Warning: Permanently added '[localhost]:19374' (ECDSA) to the list of known hosts. 2025/09/01 08:16:52 fuzzer started 2025/09/01 08:16:52 dialing manager at localhost:35473 syzkaller login: [ 51.411077] cgroup: Unknown subsys name 'net' [ 51.500387] cgroup: Unknown subsys name 'cpuset' [ 51.527700] cgroup: Unknown subsys name 'rlimit' 2025/09/01 08:17:04 syscalls: 2214 2025/09/01 08:17:04 code coverage: enabled 2025/09/01 08:17:04 comparison tracing: enabled 2025/09/01 08:17:04 extra coverage: enabled 2025/09/01 08:17:04 setuid sandbox: enabled 2025/09/01 08:17:04 namespace sandbox: enabled 2025/09/01 08:17:04 Android sandbox: enabled 2025/09/01 08:17:04 fault injection: enabled 2025/09/01 08:17:04 leak checking: enabled 2025/09/01 08:17:04 net packet injection: enabled 2025/09/01 08:17:04 net device setup: enabled 2025/09/01 08:17:04 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 08:17:04 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 08:17:04 USB emulation: enabled 2025/09/01 08:17:04 hci packet injection: enabled 2025/09/01 08:17:04 wifi device emulation: enabled 2025/09/01 08:17:04 802.15.4 emulation: enabled 2025/09/01 08:17:04 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 08:17:04 fetching corpus: 50, signal 26291/28943 (executing program) 2025/09/01 08:17:04 fetching corpus: 100, signal 39345/42388 (executing program) 2025/09/01 08:17:04 fetching corpus: 150, signal 49995/53001 (executing program) 2025/09/01 08:17:05 fetching corpus: 200, signal 54143/57389 (executing program) 2025/09/01 08:17:05 fetching corpus: 250, signal 58743/62058 (executing program) 2025/09/01 08:17:05 fetching corpus: 300, signal 61372/64779 (executing program) 2025/09/01 08:17:05 fetching corpus: 350, signal 66120/69041 (executing program) 2025/09/01 08:17:05 fetching corpus: 400, signal 69892/72302 (executing program) 2025/09/01 08:17:05 fetching corpus: 450, signal 74331/75909 (executing program) 2025/09/01 08:17:05 fetching corpus: 492, signal 76561/77672 (executing program) 2025/09/01 08:17:05 fetching corpus: 492, signal 76561/77754 (executing program) 2025/09/01 08:17:05 fetching corpus: 492, signal 76561/77863 (executing program) 2025/09/01 08:17:05 fetching corpus: 492, signal 76561/77957 (executing program) 2025/09/01 08:17:05 fetching corpus: 492, signal 76561/78046 (executing program) 2025/09/01 08:17:05 fetching corpus: 492, signal 76561/78158 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/78269 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/78373 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/78464 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/78559 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/78656 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/78761 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/78857 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/78980 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/79089 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/79188 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/79274 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/79390 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/79494 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/79600 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/79701 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/79809 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/79917 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/80002 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/80108 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/80203 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/80291 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/80387 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/80484 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/80571 (executing program) 2025/09/01 08:17:06 fetching corpus: 492, signal 76561/80571 (executing program) 2025/09/01 08:17:08 starting 8 fuzzer processes 08:17:08 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000000), 0x4) 08:17:08 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x7, 0x13, r0, 0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000000), 0x0, 0x4) madvise(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x67) 08:17:08 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000100)={0x0, 0x1, 0x3}, 0x8) 08:17:08 executing program 3: r0 = socket$netlink(0x10, 0x3, 0xb) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, r1, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000040)=0x18, 0x4) 08:17:08 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = dup2(r0, r0) setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000080)=0x3, 0x2) connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed}, 0x8) 08:17:08 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0x0, 0x8, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000080)="8295b746ba97d088", 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = dup2(r1, r0) write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x2e) 08:17:08 executing program 4: msgctl$IPC_INFO(0x0, 0x3, 0x0) msgget$private(0x0, 0x0) msgctl$MSG_INFO(0x0, 0xc, 0x0) 08:17:08 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x8910, &(0x7f0000000080)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @dev}, {0x2, 0x0, @empty}}) [ 67.232824] audit: type=1400 audit(1756714628.863:7): avc: denied { execmem } for pid=276 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 68.483282] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.485547] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.489680] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.493062] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.494601] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.497818] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.503054] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 68.505338] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.507567] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.508931] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.552443] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 68.552757] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.557623] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.559163] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.562807] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 68.565149] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 68.577092] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.579390] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 68.581690] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 68.584815] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.647907] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 68.652856] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 68.660550] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 68.663204] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 68.668450] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 68.670919] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 68.673474] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 68.678084] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 68.680126] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 68.680717] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 68.682963] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 68.685072] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 68.689524] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 68.693145] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 68.696782] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 68.699043] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 68.702552] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 68.703978] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 68.713539] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 68.721565] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 70.574753] Bluetooth: hci1: command tx timeout [ 70.574843] Bluetooth: hci0: command tx timeout [ 70.638440] Bluetooth: hci3: command tx timeout [ 70.639153] Bluetooth: hci2: command tx timeout [ 70.766751] Bluetooth: hci4: command tx timeout [ 70.766791] Bluetooth: hci5: command tx timeout [ 70.830467] Bluetooth: hci6: command tx timeout [ 70.830499] Bluetooth: hci7: command tx timeout [ 72.622556] Bluetooth: hci1: command tx timeout [ 72.623387] Bluetooth: hci0: command tx timeout [ 72.686433] Bluetooth: hci2: command tx timeout [ 72.687102] Bluetooth: hci3: command tx timeout [ 72.814409] Bluetooth: hci5: command tx timeout [ 72.815850] Bluetooth: hci4: command tx timeout [ 72.878423] Bluetooth: hci7: command tx timeout [ 72.878508] Bluetooth: hci6: command tx timeout [ 74.670428] Bluetooth: hci1: command tx timeout [ 74.670619] Bluetooth: hci0: command tx timeout [ 74.736272] Bluetooth: hci3: command tx timeout [ 74.737116] Bluetooth: hci2: command tx timeout [ 74.862401] Bluetooth: hci4: command tx timeout [ 74.862627] Bluetooth: hci5: command tx timeout [ 74.926622] Bluetooth: hci6: command tx timeout [ 74.926643] Bluetooth: hci7: command tx timeout [ 76.719255] Bluetooth: hci0: command tx timeout [ 76.719721] Bluetooth: hci1: command tx timeout [ 76.782347] Bluetooth: hci3: command tx timeout [ 76.782796] Bluetooth: hci2: command tx timeout [ 76.910369] Bluetooth: hci4: command tx timeout [ 76.911294] Bluetooth: hci5: command tx timeout [ 76.974356] Bluetooth: hci6: command tx timeout [ 76.974431] Bluetooth: hci7: command tx timeout [ 105.981757] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.983088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.228201] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.229656] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.537870] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.538515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.656204] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.656815] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:17:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0x0, 0x8, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000080)="8295b746ba97d088", 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = dup2(r1, r0) write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x2e) 08:17:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0x0, 0x8, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000080)="8295b746ba97d088", 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = dup2(r1, r0) write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x2e) [ 106.865259] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.866882] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:17:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0x0, 0x8, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000080)="8295b746ba97d088", 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = dup2(r1, r0) write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x2e) [ 107.014361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.015861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:17:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0x0, 0x8, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000080)="8295b746ba97d088", 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = dup2(r1, r0) write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x2e) 08:17:48 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000100)={0x0, 0x1, 0x3}, 0x8) 08:17:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0x0, 0x8, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000080)="8295b746ba97d088", 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = dup2(r1, r0) write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x2e) [ 107.156303] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.156904] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:17:48 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000100)={0x0, 0x1, 0x3}, 0x8) 08:17:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000180)={0x0, 0x0, 0x8, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000080)="8295b746ba97d088", 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = dup2(r1, r0) write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x2e) [ 107.192756] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.193362] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.257277] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.257866] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.304559] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.305199] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.354176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.354894] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.394459] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.395057] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.409642] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.410315] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.488301] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.488917] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.519829] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.520466] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.616769] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.617422] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.729083] audit: type=1400 audit(1756714669.359:8): avc: denied { open } for pid=3913 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 107.734783] audit: type=1400 audit(1756714669.359:9): avc: denied { kernel } for pid=3913 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 08:17:49 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000000), 0x4) 08:17:49 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000100)={0x0, 0x1, 0x3}, 0x8) 08:17:49 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = dup2(r0, r0) setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000080)=0x3, 0x2) connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed}, 0x8) 08:17:49 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000100)={0x0, 0x1, 0x3}, 0x8) 08:17:49 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x8910, &(0x7f0000000080)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @dev}, {0x2, 0x0, @empty}}) 08:17:49 executing program 4: msgctl$IPC_INFO(0x0, 0x3, 0x0) msgget$private(0x0, 0x0) msgctl$MSG_INFO(0x0, 0xc, 0x0) 08:17:49 executing program 3: r0 = socket$netlink(0x10, 0x3, 0xb) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, r1, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000040)=0x18, 0x4) 08:17:49 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x7, 0x13, r0, 0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000000), 0x0, 0x4) madvise(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x67) 08:17:49 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x7, 0x13, r0, 0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000000), 0x0, 0x4) madvise(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x67) 08:17:49 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x8910, &(0x7f0000000080)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @dev}, {0x2, 0x0, @empty}}) 08:17:49 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000100)={0x0, 0x1, 0x3}, 0x8) 08:17:49 executing program 3: r0 = socket$netlink(0x10, 0x3, 0xb) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, r1, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000040)=0x18, 0x4) 08:17:49 executing program 4: msgctl$IPC_INFO(0x0, 0x3, 0x0) msgget$private(0x0, 0x0) msgctl$MSG_INFO(0x0, 0xc, 0x0) 08:17:49 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000000), 0x4) 08:17:49 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = dup2(r0, r0) setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000080)=0x3, 0x2) connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed}, 0x8) [ 107.978511] Oops: general protection fault, probably for non-canonical address 0xe01ffc00000000b0: 0000 [#1] SMP KASAN NOPTI [ 107.979489] KASAN: maybe wild-memory-access in range [0x0100000000000580-0x0100000000000587] [ 107.980161] CPU: 1 UID: 0 PID: 3943 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 107.982581] Tainted: [W]=WARN [ 107.983255] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 107.985325] RIP: 0010:perf_tp_event+0x26b/0xe70 [ 107.986255] Code: 3c 20 00 0f 85 3d 0b 00 00 4c 8b ab 00 03 00 00 4d 85 ed 4c 0f 44 eb e8 d3 50 ea ff 49 8d bd 80 05 00 00 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 fd 0a 00 00 4d 8b ad 80 05 00 00 4d 85 ed 0f [ 107.989433] RSP: 0018:ffff888045227800 EFLAGS: 00010212 [ 107.989870] RAX: 00200000000000b0 RBX: ffff8880450e0641 RCX: ffffc900074c4000 [ 107.990449] RDX: 0000000000040000 RSI: ffffffff8189a5dd RDI: 0100000000000580 [ 107.991031] RBP: ffff888045227a70 R08: ffff88806cf31340 R09: ffffe8ffffd16260 [ 107.991607] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 107.992168] R13: 0100000000000000 R14: ffff88806cf31340 R15: dffffc0000000000 [ 107.992737] FS: 00007f6c8836d700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 107.993141] kmemleak: Found object by alias at 0x607f1a63e264 [ 107.993164] CPU: 0 UID: 0 PID: 3933 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 107.993184] Tainted: [W]=WARN [ 107.993188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 107.993196] Call Trace: [ 107.993200] [ 107.993204] dump_stack_lvl+0xca/0x120 [ 107.993237] __lookup_object+0x94/0xb0 [ 107.993254] delete_object_full+0x27/0x70 [ 107.993271] free_percpu+0x30/0x1160 [ 107.993288] ? arch_uprobe_clear_state+0x16/0x140 [ 107.993307] futex_hash_free+0x38/0xc0 [ 107.993321] mmput+0x2d3/0x390 [ 107.993340] do_exit+0x79d/0x2970 [ 107.993353] ? signal_wake_up_state+0x85/0x120 [ 107.993370] ? zap_other_threads+0x2b9/0x3a0 [ 107.993386] ? __pfx_do_exit+0x10/0x10 [ 107.993399] ? do_group_exit+0x1c3/0x2a0 [ 107.993413] ? lock_release+0xc8/0x290 [ 107.993428] do_group_exit+0xd3/0x2a0 [ 107.993442] __x64_sys_exit_group+0x3e/0x50 [ 107.993457] x64_sys_call+0x18c5/0x18d0 [ 107.993473] do_syscall_64+0xbf/0x360 [ 107.993485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.993497] RIP: 0033:0x7f8f7414bb19 [ 107.993506] Code: Unable to access opcode bytes at 0x7f8f7414baef. [ 107.993512] RSP: 002b:00007ffe23671e98 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.993523] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f8f7414bb19 [ 107.993531] RDX: 00007f8f740fe72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 107.993538] RBP: 0000000000000000 R08: 0000001b2da21504 R09: 0000000000000000 [ 107.993545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 107.993552] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe23671f80 [ 107.993564] [ 107.993568] kmemleak: Object (percpu) 0x607f1a63e260 (size 8): [ 107.993575] kmemleak: comm "syz-executor.2", pid 3943, jiffies 4294774736 [ 107.993582] kmemleak: min_count = 1 [ 107.993586] kmemleak: count = 0 [ 107.993589] kmemleak: flags = 0x21 [ 107.993593] kmemleak: checksum = 0 [ 107.993597] kmemleak: backtrace: [ 107.993601] pcpu_alloc_noprof+0x87a/0x1170 [ 107.993616] perf_trace_event_init+0x366/0xa10 [ 107.993631] perf_trace_init+0x1a4/0x2f0 [ 107.993643] perf_tp_event_init+0xa6/0x120 [ 107.993660] perf_try_init_event+0x140/0x9f0 [ 107.993674] perf_event_alloc.part.0+0x118e/0x45f0 [ 107.993691] __do_sys_perf_event_open+0x719/0x2c20 [ 107.993704] do_syscall_64+0xbf/0x360 [ 107.993714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.011309] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.011769] CR2: 0000000000000000 CR3: 000000000e0c2000 CR4: 0000000000350ef0 [ 108.012331] Call Trace: [ 108.012540] [ 108.012722] ? perf_swevent_event+0x63/0x3f0 [ 108.013087] ? __pfx_perf_tp_event+0x10/0x10 [ 108.013444] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 108.013842] ? perf_swevent_event+0x63/0x3f0 [ 108.014206] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 108.014604] ? perf_swevent_event+0x63/0x3f0 [ 108.014960] ? perf_tp_event+0x807/0xe70 [ 108.015291] ? __pfx_perf_tp_event+0x10/0x10 [ 108.015650] ? __perf_install_in_context+0x503/0xb90 [ 108.016056] ? do_raw_spin_unlock+0x53/0x220 [ 108.016416] ? perf_trace_run_bpf_submit+0xef/0x180 [ 108.016817] perf_trace_run_bpf_submit+0xef/0x180 [ 108.017209] perf_trace_lock+0x337/0x5d0 [ 108.017540] ? __pfx_perf_trace_lock+0x10/0x10 [ 108.017910] ? lock_acquire+0x15e/0x2f0 [ 108.018239] ? futex_ref_get+0x48/0x300 [ 108.018555] ? futex_ref_get+0x114/0x300 [ 108.018880] ? futex_hash+0x15c/0x390 [ 108.019183] lock_release+0x1ab/0x290 [ 108.019493] ? futex_hash+0x15c/0x390 [ 108.019798] futex_ref_get+0x119/0x300 [ 108.020108] ? futex_hash+0x15c/0x390 [ 108.020413] futex_hash+0x70/0x390 [ 108.020700] futex_wake+0x143/0x540 [ 108.020995] ? __pfx_perf_trace_lock+0x10/0x10 [ 108.021362] ? __pfx_futex_wake+0x10/0x10 [ 108.021703] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 108.022111] ? lock_release+0xc8/0x290 [ 108.022431] do_futex+0x26d/0x370 [ 108.022716] ? __pfx_do_futex+0x10/0x10 [ 108.023035] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 108.023456] ? find_held_lock+0x2b/0x80 [ 108.023780] __x64_sys_futex+0x1c9/0x4d0 [ 108.024112] ? __pfx___x64_sys_futex+0x10/0x10 [ 108.024481] ? xfd_validate_state+0x55/0x180 [ 108.024855] do_syscall_64+0xbf/0x360 [ 108.025163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.025584] RIP: 0033:0x7f6c8adf7b19 [ 108.025881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.027307] RSP: 002b:00007f6c8836d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 108.027904] RAX: ffffffffffffffda RBX: 00007f6c8af0af68 RCX: 00007f6c8adf7b19 [ 108.028462] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6c8af0af6c [ 108.029024] RBP: 00007f6c8af0af60 R08: 000000000000000e R09: 0000000000000000 [ 108.029577] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f6c8af0af6c [ 108.030135] R13: 00007ffd902101df R14: 00007f6c8836d300 R15: 0000000000022000 [ 108.030712] [ 108.030906] Modules linked in: [ 108.031217] Oops: general protection fault, probably for non-canonical address 0xe01ffc00000000b0: 0000 [#2] SMP KASAN NOPTI [ 108.032111] KASAN: maybe wild-memory-access in range [0x0100000000000580-0x0100000000000587] [ 108.032787] CPU: 1 UID: 0 PID: 3943 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 108.033745] Tainted: [D]=DIE, [W]=WARN [ 108.034059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 108.034711] RIP: 0010:perf_tp_event+0x26b/0xe70 [ 108.035092] Code: 3c 20 00 0f 85 3d 0b 00 00 4c 8b ab 00 03 00 00 4d 85 ed 4c 0f 44 eb e8 d3 50 ea ff 49 8d bd 80 05 00 00 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 fd 0a 00 00 4d 8b ad 80 05 00 00 4d 85 ed 0f [ 108.036548] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012 [ 108.036975] RAX: 00200000000000b0 RBX: ffff8880450e0641 RCX: ffffffff8189a55c [ 108.037551] RDX: ffff888043578000 RSI: ffffffff8189a5dd RDI: 0100000000000580 [ 108.038131] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd16260 [ 108.038701] R10: 0000000000000000 R11: ffff88806cf37018 R12: dffffc0000000000 [ 108.039275] R13: 0100000000000000 R14: ffff88806cf31490 R15: dffffc0000000000 [ 108.039843] FS: 00007f6c8836d700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 108.040491] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.040965] CR2: 0000000000000000 CR3: 000000000e0c2000 CR4: 0000000000350ef0 [ 108.041539] Call Trace: [ 108.041751] [ 108.041933] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 108.042380] ? arch_stack_walk+0x9c/0xf0 [ 108.042709] ? __pfx_perf_tp_event+0x10/0x10 [ 108.043070] ? __pfx_css_rstat_updated+0x10/0x10 [ 108.043466] ? lock_is_held_type+0x9e/0x120 [ 108.043827] ? trace_pelt_se_tp+0xdf/0x130 [ 108.044174] ? __update_load_avg_se+0x428/0xa40 [ 108.044563] ? lock_is_held_type+0x9e/0x120 [ 108.044917] ? perf_trace_lock+0xb5/0x5d0 [ 108.045258] ? perf_trace_lock+0xb5/0x5d0 [ 108.045595] ? __resched_curr+0x2a2/0x330 [ 108.045939] ? trace_sched_set_need_resched_tp+0xd4/0x110 [ 108.046390] ? __resched_curr+0x2a2/0x330 [ 108.046735] ? __pfx___resched_curr+0x10/0x10 [ 108.047111] ? perf_trace_run_bpf_submit+0xef/0x180 [ 108.047521] perf_trace_run_bpf_submit+0xef/0x180 [ 108.047924] perf_trace_lock+0x337/0x5d0 [ 108.048258] ? update_cfs_group+0x11d/0x260 [ 108.048612] ? kvm_sched_clock_read+0x16/0x30 [ 108.048989] ? __pfx_perf_trace_lock+0x10/0x10 [ 108.049363] ? check_preempt_wakeup_fair+0x6e/0x950 [ 108.049770] ? sched_ttwu_pending+0x2e0/0x4a0 [ 108.050146] lock_release+0x1ab/0x290 [ 108.050458] ? ttwu_do_activate+0x1a4/0x8a0 [ 108.050819] _raw_spin_unlock+0x16/0x40 [ 108.051146] sched_ttwu_pending+0x2e0/0x4a0 [ 108.051506] ? __pfx_sched_ttwu_pending+0x10/0x10 [ 108.051904] ? hrtimer_interrupt+0x652/0x830 [ 108.052267] __flush_smp_call_function_queue+0x434/0x740 [ 108.052718] __sysvec_call_function_single+0x6d/0x370 [ 108.053146] sysvec_call_function_single+0xa1/0xc0 [ 108.053551] [ 108.053739] [ 108.053924] asm_sysvec_call_function_single+0x1a/0x20 [ 108.054353] RIP: 0010:oops_exit+0x0/0x50 [ 108.054690] Code: 00 3a 00 be ff ff ff ff 48 c7 c7 50 b4 43 86 e8 c6 0f f9 ff 5b e9 50 00 3a 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 36 00 3a 00 8b 1d c0 3d 4f 06 31 ff 89 de e8 57 [ 108.056143] RSP: 0018:ffff888045227690 EFLAGS: 00000202 [ 108.056573] RAX: 0000000000035b31 RBX: 0000000000000212 RCX: ffffc900074c4000 [ 108.057147] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 108.057716] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f12690 [ 108.058282] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888045227758 [ 108.058832] R13: 0000000000000000 R14: e01ffc00000000b0 R15: 0000000000000000 [ 108.059386] ? oops_end+0x4a/0xe0 [ 108.059672] oops_end+0x65/0xe0 [ 108.059950] exc_general_protection+0x1a2/0x330 [ 108.060325] asm_exc_general_protection+0x26/0x30 [ 108.060705] RIP: 0010:perf_tp_event+0x26b/0xe70 [ 108.061074] Code: 3c 20 00 0f 85 3d 0b 00 00 4c 8b ab 00 03 00 00 4d 85 ed 4c 0f 44 eb e8 d3 50 ea ff 49 8d bd 80 05 00 00 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 fd 0a 00 00 4d 8b ad 80 05 00 00 4d 85 ed 0f [ 108.062483] RSP: 0018:ffff888045227800 EFLAGS: 00010212 [ 108.062905] RAX: 00200000000000b0 RBX: ffff8880450e0641 RCX: ffffc900074c4000 [ 108.063457] RDX: 0000000000040000 RSI: ffffffff8189a5dd RDI: 0100000000000580 [ 108.064011] RBP: ffff888045227a70 R08: ffff88806cf31340 R09: ffffe8ffffd16260 [ 108.064564] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 108.065113] R13: 0100000000000000 R14: ffff88806cf31340 R15: dffffc0000000000 [ 108.065672] ? perf_tp_event+0x25d/0xe70 [ 108.066006] ? perf_swevent_event+0x63/0x3f0 [ 108.066360] ? __pfx_perf_tp_event+0x10/0x10 [ 108.066715] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 108.067110] ? perf_swevent_event+0x63/0x3f0 [ 108.067463] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 108.067856] ? perf_swevent_event+0x63/0x3f0 [ 108.068211] ? perf_tp_event+0x807/0xe70 [ 108.068536] ? __pfx_perf_tp_event+0x10/0x10 [ 108.068889] ? __perf_install_in_context+0x503/0xb90 [ 108.069290] ? do_raw_spin_unlock+0x53/0x220 [ 108.069646] ? perf_trace_run_bpf_submit+0xef/0x180 [ 108.070048] perf_trace_run_bpf_submit+0xef/0x180 [ 108.070435] perf_trace_lock+0x337/0x5d0 [ 108.070761] ? __pfx_perf_trace_lock+0x10/0x10 [ 108.071127] ? lock_acquire+0x15e/0x2f0 [ 108.071443] ? futex_ref_get+0x48/0x300 [ 108.071757] ? futex_ref_get+0x114/0x300 [ 108.072076] ? futex_hash+0x15c/0x390 [ 108.072376] lock_release+0x1ab/0x290 [ 108.072680] ? futex_hash+0x15c/0x390 [ 108.072981] futex_ref_get+0x119/0x300 [ 108.073292] ? futex_hash+0x15c/0x390 [ 108.073595] futex_hash+0x70/0x390 [ 108.073880] futex_wake+0x143/0x540 [ 108.074182] ? __pfx_perf_trace_lock+0x10/0x10 [ 108.074545] ? __pfx_futex_wake+0x10/0x10 [ 108.074877] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 108.075276] ? lock_release+0xc8/0x290 [ 108.075591] do_futex+0x26d/0x370 [ 108.075873] ? __pfx_do_futex+0x10/0x10 [ 108.076191] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 108.076612] ? find_held_lock+0x2b/0x80 [ 108.076936] __x64_sys_futex+0x1c9/0x4d0 [ 108.077259] ? __pfx___x64_sys_futex+0x10/0x10 [ 108.077624] ? xfd_validate_state+0x55/0x180 [ 108.077981] do_syscall_64+0xbf/0x360 [ 108.078295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.078700] RIP: 0033:0x7f6c8adf7b19 [ 108.078997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.080406] RSP: 002b:00007f6c8836d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 108.081000] RAX: ffffffffffffffda RBX: 00007f6c8af0af68 RCX: 00007f6c8adf7b19 [ 108.081552] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6c8af0af6c [ 108.082113] RBP: 00007f6c8af0af60 R08: 000000000000000e R09: 0000000000000000 [ 108.082663] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f6c8af0af6c [ 108.083216] R13: 00007ffd902101df R14: 00007f6c8836d300 R15: 0000000000022000 [ 108.083775] [ 108.083962] Modules linked in: [ 108.084221] ---[ end trace 0000000000000000 ]--- [ 108.084587] RIP: 0010:perf_tp_event+0x26b/0xe70 [ 108.084957] Code: 3c 20 00 0f 85 3d 0b 00 00 4c 8b ab 00 03 00 00 4d 85 ed 4c 0f 44 eb e8 d3 50 ea ff 49 8d bd 80 05 00 00 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 fd 0a 00 00 4d 8b ad 80 05 00 00 4d 85 ed 0f [ 108.086365] RSP: 0018:ffff888045227800 EFLAGS: 00010212 [ 108.086778] RAX: 00200000000000b0 RBX: ffff8880450e0641 RCX: ffffc900074c4000 [ 108.087333] RDX: 0000000000040000 RSI: ffffffff8189a5dd RDI: 0100000000000580 [ 108.087885] RBP: ffff888045227a70 R08: ffff88806cf31340 R09: ffffe8ffffd16260 [ 108.088441] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 108.088995] R13: 0100000000000000 R14: ffff88806cf31340 R15: dffffc0000000000 [ 108.089547] FS: 00007f6c8836d700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 108.090176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.090630] CR2: 0000000000000000 CR3: 000000000e0c2000 CR4: 0000000000350ef0 [ 108.091185] Kernel panic - not syncing: Fatal exception in interrupt [ 109.162129] Shutting down cpus with NMI [ 109.163103] Kernel Offset: disabled [ 109.163690] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 08:17:49 Registers: info registers vcpu 0 RAX=ffffffff84c93ca8 RBX=dffffc0000000000 RCX=0000000000000000 RDX=0000000000000006 RSI=ffffffff85c1c760 RDI=ffffffff84c93ca0 RBP=ffffffff84c93ca0 RSP=ffff888015d5f4c8 R8 =0000000000000001 R9 =ffff888015d5f6c8 R10=000000000003bea3 R11=00000000000c5f1c R12=ffffffff85b235a0 R13=ffffffff85c1c778 R14=ffff888015d5f598 R15=ffff888015d5f688 RIP=ffffffff84b7f448 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe4000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2d12a000 CR3=00000000384fb000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff8880452270f0 R8 =0000000000000000 R9 =ffffed1001455046 R10=0000000000000039 R11=0000000065646f43 R12=0000000000000039 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f6c8836d700 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe4f00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=000000000e0c2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f6c8aede7c000007f6c8aede7c8 XMM02=00007f6c8aede7e000007f6c8aede7c0 XMM03=00007f6c8aede7c800007f6c8aede7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000