Warning: Permanently added '[localhost]:21777' (ECDSA) to the list of known hosts. 2025/08/29 13:29:44 fuzzer started 2025/08/29 13:29:44 dialing manager at localhost:43077 syzkaller login: [ 58.761222] cgroup: Unknown subsys name 'net' [ 58.815834] cgroup: Unknown subsys name 'cpuset' [ 58.828629] cgroup: Unknown subsys name 'rlimit' 2025/08/29 13:29:54 syscalls: 2214 2025/08/29 13:29:54 code coverage: enabled 2025/08/29 13:29:54 comparison tracing: enabled 2025/08/29 13:29:54 extra coverage: enabled 2025/08/29 13:29:54 setuid sandbox: enabled 2025/08/29 13:29:54 namespace sandbox: enabled 2025/08/29 13:29:54 Android sandbox: enabled 2025/08/29 13:29:54 fault injection: enabled 2025/08/29 13:29:54 leak checking: enabled 2025/08/29 13:29:54 net packet injection: enabled 2025/08/29 13:29:54 net device setup: enabled 2025/08/29 13:29:54 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 13:29:54 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 13:29:54 USB emulation: enabled 2025/08/29 13:29:54 hci packet injection: enabled 2025/08/29 13:29:54 wifi device emulation: enabled 2025/08/29 13:29:54 802.15.4 emulation: enabled 2025/08/29 13:29:54 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 13:29:54 fetching corpus: 50, signal 21396/24954 (executing program) 2025/08/29 13:29:54 fetching corpus: 100, signal 33605/38617 (executing program) 2025/08/29 13:29:54 fetching corpus: 150, signal 44556/50789 (executing program) 2025/08/29 13:29:54 fetching corpus: 200, signal 49357/56883 (executing program) 2025/08/29 13:29:55 fetching corpus: 250, signal 54208/62961 (executing program) 2025/08/29 13:29:55 fetching corpus: 300, signal 56764/66774 (executing program) 2025/08/29 13:29:55 fetching corpus: 350, signal 61015/72132 (executing program) 2025/08/29 13:29:55 fetching corpus: 400, signal 64866/77011 (executing program) 2025/08/29 13:29:55 fetching corpus: 450, signal 68786/81894 (executing program) 2025/08/29 13:29:55 fetching corpus: 500, signal 71335/85445 (executing program) 2025/08/29 13:29:55 fetching corpus: 550, signal 74069/89157 (executing program) 2025/08/29 13:29:55 fetching corpus: 600, signal 77794/93653 (executing program) 2025/08/29 13:29:55 fetching corpus: 650, signal 80150/96905 (executing program) 2025/08/29 13:29:55 fetching corpus: 700, signal 82266/99933 (executing program) 2025/08/29 13:29:56 fetching corpus: 750, signal 84594/103098 (executing program) 2025/08/29 13:29:56 fetching corpus: 800, signal 88366/107369 (executing program) 2025/08/29 13:29:56 fetching corpus: 850, signal 90291/110091 (executing program) 2025/08/29 13:29:56 fetching corpus: 900, signal 91814/112427 (executing program) 2025/08/29 13:29:56 fetching corpus: 950, signal 94909/116088 (executing program) 2025/08/29 13:29:56 fetching corpus: 1000, signal 96543/118448 (executing program) 2025/08/29 13:29:56 fetching corpus: 1050, signal 98567/121102 (executing program) 2025/08/29 13:29:56 fetching corpus: 1100, signal 100161/123355 (executing program) 2025/08/29 13:29:56 fetching corpus: 1150, signal 101758/125571 (executing program) 2025/08/29 13:29:57 fetching corpus: 1200, signal 103066/127583 (executing program) 2025/08/29 13:29:57 fetching corpus: 1250, signal 104825/129810 (executing program) 2025/08/29 13:29:57 fetching corpus: 1300, signal 105909/131608 (executing program) 2025/08/29 13:29:57 fetching corpus: 1350, signal 107759/133906 (executing program) 2025/08/29 13:29:57 fetching corpus: 1400, signal 109031/135805 (executing program) 2025/08/29 13:29:57 fetching corpus: 1450, signal 109995/137498 (executing program) 2025/08/29 13:29:57 fetching corpus: 1500, signal 110926/139064 (executing program) 2025/08/29 13:29:57 fetching corpus: 1550, signal 112161/140846 (executing program) 2025/08/29 13:29:57 fetching corpus: 1600, signal 114376/143194 (executing program) 2025/08/29 13:29:57 fetching corpus: 1650, signal 115631/144931 (executing program) 2025/08/29 13:29:57 fetching corpus: 1700, signal 117030/146744 (executing program) 2025/08/29 13:29:58 fetching corpus: 1750, signal 118397/148527 (executing program) 2025/08/29 13:29:58 fetching corpus: 1800, signal 119167/149872 (executing program) 2025/08/29 13:29:58 fetching corpus: 1849, signal 120243/151391 (executing program) 2025/08/29 13:29:58 fetching corpus: 1899, signal 121029/152641 (executing program) 2025/08/29 13:29:58 fetching corpus: 1949, signal 121979/154039 (executing program) 2025/08/29 13:29:58 fetching corpus: 1999, signal 122978/155441 (executing program) 2025/08/29 13:29:58 fetching corpus: 2049, signal 123628/156577 (executing program) 2025/08/29 13:29:58 fetching corpus: 2099, signal 124671/157953 (executing program) 2025/08/29 13:29:58 fetching corpus: 2149, signal 125596/159259 (executing program) 2025/08/29 13:29:59 fetching corpus: 2199, signal 126566/160559 (executing program) 2025/08/29 13:29:59 fetching corpus: 2249, signal 127407/161772 (executing program) 2025/08/29 13:29:59 fetching corpus: 2299, signal 128245/162954 (executing program) 2025/08/29 13:29:59 fetching corpus: 2349, signal 128882/164048 (executing program) 2025/08/29 13:29:59 fetching corpus: 2399, signal 129430/165046 (executing program) 2025/08/29 13:29:59 fetching corpus: 2449, signal 130532/166345 (executing program) 2025/08/29 13:29:59 fetching corpus: 2499, signal 131164/167351 (executing program) 2025/08/29 13:29:59 fetching corpus: 2549, signal 132080/168468 (executing program) 2025/08/29 13:29:59 fetching corpus: 2599, signal 133287/169755 (executing program) 2025/08/29 13:29:59 fetching corpus: 2649, signal 134312/170913 (executing program) 2025/08/29 13:29:59 fetching corpus: 2699, signal 135100/171955 (executing program) 2025/08/29 13:30:00 fetching corpus: 2749, signal 135624/172852 (executing program) 2025/08/29 13:30:00 fetching corpus: 2799, signal 136273/173826 (executing program) 2025/08/29 13:30:00 fetching corpus: 2849, signal 136991/174744 (executing program) 2025/08/29 13:30:00 fetching corpus: 2899, signal 137972/175827 (executing program) 2025/08/29 13:30:00 fetching corpus: 2949, signal 138650/176686 (executing program) 2025/08/29 13:30:00 fetching corpus: 2999, signal 139140/177516 (executing program) 2025/08/29 13:30:00 fetching corpus: 3049, signal 139881/178421 (executing program) 2025/08/29 13:30:00 fetching corpus: 3099, signal 140578/179359 (executing program) 2025/08/29 13:30:00 fetching corpus: 3149, signal 141362/180280 (executing program) 2025/08/29 13:30:00 fetching corpus: 3199, signal 141971/181104 (executing program) 2025/08/29 13:30:01 fetching corpus: 3249, signal 142636/181933 (executing program) 2025/08/29 13:30:01 fetching corpus: 3299, signal 143333/182827 (executing program) 2025/08/29 13:30:01 fetching corpus: 3349, signal 143956/183641 (executing program) 2025/08/29 13:30:01 fetching corpus: 3399, signal 144709/184512 (executing program) 2025/08/29 13:30:01 fetching corpus: 3449, signal 145313/185264 (executing program) 2025/08/29 13:30:01 fetching corpus: 3499, signal 146050/186067 (executing program) 2025/08/29 13:30:01 fetching corpus: 3549, signal 146877/186971 (executing program) 2025/08/29 13:30:01 fetching corpus: 3599, signal 147383/187663 (executing program) 2025/08/29 13:30:01 fetching corpus: 3649, signal 148029/188384 (executing program) 2025/08/29 13:30:01 fetching corpus: 3699, signal 148537/189076 (executing program) 2025/08/29 13:30:01 fetching corpus: 3749, signal 148903/189684 (executing program) 2025/08/29 13:30:01 fetching corpus: 3799, signal 149343/190276 (executing program) 2025/08/29 13:30:02 fetching corpus: 3849, signal 149880/190948 (executing program) 2025/08/29 13:30:02 fetching corpus: 3899, signal 150653/191685 (executing program) 2025/08/29 13:30:02 fetching corpus: 3949, signal 151220/192344 (executing program) 2025/08/29 13:30:02 fetching corpus: 3999, signal 151620/192897 (executing program) 2025/08/29 13:30:02 fetching corpus: 4049, signal 152068/193474 (executing program) 2025/08/29 13:30:02 fetching corpus: 4099, signal 153072/194225 (executing program) 2025/08/29 13:30:02 fetching corpus: 4149, signal 153547/194836 (executing program) 2025/08/29 13:30:02 fetching corpus: 4199, signal 153898/195376 (executing program) 2025/08/29 13:30:02 fetching corpus: 4249, signal 154273/195924 (executing program) 2025/08/29 13:30:02 fetching corpus: 4299, signal 154841/196539 (executing program) 2025/08/29 13:30:02 fetching corpus: 4349, signal 155372/197095 (executing program) 2025/08/29 13:30:03 fetching corpus: 4399, signal 155855/197638 (executing program) 2025/08/29 13:30:03 fetching corpus: 4448, signal 156324/198234 (executing program) 2025/08/29 13:30:03 fetching corpus: 4498, signal 156711/198736 (executing program) 2025/08/29 13:30:03 fetching corpus: 4548, signal 157123/199231 (executing program) 2025/08/29 13:30:03 fetching corpus: 4598, signal 157619/199795 (executing program) 2025/08/29 13:30:03 fetching corpus: 4648, signal 158022/200301 (executing program) 2025/08/29 13:30:03 fetching corpus: 4698, signal 158592/200789 (executing program) 2025/08/29 13:30:03 fetching corpus: 4748, signal 159151/201222 (executing program) 2025/08/29 13:30:03 fetching corpus: 4798, signal 159530/201702 (executing program) 2025/08/29 13:30:03 fetching corpus: 4848, signal 160090/202152 (executing program) 2025/08/29 13:30:03 fetching corpus: 4898, signal 160736/202626 (executing program) 2025/08/29 13:30:04 fetching corpus: 4948, signal 161205/202628 (executing program) 2025/08/29 13:30:04 fetching corpus: 4998, signal 161580/202636 (executing program) 2025/08/29 13:30:04 fetching corpus: 5048, signal 162229/202759 (executing program) 2025/08/29 13:30:04 fetching corpus: 5098, signal 162636/202783 (executing program) 2025/08/29 13:30:04 fetching corpus: 5148, signal 164511/202800 (executing program) 2025/08/29 13:30:04 fetching corpus: 5198, signal 164921/202822 (executing program) 2025/08/29 13:30:04 fetching corpus: 5248, signal 165265/202826 (executing program) 2025/08/29 13:30:04 fetching corpus: 5298, signal 165539/202830 (executing program) 2025/08/29 13:30:04 fetching corpus: 5348, signal 165966/202845 (executing program) 2025/08/29 13:30:04 fetching corpus: 5398, signal 166699/202864 (executing program) 2025/08/29 13:30:04 fetching corpus: 5448, signal 167239/202868 (executing program) 2025/08/29 13:30:05 fetching corpus: 5498, signal 167593/202875 (executing program) 2025/08/29 13:30:05 fetching corpus: 5548, signal 167876/202901 (executing program) 2025/08/29 13:30:05 fetching corpus: 5598, signal 168183/202904 (executing program) 2025/08/29 13:30:05 fetching corpus: 5648, signal 168763/202904 (executing program) 2025/08/29 13:30:05 fetching corpus: 5698, signal 169115/202918 (executing program) 2025/08/29 13:30:05 fetching corpus: 5748, signal 169463/202957 (executing program) 2025/08/29 13:30:05 fetching corpus: 5798, signal 169762/202964 (executing program) 2025/08/29 13:30:05 fetching corpus: 5848, signal 170229/202971 (executing program) 2025/08/29 13:30:05 fetching corpus: 5898, signal 170440/202977 (executing program) 2025/08/29 13:30:05 fetching corpus: 5948, signal 170799/202989 (executing program) 2025/08/29 13:30:05 fetching corpus: 5998, signal 171126/202998 (executing program) 2025/08/29 13:30:05 fetching corpus: 6048, signal 171547/203077 (executing program) 2025/08/29 13:30:06 fetching corpus: 6098, signal 172048/203077 (executing program) 2025/08/29 13:30:06 fetching corpus: 6148, signal 172745/203082 (executing program) 2025/08/29 13:30:06 fetching corpus: 6198, signal 173332/203176 (executing program) 2025/08/29 13:30:06 fetching corpus: 6248, signal 173789/203182 (executing program) 2025/08/29 13:30:06 fetching corpus: 6298, signal 174091/203192 (executing program) 2025/08/29 13:30:06 fetching corpus: 6348, signal 174415/203203 (executing program) 2025/08/29 13:30:06 fetching corpus: 6398, signal 174796/203231 (executing program) 2025/08/29 13:30:06 fetching corpus: 6448, signal 175210/203253 (executing program) 2025/08/29 13:30:06 fetching corpus: 6498, signal 175557/203257 (executing program) 2025/08/29 13:30:06 fetching corpus: 6548, signal 175996/203261 (executing program) 2025/08/29 13:30:07 fetching corpus: 6598, signal 176637/203277 (executing program) 2025/08/29 13:30:07 fetching corpus: 6648, signal 176875/203283 (executing program) 2025/08/29 13:30:07 fetching corpus: 6698, signal 177227/203286 (executing program) 2025/08/29 13:30:07 fetching corpus: 6748, signal 177530/203294 (executing program) 2025/08/29 13:30:07 fetching corpus: 6798, signal 177982/203296 (executing program) 2025/08/29 13:30:07 fetching corpus: 6848, signal 178266/203323 (executing program) 2025/08/29 13:30:07 fetching corpus: 6898, signal 178518/203323 (executing program) 2025/08/29 13:30:07 fetching corpus: 6948, signal 178841/203343 (executing program) 2025/08/29 13:30:07 fetching corpus: 6998, signal 179130/203351 (executing program) 2025/08/29 13:30:07 fetching corpus: 7048, signal 179412/203353 (executing program) 2025/08/29 13:30:07 fetching corpus: 7098, signal 179642/203357 (executing program) 2025/08/29 13:30:07 fetching corpus: 7148, signal 179922/203370 (executing program) 2025/08/29 13:30:08 fetching corpus: 7198, signal 180157/203411 (executing program) 2025/08/29 13:30:08 fetching corpus: 7248, signal 180411/203423 (executing program) 2025/08/29 13:30:08 fetching corpus: 7298, signal 180655/203423 (executing program) 2025/08/29 13:30:08 fetching corpus: 7347, signal 180910/203434 (executing program) 2025/08/29 13:30:08 fetching corpus: 7397, signal 181235/203439 (executing program) 2025/08/29 13:30:08 fetching corpus: 7447, signal 181611/203491 (executing program) 2025/08/29 13:30:08 fetching corpus: 7497, signal 182003/203494 (executing program) 2025/08/29 13:30:08 fetching corpus: 7547, signal 182342/203496 (executing program) 2025/08/29 13:30:08 fetching corpus: 7597, signal 182579/203501 (executing program) 2025/08/29 13:30:08 fetching corpus: 7647, signal 182860/203503 (executing program) 2025/08/29 13:30:08 fetching corpus: 7697, signal 183133/203516 (executing program) 2025/08/29 13:30:08 fetching corpus: 7747, signal 183551/203516 (executing program) 2025/08/29 13:30:09 fetching corpus: 7797, signal 183794/203538 (executing program) 2025/08/29 13:30:09 fetching corpus: 7847, signal 184053/203542 (executing program) 2025/08/29 13:30:09 fetching corpus: 7897, signal 184433/203545 (executing program) 2025/08/29 13:30:09 fetching corpus: 7947, signal 185086/203565 (executing program) 2025/08/29 13:30:09 fetching corpus: 7997, signal 185431/203584 (executing program) 2025/08/29 13:30:09 fetching corpus: 8047, signal 185622/203595 (executing program) 2025/08/29 13:30:09 fetching corpus: 8097, signal 185904/203600 (executing program) 2025/08/29 13:30:09 fetching corpus: 8147, signal 186103/203600 (executing program) 2025/08/29 13:30:09 fetching corpus: 8197, signal 186453/203605 (executing program) 2025/08/29 13:30:09 fetching corpus: 8247, signal 186734/203615 (executing program) 2025/08/29 13:30:09 fetching corpus: 8297, signal 186959/203617 (executing program) 2025/08/29 13:30:09 fetching corpus: 8347, signal 187278/203620 (executing program) 2025/08/29 13:30:10 fetching corpus: 8396, signal 187647/203624 (executing program) 2025/08/29 13:30:10 fetching corpus: 8446, signal 187883/203646 (executing program) 2025/08/29 13:30:10 fetching corpus: 8496, signal 188212/203650 (executing program) 2025/08/29 13:30:10 fetching corpus: 8546, signal 188527/203663 (executing program) 2025/08/29 13:30:10 fetching corpus: 8596, signal 188910/203685 (executing program) 2025/08/29 13:30:10 fetching corpus: 8646, signal 189078/203686 (executing program) 2025/08/29 13:30:10 fetching corpus: 8696, signal 189412/203686 (executing program) 2025/08/29 13:30:10 fetching corpus: 8746, signal 189617/203698 (executing program) 2025/08/29 13:30:10 fetching corpus: 8796, signal 190069/203727 (executing program) 2025/08/29 13:30:10 fetching corpus: 8846, signal 190305/203745 (executing program) 2025/08/29 13:30:10 fetching corpus: 8896, signal 190533/203746 (executing program) 2025/08/29 13:30:11 fetching corpus: 8946, signal 190913/203746 (executing program) 2025/08/29 13:30:11 fetching corpus: 8996, signal 191163/203754 (executing program) 2025/08/29 13:30:11 fetching corpus: 9046, signal 191368/203773 (executing program) 2025/08/29 13:30:11 fetching corpus: 9096, signal 191627/203779 (executing program) 2025/08/29 13:30:11 fetching corpus: 9146, signal 191856/203779 (executing program) 2025/08/29 13:30:11 fetching corpus: 9196, signal 192024/203782 (executing program) 2025/08/29 13:30:11 fetching corpus: 9246, signal 192262/203786 (executing program) 2025/08/29 13:30:11 fetching corpus: 9296, signal 192593/203787 (executing program) 2025/08/29 13:30:11 fetching corpus: 9346, signal 192813/203795 (executing program) 2025/08/29 13:30:11 fetching corpus: 9396, signal 192958/203796 (executing program) 2025/08/29 13:30:11 fetching corpus: 9446, signal 193241/203800 (executing program) 2025/08/29 13:30:12 fetching corpus: 9496, signal 193471/203802 (executing program) 2025/08/29 13:30:12 fetching corpus: 9546, signal 193719/203806 (executing program) 2025/08/29 13:30:12 fetching corpus: 9596, signal 193929/203821 (executing program) 2025/08/29 13:30:12 fetching corpus: 9646, signal 194148/203823 (executing program) 2025/08/29 13:30:12 fetching corpus: 9696, signal 194310/203832 (executing program) 2025/08/29 13:30:12 fetching corpus: 9746, signal 194489/203839 (executing program) 2025/08/29 13:30:12 fetching corpus: 9795, signal 194665/203840 (executing program) 2025/08/29 13:30:12 fetching corpus: 9845, signal 194927/203859 (executing program) 2025/08/29 13:30:12 fetching corpus: 9895, signal 195187/203863 (executing program) 2025/08/29 13:30:12 fetching corpus: 9945, signal 195477/203892 (executing program) 2025/08/29 13:30:12 fetching corpus: 9995, signal 195702/203954 (executing program) 2025/08/29 13:30:12 fetching corpus: 10045, signal 195838/203957 (executing program) 2025/08/29 13:30:13 fetching corpus: 10095, signal 196062/203962 (executing program) 2025/08/29 13:30:13 fetching corpus: 10145, signal 196244/203989 (executing program) 2025/08/29 13:30:13 fetching corpus: 10195, signal 196915/203995 (executing program) 2025/08/29 13:30:13 fetching corpus: 10245, signal 197147/203995 (executing program) 2025/08/29 13:30:13 fetching corpus: 10295, signal 197499/204004 (executing program) 2025/08/29 13:30:13 fetching corpus: 10345, signal 197707/204005 (executing program) 2025/08/29 13:30:13 fetching corpus: 10395, signal 197986/204016 (executing program) 2025/08/29 13:30:13 fetching corpus: 10445, signal 198162/204017 (executing program) 2025/08/29 13:30:13 fetching corpus: 10495, signal 198355/204019 (executing program) 2025/08/29 13:30:13 fetching corpus: 10545, signal 198551/204023 (executing program) 2025/08/29 13:30:13 fetching corpus: 10595, signal 198753/204026 (executing program) 2025/08/29 13:30:13 fetching corpus: 10645, signal 198995/204027 (executing program) 2025/08/29 13:30:14 fetching corpus: 10695, signal 199317/204031 (executing program) 2025/08/29 13:30:14 fetching corpus: 10745, signal 199451/204031 (executing program) 2025/08/29 13:30:14 fetching corpus: 10795, signal 199866/204032 (executing program) 2025/08/29 13:30:14 fetching corpus: 10801, signal 199919/204032 (executing program) 2025/08/29 13:30:14 fetching corpus: 10801, signal 199919/204032 (executing program) 2025/08/29 13:30:16 starting 8 fuzzer processes 13:30:16 executing program 0: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000000e40)=[{{0x0, 0x0, 0x0}}], 0x80000, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 13:30:16 executing program 2: pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RFLUSH(r0, &(0x7f0000000040)={0x7}, 0xfffffdef) 13:30:16 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, 0xfffffffffffffffd) 13:30:16 executing program 7: r0 = fsopen(&(0x7f0000000040)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) 13:30:16 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) readv(r0, &(0x7f00000001c0), 0x42) [ 90.521427] audit: type=1400 audit(1756474216.321:7): avc: denied { execmem } for pid=276 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:30:16 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="01"], 0xc) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0) 13:30:16 executing program 6: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000003c0), 0x6a841, 0x0) write$binfmt_script(r0, 0x0, 0x84) write$snapshot(r0, &(0x7f0000000000), 0x0) 13:30:16 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='syscall\x00') pread64(r0, &(0x7f0000000140)=""/178, 0xb2, 0x0) [ 91.638413] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 91.643484] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 91.646273] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 91.650206] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 91.658461] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 91.692570] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 91.696224] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 91.705230] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 91.711435] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 91.719207] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 91.822424] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 91.825039] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 91.828217] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 91.829313] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 91.830718] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 91.832452] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 91.846215] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 91.851724] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 91.851732] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 91.859593] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 91.870700] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 91.881341] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 91.885776] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 91.889069] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 91.889263] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 91.897356] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 91.903127] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 91.905310] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 91.907217] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 91.908678] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 91.915009] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 91.919920] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 91.924088] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 91.938530] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 91.940801] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 91.944349] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 91.951200] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 91.952489] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 91.960414] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 91.976992] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 93.729452] Bluetooth: hci0: command tx timeout [ 93.792916] Bluetooth: hci1: command tx timeout [ 93.920034] Bluetooth: hci4: command tx timeout [ 93.922874] Bluetooth: hci2: command tx timeout [ 93.983940] Bluetooth: hci3: command tx timeout [ 94.047974] Bluetooth: hci6: command tx timeout [ 94.048011] Bluetooth: hci5: command tx timeout [ 94.048929] Bluetooth: hci7: command tx timeout [ 95.775954] Bluetooth: hci0: command tx timeout [ 95.839908] Bluetooth: hci1: command tx timeout [ 95.967902] Bluetooth: hci2: command tx timeout [ 95.968356] Bluetooth: hci4: command tx timeout [ 96.033180] Bluetooth: hci3: command tx timeout [ 96.097939] Bluetooth: hci5: command tx timeout [ 96.098024] Bluetooth: hci7: command tx timeout [ 96.098756] Bluetooth: hci6: command tx timeout [ 97.825164] Bluetooth: hci0: command tx timeout [ 97.889054] Bluetooth: hci1: command tx timeout [ 98.017889] Bluetooth: hci4: command tx timeout [ 98.018610] Bluetooth: hci2: command tx timeout [ 98.079942] Bluetooth: hci3: command tx timeout [ 98.144003] Bluetooth: hci6: command tx timeout [ 98.145930] Bluetooth: hci7: command tx timeout [ 98.146423] Bluetooth: hci5: command tx timeout [ 99.871908] Bluetooth: hci0: command tx timeout [ 99.935892] Bluetooth: hci1: command tx timeout [ 100.063954] Bluetooth: hci2: command tx timeout [ 100.064408] Bluetooth: hci4: command tx timeout [ 100.128011] Bluetooth: hci3: command tx timeout [ 100.192101] Bluetooth: hci5: command tx timeout [ 100.192561] Bluetooth: hci7: command tx timeout [ 100.192583] Bluetooth: hci6: command tx timeout [ 127.430205] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.430895] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.661763] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.663247] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.907008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.907631] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 128.102130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.102742] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:30:53 executing program 2: pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RFLUSH(r0, &(0x7f0000000040)={0x7}, 0xfffffdef) 13:30:54 executing program 2: pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RFLUSH(r0, &(0x7f0000000040)={0x7}, 0xfffffdef) [ 128.250085] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.250688] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 128.295007] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.295582] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:30:54 executing program 2: pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RFLUSH(r0, &(0x7f0000000040)={0x7}, 0xfffffdef) 13:30:54 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCINQ(r0, 0x541b, 0xfffffffffffffffc) [ 128.522273] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.523228] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:30:54 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$KEYCTL_MOVE(0x12, 0x0, 0x0, 0x0, 0x0) [ 128.617139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.617745] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 128.645910] audit: type=1400 audit(1756474254.447:8): avc: denied { open } for pid=3824 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.652102] audit: type=1400 audit(1756474254.448:9): avc: denied { kernel } for pid=3824 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 13:30:54 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$KEYCTL_MOVE(0x12, 0x0, 0x0, 0x0, 0x0) [ 128.879232] process 'syz-executor.4' launched './file1' with NULL argv: empty string added 13:30:54 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$KEYCTL_MOVE(0x12, 0x0, 0x0, 0x0, 0x0) 13:30:54 executing program 7: r0 = fsopen(&(0x7f0000000040)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) [ 128.986114] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.986744] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.047176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.047795] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.526928] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.527543] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.600587] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.601311] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.683157] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.683810] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.810897] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.811519] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.843178] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.843797] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.882091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.882714] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.109752] random: crng reseeded on system resumption [ 130.111694] Unrecognized hibernate image header format! [ 130.112225] PM: hibernation: Image mismatch: architecture specific data [ 130.115297] random: crng reseeded on system resumption 13:30:56 executing program 0: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000000e40)=[{{0x0, 0x0, 0x0}}], 0x80000, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 13:30:56 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='syscall\x00') pread64(r0, &(0x7f0000000140)=""/178, 0xb2, 0x0) 13:30:56 executing program 4: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/mnt\x00') ftruncate(r0, 0x0) 13:30:56 executing program 3: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, r0, 0x0) chmod(&(0x7f0000000140)='./file0\x00', 0x0) 13:30:56 executing program 7: r0 = fsopen(&(0x7f0000000040)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) 13:30:56 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$KEYCTL_MOVE(0x12, 0x0, 0x0, 0x0, 0x0) 13:30:56 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@getsa={0x3c, 0x11, 0x8cd1210a05c6b389, 0x0, 0x0, {}, [@srcaddr={0x14, 0xd, @in6=@private1}]}, 0x3c}}, 0x0) syncfs(0xffffffffffffffff) 13:30:56 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, 0xfffffffffffffffd) 13:30:56 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='syscall\x00') pread64(r0, &(0x7f0000000140)=""/178, 0xb2, 0x0) 13:30:56 executing program 3: arch_prctl$ARCH_GET_GS(0x1022, &(0x7f0000000140)) 13:30:56 executing program 7: r0 = fsopen(&(0x7f0000000040)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) 13:30:56 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, 0xfffffffffffffffd) [ 130.352545] Oops: general protection fault, probably for non-canonical address 0xe5fffc0000000032: 0000 [#1] SMP KASAN NOPTI [ 130.353470] KASAN: maybe wild-memory-access in range [0x3000000000000190-0x3000000000000197] [ 130.354160] CPU: 0 UID: 0 PID: 3940 Comm: syz-executor.1 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 130.356675] Tainted: [W]=WARN [ 130.357564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 130.359785] RIP: 0010:perf_tp_event+0x175/0xe70 [ 130.361211] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 130.362917] RSP: 0018:ffff888017bb7780 EFLAGS: 00010012 [ 130.363346] RAX: 0600000000000032 RBX: 2fffffffffffffa0 RCX: ffffc90006a42000 [ 130.363922] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 3000000000000190 [ 130.364495] RBP: ffff888017bb79f0 R08: ffff88806ce31340 R09: ffffe8ffffc16330 [ 130.365065] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 130.365634] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000 [ 130.366200] FS: 00007fefa47b5700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 130.366839] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.367308] CR2: 0000000020060030 CR3: 000000001d3e3000 CR4: 0000000000350ef0 [ 130.367878] Call Trace: [ 130.368097] [ 130.368285] ? __pfx_perf_tp_event+0x10/0x10 [ 130.368650] ? __asan_memcpy+0x3d/0x60 [ 130.368974] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10 [ 130.369489] ? lock_is_held_type+0x9e/0x120 [ 130.369847] ? ctx_sched_in+0x134/0x9b0 [ 130.370172] ? css_rstat_updated+0x1b8/0x4d0 [ 130.370539] ? __pfx_css_rstat_updated+0x10/0x10 [ 130.370925] ? lock_is_held_type+0x9e/0x120 [ 130.371283] ? perf_trace_run_bpf_submit+0xef/0x180 [ 130.371691] ? lock_is_held_type+0x9e/0x120 [ 130.372051] perf_trace_run_bpf_submit+0xef/0x180 [ 130.372445] perf_trace_preemptirq_template+0x259/0x430 [ 130.372882] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 130.373356] ? check_preempt_wakeup_fair+0x406/0x950 [ 130.373768] ? find_held_lock+0x2b/0x80 [ 130.374101] ? try_to_wake_up+0x8ae/0x11d0 [ 130.374448] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 130.374860] trace_irq_enable.constprop.0+0xa6/0x100 [ 130.375271] trace_hardirqs_on+0x26/0x40 [ 130.375595] _raw_spin_unlock_irqrestore+0x2c/0x50 [ 130.375997] try_to_wake_up+0x8ae/0x11d0 [ 130.376347] ? __pfx_try_to_wake_up+0x10/0x10 [ 130.376721] ? plist_del+0x122/0x270 [ 130.377033] ? find_held_lock+0x2b/0x80 [ 130.377364] ? futex_wake+0x474/0x540 [ 130.377684] wake_up_q+0xa1/0x130 [ 130.377992] futex_wake+0x47e/0x540 [ 130.378304] ? __pfx_futex_wake+0x10/0x10 [ 130.378649] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 130.379070] ? lock_release+0xc8/0x290 [ 130.379370] do_futex+0x26d/0x370 [ 130.379642] ? __pfx_do_futex+0x10/0x10 [ 130.379947] __x64_sys_futex+0x1c9/0x4d0 [ 130.380262] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 130.380705] ? __pfx___x64_sys_futex+0x10/0x10 [ 130.381052] ? xfd_validate_state+0x55/0x180 [ 130.381396] do_syscall_64+0xbf/0x360 [ 130.381683] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.382070] RIP: 0033:0x7fefa723fb19 [ 130.382347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.383680] RSP: 002b:00007fefa47b5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 130.384250] RAX: ffffffffffffffda RBX: 00007fefa7352f68 RCX: 00007fefa723fb19 [ 130.384776] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fefa7352f6c [ 130.385298] RBP: 00007fefa7352f60 R08: 000000000000000e R09: 0000000000000000 [ 130.385826] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fefa7352f6c [ 130.386350] R13: 00007ffde130a2bf R14: 00007fefa47b5300 R15: 0000000000022000 [ 130.386879] [ 130.387070] Modules linked in: [ 130.387334] ---[ end trace 0000000000000000 ]--- [ 130.387709] RIP: 0010:perf_tp_event+0x175/0xe70 [ 130.388099] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 130.389538] RSP: 0018:ffff888017bb7780 EFLAGS: 00010012 [ 130.389963] RAX: 0600000000000032 RBX: 2fffffffffffffa0 RCX: ffffc90006a42000 [ 130.390527] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 3000000000000190 [ 130.391091] RBP: ffff888017bb79f0 R08: ffff88806ce31340 R09: ffffe8ffffc16330 [ 130.391659] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 130.392227] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000 [ 130.392791] FS: 00007fefa47b5700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 130.393429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.393891] CR2: 0000000020060030 CR3: 000000001d3e3000 CR4: 0000000000350ef0 [ 130.394457] note: syz-executor.1[3940] exited with irqs disabled [ 130.394991] Oops: general protection fault, probably for non-canonical address 0xe5fffc0000000032: 0000 [#2] SMP KASAN NOPTI [ 130.395868] KASAN: maybe wild-memory-access in range [0x3000000000000190-0x3000000000000197] [ 130.396542] CPU: 0 UID: 0 PID: 3940 Comm: syz-executor.1 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 130.397484] Tainted: [D]=DIE, [W]=WARN [ 130.397790] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 130.398437] RIP: 0010:perf_tp_event+0x175/0xe70 [ 130.398817] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 130.400259] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012 [ 130.400683] RAX: 0600000000000032 RBX: 2fffffffffffffa0 RCX: ffffffff81898973 [ 130.401245] RDX: ffff88801592d280 RSI: ffffffff818995b7 RDI: 3000000000000190 [ 130.401805] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc16330 [ 130.402365] R10: 0000000000000000 R11: ffff888017a91498 R12: dffffc0000000000 [ 130.402927] R13: 0000000000000000 R14: ffff88806ce313e8 R15: dffffc0000000000 [ 130.403491] FS: 00007fefa47b5700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 130.404130] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.404586] CR2: 0000000020060030 CR3: 000000001d3e3000 CR4: 0000000000350ef0 [ 130.405150] Call Trace: [ 130.405359] [ 130.405541] ? __pfx_perf_tp_event+0x10/0x10 [ 130.405897] ? check_preempt_wakeup_fair+0x6e/0x950 [ 130.406295] ? wakeup_preempt+0x140/0x2a0 [ 130.406633] ? lock_release+0x1c7/0x290 [ 130.406951] ? lock_release+0x1c7/0x290 [ 130.407275] ? do_raw_spin_unlock+0x53/0x220 [ 130.407636] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 130.408047] ? try_to_wake_up+0x8ae/0x11d0 [ 130.408373] ? do_raw_spin_lock+0x123/0x260 [ 130.408700] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 130.409053] ? perf_trace_run_bpf_submit+0xef/0x180 [ 130.409428] perf_trace_run_bpf_submit+0xef/0x180 [ 130.409793] perf_trace_preemptirq_template+0x259/0x430 [ 130.410195] ? read_tsc+0x9/0x20 [ 130.410458] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 130.410904] ? clockevents_program_event+0x135/0x360 [ 130.411286] ? tick_program_event+0xac/0x140 [ 130.411616] ? handle_softirqs+0x16e/0x770 [ 130.411940] trace_irq_enable.constprop.0+0xa6/0x100 [ 130.412322] trace_hardirqs_on+0x26/0x40 [ 130.412625] handle_softirqs+0x16e/0x770 [ 130.412936] __irq_exit_rcu+0xc4/0x100 [ 130.413235] irq_exit_rcu+0x9/0x20 [ 130.413502] sysvec_apic_timer_interrupt+0x70/0x80 [ 130.413871] [ 130.414041] [ 130.414213] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 130.414600] RIP: 0010:make_task_dead+0xa2/0x3b0 [ 130.414952] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de [ 130.416276] RSP: 0018:ffff888017bb7f28 EFLAGS: 00000246 [ 130.416667] RAX: 0000000000000001 RBX: ffff88801592d280 RCX: ffffffff817c2b86 [ 130.417187] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234 [ 130.417706] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000 [ 130.418225] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff88801592d280 [ 130.418744] R13: 0000000000000000 R14: e5fffc0000000032 R15: 0000000000000000 [ 130.419298] ? trace_irq_enable.constprop.0+0x26/0x100 [ 130.419714] ? make_task_dead+0x214/0x3b0 [ 130.420070] ? make_task_dead+0x214/0x3b0 [ 130.420404] ? do_syscall_64+0xbf/0x360 [ 130.420722] rewind_stack_and_make_dead+0x16/0x20 [ 130.421112] RIP: 0033:0x7fefa723fb19 [ 130.421413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.422852] RSP: 002b:00007fefa47b5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 130.423448] RAX: ffffffffffffffda RBX: 00007fefa7352f68 RCX: 00007fefa723fb19 [ 130.424015] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fefa7352f6c [ 130.424582] RBP: 00007fefa7352f60 R08: 000000000000000e R09: 0000000000000000 [ 130.425140] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fefa7352f6c [ 130.425701] R13: 00007ffde130a2bf R14: 00007fefa47b5300 R15: 0000000000022000 [ 130.426266] [ 130.426455] Modules linked in: [ 130.426715] ---[ end trace 0000000000000000 ]--- [ 130.427089] RIP: 0010:perf_tp_event+0x175/0xe70 [ 130.427465] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 130.428901] RSP: 0018:ffff888017bb7780 EFLAGS: 00010012 [ 130.429321] RAX: 0600000000000032 RBX: 2fffffffffffffa0 RCX: ffffc90006a42000 [ 130.429884] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 3000000000000190 [ 130.430449] RBP: ffff888017bb79f0 R08: ffff88806ce31340 R09: ffffe8ffffc16330 [ 130.431012] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 130.431577] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000 [ 130.432147] FS: 00007fefa47b5700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 130.432784] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.433246] CR2: 0000000020060030 CR3: 000000001d3e3000 CR4: 0000000000350ef0 [ 130.433815] Kernel panic - not syncing: Fatal exception in interrupt [ 130.434510] Kernel Offset: disabled [ 130.434803] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 13:30:56 Registers: info registers vcpu 0 RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888017bb7118 R8 =0000000000000000 R9 =ffffed100150d046 R10=0000000000000065 R11=6572617764726148 R12=0000000000000065 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fefa47b5700 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe5800000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020060030 CR3=000000001d3e3000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fefa73267c000007fefa73267c8 XMM02=00007fefa73267e000007fefa73267c0 XMM03=00007fefa73267c800007fefa73267c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000028646 RBX=ffff88806ce3de00 RCX=ffffc90008851000 RDX=0000000000040000 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff8880175e75a8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1 R12=ffffed100d9c7bc1 R13=ffff88806ce3de08 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff816880d8 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fe397056700 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe4c00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe399bf4018 CR3=0000000045fb0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fe399bc77c000007fe399bc77c8 XMM02=00007fe399bc77e000007fe399bc77c0 XMM03=00007fe399bc77c800007fe399bc77c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000