Warning: Permanently added '[localhost]:10021' (ECDSA) to the list of known hosts. 2025/09/01 08:49:42 fuzzer started 2025/09/01 08:49:42 dialing manager at localhost:35473 syzkaller login: [ 50.893966] cgroup: Unknown subsys name 'net' [ 50.962589] cgroup: Unknown subsys name 'cpuset' [ 50.981465] cgroup: Unknown subsys name 'rlimit' 2025/09/01 08:49:52 syscalls: 2214 2025/09/01 08:49:52 code coverage: enabled 2025/09/01 08:49:52 comparison tracing: enabled 2025/09/01 08:49:52 extra coverage: enabled 2025/09/01 08:49:52 setuid sandbox: enabled 2025/09/01 08:49:52 namespace sandbox: enabled 2025/09/01 08:49:52 Android sandbox: enabled 2025/09/01 08:49:52 fault injection: enabled 2025/09/01 08:49:52 leak checking: enabled 2025/09/01 08:49:52 net packet injection: enabled 2025/09/01 08:49:52 net device setup: enabled 2025/09/01 08:49:52 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 08:49:52 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 08:49:52 USB emulation: enabled 2025/09/01 08:49:52 hci packet injection: enabled 2025/09/01 08:49:52 wifi device emulation: enabled 2025/09/01 08:49:52 802.15.4 emulation: enabled 2025/09/01 08:49:52 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 08:49:52 fetching corpus: 49, signal 28331/31464 (executing program) 2025/09/01 08:49:52 fetching corpus: 99, signal 37076/41358 (executing program) 2025/09/01 08:49:52 fetching corpus: 149, signal 44828/50134 (executing program) 2025/09/01 08:49:52 fetching corpus: 199, signal 49390/55684 (executing program) 2025/09/01 08:49:53 fetching corpus: 249, signal 54249/61400 (executing program) 2025/09/01 08:49:53 fetching corpus: 299, signal 59133/67057 (executing program) 2025/09/01 08:49:53 fetching corpus: 349, signal 63165/71749 (executing program) 2025/09/01 08:49:53 fetching corpus: 399, signal 68414/77376 (executing program) 2025/09/01 08:49:53 fetching corpus: 449, signal 70706/80381 (executing program) 2025/09/01 08:49:53 fetching corpus: 499, signal 73475/83653 (executing program) 2025/09/01 08:49:53 fetching corpus: 549, signal 75992/86665 (executing program) 2025/09/01 08:49:53 fetching corpus: 599, signal 77737/88908 (executing program) 2025/09/01 08:49:54 fetching corpus: 649, signal 80942/92236 (executing program) 2025/09/01 08:49:54 fetching corpus: 699, signal 84393/95683 (executing program) 2025/09/01 08:49:54 fetching corpus: 749, signal 86881/98309 (executing program) 2025/09/01 08:49:54 fetching corpus: 799, signal 88611/100326 (executing program) 2025/09/01 08:49:54 fetching corpus: 849, signal 90525/102388 (executing program) 2025/09/01 08:49:54 fetching corpus: 899, signal 92226/104279 (executing program) 2025/09/01 08:49:54 fetching corpus: 949, signal 94158/106255 (executing program) 2025/09/01 08:49:54 fetching corpus: 999, signal 96916/108812 (executing program) 2025/09/01 08:49:54 fetching corpus: 1049, signal 99004/110723 (executing program) 2025/09/01 08:49:54 fetching corpus: 1099, signal 99899/111863 (executing program) 2025/09/01 08:49:55 fetching corpus: 1149, signal 103933/115025 (executing program) 2025/09/01 08:49:55 fetching corpus: 1199, signal 105815/116696 (executing program) 2025/09/01 08:49:55 fetching corpus: 1249, signal 107475/118194 (executing program) 2025/09/01 08:49:55 fetching corpus: 1299, signal 108546/119275 (executing program) 2025/09/01 08:49:55 fetching corpus: 1349, signal 109884/120421 (executing program) 2025/09/01 08:49:55 fetching corpus: 1399, signal 110886/121412 (executing program) 2025/09/01 08:49:55 fetching corpus: 1449, signal 111617/122202 (executing program) 2025/09/01 08:49:55 fetching corpus: 1499, signal 113207/123409 (executing program) 2025/09/01 08:49:56 fetching corpus: 1549, signal 114433/124427 (executing program) 2025/09/01 08:49:56 fetching corpus: 1599, signal 115736/125397 (executing program) 2025/09/01 08:49:56 fetching corpus: 1649, signal 116460/126064 (executing program) 2025/09/01 08:49:56 fetching corpus: 1699, signal 117723/126996 (executing program) 2025/09/01 08:49:56 fetching corpus: 1749, signal 118802/127828 (executing program) 2025/09/01 08:49:56 fetching corpus: 1799, signal 121454/129255 (executing program) 2025/09/01 08:49:56 fetching corpus: 1849, signal 123359/130306 (executing program) 2025/09/01 08:49:56 fetching corpus: 1899, signal 124185/130833 (executing program) 2025/09/01 08:49:56 fetching corpus: 1949, signal 126059/131780 (executing program) 2025/09/01 08:49:57 fetching corpus: 1999, signal 126857/132276 (executing program) 2025/09/01 08:49:57 fetching corpus: 2049, signal 127614/132712 (executing program) 2025/09/01 08:49:57 fetching corpus: 2099, signal 128688/133202 (executing program) 2025/09/01 08:49:57 fetching corpus: 2149, signal 129739/133679 (executing program) 2025/09/01 08:49:57 fetching corpus: 2199, signal 130689/134092 (executing program) 2025/09/01 08:49:57 fetching corpus: 2249, signal 131420/134416 (executing program) 2025/09/01 08:49:57 fetching corpus: 2299, signal 132110/134705 (executing program) 2025/09/01 08:49:57 fetching corpus: 2349, signal 132862/134953 (executing program) 2025/09/01 08:49:57 fetching corpus: 2355, signal 133140/135071 (executing program) 2025/09/01 08:49:57 fetching corpus: 2355, signal 133140/135106 (executing program) 2025/09/01 08:49:57 fetching corpus: 2355, signal 133140/135141 (executing program) 2025/09/01 08:49:57 fetching corpus: 2355, signal 133140/135176 (executing program) 2025/09/01 08:49:57 fetching corpus: 2355, signal 133140/135202 (executing program) 2025/09/01 08:49:57 fetching corpus: 2355, signal 133140/135236 (executing program) 2025/09/01 08:49:57 fetching corpus: 2355, signal 133140/135274 (executing program) 2025/09/01 08:49:57 fetching corpus: 2355, signal 133140/135315 (executing program) 2025/09/01 08:49:57 fetching corpus: 2355, signal 133140/135356 (executing program) 2025/09/01 08:49:57 fetching corpus: 2355, signal 133140/135397 (executing program) 2025/09/01 08:49:58 fetching corpus: 2355, signal 133140/135431 (executing program) 2025/09/01 08:49:58 fetching corpus: 2355, signal 133140/135461 (executing program) 2025/09/01 08:49:58 fetching corpus: 2355, signal 133140/135499 (executing program) 2025/09/01 08:49:58 fetching corpus: 2355, signal 133140/135539 (executing program) 2025/09/01 08:49:58 fetching corpus: 2355, signal 133140/135588 (executing program) 2025/09/01 08:49:58 fetching corpus: 2355, signal 133140/135634 (executing program) 2025/09/01 08:49:58 fetching corpus: 2355, signal 133140/135671 (executing program) 2025/09/01 08:49:58 fetching corpus: 2355, signal 133140/135709 (executing program) 2025/09/01 08:49:58 fetching corpus: 2355, signal 133140/135740 (executing program) 2025/09/01 08:49:58 fetching corpus: 2355, signal 133140/135740 (executing program) 2025/09/01 08:50:00 starting 8 fuzzer processes 08:50:00 executing program 0: setresuid(0x0, 0xee00, 0x0) r0 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000006f40)) 08:50:00 executing program 4: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000200)=ANY=[@ANYBLOB], 0x15, 0x0) unlink(&(0x7f0000000080)='./file0/file0\x00') 08:50:00 executing program 5: sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0xccfdaec38af308bd) 08:50:00 executing program 1: request_key(&(0x7f0000000140)='dns_resolver\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)='syz', 0x0) 08:50:00 executing program 2: socket$unix(0x1, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00') pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0) [ 68.756325] audit: type=1400 audit(1756716600.432:7): avc: denied { execmem } for pid=271 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 08:50:00 executing program 3: syz_emit_ethernet(0x42, &(0x7f0000000140)={@multicast, @link_local, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @private=0xa010100, {[@lsrr={0x83, 0x3, 0x5f}]}}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @private}}}}}}, 0x0) 08:50:00 executing program 7: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0xa40024, &(0x7f00000004c0)={[{@mode={'mode', 0x3d, 0xffffffffffffffff}}]}) 08:50:00 executing program 6: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[]) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) setresuid(0x0, r1, 0x0) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) linkat(r0, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file1\x00', 0x0) [ 69.927739] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.933630] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.937268] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.941167] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.943754] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.961758] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.967519] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.969586] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.980819] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.983310] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 70.004508] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.009658] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.012622] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.024713] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.030502] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 70.113509] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 70.120615] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 70.123476] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 70.130714] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.134293] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.187555] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 70.194819] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 70.198334] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 70.199521] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 70.200853] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 70.204430] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 70.206442] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 70.209338] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 70.213526] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 70.215793] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 70.230465] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 70.232346] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 70.239487] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 70.242497] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 70.272611] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 70.272926] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 70.277544] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 70.297254] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 70.304682] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 70.325688] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.021149] Bluetooth: hci1: command tx timeout [ 72.022146] Bluetooth: hci0: command tx timeout [ 72.083166] Bluetooth: hci2: command tx timeout [ 72.147124] Bluetooth: hci3: command tx timeout [ 72.275145] Bluetooth: hci4: command tx timeout [ 72.403215] Bluetooth: hci6: command tx timeout [ 72.403395] Bluetooth: hci5: command tx timeout [ 72.404027] Bluetooth: hci7: command tx timeout [ 74.068191] Bluetooth: hci0: command tx timeout [ 74.068608] Bluetooth: hci1: command tx timeout [ 74.131110] Bluetooth: hci2: command tx timeout [ 74.195203] Bluetooth: hci3: command tx timeout [ 74.323104] Bluetooth: hci4: command tx timeout [ 74.451172] Bluetooth: hci6: command tx timeout [ 74.451579] Bluetooth: hci5: command tx timeout [ 74.451726] Bluetooth: hci7: command tx timeout [ 76.117109] Bluetooth: hci0: command tx timeout [ 76.118012] Bluetooth: hci1: command tx timeout [ 76.179188] Bluetooth: hci2: command tx timeout [ 76.243212] Bluetooth: hci3: command tx timeout [ 76.371183] Bluetooth: hci4: command tx timeout [ 76.499185] Bluetooth: hci6: command tx timeout [ 76.499938] Bluetooth: hci5: command tx timeout [ 76.500687] Bluetooth: hci7: command tx timeout [ 78.163134] Bluetooth: hci0: command tx timeout [ 78.163560] Bluetooth: hci1: command tx timeout [ 78.227723] Bluetooth: hci2: command tx timeout [ 78.291258] Bluetooth: hci3: command tx timeout [ 78.419169] Bluetooth: hci4: command tx timeout [ 78.549166] Bluetooth: hci5: command tx timeout [ 78.549797] Bluetooth: hci6: command tx timeout [ 78.550190] Bluetooth: hci7: command tx timeout [ 107.635341] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.636016] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.843102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.843672] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:50:39 executing program 2: socket$unix(0x1, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00') pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0) [ 108.300354] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.300922] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:50:40 executing program 2: socket$unix(0x1, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00') pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0) 08:50:40 executing program 2: socket$unix(0x1, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00') pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0) [ 108.460189] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.460763] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:50:40 executing program 2: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000400)=0x20) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) [ 108.545569] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.546258] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:50:40 executing program 2: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000400)=0x20) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 08:50:40 executing program 2: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000400)=0x20) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) [ 108.659524] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.660189] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:50:40 executing program 2: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000400)=0x20) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 08:50:40 executing program 2: sync() clock_gettime(0x0, 0x0) [ 108.832257] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.832866] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.015438] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.016150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.029814] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.030463] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.092918] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.093547] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.141418] ramfs: Bad value for 'mode' [ 109.143387] ramfs: Bad value for 'mode' [ 109.162100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.162717] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.211454] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.212372] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.283807] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.284928] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.338185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.338825] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.385148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.385761] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.441384] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.442005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:50:41 executing program 2: sync() clock_gettime(0x0, 0x0) 08:50:41 executing program 7: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0xa40024, &(0x7f00000004c0)={[{@mode={'mode', 0x3d, 0xffffffffffffffff}}]}) 08:50:41 executing program 1: request_key(&(0x7f0000000140)='dns_resolver\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)='syz', 0x0) 08:50:41 executing program 4: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000200)=ANY=[@ANYBLOB], 0x15, 0x0) unlink(&(0x7f0000000080)='./file0/file0\x00') 08:50:41 executing program 6: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[]) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) setresuid(0x0, r1, 0x0) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) linkat(r0, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file1\x00', 0x0) 08:50:41 executing program 3: syz_emit_ethernet(0x42, &(0x7f0000000140)={@multicast, @link_local, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @private=0xa010100, {[@lsrr={0x83, 0x3, 0x5f}]}}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @private}}}}}}, 0x0) 08:50:41 executing program 5: sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0xccfdaec38af308bd) 08:50:41 executing program 0: setresuid(0x0, 0xee00, 0x0) r0 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000006f40)) [ 109.604154] ramfs: Bad value for 'mode' 08:50:41 executing program 5: sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0xccfdaec38af308bd) 08:50:41 executing program 3: syz_emit_ethernet(0x42, &(0x7f0000000140)={@multicast, @link_local, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @private=0xa010100, {[@lsrr={0x83, 0x3, 0x5f}]}}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @private}}}}}}, 0x0) 08:50:41 executing program 1: request_key(&(0x7f0000000140)='dns_resolver\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)='syz', 0x0) 08:50:41 executing program 6: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[]) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) setresuid(0x0, r1, 0x0) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) linkat(r0, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file1\x00', 0x0) 08:50:41 executing program 7: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0xa40024, &(0x7f00000004c0)={[{@mode={'mode', 0x3d, 0xffffffffffffffff}}]}) 08:50:41 executing program 0: setresuid(0x0, 0xee00, 0x0) r0 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000006f40)) 08:50:41 executing program 5: sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0xccfdaec38af308bd) [ 109.773795] ramfs: Bad value for 'mode' 08:50:41 executing program 2: sync() clock_gettime(0x0, 0x0) 08:50:41 executing program 4: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000200)=ANY=[@ANYBLOB], 0x15, 0x0) unlink(&(0x7f0000000080)='./file0/file0\x00') 08:50:41 executing program 3: syz_emit_ethernet(0x42, &(0x7f0000000140)={@multicast, @link_local, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @private=0xa010100, {[@lsrr={0x83, 0x3, 0x5f}]}}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @private}}}}}}, 0x0) 08:50:41 executing program 1: request_key(&(0x7f0000000140)='dns_resolver\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)='syz', 0x0) 08:50:41 executing program 0: setresuid(0x0, 0xee00, 0x0) r0 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000006f40)) 08:50:41 executing program 7: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0xa40024, &(0x7f00000004c0)={[{@mode={'mode', 0x3d, 0xffffffffffffffff}}]}) 08:50:41 executing program 6: r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[]) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) setresuid(0x0, r1, 0x0) mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) linkat(r0, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file1\x00', 0x0) 08:50:41 executing program 5: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000200)=ANY=[@ANYBLOB], 0x15, 0x0) unlink(&(0x7f0000000080)='./file0/file0\x00') [ 109.874415] ramfs: Bad value for 'mode' 08:50:41 executing program 4: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000200)=ANY=[@ANYBLOB], 0x15, 0x0) unlink(&(0x7f0000000080)='./file0/file0\x00') 08:50:41 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)={0x10}, 0x10}, {0x0, 0x138}], 0x2}, 0x0) 08:50:41 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000005880)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) connect$unix(r1, &(0x7f0000000240)=@file={0x0, './file0\x00'}, 0x6e) 08:50:41 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = timerfd_create(0x0, 0x0) timerfd_gettime(r0, &(0x7f0000000040)) 08:50:41 executing program 2: sync() clock_gettime(0x0, 0x0) 08:50:41 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xc9d, &(0x7f0000000100)={0x0, 0x0, 0x2}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 08:50:41 executing program 5: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000200)=ANY=[@ANYBLOB], 0x15, 0x0) unlink(&(0x7f0000000080)='./file0/file0\x00') [ 110.053281] audit: type=1400 audit(1756716641.726:8): avc: denied { open } for pid=3961 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 110.063281] audit: type=1400 audit(1756716641.726:9): avc: denied { kernel } for pid=3961 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 08:50:41 executing program 6: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x8, 0xfff}) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6002, 0x0) pwritev(r1, &(0x7f0000000300)=[{&(0x7f0000000440)="85", 0x40000}], 0x1, 0x1000, 0x0) [ 110.077680] kmemleak: Found object by alias at 0x607f1a63e67c [ 110.077698] CPU: 1 UID: 0 PID: 3960 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 110.077717] Tainted: [W]=WARN [ 110.077721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 110.077728] Call Trace: [ 110.077732] [ 110.077737] dump_stack_lvl+0xca/0x120 [ 110.077762] __lookup_object+0x94/0xb0 [ 110.077780] delete_object_full+0x27/0x70 [ 110.077796] free_percpu+0x30/0x1160 [ 110.077814] ? arch_uprobe_clear_state+0x16/0x140 [ 110.077834] futex_hash_free+0x38/0xc0 [ 110.077848] mmput+0x2d3/0x390 [ 110.077867] do_exit+0x79d/0x2970 [ 110.077882] ? signal_wake_up_state+0x85/0x120 [ 110.077898] ? zap_other_threads+0x2b9/0x3a0 [ 110.077914] ? __pfx_do_exit+0x10/0x10 [ 110.077927] ? do_group_exit+0x1c3/0x2a0 [ 110.077941] ? lock_release+0xc8/0x290 [ 110.077958] do_group_exit+0xd3/0x2a0 [ 110.077973] __x64_sys_exit_group+0x3e/0x50 [ 110.077988] x64_sys_call+0x18c5/0x18d0 [ 110.078004] do_syscall_64+0xbf/0x360 [ 110.078017] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.078028] RIP: 0033:0x7f9e7c7d4b19 [ 110.078037] Code: Unable to access opcode bytes at 0x7f9e7c7d4aef. [ 110.078046] RSP: 002b:00007fff7a1623d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.078058] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f9e7c7d4b19 [ 110.078066] RDX: 00007f9e7c78772b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 110.078073] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001 [ 110.078080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 110.078087] R13: 0000000000000001 R14: 0000000000000001 R15: 00007fff7a1624c0 [ 110.078102] [ 110.078106] kmemleak: Object (percpu) 0x607f1a63e678 (size 8): [ 110.078113] kmemleak: comm "syz-executor.1", pid 3965, jiffies 4294776912 [ 110.078120] kmemleak: min_count = 1 [ 110.078123] kmemleak: count = 0 [ 110.078127] kmemleak: flags = 0x21 [ 110.078131] kmemleak: checksum = 0 [ 110.078135] kmemleak: backtrace: [ 110.078138] pcpu_alloc_noprof+0x87a/0x1170 [ 110.078153] perf_trace_event_init+0x366/0xa10 [ 110.078167] perf_trace_init+0x1a4/0x2f0 [ 110.078180] perf_tp_event_init+0xa6/0x120 [ 110.078197] perf_try_init_event+0x140/0x9f0 [ 110.078210] perf_event_alloc.part.0+0x118e/0x45f0 [ 110.078227] __do_sys_perf_event_open+0x719/0x2c20 [ 110.078240] do_syscall_64+0xbf/0x360 [ 110.078250] entry_SYSCALL_64_after_hwframe+0x77/0x7f 08:50:41 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)={0x10}, 0x10}, {0x0, 0x138}], 0x2}, 0x0) 08:50:41 executing program 5: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000200)=ANY=[@ANYBLOB], 0x15, 0x0) unlink(&(0x7f0000000080)='./file0/file0\x00') 08:50:41 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = timerfd_create(0x0, 0x0) timerfd_gettime(r0, &(0x7f0000000040)) 08:50:41 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000005880)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) connect$unix(r1, &(0x7f0000000240)=@file={0x0, './file0\x00'}, 0x6e) 08:50:41 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000005880)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) connect$unix(r1, &(0x7f0000000240)=@file={0x0, './file0\x00'}, 0x6e) [ 110.258257] kmemleak: Found object by alias at 0x607f1a63e67c 08:50:41 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = timerfd_create(0x0, 0x0) timerfd_gettime(r0, &(0x7f0000000040)) [ 110.258280] CPU: 1 UID: 0 PID: 3981 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 110.258299] Tainted: [W]=WARN [ 110.258303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 110.258310] Call Trace: [ 110.258314] [ 110.258319] dump_stack_lvl+0xca/0x120 [ 110.258345] __lookup_object+0x94/0xb0 [ 110.258363] delete_object_full+0x27/0x70 [ 110.258379] free_percpu+0x30/0x1160 [ 110.258396] ? arch_uprobe_clear_state+0x16/0x140 [ 110.258416] futex_hash_free+0x38/0xc0 [ 110.258431] mmput+0x2d3/0x390 [ 110.258450] do_exit+0x79d/0x2970 [ 110.258464] ? signal_wake_up_state+0x85/0x120 [ 110.258480] ? zap_other_threads+0x2b9/0x3a0 [ 110.258496] ? __pfx_do_exit+0x10/0x10 [ 110.258509] ? do_group_exit+0x1c3/0x2a0 [ 110.258523] ? lock_release+0xc8/0x290 [ 110.258540] do_group_exit+0xd3/0x2a0 [ 110.258555] __x64_sys_exit_group+0x3e/0x50 [ 110.258569] x64_sys_call+0x18c5/0x18d0 [ 110.258585] do_syscall_64+0xbf/0x360 [ 110.258597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.258609] RIP: 0033:0x7f9e7c7d4b19 [ 110.258618] Code: Unable to access opcode bytes at 0x7f9e7c7d4aef. [ 110.258624] RSP: 002b:00007fff7a1623d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.258635] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f9e7c7d4b19 [ 110.258643] RDX: 00007f9e7c78772b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 110.258650] RBP: 0000000000000000 R08: 0000001b2d22121c R09: 0000000000000000 [ 110.258657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 110.258664] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff7a1624c0 [ 110.258679] [ 110.258683] kmemleak: Object (percpu) 0x607f1a63e678 (size 8): [ 110.258690] kmemleak: comm "syz-executor.5", pid 3985, jiffies 4294777106 [ 110.258697] kmemleak: min_count = 1 [ 110.258701] kmemleak: count = 0 [ 110.258705] kmemleak: flags = 0x21 [ 110.258709] kmemleak: checksum = 0 [ 110.258712] kmemleak: backtrace: [ 110.258716] pcpu_alloc_noprof+0x87a/0x1170 [ 110.258731] alloc_vfsmnt+0x135/0x6e0 [ 110.258745] vfs_create_mount.part.0+0x40/0x440 [ 110.258760] path_mount+0x1637/0x1dd0 [ 110.258772] __x64_sys_mount+0x27b/0x300 [ 110.258784] do_syscall_64+0xbf/0x360 [ 110.258793] entry_SYSCALL_64_after_hwframe+0x77/0x7f 08:50:41 executing program 6: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x8, 0xfff}) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6002, 0x0) pwritev(r1, &(0x7f0000000300)=[{&(0x7f0000000440)="85", 0x40000}], 0x1, 0x1000, 0x0) 08:50:41 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xc9d, &(0x7f0000000100)={0x0, 0x0, 0x2}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 08:50:42 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = timerfd_create(0x0, 0x0) timerfd_gettime(r0, &(0x7f0000000040)) 08:50:42 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)={0x10}, 0x10}, {0x0, 0x138}], 0x2}, 0x0) 08:50:42 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000005880)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) connect$unix(r1, &(0x7f0000000240)=@file={0x0, './file0\x00'}, 0x6e) 08:50:42 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000005880)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) connect$unix(r1, &(0x7f0000000240)=@file={0x0, './file0\x00'}, 0x6e) 08:50:42 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000005880)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) connect$unix(r1, &(0x7f0000000240)=@file={0x0, './file0\x00'}, 0x6e) 08:50:42 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xc9d, &(0x7f0000000100)={0x0, 0x0, 0x2}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 08:50:42 executing program 6: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x8, 0xfff}) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6002, 0x0) pwritev(r1, &(0x7f0000000300)=[{&(0x7f0000000440)="85", 0x40000}], 0x1, 0x1000, 0x0) 08:50:42 executing program 5: setresuid(0x0, 0x0, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/packet\x00') read(r0, 0x0, 0x0) [ 110.446522] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI [ 110.447472] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 110.448046] CPU: 0 UID: 0 PID: 4008 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 110.450086] Tainted: [W]=WARN [ 110.450877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 110.453162] RIP: 0010:perf_tp_event+0x175/0xe70 [ 110.453775] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 110.455260] RSP: 0018:ffff888044c47800 EFLAGS: 00010212 [ 110.455695] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90009e50000 [ 110.456290] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 110.456873] RBP: ffff888044c47a70 R08: ffff88806ce31340 R09: ffffe8ffffc16678 [ 110.457454] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 110.458033] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 110.458620] FS: 00007fd54de59700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 110.459274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.459752] CR2: 00005555909d4708 CR3: 000000000c74b000 CR4: 0000000000350ef0 [ 110.460344] Call Trace: [ 110.460558] [ 110.460751] ? __pfx_perf_tp_event+0x10/0x10 [ 110.461125] ? lock_is_held_type+0x9e/0x120 [ 110.461489] ? perf_trace_lock+0xb5/0x5d0 [ 110.461836] ? perf_trace_lock+0xb5/0x5d0 [ 110.462180] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 110.462595] ? perf_swevent_event+0x63/0x3f0 [ 110.462970] ? perf_tp_event+0x807/0xe70 [ 110.463316] ? perf_trace_run_bpf_submit+0xef/0x180 [ 110.463736] ? __pfx_perf_tp_event+0x10/0x10 [ 110.464116] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 110.464599] ? do_raw_spin_unlock+0x53/0x220 [ 110.464972] ? perf_trace_run_bpf_submit+0xef/0x180 [ 110.465387] perf_trace_run_bpf_submit+0xef/0x180 [ 110.465798] perf_trace_lock+0x337/0x5d0 [ 110.466143] ? __pfx_perf_trace_lock+0x10/0x10 [ 110.466529] ? lock_acquire+0x15e/0x2f0 [ 110.466861] ? futex_ref_get+0x48/0x300 [ 110.467193] ? futex_ref_get+0x114/0x300 [ 110.467527] ? futex_hash+0x15c/0x390 [ 110.467854] lock_release+0x1ab/0x290 [ 110.468176] ? futex_hash+0x15c/0x390 [ 110.468494] futex_ref_get+0x119/0x300 [ 110.468817] ? futex_hash+0x15c/0x390 [ 110.469131] futex_hash+0x70/0x390 [ 110.469433] futex_wake+0x143/0x540 [ 110.469741] ? __pfx_perf_trace_lock+0x10/0x10 [ 110.470122] ? __pfx_futex_wake+0x10/0x10 [ 110.470472] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 110.470893] ? lock_release+0xc8/0x290 [ 110.471223] do_futex+0x26d/0x370 [ 110.471517] ? __pfx_do_futex+0x10/0x10 [ 110.471862] __x64_sys_futex+0x1c9/0x4d0 [ 110.472203] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 110.472682] ? __pfx___x64_sys_futex+0x10/0x10 [ 110.473065] ? xfd_validate_state+0x55/0x180 [ 110.473452] do_syscall_64+0xbf/0x360 [ 110.473773] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.474199] RIP: 0033:0x7fd5508e3b19 [ 110.474506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.475998] RSP: 002b:00007fd54de59218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 110.476610] RAX: ffffffffffffffda RBX: 00007fd5509f6f68 RCX: 00007fd5508e3b19 [ 110.477190] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd5509f6f6c [ 110.477767] RBP: 00007fd5509f6f60 R08: 000000000000000e R09: 0000000000000000 [ 110.478347] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fd5509f6f6c [ 110.478926] R13: 00007ffe0b03947f R14: 00007fd54de59300 R15: 0000000000022000 [ 110.479520] [ 110.479715] Modules linked in: [ 110.480035] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI [ 110.480922] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 110.481545] CPU: 0 UID: 0 PID: 4008 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 110.482511] Tainted: [D]=DIE, [W]=WARN [ 110.482825] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 110.483488] RIP: 0010:perf_tp_event+0x175/0xe70 [ 110.483885] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 110.485349] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012 [ 110.485783] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 110.486357] RDX: ffff888044c31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 110.486935] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc16678 [ 110.487510] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000 [ 110.488093] R13: 000000000000002c R14: ffff88806ce31490 R15: dffffc0000000000 [ 110.488672] FS: 00007fd54de59700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 110.489319] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.489791] CR2: 00005555909d4708 CR3: 000000000c74b000 CR4: 0000000000350ef0 [ 110.490365] Call Trace: [ 110.490577] [ 110.490769] ? __pfx_perf_tp_event+0x10/0x10 [ 110.491139] ? stack_depot_save_flags+0x2c/0xa20 [ 110.491531] ? kasan_save_stack+0x34/0x50 [ 110.491885] ? kasan_save_stack+0x24/0x50 [ 110.492226] ? kasan_save_track+0x14/0x30 [ 110.492567] ? __kasan_save_free_info+0x3a/0x60 [ 110.492951] ? __kasan_slab_free+0x3f/0x50 [ 110.493298] ? kmem_cache_free+0x2a1/0x540 [ 110.493646] ? rcu_core+0x7c8/0x1800 [ 110.493959] ? handle_softirqs+0x1b1/0x770 [ 110.494312] ? __irq_exit_rcu+0xc4/0x100 [ 110.494653] ? irq_exit_rcu+0x9/0x20 [ 110.494959] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 110.495377] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 110.495831] ? unwind_get_return_address+0x59/0xa0 [ 110.496241] ? arch_stack_walk+0x9c/0xf0 [ 110.496575] ? stack_trace_save+0x8e/0xc0 [ 110.496920] ? set_track_prepare+0x35/0x70 [ 110.497269] ? __alloc_object+0xf0/0x2c0 [ 110.497605] ? __create_object+0x1d/0x80 [ 110.497945] ? kmem_cache_alloc_noprof+0x414/0x690 [ 110.498348] ? __es_insert_extent+0xed2/0x1370 [ 110.498733] ? ext4_es_insert_extent+0x4d0/0x1100 [ 110.499131] ? ext4_map_blocks+0x7ff/0x14a0 [ 110.499480] ? ext4_alloc_file_blocks.isra.0+0x32f/0xca0 [ 110.499928] ? ext4_fallocate+0x14de/0x3300 [ 110.500285] ? vfs_fallocate+0x3fb/0xd60 [ 110.500619] ? ioctl_preallocate+0x190/0x200 [ 110.500989] ? do_vfs_ioctl+0x11a2/0x1470 [ 110.501333] ? __x64_sys_ioctl+0x116/0x210 [ 110.501687] ? do_syscall_64+0xbf/0x360 [ 110.502012] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.502449] ? perf_trace_run_bpf_submit+0xef/0x180 [ 110.502862] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 110.503336] perf_trace_run_bpf_submit+0xef/0x180 [ 110.503742] perf_trace_lock+0x337/0x5d0 [ 110.504080] ? mark_held_locks+0x49/0x80 [ 110.504418] ? __pfx_perf_trace_lock+0x10/0x10 [ 110.504799] ? mark_held_locks+0x49/0x80 [ 110.505137] ? hrtimer_interrupt+0x114/0x830 [ 110.505504] lock_release+0x1ab/0x290 [ 110.505819] ktime_get_update_offsets_now+0xab/0x3c0 [ 110.506240] ? hrtimer_interrupt+0x114/0x830 [ 110.506601] ? __pfx_rcu_core+0x10/0x10 [ 110.506932] hrtimer_interrupt+0x114/0x830 [ 110.507282] ? __pfx_do_sync_core+0x10/0x10 [ 110.507644] ? trace_csd_function_exit+0x134/0x190 [ 110.508058] ? __flush_smp_call_function_queue+0x28c/0x740 [ 110.508521] __sysvec_apic_timer_interrupt+0xbb/0x330 [ 110.508948] sysvec_apic_timer_interrupt+0x6b/0x80 [ 110.509355] [ 110.509543] [ 110.509733] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 110.510161] RIP: 0010:oops_exit+0x0/0x50 [ 110.510502] Code: 00 3a 00 be ff ff ff ff 48 c7 c7 50 b4 43 86 e8 c6 0f f9 ff 5b e9 50 00 3a 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 36 00 3a 00 8b 1d c0 3d 4f 06 31 ff 89 de e8 57 [ 110.511991] RSP: 0018:ffff888044c47690 EFLAGS: 00000202 [ 110.512424] RAX: 000000000002a39b RBX: 0000000000000212 RCX: ffffc90009e50000 [ 110.513002] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 110.513586] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f12690 [ 110.514160] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888044c47758 [ 110.514738] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000 [ 110.515321] ? oops_end+0x4a/0xe0 [ 110.515619] oops_end+0x65/0xe0 [ 110.515909] exc_general_protection+0x1a2/0x330 [ 110.516297] asm_exc_general_protection+0x26/0x30 [ 110.516691] RIP: 0010:perf_tp_event+0x175/0xe70 [ 110.517078] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 110.518538] RSP: 0018:ffff888044c47800 EFLAGS: 00010212 [ 110.518968] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90009e50000 [ 110.519545] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 110.520136] RBP: ffff888044c47a70 R08: ffff88806ce31340 R09: ffffe8ffffc16678 [ 110.520707] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 110.521281] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 110.521852] ? perf_tp_event+0x167/0xe70 [ 110.522195] ? __pfx_perf_tp_event+0x10/0x10 [ 110.522569] ? lock_is_held_type+0x9e/0x120 [ 110.522928] ? perf_trace_lock+0xb5/0x5d0 [ 110.523270] ? perf_trace_lock+0xb5/0x5d0 [ 110.523610] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 110.524022] ? perf_swevent_event+0x63/0x3f0 [ 110.524388] ? perf_tp_event+0x807/0xe70 [ 110.524721] ? perf_trace_run_bpf_submit+0xef/0x180 [ 110.525132] ? __pfx_perf_tp_event+0x10/0x10 [ 110.525496] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 110.525968] ? do_raw_spin_unlock+0x53/0x220 [ 110.526337] ? perf_trace_run_bpf_submit+0xef/0x180 [ 110.526752] perf_trace_run_bpf_submit+0xef/0x180 [ 110.527150] perf_trace_lock+0x337/0x5d0 [ 110.527488] ? __pfx_perf_trace_lock+0x10/0x10 [ 110.527876] ? lock_acquire+0x15e/0x2f0 [ 110.528203] ? futex_ref_get+0x48/0x300 [ 110.528527] ? futex_ref_get+0x114/0x300 [ 110.528857] ? futex_hash+0x15c/0x390 [ 110.529167] lock_release+0x1ab/0x290 [ 110.529484] ? futex_hash+0x15c/0x390 [ 110.529799] futex_ref_get+0x119/0x300 [ 110.530121] ? futex_hash+0x15c/0x390 [ 110.530433] futex_hash+0x70/0x390 [ 110.530729] futex_wake+0x143/0x540 [ 110.531031] ? __pfx_perf_trace_lock+0x10/0x10 [ 110.531416] ? __pfx_futex_wake+0x10/0x10 [ 110.531759] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 110.532181] ? lock_release+0xc8/0x290 [ 110.532507] do_futex+0x26d/0x370 [ 110.532793] ? __pfx_do_futex+0x10/0x10 [ 110.533125] __x64_sys_futex+0x1c9/0x4d0 [ 110.533473] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 110.533964] ? __pfx___x64_sys_futex+0x10/0x10 [ 110.534344] ? xfd_validate_state+0x55/0x180 [ 110.534716] do_syscall_64+0xbf/0x360 [ 110.535030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.535451] RIP: 0033:0x7fd5508e3b19 [ 110.535754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.537225] RSP: 002b:00007fd54de59218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 110.537837] RAX: ffffffffffffffda RBX: 00007fd5509f6f68 RCX: 00007fd5508e3b19 [ 110.538412] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd5509f6f6c [ 110.538984] RBP: 00007fd5509f6f60 R08: 000000000000000e R09: 0000000000000000 [ 110.539559] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fd5509f6f6c [ 110.540144] R13: 00007ffe0b03947f R14: 00007fd54de59300 R15: 0000000000022000 [ 110.540723] [ 110.540916] Modules linked in: [ 110.541181] ---[ end trace 0000000000000000 ]--- [ 110.541566] RIP: 0010:perf_tp_event+0x175/0xe70 [ 110.541952] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 110.543413] RSP: 0018:ffff888044c47800 EFLAGS: 00010212 [ 110.543855] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90009e50000 [ 110.544433] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 110.545008] RBP: ffff888044c47a70 R08: ffff88806ce31340 R09: ffffe8ffffc16678 [ 110.545585] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 110.546158] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 110.546744] FS: 00007fd54de59700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 110.547391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.547864] CR2: 00005555909d4708 CR3: 000000000c74b000 CR4: 0000000000350ef0 [ 110.548451] Kernel panic - not syncing: Fatal exception in interrupt [ 110.549162] Kernel Offset: disabled [ 110.549463] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 08:50:42 Registers: info registers vcpu 0 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888044c47198 R8 =0000000000000000 R9 =ffffed1001349046 R10=0000000000000031 R11=6572617764726148 R12=0000000000000031 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fd54de59700 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe7400000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005555909d4708 CR3=000000000c74b000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fd5509ca7c000007fd5509ca7c8 XMM02=00007fd5509ca7e000007fd5509ca7c0 XMM03=00007fd5509ca7c800007fd5509ca7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000017e2e RBX=ffff88806ce3de20 RCX=ffffc90006e38000 RDX=0000000000040000 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff88804289fa58 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=2963736564747028 R12=ffffed100d9c7bc5 R13=ffff88806ce3de28 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff816880d8 RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f14be01e700 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe0100000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020005880 CR3=000000000e685000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f14c0b8f7c000007f14c0b8f7c8 XMM02=00007f14c0b8f7e000007f14c0b8f7c0 XMM03=00007f14c0b8f7c800007f14c0b8f7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000