL_64_after_hwframe+0x77/0x7f 13:28:31 executing program 7: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000280)=@req3={0x0, 0x0, 0x0, 0xfffffff8}, 0x1c) 13:28:31 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r0, 0x29, 0x35, 0x0, &(0x7f0000000040)) [ 133.689421] kmemleak: Found object by alias at 0x607f1a63996c [ 133.689441] CPU: 1 UID: 0 PID: 3859 Comm: syz-executor.7 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 133.689464] Tainted: [W]=WARN [ 133.689467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 133.689474] Call Trace: [ 133.689478] [ 133.689483] dump_stack_lvl+0xca/0x120 [ 133.689507] __lookup_object+0x94/0xb0 [ 133.689523] delete_object_full+0x27/0x70 [ 133.689538] free_percpu+0x30/0x1160 [ 133.689554] ? arch_uprobe_clear_state+0x16/0x140 [ 133.689574] futex_hash_free+0x38/0xc0 [ 133.689588] mmput+0x2d3/0x390 [ 133.689606] do_exit+0x79d/0x2970 [ 133.689619] ? lock_release+0xc8/0x290 [ 133.689636] ? __pfx_do_exit+0x10/0x10 [ 133.689649] ? find_held_lock+0x2b/0x80 [ 133.689666] ? get_signal+0x835/0x2340 [ 133.689685] do_group_exit+0xd3/0x2a0 [ 133.689699] get_signal+0x2315/0x2340 [ 133.689721] ? __pfx_get_signal+0x10/0x10 [ 133.689737] ? do_futex+0x135/0x370 [ 133.689750] ? __pfx_do_futex+0x10/0x10 [ 133.689765] arch_do_signal_or_restart+0x80/0x790 [ 133.689782] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 133.689798] ? __x64_sys_futex+0x1c9/0x4d0 [ 133.689809] ? __x64_sys_futex+0x1d2/0x4d0 [ 133.689824] ? __pfx___x64_sys_futex+0x10/0x10 [ 133.689838] ? __sys_setsockopt+0x13f/0x1a0 [ 133.689858] exit_to_user_mode_loop+0x8b/0x110 [ 133.689870] do_syscall_64+0x2f7/0x360 [ 133.689882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.689894] RIP: 0033:0x7f2fd6a6bb19 [ 133.689902] Code: Unable to access opcode bytes at 0x7f2fd6a6baef. [ 133.689907] RSP: 002b:00007f2fd3fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 133.689919] RAX: fffffffffffffe00 RBX: 00007f2fd6b7ef68 RCX: 00007f2fd6a6bb19 [ 133.689926] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2fd6b7ef68 [ 133.689933] RBP: 00007f2fd6b7ef60 R08: 0000000000000000 R09: 0000000000000000 [ 133.689940] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2fd6b7ef6c [ 133.689946] R13: 00007fffecfed5bf R14: 00007f2fd3fe1300 R15: 0000000000022000 [ 133.689962] [ 133.689965] kmemleak: Object (percpu) 0x607f1a639968 (size 8): [ 133.689972] kmemleak: comm "syz-executor.0", pid 274, jiffies 4294800212 [ 133.689979] kmemleak: min_count = 1 [ 133.689983] kmemleak: count = 0 [ 133.689986] kmemleak: flags = 0x21 [ 133.689990] kmemleak: checksum = 0 [ 133.689993] kmemleak: backtrace: [ 133.689997] pcpu_alloc_noprof+0x87a/0x1170 [ 133.690011] percpu_ref_init+0x37/0x400 [ 133.690029] cgroup_apply_control_enable+0x4a6/0x9f0 [ 133.690041] cgroup_mkdir+0x86e/0x1110 [ 133.690053] kernfs_iop_mkdir+0x111/0x190 [ 133.690068] vfs_mkdir+0x59a/0x8d0 [ 133.690082] do_mkdirat+0x19f/0x3d0 [ 133.690092] __x64_sys_mkdir+0xf3/0x140 [ 133.690102] do_syscall_64+0xbf/0x360 [ 133.690111] entry_SYSCALL_64_after_hwframe+0x77/0x7f 13:28:31 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x800448d3, &(0x7f0000000000)='?') 13:28:31 executing program 7: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000280)=@req3={0x0, 0x0, 0x0, 0xfffffff8}, 0x1c) [ 133.855341] kmemleak: Found object by alias at 0x607f1a63996c [ 133.855356] CPU: 1 UID: 0 PID: 3876 Comm: syz-executor.7 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 133.855374] Tainted: [W]=WARN [ 133.855377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 133.855384] Call Trace: [ 133.855388] [ 133.855393] dump_stack_lvl+0xca/0x120 [ 133.855416] __lookup_object+0x94/0xb0 [ 133.855432] delete_object_full+0x27/0x70 [ 133.855447] free_percpu+0x30/0x1160 [ 133.855467] ? arch_uprobe_clear_state+0x16/0x140 [ 133.855487] futex_hash_free+0x38/0xc0 [ 133.855500] mmput+0x2d3/0x390 [ 133.855519] do_exit+0x79d/0x2970 [ 133.855532] ? signal_wake_up_state+0x85/0x120 [ 133.855547] ? zap_other_threads+0x2b9/0x3a0 [ 133.855563] ? __pfx_do_exit+0x10/0x10 [ 133.855576] ? do_group_exit+0x1c3/0x2a0 [ 133.855589] ? lock_release+0xc8/0x290 [ 133.855606] do_group_exit+0xd3/0x2a0 [ 133.855620] __x64_sys_exit_group+0x3e/0x50 [ 133.855634] x64_sys_call+0x18c5/0x18d0 [ 133.855649] do_syscall_64+0xbf/0x360 [ 133.855661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.855672] RIP: 0033:0x7f2fd6a6bb19 [ 133.855680] Code: Unable to access opcode bytes at 0x7f2fd6a6baef. [ 133.855685] RSP: 002b:00007fffecfed7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.855696] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f2fd6a6bb19 [ 133.855703] RDX: 00007f2fd6a1e72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 133.855710] RBP: 0000000000000000 R08: 0000001b2d1216c8 R09: 0000000000000000 [ 133.855717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 133.855723] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fffecfed8d0 [ 133.855738] [ 133.855742] kmemleak: Object (percpu) 0x607f1a639968 (size 8): [ 133.855748] kmemleak: comm "syz-executor.4", pid 284, jiffies 4294800453 [ 133.855755] kmemleak: min_count = 1 [ 133.855759] kmemleak: count = 0 [ 133.855762] kmemleak: flags = 0x21 [ 133.855766] kmemleak: checksum = 0 [ 133.855769] kmemleak: backtrace: [ 133.855773] pcpu_alloc_noprof+0x87a/0x1170 [ 133.855788] __alloc_workqueue+0x74b/0x1820 [ 133.855805] alloc_workqueue_noprof+0xc7/0x200 [ 133.855814] ieee80211_register_hw+0x1ec5/0x3e00 [ 133.855825] mac80211_hwsim_new_radio+0x2758/0x4ef0 [ 133.855838] hwsim_new_radio_nl+0xb0d/0x1250 [ 133.855848] genl_family_rcv_msg_doit+0x1fe/0x2f0 [ 133.855859] genl_rcv_msg+0x532/0x7e0 [ 133.855868] netlink_rcv_skb+0x147/0x430 [ 133.855883] genl_rcv+0x28/0x40 [ 133.855891] netlink_unicast+0x5a7/0x870 [ 133.855906] netlink_sendmsg+0x8ac/0xd80 [ 133.855920] __sys_sendto+0x506/0x570 [ 133.855934] __x64_sys_sendto+0xe1/0x1c0 [ 133.855947] do_syscall_64+0xbf/0x360 [ 133.855955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.946760] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.947382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 133.991498] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.992083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.020809] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.021402] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.032731] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.033311] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.086230] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.087007] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.112252] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.112937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.172261] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.173154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.306764] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.307394] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.412493] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.413126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.450401] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.451750] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:28:32 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) read(r0, 0x0, 0x0) 13:28:32 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000800)=[{&(0x7f0000000240)="06d5", 0x2}], 0x1, &(0x7f0000000a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @remote}}}], 0x20}}, {{&(0x7f0000000040), 0x10, 0x0, 0x0, &(0x7f0000000c40)=[@ip_retopts={{0x3e8}}, @ip_retopts={{0x14, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x4}]}}}], 0x28}}], 0x2, 0x0) 13:28:32 executing program 7: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000280)=@req3={0x0, 0x0, 0x0, 0xfffffff8}, 0x1c) 13:28:32 executing program 6: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) setuid(0x0) r2 = dup2(r1, r0) write$binfmt_aout(r2, 0x0, 0x2e) 13:28:32 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x36, &(0x7f0000000140)={@broadcast, @random="5e52989c7e32", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @loopback}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 13:28:32 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwrite64(r1, &(0x7f0000000140)=' ', 0x1, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000100)={0x0, 0xffffffff7fffffff}) 13:28:32 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000400), 0x0, 0x2) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000540)="e551acd9be83652599c34fdbc3f075add89d8855f7ca978bd240e36ef8a64a10f13e40aa5709093a2889e1959dcf4b2f769658788234d0a85901ae791c561aadab173be5fc2aaeeac28cb751f898503e56916557d2a99ae9ce845989aed00ab3a5ea392a834ad8d97b9014f0fb3b48c0d57ae194d9d58a32fee4a9fd56bdb09b0c64904d47ad3e59053b79af2a760eb579da126e5a941488df027575a90c4d2c0f2b1d603fd5fae22ba1bf2a13958492d8ffa35b9a881ba893d249aa99b72c67bfee95caa584090906b771f64be556a9fd0f4778cc45ebd06caa773c6ca7ef7920003c015dec3db15189ccca25af7bb513c0cdeca7a13750140f1e811115da8c3b26f1c2e29a7d067b09fc8d", 0xfb}, {&(0x7f0000000000)="460915ce6396b98c9420a762e0af120af24e41ea26c4f2b058ed87782bffd7cc35d55e0d5c21044d72b41341efc1101669d7b5838662c9f2d12a4b9b4dabe2240c82a208e4d0f8ce605667a72e8c74e9e83529dd506715111cbd0000000000000000", 0x62}, {&(0x7f0000000080)="8e8612844497e1175c0a6d2aec665070057debed77f3e3f25e3526ca8a3c606a3a8ba2b2456e28a0a6ab815c3e77d50000000067eb273e5777b52e6404541e30e5b679a2e7baf08cfe2f3caffc8325c5740937981be474f7ba9f301aa1c40aff6933c3f5dca9255fb15cce2d66635b175d96c293eb34ea658434cf1537028b862b5074fe5e6258da15795e534df1f004a25f2971411763a6ddeb1eae70226f9cec3115416e0f5a81bd2da0ef32526c3848b69087209bceeb2d5f9f54a4e76f0d53154045213d7cb5e355e0bbc04f169739cb64668ffbce", 0xd7}], 0x32) 13:28:32 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x7f, 0x0, 0x2ed2fd0e, 0x0, 0x0, "34919264945c7cfe776209a191e9a432417941"}) [ 134.670065] sg_write: process 6 (syz-executor.6) changed security contexts after opening file descriptor, this is not allowed. [ 134.696784] kmemleak: Found object by alias at 0x607f1a63996c [ 134.696803] CPU: 0 UID: 0 PID: 3923 Comm: syz-executor.7 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 134.696822] Tainted: [W]=WARN [ 134.696826] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 134.696833] Call Trace: [ 134.696837] [ 134.696842] dump_stack_lvl+0xca/0x120 [ 134.696868] __lookup_object+0x94/0xb0 [ 134.696885] delete_object_full+0x27/0x70 [ 134.696901] free_percpu+0x30/0x1160 [ 134.696917] ? arch_uprobe_clear_state+0x16/0x140 [ 134.696937] futex_hash_free+0x38/0xc0 [ 134.696952] mmput+0x2d3/0x390 [ 134.696970] do_exit+0x79d/0x2970 [ 134.696984] ? signal_wake_up_state+0x85/0x120 [ 134.696999] ? zap_other_threads+0x2b9/0x3a0 [ 134.697015] ? __pfx_do_exit+0x10/0x10 [ 134.697028] ? do_group_exit+0x1c3/0x2a0 [ 134.697041] ? lock_release+0xc8/0x290 [ 134.697058] do_group_exit+0xd3/0x2a0 [ 134.697072] __x64_sys_exit_group+0x3e/0x50 [ 134.697086] x64_sys_call+0x18c5/0x18d0 [ 134.697101] do_syscall_64+0xbf/0x360 [ 134.697113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.697125] RIP: 0033:0x7f2fd6a6bb19 [ 134.697133] Code: Unable to access opcode bytes at 0x7f2fd6a6baef. [ 134.697139] RSP: 002b:00007fffecfed7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.697150] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f2fd6a6bb19 [ 134.697158] RDX: 00007f2fd6a1e72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 134.697165] RBP: 0000000000000000 R08: 0000001b2d121704 R09: 0000000000000000 [ 134.697172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 134.697179] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fffecfed8d0 [ 134.697195] [ 134.697198] kmemleak: Object (percpu) 0x607f1a639968 (size 8): [ 134.697205] kmemleak: comm "syz-executor.2", pid 285, jiffies 4294800569 [ 134.697212] kmemleak: min_count = 1 [ 134.697216] kmemleak: count = 0 [ 134.697219] kmemleak: flags = 0x21 [ 134.697223] kmemleak: checksum = 0 [ 134.697227] kmemleak: backtrace: [ 134.697230] pcpu_alloc_noprof+0x87a/0x1170 [ 134.697245] __alloc_workqueue+0x74b/0x1820 13:28:32 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x25}, {0x6}]}) openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0) 13:28:32 executing program 5: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, r0, 0x0) [ 134.697263] alloc_workqueue_noprof+0xc7/0x200 [ 134.697272] ieee80211_register_hw+0x1ec5/0x3e00 [ 134.697284] mac80211_hwsim_new_radio+0x2758/0x4ef0 [ 134.697297] hwsim_new_radio_nl+0xb0d/0x1250 [ 134.697307] genl_family_rcv_msg_doit+0x1fe/0x2f0 [ 134.697319] genl_rcv_msg+0x532/0x7e0 [ 134.697328] netlink_rcv_skb+0x147/0x430 [ 134.697343] genl_rcv+0x28/0x40 [ 134.697350] netlink_unicast+0x5a7/0x870 [ 134.697366] netlink_sendmsg+0x8ac/0xd80 [ 134.697380] __sys_sendto+0x506/0x570 [ 134.697394] __x64_sys_sendto+0xe1/0x1c0 [ 134.697407] do_syscall_64+0xbf/0x360 [ 134.697416] entry_SYSCALL_64_after_hwframe+0x77/0x7f 13:28:32 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x8, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 134.775601] audit: type=1326 audit(1756474112.747:10): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3942 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa57b01ab19 code=0x0 [ 134.777772] Oops: general protection fault, probably for non-canonical address 0xfefffc0000000032: 0000 [#1] SMP KASAN NOPTI [ 134.778729] KASAN: maybe wild-memory-access in range [0xf800000000000190-0xf800000000000197] [ 134.779403] CPU: 0 UID: 0 PID: 3941 Comm: syz-executor.5 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 134.780352] Tainted: [W]=WARN [ 134.781191] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 134.783272] RIP: 0010:perf_tp_event+0x175/0xe70 [ 134.784437] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 134.788958] RSP: 0018:ffff88800f0b7780 EFLAGS: 00010012 [ 134.789386] RAX: 1f00000000000032 RBX: f7ffffffffffffa0 RCX: ffffc90006e38000 [ 134.789952] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: f800000000000190 [ 134.790515] RBP: ffff88800f0b79f0 R08: ffff88806ce31340 R09: ffffe8ffffc160f8 [ 134.791075] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000 [ 134.791634] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000 [ 134.792190] FS: 00007feaeefae700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 134.792830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.793296] CR2: 0000556acae63230 CR3: 0000000017a61000 CR4: 0000000000350ef0 [ 134.793860] Call Trace: [ 134.794067] [ 134.794252] ? __pfx_perf_tp_event+0x10/0x10 [ 134.794608] ? __asan_memcpy+0x3d/0x60 [ 134.794926] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10 [ 134.795431] ? lock_is_held_type+0x9e/0x120 [ 134.795787] ? ctx_sched_in+0x134/0x9b0 [ 134.796104] ? kvm_sched_clock_read+0x16/0x30 [ 134.796471] ? sched_clock+0x37/0x60 [ 134.796786] ? lock_is_held_type+0x9e/0x120 [ 134.797136] ? perf_trace_run_bpf_submit+0xef/0x180 [ 134.797541] ? lock_is_held_type+0x9e/0x120 [ 134.797888] perf_trace_run_bpf_submit+0xef/0x180 [ 134.798280] perf_trace_preemptirq_template+0x259/0x430 [ 134.798713] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 134.799184] ? check_preempt_wakeup_fair+0x406/0x950 [ 134.799590] ? find_held_lock+0x2b/0x80 [ 134.799916] ? try_to_wake_up+0x8ae/0x11d0 [ 134.800270] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 134.800691] trace_irq_enable.constprop.0+0xa6/0x100 [ 134.801093] trace_hardirqs_on+0x26/0x40 [ 134.801412] _raw_spin_unlock_irqrestore+0x2c/0x50 [ 134.801799] try_to_wake_up+0x8ae/0x11d0 [ 134.802124] ? __pfx_try_to_wake_up+0x10/0x10 [ 134.802482] ? plist_del+0x122/0x270 [ 134.802781] ? find_held_lock+0x2b/0x80 [ 134.803098] ? futex_wake+0x474/0x540 [ 134.803404] wake_up_q+0xa1/0x130 [ 134.803686] futex_wake+0x47e/0x540 [ 134.803980] ? __pfx_futex_wake+0x10/0x10 [ 134.804314] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 134.804716] ? lock_release+0xc8/0x290 [ 134.805025] do_futex+0x26d/0x370 [ 134.805303] ? __pfx_do_futex+0x10/0x10 [ 134.805619] __x64_sys_futex+0x1c9/0x4d0 [ 134.805940] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 134.806403] ? __pfx___x64_sys_futex+0x10/0x10 [ 134.806766] ? xfd_validate_state+0x55/0x180 [ 134.807121] do_syscall_64+0xbf/0x360 [ 134.807422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.807821] RIP: 0033:0x7feaf1a38b19 [ 134.808114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.809512] RSP: 002b:00007feaeefae218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 134.810095] RAX: ffffffffffffffda RBX: 00007feaf1b4bf68 RCX: 00007feaf1a38b19 [ 134.810647] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007feaf1b4bf6c [ 134.811195] RBP: 00007feaf1b4bf60 R08: 000000000000000e R09: 0000000000000000 [ 134.811745] R10: 0000000000000003 R11: 0000000000000246 R12: 00007feaf1b4bf6c [ 134.812293] R13: 00007ffc7366b19f R14: 00007feaeefae300 R15: 0000000000022000 [ 134.812853] [ 134.813039] Modules linked in: [ 134.813294] ---[ end trace 0000000000000000 ]--- [ 134.813658] RIP: 0010:perf_tp_event+0x175/0xe70 [ 134.814030] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 134.815422] RSP: 0018:ffff88800f0b7780 EFLAGS: 00010012 [ 134.815834] RAX: 1f00000000000032 RBX: f7ffffffffffffa0 RCX: ffffc90006e38000 [ 134.816391] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: f800000000000190 [ 134.816946] RBP: ffff88800f0b79f0 R08: ffff88806ce31340 R09: ffffe8ffffc160f8 [ 134.817499] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000 [ 134.818050] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000 [ 134.818599] FS: 00007feaeefae700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 134.819218] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.819672] CR2: 0000556acae63230 CR3: 0000000017a61000 CR4: 0000000000350ef0 [ 134.820223] note: syz-executor.5[3941] exited with irqs disabled [ 134.820740] Oops: general protection fault, probably for non-canonical address 0xfefffc0000000032: 0000 [#2] SMP KASAN NOPTI [ 134.821597] KASAN: maybe wild-memory-access in range [0xf800000000000190-0xf800000000000197] [ 134.822248] CPU: 0 UID: 0 PID: 3941 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 134.823167] Tainted: [D]=DIE, [W]=WARN [ 134.823466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 134.824096] RIP: 0010:perf_tp_event+0x175/0xe70 [ 134.824491] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 134.826068] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012 [ 134.826479] RAX: 1f00000000000032 RBX: f7ffffffffffffa0 RCX: ffffffff81898973 [ 134.827028] RDX: ffff8880469d9b80 RSI: ffffffff818995b7 RDI: f800000000000190 [ 134.827578] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc160f8 [ 134.828129] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000 [ 134.828685] R13: 0000000000000000 R14: ffff88806ce313e8 R15: dffffc0000000000 [ 134.829235] FS: 00007feaeefae700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 134.829856] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.830304] CR2: 0000556acae63230 CR3: 0000000017a61000 CR4: 0000000000350ef0 [ 134.830855] Call Trace: [ 134.831058] [ 134.831232] ? __pfx_perf_tp_event+0x10/0x10 [ 134.831584] ? trace_pelt_se_tp+0xdf/0x130 [ 134.831919] ? do_raw_spin_lock+0x123/0x260 [ 134.832259] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 134.832640] ? lock_acquire+0x18c/0x2f0 [ 134.832955] ? update_cfs_group+0x11d/0x260 [ 134.833292] ? lock_release+0x1c7/0x290 [ 134.833606] ? do_raw_spin_unlock+0x53/0x220 [ 134.833955] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 134.834354] ? try_to_wake_up+0x128/0x11d0 [ 134.834691] ? do_raw_spin_lock+0x123/0x260 [ 134.835030] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 134.835398] ? perf_trace_run_bpf_submit+0xef/0x180 [ 134.835791] perf_trace_run_bpf_submit+0xef/0x180 [ 134.836173] perf_trace_preemptirq_template+0x259/0x430 [ 134.836599] ? read_tsc+0x9/0x20 [ 134.836871] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 134.837329] ? clockevents_program_event+0x135/0x360 [ 134.837731] ? tick_program_event+0xac/0x140 [ 134.838076] ? handle_softirqs+0x16e/0x770 [ 134.838413] trace_irq_enable.constprop.0+0xa6/0x100 [ 134.838809] trace_hardirqs_on+0x26/0x40 [ 134.839125] handle_softirqs+0x16e/0x770 [ 134.839451] __irq_exit_rcu+0xc4/0x100 [ 134.839761] irq_exit_rcu+0x9/0x20 [ 134.840042] sysvec_apic_timer_interrupt+0x70/0x80 [ 134.840429] [ 134.840613] [ 134.840793] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 134.841207] RIP: 0010:make_task_dead+0xa2/0x3b0 [ 134.841576] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de [ 134.842961] RSP: 0018:ffff88800f0b7f28 EFLAGS: 00000246 [ 134.843372] RAX: 0000000000000001 RBX: ffff8880469d9b80 RCX: ffffffff817c2b86 [ 134.843918] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234 [ 134.844465] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000 [ 134.845027] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff8880469d9b80 [ 134.845572] R13: 0000000000000000 R14: fefffc0000000032 R15: 0000000000000000 [ 134.846118] ? trace_irq_enable.constprop.0+0x26/0x100 [ 134.846525] ? make_task_dead+0x214/0x3b0 [ 134.846854] ? make_task_dead+0x214/0x3b0 [ 134.847179] ? do_syscall_64+0xbf/0x360 [ 134.847492] rewind_stack_and_make_dead+0x16/0x20 [ 134.847873] RIP: 0033:0x7feaf1a38b19 [ 134.848163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.849559] RSP: 002b:00007feaeefae218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 134.850141] RAX: ffffffffffffffda RBX: 00007feaf1b4bf68 RCX: 00007feaf1a38b19 [ 134.850687] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007feaf1b4bf6c [ 134.851231] RBP: 00007feaf1b4bf60 R08: 000000000000000e R09: 0000000000000000 [ 134.851777] R10: 0000000000000003 R11: 0000000000000246 R12: 00007feaf1b4bf6c [ 134.852323] R13: 00007ffc7366b19f R14: 00007feaeefae300 R15: 0000000000022000 [ 134.852881] [ 134.853064] Modules linked in: [ 134.853317] ---[ end trace 0000000000000000 ]--- [ 134.853680] RIP: 0010:perf_tp_event+0x175/0xe70 [ 134.854048] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 134.855439] RSP: 0018:ffff88800f0b7780 EFLAGS: 00010012 [ 134.855849] RAX: 1f00000000000032 RBX: f7ffffffffffffa0 RCX: ffffc90006e38000 [ 134.856400] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: f800000000000190 [ 134.856979] RBP: ffff88800f0b79f0 R08: ffff88806ce31340 R09: ffffe8ffffc160f8 [ 134.857537] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000 [ 134.858094] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000 [ 134.858654] FS: 00007feaeefae700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 134.859277] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.859734] CR2: 0000556acae63230 CR3: 0000000017a61000 CR4: 0000000000350ef0 [ 134.860297] Kernel panic - not syncing: Fatal exception in interrupt [ 134.860891] Kernel Offset: disabled [ 134.861179] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 13:28:33 Registers: info registers vcpu 0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff828e3230 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff88800f0b7018 R8 =0000000000000000 R9 =ffffed10016d1046 R10=00000000000fe503 R11=0000000065646f43 R12=0000000000000823 R13=0000000000000020 R14=fffffbfff10e4882 R15=dffffc0000000000 RIP=ffffffff828e3285 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007feaeefae700 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe2f00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000556acae63230 CR3=0000000017a61000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007feaf1b1f7c000007feaf1b1f7c8 XMM02=00007feaf1b1f7e000007feaf1b1f7c0 XMM03=00007feaf1b1f7c800007feaf1b1f7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88806ce3de00 RCX=ffffffff816880fc RDX=ffff8880175b3700 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff88804829eec8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1 R12=ffffed100d9c7bc1 R13=ffff88806ce3de08 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f2bade28700 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe3300000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2bade8f230 CR3=000000000eb3f000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ff000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=ef63d2b7339aa72c000000000017cdf0 XMM05=d3fdd5f48436fbd700000000000aead0 XMM06=dd5dfe313917373500000000000ae988 XMM07=a1fcdcf819d7e1e500000000000ae728 XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000 XMM10=00000000000000000020000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000