Warning: Permanently added '[localhost]:28790' (ECDSA) to the list of known hosts.
2025/09/01 08:12:55 fuzzer started
2025/09/01 08:12:55 dialing manager at localhost:35473
syzkaller login: [ 50.432351] cgroup: Unknown subsys name 'net'
[ 50.495810] cgroup: Unknown subsys name 'cpuset'
[ 50.508669] cgroup: Unknown subsys name 'rlimit'
2025/09/01 08:13:07 syscalls: 2214
2025/09/01 08:13:07 code coverage: enabled
2025/09/01 08:13:07 comparison tracing: enabled
2025/09/01 08:13:07 extra coverage: enabled
2025/09/01 08:13:07 setuid sandbox: enabled
2025/09/01 08:13:07 namespace sandbox: enabled
2025/09/01 08:13:07 Android sandbox: enabled
2025/09/01 08:13:07 fault injection: enabled
2025/09/01 08:13:07 leak checking: enabled
2025/09/01 08:13:07 net packet injection: enabled
2025/09/01 08:13:07 net device setup: enabled
2025/09/01 08:13:07 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 08:13:07 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 08:13:07 USB emulation: enabled
2025/09/01 08:13:07 hci packet injection: enabled
2025/09/01 08:13:07 wifi device emulation: enabled
2025/09/01 08:13:07 802.15.4 emulation: enabled
2025/09/01 08:13:07 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 08:13:07 fetching corpus: 50, signal 28002/30132 (executing program)
2025/09/01 08:13:07 fetching corpus: 100, signal 38223/40394 (executing program)
2025/09/01 08:13:08 fetching corpus: 150, signal 47957/49640 (executing program)
2025/09/01 08:13:08 fetching corpus: 200, signal 55012/55949 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59177 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59250 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59293 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59355 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59410 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59469 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59533 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59598 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59649 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59711 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59793 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59854 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59912 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/59983 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60057 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60140 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60204 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60261 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60324 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60396 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60464 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60531 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60608 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60685 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60751 (executing program)
2025/09/01 08:13:08 fetching corpus: 239, signal 58784/60751 (executing program)
2025/09/01 08:13:10 starting 8 fuzzer processes
08:13:10 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount$bind(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000100)='./cgroup/cgroup.procs\x00', &(0x7f0000000140), 0x800, 0x0)
08:13:10 executing program 2:
perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
08:13:10 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lremovexattr(&(0x7f00000001c0)='./file0\x00', 0x0)
getgroups(0x0, 0x0)
dup(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000001240)={0x1c, r1, 0x5, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
08:13:10 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_add_memb(r0, 0x107, 0x9, 0x0, 0x0)
08:13:10 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000006c0)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0x19}}, 0x14}}, 0x0)
08:13:10 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40082104, &(0x7f0000000000))
[ 65.108956] audit: type=1400 audit(1756714390.617:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
08:13:10 executing program 7:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x0, 0x3}, 0x8)
08:13:10 executing program 5:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='loginuid\x00')
pread64(r0, 0x0, 0xfffffd06, 0x7ffffffffffffffa)
[ 66.247616] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 66.252101] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 66.254027] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 66.259297] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 66.263390] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 66.390587] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 66.392509] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 66.394285] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 66.398168] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 66.400494] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 66.404060] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 66.417521] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 66.420473] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 66.432851] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 66.445267] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 66.446874] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 66.459414] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 66.461537] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 66.465085] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 66.468615] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 66.470040] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 66.471322] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 66.475931] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 66.476077] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 66.477165] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 66.478024] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 66.482100] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 66.484033] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 66.490498] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 66.492335] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 66.494029] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 66.497321] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 66.499593] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 66.501079] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 66.503100] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 66.506083] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 66.511145] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 66.511163] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 66.513090] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 66.523559] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 68.283905] Bluetooth: hci0: command tx timeout
[ 68.472808] Bluetooth: hci1: command tx timeout
[ 68.537740] Bluetooth: hci5: command tx timeout
[ 68.537837] Bluetooth: hci4: command tx timeout
[ 68.538406] Bluetooth: hci7: command tx timeout
[ 68.539275] Bluetooth: hci2: command tx timeout
[ 68.601287] Bluetooth: hci3: command tx timeout
[ 68.601874] Bluetooth: hci6: command tx timeout
[ 70.328957] Bluetooth: hci0: command tx timeout
[ 70.520759] Bluetooth: hci1: command tx timeout
[ 70.584806] Bluetooth: hci4: command tx timeout
[ 70.585256] Bluetooth: hci7: command tx timeout
[ 70.585643] Bluetooth: hci2: command tx timeout
[ 70.586809] Bluetooth: hci5: command tx timeout
[ 70.649717] Bluetooth: hci3: command tx timeout
[ 70.650145] Bluetooth: hci6: command tx timeout
[ 72.378765] Bluetooth: hci0: command tx timeout
[ 72.568965] Bluetooth: hci1: command tx timeout
[ 72.632831] Bluetooth: hci5: command tx timeout
[ 72.633310] Bluetooth: hci7: command tx timeout
[ 72.634815] Bluetooth: hci4: command tx timeout
[ 72.635258] Bluetooth: hci2: command tx timeout
[ 72.696867] Bluetooth: hci6: command tx timeout
[ 72.697300] Bluetooth: hci3: command tx timeout
[ 74.425734] Bluetooth: hci0: command tx timeout
[ 74.617815] Bluetooth: hci1: command tx timeout
[ 74.680857] Bluetooth: hci7: command tx timeout
[ 74.681312] Bluetooth: hci2: command tx timeout
[ 74.681836] Bluetooth: hci4: command tx timeout
[ 74.682224] Bluetooth: hci5: command tx timeout
[ 74.745422] Bluetooth: hci3: command tx timeout
[ 74.745875] Bluetooth: hci6: command tx timeout
[ 101.644730] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.645413] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.741893] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.742520] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.884443] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.885105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.917156] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.917823] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.953230] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.953833] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.028043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.029108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.071243] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.071904] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.093344] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.094010] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.148295] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.148930] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:13:47 executing program 5:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='loginuid\x00')
pread64(r0, 0x0, 0xfffffd06, 0x7ffffffffffffffa)
08:13:47 executing program 5:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='loginuid\x00')
pread64(r0, 0x0, 0xfffffd06, 0x7ffffffffffffffa)
[ 102.216788] audit: type=1400 audit(1756714427.724:8): avc: denied { open } for pid=3871 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 102.224214] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.224805] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:13:47 executing program 2:
perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
08:13:47 executing program 5:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='loginuid\x00')
pread64(r0, 0x0, 0xfffffd06, 0x7ffffffffffffffa)
[ 102.287357] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.287962] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:13:47 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000440008000f801002000400003000000000000008000297eb190f153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/96, 0x60, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x400}, {&(0x7f0000010300)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x600}, {&(0x7f0000010400)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x800}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100087ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200087ea70325132510000ea70325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200087ea70325132510000ea70325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200087ea70325132510000ea7032511a0064000000", 0x120, 0xa00}, {&(0x7f0000010700)="2e20202020202020202020100087ea70325132510000ea7032510300000000002e2e202020202020202020100087ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200087ea70325132510000ea70325104001a040000", 0x80, 0x1400}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1600}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x1c00}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x4200}], 0x0, &(0x7f0000010f00))
08:13:47 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40082104, &(0x7f0000000000))
[ 102.329498] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.330110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:13:47 executing program 2:
perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
[ 102.354930] loop5: detected capacity change from 0 to 128
08:13:47 executing program 2:
perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
[ 102.409525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.410236] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.479425] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.480064] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.531342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.532004] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.578773] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.579393] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.728085] audit: type=1400 audit(1756714428.237:9): avc: denied { kernel } for pid=3901 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 102.763703] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[ 102.809813] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[ 102.834173] syz-executor.1 (3905) used greatest stack depth: 23328 bytes left
08:13:48 executing program 7:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x0, 0x3}, 0x8)
08:13:48 executing program 2:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40082104, &(0x7f0000000000))
08:13:48 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40082104, &(0x7f0000000000))
08:13:48 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000440008000f801002000400003000000000000008000297eb190f153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/96, 0x60, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x400}, {&(0x7f0000010300)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x600}, {&(0x7f0000010400)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x800}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100087ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200087ea70325132510000ea70325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200087ea70325132510000ea70325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200087ea70325132510000ea7032511a0064000000", 0x120, 0xa00}, {&(0x7f0000010700)="2e20202020202020202020100087ea70325132510000ea7032510300000000002e2e202020202020202020100087ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200087ea70325132510000ea70325104001a040000", 0x80, 0x1400}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1600}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x1c00}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x4200}], 0x0, &(0x7f0000010f00))
08:13:48 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_add_memb(r0, 0x107, 0x9, 0x0, 0x0)
08:13:48 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000006c0)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0x19}}, 0x14}}, 0x0)
08:13:48 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount$bind(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000100)='./cgroup/cgroup.procs\x00', &(0x7f0000000140), 0x800, 0x0)
08:13:48 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lremovexattr(&(0x7f00000001c0)='./file0\x00', 0x0)
getgroups(0x0, 0x0)
dup(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000001240)={0x1c, r1, 0x5, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
[ 102.894602] loop5: detected capacity change from 0 to 128
08:13:48 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40082104, &(0x7f0000000000))
[ 102.976536] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[ 103.033053] loop5: detected capacity change from 0 to 128
08:13:48 executing program 7:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x0, 0x3}, 0x8)
08:13:48 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_add_memb(r0, 0x107, 0x9, 0x0, 0x0)
08:13:48 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000006c0)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0x19}}, 0x14}}, 0x0)
08:13:48 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000440008000f801002000400003000000000000008000297eb190f153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/96, 0x60, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x400}, {&(0x7f0000010300)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x600}, {&(0x7f0000010400)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x800}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100087ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200087ea70325132510000ea70325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200087ea70325132510000ea70325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200087ea70325132510000ea7032511a0064000000", 0x120, 0xa00}, {&(0x7f0000010700)="2e20202020202020202020100087ea70325132510000ea7032510300000000002e2e202020202020202020100087ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200087ea70325132510000ea70325104001a040000", 0x80, 0x1400}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1600}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x1c00}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x4200}], 0x0, &(0x7f0000010f00))
08:13:48 executing program 2:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40082104, &(0x7f0000000000))
08:13:48 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lremovexattr(&(0x7f00000001c0)='./file0\x00', 0x0)
getgroups(0x0, 0x0)
dup(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000001240)={0x1c, r1, 0x5, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
08:13:48 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount$bind(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000100)='./cgroup/cgroup.procs\x00', &(0x7f0000000140), 0x800, 0x0)
08:13:48 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lremovexattr(&(0x7f00000001c0)='./file0\x00', 0x0)
getgroups(0x0, 0x0)
dup(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000001240)={0x1c, r1, 0x5, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
08:13:48 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000440008000f801002000400003000000000000008000297eb190f153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/96, 0x60, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x400}, {&(0x7f0000010300)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x600}, {&(0x7f0000010400)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x800}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100087ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200087ea70325132510000ea70325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200087ea70325132510000ea70325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200087ea70325132510000ea7032511a0064000000", 0x120, 0xa00}, {&(0x7f0000010700)="2e20202020202020202020100087ea70325132510000ea7032510300000000002e2e202020202020202020100087ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200087ea70325132510000ea70325104001a040000", 0x80, 0x1400}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1600}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x1c00}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x4200}], 0x0, &(0x7f0000010f00))
[ 103.083363] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
08:13:48 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_add_memb(r0, 0x107, 0x9, 0x0, 0x0)
08:13:48 executing program 2:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40082104, &(0x7f0000000000))
[ 103.130487] loop5: detected capacity change from 0 to 128
08:13:48 executing program 7:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x0, 0x3}, 0x8)
08:13:48 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount$bind(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000100)='./cgroup/cgroup.procs\x00', &(0x7f0000000140), 0x800, 0x0)
08:13:48 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lremovexattr(&(0x7f00000001c0)='./file0\x00', 0x0)
getgroups(0x0, 0x0)
dup(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000001240)={0x1c, r1, 0x5, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
[ 103.202110] kmemleak: Found object by alias at 0x607f1a6398f4
[ 103.202132] CPU: 1 UID: 0 PID: 3942 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 103.202151] Tainted: [W]=WARN
[ 103.202155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 103.202163] Call Trace:
[ 103.202167]
[ 103.202172] dump_stack_lvl+0xca/0x120
[ 103.202206] __lookup_object+0x94/0xb0
[ 103.202225] delete_object_full+0x27/0x70
[ 103.202242] free_percpu+0x30/0x1160
[ 103.202259] ? arch_uprobe_clear_state+0x16/0x140
[ 103.202280] futex_hash_free+0x38/0xc0
[ 103.202295] mmput+0x2d3/0x390
[ 103.202315] do_exit+0x79d/0x2970
[ 103.202329] ? lock_release+0xc8/0x290
[ 103.202347] ? __pfx_do_exit+0x10/0x10
[ 103.202361] ? find_held_lock+0x2b/0x80
[ 103.202379] ? get_signal+0x835/0x2340
[ 103.202400] do_group_exit+0xd3/0x2a0
[ 103.202415] get_signal+0x2315/0x2340
[ 103.202433] ? __fget_files+0x203/0x3b0
[ 103.202450] ? __pfx_get_signal+0x10/0x10
[ 103.202466] ? do_futex+0x135/0x370
[ 103.202480] ? __pfx_do_futex+0x10/0x10
[ 103.202496] arch_do_signal_or_restart+0x80/0x790
[ 103.202515] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 103.202532] ? __x64_sys_futex+0x1c9/0x4d0
[ 103.202544] ? __x64_sys_futex+0x1d2/0x4d0
[ 103.202560] ? __pfx___x64_sys_futex+0x10/0x10
[ 103.202579] exit_to_user_mode_loop+0x8b/0x110
[ 103.202593] do_syscall_64+0x2f7/0x360
[ 103.202606] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 103.202619] RIP: 0033:0x7f3577732b19
[ 103.202628] Code: Unable to access opcode bytes at 0x7f3577732aef.
[ 103.202634] RSP: 002b:00007f3574ca8218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 103.202646] RAX: fffffffffffffe00 RBX: 00007f3577845f68 RCX: 00007f3577732b19
[ 103.202654] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3577845f68
[ 103.202661] RBP: 00007f3577845f60 R08: 0000000000000000 R09: 0000000000000000
[ 103.202669] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3577845f6c
[ 103.202681] R13: 00007fff6179e66f R14: 00007f3574ca8300 R15: 0000000000022000
[ 103.202697]
[ 103.202701] kmemleak: Object (percpu) 0x607f1a6398f0 (size 8):
[ 103.202708] kmemleak: comm "syz-executor.0", pid 3953, jiffies 4294770088
[ 103.202715] kmemleak: min_count = 1
[ 103.202719] kmemleak: count = 0
[ 103.202723] kmemleak: flags = 0x21
[ 103.202727] kmemleak: checksum = 0
[ 103.202731] kmemleak: backtrace:
[ 103.202735] pcpu_alloc_noprof+0x87a/0x1170
[ 103.202750] alloc_vfsmnt+0x135/0x6e0
[ 103.202764] vfs_create_mount.part.0+0x40/0x440
[ 103.202780] path_mount+0x1637/0x1dd0
[ 103.202793] __x64_sys_mount+0x27b/0x300
[ 103.202804] do_syscall_64+0xbf/0x360
[ 103.202814] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 103.205972] ------------[ cut here ]------------
[ 103.226005] WARNING: fs/namespace.c:1434 at mntput_no_expire+0x78e/0xbe0, CPU#0: syz-executor.5/285
[ 103.226775] Modules linked in:
[ 103.227116] CPU: 0 UID: 0 PID: 285 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 103.229904] Tainted: [W]=WARN
[ 103.230573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 103.232936] RIP: 0010:mntput_no_expire+0x78e/0xbe0
[ 103.234091] Code: 05 d6 30 81 04 01 e8 71 df 91 ff e9 41 fc ff ff e8 27 47 b4 ff 31 ff 44 89 ee e8 4d 42 b4 ff 45 85 ed 79 09 e8 13 47 b4 ff 90 <0f> 0b 90 e8 0a 47 b4 ff e8 b5 2d fc 02 31 ff 89 c5 89 c6 e8 2a 42
[ 103.236460] RSP: 0018:ffff8880170b7c00 EFLAGS: 00010293
[ 103.236917] RAX: 0000000000000000 RBX: 1ffff11002e16f85 RCX: ffffffff81bfaf93
[ 103.237496] RDX: ffff8880168d5280 RSI: ffffffff81bfaf9d RDI: 0000000000000005
[ 103.238109] RBP: ffff888016de5c00 R08: 0000000000000001 R09: 0000000000000000
[ 103.238711] R10: 00000000ffffffff R11: 0000000000000001 R12: ffff8880170b7c68
[ 103.239290] R13: 00000000ffffffff R14: dead000000000100 R15: ffff888016de5c00
[ 103.239937] FS: 0000555562e3b400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 103.240592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 103.241085] CR2: 000000c00069f000 CR3: 000000003f583000 CR4: 0000000000350ef0
[ 103.241666] Call Trace:
[ 103.241905]
[ 103.242097] ? find_held_lock+0x2b/0x80
[ 103.242434] ? __pfx_mntput_no_expire+0x10/0x10
[ 103.242842] ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 103.243234] ? shrink_dentry_list+0x1a/0x650
[ 103.243604] ? up_write+0x195/0x520
[ 103.243926] namespace_unlock+0x7f1/0x810
[ 103.244282] ? __pfx_namespace_unlock+0x10/0x10
[ 103.244669] ? find_held_lock+0x2b/0x80
[ 103.245023] ? lock_release+0xc8/0x290
[ 103.245349] path_umount+0x6a4/0x1100
[ 103.245667] ? kmem_cache_free+0x2a1/0x540
[ 103.246043] ? __pfx_path_umount+0x10/0x10
[ 103.246391] ? putname.part.0+0x11b/0x160
[ 103.246759] __x64_sys_umount+0x15c/0x190
[ 103.247102] ? __pfx___x64_sys_umount+0x10/0x10
[ 103.247486] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 103.247934] do_syscall_64+0xbf/0x360
[ 103.248255] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 103.248697] RIP: 0033:0x7fe1058f8f87
[ 103.249005] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 103.250498] RSP: 002b:00007ffc70108848 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 103.251130] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 00007fe1058f8f87
[ 103.251722] RDX: 00007ffc70108919 RSI: 000000000000000a RDI: 00007ffc70108910
[ 103.252304] RBP: 00007ffc70108910 R08: 00000000ffffffff R09: 00007ffc701086e0
[ 103.252895] R10: 0000555562e3cc7b R11: 0000000000000246 R12: 00007fe105951105
[ 103.253480] R13: 00007ffc701099d0 R14: 0000555562e3cc20 R15: 00007ffc70109a10
[ 103.254086]
[ 103.254282] irq event stamp: 176725
[ 103.254577] hardirqs last enabled at (176733): [] __up_console_sem+0x78/0x80
[ 103.255305] hardirqs last disabled at (176742): [] __up_console_sem+0x5d/0x80
[ 103.256026] softirqs last enabled at (176494): [] handle_softirqs+0x50c/0x770
[ 103.256768] softirqs last disabled at (176761): [] __irq_exit_rcu+0xc4/0x100
[ 103.257472] ---[ end trace 0000000000000000 ]---
[ 103.265649] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[ 103.293374] ------------[ cut here ]------------
[ 103.293873] WARNING: fs/namespace.c:1434 at mntput_no_expire+0x78e/0xbe0, CPU#0: syz-executor.5/285
[ 103.294642] Modules linked in:
[ 103.294941] CPU: 0 UID: 0 PID: 285 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 103.295922] Tainted: [W]=WARN
[ 103.296178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 103.296869] RIP: 0010:mntput_no_expire+0x78e/0xbe0
[ 103.297280] Code: 05 d6 30 81 04 01 e8 71 df 91 ff e9 41 fc ff ff e8 27 47 b4 ff 31 ff 44 89 ee e8 4d 42 b4 ff 45 85 ed 79 09 e8 13 47 b4 ff 90 <0f> 0b 90 e8 0a 47 b4 ff e8 b5 2d fc 02 31 ff 89 c5 89 c6 e8 2a 42
[ 103.298775] RSP: 0018:ffff8880170b7ce0 EFLAGS: 00010293
[ 103.299210] RAX: 0000000000000000 RBX: 1ffff11002e16fa1 RCX: ffffffff81bfaf93
[ 103.299799] RDX: ffff8880168d5280 RSI: ffffffff81bfaf9d RDI: 0000000000000005
[ 103.300387] RBP: ffff888016de5c00 R08: 0000000000000001 R09: 0000000000000000
[ 103.300980] R10: 00000000fffffffe R11: 0000000000000001 R12: ffff8880170b7d48
[ 103.301557] R13: 00000000fffffffe R14: ffff888016de5c00 R15: ffff888016de5ce8
[ 103.302158] FS: 0000555562e3b400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 103.302833] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 103.303306] CR2: 00007fb89e47c000 CR3: 000000003f583000 CR4: 0000000000350ef0
[ 103.303904] Call Trace:
[ 103.304120]
[ 103.304314] ? __pfx_mntput_no_expire+0x10/0x10
[ 103.304722] ? dput.part.0+0xce/0x930
[ 103.305043] ? lock_release+0xc8/0x290
[ 103.305374] path_umount+0x6e0/0x1100
[ 103.305709] ? kmem_cache_free+0x2a1/0x540
[ 103.306078] ? __pfx_path_umount+0x10/0x10
[ 103.306429] ? putname.part.0+0x11b/0x160
[ 103.306796] __x64_sys_umount+0x15c/0x190
[ 103.307141] ? __pfx___x64_sys_umount+0x10/0x10
[ 103.307525] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 103.307974] do_syscall_64+0xbf/0x360
[ 103.308298] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 103.308736] RIP: 0033:0x7fe1058f8f87
[ 103.309042] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 103.310533] RSP: 002b:00007ffc70108848 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 103.311166] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 00007fe1058f8f87
[ 103.311765] RDX: 00007ffc70108919 RSI: 000000000000000a RDI: 00007ffc70108910
[ 103.312344] RBP: 00007ffc70108910 R08: 00000000ffffffff R09: 00007ffc701086e0
[ 103.312922] R10: 0000555562e3cc7b R11: 0000000000000246 R12: 00007fe105951105
[ 103.313487] R13: 00007ffc701099d0 R14: 0000555562e3cc20 R15: 00007ffc70109a10
[ 103.314093]
[ 103.314287] irq event stamp: 177199
[ 103.314574] hardirqs last enabled at (177207): [] __up_console_sem+0x78/0x80
[ 103.316172] hardirqs last disabled at (177486): [] __up_console_sem+0x5d/0x80
[ 103.317513] softirqs last enabled at (177738): [] handle_softirqs+0x50c/0x770
[ 103.318246] softirqs last disabled at (177495): [] __irq_exit_rcu+0xc4/0x100
[ 103.318951] ---[ end trace 0000000000000000 ]---
08:13:48 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lremovexattr(&(0x7f00000001c0)='./file0\x00', 0x0)
getgroups(0x0, 0x0)
dup(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000001240)={0x1c, r1, 0x5, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
08:13:48 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lremovexattr(&(0x7f00000001c0)='./file0\x00', 0x0)
getgroups(0x0, 0x0)
dup(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000001240)={0x1c, r1, 0x5, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
[ 103.372154] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI
[ 103.373116] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 103.373813] CPU: 0 UID: 0 PID: 3961 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 103.374750] Tainted: [W]=WARN
[ 103.374998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 103.375652] RIP: 0010:perf_tp_event+0x175/0xe70
[ 103.376035] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 103.377461] RSP: 0018:ffff8880422bf600 EFLAGS: 00010212
[ 103.377893] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900050b2000
[ 103.378454] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 103.379016] RBP: ffff8880422bf870 R08: ffff88806ce31340 R09: ffffe8ffffc07ce8
[ 103.379575] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 103.380136] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[ 103.380699] FS: 00007f242a1df700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 103.381334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 103.381803] CR2: 000055555eaf6c18 CR3: 000000000e510000 CR4: 0000000000350ef0
[ 103.382372] Call Trace:
[ 103.382582]
[ 103.382769] ? __pfx_perf_tp_event+0x10/0x10
[ 103.383149] ? perf_trace_run_bpf_submit+0xef/0x180
[ 103.383551] perf_trace_run_bpf_submit+0xef/0x180
[ 103.383946] perf_trace_lock+0x337/0x5d0
[ 103.384277] ? __pfx_perf_trace_lock+0x10/0x10
[ 103.384647] ? lock_acquire+0x15e/0x2f0
[ 103.384968] ? futex_ref_get+0x48/0x300
[ 103.385288] ? futex_ref_get+0x114/0x300
[ 103.385611] ? futex_hash+0x15c/0x390
[ 103.385928] lock_release+0x1ab/0x290
[ 103.386239] ? futex_hash+0x15c/0x390
[ 103.386544] futex_ref_get+0x119/0x300
[ 103.386858] ? futex_hash+0x15c/0x390
[ 103.387164] futex_hash+0x70/0x390
[ 103.387453] futex_wait_setup+0xae/0x550
[ 103.387790] __futex_wait+0x151/0x300
[ 103.388102] ? __pfx___futex_wait+0x10/0x10
[ 103.388453] ? __pfx_futex_wake_mark+0x10/0x10
[ 103.388832] futex_wait+0xde/0x380
[ 103.389125] ? __pfx_futex_wait+0x10/0x10
[ 103.389459] ? perf_trace_lock+0xb5/0x5d0
[ 103.389804] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 103.390228] do_futex+0x2ee/0x370
[ 103.390516] ? __pfx_do_futex+0x10/0x10
[ 103.390838] ? do_raw_spin_lock+0x123/0x260
[ 103.391189] __x64_sys_futex+0x1c9/0x4d0
[ 103.391520] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 103.391941] ? __pfx___x64_sys_futex+0x10/0x10
[ 103.392320] ? kcov_ioctl+0x386/0x6c0
[ 103.392628] ? fput+0x6a/0x100
[ 103.392900] do_syscall_64+0xbf/0x360
[ 103.393208] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 103.393620] RIP: 0033:0x7f242cc69b19
[ 103.393958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 103.395399] RSP: 002b:00007f242a1df218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 103.395999] RAX: ffffffffffffffda RBX: 00007f242cd7cf68 RCX: 00007f242cc69b19
[ 103.396560] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f242cd7cf68
[ 103.397122] RBP: 00007f242cd7cf60 R08: 00007f242a1df700 R09: 0000000000000000
[ 103.397685] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f242cd7cf6c
[ 103.398255] R13: 00007ffe66e7933f R14: 00007f242a1df300 R15: 0000000000022000
[ 103.398828]
[ 103.399022] Modules linked in:
[ 103.399288] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 103.400219] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 103.400813] CPU: 1 UID: 0 PID: 3959 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 103.401749] Tainted: [D]=DIE, [W]=WARN
[ 103.402052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 103.402701] RIP: 0010:perf_tp_event+0x175/0xe70
[ 103.403085] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 103.404500] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012
[ 103.404918] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 103.405484] RDX: ffff888009f20000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 103.406054] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd07ce8
[ 103.406611] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000
[ 103.407164] R13: 000000000000002c R14: ffff88806cf31490 R15: dffffc0000000000
[ 103.407724] FS: 0000555581013400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 103.408352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 103.408808] CR2: 0000555581014c18 CR3: 000000000e41e000 CR4: 0000000000350ef0
[ 103.409370] Call Trace:
[ 103.409579]
[ 103.409760] ? __update_load_avg_se+0x428/0xa40
[ 103.410144] ? __pfx_perf_tp_event+0x10/0x10
[ 103.410500] ? perf_trace_lock+0xb5/0x5d0
[ 103.410832] ? __pfx_perf_trace_lock+0x10/0x10
[ 103.411196] ? __pfx_perf_trace_lock+0x10/0x10
[ 103.411563] ? __pfx_perf_trace_lock+0x10/0x10
[ 103.411928] ? __pfx_perf_trace_lock+0x10/0x10
[ 103.412297] ? kvm_sched_clock_read+0x16/0x30
[ 103.412661] ? sched_clock+0x37/0x60
[ 103.412964] ? perf_trace_lock+0xb5/0x5d0
[ 103.413292] ? perf_trace_lock+0xb5/0x5d0
[ 103.413622] ? trace_pelt_se_tp+0xdf/0x130
[ 103.413965] ? __pfx_perf_trace_lock+0x10/0x10
[ 103.414329] ? __pfx_perf_trace_lock+0x10/0x10
[ 103.414695] ? place_entity+0x300/0x410
[ 103.415017] ? perf_trace_run_bpf_submit+0xef/0x180
[ 103.415418] perf_trace_run_bpf_submit+0xef/0x180
[ 103.415808] perf_trace_lock+0x337/0x5d0
[ 103.416129] ? do_raw_spin_lock+0x123/0x260
[ 103.416476] ? __pfx_perf_trace_lock+0x10/0x10
[ 103.416843] ? clockevents_program_event+0x14f/0x360
[ 103.417252] ? hrtimer_interrupt+0x114/0x830
[ 103.417602] lock_release+0x1ab/0x290
[ 103.417915] ktime_get_update_offsets_now+0xab/0x3c0
[ 103.418323] ? hrtimer_interrupt+0x114/0x830
[ 103.418670] ? __pfx_lapic_next_deadline+0x10/0x10
[ 103.419072] hrtimer_interrupt+0x114/0x830
[ 103.419409] __sysvec_apic_timer_interrupt+0xbb/0x330
[ 103.419817] sysvec_apic_timer_interrupt+0x6b/0x80
[ 103.420206]
[ 103.420388]
[ 103.420572] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 103.420985] RIP: 0010:nbcon_get_cpu_emergency_nesting+0x2/0x50
[ 103.421456] Code: ff ff e8 51 df f3 fc e9 64 fc ff ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 54 <49> c7 c4 88 d6 f5 86 53 e8 31 c6 b7 fc e8 dc 17 98 fc 31 ff 89 c3
[ 103.422866] RSP: 0018:ffff8880166cf640 EFLAGS: 00000283
[ 103.423281] RAX: 0000000000000000 RBX: 0000000000000001 RCX: dffffc0000000032
[ 103.423837] RDX: ffff888009f20000 RSI: ffffffff8155233d RDI: ffff8880166cf6c4
[ 103.424391] RBP: ffff8880166cf758 R08: 0000000000000007 R09: 0000000000000078
[ 103.424951] R10: 000000000000005c R11: 202c746c75616620 R12: ffff8880166cf6c4
[ 103.425503] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[ 103.426067] ? nbcon_cpu_emergency_enter+0xd/0x60
[ 103.426455] nbcon_cpu_emergency_enter+0x19/0x60
[ 103.426829] oops_enter+0xf/0x70
[ 103.427107] oops_begin+0xc/0x80
[ 103.427385] die_addr+0x1e/0xa0
[ 103.427652] exc_general_protection+0x1a2/0x330
[ 103.428027] asm_exc_general_protection+0x26/0x30
[ 103.428411] RIP: 0010:perf_tp_event+0x175/0xe70
[ 103.428784] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 103.430202] RSP: 0018:ffff8880166cf800 EFLAGS: 00010212
[ 103.430618] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 103.431176] RDX: ffff888009f20000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 103.431730] RBP: ffff8880166cfa70 R08: ffff88806cf31340 R09: ffffe8ffffd07ce8
[ 103.432285] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 103.432856] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000
[ 103.433436] ? perf_tp_event+0x167/0xe70
[ 103.433783] ? arch_scale_cpu_capacity+0x17/0xa0
[ 103.434177] ? __pfx_perf_tp_event+0x10/0x10
[ 103.434538] ? __asan_memset+0x24/0x50
[ 103.434869] ? __pfx_perf_trace_lock+0x10/0x10
[ 103.435240] ? __pfx___mutex_lock+0x10/0x10
[ 103.435601] ? perf_trace_lock+0xb5/0x5d0
[ 103.435944] ? kvm_sched_clock_read+0x16/0x30
[ 103.436311] ? sched_clock+0x37/0x60
[ 103.436619] ? sched_clock_cpu+0x6c/0x4e0
[ 103.436963] ? perf_trace_run_bpf_submit+0xef/0x180
[ 103.437371] perf_trace_run_bpf_submit+0xef/0x180
[ 103.437777] perf_trace_lock+0x337/0x5d0
[ 103.438108] ? __pfx_perf_trace_lock+0x10/0x10
[ 103.438488] ? place_entity+0x300/0x410
[ 103.438814] ? __pfx_perf_trace_lock+0x10/0x10
[ 103.439191] ? enqueue_task_fair+0x43a/0x1e00
[ 103.439562] ? get_futex_key+0x592/0x14a0
[ 103.439901] ? futex_ref_get+0x114/0x300
[ 103.440229] ? futex_hash+0x15c/0x390
[ 103.440541] lock_release+0x1ab/0x290
[ 103.440853] ? futex_hash+0x15c/0x390
[ 103.441162] futex_ref_get+0x119/0x300
[ 103.441476] ? futex_hash+0x15c/0x390
[ 103.441792] futex_hash+0x70/0x390
[ 103.442086] futex_wake+0x143/0x540
[ 103.442390] ? put_pid+0x1f/0x30
[ 103.442669] ? kernel_clone+0x204/0x7f0
[ 103.442993] ? __pfx_futex_wake+0x10/0x10
[ 103.443334] ? __pfx_kernel_clone+0x10/0x10
[ 103.443688] ? perf_trace_lock+0xb5/0x5d0
[ 103.444025] ? __pfx___handle_mm_fault+0x10/0x10
[ 103.444422] do_futex+0x26d/0x370
[ 103.444712] ? __pfx_do_futex+0x10/0x10
[ 103.445042] ? __pfx___do_sys_clone+0x10/0x10
[ 103.445406] ? handle_mm_fault+0x590/0x9b0
[ 103.445761] __x64_sys_futex+0x1c9/0x4d0
[ 103.446095] ? __pfx___x64_sys_futex+0x10/0x10
[ 103.446472] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 103.446897] do_syscall_64+0xbf/0x360
[ 103.447209] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 103.447626] RIP: 0033:0x7f7e34c49b19
[ 103.447926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 103.449370] RSP: 002b:00007fffb03c3be8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 103.449984] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7e34c49b19
[ 103.450556] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7e34d5cf68
[ 103.451128] RBP: 00007f7e34d5cf60 R08: 00007f7e321bf700 R09: 0000000000000000
[ 103.451699] R10: 00007f7e321bf700 R11: 0000000000000246 R12: 00007f7e34d61a68
[ 103.452271] R13: 00007fffb03c3cf0 R14: 00007f7e34d5cf60 R15: 000000000001936c
[ 103.452855]
[ 103.453048] Modules linked in:
[ 103.453315] ---[ end trace 0000000000000000 ]---
[ 103.453316] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#3] SMP KASAN NOPTI
[ 103.453690] RIP: 0010:perf_tp_event+0x175/0xe70
[ 103.454588] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 103.454958] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 103.455650] CPU: 0 UID: 0 PID: 3961 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 103.457083] RSP: 0018:ffff8880422bf600 EFLAGS: 00010212
[ 103.458033] Tainted: [D]=DIE, [W]=WARN
[ 103.458451] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900050b2000
[ 103.458761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 103.459325] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 103.459982] RIP: 0010:perf_tp_event+0x175/0xe70
[ 103.460544] RBP: ffff8880422bf870 R08: ffff88806ce31340 R09: ffffe8ffffc07ce8
[ 103.460911] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 103.461470] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 103.462927] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012
[ 103.463492] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[ 103.463503] FS: 0000555581013400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 103.463917] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 103.464484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 103.465126] RDX: ffff888042411b80 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 103.465691] CR2: 0000555581014c18 CR3: 000000000e41e000 CR4: 0000000000350ef0
[ 103.466147] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc07ce8
[ 103.466696] Kernel panic - not syncing: Fatal exception in interrupt
[ 104.508354] Shutting down cpus with NMI
[ 104.509947] Kernel Offset: disabled
[ 104.510236] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
08:13:48 Registers:
info registers vcpu 0
RAX=0000000000000028 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff8880170b7578
R8 =0000000000000000 R9 =ffffed10013ab046 R10=0000000000000028 R11=0000000000000001
R12=0000000000000028 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555562e3b400 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe5800000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000000c00069f000 CR3=000000003f583000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=0000000000000100 RCX=ffffffff81b98698 RDX=ffff88801723d280
RSI=ffffffff81b98663 RDI=0000000000000001 RBP=ffff8880192efc48 RSP=ffff8880192efbb8
R8 =0000000000000001 R9 =ffffffff81b97d93 R10=0000000000000001 R11=0000000000000001
R12=ffff8880192efd24 R13=000000000000078f R14=ffff8880192efce8 R15=0000000000000001
RIP=ffffffff81b98665 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555560640400 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe3d00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffd7be1467c CR3=000000003d5d5000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000