Warning: Permanently added '[localhost]:51293' (ECDSA) to the list of known hosts. 2025/08/29 09:36:05 fuzzer started 2025/08/29 09:36:06 dialing manager at localhost:43077 syzkaller login: [ 51.453488] cgroup: Unknown subsys name 'net' [ 51.514831] cgroup: Unknown subsys name 'cpuset' [ 51.528000] cgroup: Unknown subsys name 'rlimit' 2025/08/29 09:36:16 syscalls: 2214 2025/08/29 09:36:16 code coverage: enabled 2025/08/29 09:36:16 comparison tracing: enabled 2025/08/29 09:36:16 extra coverage: enabled 2025/08/29 09:36:16 setuid sandbox: enabled 2025/08/29 09:36:16 namespace sandbox: enabled 2025/08/29 09:36:16 Android sandbox: enabled 2025/08/29 09:36:16 fault injection: enabled 2025/08/29 09:36:16 leak checking: enabled 2025/08/29 09:36:16 net packet injection: enabled 2025/08/29 09:36:16 net device setup: enabled 2025/08/29 09:36:16 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 09:36:16 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 09:36:16 USB emulation: enabled 2025/08/29 09:36:16 hci packet injection: enabled 2025/08/29 09:36:16 wifi device emulation: enabled 2025/08/29 09:36:16 802.15.4 emulation: enabled 2025/08/29 09:36:16 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 09:36:16 fetching corpus: 50, signal 24411/27798 (executing program) 2025/08/29 09:36:17 fetching corpus: 100, signal 33913/38624 (executing program) 2025/08/29 09:36:17 fetching corpus: 150, signal 43267/49011 (executing program) 2025/08/29 09:36:17 fetching corpus: 200, signal 47706/54581 (executing program) 2025/08/29 09:36:17 fetching corpus: 250, signal 52972/60814 (executing program) 2025/08/29 09:36:17 fetching corpus: 300, signal 55410/64376 (executing program) 2025/08/29 09:36:17 fetching corpus: 350, signal 58686/68604 (executing program) 2025/08/29 09:36:17 fetching corpus: 400, signal 63266/73925 (executing program) 2025/08/29 09:36:17 fetching corpus: 450, signal 70414/81305 (executing program) 2025/08/29 09:36:17 fetching corpus: 500, signal 73205/84804 (executing program) 2025/08/29 09:36:18 fetching corpus: 550, signal 77112/89060 (executing program) 2025/08/29 09:36:18 fetching corpus: 600, signal 79867/92386 (executing program) 2025/08/29 09:36:18 fetching corpus: 650, signal 83355/96258 (executing program) 2025/08/29 09:36:18 fetching corpus: 700, signal 85560/98987 (executing program) 2025/08/29 09:36:18 fetching corpus: 750, signal 87662/101522 (executing program) 2025/08/29 09:36:18 fetching corpus: 800, signal 90071/104269 (executing program) 2025/08/29 09:36:18 fetching corpus: 850, signal 92212/106763 (executing program) 2025/08/29 09:36:18 fetching corpus: 900, signal 94117/108963 (executing program) 2025/08/29 09:36:18 fetching corpus: 950, signal 96460/111485 (executing program) 2025/08/29 09:36:19 fetching corpus: 1000, signal 97963/113358 (executing program) 2025/08/29 09:36:19 fetching corpus: 1050, signal 98940/114845 (executing program) 2025/08/29 09:36:19 fetching corpus: 1100, signal 100756/116892 (executing program) 2025/08/29 09:36:19 fetching corpus: 1150, signal 102820/119070 (executing program) 2025/08/29 09:36:19 fetching corpus: 1200, signal 104262/120755 (executing program) 2025/08/29 09:36:19 fetching corpus: 1250, signal 106236/122712 (executing program) 2025/08/29 09:36:19 fetching corpus: 1300, signal 107075/123862 (executing program) 2025/08/29 09:36:19 fetching corpus: 1350, signal 108510/125412 (executing program) 2025/08/29 09:36:19 fetching corpus: 1400, signal 109883/126964 (executing program) 2025/08/29 09:36:19 fetching corpus: 1450, signal 110895/128176 (executing program) 2025/08/29 09:36:20 fetching corpus: 1500, signal 112262/129665 (executing program) 2025/08/29 09:36:20 fetching corpus: 1550, signal 114102/131366 (executing program) 2025/08/29 09:36:20 fetching corpus: 1600, signal 115547/132760 (executing program) 2025/08/29 09:36:20 fetching corpus: 1650, signal 116621/133901 (executing program) 2025/08/29 09:36:20 fetching corpus: 1700, signal 117849/135054 (executing program) 2025/08/29 09:36:20 fetching corpus: 1750, signal 118649/135996 (executing program) 2025/08/29 09:36:20 fetching corpus: 1800, signal 119849/137101 (executing program) 2025/08/29 09:36:20 fetching corpus: 1850, signal 120762/137962 (executing program) 2025/08/29 09:36:20 fetching corpus: 1900, signal 121860/138969 (executing program) 2025/08/29 09:36:21 fetching corpus: 1950, signal 122596/139782 (executing program) 2025/08/29 09:36:21 fetching corpus: 2000, signal 123709/140784 (executing program) 2025/08/29 09:36:21 fetching corpus: 2050, signal 124770/141724 (executing program) 2025/08/29 09:36:21 fetching corpus: 2100, signal 125440/142392 (executing program) 2025/08/29 09:36:21 fetching corpus: 2150, signal 126184/143098 (executing program) 2025/08/29 09:36:21 fetching corpus: 2200, signal 127542/144018 (executing program) 2025/08/29 09:36:21 fetching corpus: 2250, signal 127960/144546 (executing program) 2025/08/29 09:36:21 fetching corpus: 2300, signal 128740/145202 (executing program) 2025/08/29 09:36:21 fetching corpus: 2350, signal 129535/145841 (executing program) 2025/08/29 09:36:21 fetching corpus: 2400, signal 130278/146421 (executing program) 2025/08/29 09:36:22 fetching corpus: 2450, signal 131361/147201 (executing program) 2025/08/29 09:36:22 fetching corpus: 2500, signal 132432/147894 (executing program) 2025/08/29 09:36:22 fetching corpus: 2550, signal 133305/148475 (executing program) 2025/08/29 09:36:22 fetching corpus: 2600, signal 134584/149167 (executing program) 2025/08/29 09:36:22 fetching corpus: 2650, signal 135150/149626 (executing program) 2025/08/29 09:36:22 fetching corpus: 2700, signal 135789/150083 (executing program) 2025/08/29 09:36:22 fetching corpus: 2750, signal 136176/150479 (executing program) 2025/08/29 09:36:22 fetching corpus: 2800, signal 136832/150901 (executing program) 2025/08/29 09:36:22 fetching corpus: 2850, signal 137414/151258 (executing program) 2025/08/29 09:36:23 fetching corpus: 2900, signal 138210/151655 (executing program) 2025/08/29 09:36:23 fetching corpus: 2950, signal 138753/152059 (executing program) 2025/08/29 09:36:23 fetching corpus: 3000, signal 139579/152456 (executing program) 2025/08/29 09:36:23 fetching corpus: 3050, signal 140254/152761 (executing program) 2025/08/29 09:36:23 fetching corpus: 3100, signal 141047/153228 (executing program) 2025/08/29 09:36:23 fetching corpus: 3150, signal 141734/153523 (executing program) 2025/08/29 09:36:23 fetching corpus: 3200, signal 142374/153856 (executing program) 2025/08/29 09:36:23 fetching corpus: 3250, signal 143311/154139 (executing program) 2025/08/29 09:36:23 fetching corpus: 3300, signal 144159/154401 (executing program) 2025/08/29 09:36:24 fetching corpus: 3350, signal 144623/154603 (executing program) 2025/08/29 09:36:24 fetching corpus: 3400, signal 145476/154871 (executing program) 2025/08/29 09:36:24 fetching corpus: 3450, signal 146022/155044 (executing program) 2025/08/29 09:36:24 fetching corpus: 3500, signal 146630/155229 (executing program) 2025/08/29 09:36:24 fetching corpus: 3550, signal 147047/155406 (executing program) 2025/08/29 09:36:24 fetching corpus: 3600, signal 147495/155537 (executing program) 2025/08/29 09:36:24 fetching corpus: 3650, signal 148269/155771 (executing program) 2025/08/29 09:36:24 fetching corpus: 3700, signal 149028/155936 (executing program) 2025/08/29 09:36:24 fetching corpus: 3750, signal 149589/155978 (executing program) 2025/08/29 09:36:24 fetching corpus: 3800, signal 149891/155980 (executing program) 2025/08/29 09:36:25 fetching corpus: 3850, signal 150478/155984 (executing program) 2025/08/29 09:36:25 fetching corpus: 3900, signal 150993/156010 (executing program) 2025/08/29 09:36:25 fetching corpus: 3950, signal 151326/156057 (executing program) 2025/08/29 09:36:25 fetching corpus: 4000, signal 151787/156067 (executing program) 2025/08/29 09:36:25 fetching corpus: 4050, signal 152655/156105 (executing program) 2025/08/29 09:36:25 fetching corpus: 4100, signal 152993/156130 (executing program) 2025/08/29 09:36:25 fetching corpus: 4150, signal 153663/156150 (executing program) 2025/08/29 09:36:25 fetching corpus: 4187, signal 153986/156165 (executing program) 2025/08/29 09:36:25 fetching corpus: 4187, signal 153986/156165 (executing program) 2025/08/29 09:36:27 starting 8 fuzzer processes 09:36:27 executing program 0: syz_mount_image$iso9660(0x0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) unlink(&(0x7f0000000080)='./file1\x00') 09:36:27 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)={0x20, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)={0x20, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0) 09:36:27 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x1}}) r1 = dup(r0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000100)=""/89) 09:36:27 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$setown(r0, 0x8, 0x0) [ 72.989799] audit: type=1400 audit(1756460187.913:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 09:36:27 executing program 4: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue1\x00'}) 09:36:27 executing program 5: r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f", 0x1c3) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00') mount_setattr(r0, 0x0, 0x9100, &(0x7f0000000380)={0x0, 0x10000c, 0x2c0000, {r2}}, 0x20) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) sendfile(r0, r1, 0x0, 0xfdef) r3 = accept4$packet(r2, &(0x7f00000003c0), &(0x7f0000000400)=0x14, 0x800) getsockopt$sock_cred(r3, 0x1, 0x11, 0x0, &(0x7f0000000280)) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0xff, 0xb1, 0x20, 0x40, 0x0, 0x67, 0x2080, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x9, 0x0, @perf_bp={&(0x7f0000000180), 0xe}, 0x2504, 0x5, 0x0, 0x2, 0x0, 0x6}, 0x0, 0x8, 0xffffffffffffffff, 0x8) 09:36:27 executing program 6: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00') read$rfkill(r0, &(0x7f0000000240), 0x80000) 09:36:27 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0xf, r0, 0x0, 0x0) [ 74.181476] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 74.185677] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 74.187166] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 74.190585] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 74.194381] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 74.196532] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 74.198416] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 74.201853] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 74.214278] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 74.229582] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 74.234236] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 74.242084] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 74.244317] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 74.258828] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 74.263816] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 74.376837] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 74.389796] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 74.391970] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 74.395523] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 74.400892] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 74.403078] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 74.409445] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 74.412441] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 74.416736] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 74.422724] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 74.424517] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 74.426063] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 74.429117] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 74.435655] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 74.438421] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 74.449084] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 74.451554] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 74.457156] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 74.461427] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 74.462894] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 74.464674] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 74.470123] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 74.485479] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 74.493859] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 74.498557] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 76.276257] Bluetooth: hci0: command tx timeout [ 76.276814] Bluetooth: hci1: command tx timeout [ 76.338337] Bluetooth: hci2: command tx timeout [ 76.532478] Bluetooth: hci4: command tx timeout [ 76.534268] Bluetooth: hci3: command tx timeout [ 76.534798] Bluetooth: hci5: command tx timeout [ 76.535327] Bluetooth: hci6: command tx timeout [ 76.594252] Bluetooth: hci7: command tx timeout [ 78.322273] Bluetooth: hci1: command tx timeout [ 78.322751] Bluetooth: hci0: command tx timeout [ 78.386281] Bluetooth: hci2: command tx timeout [ 78.578826] Bluetooth: hci6: command tx timeout [ 78.579413] Bluetooth: hci5: command tx timeout [ 78.579443] Bluetooth: hci3: command tx timeout [ 78.580059] Bluetooth: hci4: command tx timeout [ 78.642788] Bluetooth: hci7: command tx timeout [ 80.370315] Bluetooth: hci1: command tx timeout [ 80.371099] Bluetooth: hci0: command tx timeout [ 80.434445] Bluetooth: hci2: command tx timeout [ 80.626500] Bluetooth: hci6: command tx timeout [ 80.628351] Bluetooth: hci4: command tx timeout [ 80.629091] Bluetooth: hci3: command tx timeout [ 80.630036] Bluetooth: hci5: command tx timeout [ 80.690335] Bluetooth: hci7: command tx timeout [ 82.418288] Bluetooth: hci1: command tx timeout [ 82.418304] Bluetooth: hci0: command tx timeout [ 82.482491] Bluetooth: hci2: command tx timeout [ 82.674329] Bluetooth: hci3: command tx timeout [ 82.674342] Bluetooth: hci6: command tx timeout [ 82.674382] Bluetooth: hci5: command tx timeout [ 82.674778] Bluetooth: hci4: command tx timeout [ 82.739298] Bluetooth: hci7: command tx timeout [ 110.147450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.148115] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.325505] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.326123] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.531562] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.532301] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.688688] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.689335] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.729576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.730160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.785943] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.786764] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.859164] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.860353] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.027373] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.028019] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.063675] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.064331] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.094165] audit: type=1400 audit(1756460226.017:8): avc: denied { open } for pid=3849 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 111.107264] audit: type=1400 audit(1756460226.017:9): avc: denied { kernel } for pid=3849 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 111.178765] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.180257] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.298273] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.298875] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.382331] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.383093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.387785] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.745762] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.746627] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.793506] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.794134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.854722] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.855885] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.856970] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.857631] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:37:07 executing program 4: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue1\x00'}) 09:37:07 executing program 0: syz_mount_image$iso9660(0x0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) unlink(&(0x7f0000000080)='./file1\x00') 09:37:07 executing program 6: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00') read$rfkill(r0, &(0x7f0000000240), 0x80000) 09:37:07 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$setown(r0, 0x8, 0x0) 09:37:07 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x1}}) r1 = dup(r0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000100)=""/89) 09:37:07 executing program 5: r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f", 0x1c3) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00') mount_setattr(r0, 0x0, 0x9100, &(0x7f0000000380)={0x0, 0x10000c, 0x2c0000, {r2}}, 0x20) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) sendfile(r0, r1, 0x0, 0xfdef) r3 = accept4$packet(r2, &(0x7f00000003c0), &(0x7f0000000400)=0x14, 0x800) getsockopt$sock_cred(r3, 0x1, 0x11, 0x0, &(0x7f0000000280)) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0xff, 0xb1, 0x20, 0x40, 0x0, 0x67, 0x2080, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x9, 0x0, @perf_bp={&(0x7f0000000180), 0xe}, 0x2504, 0x5, 0x0, 0x2, 0x0, 0x6}, 0x0, 0x8, 0xffffffffffffffff, 0x8) 09:37:07 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0xf, r0, 0x0, 0x0) 09:37:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)={0x20, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)={0x20, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0) 09:37:07 executing program 4: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue1\x00'}) 09:37:07 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$setown(r0, 0x8, 0x0) 09:37:07 executing program 0: syz_mount_image$iso9660(0x0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) unlink(&(0x7f0000000080)='./file1\x00') 09:37:07 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x1}}) r1 = dup(r0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000100)=""/89) 09:37:07 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0xf, r0, 0x0, 0x0) 09:37:07 executing program 6: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00') read$rfkill(r0, &(0x7f0000000240), 0x80000) [ 112.309154] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI [ 112.310086] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 112.310695] CPU: 1 UID: 0 PID: 3925 Comm: syz-executor.3 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 112.312087] Tainted: [W]=WARN [ 112.312964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 112.314773] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.315841] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.320276] RSP: 0018:ffff888044f6f780 EFLAGS: 00010012 [ 112.320709] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc9000c2eb000 [ 112.321290] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 112.321861] RBP: ffff888044f6f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd15ff8 [ 112.322430] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 112.322995] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 112.323562] FS: 00007fc75c614700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 112.324197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.324657] CR2: 0000559241567350 CR3: 0000000043cee000 CR4: 0000000000350ef0 [ 112.325231] Call Trace: [ 112.325444] [ 112.325633] ? __pfx_perf_tp_event+0x10/0x10 [ 112.326000] ? perf_tp_event+0x807/0xe70 [ 112.326339] ? perf_trace_run_bpf_submit+0xef/0x180 [ 112.326749] ? perf_trace_run_bpf_submit+0xef/0x180 [ 112.327169] ? perf_trace_lock+0x337/0x5d0 [ 112.327534] ? css_rstat_updated+0x1b8/0x4d0 [ 112.327918] ? perf_trace_run_bpf_submit+0xef/0x180 [ 112.328337] perf_trace_run_bpf_submit+0xef/0x180 [ 112.328748] perf_trace_preemptirq_template+0x259/0x430 [ 112.329203] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.329586] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.329968] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 112.330466] ? find_held_lock+0x2b/0x80 [ 112.330804] ? try_to_wake_up+0x8ae/0x11d0 [ 112.331163] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 112.331586] trace_irq_enable.constprop.0+0xa6/0x100 [ 112.332004] trace_hardirqs_on+0x26/0x40 [ 112.332347] _raw_spin_unlock_irqrestore+0x2c/0x50 [ 112.332781] try_to_wake_up+0x8ae/0x11d0 [ 112.333143] ? __pfx_try_to_wake_up+0x10/0x10 [ 112.333518] ? plist_del+0x122/0x270 [ 112.333842] ? find_held_lock+0x2b/0x80 [ 112.334187] ? futex_wake+0x474/0x540 [ 112.334511] wake_up_q+0xa1/0x130 [ 112.334800] futex_wake+0x47e/0x540 [ 112.335111] ? __pfx_futex_wake+0x10/0x10 [ 112.335447] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 112.335924] ? lock_release+0xc8/0x290 [ 112.336247] do_futex+0x26d/0x370 [ 112.336536] ? __pfx_do_futex+0x10/0x10 [ 112.336869] ? kasan_quarantine_put+0x84/0x1e0 [ 112.337249] ? kfree+0x281/0x550 [ 112.337537] __x64_sys_futex+0x1c9/0x4d0 [ 112.337866] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 112.338350] ? __pfx___x64_sys_futex+0x10/0x10 [ 112.338723] ? xfd_validate_state+0x55/0x180 [ 112.339096] do_syscall_64+0xbf/0x360 [ 112.339406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.339818] RIP: 0033:0x7fc75f09eb19 [ 112.340118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.341572] RSP: 002b:00007fc75c614218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 112.342176] RAX: ffffffffffffffda RBX: 00007fc75f1b1f68 RCX: 00007fc75f09eb19 [ 112.342746] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc75f1b1f6c [ 112.343315] RBP: 00007fc75f1b1f60 R08: 000000000000000e R09: 0000000000000000 [ 112.343882] R10: 000000001626b68b R11: 0000000000000246 R12: 00007fc75f1b1f6c [ 112.344453] R13: 00007fff09fd70af R14: 00007fc75c614300 R15: 0000000000022000 [ 112.345053] [ 112.345248] Modules linked in: [ 112.345514] ---[ end trace 0000000000000000 ]--- [ 112.345890] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.346278] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.347722] RSP: 0018:ffff888044f6f780 EFLAGS: 00010012 [ 112.348147] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc9000c2eb000 [ 112.348721] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 112.349295] RBP: ffff888044f6f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd15ff8 [ 112.349863] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 112.350430] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 112.351000] FS: 00007fc75c614700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 112.351645] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.352110] CR2: 0000559241567350 CR3: 0000000043cee000 CR4: 0000000000350ef0 [ 112.352682] note: syz-executor.3[3925] exited with irqs disabled [ 112.354852] note: syz-executor.3[3925] exited with preempt_count 3 [ 112.626450] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 112.627376] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 112.628066] CPU: 1 UID: 0 PID: 3816 Comm: kworker/u8:2 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 112.629005] Tainted: [D]=DIE, [W]=WARN [ 112.629314] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 112.629969] Workqueue: ipv6_addrconf addrconf_dad_work [ 112.630400] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.630788] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.632223] RSP: 0018:ffff888015d3ef00 EFLAGS: 00010212 [ 112.632651] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 112.633219] RDX: ffff88801a4b3700 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 112.633778] RBP: ffff888015d3f170 R08: ffff88806cf31340 R09: ffffe8ffffd15fe0 [ 112.634344] R10: 0000000000000000 R11: 0000000000006cee R12: dffffc0000000000 [ 112.634910] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 112.635473] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 112.636108] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.636567] CR2: 0000001b2d343000 CR3: 0000000043837000 CR4: 0000000000350ef0 [ 112.637142] Call Trace: [ 112.637352] [ 112.637538] ? ieee80211_handle_wake_tx_queue+0x1ca/0x260 [ 112.637983] ? __pfx_perf_tp_event+0x10/0x10 [ 112.638348] ? ieee80211_queue_skb+0xb36/0x1ff0 [ 112.638740] ? ieee80211_tx+0x259/0x410 [ 112.639060] ? __pfx_ieee80211_tx+0x10/0x10 [ 112.639404] ? perf_trace_lock+0xb5/0x5d0 [ 112.639747] ? perf_trace_run_bpf_submit+0xef/0x180 [ 112.640150] ? __pfx_ieee80211_build_hdr+0x10/0x10 [ 112.640541] perf_trace_run_bpf_submit+0xef/0x180 [ 112.640946] perf_trace_lock+0x337/0x5d0 [ 112.641274] ? perf_trace_lock+0xb5/0x5d0 [ 112.641609] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.641975] ? perf_trace_lock+0xb5/0x5d0 [ 112.642313] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.642681] ? unwind_next_frame+0x3b2/0x2540 [ 112.643053] lock_release+0x1ab/0x290 [ 112.643368] unwind_next_frame+0x3b7/0x2540 [ 112.643722] ? __unwind_start+0x592/0x7c0 [ 112.644060] ? get_stack_info_noinstr+0x16/0xf0 [ 112.644438] __unwind_start+0x517/0x7c0 [ 112.644770] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 112.645212] arch_stack_walk+0x62/0xf0 [ 112.645529] ? arch_stack_walk+0x62/0xf0 [ 112.645865] stack_trace_save+0x8e/0xc0 [ 112.646187] ? __pfx_stack_trace_save+0x10/0x10 [ 112.646563] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.646931] ? unwind_next_frame+0x3b2/0x2540 [ 112.647298] kasan_save_stack+0x24/0x50 [ 112.647623] ? lock_release+0x1c7/0x290 [ 112.647944] ? unwind_next_frame+0x3b2/0x2540 [ 112.648309] ? lock_release+0x1c7/0x290 [ 112.648632] ? unwind_next_frame+0x3bc/0x2540 [ 112.649007] ? ret_from_fork_asm+0x1a/0x30 [ 112.649352] ? ret_from_fork_asm+0x1a/0x30 [ 112.649697] ? kernel_text_address+0x11/0xc0 [ 112.650057] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 112.650493] ? arch_stack_walk+0x86/0xf0 [ 112.650823] ? ret_from_fork_asm+0x1a/0x30 [ 112.651164] ? perf_trace_lock+0xb5/0x5d0 [ 112.651496] ? stack_trace_save+0x8e/0xc0 [ 112.651837] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.652219] kasan_save_track+0x14/0x30 [ 112.652554] __kasan_slab_alloc+0x59/0x70 [ 112.652908] kmem_cache_alloc_noprof+0x205/0x690 [ 112.653303] ? __alloc_object+0x2b/0x2c0 [ 112.653645] __alloc_object+0x2b/0x2c0 [ 112.653969] __create_object+0x1d/0x80 [ 112.654293] __kmalloc_cache_noprof+0x42a/0x690 [ 112.654679] ? __pfx_percpu_counter_add_batch+0x10/0x10 [ 112.655116] ? kmem_cache_alloc_noprof+0x264/0x690 [ 112.655528] ? dst_cow_metrics_generic+0x4c/0x1e0 [ 112.655926] ? dst_alloc+0x44f/0x620 [ 112.656246] dst_cow_metrics_generic+0x4c/0x1e0 [ 112.656629] icmp6_dst_alloc+0x4a7/0x650 [ 112.656970] ? icmpv6_flow_init+0x3d/0x280 [ 112.657318] ? selinux_sk_getsecid+0x7c/0xd0 [ 112.657679] ndisc_send_skb+0x11f0/0x1d10 [ 112.658024] ? __pfx_ndisc_send_skb+0x10/0x10 [ 112.658396] ? lock_release+0x1c7/0x290 [ 112.658727] ? __asan_memcpy+0x3d/0x60 [ 112.659053] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.659428] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 112.659860] ndisc_send_ns+0xa9/0x130 [ 112.660170] ? __pfx_ndisc_send_ns+0x10/0x10 [ 112.660531] ? lock_release+0x1c7/0x290 [ 112.660868] ? addrconf_dad_work+0xa15/0x11a0 [ 112.661239] addrconf_dad_work+0xae2/0x11a0 [ 112.661596] ? __pfx_addrconf_dad_work+0x10/0x10 [ 112.661994] ? lock_acquire+0x18c/0x2f0 [ 112.662319] ? lock_release+0x1c7/0x290 [ 112.662645] process_one_work+0x8e1/0x19c0 [ 112.662997] ? __pfx_process_one_work+0x10/0x10 [ 112.663381] ? move_linked_works+0x172/0x270 [ 112.663747] ? assign_work+0x196/0x240 [ 112.664070] worker_thread+0x67e/0xe90 [ 112.664388] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 112.664818] ? __pfx_worker_thread+0x10/0x10 [ 112.665194] kthread+0x3c8/0x740 [ 112.665490] ? __pfx_kthread+0x10/0x10 [ 112.665818] ? ret_from_fork+0x23/0x430 [ 112.666159] ? lock_release+0xc8/0x290 [ 112.666481] ? __pfx_kthread+0x10/0x10 [ 112.666810] ret_from_fork+0x34b/0x430 [ 112.667136] ? __pfx_kthread+0x10/0x10 [ 112.667456] ret_from_fork_asm+0x1a/0x30 [ 112.667799] [ 112.667996] Modules linked in: [ 112.668289] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#3] SMP KASAN NOPTI [ 112.669192] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 112.669881] CPU: 1 UID: 0 PID: 3816 Comm: kworker/u8:2 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 112.670827] Tainted: [D]=DIE, [W]=WARN [ 112.671142] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 112.671808] Workqueue: ipv6_addrconf addrconf_dad_work [ 112.672252] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.672634] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.674098] RSP: 0018:ffff88806cf08880 EFLAGS: 00010012 [ 112.674530] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 112.675105] RDX: ffff88801a4b3700 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 112.675679] RBP: ffff88806cf08af0 R08: ffff88806cf31490 R09: ffffe8ffffd15fe0 [ 112.676251] R10: 0000000000000000 R11: 6b636f6c2e736573 R12: dffffc0000000000 [ 112.676829] R13: 000000000000002c R14: ffff88806cf31490 R15: dffffc0000000000 [ 112.677400] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 112.678039] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.678516] CR2: 0000001b2d343000 CR3: 0000000043837000 CR4: 0000000000350ef0 [ 112.679094] Call Trace: [ 112.679308] [ 112.679496] ? __pfx_perf_tp_event+0x10/0x10 [ 112.679862] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.680236] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.680611] ? unwind_next_frame+0x3b2/0x2540 [ 112.680997] ? lock_release+0x1c7/0x290 [ 112.681322] ? __is_insn_slot_addr+0x136/0x290 [ 112.681703] ? lock_release+0x1c7/0x290 [ 112.682030] ? __is_insn_slot_addr+0x140/0x290 [ 112.682411] ? kernel_text_address+0x5b/0xc0 [ 112.682774] ? __kernel_text_address+0xd/0x40 [ 112.683144] ? unwind_get_return_address+0x59/0xa0 [ 112.683553] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 112.684001] ? arch_stack_walk+0x9c/0xf0 [ 112.684331] ? perf_trace_run_bpf_submit+0xef/0x180 [ 112.684737] ? perf_trace_lock+0xb5/0x5d0 [ 112.685086] perf_trace_run_bpf_submit+0xef/0x180 [ 112.685480] perf_trace_lock+0x337/0x5d0 [ 112.685816] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.686197] ? perf_trace_lock+0xb5/0x5d0 [ 112.686538] ? do_raw_spin_lock+0x123/0x260 [ 112.686891] ? hrtimer_try_to_cancel.part.0+0x128/0x250 [ 112.687329] lock_release+0x1ab/0x290 [ 112.687644] _raw_spin_unlock_irqrestore+0x1a/0x50 [ 112.688048] hrtimer_try_to_cancel.part.0+0x128/0x250 [ 112.688472] hrtimer_try_to_cancel+0x37/0x50 [ 112.688854] update_curr_dl_se+0x5b4/0x940 [ 112.689209] ? update_se+0x367/0x670 [ 112.689517] update_curr+0x39e/0x500 [ 112.689823] ? place_entity+0x11/0x410 [ 112.690141] ? kvm_sched_clock_read+0x16/0x30 [ 112.690516] enqueue_task_fair+0x2c8/0x1e00 [ 112.690871] enqueue_task+0x70/0x200 [ 112.691186] ttwu_do_activate+0x128/0x8a0 [ 112.691527] sched_ttwu_pending+0x24a/0x4a0 [ 112.691885] ? __pfx_sched_ttwu_pending+0x10/0x10 [ 112.692291] ? hrtimer_interrupt+0x652/0x830 [ 112.692651] __flush_smp_call_function_queue+0x434/0x740 [ 112.693107] __sysvec_call_function_single+0x6d/0x370 [ 112.693537] sysvec_call_function_single+0xa1/0xc0 [ 112.693949] [ 112.694134] [ 112.694322] asm_sysvec_call_function_single+0x1a/0x20 [ 112.694748] RIP: 0010:oops_exit+0x0/0x50 [ 112.695083] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27 [ 112.696539] RSP: 0018:ffff888015d3ed90 EFLAGS: 00000202 [ 112.697025] RAX: 0000000000000000 RBX: 0000000000000293 RCX: ffffffff8139f06f [ 112.697597] RDX: ffff88801a4b3700 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 112.698169] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90 [ 112.698744] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888015d3ee58 [ 112.699325] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000 [ 112.699904] ? add_taint+0x5f/0xd0 [ 112.700204] ? oops_end+0x4a/0xe0 [ 112.700503] oops_end+0x65/0xe0 [ 112.700788] exc_general_protection+0x1a2/0x330 [ 112.701186] asm_exc_general_protection+0x26/0x30 [ 112.701585] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.701965] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.703422] RSP: 0018:ffff888015d3ef00 EFLAGS: 00010212 [ 112.703860] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 112.704431] RDX: ffff88801a4b3700 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 112.705014] RBP: ffff888015d3f170 R08: ffff88806cf31340 R09: ffffe8ffffd15fe0 [ 112.705590] R10: 0000000000000000 R11: 0000000000006cee R12: dffffc0000000000 [ 112.706164] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 112.706748] ? perf_tp_event+0x167/0xe70 [ 112.707082] ? ieee80211_handle_wake_tx_queue+0x1ca/0x260 [ 112.707537] ? __pfx_perf_tp_event+0x10/0x10 [ 112.707905] ? ieee80211_queue_skb+0xb36/0x1ff0 [ 112.708295] ? ieee80211_tx+0x259/0x410 [ 112.708621] ? __pfx_ieee80211_tx+0x10/0x10 [ 112.708994] ? perf_trace_lock+0xb5/0x5d0 [ 112.709341] ? perf_trace_run_bpf_submit+0xef/0x180 [ 112.709752] ? __pfx_ieee80211_build_hdr+0x10/0x10 [ 112.710144] perf_trace_run_bpf_submit+0xef/0x180 [ 112.710539] perf_trace_lock+0x337/0x5d0 [ 112.710873] ? perf_trace_lock+0xb5/0x5d0 [ 112.711216] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.711591] ? perf_trace_lock+0xb5/0x5d0 [ 112.711932] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.712315] ? unwind_next_frame+0x3b2/0x2540 [ 112.712686] lock_release+0x1ab/0x290 [ 112.713010] unwind_next_frame+0x3b7/0x2540 [ 112.713364] ? __unwind_start+0x592/0x7c0 [ 112.713705] ? get_stack_info_noinstr+0x16/0xf0 [ 112.714082] __unwind_start+0x517/0x7c0 [ 112.714408] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 112.714849] arch_stack_walk+0x62/0xf0 [ 112.715163] ? arch_stack_walk+0x62/0xf0 [ 112.715492] stack_trace_save+0x8e/0xc0 [ 112.715816] ? __pfx_stack_trace_save+0x10/0x10 [ 112.716195] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.716564] ? unwind_next_frame+0x3b2/0x2540 [ 112.716941] kasan_save_stack+0x24/0x50 [ 112.717263] ? lock_release+0x1c7/0x290 [ 112.717583] ? unwind_next_frame+0x3b2/0x2540 [ 112.717951] ? lock_release+0x1c7/0x290 [ 112.718272] ? unwind_next_frame+0x3bc/0x2540 [ 112.718640] ? ret_from_fork_asm+0x1a/0x30 [ 112.718984] ? ret_from_fork_asm+0x1a/0x30 [ 112.719325] ? kernel_text_address+0x11/0xc0 [ 112.719682] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 112.720113] ? arch_stack_walk+0x86/0xf0 [ 112.720443] ? ret_from_fork_asm+0x1a/0x30 [ 112.720785] ? perf_trace_lock+0xb5/0x5d0 [ 112.721129] ? stack_trace_save+0x8e/0xc0 [ 112.721468] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.721839] kasan_save_track+0x14/0x30 [ 112.722161] __kasan_slab_alloc+0x59/0x70 [ 112.722500] kmem_cache_alloc_noprof+0x205/0x690 [ 112.722885] ? __alloc_object+0x2b/0x2c0 [ 112.723213] __alloc_object+0x2b/0x2c0 [ 112.723531] __create_object+0x1d/0x80 [ 112.723859] __kmalloc_cache_noprof+0x42a/0x690 [ 112.724238] ? __pfx_percpu_counter_add_batch+0x10/0x10 [ 112.724672] ? kmem_cache_alloc_noprof+0x264/0x690 [ 112.725092] ? dst_cow_metrics_generic+0x4c/0x1e0 [ 112.725487] ? dst_alloc+0x44f/0x620 [ 112.725793] dst_cow_metrics_generic+0x4c/0x1e0 [ 112.726177] icmp6_dst_alloc+0x4a7/0x650 [ 112.726506] ? icmpv6_flow_init+0x3d/0x280 [ 112.726854] ? selinux_sk_getsecid+0x7c/0xd0 [ 112.727213] ndisc_send_skb+0x11f0/0x1d10 [ 112.727557] ? __pfx_ndisc_send_skb+0x10/0x10 [ 112.727925] ? lock_release+0x1c7/0x290 [ 112.728252] ? __asan_memcpy+0x3d/0x60 [ 112.728575] ? __pfx_perf_trace_lock+0x10/0x10 [ 112.728961] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 112.729384] ndisc_send_ns+0xa9/0x130 [ 112.729697] ? __pfx_ndisc_send_ns+0x10/0x10 [ 112.730056] ? lock_release+0x1c7/0x290 [ 112.730382] ? addrconf_dad_work+0xa15/0x11a0 [ 112.730757] addrconf_dad_work+0xae2/0x11a0 [ 112.731115] ? __pfx_addrconf_dad_work+0x10/0x10 [ 112.731504] ? lock_acquire+0x18c/0x2f0 [ 112.731829] ? lock_release+0x1c7/0x290 [ 112.732158] process_one_work+0x8e1/0x19c0 [ 112.732509] ? __pfx_process_one_work+0x10/0x10 [ 112.732902] ? move_linked_works+0x172/0x270 [ 112.733269] ? assign_work+0x196/0x240 [ 112.733591] worker_thread+0x67e/0xe90 [ 112.733917] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 112.734343] ? __pfx_worker_thread+0x10/0x10 [ 112.734707] kthread+0x3c8/0x740 [ 112.734991] ? __pfx_kthread+0x10/0x10 [ 112.735308] ? ret_from_fork+0x23/0x430 [ 112.735638] ? lock_release+0xc8/0x290 [ 112.735958] ? __pfx_kthread+0x10/0x10 [ 112.736275] ret_from_fork+0x34b/0x430 [ 112.736598] ? __pfx_kthread+0x10/0x10 [ 112.736928] ret_from_fork_asm+0x1a/0x30 [ 112.737269] [ 112.737464] Modules linked in: [ 112.737728] ---[ end trace 0000000000000000 ]--- [ 112.738115] RIP: 0010:perf_tp_event+0x175/0xe70 [ 112.738501] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 112.739959] RSP: 0018:ffff888044f6f780 EFLAGS: 00010012 [ 112.740386] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc9000c2eb000 [ 112.740969] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191 [ 112.741541] RBP: ffff888044f6f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd15ff8 [ 112.742113] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 112.742683] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000 [ 112.743256] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 112.743900] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.744371] CR2: 0000001b2d343000 CR3: 0000000043837000 CR4: 0000000000350ef0 [ 112.744952] Kernel panic - not syncing: Fatal exception in interrupt [ 113.789912] Shutting down cpus with NMI [ 113.790383] Kernel Offset: disabled [ 113.790675] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 09:37:07 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88806cf3c300 RCX=ffffffff816880fc RDX=ffff888044b23700 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888043fff988 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9c6bb1 R12=ffffed100d9e7861 R13=ffff88806cf3c308 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555558e2a400 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe5100000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2cd24000 CR3=00000000455d0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffff81209610ffffffff812095ec XMM01=ffffffff81209610ffffffff81209610 XMM02=7463656a6e695f31313230385f7a7973 XMM03=00007f2c93e2a7c800007f2c93e2a7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888044f6f070 R8 =0000000000000000 R9 =ffffed10016d3046 R10=0000000000000020 R11=0000000065646f43 R12=0000000000000020 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fc75c614700 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe4000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000559241567350 CR3=0000000043cee000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fc75f1857c000007fc75f1857c8 XMM02=00007fc75f1857e000007fc75f1857c0 XMM03=00007fc75f1857c800007fc75f1857c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000