Warning: Permanently added '[localhost]:37407' (ECDSA) to the list of known hosts.
2025/08/29 11:29:22 fuzzer started
2025/08/29 11:29:23 dialing manager at localhost:43077
syzkaller login: [   53.341075] cgroup: Unknown subsys name 'net'
[   53.420257] cgroup: Unknown subsys name 'cpuset'
[   53.447601] cgroup: Unknown subsys name 'rlimit'
2025/08/29 11:29:33 syscalls: 2214
2025/08/29 11:29:33 code coverage: enabled
2025/08/29 11:29:33 comparison tracing: enabled
2025/08/29 11:29:33 extra coverage: enabled
2025/08/29 11:29:33 setuid sandbox: enabled
2025/08/29 11:29:33 namespace sandbox: enabled
2025/08/29 11:29:33 Android sandbox: enabled
2025/08/29 11:29:33 fault injection: enabled
2025/08/29 11:29:33 leak checking: enabled
2025/08/29 11:29:33 net packet injection: enabled
2025/08/29 11:29:33 net device setup: enabled
2025/08/29 11:29:33 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 11:29:33 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 11:29:33 USB emulation: enabled
2025/08/29 11:29:33 hci packet injection: enabled
2025/08/29 11:29:33 wifi device emulation: enabled
2025/08/29 11:29:33 802.15.4 emulation: enabled
2025/08/29 11:29:33 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 11:29:33 fetching corpus: 50, signal 23375/26893 (executing program)
2025/08/29 11:29:34 fetching corpus: 100, signal 33570/38560 (executing program)
2025/08/29 11:29:34 fetching corpus: 150, signal 39372/45713 (executing program)
2025/08/29 11:29:34 fetching corpus: 200, signal 46319/53843 (executing program)
2025/08/29 11:29:34 fetching corpus: 250, signal 52508/61154 (executing program)
2025/08/29 11:29:34 fetching corpus: 300, signal 56699/66498 (executing program)
2025/08/29 11:29:34 fetching corpus: 350, signal 61129/71926 (executing program)
2025/08/29 11:29:34 fetching corpus: 400, signal 64662/76445 (executing program)
2025/08/29 11:29:34 fetching corpus: 450, signal 67097/79951 (executing program)
2025/08/29 11:29:34 fetching corpus: 500, signal 71134/84834 (executing program)
2025/08/29 11:29:34 fetching corpus: 550, signal 73481/88105 (executing program)
2025/08/29 11:29:35 fetching corpus: 600, signal 75764/91258 (executing program)
2025/08/29 11:29:35 fetching corpus: 650, signal 77766/94140 (executing program)
2025/08/29 11:29:35 fetching corpus: 700, signal 80287/97403 (executing program)
2025/08/29 11:29:35 fetching corpus: 750, signal 82565/100473 (executing program)
2025/08/29 11:29:35 fetching corpus: 800, signal 87607/105673 (executing program)
2025/08/29 11:29:35 fetching corpus: 850, signal 90426/109036 (executing program)
2025/08/29 11:29:35 fetching corpus: 900, signal 93606/112681 (executing program)
2025/08/29 11:29:35 fetching corpus: 950, signal 96746/116248 (executing program)
2025/08/29 11:29:35 fetching corpus: 1000, signal 99166/119162 (executing program)
2025/08/29 11:29:35 fetching corpus: 1050, signal 100967/121541 (executing program)
2025/08/29 11:29:36 fetching corpus: 1100, signal 102335/123473 (executing program)
2025/08/29 11:29:36 fetching corpus: 1150, signal 103902/125579 (executing program)
2025/08/29 11:29:36 fetching corpus: 1200, signal 105369/127599 (executing program)
2025/08/29 11:29:36 fetching corpus: 1250, signal 106720/129460 (executing program)
2025/08/29 11:29:36 fetching corpus: 1300, signal 107671/131034 (executing program)
2025/08/29 11:29:36 fetching corpus: 1350, signal 108726/132623 (executing program)
2025/08/29 11:29:36 fetching corpus: 1400, signal 109794/134260 (executing program)
2025/08/29 11:29:36 fetching corpus: 1450, signal 110715/135696 (executing program)
2025/08/29 11:29:36 fetching corpus: 1500, signal 112642/137838 (executing program)
2025/08/29 11:29:36 fetching corpus: 1550, signal 114033/139614 (executing program)
2025/08/29 11:29:36 fetching corpus: 1600, signal 115000/141043 (executing program)
2025/08/29 11:29:37 fetching corpus: 1650, signal 116014/142533 (executing program)
2025/08/29 11:29:37 fetching corpus: 1700, signal 117039/144002 (executing program)
2025/08/29 11:29:37 fetching corpus: 1750, signal 118043/145384 (executing program)
2025/08/29 11:29:37 fetching corpus: 1800, signal 118827/146624 (executing program)
2025/08/29 11:29:37 fetching corpus: 1850, signal 120946/148640 (executing program)
2025/08/29 11:29:37 fetching corpus: 1900, signal 121958/149957 (executing program)
2025/08/29 11:29:37 fetching corpus: 1950, signal 122708/151102 (executing program)
2025/08/29 11:29:37 fetching corpus: 2000, signal 124297/152724 (executing program)
2025/08/29 11:29:37 fetching corpus: 2050, signal 125143/153917 (executing program)
2025/08/29 11:29:37 fetching corpus: 2100, signal 125892/155019 (executing program)
2025/08/29 11:29:37 fetching corpus: 2150, signal 126873/156224 (executing program)
2025/08/29 11:29:38 fetching corpus: 2200, signal 127823/157429 (executing program)
2025/08/29 11:29:38 fetching corpus: 2250, signal 129174/158747 (executing program)
2025/08/29 11:29:38 fetching corpus: 2300, signal 130065/159850 (executing program)
2025/08/29 11:29:38 fetching corpus: 2350, signal 131100/160962 (executing program)
2025/08/29 11:29:38 fetching corpus: 2400, signal 131754/161916 (executing program)
2025/08/29 11:29:38 fetching corpus: 2450, signal 132717/162936 (executing program)
2025/08/29 11:29:38 fetching corpus: 2500, signal 133853/164099 (executing program)
2025/08/29 11:29:38 fetching corpus: 2550, signal 134718/165104 (executing program)
2025/08/29 11:29:38 fetching corpus: 2600, signal 135315/165970 (executing program)
2025/08/29 11:29:38 fetching corpus: 2650, signal 136240/166956 (executing program)
2025/08/29 11:29:38 fetching corpus: 2700, signal 137246/167999 (executing program)
2025/08/29 11:29:39 fetching corpus: 2750, signal 137976/168878 (executing program)
2025/08/29 11:29:39 fetching corpus: 2800, signal 138613/169649 (executing program)
2025/08/29 11:29:39 fetching corpus: 2850, signal 139649/170588 (executing program)
2025/08/29 11:29:39 fetching corpus: 2900, signal 140347/171379 (executing program)
2025/08/29 11:29:39 fetching corpus: 2950, signal 140963/172122 (executing program)
2025/08/29 11:29:39 fetching corpus: 3000, signal 141463/172796 (executing program)
2025/08/29 11:29:39 fetching corpus: 3050, signal 142352/173589 (executing program)
2025/08/29 11:29:39 fetching corpus: 3100, signal 142901/174282 (executing program)
2025/08/29 11:29:40 fetching corpus: 3150, signal 143495/175009 (executing program)
2025/08/29 11:29:40 fetching corpus: 3200, signal 144592/175854 (executing program)
2025/08/29 11:29:40 fetching corpus: 3250, signal 145202/176515 (executing program)
2025/08/29 11:29:40 fetching corpus: 3300, signal 145945/177214 (executing program)
2025/08/29 11:29:40 fetching corpus: 3350, signal 146899/177963 (executing program)
2025/08/29 11:29:40 fetching corpus: 3400, signal 147609/178625 (executing program)
2025/08/29 11:29:40 fetching corpus: 3450, signal 148079/179197 (executing program)
2025/08/29 11:29:40 fetching corpus: 3500, signal 148840/179843 (executing program)
2025/08/29 11:29:40 fetching corpus: 3550, signal 149575/180451 (executing program)
2025/08/29 11:29:40 fetching corpus: 3600, signal 150397/181084 (executing program)
2025/08/29 11:29:41 fetching corpus: 3650, signal 151008/181658 (executing program)
2025/08/29 11:29:41 fetching corpus: 3700, signal 151693/182221 (executing program)
2025/08/29 11:29:41 fetching corpus: 3750, signal 152216/182728 (executing program)
2025/08/29 11:29:41 fetching corpus: 3800, signal 152671/183216 (executing program)
2025/08/29 11:29:41 fetching corpus: 3850, signal 153090/183672 (executing program)
2025/08/29 11:29:41 fetching corpus: 3900, signal 153660/184135 (executing program)
2025/08/29 11:29:41 fetching corpus: 3950, signal 154245/184624 (executing program)
2025/08/29 11:29:41 fetching corpus: 4000, signal 154667/185084 (executing program)
2025/08/29 11:29:41 fetching corpus: 4050, signal 155033/185513 (executing program)
2025/08/29 11:29:41 fetching corpus: 4100, signal 155850/185974 (executing program)
2025/08/29 11:29:41 fetching corpus: 4150, signal 156319/186389 (executing program)
2025/08/29 11:29:41 fetching corpus: 4200, signal 156870/186790 (executing program)
2025/08/29 11:29:42 fetching corpus: 4250, signal 157259/187208 (executing program)
2025/08/29 11:29:42 fetching corpus: 4300, signal 157816/187607 (executing program)
2025/08/29 11:29:42 fetching corpus: 4350, signal 158199/187971 (executing program)
2025/08/29 11:29:42 fetching corpus: 4400, signal 158731/188380 (executing program)
2025/08/29 11:29:42 fetching corpus: 4450, signal 159182/188742 (executing program)
2025/08/29 11:29:42 fetching corpus: 4500, signal 159585/189092 (executing program)
2025/08/29 11:29:42 fetching corpus: 4550, signal 159986/189465 (executing program)
2025/08/29 11:29:42 fetching corpus: 4600, signal 160480/189587 (executing program)
2025/08/29 11:29:42 fetching corpus: 4650, signal 160739/189602 (executing program)
2025/08/29 11:29:42 fetching corpus: 4700, signal 161091/189617 (executing program)
2025/08/29 11:29:42 fetching corpus: 4750, signal 161599/189630 (executing program)
2025/08/29 11:29:43 fetching corpus: 4800, signal 161974/189653 (executing program)
2025/08/29 11:29:43 fetching corpus: 4850, signal 162436/189705 (executing program)
2025/08/29 11:29:43 fetching corpus: 4900, signal 162983/189866 (executing program)
2025/08/29 11:29:43 fetching corpus: 4950, signal 163387/189890 (executing program)
2025/08/29 11:29:43 fetching corpus: 5000, signal 163810/189902 (executing program)
2025/08/29 11:29:43 fetching corpus: 5050, signal 164122/189925 (executing program)
2025/08/29 11:29:43 fetching corpus: 5100, signal 164525/189928 (executing program)
2025/08/29 11:29:43 fetching corpus: 5150, signal 164848/189929 (executing program)
2025/08/29 11:29:43 fetching corpus: 5200, signal 165232/189956 (executing program)
2025/08/29 11:29:44 fetching corpus: 5250, signal 165753/189972 (executing program)
2025/08/29 11:29:44 fetching corpus: 5300, signal 166135/189976 (executing program)
2025/08/29 11:29:44 fetching corpus: 5350, signal 166648/189998 (executing program)
2025/08/29 11:29:44 fetching corpus: 5400, signal 167020/190022 (executing program)
2025/08/29 11:29:44 fetching corpus: 5450, signal 167353/190030 (executing program)
2025/08/29 11:29:44 fetching corpus: 5500, signal 167700/190030 (executing program)
2025/08/29 11:29:44 fetching corpus: 5550, signal 167920/190050 (executing program)
2025/08/29 11:29:44 fetching corpus: 5600, signal 168339/190054 (executing program)
2025/08/29 11:29:44 fetching corpus: 5650, signal 168689/190078 (executing program)
2025/08/29 11:29:44 fetching corpus: 5700, signal 169082/190095 (executing program)
2025/08/29 11:29:44 fetching corpus: 5750, signal 169458/190139 (executing program)
2025/08/29 11:29:45 fetching corpus: 5800, signal 169852/190163 (executing program)
2025/08/29 11:29:45 fetching corpus: 5850, signal 170192/190182 (executing program)
2025/08/29 11:29:45 fetching corpus: 5900, signal 170423/190183 (executing program)
2025/08/29 11:29:45 fetching corpus: 5950, signal 170751/190183 (executing program)
2025/08/29 11:29:45 fetching corpus: 6000, signal 171188/190214 (executing program)
2025/08/29 11:29:45 fetching corpus: 6050, signal 171497/190250 (executing program)
2025/08/29 11:29:45 fetching corpus: 6100, signal 171930/190251 (executing program)
2025/08/29 11:29:45 fetching corpus: 6150, signal 172219/190253 (executing program)
2025/08/29 11:29:45 fetching corpus: 6200, signal 172490/190266 (executing program)
2025/08/29 11:29:45 fetching corpus: 6250, signal 173069/190352 (executing program)
2025/08/29 11:29:45 fetching corpus: 6300, signal 173505/190353 (executing program)
2025/08/29 11:29:45 fetching corpus: 6350, signal 173991/190398 (executing program)
2025/08/29 11:29:46 fetching corpus: 6400, signal 174328/190414 (executing program)
2025/08/29 11:29:46 fetching corpus: 6450, signal 174696/190424 (executing program)
2025/08/29 11:29:46 fetching corpus: 6500, signal 175099/190425 (executing program)
2025/08/29 11:29:46 fetching corpus: 6550, signal 175556/190451 (executing program)
2025/08/29 11:29:46 fetching corpus: 6600, signal 175901/190458 (executing program)
2025/08/29 11:29:46 fetching corpus: 6650, signal 176251/190497 (executing program)
2025/08/29 11:29:46 fetching corpus: 6700, signal 176511/190505 (executing program)
2025/08/29 11:29:46 fetching corpus: 6750, signal 176826/190509 (executing program)
2025/08/29 11:29:46 fetching corpus: 6800, signal 177183/190509 (executing program)
2025/08/29 11:29:46 fetching corpus: 6850, signal 177507/190602 (executing program)
2025/08/29 11:29:47 fetching corpus: 6900, signal 177780/190605 (executing program)
2025/08/29 11:29:47 fetching corpus: 6950, signal 178031/190617 (executing program)
2025/08/29 11:29:47 fetching corpus: 7000, signal 178492/190628 (executing program)
2025/08/29 11:29:47 fetching corpus: 7050, signal 178892/190646 (executing program)
2025/08/29 11:29:47 fetching corpus: 7100, signal 179179/190650 (executing program)
2025/08/29 11:29:47 fetching corpus: 7150, signal 179547/190653 (executing program)
2025/08/29 11:29:47 fetching corpus: 7200, signal 179956/190673 (executing program)
2025/08/29 11:29:47 fetching corpus: 7250, signal 180272/190674 (executing program)
2025/08/29 11:29:47 fetching corpus: 7300, signal 180760/190768 (executing program)
2025/08/29 11:29:47 fetching corpus: 7350, signal 180987/190781 (executing program)
2025/08/29 11:29:48 fetching corpus: 7400, signal 181234/190788 (executing program)
2025/08/29 11:29:48 fetching corpus: 7450, signal 181511/190801 (executing program)
2025/08/29 11:29:48 fetching corpus: 7500, signal 181807/190809 (executing program)
2025/08/29 11:29:48 fetching corpus: 7550, signal 182027/190827 (executing program)
2025/08/29 11:29:48 fetching corpus: 7600, signal 182548/190868 (executing program)
2025/08/29 11:29:48 fetching corpus: 7650, signal 182793/190868 (executing program)
2025/08/29 11:29:48 fetching corpus: 7700, signal 183111/190873 (executing program)
2025/08/29 11:29:48 fetching corpus: 7750, signal 183440/190880 (executing program)
2025/08/29 11:29:48 fetching corpus: 7800, signal 183672/190884 (executing program)
2025/08/29 11:29:48 fetching corpus: 7850, signal 184008/190885 (executing program)
2025/08/29 11:29:49 fetching corpus: 7900, signal 184224/190887 (executing program)
2025/08/29 11:29:49 fetching corpus: 7950, signal 184453/190901 (executing program)
2025/08/29 11:29:49 fetching corpus: 8000, signal 184834/191011 (executing program)
2025/08/29 11:29:49 fetching corpus: 8050, signal 185188/191012 (executing program)
2025/08/29 11:29:49 fetching corpus: 8100, signal 185471/191030 (executing program)
2025/08/29 11:29:49 fetching corpus: 8150, signal 185972/191038 (executing program)
2025/08/29 11:29:49 fetching corpus: 8200, signal 186170/191039 (executing program)
2025/08/29 11:29:49 fetching corpus: 8250, signal 186397/191041 (executing program)
2025/08/29 11:29:49 fetching corpus: 8300, signal 186797/191049 (executing program)
2025/08/29 11:29:49 fetching corpus: 8350, signal 186995/191058 (executing program)
2025/08/29 11:29:50 fetching corpus: 8400, signal 187250/191065 (executing program)
2025/08/29 11:29:50 fetching corpus: 8450, signal 187484/191078 (executing program)
2025/08/29 11:29:50 fetching corpus: 8500, signal 187713/191088 (executing program)
2025/08/29 11:29:50 fetching corpus: 8516, signal 187838/191088 (executing program)
2025/08/29 11:29:50 fetching corpus: 8516, signal 187838/191088 (executing program)
2025/08/29 11:29:52 starting 8 fuzzer processes
11:29:52 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540f, 0xf0ffffff7f0000)

11:29:52 executing program 1:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000640)={@multicast2, @dev}, 0x8)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000640)={@multicast2, @dev}, 0x8)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @remote, @multicast2}, 0xc)

11:29:52 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000000))

11:29:52 executing program 7:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000840), 0x14)

11:29:52 executing program 3:
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000000))

11:29:52 executing program 4:
openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x10100, 0x0)

[   82.272318] audit: type=1400 audit(1756466992.666:7): avc:  denied  { execmem } for  pid=272 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:29:52 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @dev}, {0x2, 0x0, @empty}, 0xfd})

11:29:52 executing program 6:
r0 = memfd_secret(0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000040)='$C-\x00', &(0x7f0000000080), 0x0)

[   83.498345] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   83.498433] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   83.501559] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.503523] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   83.506412] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   83.508284] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   83.511285] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.513298] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   83.522926] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.533304] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.558968] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   83.561575] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.564148] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.578210] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.582091] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.642895] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   83.650103] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   83.653560] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.654579] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   83.659378] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   83.673409] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   83.682001] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   83.683733] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   83.685367] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   83.703534] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   83.704608] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   83.709006] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   83.710563] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   83.712202] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   83.716035] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   83.719002] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   83.723325] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   83.724724] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   83.728914] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   83.740758] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   83.746334] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   83.752968] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   83.762151] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   83.776463] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   83.809606] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   85.586547] Bluetooth: hci1: command tx timeout
[   85.587833] Bluetooth: hci0: command tx timeout
[   85.650008] Bluetooth: hci2: command tx timeout
[   85.779002] Bluetooth: hci6: command tx timeout
[   85.841992] Bluetooth: hci3: command tx timeout
[   85.842067] Bluetooth: hci4: command tx timeout
[   85.842577] Bluetooth: hci5: command tx timeout
[   85.906810] Bluetooth: hci7: command tx timeout
[   87.633918] Bluetooth: hci0: command tx timeout
[   87.633933] Bluetooth: hci1: command tx timeout
[   87.699804] Bluetooth: hci2: command tx timeout
[   87.827427] Bluetooth: hci6: command tx timeout
[   87.889843] Bluetooth: hci4: command tx timeout
[   87.889938] Bluetooth: hci5: command tx timeout
[   87.890258] Bluetooth: hci3: command tx timeout
[   87.953972] Bluetooth: hci7: command tx timeout
[   89.681915] Bluetooth: hci1: command tx timeout
[   89.682349] Bluetooth: hci0: command tx timeout
[   89.745934] Bluetooth: hci2: command tx timeout
[   89.873942] Bluetooth: hci6: command tx timeout
[   89.937936] Bluetooth: hci3: command tx timeout
[   89.938326] Bluetooth: hci5: command tx timeout
[   89.938718] Bluetooth: hci4: command tx timeout
[   90.002675] Bluetooth: hci7: command tx timeout
[   91.729972] Bluetooth: hci0: command tx timeout
[   91.730090] Bluetooth: hci1: command tx timeout
[   91.793880] Bluetooth: hci2: command tx timeout
[   91.922167] Bluetooth: hci6: command tx timeout
[   91.987929] Bluetooth: hci5: command tx timeout
[   91.988297] Bluetooth: hci4: command tx timeout
[   91.988334] Bluetooth: hci3: command tx timeout
[   92.051813] Bluetooth: hci7: command tx timeout
[  120.535191] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.535846] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.757006] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.757596] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.325338] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.326038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.452140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.453353] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.806628] audit: type=1400 audit(1756467032.200:8): avc:  denied  { open } for  pid=3797 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.815361] audit: type=1400 audit(1756467032.200:9): avc:  denied  { kernel } for  pid=3797 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.819036] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  121.832282] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.832884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.957698] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.958360] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.226615] Unsupported ieee802154 address type: 0
[  122.586331] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.587521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.645047] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.645622] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.679191] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.679758] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.737635] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.738398] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.778110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.778704] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.829564] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.830535] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.886231] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.887104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.942368] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.943136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.979364] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.979992] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.056144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.057270] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:30:33 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x44840, 0x0)
recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0)
ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000000))

11:30:33 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpgrp(0x0)
r1 = gettid()
tgkill(r0, r1, 0xb)

11:30:33 executing program 3:
syz_emit_ethernet(0x46, &(0x7f00000001c0)={@link_local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c770cc", 0x10, 0x3a, 0xff, @local={0x3}, @mcast2, {[], @ndisc_ra}}}}}, 0x0)

11:30:33 executing program 7:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000840), 0x14)

11:30:33 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000000))

11:30:33 executing program 6:
r0 = memfd_secret(0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000040)='$C-\x00', &(0x7f0000000080), 0x0)

11:30:33 executing program 5:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='configfs\x00', 0x0, 0x0)
utime(&(0x7f0000000000)='./file0\x00', 0x0)

11:30:33 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r1, 0x11, 0x0, 0x0, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x1c}}, 0x0)

11:30:33 executing program 6:
r0 = memfd_secret(0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000040)='$C-\x00', &(0x7f0000000080), 0x0)

11:30:33 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)=@updsa={0x13c, 0x1a, 0x1, 0x0, 0x0, {{@in6=@private0, @in=@remote}, {@in6=@private2, 0x0, 0x33}, @in6=@private0, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth_trunc={0x4c, 0x14, {{'sha256-generic\x00'}}}]}, 0x13c}}, 0x0)

11:30:33 executing program 4:
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)

[  123.292690] Unsupported ieee802154 address type: 0
11:30:33 executing program 7:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000840), 0x14)

11:30:33 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000000))

[  123.347563] Unsupported ieee802154 address type: 0
11:30:33 executing program 7:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000840), 0x14)

11:30:33 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpgrp(0x0)
r1 = gettid()
tgkill(r0, r1, 0xb)

[  123.401056] ------------[ cut here ]------------
[  123.401574] WARNING: fs/namespace.c:1434 at mntput_no_expire+0x78e/0xbe0, CPU#1: syz-executor.5/287
[  123.402413] Modules linked in:
[  123.402735] CPU: 1 UID: 0 PID: 287 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  123.407960] Tainted: [W]=WARN
[  123.408214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  123.409025] RIP: 0010:mntput_no_expire+0x78e/0xbe0
[  123.410947] Code: 05 16 42 81 04 01 e8 31 f8 91 ff e9 41 fc ff ff e8 b7 50 b4 ff 31 ff 44 89 ee e8 dd 4b b4 ff 45 85 ed 79 09 e8 a3 50 b4 ff 90 <0f> 0b 90 e8 9a 50 b4 ff e8 75 f6 fb 02 31 ff 89 c5 89 c6 e8 ba 4b
[  123.413487] RSP: 0018:ffff888016d87ce0 EFLAGS: 00010293
[  123.413940] RAX: 0000000000000000 RBX: 1ffff11002db0fa1 RCX: ffffffff81bf96d3
[  123.414498] RDX: ffff88801aacb700 RSI: ffffffff81bf96dd RDI: 0000000000000005
[  123.415074] RBP: ffff888016ac8000 R08: 0000000000000001 R09: 0000000000000000
[  123.415640] R10: 00000000ffffffff R11: 0000000000000001 R12: ffff888016d87d48
[  123.416215] R13: 00000000ffffffff R14: ffff888016ac8000 R15: ffff888016ac80e8
[  123.416791] FS:  0000555562550400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  123.417417] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.417893] CR2: 000055556f730c18 CR3: 0000000045233000 CR4: 0000000000350ef0
[  123.418457] Call Trace:
[  123.418665]  <TASK>
[  123.418869]  ? __pfx_mntput_no_expire+0x10/0x10
[  123.419259]  ? dput.part.0+0xce/0x930
[  123.419572]  ? lock_release+0xc8/0x290
[  123.419914]  path_umount+0x6e0/0x1100
[  123.420221]  ? kmem_cache_free+0x2a1/0x540
[  123.420557]  ? __pfx_path_umount+0x10/0x10
[  123.420914]  ? putname.part.0+0x11b/0x160
[  123.421253]  __x64_sys_umount+0x15c/0x190
[  123.421584]  ? __pfx___x64_sys_umount+0x10/0x10
[  123.421975]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  123.422394]  do_syscall_64+0xbf/0x360
[  123.422702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.423139] RIP: 0033:0x7fba0b8e1f87
[  123.423435] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.424866] RSP: 002b:00007ffdbfae62e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  123.425465] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fba0b8e1f87
[  123.426040] RDX: 00007ffdbfae63b9 RSI: 000000000000000a RDI: 00007ffdbfae63b0
[  123.426602] RBP: 00007ffdbfae63b0 R08: 00000000ffffffff R09: 00007ffdbfae6180
[  123.427182] R10: 0000555562551c7b R11: 0000000000000246 R12: 00007fba0b93a105
[  123.427742] R13: 00007ffdbfae7470 R14: 0000555562551c20 R15: 00007ffdbfae74b0
[  123.428324]  </TASK>
[  123.428514] irq event stamp: 151549
[  123.428815] hardirqs last  enabled at (151559): [<ffffffff81541b18>] __up_console_sem+0x78/0x80
[  123.429496] hardirqs last disabled at (151566): [<ffffffff81541afd>] __up_console_sem+0x5d/0x80
[  123.430199] softirqs last  enabled at (151266): [<ffffffff813bafcc>] handle_softirqs+0x50c/0x770
[  123.430913] softirqs last disabled at (151261): [<ffffffff813bb364>] __irq_exit_rcu+0xc4/0x100
[  123.431596] ---[ end trace 0000000000000000 ]---
[  123.438293] Unsupported ieee802154 address type: 0
[  123.438719] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[  123.439592] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[  123.440189] CPU: 1 UID: 0 PID: 3926 Comm: syz-executor.7 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  123.441127] Tainted: [W]=WARN
[  123.441373] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  123.442019] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.442398] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.443826] RSP: 0018:ffff888047f1f780 EFLAGS: 00010012
[  123.444251] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90007ac7000
[  123.444810] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  123.445368] RBP: ffff888047f1f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd167d8
[  123.445925] R10: 0000000000000000 R11: ffff88801e20c898 R12: dffffc0000000000
[  123.446481] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  123.447052] FS:  00007fb674e37700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  123.447691] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.448149] CR2: 0000000020000840 CR3: 00000000456f3000 CR4: 0000000000350ef0
[  123.448711] Call Trace:
[  123.448919]  <TASK>
[  123.449103]  ? __pfx_perf_tp_event+0x10/0x10
[  123.449457]  ? panic_on_this_cpu+0x32/0x40
[  123.449795]  ? __pfx__prb_read_valid+0x10/0x10
[  123.450164]  ? find_held_lock+0x2b/0x80
[  123.450489]  ? up+0x100/0x180
[  123.450754]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.451234]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[  123.451641]  ? prb_read_valid+0x78/0xa0
[  123.451961]  ? __pfx_prb_read_valid+0x10/0x10
[  123.452323]  ? tick_nohz_tick_stopped+0x44/0x60
[  123.452698]  ? perf_trace_run_bpf_submit+0xef/0x180
[  123.453096]  ? trace_sched_set_need_resched_tp+0xd4/0x110
[  123.453539]  perf_trace_run_bpf_submit+0xef/0x180
[  123.453932]  perf_trace_preemptirq_template+0x259/0x430
[  123.454363]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.454836]  ? __pfx___resched_curr+0x10/0x10
[  123.455206]  ? find_held_lock+0x2b/0x80
[  123.455528]  ? try_to_wake_up+0x8ae/0x11d0
[  123.455878]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  123.456285]  trace_irq_enable.constprop.0+0xa6/0x100
[  123.456686]  trace_hardirqs_on+0x26/0x40
[  123.457008]  _raw_spin_unlock_irqrestore+0x2c/0x50
[  123.457402]  try_to_wake_up+0x8ae/0x11d0
[  123.457731]  ? __pfx_try_to_wake_up+0x10/0x10
[  123.458095]  ? plist_del+0x122/0x270
[  123.458396]  ? find_held_lock+0x2b/0x80
[  123.458720]  ? futex_wake+0x474/0x540
[  123.459031]  wake_up_q+0xa1/0x130
[  123.459324]  futex_wake+0x47e/0x540
[  123.459620]  ? __pfx_futex_wake+0x10/0x10
[  123.459952]  ? __local_bh_enable_ip+0xa1/0x110
[  123.460318]  ? dgram_bind+0x141/0x5d0
[  123.460635]  ? __might_fault+0xe0/0x190
[  123.460962]  do_futex+0x26d/0x370
[  123.461243]  ? __pfx_do_futex+0x10/0x10
[  123.461563]  ? __sys_bind+0x1fc/0x2b0
[  123.461876]  __x64_sys_futex+0x1c9/0x4d0
[  123.462198]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.462666]  ? fput_close_sync+0x114/0x240
[  123.463008]  ? __pfx___x64_sys_futex+0x10/0x10
[  123.463389]  ? __pfx_fput_close_sync+0x10/0x10
[  123.463757]  ? dnotify_flush+0x79/0x4c0
[  123.464080]  ? xfd_validate_state+0x55/0x180
[  123.464442]  do_syscall_64+0xbf/0x360
[  123.464745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.465153] RIP: 0033:0x7fb6778c1b19
[  123.465448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.466877] RSP: 002b:00007fb674e37218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  123.467476] RAX: ffffffffffffffda RBX: 00007fb6779d4f68 RCX: 00007fb6778c1b19
[  123.468035] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb6779d4f6c
[  123.468598] RBP: 00007fb6779d4f60 R08: 0000000000000013 R09: 0000000000000000
[  123.469165] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fb6779d4f6c
[  123.469722] R13: 00007ffd0773958f R14: 00007fb674e37300 R15: 0000000000022000
[  123.470283]  </TASK>
[  123.470474] Modules linked in:
[  123.470731] ---[ end trace 0000000000000000 ]---
[  123.470734] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[  123.471106] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.471943] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[  123.472301] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.472852] CPU: 0 UID: 0 PID: 65 Comm: kworker/u8:1 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  123.474257] RSP: 0018:ffff888047f1f780 EFLAGS: 00010012
[  123.475098] Tainted: [D]=DIE, [W]=WARN
[  123.475509] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90007ac7000
[  123.475792] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  123.476340] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  123.476939] Workqueue: ipv6_addrconf addrconf_dad_work
[  123.477489] RBP: ffff888047f1f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd167d8
[  123.477876] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.478426] R10: 0000000000000000 R11: ffff88801e20c898 R12: dffffc0000000000
[  123.478765] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.479317] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  123.480625] RSP: 0018:ffff88806ce08380 EFLAGS: 00010012
[  123.481174] FS:  00007fb674e37700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  123.481560] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[  123.482178] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.482692] RDX: ffff88800aadd280 RSI: ffffffff818995b7 RDI: 0000000000000191
[  123.483150] CR2: 0000000020000840 CR3: 00000000456f3000 CR4: 0000000000350ef0
[  123.483665] RBP: ffff88806ce085f0 R08: ffff88806ce313e8 R09: ffffe8ffffc167d8
[  123.484218] note: syz-executor.7[3926] exited with irqs disabled
[  123.484732] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[  123.485718] R13: 0000000000000014 R14: ffff88806ce313e8 R15: dffffc0000000000
[  123.486239] FS:  0000000000000000(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  123.486825] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.487258] CR2: 0000001b2cc26000 CR3: 00000000203b5000 CR4: 0000000000350ef0
[  123.487779] Call Trace:
[  123.487973]  <IRQ>
[  123.488140]  ? lock_release+0x1c7/0x290
[  123.488445]  ? __pfx_perf_tp_event+0x10/0x10
[  123.488777]  ? unwind_next_frame+0x3bc/0x2540
[  123.489124]  ? handle_softirqs+0x1b1/0x770
[  123.489448]  ? do_softirq+0x48/0x80
[  123.489720]  ? kernel_text_address+0x11/0xc0
[  123.490052]  ? neigh_resolve_output+0x492/0x7f0
[  123.490399]  ? __kernel_text_address+0xd/0x40
[  123.490735]  ? unwind_get_return_address+0x59/0xa0
[  123.491124]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  123.491528]  ? arch_stack_walk+0x76/0xf0
[  123.491833]  ? __dev_queue_xmit+0xe19/0x3cc0
[  123.492165]  ? do_softirq+0x48/0x80
[  123.492437]  ? stack_trace_save+0x8e/0xc0
[  123.492748]  ? stack_depot_save_flags+0x2c/0xa20
[  123.493127]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.493602]  ? perf_trace_run_bpf_submit+0xef/0x180
[  123.494001]  ? ip6_rcv_finish_core.constprop.0+0x1a4/0x5e0
[  123.494445]  perf_trace_run_bpf_submit+0xef/0x180
[  123.494834]  perf_trace_preemptirq_template+0x259/0x430
[  123.495272]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.495747]  ? lock_release+0x1c7/0x290
[  123.496066]  ? in6_dev_get+0x142/0x310
[  123.496386]  ? __local_bh_enable_ip+0xa1/0x110
[  123.496747]  trace_irq_enable.constprop.0+0xa6/0x100
[  123.497153]  ? ip6_pol_route+0x400/0x11a0
[  123.497492]  trace_hardirqs_on+0x26/0x40
[  123.497819]  __local_bh_enable_ip+0xa1/0x110
[  123.498172]  ip6_pol_route+0x405/0x11a0
[  123.498497]  ? __pfx_ip6_pol_route+0x10/0x10
[  123.498858]  ? eth_type_trans+0x2d1/0x600
[  123.499207]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.499681]  ? ieee80211_deliver_skb_to_local_stack+0x1f9/0x5f0
[  123.500169]  ? __pfx_ip6_pol_route_input+0x10/0x10
[  123.500561]  fib6_rule_lookup+0x20d/0x300
[  123.500896]  ip6_route_input+0x606/0xb30
[  123.501219]  ? __pfx_ip6_route_input+0x10/0x10
[  123.501584]  ? __netif_receive_skb_core+0x55a/0x4440
[  123.501992]  ip6_rcv_finish_core.constprop.0+0x1a4/0x5e0
[  123.502423]  ip6_list_rcv_finish.constprop.0+0x15f/0x9a0
[  123.502855]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  123.503282]  ? __pfx_ip6_list_rcv_finish.constprop.0+0x10/0x10
[  123.503751]  ? ip6_rcv_core+0xc07/0x1bb0
[  123.504077]  ipv6_list_rcv+0x2c7/0x3f0
[  123.504386]  ? __pfx_ipv6_list_rcv+0x10/0x10
[  123.504746]  ? __pfx_ipv6_list_rcv+0x10/0x10
[  123.505098]  __netif_receive_skb_list_core+0x4c1/0x8d0
[  123.505522]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  123.505982]  ? kcov_remote_stop+0x25e/0x490
[  123.506333]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  123.506749]  ? kcov_remote_stop+0x25e/0x490
[  123.507099]  ? lock_acquire+0x18c/0x2f0
[  123.507420]  netif_receive_skb_list_internal+0x6c1/0xc90
[  123.507850]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  123.508321]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  123.508702]  ? consume_skb+0xdd/0x160
[  123.509007]  ? lock_acquire+0x18c/0x2f0
[  123.509328]  netif_receive_skb_list+0x4f/0x410
[  123.509699]  ieee80211_rx_napi+0x356/0x3c0
[  123.510040]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  123.510418]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  123.510825]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  123.511239]  ieee80211_handle_queued_frames+0xd9/0x130
[  123.511662]  tasklet_action_common+0x235/0x3b0
[  123.512025]  ? workqueue_softirq_action+0x1a/0x170
[  123.512423]  handle_softirqs+0x1b1/0x770
[  123.512754]  ? __dev_queue_xmit+0xe19/0x3cc0
[  123.513111]  do_softirq+0x48/0x80
[  123.513389]  </IRQ>
[  123.513572]  <TASK>
[  123.513753]  __local_bh_enable_ip+0xf1/0x110
[  123.514106]  ? __dev_queue_xmit+0xe19/0x3cc0
[  123.514462]  __dev_queue_xmit+0xe2e/0x3cc0
[  123.514803]  ? stack_depot_save_flags+0x2c/0xa20
[  123.515187]  ? ret_from_fork_asm+0x1a/0x30
[  123.515528]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.516005]  ? __pfx___dev_queue_xmit+0x10/0x10
[  123.516374]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  123.516751]  ? lock_acquire+0x18c/0x2f0
[  123.517070]  ? ndisc_send_skb+0x9ed/0x1d10
[  123.517414]  ? ndisc_send_ns+0xa9/0x130
[  123.517732]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  123.518135]  ? lock_acquire+0x18c/0x2f0
[  123.518455]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.518924]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.519401]  ? do_raw_write_lock+0x11c/0x3a0
[  123.519758]  ? lock_acquire+0x18c/0x2f0
[  123.520078]  ? __asan_memcpy+0x3d/0x60
[  123.520391]  neigh_resolve_output+0x492/0x7f0
[  123.520753]  ip6_finish_output2+0x946/0x1aa0
[  123.521114]  __ip6_finish_output+0x5d5/0xd10
[  123.521478]  ip6_output+0x1c2/0x3e0
[  123.521780]  ndisc_send_skb+0x9ed/0x1d10
[  123.522113]  ? __pfx_ndisc_send_skb+0x10/0x10
[  123.522480]  ? lock_release+0x1c7/0x290
[  123.522803]  ? __pfx_dst_output+0x10/0x10
[  123.523145]  ? __asan_memcpy+0x3d/0x60
[  123.523458]  ? mod_delayed_work_on+0x13c/0x180
[  123.523829]  ndisc_send_ns+0xa9/0x130
[  123.524134]  ? __pfx_ndisc_send_ns+0x10/0x10
[  123.524483]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  123.524867]  ? __local_bh_enable_ip+0xa1/0x110
[  123.525230]  addrconf_dad_work+0xae2/0x11a0
[  123.525582]  ? __pfx_addrconf_dad_work+0x10/0x10
[  123.525964]  ? lock_acquire+0x18c/0x2f0
[  123.526286]  process_one_work+0x8e1/0x19c0
[  123.526628]  ? __pfx_process_one_work+0x10/0x10
[  123.527002]  ? move_linked_works+0x172/0x270
[  123.527371]  ? assign_work+0x196/0x240
[  123.527687]  worker_thread+0x67e/0xe90
[  123.528003]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  123.528418]  ? __pfx_worker_thread+0x10/0x10
[  123.528776]  kthread+0x3c8/0x740
[  123.529053]  ? __pfx_kthread+0x10/0x10
[  123.529360]  ? ret_from_fork+0x23/0x430
[  123.529688]  ? lock_release+0xc8/0x290
[  123.530005]  ? __pfx_kthread+0x10/0x10
[  123.530318]  ret_from_fork+0x34b/0x430
[  123.530637]  ? __pfx_kthread+0x10/0x10
[  123.530953]  ret_from_fork_asm+0x1a/0x30
[  123.531288]  </TASK>
[  123.531478] Modules linked in:
[  123.531739] ---[ end trace 0000000000000000 ]---
[  123.531740] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#3] SMP KASAN NOPTI
[  123.532109] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.532968] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[  123.533329] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.533917] CPU: 1 UID: 0 PID: 3926 Comm: syz-executor.7 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  123.535330] RSP: 0018:ffff888047f1f780 EFLAGS: 00010012
[  123.536248] Tainted: [D]=DIE, [W]=WARN
[  123.536665] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90007ac7000
[  123.536965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  123.537521] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[  123.538158] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.538707] RBP: ffff888047f1f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd167d8
[  123.539074] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.539633] R10: 0000000000000000 R11: ffff88801e20c898 R12: dffffc0000000000
[  123.541036] RSP: 0018:ffff88806cf08b80 EFLAGS: 00010012
[  123.541592] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  123.542006] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[  123.542568] FS:  0000000000000000(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  123.543123] RDX: ffff888046a73700 RSI: ffffffff818995b7 RDI: 0000000000000191
[  123.543746] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.544300] RBP: ffff88806cf08df0 R08: ffff88806cf313e8 R09: ffffe8ffffd167d8
[  123.544756] CR2: 0000001b2cc26000 CR3: 00000000203b5000 CR4: 0000000000350ef0
[  123.545304] R10: 0000000000000000 R11: ffff888018dbb098 R12: dffffc0000000000
[  123.545863] Kernel panic - not syncing: Fatal exception in interrupt
[  124.622035] Shutting down cpus with NMI
[  124.623587] Kernel Offset: disabled
[  124.624073] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
11:30:33  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=0000000000000100 RCX=ffffffff81b96dd8 RDX=ffff88801aac9b80
RSI=ffffffff81b96da3 RDI=0000000000000001 RBP=ffff888018a2fc48 RSP=ffff888018a2fbb8
R8 =0000000000000001 R9 =ffffffff81b964d3 R10=0000000000000001 R11=0000000000000001
R12=ffff888018a2fd24 R13=000000000000076b R14=ffff888018a2fce8 R15=0000000000000001
RIP=ffffffff81b96da5 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 000055557097b400 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe3300000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555570984c58 CR3=0000000043593000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000ff000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888016d87620
R8 =0000000000000000 R9 =ffffed10016c9046 R10=0000000000000039 R11=0000000000000001
R12=0000000000000039 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555562550400 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe2c00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055556f730c18 CR3=0000000045233000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000