Warning: Permanently added '[localhost]:4691' (ECDSA) to the list of known hosts.
2025/09/01 09:46:20 fuzzer started
2025/09/01 09:46:20 dialing manager at localhost:35473
syzkaller login: [ 48.404629] cgroup: Unknown subsys name 'net'
[ 48.476879] cgroup: Unknown subsys name 'cpuset'
[ 48.497960] cgroup: Unknown subsys name 'rlimit'
2025/09/01 09:46:30 syscalls: 2214
2025/09/01 09:46:30 code coverage: enabled
2025/09/01 09:46:30 comparison tracing: enabled
2025/09/01 09:46:30 extra coverage: enabled
2025/09/01 09:46:30 setuid sandbox: enabled
2025/09/01 09:46:30 namespace sandbox: enabled
2025/09/01 09:46:30 Android sandbox: enabled
2025/09/01 09:46:30 fault injection: enabled
2025/09/01 09:46:30 leak checking: enabled
2025/09/01 09:46:30 net packet injection: enabled
2025/09/01 09:46:30 net device setup: enabled
2025/09/01 09:46:30 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 09:46:30 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 09:46:30 USB emulation: enabled
2025/09/01 09:46:30 hci packet injection: enabled
2025/09/01 09:46:30 wifi device emulation: enabled
2025/09/01 09:46:30 802.15.4 emulation: enabled
2025/09/01 09:46:30 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 09:46:30 fetching corpus: 50, signal 23946/27317 (executing program)
2025/09/01 09:46:30 fetching corpus: 100, signal 37482/42077 (executing program)
2025/09/01 09:46:31 fetching corpus: 150, signal 41526/47428 (executing program)
2025/09/01 09:46:31 fetching corpus: 200, signal 46212/53299 (executing program)
2025/09/01 09:46:31 fetching corpus: 250, signal 51640/59705 (executing program)
2025/09/01 09:46:31 fetching corpus: 300, signal 55961/65008 (executing program)
2025/09/01 09:46:31 fetching corpus: 350, signal 62075/71870 (executing program)
2025/09/01 09:46:31 fetching corpus: 400, signal 66084/76644 (executing program)
2025/09/01 09:46:31 fetching corpus: 450, signal 69627/80947 (executing program)
2025/09/01 09:46:31 fetching corpus: 500, signal 73735/85635 (executing program)
2025/09/01 09:46:31 fetching corpus: 550, signal 75986/88687 (executing program)
2025/09/01 09:46:31 fetching corpus: 600, signal 78140/91557 (executing program)
2025/09/01 09:46:32 fetching corpus: 650, signal 81302/95196 (executing program)
2025/09/01 09:46:32 fetching corpus: 700, signal 83079/97601 (executing program)
2025/09/01 09:46:32 fetching corpus: 750, signal 85652/100622 (executing program)
2025/09/01 09:46:32 fetching corpus: 800, signal 88187/103583 (executing program)
2025/09/01 09:46:32 fetching corpus: 850, signal 90020/105863 (executing program)
2025/09/01 09:46:32 fetching corpus: 900, signal 90988/107479 (executing program)
2025/09/01 09:46:32 fetching corpus: 950, signal 93716/110375 (executing program)
2025/09/01 09:46:32 fetching corpus: 1000, signal 95427/112513 (executing program)
2025/09/01 09:46:32 fetching corpus: 1050, signal 97278/114617 (executing program)
2025/09/01 09:46:33 fetching corpus: 1100, signal 98911/116562 (executing program)
2025/09/01 09:46:33 fetching corpus: 1150, signal 99861/118007 (executing program)
2025/09/01 09:46:33 fetching corpus: 1200, signal 101604/119968 (executing program)
2025/09/01 09:46:33 fetching corpus: 1250, signal 102681/121493 (executing program)
2025/09/01 09:46:33 fetching corpus: 1300, signal 103847/122946 (executing program)
2025/09/01 09:46:33 fetching corpus: 1350, signal 105605/124807 (executing program)
2025/09/01 09:46:33 fetching corpus: 1400, signal 106723/126239 (executing program)
2025/09/01 09:46:33 fetching corpus: 1450, signal 107764/127594 (executing program)
2025/09/01 09:46:33 fetching corpus: 1500, signal 108994/129050 (executing program)
2025/09/01 09:46:33 fetching corpus: 1550, signal 110215/130409 (executing program)
2025/09/01 09:46:33 fetching corpus: 1600, signal 111424/131773 (executing program)
2025/09/01 09:46:33 fetching corpus: 1650, signal 112564/133111 (executing program)
2025/09/01 09:46:34 fetching corpus: 1700, signal 113243/134076 (executing program)
2025/09/01 09:46:34 fetching corpus: 1750, signal 114562/135416 (executing program)
2025/09/01 09:46:34 fetching corpus: 1800, signal 116115/136805 (executing program)
2025/09/01 09:46:34 fetching corpus: 1850, signal 116971/137877 (executing program)
2025/09/01 09:46:34 fetching corpus: 1900, signal 117831/138875 (executing program)
2025/09/01 09:46:34 fetching corpus: 1950, signal 119079/140081 (executing program)
2025/09/01 09:46:34 fetching corpus: 2000, signal 120463/141313 (executing program)
2025/09/01 09:46:34 fetching corpus: 2050, signal 121023/142061 (executing program)
2025/09/01 09:46:34 fetching corpus: 2100, signal 122058/142988 (executing program)
2025/09/01 09:46:35 fetching corpus: 2150, signal 123185/144017 (executing program)
2025/09/01 09:46:35 fetching corpus: 2200, signal 124226/144930 (executing program)
2025/09/01 09:46:35 fetching corpus: 2250, signal 128104/146945 (executing program)
2025/09/01 09:46:35 fetching corpus: 2300, signal 128970/147726 (executing program)
2025/09/01 09:46:35 fetching corpus: 2350, signal 129688/148434 (executing program)
2025/09/01 09:46:35 fetching corpus: 2400, signal 130501/149116 (executing program)
2025/09/01 09:46:35 fetching corpus: 2450, signal 131225/149766 (executing program)
2025/09/01 09:46:35 fetching corpus: 2500, signal 131844/150398 (executing program)
2025/09/01 09:46:35 fetching corpus: 2550, signal 132994/151194 (executing program)
2025/09/01 09:46:36 fetching corpus: 2600, signal 134074/151945 (executing program)
2025/09/01 09:46:36 fetching corpus: 2650, signal 134892/152562 (executing program)
2025/09/01 09:46:36 fetching corpus: 2700, signal 135797/153171 (executing program)
2025/09/01 09:46:36 fetching corpus: 2750, signal 136564/153726 (executing program)
2025/09/01 09:46:36 fetching corpus: 2800, signal 137455/154274 (executing program)
2025/09/01 09:46:36 fetching corpus: 2850, signal 138712/154958 (executing program)
2025/09/01 09:46:36 fetching corpus: 2900, signal 139561/155503 (executing program)
2025/09/01 09:46:36 fetching corpus: 2950, signal 140312/155941 (executing program)
2025/09/01 09:46:36 fetching corpus: 3000, signal 141141/156394 (executing program)
2025/09/01 09:46:36 fetching corpus: 3050, signal 141643/156792 (executing program)
2025/09/01 09:46:37 fetching corpus: 3100, signal 142254/157214 (executing program)
2025/09/01 09:46:37 fetching corpus: 3150, signal 144104/157800 (executing program)
2025/09/01 09:46:37 fetching corpus: 3200, signal 144834/158180 (executing program)
2025/09/01 09:46:37 fetching corpus: 3250, signal 145428/158493 (executing program)
2025/09/01 09:46:37 fetching corpus: 3300, signal 145939/158817 (executing program)
2025/09/01 09:46:37 fetching corpus: 3350, signal 146513/159106 (executing program)
2025/09/01 09:46:37 fetching corpus: 3400, signal 147124/159371 (executing program)
2025/09/01 09:46:37 fetching corpus: 3450, signal 147477/159621 (executing program)
2025/09/01 09:46:37 fetching corpus: 3500, signal 147894/159843 (executing program)
2025/09/01 09:46:37 fetching corpus: 3550, signal 148703/160109 (executing program)
2025/09/01 09:46:38 fetching corpus: 3600, signal 149088/160278 (executing program)
2025/09/01 09:46:38 fetching corpus: 3650, signal 149669/160470 (executing program)
2025/09/01 09:46:38 fetching corpus: 3700, signal 150235/160677 (executing program)
2025/09/01 09:46:38 fetching corpus: 3750, signal 150974/160924 (executing program)
2025/09/01 09:46:38 fetching corpus: 3800, signal 151731/161166 (executing program)
2025/09/01 09:46:38 fetching corpus: 3850, signal 152345/161295 (executing program)
2025/09/01 09:46:38 fetching corpus: 3900, signal 152963/161439 (executing program)
2025/09/01 09:46:38 fetching corpus: 3950, signal 153422/161532 (executing program)
2025/09/01 09:46:38 fetching corpus: 4000, signal 153968/161539 (executing program)
2025/09/01 09:46:38 fetching corpus: 4050, signal 154500/161546 (executing program)
2025/09/01 09:46:39 fetching corpus: 4100, signal 155059/161552 (executing program)
2025/09/01 09:46:39 fetching corpus: 4150, signal 155545/161557 (executing program)
2025/09/01 09:46:39 fetching corpus: 4200, signal 155888/161580 (executing program)
2025/09/01 09:46:39 fetching corpus: 4250, signal 156238/161607 (executing program)
2025/09/01 09:46:39 fetching corpus: 4300, signal 156573/161609 (executing program)
2025/09/01 09:46:39 fetching corpus: 4350, signal 157065/161704 (executing program)
2025/09/01 09:46:39 fetching corpus: 4400, signal 157421/161744 (executing program)
2025/09/01 09:46:39 fetching corpus: 4450, signal 157828/161750 (executing program)
2025/09/01 09:46:39 fetching corpus: 4500, signal 158247/161788 (executing program)
2025/09/01 09:46:39 fetching corpus: 4550, signal 158807/161809 (executing program)
2025/09/01 09:46:40 fetching corpus: 4589, signal 159066/161823 (executing program)
2025/09/01 09:46:40 fetching corpus: 4589, signal 159066/161823 (executing program)
2025/09/01 09:46:42 starting 8 fuzzer processes
09:46:42 executing program 0:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfdef)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0)
ioctl$SNAPSHOT_S2RAM(r0, 0x3305)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
09:46:42 executing program 1:
r0 = getpid()
move_pages(r0, 0x1, &(0x7f0000000440)=[&(0x7f0000ffe000/0x1000)=nil], &(0x7f0000000480)=[0x6], 0x0, 0x0)
09:46:42 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)={0x18, 0x52, 0x101, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}, 0x18}], 0x1}, 0x0)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/205, 0xcd}], 0x1)
09:46:42 executing program 7:
r0 = socket$unix(0x1, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{0xb1, 0x0, 0x0, 0x8000}, {0x6}]}, 0x10)
09:46:42 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed}, 0x8)
listen(r0, 0x0)
connect$bt_sco(r0, &(0x7f00000004c0), 0x8)
09:46:42 executing program 3:
perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
getresgid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440))
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="050000000000fddbdf257e0000000800"], 0x1c}}, 0x0)
09:46:42 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f0000000200)={'fscrypt:', @desc4}, &(0x7f0000000240)={0x0, "f6b7a3274637295e421b85f39a281c5bf4cb403ad530039ddd51df4caa904aaf30a69c8404151d62347d12b713328b50e2272bf90361a43b21f101d66c68bbfe"}, 0x48, 0xfffffffffffffffe)
getsockopt$IPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0xe, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$link(0x4, r0, r1)
[ 70.452198] audit: type=1400 audit(1756720002.503:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
09:46:42 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getpeername$inet6(r0, 0x0, 0x0)
[ 71.660058] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 71.662411] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 71.664327] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 71.668159] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 71.671316] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 71.720721] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 71.723118] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 71.726486] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 71.732227] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 71.735720] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 71.791195] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 71.796606] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 71.802539] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 71.810874] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 71.813980] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 71.824280] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 71.831929] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 71.840888] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 71.856024] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 71.865998] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 71.870161] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 71.874108] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 71.877919] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 71.879725] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 71.884170] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 71.888063] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 71.898854] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 71.900054] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 71.913877] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 71.916473] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 71.934491] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 71.936242] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 71.939816] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 71.941312] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 71.949447] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 71.965859] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 71.967949] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 71.971377] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 71.999000] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 72.007482] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 73.692358] Bluetooth: hci0: command tx timeout
[ 73.754665] Bluetooth: hci1: command tx timeout
[ 73.884822] Bluetooth: hci2: command tx timeout
[ 73.947022] Bluetooth: hci3: command tx timeout
[ 74.010653] Bluetooth: hci4: command tx timeout
[ 74.010780] Bluetooth: hci6: command tx timeout
[ 74.011625] Bluetooth: hci5: command tx timeout
[ 74.075629] Bluetooth: hci7: command tx timeout
[ 75.738620] Bluetooth: hci0: command tx timeout
[ 75.802649] Bluetooth: hci1: command tx timeout
[ 75.930617] Bluetooth: hci2: command tx timeout
[ 75.994623] Bluetooth: hci3: command tx timeout
[ 76.058757] Bluetooth: hci5: command tx timeout
[ 76.059617] Bluetooth: hci6: command tx timeout
[ 76.059653] Bluetooth: hci4: command tx timeout
[ 76.124581] Bluetooth: hci7: command tx timeout
[ 77.788637] Bluetooth: hci0: command tx timeout
[ 77.851174] Bluetooth: hci1: command tx timeout
[ 77.978673] Bluetooth: hci2: command tx timeout
[ 78.042699] Bluetooth: hci3: command tx timeout
[ 78.106702] Bluetooth: hci6: command tx timeout
[ 78.106770] Bluetooth: hci5: command tx timeout
[ 78.107116] Bluetooth: hci4: command tx timeout
[ 78.171644] Bluetooth: hci7: command tx timeout
[ 79.834831] Bluetooth: hci0: command tx timeout
[ 79.898700] Bluetooth: hci1: command tx timeout
[ 80.028579] Bluetooth: hci2: command tx timeout
[ 80.090730] Bluetooth: hci3: command tx timeout
[ 80.154782] Bluetooth: hci5: command tx timeout
[ 80.155171] Bluetooth: hci6: command tx timeout
[ 80.155200] Bluetooth: hci4: command tx timeout
[ 80.220593] Bluetooth: hci7: command tx timeout
[ 107.421844] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.422518] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.630258] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.630903] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 108.031052] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.031679] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 108.150545] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.151185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:47:20 executing program 1:
r0 = getpid()
move_pages(r0, 0x1, &(0x7f0000000440)=[&(0x7f0000ffe000/0x1000)=nil], &(0x7f0000000480)=[0x6], 0x0, 0x0)
[ 108.258677] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.259240] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:47:20 executing program 1:
r0 = getpid()
move_pages(r0, 0x1, &(0x7f0000000440)=[&(0x7f0000ffe000/0x1000)=nil], &(0x7f0000000480)=[0x6], 0x0, 0x0)
09:47:20 executing program 1:
r0 = getpid()
move_pages(r0, 0x1, &(0x7f0000000440)=[&(0x7f0000ffe000/0x1000)=nil], &(0x7f0000000480)=[0x6], 0x0, 0x0)
09:47:20 executing program 1:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='$', 0x1, 0xfffffffffffffffc)
keyctl$link(0x7, r0, 0xfffffffffffffffd)
[ 108.477939] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.478791] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:47:20 executing program 1:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='$', 0x1, 0xfffffffffffffffc)
keyctl$link(0x7, r0, 0xfffffffffffffffd)
[ 108.545318] random: crng reseeded on system resumption
[ 108.558008] Restarting kernel threads ...
[ 108.558657] Done restarting kernel threads.
[ 108.566150] random: crng reseeded on system resumption
[ 108.581825] Restarting kernel threads ...
[ 108.582315] Done restarting kernel threads.
[ 108.894388] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.895114] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 108.965885] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.966497] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.050111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.050823] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.144320] audit: type=1400 audit(1756720041.194:8): avc: denied { open } for pid=3869 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 109.150416] audit: type=1400 audit(1756720041.194:9): avc: denied { kernel } for pid=3869 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 109.156183] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[ 109.160063] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[ 109.161678] syz-executor.3 (3870) used greatest stack depth: 23360 bytes left
[ 109.186997] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.187574] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.363835] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.364432] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.412531] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.413268] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.493600] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.494214] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.532657] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.533217] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.681901] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.682528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.725398] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.726252] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:47:21 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed}, 0x8)
listen(r0, 0x0)
connect$bt_sco(r0, &(0x7f00000004c0), 0x8)
09:47:21 executing program 3:
perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
getresgid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440))
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="050000000000fddbdf257e0000000800"], 0x1c}}, 0x0)
09:47:21 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f0000000200)={'fscrypt:', @desc4}, &(0x7f0000000240)={0x0, "f6b7a3274637295e421b85f39a281c5bf4cb403ad530039ddd51df4caa904aaf30a69c8404151d62347d12b713328b50e2272bf90361a43b21f101d66c68bbfe"}, 0x48, 0xfffffffffffffffe)
getsockopt$IPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0xe, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$link(0x4, r0, r1)
09:47:21 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)={0x18, 0x52, 0x101, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}, 0x18}], 0x1}, 0x0)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/205, 0xcd}], 0x1)
09:47:21 executing program 1:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='$', 0x1, 0xfffffffffffffffc)
keyctl$link(0x7, r0, 0xfffffffffffffffd)
09:47:22 executing program 7:
r0 = socket$unix(0x1, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{0xb1, 0x0, 0x0, 0x8000}, {0x6}]}, 0x10)
09:47:22 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getpeername$inet6(r0, 0x0, 0x0)
09:47:22 executing program 0:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfdef)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0)
ioctl$SNAPSHOT_S2RAM(r0, 0x3305)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
[ 109.986128] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[ 109.995396] random: crng reseeded on system resumption
[ 110.002673] Restarting kernel threads ...
[ 110.003135] Done restarting kernel threads.
09:47:22 executing program 1:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='$', 0x1, 0xfffffffffffffffc)
keyctl$link(0x7, r0, 0xfffffffffffffffd)
09:47:22 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed}, 0x8)
listen(r0, 0x0)
connect$bt_sco(r0, &(0x7f00000004c0), 0x8)
09:47:22 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getpeername$inet6(r0, 0x0, 0x0)
09:47:22 executing program 0:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfdef)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0)
ioctl$SNAPSHOT_S2RAM(r0, 0x3305)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
09:47:22 executing program 3:
perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
getresgid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440))
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="050000000000fddbdf257e0000000800"], 0x1c}}, 0x0)
09:47:22 executing program 7:
r0 = socket$unix(0x1, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{0xb1, 0x0, 0x0, 0x8000}, {0x6}]}, 0x10)
[ 110.089484] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 110.090382] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 110.090983] CPU: 0 UID: 0 PID: 3933 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 110.091912] Tainted: [W]=WARN
[ 110.092633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 110.094344] RIP: 0010:perf_tp_event+0x175/0xe70
[ 110.095226] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 110.099143] RSP: 0018:ffff88801419f800 EFLAGS: 00010212
[ 110.100404] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 110.100967] RDX: ffff888017958000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 110.101518] RBP: ffff88801419fa70 R08: ffff88806ce31340 R09: ffffe8ffffc06f68
[ 110.102069] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 110.102631] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[ 110.103183] FS: 0000555590b88400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 110.103806] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 110.104256] CR2: 0000555590b89c18 CR3: 0000000041be1000 CR4: 0000000000350ef0
[ 110.104806] Call Trace:
[ 110.105012]
[ 110.105197] ? arch_scale_cpu_capacity+0x17/0xa0
[ 110.105591] ? __pfx_perf_tp_event+0x10/0x10
[ 110.105942] ? __asan_memset+0x24/0x50
[ 110.106278] ? perf_trace_lock+0xb5/0x5d0
[ 110.106614] ? kvm_sched_clock_read+0x16/0x30
[ 110.106975] ? sched_clock+0x37/0x60
[ 110.107278] ? sched_clock_cpu+0x6c/0x4e0
[ 110.107610] ? lock_is_held_type+0x9e/0x120
[ 110.107958] ? perf_trace_run_bpf_submit+0xef/0x180
[ 110.108353] perf_trace_run_bpf_submit+0xef/0x180
[ 110.108740] perf_trace_lock+0x337/0x5d0
[ 110.109066] ? __pfx_perf_trace_lock+0x10/0x10
[ 110.109433] ? lock_acquire+0x15e/0x2f0
[ 110.109758] ? futex_ref_get+0x48/0x300
[ 110.110072] ? futex_ref_get+0x114/0x300
[ 110.110438] ? futex_hash+0x15c/0x390
[ 110.110740] lock_release+0x1ab/0x290
[ 110.111043] ? futex_hash+0x15c/0x390
[ 110.111346] futex_ref_get+0x119/0x300
[ 110.111656] ? futex_hash+0x15c/0x390
[ 110.111957] futex_hash+0x70/0x390
[ 110.112245] futex_wake+0x143/0x540
[ 110.112542] ? put_pid+0x1f/0x30
[ 110.112812] ? kernel_clone+0x204/0x7f0
[ 110.113127] ? __pfx_futex_wake+0x10/0x10
[ 110.113456] ? __pfx_kernel_clone+0x10/0x10
[ 110.113802] ? perf_trace_lock+0xb5/0x5d0
[ 110.114141] do_futex+0x26d/0x370
[ 110.114423] ? __pfx_do_futex+0x10/0x10
[ 110.114740] ? __pfx___do_sys_clone+0x10/0x10
[ 110.115094] ? find_held_lock+0x2b/0x80
[ 110.115416] __x64_sys_futex+0x1c9/0x4d0
[ 110.115744] ? __pfx___x64_sys_futex+0x10/0x10
[ 110.116114] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 110.116531] do_syscall_64+0xbf/0x360
[ 110.116836] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 110.117239] RIP: 0033:0x7fc9d25adb19
[ 110.117532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 110.118934] RSP: 002b:00007ffc24960988 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 110.119522] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc9d25adb19
[ 110.120071] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc9d26c0f68
[ 110.120621] RBP: 00007fc9d26c0f60 R08: 00007fc9cfb23700 R09: 0000000000000000
[ 110.121170] R10: 00007fc9cfb23700 R11: 0000000000000246 R12: 00007fc9d26c5060
[ 110.121721] R13: 00007ffc24960a90 R14: 00007fc9d26c0f60 R15: 000000000001ad88
[ 110.122295]
[ 110.122481] Modules linked in:
[ 110.122911] ---[ end trace 0000000000000000 ]---
[ 110.123282] RIP: 0010:perf_tp_event+0x175/0xe70
[ 110.123758] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 110.123991] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[ 110.125224] RSP: 0018:ffff88801419f800 EFLAGS: 00010212
[ 110.126390] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 110.127024] RDX: ffff888017958000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 110.127707] RBP: ffff88801419fa70 R08: ffff88806ce31340 R09: ffffe8ffffc06f68
[ 110.128260] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 110.128889] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[ 110.129446] FS: 0000555590b88400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 110.130144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 110.130621] CR2: 0000555590b89c18 CR3: 0000000041be1000 CR4: 0000000000350ef0
[ 110.131173] note: syz-executor.2[3933] exited with preempt_count 1
[ 110.131667] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51
[ 110.132358] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 3933, name: syz-executor.2
[ 110.133042] preempt_count: 0, expected: 0
[ 110.133363] RCU nest depth: 2, expected: 0
[ 110.133702] INFO: lockdep is turned off.
[ 110.134015] CPU: 0 UID: 0 PID: 3933 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 110.134034] Tainted: [D]=DIE, [W]=WARN
[ 110.134038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 110.134045] Call Trace:
[ 110.134048]
[ 110.134053] dump_stack_lvl+0xfa/0x120
[ 110.134084] __might_resched+0x2f3/0x510
[ 110.134101] exit_signals+0x25/0x940
[ 110.134119] do_exit+0x2db/0x2970
[ 110.134133] ? _printk+0xbe/0xf0
[ 110.134146] ? __pfx__printk+0x10/0x10
[ 110.134160] ? __pfx_do_exit+0x10/0x10
[ 110.134175] make_task_dead+0x174/0x3b0
[ 110.134189] ? do_syscall_64+0xbf/0x360
[ 110.134200] rewind_stack_and_make_dead+0x16/0x20
[ 110.134216] RIP: 0033:0x7fc9d25adb19
[ 110.134224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 110.134235] RSP: 002b:00007ffc24960988 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 110.134246] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc9d25adb19
[ 110.134254] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc9d26c0f68
[ 110.134261] RBP: 00007fc9d26c0f60 R08: 00007fc9cfb23700 R09: 0000000000000000
[ 110.134269] R10: 00007fc9cfb23700 R11: 0000000000000246 R12: 00007fc9d26c5060
[ 110.134276] R13: 00007ffc24960a90 R14: 00007fc9d26c0f60 R15: 000000000001ad88
[ 110.134287]
[ 110.148140] random: crng reseeded on system resumption
[ 110.149254] Restarting kernel threads ...
[ 110.149688] Done restarting kernel threads.
09:47:25 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)={0x18, 0x52, 0x101, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}, 0x18}], 0x1}, 0x0)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/205, 0xcd}], 0x1)
09:47:25 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f0000000200)={'fscrypt:', @desc4}, &(0x7f0000000240)={0x0, "f6b7a3274637295e421b85f39a281c5bf4cb403ad530039ddd51df4caa904aaf30a69c8404151d62347d12b713328b50e2272bf90361a43b21f101d66c68bbfe"}, 0x48, 0xfffffffffffffffe)
getsockopt$IPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0xe, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$link(0x4, r0, r1)
09:47:25 executing program 3:
perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
getresgid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440))
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="050000000000fddbdf257e0000000800"], 0x1c}}, 0x0)
09:47:25 executing program 0:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfdef)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0)
ioctl$SNAPSHOT_S2RAM(r0, 0x3305)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
09:47:25 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)={0x18, 0x52, 0x101, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}, 0x18}], 0x1}, 0x0)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/205, 0xcd}], 0x1)
09:47:25 executing program 7:
r0 = socket$unix(0x1, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{0xb1, 0x0, 0x0, 0x8000}, {0x6}]}, 0x10)
09:47:25 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed}, 0x8)
listen(r0, 0x0)
connect$bt_sco(r0, &(0x7f00000004c0), 0x8)
09:47:25 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getpeername$inet6(r0, 0x0, 0x0)
[ 113.195093] Oops: general protection fault, probably for non-canonical address 0xe01ffc00000000b0: 0000 [#2] SMP KASAN NOPTI
[ 113.196198] KASAN: maybe wild-memory-access in range [0x0100000000000580-0x0100000000000587]
[ 113.196947] CPU: 1 UID: 0 PID: 3948 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 113.197901] Tainted: [D]=DIE, [W]=WARN
[ 113.198222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 113.198884] RIP: 0010:perf_tp_event+0x26b/0xe70
[ 113.199272] Code: 3c 20 00 0f 85 3d 0b 00 00 4c 8b ab 00 03 00 00 4d 85 ed 4c 0f 44 eb e8 d3 50 ea ff 49 8d bd 80 05 00 00 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 fd 0a 00 00 4d 8b ad 80 05 00 00 4d 85 ed 0f
[ 113.200743] RSP: 0018:ffff88804618f800 EFLAGS: 00010212
[ 113.201170] RAX: 00200000000000b0 RBX: ffff888045633841 RCX: ffffc90008a52000
[ 113.201757] RDX: 0000000000040000 RSI: ffffffff8189a5dd RDI: 0100000000000580
[ 113.202342] RBP: ffff88804618fa70 R08: ffff88806cf31340 R09: ffffe8ffffd15e78
[ 113.202908] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 113.203473] R13: 0100000000000000 R14: ffff88806cf31340 R15: dffffc0000000000
[ 113.204043] FS: 00007f008fa76700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 113.204690] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.205149] CR2: 00007f0092614018 CR3: 000000000c43d000 CR4: 0000000000350ef0
[ 113.205733] Call Trace:
[ 113.205948]
[ 113.206143] ? perf_swevent_event+0x63/0x3f0
[ 113.206526] ? __pfx_perf_tp_event+0x10/0x10
[ 113.206893] ? tracing_gen_ctx_irq_test+0x167/0x1f0
[ 113.207292] ? perf_swevent_event+0x63/0x3f0
[ 113.207665] ? tracing_gen_ctx_irq_test+0x167/0x1f0
[ 113.208062] ? perf_swevent_event+0x63/0x3f0
[ 113.208427] ? perf_tp_event+0x807/0xe70
[ 113.208761] ? __pfx_perf_tp_event+0x10/0x10
[ 113.209114] ? perf_ctx_unlock+0x73/0x160
[ 113.209463] ? __perf_install_in_context+0x503/0xb90
[ 113.209869] ? do_raw_spin_unlock+0x53/0x220
[ 113.210240] ? perf_trace_run_bpf_submit+0xef/0x180
[ 113.210649] perf_trace_run_bpf_submit+0xef/0x180
[ 113.211041] perf_trace_lock+0x337/0x5d0
[ 113.211381] ? __pfx_perf_trace_lock+0x10/0x10
[ 113.211753] ? get_futex_key+0x592/0x14a0
[ 113.212083] ? futex_ref_get+0x114/0x300
[ 113.212413] ? futex_hash+0x15c/0x390
[ 113.212720] lock_release+0x1ab/0x290
[ 113.213034] ? futex_hash+0x15c/0x390
[ 113.213350] futex_ref_get+0x119/0x300
[ 113.213664] ? futex_hash+0x15c/0x390
[ 113.213968] futex_hash+0x70/0x390
[ 113.214269] futex_wake+0x143/0x540
[ 113.214592] ? __pfx_perf_trace_lock+0x10/0x10
[ 113.214962] ? __pfx___mutex_lock+0x10/0x10
[ 113.215324] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 113.215752] ? __pfx_futex_wake+0x10/0x10
[ 113.216089] ? lock_release+0x1c7/0x290
[ 113.216414] ? fd_install+0x1f0/0x660
[ 113.216725] do_futex+0x26d/0x370
[ 113.217011] ? __pfx_do_futex+0x10/0x10
[ 113.217338] ? __pfx___do_sys_perf_event_open+0x10/0x10
[ 113.217765] ? count_memcg_events+0x32b/0x420
[ 113.218147] __x64_sys_futex+0x1c9/0x4d0
[ 113.218491] ? __pfx___x64_sys_futex+0x10/0x10
[ 113.218860] ? xfd_validate_state+0x55/0x180
[ 113.219228] do_syscall_64+0xbf/0x360
[ 113.219545] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.219956] RIP: 0033:0x7f0092500b19
[ 113.220255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 113.221693] RSP: 002b:00007f008fa76218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 113.222299] RAX: ffffffffffffffda RBX: 00007f0092613f68 RCX: 00007f0092500b19
[ 113.222871] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0092613f6c
[ 113.223437] RBP: 00007f0092613f60 R08: 000000000000000e R09: 0000000000000000
[ 113.223995] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f0092613f6c
[ 113.224566] R13: 00007ffea95264af R14: 00007f008fa76300 R15: 0000000000022000
[ 113.225135]
[ 113.225331] Modules linked in:
[ 113.225632] Oops: general protection fault, probably for non-canonical address 0xe01ffc00000000b0: 0000 [#3] SMP KASAN NOPTI
[ 113.226519] KASAN: maybe wild-memory-access in range [0x0100000000000580-0x0100000000000587]
[ 113.227181] CPU: 1 UID: 0 PID: 3948 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 113.228114] Tainted: [D]=DIE, [W]=WARN
[ 113.228423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 113.229062] RIP: 0010:perf_tp_event+0x26b/0xe70
[ 113.229444] Code: 3c 20 00 0f 85 3d 0b 00 00 4c 8b ab 00 03 00 00 4d 85 ed 4c 0f 44 eb e8 d3 50 ea ff 49 8d bd 80 05 00 00 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 fd 0a 00 00 4d 8b ad 80 05 00 00 4d 85 ed 0f
[ 113.231494] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012
[ 113.232225] RAX: 00200000000000b0 RBX: ffff888045633841 RCX: ffffffff8189a55c
[ 113.233174] RDX: ffff888043e48000 RSI: ffffffff8189a5dd RDI: 0100000000000580
[ 113.234142] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd15e78
[ 113.235099] R10: 0000000000000000 R11: ffff88806cf37018 R12: dffffc0000000000
[ 113.236047] R13: 0100000000000000 R14: ffff88806cf31490 R15: dffffc0000000000
[ 113.236995] FS: 00007f008fa76700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 113.238066] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.238861] CR2: 00007f0092614018 CR3: 000000000c43d000 CR4: 0000000000350ef0
[ 113.239825] Call Trace:
[ 113.240184]
[ 113.240495] ? __pfx_perf_tp_event+0x10/0x10
[ 113.241114] ? stack_depot_save_flags+0x2c/0xa20
[ 113.241771] ? kasan_save_stack+0x34/0x50
[ 113.242345] ? kasan_save_stack+0x24/0x50
[ 113.242908] ? kasan_save_track+0x14/0x30
[ 113.243471] ? __kasan_save_free_info+0x3a/0x60
[ 113.244096] ? __kasan_slab_free+0x3f/0x50
[ 113.244673] ? kmem_cache_free+0x2a1/0x540
[ 113.245239] ? rcu_core+0x7c8/0x1800
[ 113.245750] ? handle_softirqs+0x1b1/0x770
[ 113.246339] ? __irq_exit_rcu+0xc4/0x100
[ 113.246895] ? irq_exit_rcu+0x9/0x20
[ 113.247400] ? sysvec_apic_timer_interrupt+0x70/0x80
[ 113.248098] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 113.248827] ? folio_remove_rmap_ptes+0x86/0x7c0
[ 113.249473] ? unmap_page_range+0x15fc/0x36d0
[ 113.250089] ? unmap_single_vma.constprop.0+0x153/0x230
[ 113.250821] ? unmap_vmas+0x1d6/0x430
[ 113.251344] ? exit_mmap+0x181/0xaa0
[ 113.251858] ? mmput+0xd5/0x390
[ 113.252326] ? do_exit+0x79d/0x2970
[ 113.252823] ? do_group_exit+0xd3/0x2a0
[ 113.253363] ? get_signal+0x2315/0x2340
[ 113.253916] ? kvm_sched_clock_read+0x16/0x30
[ 113.254537] ? sched_clock+0x37/0x60
[ 113.255053] ? sched_clock_cpu+0x6c/0x4e0
[ 113.255624] ? perf_trace_run_bpf_submit+0xef/0x180
[ 113.256302] perf_trace_run_bpf_submit+0xef/0x180
[ 113.256963] perf_trace_lock+0x337/0x5d0
[ 113.257524] ? place_entity+0x300/0x410
[ 113.258066] ? kvm_sched_clock_read+0x16/0x30
[ 113.258691] ? __pfx_perf_trace_lock+0x10/0x10
[ 113.259314] ? check_preempt_wakeup_fair+0x6e/0x950
[ 113.259992] ? sched_ttwu_pending+0x2e0/0x4a0
[ 113.260611] lock_release+0x1ab/0x290
[ 113.261136] ? ttwu_do_activate+0x1a4/0x8a0
[ 113.261727] _raw_spin_unlock+0x16/0x40
[ 113.262281] sched_ttwu_pending+0x2e0/0x4a0
[ 113.262870] ? __pfx_try_to_wake_up+0x10/0x10
[ 113.263492] ? __pfx_sched_ttwu_pending+0x10/0x10
[ 113.264159] ? flush_tlb_func+0x24d/0x560
[ 113.264731] __flush_smp_call_function_queue+0x434/0x740
[ 113.265476] __sysvec_call_function_single+0x6d/0x370
[ 113.266189] sysvec_call_function_single+0xa1/0xc0
[ 113.266858]
[ 113.267167]
[ 113.267480] asm_sysvec_call_function_single+0x1a/0x20
[ 113.268185] RIP: 0010:oops_exit+0x0/0x50
[ 113.268740] Code: 00 3a 00 be ff ff ff ff 48 c7 c7 50 b4 43 86 e8 c6 0f f9 ff 5b e9 50 00 3a 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 36 00 3a 00 8b 1d c0 3d 4f 06 31 ff 89 de e8 57
[ 113.271162] RSP: 0018:ffff88804618f690 EFLAGS: 00000202
[ 113.271875] RAX: 000000000002e0dc RBX: 0000000000000216 RCX: ffffc90008a52000
[ 113.272824] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007
[ 113.273771] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f12690
[ 113.274724] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804618f758
[ 113.275670] R13: 0000000000000000 R14: e01ffc00000000b0 R15: 0000000000000000
[ 113.276625] ? oops_end+0x4a/0xe0
[ 113.277115] oops_end+0x65/0xe0
[ 113.277580] exc_general_protection+0x1a2/0x330
[ 113.278231] asm_exc_general_protection+0x26/0x30
[ 113.278882] RIP: 0010:perf_tp_event+0x26b/0xe70
[ 113.279520] Code: 3c 20 00 0f 85 3d 0b 00 00 4c 8b ab 00 03 00 00 4d 85 ed 4c 0f 44 eb e8 d3 50 ea ff 49 8d bd 80 05 00 00 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 fd 0a 00 00 4d 8b ad 80 05 00 00 4d 85 ed 0f
[ 113.281923] RSP: 0018:ffff88804618f800 EFLAGS: 00010212
[ 113.282642] RAX: 00200000000000b0 RBX: ffff888045633841 RCX: ffffc90008a52000
[ 113.283597] RDX: 0000000000040000 RSI: ffffffff8189a5dd RDI: 0100000000000580
[ 113.284541] RBP: ffff88804618fa70 R08: ffff88806cf31340 R09: ffffe8ffffd15e78
[ 113.285489] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 113.286443] R13: 0100000000000000 R14: ffff88806cf31340 R15: dffffc0000000000
[ 113.287402] ? perf_tp_event+0x25d/0xe70
[ 113.287959] ? perf_swevent_event+0x63/0x3f0
[ 113.288573] ? __pfx_perf_tp_event+0x10/0x10
[ 113.289179] ? tracing_gen_ctx_irq_test+0x167/0x1f0
[ 113.289857] ? perf_swevent_event+0x63/0x3f0
[ 113.290480] ? tracing_gen_ctx_irq_test+0x167/0x1f0
[ 113.291160] ? perf_swevent_event+0x63/0x3f0
[ 113.291764] ? perf_tp_event+0x807/0xe70
[ 113.292326] ? __pfx_perf_tp_event+0x10/0x10
[ 113.292933] ? perf_ctx_unlock+0x73/0x160
[ 113.293493] ? __perf_install_in_context+0x503/0xb90
[ 113.294190] ? do_raw_spin_unlock+0x53/0x220
[ 113.294798] ? perf_trace_run_bpf_submit+0xef/0x180
[ 113.295482] perf_trace_run_bpf_submit+0xef/0x180
[ 113.296143] perf_trace_lock+0x337/0x5d0
[ 113.296706] ? __pfx_perf_trace_lock+0x10/0x10
[ 113.297338] ? get_futex_key+0x592/0x14a0
[ 113.297898] ? futex_ref_get+0x114/0x300
[ 113.298451] ? futex_hash+0x15c/0x390
[ 113.298969] lock_release+0x1ab/0x290
[ 113.299492] ? futex_hash+0x15c/0x390
[ 113.300009] futex_ref_get+0x119/0x300
[ 113.300537] ? futex_hash+0x15c/0x390
[ 113.301054] futex_hash+0x70/0x390
[ 113.301548] futex_wake+0x143/0x540
[ 113.302050] ? __pfx_perf_trace_lock+0x10/0x10
[ 113.302683] ? __pfx___mutex_lock+0x10/0x10
[ 113.303279] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 113.303993] ? __pfx_futex_wake+0x10/0x10
[ 113.304565] ? lock_release+0x1c7/0x290
[ 113.305106] ? fd_install+0x1f0/0x660
[ 113.305629] do_futex+0x26d/0x370
[ 113.306110] ? __pfx_do_futex+0x10/0x10
[ 113.306666] ? __pfx___do_sys_perf_event_open+0x10/0x10
[ 113.307387] ? count_memcg_events+0x32b/0x420
[ 113.308011] __x64_sys_futex+0x1c9/0x4d0
[ 113.308574] ? __pfx___x64_sys_futex+0x10/0x10
[ 113.309196] ? xfd_validate_state+0x55/0x180
[ 113.309817] do_syscall_64+0xbf/0x360
[ 113.310556] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.311478] RIP: 0033:0x7f0092500b19
[ 113.312136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 113.315127] RSP: 002b:00007f008fa76218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 113.316208] RAX: ffffffffffffffda RBX: 00007f0092613f68 RCX: 00007f0092500b19
[ 113.317209] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0092613f6c
[ 113.318248] RBP: 00007f0092613f60 R08: 000000000000000e R09: 0000000000000000
[ 113.319280] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f0092613f6c
[ 113.320329] R13: 00007ffea95264af R14: 00007f008fa76300 R15: 0000000000022000
[ 113.321408]
[ 113.321773] Modules linked in:
[ 113.322276] ---[ end trace 0000000000000000 ]---
[ 113.322986] RIP: 0010:perf_tp_event+0x175/0xe70
[ 113.323700] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 113.326323] RSP: 0018:ffff88801419f800 EFLAGS: 00010212
[ 113.327068] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 113.328065] RDX: ffff888017958000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 113.329056] RBP: ffff88801419fa70 R08: ffff88806ce31340 R09: ffffe8ffffc06f68
[ 113.330076] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 113.331104] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000
[ 113.332127] FS: 00007f008fa76700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 113.333259] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.334083] CR2: 00007f0092614018 CR3: 000000000c43d000 CR4: 0000000000350ef0
[ 113.335125] Kernel panic - not syncing: Fatal exception in interrupt
[ 114.442144] Shutting down cpus with NMI
[ 114.443039] Kernel Offset: disabled
[ 114.443562] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
09:47:22 Registers:
info registers vcpu 0
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88801419f0f0
R8 =0000000000000000 R9 =ffffed1001483046 R10=0000000000000034 R11=0000000065646f43
R12=0000000000000034 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555590b88400 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe1600000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000555590b89c18 CR3=0000000041be1000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007fc9d26947c000007fc9d26947c8
XMM02=00007fc9d26947e000007fc9d26947c0 XMM03=00007fc9d26947c800007fc9d26947c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000001 RBX=ffff88806ce3de20 RCX=ffffffff816880fc RDX=ffff888043790000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000003 RSP=ffff88801420f988
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1
R12=ffffed100d9c7bc5 R13=ffff88806ce3de28 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880f7 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555559bc7400 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe4500000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fbf1e506108 CR3=000000000ddca000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffff812c82b4ffffffff812c82a8 XMM01=ffffffff812c8387ffffffff812c835e
XMM02=ffffffff8150e067ffffffff812c8387 XMM03=ffffffff812c835effffffff812c82b4
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000