Warning: Permanently added '[localhost]:12103' (ECDSA) to the list of known hosts. 2025/08/29 09:34:05 fuzzer started 2025/08/29 09:34:05 dialing manager at localhost:43077 syzkaller login: [ 50.499783] cgroup: Unknown subsys name 'net' [ 50.555154] cgroup: Unknown subsys name 'cpuset' [ 50.568272] cgroup: Unknown subsys name 'rlimit' 2025/08/29 09:34:16 syscalls: 2214 2025/08/29 09:34:16 code coverage: enabled 2025/08/29 09:34:16 comparison tracing: enabled 2025/08/29 09:34:16 extra coverage: enabled 2025/08/29 09:34:16 setuid sandbox: enabled 2025/08/29 09:34:16 namespace sandbox: enabled 2025/08/29 09:34:16 Android sandbox: enabled 2025/08/29 09:34:16 fault injection: enabled 2025/08/29 09:34:16 leak checking: enabled 2025/08/29 09:34:16 net packet injection: enabled 2025/08/29 09:34:16 net device setup: enabled 2025/08/29 09:34:16 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 09:34:16 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 09:34:16 USB emulation: enabled 2025/08/29 09:34:16 hci packet injection: enabled 2025/08/29 09:34:16 wifi device emulation: enabled 2025/08/29 09:34:16 802.15.4 emulation: enabled 2025/08/29 09:34:16 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 09:34:16 fetching corpus: 43, signal 16655/20216 (executing program) 2025/08/29 09:34:16 fetching corpus: 93, signal 30012/34799 (executing program) 2025/08/29 09:34:16 fetching corpus: 143, signal 38405/44378 (executing program) 2025/08/29 09:34:16 fetching corpus: 193, signal 46924/53781 (executing program) 2025/08/29 09:34:16 fetching corpus: 243, signal 51980/59852 (executing program) 2025/08/29 09:34:17 fetching corpus: 293, signal 55630/64518 (executing program) 2025/08/29 09:34:17 fetching corpus: 343, signal 60593/70220 (executing program) 2025/08/29 09:34:17 fetching corpus: 393, signal 64428/74822 (executing program) 2025/08/29 09:34:17 fetching corpus: 443, signal 67503/78671 (executing program) 2025/08/29 09:34:17 fetching corpus: 492, signal 71024/82826 (executing program) 2025/08/29 09:34:17 fetching corpus: 541, signal 74628/86966 (executing program) 2025/08/29 09:34:17 fetching corpus: 591, signal 76865/89838 (executing program) 2025/08/29 09:34:17 fetching corpus: 640, signal 79654/93071 (executing program) 2025/08/29 09:34:17 fetching corpus: 690, signal 83172/96837 (executing program) 2025/08/29 09:34:17 fetching corpus: 740, signal 85080/99227 (executing program) 2025/08/29 09:34:18 fetching corpus: 790, signal 86642/101349 (executing program) 2025/08/29 09:34:18 fetching corpus: 840, signal 88599/103772 (executing program) 2025/08/29 09:34:18 fetching corpus: 890, signal 90416/105948 (executing program) 2025/08/29 09:34:18 fetching corpus: 940, signal 92185/108081 (executing program) 2025/08/29 09:34:18 fetching corpus: 990, signal 93666/109895 (executing program) 2025/08/29 09:34:18 fetching corpus: 1039, signal 96042/112580 (executing program) 2025/08/29 09:34:18 fetching corpus: 1089, signal 97671/114510 (executing program) 2025/08/29 09:34:18 fetching corpus: 1139, signal 99482/116441 (executing program) 2025/08/29 09:34:18 fetching corpus: 1187, signal 101193/118309 (executing program) 2025/08/29 09:34:18 fetching corpus: 1235, signal 102890/120111 (executing program) 2025/08/29 09:34:18 fetching corpus: 1285, signal 104256/121708 (executing program) 2025/08/29 09:34:19 fetching corpus: 1335, signal 105517/123156 (executing program) 2025/08/29 09:34:19 fetching corpus: 1385, signal 106786/124594 (executing program) 2025/08/29 09:34:19 fetching corpus: 1435, signal 108018/125991 (executing program) 2025/08/29 09:34:19 fetching corpus: 1485, signal 110050/127750 (executing program) 2025/08/29 09:34:19 fetching corpus: 1535, signal 111219/128988 (executing program) 2025/08/29 09:34:19 fetching corpus: 1585, signal 112363/130259 (executing program) 2025/08/29 09:34:19 fetching corpus: 1634, signal 113795/131607 (executing program) 2025/08/29 09:34:19 fetching corpus: 1684, signal 115151/132856 (executing program) 2025/08/29 09:34:19 fetching corpus: 1734, signal 116320/133990 (executing program) 2025/08/29 09:34:20 fetching corpus: 1784, signal 117239/134957 (executing program) 2025/08/29 09:34:20 fetching corpus: 1834, signal 118002/135807 (executing program) 2025/08/29 09:34:20 fetching corpus: 1884, signal 119182/136947 (executing program) 2025/08/29 09:34:20 fetching corpus: 1934, signal 120372/137973 (executing program) 2025/08/29 09:34:20 fetching corpus: 1984, signal 121761/139044 (executing program) 2025/08/29 09:34:20 fetching corpus: 2034, signal 122682/139881 (executing program) 2025/08/29 09:34:20 fetching corpus: 2084, signal 123669/140792 (executing program) 2025/08/29 09:34:20 fetching corpus: 2133, signal 124372/141536 (executing program) 2025/08/29 09:34:20 fetching corpus: 2181, signal 125881/142546 (executing program) 2025/08/29 09:34:20 fetching corpus: 2231, signal 126874/143338 (executing program) 2025/08/29 09:34:20 fetching corpus: 2281, signal 128039/144109 (executing program) 2025/08/29 09:34:21 fetching corpus: 2331, signal 128900/144751 (executing program) 2025/08/29 09:34:21 fetching corpus: 2381, signal 130091/145499 (executing program) 2025/08/29 09:34:21 fetching corpus: 2431, signal 131355/146316 (executing program) 2025/08/29 09:34:21 fetching corpus: 2481, signal 132225/146917 (executing program) 2025/08/29 09:34:21 fetching corpus: 2531, signal 132947/147496 (executing program) 2025/08/29 09:34:21 fetching corpus: 2581, signal 134267/148174 (executing program) 2025/08/29 09:34:21 fetching corpus: 2631, signal 135108/148684 (executing program) 2025/08/29 09:34:21 fetching corpus: 2681, signal 135611/149083 (executing program) 2025/08/29 09:34:21 fetching corpus: 2730, signal 136216/149511 (executing program) 2025/08/29 09:34:22 fetching corpus: 2780, signal 136810/149902 (executing program) 2025/08/29 09:34:22 fetching corpus: 2830, signal 137437/150311 (executing program) 2025/08/29 09:34:22 fetching corpus: 2880, signal 138160/150712 (executing program) 2025/08/29 09:34:22 fetching corpus: 2930, signal 139302/151201 (executing program) 2025/08/29 09:34:22 fetching corpus: 2978, signal 139992/151537 (executing program) 2025/08/29 09:34:22 fetching corpus: 3027, signal 140488/151833 (executing program) 2025/08/29 09:34:22 fetching corpus: 3076, signal 141087/152150 (executing program) 2025/08/29 09:34:22 fetching corpus: 3126, signal 141818/152469 (executing program) 2025/08/29 09:34:23 fetching corpus: 3175, signal 142439/152727 (executing program) 2025/08/29 09:34:23 fetching corpus: 3225, signal 142992/152996 (executing program) 2025/08/29 09:34:23 fetching corpus: 3275, signal 143692/153252 (executing program) 2025/08/29 09:34:23 fetching corpus: 3325, signal 144245/153432 (executing program) 2025/08/29 09:34:23 fetching corpus: 3375, signal 144947/153632 (executing program) 2025/08/29 09:34:23 fetching corpus: 3424, signal 145542/154005 (executing program) 2025/08/29 09:34:23 fetching corpus: 3474, signal 146309/154175 (executing program) 2025/08/29 09:34:23 fetching corpus: 3523, signal 146902/154382 (executing program) 2025/08/29 09:34:23 fetching corpus: 3572, signal 147388/154505 (executing program) 2025/08/29 09:34:23 fetching corpus: 3622, signal 147900/154641 (executing program) 2025/08/29 09:34:24 fetching corpus: 3672, signal 148460/154756 (executing program) 2025/08/29 09:34:24 fetching corpus: 3722, signal 148981/154798 (executing program) 2025/08/29 09:34:24 fetching corpus: 3772, signal 149436/154828 (executing program) 2025/08/29 09:34:24 fetching corpus: 3822, signal 150315/154901 (executing program) 2025/08/29 09:34:24 fetching corpus: 3872, signal 150685/154989 (executing program) 2025/08/29 09:34:24 fetching corpus: 3922, signal 151219/155008 (executing program) 2025/08/29 09:34:24 fetching corpus: 3972, signal 151685/155009 (executing program) 2025/08/29 09:34:24 fetching corpus: 4022, signal 152159/155009 (executing program) 2025/08/29 09:34:24 fetching corpus: 4071, signal 152758/155010 (executing program) 2025/08/29 09:34:25 fetching corpus: 4083, signal 152841/155015 (executing program) 2025/08/29 09:34:25 fetching corpus: 4083, signal 152841/155015 (executing program) 2025/08/29 09:34:27 starting 8 fuzzer processes 09:34:27 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = getpid() sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0) 09:34:27 executing program 2: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) ioctl$TUNSETPERSIST(r0, 0x400454cd, 0x7) 09:34:27 executing program 1: io_setup(0xfff, &(0x7f0000000040)=0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x2}]) 09:34:27 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0}, &(0x7f0000008600)=0xc) keyctl$chown(0x4, r0, r2, 0x0) 09:34:27 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)={0x28, 0x28, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @typed={0xc, 0x0, 0x0, 0x0, @u64}]}, 0x28}], 0x1}, 0x0) [ 72.230863] audit: type=1400 audit(1756460067.429:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 09:34:27 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mincore(&(0x7f0000ffe000/0x1000)=nil, 0x1000, &(0x7f0000000100)=""/4096) 09:34:27 executing program 5: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)) chmod(&(0x7f0000000100)='./file0\x00', 0x1) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x1) chown(&(0x7f0000000000)='./file0\x00', 0xee01, 0xee00) fchmodat(r0, &(0x7f00000044c0)='./file0\x00', 0x0) 09:34:27 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) connect(r0, &(0x7f00000001c0)=@in={0x2, 0x0, @remote}, 0x80) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmmsg$inet(r0, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000040)="05ea", 0x2}], 0x1}}, {{&(0x7f00000005c0)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000900)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @multicast1, @local}}}], 0x20}}], 0x2, 0x0) [ 73.348790] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 73.351198] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 73.353182] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.357161] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.359759] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.482527] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 73.497787] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 73.500237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 73.506291] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 73.508039] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 73.509621] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 73.513359] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 73.518273] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 73.519902] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 73.532211] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 73.541103] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 73.548157] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 73.549236] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 73.551502] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 73.555595] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 73.559749] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 73.569461] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 73.570849] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 73.572512] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 73.576191] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 73.579343] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 73.583098] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 73.584191] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 73.585311] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 73.591191] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 73.593878] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 73.627307] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 73.629455] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 73.637420] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 73.642558] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 73.646799] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 73.667137] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 73.669222] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 73.704848] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 73.722271] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 75.381471] Bluetooth: hci0: command tx timeout [ 75.637113] Bluetooth: hci1: command tx timeout [ 75.637146] Bluetooth: hci3: command tx timeout [ 75.637850] Bluetooth: hci2: command tx timeout [ 75.701045] Bluetooth: hci4: command tx timeout [ 75.702611] Bluetooth: hci5: command tx timeout [ 75.765084] Bluetooth: hci6: command tx timeout [ 75.765846] Bluetooth: hci7: command tx timeout [ 77.429596] Bluetooth: hci0: command tx timeout [ 77.685440] Bluetooth: hci2: command tx timeout [ 77.686437] Bluetooth: hci1: command tx timeout [ 77.688524] Bluetooth: hci3: command tx timeout [ 77.749153] Bluetooth: hci5: command tx timeout [ 77.749875] Bluetooth: hci4: command tx timeout [ 77.813591] Bluetooth: hci6: command tx timeout [ 77.814509] Bluetooth: hci7: command tx timeout [ 79.477248] Bluetooth: hci0: command tx timeout [ 79.733100] Bluetooth: hci2: command tx timeout [ 79.733832] Bluetooth: hci1: command tx timeout [ 79.735894] Bluetooth: hci3: command tx timeout [ 79.797202] Bluetooth: hci4: command tx timeout [ 79.798122] Bluetooth: hci5: command tx timeout [ 79.861090] Bluetooth: hci6: command tx timeout [ 79.861739] Bluetooth: hci7: command tx timeout [ 81.526546] Bluetooth: hci0: command tx timeout [ 81.782053] Bluetooth: hci3: command tx timeout [ 81.782478] Bluetooth: hci1: command tx timeout [ 81.782850] Bluetooth: hci2: command tx timeout [ 81.847090] Bluetooth: hci4: command tx timeout [ 81.847483] Bluetooth: hci5: command tx timeout [ 81.909022] Bluetooth: hci7: command tx timeout [ 81.909414] Bluetooth: hci6: command tx timeout [ 110.311530] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.312853] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.417308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.417871] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.613250] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.613832] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.636833] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.637419] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.748000] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.748562] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.901516] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.902732] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.001994] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.002584] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.085168] audit: type=1400 audit(1756460106.280:8): avc: denied { open } for pid=3816 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 111.093496] audit: type=1400 audit(1756460106.280:9): avc: denied { kernel } for pid=3816 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 111.129614] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.130243] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.253197] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 111.408495] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.409528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.495399] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.496318] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.791266] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.791884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.833064] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.833673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.004448] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.005095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.069829] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.070467] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.126276] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.126890] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.130106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.130703] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:35:07 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = getpid() sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0) 09:35:07 executing program 2: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) ioctl$TUNSETPERSIST(r0, 0x400454cd, 0x7) 09:35:07 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)={0x28, 0x28, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @typed={0xc, 0x0, 0x0, 0x0, @u64}]}, 0x28}], 0x1}, 0x0) 09:35:07 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) connect(r0, &(0x7f00000001c0)=@in={0x2, 0x0, @remote}, 0x80) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmmsg$inet(r0, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000040)="05ea", 0x2}], 0x1}}, {{&(0x7f00000005c0)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000900)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @multicast1, @local}}}], 0x20}}], 0x2, 0x0) 09:35:07 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0}, &(0x7f0000008600)=0xc) keyctl$chown(0x4, r0, r2, 0x0) 09:35:07 executing program 5: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)) chmod(&(0x7f0000000100)='./file0\x00', 0x1) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x1) chown(&(0x7f0000000000)='./file0\x00', 0xee01, 0xee00) fchmodat(r0, &(0x7f00000044c0)='./file0\x00', 0x0) 09:35:07 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mincore(&(0x7f0000ffe000/0x1000)=nil, 0x1000, &(0x7f0000000100)=""/4096) 09:35:07 executing program 1: io_setup(0xfff, &(0x7f0000000040)=0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x2}]) [ 112.346607] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. 09:35:07 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)={0x28, 0x28, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @typed={0xc, 0x0, 0x0, 0x0, @u64}]}, 0x28}], 0x1}, 0x0) 09:35:07 executing program 5: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)) chmod(&(0x7f0000000100)='./file0\x00', 0x1) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x1) chown(&(0x7f0000000000)='./file0\x00', 0xee01, 0xee00) fchmodat(r0, &(0x7f00000044c0)='./file0\x00', 0x0) 09:35:07 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = getpid() sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0) 09:35:07 executing program 1: io_setup(0xfff, &(0x7f0000000040)=0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x2}]) 09:35:07 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mincore(&(0x7f0000ffe000/0x1000)=nil, 0x1000, &(0x7f0000000100)=""/4096) 09:35:07 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0}, &(0x7f0000008600)=0xc) keyctl$chown(0x4, r0, r2, 0x0) [ 112.434945] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. 09:35:07 executing program 2: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) ioctl$TUNSETPERSIST(r0, 0x400454cd, 0x7) 09:35:07 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) connect(r0, &(0x7f00000001c0)=@in={0x2, 0x0, @remote}, 0x80) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmmsg$inet(r0, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000040)="05ea", 0x2}], 0x1}}, {{&(0x7f00000005c0)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000900)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @multicast1, @local}}}], 0x20}}], 0x2, 0x0) [ 112.458159] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI [ 112.459064] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 112.459760] CPU: 1 UID: 0 PID: 3917 Comm: syz-executor.4 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 112.461045] Tainted: [W]=WARN [ 112.461696] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 112.463402] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.464387] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.468213] RSP: 0018:ffff8880462ef800 EFLAGS: 00010212 [ 112.469317] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 112.469883] RDX: ffff888016120000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 112.470446] RBP: ffff8880462efa70 R08: ffff88806cf31340 R09: ffffe8ffffd094e8 [ 112.471007] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 112.471572] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 112.472138] FS: 000055557d8e3400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 112.472772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.473240] CR2: 000055557d8e4c18 CR3: 0000000044d6d000 CR4: 0000000000350ef0 [ 112.473805] Call Trace: [ 112.474017] [ 112.474205] ? arch_scale_cpu_capacity+0x17/0xa0 [ 112.474598] ? __pfx_perf_tp_event+0x10/0x10 [ 112.474954] ? __asan_memset+0x24/0x50 [ 112.475291] ? perf_trace_lock+0xb5/0x5d0 [ 112.475632] ? kvm_sched_clock_read+0x16/0x30 [ 112.476000] ? sched_clock+0x37/0x60 [ 112.476310] ? sched_clock_cpu+0x6c/0x4e0 [ 112.476649] ? lock_is_held_type+0x9e/0x120 [ 112.477004] ? perf_trace_run_bpf_submit+0xef/0x180 [ 112.477415] perf_trace_run_bpf_submit+0xef/0x180 [ 112.477809] perf_trace_lock+0x337/0x5d0 [ 112.478143] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.478518] ? lock_acquire+0x15e/0x2f0 [ 112.478842] ? futex_ref_get+0x48/0x300 [ 112.479167] ? futex_ref_get+0x114/0x300 [ 112.479491] ? futex_hash+0x15c/0x390 [ 112.479801] lock_release+0x1ab/0x290 [ 112.480113] ? futex_hash+0x15c/0x390 [ 112.480421] futex_ref_get+0x119/0x300 [ 112.480735] ? futex_hash+0x15c/0x390 [ 112.481040] futex_hash+0x70/0x390 [ 112.481340] futex_wake+0x143/0x540 [ 112.481644] ? put_pid+0x1f/0x30 [ 112.481920] ? kernel_clone+0x204/0x7f0 [ 112.482242] ? __pfx_futex_wake+0x10/0x10 [ 112.482580] ? __pfx_kernel_clone+0x10/0x10 [ 112.482930] ? perf_trace_lock+0xb5/0x5d0 [ 112.483269] do_futex+0x26d/0x370 [ 112.483555] ? __pfx_do_futex+0x10/0x10 [ 112.483878] ? __pfx___do_sys_clone+0x10/0x10 [ 112.484239] ? find_held_lock+0x2b/0x80 [ 112.484569] __x64_sys_futex+0x1c9/0x4d0 [ 112.484900] ? __pfx___x64_sys_futex+0x10/0x10 [ 112.485281] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 112.485705] do_syscall_64+0xbf/0x360 [ 112.486014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.486425] RIP: 0033:0x7f8c5d3a3b19 [ 112.486723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.488154] RSP: 002b:00007ffc8f3a5b28 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 112.488753] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8c5d3a3b19 [ 112.489321] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8c5d4b6f68 [ 112.489931] RBP: 00007f8c5d4b6f60 R08: 00007f8c5a919700 R09: 0000000000000000 [ 112.490537] R10: 00007f8c5a919700 R11: 0000000000000246 R12: 00007f8c5d4bba68 [ 112.491129] R13: 00007ffc8f3a5c30 R14: 00007f8c5d4b6f60 R15: 000000000001b6df [ 112.491734] [ 112.491939] Modules linked in: [ 112.492677] ---[ end trace 0000000000000000 ]--- [ 112.493415] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.493833] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.495373] RSP: 0018:ffff8880462ef800 EFLAGS: 00010212 [ 112.495823] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 112.496433] RDX: ffff888016120000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 112.497038] RBP: ffff8880462efa70 R08: ffff88806cf31340 R09: ffffe8ffffd094e8 [ 112.497655] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 112.498268] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 112.498882] FS: 000055557d8e3400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 112.499580] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.500084] CR2: 000055557d8e4c18 CR3: 0000000044d6d000 CR4: 0000000000350ef0 [ 112.500696] note: syz-executor.4[3917] exited with preempt_count 1 [ 112.501252] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51 [ 112.502024] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 3917, name: syz-executor.4 [ 112.502730] preempt_count: 0, expected: 0 [ 112.503094] RCU nest depth: 2, expected: 0 [ 112.503468] INFO: lockdep is turned off. [ 112.503809] CPU: 1 UID: 0 PID: 3917 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 112.503827] Tainted: [D]=DIE, [W]=WARN [ 112.503831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 112.503837] Call Trace: [ 112.503841] [ 112.503845] dump_stack_lvl+0xfa/0x120 [ 112.503865] __might_resched+0x2f3/0x510 [ 112.503879] exit_signals+0x25/0x940 [ 112.503897] do_exit+0x2db/0x2970 [ 112.503911] ? _printk+0xbe/0xf0 [ 112.503923] ? __pfx__printk+0x10/0x10 [ 112.503936] ? __pfx_do_exit+0x10/0x10 [ 112.503951] make_task_dead+0x174/0x3b0 [ 112.503967] ? do_syscall_64+0xbf/0x360 [ 112.503977] rewind_stack_and_make_dead+0x16/0x20 [ 112.503992] RIP: 0033:0x7f8c5d3a3b19 [ 112.504000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.504011] RSP: 002b:00007ffc8f3a5b28 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 112.504021] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8c5d3a3b19 [ 112.504029] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8c5d4b6f68 [ 112.504036] RBP: 00007f8c5d4b6f60 R08: 00007f8c5a919700 R09: 0000000000000000 [ 112.504043] R10: 00007f8c5a919700 R11: 0000000000000246 R12: 00007f8c5d4bba68 [ 112.504050] R13: 00007ffc8f3a5c30 R14: 00007f8c5d4b6f60 R15: 000000000001b6df [ 112.504060] [ 112.593321] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 112.594278] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 112.594996] CPU: 0 UID: 0 PID: 3921 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 112.595995] Tainted: [D]=DIE, [W]=WARN [ 112.596317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 112.597011] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.597429] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.598953] RSP: 0018:ffff88804658f800 EFLAGS: 00010212 [ 112.599405] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc9000a43f000 [ 112.600018] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 112.600621] RBP: ffff88804658fa70 R08: ffff88806ce31340 R09: ffffe8ffffc094e8 [ 112.601243] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 112.601850] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 112.602434] FS: 00007f8c5a919700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 112.603120] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.603596] CR2: 00005555736f7c98 CR3: 0000000044d6d000 CR4: 0000000000350ef0 [ 112.604217] Call Trace: [ 112.604432] [ 112.604631] ? __pfx_perf_tp_event+0x10/0x10 [ 112.605015] ? kvm_sched_clock_read+0x16/0x30 [ 112.605417] ? local_clock_noinstr+0xf/0xc0 [ 112.605799] ? perf_trace_lock+0xb5/0x5d0 [ 112.606162] ? perf_trace_lock+0xb5/0x5d0 [ 112.606521] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 112.606946] ? perf_swevent_event+0x63/0x3f0 [ 112.607327] ? perf_tp_event+0x807/0xe70 [ 112.607688] ? __pfx_perf_tp_event+0x10/0x10 [ 112.608082] ? do_raw_spin_unlock+0x53/0x220 [ 112.608474] ? perf_trace_run_bpf_submit+0xef/0x180 [ 112.608909] perf_trace_run_bpf_submit+0xef/0x180 [ 112.609352] perf_trace_lock+0x337/0x5d0 [ 112.609701] ? perf_swevent_event+0x63/0x3f0 [ 112.610089] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.610471] ? perf_trace_lock+0xb5/0x5d0 [ 112.610839] ? __pfx_smp_call_function_single+0x10/0x10 [ 112.611296] ? get_futex_key+0x592/0x14a0 [ 112.611657] ? futex_ref_get+0x114/0x300 [ 112.612015] ? futex_hash+0x15c/0x390 [ 112.612349] lock_release+0x1ab/0x290 [ 112.612684] ? futex_hash+0x15c/0x390 [ 112.613021] futex_ref_get+0x119/0x300 [ 112.613380] ? futex_hash+0x15c/0x390 [ 112.613706] futex_hash+0x70/0x390 [ 112.614012] futex_wake+0x143/0x540 [ 112.614339] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.614740] ? __pfx___mutex_lock+0x10/0x10 [ 112.615126] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 112.615578] ? __pfx_futex_wake+0x10/0x10 [ 112.615940] ? lock_release+0x1c7/0x290 [ 112.616283] ? fd_install+0x1f0/0x660 [ 112.616621] do_futex+0x26d/0x370 [ 112.616920] ? __pfx_do_futex+0x10/0x10 [ 112.617283] ? perf_trace_run_bpf_submit+0xef/0x180 [ 112.617720] __x64_sys_futex+0x1c9/0x4d0 [ 112.618083] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 112.618602] ? __pfx___x64_sys_futex+0x10/0x10 [ 112.619006] do_syscall_64+0xbf/0x360 [ 112.619343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.619793] RIP: 0033:0x7f8c5d3a3b19 [ 112.620115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.621679] RSP: 002b:00007f8c5a919218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 112.622317] RAX: ffffffffffffffda RBX: 00007f8c5d4b6f68 RCX: 00007f8c5d3a3b19 [ 112.622925] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8c5d4b6f6c [ 112.623526] RBP: 00007f8c5d4b6f60 R08: 000000000000000e R09: 0000000000000000 [ 112.624124] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8c5d4b6f6c [ 112.624735] R13: 00007ffc8f3a5aaf R14: 00007f8c5a919300 R15: 0000000000022000 [ 112.625349] [ 112.625557] Modules linked in: [ 112.625980] ---[ end trace 0000000000000000 ]--- [ 112.626390] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.626794] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.628334] RSP: 0018:ffff8880462ef800 EFLAGS: 00010212 [ 112.628799] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 112.629433] RDX: ffff888016120000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 112.630047] RBP: ffff8880462efa70 R08: ffff88806cf31340 R09: ffffe8ffffd094e8 [ 112.630667] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 112.631292] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 112.631901] FS: 00007f8c5a919700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 112.632600] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.633117] CR2: 00005555736f7c98 CR3: 0000000044d6d000 CR4: 0000000000350ef0 [ 112.633740] note: syz-executor.4[3921] exited with preempt_count 1 [ 112.634368] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#3] SMP KASAN NOPTI [ 112.635319] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 112.635963] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 112.636944] Tainted: [D]=DIE, [W]=WARN [ 112.637292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 112.637998] Workqueue: mld mld_ifc_work [ 112.638342] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.638728] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.640277] RSP: 0018:ffff8880095ef580 EFLAGS: 00010012 [ 112.640733] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 112.641545] RDX: ffff8880095d9b80 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 112.642142] RBP: ffff8880095ef7f0 R08: ffff88806ce31340 R09: ffffe8ffffc15ad0 [ 112.642755] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 112.643361] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 112.643970] FS: 0000000000000000(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 112.644660] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.645146] CR2: 00005555736f7c98 CR3: 0000000044d6d000 CR4: 0000000000350ef0 [ 112.645770] Call Trace: [ 112.645997] [ 112.646195] ? __pfx_perf_tp_event+0x10/0x10 [ 112.646573] ? stack_depot_save_flags+0x2c/0xa20 [ 112.646986] ? lock_acquire+0x18c/0x2f0 [ 112.647325] ? lock_release+0x1c7/0x290 [ 112.647654] ? lock_acquire+0x18c/0x2f0 [ 112.647987] ? lock_release+0x1c7/0x290 [ 112.648334] ? unwind_next_frame+0x3bc/0x2540 [ 112.648729] ? ret_from_fork_asm+0x1a/0x30 [ 112.649088] ? ret_from_fork_asm+0x1a/0x30 [ 112.649463] ? kernel_text_address+0x11/0xc0 [ 112.649850] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 112.650281] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 112.650750] ? arch_stack_walk+0x86/0xf0 [ 112.651107] ? perf_trace_run_bpf_submit+0xef/0x180 [ 112.651530] ? ret_from_fork_asm+0x1a/0x30 [ 112.651898] perf_trace_run_bpf_submit+0xef/0x180 [ 112.652315] perf_trace_preemptirq_template+0x259/0x430 [ 112.652766] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 112.653285] ? __kmalloc_cache_noprof+0x42a/0x690 [ 112.653704] ? icmp6_dst_alloc+0x4a7/0x650 [ 112.654060] ? mld_sendpack+0x50a/0x11b0 [ 112.654405] ? mld_ifc_work+0x726/0xb60 [ 112.654737] ? process_one_work+0x8e1/0x19c0 [ 112.655121] ? worker_thread+0x67e/0xe90 [ 112.655467] ? kthread+0x3c8/0x740 [ 112.655773] ? _raw_spin_lock_irqsave+0x53/0x60 [ 112.656169] trace_irq_disable.constprop.0+0xa6/0x100 [ 112.656600] _raw_spin_lock_irqsave+0x53/0x60 [ 112.656981] __create_object+0x31/0x80 [ 112.657338] __kmalloc_cache_noprof+0x42a/0x690 [ 112.657743] ? mld_newpack.isra.0+0x670/0x950 [ 112.658134] ? dst_cow_metrics_generic+0x4c/0x1e0 [ 112.658551] dst_cow_metrics_generic+0x4c/0x1e0 [ 112.658953] icmp6_dst_alloc+0x4a7/0x650 [ 112.659303] ? icmpv6_flow_init+0x3d/0x280 [ 112.659671] ? selinux_sk_getsecid+0x7c/0xd0 [ 112.660059] mld_sendpack+0x50a/0x11b0 [ 112.660398] ? __pfx_mld_sendpack+0x10/0x10 [ 112.660765] ? lock_release+0x1c7/0x290 [ 112.661113] mld_ifc_work+0x726/0xb60 [ 112.661454] ? lock_release+0x1c7/0x290 [ 112.661798] process_one_work+0x8e1/0x19c0 [ 112.662172] ? __pfx_process_one_work+0x10/0x10 [ 112.662568] ? move_linked_works+0x172/0x270 [ 112.662955] ? assign_work+0x196/0x240 [ 112.663278] worker_thread+0x67e/0xe90 [ 112.663603] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 112.664038] ? __pfx_worker_thread+0x10/0x10 [ 112.664421] kthread+0x3c8/0x740 [ 112.664718] ? __pfx_kthread+0x10/0x10 [ 112.665058] ? ret_from_fork+0x23/0x430 [ 112.665413] ? lock_release+0xc8/0x290 [ 112.665756] ? __pfx_kthread+0x10/0x10 [ 112.666091] ret_from_fork+0x34b/0x430 [ 112.666430] ? __pfx_kthread+0x10/0x10 [ 112.666771] ret_from_fork_asm+0x1a/0x30 [ 112.667127] [ 112.667322] Modules linked in: [ 112.667590] ---[ end trace 0000000000000000 ]--- [ 112.667989] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.668386] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.669944] RSP: 0018:ffff8880462ef800 EFLAGS: 00010212 [ 112.670394] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 112.670991] RDX: ffff888016120000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 112.671601] RBP: ffff8880462efa70 R08: ffff88806cf31340 R09: ffffe8ffffd094e8 [ 112.672204] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 112.672811] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 112.673434] FS: 0000000000000000(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 112.674108] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.674600] CR2: 00005555736f7c98 CR3: 0000000044d6d000 CR4: 0000000000350ef0 [ 112.675206] note: kworker/0:1[10] exited with irqs disabled [ 112.675720] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#4] SMP KASAN NOPTI [ 112.676654] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 112.677314] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 112.678296] Tainted: [D]=DIE, [W]=WARN [ 112.678612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 112.679320] Workqueue: mld mld_ifc_work [ 112.679659] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.680063] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.681595] RSP: 0018:ffff88806ce08ac0 EFLAGS: 00010012 [ 112.682053] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 112.682661] RDX: ffff8880095d9b80 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 112.683249] RBP: ffff88806ce08d30 R08: ffff88806ce313e8 R09: ffffe8ffffc15ad0 [ 112.683826] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 112.684436] R13: 0000000000000014 R14: ffff88806ce313e8 R15: dffffc0000000000 [ 112.685047] FS: 0000000000000000(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 112.685758] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.686262] CR2: 00005555736f7c98 CR3: 0000000044d6d000 CR4: 0000000000350ef0 [ 112.686877] Call Trace: [ 112.687106] [ 112.687301] ? __smp_call_single_queue+0x15b/0x2f0 [ 112.687731] ? __pfx_perf_tp_event+0x10/0x10 [ 112.688120] ? __pfx_select_task_rq_fair+0x10/0x10 [ 112.688550] ? lock_release+0x1c7/0x290 [ 112.688905] ? do_raw_read_unlock+0x44/0xe0 [ 112.689297] ? _raw_read_unlock_irqrestore+0x22/0x50 [ 112.689720] ? ep_poll_callback+0x682/0xc50 [ 112.690085] ? trace_pelt_se_tp+0xdf/0x130 [ 112.690446] ? __update_load_avg_se+0x428/0xa40 [ 112.690857] ? do_raw_spin_lock+0x123/0x260 [ 112.691234] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 112.691645] ? lock_release+0x1c7/0x290 [ 112.691997] ? do_raw_spin_unlock+0x53/0x220 [ 112.692373] ? perf_trace_run_bpf_submit+0xef/0x180 [ 112.692809] perf_trace_run_bpf_submit+0xef/0x180 [ 112.693249] perf_trace_preemptirq_template+0x259/0x430 [ 112.693700] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 112.694210] ? timerqueue_add+0x1c2/0x330 [ 112.694574] ? lock_acquire+0x18c/0x2f0 [ 112.694926] ? irqentry_enter+0x2a/0x60 [ 112.695276] trace_irq_disable.constprop.0+0xa6/0x100 [ 112.695698] irqentry_enter+0x2a/0x60 [ 112.696033] common_interrupt+0x1d/0xd0 [ 112.696372] asm_common_interrupt+0x26/0x40 [ 112.696740] RIP: 0010:handle_softirqs+0x174/0x770 [ 112.697164] Code: c8 83 83 3c 0a 00 00 01 c7 44 24 20 0a 00 00 00 48 89 44 24 18 65 66 c7 05 0f 84 48 06 00 00 e8 42 80 40 00 fb bb ff ff ff ff <48> c7 c5 c0 c0 a0 85 41 0f bc de 83 c3 01 0f 85 9b 00 00 00 e9 8d [ 112.698694] RSP: 0018:ffff88806ce08f78 EFLAGS: 00000246 [ 112.699151] RAX: 0000000000000001 RBX: 00000000ffffffff RCX: ffffffff817c2b86 [ 112.699751] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813bac2e [ 112.700366] RBP: ffff8880095efe78 R08: 0000000000000000 R09: 0000000000000000 [ 112.700980] R10: ffffffff8643ac57 R11: 0000000000020ad5 R12: 0000000000000000 [ 112.701606] R13: 0000000000000000 R14: 0000000000000200 R15: 0000000000000000 [ 112.702210] ? trace_irq_enable.constprop.0+0x26/0x100 [ 112.702661] ? handle_softirqs+0x16e/0x770 [ 112.703033] ? handle_softirqs+0x16e/0x770 [ 112.703402] __irq_exit_rcu+0xc4/0x100 [ 112.703751] irq_exit_rcu+0x9/0x20 [ 112.704066] sysvec_apic_timer_interrupt+0x70/0x80 [ 112.704497] [ 112.704684] [ 112.704876] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 112.705332] RIP: 0010:make_task_dead+0xa2/0x3b0 [ 112.705734] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de [ 112.707235] RSP: 0018:ffff8880095eff28 EFLAGS: 00000246 [ 112.707691] RAX: 0000000000000001 RBX: ffff8880095d9b80 RCX: ffffffff817c2b86 [ 112.708291] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234 [ 112.708893] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000 [ 112.709508] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff8880095d9b80 [ 112.710126] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000 [ 112.710731] ? trace_irq_enable.constprop.0+0x26/0x100 [ 112.711181] ? make_task_dead+0x214/0x3b0 [ 112.711549] ? make_task_dead+0x214/0x3b0 [ 112.711900] ? ret_from_fork+0x34b/0x430 [ 112.712262] rewind_stack_and_make_dead+0x16/0x20 [ 112.712688] RIP: 0000:0x0 [ 112.712936] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 112.713512] RSP: 0000:0000000000000000 EFLAGS: 00000000 ORIG_RAX: 0000000000000000 [ 112.714166] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 112.714775] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 112.715385] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 112.715995] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 112.716611] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 112.717181] [ 112.717392] Modules linked in: [ 112.717678] ---[ end trace 0000000000000000 ]--- [ 112.718076] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.718485] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.720010] RSP: 0018:ffff8880462ef800 EFLAGS: 00010212 [ 112.720427] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 112.720983] RDX: ffff888016120000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 112.721559] RBP: ffff8880462efa70 R08: ffff88806cf31340 R09: ffffe8ffffd094e8 [ 112.722121] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 112.722681] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 112.723246] FS: 0000000000000000(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 112.723877] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.724332] CR2: ffffffffffffffd6 CR3: 0000000044d6d000 CR4: 0000000000350ef0 [ 112.724895] Kernel panic - not syncing: Fatal exception in interrupt [ 112.725497] Kernel Offset: disabled [ 112.725785] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 09:35:07 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=ffffffff81ef8d01 RCX=000000000000000d RDX=1ffff11001fbaee2 RSI=ffffffff85c1c760 RDI=ffffffff81ef8d01 RBP=ffffffff81ef8d01 RSP=ffff88800fdd7668 R8 =ffffffff84c93ca0 R9 =ffff88800fdd76f8 R10=000000000003be53 R11=00000000000314a4 R12=0000000000000001 R13=0000000000000000 R14=ffff888044980000 R15=ffffea0000333480 RIP=ffffffff81434d82 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f7c4b7c6700 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe1600000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f7c4b7c5fe8 CR3=000000004647f000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000a60ce07b00000000cec3662e XMM01=000000000000000003515b82db34ca11 XMM02=0000000000000000333bebdfd0a6a21d XMM03=00007f7c4e3377c800007f7c4e3377c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880462ef170 R8 =0000000000000000 R9 =ffffed1001359046 R10=0000000000000038 R11=313030203a505352 R12=0000000000000038 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055557d8e3400 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe6a00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055557d8e4c18 CR3=0000000044d6d000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f8c5d48a7c000007f8c5d48a7c8 XMM02=00007f8c5d48a7e000007f8c5d48a7c0 XMM03=00007f8c5d48a7c800007f8c5d48a7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000