Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:14671' (ECDSA) to the list of known hosts. 2025/08/29 13:07:14 fuzzer started 2025/08/29 13:07:15 dialing manager at localhost:43077 syzkaller login: [ 50.893201] cgroup: Unknown subsys name 'net' [ 50.959543] cgroup: Unknown subsys name 'cpuset' [ 50.981245] cgroup: Unknown subsys name 'rlimit' 2025/08/29 13:07:25 syscalls: 2214 2025/08/29 13:07:25 code coverage: enabled 2025/08/29 13:07:25 comparison tracing: enabled 2025/08/29 13:07:25 extra coverage: enabled 2025/08/29 13:07:25 setuid sandbox: enabled 2025/08/29 13:07:25 namespace sandbox: enabled 2025/08/29 13:07:25 Android sandbox: enabled 2025/08/29 13:07:25 fault injection: enabled 2025/08/29 13:07:25 leak checking: enabled 2025/08/29 13:07:25 net packet injection: enabled 2025/08/29 13:07:25 net device setup: enabled 2025/08/29 13:07:25 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 13:07:25 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 13:07:25 USB emulation: enabled 2025/08/29 13:07:25 hci packet injection: enabled 2025/08/29 13:07:25 wifi device emulation: enabled 2025/08/29 13:07:25 802.15.4 emulation: enabled 2025/08/29 13:07:25 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 13:07:25 fetching corpus: 50, signal 22367/25934 (executing program) 2025/08/29 13:07:25 fetching corpus: 100, signal 36466/41357 (executing program) 2025/08/29 13:07:25 fetching corpus: 150, signal 42669/48920 (executing program) 2025/08/29 13:07:25 fetching corpus: 200, signal 48302/55823 (executing program) 2025/08/29 13:07:25 fetching corpus: 250, signal 53185/61928 (executing program) 2025/08/29 13:07:26 fetching corpus: 300, signal 59768/69499 (executing program) 2025/08/29 13:07:26 fetching corpus: 350, signal 63022/73906 (executing program) 2025/08/29 13:07:26 fetching corpus: 400, signal 65750/77725 (executing program) 2025/08/29 13:07:26 fetching corpus: 450, signal 69910/82810 (executing program) 2025/08/29 13:07:26 fetching corpus: 500, signal 74068/87804 (executing program) 2025/08/29 13:07:26 fetching corpus: 550, signal 77098/91714 (executing program) 2025/08/29 13:07:26 fetching corpus: 600, signal 80062/95554 (executing program) 2025/08/29 13:07:26 fetching corpus: 650, signal 83161/99423 (executing program) 2025/08/29 13:07:26 fetching corpus: 700, signal 86412/103395 (executing program) 2025/08/29 13:07:27 fetching corpus: 750, signal 89481/107174 (executing program) 2025/08/29 13:07:27 fetching corpus: 800, signal 92402/110694 (executing program) 2025/08/29 13:07:27 fetching corpus: 850, signal 94330/113355 (executing program) 2025/08/29 13:07:27 fetching corpus: 900, signal 96278/116011 (executing program) 2025/08/29 13:07:27 fetching corpus: 950, signal 98510/118797 (executing program) 2025/08/29 13:07:27 fetching corpus: 1000, signal 100188/121190 (executing program) 2025/08/29 13:07:27 fetching corpus: 1050, signal 101975/123611 (executing program) 2025/08/29 13:07:27 fetching corpus: 1100, signal 103292/125598 (executing program) 2025/08/29 13:07:27 fetching corpus: 1150, signal 106928/129325 (executing program) 2025/08/29 13:07:27 fetching corpus: 1200, signal 108095/131169 (executing program) 2025/08/29 13:07:28 fetching corpus: 1250, signal 109751/133303 (executing program) 2025/08/29 13:07:28 fetching corpus: 1300, signal 111105/135157 (executing program) 2025/08/29 13:07:28 fetching corpus: 1350, signal 112573/137067 (executing program) 2025/08/29 13:07:28 fetching corpus: 1400, signal 113998/138967 (executing program) 2025/08/29 13:07:28 fetching corpus: 1450, signal 115049/140628 (executing program) 2025/08/29 13:07:28 fetching corpus: 1500, signal 116252/142317 (executing program) 2025/08/29 13:07:28 fetching corpus: 1550, signal 117129/143733 (executing program) 2025/08/29 13:07:28 fetching corpus: 1600, signal 118381/145417 (executing program) 2025/08/29 13:07:28 fetching corpus: 1650, signal 119671/147147 (executing program) 2025/08/29 13:07:28 fetching corpus: 1700, signal 120697/148666 (executing program) 2025/08/29 13:07:28 fetching corpus: 1750, signal 121416/149927 (executing program) 2025/08/29 13:07:28 fetching corpus: 1800, signal 122167/151132 (executing program) 2025/08/29 13:07:29 fetching corpus: 1850, signal 122849/152389 (executing program) 2025/08/29 13:07:29 fetching corpus: 1900, signal 123910/153828 (executing program) 2025/08/29 13:07:29 fetching corpus: 1950, signal 124771/155103 (executing program) 2025/08/29 13:07:29 fetching corpus: 2000, signal 125928/156567 (executing program) 2025/08/29 13:07:29 fetching corpus: 2050, signal 126900/157892 (executing program) 2025/08/29 13:07:29 fetching corpus: 2100, signal 128075/159329 (executing program) 2025/08/29 13:07:29 fetching corpus: 2150, signal 128811/160420 (executing program) 2025/08/29 13:07:29 fetching corpus: 2200, signal 129984/161777 (executing program) 2025/08/29 13:07:29 fetching corpus: 2250, signal 130534/162785 (executing program) 2025/08/29 13:07:30 fetching corpus: 2300, signal 131754/164146 (executing program) 2025/08/29 13:07:30 fetching corpus: 2350, signal 132620/165286 (executing program) 2025/08/29 13:07:30 fetching corpus: 2400, signal 133330/166339 (executing program) 2025/08/29 13:07:30 fetching corpus: 2450, signal 134102/167427 (executing program) 2025/08/29 13:07:30 fetching corpus: 2500, signal 134591/168314 (executing program) 2025/08/29 13:07:30 fetching corpus: 2550, signal 135213/169252 (executing program) 2025/08/29 13:07:30 fetching corpus: 2600, signal 135820/170180 (executing program) 2025/08/29 13:07:30 fetching corpus: 2650, signal 136433/171099 (executing program) 2025/08/29 13:07:30 fetching corpus: 2700, signal 137040/171982 (executing program) 2025/08/29 13:07:30 fetching corpus: 2750, signal 138009/173098 (executing program) 2025/08/29 13:07:30 fetching corpus: 2800, signal 138588/173940 (executing program) 2025/08/29 13:07:30 fetching corpus: 2850, signal 139449/174909 (executing program) 2025/08/29 13:07:30 fetching corpus: 2900, signal 140322/175879 (executing program) 2025/08/29 13:07:31 fetching corpus: 2950, signal 140991/176822 (executing program) 2025/08/29 13:07:31 fetching corpus: 3000, signal 141597/177696 (executing program) 2025/08/29 13:07:31 fetching corpus: 3050, signal 142290/178562 (executing program) 2025/08/29 13:07:31 fetching corpus: 3100, signal 143099/179456 (executing program) 2025/08/29 13:07:31 fetching corpus: 3150, signal 143695/180276 (executing program) 2025/08/29 13:07:31 fetching corpus: 3200, signal 144382/181129 (executing program) 2025/08/29 13:07:31 fetching corpus: 3250, signal 144994/181878 (executing program) 2025/08/29 13:07:31 fetching corpus: 3300, signal 145661/182647 (executing program) 2025/08/29 13:07:31 fetching corpus: 3350, signal 146400/183444 (executing program) 2025/08/29 13:07:31 fetching corpus: 3400, signal 147215/184213 (executing program) 2025/08/29 13:07:32 fetching corpus: 3450, signal 147868/184929 (executing program) 2025/08/29 13:07:32 fetching corpus: 3500, signal 148634/185647 (executing program) 2025/08/29 13:07:32 fetching corpus: 3550, signal 149097/186357 (executing program) 2025/08/29 13:07:32 fetching corpus: 3600, signal 149776/187104 (executing program) 2025/08/29 13:07:32 fetching corpus: 3650, signal 150305/187743 (executing program) 2025/08/29 13:07:32 fetching corpus: 3700, signal 150863/188406 (executing program) 2025/08/29 13:07:32 fetching corpus: 3750, signal 151317/189026 (executing program) 2025/08/29 13:07:32 fetching corpus: 3800, signal 151712/189611 (executing program) 2025/08/29 13:07:32 fetching corpus: 3850, signal 152412/190290 (executing program) 2025/08/29 13:07:32 fetching corpus: 3900, signal 153311/190966 (executing program) 2025/08/29 13:07:32 fetching corpus: 3950, signal 153714/191504 (executing program) 2025/08/29 13:07:33 fetching corpus: 4000, signal 154068/192029 (executing program) 2025/08/29 13:07:33 fetching corpus: 4050, signal 154565/192593 (executing program) 2025/08/29 13:07:33 fetching corpus: 4100, signal 154884/193125 (executing program) 2025/08/29 13:07:33 fetching corpus: 4150, signal 155191/193633 (executing program) 2025/08/29 13:07:33 fetching corpus: 4200, signal 155974/194195 (executing program) 2025/08/29 13:07:33 fetching corpus: 4250, signal 156515/194820 (executing program) 2025/08/29 13:07:33 fetching corpus: 4300, signal 157073/195299 (executing program) 2025/08/29 13:07:33 fetching corpus: 4350, signal 157455/195773 (executing program) 2025/08/29 13:07:33 fetching corpus: 4400, signal 157936/196269 (executing program) 2025/08/29 13:07:33 fetching corpus: 4450, signal 158571/196773 (executing program) 2025/08/29 13:07:34 fetching corpus: 4500, signal 159115/197248 (executing program) 2025/08/29 13:07:34 fetching corpus: 4550, signal 159568/197691 (executing program) 2025/08/29 13:07:34 fetching corpus: 4600, signal 160151/198173 (executing program) 2025/08/29 13:07:34 fetching corpus: 4650, signal 160623/198624 (executing program) 2025/08/29 13:07:34 fetching corpus: 4700, signal 161198/199052 (executing program) 2025/08/29 13:07:34 fetching corpus: 4750, signal 161519/199464 (executing program) 2025/08/29 13:07:34 fetching corpus: 4800, signal 162027/199869 (executing program) 2025/08/29 13:07:34 fetching corpus: 4850, signal 162428/200014 (executing program) 2025/08/29 13:07:34 fetching corpus: 4900, signal 163124/200065 (executing program) 2025/08/29 13:07:35 fetching corpus: 4950, signal 163603/200151 (executing program) 2025/08/29 13:07:35 fetching corpus: 5000, signal 163931/200159 (executing program) 2025/08/29 13:07:35 fetching corpus: 5050, signal 164288/200167 (executing program) 2025/08/29 13:07:35 fetching corpus: 5100, signal 164798/200174 (executing program) 2025/08/29 13:07:35 fetching corpus: 5150, signal 165107/200195 (executing program) 2025/08/29 13:07:35 fetching corpus: 5200, signal 165617/200214 (executing program) 2025/08/29 13:07:35 fetching corpus: 5250, signal 166195/200220 (executing program) 2025/08/29 13:07:35 fetching corpus: 5300, signal 166655/200220 (executing program) 2025/08/29 13:07:35 fetching corpus: 5350, signal 167019/200225 (executing program) 2025/08/29 13:07:35 fetching corpus: 5400, signal 167414/200226 (executing program) 2025/08/29 13:07:35 fetching corpus: 5450, signal 167958/200232 (executing program) 2025/08/29 13:07:35 fetching corpus: 5500, signal 168311/200240 (executing program) 2025/08/29 13:07:35 fetching corpus: 5550, signal 168624/200247 (executing program) 2025/08/29 13:07:36 fetching corpus: 5600, signal 168974/200257 (executing program) 2025/08/29 13:07:36 fetching corpus: 5650, signal 169253/200259 (executing program) 2025/08/29 13:07:36 fetching corpus: 5700, signal 169642/200263 (executing program) 2025/08/29 13:07:36 fetching corpus: 5750, signal 169999/200281 (executing program) 2025/08/29 13:07:36 fetching corpus: 5800, signal 170320/200285 (executing program) 2025/08/29 13:07:36 fetching corpus: 5850, signal 170574/200310 (executing program) 2025/08/29 13:07:36 fetching corpus: 5900, signal 170837/200323 (executing program) 2025/08/29 13:07:36 fetching corpus: 5950, signal 171162/200348 (executing program) 2025/08/29 13:07:36 fetching corpus: 6000, signal 171462/200400 (executing program) 2025/08/29 13:07:36 fetching corpus: 6050, signal 172166/200433 (executing program) 2025/08/29 13:07:36 fetching corpus: 6100, signal 172634/200444 (executing program) 2025/08/29 13:07:37 fetching corpus: 6150, signal 172927/200444 (executing program) 2025/08/29 13:07:37 fetching corpus: 6200, signal 173473/200446 (executing program) 2025/08/29 13:07:37 fetching corpus: 6250, signal 173810/200448 (executing program) 2025/08/29 13:07:37 fetching corpus: 6300, signal 174217/200452 (executing program) 2025/08/29 13:07:37 fetching corpus: 6350, signal 174491/200454 (executing program) 2025/08/29 13:07:37 fetching corpus: 6400, signal 174803/200463 (executing program) 2025/08/29 13:07:37 fetching corpus: 6450, signal 175148/200473 (executing program) 2025/08/29 13:07:37 fetching corpus: 6500, signal 175581/200474 (executing program) 2025/08/29 13:07:37 fetching corpus: 6550, signal 175973/200484 (executing program) 2025/08/29 13:07:37 fetching corpus: 6600, signal 176253/200486 (executing program) 2025/08/29 13:07:37 fetching corpus: 6650, signal 177075/200486 (executing program) 2025/08/29 13:07:38 fetching corpus: 6700, signal 177323/200506 (executing program) 2025/08/29 13:07:38 fetching corpus: 6750, signal 177660/200522 (executing program) 2025/08/29 13:07:38 fetching corpus: 6800, signal 177995/200526 (executing program) 2025/08/29 13:07:38 fetching corpus: 6850, signal 178205/200535 (executing program) 2025/08/29 13:07:38 fetching corpus: 6900, signal 178484/200615 (executing program) 2025/08/29 13:07:38 fetching corpus: 6950, signal 178742/200623 (executing program) 2025/08/29 13:07:38 fetching corpus: 7000, signal 179087/200629 (executing program) 2025/08/29 13:07:38 fetching corpus: 7050, signal 179432/200653 (executing program) 2025/08/29 13:07:38 fetching corpus: 7100, signal 179809/200673 (executing program) 2025/08/29 13:07:38 fetching corpus: 7150, signal 180171/200678 (executing program) 2025/08/29 13:07:38 fetching corpus: 7200, signal 180524/200678 (executing program) 2025/08/29 13:07:38 fetching corpus: 7250, signal 180891/200700 (executing program) 2025/08/29 13:07:39 fetching corpus: 7300, signal 181196/200702 (executing program) 2025/08/29 13:07:39 fetching corpus: 7350, signal 181501/200704 (executing program) 2025/08/29 13:07:39 fetching corpus: 7400, signal 181980/200719 (executing program) 2025/08/29 13:07:39 fetching corpus: 7450, signal 182297/200722 (executing program) 2025/08/29 13:07:39 fetching corpus: 7500, signal 182515/200729 (executing program) 2025/08/29 13:07:39 fetching corpus: 7550, signal 182769/200730 (executing program) 2025/08/29 13:07:39 fetching corpus: 7600, signal 183031/200735 (executing program) 2025/08/29 13:07:39 fetching corpus: 7650, signal 183362/200750 (executing program) 2025/08/29 13:07:39 fetching corpus: 7700, signal 183538/200768 (executing program) 2025/08/29 13:07:39 fetching corpus: 7750, signal 183873/200807 (executing program) 2025/08/29 13:07:39 fetching corpus: 7800, signal 184136/200813 (executing program) 2025/08/29 13:07:39 fetching corpus: 7850, signal 184362/200814 (executing program) 2025/08/29 13:07:39 fetching corpus: 7900, signal 184583/200824 (executing program) 2025/08/29 13:07:40 fetching corpus: 7950, signal 184891/200845 (executing program) 2025/08/29 13:07:40 fetching corpus: 8000, signal 185091/200847 (executing program) 2025/08/29 13:07:40 fetching corpus: 8050, signal 185357/200864 (executing program) 2025/08/29 13:07:40 fetching corpus: 8100, signal 185582/200878 (executing program) 2025/08/29 13:07:40 fetching corpus: 8150, signal 185855/200880 (executing program) 2025/08/29 13:07:40 fetching corpus: 8200, signal 186662/200893 (executing program) 2025/08/29 13:07:40 fetching corpus: 8250, signal 186897/200894 (executing program) 2025/08/29 13:07:40 fetching corpus: 8300, signal 187203/200895 (executing program) 2025/08/29 13:07:40 fetching corpus: 8350, signal 187442/200901 (executing program) 2025/08/29 13:07:40 fetching corpus: 8400, signal 187850/200911 (executing program) 2025/08/29 13:07:40 fetching corpus: 8450, signal 188106/200914 (executing program) 2025/08/29 13:07:40 fetching corpus: 8500, signal 188398/200928 (executing program) 2025/08/29 13:07:40 fetching corpus: 8550, signal 188640/200930 (executing program) 2025/08/29 13:07:41 fetching corpus: 8600, signal 189040/200934 (executing program) 2025/08/29 13:07:41 fetching corpus: 8650, signal 189248/200947 (executing program) 2025/08/29 13:07:41 fetching corpus: 8700, signal 189569/200965 (executing program) 2025/08/29 13:07:41 fetching corpus: 8750, signal 189871/200973 (executing program) 2025/08/29 13:07:41 fetching corpus: 8800, signal 190053/200975 (executing program) 2025/08/29 13:07:41 fetching corpus: 8850, signal 190331/200982 (executing program) 2025/08/29 13:07:41 fetching corpus: 8900, signal 190523/201016 (executing program) 2025/08/29 13:07:41 fetching corpus: 8950, signal 190724/201024 (executing program) 2025/08/29 13:07:42 fetching corpus: 9000, signal 190960/201030 (executing program) 2025/08/29 13:07:42 fetching corpus: 9050, signal 191265/201031 (executing program) 2025/08/29 13:07:42 fetching corpus: 9100, signal 191678/201031 (executing program) 2025/08/29 13:07:42 fetching corpus: 9150, signal 192026/201032 (executing program) 2025/08/29 13:07:42 fetching corpus: 9200, signal 192272/201046 (executing program) 2025/08/29 13:07:42 fetching corpus: 9250, signal 192534/201057 (executing program) 2025/08/29 13:07:42 fetching corpus: 9300, signal 192771/201060 (executing program) 2025/08/29 13:07:42 fetching corpus: 9350, signal 192950/201069 (executing program) 2025/08/29 13:07:42 fetching corpus: 9400, signal 193190/201073 (executing program) 2025/08/29 13:07:42 fetching corpus: 9450, signal 193435/201079 (executing program) 2025/08/29 13:07:42 fetching corpus: 9500, signal 193678/201079 (executing program) 2025/08/29 13:07:42 fetching corpus: 9550, signal 193874/201091 (executing program) 2025/08/29 13:07:42 fetching corpus: 9600, signal 194046/201092 (executing program) 2025/08/29 13:07:43 fetching corpus: 9650, signal 194280/201099 (executing program) 2025/08/29 13:07:43 fetching corpus: 9700, signal 194554/201104 (executing program) 2025/08/29 13:07:43 fetching corpus: 9750, signal 194799/201104 (executing program) 2025/08/29 13:07:43 fetching corpus: 9800, signal 195007/201112 (executing program) 2025/08/29 13:07:43 fetching corpus: 9850, signal 195331/201115 (executing program) 2025/08/29 13:07:43 fetching corpus: 9900, signal 195585/201134 (executing program) 2025/08/29 13:07:43 fetching corpus: 9950, signal 195864/201148 (executing program) 2025/08/29 13:07:43 fetching corpus: 10000, signal 196165/201160 (executing program) 2025/08/29 13:07:43 fetching corpus: 10050, signal 196396/201161 (executing program) 2025/08/29 13:07:43 fetching corpus: 10100, signal 196713/201166 (executing program) 2025/08/29 13:07:43 fetching corpus: 10150, signal 196946/201167 (executing program) 2025/08/29 13:07:44 fetching corpus: 10200, signal 197155/201222 (executing program) 2025/08/29 13:07:44 fetching corpus: 10206, signal 197167/201222 (executing program) 2025/08/29 13:07:44 fetching corpus: 10206, signal 197167/201222 (executing program) 2025/08/29 13:07:46 starting 8 fuzzer processes 13:07:46 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000280)={0x100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 13:07:46 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000004c0), r0) sendmsg$NLBL_UNLABEL_C_ACCEPT(r0, &(0x7f0000000580)={&(0x7f0000000480), 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0x1}, 0x14}}, 0x0) 13:07:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_int(r0, 0x0, 0x13, 0x0, &(0x7f0000000840)) [ 81.991897] audit: type=1400 audit(1756472866.264:7): avc: denied { execmem } for pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:07:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, 0x0, 0x0) 13:07:46 executing program 7: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r1, 0x0, 0x801, 0x0) read(r0, &(0x7f00000000c0)=""/126, 0x7e) 13:07:46 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040), 0x4) getsockopt$packet_buf(r0, 0x107, 0x12, 0x0, &(0x7f0000000240)) 13:07:46 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') getdents64(r0, &(0x7f0000000100)=""/51, 0x33) getdents64(r0, &(0x7f0000000300)=""/133, 0x85) 13:07:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{}, {0x0, 0x3}]}) [ 83.122163] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.124433] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.127160] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.132351] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.137228] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.307210] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 83.311028] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 83.312496] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 83.316947] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 83.320519] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 83.322018] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.324427] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 83.327750] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 83.328279] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 83.332127] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 83.334910] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.337752] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.340901] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.345361] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 83.349986] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 83.389352] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 83.395241] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 83.397256] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 83.400720] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 83.402859] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 83.405946] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 83.411168] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 83.416742] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 83.429420] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 83.434849] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 83.438055] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 83.449259] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 83.451842] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 83.460179] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 83.463631] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 83.467276] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 83.469415] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 83.477034] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 83.499924] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 83.518963] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 85.215267] Bluetooth: hci0: command tx timeout [ 85.406845] Bluetooth: hci3: command tx timeout [ 85.407695] Bluetooth: hci2: command tx timeout [ 85.470688] Bluetooth: hci6: command tx timeout [ 85.471657] Bluetooth: hci1: command tx timeout [ 85.535266] Bluetooth: hci5: command tx timeout [ 85.535391] Bluetooth: hci4: command tx timeout [ 85.598659] Bluetooth: hci7: command tx timeout [ 87.262796] Bluetooth: hci0: command tx timeout [ 87.455700] Bluetooth: hci2: command tx timeout [ 87.456254] Bluetooth: hci3: command tx timeout [ 87.518846] Bluetooth: hci1: command tx timeout [ 87.519625] Bluetooth: hci6: command tx timeout [ 87.582711] Bluetooth: hci5: command tx timeout [ 87.583738] Bluetooth: hci4: command tx timeout [ 87.647747] Bluetooth: hci7: command tx timeout [ 89.312592] Bluetooth: hci0: command tx timeout [ 89.503636] Bluetooth: hci3: command tx timeout [ 89.504099] Bluetooth: hci2: command tx timeout [ 89.566710] Bluetooth: hci1: command tx timeout [ 89.566892] Bluetooth: hci6: command tx timeout [ 89.630720] Bluetooth: hci4: command tx timeout [ 89.630769] Bluetooth: hci5: command tx timeout [ 89.694630] Bluetooth: hci7: command tx timeout [ 91.359630] Bluetooth: hci0: command tx timeout [ 91.550921] Bluetooth: hci2: command tx timeout [ 91.551250] Bluetooth: hci3: command tx timeout [ 91.614694] Bluetooth: hci6: command tx timeout [ 91.614948] Bluetooth: hci1: command tx timeout [ 91.678770] Bluetooth: hci5: command tx timeout [ 91.679316] Bluetooth: hci4: command tx timeout [ 91.742638] Bluetooth: hci7: command tx timeout [ 121.335872] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.336547] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.516542] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.517958] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.805526] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.806169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:08:26 executing program 3: syz_emit_ethernet(0x8a, &(0x7f0000000100)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "708329", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 121.931884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.932443] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:08:26 executing program 3: ioprio_get$pid(0x2, 0x0) 13:08:26 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000005480)={0x0, 0x9, 0x0, 0x0, 0x0, "99decf35c75fa614"}) writev(r0, &(0x7f00000053c0)=[{&(0x7f0000000100)="3cf6d2687b72c06fe232a3a4712ef5e9be0fd2a87bffafdc69c18e7a9112708276198d4dd74a14eacd01be0c49682dcdff8ae444acc5bec2f6a095c9a1c9c0bd5f1bb6c16d2c0a85c9e8b897607fa96d101b720bc3ba7534453795ae6858f468eb63ade261d8ea05421c09bdcf036b3f2e0cfc1c11341718d083c3d5af7e0d2d3e48f752e54e1e63a1596c9738026aaa7c65c30ba62b0e8bda017f612c92482090ba02f272933be35803921986906f0a2f28edf4c19761d0ae347d47b0d77961e00ddf8c6b660dcb346f4a8725dbd4f1bc80bbec10876086230111e9ee727485d576200c7281f0d620766e93c68c7815d8fd10aa1e94de5733de65fb7bfedfd0021adf93fe458bf9eae1beba691f828be8c06cd3d2a04b60ee373b2b88110a1a35453c566d3daaf9d5f2b141907d9d648fee877db444a802514016b0590046ccd11f58c6599baf612acdd57f546f23e9584b7d5dfab60d1274591cf7c61bff6c35fa24b6886da8e682e55bdc9f8867c94b321727cf64ddff84979d4f47dc1495f5196aa67b1d564d81684c153e52067c3d294e1009a14d77f180dfec41de4dd955560f89694c5f06cb4c420c9b800901b1cd7d42d37e8ac0abfef631d4f2f2a7dc66688f85c56d89ad62fde44fa9bae5cad9019109843586c30e6988d977e37a020013a52b6f2d8b9ba4d44543677862e601092b5161a088df854dd88c781ec483c17546433f1e38aa3c88b5423104bbee11d67e708eddcb7c55701c6e3685736997b85eae82a324d458830a2b2d230018b7fbe97d0a55bf17d26e879bc50b298365a3e78c51fe5308450eb4eddf29d435b1d609d73a4cccd9aa1b3a4a5b315fdf2ab4f8cfbb26f04417fe8d26bc04be7b07a3a0b6374a12a81160ecef0f0bdde2d980ee71e34fab0142a3e6b774a91420da5d166c39df4cee1632eedffe0f6598f3eabc3d1426175faa183f6beb4b5df4c861d243df80a53d60fbab6590e8f5655fb0df1bbd83cdddb5bcc534403221b3d9837ac39ddd3d0d7137ac625dd7f82dc22ce6e028e8d7df2fa6a18b442260dfc60bbad13afb088c1a0600d78b87081ce9f47bbe8c44f88b719fd468fb834eed70b536dda50fcd6d2884398dbc93e4c9ce9d41e57d5a123ac7dc96f8432841f42483c9e50e09c725e641717c9fb3f87638c36d6b6de075368665351413dae3279310c17c6ba831316d408ab3cdaf2bef1445d44f623437ad98658559cce719204cfe86981b1c14288042879f30d73903b75d11de603120045953f1698c749acc6a5634321ae6a0ec17f3fce7fd417a3379a1b7b11c9a0a1ac395865d02e767b11550e5734b269b71", 0x3b9}], 0x1) 13:08:26 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000005480)={0x0, 0x9, 0x0, 0x0, 0x0, "99decf35c75fa614"}) writev(r0, &(0x7f00000053c0)=[{&(0x7f0000000100)="3cf6d2687b72c06fe232a3a4712ef5e9be0fd2a87bffafdc69c18e7a9112708276198d4dd74a14eacd01be0c49682dcdff8ae444acc5bec2f6a095c9a1c9c0bd5f1bb6c16d2c0a85c9e8b897607fa96d101b720bc3ba7534453795ae6858f468eb63ade261d8ea05421c09bdcf036b3f2e0cfc1c11341718d083c3d5af7e0d2d3e48f752e54e1e63a1596c9738026aaa7c65c30ba62b0e8bda017f612c92482090ba02f272933be35803921986906f0a2f28edf4c19761d0ae347d47b0d77961e00ddf8c6b660dcb346f4a8725dbd4f1bc80bbec10876086230111e9ee727485d576200c7281f0d620766e93c68c7815d8fd10aa1e94de5733de65fb7bfedfd0021adf93fe458bf9eae1beba691f828be8c06cd3d2a04b60ee373b2b88110a1a35453c566d3daaf9d5f2b141907d9d648fee877db444a802514016b0590046ccd11f58c6599baf612acdd57f546f23e9584b7d5dfab60d1274591cf7c61bff6c35fa24b6886da8e682e55bdc9f8867c94b321727cf64ddff84979d4f47dc1495f5196aa67b1d564d81684c153e52067c3d294e1009a14d77f180dfec41de4dd955560f89694c5f06cb4c420c9b800901b1cd7d42d37e8ac0abfef631d4f2f2a7dc66688f85c56d89ad62fde44fa9bae5cad9019109843586c30e6988d977e37a020013a52b6f2d8b9ba4d44543677862e601092b5161a088df854dd88c781ec483c17546433f1e38aa3c88b5423104bbee11d67e708eddcb7c55701c6e3685736997b85eae82a324d458830a2b2d230018b7fbe97d0a55bf17d26e879bc50b298365a3e78c51fe5308450eb4eddf29d435b1d609d73a4cccd9aa1b3a4a5b315fdf2ab4f8cfbb26f04417fe8d26bc04be7b07a3a0b6374a12a81160ecef0f0bdde2d980ee71e34fab0142a3e6b774a91420da5d166c39df4cee1632eedffe0f6598f3eabc3d1426175faa183f6beb4b5df4c861d243df80a53d60fbab6590e8f5655fb0df1bbd83cdddb5bcc534403221b3d9837ac39ddd3d0d7137ac625dd7f82dc22ce6e028e8d7df2fa6a18b442260dfc60bbad13afb088c1a0600d78b87081ce9f47bbe8c44f88b719fd468fb834eed70b536dda50fcd6d2884398dbc93e4c9ce9d41e57d5a123ac7dc96f8432841f42483c9e50e09c725e641717c9fb3f87638c36d6b6de075368665351413dae3279310c17c6ba831316d408ab3cdaf2bef1445d44f623437ad98658559cce719204cfe86981b1c14288042879f30d73903b75d11de603120045953f1698c749acc6a5634321ae6a0ec17f3fce7fd417a3379a1b7b11c9a0a1ac395865d02e767b11550e5734b269b71", 0x3b9}], 0x1) [ 122.316399] audit: type=1400 audit(1756472906.589:8): avc: denied { open } for pid=3746 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.324685] audit: type=1400 audit(1756472906.589:9): avc: denied { kernel } for pid=3746 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.461137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.461785] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.593616] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.594193] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.070610] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.071258] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.135154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.135774] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.302095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.303009] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.413641] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.414261] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.705296] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 123.774330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.775279] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.814765] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.815347] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.027910] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.028499] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.063284] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.064082] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.454321] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.455339] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.500119] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.500848] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:08:29 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0) r1 = dup(r0) ioctl$VT_ACTIVATE(r1, 0x1267, 0x8000000000004) 13:08:29 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000005480)={0x0, 0x9, 0x0, 0x0, 0x0, "99decf35c75fa614"}) writev(r0, &(0x7f00000053c0)=[{&(0x7f0000000100)="3cf6d2687b72c06fe232a3a4712ef5e9be0fd2a87bffafdc69c18e7a9112708276198d4dd74a14eacd01be0c49682dcdff8ae444acc5bec2f6a095c9a1c9c0bd5f1bb6c16d2c0a85c9e8b897607fa96d101b720bc3ba7534453795ae6858f468eb63ade261d8ea05421c09bdcf036b3f2e0cfc1c11341718d083c3d5af7e0d2d3e48f752e54e1e63a1596c9738026aaa7c65c30ba62b0e8bda017f612c92482090ba02f272933be35803921986906f0a2f28edf4c19761d0ae347d47b0d77961e00ddf8c6b660dcb346f4a8725dbd4f1bc80bbec10876086230111e9ee727485d576200c7281f0d620766e93c68c7815d8fd10aa1e94de5733de65fb7bfedfd0021adf93fe458bf9eae1beba691f828be8c06cd3d2a04b60ee373b2b88110a1a35453c566d3daaf9d5f2b141907d9d648fee877db444a802514016b0590046ccd11f58c6599baf612acdd57f546f23e9584b7d5dfab60d1274591cf7c61bff6c35fa24b6886da8e682e55bdc9f8867c94b321727cf64ddff84979d4f47dc1495f5196aa67b1d564d81684c153e52067c3d294e1009a14d77f180dfec41de4dd955560f89694c5f06cb4c420c9b800901b1cd7d42d37e8ac0abfef631d4f2f2a7dc66688f85c56d89ad62fde44fa9bae5cad9019109843586c30e6988d977e37a020013a52b6f2d8b9ba4d44543677862e601092b5161a088df854dd88c781ec483c17546433f1e38aa3c88b5423104bbee11d67e708eddcb7c55701c6e3685736997b85eae82a324d458830a2b2d230018b7fbe97d0a55bf17d26e879bc50b298365a3e78c51fe5308450eb4eddf29d435b1d609d73a4cccd9aa1b3a4a5b315fdf2ab4f8cfbb26f04417fe8d26bc04be7b07a3a0b6374a12a81160ecef0f0bdde2d980ee71e34fab0142a3e6b774a91420da5d166c39df4cee1632eedffe0f6598f3eabc3d1426175faa183f6beb4b5df4c861d243df80a53d60fbab6590e8f5655fb0df1bbd83cdddb5bcc534403221b3d9837ac39ddd3d0d7137ac625dd7f82dc22ce6e028e8d7df2fa6a18b442260dfc60bbad13afb088c1a0600d78b87081ce9f47bbe8c44f88b719fd468fb834eed70b536dda50fcd6d2884398dbc93e4c9ce9d41e57d5a123ac7dc96f8432841f42483c9e50e09c725e641717c9fb3f87638c36d6b6de075368665351413dae3279310c17c6ba831316d408ab3cdaf2bef1445d44f623437ad98658559cce719204cfe86981b1c14288042879f30d73903b75d11de603120045953f1698c749acc6a5634321ae6a0ec17f3fce7fd417a3379a1b7b11c9a0a1ac395865d02e767b11550e5734b269b71", 0x3b9}], 0x1) 13:08:29 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{}, {0x0, 0x3}]}) 13:08:29 executing program 1: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = fork() ptrace(0x10, r1) ptrace$setregs(0xe, r1, 0x0, &(0x7f00000009c0)) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001a00)=[{{&(0x7f00000002c0)=@abs, 0x6e, &(0x7f0000001900)=[{&(0x7f00000003c0)=""/87, 0x57}, {&(0x7f0000000440)=""/216, 0xd8}, {&(0x7f0000000540)=""/255, 0xff}, {&(0x7f0000000640)=""/32, 0x20}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/84, 0x54}, {&(0x7f0000001700)=""/117, 0x75}, {&(0x7f0000001780)=""/140, 0x8c}, {&(0x7f0000001840)=""/162, 0xa2}], 0x9, &(0x7f00000019c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}], 0x20}}], 0x1, 0x40002001, &(0x7f0000001a40)={0x77359400}) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, 0x0}, &(0x7f0000008600)=0xc) setgroups(0x1, &(0x7f0000000340)=[r6]) getpgid(0xffffffffffffffff) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000001c00)={{0x1, r5, 0x0, r5, r3, 0x1, 0x7cf6}, 0x0, 0x0, 0x5, 0xfff, 0x7f, 0x1, 0x1, 0x100, 0x8, 0x6, r2, r2}) 13:08:29 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, 0x0, 0x0) 13:08:29 executing program 7: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r1, 0x0, 0x801, 0x0) read(r0, &(0x7f00000000c0)=""/126, 0x7e) 13:08:29 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040), 0x4) getsockopt$packet_buf(r0, 0x107, 0x12, 0x0, &(0x7f0000000240)) 13:08:29 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_int(r0, 0x0, 0x13, 0x0, &(0x7f0000000840)) 13:08:30 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, 0x0, 0x0) 13:08:30 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000040)=@FILEID_INO32_GEN={0x4}, 0x0) 13:08:30 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{}, {0x0, 0x3}]}) 13:08:30 executing program 7: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r1, 0x0, 0x801, 0x0) read(r0, &(0x7f00000000c0)=""/126, 0x7e) 13:08:30 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) fcntl$lock(r0, 0x26, &(0x7f0000000180)) fcntl$lock(r0, 0x26, &(0x7f0000000100)={0x2, 0x0, 0x4}) 13:08:30 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_int(r0, 0x0, 0x13, 0x0, &(0x7f0000000840)) 13:08:30 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040), 0x4) getsockopt$packet_buf(r0, 0x107, 0x12, 0x0, &(0x7f0000000240)) 13:08:30 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000005480)={0x0, 0x9, 0x0, 0x0, 0x0, "99decf35c75fa614"}) writev(r0, &(0x7f00000053c0)=[{&(0x7f0000000100)="3cf6d2687b72c06fe232a3a4712ef5e9be0fd2a87bffafdc69c18e7a9112708276198d4dd74a14eacd01be0c49682dcdff8ae444acc5bec2f6a095c9a1c9c0bd5f1bb6c16d2c0a85c9e8b897607fa96d101b720bc3ba7534453795ae6858f468eb63ade261d8ea05421c09bdcf036b3f2e0cfc1c11341718d083c3d5af7e0d2d3e48f752e54e1e63a1596c9738026aaa7c65c30ba62b0e8bda017f612c92482090ba02f272933be35803921986906f0a2f28edf4c19761d0ae347d47b0d77961e00ddf8c6b660dcb346f4a8725dbd4f1bc80bbec10876086230111e9ee727485d576200c7281f0d620766e93c68c7815d8fd10aa1e94de5733de65fb7bfedfd0021adf93fe458bf9eae1beba691f828be8c06cd3d2a04b60ee373b2b88110a1a35453c566d3daaf9d5f2b141907d9d648fee877db444a802514016b0590046ccd11f58c6599baf612acdd57f546f23e9584b7d5dfab60d1274591cf7c61bff6c35fa24b6886da8e682e55bdc9f8867c94b321727cf64ddff84979d4f47dc1495f5196aa67b1d564d81684c153e52067c3d294e1009a14d77f180dfec41de4dd955560f89694c5f06cb4c420c9b800901b1cd7d42d37e8ac0abfef631d4f2f2a7dc66688f85c56d89ad62fde44fa9bae5cad9019109843586c30e6988d977e37a020013a52b6f2d8b9ba4d44543677862e601092b5161a088df854dd88c781ec483c17546433f1e38aa3c88b5423104bbee11d67e708eddcb7c55701c6e3685736997b85eae82a324d458830a2b2d230018b7fbe97d0a55bf17d26e879bc50b298365a3e78c51fe5308450eb4eddf29d435b1d609d73a4cccd9aa1b3a4a5b315fdf2ab4f8cfbb26f04417fe8d26bc04be7b07a3a0b6374a12a81160ecef0f0bdde2d980ee71e34fab0142a3e6b774a91420da5d166c39df4cee1632eedffe0f6598f3eabc3d1426175faa183f6beb4b5df4c861d243df80a53d60fbab6590e8f5655fb0df1bbd83cdddb5bcc534403221b3d9837ac39ddd3d0d7137ac625dd7f82dc22ce6e028e8d7df2fa6a18b442260dfc60bbad13afb088c1a0600d78b87081ce9f47bbe8c44f88b719fd468fb834eed70b536dda50fcd6d2884398dbc93e4c9ce9d41e57d5a123ac7dc96f8432841f42483c9e50e09c725e641717c9fb3f87638c36d6b6de075368665351413dae3279310c17c6ba831316d408ab3cdaf2bef1445d44f623437ad98658559cce719204cfe86981b1c14288042879f30d73903b75d11de603120045953f1698c749acc6a5634321ae6a0ec17f3fce7fd417a3379a1b7b11c9a0a1ac395865d02e767b11550e5734b269b71", 0x3b9}], 0x1) [ 125.999187] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list 13:08:30 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040), 0x4) getsockopt$packet_buf(r0, 0x107, 0x12, 0x0, &(0x7f0000000240)) 13:08:30 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{}, {0x0, 0x3}]}) 13:08:30 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_int(r0, 0x0, 0x13, 0x0, &(0x7f0000000840)) 13:08:30 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000040)=@FILEID_INO32_GEN={0x4}, 0x0) 13:08:30 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, 0x0, 0x0) 13:08:30 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) link(&(0x7f0000000040)='./cgroup/cgroup.procs\x00', &(0x7f00000000c0)='./cgroup/cgroup.procs\x00') 13:08:30 executing program 4: openat$nvram(0xffffffffffffff9c, &(0x7f0000000980), 0x40000, 0x0) 13:08:30 executing program 3: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000001480)=[{&(0x7f00000000c0)="2b9f", 0x2}], 0x0, &(0x7f0000001540)={[{@numtail}, {@shortname_winnt}]}) 13:08:30 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000040)=@FILEID_INO32_GEN={0x4}, 0x0) 13:08:30 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) [ 126.354392] Oops: general protection fault, probably for non-canonical address 0xfe001bea7e001ff0: 0000 [#1] SMP KASAN NOPTI [ 126.356026] KASAN: maybe wild-memory-access in range [0xf000ff53f000ff80-0xf000ff53f000ff87] [ 126.357223] CPU: 1 UID: 0 PID: 3961 Comm: syz-executor.3 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.362514] Tainted: [W]=WARN [ 126.362988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.364153] RIP: 0010:perf_trace_lock_acquire+0x9a/0x700 [ 126.364947] Code: ff c7 00 f1 f1 f1 f1 c7 40 04 f1 f1 04 f2 c7 40 08 00 f3 f3 f3 65 48 8b 05 6b 4c 33 06 48 89 45 d0 31 c0 4c 89 e0 48 c1 e8 03 <80> 3c 10 00 0f 85 80 04 00 00 48 8b 85 50 ff ff ff 4c 89 95 48 ff [ 126.367524] RSP: 0018:ffff88801c1ef258 EFLAGS: 00010016 [ 126.368285] RAX: 1e001fea7e001ff0 RBX: 1ffff1100383de54 RCX: 0000000000000000 [ 126.369308] RDX: dffffc0000000000 RSI: f000ff53f000ff6b RDI: ffffffff85b23640 [ 126.370321] RBP: ffff88801c1ef348 R08: 0000000000000000 R09: 0000000000000001 [ 126.371349] R10: ffffffff85b23640 R11: 0000000000000001 R12: f000ff53f000ff83 [ 126.372371] R13: ffff88801c1ef320 R14: 0000000000000000 R15: ffff888044c41000 [ 126.373386] FS: 00007f2e682d0700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.374531] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.375373] CR2: 00007f2e682d1000 CR3: 0000000043c47000 CR4: 0000000000350ef0 [ 126.376396] Call Trace: [ 126.376774] [ 126.377107] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.377807] ? loop_queue_rq+0x6f8/0x1180 [ 126.378417] ? __blk_mq_issue_directly+0xd5/0x260 [ 126.379136] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 126.379906] ? vfs_get_tree+0x12/0x340 [ 126.380491] lock_acquire+0xc5/0x2f0 [ 126.381041] ? __queue_work+0x27d/0x1240 [ 126.381635] ? lock_is_held_type+0x9e/0x120 [ 126.382277] _raw_spin_lock+0x2b/0x40 [ 126.382844] ? __queue_work+0x27d/0x1240 [ 126.383435] __queue_work+0x27d/0x1240 [ 126.384003] ? find_held_lock+0x2b/0x80 [ 126.384590] queue_work_on+0xd0/0xe0 [ 126.385161] loop_queue_rq+0x5c8/0x1180 [ 126.385745] __blk_mq_issue_directly+0xd5/0x260 [ 126.386435] ? __pfx___blk_mq_issue_directly+0x10/0x10 [ 126.387207] ? bdev_count_inflight_rw.part.0+0x5f/0x380 [ 126.387985] blk_mq_request_issue_directly+0x11c/0x1e0 [ 126.388737] blk_mq_issue_direct+0x192/0x640 [ 126.389383] blk_mq_dispatch_queue_requests+0x4b0/0x7c0 [ 126.390153] blk_mq_flush_plug_list+0x1ec/0x5b0 [ 126.390837] ? read_tsc+0x9/0x20 [ 126.391340] ? ktime_get+0x16d/0x270 [ 126.391889] ? trace_block_plug+0x149/0x1b0 [ 126.392528] ? blk_add_rq_to_plug+0x234/0x550 [ 126.393188] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 126.393937] ? blk_mq_submit_bio+0x4fd/0x2220 [ 126.394596] __blk_flush_plug+0x25c/0x460 [ 126.395208] ? __pfx___blk_flush_plug+0x10/0x10 [ 126.395888] __submit_bio+0x480/0x5b0 [ 126.396440] ? __pfx___submit_bio+0x10/0x10 [ 126.397071] ? read_tsc+0x9/0x20 [ 126.397571] ? ktime_get+0x16d/0x270 [ 126.398120] submit_bio_noacct_nocheck+0x68e/0xcb0 [ 126.398844] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 126.399632] submit_bio_noacct+0x359/0x1350 [ 126.400277] __bread_gfp+0x18b/0x3c0 [ 126.400829] fat_fill_super+0x5e1/0x3fd0 [ 126.401434] ? __pfx_setup+0x10/0x10 [ 126.401975] ? __pfx_fat_fill_super+0x10/0x10 [ 126.402645] ? snprintf+0xbe/0x100 [ 126.403190] ? __pfx_snprintf+0x10/0x10 [ 126.403779] ? find_held_lock+0x2b/0x80 [ 126.404371] ? setup_bdev_super+0x2ed/0x6e0 [ 126.405009] ? set_blocksize+0x1b4/0x470 [ 126.405600] ? lock_release+0xc8/0x290 [ 126.406173] ? sb_set_blocksize+0x177/0x1c0 [ 126.406806] ? setup_bdev_super+0x31f/0x6e0 [ 126.407442] get_tree_bdev_flags+0x38a/0x620 [ 126.408096] ? __pfx_vfat_fill_super+0x10/0x10 [ 126.408754] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 126.409460] ? cap_capable+0xdb/0x3b0 [ 126.410022] ? security_capable+0x2f/0x90 [ 126.410638] vfs_get_tree+0x93/0x340 [ 126.411207] path_mount+0x132d/0x1dd0 [ 126.411768] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.412519] ? __pfx_path_mount+0x10/0x10 [ 126.413120] ? kmem_cache_free+0x2a1/0x540 [ 126.413726] ? putname.part.0+0x11b/0x160 [ 126.414336] ? getname_flags.part.0+0x1c6/0x540 [ 126.415029] ? putname.part.0+0x11b/0x160 [ 126.415639] __x64_sys_mount+0x27b/0x300 [ 126.416234] ? __pfx___x64_sys_mount+0x10/0x10 [ 126.416910] do_syscall_64+0xbf/0x360 [ 126.417465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.418204] RIP: 0033:0x7f2e6ad5c04a [ 126.418746] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.421328] RSP: 002b:00007f2e682cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 126.422410] RAX: ffffffffffffffda RBX: 0000000020001480 RCX: 00007f2e6ad5c04a [ 126.423435] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 00007f2e682d0000 [ 126.424448] RBP: 00007f2e682d0040 R08: 00007f2e682d0040 R09: 0000000020000040 [ 126.425463] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000040 [ 126.426482] R13: 0000000020000080 R14: 00007f2e682d0000 R15: 0000000020001540 [ 126.427510] [ 126.427858] Modules linked in: [ 126.428327] ---[ end trace 0000000000000000 ]--- [ 126.429004] RIP: 0010:perf_trace_lock_acquire+0x9a/0x700 [ 126.429786] Code: ff c7 00 f1 f1 f1 f1 c7 40 04 f1 f1 04 f2 c7 40 08 00 f3 f3 f3 65 48 8b 05 6b 4c 33 06 48 89 45 d0 31 c0 4c 89 e0 48 c1 e8 03 <80> 3c 10 00 0f 85 80 04 00 00 48 8b 85 50 ff ff ff 4c 89 95 48 ff [ 126.432373] RSP: 0018:ffff88801c1ef258 EFLAGS: 00010016 [ 126.433143] RAX: 1e001fea7e001ff0 RBX: 1ffff1100383de54 RCX: 0000000000000000 [ 126.434155] RDX: dffffc0000000000 RSI: f000ff53f000ff6b RDI: ffffffff85b23640 [ 126.435211] RBP: ffff88801c1ef348 R08: 0000000000000000 R09: 0000000000000001 [ 126.436232] R10: ffffffff85b23640 R11: 0000000000000001 R12: f000ff53f000ff83 [ 126.437260] R13: ffff88801c1ef320 R14: 0000000000000000 R15: ffff888044c41000 [ 126.438273] FS: 00007f2e682d0700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.439419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.440260] CR2: 00007f2e682d1000 CR3: 0000000043c47000 CR4: 0000000000350ef0 [ 126.441284] note: syz-executor.3[3961] exited with irqs disabled [ 126.444322] note: syz-executor.3[3961] exited with preempt_count 3 [ 126.446674] ------------[ cut here ]------------ [ 126.447374] WARNING: kernel/exit.c:898 at do_exit+0x1c36/0x2970, CPU#1: syz-executor.3/3961 [ 126.448637] Modules linked in: [ 126.449120] CPU: 1 UID: 0 PID: 3961 Comm: syz-executor.3 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.450865] Tainted: [D]=DIE, [W]=WARN [ 126.451429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.452633] RIP: 0010:do_exit+0x1c36/0x2970 [ 126.453288] Code: 96 0a 00 00 c7 43 18 00 00 00 00 e9 21 e6 ff ff e8 bf a4 38 00 bf 02 24 00 00 e8 f5 ab 0b 00 e9 41 ff ff ff e8 ab a4 38 00 90 <0f> 0b 90 e9 87 e4 ff ff e8 9d a4 38 00 4c 89 e6 bf 05 06 00 00 e8 [ 126.455947] RSP: 0018:ffff88801c1efe40 EFLAGS: 00010246 [ 126.456760] RAX: 0000000000040000 RBX: 0000000000000200 RCX: ffffc9000e24e000 [ 126.457824] RDX: 0000000000040000 RSI: ffffffff813b42d5 RDI: ffff888044fa11e8 [ 126.458900] RBP: ffff888044fa0000 R08: 0000000000000001 R09: fffffbfff0f11cd8 [ 126.459959] R10: 0000000000000200 R11: 0000000000000001 R12: 000000000000000b [ 126.461021] R13: 0000000000002710 R14: fe001bea7e001ff0 R15: 0000000000000000 [ 126.462081] FS: 00007f2e682d0700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.463291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.464171] CR2: 00007f2e682d1000 CR3: 0000000043c47000 CR4: 0000000000350ef0 [ 126.465235] Call Trace: [ 126.465649] [ 126.465998] ? _printk+0xbe/0xf0 [ 126.466512] ? __pfx__printk+0x10/0x10 [ 126.467139] ? __pfx_do_exit+0x10/0x10 [ 126.467765] make_task_dead+0x174/0x3b0 [ 126.468355] ? do_syscall_64+0xbf/0x360 [ 126.468975] rewind_stack_and_make_dead+0x16/0x20 [ 126.469720] RIP: 0033:0x7f2e6ad5c04a [ 126.470274] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.475167] RSP: 002b:00007f2e682cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 126.477728] RAX: ffffffffffffffda RBX: 0000000020001480 RCX: 00007f2e6ad5c04a [ 126.478822] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 00007f2e682d0000 [ 126.479917] RBP: 00007f2e682d0040 R08: 00007f2e682d0040 R09: 0000000020000040 [ 126.480975] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000040 [ 126.482050] R13: 0000000020000080 R14: 00007f2e682d0000 R15: 0000000020001540 [ 126.483128] [ 126.483479] irq event stamp: 1486 [ 126.484014] hardirqs last enabled at (1485): [] _raw_spin_unlock_irqrestore+0x2c/0x50 [ 126.485417] hardirqs last disabled at (1486): [] _raw_spin_lock_irq+0x42/0x50 [ 126.486695] softirqs last enabled at (1478): [] handle_softirqs+0x50c/0x770 [ 126.488008] softirqs last disabled at (1353): [] __irq_exit_rcu+0xc4/0x100 [ 126.489291] ---[ end trace 0000000000000000 ]--- [ 126.490012] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51 [ 126.491347] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 3961, name: syz-executor.3 [ 126.492617] preempt_count: 0, expected: 0 [ 126.493231] RCU nest depth: 2, expected: 0 [ 126.493867] INFO: lockdep is turned off. [ 126.494460] CPU: 1 UID: 0 PID: 3961 Comm: syz-executor.3 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.494494] Tainted: [D]=DIE, [W]=WARN [ 126.494501] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.494512] Call Trace: [ 126.494519] [ 126.494527] dump_stack_lvl+0xfa/0x120 [ 126.494563] __might_resched+0x2f3/0x510 [ 126.494594] exit_signals+0x25/0x940 [ 126.494627] do_exit+0x2db/0x2970 [ 126.494650] ? _printk+0xbe/0xf0 [ 126.494671] ? __pfx__printk+0x10/0x10 [ 126.494696] ? __pfx_do_exit+0x10/0x10 [ 126.494725] make_task_dead+0x174/0x3b0 [ 126.494748] ? do_syscall_64+0xbf/0x360 [ 126.494767] rewind_stack_and_make_dead+0x16/0x20 [ 126.494804] RIP: 0033:0x7f2e6ad5c04a [ 126.494819] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.494839] RSP: 002b:00007f2e682cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 126.494859] RAX: ffffffffffffffda RBX: 0000000020001480 RCX: 00007f2e6ad5c04a [ 126.494873] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 00007f2e682d0000 [ 126.494886] RBP: 00007f2e682d0040 R08: 00007f2e682d0040 R09: 0000000020000040 [ 126.494899] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000040 [ 126.494912] R13: 0000000020000080 R14: 00007f2e682d0000 R15: 0000000020001540 [ 126.494935] 13:08:30 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_buf(r0, 0x107, 0x5, &(0x7f0000000a40)="ae3407b39ef8e7d5a8be81e0252b66c9", 0x10) [ 126.823170] kmemleak: Found object by alias at 0x607f1a63947c [ 126.823193] CPU: 0 UID: 0 PID: 3945 Comm: syz-executor.7 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.823214] Tainted: [D]=DIE, [W]=WARN [ 126.823218] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.823225] Call Trace: [ 126.823229] [ 126.823233] dump_stack_lvl+0xca/0x120 [ 126.823258] __lookup_object+0x94/0xb0 [ 126.823275] delete_object_full+0x27/0x70 [ 126.823290] free_percpu+0x30/0x1160 [ 126.823307] ? arch_uprobe_clear_state+0x16/0x140 [ 126.823326] futex_hash_free+0x38/0xc0 [ 126.823340] mmput+0x2d3/0x390 [ 126.823362] do_exit+0x79d/0x2970 [ 126.823376] ? lock_release+0x1c7/0x290 [ 126.823392] ? __pfx_do_exit+0x10/0x10 [ 126.823404] ? do_raw_spin_lock+0x123/0x260 [ 126.823419] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 126.823436] do_group_exit+0xd3/0x2a0 [ 126.823449] get_signal+0x2315/0x2340 [ 126.823471] ? __pfx_get_signal+0x10/0x10 [ 126.823486] ? do_futex+0x135/0x370 [ 126.823499] ? __pfx_do_futex+0x10/0x10 [ 126.823513] arch_do_signal_or_restart+0x80/0x790 [ 126.823530] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 126.823545] ? __x64_sys_futex+0x1c9/0x4d0 [ 126.823557] ? __x64_sys_futex+0x1d2/0x4d0 [ 126.823571] ? __pfx___x64_sys_futex+0x10/0x10 [ 126.823583] ? ksys_read+0x1a3/0x240 [ 126.823594] ? xfd_validate_state+0x55/0x180 [ 126.823610] ? __pfx_ksys_read+0x10/0x10 [ 126.823623] exit_to_user_mode_loop+0x8b/0x110 [ 126.823636] do_syscall_64+0x2f7/0x360 [ 126.823647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.823659] RIP: 0033:0x7f13d3312b19 [ 126.823668] Code: Unable to access opcode bytes at 0x7f13d3312aef. [ 126.823673] RSP: 002b:00007f13d0867218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.823684] RAX: fffffffffffffe00 RBX: 00007f13d3426028 RCX: 00007f13d3312b19 [ 126.823692] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f13d3426028 [ 126.823699] RBP: 00007f13d3426020 R08: 0000000000000000 R09: 0000000000000000 [ 126.823706] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f13d342602c [ 126.823712] R13: 00007ffd89da8daf R14: 00007f13d0867300 R15: 0000000000022000 [ 126.823725] [ 126.823729] kmemleak: Object (percpu) 0x607f1a639478 (size 8): [ 126.823735] kmemleak: comm "syz-executor.3", pid 3961, jiffies 4294793138 [ 126.823742] kmemleak: min_count = 1 [ 126.823746] kmemleak: count = 0 [ 126.823750] kmemleak: flags = 0x21 [ 126.823754] kmemleak: checksum = 0 [ 126.823757] kmemleak: backtrace: [ 126.823761] pcpu_alloc_noprof+0x87a/0x1170 [ 126.823775] percpu_ref_init+0x37/0x400 [ 126.823793] blkg_alloc+0xe9/0x7d0 [ 126.823805] blkg_create+0xe08/0x1420 [ 126.823817] bio_associate_blkg_from_css+0xe06/0x1380 [ 126.823830] bio_associate_blkg+0x10e/0x2a0 [ 126.823842] bio_init+0x2dd/0x570 [ 126.823854] bio_alloc_bioset+0x2cf/0x8c0 [ 126.823868] submit_bh_wbc+0x286/0x720 [ 126.823884] __bread_gfp+0x18b/0x3c0 [ 126.823895] fat_fill_super+0x5e1/0x3fd0 [ 126.823911] get_tree_bdev_flags+0x38a/0x620 [ 126.823922] vfs_get_tree+0x93/0x340 [ 126.823936] path_mount+0x132d/0x1dd0 [ 126.823948] __x64_sys_mount+0x27b/0x300 [ 126.823959] do_syscall_64+0xbf/0x360 13:08:31 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 13:08:31 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000040)=@FILEID_INO32_GEN={0x4}, 0x0) 13:08:31 executing program 5: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$RNDCLEARPOOL(r0, 0x5206, 0x0) 13:08:31 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 13:08:31 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000040)=@mgmt_frame=@beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36) 13:08:31 executing program 7: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r1, 0x0, 0x801, 0x0) read(r0, &(0x7f00000000c0)=""/126, 0x7e) 13:08:31 executing program 3: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000001480)=[{&(0x7f00000000c0)="2b9f", 0x2}], 0x0, &(0x7f0000001540)={[{@numtail}, {@shortname_winnt}]}) 13:08:31 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) 13:08:31 executing program 5: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$RNDCLEARPOOL(r0, 0x5206, 0x0) 13:08:31 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) [ 127.245105] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 13:08:31 executing program 3: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000001480)=[{&(0x7f00000000c0)="2b9f", 0x2}], 0x0, &(0x7f0000001540)={[{@numtail}, {@shortname_winnt}]}) 13:08:31 executing program 5: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$RNDCLEARPOOL(r0, 0x5206, 0x0) 13:08:31 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 13:08:31 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x1c}}, 0x0) 13:08:31 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x1000}, 0x4) close(r0) [ 127.553086] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 13:08:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 13:08:32 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x1c}}, 0x0) 13:08:32 executing program 3: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000001480)=[{&(0x7f00000000c0)="2b9f", 0x2}], 0x0, &(0x7f0000001540)={[{@numtail}, {@shortname_winnt}]}) 13:08:32 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 13:08:32 executing program 5: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$RNDCLEARPOOL(r0, 0x5206, 0x0) 13:08:32 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x1000}, 0x4) close(r0) 13:08:32 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000040)=@mgmt_frame=@beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36) 13:08:32 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000040)=@mgmt_frame=@beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36) [ 128.099380] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 128.104954] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 128.106887] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 128.108405] CPU: 1 UID: 0 PID: 4015 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.110462] Tainted: [D]=DIE, [W]=WARN [ 128.111170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.112613] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.113460] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.116322] RSP: 0018:ffff888046107800 EFLAGS: 00010212 [ 128.117077] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900031f6000 [ 128.118089] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 128.119115] RBP: ffff888046107a70 R08: ffff88806cf31340 R09: ffffe8ffffd15c18 [ 128.120128] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 128.121140] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.122155] FS: 00007f06d6230700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.123317] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.124146] CR2: 00007f06d8dce018 CR3: 000000000d313000 CR4: 0000000000350ef0 [ 128.125167] Call Trace: [ 128.125542] [ 128.125872] ? perf_swevent_event+0x63/0x3f0 [ 128.126527] ? __pfx_perf_tp_event+0x10/0x10 [ 128.127196] ? __pfx_perf_tp_event+0x10/0x10 [ 128.127839] ? local_clock_noinstr+0xf/0xc0 [ 128.128469] ? perf_trace_lock+0xb5/0x5d0 [ 128.129069] ? perf_trace_lock+0xb5/0x5d0 [ 128.129669] ? __pfx_perf_trace_lock+0x10/0x10 [ 128.130336] ? __pfx_perf_trace_lock+0x10/0x10 [ 128.131014] ? perf_ctx_unlock+0x73/0x160 [ 128.131615] ? __perf_install_in_context+0x503/0xb90 [ 128.132355] ? lock_release+0x1c7/0x290 [ 128.132936] ? do_raw_spin_unlock+0x53/0x220 [ 128.133584] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.134313] perf_trace_run_bpf_submit+0xef/0x180 [ 128.135033] perf_trace_lock+0x337/0x5d0 [ 128.135623] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 128.136385] ? __pfx_perf_trace_lock+0x10/0x10 [ 128.137044] ? perf_trace_lock+0xb5/0x5d0 [ 128.137654] ? lock_acquire+0xc5/0x2f0 [ 128.138223] ? futex_ref_get+0x114/0x300 [ 128.138821] ? futex_hash+0x15c/0x390 [ 128.139381] lock_release+0x1ab/0x290 [ 128.139942] ? futex_hash+0x15c/0x390 [ 128.140495] futex_ref_get+0x119/0x300 [ 128.141076] ? futex_hash+0x15c/0x390 [ 128.141639] futex_hash+0x70/0x390 [ 128.142164] futex_wake+0x143/0x540 [ 128.142702] ? __pfx_perf_trace_lock+0x10/0x10 [ 128.143389] ? lock_acquire+0xc5/0x2f0 [ 128.143955] ? __pfx_futex_wake+0x10/0x10 [ 128.144569] ? lock_release+0x1c7/0x290 [ 128.145148] ? fd_install+0x1f0/0x660 [ 128.145715] do_futex+0x26d/0x370 [ 128.146242] ? __pfx_do_futex+0x10/0x10 [ 128.146851] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 128.147624] ? handle_mm_fault+0x590/0x9b0 [ 128.148257] __x64_sys_futex+0x1c9/0x4d0 [ 128.148860] ? __pfx___x64_sys_futex+0x10/0x10 [ 128.149536] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 128.150297] do_syscall_64+0xbf/0x360 [ 128.150859] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.151617] RIP: 0033:0x7f06d8cbab19 [ 128.152155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.154727] RSP: 002b:00007f06d6230218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.155814] RAX: ffffffffffffffda RBX: 00007f06d8dcdf68 RCX: 00007f06d8cbab19 [ 128.156830] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f06d8dcdf6c [ 128.157832] RBP: 00007f06d8dcdf60 R08: 000000000000000e R09: 0000000000000000 [ 128.158872] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f06d8dcdf6c [ 128.159893] R13: 00007ffe276ac1ff R14: 00007f06d6230300 R15: 0000000000022000 [ 128.160922] [ 128.161276] Modules linked in: [ 128.161805] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#3] SMP KASAN NOPTI [ 128.163399] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 128.164636] CPU: 1 UID: 0 PID: 4015 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.166331] Tainted: [D]=DIE, [W]=WARN [ 128.166887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.168069] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.168751] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.171337] RSP: 0018:ffff88806cf08b40 EFLAGS: 00010012 [ 128.172096] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 128.173118] RDX: ffff888043ebd280 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 128.174136] RBP: ffff88806cf08db0 R08: ffff88806cf31490 R09: ffffe8ffffd15c18 [ 128.175170] R10: 0000000000000000 R11: ffff88806cf08ff8 R12: dffffc0000000000 [ 128.176190] R13: 0000000000000024 R14: ffff88806cf31490 R15: dffffc0000000000 [ 128.177214] FS: 00007f06d6230700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.178359] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.179198] CR2: 00007f06d8dce018 CR3: 000000000d313000 CR4: 0000000000350ef0 [ 128.180229] Call Trace: [ 128.180612] [ 128.180933] ? stack_depot_save_flags+0x2c/0xa20 [ 128.181634] ? __pfx_perf_tp_event+0x10/0x10 [ 128.182277] ? kasan_save_track+0x14/0x30 [ 128.182892] ? handle_softirqs+0x1b1/0x770 [ 128.183512] ? __irq_exit_rcu+0xc4/0x100 [ 128.184100] ? irq_exit_rcu+0x9/0x20 [ 128.184641] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 128.185374] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.186149] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 128.186932] ? __text_poke+0x3fd/0x860 [ 128.187511] ? smp_text_poke_batch_finish+0x326/0xb50 [ 128.188252] ? arch_jump_label_transform_apply+0x1c/0x30 [ 128.189034] ? jump_label_update+0x376/0x550 [ 128.189681] ? static_key_enable_cpuslocked+0x1b7/0x270 [ 128.190452] ? static_key_enable+0x1a/0x20 [ 128.191081] ? tracepoint_add_func+0xaf2/0xec0 [ 128.191746] ? tracepoint_probe_register+0xa4/0xf0 [ 128.192455] ? trace_event_reg+0x297/0x350 [ 128.193074] ? perf_trace_event_init+0x511/0xa10 [ 128.193757] ? perf_trace_init+0x1a4/0x2f0 [ 128.194370] ? perf_tp_event_init+0xa6/0x120 [ 128.195031] ? perf_try_init_event+0x140/0x9f0 [ 128.195695] ? perf_event_alloc.part.0+0x118e/0x45f0 [ 128.196435] ? __do_sys_perf_event_open+0x719/0x2c20 [ 128.197178] ? do_syscall_64+0xbf/0x360 [ 128.197760] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.198515] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.199223] ? lock_acquire+0xc5/0x2f0 [ 128.199795] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.200500] ? perf_trace_lock+0xb5/0x5d0 [ 128.201103] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 128.201864] ? perf_trace_lock+0xb5/0x5d0 [ 128.202468] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 128.203246] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.203970] ? kasan_quarantine_put+0x84/0x1e0 [ 128.204639] perf_trace_run_bpf_submit+0xef/0x180 [ 128.205351] perf_trace_lock+0x337/0x5d0 [ 128.205953] ? __pfx_perf_trace_lock+0x10/0x10 [ 128.206622] ? lock_acquire+0x18c/0x2f0 [ 128.207214] ? __pfx_rcu_core+0x10/0x10 [ 128.207807] ? clockevents_program_event+0x135/0x360 [ 128.208558] ? __flush_smp_call_function_queue+0x38b/0x740 [ 128.209375] lock_release+0x1ab/0x290 [ 128.209934] _raw_spin_unlock_irqrestore+0x1a/0x50 [ 128.210645] ? __pfx_rcu_exp_handler+0x10/0x10 [ 128.211321] __flush_smp_call_function_queue+0x38b/0x740 [ 128.212126] __sysvec_call_function_single+0x6d/0x370 [ 128.212886] sysvec_call_function_single+0xa1/0xc0 [ 128.213601] [ 128.213935] [ 128.214269] asm_sysvec_call_function_single+0x1a/0x20 [ 128.215039] RIP: 0010:oops_exit+0x0/0x50 [ 128.215639] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27 [ 128.218218] RSP: 0018:ffff888046107690 EFLAGS: 00000202 [ 128.218995] RAX: 000000000002e726 RBX: 0000000000000212 RCX: ffffc900031f6000 [ 128.220009] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 128.221018] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90 [ 128.222043] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888046107758 [ 128.223071] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000 [ 128.224122] ? oops_end+0x4a/0xe0 [ 128.224653] oops_end+0x65/0xe0 [ 128.225145] exc_general_protection+0x1a2/0x330 [ 128.225832] asm_exc_general_protection+0x26/0x30 [ 128.226530] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.227219] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.229803] RSP: 0018:ffff888046107800 EFLAGS: 00010212 [ 128.230561] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900031f6000 [ 128.231580] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 128.232616] RBP: ffff888046107a70 R08: ffff88806cf31340 R09: ffffe8ffffd15c18 [ 128.233646] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 128.234665] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.235696] ? perf_tp_event+0x167/0xe70 [ 128.236293] ? perf_swevent_event+0x63/0x3f0 [ 128.236948] ? __pfx_perf_tp_event+0x10/0x10 [ 128.237586] ? __pfx_perf_tp_event+0x10/0x10 [ 128.238220] ? local_clock_noinstr+0xf/0xc0 [ 128.238871] ? perf_trace_lock+0xb5/0x5d0 [ 128.239470] ? perf_trace_lock+0xb5/0x5d0 [ 128.240071] ? __pfx_perf_trace_lock+0x10/0x10 [ 128.240727] ? __pfx_perf_trace_lock+0x10/0x10 [ 128.241402] ? perf_ctx_unlock+0x73/0x160 [ 128.242003] ? __perf_install_in_context+0x503/0xb90 [ 128.242736] ? lock_release+0x1c7/0x290 [ 128.243325] ? do_raw_spin_unlock+0x53/0x220 [ 128.243979] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.244703] perf_trace_run_bpf_submit+0xef/0x180 [ 128.245411] perf_trace_lock+0x337/0x5d0 [ 128.246003] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 128.246761] ? __pfx_perf_trace_lock+0x10/0x10 [ 128.247432] ? perf_trace_lock+0xb5/0x5d0 [ 128.248048] ? lock_acquire+0xc5/0x2f0 [ 128.248623] ? futex_ref_get+0x114/0x300 [ 128.249225] ? futex_hash+0x15c/0x390 [ 128.249791] lock_release+0x1ab/0x290 [ 128.250354] ? futex_hash+0x15c/0x390 [ 128.250919] futex_ref_get+0x119/0x300 [ 128.251486] ? futex_hash+0x15c/0x390 [ 128.252046] futex_hash+0x70/0x390 [ 128.252572] futex_wake+0x143/0x540 [ 128.253106] ? __pfx_perf_trace_lock+0x10/0x10 [ 128.253775] ? lock_acquire+0xc5/0x2f0 [ 128.254340] ? __pfx_futex_wake+0x10/0x10 [ 128.254951] ? lock_release+0x1c7/0x290 [ 128.255523] ? fd_install+0x1f0/0x660 [ 128.256074] do_futex+0x26d/0x370 [ 128.256583] ? __pfx_do_futex+0x10/0x10 [ 128.257161] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 128.257920] ? handle_mm_fault+0x590/0x9b0 [ 128.258545] __x64_sys_futex+0x1c9/0x4d0 [ 128.259149] ? __pfx___x64_sys_futex+0x10/0x10 [ 128.259813] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 128.260568] do_syscall_64+0xbf/0x360 [ 128.261119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.261872] RIP: 0033:0x7f06d8cbab19 [ 128.262416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.264989] RSP: 002b:00007f06d6230218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.266060] RAX: ffffffffffffffda RBX: 00007f06d8dcdf68 RCX: 00007f06d8cbab19 [ 128.267085] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f06d8dcdf6c [ 128.268096] RBP: 00007f06d8dcdf60 R08: 000000000000000e R09: 0000000000000000 [ 128.269102] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f06d8dcdf6c [ 128.270117] R13: 00007ffe276ac1ff R14: 00007f06d6230300 R15: 0000000000022000 [ 128.271147] [ 128.271494] Modules linked in: [ 128.271965] ---[ end trace 0000000000000000 ]--- [ 128.272630] RIP: 0010:perf_trace_lock_acquire+0x9a/0x700 [ 128.273402] Code: ff c7 00 f1 f1 f1 f1 c7 40 04 f1 f1 04 f2 c7 40 08 00 f3 f3 f3 65 48 8b 05 6b 4c 33 06 48 89 45 d0 31 c0 4c 89 e0 48 c1 e8 03 <80> 3c 10 00 0f 85 80 04 00 00 48 8b 85 50 ff ff ff 4c 89 95 48 ff [ 128.276021] RSP: 0018:ffff88801c1ef258 EFLAGS: 00010016 [ 128.276801] RAX: 1e001fea7e001ff0 RBX: 1ffff1100383de54 RCX: 0000000000000000 [ 128.277833] RDX: dffffc0000000000 RSI: f000ff53f000ff6b RDI: ffffffff85b23640 [ 128.278858] RBP: ffff88801c1ef348 R08: 0000000000000000 R09: 0000000000000001 [ 128.279873] R10: ffffffff85b23640 R11: 0000000000000001 R12: f000ff53f000ff83 [ 128.280892] R13: ffff88801c1ef320 R14: 0000000000000000 R15: ffff888044c41000 [ 128.281909] FS: 00007f06d6230700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.283062] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.283893] CR2: 00007f06d8dce018 CR3: 000000000d313000 CR4: 0000000000350ef0 [ 128.284909] Kernel panic - not syncing: Fatal exception in interrupt [ 129.363504] Shutting down cpus with NMI [ 129.364038] Kernel Offset: disabled [ 129.364340] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 13:08:30 Registers: info registers vcpu 0 RAX=1ffffffff0b0924a RBX=000000000000786a RCX=ffffffff819cd6f7 RDX=dffffc0000000000 RSI=ffffffff819cd734 RDI=0000000000000006 RBP=1ffff1100348fec5 RSP=ffff88801a47f620 R8 =0000000000000000 R9 =fffff940001a89d8 R10=000000000000786a R11=0000000000000000 R12=ffffea0000d44f00 R13=ffff88800dc89a00 R14=00007f95583c8000 R15=000000000007ffdf RIP=ffffffff8173e788 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055555d9e4400 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe0100000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020000040 CR3=000000003c071000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f13d33f97c000007f13d33f97c8 XMM02=00007f13d33f97e000007f13d33f97c0 XMM03=00007f13d33f97c800007f13d33f97c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff88801c1eebb0 R8 =0000000000000000 R9 =ffffed1001756046 R10=000000000000003a R11=552031203a555043 R12=000000000000003a R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f2e682d0700 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe7400000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2e682d1000 CR3=0000000043c47000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000003fdd9bb4c9b79419 XMM02=0000000000000000411bda0800000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000