Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:18327' (ECDSA) to the list of known hosts. 2025/08/29 09:48:48 fuzzer started 2025/08/29 09:48:48 dialing manager at localhost:43077 syzkaller login: [ 50.918041] cgroup: Unknown subsys name 'net' [ 50.975836] cgroup: Unknown subsys name 'cpuset' [ 50.996507] cgroup: Unknown subsys name 'rlimit' 2025/08/29 09:48:59 syscalls: 2214 2025/08/29 09:48:59 code coverage: enabled 2025/08/29 09:48:59 comparison tracing: enabled 2025/08/29 09:48:59 extra coverage: enabled 2025/08/29 09:48:59 setuid sandbox: enabled 2025/08/29 09:48:59 namespace sandbox: enabled 2025/08/29 09:48:59 Android sandbox: enabled 2025/08/29 09:48:59 fault injection: enabled 2025/08/29 09:48:59 leak checking: enabled 2025/08/29 09:48:59 net packet injection: enabled 2025/08/29 09:48:59 net device setup: enabled 2025/08/29 09:48:59 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 09:48:59 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 09:48:59 USB emulation: enabled 2025/08/29 09:48:59 hci packet injection: enabled 2025/08/29 09:48:59 wifi device emulation: enabled 2025/08/29 09:48:59 802.15.4 emulation: enabled 2025/08/29 09:48:59 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 09:48:59 fetching corpus: 41, signal 12902/16579 (executing program) 2025/08/29 09:48:59 fetching corpus: 80, signal 21985/27204 (executing program) 2025/08/29 09:48:59 fetching corpus: 125, signal 36363/42676 (executing program) 2025/08/29 09:48:59 fetching corpus: 175, signal 46350/53653 (executing program) 2025/08/29 09:48:59 fetching corpus: 225, signal 51619/59998 (executing program) 2025/08/29 09:48:59 fetching corpus: 275, signal 56668/66031 (executing program) 2025/08/29 09:48:59 fetching corpus: 325, signal 62119/72287 (executing program) 2025/08/29 09:48:59 fetching corpus: 374, signal 67700/78517 (executing program) 2025/08/29 09:48:59 fetching corpus: 423, signal 71093/82682 (executing program) 2025/08/29 09:48:59 fetching corpus: 473, signal 73293/85803 (executing program) 2025/08/29 09:49:00 fetching corpus: 523, signal 75190/88555 (executing program) 2025/08/29 09:49:00 fetching corpus: 573, signal 78458/92382 (executing program) 2025/08/29 09:49:00 fetching corpus: 623, signal 81435/95951 (executing program) 2025/08/29 09:49:00 fetching corpus: 673, signal 82903/98244 (executing program) 2025/08/29 09:49:00 fetching corpus: 723, signal 85517/101396 (executing program) 2025/08/29 09:49:00 fetching corpus: 773, signal 87316/103843 (executing program) 2025/08/29 09:49:00 fetching corpus: 823, signal 89430/106451 (executing program) 2025/08/29 09:49:00 fetching corpus: 871, signal 92426/109710 (executing program) 2025/08/29 09:49:00 fetching corpus: 921, signal 94602/112318 (executing program) 2025/08/29 09:49:00 fetching corpus: 970, signal 96071/114281 (executing program) 2025/08/29 09:49:01 fetching corpus: 1020, signal 97959/116527 (executing program) 2025/08/29 09:49:01 fetching corpus: 1070, signal 99655/118593 (executing program) 2025/08/29 09:49:01 fetching corpus: 1119, signal 100953/120301 (executing program) 2025/08/29 09:49:01 fetching corpus: 1169, signal 102833/122391 (executing program) 2025/08/29 09:49:01 fetching corpus: 1219, signal 104671/124459 (executing program) 2025/08/29 09:49:01 fetching corpus: 1269, signal 106136/126347 (executing program) 2025/08/29 09:49:01 fetching corpus: 1319, signal 107531/128024 (executing program) 2025/08/29 09:49:01 fetching corpus: 1369, signal 108618/129568 (executing program) 2025/08/29 09:49:01 fetching corpus: 1418, signal 110020/131213 (executing program) 2025/08/29 09:49:01 fetching corpus: 1468, signal 111051/132511 (executing program) 2025/08/29 09:49:01 fetching corpus: 1517, signal 111986/133817 (executing program) 2025/08/29 09:49:02 fetching corpus: 1567, signal 113829/135694 (executing program) 2025/08/29 09:49:02 fetching corpus: 1617, signal 115025/137052 (executing program) 2025/08/29 09:49:02 fetching corpus: 1667, signal 116049/138323 (executing program) 2025/08/29 09:49:02 fetching corpus: 1716, signal 116891/139430 (executing program) 2025/08/29 09:49:02 fetching corpus: 1766, signal 117954/140622 (executing program) 2025/08/29 09:49:02 fetching corpus: 1816, signal 119237/141913 (executing program) 2025/08/29 09:49:02 fetching corpus: 1864, signal 119981/142942 (executing program) 2025/08/29 09:49:02 fetching corpus: 1914, signal 120864/144020 (executing program) 2025/08/29 09:49:03 fetching corpus: 1964, signal 121549/144983 (executing program) 2025/08/29 09:49:03 fetching corpus: 2014, signal 122411/146000 (executing program) 2025/08/29 09:49:03 fetching corpus: 2063, signal 123426/147054 (executing program) 2025/08/29 09:49:03 fetching corpus: 2113, signal 124065/147888 (executing program) 2025/08/29 09:49:03 fetching corpus: 2162, signal 124885/148825 (executing program) 2025/08/29 09:49:03 fetching corpus: 2212, signal 126203/149929 (executing program) 2025/08/29 09:49:03 fetching corpus: 2262, signal 127173/150867 (executing program) 2025/08/29 09:49:03 fetching corpus: 2312, signal 127971/151710 (executing program) 2025/08/29 09:49:03 fetching corpus: 2362, signal 128791/152510 (executing program) 2025/08/29 09:49:03 fetching corpus: 2412, signal 129395/153262 (executing program) 2025/08/29 09:49:03 fetching corpus: 2462, signal 129988/153993 (executing program) 2025/08/29 09:49:03 fetching corpus: 2512, signal 130763/154731 (executing program) 2025/08/29 09:49:04 fetching corpus: 2562, signal 131854/155590 (executing program) 2025/08/29 09:49:04 fetching corpus: 2612, signal 132596/156265 (executing program) 2025/08/29 09:49:04 fetching corpus: 2662, signal 133397/156989 (executing program) 2025/08/29 09:49:04 fetching corpus: 2712, signal 134270/157697 (executing program) 2025/08/29 09:49:04 fetching corpus: 2762, signal 134743/158263 (executing program) 2025/08/29 09:49:04 fetching corpus: 2812, signal 136416/159112 (executing program) 2025/08/29 09:49:04 fetching corpus: 2862, signal 137428/159784 (executing program) 2025/08/29 09:49:04 fetching corpus: 2911, signal 138312/160416 (executing program) 2025/08/29 09:49:04 fetching corpus: 2960, signal 139009/160985 (executing program) 2025/08/29 09:49:04 fetching corpus: 3010, signal 139747/161501 (executing program) 2025/08/29 09:49:05 fetching corpus: 3060, signal 140228/161941 (executing program) 2025/08/29 09:49:05 fetching corpus: 3109, signal 141019/162500 (executing program) 2025/08/29 09:49:05 fetching corpus: 3159, signal 141679/162999 (executing program) 2025/08/29 09:49:05 fetching corpus: 3209, signal 142424/163442 (executing program) 2025/08/29 09:49:05 fetching corpus: 3259, signal 142966/163884 (executing program) 2025/08/29 09:49:05 fetching corpus: 3309, signal 143469/164309 (executing program) 2025/08/29 09:49:05 fetching corpus: 3359, signal 144199/164716 (executing program) 2025/08/29 09:49:05 fetching corpus: 3409, signal 144800/165115 (executing program) 2025/08/29 09:49:05 fetching corpus: 3459, signal 145375/165517 (executing program) 2025/08/29 09:49:06 fetching corpus: 3508, signal 146026/165919 (executing program) 2025/08/29 09:49:06 fetching corpus: 3558, signal 146574/166230 (executing program) 2025/08/29 09:49:06 fetching corpus: 3608, signal 147251/166557 (executing program) 2025/08/29 09:49:06 fetching corpus: 3658, signal 147701/166864 (executing program) 2025/08/29 09:49:06 fetching corpus: 3708, signal 148368/167170 (executing program) 2025/08/29 09:49:06 fetching corpus: 3758, signal 148911/167479 (executing program) 2025/08/29 09:49:06 fetching corpus: 3808, signal 149430/167740 (executing program) 2025/08/29 09:49:06 fetching corpus: 3858, signal 149895/168016 (executing program) 2025/08/29 09:49:06 fetching corpus: 3908, signal 150204/168272 (executing program) 2025/08/29 09:49:06 fetching corpus: 3958, signal 151103/168524 (executing program) 2025/08/29 09:49:07 fetching corpus: 4008, signal 151726/168749 (executing program) 2025/08/29 09:49:07 fetching corpus: 4058, signal 152174/168761 (executing program) 2025/08/29 09:49:07 fetching corpus: 4108, signal 152703/168801 (executing program) 2025/08/29 09:49:07 fetching corpus: 4158, signal 153561/168808 (executing program) 2025/08/29 09:49:07 fetching corpus: 4208, signal 153979/168819 (executing program) 2025/08/29 09:49:07 fetching corpus: 4258, signal 154269/168837 (executing program) 2025/08/29 09:49:07 fetching corpus: 4308, signal 155364/168951 (executing program) 2025/08/29 09:49:07 fetching corpus: 4358, signal 155741/168963 (executing program) 2025/08/29 09:49:07 fetching corpus: 4408, signal 156270/168977 (executing program) 2025/08/29 09:49:07 fetching corpus: 4458, signal 156770/169028 (executing program) 2025/08/29 09:49:07 fetching corpus: 4508, signal 157141/169028 (executing program) 2025/08/29 09:49:08 fetching corpus: 4558, signal 157589/169090 (executing program) 2025/08/29 09:49:08 fetching corpus: 4608, signal 158039/169090 (executing program) 2025/08/29 09:49:08 fetching corpus: 4658, signal 158460/169100 (executing program) 2025/08/29 09:49:08 fetching corpus: 4707, signal 158901/169107 (executing program) 2025/08/29 09:49:08 fetching corpus: 4757, signal 159616/169118 (executing program) 2025/08/29 09:49:08 fetching corpus: 4807, signal 160076/169122 (executing program) 2025/08/29 09:49:08 fetching corpus: 4857, signal 160545/169125 (executing program) 2025/08/29 09:49:08 fetching corpus: 4907, signal 161027/169133 (executing program) 2025/08/29 09:49:08 fetching corpus: 4957, signal 161491/169139 (executing program) 2025/08/29 09:49:09 fetching corpus: 5007, signal 162145/169150 (executing program) 2025/08/29 09:49:09 fetching corpus: 5057, signal 162566/169154 (executing program) 2025/08/29 09:49:09 fetching corpus: 5107, signal 162915/169182 (executing program) 2025/08/29 09:49:09 fetching corpus: 5157, signal 163380/169192 (executing program) 2025/08/29 09:49:09 fetching corpus: 5207, signal 163726/169197 (executing program) 2025/08/29 09:49:09 fetching corpus: 5257, signal 164113/169197 (executing program) 2025/08/29 09:49:09 fetching corpus: 5307, signal 165070/169209 (executing program) 2025/08/29 09:49:09 fetching corpus: 5357, signal 165374/169209 (executing program) 2025/08/29 09:49:09 fetching corpus: 5407, signal 166133/169211 (executing program) 2025/08/29 09:49:09 fetching corpus: 5457, signal 166566/169230 (executing program) 2025/08/29 09:49:09 fetching corpus: 5507, signal 166949/169275 (executing program) 2025/08/29 09:49:10 fetching corpus: 5540, signal 167301/169314 (executing program) 2025/08/29 09:49:10 fetching corpus: 5540, signal 167301/169314 (executing program) 2025/08/29 09:49:12 starting 8 fuzzer processes 09:49:12 executing program 0: syz_mount_image$tmpfs(&(0x7f00000009c0), &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)) syz_mount_image$tmpfs(&(0x7f0000001080), &(0x7f00000010c0)='./file0\x00', 0x0, 0x0, 0x0, 0x108000, &(0x7f0000001300)) 09:49:12 executing program 4: creat(&(0x7f0000000080)='./file0\x00', 0x0) quotactl(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) 09:49:12 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c) close(r0) 09:49:12 executing program 1: setresuid(0xee01, 0xee00, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r1, 0x89f6, &(0x7f0000000100)={'sit0\x00', 0x0}) 09:49:12 executing program 5: r0 = timerfd_create(0x0, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) timerfd_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, r1+10000000}}, 0x0) r2 = dup(r0) timerfd_gettime(r2, 0x0) read(r0, &(0x7f00000012c0)=""/210, 0xd2) [ 74.287297] audit: type=1400 audit(1756460952.178:7): avc: denied { execmem } for pid=271 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 09:49:12 executing program 2: keyctl$set_timeout(0xf, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) request_key(0x0, 0x0, &(0x7f00000003c0)='fscrypt:', 0x0) keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000002980), &(0x7f00000029c0)={'fscrypt:', @desc2}, &(0x7f0000002a00)={0x0, "b2cc144d103542ba6d542373ff1435970ee5d830eb735a252e47dbfbfd3609bbe534e11d59415c046713be902185207bca37fd0abff17c9834fc55c44e1420b2"}, 0x48, 0xfffffffffffffffd) keyctl$update(0x2, r0, &(0x7f0000000340)=':', 0x1) keyctl$get_security(0x11, 0x0, 0x0, 0x0) request_key(0x0, 0x0, 0x0, r0) 09:49:12 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000200)=0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) 09:49:12 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x44, 0x2, 0x1, 0x5, 0x0, 0x0, {0xa}, [@CTA_TUPLE_REPLY={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @private2}}}]}]}, 0x44}}, 0x0) [ 75.378544] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.382323] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.384223] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.389592] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.392705] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.587229] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 75.591381] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 75.592908] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 75.597484] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 75.599365] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 75.610331] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 75.620431] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 75.622207] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 75.625849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 75.627753] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 75.630055] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 75.631174] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 75.640064] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 75.643837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 75.646427] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 75.648884] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 75.650837] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 75.653497] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 75.660795] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 75.662891] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 75.665902] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 75.667300] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.671100] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.682093] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.688302] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 75.700429] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 75.707868] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 75.718291] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 75.736089] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 75.736579] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 75.744708] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 75.747858] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 75.763493] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 75.793714] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 75.795734] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 77.409283] Bluetooth: hci0: command tx timeout [ 77.729532] Bluetooth: hci4: command tx timeout [ 77.730256] Bluetooth: hci3: command tx timeout [ 77.730419] Bluetooth: hci1: command tx timeout [ 77.730881] Bluetooth: hci5: command tx timeout [ 77.794076] Bluetooth: hci6: command tx timeout [ 77.794583] Bluetooth: hci2: command tx timeout [ 77.858085] Bluetooth: hci7: command tx timeout [ 79.457047] Bluetooth: hci0: command tx timeout [ 79.778130] Bluetooth: hci1: command tx timeout [ 79.780083] Bluetooth: hci4: command tx timeout [ 79.780851] Bluetooth: hci3: command tx timeout [ 79.781737] Bluetooth: hci5: command tx timeout [ 79.842239] Bluetooth: hci2: command tx timeout [ 79.842273] Bluetooth: hci6: command tx timeout [ 79.905198] Bluetooth: hci7: command tx timeout [ 81.506082] Bluetooth: hci0: command tx timeout [ 81.825994] Bluetooth: hci3: command tx timeout [ 81.826428] Bluetooth: hci1: command tx timeout [ 81.826601] Bluetooth: hci5: command tx timeout [ 81.826909] Bluetooth: hci4: command tx timeout [ 81.889023] Bluetooth: hci2: command tx timeout [ 81.889130] Bluetooth: hci6: command tx timeout [ 81.954037] Bluetooth: hci7: command tx timeout [ 83.554051] Bluetooth: hci0: command tx timeout [ 83.873120] Bluetooth: hci4: command tx timeout [ 83.874086] Bluetooth: hci3: command tx timeout [ 83.874476] Bluetooth: hci5: command tx timeout [ 83.874854] Bluetooth: hci1: command tx timeout [ 83.936997] Bluetooth: hci6: command tx timeout [ 83.938954] Bluetooth: hci2: command tx timeout [ 84.000999] Bluetooth: hci7: command tx timeout [ 113.331237] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.331895] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.506883] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.507521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.675619] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.676250] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.790162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.790799] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.216903] audit: type=1400 audit(1756460992.107:8): avc: denied { open } for pid=3793 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 114.230180] audit: type=1400 audit(1756460992.107:9): avc: denied { kernel } for pid=3793 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 114.254514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.255136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:49:52 executing program 1: setresuid(0xee01, 0xee00, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r1, 0x89f6, &(0x7f0000000100)={'sit0\x00', 0x0}) 09:49:52 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000200)=0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) 09:49:52 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000200)=0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) 09:49:52 executing program 1: setresuid(0xee01, 0xee00, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r1, 0x89f6, &(0x7f0000000100)={'sit0\x00', 0x0}) [ 114.402054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.402696] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:49:52 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000200)=0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) 09:49:52 executing program 1: setresuid(0xee01, 0xee00, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r1, 0x89f6, &(0x7f0000000100)={'sit0\x00', 0x0}) 09:49:52 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000200)=0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) 09:49:52 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000200)=0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) [ 114.726044] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.726675] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.831487] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.832157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.095002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.095644] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.157749] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.158411] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.364508] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.365164] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.419884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.420711] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.046644] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.047822] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.076771] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.077741] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.107121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.108137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.137593] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.138713] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:49:54 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c) close(r0) 09:49:54 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000200)=0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) 09:49:54 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000200)=0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) 09:49:54 executing program 5: r0 = timerfd_create(0x0, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) timerfd_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, r1+10000000}}, 0x0) r2 = dup(r0) timerfd_gettime(r2, 0x0) read(r0, &(0x7f00000012c0)=""/210, 0xd2) 09:49:54 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x44, 0x2, 0x1, 0x5, 0x0, 0x0, {0xa}, [@CTA_TUPLE_REPLY={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @private2}}}]}]}, 0x44}}, 0x0) 09:49:54 executing program 2: keyctl$set_timeout(0xf, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) request_key(0x0, 0x0, &(0x7f00000003c0)='fscrypt:', 0x0) keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000002980), &(0x7f00000029c0)={'fscrypt:', @desc2}, &(0x7f0000002a00)={0x0, "b2cc144d103542ba6d542373ff1435970ee5d830eb735a252e47dbfbfd3609bbe534e11d59415c046713be902185207bca37fd0abff17c9834fc55c44e1420b2"}, 0x48, 0xfffffffffffffffd) keyctl$update(0x2, r0, &(0x7f0000000340)=':', 0x1) keyctl$get_security(0x11, 0x0, 0x0, 0x0) request_key(0x0, 0x0, 0x0, r0) 09:49:54 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c) close(r0) 09:49:54 executing program 4: creat(&(0x7f0000000080)='./file0\x00', 0x0) quotactl(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) 09:49:54 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000200)=0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) 09:49:54 executing program 5: r0 = timerfd_create(0x0, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) timerfd_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, r1+10000000}}, 0x0) r2 = dup(r0) timerfd_gettime(r2, 0x0) read(r0, &(0x7f00000012c0)=""/210, 0xd2) 09:49:54 executing program 4: creat(&(0x7f0000000080)='./file0\x00', 0x0) quotactl(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) 09:49:54 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000200)=0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) 09:49:54 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c) close(r0) 09:49:54 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x44, 0x2, 0x1, 0x5, 0x0, 0x0, {0xa}, [@CTA_TUPLE_REPLY={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @private2}}}]}]}, 0x44}}, 0x0) 09:49:54 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c) close(r0) 09:49:54 executing program 4: creat(&(0x7f0000000080)='./file0\x00', 0x0) quotactl(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) 09:49:54 executing program 2: keyctl$set_timeout(0xf, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) request_key(0x0, 0x0, &(0x7f00000003c0)='fscrypt:', 0x0) keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000002980), &(0x7f00000029c0)={'fscrypt:', @desc2}, &(0x7f0000002a00)={0x0, "b2cc144d103542ba6d542373ff1435970ee5d830eb735a252e47dbfbfd3609bbe534e11d59415c046713be902185207bca37fd0abff17c9834fc55c44e1420b2"}, 0x48, 0xfffffffffffffffd) keyctl$update(0x2, r0, &(0x7f0000000340)=':', 0x1) keyctl$get_security(0x11, 0x0, 0x0, 0x0) request_key(0x0, 0x0, 0x0, r0) 09:49:54 executing program 5: r0 = timerfd_create(0x0, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) timerfd_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, r1+10000000}}, 0x0) r2 = dup(r0) timerfd_gettime(r2, 0x0) read(r0, &(0x7f00000012c0)=""/210, 0xd2) 09:49:54 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x44, 0x2, 0x1, 0x5, 0x0, 0x0, {0xa}, [@CTA_TUPLE_REPLY={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @private2}}}]}]}, 0x44}}, 0x0) 09:49:54 executing program 6: setresuid(0xee01, 0xee00, 0x0) open_tree(0xffffffffffffffff, 0x0, 0x80801) 09:49:54 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c) close(r0) 09:49:54 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)='system.posix_acl_access\x00', &(0x7f0000000080)={{}, {}, [{0x2, 0x0, r0}], {}, [], {0x10, 0x1}}, 0x2c, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, r1, 0x0) chdir(&(0x7f0000000540)='./file0\x00') 09:49:54 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000400)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x5, @loopback}, 0x1c) close(r0) 09:49:54 executing program 6: setresuid(0xee01, 0xee00, 0x0) open_tree(0xffffffffffffffff, 0x0, 0x80801) 09:49:54 executing program 5: r0 = syz_io_uring_setup(0x2cb1, &(0x7f00000001c0)={0x0, 0x0, 0x2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000280)) io_uring_enter(r0, 0x0, 0x0, 0x2, 0x0, 0x0) 09:49:54 executing program 3: r0 = eventfd2(0x0, 0x0) io_setup(0x2, &(0x7f0000000080)=0x0) io_submit(r1, 0x2, &(0x7f00000007c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}, &(0x7f0000000200)={0x0, 0x0, 0x300, 0x2, 0x0, r0, 0x0}]) 09:49:54 executing program 4: r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x6, 0x0, 0x0, 0x0) [ 116.786657] kmemleak: Found object by alias at 0x607f1a638c1c [ 116.786679] CPU: 1 UID: 0 PID: 3960 Comm: syz-executor.5 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 116.786697] Tainted: [W]=WARN [ 116.786700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 116.786707] Call Trace: [ 116.786711] [ 116.786716] dump_stack_lvl+0xca/0x120 [ 116.786743] __lookup_object+0x94/0xb0 [ 116.786760] delete_object_full+0x27/0x70 [ 116.786776] free_percpu+0x30/0x1160 [ 116.786793] ? arch_uprobe_clear_state+0x16/0x140 [ 116.786813] futex_hash_free+0x38/0xc0 [ 116.786828] mmput+0x2d3/0x390 [ 116.786847] do_exit+0x79d/0x2970 [ 116.786861] ? lock_release+0xc8/0x290 [ 116.786878] ? __pfx_do_exit+0x10/0x10 [ 116.786891] ? find_held_lock+0x2b/0x80 [ 116.786909] ? get_signal+0x835/0x2340 [ 116.786933] do_group_exit+0xd3/0x2a0 [ 116.786948] get_signal+0x2315/0x2340 [ 116.786965] ? lock_release+0xc8/0x290 [ 116.786981] ? __pfx_get_signal+0x10/0x10 [ 116.786997] ? do_futex+0x135/0x370 [ 116.787010] ? __pfx_do_futex+0x10/0x10 [ 116.787025] arch_do_signal_or_restart+0x80/0x790 [ 116.787043] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 116.787059] ? __x64_sys_futex+0x1c9/0x4d0 [ 116.787071] ? __x64_sys_futex+0x1d2/0x4d0 [ 116.787085] ? __pfx___x64_sys_futex+0x10/0x10 [ 116.787099] ? ksys_mmap_pgoff+0x85/0x520 [ 116.787118] exit_to_user_mode_loop+0x8b/0x110 [ 116.787131] do_syscall_64+0x2f7/0x360 [ 116.787143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.787156] RIP: 0033:0x7fe556ed7b19 [ 116.787165] Code: Unable to access opcode bytes at 0x7fe556ed7aef. [ 116.787170] RSP: 002b:00007fe55444d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 116.787181] RAX: 0000000000000000 RBX: 00007fe556feaf68 RCX: 00007fe556ed7b19 [ 116.787189] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe556feaf68 [ 116.787196] RBP: 00007fe556feaf60 R08: 0000000000000000 R09: 0000000000000000 [ 116.787203] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe556feaf6c [ 116.787210] R13: 00007ffc26481fff R14: 00007fe55444d300 R15: 0000000000022000 [ 116.787226] [ 116.787230] kmemleak: Object (percpu) 0x607f1a638c18 (size 8): [ 116.787236] kmemleak: comm "syz-executor.3", pid 3965, jiffies 4294783360 [ 116.787243] kmemleak: min_count = 1 [ 116.787247] kmemleak: count = 0 [ 116.787251] kmemleak: flags = 0x21 [ 116.787255] kmemleak: checksum = 0 [ 116.787258] kmemleak: backtrace: [ 116.787262] pcpu_alloc_noprof+0x87a/0x1170 [ 116.787276] percpu_ref_init+0x37/0x400 [ 116.787294] ioctx_alloc+0x27f/0x1e10 [ 116.787307] __x64_sys_io_setup+0xc8/0x1f0 [ 116.787318] do_syscall_64+0xbf/0x360 [ 116.787327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.812141] kmemleak: Cannot insert 0x607f1a638c1c into the object search tree (overlaps existing) [ 116.812156] CPU: 1 UID: 0 PID: 3970 Comm: syz-executor.4 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 116.812174] Tainted: [W]=WARN [ 116.812178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 116.812185] Call Trace: [ 116.812189] [ 116.812193] dump_stack_lvl+0xca/0x120 [ 116.812213] __link_object+0x190/0x210 [ 116.812230] __create_object+0x48/0x80 [ 116.812247] pcpu_alloc_noprof+0x87a/0x1170 [ 116.812270] __percpu_init_rwsem+0x2d/0x160 [ 116.812286] ? security_sb_alloc+0x75/0x140 [ 116.812303] alloc_super+0x29e/0xb80 [ 116.812318] ? __pfx_kernfs_test_super+0x10/0x10 [ 116.812336] sget_fc+0xfe/0xb80 [ 116.812348] ? __pfx_kernfs_set_super+0x10/0x10 [ 116.812362] kernfs_get_tree+0x1da/0xa50 [ 116.812374] ? __fget_files+0x34/0x3b0 [ 116.812388] ? __pfx_kernfs_get_tree+0x10/0x10 [ 116.812401] ? cap_capable+0xdb/0x3b0 [ 116.812421] sysfs_get_tree+0x41/0x140 [ 116.812437] vfs_get_tree+0x93/0x340 [ 116.812455] vfs_cmd_create+0xd7/0x2a0 [ 116.812469] __do_sys_fsconfig+0xa3c/0xb50 [ 116.812483] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 116.812505] do_syscall_64+0xbf/0x360 [ 116.812516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.812528] RIP: 0033:0x7f3720a46b19 [ 116.812537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 116.812549] RSP: 002b:00007f371dfbc188 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 116.812561] RAX: ffffffffffffffda RBX: 00007f3720b59f60 RCX: 00007f3720a46b19 [ 116.812569] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003 [ 116.812575] RBP: 00007f3720aa0f6d R08: 0000000000000000 R09: 0000000000000000 [ 116.812583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 116.812590] R13: 00007ffcee0681af R14: 00007f371dfbc300 R15: 0000000000022000 [ 116.812607] [ 116.813074] kmemleak: Kernel memory leak detector disabled [ 116.813079] kmemleak: Object (percpu) 0x607f1a638c18 (size 8): [ 116.813086] kmemleak: comm "syz-executor.3", pid 3965, jiffies 4294783360 [ 116.813095] kmemleak: min_count = 1 [ 116.813099] kmemleak: count = 0 [ 116.813103] kmemleak: flags = 0x21 [ 116.813108] kmemleak: checksum = 0 [ 116.813112] kmemleak: backtrace: [ 116.813115] pcpu_alloc_noprof+0x87a/0x1170 [ 116.813132] percpu_ref_init+0x37/0x400 [ 116.813150] ioctx_alloc+0x27f/0x1e10 [ 116.813162] __x64_sys_io_setup+0xc8/0x1f0 [ 116.813175] do_syscall_64+0xbf/0x360 [ 116.813185] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.819353] kmemleak: Found object by alias at 0x607f1a639a84 [ 116.819370] CPU: 0 UID: 0 PID: 3964 Comm: syz-executor.6 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 116.819389] Tainted: [W]=WARN [ 116.819392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 116.819399] Call Trace: [ 116.819403] [ 116.819408] dump_stack_lvl+0xca/0x120 [ 116.819437] __lookup_object+0x94/0xb0 [ 116.819455] delete_object_full+0x27/0x70 [ 116.819471] free_percpu+0x30/0x1160 [ 116.819487] ? arch_uprobe_clear_state+0x16/0x140 [ 116.819507] futex_hash_free+0x38/0xc0 [ 116.819522] mmput+0x2d3/0x390 [ 116.819552] do_exit+0x79d/0x2970 [ 116.819565] ? signal_wake_up_state+0x85/0x120 [ 116.819581] ? zap_other_threads+0x2b9/0x3a0 [ 116.819597] ? __pfx_do_exit+0x10/0x10 [ 116.819609] ? do_group_exit+0x1c3/0x2a0 [ 116.819622] ? lock_release+0xc8/0x290 [ 116.819640] do_group_exit+0xd3/0x2a0 [ 116.819654] __x64_sys_exit_group+0x3e/0x50 [ 116.819668] x64_sys_call+0x18c5/0x18d0 [ 116.819683] do_syscall_64+0xbf/0x360 [ 116.819696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.819707] RIP: 0033:0x7fd363a4cb19 [ 116.819716] Code: Unable to access opcode bytes at 0x7fd363a4caef. [ 116.819721] RSP: 002b:00007ffcb790c128 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.819732] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fd363a4cb19 [ 116.819740] RDX: 00007fd3639ff72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 116.819748] RBP: 0000000000000000 R08: 0000001b2cf20c24 R09: 0000000000000000 [ 116.819755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 116.819761] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffcb790c210 [ 116.819777] [ 116.819781] kmemleak: Object (percpu) 0x607f1a639a80 (size 8): [ 116.819787] kmemleak: comm "syz-executor.3", pid 3965, jiffies 4294783371 [ 116.819794] kmemleak: min_count = 1 [ 116.819798] kmemleak: count = 0 [ 116.819802] kmemleak: flags = 0x21 [ 116.819806] kmemleak: checksum = 0 [ 116.819810] kmemleak: backtrace: [ 116.819813] pcpu_alloc_noprof+0x87a/0x1170 [ 116.819828] percpu_ref_init+0x37/0x400 [ 116.819846] ioctx_alloc+0x368/0x1e10 [ 116.819859] __x64_sys_io_setup+0xc8/0x1f0 [ 116.819870] do_syscall_64+0xbf/0x360 [ 116.819878] entry_SYSCALL_64_after_hwframe+0x77/0x7f 09:49:54 executing program 2: keyctl$set_timeout(0xf, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) request_key(0x0, 0x0, &(0x7f00000003c0)='fscrypt:', 0x0) keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000002980), &(0x7f00000029c0)={'fscrypt:', @desc2}, &(0x7f0000002a00)={0x0, "b2cc144d103542ba6d542373ff1435970ee5d830eb735a252e47dbfbfd3609bbe534e11d59415c046713be902185207bca37fd0abff17c9834fc55c44e1420b2"}, 0x48, 0xfffffffffffffffd) keyctl$update(0x2, r0, &(0x7f0000000340)=':', 0x1) keyctl$get_security(0x11, 0x0, 0x0, 0x0) request_key(0x0, 0x0, 0x0, r0) 09:49:54 executing program 6: setresuid(0xee01, 0xee00, 0x0) open_tree(0xffffffffffffffff, 0x0, 0x80801) 09:49:54 executing program 5: r0 = syz_io_uring_setup(0x2cb1, &(0x7f00000001c0)={0x0, 0x0, 0x2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000280)) io_uring_enter(r0, 0x0, 0x0, 0x2, 0x0, 0x0) 09:49:54 executing program 3: r0 = eventfd2(0x0, 0x0) io_setup(0x2, &(0x7f0000000080)=0x0) io_submit(r1, 0x2, &(0x7f00000007c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}, &(0x7f0000000200)={0x0, 0x0, 0x300, 0x2, 0x0, r0, 0x0}]) 09:49:54 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCETHTOOL(r0, 0x8924, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000000)=@ethtool_stats}) 09:49:54 executing program 7: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000001480)=[{&(0x7f00000000c0)="2b9f", 0x2}], 0x0, &(0x7f0000001540)={[{@numtail}, {@shortname_winnt}]}) 09:49:54 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)='system.posix_acl_access\x00', &(0x7f0000000080)={{}, {}, [{0x2, 0x0, r0}], {}, [], {0x10, 0x1}}, 0x2c, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, r1, 0x0) chdir(&(0x7f0000000540)='./file0\x00') 09:49:54 executing program 4: r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x6, 0x0, 0x0, 0x0) [ 116.980750] FAT-fs (loop7): invalid media value (0x9f) [ 116.981307] FAT-fs (loop7): Can't find a valid FAT filesystem 09:49:54 executing program 6: setresuid(0xee01, 0xee00, 0x0) open_tree(0xffffffffffffffff, 0x0, 0x80801) 09:49:54 executing program 5: r0 = syz_io_uring_setup(0x2cb1, &(0x7f00000001c0)={0x0, 0x0, 0x2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000280)) io_uring_enter(r0, 0x0, 0x0, 0x2, 0x0, 0x0) 09:49:54 executing program 3: r0 = eventfd2(0x0, 0x0) io_setup(0x2, &(0x7f0000000080)=0x0) io_submit(r1, 0x2, &(0x7f00000007c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}, &(0x7f0000000200)={0x0, 0x0, 0x300, 0x2, 0x0, r0, 0x0}]) [ 116.996156] FAT-fs (loop7): invalid media value (0x9f) [ 116.996602] FAT-fs (loop7): Can't find a valid FAT filesystem 09:49:54 executing program 2: r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x6, 0x0, 0x0, 0x0) 09:49:54 executing program 2: r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x6, 0x0, 0x0, 0x0) 09:49:54 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCETHTOOL(r0, 0x8924, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000000)=@ethtool_stats}) 09:49:54 executing program 6: r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x6, 0x0, 0x0, 0x0) 09:49:54 executing program 5: r0 = syz_io_uring_setup(0x2cb1, &(0x7f00000001c0)={0x0, 0x0, 0x2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000280)) io_uring_enter(r0, 0x0, 0x0, 0x2, 0x0, 0x0) 09:49:54 executing program 3: r0 = eventfd2(0x0, 0x0) io_setup(0x2, &(0x7f0000000080)=0x0) io_submit(r1, 0x2, &(0x7f00000007c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}, &(0x7f0000000200)={0x0, 0x0, 0x300, 0x2, 0x0, r0, 0x0}]) 09:49:54 executing program 4: r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x6, 0x0, 0x0, 0x0) 09:49:54 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)='system.posix_acl_access\x00', &(0x7f0000000080)={{}, {}, [{0x2, 0x0, r0}], {}, [], {0x10, 0x1}}, 0x2c, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, r1, 0x0) chdir(&(0x7f0000000540)='./file0\x00') 09:49:54 executing program 7: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000001480)=[{&(0x7f00000000c0)="2b9f", 0x2}], 0x0, &(0x7f0000001540)={[{@numtail}, {@shortname_winnt}]}) [ 117.085200] FAT-fs (loop7): invalid media value (0x9f) [ 117.085667] FAT-fs (loop7): Can't find a valid FAT filesystem 09:49:54 executing program 7: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000001480)=[{&(0x7f00000000c0)="2b9f", 0x2}], 0x0, &(0x7f0000001540)={[{@numtail}, {@shortname_winnt}]}) [ 117.138995] FAT-fs (loop7): invalid media value (0x9f) [ 117.139466] FAT-fs (loop7): Can't find a valid FAT filesystem 09:49:55 executing program 4: r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x6, 0x0, 0x0, 0x0) 09:49:55 executing program 2: r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x6, 0x0, 0x0, 0x0) 09:49:55 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)='system.posix_acl_access\x00', &(0x7f0000000080)={{}, {}, [{0x2, 0x0, r0}], {}, [], {0x10, 0x1}}, 0x2c, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, r1, 0x0) chdir(&(0x7f0000000540)='./file0\x00') 09:49:55 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCETHTOOL(r0, 0x8924, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000000)=@ethtool_stats}) 09:49:55 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)='system.posix_acl_access\x00', &(0x7f0000000080)={{}, {}, [{0x2, 0x0, r0}], {}, [], {0x10, 0x1}}, 0x2c, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, r1, 0x0) chdir(&(0x7f0000000540)='./file0\x00') 09:49:55 executing program 6: r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x6, 0x0, 0x0, 0x0) 09:49:55 executing program 7: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000001480)=[{&(0x7f00000000c0)="2b9f", 0x2}], 0x0, &(0x7f0000001540)={[{@numtail}, {@shortname_winnt}]}) 09:49:55 executing program 3: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) poll(&(0x7f0000000100)=[{r0, 0x20}, {r0, 0x8020}], 0x2, 0xfffffffb) pread64(r1, &(0x7f0000000200)=""/231, 0xe7, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00') symlinkat(0x0, r2, &(0x7f0000000080)='./file0\x00') fork() newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) setresuid(0x0, r3, 0x0) syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00') 09:49:55 executing program 4: syz_emit_ethernet(0x6e, &(0x7f00000003c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "6b1000", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "61165b", 0x0, 0x2b, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [@srh={0x0, 0x0, 0x4, 0x0, 0x40}]}}}}}}}, 0x0) [ 117.245092] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI [ 117.246015] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 117.246716] CPU: 0 UID: 0 PID: 4032 Comm: syz-executor.5 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 117.247675] Tainted: [W]=WARN [ 117.248403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 117.250196] RIP: 0010:perf_tp_event+0x175/0xe70 [ 117.251354] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 117.256059] RSP: 0018:ffff888016ee7800 EFLAGS: 00010212 [ 117.257295] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900029b2000 [ 117.257857] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 117.258421] RBP: ffff888016ee7a70 R08: ffff88806ce31340 R09: ffffe8ffffc15c18 [ 117.258984] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 117.259561] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 117.260137] FS: 00007fe55444d700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 117.260771] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.261234] CR2: 0000000000000000 CR3: 000000003540e000 CR4: 0000000000350ef0 [ 117.261798] Call Trace: [ 117.262008] [ 117.262193] ? __is_insn_slot_addr+0x136/0x290 [ 117.262576] ? __pfx_perf_tp_event+0x10/0x10 [ 117.262934] ? kernel_text_address+0x5b/0xc0 [ 117.263291] ? __mutex_add_waiter+0x202/0x220 [ 117.263666] ? __kernel_text_address+0xd/0x40 [ 117.264031] ? unwind_get_return_address+0x59/0xa0 [ 117.264434] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 117.264868] ? arch_stack_walk+0x9c/0xf0 [ 117.265205] ? perf_trace_lock+0xb5/0x5d0 [ 117.265543] ? __pfx_perf_trace_lock+0x10/0x10 [ 117.265917] ? perf_trace_run_bpf_submit+0xef/0x180 [ 117.266320] perf_trace_run_bpf_submit+0xef/0x180 [ 117.266716] perf_trace_lock+0x337/0x5d0 [ 117.267048] ? __pfx_perf_trace_lock+0x10/0x10 [ 117.267420] ? lock_acquire+0x15e/0x2f0 [ 117.267752] ? futex_ref_get+0x48/0x300 [ 117.268076] ? futex_ref_get+0x114/0x300 [ 117.268404] ? futex_hash+0x15c/0x390 [ 117.268713] lock_release+0x1ab/0x290 [ 117.269027] ? futex_hash+0x15c/0x390 [ 117.269333] futex_ref_get+0x119/0x300 [ 117.269648] ? futex_hash+0x15c/0x390 [ 117.269956] futex_hash+0x70/0x390 [ 117.270245] futex_wake+0x143/0x540 [ 117.270547] ? __pfx_futex_wake+0x10/0x10 [ 117.270884] ? copy_siginfo_to_user+0xb9/0xd0 [ 117.271247] ? __pfx_signal_setup_done+0x10/0x10 [ 117.271658] do_futex+0x26d/0x370 [ 117.271946] ? __pfx_do_futex+0x10/0x10 [ 117.272266] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 117.272688] ? arch_do_signal_or_restart+0x204/0x790 [ 117.273100] __x64_sys_futex+0x1c9/0x4d0 [ 117.273429] ? __pfx___x64_sys_futex+0x10/0x10 [ 117.273799] ? lock_mm_and_find_vma+0xaa/0x6f0 [ 117.274178] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 117.274603] do_syscall_64+0xbf/0x360 [ 117.274919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.275345] RIP: 0033:0x7fe556ed7b19 [ 117.275656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 117.277086] RSP: 002b:00007fe55444d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 117.277682] RAX: ffffffffffffffda RBX: 00007fe556feaf68 RCX: 00007fe556ed7b19 [ 117.278243] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe556feaf6c [ 117.278801] RBP: 00007fe556feaf60 R08: 000000000000000e R09: 0000000000000000 [ 117.279387] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fe556feaf6c [ 117.279973] R13: 00007ffc26481fff R14: 00007fe55444d300 R15: 0000000000022000 [ 117.280548] [ 117.280741] Modules linked in: [ 117.281033] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 117.281912] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 117.282596] CPU: 0 UID: 0 PID: 4032 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 117.283525] Tainted: [D]=DIE, [W]=WARN [ 117.283839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 117.284476] RIP: 0010:perf_tp_event+0x175/0xe70 [ 117.284848] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 117.286279] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012 [ 117.286712] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 117.287276] RDX: ffff888016e18000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 117.287839] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc15c18 [ 117.288416] R10: 0000000000000000 R11: ffff8880172d6c98 R12: dffffc0000000000 [ 117.289001] R13: 0000000000000024 R14: ffff88806ce31490 R15: dffffc0000000000 [ 117.289554] FS: 00007fe55444d700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 117.290178] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.290630] CR2: 0000000000000000 CR3: 000000003540e000 CR4: 0000000000350ef0 [ 117.291186] Call Trace: [ 117.291393] [ 117.291579] ? __pfx_perf_tp_event+0x10/0x10 [ 117.291934] ? perf_trace_lock+0xb5/0x5d0 [ 117.292276] ? __pfx_perf_trace_lock+0x10/0x10 [ 117.292640] ? trace_softirq_raise+0xbe/0x100 [ 117.293013] ? lock_acquire+0x15e/0x2f0 [ 117.293329] ? select_task_rq_fair+0x2b6/0x38b0 [ 117.293699] ? find_held_lock+0x2b/0x80 [ 117.294019] ? select_task_rq_fair+0x48c/0x38b0 [ 117.294392] ? perf_trace_lock+0xb5/0x5d0 [ 117.294725] ? kvm_sched_clock_read+0x16/0x30 [ 117.295091] ? sched_clock+0x37/0x60 [ 117.295391] ? sched_clock_cpu+0x6c/0x4e0 [ 117.295738] ? perf_trace_run_bpf_submit+0xef/0x180 [ 117.296138] perf_trace_run_bpf_submit+0xef/0x180 [ 117.296521] perf_trace_lock+0x337/0x5d0 [ 117.296849] ? __pfx_perf_trace_lock+0x10/0x10 [ 117.297223] ? check_preempt_wakeup_fair+0x6e/0x950 [ 117.297618] ? sched_ttwu_pending+0x2e0/0x4a0 [ 117.297982] lock_release+0x1ab/0x290 [ 117.298285] ? ttwu_do_activate+0x1a4/0x8a0 [ 117.298632] _raw_spin_unlock+0x16/0x40 [ 117.298952] sched_ttwu_pending+0x2e0/0x4a0 [ 117.299297] ? __pfx_sched_ttwu_pending+0x10/0x10 [ 117.299688] ? mark_held_locks+0x49/0x80 [ 117.300015] __flush_smp_call_function_queue+0x434/0x740 [ 117.300451] __sysvec_call_function_single+0x6d/0x370 [ 117.300863] sysvec_call_function_single+0xa1/0xc0 [ 117.301253] [ 117.301436] [ 117.301618] asm_sysvec_call_function_single+0x1a/0x20 [ 117.302031] RIP: 0010:oops_exit+0x0/0x50 [ 117.302359] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27 [ 117.303785] RSP: 0018:ffff888016ee7690 EFLAGS: 00000202 [ 117.304206] RAX: 000000000002b984 RBX: 0000000000000202 RCX: ffffc900029b2000 [ 117.304755] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 117.305310] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90 [ 117.305862] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888016ee7758 [ 117.306413] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000 [ 117.306969] ? oops_end+0x4a/0xe0 [ 117.307260] oops_end+0x65/0xe0 [ 117.307529] exc_general_protection+0x1a2/0x330 [ 117.307909] asm_exc_general_protection+0x26/0x30 [ 117.308288] RIP: 0010:perf_tp_event+0x175/0xe70 [ 117.308655] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 117.310063] RSP: 0018:ffff888016ee7800 EFLAGS: 00010212 [ 117.310477] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900029b2000 [ 117.311035] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 117.311600] RBP: ffff888016ee7a70 R08: ffff88806ce31340 R09: ffffe8ffffc15c18 [ 117.312154] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 117.312708] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 117.313271] ? perf_tp_event+0x167/0xe70 [ 117.313598] ? __is_insn_slot_addr+0x136/0x290 [ 117.313969] ? __pfx_perf_tp_event+0x10/0x10 [ 117.314323] ? kernel_text_address+0x5b/0xc0 [ 117.314675] ? __mutex_add_waiter+0x202/0x220 [ 117.315030] ? __kernel_text_address+0xd/0x40 [ 117.315389] ? unwind_get_return_address+0x59/0xa0 [ 117.315787] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 117.316217] ? arch_stack_walk+0x9c/0xf0 [ 117.316546] ? perf_trace_lock+0xb5/0x5d0 [ 117.316878] ? __pfx_perf_trace_lock+0x10/0x10 [ 117.317246] ? perf_trace_run_bpf_submit+0xef/0x180 [ 117.317639] perf_trace_run_bpf_submit+0xef/0x180 [ 117.318026] perf_trace_lock+0x337/0x5d0 [ 117.318350] ? __pfx_perf_trace_lock+0x10/0x10 [ 117.318721] ? lock_acquire+0x15e/0x2f0 [ 117.319038] ? futex_ref_get+0x48/0x300 [ 117.319353] ? futex_ref_get+0x114/0x300 [ 117.319681] ? futex_hash+0x15c/0x390 [ 117.319982] lock_release+0x1ab/0x290 [ 117.320287] ? futex_hash+0x15c/0x390 [ 117.320589] futex_ref_get+0x119/0x300 [ 117.320898] ? futex_hash+0x15c/0x390 [ 117.321199] futex_hash+0x70/0x390 [ 117.321484] futex_wake+0x143/0x540 [ 117.321779] ? __pfx_futex_wake+0x10/0x10 [ 117.322111] ? copy_siginfo_to_user+0xb9/0xd0 [ 117.322466] ? __pfx_signal_setup_done+0x10/0x10 [ 117.322852] do_futex+0x26d/0x370 [ 117.323132] ? __pfx_do_futex+0x10/0x10 [ 117.323450] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 117.323877] ? arch_do_signal_or_restart+0x204/0x790 [ 117.324282] __x64_sys_futex+0x1c9/0x4d0 [ 117.324609] ? __pfx___x64_sys_futex+0x10/0x10 [ 117.324969] ? lock_mm_and_find_vma+0xaa/0x6f0 [ 117.325336] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 117.325750] do_syscall_64+0xbf/0x360 [ 117.326052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.326459] RIP: 0033:0x7fe556ed7b19 [ 117.326755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 117.328186] RSP: 002b:00007fe55444d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 117.328781] RAX: ffffffffffffffda RBX: 00007fe556feaf68 RCX: 00007fe556ed7b19 [ 117.329339] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe556feaf6c [ 117.329891] RBP: 00007fe556feaf60 R08: 000000000000000e R09: 0000000000000000 [ 117.330445] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fe556feaf6c [ 117.331000] R13: 00007ffc26481fff R14: 00007fe55444d300 R15: 0000000000022000 [ 117.331570] [ 117.331755] Modules linked in: [ 117.332011] ---[ end trace 0000000000000000 ]--- [ 117.332385] RIP: 0010:perf_tp_event+0x175/0xe70 [ 117.332766] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 117.334185] RSP: 0018:ffff888016ee7800 EFLAGS: 00010212 [ 117.334601] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900029b2000 [ 117.335151] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 117.335713] RBP: ffff888016ee7a70 R08: ffff88806ce31340 R09: ffffe8ffffc15c18 [ 117.336271] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 117.336822] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 117.337375] FS: 00007fe55444d700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 117.338002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.338457] CR2: 0000000000000000 CR3: 000000003540e000 CR4: 0000000000350ef0 [ 117.339016] Kernel panic - not syncing: Fatal exception in interrupt [ 118.381178] Shutting down cpus with NMI [ 118.381621] Kernel Offset: disabled [ 118.381893] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 09:49:55 Registers: info registers vcpu 0 RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888016ee70f0 R8 =0000000000000000 R9 =ffffed1001401046 R10=0000000000000065 R11=0000000065646f43 R12=0000000000000065 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fe55444d700 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe7c00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=000000003540e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=000000000000786a RCX=ffffffff819cd6f7 RDX=ffff888044831b80 RSI=ffffffff819cd705 RDI=0000000000000006 RBP=1ffff11002d07efd RSP=ffff88801683f7e0 R8 =0000000000000000 R9 =fffff940001cdb56 R10=000000000000786a R11=ffff8880454a84b8 R12=0000000000039b6b R13=ffff8880431fcb40 R14=00007f22b470b000 R15=000000000007ffdf RIP=ffffffff8173e788 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe5800000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=000000001f14f000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000