Warning: Permanently added '[localhost]:25895' (ECDSA) to the list of known hosts. 2025/09/01 10:58:15 fuzzer started 2025/09/01 10:58:16 dialing manager at localhost:35473 syzkaller login: [ 50.430228] cgroup: Unknown subsys name 'net' [ 50.504647] cgroup: Unknown subsys name 'cpuset' [ 50.526937] cgroup: Unknown subsys name 'rlimit' 2025/09/01 10:58:26 syscalls: 2214 2025/09/01 10:58:26 code coverage: enabled 2025/09/01 10:58:26 comparison tracing: enabled 2025/09/01 10:58:26 extra coverage: enabled 2025/09/01 10:58:26 setuid sandbox: enabled 2025/09/01 10:58:26 namespace sandbox: enabled 2025/09/01 10:58:26 Android sandbox: enabled 2025/09/01 10:58:26 fault injection: enabled 2025/09/01 10:58:26 leak checking: enabled 2025/09/01 10:58:26 net packet injection: enabled 2025/09/01 10:58:26 net device setup: enabled 2025/09/01 10:58:26 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 10:58:26 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 10:58:26 USB emulation: enabled 2025/09/01 10:58:26 hci packet injection: enabled 2025/09/01 10:58:26 wifi device emulation: enabled 2025/09/01 10:58:26 802.15.4 emulation: enabled 2025/09/01 10:58:26 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 10:58:26 fetching corpus: 50, signal 25225/28693 (executing program) 2025/09/01 10:58:26 fetching corpus: 100, signal 36681/41549 (executing program) 2025/09/01 10:58:26 fetching corpus: 150, signal 45965/52050 (executing program) 2025/09/01 10:58:27 fetching corpus: 200, signal 51256/58547 (executing program) 2025/09/01 10:58:27 fetching corpus: 250, signal 57046/65383 (executing program) 2025/09/01 10:58:27 fetching corpus: 300, signal 59444/68998 (executing program) 2025/09/01 10:58:27 fetching corpus: 350, signal 64924/75363 (executing program) 2025/09/01 10:58:27 fetching corpus: 400, signal 69359/80665 (executing program) 2025/09/01 10:58:27 fetching corpus: 450, signal 72599/84813 (executing program) 2025/09/01 10:58:27 fetching corpus: 500, signal 74698/87894 (executing program) 2025/09/01 10:58:27 fetching corpus: 550, signal 76313/90506 (executing program) 2025/09/01 10:58:27 fetching corpus: 600, signal 79740/94624 (executing program) 2025/09/01 10:58:27 fetching corpus: 650, signal 81806/97530 (executing program) 2025/09/01 10:58:28 fetching corpus: 700, signal 86769/102814 (executing program) 2025/09/01 10:58:28 fetching corpus: 750, signal 88313/105137 (executing program) 2025/09/01 10:58:28 fetching corpus: 800, signal 90023/107586 (executing program) 2025/09/01 10:58:28 fetching corpus: 850, signal 91818/110076 (executing program) 2025/09/01 10:58:28 fetching corpus: 900, signal 93839/112679 (executing program) 2025/09/01 10:58:28 fetching corpus: 950, signal 95926/115332 (executing program) 2025/09/01 10:58:28 fetching corpus: 1000, signal 96959/117081 (executing program) 2025/09/01 10:58:28 fetching corpus: 1050, signal 98973/119546 (executing program) 2025/09/01 10:58:28 fetching corpus: 1100, signal 100705/121767 (executing program) 2025/09/01 10:58:28 fetching corpus: 1150, signal 102289/123850 (executing program) 2025/09/01 10:58:28 fetching corpus: 1200, signal 103570/125697 (executing program) 2025/09/01 10:58:29 fetching corpus: 1250, signal 104905/127601 (executing program) 2025/09/01 10:58:29 fetching corpus: 1300, signal 106375/129553 (executing program) 2025/09/01 10:58:29 fetching corpus: 1350, signal 107642/131268 (executing program) 2025/09/01 10:58:29 fetching corpus: 1400, signal 108908/132943 (executing program) 2025/09/01 10:58:29 fetching corpus: 1450, signal 109911/134454 (executing program) 2025/09/01 10:58:29 fetching corpus: 1500, signal 111104/136030 (executing program) 2025/09/01 10:58:29 fetching corpus: 1550, signal 112298/137624 (executing program) 2025/09/01 10:58:29 fetching corpus: 1600, signal 113219/139025 (executing program) 2025/09/01 10:58:29 fetching corpus: 1650, signal 114707/140715 (executing program) 2025/09/01 10:58:29 fetching corpus: 1700, signal 116034/142349 (executing program) 2025/09/01 10:58:29 fetching corpus: 1750, signal 116877/143626 (executing program) 2025/09/01 10:58:30 fetching corpus: 1800, signal 118244/145210 (executing program) 2025/09/01 10:58:30 fetching corpus: 1850, signal 119518/146754 (executing program) 2025/09/01 10:58:30 fetching corpus: 1900, signal 120586/148087 (executing program) 2025/09/01 10:58:30 fetching corpus: 1950, signal 121501/149299 (executing program) 2025/09/01 10:58:30 fetching corpus: 2000, signal 122088/150330 (executing program) 2025/09/01 10:58:30 fetching corpus: 2050, signal 123006/151501 (executing program) 2025/09/01 10:58:30 fetching corpus: 2100, signal 124117/152792 (executing program) 2025/09/01 10:58:30 fetching corpus: 2150, signal 125070/154007 (executing program) 2025/09/01 10:58:30 fetching corpus: 2200, signal 125984/155110 (executing program) 2025/09/01 10:58:30 fetching corpus: 2250, signal 127036/156314 (executing program) 2025/09/01 10:58:30 fetching corpus: 2300, signal 127670/157244 (executing program) 2025/09/01 10:58:31 fetching corpus: 2350, signal 128367/158185 (executing program) 2025/09/01 10:58:31 fetching corpus: 2400, signal 129264/159268 (executing program) 2025/09/01 10:58:31 fetching corpus: 2450, signal 129915/160195 (executing program) 2025/09/01 10:58:31 fetching corpus: 2500, signal 131139/161337 (executing program) 2025/09/01 10:58:31 fetching corpus: 2550, signal 131986/162267 (executing program) 2025/09/01 10:58:31 fetching corpus: 2600, signal 132604/163169 (executing program) 2025/09/01 10:58:31 fetching corpus: 2650, signal 133571/164216 (executing program) 2025/09/01 10:58:31 fetching corpus: 2700, signal 134563/165181 (executing program) 2025/09/01 10:58:31 fetching corpus: 2750, signal 135273/166006 (executing program) 2025/09/01 10:58:31 fetching corpus: 2800, signal 135738/166725 (executing program) 2025/09/01 10:58:32 fetching corpus: 2850, signal 136391/167495 (executing program) 2025/09/01 10:58:32 fetching corpus: 2900, signal 136811/168169 (executing program) 2025/09/01 10:58:32 fetching corpus: 2950, signal 137718/169030 (executing program) 2025/09/01 10:58:32 fetching corpus: 3000, signal 138536/169810 (executing program) 2025/09/01 10:58:32 fetching corpus: 3050, signal 139096/170542 (executing program) 2025/09/01 10:58:32 fetching corpus: 3100, signal 139852/171257 (executing program) 2025/09/01 10:58:32 fetching corpus: 3150, signal 140467/171966 (executing program) 2025/09/01 10:58:32 fetching corpus: 3200, signal 141214/172688 (executing program) 2025/09/01 10:58:32 fetching corpus: 3250, signal 141935/173377 (executing program) 2025/09/01 10:58:32 fetching corpus: 3300, signal 142469/174013 (executing program) 2025/09/01 10:58:33 fetching corpus: 3350, signal 143112/174662 (executing program) 2025/09/01 10:58:33 fetching corpus: 3400, signal 143520/175238 (executing program) 2025/09/01 10:58:33 fetching corpus: 3450, signal 144140/175868 (executing program) 2025/09/01 10:58:33 fetching corpus: 3500, signal 144800/176464 (executing program) 2025/09/01 10:58:33 fetching corpus: 3550, signal 145554/177088 (executing program) 2025/09/01 10:58:33 fetching corpus: 3600, signal 145964/177580 (executing program) 2025/09/01 10:58:33 fetching corpus: 3650, signal 146440/178125 (executing program) 2025/09/01 10:58:33 fetching corpus: 3700, signal 146886/178682 (executing program) 2025/09/01 10:58:33 fetching corpus: 3750, signal 147336/179137 (executing program) 2025/09/01 10:58:33 fetching corpus: 3800, signal 147882/179635 (executing program) 2025/09/01 10:58:33 fetching corpus: 3850, signal 148547/180167 (executing program) 2025/09/01 10:58:34 fetching corpus: 3900, signal 148993/180627 (executing program) 2025/09/01 10:58:34 fetching corpus: 3950, signal 149700/181123 (executing program) 2025/09/01 10:58:34 fetching corpus: 4000, signal 150039/181585 (executing program) 2025/09/01 10:58:34 fetching corpus: 4050, signal 150639/182029 (executing program) 2025/09/01 10:58:34 fetching corpus: 4100, signal 151268/182468 (executing program) 2025/09/01 10:58:34 fetching corpus: 4150, signal 151774/182899 (executing program) 2025/09/01 10:58:34 fetching corpus: 4200, signal 152130/183320 (executing program) 2025/09/01 10:58:34 fetching corpus: 4250, signal 152647/183737 (executing program) 2025/09/01 10:58:34 fetching corpus: 4300, signal 153078/184103 (executing program) 2025/09/01 10:58:34 fetching corpus: 4350, signal 153642/184494 (executing program) 2025/09/01 10:58:34 fetching corpus: 4400, signal 153980/184855 (executing program) 2025/09/01 10:58:35 fetching corpus: 4450, signal 154434/185231 (executing program) 2025/09/01 10:58:35 fetching corpus: 4500, signal 154802/185598 (executing program) 2025/09/01 10:58:35 fetching corpus: 4550, signal 155596/185727 (executing program) 2025/09/01 10:58:35 fetching corpus: 4600, signal 156064/185734 (executing program) 2025/09/01 10:58:35 fetching corpus: 4650, signal 156399/185741 (executing program) 2025/09/01 10:58:35 fetching corpus: 4700, signal 156706/185754 (executing program) 2025/09/01 10:58:35 fetching corpus: 4750, signal 157343/185766 (executing program) 2025/09/01 10:58:35 fetching corpus: 4800, signal 158640/185796 (executing program) 2025/09/01 10:58:35 fetching corpus: 4850, signal 159038/185797 (executing program) 2025/09/01 10:58:35 fetching corpus: 4900, signal 159404/185810 (executing program) 2025/09/01 10:58:36 fetching corpus: 4950, signal 160136/185825 (executing program) 2025/09/01 10:58:36 fetching corpus: 5000, signal 160536/185835 (executing program) 2025/09/01 10:58:36 fetching corpus: 5050, signal 161018/185857 (executing program) 2025/09/01 10:58:36 fetching corpus: 5100, signal 161492/185860 (executing program) 2025/09/01 10:58:36 fetching corpus: 5150, signal 161815/185872 (executing program) 2025/09/01 10:58:36 fetching corpus: 5200, signal 162181/185881 (executing program) 2025/09/01 10:58:36 fetching corpus: 5250, signal 162511/185886 (executing program) 2025/09/01 10:58:36 fetching corpus: 5300, signal 163169/185896 (executing program) 2025/09/01 10:58:36 fetching corpus: 5350, signal 163559/185900 (executing program) 2025/09/01 10:58:36 fetching corpus: 5400, signal 164346/185910 (executing program) 2025/09/01 10:58:36 fetching corpus: 5450, signal 164739/185920 (executing program) 2025/09/01 10:58:36 fetching corpus: 5500, signal 165132/185921 (executing program) 2025/09/01 10:58:37 fetching corpus: 5550, signal 165501/185921 (executing program) 2025/09/01 10:58:37 fetching corpus: 5600, signal 165814/185921 (executing program) 2025/09/01 10:58:37 fetching corpus: 5650, signal 166241/185951 (executing program) 2025/09/01 10:58:37 fetching corpus: 5700, signal 166668/185964 (executing program) 2025/09/01 10:58:37 fetching corpus: 5750, signal 167576/185993 (executing program) 2025/09/01 10:58:37 fetching corpus: 5800, signal 167924/185997 (executing program) 2025/09/01 10:58:37 fetching corpus: 5850, signal 168313/186007 (executing program) 2025/09/01 10:58:37 fetching corpus: 5900, signal 168945/186021 (executing program) 2025/09/01 10:58:37 fetching corpus: 5950, signal 169307/186025 (executing program) 2025/09/01 10:58:37 fetching corpus: 6000, signal 169619/186033 (executing program) 2025/09/01 10:58:37 fetching corpus: 6050, signal 169834/186043 (executing program) 2025/09/01 10:58:37 fetching corpus: 6100, signal 170124/186052 (executing program) 2025/09/01 10:58:37 fetching corpus: 6150, signal 170474/186081 (executing program) 2025/09/01 10:58:37 fetching corpus: 6200, signal 170709/186085 (executing program) 2025/09/01 10:58:38 fetching corpus: 6250, signal 171313/186127 (executing program) 2025/09/01 10:58:38 fetching corpus: 6300, signal 171676/186135 (executing program) 2025/09/01 10:58:38 fetching corpus: 6350, signal 171999/186136 (executing program) 2025/09/01 10:58:38 fetching corpus: 6400, signal 172293/186156 (executing program) 2025/09/01 10:58:38 fetching corpus: 6450, signal 172590/186159 (executing program) 2025/09/01 10:58:38 fetching corpus: 6500, signal 172948/186162 (executing program) 2025/09/01 10:58:38 fetching corpus: 6550, signal 173311/186163 (executing program) 2025/09/01 10:58:38 fetching corpus: 6600, signal 173646/186168 (executing program) 2025/09/01 10:58:38 fetching corpus: 6650, signal 173914/186177 (executing program) 2025/09/01 10:58:38 fetching corpus: 6700, signal 174243/186185 (executing program) 2025/09/01 10:58:38 fetching corpus: 6750, signal 174467/186186 (executing program) 2025/09/01 10:58:39 fetching corpus: 6800, signal 174871/186200 (executing program) 2025/09/01 10:58:39 fetching corpus: 6850, signal 175098/186226 (executing program) 2025/09/01 10:58:39 fetching corpus: 6900, signal 175512/186228 (executing program) 2025/09/01 10:58:39 fetching corpus: 6950, signal 175846/186232 (executing program) 2025/09/01 10:58:39 fetching corpus: 7000, signal 176160/186320 (executing program) 2025/09/01 10:58:39 fetching corpus: 7050, signal 176469/186326 (executing program) 2025/09/01 10:58:39 fetching corpus: 7100, signal 176713/186329 (executing program) 2025/09/01 10:58:39 fetching corpus: 7150, signal 177065/186369 (executing program) 2025/09/01 10:58:39 fetching corpus: 7200, signal 177452/186448 (executing program) 2025/09/01 10:58:39 fetching corpus: 7250, signal 177863/186448 (executing program) 2025/09/01 10:58:39 fetching corpus: 7300, signal 178158/186449 (executing program) 2025/09/01 10:58:39 fetching corpus: 7350, signal 178542/186451 (executing program) 2025/09/01 10:58:40 fetching corpus: 7399, signal 178776/186455 (executing program) 2025/09/01 10:58:40 fetching corpus: 7449, signal 180522/186471 (executing program) 2025/09/01 10:58:40 fetching corpus: 7499, signal 180954/186492 (executing program) 2025/09/01 10:58:40 fetching corpus: 7549, signal 181188/186499 (executing program) 2025/09/01 10:58:40 fetching corpus: 7599, signal 181626/186512 (executing program) 2025/09/01 10:58:40 fetching corpus: 7649, signal 181858/186513 (executing program) 2025/09/01 10:58:40 fetching corpus: 7699, signal 182231/186520 (executing program) 2025/09/01 10:58:40 fetching corpus: 7749, signal 182568/186521 (executing program) 2025/09/01 10:58:40 fetching corpus: 7799, signal 182823/186528 (executing program) 2025/09/01 10:58:40 fetching corpus: 7849, signal 183086/186532 (executing program) 2025/09/01 10:58:40 fetching corpus: 7899, signal 183461/186534 (executing program) 2025/09/01 10:58:41 fetching corpus: 7930, signal 183681/186538 (executing program) 2025/09/01 10:58:41 fetching corpus: 7930, signal 183681/186538 (executing program) 2025/09/01 10:58:43 starting 8 fuzzer processes 10:58:43 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3) 10:58:43 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='loginuid\x00') write$P9_RFSYNC(r0, 0x0, 0x8f) 10:58:43 executing program 2: syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={[{@overriderock}, {@map_normal}, {@block}, {@sbsector}, {@check_strict}, {@dmode}, {@map_acorn}], [{@fowner_gt={'fowner>', 0xee01}}, {@fowner_gt={'fowner>', 0xee01}}, {@obj_type}, {@appraise_type}, {@context={'context', 0x3d, 'unconfined_u'}}]}) 10:58:43 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) getdents64(r0, &(0x7f0000000140)=""/242, 0x18) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = fork() r2 = pidfd_open(r1, 0x0) process_madvise(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)="a6069f62fd2f03e518897710ad0e64e47c8585239deaa9b391f6cb07aca55ff82414c756621b6e9011ef5ca588607eb631251b65b55c", 0x36}], 0x1, 0xa, 0x0) 10:58:43 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x13, 0x0, &(0x7f00000018c0)) 10:58:43 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) process_vm_readv(0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/132, 0x84}], 0x1000000000000092, &(0x7f0000000680)=[{&(0x7f0000000800)=""/102400, 0x19000}], 0x1, 0x0) 10:58:43 executing program 6: request_key(&(0x7f0000000440)='cifs.spnego\x00', &(0x7f0000000480)={'syz', 0x0}, &(0x7f00000004c0)='+\xd6*\x00', 0xfffffffffffffffe) 10:58:43 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r1, 0x0, 0x801, 0x0) read(r0, &(0x7f00000000c0)=""/126, 0x7e) [ 77.934832] audit: type=1400 audit(1756724323.778:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 79.177609] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 79.180667] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 79.182912] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.188547] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.191677] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.247774] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 79.252410] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 79.254639] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 79.260903] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.265426] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.323684] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 79.328844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 79.331719] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 79.333768] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 79.337522] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 79.339561] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.342083] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.345462] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.348779] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 79.350508] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.356862] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 79.358447] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 79.360546] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 79.362744] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 79.364446] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.369000] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 79.375405] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 79.386554] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 79.388481] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 79.401611] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 79.405560] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 79.422194] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 79.434421] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 79.435831] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 79.441428] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 79.451928] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 79.465828] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 79.486347] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 79.491279] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 79.509508] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 81.271733] Bluetooth: hci0: command tx timeout [ 81.335289] Bluetooth: hci1: command tx timeout [ 81.399192] Bluetooth: hci3: command tx timeout [ 81.464162] Bluetooth: hci4: command tx timeout [ 81.464537] Bluetooth: hci5: command tx timeout [ 81.527220] Bluetooth: hci6: command tx timeout [ 81.528927] Bluetooth: hci2: command tx timeout [ 81.591478] Bluetooth: hci7: command tx timeout [ 83.320192] Bluetooth: hci0: command tx timeout [ 83.383533] Bluetooth: hci1: command tx timeout [ 83.448162] Bluetooth: hci3: command tx timeout [ 83.511216] Bluetooth: hci5: command tx timeout [ 83.511333] Bluetooth: hci4: command tx timeout [ 83.576218] Bluetooth: hci2: command tx timeout [ 83.576624] Bluetooth: hci6: command tx timeout [ 83.639215] Bluetooth: hci7: command tx timeout [ 85.368279] Bluetooth: hci0: command tx timeout [ 85.432234] Bluetooth: hci1: command tx timeout [ 85.496282] Bluetooth: hci3: command tx timeout [ 85.559178] Bluetooth: hci4: command tx timeout [ 85.560197] Bluetooth: hci5: command tx timeout [ 85.623317] Bluetooth: hci6: command tx timeout [ 85.623689] Bluetooth: hci2: command tx timeout [ 85.687240] Bluetooth: hci7: command tx timeout [ 87.416210] Bluetooth: hci0: command tx timeout [ 87.479233] Bluetooth: hci1: command tx timeout [ 87.543321] Bluetooth: hci3: command tx timeout [ 87.607278] Bluetooth: hci5: command tx timeout [ 87.607371] Bluetooth: hci4: command tx timeout [ 87.673164] Bluetooth: hci6: command tx timeout [ 87.673591] Bluetooth: hci2: command tx timeout [ 87.736174] Bluetooth: hci7: command tx timeout [ 114.641603] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.642290] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.795238] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.795861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:59:21 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) process_vm_readv(0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/132, 0x84}], 0x1000000000000092, &(0x7f0000000680)=[{&(0x7f0000000800)=""/102400, 0x19000}], 0x1, 0x0) 10:59:21 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) process_vm_readv(0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/132, 0x84}], 0x1000000000000092, &(0x7f0000000680)=[{&(0x7f0000000800)=""/102400, 0x19000}], 0x1, 0x0) [ 115.655764] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.656384] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:59:21 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) process_vm_readv(0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/132, 0x84}], 0x1000000000000092, &(0x7f0000000680)=[{&(0x7f0000000800)=""/102400, 0x19000}], 0x1, 0x0) [ 115.867772] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.868704] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:59:21 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) accept$inet6(r0, 0x0, 0x0) 10:59:21 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000002c0)) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) epoll_pwait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x0, 0x0, 0x0) [ 115.948192] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.948811] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:59:21 executing program 3: r0 = timerfd_create(0x8, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setresuid(0x0, r1, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000040)={{0x77359400}}, 0x0) 10:59:21 executing program 3: syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @echo={0x5}}}}}, 0x0) [ 116.126209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.126844] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:59:21 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$sock_linger(r0, 0x1, 0x4, 0x0, &(0x7f0000000140)) [ 116.328469] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.329105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.395735] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.396762] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.565249] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.565873] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.714360] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.715576] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.020115] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.020940] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.099908] SELinux: security_context_str_to_sid () failed with errno=-22 [ 117.108467] SELinux: security_context_str_to_sid () failed with errno=-22 [ 117.134357] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.134983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.242722] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.243802] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.302387] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.303617] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.374028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.375494] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.424671] audit: type=1400 audit(1756724363.267:8): avc: denied { open } for pid=3905 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 117.426331] audit: type=1400 audit(1756724363.267:9): avc: denied { kernel } for pid=3905 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 117.449624] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 117.450387] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 117.450929] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 117.451480] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 117.452089] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 117.552707] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.553802] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:59:23 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3) 10:59:23 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x13, 0x0, &(0x7f00000018c0)) 10:59:23 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) getdents64(r0, &(0x7f0000000140)=""/242, 0x18) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = fork() r2 = pidfd_open(r1, 0x0) process_madvise(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)="a6069f62fd2f03e518897710ad0e64e47c8585239deaa9b391f6cb07aca55ff82414c756621b6e9011ef5ca588607eb631251b65b55c", 0x36}], 0x1, 0xa, 0x0) 10:59:23 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000500000000f000000000000000200000006000000000008000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000008000000018000000c20500002b82", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000039c043f6970341999833e8e90d2470c4010040", 0x1f, 0x4e0}, {0x0, 0x0, 0x80000}], 0x0, &(0x7f0000013b00)) 10:59:23 executing program 3: prlimit64(0x0, 0x0, &(0x7f0000000000)={0x451a}, 0x0) 10:59:23 executing program 6: request_key(&(0x7f0000000440)='cifs.spnego\x00', &(0x7f0000000480)={'syz', 0x0}, &(0x7f00000004c0)='+\xd6*\x00', 0xfffffffffffffffe) 10:59:23 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x10000, 0x0, 0x3, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10000, 0x2}, 0x20) 10:59:23 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBMETA(r0, 0x4b48, &(0x7f0000000000)) 10:59:23 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x10000, 0x0, 0x3, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10000, 0x2}, 0x20) [ 117.854771] loop4: detected capacity change from 0 to 2048 [ 117.859512] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 117.860410] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 117.860972] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 117.861551] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 117.862175] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 10:59:23 executing program 3: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) getdents64(r0, &(0x7f0000000140)=""/242, 0x18) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = fork() r2 = pidfd_open(r1, 0x0) process_madvise(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)="a6069f62fd2f03e518897710ad0e64e47c8585239deaa9b391f6cb07aca55ff82414c756621b6e9011ef5ca588607eb631251b65b55c", 0x36}], 0x1, 0xa, 0x0) [ 117.887789] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 117.889277] EXT4-fs (loop4): group descriptors corrupted! [ 117.966538] loop4: detected capacity change from 0 to 2048 [ 117.981791] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 117.983144] EXT4-fs (loop4): group descriptors corrupted! 10:59:23 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x10000, 0x0, 0x3, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10000, 0x2}, 0x20) 10:59:23 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x13, 0x0, &(0x7f00000018c0)) 10:59:23 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) getdents64(r0, &(0x7f0000000140)=""/242, 0x18) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = fork() r2 = pidfd_open(r1, 0x0) process_madvise(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)="a6069f62fd2f03e518897710ad0e64e47c8585239deaa9b391f6cb07aca55ff82414c756621b6e9011ef5ca588607eb631251b65b55c", 0x36}], 0x1, 0xa, 0x0) 10:59:23 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3) 10:59:23 executing program 3: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) getdents64(r0, &(0x7f0000000140)=""/242, 0x18) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = fork() r2 = pidfd_open(r1, 0x0) process_madvise(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)="a6069f62fd2f03e518897710ad0e64e47c8585239deaa9b391f6cb07aca55ff82414c756621b6e9011ef5ca588607eb631251b65b55c", 0x36}], 0x1, 0xa, 0x0) 10:59:23 executing program 6: request_key(&(0x7f0000000440)='cifs.spnego\x00', &(0x7f0000000480)={'syz', 0x0}, &(0x7f00000004c0)='+\xd6*\x00', 0xfffffffffffffffe) 10:59:23 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000500000000f000000000000000200000006000000000008000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000008000000018000000c20500002b82", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000039c043f6970341999833e8e90d2470c4010040", 0x1f, 0x4e0}, {0x0, 0x0, 0x80000}], 0x0, &(0x7f0000013b00)) 10:59:23 executing program 1: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)='(', 0x1}, {&(0x7f0000000180)='U', 0x1}], 0x2, 0x0) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000040)) [ 118.099547] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 118.100354] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 118.100974] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 118.101644] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 118.102298] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 118.102506] loop4: detected capacity change from 0 to 2048 [ 118.121228] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 118.122801] EXT4-fs (loop4): group descriptors corrupted! 10:59:24 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3) [ 118.225945] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 118.226745] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 118.227323] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 118.227864] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 118.228558] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 10:59:24 executing program 6: request_key(&(0x7f0000000440)='cifs.spnego\x00', &(0x7f0000000480)={'syz', 0x0}, &(0x7f00000004c0)='+\xd6*\x00', 0xfffffffffffffffe) 10:59:24 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) getdents64(r0, &(0x7f0000000140)=""/242, 0x18) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = fork() r2 = pidfd_open(r1, 0x0) process_madvise(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)="a6069f62fd2f03e518897710ad0e64e47c8585239deaa9b391f6cb07aca55ff82414c756621b6e9011ef5ca588607eb631251b65b55c", 0x36}], 0x1, 0xa, 0x0) 10:59:24 executing program 1: perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x1267, &(0x7f0000002040)) 10:59:24 executing program 3: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) getdents64(r0, &(0x7f0000000140)=""/242, 0x18) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = fork() r2 = pidfd_open(r1, 0x0) process_madvise(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)="a6069f62fd2f03e518897710ad0e64e47c8585239deaa9b391f6cb07aca55ff82414c756621b6e9011ef5ca588607eb631251b65b55c", 0x36}], 0x1, 0xa, 0x0) 10:59:24 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x13, 0x0, &(0x7f00000018c0)) 10:59:24 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x10000, 0x0, 0x3, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10000, 0x2}, 0x20) 10:59:24 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000500000000f000000000000000200000006000000000008000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000008000000018000000c20500002b82", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000039c043f6970341999833e8e90d2470c4010040", 0x1f, 0x4e0}, {0x0, 0x0, 0x80000}], 0x0, &(0x7f0000013b00)) [ 118.339488] loop4: detected capacity change from 0 to 2048 [ 118.354466] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 118.355244] EXT4-fs (loop4): group descriptors corrupted! 10:59:24 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000000740)={0x38, r2, 0xcea008a6e34dc1cb, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r3}, @val={0xc}}}, [@NL80211_ATTR_VENDOR_ID={0x8}, @NL80211_ATTR_VENDOR_SUBCMD={0x8}]}, 0x38}}, 0x0) 10:59:24 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000500000000f000000000000000200000006000000000008000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000008000000018000000c20500002b82", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000039c043f6970341999833e8e90d2470c4010040", 0x1f, 0x4e0}, {0x0, 0x0, 0x80000}], 0x0, &(0x7f0000013b00)) 10:59:24 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f0000000040), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_MOVE(0x1e, r2, r0, r1, 0x0) getpid() readv(0xffffffffffffffff, 0x0, 0x0) 10:59:24 executing program 2: r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) fstat(r0, &(0x7f0000000340)) 10:59:24 executing program 7: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) readv(r0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/211, 0xd3}], 0x1) 10:59:24 executing program 5: r0 = memfd_create(&(0x7f0000000100)='veth1_macvtap\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) 10:59:24 executing program 6: semctl$IPC_SET(0x0, 0x0, 0x1, 0x0) [ 118.578935] loop4: detected capacity change from 0 to 2048 [ 118.590816] kmemleak: Found object by alias at 0x607f1a63e68c [ 118.590841] CPU: 0 UID: 0 PID: 3965 Comm: syz-executor.1 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 118.590875] Tainted: [W]=WARN [ 118.590882] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 118.590894] Call Trace: [ 118.590901] [ 118.590909] dump_stack_lvl+0xca/0x120 [ 118.590950] __lookup_object+0x94/0xb0 [ 118.590981] delete_object_full+0x27/0x70 [ 118.591012] free_percpu+0x30/0x1160 [ 118.591042] ? arch_uprobe_clear_state+0x16/0x140 [ 118.591078] futex_hash_free+0x38/0xc0 [ 118.591104] mmput+0x2d3/0x390 [ 118.591147] do_exit+0x79d/0x2970 [ 118.591174] ? signal_wake_up_state+0x85/0x120 [ 118.591205] ? zap_other_threads+0x2b9/0x3a0 [ 118.591235] ? __pfx_do_exit+0x10/0x10 [ 118.591259] ? do_group_exit+0x1c3/0x2a0 [ 118.591285] ? lock_release+0xc8/0x290 [ 118.591316] do_group_exit+0xd3/0x2a0 [ 118.591344] __x64_sys_exit_group+0x3e/0x50 [ 118.591371] x64_sys_call+0x18c5/0x18d0 [ 118.591399] do_syscall_64+0xbf/0x360 [ 118.591422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.591444] RIP: 0033:0x7f02b3605b19 [ 118.591460] Code: Unable to access opcode bytes at 0x7f02b3605aef. [ 118.591470] RSP: 002b:00007ffd79191258 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.591491] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f02b3605b19 [ 118.591505] RDX: 00007f02b35b872b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 118.591518] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001 [ 118.591531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 118.591543] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd79191340 [ 118.591571] [ 118.591578] kmemleak: Object (percpu) 0x607f1a63e688 (size 8): [ 118.591590] kmemleak: comm "syz-executor.3", pid 3985, jiffies 4294785472 [ 118.591603] kmemleak: min_count = 1 [ 118.591611] kmemleak: count = 0 [ 118.591617] kmemleak: flags = 0x21 [ 118.591625] kmemleak: checksum = 0 [ 118.591631] kmemleak: backtrace: [ 118.591637] pcpu_alloc_noprof+0x87a/0x1170 [ 118.591667] perf_trace_event_init+0x366/0xa10 [ 118.591692] perf_trace_init+0x1a4/0x2f0 [ 118.591715] perf_tp_event_init+0xa6/0x120 [ 118.591744] perf_try_init_event+0x140/0x9f0 [ 118.591769] perf_event_alloc.part.0+0x118e/0x45f0 [ 118.591801] __do_sys_perf_event_open+0x719/0x2c20 [ 118.591825] do_syscall_64+0xbf/0x360 [ 118.591843] entry_SYSCALL_64_after_hwframe+0x77/0x7f 10:59:24 executing program 5: r0 = getpid() r1 = pidfd_open(r0, 0x0) readahead(r1, 0x0, 0x0) [ 118.646337] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 118.649426] EXT4-fs (loop4): group descriptors corrupted! [ 118.651603] audit: type=1326 audit(1756724364.484:10): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3987 comm="syz-executor.7" exe="/syz-executor.7" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f66fad9fb19 code=0x0 10:59:24 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) write$binfmt_script(r0, 0x0, 0x0) [ 118.693227] audit: type=1400 audit(1756724364.535:11): avc: denied { read } for pid=3987 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 10:59:24 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f0000000040), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_MOVE(0x1e, r2, r0, r1, 0x0) getpid() readv(0xffffffffffffffff, 0x0, 0x0) 10:59:24 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000000740)={0x38, r2, 0xcea008a6e34dc1cb, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r3}, @val={0xc}}}, [@NL80211_ATTR_VENDOR_ID={0x8}, @NL80211_ATTR_VENDOR_SUBCMD={0x8}]}, 0x38}}, 0x0) [ 118.741931] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI [ 118.743581] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 118.744675] CPU: 0 UID: 0 PID: 3997 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 118.749266] Tainted: [W]=WARN [ 118.751377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 118.754184] RIP: 0010:perf_tp_event+0x175/0xe70 [ 118.754899] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 118.757572] RSP: 0018:ffff888047faf800 EFLAGS: 00010212 [ 118.758357] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 118.759411] RDX: ffff8880474ab700 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 118.760456] RBP: ffff888047fafa70 R08: ffff88806ce31340 R09: ffffe8ffffc16688 [ 118.761504] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 118.762560] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 118.763625] FS: 000055558dcbc400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 118.764797] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.765686] CR2: 000055558dcbdc18 CR3: 000000000d535000 CR4: 0000000000350ef0 [ 118.766748] Call Trace: [ 118.767137] [ 118.767492] ? arch_scale_cpu_capacity+0x17/0xa0 [ 118.768223] ? __pfx_perf_tp_event+0x10/0x10 [ 118.768904] ? __asan_memset+0x24/0x50 [ 118.769531] ? perf_trace_lock+0xb5/0x5d0 [ 118.770171] ? kvm_sched_clock_read+0x16/0x30 [ 118.770844] ? sched_clock+0x37/0x60 [ 118.771413] ? lock_is_held_type+0x9e/0x120 [ 118.772079] ? perf_trace_run_bpf_submit+0xef/0x180 [ 118.772826] perf_trace_run_bpf_submit+0xef/0x180 [ 118.773570] perf_trace_lock+0x337/0x5d0 [ 118.774191] ? __pfx_perf_trace_lock+0x10/0x10 [ 118.774884] ? lock_acquire+0x15e/0x2f0 [ 118.775486] ? futex_ref_get+0x48/0x300 [ 118.776081] ? futex_ref_get+0x114/0x300 [ 118.776688] ? futex_hash+0x15c/0x390 [ 118.777278] lock_release+0x1ab/0x290 [ 118.777859] ? futex_hash+0x15c/0x390 [ 118.778434] futex_ref_get+0x119/0x300 [ 118.779024] ? futex_hash+0x15c/0x390 [ 118.779601] futex_hash+0x70/0x390 [ 118.780134] futex_wake+0x143/0x540 [ 118.780700] ? put_pid+0x1f/0x30 [ 118.781213] ? kernel_clone+0x204/0x7f0 [ 118.781813] ? __pfx_futex_wake+0x10/0x10 [ 118.782448] ? __pfx_kernel_clone+0x10/0x10 [ 118.783103] ? perf_trace_lock+0xb5/0x5d0 [ 118.783734] do_futex+0x26d/0x370 [ 118.784270] ? __pfx_do_futex+0x10/0x10 [ 118.784878] ? __pfx___do_sys_clone+0x10/0x10 [ 118.785547] ? find_held_lock+0x2b/0x80 [ 118.786160] __x64_sys_futex+0x1c9/0x4d0 [ 118.786776] ? __pfx___x64_sys_futex+0x10/0x10 [ 118.787471] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 118.788240] do_syscall_64+0xbf/0x360 [ 118.788825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.789578] RIP: 0033:0x7f25a628ab19 [ 118.790124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.792757] RSP: 002b:00007ffebcf52a18 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 118.793868] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f25a628ab19 [ 118.794912] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f25a639df68 [ 118.795955] RBP: 00007f25a639df60 R08: 00007f25a3800700 R09: 0000000000000000 [ 118.796992] R10: 00007f25a3800700 R11: 0000000000000246 R12: 00007f25a63a2018 [ 118.798031] R13: 00007ffebcf52b20 R14: 00007f25a639df60 R15: 000000000001cf63 [ 118.799067] [ 118.799426] Modules linked in: [ 118.801092] ---[ end trace 0000000000000000 ]--- [ 118.802891] RIP: 0010:perf_tp_event+0x175/0xe70 [ 118.803663] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 118.806334] RSP: 0018:ffff888047faf800 EFLAGS: 00010212 [ 118.807141] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 118.808203] RDX: ffff8880474ab700 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 118.809288] RBP: ffff888047fafa70 R08: ffff88806ce31340 R09: ffffe8ffffc16688 [ 118.810387] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 118.811466] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 118.812542] FS: 000055558dcbc400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 118.813756] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.814906] CR2: 000055558dcbdc18 CR3: 000000000d535000 CR4: 0000000000350ef0 [ 118.816204] note: syz-executor.5[3997] exited with preempt_count 1 [ 118.817322] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51 [ 118.818835] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 3997, name: syz-executor.5 [ 118.820270] preempt_count: 0, expected: 0 [ 118.820888] RCU nest depth: 2, expected: 0 [ 118.821712] INFO: lockdep is turned off. [ 118.822520] CPU: 0 UID: 0 PID: 3997 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 118.822557] Tainted: [D]=DIE, [W]=WARN [ 118.822565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 118.822576] Call Trace: [ 118.822583] [ 118.822591] dump_stack_lvl+0xfa/0x120 [ 118.822626] __might_resched+0x2f3/0x510 [ 118.822651] exit_signals+0x25/0x940 [ 118.822684] do_exit+0x2db/0x2970 [ 118.822709] ? _printk+0xbe/0xf0 [ 118.822732] ? __pfx__printk+0x10/0x10 [ 118.822757] ? __pfx_do_exit+0x10/0x10 [ 118.822785] make_task_dead+0x174/0x3b0 [ 118.822809] ? do_syscall_64+0xbf/0x360 [ 118.822830] rewind_stack_and_make_dead+0x16/0x20 [ 118.822864] RIP: 0033:0x7f25a628ab19 [ 118.822880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.822900] RSP: 002b:00007ffebcf52a18 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 118.822920] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f25a628ab19 [ 118.822934] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f25a639df68 [ 118.822947] RBP: 00007f25a639df60 R08: 00007f25a3800700 R09: 0000000000000000 [ 118.822960] R10: 00007f25a3800700 R11: 0000000000000246 R12: 00007f25a63a2018 [ 118.822974] R13: 00007ffebcf52b20 R14: 00007f25a639df60 R15: 000000000001cf63 [ 118.822994] [ 118.926678] BUG: unable to handle page fault for address: ffffed10212c95b6 [ 118.927706] #PF: supervisor read access in kernel mode [ 118.928446] #PF: error_code(0x0000) - not-present page [ 118.929193] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0 [ 118.930006] Oops: Oops: 0000 [#2] SMP KASAN NOPTI [ 118.930704] CPU: 0 UID: 0 PID: 4005 Comm: syz-executor.1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 118.932400] Tainted: [D]=DIE, [W]=WARN [ 118.932964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 118.934131] RIP: 0010:perf_tp_event+0x175/0xe70 [ 118.934831] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 118.937468] RSP: 0018:ffff88804787f800 EFLAGS: 00010212 [ 118.938246] RAX: 1ffff110212c95b6 RBX: ffff88810964abc0 RCX: ffffc9000229b000 [ 118.939292] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: ffff88810964adb0 [ 118.940328] RBP: ffff88804787fa70 R08: ffff88806ce31340 R09: ffffe8ffffc16688 [ 118.941379] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 118.942449] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 118.943475] FS: 00007f02b0b7b700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 118.944672] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.945535] CR2: ffffed10212c95b6 CR3: 000000000d309000 CR4: 0000000000350ef0 [ 118.946561] Call Trace: [ 118.946940] [ 118.947273] ? perf_swevent_event+0x63/0x3f0 [ 118.947930] ? __pfx_perf_tp_event+0x10/0x10 [ 118.948610] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 118.949358] ? perf_swevent_event+0x63/0x3f0 [ 118.950027] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 118.950771] ? perf_swevent_event+0x63/0x3f0 [ 118.951429] ? perf_tp_event+0x807/0xe70 [ 118.952037] ? __pfx_perf_tp_event+0x10/0x10 [ 118.952702] ? perf_ctx_unlock+0x73/0x160 [ 118.953335] ? __perf_install_in_context+0x503/0xb90 [ 118.954086] ? do_raw_spin_unlock+0x53/0x220 [ 118.954768] ? perf_trace_run_bpf_submit+0xef/0x180 [ 118.955520] perf_trace_run_bpf_submit+0xef/0x180 [ 118.956247] perf_trace_lock+0x337/0x5d0 [ 118.956878] ? __pfx_perf_trace_lock+0x10/0x10 [ 118.957577] ? get_futex_key+0x592/0x14a0 [ 118.958198] ? futex_ref_get+0x114/0x300 [ 118.958801] ? futex_hash+0x15c/0x390 [ 118.959382] lock_release+0x1ab/0x290 [ 118.959956] ? futex_hash+0x15c/0x390 [ 118.960528] futex_ref_get+0x119/0x300 [ 118.961127] ? futex_hash+0x15c/0x390 [ 118.961702] futex_hash+0x70/0x390 [ 118.962248] futex_wake+0x143/0x540 [ 118.962815] ? __pfx_perf_trace_lock+0x10/0x10 [ 118.963503] ? __pfx___mutex_lock+0x10/0x10 [ 118.964160] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 118.964946] ? __pfx_futex_wake+0x10/0x10 [ 118.965592] ? lock_release+0x1c7/0x290 [ 118.966195] ? fd_install+0x1f0/0x660 [ 118.966777] do_futex+0x26d/0x370 [ 118.967309] ? __pfx_do_futex+0x10/0x10 [ 118.967914] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 118.968721] __x64_sys_futex+0x1c9/0x4d0 [ 118.969355] ? __pfx___x64_sys_futex+0x10/0x10 [ 118.970040] ? xfd_validate_state+0x55/0x180 [ 118.970728] ? xfd_validate_state+0x55/0x180 [ 118.971419] do_syscall_64+0xbf/0x360 [ 118.972005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.972764] RIP: 0033:0x7f02b3605b19 [ 118.973318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.975971] RSP: 002b:00007f02b0b7b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 118.977086] RAX: ffffffffffffffda RBX: 00007f02b3718f68 RCX: 00007f02b3605b19 [ 118.978121] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f02b3718f6c [ 118.979151] RBP: 00007f02b3718f60 R08: 000000000000000e R09: 0000000000000000 [ 118.980186] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f02b3718f6c [ 118.981237] R13: 00007ffd7919102f R14: 00007f02b0b7b300 R15: 0000000000022000 [ 118.982305] [ 118.982666] Modules linked in: [ 118.983153] CR2: ffffed10212c95b6 [ 118.983665] ---[ end trace 0000000000000000 ]--- [ 118.984354] RIP: 0010:perf_tp_event+0x175/0xe70 [ 118.985061] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 118.987707] RSP: 0018:ffff888047faf800 EFLAGS: 00010212 [ 118.988489] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 118.989514] RDX: ffff8880474ab700 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 118.990568] RBP: ffff888047fafa70 R08: ffff88806ce31340 R09: ffffe8ffffc16688 [ 118.991607] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 118.992659] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 118.993682] FS: 00007f02b0b7b700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 118.994831] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.995659] CR2: ffffed10212c95b6 CR3: 000000000d309000 CR4: 0000000000350ef0 [ 118.996675] note: syz-executor.1[4005] exited with irqs disabled [ 118.997559] BUG: unable to handle page fault for address: ffffed10212c95b6 [ 118.998533] #PF: supervisor read access in kernel mode [ 118.999264] #PF: error_code(0x0000) - not-present page [ 118.999997] PGD 7ffd4067 P4D 7ffd4067 PUD 7ffd3067 PMD 0 [ 119.000801] Oops: Oops: 0000 [#3] SMP KASAN NOPTI [ 119.001499] CPU: 0 UID: 0 PID: 4005 Comm: syz-executor.1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 119.003172] Tainted: [D]=DIE, [W]=WARN [ 119.003717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 119.004887] RIP: 0010:perf_tp_event+0x175/0xe70 [ 119.005563] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 119.008103] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012 [ 119.008863] RAX: 1ffff110212c95b6 RBX: ffff88810964abc0 RCX: 0000000000000002 [ 119.009881] RDX: ffff888019e5d280 RSI: ffffffff8189a4e7 RDI: ffff88810964adb0 [ 119.010883] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc16688 [ 119.011895] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000 [ 119.012913] R13: 000000000000002c R14: ffff88806ce31490 R15: dffffc0000000000 [ 119.013916] FS: 00007f02b0b7b700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 119.015050] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.015884] CR2: ffffed10212c95b6 CR3: 000000000d309000 CR4: 0000000000350ef0 [ 119.016919] Call Trace: [ 119.017293] [ 119.017622] ? __pfx_perf_tp_event+0x10/0x10 [ 119.018269] ? sched_clock_cpu+0x6c/0x4e0 [ 119.018865] ? select_task_rq_fair+0x48c/0x38b0 [ 119.019541] ? trace_pelt_se_tp+0xdf/0x130 [ 119.020144] ? __update_load_avg_se+0x428/0xa40 [ 119.020833] ? perf_trace_lock+0xb5/0x5d0 [ 119.021429] ? __pfx_perf_trace_lock+0x10/0x10 [ 119.022087] ? do_raw_spin_unlock+0x53/0x220 [ 119.022734] ? try_to_wake_up+0x8ae/0x11d0 [ 119.023346] ? lock_release+0x172/0x290 [ 119.023929] ? perf_trace_run_bpf_submit+0xef/0x180 [ 119.024650] ? do_raw_spin_unlock+0x53/0x220 [ 119.025316] perf_trace_run_bpf_submit+0xef/0x180 [ 119.026021] perf_trace_lock+0x337/0x5d0 [ 119.026616] ? __pfx_perf_trace_lock+0x10/0x10 [ 119.027276] ? clockevents_program_event+0x14f/0x360 [ 119.028198] ? clockevents_program_event+0x14f/0x360 [ 119.028952] ? hrtimer_interrupt+0x114/0x830 [ 119.029589] lock_release+0x1ab/0x290 [ 119.030145] ktime_get_update_offsets_now+0xab/0x3c0 [ 119.030921] ? hrtimer_interrupt+0x114/0x830 [ 119.031555] ? __pfx_lapic_next_deadline+0x10/0x10 [ 119.032265] hrtimer_interrupt+0x114/0x830 [ 119.032893] __sysvec_apic_timer_interrupt+0xbb/0x330 [ 119.033637] sysvec_apic_timer_interrupt+0x6b/0x80 [ 119.034350] [ 119.034681] [ 119.035011] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 119.035758] RIP: 0010:make_task_dead+0xa2/0x3b0 [ 119.036428] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de [ 119.038985] RSP: 0018:ffff88804787ff28 EFLAGS: 00000246 [ 119.039739] RAX: 0000000000000001 RBX: ffff888019e5d280 RCX: ffffffff817c3ab6 [ 119.040739] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234 [ 119.041745] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000 [ 119.042738] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff888019e5d280 [ 119.043726] R13: 0000000000000009 R14: ffff88804787f7e0 R15: 0000000000000000 [ 119.044717] ? trace_irq_enable.constprop.0+0x26/0x100 [ 119.045466] ? make_task_dead+0x214/0x3b0 [ 119.046060] ? make_task_dead+0x214/0x3b0 [ 119.046650] ? do_syscall_64+0xbf/0x360 [ 119.047213] rewind_stack_and_make_dead+0x16/0x20 [ 119.047900] RIP: 0033:0x7f02b3605b19 [ 119.048425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.050926] RSP: 002b:00007f02b0b7b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 119.051981] RAX: ffffffffffffffda RBX: 00007f02b3718f68 RCX: 00007f02b3605b19 [ 119.052976] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f02b3718f6c [ 119.053969] RBP: 00007f02b3718f60 R08: 000000000000000e R09: 0000000000000000 [ 119.054955] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f02b3718f6c [ 119.055949] R13: 00007ffd7919102f R14: 00007f02b0b7b300 R15: 0000000000022000 [ 119.056960] [ 119.057295] Modules linked in: [ 119.057761] CR2: ffffed10212c95b6 [ 119.058246] ---[ end trace 0000000000000000 ]--- [ 119.058900] RIP: 0010:perf_tp_event+0x175/0xe70 [ 119.059562] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 119.062088] RSP: 0018:ffff888047faf800 EFLAGS: 00010212 [ 119.062831] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 119.063822] RDX: ffff8880474ab700 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 119.064824] RBP: ffff888047fafa70 R08: ffff88806ce31340 R09: ffffe8ffffc16688 [ 119.065813] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 119.066807] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 119.067812] FS: 00007f02b0b7b700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 119.068944] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.069754] CR2: ffffed10212c95b6 CR3: 000000000d309000 CR4: 0000000000350ef0 [ 119.070747] Kernel panic - not syncing: Fatal exception in interrupt [ 119.071746] Kernel Offset: disabled [ 119.072254] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 10:59:24 Registers: info registers vcpu 0 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888047faf198 R8 =0000000000000000 R9 =ffffed10014ec046 R10=000000000000005b R11=3a6465746e696154 R12=000000000000005b R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055558dcbc400 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe1600000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055558dcbdc18 CR3=000000000d535000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f25a63717c000007f25a63717c8 XMM02=00007f25a63717e000007f25a63717c0 XMM03=00007f25a63717c800007f25a63717c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88806ce3de20 RCX=ffffffff816880fc RDX=ffff8880474ad280 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff8880475bf980 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1 R12=ffffed100d9c7bc5 R13=ffff88806ce3de28 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff8173f6b8 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055557b18e400 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe2800000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2d125000 CR3=00000000469c6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffff812c82b4ffffffff812c82a8 XMM01=ffffffff812c8387ffffffff812c835e XMM02=ffffffff8179cc6fffffffff812c8387 XMM03=ffffffff812c835effffffff812c82b4 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000