Debian GNU/Linux 11 syzkaller ttyS0
Warning: Permanently added '[localhost]:4316' (ECDSA) to the list of known hosts.
2025/08/29 08:42:48 fuzzer started
2025/08/29 08:42:48 dialing manager at localhost:43077
syzkaller login: [ 44.910870] cgroup: Unknown subsys name 'net'
[ 44.974126] cgroup: Unknown subsys name 'cpuset'
[ 44.993520] cgroup: Unknown subsys name 'rlimit'
2025/08/29 08:43:00 syscalls: 2214
2025/08/29 08:43:00 code coverage: enabled
2025/08/29 08:43:00 comparison tracing: enabled
2025/08/29 08:43:00 extra coverage: enabled
2025/08/29 08:43:00 setuid sandbox: enabled
2025/08/29 08:43:00 namespace sandbox: enabled
2025/08/29 08:43:00 Android sandbox: enabled
2025/08/29 08:43:00 fault injection: enabled
2025/08/29 08:43:00 leak checking: enabled
2025/08/29 08:43:00 net packet injection: enabled
2025/08/29 08:43:00 net device setup: enabled
2025/08/29 08:43:00 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 08:43:00 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 08:43:00 USB emulation: enabled
2025/08/29 08:43:00 hci packet injection: enabled
2025/08/29 08:43:00 wifi device emulation: enabled
2025/08/29 08:43:00 802.15.4 emulation: enabled
2025/08/29 08:43:00 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 08:43:00 fetching corpus: 50, signal 19503/22883 (executing program)
2025/08/29 08:43:01 fetching corpus: 100, signal 34254/38548 (executing program)
2025/08/29 08:43:01 fetching corpus: 150, signal 42510/47713 (executing program)
2025/08/29 08:43:01 fetching corpus: 200, signal 47621/53705 (executing program)
2025/08/29 08:43:01 fetching corpus: 250, signal 50881/57811 (executing program)
2025/08/29 08:43:01 fetching corpus: 300, signal 57276/64572 (executing program)
2025/08/29 08:43:01 fetching corpus: 350, signal 60890/68738 (executing program)
2025/08/29 08:43:01 fetching corpus: 400, signal 64631/72813 (executing program)
2025/08/29 08:43:02 fetching corpus: 450, signal 67427/76066 (executing program)
2025/08/29 08:43:02 fetching corpus: 500, signal 70912/79787 (executing program)
2025/08/29 08:43:02 fetching corpus: 550, signal 75201/83979 (executing program)
2025/08/29 08:43:02 fetching corpus: 600, signal 78513/87301 (executing program)
2025/08/29 08:43:02 fetching corpus: 650, signal 80954/89860 (executing program)
2025/08/29 08:43:02 fetching corpus: 700, signal 83048/92111 (executing program)
2025/08/29 08:43:02 fetching corpus: 750, signal 85446/94416 (executing program)
2025/08/29 08:43:02 fetching corpus: 800, signal 88380/97060 (executing program)
2025/08/29 08:43:03 fetching corpus: 850, signal 90947/99320 (executing program)
2025/08/29 08:43:03 fetching corpus: 900, signal 93467/101466 (executing program)
2025/08/29 08:43:03 fetching corpus: 950, signal 95145/102974 (executing program)
2025/08/29 08:43:03 fetching corpus: 1000, signal 96460/104239 (executing program)
2025/08/29 08:43:03 fetching corpus: 1050, signal 98992/106253 (executing program)
2025/08/29 08:43:03 fetching corpus: 1100, signal 100161/107287 (executing program)
2025/08/29 08:43:03 fetching corpus: 1150, signal 102869/109188 (executing program)
2025/08/29 08:43:03 fetching corpus: 1200, signal 104242/110227 (executing program)
2025/08/29 08:43:04 fetching corpus: 1250, signal 106770/111961 (executing program)
2025/08/29 08:43:04 fetching corpus: 1300, signal 107752/112671 (executing program)
2025/08/29 08:43:04 fetching corpus: 1350, signal 108608/113341 (executing program)
2025/08/29 08:43:04 fetching corpus: 1400, signal 109440/113909 (executing program)
2025/08/29 08:43:04 fetching corpus: 1450, signal 111523/115073 (executing program)
2025/08/29 08:43:04 fetching corpus: 1500, signal 112722/115828 (executing program)
2025/08/29 08:43:04 fetching corpus: 1550, signal 114065/116523 (executing program)
2025/08/29 08:43:04 fetching corpus: 1600, signal 115182/117156 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/117852 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/117877 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/117912 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/117954 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/117983 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118020 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118058 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118096 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118140 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118172 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118204 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118245 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118289 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118335 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118381 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118427 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118462 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118502 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118541 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118575 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118615 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118654 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118684 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118736 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118767 (executing program)
2025/08/29 08:43:05 fetching corpus: 1649, signal 116528/118767 (executing program)
2025/08/29 08:43:07 starting 8 fuzzer processes
08:43:07 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x800, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000080)="376db9b57f52b0a35db21e1129b0027cb17e64c477b9248a754770bbc0b346074c784195eb963b51692b7382fd8545313c8cf0d3859d4129a11a6004293836651aedbb8a6804d98d7a8fabc4cb8a70c79aa3faf6f1360f199c61ddf01ab9ed12953ac3f6c7add74afe8242e96d4b972c5867e4e42026172f0f57d036bff6e42aeb56146bae1303948d9da61baabf", 0x8e}, {&(0x7f0000000140)="87dfa58ab4d83ef9f485b5ccb21d5b94347f8b", 0x13}, {&(0x7f0000000180)="d87bba65dcaed7b770f6bdc1f7663c0f43f0f038e7e91877e7a5bc5dc506cf", 0x1f}, {&(0x7f00000003c0)="0e3289b7c4d5c47fb60ad92e35edb2d29814ce632dd75b6804f1c2610349a8aff4a0ee062b55018037ea323003b8e5a953a4d432db0a0f1da00e07da0443af3915001c515d1c23e7ae85a634ecd1ad64c70f4e627c7976e3686acec61e60bfc72b29cf05c61da7d270b33fc7996a7d7fffd7fd1bcd0cf9a0f7a0e35a63764085bcebf30424eb00c22d0036e273998c842ea71740ef0a4c0e78ca846a5dbcf2279aed20f4f9181f6c91ba9a87981e92b87e4d6362eae881eaf847f3ccfcf756083dd4ade0d17be938e8ff7f447f4df31de725a10a6c023a07542f", 0xda}, {&(0x7f0000000280)="33b960044908a9c59e30f336235537e389b3b9af6b4842473d719b59026c0a6d106767d5a4994b35542e3c16110976365b88040a37e14131ce0d2de050f0d0d4b25cb358a2985ded4fd3e714cba1191988c61ed0c32596aefe", 0x59}, {&(0x7f00000004c0)="f704e3ddacd4efa713389c808631676315b81a473e", 0x15}, {&(0x7f0000000540)="b55bb888cfa5e8eae03d43a350a3a9aed5", 0x11}], 0x7}}, {{&(0x7f0000000c40)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0}}], 0x2, 0x0)
08:43:07 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x5607, 0x1)
08:43:07 executing program 3:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x84013, r0, 0x0)
08:43:07 executing program 2:
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
08:43:07 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="db4d31d6805ecdac87307b14c169d9d9", 0x7ffff000}, {&(0x7f0000000200)="ee91b199cbde153a80cc89fff10933ca330cad7d5e0f004c6e6896c0909b95c3eebca1ddbf38aeb052c2cf7f3c5445bfa4c9cc966edb83bd3436a22c2a8e1cafade0533901774eb216d833be627e96c9a9c78fc0ad06be165d206fdd35dbde963942c7cb29ed300d6551b21ee9c57532", 0x70}], 0x2}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)="ea", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000a00)='m', 0x1}], 0x1}}], 0x3, 0x44894)
shutdown(r0, 0x1)
08:43:07 executing program 4:
rt_sigpending(&(0x7f0000000080), 0x8)
08:43:07 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={0x2c, r1, 0xb341daa0822653b3, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x2c}}, 0x0)
08:43:07 executing program 6:
r0 = eventfd(0x3ff)
write$eventfd(r0, &(0x7f0000000000)=0xfffffffffffffff7, 0x8)
[ 63.381162] audit: type=1400 audit(1756456987.928:7): avc: denied { execmem } for pid=272 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 64.548347] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 64.550365] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 64.552168] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 64.556674] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 64.560529] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 64.755877] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 64.758369] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 64.764177] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 64.765605] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 64.767130] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 64.769493] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 64.772095] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 64.774815] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 64.778800] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 64.780798] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 64.781129] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 64.783457] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 64.785278] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 64.785853] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 64.788368] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 64.791700] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 64.800693] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 64.801374] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 64.812789] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 64.815011] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 64.822819] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 64.832779] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 64.838078] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 64.841976] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 64.846155] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 64.847595] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 64.857538] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 64.865774] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 64.868540] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 64.879634] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 64.881416] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 64.884586] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 64.889484] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 64.894995] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 64.904459] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 66.580046] Bluetooth: hci0: command tx timeout
[ 66.834588] Bluetooth: hci1: command tx timeout
[ 66.898462] Bluetooth: hci5: command tx timeout
[ 66.899753] Bluetooth: hci3: command tx timeout
[ 66.900633] Bluetooth: hci4: command tx timeout
[ 66.962340] Bluetooth: hci7: command tx timeout
[ 66.963979] Bluetooth: hci6: command tx timeout
[ 66.965162] Bluetooth: hci2: command tx timeout
[ 68.627712] Bluetooth: hci0: command tx timeout
[ 68.883289] Bluetooth: hci1: command tx timeout
[ 68.947506] Bluetooth: hci3: command tx timeout
[ 68.949383] Bluetooth: hci4: command tx timeout
[ 68.950131] Bluetooth: hci5: command tx timeout
[ 69.011412] Bluetooth: hci2: command tx timeout
[ 69.012313] Bluetooth: hci7: command tx timeout
[ 69.013112] Bluetooth: hci6: command tx timeout
[ 70.674510] Bluetooth: hci0: command tx timeout
[ 70.931254] Bluetooth: hci1: command tx timeout
[ 70.996238] Bluetooth: hci3: command tx timeout
[ 70.996761] Bluetooth: hci5: command tx timeout
[ 70.997623] Bluetooth: hci4: command tx timeout
[ 71.058290] Bluetooth: hci6: command tx timeout
[ 71.058804] Bluetooth: hci7: command tx timeout
[ 71.059569] Bluetooth: hci2: command tx timeout
[ 72.723363] Bluetooth: hci0: command tx timeout
[ 72.978269] Bluetooth: hci1: command tx timeout
[ 73.043688] Bluetooth: hci5: command tx timeout
[ 73.044121] Bluetooth: hci4: command tx timeout
[ 73.044612] Bluetooth: hci3: command tx timeout
[ 73.108233] Bluetooth: hci2: command tx timeout
[ 73.108656] Bluetooth: hci7: command tx timeout
[ 73.109031] Bluetooth: hci6: command tx timeout
[ 103.530585] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 103.531287] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 103.723223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 103.723859] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:43:48 executing program 4:
rt_sigpending(&(0x7f0000000080), 0x8)
08:43:49 executing program 4:
rt_sigpending(&(0x7f0000000080), 0x8)
08:43:49 executing program 4:
rt_sigpending(&(0x7f0000000080), 0x8)
08:43:49 executing program 4:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
r1 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
[ 104.759253] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.759869] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:43:49 executing program 4:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
r1 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
08:43:49 executing program 4:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
r1 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
[ 104.909375] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.910006] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:43:49 executing program 4:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
r1 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
08:43:49 executing program 4:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
r1 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
[ 105.283267] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.283905] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.453043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.453752] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.539780] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.540555] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.687933] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.688587] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.747757] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.748418] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.783910] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.784613] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.832605] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.833321] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.887888] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.888627] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.977577] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.978326] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.042645] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.043585] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.206813] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.208264] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.299866] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.301083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:43:51 executing program 4:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
r1 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
08:43:51 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x5607, 0x1)
08:43:51 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x800, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000080)="376db9b57f52b0a35db21e1129b0027cb17e64c477b9248a754770bbc0b346074c784195eb963b51692b7382fd8545313c8cf0d3859d4129a11a6004293836651aedbb8a6804d98d7a8fabc4cb8a70c79aa3faf6f1360f199c61ddf01ab9ed12953ac3f6c7add74afe8242e96d4b972c5867e4e42026172f0f57d036bff6e42aeb56146bae1303948d9da61baabf", 0x8e}, {&(0x7f0000000140)="87dfa58ab4d83ef9f485b5ccb21d5b94347f8b", 0x13}, {&(0x7f0000000180)="d87bba65dcaed7b770f6bdc1f7663c0f43f0f038e7e91877e7a5bc5dc506cf", 0x1f}, {&(0x7f00000003c0)="0e3289b7c4d5c47fb60ad92e35edb2d29814ce632dd75b6804f1c2610349a8aff4a0ee062b55018037ea323003b8e5a953a4d432db0a0f1da00e07da0443af3915001c515d1c23e7ae85a634ecd1ad64c70f4e627c7976e3686acec61e60bfc72b29cf05c61da7d270b33fc7996a7d7fffd7fd1bcd0cf9a0f7a0e35a63764085bcebf30424eb00c22d0036e273998c842ea71740ef0a4c0e78ca846a5dbcf2279aed20f4f9181f6c91ba9a87981e92b87e4d6362eae881eaf847f3ccfcf756083dd4ade0d17be938e8ff7f447f4df31de725a10a6c023a07542f", 0xda}, {&(0x7f0000000280)="33b960044908a9c59e30f336235537e389b3b9af6b4842473d719b59026c0a6d106767d5a4994b35542e3c16110976365b88040a37e14131ce0d2de050f0d0d4b25cb358a2985ded4fd3e714cba1191988c61ed0c32596aefe", 0x59}, {&(0x7f00000004c0)="f704e3ddacd4efa713389c808631676315b81a473e", 0x15}, {&(0x7f0000000540)="b55bb888cfa5e8eae03d43a350a3a9aed5", 0x11}], 0x7}}, {{&(0x7f0000000c40)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0}}], 0x2, 0x0)
08:43:51 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0xc0505405, &(0x7f0000000040)={{0x1}})
08:43:51 executing program 2:
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
08:43:51 executing program 6:
r0 = eventfd(0x3ff)
write$eventfd(r0, &(0x7f0000000000)=0xfffffffffffffff7, 0x8)
08:43:51 executing program 3:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x84013, r0, 0x0)
08:43:51 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="db4d31d6805ecdac87307b14c169d9d9", 0x7ffff000}, {&(0x7f0000000200)="ee91b199cbde153a80cc89fff10933ca330cad7d5e0f004c6e6896c0909b95c3eebca1ddbf38aeb052c2cf7f3c5445bfa4c9cc966edb83bd3436a22c2a8e1cafade0533901774eb216d833be627e96c9a9c78fc0ad06be165d206fdd35dbde963942c7cb29ed300d6551b21ee9c57532", 0x70}], 0x2}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)="ea", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000a00)='m', 0x1}], 0x1}}], 0x3, 0x44894)
shutdown(r0, 0x1)
08:43:51 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0xc0505405, &(0x7f0000000040)={{0x1}})
08:43:51 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x5607, 0x1)
08:43:51 executing program 2:
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
08:43:51 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x800, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000080)="376db9b57f52b0a35db21e1129b0027cb17e64c477b9248a754770bbc0b346074c784195eb963b51692b7382fd8545313c8cf0d3859d4129a11a6004293836651aedbb8a6804d98d7a8fabc4cb8a70c79aa3faf6f1360f199c61ddf01ab9ed12953ac3f6c7add74afe8242e96d4b972c5867e4e42026172f0f57d036bff6e42aeb56146bae1303948d9da61baabf", 0x8e}, {&(0x7f0000000140)="87dfa58ab4d83ef9f485b5ccb21d5b94347f8b", 0x13}, {&(0x7f0000000180)="d87bba65dcaed7b770f6bdc1f7663c0f43f0f038e7e91877e7a5bc5dc506cf", 0x1f}, {&(0x7f00000003c0)="0e3289b7c4d5c47fb60ad92e35edb2d29814ce632dd75b6804f1c2610349a8aff4a0ee062b55018037ea323003b8e5a953a4d432db0a0f1da00e07da0443af3915001c515d1c23e7ae85a634ecd1ad64c70f4e627c7976e3686acec61e60bfc72b29cf05c61da7d270b33fc7996a7d7fffd7fd1bcd0cf9a0f7a0e35a63764085bcebf30424eb00c22d0036e273998c842ea71740ef0a4c0e78ca846a5dbcf2279aed20f4f9181f6c91ba9a87981e92b87e4d6362eae881eaf847f3ccfcf756083dd4ade0d17be938e8ff7f447f4df31de725a10a6c023a07542f", 0xda}, {&(0x7f0000000280)="33b960044908a9c59e30f336235537e389b3b9af6b4842473d719b59026c0a6d106767d5a4994b35542e3c16110976365b88040a37e14131ce0d2de050f0d0d4b25cb358a2985ded4fd3e714cba1191988c61ed0c32596aefe", 0x59}, {&(0x7f00000004c0)="f704e3ddacd4efa713389c808631676315b81a473e", 0x15}, {&(0x7f0000000540)="b55bb888cfa5e8eae03d43a350a3a9aed5", 0x11}], 0x7}}, {{&(0x7f0000000c40)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0}}], 0x2, 0x0)
08:43:52 executing program 6:
r0 = eventfd(0x3ff)
write$eventfd(r0, &(0x7f0000000000)=0xfffffffffffffff7, 0x8)
08:43:52 executing program 4:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
r1 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
08:43:52 executing program 3:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x84013, r0, 0x0)
08:43:52 executing program 2:
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
08:43:52 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x800, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000080)="376db9b57f52b0a35db21e1129b0027cb17e64c477b9248a754770bbc0b346074c784195eb963b51692b7382fd8545313c8cf0d3859d4129a11a6004293836651aedbb8a6804d98d7a8fabc4cb8a70c79aa3faf6f1360f199c61ddf01ab9ed12953ac3f6c7add74afe8242e96d4b972c5867e4e42026172f0f57d036bff6e42aeb56146bae1303948d9da61baabf", 0x8e}, {&(0x7f0000000140)="87dfa58ab4d83ef9f485b5ccb21d5b94347f8b", 0x13}, {&(0x7f0000000180)="d87bba65dcaed7b770f6bdc1f7663c0f43f0f038e7e91877e7a5bc5dc506cf", 0x1f}, {&(0x7f00000003c0)="0e3289b7c4d5c47fb60ad92e35edb2d29814ce632dd75b6804f1c2610349a8aff4a0ee062b55018037ea323003b8e5a953a4d432db0a0f1da00e07da0443af3915001c515d1c23e7ae85a634ecd1ad64c70f4e627c7976e3686acec61e60bfc72b29cf05c61da7d270b33fc7996a7d7fffd7fd1bcd0cf9a0f7a0e35a63764085bcebf30424eb00c22d0036e273998c842ea71740ef0a4c0e78ca846a5dbcf2279aed20f4f9181f6c91ba9a87981e92b87e4d6362eae881eaf847f3ccfcf756083dd4ade0d17be938e8ff7f447f4df31de725a10a6c023a07542f", 0xda}, {&(0x7f0000000280)="33b960044908a9c59e30f336235537e389b3b9af6b4842473d719b59026c0a6d106767d5a4994b35542e3c16110976365b88040a37e14131ce0d2de050f0d0d4b25cb358a2985ded4fd3e714cba1191988c61ed0c32596aefe", 0x59}, {&(0x7f00000004c0)="f704e3ddacd4efa713389c808631676315b81a473e", 0x15}, {&(0x7f0000000540)="b55bb888cfa5e8eae03d43a350a3a9aed5", 0x11}], 0x7}}, {{&(0x7f0000000c40)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0}}], 0x2, 0x0)
08:43:52 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x5607, 0x1)
08:43:52 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="db4d31d6805ecdac87307b14c169d9d9", 0x7ffff000}, {&(0x7f0000000200)="ee91b199cbde153a80cc89fff10933ca330cad7d5e0f004c6e6896c0909b95c3eebca1ddbf38aeb052c2cf7f3c5445bfa4c9cc966edb83bd3436a22c2a8e1cafade0533901774eb216d833be627e96c9a9c78fc0ad06be165d206fdd35dbde963942c7cb29ed300d6551b21ee9c57532", 0x70}], 0x2}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)="ea", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000a00)='m', 0x1}], 0x1}}], 0x3, 0x44894)
shutdown(r0, 0x1)
08:43:52 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0xc0505405, &(0x7f0000000040)={{0x1}})
08:43:53 executing program 0:
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
08:43:53 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="db4d31d6805ecdac87307b14c169d9d9", 0x7ffff000}, {&(0x7f0000000200)="ee91b199cbde153a80cc89fff10933ca330cad7d5e0f004c6e6896c0909b95c3eebca1ddbf38aeb052c2cf7f3c5445bfa4c9cc966edb83bd3436a22c2a8e1cafade0533901774eb216d833be627e96c9a9c78fc0ad06be165d206fdd35dbde963942c7cb29ed300d6551b21ee9c57532", 0x70}], 0x2}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)="ea", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000a00)='m', 0x1}], 0x1}}], 0x3, 0x44894)
shutdown(r0, 0x1)
08:43:53 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="db4d31d6805ecdac87307b14c169d9d9", 0x7ffff000}, {&(0x7f0000000200)="ee91b199cbde153a80cc89fff10933ca330cad7d5e0f004c6e6896c0909b95c3eebca1ddbf38aeb052c2cf7f3c5445bfa4c9cc966edb83bd3436a22c2a8e1cafade0533901774eb216d833be627e96c9a9c78fc0ad06be165d206fdd35dbde963942c7cb29ed300d6551b21ee9c57532", 0x70}], 0x2}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)="ea", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000a00)='m', 0x1}], 0x1}}], 0x3, 0x44894)
shutdown(r0, 0x1)
08:43:53 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0xc0505405, &(0x7f0000000040)={{0x1}})
08:43:53 executing program 4:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x84013, r0, 0x0)
08:43:53 executing program 3:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x84013, r0, 0x0)
08:43:53 executing program 6:
r0 = eventfd(0x3ff)
write$eventfd(r0, &(0x7f0000000000)=0xfffffffffffffff7, 0x8)
08:43:53 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="db4d31d6805ecdac87307b14c169d9d9", 0x7ffff000}, {&(0x7f0000000200)="ee91b199cbde153a80cc89fff10933ca330cad7d5e0f004c6e6896c0909b95c3eebca1ddbf38aeb052c2cf7f3c5445bfa4c9cc966edb83bd3436a22c2a8e1cafade0533901774eb216d833be627e96c9a9c78fc0ad06be165d206fdd35dbde963942c7cb29ed300d6551b21ee9c57532", 0x70}], 0x2}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)="ea", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000a00)='m', 0x1}], 0x1}}], 0x3, 0x44894)
shutdown(r0, 0x1)
08:43:53 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)={0x18, 0x52, 0x101, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}, 0x18}], 0x1}, 0x0)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/205, 0xcd}], 0x1)
08:43:53 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x1}, 0x14}}, 0x0)
08:43:53 executing program 0:
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
08:43:53 executing program 4:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x84013, r0, 0x0)
[ 108.653783] audit: type=1400 audit(1756457033.199:8): avc: denied { open } for pid=3973 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 108.662156] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI
[ 108.663098] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 108.663789] CPU: 0 UID: 0 PID: 3978 Comm: syz-executor.0 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 108.664452] audit: type=1400 audit(1756457033.200:9): avc: denied { kernel } for pid=3973 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 108.665248] Tainted: [W]=WARN
[ 108.665254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 108.665262] RIP: 0010:perf_tp_event+0x175/0xe70
[ 108.674693] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 108.676150] RSP: 0018:ffff88804629f600 EFLAGS: 00010212
[ 108.676581] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900013ef000
[ 108.677147] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190
[ 108.677715] RBP: ffff88804629f870 R08: ffff88806ce31340 R09: ffffe8ffffc15c70
[ 108.678281] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 108.678846] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[ 108.679440] FS: 00007f92485d2700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 108.680077] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 108.680542] CR2: 000055558c958c18 CR3: 000000001da6c000 CR4: 0000000000350ef0
[ 108.681115] Call Trace:
[ 108.681326]
[ 108.681520] ? __pfx_perf_tp_event+0x10/0x10
[ 108.681913] ? perf_trace_run_bpf_submit+0xef/0x180
[ 108.682322] perf_trace_run_bpf_submit+0xef/0x180
[ 108.682718] perf_trace_lock_acquire+0x3c2/0x700
[ 108.683136] ? __pfx_perf_trace_lock_acquire+0x10/0x10
[ 108.683560] ? __pfx_perf_trace_lock+0x10/0x10
[ 108.683930] ? futex_ref_get+0x48/0x300
[ 108.684253] ? find_held_lock+0x2b/0x80
[ 108.684585] lock_acquire+0xc5/0x2f0
[ 108.684889] ? futex_wait_setup+0xbe/0x550
[ 108.685242] _raw_spin_lock+0x2b/0x40
[ 108.685557] ? futex_wait_setup+0xbe/0x550
[ 108.685906] futex_wait_setup+0xbe/0x550
[ 108.686244] __futex_wait+0x151/0x300
[ 108.686559] ? __pfx___futex_wait+0x10/0x10
[ 108.686913] ? __pfx_futex_wake_mark+0x10/0x10
[ 108.687321] futex_wait+0xde/0x380
[ 108.687617] ? __pfx_futex_wait+0x10/0x10
[ 108.687955] ? perf_trace_lock_acquire+0xc9/0x700
[ 108.688348] ? perf_trace_lock_acquire+0xc9/0x700
[ 108.688743] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 108.689172] do_futex+0x2ee/0x370
[ 108.689460] ? __pfx_do_futex+0x10/0x10
[ 108.689785] ? do_raw_spin_lock+0x123/0x260
[ 108.690139] __x64_sys_futex+0x1c9/0x4d0
[ 108.690471] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 108.690890] ? __pfx___x64_sys_futex+0x10/0x10
[ 108.691283] ? kcov_ioctl+0x386/0x6c0
[ 108.691598] ? fput+0x6a/0x100
[ 108.691879] do_syscall_64+0xbf/0x360
[ 108.692192] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 108.692601] RIP: 0033:0x7f924b05cb19
[ 108.692900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 108.694334] RSP: 002b:00007f92485d2218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 108.694944] RAX: ffffffffffffffda RBX: 00007f924b16ff68 RCX: 00007f924b05cb19
[ 108.695528] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f924b16ff68
[ 108.696091] RBP: 00007f924b16ff60 R08: 00007f92485d2700 R09: 0000000000000000
[ 108.696656] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f924b16ff6c
[ 108.697220] R13: 00007ffc6339798f R14: 00007f92485d2300 R15: 0000000000022000
[ 108.697794]
[ 108.697987] Modules linked in:
[ 108.698277] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI
[ 108.699169] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 108.699856] CPU: 0 UID: 0 PID: 3978 Comm: syz-executor.0 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 108.700791] Tainted: [D]=DIE, [W]=WARN
[ 108.701092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 108.701739] RIP: 0010:perf_tp_event+0x175/0xe70
[ 108.702119] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 108.703567] RSP: 0018:ffff88806ce08a40 EFLAGS: 00010012
[ 108.703990] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 108.704548] RDX: ffff888019040000 RSI: ffffffff818995b7 RDI: 0000000100000190
[ 108.705124] RBP: ffff88806ce08cb0 R08: ffff88806ce31490 R09: ffffe8ffffc15c70
[ 108.705691] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 108.706257] R13: 0000000000000024 R14: ffff88806ce31490 R15: dffffc0000000000
[ 108.706824] FS: 00007f92485d2700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 108.707476] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 108.707934] CR2: 000055558c958c18 CR3: 000000001da6c000 CR4: 0000000000350ef0
[ 108.708497] Call Trace:
[ 108.708704]
[ 108.708885] ? __kernel_text_address+0xd/0x40
[ 108.709254] ? __pfx_perf_tp_event+0x10/0x10
[ 108.709611] ? kvm_sched_clock_read+0x16/0x30
[ 108.709977] ? sched_clock+0x37/0x60
[ 108.710286] ? sched_clock_cpu+0x6c/0x4e0
[ 108.710625] ? trace_pelt_se_tp+0xdf/0x130
[ 108.710966] ? __update_load_avg_se+0x428/0xa40
[ 108.711374] ? lock_is_held_type+0x9e/0x120
[ 108.711725] ? perf_trace_lock+0xb5/0x5d0
[ 108.712057] ? perf_trace_lock+0xb5/0x5d0
[ 108.712392] ? __resched_curr+0x2a2/0x330
[ 108.712730] ? __pfx_perf_trace_lock+0x10/0x10
[ 108.713099] ? __pfx_perf_trace_lock+0x10/0x10
[ 108.713469] ? perf_trace_run_bpf_submit+0xef/0x180
[ 108.713871] perf_trace_run_bpf_submit+0xef/0x180
[ 108.714262] perf_trace_lock_acquire+0x3c2/0x700
[ 108.714650] ? __pfx_perf_trace_lock_acquire+0x10/0x10
[ 108.715091] lock_acquire+0xc5/0x2f0
[ 108.715393] ? sched_ttwu_pending+0xa1/0x4a0
[ 108.715747] ? lock_release+0xc8/0x290
[ 108.716071] _raw_spin_lock_nested+0x29/0x40
[ 108.716426] ? sched_ttwu_pending+0xa1/0x4a0
[ 108.716784] sched_ttwu_pending+0xa1/0x4a0
[ 108.717126] ? __pfx_lapic_next_deadline+0x10/0x10
[ 108.717520] ? clockevents_program_event+0x135/0x360
[ 108.717929] ? __pfx_sched_ttwu_pending+0x10/0x10
[ 108.718321] ? flush_tlb_func+0x24d/0x560
[ 108.718658] __flush_smp_call_function_queue+0x434/0x740
[ 108.719121] __sysvec_call_function_single+0x6d/0x370
[ 108.719543] sysvec_call_function_single+0xa1/0xc0
[ 108.719939]
[ 108.720121]
[ 108.720305] asm_sysvec_call_function_single+0x1a/0x20
[ 108.720724] RIP: 0010:oops_exit+0x0/0x50
[ 108.721053] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27
[ 108.722494] RSP: 0018:ffff88804629f490 EFLAGS: 00000202
[ 108.722915] RAX: 0000000000040000 RBX: 0000000000000212 RCX: ffffc900013ef000
[ 108.723497] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007
[ 108.724060] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90
[ 108.724622] R10: 0000000000000000 R11: 000000000000002c R12: ffff88804629f558
[ 108.725185] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000
[ 108.725750] ? oops_end+0x4a/0xe0
[ 108.726042] oops_end+0x65/0xe0
[ 108.726317] exc_general_protection+0x1a2/0x330
[ 108.726696] asm_exc_general_protection+0x26/0x30
[ 108.727108] RIP: 0010:perf_tp_event+0x175/0xe70
[ 108.727484] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 108.728905] RSP: 0018:ffff88804629f600 EFLAGS: 00010212
[ 108.729325] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900013ef000
[ 108.729889] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190
[ 108.730451] RBP: ffff88804629f870 R08: ffff88806ce31340 R09: ffffe8ffffc15c70
[ 108.731013] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 108.731594] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[ 108.732163] ? perf_tp_event+0x167/0xe70
[ 108.732502] ? __pfx_perf_tp_event+0x10/0x10
[ 108.732885] ? perf_trace_run_bpf_submit+0xef/0x180
[ 108.733288] perf_trace_run_bpf_submit+0xef/0x180
[ 108.733678] perf_trace_lock_acquire+0x3c2/0x700
[ 108.734066] ? __pfx_perf_trace_lock_acquire+0x10/0x10
[ 108.734485] ? __pfx_perf_trace_lock+0x10/0x10
[ 108.734854] ? futex_ref_get+0x48/0x300
[ 108.735191] ? find_held_lock+0x2b/0x80
[ 108.735517] lock_acquire+0xc5/0x2f0
[ 108.735823] ? futex_wait_setup+0xbe/0x550
[ 108.736169] _raw_spin_lock+0x2b/0x40
[ 108.736476] ? futex_wait_setup+0xbe/0x550
[ 108.736821] futex_wait_setup+0xbe/0x550
[ 108.737157] __futex_wait+0x151/0x300
[ 108.737471] ? __pfx___futex_wait+0x10/0x10
[ 108.737825] ? __pfx_futex_wake_mark+0x10/0x10
[ 108.738206] futex_wait+0xde/0x380
[ 108.738500] ? __pfx_futex_wait+0x10/0x10
[ 108.738835] ? perf_trace_lock_acquire+0xc9/0x700
[ 108.739244] ? perf_trace_lock_acquire+0xc9/0x700
[ 108.739628] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 108.740046] do_futex+0x2ee/0x370
[ 108.740327] ? __pfx_do_futex+0x10/0x10
[ 108.740649] ? do_raw_spin_lock+0x123/0x260
[ 108.740998] __x64_sys_futex+0x1c9/0x4d0
[ 108.741325] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 108.741743] ? __pfx___x64_sys_futex+0x10/0x10
[ 108.742110] ? kcov_ioctl+0x386/0x6c0
[ 108.742419] ? fput+0x6a/0x100
[ 108.742689] do_syscall_64+0xbf/0x360
[ 108.742996] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 108.743424] RIP: 0033:0x7f924b05cb19
[ 108.743727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 108.745153] RSP: 002b:00007f92485d2218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 108.745750] RAX: ffffffffffffffda RBX: 00007f924b16ff68 RCX: 00007f924b05cb19
[ 108.746310] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f924b16ff68
[ 108.746872] RBP: 00007f924b16ff60 R08: 00007f92485d2700 R09: 0000000000000000
[ 108.747455] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f924b16ff6c
[ 108.748027] R13: 00007ffc6339798f R14: 00007f92485d2300 R15: 0000000000022000
[ 108.748602]
[ 108.748795] Modules linked in:
[ 108.749055] ---[ end trace 0000000000000000 ]---
[ 108.749059] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#3] SMP KASAN NOPTI
[ 108.749427] RIP: 0010:perf_tp_event+0x175/0xe70
[ 108.751184] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 108.751548] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 108.752887] CPU: 1 UID: 0 PID: 3977 Comm: syz-executor.0 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 108.754303] RSP: 0018:ffff88804629f600 EFLAGS: 00010212
[ 108.756117] Tainted: [D]=DIE, [W]=WARN
[ 108.756530] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900013ef000
[ 108.757121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 108.757676] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190
[ 108.758922] RIP: 0010:perf_tp_event+0x175/0xe70
[ 108.759499] RBP: ffff88804629f870 R08: ffff88806ce31340 R09: ffffe8ffffc15c70
[ 108.760204] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 108.760760] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 108.763522] RSP: 0018:ffff8880462ef800 EFLAGS: 00010212
[ 108.764087] R13: 0000000000000024 R14: ffff88806ce31340 R15: dffffc0000000000
[ 108.764092]
[ 108.764100] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 108.764510] FS: 00007f92485d2700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 108.765592] RDX: ffff8880071bb700 RSI: ffffffff818995b7 RDI: 0000000100000190
[ 108.765731] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 108.766809] RBP: ffff8880462efa70 R08: ffff88806cf31340 R09: ffffe8ffffd15c70
[ 108.767455] CR2: 000055558c958c18 CR3: 000000001da6c000 CR4: 0000000000350ef0
[ 108.768532] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000
[ 108.768990] Kernel panic - not syncing: Fatal exception in interrupt
[ 108.772210] Kernel Offset: disabled
[ 108.772501] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
08:43:53 Registers:
info registers vcpu 0
RAX=0000000000011a95 RBX=1ffff11008c53e51 RCX=ffffc900013ef000 RDX=0000000000040000
RSI=ffffffff8154bead RDI=0000000000000001 RBP=0000000000000001 RSP=ffff88804629f280
R8 =ffffffff8154be81 R9 =0000000000000001 R10=0000000000000001 R11=000000000000002c
R12=0000000000000023 R13=0000000000000000 R14=ffff8880097ad280 R15=ffff88804629f340
RIP=ffffffff8154beaf RFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f92485d2700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe5100000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055558c958c18 CR3=000000001da6c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f924b1437c000007f924b1437c8
XMM02=00007f924b1437e000007f924b1437c0 XMM03=00007f924b1437c800007f924b1437c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff828e3230 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888009a37828
R8 =0000000000000000 R9 =ffffed10016d5046 R10=00000000000fe503 R11=74203a7469647561
R12=0000000000000823 R13=0000000000000020 R14=fffffbfff10e4882 R15=dffffc0000000000
RIP=ffffffff828e3285 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe4300000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007facb4434018 CR3=0000000043ebf000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM01=ffffffffffffffffffff000000000000
XMM02=ffffffffffffffffffff000000000000 XMM03=696e656420737365636341002f737973
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=000000060000000700005607abf93360
XMM06=00005607ac7f67600000000000000000 XMM07=00000000000000000000000000000000
XMM08=000000000000000000007fffbfb2ad70 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000