Warning: Permanently added '[localhost]:44815' (ECDSA) to the list of known hosts. 2025/09/01 09:31:21 fuzzer started 2025/09/01 09:31:22 dialing manager at localhost:35473 syzkaller login: [ 57.413496] cgroup: Unknown subsys name 'net' [ 57.512238] cgroup: Unknown subsys name 'cpuset' [ 57.533466] cgroup: Unknown subsys name 'rlimit' 2025/09/01 09:31:33 syscalls: 2214 2025/09/01 09:31:33 code coverage: enabled 2025/09/01 09:31:33 comparison tracing: enabled 2025/09/01 09:31:33 extra coverage: enabled 2025/09/01 09:31:33 setuid sandbox: enabled 2025/09/01 09:31:33 namespace sandbox: enabled 2025/09/01 09:31:33 Android sandbox: enabled 2025/09/01 09:31:33 fault injection: enabled 2025/09/01 09:31:33 leak checking: enabled 2025/09/01 09:31:33 net packet injection: enabled 2025/09/01 09:31:33 net device setup: enabled 2025/09/01 09:31:33 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 09:31:33 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 09:31:33 USB emulation: enabled 2025/09/01 09:31:33 hci packet injection: enabled 2025/09/01 09:31:33 wifi device emulation: enabled 2025/09/01 09:31:33 802.15.4 emulation: enabled 2025/09/01 09:31:33 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 09:31:33 fetching corpus: 50, signal 31776/34964 (executing program) 2025/09/01 09:31:33 fetching corpus: 100, signal 40147/44560 (executing program) 2025/09/01 09:31:33 fetching corpus: 150, signal 47290/52768 (executing program) 2025/09/01 09:31:33 fetching corpus: 200, signal 52110/58666 (executing program) 2025/09/01 09:31:34 fetching corpus: 250, signal 58022/65413 (executing program) 2025/09/01 09:31:34 fetching corpus: 300, signal 63112/71275 (executing program) 2025/09/01 09:31:34 fetching corpus: 350, signal 68151/76911 (executing program) 2025/09/01 09:31:34 fetching corpus: 400, signal 71849/81253 (executing program) 2025/09/01 09:31:34 fetching corpus: 450, signal 75195/85203 (executing program) 2025/09/01 09:31:34 fetching corpus: 500, signal 77134/87812 (executing program) 2025/09/01 09:31:34 fetching corpus: 550, signal 79227/90492 (executing program) 2025/09/01 09:31:35 fetching corpus: 600, signal 81859/93656 (executing program) 2025/09/01 09:31:35 fetching corpus: 650, signal 85319/97362 (executing program) 2025/09/01 09:31:35 fetching corpus: 700, signal 86973/99541 (executing program) 2025/09/01 09:31:35 fetching corpus: 750, signal 88405/101514 (executing program) 2025/09/01 09:31:35 fetching corpus: 800, signal 90182/103678 (executing program) 2025/09/01 09:31:35 fetching corpus: 850, signal 91424/105485 (executing program) 2025/09/01 09:31:35 fetching corpus: 900, signal 92861/107332 (executing program) 2025/09/01 09:31:35 fetching corpus: 950, signal 95535/110071 (executing program) 2025/09/01 09:31:35 fetching corpus: 1000, signal 97171/112000 (executing program) 2025/09/01 09:31:36 fetching corpus: 1050, signal 98471/113671 (executing program) 2025/09/01 09:31:36 fetching corpus: 1100, signal 99987/115407 (executing program) 2025/09/01 09:31:36 fetching corpus: 1150, signal 101413/117063 (executing program) 2025/09/01 09:31:36 fetching corpus: 1200, signal 102760/118674 (executing program) 2025/09/01 09:31:36 fetching corpus: 1250, signal 103930/120082 (executing program) 2025/09/01 09:31:36 fetching corpus: 1300, signal 106673/122520 (executing program) 2025/09/01 09:31:36 fetching corpus: 1350, signal 108242/124086 (executing program) 2025/09/01 09:31:36 fetching corpus: 1400, signal 109334/125331 (executing program) 2025/09/01 09:31:36 fetching corpus: 1450, signal 110573/126638 (executing program) 2025/09/01 09:31:37 fetching corpus: 1500, signal 112374/128264 (executing program) 2025/09/01 09:31:37 fetching corpus: 1550, signal 113256/129293 (executing program) 2025/09/01 09:31:37 fetching corpus: 1600, signal 114566/130596 (executing program) 2025/09/01 09:31:37 fetching corpus: 1650, signal 115962/131833 (executing program) 2025/09/01 09:31:37 fetching corpus: 1700, signal 116590/132680 (executing program) 2025/09/01 09:31:37 fetching corpus: 1750, signal 117611/133671 (executing program) 2025/09/01 09:31:37 fetching corpus: 1800, signal 118368/134560 (executing program) 2025/09/01 09:31:37 fetching corpus: 1850, signal 119542/135599 (executing program) 2025/09/01 09:31:37 fetching corpus: 1900, signal 120096/136316 (executing program) 2025/09/01 09:31:38 fetching corpus: 1950, signal 121408/137368 (executing program) 2025/09/01 09:31:38 fetching corpus: 2000, signal 122342/138167 (executing program) 2025/09/01 09:31:38 fetching corpus: 2050, signal 123818/139184 (executing program) 2025/09/01 09:31:38 fetching corpus: 2100, signal 124848/140004 (executing program) 2025/09/01 09:31:38 fetching corpus: 2150, signal 126068/140854 (executing program) 2025/09/01 09:31:38 fetching corpus: 2200, signal 126848/141496 (executing program) 2025/09/01 09:31:38 fetching corpus: 2250, signal 127334/142019 (executing program) 2025/09/01 09:31:38 fetching corpus: 2300, signal 128416/142763 (executing program) 2025/09/01 09:31:38 fetching corpus: 2350, signal 129369/143404 (executing program) 2025/09/01 09:31:38 fetching corpus: 2400, signal 130542/144093 (executing program) 2025/09/01 09:31:39 fetching corpus: 2450, signal 131209/144591 (executing program) 2025/09/01 09:31:39 fetching corpus: 2500, signal 131834/145024 (executing program) 2025/09/01 09:31:39 fetching corpus: 2550, signal 133060/145694 (executing program) 2025/09/01 09:31:39 fetching corpus: 2600, signal 134072/146210 (executing program) 2025/09/01 09:31:39 fetching corpus: 2650, signal 134967/146701 (executing program) 2025/09/01 09:31:39 fetching corpus: 2700, signal 135553/147069 (executing program) 2025/09/01 09:31:39 fetching corpus: 2750, signal 136336/147499 (executing program) 2025/09/01 09:31:39 fetching corpus: 2800, signal 137055/147847 (executing program) 2025/09/01 09:31:39 fetching corpus: 2850, signal 137628/148187 (executing program) 2025/09/01 09:31:39 fetching corpus: 2900, signal 138392/148623 (executing program) 2025/09/01 09:31:40 fetching corpus: 2950, signal 138984/148924 (executing program) 2025/09/01 09:31:40 fetching corpus: 3000, signal 139658/149235 (executing program) 2025/09/01 09:31:40 fetching corpus: 3050, signal 140226/149493 (executing program) 2025/09/01 09:31:40 fetching corpus: 3100, signal 140874/149762 (executing program) 2025/09/01 09:31:40 fetching corpus: 3150, signal 141566/149990 (executing program) 2025/09/01 09:31:40 fetching corpus: 3200, signal 142358/150218 (executing program) 2025/09/01 09:31:40 fetching corpus: 3250, signal 143172/150462 (executing program) 2025/09/01 09:31:40 fetching corpus: 3300, signal 143657/150646 (executing program) 2025/09/01 09:31:40 fetching corpus: 3350, signal 144149/150862 (executing program) 2025/09/01 09:31:40 fetching corpus: 3400, signal 146100/151138 (executing program) 2025/09/01 09:31:41 fetching corpus: 3450, signal 147018/151250 (executing program) 2025/09/01 09:31:41 fetching corpus: 3500, signal 147672/151392 (executing program) 2025/09/01 09:31:41 fetching corpus: 3550, signal 148595/151512 (executing program) 2025/09/01 09:31:41 fetching corpus: 3565, signal 148702/151557 (executing program) 2025/09/01 09:31:41 fetching corpus: 3565, signal 148702/151590 (executing program) 2025/09/01 09:31:41 fetching corpus: 3565, signal 148702/151612 (executing program) 2025/09/01 09:31:41 fetching corpus: 3565, signal 148702/151612 (executing program) 2025/09/01 09:31:43 starting 8 fuzzer processes 09:31:43 executing program 0: r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) 09:31:43 executing program 1: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) 09:31:43 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x101, 0x0, "fff00500cdb3a84b"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000680)=0xff) 09:31:43 executing program 2: prctl$PR_SET_KEEPCAPS(0x8, 0x1) 09:31:43 executing program 7: r0 = epoll_create(0x3) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 09:31:43 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x4) 09:31:43 executing program 6: perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:31:43 executing program 4: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e365d99dfc335cf588132eba1a51d12f95180d319ee1e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab32e07ac5000000000000000032", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) ioctl$TUNSETVNETLE(r0, 0x800454dd, 0x0) [ 77.776113] audit: type=1400 audit(1756719103.703:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 78.931475] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.934230] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.936235] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 78.941158] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 78.944092] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.058122] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 79.061103] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 79.067074] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 79.071601] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.076421] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.081368] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 79.088442] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 79.091084] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 79.092990] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 79.096044] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.097968] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 79.110532] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.120400] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 79.124106] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 79.128424] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 79.130462] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 79.139814] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 79.141047] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 79.142510] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.144064] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 79.148506] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 79.152205] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 79.155179] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 79.159122] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.162115] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 79.163363] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 79.164914] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.167197] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 79.180580] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 79.182208] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 79.186927] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 79.188090] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 79.189168] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 79.191746] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 79.193576] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 80.965419] Bluetooth: hci0: command tx timeout [ 81.155923] Bluetooth: hci1: command tx timeout [ 81.219931] Bluetooth: hci2: command tx timeout [ 81.220882] Bluetooth: hci3: command tx timeout [ 81.283845] Bluetooth: hci4: command tx timeout [ 81.285256] Bluetooth: hci6: command tx timeout [ 81.285719] Bluetooth: hci5: command tx timeout [ 81.286189] Bluetooth: hci7: command tx timeout [ 83.013677] Bluetooth: hci0: command tx timeout [ 83.205027] Bluetooth: hci1: command tx timeout [ 83.269247] Bluetooth: hci3: command tx timeout [ 83.270349] Bluetooth: hci2: command tx timeout [ 83.332007] Bluetooth: hci7: command tx timeout [ 83.332744] Bluetooth: hci5: command tx timeout [ 83.333522] Bluetooth: hci6: command tx timeout [ 83.335210] Bluetooth: hci4: command tx timeout [ 85.059868] Bluetooth: hci0: command tx timeout [ 85.252104] Bluetooth: hci1: command tx timeout [ 85.315919] Bluetooth: hci2: command tx timeout [ 85.316744] Bluetooth: hci3: command tx timeout [ 85.381169] Bluetooth: hci7: command tx timeout [ 85.382866] Bluetooth: hci5: command tx timeout [ 85.382919] Bluetooth: hci6: command tx timeout [ 85.383609] Bluetooth: hci4: command tx timeout [ 87.109063] Bluetooth: hci0: command tx timeout [ 87.301828] Bluetooth: hci1: command tx timeout [ 87.363870] Bluetooth: hci3: command tx timeout [ 87.364296] Bluetooth: hci2: command tx timeout [ 87.427900] Bluetooth: hci6: command tx timeout [ 87.428328] Bluetooth: hci5: command tx timeout [ 87.429183] Bluetooth: hci4: command tx timeout [ 87.429582] Bluetooth: hci7: command tx timeout [ 116.453863] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.455244] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.708820] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.709456] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:32:23 executing program 1: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) 09:32:23 executing program 1: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) 09:32:23 executing program 1: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) 09:32:23 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) ioctl$CDROMREADMODE1(r0, 0x5392, &(0x7f0000002380)) 09:32:24 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) ioctl$CDROMREADMODE1(r0, 0x5392, &(0x7f0000002380)) 09:32:24 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) ioctl$CDROMREADMODE1(r0, 0x5392, &(0x7f0000002380)) 09:32:24 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) ioctl$CDROMREADMODE1(r0, 0x5392, &(0x7f0000002380)) [ 118.620835] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.621479] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:32:24 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x6, 0x0, &(0x7f0000000040)) [ 118.756192] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.756865] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.838844] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.839487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.948974] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.949603] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.998758] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.999379] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.099047] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.099704] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.133262] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.133907] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.204909] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.205529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.259250] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.260025] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.309176] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.310222] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.347986] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.348558] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.387165] audit: type=1400 audit(1756719145.313:8): avc: denied { open } for pid=3898 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.390856] audit: type=1400 audit(1756719145.313:9): avc: denied { kernel } for pid=3898 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.450294] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.450956] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.476447] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.477122] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.517504] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.518158] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:32:25 executing program 0: r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) 09:32:25 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x6, 0x0, &(0x7f0000000040)) 09:32:25 executing program 2: prctl$PR_SET_KEEPCAPS(0x8, 0x1) 09:32:25 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setstatus(r0, 0x4, 0x42000) 09:32:25 executing program 4: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e365d99dfc335cf588132eba1a51d12f95180d319ee1e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab32e07ac5000000000000000032", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) ioctl$TUNSETVNETLE(r0, 0x800454dd, 0x0) 09:32:25 executing program 6: perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:32:25 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x4) 09:32:25 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x101, 0x0, "fff00500cdb3a84b"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000680)=0xff) 09:32:25 executing program 2: prctl$PR_SET_KEEPCAPS(0x8, 0x1) 09:32:25 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x4) 09:32:25 executing program 6: perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:32:25 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x101, 0x0, "fff00500cdb3a84b"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000680)=0xff) 09:32:25 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setstatus(r0, 0x4, 0x42000) 09:32:25 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x6, 0x0, &(0x7f0000000040)) 09:32:25 executing program 0: r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) 09:32:25 executing program 4: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e365d99dfc335cf588132eba1a51d12f95180d319ee1e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab32e07ac5000000000000000032", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) ioctl$TUNSETVNETLE(r0, 0x800454dd, 0x0) 09:32:25 executing program 2: prctl$PR_SET_KEEPCAPS(0x8, 0x1) 09:32:25 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x4) 09:32:25 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setstatus(r0, 0x4, 0x42000) 09:32:25 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x101, 0x0, "fff00500cdb3a84b"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000680)=0xff) 09:32:25 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x6, 0x0, &(0x7f0000000040)) 09:32:25 executing program 6: perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:32:25 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x101, 0x0, "fff00500cdb3a84b"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000680)=0xff) 09:32:25 executing program 0: r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) 09:32:25 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setstatus(r0, 0x4, 0x42000) 09:32:25 executing program 5: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x0, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0xc5, 0xffffffffffffffff, {0x5}}, './file0\x00'}) 09:32:25 executing program 3: perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:32:25 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setstatus(r0, 0x4, 0x42000) 09:32:25 executing program 4: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e365d99dfc335cf588132eba1a51d12f95180d319ee1e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab32e07ac5000000000000000032", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) ioctl$TUNSETVNETLE(r0, 0x800454dd, 0x0) 09:32:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000003900)={0x0, 0x0, &(0x7f00000038c0)={&(0x7f0000003880)={0x14}, 0x14}}, 0x0) execveat(0xffffffffffffffff, &(0x7f0000003940)='./file0\x00', 0x0, 0x0, 0x800) [ 120.072677] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI [ 120.072697] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 120.072714] CPU: 0 UID: 0 PID: 3961 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 120.072733] Tainted: [W]=WARN [ 120.072737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 120.072745] RIP: 0010:perf_tp_event+0x175/0xe70 [ 120.072800] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 120.072813] RSP: 0018:ffff888046167800 EFLAGS: 00010212 [ 120.072825] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 120.072834] RDX: ffff8880447cd280 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 120.072842] RBP: ffff888046167a70 R08: ffff88806ce31340 R09: ffffe8ffffc15b10 [ 120.072851] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 120.072859] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 120.072869] FS: 000055557117c400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 120.072880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.072889] CR2: 000055557117dc18 CR3: 000000000a2bb000 CR4: 0000000000350ef0 [ 120.072897] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 120.072904] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 120.072912] Call Trace: [ 120.072916] [ 120.072925] ? arch_scale_cpu_capacity+0x17/0xa0 [ 120.072948] ? __pfx_perf_tp_event+0x10/0x10 [ 120.072964] ? __asan_memset+0x24/0x50 [ 120.072992] ? perf_trace_lock+0xb5/0x5d0 [ 120.073010] ? kvm_sched_clock_read+0x16/0x30 [ 120.073030] ? sched_clock+0x37/0x60 [ 120.073047] ? sched_clock_cpu+0x6c/0x4e0 [ 120.073063] ? lock_is_held_type+0x9e/0x120 [ 120.073084] ? perf_trace_run_bpf_submit+0xef/0x180 [ 120.073101] perf_trace_run_bpf_submit+0xef/0x180 [ 120.073121] perf_trace_lock+0x337/0x5d0 [ 120.073139] ? __pfx_perf_trace_lock+0x10/0x10 [ 120.073155] ? lock_acquire+0x15e/0x2f0 [ 120.073170] ? futex_ref_get+0x48/0x300 [ 120.073186] ? futex_ref_get+0x114/0x300 [ 120.073198] ? futex_hash+0x15c/0x390 [ 120.073211] lock_release+0x1ab/0x290 [ 120.073226] ? futex_hash+0x15c/0x390 [ 120.073237] futex_ref_get+0x119/0x300 [ 120.073250] ? futex_hash+0x15c/0x390 [ 120.073260] futex_hash+0x70/0x390 [ 120.073274] futex_wake+0x143/0x540 [ 120.073291] ? put_pid+0x1f/0x30 [ 120.073304] ? kernel_clone+0x204/0x7f0 [ 120.073317] ? __pfx_futex_wake+0x10/0x10 [ 120.073333] ? __pfx_kernel_clone+0x10/0x10 [ 120.073348] ? perf_trace_lock+0xb5/0x5d0 [ 120.073365] do_futex+0x26d/0x370 [ 120.073380] ? __pfx_do_futex+0x10/0x10 [ 120.073395] ? __pfx___do_sys_clone+0x10/0x10 [ 120.073407] ? find_held_lock+0x2b/0x80 [ 120.073428] __x64_sys_futex+0x1c9/0x4d0 [ 120.073444] ? __pfx___x64_sys_futex+0x10/0x10 [ 120.073461] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 120.073478] do_syscall_64+0xbf/0x360 [ 120.073492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.073505] RIP: 0033:0x7f1505b85b19 [ 120.073514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.073525] RSP: 002b:00007ffe07ebf2b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 120.073537] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1505b85b19 [ 120.073545] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1505c98f68 [ 120.073553] RBP: 00007f1505c98f60 R08: 00007f15030fb700 R09: 0000000000000000 [ 120.073561] R10: 00007f15030fb700 R11: 0000000000000246 R12: 00007f1505c9d108 [ 120.073568] R13: 00007ffe07ebf3c0 R14: 00007f1505c98f60 R15: 000000000001d49b [ 120.073584] [ 120.073588] Modules linked in: [ 120.073621] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 120.073634] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 120.073646] CPU: 0 UID: 0 PID: 3961 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 120.073664] Tainted: [D]=DIE, [W]=WARN [ 120.073668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 120.073675] RIP: 0010:perf_tp_event+0x175/0xe70 [ 120.073691] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 120.073702] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012 [ 120.073712] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 120.073719] RDX: ffff8880447cd280 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 120.073727] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc15b10 [ 120.073735] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000 [ 120.073742] R13: 0000000000000024 R14: ffff88806ce31490 R15: dffffc0000000000 [ 120.073751] FS: 000055557117c400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 120.073762] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.073769] CR2: 000055557117dc18 CR3: 000000000a2bb000 CR4: 0000000000350ef0 [ 120.073776] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 120.073783] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 120.073790] Call Trace: [ 120.073794] [ 120.073803] ? __pfx_perf_tp_event+0x10/0x10 [ 120.073821] ? stack_depot_save_flags+0x2c/0xa20 [ 120.073836] ? __pfx___tcp_transmit_skb+0x10/0x10 [ 120.073856] ? kasan_save_stack+0x34/0x50 [ 120.073870] ? kasan_save_stack+0x24/0x50 [ 120.073883] ? kasan_save_track+0x14/0x30 [ 120.073896] ? __kasan_save_free_info+0x3a/0x60 [ 120.073907] ? __kasan_slab_free+0x3f/0x50 [ 120.073921] ? kmem_cache_free+0x2a1/0x540 [ 120.073932] ? rcu_core+0x7c8/0x1800 [ 120.073946] ? handle_softirqs+0x1b1/0x770 [ 120.073963] ? __irq_exit_rcu+0xc4/0x100 [ 120.073979] ? irq_exit_rcu+0x9/0x20 [ 120.073989] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 120.074004] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 120.074016] ? lock_release+0x1a0/0x290 [ 120.074028] ? unwind_next_frame+0x3b7/0x2540 [ 120.074045] ? arch_stack_walk+0x86/0xf0 [ 120.074056] ? stack_trace_save+0x8e/0xc0 [ 120.074070] ? set_track_prepare+0x35/0x70 [ 120.074085] ? __alloc_object+0xf0/0x2c0 [ 120.074100] ? __create_object+0x1d/0x80 [ 120.074114] ? kmem_cache_alloc_noprof+0x414/0x690 [ 120.074126] ? __anon_vma_prepare+0xae/0x590 [ 120.074142] ? __vmf_anon_prepare+0x11f/0x250 [ 120.074158] ? __handle_mm_fault+0x13dd/0x3260 [ 120.074174] ? handle_mm_fault+0x2c3/0x9b0 [ 120.074189] ? do_user_addr_fault+0x4fa/0xeb0 [ 120.074203] ? exc_page_fault+0xb0/0x180 [ 120.074217] ? asm_exc_page_fault+0x26/0x30 [ 120.074229] ? lock_is_held_type+0x9e/0x120 [ 120.074248] ? perf_trace_run_bpf_submit+0xef/0x180 [ 120.074264] perf_trace_run_bpf_submit+0xef/0x180 [ 120.074283] perf_trace_lock+0x337/0x5d0 [ 120.074299] ? __pfx_perf_trace_lock+0x10/0x10 [ 120.074313] ? check_preempt_wakeup_fair+0x6e/0x950 [ 120.074330] ? sched_ttwu_pending+0x2e0/0x4a0 [ 120.074348] lock_release+0x1ab/0x290 [ 120.074360] ? ttwu_do_activate+0x1a4/0x8a0 [ 120.074377] _raw_spin_unlock+0x16/0x40 [ 120.074393] sched_ttwu_pending+0x2e0/0x4a0 [ 120.074410] ? __pfx_try_to_wake_up+0x10/0x10 [ 120.074426] ? __pfx_sched_ttwu_pending+0x10/0x10 [ 120.074447] __flush_smp_call_function_queue+0x434/0x740 [ 120.074469] __sysvec_call_function_single+0x6d/0x370 [ 120.074488] sysvec_call_function_single+0xa1/0xc0 [ 120.074504] [ 120.074508] [ 120.074513] asm_sysvec_call_function_single+0x1a/0x20 [ 120.074525] RIP: 0010:oops_exit+0x0/0x50 [ 120.074539] Code: 00 3a 00 be ff ff ff ff 48 c7 c7 50 b4 43 86 e8 c6 0f f9 ff 5b e9 50 00 3a 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 36 00 3a 00 8b 1d c0 3d 4f 06 31 ff 89 de e8 57 [ 120.074549] RSP: 0018:ffff888046167690 EFLAGS: 00000202 [ 120.074559] RAX: 0000000000000000 RBX: 0000000000000293 RCX: ffffffff8139f06f [ 120.074566] RDX: ffff8880447cd280 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 120.074573] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f12690 [ 120.074580] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888046167758 [ 120.074587] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000 [ 120.074598] ? add_taint+0x5f/0xd0 [ 120.074612] ? oops_end+0x4a/0xe0 [ 120.074631] oops_end+0x65/0xe0 [ 120.074647] exc_general_protection+0x1a2/0x330 [ 120.074666] asm_exc_general_protection+0x26/0x30 [ 120.074678] RIP: 0010:perf_tp_event+0x175/0xe70 [ 120.074692] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 120.074703] RSP: 0018:ffff888046167800 EFLAGS: 00010212 [ 120.074712] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 120.074719] RDX: ffff8880447cd280 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 120.074727] RBP: ffff888046167a70 R08: ffff88806ce31340 R09: ffffe8ffffc15b10 [ 120.074735] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 120.074742] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 120.074754] ? perf_tp_event+0x167/0xe70 [ 120.074773] ? arch_scale_cpu_capacity+0x17/0xa0 [ 120.074791] ? __pfx_perf_tp_event+0x10/0x10 [ 120.074805] ? __asan_memset+0x24/0x50 [ 120.074829] ? perf_trace_lock+0xb5/0x5d0 [ 120.074844] ? kvm_sched_clock_read+0x16/0x30 [ 120.074859] ? sched_clock+0x37/0x60 [ 120.074873] ? sched_clock_cpu+0x6c/0x4e0 [ 120.074887] ? lock_is_held_type+0x9e/0x120 [ 120.074905] ? perf_trace_run_bpf_submit+0xef/0x180 [ 120.074921] perf_trace_run_bpf_submit+0xef/0x180 [ 120.074939] perf_trace_lock+0x337/0x5d0 [ 120.074955] ? __pfx_perf_trace_lock+0x10/0x10 [ 120.074970] ? lock_acquire+0x15e/0x2f0 [ 120.074982] ? futex_ref_get+0x48/0x300 [ 120.074993] ? futex_ref_get+0x114/0x300 [ 120.075003] ? futex_hash+0x15c/0x390 [ 120.075014] lock_release+0x1ab/0x290 [ 120.075027] ? futex_hash+0x15c/0x390 [ 120.075038] futex_ref_get+0x119/0x300 [ 120.075049] ? futex_hash+0x15c/0x390 [ 120.075059] futex_hash+0x70/0x390 [ 120.075071] futex_wake+0x143/0x540 [ 120.075086] ? put_pid+0x1f/0x30 [ 120.075096] ? kernel_clone+0x204/0x7f0 [ 120.075107] ? __pfx_futex_wake+0x10/0x10 [ 120.075122] ? __pfx_kernel_clone+0x10/0x10 [ 120.075136] ? perf_trace_lock+0xb5/0x5d0 [ 120.075151] do_futex+0x26d/0x370 [ 120.075165] ? __pfx_do_futex+0x10/0x10 [ 120.075178] ? __pfx___do_sys_clone+0x10/0x10 [ 120.075189] ? find_held_lock+0x2b/0x80 [ 120.075207] __x64_sys_futex+0x1c9/0x4d0 [ 120.075222] ? __pfx___x64_sys_futex+0x10/0x10 [ 120.075238] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 120.075252] do_syscall_64+0xbf/0x360 [ 120.075263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.075274] RIP: 0033:0x7f1505b85b19 [ 120.075282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.075293] RSP: 002b:00007ffe07ebf2b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 120.075303] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1505b85b19 [ 120.075311] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1505c98f68 [ 120.075318] RBP: 00007f1505c98f60 R08: 00007f15030fb700 R09: 0000000000000000 [ 120.075325] R10: 00007f15030fb700 R11: 0000000000000246 R12: 00007f1505c9d108 [ 120.075332] R13: 00007ffe07ebf3c0 R14: 00007f1505c98f60 R15: 000000000001d49b [ 120.075347] [ 120.075351] Modules linked in: [ 120.075359] ---[ end trace 0000000000000000 ]--- [ 120.075364] RIP: 0010:perf_tp_event+0x175/0xe70 [ 120.075379] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 120.075389] RSP: 0018:ffff888046167800 EFLAGS: 00010212 [ 120.075398] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 120.075405] RDX: ffff8880447cd280 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 120.075413] RBP: ffff888046167a70 R08: ffff88806ce31340 R09: ffffe8ffffc15b10 [ 120.075421] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 120.075427] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 120.075437] FS: 000055557117c400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 120.075447] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.075455] CR2: 000055557117dc18 CR3: 000000000a2bb000 CR4: 0000000000350ef0 [ 120.075462] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 120.075468] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 120.075477] Kernel panic - not syncing: Fatal exception in interrupt [ 120.075687] Kernel Offset: disabled [ 120.175506] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 09:32:26 Registers: info registers vcpu 0 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88806ce08510 R8 =0000000000000000 R9 =ffffed10016bc046 R10=0000000000000030 R11=30376578302f4952 R12=0000000000000030 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055557117c400 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe4400000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055557117dc18 CR3=000000000a2bb000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f1505c6c7c000007f1505c6c7c8 XMM02=00007f1505c6c7e000007f1505c6c7c0 XMM03=00007f1505c6c7c800007f1505c6c7c0 XMM04=320000000000000000c57ae032ab8503 XMM05=4ebcf945b07ce40af01c4533dba468f2 XMM06=773d043b4207ca66761eee19d38051f9 XMM07=121da5a1eb328158cf35c3df995d362e XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000080010000 RBX=0000000000000000 RCX=ffffffff812c6331 RDX=ffff888044643700 RSI=ffffffff812c6379 RDI=ffffffff8787dd20 RBP=0000000000000001 RSP=ffff88806cf08fd0 R8 =0000000000000001 R9 =fffffbfff0f0fba4 R10=ffffffff8787dd27 R11=ffff88806cf08ff8 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff812c637a RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 000055558d66c400 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe3b00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2cf20000 CR3=0000000044de9000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000