Warning: Permanently added '[localhost]:36540' (ECDSA) to the list of known hosts.
2025/08/29 12:47:45 fuzzer started
2025/08/29 12:47:45 dialing manager at localhost:43077
syzkaller login: [   59.537806] cgroup: Unknown subsys name 'net'
[   59.590684] cgroup: Unknown subsys name 'cpuset'
[   59.601287] cgroup: Unknown subsys name 'rlimit'
2025/08/29 12:47:55 syscalls: 2214
2025/08/29 12:47:55 code coverage: enabled
2025/08/29 12:47:55 comparison tracing: enabled
2025/08/29 12:47:55 extra coverage: enabled
2025/08/29 12:47:55 setuid sandbox: enabled
2025/08/29 12:47:55 namespace sandbox: enabled
2025/08/29 12:47:55 Android sandbox: enabled
2025/08/29 12:47:55 fault injection: enabled
2025/08/29 12:47:55 leak checking: enabled
2025/08/29 12:47:55 net packet injection: enabled
2025/08/29 12:47:55 net device setup: enabled
2025/08/29 12:47:55 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 12:47:55 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 12:47:55 USB emulation: enabled
2025/08/29 12:47:55 hci packet injection: enabled
2025/08/29 12:47:55 wifi device emulation: enabled
2025/08/29 12:47:55 802.15.4 emulation: enabled
2025/08/29 12:47:55 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 12:47:55 fetching corpus: 45, signal 21545/25117 (executing program)
2025/08/29 12:47:55 fetching corpus: 95, signal 34944/39897 (executing program)
2025/08/29 12:47:55 fetching corpus: 144, signal 41503/47848 (executing program)
2025/08/29 12:47:55 fetching corpus: 194, signal 49380/56912 (executing program)
2025/08/29 12:47:55 fetching corpus: 244, signal 54215/62968 (executing program)
2025/08/29 12:47:55 fetching corpus: 294, signal 57746/67697 (executing program)
2025/08/29 12:47:55 fetching corpus: 344, signal 60049/71263 (executing program)
2025/08/29 12:47:56 fetching corpus: 394, signal 65353/77471 (executing program)
2025/08/29 12:47:56 fetching corpus: 444, signal 68745/81839 (executing program)
2025/08/29 12:47:56 fetching corpus: 494, signal 71888/85969 (executing program)
2025/08/29 12:47:56 fetching corpus: 543, signal 75430/90326 (executing program)
2025/08/29 12:47:56 fetching corpus: 593, signal 78737/94448 (executing program)
2025/08/29 12:47:56 fetching corpus: 643, signal 80862/97438 (executing program)
2025/08/29 12:47:56 fetching corpus: 693, signal 83184/100619 (executing program)
2025/08/29 12:47:56 fetching corpus: 743, signal 85344/103548 (executing program)
2025/08/29 12:47:56 fetching corpus: 793, signal 87782/106693 (executing program)
2025/08/29 12:47:56 fetching corpus: 843, signal 89185/108920 (executing program)
2025/08/29 12:47:57 fetching corpus: 893, signal 91415/111831 (executing program)
2025/08/29 12:47:57 fetching corpus: 943, signal 92796/114061 (executing program)
2025/08/29 12:47:57 fetching corpus: 993, signal 94521/116523 (executing program)
2025/08/29 12:47:57 fetching corpus: 1043, signal 96879/119403 (executing program)
2025/08/29 12:47:57 fetching corpus: 1093, signal 99178/122175 (executing program)
2025/08/29 12:47:57 fetching corpus: 1143, signal 100634/124295 (executing program)
2025/08/29 12:47:57 fetching corpus: 1193, signal 101991/126288 (executing program)
2025/08/29 12:47:57 fetching corpus: 1243, signal 103092/128108 (executing program)
2025/08/29 12:47:57 fetching corpus: 1293, signal 104226/129921 (executing program)
2025/08/29 12:47:57 fetching corpus: 1343, signal 105619/131847 (executing program)
2025/08/29 12:47:57 fetching corpus: 1393, signal 106637/133515 (executing program)
2025/08/29 12:47:58 fetching corpus: 1443, signal 107642/135227 (executing program)
2025/08/29 12:47:58 fetching corpus: 1493, signal 110309/138003 (executing program)
2025/08/29 12:47:58 fetching corpus: 1543, signal 111330/139602 (executing program)
2025/08/29 12:47:58 fetching corpus: 1592, signal 112384/141225 (executing program)
2025/08/29 12:47:58 fetching corpus: 1642, signal 113443/142779 (executing program)
2025/08/29 12:47:58 fetching corpus: 1692, signal 115242/144760 (executing program)
2025/08/29 12:47:58 fetching corpus: 1742, signal 116725/146534 (executing program)
2025/08/29 12:47:58 fetching corpus: 1792, signal 117428/147835 (executing program)
2025/08/29 12:47:58 fetching corpus: 1842, signal 118849/149586 (executing program)
2025/08/29 12:47:58 fetching corpus: 1892, signal 120242/151193 (executing program)
2025/08/29 12:47:58 fetching corpus: 1941, signal 121244/152599 (executing program)
2025/08/29 12:47:59 fetching corpus: 1991, signal 122788/154291 (executing program)
2025/08/29 12:47:59 fetching corpus: 2041, signal 124289/155904 (executing program)
2025/08/29 12:47:59 fetching corpus: 2091, signal 125420/157285 (executing program)
2025/08/29 12:47:59 fetching corpus: 2140, signal 126875/158815 (executing program)
2025/08/29 12:47:59 fetching corpus: 2190, signal 128063/160207 (executing program)
2025/08/29 12:47:59 fetching corpus: 2240, signal 128751/161249 (executing program)
2025/08/29 12:47:59 fetching corpus: 2289, signal 129425/162365 (executing program)
2025/08/29 12:47:59 fetching corpus: 2339, signal 129964/163360 (executing program)
2025/08/29 12:47:59 fetching corpus: 2389, signal 130680/164388 (executing program)
2025/08/29 12:47:59 fetching corpus: 2439, signal 131354/165447 (executing program)
2025/08/29 12:47:59 fetching corpus: 2488, signal 132105/166531 (executing program)
2025/08/29 12:48:00 fetching corpus: 2538, signal 132677/167482 (executing program)
2025/08/29 12:48:00 fetching corpus: 2588, signal 133222/168403 (executing program)
2025/08/29 12:48:00 fetching corpus: 2638, signal 133943/169414 (executing program)
2025/08/29 12:48:00 fetching corpus: 2688, signal 136290/171078 (executing program)
2025/08/29 12:48:00 fetching corpus: 2738, signal 137164/172091 (executing program)
2025/08/29 12:48:00 fetching corpus: 2788, signal 137906/172995 (executing program)
2025/08/29 12:48:00 fetching corpus: 2838, signal 139116/174145 (executing program)
2025/08/29 12:48:00 fetching corpus: 2887, signal 139714/175014 (executing program)
2025/08/29 12:48:00 fetching corpus: 2937, signal 140412/175897 (executing program)
2025/08/29 12:48:00 fetching corpus: 2987, signal 141058/176727 (executing program)
2025/08/29 12:48:00 fetching corpus: 3037, signal 141693/177551 (executing program)
2025/08/29 12:48:01 fetching corpus: 3087, signal 142371/178354 (executing program)
2025/08/29 12:48:01 fetching corpus: 3137, signal 142830/179108 (executing program)
2025/08/29 12:48:01 fetching corpus: 3186, signal 143857/180067 (executing program)
2025/08/29 12:48:01 fetching corpus: 3236, signal 144470/180811 (executing program)
2025/08/29 12:48:01 fetching corpus: 3286, signal 145099/181637 (executing program)
2025/08/29 12:48:01 fetching corpus: 3336, signal 145617/182451 (executing program)
2025/08/29 12:48:01 fetching corpus: 3386, signal 146158/183165 (executing program)
2025/08/29 12:48:01 fetching corpus: 3434, signal 146776/183916 (executing program)
2025/08/29 12:48:01 fetching corpus: 3484, signal 147338/184590 (executing program)
2025/08/29 12:48:01 fetching corpus: 3534, signal 148128/185318 (executing program)
2025/08/29 12:48:01 fetching corpus: 3584, signal 148752/185987 (executing program)
2025/08/29 12:48:01 fetching corpus: 3634, signal 149188/186608 (executing program)
2025/08/29 12:48:01 fetching corpus: 3684, signal 149690/187258 (executing program)
2025/08/29 12:48:02 fetching corpus: 3734, signal 150256/187890 (executing program)
2025/08/29 12:48:02 fetching corpus: 3784, signal 150747/188490 (executing program)
2025/08/29 12:48:02 fetching corpus: 3834, signal 151317/189124 (executing program)
2025/08/29 12:48:02 fetching corpus: 3883, signal 151848/189730 (executing program)
2025/08/29 12:48:02 fetching corpus: 3933, signal 152777/190393 (executing program)
2025/08/29 12:48:02 fetching corpus: 3983, signal 153207/190943 (executing program)
2025/08/29 12:48:02 fetching corpus: 4033, signal 153703/191473 (executing program)
2025/08/29 12:48:02 fetching corpus: 4083, signal 154571/192067 (executing program)
2025/08/29 12:48:02 fetching corpus: 4133, signal 154960/192594 (executing program)
2025/08/29 12:48:02 fetching corpus: 4182, signal 155311/193079 (executing program)
2025/08/29 12:48:02 fetching corpus: 4232, signal 155847/193591 (executing program)
2025/08/29 12:48:02 fetching corpus: 4281, signal 156391/194109 (executing program)
2025/08/29 12:48:03 fetching corpus: 4331, signal 156861/194567 (executing program)
2025/08/29 12:48:03 fetching corpus: 4381, signal 157294/195025 (executing program)
2025/08/29 12:48:03 fetching corpus: 4431, signal 157763/195489 (executing program)
2025/08/29 12:48:03 fetching corpus: 4481, signal 158156/195965 (executing program)
2025/08/29 12:48:03 fetching corpus: 4531, signal 158725/196543 (executing program)
2025/08/29 12:48:03 fetching corpus: 4581, signal 159287/196982 (executing program)
2025/08/29 12:48:03 fetching corpus: 4631, signal 159814/197402 (executing program)
2025/08/29 12:48:03 fetching corpus: 4681, signal 160170/197827 (executing program)
2025/08/29 12:48:03 fetching corpus: 4731, signal 160941/198309 (executing program)
2025/08/29 12:48:03 fetching corpus: 4779, signal 161489/198556 (executing program)
2025/08/29 12:48:03 fetching corpus: 4829, signal 161997/198560 (executing program)
2025/08/29 12:48:03 fetching corpus: 4879, signal 162452/198575 (executing program)
2025/08/29 12:48:03 fetching corpus: 4929, signal 163127/198626 (executing program)
2025/08/29 12:48:04 fetching corpus: 4979, signal 163670/198634 (executing program)
2025/08/29 12:48:04 fetching corpus: 5029, signal 164105/198712 (executing program)
2025/08/29 12:48:04 fetching corpus: 5079, signal 164634/198716 (executing program)
2025/08/29 12:48:04 fetching corpus: 5129, signal 164921/198730 (executing program)
2025/08/29 12:48:04 fetching corpus: 5179, signal 165305/198734 (executing program)
2025/08/29 12:48:04 fetching corpus: 5229, signal 165663/198735 (executing program)
2025/08/29 12:48:04 fetching corpus: 5279, signal 166109/198746 (executing program)
2025/08/29 12:48:04 fetching corpus: 5329, signal 166554/198758 (executing program)
2025/08/29 12:48:04 fetching corpus: 5378, signal 167110/198758 (executing program)
2025/08/29 12:48:05 fetching corpus: 5428, signal 167530/198871 (executing program)
2025/08/29 12:48:05 fetching corpus: 5478, signal 167949/198876 (executing program)
2025/08/29 12:48:05 fetching corpus: 5528, signal 168370/198879 (executing program)
2025/08/29 12:48:05 fetching corpus: 5576, signal 168803/198909 (executing program)
2025/08/29 12:48:05 fetching corpus: 5626, signal 169454/198935 (executing program)
2025/08/29 12:48:05 fetching corpus: 5676, signal 169893/198991 (executing program)
2025/08/29 12:48:05 fetching corpus: 5726, signal 170446/198997 (executing program)
2025/08/29 12:48:05 fetching corpus: 5776, signal 170806/199002 (executing program)
2025/08/29 12:48:06 fetching corpus: 5826, signal 171109/199026 (executing program)
2025/08/29 12:48:06 fetching corpus: 5876, signal 171351/199037 (executing program)
2025/08/29 12:48:06 fetching corpus: 5926, signal 171708/199061 (executing program)
2025/08/29 12:48:06 fetching corpus: 5976, signal 172184/199065 (executing program)
2025/08/29 12:48:06 fetching corpus: 6026, signal 172587/199071 (executing program)
2025/08/29 12:48:06 fetching corpus: 6076, signal 172926/199074 (executing program)
2025/08/29 12:48:06 fetching corpus: 6125, signal 173319/199082 (executing program)
2025/08/29 12:48:06 fetching corpus: 6175, signal 173777/199089 (executing program)
2025/08/29 12:48:06 fetching corpus: 6225, signal 174250/199138 (executing program)
2025/08/29 12:48:06 fetching corpus: 6275, signal 174531/199159 (executing program)
2025/08/29 12:48:06 fetching corpus: 6325, signal 174894/199159 (executing program)
2025/08/29 12:48:07 fetching corpus: 6373, signal 175199/199172 (executing program)
2025/08/29 12:48:07 fetching corpus: 6423, signal 175569/199178 (executing program)
2025/08/29 12:48:07 fetching corpus: 6473, signal 175911/199179 (executing program)
2025/08/29 12:48:07 fetching corpus: 6522, signal 176196/199183 (executing program)
2025/08/29 12:48:07 fetching corpus: 6572, signal 176509/199196 (executing program)
2025/08/29 12:48:07 fetching corpus: 6622, signal 176858/199250 (executing program)
2025/08/29 12:48:07 fetching corpus: 6672, signal 177109/199256 (executing program)
2025/08/29 12:48:07 fetching corpus: 6722, signal 177511/199258 (executing program)
2025/08/29 12:48:07 fetching corpus: 6771, signal 177755/199260 (executing program)
2025/08/29 12:48:07 fetching corpus: 6821, signal 178173/199272 (executing program)
2025/08/29 12:48:08 fetching corpus: 6871, signal 178651/199314 (executing program)
2025/08/29 12:48:08 fetching corpus: 6921, signal 179005/199324 (executing program)
2025/08/29 12:48:08 fetching corpus: 6968, signal 179264/199328 (executing program)
2025/08/29 12:48:08 fetching corpus: 7017, signal 179484/199329 (executing program)
2025/08/29 12:48:08 fetching corpus: 7067, signal 179719/199347 (executing program)
2025/08/29 12:48:08 fetching corpus: 7116, signal 180055/199350 (executing program)
2025/08/29 12:48:08 fetching corpus: 7166, signal 180624/199360 (executing program)
2025/08/29 12:48:08 fetching corpus: 7216, signal 181132/199366 (executing program)
2025/08/29 12:48:08 fetching corpus: 7266, signal 181337/199370 (executing program)
2025/08/29 12:48:08 fetching corpus: 7315, signal 181715/199372 (executing program)
2025/08/29 12:48:08 fetching corpus: 7365, signal 182314/199376 (executing program)
2025/08/29 12:48:08 fetching corpus: 7415, signal 182549/199383 (executing program)
2025/08/29 12:48:09 fetching corpus: 7465, signal 182876/199393 (executing program)
2025/08/29 12:48:09 fetching corpus: 7515, signal 183202/199401 (executing program)
2025/08/29 12:48:09 fetching corpus: 7564, signal 183435/199411 (executing program)
2025/08/29 12:48:09 fetching corpus: 7614, signal 183894/199429 (executing program)
2025/08/29 12:48:09 fetching corpus: 7664, signal 184271/199458 (executing program)
2025/08/29 12:48:09 fetching corpus: 7714, signal 184570/199459 (executing program)
2025/08/29 12:48:09 fetching corpus: 7764, signal 184887/199459 (executing program)
2025/08/29 12:48:09 fetching corpus: 7814, signal 185183/199463 (executing program)
2025/08/29 12:48:09 fetching corpus: 7864, signal 185414/199465 (executing program)
2025/08/29 12:48:09 fetching corpus: 7913, signal 185633/199469 (executing program)
2025/08/29 12:48:09 fetching corpus: 7963, signal 185923/199471 (executing program)
2025/08/29 12:48:10 fetching corpus: 8013, signal 186290/199473 (executing program)
2025/08/29 12:48:10 fetching corpus: 8063, signal 186496/199482 (executing program)
2025/08/29 12:48:10 fetching corpus: 8113, signal 186867/199489 (executing program)
2025/08/29 12:48:10 fetching corpus: 8162, signal 187064/199493 (executing program)
2025/08/29 12:48:10 fetching corpus: 8211, signal 187257/199514 (executing program)
2025/08/29 12:48:10 fetching corpus: 8261, signal 187635/199523 (executing program)
2025/08/29 12:48:10 fetching corpus: 8311, signal 187896/199529 (executing program)
2025/08/29 12:48:10 fetching corpus: 8361, signal 188095/199543 (executing program)
2025/08/29 12:48:10 fetching corpus: 8411, signal 188382/199543 (executing program)
2025/08/29 12:48:10 fetching corpus: 8461, signal 188558/199558 (executing program)
2025/08/29 12:48:10 fetching corpus: 8511, signal 188753/199565 (executing program)
2025/08/29 12:48:10 fetching corpus: 8560, signal 188998/199579 (executing program)
2025/08/29 12:48:11 fetching corpus: 8610, signal 189285/199580 (executing program)
2025/08/29 12:48:11 fetching corpus: 8660, signal 189622/199583 (executing program)
2025/08/29 12:48:11 fetching corpus: 8710, signal 189862/199604 (executing program)
2025/08/29 12:48:11 fetching corpus: 8760, signal 190018/199605 (executing program)
2025/08/29 12:48:11 fetching corpus: 8810, signal 190224/199606 (executing program)
2025/08/29 12:48:11 fetching corpus: 8860, signal 190534/199652 (executing program)
2025/08/29 12:48:11 fetching corpus: 8910, signal 190817/199692 (executing program)
2025/08/29 12:48:11 fetching corpus: 8960, signal 191052/199698 (executing program)
2025/08/29 12:48:11 fetching corpus: 9010, signal 191241/199699 (executing program)
2025/08/29 12:48:11 fetching corpus: 9060, signal 191523/199700 (executing program)
2025/08/29 12:48:11 fetching corpus: 9109, signal 191754/199700 (executing program)
2025/08/29 12:48:12 fetching corpus: 9159, signal 191993/199715 (executing program)
2025/08/29 12:48:12 fetching corpus: 9209, signal 192351/199718 (executing program)
2025/08/29 12:48:12 fetching corpus: 9259, signal 192564/199718 (executing program)
2025/08/29 12:48:12 fetching corpus: 9309, signal 192807/199730 (executing program)
2025/08/29 12:48:12 fetching corpus: 9359, signal 192984/199737 (executing program)
2025/08/29 12:48:12 fetching corpus: 9409, signal 193174/199742 (executing program)
2025/08/29 12:48:12 fetching corpus: 9459, signal 193489/199771 (executing program)
2025/08/29 12:48:12 fetching corpus: 9508, signal 193726/199784 (executing program)
2025/08/29 12:48:12 fetching corpus: 9558, signal 194057/199795 (executing program)
2025/08/29 12:48:12 fetching corpus: 9608, signal 194293/199804 (executing program)
2025/08/29 12:48:12 fetching corpus: 9656, signal 194484/199819 (executing program)
2025/08/29 12:48:12 fetching corpus: 9706, signal 194691/199822 (executing program)
2025/08/29 12:48:13 fetching corpus: 9756, signal 195022/199822 (executing program)
2025/08/29 12:48:13 fetching corpus: 9806, signal 195231/199831 (executing program)
2025/08/29 12:48:13 fetching corpus: 9856, signal 195483/199839 (executing program)
2025/08/29 12:48:13 fetching corpus: 9906, signal 195736/199841 (executing program)
2025/08/29 12:48:13 fetching corpus: 9953, signal 195889/199867 (executing program)
2025/08/29 12:48:13 fetching corpus: 9953, signal 195889/199883 (executing program)
2025/08/29 12:48:13 fetching corpus: 9953, signal 195889/199883 (executing program)
2025/08/29 12:48:15 starting 8 fuzzer processes
12:48:15 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setresuid(0x0, 0xee01, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={0x0, 0x80}}, 0x0)

12:48:15 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000180)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x90)

12:48:15 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f00000019c0), 0x0, 0x0)

12:48:15 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=@migrate={0x50, 0x21, 0x1, 0x0, 0x0, {{@in=@private, @in=@remote}}}, 0x50}}, 0x0)

12:48:15 executing program 4:
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0xc)

12:48:15 executing program 7:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x541b, 0x0)

[   89.340791] audit: type=1400 audit(1756471695.172:7): avc:  denied  { execmem } for  pid=275 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
12:48:15 executing program 5:
syz_emit_ethernet(0x66, &(0x7f0000000040)={@multicast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c770cc", 0x30, 0x2c, 0x0, @empty, @mcast2, {[], @time_exceed={0x5, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "b07b00", 0x0, 0x0, 0x0, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}}}}}, 0x0)

12:48:15 executing program 6:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='task\x00')
fcntl$notify(r0, 0x402, 0x80000024)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='status\x00')

[   90.470222] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   90.473416] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   90.477131] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   90.480620] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   90.485473] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   90.599580] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   90.602121] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   90.606406] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   90.612387] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   90.616267] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   90.690235] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   90.695288] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   90.697304] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   90.699353] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   90.710553] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   90.721480] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   90.724382] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   90.736148] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   90.748606] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   90.750465] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   90.752192] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   90.756561] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   90.758850] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   90.767372] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   90.768497] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   90.846453] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   90.848557] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   90.852050] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   90.855668] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   90.858513] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   90.882511] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   90.888926] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   90.897274] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   90.921774] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   90.925217] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   90.928597] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   90.933414] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   90.937058] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   90.940113] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   90.945511] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   92.505354] Bluetooth: hci0: command tx timeout
[   92.633164] Bluetooth: hci1: command tx timeout
[   92.889117] Bluetooth: hci7: command tx timeout
[   92.889149] Bluetooth: hci2: command tx timeout
[   92.891064] Bluetooth: hci3: command tx timeout
[   92.953059] Bluetooth: hci5: command tx timeout
[   93.015979] Bluetooth: hci4: command tx timeout
[   93.017596] Bluetooth: hci6: command tx timeout
[   94.552519] Bluetooth: hci0: command tx timeout
[   94.679915] Bluetooth: hci1: command tx timeout
[   94.935943] Bluetooth: hci7: command tx timeout
[   94.935988] Bluetooth: hci3: command tx timeout
[   94.936401] Bluetooth: hci2: command tx timeout
[   95.000994] Bluetooth: hci5: command tx timeout
[   95.063918] Bluetooth: hci6: command tx timeout
[   95.063950] Bluetooth: hci4: command tx timeout
[   96.601009] Bluetooth: hci0: command tx timeout
[   96.729892] Bluetooth: hci1: command tx timeout
[   96.983978] Bluetooth: hci3: command tx timeout
[   96.984440] Bluetooth: hci2: command tx timeout
[   96.984843] Bluetooth: hci7: command tx timeout
[   97.048922] Bluetooth: hci5: command tx timeout
[   97.112590] Bluetooth: hci4: command tx timeout
[   97.113050] Bluetooth: hci6: command tx timeout
[   98.647993] Bluetooth: hci0: command tx timeout
[   98.776229] Bluetooth: hci1: command tx timeout
[   99.031959] Bluetooth: hci7: command tx timeout
[   99.033093] Bluetooth: hci2: command tx timeout
[   99.033745] Bluetooth: hci3: command tx timeout
[   99.095989] Bluetooth: hci5: command tx timeout
[   99.159966] Bluetooth: hci4: command tx timeout
[   99.160628] Bluetooth: hci6: command tx timeout
[  129.161728] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.162417] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.329910] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.330517] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.396568] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.397395] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.541530] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.542138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.676852] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.677607] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:48:55 executing program 3:
mlockall(0x7)
mlockall(0x1)
mlockall(0x5)
shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil)

[  129.777891] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.778432] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.879217] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.879765] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.007353] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.008181] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.082924] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.083550] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.134899] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.135471] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.169590] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.170663] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.232526] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.233149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.253491] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.254256] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.329942] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.330548] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.413227] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.413822] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.462654] audit: type=1400 audit(1756471736.294:8): avc:  denied  { watch } for  pid=3892 comm="syz-executor.6" path="/proc/3892/task" dev="proc" ino=4929 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=1
[  130.504447] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.505493] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.156965] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  131.158392] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  131.165400] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  131.173268] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  131.175632] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  131.181033] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  131.188646] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  131.190138] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  131.193667] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  131.196651] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  131.198835] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  131.203035] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  131.216754] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  131.219040] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  131.222058] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  131.227810] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  131.229602] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  131.233438] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  131.235717] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  131.236434] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  131.239235] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  131.243268] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  131.244055] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  131.246410] Bluetooth: hci6: Opcode 0x0406 failed: -4
12:48:57 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000d40)=@polexpire={0xcc, 0x1b, 0x3, 0x0, 0x0, {{{@in=@multicast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0xcc}}, 0x0)

12:48:57 executing program 6:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pread64(r0, 0x0, 0x0, 0x0)

12:48:57 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x24040841, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10)

12:48:57 executing program 7:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x13, &(0x7f0000002b00)={0x0, {{0x2, 0x0, @multicast1}}}, 0x90)

12:48:57 executing program 3:
getrusage(0xfffffffffffffffe, 0x0)

12:48:57 executing program 2:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000080))
lgetxattr(0x0, 0x0, 0x0, 0x0)

12:48:57 executing program 4:
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0xc)

12:48:57 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan1\x00'}]}, 0x28}}, 0x0)

[  131.309966] audit: type=1400 audit(1756471737.135:9): avc:  denied  { open } for  pid=3904 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  131.316601] audit: type=1400 audit(1756471737.136:10): avc:  denied  { kernel } for  pid=3904 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
12:48:57 executing program 2:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000080))
lgetxattr(0x0, 0x0, 0x0, 0x0)

12:48:57 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

12:48:57 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=@newsa={0xf0, 0x10, 0x1, 0x0, 0x0, {{@in6=@mcast2, @in6=@private0}, {@in6=@private2}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0xf0}}, 0xf0}}, 0x0)

12:48:57 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000000)=@ethtool_cmd={0x1f}})

12:48:57 executing program 4:
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0xc)

12:48:57 executing program 6:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000040)={{r0}})

12:48:57 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x7, &(0x7f0000000140), 0x4)

[  131.462267] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[  131.463128] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[  131.463725] CPU: 1 UID: 0 PID: 3933 Comm: syz-executor.1 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  131.465184] Tainted: [W]=WARN
[  131.465686] kmemleak: Found object by alias at 0x607f1a63911c
[  131.465710] CPU: 0 UID: 0 PID: 3921 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  131.465732] Tainted: [W]=WARN
[  131.465737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  131.465746] Call Trace:
[  131.465751]  <TASK>
[  131.465757]  dump_stack_lvl+0xca/0x120
[  131.465785]  __lookup_object+0x94/0xb0
[  131.465805]  delete_object_full+0x27/0x70
[  131.465824]  free_percpu+0x30/0x1160
[  131.465844]  ? arch_uprobe_clear_state+0x16/0x140
[  131.465872]  futex_hash_free+0x38/0xc0
[  131.465889]  mmput+0x2d3/0x390
[  131.465911]  do_exit+0x79d/0x2970
[  131.465927]  ? signal_wake_up_state+0x85/0x120
[  131.465946]  ? zap_other_threads+0x2b9/0x3a0
[  131.465964]  ? __pfx_do_exit+0x10/0x10
[  131.465979]  ? do_group_exit+0x1c3/0x2a0
[  131.465995]  ? lock_release+0xc8/0x290
[  131.466012]  do_group_exit+0xd3/0x2a0
[  131.466029]  __x64_sys_exit_group+0x3e/0x50
[  131.466045]  x64_sys_call+0x18c5/0x18d0
[  131.466064]  do_syscall_64+0xbf/0x360
[  131.466077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.466091] RIP: 0033:0x7f14b0a9eb19
[  131.466101] Code: Unable to access opcode bytes at 0x7f14b0a9eaef.
[  131.466108] RSP: 002b:00007ffebbecc598 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  131.466122] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f14b0a9eb19
[  131.466131] RDX: 00007f14b0a5172b RSI: ffffffffffffffbc RDI: 0000000000000000
[  131.466140] RBP: 0000000000000000 R08: 0000001b2d1200e0 R09: 0000000000000000
[  131.466148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.466157] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffebbecc680
[  131.466170]  </TASK>
[  131.466174] kmemleak: Object (percpu) 0x607f1a639118 (size 8):
[  131.466182] kmemleak:   comm "syz-executor.7", pid 3928, jiffies 4294798377
[  131.466191] kmemleak:   min_count = 1
[  131.466196] kmemleak:   count = 0
[  131.466200] kmemleak:   flags = 0x21
[  131.466205] kmemleak:   checksum = 0
[  131.466209] kmemleak:   backtrace:
[  131.466213]  pcpu_alloc_noprof+0x87a/0x1170
[  131.466232]  perf_trace_event_init+0x366/0xa10
[  131.466249]  perf_trace_init+0x1a4/0x2f0
[  131.466263]  perf_tp_event_init+0xa6/0x120
[  131.466282]  perf_try_init_event+0x140/0x9f0
[  131.466298]  perf_event_alloc.part.0+0x118e/0x45f0
[  131.466318]  __do_sys_perf_event_open+0x719/0x2c20
[  131.466334]  do_syscall_64+0xbf/0x360
[  131.466345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.487776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  131.488429] RIP: 0010:perf_tp_event+0x175/0xe70
[  131.488813] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  131.490267] RSP: 0018:ffff8880174d7780 EFLAGS: 00010012
[  131.490695] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90002a1a000
[  131.491259] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  131.491826] RBP: ffff8880174d79f0 R08: ffff88806cf31340 R09: ffffe8ffffd16118
[  131.492389] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  131.492953] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  131.493534] FS:  00007faf60d41700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  131.494170] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  131.494635] CR2: 00007faf638df018 CR3: 0000000044eb5000 CR4: 0000000000350ef0
[  131.495204] Call Trace:
[  131.495413]  <TASK>
[  131.495598]  ? lock_release+0xc8/0x290
[  131.495918]  ? __pfx_perf_tp_event+0x10/0x10
[  131.496278]  ? unwind_get_return_address+0x59/0xa0
[  131.496683]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  131.497120]  ? arch_stack_walk+0x9c/0xf0
[  131.497457]  ? __lock_acquire+0x694/0x1b70
[  131.497804]  ? __lock_acquire+0x694/0x1b70
[  131.498147]  ? lock_acquire+0x15e/0x2f0
[  131.498467]  ? __is_insn_slot_addr+0x2e/0x290
[  131.498836]  ? find_held_lock+0x2b/0x80
[  131.499167]  ? __is_insn_slot_addr+0x136/0x290
[  131.499543]  ? perf_trace_run_bpf_submit+0xef/0x180
[  131.499950]  ? __is_insn_slot_addr+0x140/0x290
[  131.500324]  perf_trace_run_bpf_submit+0xef/0x180
[  131.500719]  perf_trace_preemptirq_template+0x259/0x430
[  131.501166]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  131.501638]  ? _raw_spin_lock_irqsave+0x53/0x60
[  131.502019]  trace_irq_disable.constprop.0+0xa6/0x100
[  131.502428]  _raw_spin_lock_irqsave+0x53/0x60
[  131.502788]  try_to_wake_up+0xa0/0x11d0
[  131.503118]  ? __pfx_try_to_wake_up+0x10/0x10
[  131.503485]  ? plist_del+0x122/0x270
[  131.503791]  ? find_held_lock+0x2b/0x80
[  131.504116]  ? futex_wake+0x474/0x540
[  131.504426]  wake_up_q+0xa1/0x130
[  131.504711]  futex_wake+0x47e/0x540
[  131.505013]  ? __pfx_futex_wake+0x10/0x10
[  131.505359]  ? __lock_acquire+0x694/0x1b70
[  131.505700]  ? file_init_path+0x506/0x770
[  131.506040]  do_futex+0x26d/0x370
[  131.506326]  ? __pfx_do_futex+0x10/0x10
[  131.506655]  ? lock_release+0xc8/0x290
[  131.506975]  __x64_sys_futex+0x1c9/0x4d0
[  131.507310]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  131.507782]  ? __pfx___x64_sys_futex+0x10/0x10
[  131.508156]  do_syscall_64+0xbf/0x360
[  131.508465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.508880] RIP: 0033:0x7faf637cbb19
[  131.509186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  131.510631] RSP: 002b:00007faf60d41218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  131.511230] RAX: ffffffffffffffda RBX: 00007faf638def68 RCX: 00007faf637cbb19
[  131.511798] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007faf638def6c
[  131.512362] RBP: 00007faf638def60 R08: 000000000000000e R09: 0000000000000000
[  131.512926] R10: 0000000000000003 R11: 0000000000000246 R12: 00007faf638def6c
[  131.513496] R13: 00007ffef9271ccf R14: 00007faf60d41300 R15: 0000000000022000
[  131.514065]  </TASK>
[  131.514260] Modules linked in:
[  131.514522] ---[ end trace 0000000000000000 ]---
[  131.514895] RIP: 0010:perf_tp_event+0x175/0xe70
[  131.515274] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  131.516716] RSP: 0018:ffff8880174d7780 EFLAGS: 00010012
[  131.517140] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90002a1a000
[  131.517714] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  131.518279] RBP: ffff8880174d79f0 R08: ffff88806cf31340 R09: ffffe8ffffd16118
[  131.518840] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  131.519404] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  131.519968] FS:  00007faf60d41700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  131.520602] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  131.521064] CR2: 00007faf638df018 CR3: 0000000044eb5000 CR4: 0000000000350ef0
[  131.521640] note: syz-executor.1[3933] exited with irqs disabled
[  131.522185] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[  131.523062] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[  131.523654] CPU: 1 UID: 0 PID: 3933 Comm: syz-executor.1 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  131.524593] Tainted: [D]=DIE, [W]=WARN
[  131.524897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  131.525550] RIP: 0010:perf_tp_event+0x175/0xe70
[  131.525908] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  131.527234] RSP: 0018:ffff88806cf08b40 EFLAGS: 00010012
[  131.527629] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[  131.528153] RDX: ffff8880165c8000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  131.528678] RBP: ffff88806cf08db0 R08: ffff88806cf313e8 R09: ffffe8ffffd16118
[  131.529212] R10: 0000000000000000 R11: ffff8880177ee098 R12: dffffc0000000000
[  131.529736] R13: 0000000000000014 R14: ffff88806cf313e8 R15: dffffc0000000000
[  131.530262] FS:  00007faf60d41700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  131.530853] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  131.531282] CR2: 00007faf638df018 CR3: 0000000044eb5000 CR4: 0000000000350ef0
[  131.531812] Call Trace:
[  131.532009]  <IRQ>
[  131.532177]  ? __pfx_perf_tp_event+0x10/0x10
[  131.532514]  ? trace_pelt_se_tp+0xdf/0x130
[  131.532833]  ? __update_load_avg_se+0x428/0xa40
[  131.533197]  ? update_load_avg+0x17d/0x1ef0
[  131.533523]  ? place_entity+0x1c/0x410
[  131.533819]  ? check_preempt_wakeup_fair+0x6e/0x950
[  131.534192]  ? lock_release+0x1c7/0x290
[  131.534490]  ? lock_release+0x1c7/0x290
[  131.534789]  ? do_raw_spin_unlock+0x53/0x220
[  131.535127]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[  131.535507]  ? try_to_wake_up+0x8ae/0x11d0
[  131.535834]  ? perf_trace_run_bpf_submit+0xef/0x180
[  131.536211]  ? lock_release+0x1c7/0x290
[  131.536513]  perf_trace_run_bpf_submit+0xef/0x180
[  131.536879]  perf_trace_preemptirq_template+0x259/0x430
[  131.537290]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  131.537728]  ? read_tsc+0x9/0x20
[  131.537996]  ? ktime_get+0x16d/0x270
[  131.538284]  ? __pfx_lapic_next_deadline+0x10/0x10
[  131.538652]  ? clockevents_program_event+0x135/0x360
[  131.539036]  ? _raw_spin_lock_irq+0x42/0x50
[  131.539359]  trace_irq_disable.constprop.0+0xa6/0x100
[  131.539741]  _raw_spin_lock_irq+0x42/0x50
[  131.540054]  run_timer_softirq+0x10f/0x210
[  131.540374]  handle_softirqs+0x1b1/0x770
[  131.540692]  __irq_exit_rcu+0xc4/0x100
[  131.540992]  irq_exit_rcu+0x9/0x20
[  131.541267]  sysvec_apic_timer_interrupt+0x70/0x80
[  131.541639]  </IRQ>
[  131.541810]  <TASK>
[  131.541983]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  131.542376] RIP: 0010:make_task_dead+0xa2/0x3b0
[  131.542729] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 <e8> b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de
[  131.544053] RSP: 0018:ffff8880174d7f28 EFLAGS: 00000246
[  131.544444] RAX: 0000000000000001 RBX: ffff8880165c8000 RCX: ffffffff817c2b86
[  131.544968] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[  131.545497] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[  131.546019] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff8880165c8000
[  131.546539] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[  131.547065]  ? trace_irq_enable.constprop.0+0x26/0x100
[  131.547453]  ? make_task_dead+0x214/0x3b0
[  131.547766]  ? make_task_dead+0x214/0x3b0
[  131.548084]  ? do_syscall_64+0xbf/0x360
[  131.548380]  rewind_stack_and_make_dead+0x16/0x20
[  131.548743] RIP: 0033:0x7faf637cbb19
[  131.549022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  131.550354] RSP: 002b:00007faf60d41218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  131.550914] RAX: ffffffffffffffda RBX: 00007faf638def68 RCX: 00007faf637cbb19
[  131.551436] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007faf638def6c
[  131.551959] RBP: 00007faf638def60 R08: 000000000000000e R09: 0000000000000000
[  131.552480] R10: 0000000000000003 R11: 0000000000000246 R12: 00007faf638def6c
[  131.553003] R13: 00007ffef9271ccf R14: 00007faf60d41300 R15: 0000000000022000
[  131.553539]  </TASK>
[  131.553722] Modules linked in:
[  131.553967] ---[ end trace 0000000000000000 ]---
[  131.554315] RIP: 0010:perf_tp_event+0x175/0xe70
[  131.554674] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  131.556001] RSP: 0018:ffff8880174d7780 EFLAGS: 00010012
[  131.556394] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90002a1a000
[  131.556919] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  131.557450] RBP: ffff8880174d79f0 R08: ffff88806cf31340 R09: ffffe8ffffd16118
[  131.557976] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  131.558498] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  131.559025] FS:  00007faf60d41700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  131.559615] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  131.560045] CR2: 00007faf638df018 CR3: 0000000044eb5000 CR4: 0000000000350ef0
[  131.560570] Kernel panic - not syncing: Fatal exception in interrupt
[  131.561250] Kernel Offset: disabled
[  131.561523] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
12:48:57  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=0000000000000001 RCX=0000000000000000 RDX=0000000000000000
RSI=0000000000000000 RDI=ffff88806ce3bb10 RBP=ffff88806ce3bb10 RSP=ffff888047a8f6c8
R8 =0000000000000001 R9 =0000000000000000 R10=ffffffff8643ac57 R11=ffff88806ce3bb10
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=ffffea00002d2c40
RIP=ffffffff8151dc57 RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe5800000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb7f86f5000 CR3=00000000427f7000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000072 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880174d7118
R8 =0000000000000000 R9 =ffffed10016b4046 R10=0000000000000072 R11=617254206c6c6143
R12=0000000000000072 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007faf60d41700 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe4500000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007faf638df018 CR3=0000000044eb5000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007faf638b27c000007faf638b27c8
XMM02=00007faf638b27e000007faf638b27c0 XMM03=00007faf638b27c800007faf638b27c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000