Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:3908' (ECDSA) to the list of known hosts. 2025/09/01 09:38:29 fuzzer started 2025/09/01 09:38:30 dialing manager at localhost:35473 syzkaller login: [ 59.561021] cgroup: Unknown subsys name 'net' [ 59.588057] cgroup: Unknown subsys name 'cpuset' [ 59.595065] cgroup: Unknown subsys name 'rlimit' 2025/09/01 09:38:40 syscalls: 2214 2025/09/01 09:38:40 code coverage: enabled 2025/09/01 09:38:40 comparison tracing: enabled 2025/09/01 09:38:40 extra coverage: enabled 2025/09/01 09:38:40 setuid sandbox: enabled 2025/09/01 09:38:40 namespace sandbox: enabled 2025/09/01 09:38:40 Android sandbox: enabled 2025/09/01 09:38:40 fault injection: enabled 2025/09/01 09:38:40 leak checking: enabled 2025/09/01 09:38:40 net packet injection: enabled 2025/09/01 09:38:40 net device setup: enabled 2025/09/01 09:38:40 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 09:38:40 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 09:38:40 USB emulation: enabled 2025/09/01 09:38:40 hci packet injection: enabled 2025/09/01 09:38:40 wifi device emulation: enabled 2025/09/01 09:38:40 802.15.4 emulation: enabled 2025/09/01 09:38:40 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 09:38:40 fetching corpus: 50, signal 22624/26020 (executing program) 2025/09/01 09:38:40 fetching corpus: 100, signal 36472/41012 (executing program) 2025/09/01 09:38:40 fetching corpus: 150, signal 43256/48947 (executing program) 2025/09/01 09:38:40 fetching corpus: 200, signal 53237/59735 (executing program) 2025/09/01 09:38:41 fetching corpus: 250, signal 57014/64506 (executing program) 2025/09/01 09:38:41 fetching corpus: 300, signal 62624/70828 (executing program) 2025/09/01 09:38:41 fetching corpus: 350, signal 66426/75445 (executing program) 2025/09/01 09:38:41 fetching corpus: 400, signal 69328/79120 (executing program) 2025/09/01 09:38:41 fetching corpus: 450, signal 71924/82466 (executing program) 2025/09/01 09:38:41 fetching corpus: 500, signal 77110/87944 (executing program) 2025/09/01 09:38:41 fetching corpus: 550, signal 79096/90617 (executing program) 2025/09/01 09:38:41 fetching corpus: 600, signal 80885/93001 (executing program) 2025/09/01 09:38:41 fetching corpus: 650, signal 83925/96454 (executing program) 2025/09/01 09:38:41 fetching corpus: 700, signal 87287/100049 (executing program) 2025/09/01 09:38:42 fetching corpus: 750, signal 89176/102358 (executing program) 2025/09/01 09:38:42 fetching corpus: 800, signal 91660/105169 (executing program) 2025/09/01 09:38:42 fetching corpus: 850, signal 93349/107276 (executing program) 2025/09/01 09:38:42 fetching corpus: 900, signal 95311/109522 (executing program) 2025/09/01 09:38:42 fetching corpus: 950, signal 96906/111452 (executing program) 2025/09/01 09:38:42 fetching corpus: 1000, signal 98863/113633 (executing program) 2025/09/01 09:38:42 fetching corpus: 1050, signal 100239/115325 (executing program) 2025/09/01 09:38:42 fetching corpus: 1100, signal 101718/117068 (executing program) 2025/09/01 09:38:42 fetching corpus: 1150, signal 103344/118849 (executing program) 2025/09/01 09:38:42 fetching corpus: 1200, signal 105006/120603 (executing program) 2025/09/01 09:38:43 fetching corpus: 1250, signal 106408/122160 (executing program) 2025/09/01 09:38:43 fetching corpus: 1300, signal 108369/124034 (executing program) 2025/09/01 09:38:43 fetching corpus: 1350, signal 109424/125304 (executing program) 2025/09/01 09:38:43 fetching corpus: 1400, signal 110350/126423 (executing program) 2025/09/01 09:38:43 fetching corpus: 1450, signal 111268/127564 (executing program) 2025/09/01 09:38:43 fetching corpus: 1500, signal 112429/128820 (executing program) 2025/09/01 09:38:43 fetching corpus: 1550, signal 113846/130166 (executing program) 2025/09/01 09:38:43 fetching corpus: 1600, signal 114750/131211 (executing program) 2025/09/01 09:38:43 fetching corpus: 1650, signal 115820/132265 (executing program) 2025/09/01 09:38:43 fetching corpus: 1700, signal 116758/133236 (executing program) 2025/09/01 09:38:44 fetching corpus: 1750, signal 118059/134407 (executing program) 2025/09/01 09:38:44 fetching corpus: 1800, signal 118873/135267 (executing program) 2025/09/01 09:38:44 fetching corpus: 1850, signal 120000/136281 (executing program) 2025/09/01 09:38:44 fetching corpus: 1900, signal 121241/137338 (executing program) 2025/09/01 09:38:44 fetching corpus: 1950, signal 122249/138230 (executing program) 2025/09/01 09:38:44 fetching corpus: 2000, signal 123151/139116 (executing program) 2025/09/01 09:38:44 fetching corpus: 2050, signal 125468/140546 (executing program) 2025/09/01 09:38:44 fetching corpus: 2100, signal 126128/141203 (executing program) 2025/09/01 09:38:44 fetching corpus: 2150, signal 127283/142067 (executing program) 2025/09/01 09:38:44 fetching corpus: 2200, signal 128689/142952 (executing program) 2025/09/01 09:38:45 fetching corpus: 2250, signal 129374/143550 (executing program) 2025/09/01 09:38:45 fetching corpus: 2300, signal 130331/144239 (executing program) 2025/09/01 09:38:45 fetching corpus: 2350, signal 130894/144752 (executing program) 2025/09/01 09:38:45 fetching corpus: 2400, signal 131524/145333 (executing program) 2025/09/01 09:38:45 fetching corpus: 2450, signal 132389/145919 (executing program) 2025/09/01 09:38:45 fetching corpus: 2500, signal 133021/146404 (executing program) 2025/09/01 09:38:45 fetching corpus: 2550, signal 134075/147040 (executing program) 2025/09/01 09:38:45 fetching corpus: 2600, signal 135154/147628 (executing program) 2025/09/01 09:38:45 fetching corpus: 2650, signal 135868/148079 (executing program) 2025/09/01 09:38:45 fetching corpus: 2700, signal 136880/148646 (executing program) 2025/09/01 09:38:45 fetching corpus: 2750, signal 137411/149055 (executing program) 2025/09/01 09:38:46 fetching corpus: 2800, signal 138355/149498 (executing program) 2025/09/01 09:38:46 fetching corpus: 2850, signal 139222/149941 (executing program) 2025/09/01 09:38:46 fetching corpus: 2900, signal 139817/150279 (executing program) 2025/09/01 09:38:46 fetching corpus: 2950, signal 140545/150629 (executing program) 2025/09/01 09:38:46 fetching corpus: 3000, signal 141063/150907 (executing program) 2025/09/01 09:38:46 fetching corpus: 3050, signal 141644/151181 (executing program) 2025/09/01 09:38:46 fetching corpus: 3100, signal 142060/151393 (executing program) 2025/09/01 09:38:46 fetching corpus: 3150, signal 142576/151614 (executing program) 2025/09/01 09:38:46 fetching corpus: 3200, signal 143525/151932 (executing program) 2025/09/01 09:38:46 fetching corpus: 3250, signal 144407/152236 (executing program) 2025/09/01 09:38:47 fetching corpus: 3300, signal 145009/152480 (executing program) 2025/09/01 09:38:47 fetching corpus: 3350, signal 145437/152651 (executing program) 2025/09/01 09:38:47 fetching corpus: 3400, signal 146057/152831 (executing program) 2025/09/01 09:38:47 fetching corpus: 3450, signal 146502/152976 (executing program) 2025/09/01 09:38:47 fetching corpus: 3500, signal 147059/153120 (executing program) 2025/09/01 09:38:47 fetching corpus: 3550, signal 147625/153247 (executing program) 2025/09/01 09:38:47 fetching corpus: 3600, signal 148147/153335 (executing program) 2025/09/01 09:38:47 fetching corpus: 3650, signal 148875/153422 (executing program) 2025/09/01 09:38:47 fetching corpus: 3700, signal 149425/153594 (executing program) 2025/09/01 09:38:47 fetching corpus: 3750, signal 150554/153687 (executing program) 2025/09/01 09:38:47 fetching corpus: 3755, signal 150598/153687 (executing program) 2025/09/01 09:38:47 fetching corpus: 3755, signal 150598/153687 (executing program) 2025/09/01 09:38:50 starting 8 fuzzer processes 09:38:50 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) faccessat(0xffffffffffffffff, 0x0, 0x0) 09:38:50 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000001b80)='(\xc8\xf5\x82j\xca', 0x0) mmap(&(0x7f0000ff2000/0xc000)=nil, 0xc000, 0x0, 0x11, r0, 0x0) mbind(&(0x7f0000ff3000/0x1000)=nil, 0x1000, 0x2, &(0x7f0000000180)=0x3, 0x7, 0x0) 09:38:50 executing program 7: syz_emit_ethernet(0x3e, &(0x7f0000000100)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c770cc", 0x8, 0x3a, 0xff, @empty, @mcast2, {[], @ndisc_rs}}}}}, 0x0) 09:38:50 executing program 1: syz_mount_image$tmpfs(&(0x7f00000007c0), &(0x7f0000000800)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)={[], [{@uid_gt={'uid>', 0xffffffffffffffff}}]}) 09:38:50 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="a20e73f1b1812c8df69b5b", 0xb}], 0x1) 09:38:50 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040)) 09:38:50 executing program 3: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x400, 0x1) chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xee00) 09:38:50 executing program 6: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x5) setuid(r2) open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10}, 0x10040) [ 79.797805] audit: type=1400 audit(1756719530.381:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 81.005897] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 81.011376] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 81.013480] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 81.017445] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 81.019894] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 81.066008] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 81.070531] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 81.074793] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 81.079819] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 81.082700] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 81.222608] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 81.227657] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 81.228883] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 81.230819] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 81.232725] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 81.238544] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 81.240570] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 81.242393] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 81.244832] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 81.248086] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 81.252236] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 81.255750] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 81.258920] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 81.263786] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 81.266689] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 81.271336] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 81.272891] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 81.276423] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 81.278768] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 81.281584] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 81.283784] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 81.287300] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 81.289540] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 81.290913] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 81.297862] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 81.301645] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 81.303419] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 81.311285] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 81.311724] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 81.324345] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 83.038853] Bluetooth: hci0: command tx timeout [ 83.103451] Bluetooth: hci1: command tx timeout [ 83.358059] Bluetooth: hci4: command tx timeout [ 83.359179] Bluetooth: hci2: command tx timeout [ 83.359214] Bluetooth: hci3: command tx timeout [ 83.360193] Bluetooth: hci6: command tx timeout [ 83.421275] Bluetooth: hci7: command tx timeout [ 83.422442] Bluetooth: hci5: command tx timeout [ 85.086073] Bluetooth: hci0: command tx timeout [ 85.149217] Bluetooth: hci1: command tx timeout [ 85.405235] Bluetooth: hci6: command tx timeout [ 85.405801] Bluetooth: hci4: command tx timeout [ 85.406954] Bluetooth: hci3: command tx timeout [ 85.407507] Bluetooth: hci2: command tx timeout [ 85.469293] Bluetooth: hci5: command tx timeout [ 85.469798] Bluetooth: hci7: command tx timeout [ 87.133156] Bluetooth: hci0: command tx timeout [ 87.197244] Bluetooth: hci1: command tx timeout [ 87.453345] Bluetooth: hci3: command tx timeout [ 87.453842] Bluetooth: hci2: command tx timeout [ 87.454445] Bluetooth: hci4: command tx timeout [ 87.454879] Bluetooth: hci6: command tx timeout [ 87.517173] Bluetooth: hci5: command tx timeout [ 87.517683] Bluetooth: hci7: command tx timeout [ 89.181174] Bluetooth: hci0: command tx timeout [ 89.245236] Bluetooth: hci1: command tx timeout [ 89.501304] Bluetooth: hci4: command tx timeout [ 89.501787] Bluetooth: hci2: command tx timeout [ 89.502346] Bluetooth: hci6: command tx timeout [ 89.502736] Bluetooth: hci3: command tx timeout [ 89.565305] Bluetooth: hci7: command tx timeout [ 89.565699] Bluetooth: hci5: command tx timeout [ 119.041720] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.042495] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.243365] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.244019] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.706966] audit: type=1400 audit(1756719570.291:8): avc: denied { open } for pid=3697 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.723251] audit: type=1400 audit(1756719570.291:9): avc: denied { kernel } for pid=3697 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 09:39:30 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000001b80)='(\xc8\xf5\x82j\xca', 0x0) mmap(&(0x7f0000ff2000/0xc000)=nil, 0xc000, 0x0, 0x11, r0, 0x0) mbind(&(0x7f0000ff3000/0x1000)=nil, 0x1000, 0x2, &(0x7f0000000180)=0x3, 0x7, 0x0) 09:39:30 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000001b80)='(\xc8\xf5\x82j\xca', 0x0) mmap(&(0x7f0000ff2000/0xc000)=nil, 0xc000, 0x0, 0x11, r0, 0x0) mbind(&(0x7f0000ff3000/0x1000)=nil, 0x1000, 0x2, &(0x7f0000000180)=0x3, 0x7, 0x0) 09:39:30 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000001b80)='(\xc8\xf5\x82j\xca', 0x0) mmap(&(0x7f0000ff2000/0xc000)=nil, 0xc000, 0x0, 0x11, r0, 0x0) mbind(&(0x7f0000ff3000/0x1000)=nil, 0x1000, 0x2, &(0x7f0000000180)=0x3, 0x7, 0x0) [ 120.286772] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.287401] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.434477] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.435317] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:39:31 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000000c0)={0x15}) [ 120.535375] EXT4-fs warning (device sda): verify_group_input:136: Cannot add at group 21 (only 16 groups) 09:39:31 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000000c0)={0x15}) [ 120.732132] EXT4-fs warning (device sda): verify_group_input:136: Cannot add at group 21 (only 16 groups) 09:39:31 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000000c0)={0x15}) 09:39:31 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040)) [ 120.948145] EXT4-fs warning (device sda): verify_group_input:136: Cannot add at group 21 (only 16 groups) 09:39:31 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000000c0)={0x15}) [ 121.081685] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.082652] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.106583] EXT4-fs warning (device sda): verify_group_input:136: Cannot add at group 21 (only 16 groups) [ 121.199084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.199698] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.417976] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.418641] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.492357] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.492961] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.902272] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.902904] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.919706] tmpfs: Unknown parameter 'uid>18446744073709551615' [ 121.924447] tmpfs: Unknown parameter 'uid>18446744073709551615' [ 122.040059] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.041414] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.326199] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.327597] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.404315] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.407151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.544843] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.545968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.624789] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.626620] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.824792] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.825462] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.846335] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.846906] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:39:33 executing program 6: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x5) setuid(r2) open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10}, 0x10040) 09:39:33 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x4000000000, 0x2010e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_bp={0x0}, 0x8891}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:39:33 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="a20e73f1b1812c8df69b5b", 0xb}], 0x1) 09:39:33 executing program 1: syz_mount_image$tmpfs(&(0x7f00000007c0), &(0x7f0000000800)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)={[], [{@uid_gt={'uid>', 0xffffffffffffffff}}]}) 09:39:33 executing program 3: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x400, 0x1) chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xee00) 09:39:33 executing program 7: syz_emit_ethernet(0x3e, &(0x7f0000000100)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c770cc", 0x8, 0x3a, 0xff, @empty, @mcast2, {[], @ndisc_rs}}}}}, 0x0) 09:39:33 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040)) 09:39:33 executing program 4: socket$inet6(0xa, 0x2, 0x1) [ 123.103078] tmpfs: Unknown parameter 'uid>18446744073709551615' 09:39:33 executing program 1: syz_mount_image$tmpfs(&(0x7f00000007c0), &(0x7f0000000800)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)={[], [{@uid_gt={'uid>', 0xffffffffffffffff}}]}) 09:39:33 executing program 3: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x400, 0x1) chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xee00) 09:39:33 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040)) [ 123.216912] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI [ 123.217869] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] 09:39:33 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="a20e73f1b1812c8df69b5b", 0xb}], 0x1) [ 123.218561] CPU: 0 UID: 0 PID: 3937 Comm: syz-executor.3 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 123.220459] Tainted: [W]=WARN [ 123.221219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 123.222776] RIP: 0010:perf_tp_event+0x175/0xe70 [ 123.223669] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 123.227665] RSP: 0018:ffff8880192af600 EFLAGS: 00010212 [ 123.228827] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90005001000 [ 123.229391] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 123.229953] RBP: ffff8880192af870 R08: ffff88806ce31340 R09: ffffe8ffffc16bb0 [ 123.230514] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 123.231073] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 123.231636] FS: 00007f3c8b12c700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 123.232266] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.232740] CR2: 0000000020000040 CR3: 000000000de3d000 CR4: 0000000000350ef0 [ 123.233308] Call Trace: [ 123.233519] [ 123.233712] ? __pfx_perf_tp_event+0x10/0x10 [ 123.234106] ? perf_trace_run_bpf_submit+0xef/0x180 [ 123.234509] perf_trace_run_bpf_submit+0xef/0x180 [ 123.234902] perf_trace_lock+0x337/0x5d0 [ 123.235237] ? __pfx_perf_trace_lock+0x10/0x10 [ 123.235610] ? lock_acquire+0x15e/0x2f0 [ 123.235930] ? futex_ref_get+0x48/0x300 [ 123.236252] ? futex_ref_get+0x114/0x300 [ 123.236592] ? futex_hash+0x15c/0x390 [ 123.236906] lock_release+0x1ab/0x290 [ 123.237221] ? futex_hash+0x15c/0x390 [ 123.237538] futex_ref_get+0x119/0x300 [ 123.237864] ? futex_hash+0x15c/0x390 [ 123.238188] futex_hash+0x70/0x390 [ 123.238499] futex_wait_setup+0xae/0x550 [ 123.238855] __futex_wait+0x151/0x300 [ 123.239184] ? __pfx___futex_wait+0x10/0x10 [ 123.239559] ? __pfx_futex_wake_mark+0x10/0x10 [ 123.239962] futex_wait+0xde/0x380 [ 123.240271] ? __pfx_futex_wait+0x10/0x10 [ 123.240633] ? perf_trace_lock+0xb5/0x5d0 [ 123.240990] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 123.241436] do_futex+0x2ee/0x370 [ 123.241734] ? __pfx_do_futex+0x10/0x10 [ 123.242075] ? do_raw_spin_lock+0x123/0x260 [ 123.242450] __x64_sys_futex+0x1c9/0x4d0 [ 123.242799] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 123.243245] ? __pfx___x64_sys_futex+0x10/0x10 [ 123.243634] ? kcov_ioctl+0x386/0x6c0 [ 123.243961] ? fput+0x6a/0x100 [ 123.244248] do_syscall_64+0xbf/0x360 [ 123.244584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.245022] RIP: 0033:0x7f3c8dbb6b19 [ 123.245336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.246832] RSP: 002b:00007f3c8b12c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.247459] RAX: ffffffffffffffda RBX: 00007f3c8dcc9f68 RCX: 00007f3c8dbb6b19 [ 123.248054] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3c8dcc9f68 [ 123.248648] RBP: 00007f3c8dcc9f60 R08: 00007f3c8b12c700 R09: 0000000000000000 [ 123.249244] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3c8dcc9f6c [ 123.249836] R13: 00007ffcc00bcccf R14: 00007f3c8b12c300 R15: 0000000000022000 [ 123.250446] [ 123.250647] Modules linked in: [ 123.251734] ---[ end trace 0000000000000000 ]--- [ 123.252893] RIP: 0010:perf_tp_event+0x175/0xe70 [ 123.253363] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 123.254927] RSP: 0018:ffff8880192af600 EFLAGS: 00010212 [ 123.255388] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90005001000 [ 123.255985] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 123.256591] RBP: ffff8880192af870 R08: ffff88806ce31340 R09: ffffe8ffffc16bb0 [ 123.257202] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 123.257798] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 123.258406] FS: 00007f3c8b12c700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 123.259070] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.259569] CR2: 0000000020000040 CR3: 000000000de3d000 CR4: 0000000000350ef0 [ 123.260173] note: syz-executor.3[3937] exited with preempt_count 1 [ 123.260692] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51 [ 123.261441] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 3937, name: syz-executor.3 [ 123.262160] preempt_count: 0, expected: 0 [ 123.262511] RCU nest depth: 2, expected: 0 [ 123.262864] INFO: lockdep is turned off. [ 123.263215] CPU: 0 UID: 0 PID: 3937 Comm: syz-executor.3 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 123.263234] Tainted: [D]=DIE, [W]=WARN [ 123.263238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 123.263244] Call Trace: [ 123.263248] [ 123.263252] dump_stack_lvl+0xfa/0x120 [ 123.263272] __might_resched+0x2f3/0x510 [ 123.263287] exit_signals+0x25/0x940 [ 123.263305] do_exit+0x2db/0x2970 [ 123.263319] ? _printk+0xbe/0xf0 [ 123.263332] ? __pfx__printk+0x10/0x10 [ 123.263344] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 123.263357] ? __pfx_do_exit+0x10/0x10 [ 123.263369] ? kcov_ioctl+0x386/0x6c0 [ 123.263384] make_task_dead+0x174/0x3b0 [ 123.263397] ? do_syscall_64+0xbf/0x360 [ 123.263409] rewind_stack_and_make_dead+0x16/0x20 [ 123.263425] RIP: 0033:0x7f3c8dbb6b19 [ 123.263433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.263444] RSP: 002b:00007f3c8b12c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.263455] RAX: ffffffffffffffda RBX: 00007f3c8dcc9f68 RCX: 00007f3c8dbb6b19 [ 123.263462] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3c8dcc9f68 [ 123.263469] RBP: 00007f3c8dcc9f60 R08: 00007f3c8b12c700 R09: 0000000000000000 [ 123.263477] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3c8dcc9f6c [ 123.263484] R13: 00007ffcc00bcccf R14: 00007f3c8b12c300 R15: 0000000000022000 [ 123.263494] [ 123.290858] tmpfs: Unknown parameter 'uid>18446744073709551615' 09:39:34 executing program 6: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x5) setuid(r2) open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10}, 0x10040) 09:39:34 executing program 5: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f0000000300)) 09:39:34 executing program 7: syz_emit_ethernet(0x3e, &(0x7f0000000100)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c770cc", 0x8, 0x3a, 0xff, @empty, @mcast2, {[], @ndisc_rs}}}}}, 0x0) 09:39:34 executing program 1: syz_mount_image$tmpfs(&(0x7f00000007c0), &(0x7f0000000800)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)={[], [{@uid_gt={'uid>', 0xffffffffffffffff}}]}) 09:39:34 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x4000000000, 0x2010e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_bp={0x0}, 0x8891}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:39:34 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="a20e73f1b1812c8df69b5b", 0xb}], 0x1) 09:39:34 executing program 3: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x400, 0x1) chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xee00) 09:39:34 executing program 4: socket$inet6(0xa, 0x2, 0x1) [ 124.112469] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 124.113432] FAT-fs (loop5): unable to read boot sector [ 124.122675] tmpfs: Unknown parameter 'uid>18446744073709551615' [ 124.154706] kmemleak: Found object by alias at 0x607f1a63ebb8 [ 124.154723] CPU: 0 UID: 0 PID: 3947 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.154743] Tainted: [D]=DIE, [W]=WARN [ 124.154747] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.154754] Call Trace: [ 124.154758] [ 124.154762] dump_stack_lvl+0xca/0x120 [ 124.154789] __lookup_object+0x94/0xb0 [ 124.154806] delete_object_full+0x27/0x70 [ 124.154822] free_percpu+0x30/0x1160 [ 124.154839] ? arch_uprobe_clear_state+0x16/0x140 [ 124.154857] futex_hash_free+0x38/0xc0 [ 124.154870] mmput+0x2d3/0x390 [ 124.154889] do_exit+0x79d/0x2970 [ 124.154902] ? lock_release+0x1c7/0x290 [ 124.154917] ? __pfx_do_exit+0x10/0x10 [ 124.154930] ? do_raw_spin_lock+0x123/0x260 [ 124.154946] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 124.154962] do_group_exit+0xd3/0x2a0 [ 124.154976] get_signal+0x2315/0x2340 [ 124.154995] ? __call_rcu_common.constprop.0+0x4c1/0x960 [ 124.155010] ? __pfx_get_signal+0x10/0x10 [ 124.155027] ? do_futex+0x135/0x370 [ 124.155040] ? __pfx_do_futex+0x10/0x10 [ 124.155053] arch_do_signal_or_restart+0x80/0x790 [ 124.155071] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 124.155091] ? __x64_sys_futex+0x1c9/0x4d0 [ 124.155103] ? __x64_sys_futex+0x1d2/0x4d0 [ 124.155117] ? fput_close_sync+0x114/0x240 [ 124.155133] ? __pfx___x64_sys_futex+0x10/0x10 [ 124.155146] ? __pfx_fput_close_sync+0x10/0x10 [ 124.155161] ? dnotify_flush+0x79/0x4c0 [ 124.155174] exit_to_user_mode_loop+0x8b/0x110 [ 124.155186] do_syscall_64+0x2f7/0x360 [ 124.155198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.155210] RIP: 0033:0x7face0cb9b19 [ 124.155219] Code: Unable to access opcode bytes at 0x7face0cb9aef. [ 124.155224] RSP: 002b:00007facde22f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.155236] RAX: fffffffffffffe00 RBX: 00007face0dccf68 RCX: 00007face0cb9b19 [ 124.155244] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007face0dccf68 [ 124.155251] RBP: 00007face0dccf60 R08: 0000000000000000 R09: 0000000000000000 [ 124.155258] R10: 0000000000000000 R11: 0000000000000246 R12: 00007face0dccf6c [ 124.155264] R13: 00007ffd92c3702f R14: 00007facde22f300 R15: 0000000000022000 [ 124.155275] [ 124.155279] kmemleak: Object (percpu) 0x607f1a63ebb0 (size 16): [ 124.155286] kmemleak: comm "syz-executor.5", pid 284, jiffies 4294790876 [ 124.155293] kmemleak: min_count = 1 [ 124.155297] kmemleak: count = 0 [ 124.155300] kmemleak: flags = 0x21 [ 124.155304] kmemleak: checksum = 0 [ 124.155308] kmemleak: backtrace: [ 124.155312] pcpu_alloc_noprof+0x87a/0x1170 [ 124.155327] mm_init+0x99b/0x1170 [ 124.155336] copy_process+0x3ab7/0x73c0 [ 124.155346] kernel_clone+0xea/0x7f0 [ 124.155356] __do_sys_clone+0xce/0x120 [ 124.155366] do_syscall_64+0xbf/0x360 [ 124.155376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.187551] kmemleak: Found object by alias at 0x607f1a63ebc4 [ 124.187562] CPU: 0 UID: 0 PID: 3949 Comm: syz-executor.6 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.187581] Tainted: [D]=DIE, [W]=WARN [ 124.187585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.187591] Call Trace: [ 124.187594] [ 124.187598] dump_stack_lvl+0xca/0x120 [ 124.187616] __lookup_object+0x94/0xb0 [ 124.187631] delete_object_full+0x27/0x70 [ 124.187647] free_percpu+0x30/0x1160 [ 124.187662] ? arch_uprobe_clear_state+0x16/0x140 [ 124.187679] futex_hash_free+0x38/0xc0 [ 124.187691] mmput+0x2d3/0x390 [ 124.187708] do_exit+0x79d/0x2970 [ 124.187720] ? signal_wake_up_state+0x85/0x120 [ 124.187735] ? zap_other_threads+0x2b9/0x3a0 [ 124.187749] ? __pfx_do_exit+0x10/0x10 [ 124.187762] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 124.187777] ? lock_release+0x1c7/0x290 [ 124.187791] do_group_exit+0xd3/0x2a0 [ 124.187805] __x64_sys_exit_group+0x3e/0x50 [ 124.187819] x64_sys_call+0x18c5/0x18d0 [ 124.187833] do_syscall_64+0xbf/0x360 [ 124.187844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.187856] RIP: 0033:0x7f547020bb19 [ 124.187864] Code: Unable to access opcode bytes at 0x7f547020baef. [ 124.187869] RSP: 002b:00007ffcecc82408 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.187880] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f547020bb19 [ 124.187887] RDX: 00007f54701be72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 124.187894] RBP: 0000000000000000 R08: 0000001b2d625868 R09: 0000000000000000 [ 124.187901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 124.187908] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffcecc824f0 [ 124.187918] [ 124.187922] kmemleak: Object (percpu) 0x607f1a63ebc0 (size 8): [ 124.187928] kmemleak: comm "syz-executor.5", pid 3947, jiffies 4294790883 [ 124.187935] kmemleak: min_count = 1 [ 124.187939] kmemleak: count = 0 [ 124.187943] kmemleak: flags = 0x21 [ 124.187947] kmemleak: checksum = 0 [ 124.187950] kmemleak: backtrace: [ 124.187953] pcpu_alloc_noprof+0x87a/0x1170 [ 124.187969] __alloc_workqueue+0x74b/0x1820 [ 124.187987] alloc_workqueue_noprof+0xc7/0x200 [ 124.187996] loop_configure+0xf73/0x1590 [ 124.188011] lo_ioctl+0x66d/0x1c70 [ 124.188024] blkdev_ioctl+0x27c/0x6c0 [ 124.188035] __x64_sys_ioctl+0x18f/0x210 [ 124.188051] do_syscall_64+0xbf/0x360 [ 124.188060] entry_SYSCALL_64_after_hwframe+0x77/0x7f 09:39:34 executing program 7: syz_emit_ethernet(0x3e, &(0x7f0000000100)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c770cc", 0x8, 0x3a, 0xff, @empty, @mcast2, {[], @ndisc_rs}}}}}, 0x0) 09:39:34 executing program 5: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f0000000300)) 09:39:34 executing program 6: r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x5) setuid(r2) open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10}, 0x10040) [ 124.313857] loop2: detected capacity change from 0 to 128 09:39:34 executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) [ 124.316627] kmemleak: Found object by alias at 0x607f1a63ebc4 [ 124.316642] CPU: 0 UID: 0 PID: 3963 Comm: syz-executor.6 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.316661] Tainted: [D]=DIE, [W]=WARN [ 124.316665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.316673] Call Trace: [ 124.316676] [ 124.316680] dump_stack_lvl+0xca/0x120 [ 124.316707] __lookup_object+0x94/0xb0 [ 124.316724] delete_object_full+0x27/0x70 [ 124.316740] free_percpu+0x30/0x1160 [ 124.316757] ? arch_uprobe_clear_state+0x16/0x140 [ 124.316775] futex_hash_free+0x38/0xc0 [ 124.316789] mmput+0x2d3/0x390 [ 124.316807] do_exit+0x79d/0x2970 [ 124.316820] ? signal_wake_up_state+0x85/0x120 [ 124.316836] ? zap_other_threads+0x2b9/0x3a0 [ 124.316851] ? __pfx_do_exit+0x10/0x10 [ 124.316864] ? lock_release+0x1c7/0x290 [ 124.316879] do_group_exit+0xd3/0x2a0 [ 124.316893] __x64_sys_exit_group+0x3e/0x50 [ 124.316907] x64_sys_call+0x18c5/0x18d0 [ 124.316922] do_syscall_64+0xbf/0x360 [ 124.316934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.316946] RIP: 0033:0x7f547020bb19 [ 124.316954] Code: Unable to access opcode bytes at 0x7f547020baef. [ 124.316960] RSP: 002b:00007ffcecc82408 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.316971] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f547020bb19 [ 124.316979] RDX: 00007f54701be72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 124.316986] RBP: 0000000000000000 R08: 0000001b2d6257e4 R09: 0000000000000000 [ 124.316993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 124.316999] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffcecc824f0 [ 124.317010] [ 124.317013] kmemleak: Object (percpu) 0x607f1a63ebc0 (size 8): [ 124.317020] kmemleak: comm "syz-executor.2", pid 3972, jiffies 4294791100 [ 124.317027] kmemleak: min_count = 1 [ 124.317031] kmemleak: count = 0 [ 124.317034] kmemleak: flags = 0x21 [ 124.317038] kmemleak: checksum = 0 [ 124.317042] kmemleak: backtrace: [ 124.317045] pcpu_alloc_noprof+0x87a/0x1170 [ 124.317061] __alloc_workqueue+0x74b/0x1820 [ 124.317079] alloc_workqueue_noprof+0xc7/0x200 [ 124.317093] loop_configure+0xf73/0x1590 [ 124.317109] lo_ioctl+0x66d/0x1c70 [ 124.317122] blkdev_ioctl+0x27c/0x6c0 [ 124.317132] __x64_sys_ioctl+0x18f/0x210 [ 124.317148] do_syscall_64+0xbf/0x360 [ 124.317158] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.333334] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 124.337766] kmemleak: Cannot insert 0x607f1a63ebc4 into the object search tree (overlaps existing) 09:39:34 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000240008000f80100200040000000000000000000800029600c6cf153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ffffffff078000ffffff00"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ffffffff078000ffffff00"/32, 0x20, 0x400}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e980325132510000e980325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000a5e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000a5e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000a5e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000a5e970325132510000e9703251090064000000", 0x120, 0x600}, {&(0x7f0000010500)="2e202020202020202020201000a5e970325132510000e97032510300000000002e2e2020202020202020201000a5e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000a5e970325132510000e970325104001a040000", 0x80, 0x1e00}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x2e00}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x3e00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7e00}], 0x0, &(0x7f0000010d00)) 09:39:34 executing program 1: setresuid(0x0, 0xee01, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, {0x2, 0x0, @multicast2=0xe000000a}, {0x2, 0x0, @dev}, {0x2, 0x0, @broadcast}}) [ 124.337779] CPU: 0 UID: 0 PID: 3972 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.337798] Tainted: [D]=DIE, [W]=WARN [ 124.337802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.337808] Call Trace: [ 124.337811] [ 124.337815] dump_stack_lvl+0xca/0x120 [ 124.337833] __link_object+0x190/0x210 [ 124.337849] __create_object+0x48/0x80 [ 124.337865] pcpu_alloc_noprof+0x87a/0x1170 [ 124.337884] __percpu_init_rwsem+0x2d/0x160 [ 124.337899] ? security_sb_alloc+0x75/0x140 [ 124.337916] alloc_super+0x29e/0xb80 [ 124.337928] ? __pfx_super_s_dev_test+0x10/0x10 [ 124.337944] sget_fc+0xfe/0xb80 [ 124.337955] ? __pfx_super_s_dev_set+0x10/0x10 [ 124.337972] get_tree_bdev_flags+0x1b8/0x620 [ 124.337983] ? __pfx_vfat_fill_super+0x10/0x10 [ 124.337995] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 124.338007] ? cap_capable+0xdb/0x3b0 [ 124.338023] ? security_capable+0x2f/0x90 [ 124.338037] vfs_get_tree+0x93/0x340 [ 124.338059] path_mount+0x132d/0x1dd0 [ 124.338073] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 124.338086] ? __pfx_path_mount+0x10/0x10 [ 124.338099] ? kmem_cache_free+0x2a1/0x540 [ 124.338110] ? putname.part.0+0x11b/0x160 [ 124.338126] ? getname_flags.part.0+0x1c6/0x540 [ 124.338143] ? putname.part.0+0x11b/0x160 [ 124.338159] __x64_sys_mount+0x27b/0x300 [ 124.338172] ? __pfx___x64_sys_mount+0x10/0x10 [ 124.338187] do_syscall_64+0xbf/0x360 [ 124.338198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.338209] RIP: 0033:0x7f121eb5d04a [ 124.338218] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.338229] RSP: 002b:00007f121c0d0fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 124.338240] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f121eb5d04a [ 124.338248] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f121c0d1000 [ 124.338255] RBP: 00007f121c0d1040 R08: 00007f121c0d1040 R09: 0000000020000000 [ 124.338262] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 124.338269] R13: 0000000020000100 R14: 00007f121c0d1000 R15: 0000000020010d00 [ 124.338280] [ 124.338292] kmemleak: Kernel memory leak detector disabled [ 124.338296] kmemleak: Object (percpu) 0x607f1a63ebc0 (size 8): [ 124.338302] kmemleak: comm "syz-executor.2", pid 3972, jiffies 4294791100 [ 124.338309] kmemleak: min_count = 1 [ 124.338313] kmemleak: count = 0 [ 124.338317] kmemleak: flags = 0x21 [ 124.338320] kmemleak: checksum = 0 [ 124.338324] kmemleak: backtrace: [ 124.338327] pcpu_alloc_noprof+0x87a/0x1170 [ 124.338342] __alloc_workqueue+0x74b/0x1820 [ 124.338361] alloc_workqueue_noprof+0xc7/0x200 [ 124.338372] loop_configure+0xf73/0x1590 [ 124.338387] lo_ioctl+0x66d/0x1c70 [ 124.338401] blkdev_ioctl+0x27c/0x6c0 [ 124.338410] __x64_sys_ioctl+0x18f/0x210 [ 124.338425] do_syscall_64+0xbf/0x360 [ 124.338434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.338597] FAT-fs (loop5): unable to read boot sector [ 124.341912] Oops: general protection fault, probably for non-canonical address 0xdffffc0001d28f20: 0000 [#2] SMP KASAN NOPTI [ 124.364683] KASAN: probably user-memory-access in range [0x000000000e947900-0x000000000e947907] [ 124.365375] CPU: 0 UID: 0 PID: 3972 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.366329] Tainted: [D]=DIE, [W]=WARN [ 124.366639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.367300] RIP: 0010:__queue_work+0x202/0x1240 [ 124.367684] Code: 48 8b 6d 00 e8 4f ee 79 03 31 ff 41 89 c5 89 c6 e8 c3 02 32 00 45 85 ed 0f 85 e1 05 00 00 e8 85 07 32 00 48 89 e8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 a0 0e 00 00 4c 8b 75 00 48 89 df 4c 89 34 24 [ 124.369146] RSP: 0018:ffff8880459af3f0 EFLAGS: 00010012 [ 124.369576] RAX: 0000000001d28f20 RBX: ffff8880456b5118 RCX: ffffc90003ff9000 [ 124.370148] RDX: 0000000000040000 RSI: ffffffff8141ef2b RDI: 0000000000000005 [ 124.370720] RBP: 000000000e947900 R08: 0000000000000000 R09: fffffbfff0f128f4 [ 124.371292] R10: 0000000000000000 R11: ffff88801b85f000 R12: dffffc0000000000 [ 124.371861] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88800efb6800 [ 124.372439] FS: 00007f121c0d1700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 124.373084] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.373548] CR2: 00007fdf4484d004 CR3: 000000000da90000 CR4: 0000000000350ef0 [ 124.374106] Call Trace: [ 124.374318] [ 124.374504] ? lock_acquire+0x18c/0x2f0 [ 124.374834] queue_work_on+0xd0/0xe0 [ 124.375141] loop_queue_rq+0x5c8/0x1180 [ 124.375467] __blk_mq_issue_directly+0xd5/0x260 [ 124.375856] ? __pfx___blk_mq_issue_directly+0x10/0x10 [ 124.376291] ? blk_mq_put_tag+0x101/0x160 [ 124.376632] ? bdev_count_inflight_rw.part.0+0x5f/0x380 [ 124.377062] blk_mq_request_issue_directly+0x11c/0x1e0 [ 124.377483] blk_mq_issue_direct+0x192/0x640 [ 124.377843] ? __blk_mq_alloc_requests+0xa16/0x15a0 [ 124.378255] blk_mq_dispatch_queue_requests+0x4b0/0x7c0 [ 124.378683] blk_mq_flush_plug_list+0x1ec/0x5b0 [ 124.379065] ? read_tsc+0x9/0x20 [ 124.379352] ? ktime_get+0x16d/0x270 [ 124.379658] ? trace_block_plug+0x149/0x1b0 [ 124.380007] ? blk_add_rq_to_plug+0x234/0x550 [ 124.380386] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 124.380810] ? blk_mq_submit_bio+0x4fd/0x2220 [ 124.381180] __blk_flush_plug+0x25c/0x460 [ 124.381527] ? __pfx___blk_flush_plug+0x10/0x10 [ 124.381905] ? __pfx_css_rstat_updated+0x10/0x10 [ 124.382295] ? blkg_create+0x214/0x1420 [ 124.382626] ? lock_release+0x1c7/0x290 [ 124.382955] __submit_bio+0x480/0x5b0 [ 124.383267] ? __pfx___submit_bio+0x10/0x10 [ 124.383616] ? lock_acquire+0x18c/0x2f0 [ 124.383943] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 124.384373] ? read_tsc+0x9/0x20 [ 124.384653] ? ktime_get+0x16d/0x270 [ 124.384961] submit_bio_noacct_nocheck+0x68e/0xcb0 [ 124.385357] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 124.385801] ? __pfx_bio_alloc_bioset+0x10/0x10 [ 124.386188] ? __getblk_slow+0x3db/0x550 [ 124.386523] submit_bio_noacct+0x359/0x1350 [ 124.386876] __bread_gfp+0x18b/0x3c0 [ 124.387188] fat_fill_super+0x5e1/0x3fd0 [ 124.387527] ? __pfx_setup+0x10/0x10 [ 124.387832] ? __pfx_fat_fill_super+0x10/0x10 [ 124.388202] ? snprintf+0xbe/0x100 [ 124.388503] ? __pfx_snprintf+0x10/0x10 [ 124.388827] ? do_raw_spin_lock+0x123/0x260 [ 124.389177] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 124.389554] ? set_blocksize+0x1b4/0x470 [ 124.389878] ? lock_release+0x1c7/0x290 [ 124.390203] ? sb_set_blocksize+0x177/0x1c0 [ 124.390555] ? setup_bdev_super+0x31f/0x6e0 [ 124.390912] get_tree_bdev_flags+0x38a/0x620 [ 124.391271] ? __pfx_vfat_fill_super+0x10/0x10 [ 124.391643] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 124.392035] ? cap_capable+0xdb/0x3b0 [ 124.392351] ? security_capable+0x2f/0x90 [ 124.392695] vfs_get_tree+0x93/0x340 [ 124.393004] path_mount+0x132d/0x1dd0 [ 124.393316] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 124.393739] ? __pfx_path_mount+0x10/0x10 [ 124.394078] ? kmem_cache_free+0x2a1/0x540 [ 124.394421] ? putname.part.0+0x11b/0x160 [ 124.394759] ? getname_flags.part.0+0x1c6/0x540 [ 124.395137] ? putname.part.0+0x11b/0x160 [ 124.395476] __x64_sys_mount+0x27b/0x300 [ 124.395809] ? __pfx___x64_sys_mount+0x10/0x10 [ 124.396188] do_syscall_64+0xbf/0x360 [ 124.396506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.396921] RIP: 0033:0x7f121eb5d04a [ 124.397225] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.398671] RSP: 002b:00007f121c0d0fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 124.399276] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f121eb5d04a [ 124.399846] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f121c0d1000 [ 124.400424] RBP: 00007f121c0d1040 R08: 00007f121c0d1040 R09: 0000000020000000 [ 124.400992] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 124.401558] R13: 0000000020000100 R14: 00007f121c0d1000 R15: 0000000020010d00 [ 124.402131] [ 124.402322] Modules linked in: [ 124.402592] ---[ end trace 0000000000000000 ]--- [ 124.402966] RIP: 0010:perf_tp_event+0x175/0xe70 [ 124.403349] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 124.404790] RSP: 0018:ffff8880192af600 EFLAGS: 00010212 [ 124.405213] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90005001000 [ 124.405776] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 124.406336] RBP: ffff8880192af870 R08: ffff88806ce31340 R09: ffffe8ffffc16bb0 [ 124.406902] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 124.407470] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 124.408037] FS: 00007f121c0d1700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 124.408676] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.409139] CR2: 00007fdf4484d004 CR3: 000000000da90000 CR4: 0000000000350ef0 [ 124.409712] note: syz-executor.2[3972] exited with irqs disabled [ 124.410548] note: syz-executor.2[3972] exited with preempt_count 1 [ 124.411080] ------------[ cut here ]------------ [ 124.411728] WARNING: kernel/exit.c:898 at do_exit+0x1c36/0x2970, CPU#0: syz-executor.2/3972 [ 124.412435] Modules linked in: [ 124.412710] CPU: 0 UID: 0 PID: 3972 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.413697] Tainted: [D]=DIE, [W]=WARN [ 124.414011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.414689] RIP: 0010:do_exit+0x1c36/0x2970 [ 124.415045] Code: 96 0a 00 00 c7 43 18 00 00 00 00 e9 21 e6 ff ff e8 ef b3 38 00 bf 02 24 00 00 e8 f5 ab 0b 00 e9 41 ff ff ff e8 db b3 38 00 90 <0f> 0b 90 e9 87 e4 ff ff e8 cd b3 38 00 4c 89 e6 bf 05 06 00 00 e8 [ 124.416546] RSP: 0018:ffff8880459afe40 EFLAGS: 00010246 [ 124.416978] RAX: 0000000000040000 RBX: 0000000000000200 RCX: ffffc90003ff9000 [ 124.417573] RDX: 0000000000040000 RSI: ffffffff813b42d5 RDI: ffff88801c21c8e8 [ 124.418165] RBP: ffff88801c21b700 R08: 0000000000000001 R09: fffffbfff0f126d8 [ 124.418736] R10: 0000000000000200 R11: 0000000000000001 R12: 000000000000000b [ 124.419372] R13: 0000000000002710 R14: dffffc0001d28f20 R15: 0000000000000000 [ 124.419955] FS: 00007f121c0d1700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 124.420677] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.421226] CR2: 00007fdf4484d004 CR3: 000000000da90000 CR4: 0000000000350ef0 [ 124.421800] Call Trace: [ 124.422017] [ 124.422220] ? _printk+0xbe/0xf0 [ 124.422510] ? __pfx__printk+0x10/0x10 [ 124.422831] ? __pfx_do_exit+0x10/0x10 [ 124.423170] make_task_dead+0x174/0x3b0 [ 124.423496] ? do_syscall_64+0xbf/0x360 [ 124.423818] rewind_stack_and_make_dead+0x16/0x20 [ 124.424227] RIP: 0033:0x7f121eb5d04a [ 124.424538] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.426022] RSP: 002b:00007f121c0d0fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 124.426648] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f121eb5d04a [ 124.427237] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f121c0d1000 [ 124.427810] RBP: 00007f121c0d1040 R08: 00007f121c0d1040 R09: 0000000020000000 [ 124.428397] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 124.428965] R13: 0000000020000100 R14: 00007f121c0d1000 R15: 0000000020010d00 [ 124.429555] [ 124.429747] irq event stamp: 0 [ 124.430005] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.430522] hardirqs last disabled at (0): [] copy_process+0x1e08/0x73c0 [ 124.431203] softirqs last enabled at (0): [] copy_process+0x1e58/0x73c0 [ 124.431862] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.432384] ---[ end trace 0000000000000000 ]--- [ 124.432770] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51 [ 124.433501] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 3972, name: syz-executor.2 [ 124.434195] preempt_count: 0, expected: 0 [ 124.434524] RCU nest depth: 2, expected: 0 [ 124.434865] INFO: lockdep is turned off. [ 124.435207] CPU: 0 UID: 0 PID: 3972 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.435226] Tainted: [D]=DIE, [W]=WARN [ 124.435230] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.435236] Call Trace: [ 124.435240] [ 124.435244] dump_stack_lvl+0xfa/0x120 [ 124.435262] __might_resched+0x2f3/0x510 [ 124.435276] exit_signals+0x25/0x940 [ 124.435294] do_exit+0x2db/0x2970 [ 124.435307] ? _printk+0xbe/0xf0 [ 124.435319] ? __pfx__printk+0x10/0x10 [ 124.435333] ? __pfx_do_exit+0x10/0x10 [ 124.435348] make_task_dead+0x174/0x3b0 [ 124.435361] ? do_syscall_64+0xbf/0x360 [ 124.435372] rewind_stack_and_make_dead+0x16/0x20 [ 124.435388] RIP: 0033:0x7f121eb5d04a [ 124.435396] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.435407] RSP: 002b:00007f121c0d0fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 124.435418] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f121eb5d04a [ 124.435426] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f121c0d1000 [ 124.435433] RBP: 00007f121c0d1040 R08: 00007f121c0d1040 R09: 0000000020000000 [ 124.435440] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 124.435447] R13: 0000000020000100 R14: 00007f121c0d1000 R15: 0000000020010d00 [ 124.435458] [ 124.710028] kmemleak: Automatic memory scanning thread ended 09:39:35 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x4000000000, 0x2010e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_bp={0x0}, 0x8891}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:39:35 executing program 4: socket$inet6(0xa, 0x2, 0x1) 09:39:35 executing program 1: setresuid(0x0, 0xee01, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, {0x2, 0x0, @multicast2=0xe000000a}, {0x2, 0x0, @dev}, {0x2, 0x0, @broadcast}}) 09:39:35 executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) 09:39:35 executing program 5: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f0000000300)) 09:39:35 executing program 7: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) 09:39:35 executing program 6: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) 09:39:35 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000240008000f80100200040000000000000000000800029600c6cf153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ffffffff078000ffffff00"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ffffffff078000ffffff00"/32, 0x20, 0x400}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e980325132510000e980325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000a5e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000a5e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000a5e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000a5e970325132510000e9703251090064000000", 0x120, 0x600}, {&(0x7f0000010500)="2e202020202020202020201000a5e970325132510000e97032510300000000002e2e2020202020202020201000a5e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000a5e970325132510000e970325104001a040000", 0x80, 0x1e00}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x2e00}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x3e00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7e00}], 0x0, &(0x7f0000010d00)) [ 125.215617] Oops: general protection fault, probably for non-canonical address 0xdffffc0001d28f20: 0000 [#3] SMP KASAN NOPTI [ 125.216536] KASAN: probably user-memory-access in range [0x000000000e947900-0x000000000e947907] [ 125.217221] CPU: 0 UID: 0 PID: 3986 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 125.218160] Tainted: [D]=DIE, [W]=WARN [ 125.218465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 125.219113] RIP: 0010:__queue_work+0x202/0x1240 [ 125.219501] Code: 48 8b 6d 00 e8 4f ee 79 03 31 ff 41 89 c5 89 c6 e8 c3 02 32 00 45 85 ed 0f 85 e1 05 00 00 e8 85 07 32 00 48 89 e8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 a0 0e 00 00 4c 8b 75 00 48 89 df 4c 89 34 24 [ 125.220931] RSP: 0018:ffff88801a44f3f0 EFLAGS: 00010012 [ 125.221352] RAX: 0000000001d28f20 RBX: ffff888016a58218 RCX: ffffc900039f6000 [ 125.221914] RDX: 0000000000040000 RSI: ffffffff8141ef2b RDI: 0000000000000005 [ 125.222478] RBP: 000000000e947900 R08: 0000000000000000 R09: fffffbfff0f128f4 [ 125.223039] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 125.223601] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888046297800 [ 125.224167] FS: 00007facde22f700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 125.224808] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.225266] CR2: 00007facde230000 CR3: 0000000043d93000 CR4: 0000000000350ef0 [ 125.225830] Call Trace: [ 125.226037] [ 125.226221] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 125.226599] queue_work_on+0xd0/0xe0 [ 125.226904] loop_queue_rq+0x5c8/0x1180 [ 125.227227] __blk_mq_issue_directly+0xd5/0x260 [ 125.227607] ? __pfx___blk_mq_issue_directly+0x10/0x10 [ 125.228026] ? blk_mq_put_tag+0x101/0x160 [ 125.228359] ? bdev_count_inflight_rw.part.0+0x5f/0x380 [ 125.228792] blk_mq_request_issue_directly+0x11c/0x1e0 [ 125.229206] blk_mq_issue_direct+0x192/0x640 [ 125.229559] ? __blk_mq_alloc_requests+0xa16/0x15a0 [ 125.229962] blk_mq_dispatch_queue_requests+0x4b0/0x7c0 [ 125.230386] blk_mq_flush_plug_list+0x1ec/0x5b0 [ 125.230758] ? read_tsc+0x9/0x20 [ 125.231038] ? ktime_get+0x16d/0x270 [ 125.231341] ? trace_block_plug+0x149/0x1b0 [ 125.231690] ? blk_add_rq_to_plug+0x234/0x550 [ 125.232050] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 125.232465] ? blk_mq_submit_bio+0x4fd/0x2220 [ 125.232828] __blk_flush_plug+0x25c/0x460 [ 125.233162] ? __pfx___blk_flush_plug+0x10/0x10 [ 125.233533] ? __pfx_css_rstat_updated+0x10/0x10 [ 125.233915] ? lock_release+0x1c7/0x290 [ 125.234241] __submit_bio+0x480/0x5b0 [ 125.234547] ? __pfx___submit_bio+0x10/0x10 [ 125.234891] ? lock_acquire+0x18c/0x2f0 [ 125.235211] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 125.235630] ? read_tsc+0x9/0x20 [ 125.235908] ? ktime_get+0x16d/0x270 [ 125.236211] submit_bio_noacct_nocheck+0x68e/0xcb0 [ 125.236610] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 125.237041] ? __pfx_bio_alloc_bioset+0x10/0x10 [ 125.237422] ? __getblk_slow+0x3db/0x550 [ 125.237754] submit_bio_noacct+0x359/0x1350 [ 125.238098] __bread_gfp+0x18b/0x3c0 [ 125.238402] fat_fill_super+0x5e1/0x3fd0 [ 125.238737] ? __pfx_setup+0x10/0x10 [ 125.239040] ? __pfx_fat_fill_super+0x10/0x10 [ 125.239406] ? snprintf+0xbe/0x100 [ 125.239702] ? __pfx_snprintf+0x10/0x10 [ 125.240027] ? do_raw_spin_lock+0x123/0x260 [ 125.240382] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 125.240759] ? set_blocksize+0x1b4/0x470 [ 125.241085] ? lock_release+0x1c7/0x290 [ 125.241407] ? sb_set_blocksize+0x177/0x1c0 [ 125.241751] ? setup_bdev_super+0x31f/0x6e0 [ 125.242109] get_tree_bdev_flags+0x38a/0x620 [ 125.242462] ? __pfx_msdos_fill_super+0x10/0x10 [ 125.242837] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 125.243227] ? cap_capable+0xdb/0x3b0 [ 125.243540] ? security_capable+0x2f/0x90 [ 125.243879] vfs_get_tree+0x93/0x340 [ 125.244187] path_mount+0x132d/0x1dd0 [ 125.244505] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 125.244923] ? __pfx_path_mount+0x10/0x10 [ 125.245255] ? kmem_cache_free+0x2a1/0x540 [ 125.245594] ? putname.part.0+0x11b/0x160 [ 125.245929] ? getname_flags.part.0+0x1c6/0x540 [ 125.246306] ? putname.part.0+0x11b/0x160 [ 125.246643] __x64_sys_mount+0x27b/0x300 [ 125.246971] ? __pfx___x64_sys_mount+0x10/0x10 [ 125.247341] do_syscall_64+0xbf/0x360 [ 125.247649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.248058] RIP: 0033:0x7face0cbb04a [ 125.248356] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.249787] RSP: 002b:00007facde22efa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 125.250380] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007face0cbb04a [ 125.250941] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007facde22f000 [ 125.251500] RBP: 00007facde22f040 R08: 00007facde22f040 R09: 0000000020000000 [ 125.252062] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 125.252628] R13: 0000000020000040 R14: 00007facde22f000 R15: 0000000020000300 [ 125.253196] [ 125.253387] Modules linked in: [ 125.253647] ---[ end trace 0000000000000000 ]--- [ 125.254018] RIP: 0010:perf_tp_event+0x175/0xe70 [ 125.254401] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 125.255831] RSP: 0018:ffff8880192af600 EFLAGS: 00010212 [ 125.256251] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90005001000 [ 125.256819] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 125.257380] RBP: ffff8880192af870 R08: ffff88806ce31340 R09: ffffe8ffffc16bb0 [ 125.257942] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 125.258506] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 125.259068] FS: 00007facde22f700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 125.259703] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.260164] CR2: 00007facde230000 CR3: 0000000043d93000 CR4: 0000000000350ef0 [ 125.260733] note: syz-executor.5[3986] exited with irqs disabled [ 125.261296] note: syz-executor.5[3986] exited with preempt_count 1 [ 125.261813] ------------[ cut here ]------------ [ 125.262205] WARNING: kernel/exit.c:898 at do_exit+0x1c36/0x2970, CPU#0: syz-executor.5/3986 [ 125.262873] Modules linked in: [ 125.263153] CPU: 0 UID: 0 PID: 3986 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 125.264102] Tainted: [D]=DIE, [W]=WARN [ 125.264416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 125.265063] RIP: 0010:do_exit+0x1c36/0x2970 [ 125.265430] Code: 96 0a 00 00 c7 43 18 00 00 00 00 e9 21 e6 ff ff e8 ef b3 38 00 bf 02 24 00 00 e8 f5 ab 0b 00 e9 41 ff ff ff e8 db b3 38 00 90 <0f> 0b 90 e9 87 e4 ff ff e8 cd b3 38 00 4c 89 e6 bf 05 06 00 00 e8 [ 125.266870] RSP: 0018:ffff88801a44fe40 EFLAGS: 00010246 [ 125.267308] RAX: 0000000000040000 RBX: 0000000000000200 RCX: ffffc900039f6000 [ 125.267875] RDX: 0000000000040000 RSI: ffffffff813b42d5 RDI: ffff88800f4ee468 [ 125.268459] RBP: ffff88800f4ed280 R08: 0000000000000001 R09: fffffbfff0f126d8 [ 125.269020] R10: 0000000000000200 R11: 0000000000000001 R12: 000000000000000b [ 125.269595] R13: 0000000000002710 R14: dffffc0001d28f20 R15: 0000000000000000 [ 125.270178] FS: 00007facde22f700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 125.270820] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.271296] CR2: 00007facde230000 CR3: 0000000043d93000 CR4: 0000000000350ef0 [ 125.271863] Call Trace: [ 125.272071] [ 125.272271] ? _printk+0xbe/0xf0 [ 125.272557] ? __pfx__printk+0x10/0x10 [ 125.273177] ? __pfx_do_exit+0x10/0x10 [ 125.273503] make_task_dead+0x174/0x3b0 [ 125.273827] ? do_syscall_64+0xbf/0x360 [ 125.274402] rewind_stack_and_make_dead+0x16/0x20 [ 125.274805] RIP: 0033:0x7face0cbb04a [ 125.275121] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.276574] RSP: 002b:00007facde22efa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 125.277201] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007face0cbb04a [ 125.277769] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007facde22f000 [ 125.278347] RBP: 00007facde22f040 R08: 00007facde22f040 R09: 0000000020000000 [ 125.278913] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 125.279492] R13: 0000000020000040 R14: 00007facde22f000 R15: 0000000020000300 [ 125.280057] [ 125.280263] irq event stamp: 0 [ 125.280550] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.281048] hardirqs last disabled at (0): [] copy_process+0x1e08/0x73c0 [ 125.281715] softirqs last enabled at (0): [] copy_process+0x1e58/0x73c0 [ 125.282383] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.282882] ---[ end trace 0000000000000000 ]--- 09:39:35 executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) 09:39:35 executing program 1: setresuid(0x0, 0xee01, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, {0x2, 0x0, @multicast2=0xe000000a}, {0x2, 0x0, @dev}, {0x2, 0x0, @broadcast}}) 09:39:35 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000240008000f80100200040000000000000000000800029600c6cf153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ffffffff078000ffffff00"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ffffffff078000ffffff00"/32, 0x20, 0x400}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e980325132510000e980325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000a5e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000a5e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000a5e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000a5e970325132510000e9703251090064000000", 0x120, 0x600}, {&(0x7f0000010500)="2e202020202020202020201000a5e970325132510000e97032510300000000002e2e2020202020202020201000a5e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000a5e970325132510000e970325104001a040000", 0x80, 0x1e00}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x2e00}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x3e00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7e00}], 0x0, &(0x7f0000010d00)) 09:39:35 executing program 7: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) 09:39:36 executing program 6: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) 09:39:36 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x4000000000, 0x2010e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_bp={0x0}, 0x8891}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:39:36 executing program 4: socket$inet6(0xa, 0x2, 0x1) 09:39:36 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000240008000f80100200040000000000000000000800029600c6cf153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ffffffff078000ffffff00"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ffffffff078000ffffff00"/32, 0x20, 0x400}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e980325132510000e980325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000a5e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000a5e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000a5e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000a5e970325132510000e9703251090064000000", 0x120, 0x600}, {&(0x7f0000010500)="2e202020202020202020201000a5e970325132510000e97032510300000000002e2e2020202020202020201000a5e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000a5e970325132510000e970325104001a040000", 0x80, 0x1e00}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x2e00}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x3e00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7e00}], 0x0, &(0x7f0000010d00)) 09:39:36 executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) 09:39:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f0000000300)) 09:39:36 executing program 1: setresuid(0x0, 0xee01, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, {0x2, 0x0, @multicast2=0xe000000a}, {0x2, 0x0, @dev}, {0x2, 0x0, @broadcast}}) 09:39:36 executing program 7: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002cc0), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0x402c5342, &(0x7f0000000080)={0x0, 0x1, 0x4000}) [ 126.144256] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#4] SMP KASAN NOPTI [ 126.145928] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 126.147166] CPU: 0 UID: 0 PID: 4008 Comm: syz-executor.6 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 126.148868] Tainted: [D]=DIE, [W]=WARN [ 126.149421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.150586] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.151284] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.153866] RSP: 0018:ffff8880465e7600 EFLAGS: 00010212 [ 126.154634] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 126.155654] RDX: ffff888015980000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 126.156680] RBP: ffff8880465e7870 R08: ffff88806ce31340 R09: ffffe8ffffc16bc0 [ 126.157705] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.158722] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 126.159740] FS: 0000555581b85400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 126.160895] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.161726] CR2: 00007f79284a5018 CR3: 000000000fcbb000 CR4: 0000000000350ef0 [ 126.162749] Call Trace: [ 126.163127] [ 126.163476] ? __pfx_perf_tp_event+0x10/0x10 [ 126.164137] ? stack_depot_save_flags+0x2c/0xa20 [ 126.164832] ? propagate_protected_usage+0x1bc/0x340 [ 126.165577] ? lock_acquire+0x18c/0x2f0 [ 126.166166] ? lock_release+0x1c7/0x290 [ 126.166756] ? lock_acquire+0x18c/0x2f0 [ 126.167342] ? lock_acquire+0x18c/0x2f0 [ 126.167931] ? lock_release+0x1c7/0x290 [ 126.168523] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.169305] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.170046] ? kasan_unpoison+0x27/0x60 [ 126.170640] ? __kasan_unpoison_pages+0x2f/0x40 [ 126.171336] perf_trace_run_bpf_submit+0xef/0x180 [ 126.172058] perf_trace_lock+0x337/0x5d0 [ 126.172670] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.173355] ? get_futex_key+0x592/0x14a0 [ 126.173953] ? futex_ref_get+0x114/0x300 [ 126.174537] ? futex_hash+0x15c/0x390 [ 126.175103] lock_release+0x1ab/0x290 [ 126.175672] ? futex_hash+0x15c/0x390 [ 126.176233] futex_ref_get+0x119/0x300 [ 126.176807] ? futex_hash+0x15c/0x390 [ 126.177360] futex_hash+0x70/0x390 [ 126.177891] futex_wait_setup+0xae/0x550 [ 126.178502] __futex_wait+0x151/0x300 [ 126.179069] ? __pfx___futex_wait+0x10/0x10 [ 126.179705] ? lock_acquire+0x18c/0x2f0 [ 126.180298] ? css_rstat_updated+0x1b8/0x4d0 [ 126.180977] ? __pfx_futex_wake_mark+0x10/0x10 [ 126.181652] ? __hrtimer_setup+0x1a4/0x2c0 [ 126.182279] ? ktime_add_safe+0x5f/0x70 [ 126.182884] futex_wait+0xde/0x380 [ 126.183419] ? __pfx_futex_wait+0x10/0x10 [ 126.184030] ? finish_task_switch.isra.0+0x201/0x840 [ 126.184789] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 126.185453] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.186118] ? __might_fault+0xe0/0x190 [ 126.186702] do_futex+0x2ee/0x370 [ 126.187220] ? __pfx_do_futex+0x10/0x10 [ 126.187809] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.188580] ? read_tsc+0x9/0x20 [ 126.189096] __x64_sys_futex+0x1c9/0x4d0 [ 126.189693] ? __pfx___x64_sys_futex+0x10/0x10 [ 126.190382] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.191150] do_syscall_64+0xbf/0x360 [ 126.191719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.192472] RIP: 0033:0x7f547020bb19 [ 126.193009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.195611] RSP: 002b:00007ffcecc82258 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.196708] RAX: ffffffffffffffda RBX: 0000000000000032 RCX: 00007f547020bb19 [ 126.197739] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f547031ef6c [ 126.198756] RBP: 00007f547031ef6c R08: 00007f54702fb000 R09: 0000000000000000 [ 126.199772] R10: 00007ffcecc82330 R11: 0000000000000246 R12: 000000000001ec45 [ 126.200814] R13: 00000000000003e8 R14: 00007f547031ef60 R15: 000000000001ec3e [ 126.201864] [ 126.202216] Modules linked in: [ 126.202708] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#5] SMP KASAN NOPTI [ 126.204287] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 126.205359] CPU: 1 UID: 0 PID: 4010 Comm: syz-executor.1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 126.207075] Tainted: [D]=DIE, [W]=WARN [ 126.207640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.208788] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.209508] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.212118] RSP: 0018:ffff88801b81f800 EFLAGS: 00010212 [ 126.212887] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 126.213938] RDX: ffff88800ef39b80 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 126.214935] RBP: ffff88801b81fa70 R08: ffff88806cf31340 R09: ffffe8ffffd16bc0 [ 126.215962] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.216987] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.218017] FS: 0000555556093400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 126.219192] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.220032] CR2: 0000555556094c18 CR3: 000000004518f000 CR4: 0000000000350ef0 [ 126.221056] Call Trace: [ 126.221428] [ 126.221761] ? arch_scale_cpu_capacity+0x17/0xa0 [ 126.222470] ? __pfx_perf_tp_event+0x10/0x10 [ 126.223113] ? __asan_memset+0x24/0x50 [ 126.223687] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.224350] ? __pfx___mutex_lock+0x10/0x10 [ 126.224996] ? perf_trace_lock+0xb5/0x5d0 [ 126.225633] ? kvm_sched_clock_read+0x16/0x30 [ 126.226296] ? sched_clock+0x37/0x60 [ 126.226854] ? sched_clock_cpu+0x6c/0x4e0 [ 126.227491] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.228256] perf_trace_run_bpf_submit+0xef/0x180 [ 126.229029] perf_trace_lock+0x337/0x5d0 [ 126.229635] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.230305] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.230976] ? get_futex_key+0x592/0x14a0 [ 126.231576] ? futex_ref_get+0x114/0x300 [ 126.232185] ? futex_hash+0x15c/0x390 [ 126.232746] lock_release+0x1ab/0x290 [ 126.233337] ? futex_hash+0x15c/0x390 [ 126.233907] futex_ref_get+0x119/0x300 [ 126.234466] ? futex_hash+0x15c/0x390 [ 126.235005] futex_hash+0x70/0x390 [ 126.235532] futex_wake+0x143/0x540 [ 126.236060] ? put_pid+0x1f/0x30 [ 126.236601] ? kernel_clone+0x204/0x7f0 [ 126.237184] ? __pfx_futex_wake+0x10/0x10 [ 126.237794] ? __pfx_kernel_clone+0x10/0x10 [ 126.238408] ? perf_trace_lock+0xb5/0x5d0 [ 126.238993] ? __pfx___handle_mm_fault+0x10/0x10 [ 126.239674] do_futex+0x26d/0x370 [ 126.240177] ? __pfx_do_futex+0x10/0x10 [ 126.240757] ? __pfx___do_sys_clone+0x10/0x10 [ 126.241390] ? handle_mm_fault+0x590/0x9b0 [ 126.241993] __x64_sys_futex+0x1c9/0x4d0 [ 126.242570] ? __pfx___x64_sys_futex+0x10/0x10 [ 126.243236] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.244020] do_syscall_64+0xbf/0x360 [ 126.244602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.245365] RIP: 0033:0x7fdf44335b19 [ 126.245928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.248568] RSP: 002b:00007ffd17b2b1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.249675] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdf44335b19 [ 126.250706] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fdf44448f68 [ 126.251746] RBP: 00007fdf44448f60 R08: 00007fdf418ab700 R09: 0000000000000000 [ 126.252792] R10: 00007fdf418ab700 R11: 0000000000000246 R12: 00007fdf4444d060 [ 126.253822] R13: 00007ffd17b2b2c0 R14: 00007fdf44448f60 R15: 000000000001ec4c [ 126.254878] [ 126.255259] Modules linked in: [ 126.255748] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#6] SMP KASAN NOPTI [ 126.257349] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 126.258600] CPU: 0 UID: 0 PID: 4008 Comm: syz-executor.6 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 126.260300] Tainted: [D]=DIE, [W]=WARN [ 126.260859] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.262042] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.262732] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.265306] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012 [ 126.266076] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 126.267090] RDX: ffff888015980000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 126.268106] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc16bc0 [ 126.269125] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000 [ 126.270138] R13: 0000000000000024 R14: ffff88806ce31490 R15: dffffc0000000000 [ 126.271167] FS: 0000555581b85400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 126.272314] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.273164] CR2: 00007f79284a5018 CR3: 000000000fcbb000 CR4: 0000000000350ef0 [ 126.274184] Call Trace: [ 126.274576] [ 126.274907] ? __pfx_perf_tp_event+0x10/0x10 [ 126.275560] ? stack_depot_save_flags+0x2c/0xa20 [ 126.276252] ? trace_pelt_se_tp+0xdf/0x130 [ 126.276888] ? kasan_save_stack+0x34/0x50 [ 126.277495] ? kasan_save_stack+0x24/0x50 [ 126.278109] ? kasan_save_track+0x14/0x30 [ 126.278728] ? __kasan_save_free_info+0x3a/0x60 [ 126.279406] ? __kasan_slab_free+0x3f/0x50 [ 126.280020] ? kmem_cache_free+0x2a1/0x540 [ 126.280642] ? rcu_core+0x7c8/0x1800 [ 126.281208] ? handle_softirqs+0x1b1/0x770 [ 126.281834] ? __irq_exit_rcu+0xc4/0x100 [ 126.282447] ? irq_exit_rcu+0x9/0x20 [ 126.283009] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 126.283768] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 126.284594] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 126.285398] ? __jump_label_update+0x29a/0x410 [ 126.286104] ? jump_label_update+0x376/0x550 [ 126.286779] ? static_key_enable_cpuslocked+0x1b7/0x270 [ 126.287577] ? static_key_enable+0x1a/0x20 [ 126.288226] ? perf_event_alloc.part.0+0x4058/0x45f0 [ 126.289013] ? __do_sys_perf_event_open+0x719/0x2c20 [ 126.289775] ? do_syscall_64+0xbf/0x360 [ 126.290373] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.291176] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.291884] ? check_preempt_wakeup_fair+0x6e/0x950 [ 126.292657] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.293409] perf_trace_run_bpf_submit+0xef/0x180 [ 126.294141] perf_trace_lock+0x337/0x5d0 [ 126.294763] ? place_entity+0x1c/0x410 [ 126.295355] ? kvm_sched_clock_read+0x16/0x30 [ 126.296048] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.296746] ? check_preempt_wakeup_fair+0x6e/0x950 [ 126.297499] ? sched_ttwu_pending+0x2e0/0x4a0 [ 126.298182] lock_release+0x1ab/0x290 [ 126.298776] ? ttwu_do_activate+0x1a4/0x8a0 [ 126.299434] _raw_spin_unlock+0x16/0x40 [ 126.300041] sched_ttwu_pending+0x2e0/0x4a0 [ 126.300711] ? __pfx_try_to_wake_up+0x10/0x10 [ 126.301416] ? __pfx_sched_ttwu_pending+0x10/0x10 [ 126.302151] ? hrtimer_interrupt+0x652/0x830 [ 126.302816] __flush_smp_call_function_queue+0x434/0x740 [ 126.303645] __sysvec_call_function_single+0x6d/0x370 [ 126.304448] sysvec_call_function_single+0xa1/0xc0 [ 126.305198] [ 126.305543] [ 126.305896] asm_sysvec_call_function_single+0x1a/0x20 [ 126.306690] RIP: 0010:oops_exit+0x0/0x50 [ 126.307306] Code: 00 3a 00 be ff ff ff ff 48 c7 c7 50 b4 43 86 e8 c6 0f f9 ff 5b e9 50 00 3a 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 36 00 3a 00 8b 1d c0 3d 4f 06 31 ff 89 de e8 57 [ 126.309993] RSP: 0018:ffff8880465e7490 EFLAGS: 00000202 [ 126.310787] RAX: 0000000000000000 RBX: 0000000000000293 RCX: ffffffff8139f06f [ 126.311842] RDX: ffff888015980000 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 126.312911] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f12690 [ 126.313965] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880465e7558 [ 126.315022] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000 [ 126.316088] ? add_taint+0x5f/0xd0 [ 126.316647] ? oops_end+0x4a/0xe0 [ 126.317194] oops_end+0x65/0xe0 [ 126.317719] exc_general_protection+0x1a2/0x330 [ 126.318434] asm_exc_general_protection+0x26/0x30 [ 126.319158] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.319861] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.322537] RSP: 0018:ffff8880465e7600 EFLAGS: 00010212 [ 126.323316] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 126.324375] RDX: ffff888015980000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 126.325441] RBP: ffff8880465e7870 R08: ffff88806ce31340 R09: ffffe8ffffc16bc0 [ 126.326499] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.327560] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 126.328633] ? perf_tp_event+0x167/0xe70 [ 126.329266] ? __pfx_perf_tp_event+0x10/0x10 [ 126.329944] ? stack_depot_save_flags+0x2c/0xa20 [ 126.330658] ? propagate_protected_usage+0x1bc/0x340 [ 126.331414] ? lock_acquire+0x18c/0x2f0 [ 126.332003] ? lock_release+0x1c7/0x290 [ 126.332596] ? lock_acquire+0x18c/0x2f0 [ 126.333190] ? lock_acquire+0x18c/0x2f0 [ 126.333792] ? lock_release+0x1c7/0x290 [ 126.334398] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.335200] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.335955] ? kasan_unpoison+0x27/0x60 [ 126.336571] ? __kasan_unpoison_pages+0x2f/0x40 [ 126.337278] perf_trace_run_bpf_submit+0xef/0x180 [ 126.338015] perf_trace_lock+0x337/0x5d0 [ 126.338636] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.339338] ? get_futex_key+0x592/0x14a0 [ 126.339966] ? futex_ref_get+0x114/0x300 [ 126.340584] ? futex_hash+0x15c/0x390 [ 126.341158] lock_release+0x1ab/0x290 [ 126.341735] ? futex_hash+0x15c/0x390 [ 126.342312] futex_ref_get+0x119/0x300 [ 126.342900] ? futex_hash+0x15c/0x390 [ 126.343474] futex_hash+0x70/0x390 [ 126.344018] futex_wait_setup+0xae/0x550 [ 126.344651] __futex_wait+0x151/0x300 [ 126.345236] ? __pfx___futex_wait+0x10/0x10 [ 126.345893] ? lock_acquire+0x18c/0x2f0 [ 126.346493] ? css_rstat_updated+0x1b8/0x4d0 [ 126.347168] ? __pfx_futex_wake_mark+0x10/0x10 [ 126.347863] ? __hrtimer_setup+0x1a4/0x2c0 [ 126.348520] ? ktime_add_safe+0x5f/0x70 [ 126.349128] futex_wait+0xde/0x380 [ 126.349679] ? __pfx_futex_wait+0x10/0x10 [ 126.350303] ? finish_task_switch.isra.0+0x201/0x840 [ 126.351071] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 126.351756] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.352466] ? __might_fault+0xe0/0x190 [ 126.353075] do_futex+0x2ee/0x370 [ 126.353614] ? __pfx_do_futex+0x10/0x10 [ 126.354215] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.354996] ? read_tsc+0x9/0x20 [ 126.355523] __x64_sys_futex+0x1c9/0x4d0 [ 126.356142] ? __pfx___x64_sys_futex+0x10/0x10 [ 126.356844] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.357598] do_syscall_64+0xbf/0x360 [ 126.358155] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.358912] RIP: 0033:0x7f547020bb19 [ 126.359453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.362082] RSP: 002b:00007ffcecc82258 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.363187] RAX: ffffffffffffffda RBX: 0000000000000032 RCX: 00007f547020bb19 [ 126.364203] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f547031ef6c [ 126.365240] RBP: 00007f547031ef6c R08: 00007f54702fb000 R09: 0000000000000000 [ 126.366270] R10: 00007ffcecc82330 R11: 0000000000000246 R12: 000000000001ec45 [ 126.367305] R13: 00000000000003e8 R14: 00007f547031ef60 R15: 000000000001ec3e [ 126.368361] [ 126.368715] Modules linked in: [ 126.369199] ---[ end trace 0000000000000000 ]--- [ 126.369206] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#7] SMP KASAN NOPTI [ 126.369875] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.371656] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 126.372337] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.373542] CPU: 1 UID: 0 PID: 4010 Comm: syz-executor.1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 126.376146] RSP: 0018:ffff8880192af600 EFLAGS: 00010212 [ 126.378040] Tainted: [D]=DIE, [W]=WARN [ 126.378816] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90005001000 [ 126.379437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.380494] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 126.381818] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.382859] RBP: ffff8880192af870 R08: ffff88806ce31340 R09: ffffe8ffffc16bb0 [ 126.383607] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.384662] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.387623] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012 [ 126.388684] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 126.388703] FS: 0000555581b85400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 126.389572] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 126.390578] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.391879] RDX: ffff88800ef39b80 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 126.392906] CR2: 00007f79284a5018 CR3: 000000000fcbb000 CR4: 0000000000350ef0 [ 126.393858] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd16bc0 [ 126.394873] Kernel panic - not syncing: Fatal exception in interrupt [ 127.497919] Shutting down cpus with NMI [ 127.500551] Kernel Offset: disabled [ 127.501052] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 09:39:33 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff8880192aeef0 R8 =0000000000000000 R9 =ffffed1001651046 R10=0000000000000020 R11=0000000065646f43 R12=0000000000000020 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f3c8b12c700 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe1600000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020000040 CR3=000000000de3d000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f3c8dc9d7c000007f3c8dc9d7c8 XMM02=00007f3c8dc9d7e000007f3c8dc9d7c0 XMM03=00007f3c8dc9d7c800007f3c8dc9d7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=ffff88806cf08440 RCX=ffffffff810016ca RDX=0000000000000002 RSI=0000000000000001 RDI=0000000000000000 RBP=ffffffff85c1c760 RSP=ffff88806cf07f60 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000024b50 R12=ffffffff81358702 R13=ffff88806cf08100 R14=ffff88806cf08420 R15=ffff88806cf080b8 RIP=ffffffff810016b4 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055557238e400 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe0600000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f79284a1000 CR3=000000001f948000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f79284787c000007f79284787c8 XMM02=00007f79284787e000007f79284787c0 XMM03=00007f79284787c800007f79284787c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000