Warning: Permanently added '[localhost]:16273' (ECDSA) to the list of known hosts.
2025/09/01 08:19:05 fuzzer started
2025/09/01 08:19:06 dialing manager at localhost:35473
syzkaller login: [ 51.643606] cgroup: Unknown subsys name 'net'
[ 51.706574] cgroup: Unknown subsys name 'cpuset'
[ 51.718822] cgroup: Unknown subsys name 'rlimit'
2025/09/01 08:19:17 syscalls: 2214
2025/09/01 08:19:17 code coverage: enabled
2025/09/01 08:19:17 comparison tracing: enabled
2025/09/01 08:19:17 extra coverage: enabled
2025/09/01 08:19:17 setuid sandbox: enabled
2025/09/01 08:19:17 namespace sandbox: enabled
2025/09/01 08:19:17 Android sandbox: enabled
2025/09/01 08:19:17 fault injection: enabled
2025/09/01 08:19:17 leak checking: enabled
2025/09/01 08:19:17 net packet injection: enabled
2025/09/01 08:19:17 net device setup: enabled
2025/09/01 08:19:17 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 08:19:17 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 08:19:17 USB emulation: enabled
2025/09/01 08:19:17 hci packet injection: enabled
2025/09/01 08:19:17 wifi device emulation: enabled
2025/09/01 08:19:17 802.15.4 emulation: enabled
2025/09/01 08:19:17 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 08:19:17 fetching corpus: 50, signal 23517/26374 (executing program)
2025/09/01 08:19:17 fetching corpus: 100, signal 37461/40737 (executing program)
2025/09/01 08:19:17 fetching corpus: 150, signal 47747/51092 (executing program)
2025/09/01 08:19:18 fetching corpus: 200, signal 52957/56474 (executing program)
2025/09/01 08:19:18 fetching corpus: 250, signal 58103/61553 (executing program)
2025/09/01 08:19:18 fetching corpus: 300, signal 63238/66387 (executing program)
2025/09/01 08:19:18 fetching corpus: 350, signal 66315/69373 (executing program)
2025/09/01 08:19:18 fetching corpus: 400, signal 70166/72734 (executing program)
2025/09/01 08:19:18 fetching corpus: 450, signal 73503/75560 (executing program)
2025/09/01 08:19:18 fetching corpus: 500, signal 76811/78144 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/78868 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/78974 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/79076 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/79145 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/79254 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/79360 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/79468 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/79576 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/79674 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/79769 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/79866 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/79946 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/80049 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/80138 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/80246 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/80347 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/80460 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/80579 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/80693 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/80778 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/80885 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/80990 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/81097 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/81188 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/81312 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/81396 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/81474 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/81579 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/81666 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/81679 (executing program)
2025/09/01 08:19:19 fetching corpus: 526, signal 77677/81679 (executing program)
2025/09/01 08:19:21 starting 8 fuzzer processes
08:19:21 executing program 0:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB, @ANYRESHEX, @ANYRESDEC])
08:19:21 executing program 1:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
setgid(0x0)
08:19:21 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
preadv2(r0, &(0x7f0000000940)=[{&(0x7f00000006c0)=""/94, 0x5e}], 0x1, 0x300, 0x0, 0x0)
08:19:21 executing program 2:
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x30b8, &(0x7f0000000000), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000180))
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r1 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r2)
08:19:21 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
writev(r0, &(0x7f00000025c0)=[{&(0x7f0000000480)="8b68f60e9b394b", 0x7}], 0x1)
08:19:21 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, &(0x7f00000035c0))
08:19:21 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x0, &(0x7f0000000000), 0x4)
08:19:21 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000003c0)={0x0, 0x0, 0x80000000, 0xd8})
[ 66.656340] audit: type=1400 audit(1756714761.441:7): avc: denied { execmem } for pid=271 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 67.814631] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 67.817642] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 67.819671] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 67.824179] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 67.826853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 67.885587] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 67.891671] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 67.898069] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 67.903257] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 67.909002] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 67.911017] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 67.918923] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 67.921821] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 67.923572] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 67.932755] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 67.934693] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 67.941847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 67.950933] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 67.954125] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 67.968697] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 67.970712] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 67.972504] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 67.976874] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 67.982668] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 67.984545] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 67.990196] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 67.994660] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 67.994694] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 67.999991] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 68.002252] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 68.008677] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 68.016429] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 68.020749] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 68.024077] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 68.025978] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 68.028189] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 68.042183] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 68.063460] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 68.064565] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 68.070598] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 69.913456] Bluetooth: hci0: command tx timeout
[ 69.976803] Bluetooth: hci1: command tx timeout
[ 70.040529] Bluetooth: hci2: command tx timeout
[ 70.040584] Bluetooth: hci3: command tx timeout
[ 70.105632] Bluetooth: hci6: command tx timeout
[ 70.106089] Bluetooth: hci5: command tx timeout
[ 70.168514] Bluetooth: hci4: command tx timeout
[ 70.168557] Bluetooth: hci7: command tx timeout
[ 71.961362] Bluetooth: hci0: command tx timeout
[ 72.024543] Bluetooth: hci1: command tx timeout
[ 72.088395] Bluetooth: hci2: command tx timeout
[ 72.089394] Bluetooth: hci3: command tx timeout
[ 72.153503] Bluetooth: hci6: command tx timeout
[ 72.153757] Bluetooth: hci5: command tx timeout
[ 72.216774] Bluetooth: hci7: command tx timeout
[ 72.216819] Bluetooth: hci4: command tx timeout
[ 74.009328] Bluetooth: hci0: command tx timeout
[ 74.073450] Bluetooth: hci1: command tx timeout
[ 74.137396] Bluetooth: hci3: command tx timeout
[ 74.137829] Bluetooth: hci2: command tx timeout
[ 74.200454] Bluetooth: hci6: command tx timeout
[ 74.200921] Bluetooth: hci5: command tx timeout
[ 74.264354] Bluetooth: hci7: command tx timeout
[ 74.265348] Bluetooth: hci4: command tx timeout
[ 76.057503] Bluetooth: hci0: command tx timeout
[ 76.120419] Bluetooth: hci1: command tx timeout
[ 76.185378] Bluetooth: hci2: command tx timeout
[ 76.185430] Bluetooth: hci3: command tx timeout
[ 76.248642] Bluetooth: hci5: command tx timeout
[ 76.248662] Bluetooth: hci6: command tx timeout
[ 76.312394] Bluetooth: hci4: command tx timeout
[ 76.312511] Bluetooth: hci7: command tx timeout
[ 104.043472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.044147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.270633] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.271262] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.404788] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.405442] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.648576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.649206] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.736631] 9pnet_fd: Insufficient options for proto=fd
[ 104.737227] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.738451] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.812997] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.813798] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.954324] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.955027] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.109846] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.110808] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.287345] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.287969] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.362055] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.362700] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.761115] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.761746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.816354] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.816957] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.957127] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.958254] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.040429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.041045] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.180942] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.181611] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.188098] audit: type=1400 audit(1756714800.973:8): avc: denied { open } for pid=3884 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 106.192557] audit: type=1400 audit(1756714800.973:9): avc: denied { kernel } for pid=3884 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 106.215537] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.216092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:20:01 executing program 2:
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x30b8, &(0x7f0000000000), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000180))
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r1 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r2)
08:20:01 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000003c0)={0x0, 0x0, 0x80000000, 0xd8})
08:20:01 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
writev(r0, &(0x7f00000025c0)=[{&(0x7f0000000480)="8b68f60e9b394b", 0x7}], 0x1)
08:20:01 executing program 1:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
setgid(0x0)
08:20:01 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
preadv2(r0, &(0x7f0000000940)=[{&(0x7f00000006c0)=""/94, 0x5e}], 0x1, 0x300, 0x0, 0x0)
08:20:01 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, &(0x7f00000035c0))
08:20:01 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x0, &(0x7f0000000000), 0x4)
08:20:01 executing program 0:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB, @ANYRESHEX, @ANYRESDEC])
[ 106.367420] 9pnet_fd: Insufficient options for proto=fd
08:20:01 executing program 0:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB, @ANYRESHEX, @ANYRESDEC])
[ 106.419101] 9pnet_fd: Insufficient options for proto=fd
08:20:01 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x0, &(0x7f0000000000), 0x4)
08:20:01 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000003c0)={0x0, 0x0, 0x80000000, 0xd8})
08:20:01 executing program 1:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
setgid(0x0)
08:20:01 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, &(0x7f00000035c0))
[ 106.542382] ------------[ cut here ]------------
[ 106.542949] percpu ref (io_ring_ctx_ref_free) <= 0 (-18) after switching to atomic
[ 106.543167] WARNING: lib/percpu-refcount.c:197 at percpu_ref_switch_to_atomic_rcu+0x3cc/0x480, CPU#1: syz-executor.5/3910
[ 106.544700] Modules linked in:
[ 106.545012] CPU: 1 UID: 0 PID: 3910 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 106.547499] Tainted: [W]=WARN
[ 106.548219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 106.550277] RIP: 0010:percpu_ref_switch_to_atomic_rcu+0x3cc/0x480
[ 106.551613] Code: 00 00 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 9e 00 00 00 49 8b 75 e8 48 c7 c7 c0 99 e2 84 e8 25 ac e9 fe 90 <0f> 0b 90 90 e9 2b ff ff ff e8 56 de 5f ff e9 9e fe ff ff e8 dc de
[ 106.554266] RSP: 0018:ffff88806cf08e20 EFLAGS: 00010286
[ 106.554718] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8139de70
[ 106.555307] RDX: ffff888041350000 RSI: ffffffff8139de7e RDI: 0000000000000001
[ 106.555884] RBP: 7fffffffffffffed R08: 0000000000000001 R09: ffffed100d9e4801
[ 106.556459] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800cacf780
[ 106.557017] R13: ffff88800cacf7a0 R14: 0000000000000002 R15: 0000000000000003
[ 106.557610] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 106.558235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 106.558706] CR2: 0000555585fe6708 CR3: 0000000039ae5000 CR4: 0000000000350ef0
[ 106.559269] Call Trace:
[ 106.559494]
[ 106.559677] ? rcu_core+0x7c3/0x1800
[ 106.559984] rcu_core+0x7c8/0x1800
[ 106.560281] ? __pfx_rcu_core+0x10/0x10
[ 106.560630] ? clockevents_program_event+0x135/0x360
[ 106.561042] ? tick_program_event+0xac/0x140
[ 106.561419] ? hrtimer_interrupt+0x652/0x830
[ 106.561782] handle_softirqs+0x1b1/0x770
[ 106.562124] __irq_exit_rcu+0xc4/0x100
[ 106.562478] irq_exit_rcu+0x9/0x20
[ 106.562770] sysvec_apic_timer_interrupt+0x70/0x80
[ 106.563177]
[ 106.563381]
[ 106.563574] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 106.563998] RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50
[ 106.564478] Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 16 a5 93 fc 48 89 ef e8 4e f0 93 fc 80 e7 02 74 06 e8 e4 07 be fc fb 65 ff 0d 6c 4c c6 02 <74> 07 5b 5d e9 33 23 00 00 0f 1f 44 00 00 5b 5d e9 27 23 00 00 0f
[ 106.565950] RSP: 0018:ffff8880437afcb0 EFLAGS: 00000286
[ 106.566386] RAX: 0000000000000a5b RBX: 0000000000000202 RCX: ffffffff817c3ab6
[ 106.566943] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff84be33bc
[ 106.567523] RBP: ffffffff85ccffa0 R08: 0000000000000001 R09: 0000000000000001
[ 106.568095] R10: ffffffff8643b457 R11: 0000000000000001 R12: 0000607f1a64da70
[ 106.568675] R13: 0000000000000202 R14: ffff888009802240 R15: ffff888009802261
[ 106.569251] ? trace_irq_enable.constprop.0+0x26/0x100
[ 106.569688] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 106.570099] free_percpu+0x74f/0x1160
[ 106.570433] percpu_counter_destroy_many+0x188/0x2b0
[ 106.570845] __mmdrop+0x2cf/0x4a0
[ 106.571140] mmput+0x305/0x390
[ 106.571426] do_exit+0x79d/0x2970
[ 106.571710] ? signal_wake_up_state+0x85/0x120
[ 106.572079] ? zap_other_threads+0x2b9/0x3a0
[ 106.572454] ? __pfx_do_exit+0x10/0x10
[ 106.572770] ? do_group_exit+0x1c3/0x2a0
[ 106.573105] ? lock_release+0xc8/0x290
[ 106.573444] do_group_exit+0xd3/0x2a0
[ 106.573756] __x64_sys_exit_group+0x3e/0x50
[ 106.574102] x64_sys_call+0x18c5/0x18d0
[ 106.574449] do_syscall_64+0xbf/0x360
[ 106.574758] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 106.575168] RIP: 0033:0x7f0c7a8b0b19
[ 106.575479] Code: Unable to access opcode bytes at 0x7f0c7a8b0aef.
[ 106.575968] RSP: 002b:00007ffc8d9f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 106.576580] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f0c7a8b0b19
[ 106.577148] RDX: 00007f0c7a86372b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 106.577726] RBP: 0000000000000000 R08: 0000001b2cf22f1c R09: 0000000000000000
[ 106.578304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 106.578865] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffc8d9f7120
[ 106.579457]
[ 106.579646] irq event stamp: 3330
[ 106.579918] hardirqs last enabled at (3338): [] __up_console_sem+0x78/0x80
[ 106.580613] hardirqs last disabled at (3347): [] __up_console_sem+0x5d/0x80
[ 106.581306] softirqs last enabled at (2464): [] handle_softirqs+0x50c/0x770
[ 106.581994] softirqs last disabled at (2653): [] __irq_exit_rcu+0xc4/0x100
[ 106.582676] ---[ end trace 0000000000000000 ]---
[ 106.583049] percpu_ref_switch_to_atomic_rcu: percpu_ref_switch_to_atomic_rcu(): percpu_ref underflow slab kmalloc-64 start ffff88800cacf780 pointer offset 0 size 64
08:20:01 executing program 0:
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB, @ANYRESHEX, @ANYRESDEC])
08:20:01 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
preadv2(r0, &(0x7f0000000940)=[{&(0x7f00000006c0)=""/94, 0x5e}], 0x1, 0x300, 0x0, 0x0)
08:20:01 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
writev(r0, &(0x7f00000025c0)=[{&(0x7f0000000480)="8b68f60e9b394b", 0x7}], 0x1)
08:20:01 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, &(0x7f00000035c0))
08:20:01 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x0, &(0x7f0000000000), 0x4)
08:20:01 executing program 1:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
setgid(0x0)
08:20:01 executing program 2:
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x30b8, &(0x7f0000000000), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000180))
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r1 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r2)
08:20:01 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000003c0)={0x0, 0x0, 0x80000000, 0xd8})
[ 106.660537] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 106.661446] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 106.662033] CPU: 0 UID: 0 PID: 3921 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 106.662948] Tainted: [W]=WARN
[ 106.663193] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 106.663823] RIP: 0010:perf_tp_event+0x175/0xe70
[ 106.664205] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 106.665358] 9pnet_fd: Insufficient options for proto=fd
[ 106.665600] RSP: 0000:ffff888042d4f4c0 EFLAGS: 00010212
[ 106.666486] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 106.667032] RDX: ffff888041cd3700 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 106.667580] RBP: ffff888042d4f730 R08: ffff88806ce31340 R09: ffffe8ffffc15d68
[ 106.668132] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 106.668679] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[ 106.669233] FS: 000055555a397400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 106.669847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 106.670294] CR2: 00007f5209dc4004 CR3: 000000003f620000 CR4: 0000000000350ef0
[ 106.670841] Call Trace:
[ 106.671045]
[ 106.671229] ? find_held_lock+0x2b/0x80
[ 106.671553] ? __pfx_perf_tp_event+0x10/0x10
[ 106.671902] ? lock_release+0xc8/0x290
[ 106.672212] ? __is_insn_slot_addr+0x140/0x290
[ 106.672580] ? kernel_text_address+0x5b/0xc0
[ 106.672928] ? __kernel_text_address+0xd/0x40
[ 106.673293] ? unwind_get_return_address+0x59/0xa0
[ 106.673685] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 106.674111] ? arch_stack_walk+0x9c/0xf0
[ 106.674439] ? stack_trace_save+0x8e/0xc0
[ 106.674766] ? stack_depot_save_flags+0x2c/0xa20
[ 106.675143] ? perf_trace_run_bpf_submit+0xef/0x180
[ 106.675538] perf_trace_run_bpf_submit+0xef/0x180
[ 106.675944] perf_trace_lock+0x337/0x5d0
[ 106.676281] ? __pfx_perf_trace_lock+0x10/0x10
[ 106.676662] ? lock_acquire+0x15e/0x2f0
[ 106.676986] ? get_mem_cgroup_from_objcg+0x1e7/0x430
[ 106.677433] ? get_mem_cgroup_from_objcg+0x248/0x430
[ 106.677857] lock_release+0x1ab/0x290
[ 106.678178] get_mem_cgroup_from_objcg+0x24d/0x430
[ 106.678590] __memcg_kmem_charge_page+0x11a/0x2e0
[ 106.678994] __alloc_frozen_pages_noprof+0x33b/0x1f20
[ 106.679428] ? css_rstat_updated+0x1b8/0x4d0
[ 106.679792] ? __pfx_css_rstat_updated+0x10/0x10
[ 106.680184] ? lock_is_held_type+0x9e/0x120
[ 106.680549] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 106.681014] ? perf_trace_lock+0xb5/0x5d0
[ 106.681372] ? __cgroup_account_cputime+0x88/0xc0
[ 106.681773] ? __pfx_perf_trace_lock+0x10/0x10
[ 106.682150] ? __pfx_perf_trace_lock+0x10/0x10
[ 106.682536] ? update_curr+0x39e/0x500
[ 106.682860] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 106.683284] ? policy_nodemask+0xeb/0x4e0
[ 106.683638] alloc_pages_mpol+0xed/0x340
[ 106.683978] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 106.684362] ? lock_acquire+0x15e/0x2f0
[ 106.684696] ? futex_private_hash_put+0x4c/0x2d0
[ 106.685103] alloc_pages_noprof+0xa1/0x380
[ 106.685468] pte_alloc_one+0x1e/0x360
[ 106.685794] __pte_alloc+0x6c/0x360
[ 106.686103] ? __pfx___pte_alloc+0x10/0x10
[ 106.686457] ? lock_acquire+0xf1/0x2f0
[ 106.686784] __handle_mm_fault+0x2606/0x3260
[ 106.687155] ? reacquire_held_locks+0xd1/0x200
[ 106.687533] ? lock_vma_under_rcu+0x11e/0x530
[ 106.687908] ? __pfx___handle_mm_fault+0x10/0x10
[ 106.688321] ? lock_vma_under_rcu+0x17b/0x530
[ 106.688699] ? __pfx___schedule+0x10/0x10
[ 106.689049] handle_mm_fault+0x2c3/0x9b0
[ 106.689401] ? access_error+0x17d/0x380
[ 106.689736] do_user_addr_fault+0x4fa/0xeb0
[ 106.690094] exc_page_fault+0xb0/0x180
[ 106.690425] asm_exc_page_fault+0x26/0x30
[ 106.690766] RIP: 0033:0x7f52098588fc
[ 106.691070] Code: 00 00 41 83 7c 06 08 00 0f 85 75 05 00 00 31 c0 b9 40 42 0f 00 ba 81 00 00 00 c7 06 01 00 00 00 bf ca 00 00 00 e8 04 42 05 00 <83> 05 01 b7 56 00 01 80 7c 24 0b 00 74 0b f6 44 24 0c 01 0f 84 c6
[ 106.692533] RSP: 002b:00007ffd55bb4cc0 EFLAGS: 00010207
[ 106.692972] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 00007f52098acb19
[ 106.693550] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f52099bff68
[ 106.694130] RBP: 00007f52099bff60 R08: 00007f5206e22700 R09: 0000000000000000
[ 106.694707] R10: 00007f5206e22700 R11: 0000000000000246 R12: 00007f52099c4060
[ 106.695288] R13: 00007ffd55bb4dc0 R14: 00007f52099bff60 R15: 000000000001a036
[ 106.695869]
[ 106.696063] Modules linked in:
[ 106.696354] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 106.697249] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 106.697862] CPU: 0 UID: 0 PID: 3921 Comm: syz-executor.6 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 106.698819] Tainted: [D]=DIE, [W]=WARN
[ 106.699132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 106.699797] RIP: 0010:perf_tp_event+0x175/0xe70
[ 106.700185] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 106.701650] RSP: 0000:ffff88806ce08a80 EFLAGS: 00010012
[ 106.702080] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 106.702654] RDX: ffff888041cd3700 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 106.703225] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc15d68
[ 106.703793] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000
[ 106.704376] R13: 000000000000002c R14: ffff88806ce31490 R15: dffffc0000000000
[ 106.704957] FS: 000055555a397400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 106.705615] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 106.706084] CR2: 00007f5209dc4004 CR3: 000000003f620000 CR4: 0000000000350ef0
[ 106.706652] Call Trace:
[ 106.706863]
[ 106.707049] ? __pfx_perf_tp_event+0x10/0x10
[ 106.707428] ? lock_is_held_type+0x9e/0x120
[ 106.707783] ? lock_is_held_type+0x9e/0x120
[ 106.708140] ? perf_trace_lock+0xb5/0x5d0
[ 106.708481] ? perf_trace_lock+0xb5/0x5d0
[ 106.708820] ? __pfx_perf_trace_lock+0x10/0x10
[ 106.709205] ? __pfx_perf_trace_lock+0x10/0x10
[ 106.709578] ? check_preempt_wakeup_fair+0x406/0x950
[ 106.709997] ? perf_trace_run_bpf_submit+0xef/0x180
[ 106.710409] perf_trace_run_bpf_submit+0xef/0x180
[ 106.710809] perf_trace_lock+0x337/0x5d0
[ 106.711147] ? __pfx_perf_trace_lock+0x10/0x10
[ 106.711528] ? find_held_lock+0x2b/0x80
[ 106.711861] ? hrtimer_interrupt+0x114/0x830
[ 106.712224] lock_release+0x1ab/0x290
[ 106.712537] ktime_get_update_offsets_now+0xab/0x3c0
[ 106.712957] ? hrtimer_interrupt+0x114/0x830
[ 106.713322] ? __pfx_lapic_next_deadline+0x10/0x10
[ 106.713733] hrtimer_interrupt+0x114/0x830
[ 106.714080] ? __pfx_flush_tlb_func+0x10/0x10
[ 106.714453] ? trace_csd_function_exit+0x134/0x190
[ 106.714859] ? __flush_smp_call_function_queue+0x28c/0x740
[ 106.715317] __sysvec_apic_timer_interrupt+0xbb/0x330
[ 106.715742] sysvec_apic_timer_interrupt+0x6b/0x80
[ 106.716145]
[ 106.716333]
[ 106.716523] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 106.716947] RIP: 0010:oops_exit+0x0/0x50
[ 106.717293] Code: 00 3a 00 be ff ff ff ff 48 c7 c7 50 b4 43 86 e8 c6 0f f9 ff 5b e9 50 00 3a 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 36 00 3a 00 8b 1d c0 3d 4f 06 31 ff 89 de e8 57
[ 106.718753] RSP: 0000:ffff888042d4f350 EFLAGS: 00000202
[ 106.719186] RAX: 0000000000000000 RBX: 0000000000000293 RCX: ffffffff8139f06f
[ 106.719758] RDX: ffff888041cd3700 RSI: ffffffff812a3dca RDI: 0000000000000007
[ 106.720332] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f12690
[ 106.720903] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888042d4f418
[ 106.721463] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[ 106.722023] ? add_taint+0x5f/0xd0
[ 106.722310] ? oops_end+0x4a/0xe0
[ 106.722599] oops_end+0x65/0xe0
[ 106.722871] exc_general_protection+0x1a2/0x330
[ 106.723249] asm_exc_general_protection+0x26/0x30
[ 106.723630] RIP: 0010:perf_tp_event+0x175/0xe70
[ 106.724003] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 106.725424] RSP: 0000:ffff888042d4f4c0 EFLAGS: 00010212
[ 106.725838] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 106.726400] RDX: ffff888041cd3700 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 106.726956] RBP: ffff888042d4f730 R08: ffff88806ce31340 R09: ffffe8ffffc15d68
[ 106.727516] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 106.728074] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[ 106.728636] ? perf_tp_event+0x167/0xe70
[ 106.728973] ? find_held_lock+0x2b/0x80
[ 106.729302] ? __pfx_perf_tp_event+0x10/0x10
[ 106.729657] ? lock_release+0xc8/0x290
[ 106.729967] ? __is_insn_slot_addr+0x140/0x290
[ 106.730341] ? kernel_text_address+0x5b/0xc0
[ 106.730695] ? __kernel_text_address+0xd/0x40
[ 106.731052] ? unwind_get_return_address+0x59/0xa0
[ 106.731444] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 106.731875] ? arch_stack_walk+0x9c/0xf0
[ 106.732205] ? stack_trace_save+0x8e/0xc0
[ 106.732537] ? stack_depot_save_flags+0x2c/0xa20
[ 106.732920] ? perf_trace_run_bpf_submit+0xef/0x180
[ 106.733326] perf_trace_run_bpf_submit+0xef/0x180
[ 106.733715] perf_trace_lock+0x337/0x5d0
[ 106.734046] ? __pfx_perf_trace_lock+0x10/0x10
[ 106.734415] ? lock_acquire+0x15e/0x2f0
[ 106.734734] ? get_mem_cgroup_from_objcg+0x1e7/0x430
[ 106.735138] ? get_mem_cgroup_from_objcg+0x248/0x430
[ 106.735540] lock_release+0x1ab/0x290
[ 106.735853] get_mem_cgroup_from_objcg+0x24d/0x430
[ 106.736245] __memcg_kmem_charge_page+0x11a/0x2e0
[ 106.736633] __alloc_frozen_pages_noprof+0x33b/0x1f20
[ 106.737040] ? css_rstat_updated+0x1b8/0x4d0
[ 106.737395] ? __pfx_css_rstat_updated+0x10/0x10
[ 106.737770] ? lock_is_held_type+0x9e/0x120
[ 106.738110] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 106.738548] ? perf_trace_lock+0xb5/0x5d0
[ 106.738872] ? __cgroup_account_cputime+0x88/0xc0
[ 106.739253] ? __pfx_perf_trace_lock+0x10/0x10
[ 106.739615] ? __pfx_perf_trace_lock+0x10/0x10
[ 106.739975] ? update_curr+0x39e/0x500
[ 106.740285] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 106.740687] ? policy_nodemask+0xeb/0x4e0
[ 106.741017] alloc_pages_mpol+0xed/0x340
[ 106.741347] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 106.741715] ? lock_acquire+0x15e/0x2f0
[ 106.742028] ? futex_private_hash_put+0x4c/0x2d0
[ 106.742400] alloc_pages_noprof+0xa1/0x380
[ 106.742734] pte_alloc_one+0x1e/0x360
[ 106.743037] __pte_alloc+0x6c/0x360
[ 106.743326] ? __pfx___pte_alloc+0x10/0x10
[ 106.743657] ? lock_acquire+0xf1/0x2f0
[ 106.743966] __handle_mm_fault+0x2606/0x3260
[ 106.744316] ? reacquire_held_locks+0xd1/0x200
[ 106.744673] ? lock_vma_under_rcu+0x11e/0x530
[ 106.745026] ? __pfx___handle_mm_fault+0x10/0x10
[ 106.745413] ? lock_vma_under_rcu+0x17b/0x530
[ 106.745769] ? __pfx___schedule+0x10/0x10
[ 106.746099] handle_mm_fault+0x2c3/0x9b0
[ 106.746420] ? access_error+0x17d/0x380
[ 106.746734] do_user_addr_fault+0x4fa/0xeb0
[ 106.747072] exc_page_fault+0xb0/0x180
[ 106.747382] asm_exc_page_fault+0x26/0x30
[ 106.747707] RIP: 0033:0x7f52098588fc
[ 106.747995] Code: 00 00 41 83 7c 06 08 00 0f 85 75 05 00 00 31 c0 b9 40 42 0f 00 ba 81 00 00 00 c7 06 01 00 00 00 bf ca 00 00 00 e8 04 42 05 00 <83> 05 01 b7 56 00 01 80 7c 24 0b 00 74 0b f6 44 24 0c 01 0f 84 c6
[ 106.749390] RSP: 002b:00007ffd55bb4cc0 EFLAGS: 00010207
[ 106.749801] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 00007f52098acb19
[ 106.750351] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f52099bff68
[ 106.750895] RBP: 00007f52099bff60 R08: 00007f5206e22700 R09: 0000000000000000
[ 106.751446] R10: 00007f5206e22700 R11: 0000000000000246 R12: 00007f52099c4060
[ 106.751994] R13: 00007ffd55bb4dc0 R14: 00007f52099bff60 R15: 000000000001a036
[ 106.752550]
[ 106.752733] Modules linked in:
[ 106.752989] ---[ end trace 0000000000000000 ]---
[ 106.753356] RIP: 0010:perf_tp_event+0x175/0xe70
[ 106.753723] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 106.755100] RSP: 0000:ffff888042d4f4c0 EFLAGS: 00010212
[ 106.755514] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 106.756067] RDX: ffff888041cd3700 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 106.756610] RBP: ffff888042d4f730 R08: ffff88806ce31340 R09: ffffe8ffffc15d68
[ 106.757166] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 106.757709] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[ 106.758255] FS: 000055555a397400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 106.758870] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 106.759315] CR2: 00007f5209dc4004 CR3: 000000003f620000 CR4: 0000000000350ef0
[ 106.759863] Kernel panic - not syncing: Fatal exception in interrupt
[ 107.801827] Shutting down cpus with NMI
[ 107.802307] Kernel Offset: disabled
[ 107.802594] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
08:20:01 Registers:
info registers vcpu 0
RAX=0000000000000001 RBX=ffff8880e55d8000 RCX=6e0bdaf472279bc5 RDX=0000000000000000
RSI=000000009fccad7e RDI=ffff88806ce31850 RBP=ffff88804111f688 RSP=ffff88804111f5b0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=0000000000000000 R13=ffff88804111f678 R14=ffff888041c1b700 R15=ffff88804111f630
RIP=ffffffff815af2d6 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f408abf48c0 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe4500000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9aa8ee6000 CR3=0000000042583000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000ff0000000000ff0000 XMM03=0000000000ff0000000000ff000000ff
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=ff0101010100ff010000000600000002
XMM06=ffffffff0000000600005627c8f9d200 XMM07=00000000000000000000000000000000
XMM08=732f636f72702f006b63616d7300632e XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88806cf086f0
R8 =0000000000000000 R9 =ffffed10016da046 R10=0000000000000038 R11=0000000000000001
R12=0000000000000038 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe4f00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000555585fe6708 CR3=0000000039ae5000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000