Warning: Permanently added '[localhost]:46939' (ECDSA) to the list of known hosts. 2026/01/16 15:33:24 fuzzer started 2026/01/16 15:33:25 dialing manager at localhost:42157 syzkaller login: [ 59.238392] cgroup: Unknown subsys name 'net' [ 59.316495] cgroup: Unknown subsys name 'cpuset' [ 59.349098] cgroup: Unknown subsys name 'rlimit' 2026/01/16 15:33:34 syscalls: 2214 2026/01/16 15:33:34 code coverage: enabled 2026/01/16 15:33:34 comparison tracing: enabled 2026/01/16 15:33:34 extra coverage: enabled 2026/01/16 15:33:34 setuid sandbox: enabled 2026/01/16 15:33:34 namespace sandbox: enabled 2026/01/16 15:33:34 Android sandbox: enabled 2026/01/16 15:33:34 fault injection: enabled 2026/01/16 15:33:34 leak checking: enabled 2026/01/16 15:33:34 net packet injection: enabled 2026/01/16 15:33:34 net device setup: enabled 2026/01/16 15:33:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2026/01/16 15:33:34 devlink PCI setup: PCI device 0000:00:10.0 is not available 2026/01/16 15:33:34 USB emulation: enabled 2026/01/16 15:33:34 hci packet injection: enabled 2026/01/16 15:33:34 wifi device emulation: enabled 2026/01/16 15:33:34 802.15.4 emulation: enabled 2026/01/16 15:33:34 fetching corpus: 0, signal 0/2000 (executing program) 2026/01/16 15:33:34 fetching corpus: 42, signal 27550/31110 (executing program) 2026/01/16 15:33:34 fetching corpus: 92, signal 42143/47094 (executing program) 2026/01/16 15:33:34 fetching corpus: 142, signal 49603/55984 (executing program) 2026/01/16 15:33:34 fetching corpus: 192, signal 54342/62113 (executing program) 2026/01/16 15:33:35 fetching corpus: 242, signal 59387/68438 (executing program) 2026/01/16 15:33:35 fetching corpus: 292, signal 63748/74037 (executing program) 2026/01/16 15:33:35 fetching corpus: 342, signal 68194/79651 (executing program) 2026/01/16 15:33:35 fetching corpus: 392, signal 72667/85230 (executing program) 2026/01/16 15:33:35 fetching corpus: 442, signal 76579/90193 (executing program) 2026/01/16 15:33:35 fetching corpus: 492, signal 78849/93622 (executing program) 2026/01/16 15:33:35 fetching corpus: 542, signal 81047/96918 (executing program) 2026/01/16 15:33:35 fetching corpus: 592, signal 83825/100680 (executing program) 2026/01/16 15:33:36 fetching corpus: 642, signal 87224/104980 (executing program) 2026/01/16 15:33:36 fetching corpus: 692, signal 90465/109087 (executing program) 2026/01/16 15:33:36 fetching corpus: 742, signal 94219/113604 (executing program) 2026/01/16 15:33:36 fetching corpus: 792, signal 96485/116774 (executing program) 2026/01/16 15:33:36 fetching corpus: 842, signal 99007/120067 (executing program) 2026/01/16 15:33:36 fetching corpus: 892, signal 100811/122780 (executing program) 2026/01/16 15:33:36 fetching corpus: 942, signal 102939/125796 (executing program) 2026/01/16 15:33:36 fetching corpus: 992, signal 104948/128598 (executing program) 2026/01/16 15:33:37 fetching corpus: 1042, signal 106792/131233 (executing program) 2026/01/16 15:33:37 fetching corpus: 1092, signal 109012/134134 (executing program) 2026/01/16 15:33:37 fetching corpus: 1142, signal 110506/136342 (executing program) 2026/01/16 15:33:37 fetching corpus: 1192, signal 112202/138716 (executing program) 2026/01/16 15:33:37 fetching corpus: 1242, signal 113997/141205 (executing program) 2026/01/16 15:33:37 fetching corpus: 1292, signal 116220/144013 (executing program) 2026/01/16 15:33:37 fetching corpus: 1342, signal 118257/146648 (executing program) 2026/01/16 15:33:37 fetching corpus: 1392, signal 119604/148724 (executing program) 2026/01/16 15:33:38 fetching corpus: 1442, signal 121021/150828 (executing program) 2026/01/16 15:33:38 fetching corpus: 1492, signal 122070/152558 (executing program) 2026/01/16 15:33:38 fetching corpus: 1542, signal 123856/154879 (executing program) 2026/01/16 15:33:38 fetching corpus: 1592, signal 125144/156796 (executing program) 2026/01/16 15:33:38 fetching corpus: 1642, signal 126333/158562 (executing program) 2026/01/16 15:33:38 fetching corpus: 1692, signal 127379/160238 (executing program) 2026/01/16 15:33:38 fetching corpus: 1742, signal 128261/161813 (executing program) 2026/01/16 15:33:38 fetching corpus: 1792, signal 130224/164137 (executing program) 2026/01/16 15:33:38 fetching corpus: 1842, signal 131322/165807 (executing program) 2026/01/16 15:33:39 fetching corpus: 1892, signal 132458/167476 (executing program) 2026/01/16 15:33:39 fetching corpus: 1941, signal 133403/168946 (executing program) 2026/01/16 15:33:39 fetching corpus: 1991, signal 134564/170595 (executing program) 2026/01/16 15:33:39 fetching corpus: 2041, signal 135695/172207 (executing program) 2026/01/16 15:33:39 fetching corpus: 2091, signal 136668/173748 (executing program) 2026/01/16 15:33:39 fetching corpus: 2141, signal 137911/175382 (executing program) 2026/01/16 15:33:39 fetching corpus: 2191, signal 138594/176670 (executing program) 2026/01/16 15:33:39 fetching corpus: 2241, signal 140288/178582 (executing program) 2026/01/16 15:33:40 fetching corpus: 2291, signal 141443/180091 (executing program) 2026/01/16 15:33:40 fetching corpus: 2341, signal 142614/181556 (executing program) 2026/01/16 15:33:40 fetching corpus: 2391, signal 143437/182859 (executing program) 2026/01/16 15:33:40 fetching corpus: 2441, signal 144209/184130 (executing program) 2026/01/16 15:33:40 fetching corpus: 2490, signal 144963/185361 (executing program) 2026/01/16 15:33:40 fetching corpus: 2540, signal 146044/186720 (executing program) 2026/01/16 15:33:40 fetching corpus: 2590, signal 146891/187987 (executing program) 2026/01/16 15:33:40 fetching corpus: 2640, signal 147881/189290 (executing program) 2026/01/16 15:33:40 fetching corpus: 2689, signal 148620/190429 (executing program) 2026/01/16 15:33:40 fetching corpus: 2739, signal 149481/191663 (executing program) 2026/01/16 15:33:41 fetching corpus: 2789, signal 150183/192754 (executing program) 2026/01/16 15:33:41 fetching corpus: 2839, signal 151302/194098 (executing program) 2026/01/16 15:33:41 fetching corpus: 2889, signal 152231/195308 (executing program) 2026/01/16 15:33:41 fetching corpus: 2938, signal 152884/196367 (executing program) 2026/01/16 15:33:41 fetching corpus: 2987, signal 153589/197469 (executing program) 2026/01/16 15:33:41 fetching corpus: 3037, signal 154745/198742 (executing program) 2026/01/16 15:33:41 fetching corpus: 3087, signal 155478/199801 (executing program) 2026/01/16 15:33:41 fetching corpus: 3137, signal 156043/200751 (executing program) 2026/01/16 15:33:42 fetching corpus: 3187, signal 156919/201841 (executing program) 2026/01/16 15:33:42 fetching corpus: 3237, signal 157660/202879 (executing program) 2026/01/16 15:33:42 fetching corpus: 3287, signal 158416/204026 (executing program) 2026/01/16 15:33:42 fetching corpus: 3337, signal 159052/204968 (executing program) 2026/01/16 15:33:42 fetching corpus: 3387, signal 160397/206179 (executing program) 2026/01/16 15:33:42 fetching corpus: 3436, signal 161029/207133 (executing program) 2026/01/16 15:33:42 fetching corpus: 3486, signal 161886/208109 (executing program) 2026/01/16 15:33:42 fetching corpus: 3536, signal 162995/209197 (executing program) 2026/01/16 15:33:43 fetching corpus: 3586, signal 163933/210247 (executing program) 2026/01/16 15:33:43 fetching corpus: 3636, signal 164609/211144 (executing program) 2026/01/16 15:33:43 fetching corpus: 3686, signal 165252/212025 (executing program) 2026/01/16 15:33:43 fetching corpus: 3736, signal 165947/212889 (executing program) 2026/01/16 15:33:43 fetching corpus: 3786, signal 166636/213713 (executing program) 2026/01/16 15:33:43 fetching corpus: 3836, signal 167383/214529 (executing program) 2026/01/16 15:33:43 fetching corpus: 3886, signal 168024/215337 (executing program) 2026/01/16 15:33:43 fetching corpus: 3935, signal 168459/216060 (executing program) 2026/01/16 15:33:43 fetching corpus: 3984, signal 169034/216835 (executing program) 2026/01/16 15:33:44 fetching corpus: 4034, signal 169561/217639 (executing program) 2026/01/16 15:33:44 fetching corpus: 4084, signal 170009/218343 (executing program) 2026/01/16 15:33:44 fetching corpus: 4134, signal 170533/219108 (executing program) 2026/01/16 15:33:44 fetching corpus: 4184, signal 171053/219839 (executing program) 2026/01/16 15:33:44 fetching corpus: 4234, signal 171807/220667 (executing program) 2026/01/16 15:33:44 fetching corpus: 4284, signal 172303/221396 (executing program) 2026/01/16 15:33:44 fetching corpus: 4334, signal 172921/222145 (executing program) 2026/01/16 15:33:44 fetching corpus: 4384, signal 173435/222814 (executing program) 2026/01/16 15:33:44 fetching corpus: 4433, signal 173838/223481 (executing program) 2026/01/16 15:33:45 fetching corpus: 4483, signal 174316/224169 (executing program) 2026/01/16 15:33:45 fetching corpus: 4533, signal 175389/224932 (executing program) 2026/01/16 15:33:45 fetching corpus: 4583, signal 175708/225549 (executing program) 2026/01/16 15:33:45 fetching corpus: 4633, signal 176143/226181 (executing program) 2026/01/16 15:33:45 fetching corpus: 4683, signal 176627/226822 (executing program) 2026/01/16 15:33:45 fetching corpus: 4733, signal 177101/227408 (executing program) 2026/01/16 15:33:45 fetching corpus: 4783, signal 177862/228099 (executing program) 2026/01/16 15:33:45 fetching corpus: 4833, signal 178368/228694 (executing program) 2026/01/16 15:33:45 fetching corpus: 4883, signal 179987/229501 (executing program) 2026/01/16 15:33:46 fetching corpus: 4933, signal 180389/230062 (executing program) 2026/01/16 15:33:46 fetching corpus: 4983, signal 180815/230581 (executing program) 2026/01/16 15:33:46 fetching corpus: 5033, signal 181148/231119 (executing program) 2026/01/16 15:33:46 fetching corpus: 5083, signal 181598/231647 (executing program) 2026/01/16 15:33:46 fetching corpus: 5132, signal 182068/232182 (executing program) 2026/01/16 15:33:46 fetching corpus: 5182, signal 182604/232696 (executing program) 2026/01/16 15:33:46 fetching corpus: 5232, signal 183185/233239 (executing program) 2026/01/16 15:33:46 fetching corpus: 5282, signal 183745/233784 (executing program) 2026/01/16 15:33:46 fetching corpus: 5332, signal 184216/234324 (executing program) 2026/01/16 15:33:46 fetching corpus: 5381, signal 184575/234818 (executing program) 2026/01/16 15:33:47 fetching corpus: 5431, signal 185053/235348 (executing program) 2026/01/16 15:33:47 fetching corpus: 5481, signal 185438/235863 (executing program) 2026/01/16 15:33:47 fetching corpus: 5531, signal 185900/236362 (executing program) 2026/01/16 15:33:47 fetching corpus: 5581, signal 186340/236828 (executing program) 2026/01/16 15:33:47 fetching corpus: 5631, signal 186693/237299 (executing program) 2026/01/16 15:33:47 fetching corpus: 5681, signal 187065/237750 (executing program) 2026/01/16 15:33:47 fetching corpus: 5731, signal 187434/238200 (executing program) 2026/01/16 15:33:47 fetching corpus: 5781, signal 187801/238628 (executing program) 2026/01/16 15:33:47 fetching corpus: 5831, signal 188373/239094 (executing program) 2026/01/16 15:33:48 fetching corpus: 5881, signal 189017/239299 (executing program) 2026/01/16 15:33:48 fetching corpus: 5931, signal 189348/239299 (executing program) 2026/01/16 15:33:48 fetching corpus: 5981, signal 189686/239299 (executing program) 2026/01/16 15:33:48 fetching corpus: 6031, signal 190193/239299 (executing program) 2026/01/16 15:33:48 fetching corpus: 6081, signal 190613/239299 (executing program) 2026/01/16 15:33:48 fetching corpus: 6131, signal 191019/239305 (executing program) 2026/01/16 15:33:48 fetching corpus: 6181, signal 191414/239305 (executing program) 2026/01/16 15:33:48 fetching corpus: 6230, signal 191927/239306 (executing program) 2026/01/16 15:33:48 fetching corpus: 6280, signal 192436/239312 (executing program) 2026/01/16 15:33:49 fetching corpus: 6330, signal 192900/239312 (executing program) 2026/01/16 15:33:49 fetching corpus: 6380, signal 193182/239325 (executing program) 2026/01/16 15:33:49 fetching corpus: 6430, signal 193708/239325 (executing program) 2026/01/16 15:33:49 fetching corpus: 6480, signal 194029/239326 (executing program) 2026/01/16 15:33:49 fetching corpus: 6530, signal 194342/239328 (executing program) 2026/01/16 15:33:49 fetching corpus: 6580, signal 194814/239330 (executing program) 2026/01/16 15:33:49 fetching corpus: 6630, signal 195169/239330 (executing program) 2026/01/16 15:33:49 fetching corpus: 6680, signal 195465/239334 (executing program) 2026/01/16 15:33:49 fetching corpus: 6730, signal 195802/239341 (executing program) 2026/01/16 15:33:50 fetching corpus: 6780, signal 196214/239341 (executing program) 2026/01/16 15:33:50 fetching corpus: 6830, signal 196605/239341 (executing program) 2026/01/16 15:33:50 fetching corpus: 6880, signal 196973/239342 (executing program) 2026/01/16 15:33:50 fetching corpus: 6930, signal 197338/239352 (executing program) 2026/01/16 15:33:50 fetching corpus: 6980, signal 197737/239352 (executing program) 2026/01/16 15:33:50 fetching corpus: 7030, signal 198404/239352 (executing program) 2026/01/16 15:33:50 fetching corpus: 7080, signal 198778/239354 (executing program) 2026/01/16 15:33:50 fetching corpus: 7130, signal 199118/239354 (executing program) 2026/01/16 15:33:51 fetching corpus: 7180, signal 199566/239355 (executing program) 2026/01/16 15:33:51 fetching corpus: 7230, signal 199859/239356 (executing program) 2026/01/16 15:33:51 fetching corpus: 7280, signal 200156/239356 (executing program) 2026/01/16 15:33:51 fetching corpus: 7330, signal 200559/239356 (executing program) 2026/01/16 15:33:51 fetching corpus: 7380, signal 200857/239367 (executing program) 2026/01/16 15:33:51 fetching corpus: 7430, signal 201348/239367 (executing program) 2026/01/16 15:33:51 fetching corpus: 7480, signal 201696/239367 (executing program) 2026/01/16 15:33:51 fetching corpus: 7530, signal 202156/239367 (executing program) 2026/01/16 15:33:52 fetching corpus: 7580, signal 202718/239367 (executing program) 2026/01/16 15:33:52 fetching corpus: 7630, signal 203000/239381 (executing program) 2026/01/16 15:33:52 fetching corpus: 7680, signal 203257/239381 (executing program) 2026/01/16 15:33:52 fetching corpus: 7730, signal 203551/239381 (executing program) 2026/01/16 15:33:52 fetching corpus: 7780, signal 203889/239381 (executing program) 2026/01/16 15:33:52 fetching corpus: 7830, signal 204680/239381 (executing program) 2026/01/16 15:33:52 fetching corpus: 7880, signal 204930/239390 (executing program) 2026/01/16 15:33:52 fetching corpus: 7930, signal 205224/239390 (executing program) 2026/01/16 15:33:52 fetching corpus: 7980, signal 205615/239390 (executing program) 2026/01/16 15:33:52 fetching corpus: 8030, signal 205963/239396 (executing program) 2026/01/16 15:33:52 fetching corpus: 8080, signal 206323/239403 (executing program) 2026/01/16 15:33:53 fetching corpus: 8130, signal 206626/239409 (executing program) 2026/01/16 15:33:53 fetching corpus: 8180, signal 206948/239410 (executing program) 2026/01/16 15:33:53 fetching corpus: 8230, signal 207214/239411 (executing program) 2026/01/16 15:33:53 fetching corpus: 8280, signal 207560/239417 (executing program) 2026/01/16 15:33:53 fetching corpus: 8330, signal 208007/239417 (executing program) 2026/01/16 15:33:53 fetching corpus: 8380, signal 208320/239470 (executing program) 2026/01/16 15:33:53 fetching corpus: 8430, signal 208608/239471 (executing program) 2026/01/16 15:33:53 fetching corpus: 8480, signal 208969/239471 (executing program) 2026/01/16 15:33:54 fetching corpus: 8530, signal 209349/239471 (executing program) 2026/01/16 15:33:54 fetching corpus: 8580, signal 209641/239471 (executing program) 2026/01/16 15:33:54 fetching corpus: 8630, signal 210064/239475 (executing program) 2026/01/16 15:33:54 fetching corpus: 8680, signal 210453/239475 (executing program) 2026/01/16 15:33:54 fetching corpus: 8730, signal 210872/239475 (executing program) 2026/01/16 15:33:54 fetching corpus: 8780, signal 211213/239475 (executing program) 2026/01/16 15:33:54 fetching corpus: 8830, signal 211553/239477 (executing program) 2026/01/16 15:33:54 fetching corpus: 8880, signal 211810/239478 (executing program) 2026/01/16 15:33:54 fetching corpus: 8930, signal 212133/239478 (executing program) 2026/01/16 15:33:55 fetching corpus: 8980, signal 212518/239478 (executing program) 2026/01/16 15:33:55 fetching corpus: 9030, signal 212952/239478 (executing program) 2026/01/16 15:33:55 fetching corpus: 9080, signal 213287/239478 (executing program) 2026/01/16 15:33:55 fetching corpus: 9129, signal 213513/239480 (executing program) 2026/01/16 15:33:55 fetching corpus: 9179, signal 213767/239480 (executing program) 2026/01/16 15:33:55 fetching corpus: 9229, signal 214015/239489 (executing program) 2026/01/16 15:33:55 fetching corpus: 9279, signal 214204/239489 (executing program) 2026/01/16 15:33:55 fetching corpus: 9329, signal 214561/239489 (executing program) 2026/01/16 15:33:55 fetching corpus: 9379, signal 214808/239489 (executing program) 2026/01/16 15:33:55 fetching corpus: 9429, signal 215108/239505 (executing program) 2026/01/16 15:33:56 fetching corpus: 9479, signal 215427/239505 (executing program) 2026/01/16 15:33:56 fetching corpus: 9529, signal 215635/239507 (executing program) 2026/01/16 15:33:56 fetching corpus: 9579, signal 216086/239522 (executing program) 2026/01/16 15:33:56 fetching corpus: 9629, signal 216414/239522 (executing program) 2026/01/16 15:33:56 fetching corpus: 9679, signal 216697/239523 (executing program) 2026/01/16 15:33:56 fetching corpus: 9729, signal 217041/239523 (executing program) 2026/01/16 15:33:56 fetching corpus: 9779, signal 217241/239523 (executing program) 2026/01/16 15:33:56 fetching corpus: 9829, signal 217567/239523 (executing program) 2026/01/16 15:33:56 fetching corpus: 9878, signal 217862/239523 (executing program) 2026/01/16 15:33:57 fetching corpus: 9928, signal 218062/239523 (executing program) 2026/01/16 15:33:57 fetching corpus: 9978, signal 218312/239523 (executing program) 2026/01/16 15:33:57 fetching corpus: 10028, signal 218527/239523 (executing program) 2026/01/16 15:33:57 fetching corpus: 10078, signal 218787/239523 (executing program) 2026/01/16 15:33:57 fetching corpus: 10128, signal 219270/239533 (executing program) 2026/01/16 15:33:57 fetching corpus: 10178, signal 219513/239540 (executing program) 2026/01/16 15:33:57 fetching corpus: 10228, signal 219829/239545 (executing program) 2026/01/16 15:33:57 fetching corpus: 10278, signal 220106/239549 (executing program) 2026/01/16 15:33:57 fetching corpus: 10328, signal 220356/239550 (executing program) 2026/01/16 15:33:58 fetching corpus: 10378, signal 220655/239550 (executing program) 2026/01/16 15:33:58 fetching corpus: 10427, signal 220902/239563 (executing program) 2026/01/16 15:33:58 fetching corpus: 10477, signal 221104/239563 (executing program) 2026/01/16 15:33:58 fetching corpus: 10527, signal 221373/239563 (executing program) 2026/01/16 15:33:58 fetching corpus: 10577, signal 221649/239563 (executing program) 2026/01/16 15:33:58 fetching corpus: 10627, signal 221891/239568 (executing program) 2026/01/16 15:33:58 fetching corpus: 10677, signal 222197/239569 (executing program) 2026/01/16 15:33:58 fetching corpus: 10727, signal 222616/239569 (executing program) 2026/01/16 15:33:58 fetching corpus: 10777, signal 222901/239569 (executing program) 2026/01/16 15:33:58 fetching corpus: 10827, signal 223160/239597 (executing program) 2026/01/16 15:33:59 fetching corpus: 10877, signal 223373/239597 (executing program) 2026/01/16 15:33:59 fetching corpus: 10927, signal 223615/239597 (executing program) 2026/01/16 15:33:59 fetching corpus: 10977, signal 223840/239597 (executing program) 2026/01/16 15:33:59 fetching corpus: 11027, signal 224091/239597 (executing program) 2026/01/16 15:33:59 fetching corpus: 11077, signal 224410/239597 (executing program) 2026/01/16 15:33:59 fetching corpus: 11127, signal 224780/239597 (executing program) 2026/01/16 15:33:59 fetching corpus: 11177, signal 224995/239597 (executing program) 2026/01/16 15:33:59 fetching corpus: 11227, signal 225274/239597 (executing program) 2026/01/16 15:33:59 fetching corpus: 11277, signal 225465/239599 (executing program) 2026/01/16 15:33:59 fetching corpus: 11327, signal 225668/239599 (executing program) 2026/01/16 15:34:00 fetching corpus: 11376, signal 225965/239599 (executing program) 2026/01/16 15:34:00 fetching corpus: 11426, signal 226304/239599 (executing program) 2026/01/16 15:34:00 fetching corpus: 11476, signal 226531/239604 (executing program) 2026/01/16 15:34:00 fetching corpus: 11526, signal 226749/239605 (executing program) 2026/01/16 15:34:00 fetching corpus: 11576, signal 226987/239605 (executing program) 2026/01/16 15:34:00 fetching corpus: 11626, signal 227184/239605 (executing program) 2026/01/16 15:34:00 fetching corpus: 11676, signal 227409/239605 (executing program) 2026/01/16 15:34:00 fetching corpus: 11726, signal 227598/239605 (executing program) 2026/01/16 15:34:00 fetching corpus: 11776, signal 227828/239605 (executing program) 2026/01/16 15:34:00 fetching corpus: 11826, signal 228219/239605 (executing program) 2026/01/16 15:34:01 fetching corpus: 11876, signal 228468/239605 (executing program) 2026/01/16 15:34:01 fetching corpus: 11926, signal 228707/239607 (executing program) 2026/01/16 15:34:01 fetching corpus: 11976, signal 228906/239607 (executing program) 2026/01/16 15:34:01 fetching corpus: 12026, signal 229113/239608 (executing program) 2026/01/16 15:34:01 fetching corpus: 12076, signal 229316/239609 (executing program) 2026/01/16 15:34:01 fetching corpus: 12126, signal 229609/239611 (executing program) 2026/01/16 15:34:01 fetching corpus: 12176, signal 229767/239611 (executing program) 2026/01/16 15:34:01 fetching corpus: 12226, signal 230026/239612 (executing program) 2026/01/16 15:34:01 fetching corpus: 12276, signal 230257/239612 (executing program) 2026/01/16 15:34:01 fetching corpus: 12326, signal 230599/239612 (executing program) 2026/01/16 15:34:02 fetching corpus: 12376, signal 230807/239612 (executing program) 2026/01/16 15:34:02 fetching corpus: 12426, signal 231022/239612 (executing program) 2026/01/16 15:34:02 fetching corpus: 12476, signal 231232/239613 (executing program) 2026/01/16 15:34:02 fetching corpus: 12526, signal 231409/239613 (executing program) 2026/01/16 15:34:02 fetching corpus: 12576, signal 231599/239614 (executing program) 2026/01/16 15:34:02 fetching corpus: 12626, signal 231861/239620 (executing program) 2026/01/16 15:34:02 fetching corpus: 12676, signal 232050/239620 (executing program) 2026/01/16 15:34:02 fetching corpus: 12726, signal 232224/239620 (executing program) 2026/01/16 15:34:02 fetching corpus: 12776, signal 232399/239643 (executing program) 2026/01/16 15:34:02 fetching corpus: 12826, signal 232551/239643 (executing program) 2026/01/16 15:34:03 fetching corpus: 12876, signal 232743/239643 (executing program) 2026/01/16 15:34:03 fetching corpus: 12926, signal 232977/239643 (executing program) 2026/01/16 15:34:03 fetching corpus: 12976, signal 233190/239643 (executing program) 2026/01/16 15:34:03 fetching corpus: 13026, signal 233358/239643 (executing program) 2026/01/16 15:34:03 fetching corpus: 13076, signal 233524/239647 (executing program) 2026/01/16 15:34:03 fetching corpus: 13126, signal 233701/239647 (executing program) 2026/01/16 15:34:03 fetching corpus: 13176, signal 233914/239647 (executing program) 2026/01/16 15:34:03 fetching corpus: 13226, signal 234065/239647 (executing program) 2026/01/16 15:34:03 fetching corpus: 13276, signal 234223/239647 (executing program) 2026/01/16 15:34:04 fetching corpus: 13326, signal 234498/239648 (executing program) 2026/01/16 15:34:04 fetching corpus: 13376, signal 234647/239648 (executing program) 2026/01/16 15:34:04 fetching corpus: 13426, signal 234873/239648 (executing program) 2026/01/16 15:34:04 fetching corpus: 13476, signal 235039/239649 (executing program) 2026/01/16 15:34:04 fetching corpus: 13526, signal 235270/239649 (executing program) 2026/01/16 15:34:04 fetching corpus: 13576, signal 235503/239649 (executing program) 2026/01/16 15:34:04 fetching corpus: 13626, signal 235710/239649 (executing program) 2026/01/16 15:34:04 fetching corpus: 13676, signal 235950/239649 (executing program) 2026/01/16 15:34:04 fetching corpus: 13726, signal 236092/239650 (executing program) 2026/01/16 15:34:04 fetching corpus: 13776, signal 236304/239651 (executing program) 2026/01/16 15:34:05 fetching corpus: 13826, signal 236492/239651 (executing program) 2026/01/16 15:34:05 fetching corpus: 13876, signal 236723/239652 (executing program) 2026/01/16 15:34:05 fetching corpus: 13926, signal 236890/239652 (executing program) 2026/01/16 15:34:05 fetching corpus: 13976, signal 237258/239652 (executing program) 2026/01/16 15:34:05 fetching corpus: 14026, signal 237434/239652 (executing program) 2026/01/16 15:34:05 fetching corpus: 14076, signal 237641/239652 (executing program) 2026/01/16 15:34:05 fetching corpus: 14126, signal 237788/239652 (executing program) 2026/01/16 15:34:05 fetching corpus: 14142, signal 237826/239653 (executing program) 2026/01/16 15:34:05 fetching corpus: 14142, signal 237826/239653 (executing program) 2026/01/16 15:34:08 starting 8 fuzzer processes 15:34:08 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvfrom(r0, 0x0, 0x0, 0x4023, 0x0, 0x0) 15:34:08 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c) 15:34:08 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0xe, &(0x7f0000003440), 0x4) 15:34:08 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x7, 0x0, 0x0) 15:34:08 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) sendmmsg$inet6(r0, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000200)="a07deb6c357a352c4cb15c", 0xb}], 0x1}}], 0x1, 0x0) recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x40001122) [ 101.954089] audit: type=1400 audit(1768577648.132:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 15:34:08 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000000)=@allocspi={0x100, 0x16, 0x39, 0x0, 0x0, {{{@in=@local, @in=@multicast2}, {@in=@loopback, 0x0, 0x33}, @in=@multicast1}}, [@XFRMA_IF_ID={0x8}]}, 0x100}}, 0x0) 15:34:08 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_audit(0x10, 0x3, 0x9) getsockname(r0, 0x0, &(0x7f0000000100)) 15:34:08 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000008c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x28, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan1\x00'}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x28}}, 0x0) [ 103.148556] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.151675] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.153710] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.158739] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.162104] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 103.269931] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 103.276178] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 103.279545] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 103.284894] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 103.290413] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 103.341137] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 103.342876] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 103.345831] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 103.347560] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.349557] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.355997] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 103.358937] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 103.363050] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 103.365166] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 103.376785] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 103.376813] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.387535] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.388752] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 103.392524] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 103.414576] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 103.416403] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 103.417748] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 103.420190] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 103.421934] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 103.427029] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 103.504421] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 103.506260] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 103.514808] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 103.547718] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 103.554531] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 103.556170] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 103.558327] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 103.561937] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 103.569917] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 103.596710] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 105.239355] Bluetooth: hci0: command tx timeout [ 105.365632] Bluetooth: hci1: command tx timeout [ 105.430430] Bluetooth: hci2: command tx timeout [ 105.493301] Bluetooth: hci3: command tx timeout [ 105.494046] Bluetooth: hci4: command tx timeout [ 105.557360] Bluetooth: hci5: command tx timeout [ 105.622345] Bluetooth: hci7: command tx timeout [ 105.685310] Bluetooth: hci6: command tx timeout [ 107.285288] Bluetooth: hci0: command tx timeout [ 107.413263] Bluetooth: hci1: command tx timeout [ 107.477602] Bluetooth: hci2: command tx timeout [ 107.541324] Bluetooth: hci4: command tx timeout [ 107.542407] Bluetooth: hci3: command tx timeout [ 107.606104] Bluetooth: hci5: command tx timeout [ 107.669317] Bluetooth: hci7: command tx timeout [ 107.734308] Bluetooth: hci6: command tx timeout [ 109.333278] Bluetooth: hci0: command tx timeout [ 109.462192] Bluetooth: hci1: command tx timeout [ 109.526324] Bluetooth: hci2: command tx timeout [ 109.589762] Bluetooth: hci3: command tx timeout [ 109.590175] Bluetooth: hci4: command tx timeout [ 109.654318] Bluetooth: hci5: command tx timeout [ 109.719334] Bluetooth: hci7: command tx timeout [ 109.781619] Bluetooth: hci6: command tx timeout [ 111.382252] Bluetooth: hci0: command tx timeout [ 111.510362] Bluetooth: hci1: command tx timeout [ 111.573846] Bluetooth: hci2: command tx timeout [ 111.637747] Bluetooth: hci4: command tx timeout [ 111.637803] Bluetooth: hci3: command tx timeout [ 111.702157] Bluetooth: hci5: command tx timeout [ 111.765889] Bluetooth: hci7: command tx timeout [ 111.829771] Bluetooth: hci6: command tx timeout [ 135.798940] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.799701] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.028787] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.029445] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.031145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.031855] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.169410] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.170005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.301747] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.302384] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.349764] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.350420] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 15:34:42 executing program 1: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000140)={{r0}}) 15:34:42 executing program 1: r0 = msgget$private(0x0, 0x80) msgrcv(r0, &(0x7f00000000c0)={0x0, ""/202}, 0xd2, 0x1, 0x1800) perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x6, 0x0, 0xe2, 0x3, 0x0, 0x0, 0x20, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x5, 0x1, @perf_bp={&(0x7f0000000080), 0x3}, 0x8000, 0x6, 0x6, 0x8, 0x5, 0x1, 0x5, 0x0, 0xac, 0x0, 0x1ff}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0xa) setgid(0xee01) r1 = msgget(0x1, 0x24) msgctl$IPC_RMID(r1, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0xbcd27b81829c37c3, 0x2400c0c0, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x0) msgrcv(r1, &(0x7f0000000540)={0x0, ""/199}, 0xcf, 0x1, 0x1000) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in=@remote, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@ipv4={""/10, ""/2, @local}}}, &(0x7f00000003c0)=0xe8) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x90000, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@aname={'aname', 0x3d, ']l.[-.-*+/'}}, {@fscache}, {@access_any}, {@access_uid={'access', 0x3d, 0xee00}}, {@cache_mmap}], [{@seclabel}, {@fowner_eq={'fowner', 0x3d, r3}}, {@smackfsfloor={'smackfsfloor', 0x3d, '..!'}}]}}) [ 136.489308] audit: type=1400 audit(1768577682.668:8): avc: denied { open } for pid=3845 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 136.497357] audit: type=1400 audit(1768577682.669:9): avc: denied { kernel } for pid=3845 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 136.521406] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.521973] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 15:34:42 executing program 1: r0 = msgget$private(0x0, 0x80) msgrcv(r0, &(0x7f00000000c0)={0x0, ""/202}, 0xd2, 0x1, 0x1800) perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x6, 0x0, 0xe2, 0x3, 0x0, 0x0, 0x20, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x5, 0x1, @perf_bp={&(0x7f0000000080), 0x3}, 0x8000, 0x6, 0x6, 0x8, 0x5, 0x1, 0x5, 0x0, 0xac, 0x0, 0x1ff}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0xa) setgid(0xee01) r1 = msgget(0x1, 0x24) msgctl$IPC_RMID(r1, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0xbcd27b81829c37c3, 0x2400c0c0, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x0) msgrcv(r1, &(0x7f0000000540)={0x0, ""/199}, 0xcf, 0x1, 0x1000) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in=@remote, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@ipv4={""/10, ""/2, @local}}}, &(0x7f00000003c0)=0xe8) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x90000, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@aname={'aname', 0x3d, ']l.[-.-*+/'}}, {@fscache}, {@access_any}, {@access_uid={'access', 0x3d, 0xee00}}, {@cache_mmap}], [{@seclabel}, {@fowner_eq={'fowner', 0x3d, r3}}, {@smackfsfloor={'smackfsfloor', 0x3d, '..!'}}]}}) 15:34:42 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_audit(0x10, 0x3, 0x9) getsockname(r0, 0x0, &(0x7f0000000100)) [ 136.608935] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.610241] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 15:34:42 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_audit(0x10, 0x3, 0x9) getsockname(r0, 0x0, &(0x7f0000000100)) 15:34:42 executing program 1: r0 = msgget$private(0x0, 0x80) msgrcv(r0, &(0x7f00000000c0)={0x0, ""/202}, 0xd2, 0x1, 0x1800) perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x6, 0x0, 0xe2, 0x3, 0x0, 0x0, 0x20, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x5, 0x1, @perf_bp={&(0x7f0000000080), 0x3}, 0x8000, 0x6, 0x6, 0x8, 0x5, 0x1, 0x5, 0x0, 0xac, 0x0, 0x1ff}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0xa) setgid(0xee01) r1 = msgget(0x1, 0x24) msgctl$IPC_RMID(r1, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0xbcd27b81829c37c3, 0x2400c0c0, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x0) msgrcv(r1, &(0x7f0000000540)={0x0, ""/199}, 0xcf, 0x1, 0x1000) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in=@remote, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@ipv4={""/10, ""/2, @local}}}, &(0x7f00000003c0)=0xe8) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x90000, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@aname={'aname', 0x3d, ']l.[-.-*+/'}}, {@fscache}, {@access_any}, {@access_uid={'access', 0x3d, 0xee00}}, {@cache_mmap}], [{@seclabel}, {@fowner_eq={'fowner', 0x3d, r3}}, {@smackfsfloor={'smackfsfloor', 0x3d, '..!'}}]}}) 15:34:42 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_audit(0x10, 0x3, 0x9) getsockname(r0, 0x0, &(0x7f0000000100)) [ 136.785510] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.785576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.786135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.786769] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 15:34:42 executing program 1: r0 = msgget$private(0x0, 0x80) msgrcv(r0, &(0x7f00000000c0)={0x0, ""/202}, 0xd2, 0x1, 0x1800) perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x6, 0x0, 0xe2, 0x3, 0x0, 0x0, 0x20, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x5, 0x1, @perf_bp={&(0x7f0000000080), 0x3}, 0x8000, 0x6, 0x6, 0x8, 0x5, 0x1, 0x5, 0x0, 0xac, 0x0, 0x1ff}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0xa) setgid(0xee01) r1 = msgget(0x1, 0x24) msgctl$IPC_RMID(r1, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0xbcd27b81829c37c3, 0x2400c0c0, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x0) msgrcv(r1, &(0x7f0000000540)={0x0, ""/199}, 0xcf, 0x1, 0x1000) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in=@remote, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@ipv4={""/10, ""/2, @local}}}, &(0x7f00000003c0)=0xe8) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x90000, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@aname={'aname', 0x3d, ']l.[-.-*+/'}}, {@fscache}, {@access_any}, {@access_uid={'access', 0x3d, 0xee00}}, {@cache_mmap}], [{@seclabel}, {@fowner_eq={'fowner', 0x3d, r3}}, {@smackfsfloor={'smackfsfloor', 0x3d, '..!'}}]}}) [ 136.904032] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.904683] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.976543] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.977166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.017897] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.018722] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.085335] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.085952] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.087615] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.088190] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.126754] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.127890] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 15:34:43 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) bind$packet(r1, &(0x7f0000000180)={0x11, 0xf7, 0x0, 0x1, 0x0, 0x6, @random="da047a37f343"}, 0x14) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x4) socket$packet(0x11, 0x2, 0x300) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') pread64(r2, &(0x7f0000000080)=""/203, 0xcb, 0x53) 15:34:43 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x7, 0x0, 0x0) 15:34:43 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0xe, &(0x7f0000003440), 0x4) 15:34:43 executing program 1: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x5385, &(0x7f0000001480)=ANY=[]) 15:34:43 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000280)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}], 0x11, &(0x7f0000000080)) 15:34:43 executing program 6: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = dup2(r1, r0) sendmsg$nl_xfrm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@newae={0x48, 0x1e, 0x1, 0x0, 0x0, {{@in=@broadcast}, @in=@empty}, [@replay_thresh={0x8}]}, 0x48}}, 0x0) 15:34:43 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvfrom(r0, 0x0, 0x0, 0x4023, 0x0, 0x0) 15:34:43 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=[@dstopts={{0x18}}, @tclass={{0x14}}], 0x30}}], 0x1, 0x0) [ 137.299027] loop5: detected capacity change from 0 to 512 [ 137.314257] EXT4-fs error (device loop5): __ext4_fill_super:5560: inode #2: comm syz-executor.5: iget: special inode unallocated [ 137.318183] EXT4-fs (loop5): get root inode failed [ 137.318644] EXT4-fs (loop5): mount failed 15:34:43 executing program 6: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0xe, &(0x7f0000003440), 0x4) [ 137.334334] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 137.342669] loop5: detected capacity change from 0 to 512 [ 137.355111] EXT4-fs error (device loop5): __ext4_fill_super:5560: inode #2: comm syz-executor.5: iget: special inode unallocated [ 137.362195] EXT4-fs (loop5): get root inode failed [ 137.362622] EXT4-fs (loop5): mount failed 15:34:43 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvfrom(r0, 0x0, 0x0, 0x4023, 0x0, 0x0) 15:34:43 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x7, 0x0, 0x0) 15:34:43 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0), 0x4) sendmsg$netlink(r0, &(0x7f0000001b80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001b40)=[@rights={{0x10}}], 0x10}, 0x0) 15:34:43 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=[@dstopts={{0x18}}, @tclass={{0x14}}], 0x30}}], 0x1, 0x0) 15:34:43 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0xe, &(0x7f0000003440), 0x4) 15:34:43 executing program 6: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0xe, &(0x7f0000003440), 0x4) 15:34:43 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000280)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}], 0x11, &(0x7f0000000080)) 15:34:43 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=[@dstopts={{0x18}}, @tclass={{0x14}}], 0x30}}], 0x1, 0x0) [ 137.548806] loop5: detected capacity change from 0 to 512 [ 137.565922] EXT4-fs error (device loop5): __ext4_fill_super:5560: inode #2: comm syz-executor.5: iget: special inode unallocated [ 137.569286] EXT4-fs (loop5): get root inode failed [ 137.569707] EXT4-fs (loop5): mount failed 15:34:43 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvfrom(r0, 0x0, 0x0, 0x4023, 0x0, 0x0) [ 137.626046] [ 137.626391] ===================================== [ 137.627166] WARNING: bad unlock balance detected! [ 137.627937] 6.19.0-rc5-next-20260116 #1 Not tainted [ 137.628758] ------------------------------------- [ 137.633290] syz-executor.4/288 is trying to release lock (rcu_read_lock) at: [ 137.636332] [] __wait_on_freeing_inode+0x105/0x350 [ 137.637392] but there are no more locks to release! [ 137.638206] [ 137.638206] other info that might help us debug this: [ 137.639273] 4 locks held by syz-executor.4/288: [ 137.640032] #0: ffff88800f8f43f8 (sb_writers#3){.+.+}-{0:0}, at: filename_create+0xf7/0x400 [ 137.641475] #1: ffff88801c49b388 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: filename_create+0x1b1/0x400 [ 137.643075] #2: ffff88800f898950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xe32/0x12d0 [ 137.644513] #3: ffffffff85c16898 (inode_hash_lock){+.+.}-{3:3}, at: insert_inode_locked+0xf9/0x890 [ 137.645994] [ 137.645994] stack backtrace: [ 137.646704] CPU: 0 UID: 0 PID: 288 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260116 #1 PREEMPT(lazy) [ 137.646733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 137.646746] Call Trace: [ 137.646755] [ 137.646764] dump_stack_lvl+0xca/0x120 [ 137.646791] ? __wait_on_freeing_inode+0x105/0x350 [ 137.646820] print_unlock_imbalance_bug+0x118/0x130 [ 137.646849] ? __wait_on_freeing_inode+0x105/0x350 [ 137.646879] lock_release+0x1ee/0x270 [ 137.646909] __wait_on_freeing_inode+0x10a/0x350 [ 137.646939] ? __pfx___wait_on_freeing_inode+0x10/0x10 [ 137.646971] ? __pfx_var_wake_function+0x10/0x10 [ 137.647006] ? lock_is_held_type+0x9e/0x120 [ 137.647029] insert_inode_locked+0x25f/0x890 [ 137.647064] __ext4_new_inode+0x223d/0x4cd0 [ 137.647098] ? __pfx___ext4_new_inode+0x10/0x10 [ 137.647126] ? __pfx_avc_has_perm+0x10/0x10 [ 137.647153] ? __pfx___dquot_initialize+0x10/0x10 [ 137.647194] ext4_mkdir+0x331/0xb30 [ 137.647231] ? __pfx_ext4_mkdir+0x10/0x10 [ 137.647263] ? security_inode_permission+0x72/0xe0 [ 137.647290] vfs_mkdir+0x6d8/0xc00 [ 137.647324] filename_mkdirat+0x118/0x430 [ 137.647350] ? __pfx_filename_mkdirat+0x10/0x10 [ 137.647377] ? strncpy_from_user+0x21b/0x2f0 [ 137.647410] __x64_sys_mkdir+0x6e/0xd0 [ 137.647435] do_syscall_64+0xbf/0x420 [ 137.647461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.647486] RIP: 0033:0x7f0772287c27 [ 137.647504] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 137.647526] RSP: 002b:00007fff10aa8478 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 137.647548] RAX: ffffffffffffffda RBX: 00007fff10aa8500 RCX: 00007f0772287c27 [ 137.647564] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 00007fff10aa8500 [ 137.647578] RBP: 00007fff10aa84dc R08: 0000000000000000 R09: 0000000000000003 [ 137.647592] R10: 00007fff10aa8217 R11: 0000000000000206 R12: 0000000000000032 [ 137.647607] R13: 00000000000218ee R14: 0000000000000003 R15: 00007fff10aa8540 [ 137.647628] [ 137.678955] ------------[ cut here ]------------ [ 137.679870] WARNING: kernel/rcu/tree_plugin.h:443 at __rcu_read_unlock+0x25f/0x5c0, CPU#0: syz-executor.4/288 [ 137.681724] Modules linked in: [ 137.682357] CPU: 0 UID: 0 PID: 288 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260116 #1 PREEMPT(lazy) [ 137.684061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 137.689115] RIP: 0010:__rcu_read_unlock+0x25f/0x5c0 [ 137.692768] Code: f2 02 00 00 c7 43 58 01 00 00 00 bf 09 00 00 00 e8 d6 b7 de ff 4d 85 f6 0f 84 73 fe ff ff e8 38 8a 20 00 fb e9 68 fe ff ff 90 <0f> 0b 90 5b 5d 41 5c 41 5d 41 5e e9 81 4d 74 03 e8 2c 5d 56 00 e9 [ 137.695838] RSP: 0018:ffff88801705f9e0 EFLAGS: 00010286 [ 137.696817] RAX: 00000000ffffffff RBX: ffff88801acfb700 RCX: ffffffff815660f7 [ 137.698061] RDX: 0000000000000000 RSI: ffffffff81566100 RDI: ffff88801acfbafc [ 137.699356] RBP: ffff88801acfb700 R08: 0000000000000000 R09: fffffbfff0ba7040 [ 137.700588] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88801acfb700 [ 137.701821] R13: 0000000000000001 R14: ffffffff85c0f9a0 R15: ffff888049cca938 [ 137.703065] FS: 0000555584b5c400(0000) GS:ffff8880e5342000(0000) knlGS:0000000000000000 [ 137.704463] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.705507] CR2: 0000001b2cf23000 CR3: 000000000efaa000 CR4: 0000000000350ef0 [ 137.706779] Call Trace: [ 137.707367] [ 137.708796] __wait_on_freeing_inode+0x10f/0x350 [ 137.710354] ? __pfx___wait_on_freeing_inode+0x10/0x10 [ 137.712652] ? __pfx_var_wake_function+0x10/0x10 [ 137.715332] ? lock_is_held_type+0x9e/0x120 [ 137.717673] insert_inode_locked+0x25f/0x890 [ 137.721185] __ext4_new_inode+0x223d/0x4cd0 [ 137.726800] ? __pfx___ext4_new_inode+0x10/0x10 [ 137.728943] ? __pfx_avc_has_perm+0x10/0x10 [ 137.730354] ? __pfx___dquot_initialize+0x10/0x10 [ 137.735056] ext4_mkdir+0x331/0xb30 [ 137.739343] ? __pfx_ext4_mkdir+0x10/0x10 [ 137.740673] ? security_inode_permission+0x72/0xe0 [ 137.744378] vfs_mkdir+0x6d8/0xc00 [ 137.747435] filename_mkdirat+0x118/0x430 [ 137.749720] ? __pfx_filename_mkdirat+0x10/0x10 [ 137.751395] ? strncpy_from_user+0x21b/0x2f0 [ 137.755508] __x64_sys_mkdir+0x6e/0xd0 [ 137.756895] do_syscall_64+0xbf/0x420 [ 137.758651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.759771] RIP: 0033:0x7f0772287c27 [ 137.760676] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 137.763693] RSP: 002b:00007fff10aa8478 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 137.765030] RAX: ffffffffffffffda RBX: 00007fff10aa8500 RCX: 00007f0772287c27 [ 137.766326] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 00007fff10aa8500 [ 137.767565] RBP: 00007fff10aa84dc R08: 0000000000000000 R09: 0000000000000003 [ 137.768801] R10: 00007fff10aa8217 R11: 0000000000000206 R12: 0000000000000032 [ 137.770104] R13: 00000000000218ee R14: 0000000000000003 R15: 00007fff10aa8540 [ 137.776054] [ 137.776564] irq event stamp: 177449 [ 137.777173] hardirqs last enabled at (177449): [] _raw_spin_unlock_irqrestore+0x2c/0x50 [ 137.779073] hardirqs last disabled at (177448): [] _raw_spin_lock_irqsave+0x53/0x60 [ 137.780902] softirqs last enabled at (177444): [] kernel_fpu_end+0x59/0x70 [ 137.782485] softirqs last disabled at (177442): [] kernel_fpu_begin_mask+0x1bb/0x300 [ 137.784321] ---[ end trace 0000000000000000 ]--- 15:34:44 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=[@dstopts={{0x18}}, @tclass={{0x14}}], 0x30}}], 0x1, 0x0) 15:34:44 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=[@dstopts={{0x18}}, @tclass={{0x14}}], 0x30}}], 0x1, 0x0) 15:34:44 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000280)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}], 0x11, &(0x7f0000000080)) 15:34:44 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x80811501, &(0x7f0000000140)) 15:34:44 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x7, 0x0, 0x0) 15:34:44 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0xe, &(0x7f0000003440), 0x4) 15:34:44 executing program 0: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000400), 0x8, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000400), 0x8, 0x0) signalfd(r2, &(0x7f0000000240), 0x8) 15:34:44 executing program 6: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0xe, &(0x7f0000003440), 0x4) [ 137.869906] loop5: detected capacity change from 0 to 512 [ 137.881144] EXT4-fs error (device loop5): __ext4_fill_super:5560: inode #2: comm syz-executor.5: iget: special inode unallocated [ 137.886314] EXT4-fs (loop5): get root inode failed [ 137.887080] EXT4-fs (loop5): mount failed 15:34:44 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=[@dstopts={{0x18}}, @tclass={{0x14}}], 0x30}}], 0x1, 0x0) 15:34:44 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000005, 0x32, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='map_files\x00') getdents64(r0, &(0x7f0000000380)=""/4096, 0x18) 15:34:44 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000000)={{0x2, 0x0, @broadcast}, {0x0, @link_local}, 0x0, {0x2, 0x0, @private}, 'sit0\x00'}) 15:34:44 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=[@dstopts={{0x18}}, @tclass={{0x14}}], 0x30}}], 0x1, 0x0) 15:34:44 executing program 0: syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f0000000140)='.\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@gid={'gid', 0x3d, 0xee00}}]}) 15:34:44 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000280)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}], 0x11, &(0x7f0000000080)) [ 137.975752] No source specified [ 137.977323] No source specified 15:34:44 executing program 0: syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f0000000140)='.\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@gid={'gid', 0x3d, 0xee00}}]}) 15:34:44 executing program 7: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba", 0x180) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) sendfile(r0, r1, 0x0, 0xfdef) [ 138.005381] No source specified [ 138.045160] loop5: detected capacity change from 0 to 512 [ 138.053594] EXT4-fs error (device loop5): __ext4_fill_super:5560: inode #2: comm syz-executor.5: iget: special inode unallocated [ 138.056711] EXT4-fs (loop5): get root inode failed [ 138.057141] EXT4-fs (loop5): mount failed 15:34:44 executing program 0: syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f0000000140)='.\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@gid={'gid', 0x3d, 0xee00}}]}) [ 138.217042] tmpfs: Invalid gid '0x00000000ffffffff' 15:34:44 executing program 2: r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmat(r0, &(0x7f0000ffb000/0x2000)=nil, 0x6000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mbind(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x0, 0x0, 0x0, 0x2) 15:34:44 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, 0x0}, &(0x7f0000008600)=0xc) syz_mount_image$tmpfs(&(0x7f00000005c0), &(0x7f0000000600)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002800)={[{@mpol={'mpol', 0x3d, {'interleave', '=relative', @void}}}, {@gid={'gid', 0x3d, r1}}]}) 15:34:44 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x3}}, 0x0, r2}) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x3}}, 0x0, r5}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0800000089de7f8c6a88877dd053019b5026ee334caebbcb7b204c8658bc69df99d54d89b210ca32375528e304360d9f13b30bba474c73bf7a58b032", @ANYRES16=0x0, @ANYBLOB="0feddb472301007ce78f1d77f025237402316d45049f1d6014", @ANYRES32=r2, @ANYBLOB="0800030001000000080003000000000008000300020000000800030002000000080003000300000044000180080003000100000014000200767863616e310000000000000000000008000100", @ANYRES32=r5, @ANYBLOB="08000300000000001400020076657468305f746f5f626f6e64000000", @ANYRES32], 0x8c}, 0x1, 0x0, 0x0, 0x20040081}, 0x4000090) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000280)={@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, r5}) ioctl$sock_inet6_SIOCSIFADDR(r6, 0x8936, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x3}}, 0x0, r8}) ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000240)={@dev, 0x35, r8}) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r9, 0x40086602, &(0x7f0000000040)=0x2000000) write$binfmt_aout(r9, 0x0, 0x1001) close(r9) 15:34:44 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xb0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f00000003c0)='./file0\x00', 0x0) llistxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 15:34:44 executing program 4: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) lseek(r0, 0xfffffffffffffffc, 0x0) [ 138.239196] No source specified 15:34:44 executing program 0: syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f0000000140)='.\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@gid={'gid', 0x3d, 0xee00}}]}) 15:34:44 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, 0x0) 15:34:44 executing program 4: creat(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = dup(r0) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) [ 138.319593] No source specified [ 138.329151] kernel read not supported for file /rfkill (pid: 38 comm: kworker/1:1) 15:34:44 executing program 3: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff) poll(&(0x7f0000000400)=[{r1, 0x2810}, {0xffffffffffffffff, 0x8100}, {r0, 0x2000}, {r1, 0x504}, {0xffffffffffffffff, 0x8006}, {0xffffffffffffffff, 0x44c}, {r1, 0x100}], 0x7, 0x2009) set_mempolicy(0x3, &(0x7f0000000040)=0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x2362, &(0x7f0000000280)={0x0, 0x200, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0)) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xc, 0x0, r3) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r3) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x944f103ff3acba85) close(r0) clone3(&(0x7f0000005880)={0x69c72400, 0x0, &(0x7f0000005700), 0x0, {}, 0x0, 0x0, &(0x7f00000001c0)=""/35, 0x0}, 0x58) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r2, 0x7, &(0x7f00000003c0), 0x1) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, &(0x7f0000000180), 0x1) clone3(&(0x7f00000000c0)={0x100009100, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x25, 0x0, 0x0}, 0x58) r4 = syz_io_uring_setup(0x61c4, &(0x7f0000003a00)={0x0, 0x0, 0x0, 0x3, 0x192, 0x0, r1}, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000200)) r5 = dup2(0xffffffffffffffff, 0xffffffffffffffff) clone3(&(0x7f0000005880)={0x61020100, 0x0, &(0x7f0000005700), 0x0, {}, 0x0, 0x0, &(0x7f0000005800)=""/32, 0x0, 0x0, {r5}}, 0x58) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r4, 0x7, &(0x7f00000003c0)=r5, 0x1) 15:34:44 executing program 1: syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)) chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000080)='./file0\x00', 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0xd4000a8b) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40086602, &(0x7f0000000400)) 15:34:44 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000040)=""/102400, 0x19000) 15:34:44 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040607000000b9e4fc3b927208f2990d37c6f9c2a9fc39be14bb239b3a88ca86d10100"/50], 0x6) syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) syz_emit_vhci(&(0x7f0000000680)=ANY=[@ANYRES64], 0x1004) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) ioctl$TIOCL_SETSEL(r1, 0x5452, &(0x7f0000000000)) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) syz_emit_vhci(&(0x7f0000001b00)=ANY=[@ANYBLOB="b2da5afa6ad811962fafc691f71c5eeb7dbfdf8d25e2e18c3f4646a5789655c732ec7738f87c1e46cfe148ca70ca43888000000000000000184c9711a4a5b3531b50037776a52195bd0553914c53a9ebd87ddeb0f76ec0cd18f38fcdeab77efaf2a0e6747e0dbc16d83da5a641d7ed6d29bd729c7800d43eba52a00ca964a78aa0c8cdefee2ffd7f2d071be2658fff2c74394512442d633b6acd90df5e9bd98cd385d8771b6d31f92f03e06ca8e0e2c27fff00906f7be6a301e03fd75885e503d65ad023528aeb57b45daea4c1f326a501a6295bba29fc3bc9b777a40f6d34e481749d0e3ebe3254e6e82d5aedf23f2300"/255, @ANYBLOB="f5941e7aaa9def654a826bf29b361384174b8caaf6c61920e584bed43a07a02c896ff536aacaca7d8130aaa2758000d4c1fffc5337b0d35ba2776457297d5c67f3c1366b1462a3b30199512cc5a8ed2aa5a51106ee6b12e6d7e1c47126a0ca40f3b314b34582c7c7e2f0f5e9a0599708431e430f1d845fc12595b5eda2c73270b5f95438358c52c2a7c3146da2d901a566161a5f4093d5746c559e0ffedb13b5de072d25fb5428cd07963a72173cc0340f250c8d8ebf334972dbc3dd71cfd24d3b3dff30bdd9be33860aa5df7e03c2a1beadb3da", @ANYRESHEX=r1, @ANYRESDEC, @ANYRES32=0x0, @ANYRES16, @ANYRES64=r1, @ANYBLOB="3ca3aa4247eac5abb6ad45ef9c9bd32f5f071f1af88d3fc313407e16d49f6f82616463a1fff61bd4217ac86ff6a0aa90e59faf48639375056046d9889a15a2f682a3ff3ad62ad25f4986354c8a69da00006a311cc9ab7a6cbd2fe73a6182e06b878031f4c720eed513bbffe6b5f20bf4fd43aa13fd27ff15f08f2603862da7459d98cb58252d249afab2bfba1ae2fd121344820f090d59054b38284da20b46", @ANYRES16=r1, @ANYRESDEC, @ANYRESHEX], 0xfffffc5f) syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0xc1}, 0x2) syz_emit_vhci(&(0x7f0000000540)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r0, {0x4}}, '\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'ipvlan1\x00'}) io_submit(0x0, 0x1, &(0x7f0000000640)=[&(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xfffc, r1, &(0x7f0000000580)="b4010aef7686dd800db4430c65126677ed27470f0863692141b9b59cd5c2bf9c335f0053cda05165d651dace98a19d84a281ad87ee82745c4fa2eddfe1f871860c892d511216d00c79da80c2be39a20d34b13b857b8ea49f91fa29e53cf131de1b347d33d4167094968b71b2e8e59fe02d6159c605e357227768a8fa5a94e6e7707986", 0x83, 0x9, 0x0, 0x2}]) syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}}}, 0x9) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_conn_param_update_rsp={{0x13, 0x2, 0x2}, {0x6}}}}, 0xf) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040e04004142a0"], 0x7) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x3a, 0x1, 0x0, 0x0) close(r0) 15:34:44 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) r1 = creat(&(0x7f0000000300)='./file0\x00', 0x0) r2 = memfd_create(&(0x7f0000001b80)='(\xc8\xf5\x82j\xca', 0x0) fcntl$addseals(r2, 0x409, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) write(r1, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601", 0x200) pwritev2(r0, &(0x7f00000019c0)=[{&(0x7f0000000600)='a', 0x1}, {0x0, 0xfffffe8a}, {&(0x7f0000000180)}], 0x3, 0x0, 0x0, 0x17) 15:34:44 executing program 7: r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) setsockopt$sock_int(r0, 0x1, 0x1d, &(0x7f0000000000)=0x8, 0x4) write(r0, 0x0, 0x0) recvmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0) [ 138.481315] audit: type=1400 audit(1768577684.660:10): avc: denied { watch_reads } for pid=4028 comm="syz-executor.1" path="/syzkaller-testdir766067521/syzkaller.nvr4K5/11/file0" dev="tmpfs" ino=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1 15:34:44 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000080)={0x87, 0x1, '\x00', [@pad1, @jumbo]}, 0x18) close(r0) 15:34:44 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) listen(r0, 0x0) shutdown(r0, 0x0) accept$unix(r0, 0x0, 0x0) [ 140.956977] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 140.958945] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 140.960864] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 140.968508] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 140.970585] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 142.549964] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 142.551405] Bluetooth: hci0: Injecting HCI hardware error event [ 142.998328] Bluetooth: hci7: command tx timeout [ 144.597296] Bluetooth: hci0: command 0x0406 tx timeout [ 144.609959] Bluetooth: hci0: hardware error 0x00 [ 145.046281] Bluetooth: hci7: command tx timeout [ 146.646927] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 147.095316] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 15:34:43 Registers: info registers vcpu 0 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82975135 RDI=ffffffff889c19e0 RBP=ffffffff889c19a0 RSP=ffff88801705f4e8 R8 =0000000000000000 R9 =ffffed1001766046 R10=000000000000002d R11=000000002d2d2d2d R12=000000000000002d R13=0000000000000010 R14=ffffffff889c19a0 R15=ffffffff82975120 RIP=ffffffff8297518d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555584b5c400 00000000 00000000 GS =0000 ffff8880e5342000 00000000 00000000 LDT=0000 fffffe2500000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2cf23000 CR3=000000000efaa000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000a60ce07b00000000cec3662e XMM01=000000000000000003515b82db34ca11 XMM02=0000000000000000333bebdfd0a6a21d XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff84d1a2ce RDX=fffffbfff0b82d11 RSI=0000000000000004 RDI=ffffffff85c16880 RBP=ffffffff85c16880 RSP=ffff88801b447b40 R8 =0000000000000000 R9 =fffffbfff0b82d10 R10=ffffffff85c16883 R11=0000000000000000 R12=1ffff11003688f69 R13=0000000000000003 R14=fffffbfff0b82d10 R15=ffff88801b447b78 RIP=ffffffff84d1a2d2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555558fa1400 00000000 00000000 GS =0000 ffff8880e5442000 00000000 00000000 LDT=0000 fffffe4f00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000555558faac58 CR3=000000001efe6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000a60ce07b00000000cec3662e XMM01=000000000000000003515b82db34ca11 XMM02=0000000000000000333bebdfd0a6a21d XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000