Warning: Permanently added '[localhost]:63646' (ECDSA) to the list of known hosts.
2025/08/29 11:12:53 fuzzer started
2025/08/29 11:12:54 dialing manager at localhost:43077
syzkaller login: [ 59.386619] cgroup: Unknown subsys name 'net'
[ 59.468020] cgroup: Unknown subsys name 'cpuset'
[ 59.496490] cgroup: Unknown subsys name 'rlimit'
2025/08/29 11:13:05 syscalls: 2214
2025/08/29 11:13:05 code coverage: enabled
2025/08/29 11:13:05 comparison tracing: enabled
2025/08/29 11:13:05 extra coverage: enabled
2025/08/29 11:13:05 setuid sandbox: enabled
2025/08/29 11:13:05 namespace sandbox: enabled
2025/08/29 11:13:05 Android sandbox: enabled
2025/08/29 11:13:05 fault injection: enabled
2025/08/29 11:13:05 leak checking: enabled
2025/08/29 11:13:05 net packet injection: enabled
2025/08/29 11:13:05 net device setup: enabled
2025/08/29 11:13:05 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 11:13:05 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 11:13:05 USB emulation: enabled
2025/08/29 11:13:05 hci packet injection: enabled
2025/08/29 11:13:05 wifi device emulation: enabled
2025/08/29 11:13:05 802.15.4 emulation: enabled
2025/08/29 11:13:05 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 11:13:05 fetching corpus: 50, signal 20592/24191 (executing program)
2025/08/29 11:13:05 fetching corpus: 100, signal 31567/36577 (executing program)
2025/08/29 11:13:05 fetching corpus: 150, signal 39827/46127 (executing program)
2025/08/29 11:13:05 fetching corpus: 200, signal 45977/53524 (executing program)
2025/08/29 11:13:05 fetching corpus: 250, signal 54109/62650 (executing program)
2025/08/29 11:13:05 fetching corpus: 300, signal 58929/68509 (executing program)
2025/08/29 11:13:06 fetching corpus: 350, signal 62770/73376 (executing program)
2025/08/29 11:13:06 fetching corpus: 400, signal 66680/78279 (executing program)
2025/08/29 11:13:06 fetching corpus: 450, signal 71011/83440 (executing program)
2025/08/29 11:13:06 fetching corpus: 500, signal 73524/86886 (executing program)
2025/08/29 11:13:06 fetching corpus: 550, signal 75874/90113 (executing program)
2025/08/29 11:13:06 fetching corpus: 600, signal 79126/94128 (executing program)
2025/08/29 11:13:06 fetching corpus: 650, signal 83147/98696 (executing program)
2025/08/29 11:13:06 fetching corpus: 700, signal 85129/101429 (executing program)
2025/08/29 11:13:06 fetching corpus: 750, signal 87643/104580 (executing program)
2025/08/29 11:13:06 fetching corpus: 800, signal 89239/106938 (executing program)
2025/08/29 11:13:07 fetching corpus: 850, signal 91383/109705 (executing program)
2025/08/29 11:13:07 fetching corpus: 900, signal 93066/112090 (executing program)
2025/08/29 11:13:07 fetching corpus: 950, signal 94545/114202 (executing program)
2025/08/29 11:13:07 fetching corpus: 1000, signal 96974/117047 (executing program)
2025/08/29 11:13:07 fetching corpus: 1050, signal 99515/119960 (executing program)
2025/08/29 11:13:07 fetching corpus: 1100, signal 101430/122369 (executing program)
2025/08/29 11:13:07 fetching corpus: 1150, signal 103301/124677 (executing program)
2025/08/29 11:13:07 fetching corpus: 1200, signal 105115/126898 (executing program)
2025/08/29 11:13:07 fetching corpus: 1250, signal 106569/128854 (executing program)
2025/08/29 11:13:07 fetching corpus: 1300, signal 107792/130651 (executing program)
2025/08/29 11:13:08 fetching corpus: 1350, signal 109454/132642 (executing program)
2025/08/29 11:13:08 fetching corpus: 1400, signal 110483/134213 (executing program)
2025/08/29 11:13:08 fetching corpus: 1450, signal 111750/135905 (executing program)
2025/08/29 11:13:08 fetching corpus: 1500, signal 112481/137207 (executing program)
2025/08/29 11:13:08 fetching corpus: 1550, signal 113395/138591 (executing program)
2025/08/29 11:13:08 fetching corpus: 1600, signal 114583/140074 (executing program)
2025/08/29 11:13:08 fetching corpus: 1650, signal 115648/141505 (executing program)
2025/08/29 11:13:08 fetching corpus: 1700, signal 116693/142973 (executing program)
2025/08/29 11:13:08 fetching corpus: 1750, signal 117658/144359 (executing program)
2025/08/29 11:13:08 fetching corpus: 1800, signal 119342/146170 (executing program)
2025/08/29 11:13:09 fetching corpus: 1850, signal 120434/147521 (executing program)
2025/08/29 11:13:09 fetching corpus: 1900, signal 121412/148770 (executing program)
2025/08/29 11:13:09 fetching corpus: 1950, signal 122309/149985 (executing program)
2025/08/29 11:13:09 fetching corpus: 2000, signal 123115/151170 (executing program)
2025/08/29 11:13:09 fetching corpus: 2050, signal 124305/152501 (executing program)
2025/08/29 11:13:09 fetching corpus: 2100, signal 124944/153511 (executing program)
2025/08/29 11:13:09 fetching corpus: 2150, signal 126056/154766 (executing program)
2025/08/29 11:13:09 fetching corpus: 2200, signal 126631/155781 (executing program)
2025/08/29 11:13:09 fetching corpus: 2250, signal 127578/156943 (executing program)
2025/08/29 11:13:09 fetching corpus: 2300, signal 128638/158059 (executing program)
2025/08/29 11:13:10 fetching corpus: 2350, signal 129466/159070 (executing program)
2025/08/29 11:13:10 fetching corpus: 2400, signal 130129/159963 (executing program)
2025/08/29 11:13:10 fetching corpus: 2450, signal 130730/160808 (executing program)
2025/08/29 11:13:10 fetching corpus: 2500, signal 131721/161938 (executing program)
2025/08/29 11:13:10 fetching corpus: 2550, signal 132416/162856 (executing program)
2025/08/29 11:13:10 fetching corpus: 2600, signal 133406/163862 (executing program)
2025/08/29 11:13:10 fetching corpus: 2650, signal 134253/164776 (executing program)
2025/08/29 11:13:10 fetching corpus: 2700, signal 135098/165716 (executing program)
2025/08/29 11:13:10 fetching corpus: 2750, signal 135875/166575 (executing program)
2025/08/29 11:13:10 fetching corpus: 2800, signal 136625/167402 (executing program)
2025/08/29 11:13:10 fetching corpus: 2850, signal 137434/168238 (executing program)
2025/08/29 11:13:11 fetching corpus: 2900, signal 138735/169328 (executing program)
2025/08/29 11:13:11 fetching corpus: 2950, signal 139333/170048 (executing program)
2025/08/29 11:13:11 fetching corpus: 3000, signal 140089/170936 (executing program)
2025/08/29 11:13:11 fetching corpus: 3050, signal 140876/171687 (executing program)
2025/08/29 11:13:11 fetching corpus: 3100, signal 141718/172485 (executing program)
2025/08/29 11:13:11 fetching corpus: 3150, signal 142139/173086 (executing program)
2025/08/29 11:13:11 fetching corpus: 3200, signal 143053/173844 (executing program)
2025/08/29 11:13:11 fetching corpus: 3250, signal 143630/174466 (executing program)
2025/08/29 11:13:11 fetching corpus: 3300, signal 143950/175019 (executing program)
2025/08/29 11:13:11 fetching corpus: 3350, signal 144979/175733 (executing program)
2025/08/29 11:13:11 fetching corpus: 3400, signal 145514/176336 (executing program)
2025/08/29 11:13:12 fetching corpus: 3450, signal 146084/176944 (executing program)
2025/08/29 11:13:12 fetching corpus: 3500, signal 146634/177496 (executing program)
2025/08/29 11:13:12 fetching corpus: 3550, signal 147195/178075 (executing program)
2025/08/29 11:13:12 fetching corpus: 3600, signal 148180/178723 (executing program)
2025/08/29 11:13:12 fetching corpus: 3650, signal 148886/179280 (executing program)
2025/08/29 11:13:12 fetching corpus: 3700, signal 151097/180086 (executing program)
2025/08/29 11:13:12 fetching corpus: 3750, signal 151672/180629 (executing program)
2025/08/29 11:13:12 fetching corpus: 3800, signal 152499/181169 (executing program)
2025/08/29 11:13:12 fetching corpus: 3850, signal 153049/181649 (executing program)
2025/08/29 11:13:12 fetching corpus: 3900, signal 153507/182060 (executing program)
2025/08/29 11:13:13 fetching corpus: 3950, signal 154111/182594 (executing program)
2025/08/29 11:13:13 fetching corpus: 4000, signal 154738/183080 (executing program)
2025/08/29 11:13:13 fetching corpus: 4050, signal 155344/183512 (executing program)
2025/08/29 11:13:13 fetching corpus: 4100, signal 155826/183916 (executing program)
2025/08/29 11:13:13 fetching corpus: 4150, signal 156328/184358 (executing program)
2025/08/29 11:13:13 fetching corpus: 4200, signal 156938/184767 (executing program)
2025/08/29 11:13:13 fetching corpus: 4250, signal 157382/185192 (executing program)
2025/08/29 11:13:13 fetching corpus: 4300, signal 157805/185563 (executing program)
2025/08/29 11:13:13 fetching corpus: 4350, signal 158132/185900 (executing program)
2025/08/29 11:13:13 fetching corpus: 4400, signal 158593/186207 (executing program)
2025/08/29 11:13:13 fetching corpus: 4450, signal 158988/186507 (executing program)
2025/08/29 11:13:13 fetching corpus: 4500, signal 159350/186732 (executing program)
2025/08/29 11:13:14 fetching corpus: 4550, signal 159608/186757 (executing program)
2025/08/29 11:13:14 fetching corpus: 4600, signal 160197/186759 (executing program)
2025/08/29 11:13:14 fetching corpus: 4650, signal 160700/186810 (executing program)
2025/08/29 11:13:14 fetching corpus: 4700, signal 161005/186824 (executing program)
2025/08/29 11:13:14 fetching corpus: 4750, signal 161364/186848 (executing program)
2025/08/29 11:13:14 fetching corpus: 4800, signal 161762/186859 (executing program)
2025/08/29 11:13:14 fetching corpus: 4850, signal 162419/186975 (executing program)
2025/08/29 11:13:14 fetching corpus: 4900, signal 162918/186980 (executing program)
2025/08/29 11:13:14 fetching corpus: 4950, signal 163410/186987 (executing program)
2025/08/29 11:13:14 fetching corpus: 5000, signal 164063/187020 (executing program)
2025/08/29 11:13:14 fetching corpus: 5050, signal 164434/187029 (executing program)
2025/08/29 11:13:14 fetching corpus: 5100, signal 164796/187036 (executing program)
2025/08/29 11:13:15 fetching corpus: 5150, signal 165272/187040 (executing program)
2025/08/29 11:13:15 fetching corpus: 5200, signal 165532/187059 (executing program)
2025/08/29 11:13:15 fetching corpus: 5250, signal 165975/187109 (executing program)
2025/08/29 11:13:15 fetching corpus: 5300, signal 166372/187120 (executing program)
2025/08/29 11:13:15 fetching corpus: 5350, signal 166718/187144 (executing program)
2025/08/29 11:13:15 fetching corpus: 5400, signal 167124/187157 (executing program)
2025/08/29 11:13:15 fetching corpus: 5450, signal 167734/187177 (executing program)
2025/08/29 11:13:15 fetching corpus: 5500, signal 168153/187188 (executing program)
2025/08/29 11:13:15 fetching corpus: 5550, signal 168510/187191 (executing program)
2025/08/29 11:13:15 fetching corpus: 5600, signal 168838/187199 (executing program)
2025/08/29 11:13:16 fetching corpus: 5650, signal 169278/187200 (executing program)
2025/08/29 11:13:16 fetching corpus: 5700, signal 169689/187209 (executing program)
2025/08/29 11:13:16 fetching corpus: 5750, signal 170123/187228 (executing program)
2025/08/29 11:13:16 fetching corpus: 5800, signal 170547/187252 (executing program)
2025/08/29 11:13:16 fetching corpus: 5850, signal 170959/187252 (executing program)
2025/08/29 11:13:16 fetching corpus: 5900, signal 171417/187302 (executing program)
2025/08/29 11:13:16 fetching corpus: 5950, signal 171751/187314 (executing program)
2025/08/29 11:13:16 fetching corpus: 6000, signal 172270/187326 (executing program)
2025/08/29 11:13:16 fetching corpus: 6050, signal 172537/187339 (executing program)
2025/08/29 11:13:16 fetching corpus: 6100, signal 172802/187355 (executing program)
2025/08/29 11:13:16 fetching corpus: 6150, signal 173166/187385 (executing program)
2025/08/29 11:13:16 fetching corpus: 6200, signal 173463/187388 (executing program)
2025/08/29 11:13:17 fetching corpus: 6250, signal 173884/187392 (executing program)
2025/08/29 11:13:17 fetching corpus: 6300, signal 174278/187407 (executing program)
2025/08/29 11:13:17 fetching corpus: 6350, signal 174518/187422 (executing program)
2025/08/29 11:13:17 fetching corpus: 6400, signal 175041/187425 (executing program)
2025/08/29 11:13:17 fetching corpus: 6450, signal 175283/187432 (executing program)
2025/08/29 11:13:17 fetching corpus: 6500, signal 175725/187465 (executing program)
2025/08/29 11:13:17 fetching corpus: 6550, signal 175985/187469 (executing program)
2025/08/29 11:13:17 fetching corpus: 6600, signal 176242/187472 (executing program)
2025/08/29 11:13:17 fetching corpus: 6650, signal 176524/187490 (executing program)
2025/08/29 11:13:17 fetching corpus: 6700, signal 176809/187490 (executing program)
2025/08/29 11:13:17 fetching corpus: 6750, signal 177074/187500 (executing program)
2025/08/29 11:13:18 fetching corpus: 6800, signal 177447/187517 (executing program)
2025/08/29 11:13:18 fetching corpus: 6850, signal 177768/187519 (executing program)
2025/08/29 11:13:18 fetching corpus: 6900, signal 178015/187528 (executing program)
2025/08/29 11:13:18 fetching corpus: 6950, signal 178306/187532 (executing program)
2025/08/29 11:13:18 fetching corpus: 7000, signal 178787/187620 (executing program)
2025/08/29 11:13:18 fetching corpus: 7050, signal 179040/187624 (executing program)
2025/08/29 11:13:18 fetching corpus: 7100, signal 179313/187625 (executing program)
2025/08/29 11:13:18 fetching corpus: 7150, signal 179605/187633 (executing program)
2025/08/29 11:13:18 fetching corpus: 7200, signal 179831/187656 (executing program)
2025/08/29 11:13:18 fetching corpus: 7250, signal 180048/187657 (executing program)
2025/08/29 11:13:18 fetching corpus: 7300, signal 180272/187667 (executing program)
2025/08/29 11:13:19 fetching corpus: 7350, signal 180620/187668 (executing program)
2025/08/29 11:13:19 fetching corpus: 7400, signal 180929/187674 (executing program)
2025/08/29 11:13:19 fetching corpus: 7450, signal 181206/187682 (executing program)
2025/08/29 11:13:19 fetching corpus: 7500, signal 181412/187685 (executing program)
2025/08/29 11:13:19 fetching corpus: 7550, signal 181751/187686 (executing program)
2025/08/29 11:13:19 fetching corpus: 7600, signal 181946/187690 (executing program)
2025/08/29 11:13:19 fetching corpus: 7650, signal 182198/187701 (executing program)
2025/08/29 11:13:19 fetching corpus: 7700, signal 182435/187704 (executing program)
2025/08/29 11:13:19 fetching corpus: 7750, signal 182703/187723 (executing program)
2025/08/29 11:13:19 fetching corpus: 7800, signal 182996/187729 (executing program)
2025/08/29 11:13:19 fetching corpus: 7850, signal 183408/187739 (executing program)
2025/08/29 11:13:19 fetching corpus: 7900, signal 183643/187747 (executing program)
2025/08/29 11:13:19 fetching corpus: 7950, signal 184004/187751 (executing program)
2025/08/29 11:13:20 fetching corpus: 8000, signal 184361/187753 (executing program)
2025/08/29 11:13:20 fetching corpus: 8037, signal 184537/187753 (executing program)
2025/08/29 11:13:20 fetching corpus: 8037, signal 184537/187753 (executing program)
2025/08/29 11:13:22 starting 8 fuzzer processes
11:13:22 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
close(r0)
11:13:22 executing program 3:
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000400), 0x8, 0x0)
listen(r0, 0x0)
11:13:22 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sync()
11:13:22 executing program 2:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:inetd_var_run_t:s0\x00', 0x9)
11:13:22 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$nfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$security_capability(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000200)=@v3={0x3000000, [], 0xee00}, 0x18, 0x0)
[ 87.544909] audit: type=1400 audit(1756466002.517:7): avc: denied { execmem } for pid=280 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:13:22 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0)
11:13:22 executing program 5:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), r0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r2)
11:13:22 executing program 6:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x5, &(0x7f0000000100), 0x4)
[ 88.663077] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 88.668933] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 88.672318] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 88.681018] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 88.685946] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 88.726644] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 88.732398] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 88.734073] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 88.739365] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 88.747961] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 88.820252] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 88.822332] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 88.823994] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 88.827962] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 88.830174] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 88.889851] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 88.893745] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 88.895331] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 88.898186] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 88.900053] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 88.929199] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 88.946000] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 88.948410] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 88.951375] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 88.954643] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 88.956917] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 88.960245] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 88.963287] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 88.971290] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 88.976030] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 89.017099] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 89.019343] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 89.033914] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 89.035718] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 89.044930] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 89.046176] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 89.066133] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 89.067653] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 89.074053] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 89.076865] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 90.767085] Bluetooth: hci0: command tx timeout
[ 90.830610] Bluetooth: hci1: command tx timeout
[ 90.894015] Bluetooth: hci2: command tx timeout
[ 90.957791] Bluetooth: hci3: command tx timeout
[ 91.021871] Bluetooth: hci4: command tx timeout
[ 91.022342] Bluetooth: hci5: command tx timeout
[ 91.149631] Bluetooth: hci6: command tx timeout
[ 91.150203] Bluetooth: hci7: command tx timeout
[ 92.813594] Bluetooth: hci0: command tx timeout
[ 92.877591] Bluetooth: hci1: command tx timeout
[ 92.941748] Bluetooth: hci2: command tx timeout
[ 93.005830] Bluetooth: hci3: command tx timeout
[ 93.069605] Bluetooth: hci5: command tx timeout
[ 93.070344] Bluetooth: hci4: command tx timeout
[ 93.197667] Bluetooth: hci6: command tx timeout
[ 93.198408] Bluetooth: hci7: command tx timeout
[ 94.863365] Bluetooth: hci0: command tx timeout
[ 94.925608] Bluetooth: hci1: command tx timeout
[ 94.989649] Bluetooth: hci2: command tx timeout
[ 95.055652] Bluetooth: hci3: command tx timeout
[ 95.117793] Bluetooth: hci4: command tx timeout
[ 95.118438] Bluetooth: hci5: command tx timeout
[ 95.245589] Bluetooth: hci7: command tx timeout
[ 95.246151] Bluetooth: hci6: command tx timeout
[ 96.909676] Bluetooth: hci0: command tx timeout
[ 96.973584] Bluetooth: hci1: command tx timeout
[ 97.037844] Bluetooth: hci2: command tx timeout
[ 97.101565] Bluetooth: hci3: command tx timeout
[ 97.165601] Bluetooth: hci5: command tx timeout
[ 97.166068] Bluetooth: hci4: command tx timeout
[ 97.293679] Bluetooth: hci6: command tx timeout
[ 97.294145] Bluetooth: hci7: command tx timeout
[ 127.706869] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.707553] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 127.945710] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.946322] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.339709] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.340324] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:14:03 executing program 6:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x5, &(0x7f0000000100), 0x4)
[ 128.512034] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.512722] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:14:03 executing program 6:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x5, &(0x7f0000000100), 0x4)
11:14:03 executing program 6:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x5, &(0x7f0000000100), 0x4)
[ 128.681973] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.682644] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:14:03 executing program 6:
fsmount(0xffffffffffffffff, 0x0, 0x10e)
11:14:03 executing program 6:
fsmount(0xffffffffffffffff, 0x0, 0x10e)
[ 128.840675] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.841270] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:14:03 executing program 3:
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000400), 0x8, 0x0)
listen(r0, 0x0)
11:14:03 executing program 6:
fsmount(0xffffffffffffffff, 0x0, 0x10e)
11:14:03 executing program 3:
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000400), 0x8, 0x0)
listen(r0, 0x0)
[ 128.948202] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.948853] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.049271] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.049908] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.082491] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.083403] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.086633] audit: type=1400 audit(1756466044.058:8): avc: denied { open } for pid=3880 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 129.090621] audit: type=1400 audit(1756466044.058:9): avc: denied { kernel } for pid=3880 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 129.125834] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.126457] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.162569] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.163175] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.220903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.221554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.289428] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.290177] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.396222] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.397239] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.441005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.442363] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.547434] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.548070] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.645442] SELinux: Context system_u: is not valid (left unmapped).
11:14:04 executing program 3:
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000400), 0x8, 0x0)
listen(r0, 0x0)
11:14:04 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$nfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$security_capability(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000200)=@v3={0x3000000, [], 0xee00}, 0x18, 0x0)
11:14:04 executing program 4:
r0 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4c, &(0x7f0000000000)=0xfffffffe, 0x4)
bind$unix(r0, &(0x7f00000000c0)=@abs={0x1}, 0x6e)
connect$unix(r0, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e)
11:14:04 executing program 6:
fsmount(0xffffffffffffffff, 0x0, 0x10e)
11:14:04 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
close(r0)
11:14:04 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sync()
11:14:04 executing program 2:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:inetd_var_run_t:s0\x00', 0x9)
11:14:04 executing program 5:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), r0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r2)
11:14:04 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
close(r0)
11:14:04 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$nfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$security_capability(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000200)=@v3={0x3000000, [], 0xee00}, 0x18, 0x0)
11:14:04 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
close(r0)
11:14:04 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sync()
11:14:04 executing program 5:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), r0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r2)
11:14:04 executing program 4:
r0 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4c, &(0x7f0000000000)=0xfffffffe, 0x4)
bind$unix(r0, &(0x7f00000000c0)=@abs={0x1}, 0x6e)
connect$unix(r0, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e)
11:14:04 executing program 2:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:inetd_var_run_t:s0\x00', 0x9)
11:14:04 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
close(r0)
11:14:04 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
close(r0)
[ 129.985786] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI
[ 129.986695] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 129.987382] CPU: 1 UID: 0 PID: 3936 Comm: syz-executor.7 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 129.987875] kmemleak: Found object by alias at 0x607f1a6396bc
[ 129.987897] CPU: 0 UID: 0 PID: 3929 Comm: syz-executor.5 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 129.987915] Tainted: [W]=WARN
[ 129.987919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 129.987927] Call Trace:
[ 129.987930]
[ 129.987935] dump_stack_lvl+0xca/0x120
[ 129.987959] __lookup_object+0x94/0xb0
[ 129.987976] delete_object_full+0x27/0x70
[ 129.987990] free_percpu+0x30/0x1160
[ 129.988007] ? arch_uprobe_clear_state+0x16/0x140
[ 129.988025] futex_hash_free+0x38/0xc0
[ 129.988038] mmput+0x2d3/0x390
[ 129.988055] do_exit+0x79d/0x2970
[ 129.988068] ? signal_wake_up_state+0x85/0x120
[ 129.988083] ? zap_other_threads+0x2b9/0x3a0
[ 129.988097] ? __pfx_do_exit+0x10/0x10
[ 129.988109] ? do_group_exit+0x1c3/0x2a0
[ 129.988122] ? lock_release+0xc8/0x290
[ 129.988136] do_group_exit+0xd3/0x2a0
[ 129.988149] __x64_sys_exit_group+0x3e/0x50
[ 129.988162] x64_sys_call+0x18c5/0x18d0
[ 129.988178] do_syscall_64+0xbf/0x360
[ 129.988189] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 129.988199] RIP: 0033:0x7fe9b3e3eb19
[ 129.988208] Code: Unable to access opcode bytes at 0x7fe9b3e3eaef.
[ 129.988213] RSP: 002b:00007ffdc99defe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 129.988224] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe9b3e3eb19
[ 129.988233] RDX: 00007fe9b3df172b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 129.988241] RBP: 0000000000000000 R08: 0000001b2df2e588 R09: 0000000000000000
[ 129.988249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 129.988257] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffdc99df0d0
[ 129.988267]
[ 129.988270] kmemleak: Object (percpu) 0x607f1a6396b8 (size 8):
[ 129.988277] kmemleak: comm "syz-executor.7", pid 3941, jiffies 4294796652
[ 129.988284] kmemleak: min_count = 1
[ 129.988287] kmemleak: count = 0
[ 129.988291] kmemleak: flags = 0x21
[ 129.988294] kmemleak: checksum = 0
[ 129.988298] kmemleak: backtrace:
[ 129.988301] pcpu_alloc_noprof+0x87a/0x1170
[ 129.988316] perf_trace_event_init+0x366/0xa10
[ 129.988329] perf_trace_init+0x1a4/0x2f0
[ 129.988340] perf_tp_event_init+0xa6/0x120
[ 129.988356] perf_try_init_event+0x140/0x9f0
[ 129.988369] perf_event_alloc.part.0+0x118e/0x45f0
[ 129.988385] __do_sys_perf_event_open+0x719/0x2c20
[ 129.988397] do_syscall_64+0xbf/0x360
[ 129.988405] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 130.012082] Tainted: [W]=WARN
[ 130.012313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 130.012910] RIP: 0010:perf_tp_event+0x175/0xe70
[ 130.013267] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 130.014580] RSP: 0018:ffff888013b07780 EFLAGS: 00010012
[ 130.014971] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 130.015491] RDX: ffff8880175bd280 RSI: ffffffff818995b7 RDI: 0000000100000190
[ 130.016018] RBP: ffff888013b079f0 R08: ffff88806cf31340 R09: ffffe8ffffd16e90
[ 130.016539] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 130.017058] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 130.017581] FS: 000055558f3e6400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[ 130.018168] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 130.018595] CR2: 00007f4a92b05000 CR3: 000000000d593000 CR4: 0000000000350ef0
[ 130.019116] Call Trace:
[ 130.019309]
[ 130.019482] ? __pfx_perf_tp_event+0x10/0x10
[ 130.019843] ? mark_held_locks+0x49/0x80
[ 130.020149] ? __pfx_flush_tlb_func+0x10/0x10
[ 130.020486] ? __pfx_flush_tlb_func+0x10/0x10
[ 130.020820] ? smp_call_function_many_cond+0x332/0x1110
[ 130.021220] ? __pfx_should_flush_tlb+0x10/0x10
[ 130.021573] ? __pfx_flush_tlb_func+0x10/0x10
[ 130.021913] ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 130.022332] ? perf_trace_run_bpf_submit+0xef/0x180
[ 130.022705] ? __lock_acquire+0xc65/0x1b70
[ 130.023019] perf_trace_run_bpf_submit+0xef/0x180
[ 130.023383] perf_trace_preemptirq_template+0x259/0x430
[ 130.023792] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 130.024232] ? _raw_spin_lock_irqsave+0x53/0x60
[ 130.024584] trace_irq_disable.constprop.0+0xa6/0x100
[ 130.024968] _raw_spin_lock_irqsave+0x53/0x60
[ 130.025305] try_to_wake_up+0xa0/0x11d0
[ 130.025609] ? __pfx_try_to_wake_up+0x10/0x10
[ 130.025948] ? plist_del+0x122/0x270
[ 130.026230] ? find_held_lock+0x2b/0x80
[ 130.026532] ? futex_wake+0x474/0x540
[ 130.026822] wake_up_q+0xa1/0x130
[ 130.027089] futex_wake+0x47e/0x540
[ 130.027367] ? __pfx_futex_wake+0x10/0x10
[ 130.027685] ? __handle_mm_fault+0x753/0x3260
[ 130.028026] ? __lock_acquire+0x694/0x1b70
[ 130.028344] do_futex+0x26d/0x370
[ 130.028608] ? __pfx_do_futex+0x10/0x10
[ 130.028905] ? find_held_lock+0x2b/0x80
[ 130.029206] __x64_sys_futex+0x1c9/0x4d0
[ 130.029510] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 130.029945] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 130.030380] ? __pfx___x64_sys_futex+0x10/0x10
[ 130.030724] do_syscall_64+0xbf/0x360
[ 130.031007] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 130.031387] RIP: 0033:0x7f4a929f5b19
[ 130.031667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 130.032980] RSP: 002b:00007ffee0d84b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 130.033532] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4a929f5b19
[ 130.034050] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4a92b08f68
[ 130.034569] RBP: 00007f4a92b08f60 R08: 0000001b2d92001c R09: 0000000000000000
[ 130.035087] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4a92b0db50
[ 130.035604] R13: 00007ffee0d84c10 R14: 00007f4a92b08f60 R15: 000000000001fb13
[ 130.036133]
[ 130.036310] Modules linked in:
[ 130.036552] ---[ end trace 0000000000000000 ]---
[ 130.036897] RIP: 0010:perf_tp_event+0x175/0xe70
[ 130.037246] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 130.038559] RSP: 0018:ffff888013b07780 EFLAGS: 00010012
[ 130.038949] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 130.039467] RDX: ffff8880175bd280 RSI: ffffffff818995b7 RDI: 0000000100000190
[ 130.039991] RBP: ffff888013b079f0 R08: ffff88806cf31340 R09: ffffe8ffffd16e90
[ 130.040511] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 130.041028] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 130.041548] FS: 000055558f3e6400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[ 130.042132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 130.042557] CR2: 00007f4a92b05000 CR3: 000000000d593000 CR4: 0000000000350ef0
[ 130.043078] note: syz-executor.7[3936] exited with irqs disabled
[ 130.043573] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI
[ 130.044393] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 130.045024] CPU: 1 UID: 0 PID: 3936 Comm: syz-executor.7 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 130.045892] Tainted: [D]=DIE, [W]=WARN
[ 130.046174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 130.046774] RIP: 0010:perf_tp_event+0x175/0xe70
[ 130.047125] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 130.048447] RSP: 0018:ffff88806cf08b40 EFLAGS: 00010012
[ 130.048840] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 130.049361] RDX: ffff8880175bd280 RSI: ffffffff818995b7 RDI: 0000000100000190
[ 130.049880] RBP: ffff88806cf08db0 R08: ffff88806cf313e8 R09: ffffe8ffffd16e90
[ 130.050399] R10: 0000000000000000 R11: 0000000000021fc9 R12: dffffc0000000000
[ 130.050919] R13: 0000000000000014 R14: ffff88806cf313e8 R15: dffffc0000000000
[ 130.051440] FS: 000055558f3e6400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[ 130.052033] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 130.052459] CR2: 00007f4a92b05000 CR3: 000000000d593000 CR4: 0000000000350ef0
[ 130.052985] Call Trace:
[ 130.053179]
[ 130.053347] ? __pfx_perf_tp_event+0x10/0x10
[ 130.053681] ? lock_release+0x1c7/0x290
[ 130.053980] ? trace_pelt_se_tp+0xdf/0x130
[ 130.054296] ? place_entity+0x300/0x410
[ 130.054594] ? lock_acquire+0x18c/0x2f0
[ 130.054892] ? update_cfs_group+0x11d/0x260
[ 130.055214] ? lock_release+0x1c7/0x290
[ 130.055516] ? trace_softirq_raise+0xbe/0x100
[ 130.055868] ? run_posix_cpu_timers+0x160/0x7d0
[ 130.056216] ? __raise_softirq_irqoff+0x5f/0x90
[ 130.056562] ? __pfx_run_posix_cpu_timers+0x10/0x10
[ 130.056935] ? sched_balance_trigger+0x1ac/0xcb0
[ 130.057291] ? sched_tick+0x27c/0x6c0
[ 130.057584] ? perf_trace_run_bpf_submit+0xef/0x180
[ 130.057987] ? timerqueue_add+0x1c2/0x330
[ 130.058319] perf_trace_run_bpf_submit+0xef/0x180
[ 130.058711] perf_trace_preemptirq_template+0x259/0x430
[ 130.059195] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 130.059972] ? read_tsc+0x9/0x20
[ 130.060256] ? ktime_get+0x16d/0x270
[ 130.060563] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 130.061038] ? __pfx_lapic_next_deadline+0x10/0x10
[ 130.061433] ? clockevents_program_event+0x135/0x360
[ 130.061841] ? _raw_spin_lock_irq+0x42/0x50
[ 130.062188] trace_irq_disable.constprop.0+0xa6/0x100
[ 130.062601] _raw_spin_lock_irq+0x42/0x50
[ 130.062969] run_timer_softirq+0x10f/0x210
[ 130.063403] handle_softirqs+0x1b1/0x770
[ 130.063874] __irq_exit_rcu+0xc4/0x100
[ 130.064245] irq_exit_rcu+0x9/0x20
[ 130.064678] sysvec_apic_timer_interrupt+0x70/0x80
[ 130.065125]
[ 130.065359]
[ 130.065602] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 130.066168] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 130.066622] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de
[ 130.068443] RSP: 0018:ffff888013b07f28 EFLAGS: 00000246
[ 130.068863] RAX: 0000000000000001 RBX: ffff8880175bd280 RCX: ffffffff817c2b86
[ 130.069424] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 130.069988] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 130.070552] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff8880175bd280
[ 130.071111] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000
[ 130.071679] ? trace_irq_enable.constprop.0+0x26/0x100
[ 130.072095] ? make_task_dead+0x214/0x3b0
[ 130.072428] ? make_task_dead+0x214/0x3b0
[ 130.072760] ? do_syscall_64+0xbf/0x360
[ 130.073079] rewind_stack_and_make_dead+0x16/0x20
[ 130.073471] RIP: 0033:0x7f4a929f5b19
[ 130.073769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 130.075197] RSP: 002b:00007ffee0d84b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 130.075803] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4a929f5b19
[ 130.076360] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4a92b08f68
[ 130.076919] RBP: 00007f4a92b08f60 R08: 0000001b2d92001c R09: 0000000000000000
[ 130.077480] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4a92b0db50
[ 130.078044] R13: 00007ffee0d84c10 R14: 00007f4a92b08f60 R15: 000000000001fb13
[ 130.078609]
[ 130.078803] Modules linked in:
[ 130.079065] ---[ end trace 0000000000000000 ]---
[ 130.079436] RIP: 0010:perf_tp_event+0x175/0xe70
[ 130.079821] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 130.081248] RSP: 0018:ffff888013b07780 EFLAGS: 00010012
[ 130.081669] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 130.082230] RDX: ffff8880175bd280 RSI: ffffffff818995b7 RDI: 0000000100000190
[ 130.082791] RBP: ffff888013b079f0 R08: ffff88806cf31340 R09: ffffe8ffffd16e90
[ 130.083354] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 130.083919] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[ 130.084481] FS: 000055558f3e6400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[ 130.085112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 130.085574] CR2: 00007f4a92b05000 CR3: 000000000d593000 CR4: 0000000000350ef0
[ 130.086140] Kernel panic - not syncing: Fatal exception in interrupt
[ 130.086827] Kernel Offset: disabled
[ 130.087119] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
11:14:05 Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=ffff88806cf3c300 RCX=ffffffff816880fc RDX=ffff888042c6d280
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888046b776f8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9c6bb1
R12=ffffed100d9e7861 R13=ffff88806cf3c308 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe1600000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fbecca903a4 CR3=000000003b9d5000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888013b070e0
R8 =0000000000000000 R9 =ffffed1001493046 R10=0000000000000032 R11=74735f706d756420
R12=0000000000000032 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 000055558f3e6400 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe1900000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4a92b05000 CR3=000000000d593000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=0000000000ffff0000000000ffffffff
XMM02=7463656a6e695f31313230385f7a7973 XMM03=00007f4a92adc7c800007f4a92adc7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000