Warning: Permanently added '[localhost]:34073' (ECDSA) to the list of known hosts. 2025/08/29 09:07:33 fuzzer started 2025/08/29 09:07:34 dialing manager at localhost:43077 syzkaller login: [ 50.174010] cgroup: Unknown subsys name 'net' [ 50.225614] cgroup: Unknown subsys name 'cpuset' [ 50.249613] cgroup: Unknown subsys name 'rlimit' 2025/08/29 09:07:45 syscalls: 2214 2025/08/29 09:07:45 code coverage: enabled 2025/08/29 09:07:45 comparison tracing: enabled 2025/08/29 09:07:45 extra coverage: enabled 2025/08/29 09:07:45 setuid sandbox: enabled 2025/08/29 09:07:45 namespace sandbox: enabled 2025/08/29 09:07:45 Android sandbox: enabled 2025/08/29 09:07:45 fault injection: enabled 2025/08/29 09:07:45 leak checking: enabled 2025/08/29 09:07:45 net packet injection: enabled 2025/08/29 09:07:45 net device setup: enabled 2025/08/29 09:07:45 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 09:07:45 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 09:07:45 USB emulation: enabled 2025/08/29 09:07:45 hci packet injection: enabled 2025/08/29 09:07:45 wifi device emulation: enabled 2025/08/29 09:07:45 802.15.4 emulation: enabled 2025/08/29 09:07:45 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 09:07:45 fetching corpus: 50, signal 26982/30173 (executing program) 2025/08/29 09:07:45 fetching corpus: 100, signal 43037/47020 (executing program) 2025/08/29 09:07:45 fetching corpus: 150, signal 48786/53792 (executing program) 2025/08/29 09:07:45 fetching corpus: 200, signal 54427/60269 (executing program) 2025/08/29 09:07:45 fetching corpus: 250, signal 58507/65163 (executing program) 2025/08/29 09:07:45 fetching corpus: 300, signal 63561/70869 (executing program) 2025/08/29 09:07:46 fetching corpus: 350, signal 68073/75864 (executing program) 2025/08/29 09:07:46 fetching corpus: 400, signal 71517/79742 (executing program) 2025/08/29 09:07:46 fetching corpus: 450, signal 74439/83165 (executing program) 2025/08/29 09:07:46 fetching corpus: 500, signal 77174/86356 (executing program) 2025/08/29 09:07:46 fetching corpus: 550, signal 79232/88892 (executing program) 2025/08/29 09:07:46 fetching corpus: 600, signal 82452/92318 (executing program) 2025/08/29 09:07:46 fetching corpus: 650, signal 85669/95677 (executing program) 2025/08/29 09:07:46 fetching corpus: 700, signal 88419/98573 (executing program) 2025/08/29 09:07:46 fetching corpus: 750, signal 89933/100397 (executing program) 2025/08/29 09:07:47 fetching corpus: 800, signal 91588/102264 (executing program) 2025/08/29 09:07:47 fetching corpus: 850, signal 93864/104517 (executing program) 2025/08/29 09:07:47 fetching corpus: 900, signal 95640/106372 (executing program) 2025/08/29 09:07:47 fetching corpus: 947, signal 98453/108976 (executing program) 2025/08/29 09:07:47 fetching corpus: 996, signal 99888/110462 (executing program) 2025/08/29 09:07:47 fetching corpus: 1046, signal 101661/112252 (executing program) 2025/08/29 09:07:47 fetching corpus: 1095, signal 102895/113502 (executing program) 2025/08/29 09:07:47 fetching corpus: 1145, signal 104771/115182 (executing program) 2025/08/29 09:07:48 fetching corpus: 1195, signal 106283/116584 (executing program) 2025/08/29 09:07:48 fetching corpus: 1245, signal 107665/117865 (executing program) 2025/08/29 09:07:48 fetching corpus: 1295, signal 109119/119190 (executing program) 2025/08/29 09:07:48 fetching corpus: 1345, signal 110858/120539 (executing program) 2025/08/29 09:07:48 fetching corpus: 1395, signal 111570/121255 (executing program) 2025/08/29 09:07:48 fetching corpus: 1445, signal 112378/122014 (executing program) 2025/08/29 09:07:48 fetching corpus: 1495, signal 113627/123011 (executing program) 2025/08/29 09:07:48 fetching corpus: 1545, signal 115482/124500 (executing program) 2025/08/29 09:07:48 fetching corpus: 1595, signal 116558/125324 (executing program) 2025/08/29 09:07:49 fetching corpus: 1645, signal 117751/126287 (executing program) 2025/08/29 09:07:49 fetching corpus: 1695, signal 118550/126912 (executing program) 2025/08/29 09:07:49 fetching corpus: 1745, signal 119914/127808 (executing program) 2025/08/29 09:07:49 fetching corpus: 1795, signal 120727/128390 (executing program) 2025/08/29 09:07:49 fetching corpus: 1845, signal 121503/128911 (executing program) 2025/08/29 09:07:49 fetching corpus: 1895, signal 122157/129356 (executing program) 2025/08/29 09:07:49 fetching corpus: 1945, signal 123444/130084 (executing program) 2025/08/29 09:07:49 fetching corpus: 1995, signal 124445/130625 (executing program) 2025/08/29 09:07:49 fetching corpus: 2045, signal 125275/131080 (executing program) 2025/08/29 09:07:49 fetching corpus: 2095, signal 125893/131454 (executing program) 2025/08/29 09:07:50 fetching corpus: 2145, signal 126925/131938 (executing program) 2025/08/29 09:07:50 fetching corpus: 2195, signal 127424/132221 (executing program) 2025/08/29 09:07:50 fetching corpus: 2245, signal 128376/132627 (executing program) 2025/08/29 09:07:50 fetching corpus: 2295, signal 129178/133011 (executing program) 2025/08/29 09:07:50 fetching corpus: 2345, signal 129693/133224 (executing program) 2025/08/29 09:07:50 fetching corpus: 2395, signal 130255/133454 (executing program) 2025/08/29 09:07:50 fetching corpus: 2445, signal 130935/133702 (executing program) 2025/08/29 09:07:50 fetching corpus: 2495, signal 131663/133897 (executing program) 2025/08/29 09:07:50 fetching corpus: 2545, signal 132174/134083 (executing program) 2025/08/29 09:07:50 fetching corpus: 2549, signal 132260/134146 (executing program) 2025/08/29 09:07:50 fetching corpus: 2549, signal 132260/134177 (executing program) 2025/08/29 09:07:50 fetching corpus: 2549, signal 132260/134211 (executing program) 2025/08/29 09:07:51 fetching corpus: 2549, signal 132260/134243 (executing program) 2025/08/29 09:07:51 fetching corpus: 2549, signal 132260/134269 (executing program) 2025/08/29 09:07:51 fetching corpus: 2549, signal 132260/134310 (executing program) 2025/08/29 09:07:51 fetching corpus: 2549, signal 132260/134351 (executing program) 2025/08/29 09:07:51 fetching corpus: 2549, signal 132260/134383 (executing program) 2025/08/29 09:07:51 fetching corpus: 2549, signal 132260/134413 (executing program) 2025/08/29 09:07:51 fetching corpus: 2549, signal 132260/134440 (executing program) 2025/08/29 09:07:51 fetching corpus: 2549, signal 132260/134481 (executing program) 2025/08/29 09:07:51 fetching corpus: 2549, signal 132260/134513 (executing program) 2025/08/29 09:07:51 fetching corpus: 2549, signal 132260/134551 (executing program) 2025/08/29 09:07:51 fetching corpus: 2549, signal 132260/134551 (executing program) 2025/08/29 09:07:53 starting 8 fuzzer processes 09:07:53 executing program 0: syz_io_uring_setup(0x0, &(0x7f0000000480), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000000)=@ethtool_cmd={0x28}}) 09:07:53 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x145802, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x14, 0x0, 0x0, r0, &(0x7f0000000000)="fa", 0x80000}]) 09:07:53 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) fcntl$lock(r0, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1}) fcntl$lock(r0, 0x25, &(0x7f0000000180)={0x0, 0x0, 0x80000000}) 09:07:53 executing program 3: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/module/snd_intel_sdw_acpi', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x57c) 09:07:53 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_FILTER(r0, 0x1000000, 0x2, 0x0, 0x0) [ 69.572980] audit: type=1400 audit(1756458473.538:7): avc: denied { execmem } for pid=271 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 09:07:53 executing program 7: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[]) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) setresuid(0x0, r1, 0x0) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) linkat(r0, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file1\x00', 0x0) 09:07:53 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r1, @ANYBLOB="08005a804d"], 0x24}}, 0x0) 09:07:53 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0x40a85323, &(0x7f0000000100)={{}, 'port1\x00'}) [ 70.772905] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.775995] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.777829] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.782647] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.785858] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.836044] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 70.841864] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 70.844137] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 70.847895] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 70.850233] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 70.911864] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.921571] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.923561] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.929018] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.931688] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 70.961347] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 70.972696] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 70.974400] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 70.978412] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 70.996226] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 70.998307] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 71.000651] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 71.020042] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 71.040857] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 71.044670] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 71.046809] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 71.057377] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 71.062785] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 71.073307] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 71.088354] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 71.106406] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 71.108497] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 71.113745] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 71.116724] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 71.125406] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 71.149970] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 71.152335] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 71.156744] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 71.224461] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 71.227716] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 72.805936] Bluetooth: hci0: command tx timeout [ 72.868163] Bluetooth: hci1: command tx timeout [ 72.997654] Bluetooth: hci2: command tx timeout [ 73.060323] Bluetooth: hci4: command tx timeout [ 73.190639] Bluetooth: hci5: command tx timeout [ 73.190681] Bluetooth: hci3: command tx timeout [ 73.252987] Bluetooth: hci6: command tx timeout [ 73.381243] Bluetooth: hci7: command tx timeout [ 74.855114] Bluetooth: hci0: command tx timeout [ 74.917137] Bluetooth: hci1: command tx timeout [ 75.044215] Bluetooth: hci2: command tx timeout [ 75.109353] Bluetooth: hci4: command tx timeout [ 75.236213] Bluetooth: hci3: command tx timeout [ 75.237535] Bluetooth: hci5: command tx timeout [ 75.300158] Bluetooth: hci6: command tx timeout [ 75.428262] Bluetooth: hci7: command tx timeout [ 76.900217] Bluetooth: hci0: command tx timeout [ 76.964199] Bluetooth: hci1: command tx timeout [ 77.092215] Bluetooth: hci2: command tx timeout [ 77.156138] Bluetooth: hci4: command tx timeout [ 77.285433] Bluetooth: hci5: command tx timeout [ 77.285549] Bluetooth: hci3: command tx timeout [ 77.348269] Bluetooth: hci6: command tx timeout [ 77.476338] Bluetooth: hci7: command tx timeout [ 78.948412] Bluetooth: hci0: command tx timeout [ 79.012290] Bluetooth: hci1: command tx timeout [ 79.140721] Bluetooth: hci2: command tx timeout [ 79.205458] Bluetooth: hci4: command tx timeout [ 79.332289] Bluetooth: hci5: command tx timeout [ 79.332315] Bluetooth: hci3: command tx timeout [ 79.397181] Bluetooth: hci6: command tx timeout [ 79.525151] Bluetooth: hci7: command tx timeout [ 107.390607] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.391282] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.649192] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.649789] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.891029] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.891632] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.072238] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.072799] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.206690] audit: type=1400 audit(1756458512.171:8): avc: denied { open } for pid=3831 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 108.213665] audit: type=1400 audit(1756458512.171:9): avc: denied { kernel } for pid=3831 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 108.242422] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.243059] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.340709] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.341625] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.432776] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.433397] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.504190] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.504756] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.630631] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.631461] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.756719] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.757719] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.842890] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.843624] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.897132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.897712] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.908419] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 108.938368] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.938953] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.980421] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.980978] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.013480] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.014006] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.078935] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.079687] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.263744] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 109.264706] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 109.265451] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 109.265979] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 109.266737] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x4000 phys_seg 22 prio class 2 [ 109.276881] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 109.277653] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 109.278226] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 109.278753] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 40 00 00 40 00 [ 109.279357] I/O error, dev sr0, sector 256 op 0x0:(READ) flags 0x4000 phys_seg 30 prio class 2 [ 109.289800] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 109.290575] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 109.291156] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 109.291680] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 80 00 00 40 00 [ 109.292284] I/O error, dev sr0, sector 512 op 0x0:(READ) flags 0x4000 phys_seg 13 prio class 2 [ 109.303461] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 109.304338] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 109.304888] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 109.305613] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 c0 00 00 40 00 [ 109.306293] I/O error, dev sr0, sector 768 op 0x0:(READ) flags 0x0 phys_seg 6 prio class 2 [ 109.337571] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 109.338448] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 109.339860] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 109.341050] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 109.341643] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x4000 phys_seg 22 prio class 2 [ 109.355017] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 109.355895] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 109.356634] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 109.357331] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 40 00 00 40 00 [ 109.357920] I/O error, dev sr0, sector 256 op 0x0:(READ) flags 0x4000 phys_seg 30 prio class 2 [ 109.367962] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 109.368748] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 109.369323] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 109.369883] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 80 00 00 40 00 [ 109.370490] I/O error, dev sr0, sector 512 op 0x0:(READ) flags 0x4000 phys_seg 13 prio class 2 [ 109.388843] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 109.389634] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 109.390217] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 109.390748] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 c0 00 00 40 00 [ 109.391355] I/O error, dev sr0, sector 768 op 0x0:(READ) flags 0x0 phys_seg 6 prio class 2 09:08:33 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r1, @ANYBLOB="08005a804d"], 0x24}}, 0x0) 09:08:33 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x145802, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x14, 0x0, 0x0, r0, &(0x7f0000000000)="fa", 0x80000}]) 09:08:33 executing program 0: syz_io_uring_setup(0x0, &(0x7f0000000480), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000000)=@ethtool_cmd={0x28}}) 09:08:33 executing program 3: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/module/snd_intel_sdw_acpi', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x57c) 09:08:33 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_FILTER(r0, 0x1000000, 0x2, 0x0, 0x0) 09:08:33 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) fcntl$lock(r0, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1}) fcntl$lock(r0, 0x25, &(0x7f0000000180)={0x0, 0x0, 0x80000000}) 09:08:33 executing program 7: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[]) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) setresuid(0x0, r1, 0x0) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) linkat(r0, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file1\x00', 0x0) 09:08:33 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0x40a85323, &(0x7f0000000100)={{}, 'port1\x00'}) 09:08:33 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_FILTER(r0, 0x1000000, 0x2, 0x0, 0x0) 09:08:33 executing program 0: syz_io_uring_setup(0x0, &(0x7f0000000480), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000000)=@ethtool_cmd={0x28}}) 09:08:33 executing program 3: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/module/snd_intel_sdw_acpi', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x57c) 09:08:33 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) fcntl$lock(r0, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1}) fcntl$lock(r0, 0x25, &(0x7f0000000180)={0x0, 0x0, 0x80000000}) 09:08:33 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r1, @ANYBLOB="08005a804d"], 0x24}}, 0x0) 09:08:33 executing program 7: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[]) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) setresuid(0x0, r1, 0x0) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) linkat(r0, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file1\x00', 0x0) [ 109.533332] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 109.534190] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 109.534802] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 109.535429] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 109.536015] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x4000 phys_seg 29 prio class 2 [ 109.558288] kmemleak: Found object by alias at 0x607f1a63900c [ 109.558310] CPU: 1 UID: 0 PID: 3915 Comm: syz-executor.4 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 109.558328] Tainted: [W]=WARN [ 109.558332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 109.558339] Call Trace: [ 109.558343] [ 109.558348] dump_stack_lvl+0xca/0x120 [ 109.558374] __lookup_object+0x94/0xb0 [ 109.558391] delete_object_full+0x27/0x70 [ 109.558406] free_percpu+0x30/0x1160 [ 109.558427] ? arch_uprobe_clear_state+0x16/0x140 [ 109.558447] futex_hash_free+0x38/0xc0 [ 109.558461] mmput+0x2d3/0x390 [ 109.558480] do_exit+0x79d/0x2970 [ 109.558493] ? signal_wake_up_state+0x85/0x120 [ 109.558509] ? zap_other_threads+0x2b9/0x3a0 [ 109.558525] ? __pfx_do_exit+0x10/0x10 [ 109.558537] ? do_group_exit+0x1c3/0x2a0 [ 109.558550] ? lock_release+0xc8/0x290 [ 109.558567] do_group_exit+0xd3/0x2a0 [ 109.558582] __x64_sys_exit_group+0x3e/0x50 [ 109.558595] x64_sys_call+0x18c5/0x18d0 [ 109.558610] do_syscall_64+0xbf/0x360 [ 109.558622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.558634] RIP: 0033:0x7f3ce3c17b19 [ 109.558642] Code: Unable to access opcode bytes at 0x7f3ce3c17aef. [ 109.558647] RSP: 002b:00007ffcb366fc18 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.558659] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f3ce3c17b19 [ 109.558666] RDX: 00007f3ce3bca72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 109.558673] RBP: 0000000000000000 R08: 0000001b2d023fac R09: 0000000000000000 [ 109.558680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 109.558686] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffcb366fd00 [ 109.558705] [ 109.558709] kmemleak: Object (percpu) 0x607f1a639008 (size 8): [ 109.558716] kmemleak: comm "syz-executor.0", pid 3920, jiffies 4294776205 [ 109.558723] kmemleak: min_count = 1 [ 109.558726] kmemleak: count = 0 [ 109.558730] kmemleak: flags = 0x21 [ 109.558734] kmemleak: checksum = 0 [ 109.558737] kmemleak: backtrace: [ 109.558741] pcpu_alloc_noprof+0x87a/0x1170 [ 109.558756] perf_trace_event_init+0x366/0xa10 [ 109.558770] perf_trace_init+0x1a4/0x2f0 [ 109.558781] perf_tp_event_init+0xa6/0x120 [ 109.558797] perf_try_init_event+0x140/0x9f0 [ 109.558809] perf_event_alloc.part.0+0x118e/0x45f0 [ 109.558825] __do_sys_perf_event_open+0x719/0x2c20 [ 109.558837] do_syscall_64+0xbf/0x360 [ 109.558845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.562153] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 109.578059] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 109.578641] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 109.579174] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 40 00 00 40 00 [ 109.579752] I/O error, dev sr0, sector 256 op 0x0:(READ) flags 0x4000 phys_seg 4 prio class 2 09:08:33 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r1, @ANYBLOB="08005a804d"], 0x24}}, 0x0) 09:08:33 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0x40a85323, &(0x7f0000000100)={{}, 'port1\x00'}) 09:08:33 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_FILTER(r0, 0x1000000, 0x2, 0x0, 0x0) 09:08:33 executing program 0: syz_io_uring_setup(0x0, &(0x7f0000000480), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000000)=@ethtool_cmd={0x28}}) 09:08:33 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x145802, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x14, 0x0, 0x0, r0, &(0x7f0000000000)="fa", 0x80000}]) 09:08:33 executing program 3: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/module/snd_intel_sdw_acpi', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x57c) 09:08:33 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) fcntl$lock(r0, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1}) fcntl$lock(r0, 0x25, &(0x7f0000000180)={0x0, 0x0, 0x80000000}) 09:08:33 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0x40a85323, &(0x7f0000000100)={{}, 'port1\x00'}) 09:08:33 executing program 7: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[]) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) setresuid(0x0, r1, 0x0) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) linkat(r0, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file1\x00', 0x0) 09:08:33 executing program 5: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x9, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 109.746262] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI [ 109.747200] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 109.747847] CPU: 1 UID: 0 PID: 3937 Comm: syz-executor.4 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 109.749460] Tainted: [W]=WARN [ 109.750270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 109.752273] RIP: 0010:perf_tp_event+0x175/0xe70 [ 109.753790] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 109.758066] RSP: 0018:ffff88804526f600 EFLAGS: 00010212 [ 109.758501] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900074c4000 [ 109.759066] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 109.759630] RBP: ffff88804526f870 R08: ffff88806cf31340 R09: ffffe8ffffd16008 [ 109.760190] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 109.760750] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 109.761319] FS: 00007f3ce118d700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 109.761951] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.762418] CR2: 000055555a071708 CR3: 000000000ba49000 CR4: 0000000000350ef0 [ 109.762979] Call Trace: [ 109.763187] [ 109.763375] ? __pfx_perf_tp_event+0x10/0x10 [ 109.763755] ? perf_trace_run_bpf_submit+0xef/0x180 [ 109.764190] perf_trace_run_bpf_submit+0xef/0x180 [ 109.764583] perf_trace_lock+0x337/0x5d0 [ 109.764914] ? __pfx_perf_trace_lock+0x10/0x10 [ 109.765295] ? lock_acquire+0x15e/0x2f0 [ 109.765625] ? futex_ref_get+0x48/0x300 [ 109.765945] ? futex_ref_get+0x114/0x300 [ 109.766268] ? futex_hash+0x15c/0x390 [ 109.766577] lock_release+0x1ab/0x290 [ 109.766884] ? futex_hash+0x15c/0x390 [ 109.767191] futex_ref_get+0x119/0x300 [ 109.767504] ? futex_hash+0x15c/0x390 [ 109.767808] futex_hash+0x70/0x390 [ 109.768100] futex_wait_setup+0xae/0x550 [ 109.768440] __futex_wait+0x151/0x300 [ 109.768751] ? __pfx___futex_wait+0x10/0x10 [ 109.769102] ? __pfx_futex_wake_mark+0x10/0x10 [ 109.769493] futex_wait+0xde/0x380 [ 109.769787] ? __pfx_futex_wait+0x10/0x10 [ 109.770125] ? perf_trace_lock+0xb5/0x5d0 [ 109.770477] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 109.770957] do_futex+0x2ee/0x370 [ 109.771295] ? __pfx_do_futex+0x10/0x10 [ 109.771667] ? do_raw_spin_lock+0x123/0x260 [ 109.772068] __x64_sys_futex+0x1c9/0x4d0 [ 109.772441] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 109.772918] ? __pfx___x64_sys_futex+0x10/0x10 [ 109.773355] ? kcov_ioctl+0x386/0x6c0 [ 109.773708] ? fput+0x6a/0x100 [ 109.774021] do_syscall_64+0xbf/0x360 [ 109.774379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.774852] RIP: 0033:0x7f3ce3c17b19 [ 109.775196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 109.776813] RSP: 002b:00007f3ce118d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 109.777513] RAX: ffffffffffffffda RBX: 00007f3ce3d2af68 RCX: 00007f3ce3c17b19 [ 109.778155] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3ce3d2af68 [ 109.778795] RBP: 00007f3ce3d2af60 R08: 00007f3ce118d700 R09: 0000000000000000 [ 109.779363] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ce3d2af6c [ 109.779925] R13: 00007ffcb366f9ef R14: 00007f3ce118d300 R15: 0000000000022000 [ 109.780500] [ 109.780689] Modules linked in: [ 109.780974] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 109.781848] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 109.782528] CPU: 1 UID: 0 PID: 3937 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 109.783683] Tainted: [D]=DIE, [W]=WARN [ 109.784033] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 109.784744] RIP: 0010:perf_tp_event+0x175/0xe70 09:08:33 executing program 3: r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) splice(r0, 0x0, r1, 0x0, 0x7, 0x0) [ 109.785285] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 109.786845] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012 [ 109.787271] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 109.787832] RDX: ffff88800fc89b80 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 109.788395] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd16008 [ 109.789031] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000 [ 109.789631] R13: 000000000000002c R14: ffff88806cf31490 R15: dffffc0000000000 [ 109.790192] FS: 00007f3ce118d700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 109.790822] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.791279] CR2: 000055555a071708 CR3: 000000000ba49000 CR4: 0000000000350ef0 [ 109.791841] Call Trace: [ 109.792049] [ 109.792237] ? __pfx_perf_tp_event+0x10/0x10 [ 109.792598] ? stack_depot_save_flags+0x2c/0xa20 [ 109.792985] ? kasan_save_stack+0x34/0x50 [ 109.793333] ? kasan_save_stack+0x24/0x50 [ 109.793670] ? kasan_save_track+0x14/0x30 [ 109.794007] ? __kasan_save_free_info+0x3a/0x60 [ 109.794385] ? __kasan_slab_free+0x3f/0x50 [ 109.794725] ? kmem_cache_free+0x2a1/0x540 [ 109.795060] ? rcu_core+0x7c8/0x1800 [ 109.795364] ? handle_softirqs+0x1b1/0x770 [ 109.795710] ? __irq_exit_rcu+0xc4/0x100 [ 109.796043] ? irq_exit_rcu+0x9/0x20 [ 109.796343] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 109.796749] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 109.797177] ? stack_trace_consume_entry+0xd7/0x170 [ 109.797593] ? arch_stack_walk+0x76/0xf0 [ 109.797921] ? stack_trace_save+0x8e/0xc0 [ 109.798254] ? kasan_save_stack+0x24/0x50 [ 109.798588] ? kasan_save_track+0x14/0x30 [ 109.798922] ? __kasan_slab_alloc+0x59/0x70 [ 109.799270] ? kmem_cache_alloc_noprof+0x205/0x690 [ 109.799663] ? __alloc_object+0x2b/0x2c0 [ 109.799992] ? __create_object+0x1d/0x80 [ 109.800320] ? kmem_cache_alloc_lru_noprof+0x418/0x6a0 [ 109.800736] ? __d_alloc+0x31/0xa10 [ 109.801032] ? d_alloc+0x4a/0x1e0 [ 109.801328] ? lookup_one_qstr_excl+0x174/0x270 [ 109.801706] ? filename_create+0x1ca/0x480 [ 109.802046] ? do_symlinkat+0xc7/0x300 [ 109.802362] ? __x64_sys_symlink+0x75/0x90 [ 109.802704] ? lock_is_held_type+0x9e/0x120 [ 109.803059] ? perf_trace_run_bpf_submit+0xef/0x180 [ 109.803458] ? match_held_lock+0xb0/0xd0 [ 109.803800] perf_trace_run_bpf_submit+0xef/0x180 [ 109.804253] perf_trace_lock+0x337/0x5d0 [ 109.804579] ? __pfx_perf_trace_lock+0x10/0x10 [ 109.804925] ? find_held_lock+0x2b/0x80 [ 109.805230] ? hrtimer_interrupt+0x114/0x830 [ 109.805592] lock_release+0x1ab/0x290 [ 109.805901] ktime_get_update_offsets_now+0xab/0x3c0 [ 109.806306] ? hrtimer_interrupt+0x114/0x830 [ 109.806659] hrtimer_interrupt+0x114/0x830 [ 109.806991] ? __local_bh_enable+0x7b/0x90 [ 109.807334] ? handle_softirqs+0x50c/0x770 [ 109.807680] __sysvec_apic_timer_interrupt+0xbb/0x330 [ 109.808093] sysvec_apic_timer_interrupt+0x6b/0x80 [ 109.808483] [ 109.808662] [ 109.808846] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 109.809254] RIP: 0010:oops_exit+0x0/0x50 [ 109.809597] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27 [ 109.811000] RSP: 0018:ffff88804526f490 EFLAGS: 00000202 [ 109.811418] RAX: 0000000000025e9c RBX: 0000000000000212 RCX: ffffc900074c4000 [ 109.811978] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 109.812536] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90 [ 109.813097] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804526f558 [ 109.813850] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000 [ 109.814410] ? oops_end+0x4a/0xe0 [ 109.814696] oops_end+0x65/0xe0 [ 109.814967] exc_general_protection+0x1a2/0x330 [ 109.815341] asm_exc_general_protection+0x26/0x30 [ 109.815719] RIP: 0010:perf_tp_event+0x175/0xe70 [ 109.816090] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 109.817505] RSP: 0018:ffff88804526f600 EFLAGS: 00010212 [ 109.817917] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900074c4000 [ 109.818644] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 109.819194] RBP: ffff88804526f870 R08: ffff88806cf31340 R09: ffffe8ffffd16008 [ 109.819745] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 109.820301] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 109.820856] ? perf_tp_event+0x167/0xe70 [ 109.821186] ? __pfx_perf_tp_event+0x10/0x10 [ 109.821663] ? perf_trace_run_bpf_submit+0xef/0x180 [ 109.822061] perf_trace_run_bpf_submit+0xef/0x180 [ 109.822582] perf_trace_lock+0x337/0x5d0 [ 109.822908] ? __pfx_perf_trace_lock+0x10/0x10 09:08:33 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040)) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) [ 109.823273] ? lock_acquire+0x15e/0x2f0 [ 109.823697] ? futex_ref_get+0x48/0x300 [ 109.824011] ? futex_ref_get+0x114/0x300 [ 109.824333] ? futex_hash+0x15c/0x390 [ 109.824635] lock_release+0x1ab/0x290 [ 109.824938] ? futex_hash+0x15c/0x390 [ 109.825241] futex_ref_get+0x119/0x300 [ 109.825559] ? futex_hash+0x15c/0x390 [ 109.825944] futex_hash+0x70/0x390 [ 109.826233] futex_wait_setup+0xae/0x550 [ 109.826562] __futex_wait+0x151/0x300 [ 109.826868] ? __pfx___futex_wait+0x10/0x10 [ 109.827217] ? __pfx_futex_wake_mark+0x10/0x10 [ 109.827590] futex_wait+0xde/0x380 [ 109.827880] ? __pfx_futex_wait+0x10/0x10 [ 109.828212] ? perf_trace_lock+0xb5/0x5d0 [ 109.828543] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 109.828954] do_futex+0x2ee/0x370 [ 109.829234] ? __pfx_do_futex+0x10/0x10 [ 109.829563] ? do_raw_spin_lock+0x123/0x260 [ 109.829908] __x64_sys_futex+0x1c9/0x4d0 [ 109.830231] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 109.830644] ? __pfx___x64_sys_futex+0x10/0x10 [ 109.831006] ? kcov_ioctl+0x386/0x6c0 [ 109.831311] ? fput+0x6a/0x100 [ 109.831577] do_syscall_64+0xbf/0x360 [ 109.831878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.832283] RIP: 0033:0x7f3ce3c17b19 [ 109.832580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 109.833994] RSP: 002b:00007f3ce118d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 109.834584] RAX: ffffffffffffffda RBX: 00007f3ce3d2af68 RCX: 00007f3ce3c17b19 [ 109.835138] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3ce3d2af68 [ 109.835688] RBP: 00007f3ce3d2af60 R08: 00007f3ce118d700 R09: 0000000000000000 [ 109.836243] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ce3d2af6c [ 109.836795] R13: 00007ffcb366f9ef R14: 00007f3ce118d300 R15: 0000000000022000 [ 109.837361] [ 109.837556] Modules linked in: [ 109.837812] ---[ end trace 0000000000000000 ]--- [ 109.838180] RIP: 0010:perf_tp_event+0x175/0xe70 [ 109.838552] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 109.839960] RSP: 0018:ffff88804526f600 EFLAGS: 00010212 [ 109.840377] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900074c4000 [ 109.840932] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 109.841494] RBP: ffff88804526f870 R08: ffff88806cf31340 R09: ffffe8ffffd16008 [ 109.842047] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 109.842597] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 109.843154] FS: 00007f3ce118d700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 109.843777] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.844231] CR2: 000055555a071708 CR3: 000000000ba49000 CR4: 0000000000350ef0 [ 109.844787] Kernel panic - not syncing: Fatal exception in interrupt [ 110.889810] Shutting down cpus with NMI [ 110.890315] Kernel Offset: disabled [ 110.890603] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 09:08:33 Registers: info registers vcpu 0 RAX=ffffffff81afc17f RBX=ffffffff8650d2dc RCX=ffffffff81afc163 RDX=0000000000000000 RSI=ffffffff868960fe RDI=ffffffff8650d2bc RBP=ffffffff8650d2bc RSP=ffff888017b677f0 R8 =ffffffff868960fe R9 =0000000000000000 R10=000000000003be53 R11=0000000000024ac7 R12=ffffffff8650d2d8 R13=ffffffff8650d2bc R14=ffffffff8650d2bc R15=dffffc0000000000 RIP=ffffffff81357a2f RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055558a358400 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe7c00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f103d9c2f64 CR3=000000004112d000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff88804526eef0 R8 =0000000000000000 R9 =ffffed1001719046 R10=0000000000000038 R11=0000000065646f43 R12=0000000000000038 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f3ce118d700 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe2500000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055555a071708 CR3=000000000ba49000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f3ce3cfe7c000007f3ce3cfe7c8 XMM02=00007f3ce3cfe7e000007f3ce3cfe7c0 XMM03=00007f3ce3cfe7c800007f3ce3cfe7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000