Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:23187' (ECDSA) to the list of known hosts. 2025/09/01 11:06:49 fuzzer started 2025/09/01 11:06:49 dialing manager at localhost:35473 syzkaller login: [ 51.863028] cgroup: Unknown subsys name 'net' [ 51.932757] cgroup: Unknown subsys name 'cpuset' [ 51.948571] cgroup: Unknown subsys name 'rlimit' 2025/09/01 11:07:00 syscalls: 2214 2025/09/01 11:07:00 code coverage: enabled 2025/09/01 11:07:00 comparison tracing: enabled 2025/09/01 11:07:00 extra coverage: enabled 2025/09/01 11:07:00 setuid sandbox: enabled 2025/09/01 11:07:00 namespace sandbox: enabled 2025/09/01 11:07:00 Android sandbox: enabled 2025/09/01 11:07:00 fault injection: enabled 2025/09/01 11:07:00 leak checking: enabled 2025/09/01 11:07:00 net packet injection: enabled 2025/09/01 11:07:00 net device setup: enabled 2025/09/01 11:07:00 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 11:07:00 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 11:07:00 USB emulation: enabled 2025/09/01 11:07:00 hci packet injection: enabled 2025/09/01 11:07:00 wifi device emulation: enabled 2025/09/01 11:07:00 802.15.4 emulation: enabled 2025/09/01 11:07:01 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 11:07:01 fetching corpus: 50, signal 23021/26553 (executing program) 2025/09/01 11:07:01 fetching corpus: 100, signal 37190/42008 (executing program) 2025/09/01 11:07:01 fetching corpus: 150, signal 42564/48697 (executing program) 2025/09/01 11:07:01 fetching corpus: 200, signal 48529/55842 (executing program) 2025/09/01 11:07:01 fetching corpus: 250, signal 53523/62009 (executing program) 2025/09/01 11:07:01 fetching corpus: 300, signal 58283/67856 (executing program) 2025/09/01 11:07:02 fetching corpus: 350, signal 61299/71969 (executing program) 2025/09/01 11:07:02 fetching corpus: 400, signal 64816/76494 (executing program) 2025/09/01 11:07:02 fetching corpus: 450, signal 67693/80403 (executing program) 2025/09/01 11:07:02 fetching corpus: 500, signal 75358/88492 (executing program) 2025/09/01 11:07:02 fetching corpus: 550, signal 77664/91718 (executing program) 2025/09/01 11:07:02 fetching corpus: 600, signal 80256/95182 (executing program) 2025/09/01 11:07:02 fetching corpus: 650, signal 83325/98937 (executing program) 2025/09/01 11:07:02 fetching corpus: 700, signal 85075/101477 (executing program) 2025/09/01 11:07:02 fetching corpus: 750, signal 87416/104497 (executing program) 2025/09/01 11:07:02 fetching corpus: 800, signal 89105/106959 (executing program) 2025/09/01 11:07:03 fetching corpus: 850, signal 91796/110158 (executing program) 2025/09/01 11:07:03 fetching corpus: 900, signal 93742/112674 (executing program) 2025/09/01 11:07:03 fetching corpus: 950, signal 95527/115112 (executing program) 2025/09/01 11:07:03 fetching corpus: 1000, signal 96698/116993 (executing program) 2025/09/01 11:07:03 fetching corpus: 1050, signal 98635/119459 (executing program) 2025/09/01 11:07:03 fetching corpus: 1100, signal 100020/121438 (executing program) 2025/09/01 11:07:03 fetching corpus: 1150, signal 102147/123919 (executing program) 2025/09/01 11:07:03 fetching corpus: 1200, signal 103709/125965 (executing program) 2025/09/01 11:07:03 fetching corpus: 1250, signal 105176/127926 (executing program) 2025/09/01 11:07:04 fetching corpus: 1300, signal 107636/130649 (executing program) 2025/09/01 11:07:04 fetching corpus: 1350, signal 108901/132346 (executing program) 2025/09/01 11:07:04 fetching corpus: 1400, signal 110754/134523 (executing program) 2025/09/01 11:07:04 fetching corpus: 1450, signal 111751/136049 (executing program) 2025/09/01 11:07:04 fetching corpus: 1500, signal 113320/137931 (executing program) 2025/09/01 11:07:04 fetching corpus: 1550, signal 114620/139572 (executing program) 2025/09/01 11:07:04 fetching corpus: 1600, signal 115713/141086 (executing program) 2025/09/01 11:07:04 fetching corpus: 1650, signal 117961/143292 (executing program) 2025/09/01 11:07:04 fetching corpus: 1700, signal 118901/144663 (executing program) 2025/09/01 11:07:04 fetching corpus: 1750, signal 119483/145759 (executing program) 2025/09/01 11:07:04 fetching corpus: 1800, signal 120543/147090 (executing program) 2025/09/01 11:07:05 fetching corpus: 1850, signal 121326/148266 (executing program) 2025/09/01 11:07:05 fetching corpus: 1900, signal 122447/149660 (executing program) 2025/09/01 11:07:05 fetching corpus: 1950, signal 123474/150938 (executing program) 2025/09/01 11:07:05 fetching corpus: 2000, signal 124150/151959 (executing program) 2025/09/01 11:07:05 fetching corpus: 2050, signal 124900/153053 (executing program) 2025/09/01 11:07:05 fetching corpus: 2100, signal 126024/154370 (executing program) 2025/09/01 11:07:05 fetching corpus: 2150, signal 127733/155957 (executing program) 2025/09/01 11:07:05 fetching corpus: 2200, signal 128477/156949 (executing program) 2025/09/01 11:07:05 fetching corpus: 2250, signal 128965/157862 (executing program) 2025/09/01 11:07:05 fetching corpus: 2300, signal 129559/158778 (executing program) 2025/09/01 11:07:05 fetching corpus: 2350, signal 130273/159746 (executing program) 2025/09/01 11:07:05 fetching corpus: 2400, signal 130907/160662 (executing program) 2025/09/01 11:07:05 fetching corpus: 2450, signal 131550/161599 (executing program) 2025/09/01 11:07:06 fetching corpus: 2500, signal 132522/162657 (executing program) 2025/09/01 11:07:06 fetching corpus: 2550, signal 132972/163479 (executing program) 2025/09/01 11:07:06 fetching corpus: 2600, signal 133837/164464 (executing program) 2025/09/01 11:07:06 fetching corpus: 2650, signal 134975/165528 (executing program) 2025/09/01 11:07:06 fetching corpus: 2700, signal 135432/166296 (executing program) 2025/09/01 11:07:06 fetching corpus: 2750, signal 136163/167138 (executing program) 2025/09/01 11:07:06 fetching corpus: 2800, signal 137077/168051 (executing program) 2025/09/01 11:07:06 fetching corpus: 2850, signal 137958/168984 (executing program) 2025/09/01 11:07:06 fetching corpus: 2900, signal 138726/169794 (executing program) 2025/09/01 11:07:06 fetching corpus: 2950, signal 139418/170574 (executing program) 2025/09/01 11:07:07 fetching corpus: 3000, signal 140232/171389 (executing program) 2025/09/01 11:07:07 fetching corpus: 3050, signal 140886/172141 (executing program) 2025/09/01 11:07:07 fetching corpus: 3100, signal 141501/172842 (executing program) 2025/09/01 11:07:07 fetching corpus: 3150, signal 142329/173616 (executing program) 2025/09/01 11:07:07 fetching corpus: 3200, signal 143067/174304 (executing program) 2025/09/01 11:07:07 fetching corpus: 3250, signal 143561/174896 (executing program) 2025/09/01 11:07:07 fetching corpus: 3300, signal 144346/175596 (executing program) 2025/09/01 11:07:07 fetching corpus: 3350, signal 145203/176314 (executing program) 2025/09/01 11:07:07 fetching corpus: 3400, signal 145983/177017 (executing program) 2025/09/01 11:07:07 fetching corpus: 3450, signal 146724/177657 (executing program) 2025/09/01 11:07:08 fetching corpus: 3500, signal 147225/178200 (executing program) 2025/09/01 11:07:08 fetching corpus: 3550, signal 147639/178733 (executing program) 2025/09/01 11:07:08 fetching corpus: 3600, signal 148328/179277 (executing program) 2025/09/01 11:07:08 fetching corpus: 3650, signal 148965/179850 (executing program) 2025/09/01 11:07:08 fetching corpus: 3700, signal 149595/180450 (executing program) 2025/09/01 11:07:08 fetching corpus: 3750, signal 150380/181007 (executing program) 2025/09/01 11:07:08 fetching corpus: 3800, signal 151046/181536 (executing program) 2025/09/01 11:07:08 fetching corpus: 3850, signal 151708/182065 (executing program) 2025/09/01 11:07:08 fetching corpus: 3900, signal 152382/182538 (executing program) 2025/09/01 11:07:08 fetching corpus: 3950, signal 152967/183036 (executing program) 2025/09/01 11:07:08 fetching corpus: 4000, signal 153495/183461 (executing program) 2025/09/01 11:07:09 fetching corpus: 4050, signal 153979/183918 (executing program) 2025/09/01 11:07:09 fetching corpus: 4100, signal 154326/184348 (executing program) 2025/09/01 11:07:09 fetching corpus: 4150, signal 154634/184721 (executing program) 2025/09/01 11:07:09 fetching corpus: 4200, signal 155282/185126 (executing program) 2025/09/01 11:07:09 fetching corpus: 4250, signal 155628/185507 (executing program) 2025/09/01 11:07:09 fetching corpus: 4300, signal 156076/185875 (executing program) 2025/09/01 11:07:09 fetching corpus: 4350, signal 156458/186240 (executing program) 2025/09/01 11:07:09 fetching corpus: 4400, signal 157282/186663 (executing program) 2025/09/01 11:07:09 fetching corpus: 4450, signal 157791/187025 (executing program) 2025/09/01 11:07:09 fetching corpus: 4500, signal 158402/187356 (executing program) 2025/09/01 11:07:09 fetching corpus: 4550, signal 158924/187673 (executing program) 2025/09/01 11:07:09 fetching corpus: 4600, signal 159226/187905 (executing program) 2025/09/01 11:07:10 fetching corpus: 4650, signal 159824/187948 (executing program) 2025/09/01 11:07:10 fetching corpus: 4700, signal 160254/187969 (executing program) 2025/09/01 11:07:10 fetching corpus: 4750, signal 160676/187977 (executing program) 2025/09/01 11:07:10 fetching corpus: 4800, signal 161078/187988 (executing program) 2025/09/01 11:07:10 fetching corpus: 4850, signal 161683/187990 (executing program) 2025/09/01 11:07:10 fetching corpus: 4900, signal 162094/188006 (executing program) 2025/09/01 11:07:10 fetching corpus: 4950, signal 162506/188035 (executing program) 2025/09/01 11:07:10 fetching corpus: 5000, signal 162962/188065 (executing program) 2025/09/01 11:07:10 fetching corpus: 5050, signal 163459/188134 (executing program) 2025/09/01 11:07:10 fetching corpus: 5100, signal 163858/188143 (executing program) 2025/09/01 11:07:10 fetching corpus: 5150, signal 164283/188152 (executing program) 2025/09/01 11:07:11 fetching corpus: 5200, signal 164700/188156 (executing program) 2025/09/01 11:07:11 fetching corpus: 5250, signal 165130/188170 (executing program) 2025/09/01 11:07:11 fetching corpus: 5300, signal 165427/188180 (executing program) 2025/09/01 11:07:11 fetching corpus: 5350, signal 165736/188184 (executing program) 2025/09/01 11:07:11 fetching corpus: 5400, signal 166233/188191 (executing program) 2025/09/01 11:07:11 fetching corpus: 5450, signal 166559/188204 (executing program) 2025/09/01 11:07:11 fetching corpus: 5500, signal 167072/188220 (executing program) 2025/09/01 11:07:11 fetching corpus: 5550, signal 167430/188231 (executing program) 2025/09/01 11:07:11 fetching corpus: 5600, signal 167812/188234 (executing program) 2025/09/01 11:07:11 fetching corpus: 5650, signal 168140/188236 (executing program) 2025/09/01 11:07:12 fetching corpus: 5700, signal 168451/188238 (executing program) 2025/09/01 11:07:12 fetching corpus: 5750, signal 168667/188239 (executing program) 2025/09/01 11:07:12 fetching corpus: 5800, signal 169332/188242 (executing program) 2025/09/01 11:07:12 fetching corpus: 5850, signal 169663/188247 (executing program) 2025/09/01 11:07:12 fetching corpus: 5900, signal 170325/188256 (executing program) 2025/09/01 11:07:12 fetching corpus: 5950, signal 170676/188306 (executing program) 2025/09/01 11:07:12 fetching corpus: 6000, signal 171092/188333 (executing program) 2025/09/01 11:07:12 fetching corpus: 6050, signal 171505/188343 (executing program) 2025/09/01 11:07:12 fetching corpus: 6100, signal 171847/188345 (executing program) 2025/09/01 11:07:12 fetching corpus: 6150, signal 172102/188355 (executing program) 2025/09/01 11:07:12 fetching corpus: 6200, signal 172442/188366 (executing program) 2025/09/01 11:07:12 fetching corpus: 6250, signal 172743/188371 (executing program) 2025/09/01 11:07:13 fetching corpus: 6300, signal 173133/188383 (executing program) 2025/09/01 11:07:13 fetching corpus: 6350, signal 173518/188407 (executing program) 2025/09/01 11:07:13 fetching corpus: 6400, signal 173856/188487 (executing program) 2025/09/01 11:07:13 fetching corpus: 6450, signal 174251/188490 (executing program) 2025/09/01 11:07:13 fetching corpus: 6500, signal 174642/188491 (executing program) 2025/09/01 11:07:13 fetching corpus: 6550, signal 175357/188524 (executing program) 2025/09/01 11:07:13 fetching corpus: 6600, signal 175760/188524 (executing program) 2025/09/01 11:07:13 fetching corpus: 6650, signal 176100/188549 (executing program) 2025/09/01 11:07:13 fetching corpus: 6700, signal 176743/188570 (executing program) 2025/09/01 11:07:13 fetching corpus: 6750, signal 176981/188583 (executing program) 2025/09/01 11:07:14 fetching corpus: 6800, signal 177289/188588 (executing program) 2025/09/01 11:07:14 fetching corpus: 6850, signal 177716/188592 (executing program) 2025/09/01 11:07:14 fetching corpus: 6900, signal 178136/188644 (executing program) 2025/09/01 11:07:14 fetching corpus: 6950, signal 178675/188729 (executing program) 2025/09/01 11:07:14 fetching corpus: 7000, signal 179027/188739 (executing program) 2025/09/01 11:07:14 fetching corpus: 7050, signal 179252/188742 (executing program) 2025/09/01 11:07:14 fetching corpus: 7100, signal 179592/188751 (executing program) 2025/09/01 11:07:14 fetching corpus: 7150, signal 179825/188756 (executing program) 2025/09/01 11:07:14 fetching corpus: 7200, signal 180148/188761 (executing program) 2025/09/01 11:07:14 fetching corpus: 7250, signal 180426/188770 (executing program) 2025/09/01 11:07:14 fetching corpus: 7300, signal 180725/188783 (executing program) 2025/09/01 11:07:14 fetching corpus: 7350, signal 180920/188785 (executing program) 2025/09/01 11:07:15 fetching corpus: 7400, signal 181257/188790 (executing program) 2025/09/01 11:07:15 fetching corpus: 7450, signal 181521/188794 (executing program) 2025/09/01 11:07:15 fetching corpus: 7500, signal 181726/188802 (executing program) 2025/09/01 11:07:15 fetching corpus: 7550, signal 181971/188802 (executing program) 2025/09/01 11:07:15 fetching corpus: 7600, signal 182207/188812 (executing program) 2025/09/01 11:07:15 fetching corpus: 7650, signal 182571/188829 (executing program) 2025/09/01 11:07:15 fetching corpus: 7700, signal 182761/188845 (executing program) 2025/09/01 11:07:15 fetching corpus: 7750, signal 182985/188862 (executing program) 2025/09/01 11:07:15 fetching corpus: 7800, signal 183306/188879 (executing program) 2025/09/01 11:07:15 fetching corpus: 7850, signal 183546/188886 (executing program) 2025/09/01 11:07:15 fetching corpus: 7900, signal 183785/188889 (executing program) 2025/09/01 11:07:15 fetching corpus: 7950, signal 184287/188889 (executing program) 2025/09/01 11:07:16 fetching corpus: 8000, signal 184512/188891 (executing program) 2025/09/01 11:07:16 fetching corpus: 8050, signal 184785/188906 (executing program) 2025/09/01 11:07:16 fetching corpus: 8100, signal 185095/188942 (executing program) 2025/09/01 11:07:16 fetching corpus: 8150, signal 185506/188946 (executing program) 2025/09/01 11:07:16 fetching corpus: 8200, signal 186230/188956 (executing program) 2025/09/01 11:07:16 fetching corpus: 8234, signal 186439/188956 (executing program) 2025/09/01 11:07:16 fetching corpus: 8234, signal 186439/188956 (executing program) 2025/09/01 11:07:18 starting 8 fuzzer processes 11:07:18 executing program 3: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x2, &(0x7f0000001c80)=[{&(0x7f00000007c0)="b3", 0x1}, {&(0x7f00000008c0)="8e", 0x1}], 0x0, 0x0) 11:07:18 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x1000}, 0x4) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x1000}, 0x4) close(r0) 11:07:18 executing program 2: epoll_create1(0x0) 11:07:18 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:07:18 executing program 7: mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x7, &(0x7f0000ffc000/0x1000)=nil) 11:07:18 executing program 4: r0 = creat(0x0, 0x0) getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000580), &(0x7f00000005c0)=0xc) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x7f) ioctl$F2FS_IOC_GET_FEATURES(0xffffffffffffffff, 0x8004f50c, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, 0x0) 11:07:18 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x1, 0x0, 0xf00) [ 80.275561] audit: type=1400 audit(1756724838.466:7): avc: denied { execmem } for pid=274 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:07:18 executing program 6: setgroups(0x2, &(0x7f0000000140)=[0x0, 0xffffffffffffffff]) [ 81.446373] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 81.448642] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 81.453045] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 81.456516] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 81.459307] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 81.513702] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 81.517316] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 81.519075] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 81.519614] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 81.522640] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 81.525665] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 81.529849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 81.536704] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 81.538703] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 81.540686] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 81.583112] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 81.590737] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 81.593102] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 81.595236] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 81.600473] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 81.602606] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 81.605506] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 81.607237] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 81.613424] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 81.616245] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 81.619474] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 81.621167] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 81.627550] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 81.631272] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 81.634374] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 81.636244] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 81.639563] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 81.641833] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 81.643326] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 81.649535] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 81.660427] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 81.662579] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 81.664444] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 81.665701] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 81.704134] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.480517] Bluetooth: hci0: command tx timeout [ 83.608949] Bluetooth: hci1: command tx timeout [ 83.609661] Bluetooth: hci2: command tx timeout [ 83.670955] Bluetooth: hci6: command tx timeout [ 83.735956] Bluetooth: hci4: command tx timeout [ 83.736481] Bluetooth: hci7: command tx timeout [ 83.800247] Bluetooth: hci3: command tx timeout [ 83.800776] Bluetooth: hci5: command tx timeout [ 85.527497] Bluetooth: hci0: command tx timeout [ 85.656125] Bluetooth: hci2: command tx timeout [ 85.657575] Bluetooth: hci1: command tx timeout [ 85.720391] Bluetooth: hci6: command tx timeout [ 85.784068] Bluetooth: hci7: command tx timeout [ 85.784853] Bluetooth: hci4: command tx timeout [ 85.846999] Bluetooth: hci3: command tx timeout [ 85.847472] Bluetooth: hci5: command tx timeout [ 87.576156] Bluetooth: hci0: command tx timeout [ 87.703020] Bluetooth: hci1: command tx timeout [ 87.703760] Bluetooth: hci2: command tx timeout [ 87.767012] Bluetooth: hci6: command tx timeout [ 87.831030] Bluetooth: hci4: command tx timeout [ 87.831789] Bluetooth: hci7: command tx timeout [ 87.895142] Bluetooth: hci5: command tx timeout [ 87.895881] Bluetooth: hci3: command tx timeout [ 89.623195] Bluetooth: hci0: command tx timeout [ 89.752017] Bluetooth: hci2: command tx timeout [ 89.752434] Bluetooth: hci1: command tx timeout [ 89.815107] Bluetooth: hci6: command tx timeout [ 89.880032] Bluetooth: hci4: command tx timeout [ 89.880437] Bluetooth: hci7: command tx timeout [ 89.942963] Bluetooth: hci3: command tx timeout [ 89.943366] Bluetooth: hci5: command tx timeout [ 124.124383] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.125302] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.281251] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.281880] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.416813] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.417504] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.574842] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.576059] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.734356] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.735126] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.801699] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.802521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:08:03 executing program 7: io_setup(0x7fff, &(0x7f0000000440)=0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000480), 0x1, 0x0) io_submit(r0, 0x1, &(0x7f0000000a00)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0}]) [ 124.893104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.894335] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:08:03 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/snmp6\x00') pread64(r0, &(0x7f0000000140)=""/182, 0xb6, 0x0) [ 125.039035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.040243] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.082139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.082759] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.153496] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.154153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.165697] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.166401] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.216578] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.217355] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.287668] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.288344] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.408585] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.409559] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.437461] audit: type=1400 audit(1756724883.628:8): avc: denied { open } for pid=3890 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 125.440633] audit: type=1400 audit(1756724883.628:9): avc: denied { kernel } for pid=3890 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 125.482232] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.482864] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.544691] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.545344] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:08:03 executing program 3: r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) fadvise64(r0, 0x0, 0x0, 0x0) 11:08:03 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/snmp6\x00') pread64(r0, &(0x7f0000000140)=""/182, 0xb6, 0x0) 11:08:03 executing program 6: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000240)=@req3={0x3, 0x6}, 0x1c) 11:08:03 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x1, 0x0, 0xf00) 11:08:03 executing program 1: syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000008c0)) 11:08:03 executing program 4: prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0) 11:08:03 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)={0x20, 0x1e, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @nested={0x4}]}, 0x20}], 0x1}, 0x0) 11:08:03 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:08:04 executing program 2: add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) add_key$user(0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='task\x00') fstat(r0, &(0x7f0000000280)) 11:08:04 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/snmp6\x00') pread64(r0, &(0x7f0000000140)=""/182, 0xb6, 0x0) 11:08:04 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x2, 0x1, 0x101, 0x0, 0x0, {0xf, 0x2}}, 0x14}}, 0x0) 11:08:04 executing program 3: syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/14], 0xe) syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2) syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x411}}}, 0x7) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x13}, @hci_ev_le_conn_complete={{}, {0x8, 0xc9, 0x40, 0x1, @any, 0x8, 0x7ff, 0x5, 0x9}}}}, 0x16) syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x3f, 0xc8, 0x6}}}, 0x7) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) syz_emit_vhci(&(0x7f00000005c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0x50}, "2bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566b3336d7090da483b85a7eff476ae95f6fe07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c24"}, 0x54) syz_emit_vhci(&(0x7f0000000640)=ANY=[@ANYRESHEX, @ANYRES32=r0, @ANYRESDEC=r0, @ANYRES64, @ANYBLOB="924e1b0b8596ac5b7102abbe0cb4fee5402a6206e310344401413256588de4a10802ecdbae213a47c89bfc84d022358b36df7bc8aed11f21e4c6abda0a6f04d2eccabd819ea94cb5a1d046dc5573e31fd1c00a7200efed2d42452ced2530e6420abaea7e5a9f6332adb7ae8fb993e88ef9383f781b6696342142cd4c9d18be945ccbe3296e213d857aeb2b13ef48cb118861b6e728605dae11dd15e2eddddb1d280499695474e68d9b5fc96619e27a8a25bc", @ANYRESDEC=r0, @ANYRES16], 0x19) getdents64(r0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c) syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_change_link_key_complete={{0x9, 0x3}, {0x7, 0xc9}}}, 0x6) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2) r1 = syz_open_dev$sg(&(0x7f00000001c0), 0x1fb, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="fd6fc138c83356e493c144c7d7a6434e8fc22851ec94962e06e62faf0e62ca749f8ee127bf7eb013c08d9f94cda24fa1706ad88afd8d086d258b889765d6f5bc69c65f433af811fe31dbe3df59e6a0a30b03c95e14f89b322a3c13c4b81c75743e8acd85f038aedeee59549912e767f510670734e9dca059aa"]) syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02cda7e00b8da2fc2600131b020080"], 0xf) syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="03c9008cb85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6be884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf219734e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3000000000000"], 0x90) clone(0xc11fb00, 0x0, &(0x7f0000000080), 0x0, 0x0) 11:08:04 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x1, 0x0, 0xf00) 11:08:04 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x24040841, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10) recvmmsg(r0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000005f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000006200)={0x0, 0x989680}) 11:08:04 executing program 1: r0 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) setgroups(0x3, &(0x7f0000000340)=[0x0, 0x0, 0x0]) keyctl$chown(0x4, r0, 0x0, 0xee00) 11:08:04 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 125.876439] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 125.878631] Bluetooth: hci0: ACL packet for unknown connection handle 1997 11:08:04 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000740)={'syz_tun\x00', &(0x7f0000000700)=@ethtool_rxfh_indir={0x38}}) 11:08:04 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/snmp6\x00') pread64(r0, &(0x7f0000000140)=""/182, 0xb6, 0x0) 11:08:04 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x24040841, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10) recvmmsg(r0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000005f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000006200)={0x0, 0x989680}) 11:08:04 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:08:04 executing program 4: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/freeze_filesystems', 0x0, 0x0) pread64(r0, &(0x7f00000001c0)=""/110, 0x6e, 0x800) 11:08:04 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x1, 0x0, 0xf00) 11:08:04 executing program 3: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 11:08:04 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f00000003c0)=""/195, 0xfdef}], 0x1) [ 126.034590] audit: type=1400 audit(1756724884.224:10): avc: denied { read } for pid=3945 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 11:08:04 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r0, 0x4b32, 0x0) 11:08:04 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f00000003c0)=""/195, 0xfdef}], 0x1) 11:08:04 executing program 7: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f00000003c0)=""/195, 0xfdef}], 0x1) 11:08:04 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x24040841, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10) recvmmsg(r0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000005f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000006200)={0x0, 0x989680}) 11:08:04 executing program 5: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000880), 0x502, 0x0) r1 = dup2(r0, r0) ioctl$PTP_EXTTS_REQUEST2(r1, 0x40103d0b, &(0x7f0000000000)) 11:08:04 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x84801, 0x0) [ 126.134304] kmemleak: Found object by alias at 0x607f1a63df4c [ 126.134325] CPU: 1 UID: 0 PID: 3953 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 126.134344] Tainted: [W]=WARN [ 126.134348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.134355] Call Trace: [ 126.134359] [ 126.134364] dump_stack_lvl+0xca/0x120 [ 126.134391] __lookup_object+0x94/0xb0 [ 126.134409] delete_object_full+0x27/0x70 [ 126.134425] free_percpu+0x30/0x1160 [ 126.134443] ? arch_uprobe_clear_state+0x16/0x140 [ 126.134464] futex_hash_free+0x38/0xc0 [ 126.134479] mmput+0x2d3/0x390 [ 126.134499] do_exit+0x79d/0x2970 [ 126.134513] ? signal_wake_up_state+0x85/0x120 [ 126.134530] ? zap_other_threads+0x2b9/0x3a0 [ 126.134546] ? __pfx_do_exit+0x10/0x10 [ 126.134559] ? do_group_exit+0x1c3/0x2a0 [ 126.134573] ? lock_release+0xc8/0x290 [ 126.134592] do_group_exit+0xd3/0x2a0 [ 126.134607] __x64_sys_exit_group+0x3e/0x50 [ 126.134622] x64_sys_call+0x18c5/0x18d0 [ 126.134638] do_syscall_64+0xbf/0x360 [ 126.134651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.134663] RIP: 0033:0x7fd445669b19 [ 126.134671] Code: Unable to access opcode bytes at 0x7fd445669aef. [ 126.134677] RSP: 002b:00007ffd6e5174b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.134689] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fd445669b19 [ 126.134696] RDX: 00007fd44561c72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 126.134704] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001 [ 126.134710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 126.134717] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd6e5175a0 [ 126.134734] [ 126.134738] kmemleak: Object (percpu) 0x607f1a63df48 (size 8): [ 126.134745] kmemleak: comm "syz-executor.1", pid 3964, jiffies 4294793048 [ 126.134752] kmemleak: min_count = 1 [ 126.134756] kmemleak: count = 0 [ 126.134760] kmemleak: flags = 0x21 [ 126.134763] kmemleak: checksum = 0 [ 126.134767] kmemleak: backtrace: [ 126.134771] pcpu_alloc_noprof+0x87a/0x1170 [ 126.134786] perf_trace_event_init+0x366/0xa10 [ 126.134800] perf_trace_init+0x1a4/0x2f0 [ 126.134813] perf_tp_event_init+0xa6/0x120 [ 126.134829] perf_try_init_event+0x140/0x9f0 [ 126.134843] perf_event_alloc.part.0+0x118e/0x45f0 [ 126.134860] __do_sys_perf_event_open+0x719/0x2c20 [ 126.134874] do_syscall_64+0xbf/0x360 [ 126.134883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.135064] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI [ 126.154311] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 126.154899] CPU: 0 UID: 0 PID: 3963 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 126.156855] Tainted: [W]=WARN [ 126.157632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.159430] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.160893] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.164741] RSP: 0018:ffff888046877800 EFLAGS: 00010212 [ 126.165179] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 126.165761] RDX: ffff888045edb700 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 126.166336] RBP: ffff888046877a70 R08: ffff88806ce31340 R09: ffffe8ffffc15f48 [ 126.166904] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.167471] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 126.168035] FS: 000055556fd3e400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 126.168668] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.169137] CR2: 00007fc8c6770019 CR3: 000000004547e000 CR4: 0000000000350ef0 [ 126.169704] Call Trace: [ 126.169917] [ 126.170121] ? arch_scale_cpu_capacity+0x17/0xa0 [ 126.170513] ? __pfx_perf_tp_event+0x10/0x10 [ 126.170878] ? __asan_memset+0x24/0x50 [ 126.171213] ? perf_trace_lock+0xb5/0x5d0 [ 126.171555] ? kvm_sched_clock_read+0x16/0x30 [ 126.171922] ? sched_clock+0x37/0x60 [ 126.172230] ? sched_clock_cpu+0x6c/0x4e0 [ 126.172567] ? lock_is_held_type+0x9e/0x120 [ 126.172928] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.173333] perf_trace_run_bpf_submit+0xef/0x180 [ 126.173734] perf_trace_lock+0x337/0x5d0 [ 126.174077] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.174450] ? lock_acquire+0x15e/0x2f0 [ 126.174774] ? futex_ref_get+0x48/0x300 [ 126.175095] ? futex_ref_get+0x114/0x300 [ 126.175424] ? futex_hash+0x15c/0x390 [ 126.175730] lock_release+0x1ab/0x290 [ 126.176041] ? futex_hash+0x15c/0x390 [ 126.176348] futex_ref_get+0x119/0x300 [ 126.176669] ? futex_hash+0x15c/0x390 [ 126.176979] futex_hash+0x70/0x390 [ 126.177270] futex_wake+0x143/0x540 [ 126.177569] ? put_pid+0x1f/0x30 [ 126.177846] ? kernel_clone+0x204/0x7f0 [ 126.178173] ? __pfx_futex_wake+0x10/0x10 [ 126.178513] ? __pfx_kernel_clone+0x10/0x10 [ 126.178863] ? perf_trace_lock+0xb5/0x5d0 [ 126.179204] do_futex+0x26d/0x370 [ 126.179490] ? __pfx_do_futex+0x10/0x10 [ 126.179815] ? __pfx___do_sys_clone+0x10/0x10 [ 126.180175] ? find_held_lock+0x2b/0x80 [ 126.180506] __x64_sys_futex+0x1c9/0x4d0 [ 126.180836] ? __pfx___x64_sys_futex+0x10/0x10 [ 126.181208] ? xfd_validate_state+0x55/0x180 [ 126.181578] do_syscall_64+0xbf/0x360 [ 126.181889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.182306] RIP: 0033:0x7f3ab25fab19 [ 126.182601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.183996] RSP: 002b:00007ffe4b702728 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.184580] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3ab25fab19 [ 126.185129] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3ab270df68 [ 126.185679] RBP: 00007f3ab270df60 R08: 00007f3aafb70700 R09: 0000000000000000 [ 126.186234] R10: 00007f3aafb70700 R11: 0000000000000246 R12: 00007f3ab27120a8 [ 126.186781] R13: 00007ffe4b702830 R14: 00007f3ab270df60 R15: 000000000001ec50 [ 126.187342] [ 126.187527] Modules linked in: [ 126.189008] ---[ end trace 0000000000000000 ]--- [ 126.189383] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.189761] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.192031] RSP: 0018:ffff888046877800 EFLAGS: 00010212 [ 126.192452] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 126.193018] RDX: ffff888045edb700 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 126.193569] RBP: ffff888046877a70 R08: ffff88806ce31340 R09: ffffe8ffffc15f48 [ 126.194141] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.194694] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 126.195261] FS: 000055556fd3e400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 126.195884] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.196352] CR2: 00007fc8c6770019 CR3: 000000004547e000 CR4: 0000000000350ef0 [ 126.196927] note: syz-executor.7[3963] exited with preempt_count 1 [ 126.197409] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51 [ 126.198121] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 3963, name: syz-executor.7 [ 126.198777] preempt_count: 0, expected: 0 [ 126.199113] RCU nest depth: 2, expected: 0 [ 126.199437] INFO: lockdep is turned off. [ 126.199753] CPU: 0 UID: 0 PID: 3963 Comm: syz-executor.7 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 126.199772] Tainted: [D]=DIE, [W]=WARN [ 126.199776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.199782] Call Trace: [ 126.199785] [ 126.199790] dump_stack_lvl+0xfa/0x120 [ 126.199810] __might_resched+0x2f3/0x510 [ 126.199824] exit_signals+0x25/0x940 [ 126.199843] do_exit+0x2db/0x2970 [ 126.199856] ? _printk+0xbe/0xf0 [ 126.199869] ? __pfx__printk+0x10/0x10 [ 126.199883] ? __pfx_do_exit+0x10/0x10 [ 126.199902] make_task_dead+0x174/0x3b0 [ 126.199915] ? do_syscall_64+0xbf/0x360 [ 126.199926] rewind_stack_and_make_dead+0x16/0x20 [ 126.199942] RIP: 0033:0x7f3ab25fab19 [ 126.199950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.199961] RSP: 002b:00007ffe4b702728 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.199971] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3ab25fab19 [ 126.199979] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3ab270df68 [ 126.199986] RBP: 00007f3ab270df60 R08: 00007f3aafb70700 R09: 0000000000000000 [ 126.199993] R10: 00007f3aafb70700 R11: 0000000000000246 R12: 00007f3ab27120a8 [ 126.200000] R13: 00007ffe4b702830 R14: 00007f3ab270df60 R15: 000000000001ec50 [ 126.200011] 11:08:04 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$802154_dgram(0x24, 0x3, 0x2f) bind$802154_dgram(r0, &(0x7f0000000100), 0x14) [ 126.277823] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 126.278729] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 126.279404] CPU: 0 UID: 0 PID: 3977 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 126.280324] Tainted: [D]=DIE, [W]=WARN [ 126.280622] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.281261] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.281637] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.283051] RSP: 0018:ffff8880480df800 EFLAGS: 00010212 [ 126.283466] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900063e3000 [ 126.284016] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 126.284565] RBP: ffff8880480dfa70 R08: ffff88806ce31340 R09: ffffe8ffffc15f48 [ 126.285115] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.285665] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 126.286226] FS: 00007fd442bdf700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 126.286848] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.287299] CR2: 00007f3ab270e018 CR3: 0000000046e06000 CR4: 0000000000350ef0 [ 126.287857] Call Trace: [ 126.288064] [ 126.288252] ? __pfx_perf_tp_event+0x10/0x10 [ 126.288608] ? kvm_sched_clock_read+0x16/0x30 [ 126.288967] ? local_clock_noinstr+0xf/0xc0 [ 126.289311] ? perf_trace_lock+0xb5/0x5d0 [ 126.289642] ? perf_trace_lock+0xb5/0x5d0 [ 126.289971] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 126.290389] ? perf_swevent_event+0x63/0x3f0 [ 126.290742] ? perf_tp_event+0x807/0xe70 [ 126.291068] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.291468] ? __pfx_perf_tp_event+0x10/0x10 [ 126.291821] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 126.292277] ? do_raw_spin_unlock+0x53/0x220 [ 126.292634] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.293030] perf_trace_run_bpf_submit+0xef/0x180 [ 126.293418] perf_trace_lock+0x337/0x5d0 [ 126.293743] ? perf_swevent_event+0x63/0x3f0 [ 126.294105] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.294467] ? perf_trace_lock+0xb5/0x5d0 [ 126.294796] ? __pfx_smp_call_function_single+0x10/0x10 [ 126.295221] ? get_futex_key+0x592/0x14a0 [ 126.295546] ? futex_ref_get+0x114/0x300 [ 126.295866] ? futex_hash+0x15c/0x390 [ 126.296167] lock_release+0x1ab/0x290 [ 126.296471] ? futex_hash+0x15c/0x390 [ 126.296774] futex_ref_get+0x119/0x300 [ 126.297083] ? futex_hash+0x15c/0x390 [ 126.297386] futex_hash+0x70/0x390 [ 126.297671] futex_wake+0x143/0x540 [ 126.297965] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.298334] ? __pfx___mutex_lock+0x10/0x10 [ 126.298680] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 126.299096] ? __pfx_futex_wake+0x10/0x10 [ 126.299427] ? lock_release+0x1c7/0x290 [ 126.299741] ? fd_install+0x1f0/0x660 [ 126.300049] do_futex+0x26d/0x370 [ 126.300330] ? __pfx_do_futex+0x10/0x10 [ 126.300649] __x64_sys_futex+0x1c9/0x4d0 [ 126.300972] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 126.301428] ? __pfx___x64_sys_futex+0x10/0x10 [ 126.301788] ? xfd_validate_state+0x55/0x180 [ 126.302157] do_syscall_64+0xbf/0x360 [ 126.302463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.302866] RIP: 0033:0x7fd445669b19 [ 126.303161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.304559] RSP: 002b:00007fd442bdf218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.305149] RAX: ffffffffffffffda RBX: 00007fd44577cf68 RCX: 00007fd445669b19 [ 126.305702] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd44577cf6c [ 126.306263] RBP: 00007fd44577cf60 R08: 000000000000000e R09: 0000000000000000 [ 126.306814] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fd44577cf6c [ 126.307368] R13: 00007ffd6e51728f R14: 00007fd442bdf300 R15: 0000000000022000 [ 126.307930] [ 126.308118] Modules linked in: [ 126.308400] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#3] SMP KASAN NOPTI [ 126.309258] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 126.309925] CPU: 0 UID: 0 PID: 3977 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 126.310855] Tainted: [D]=DIE, [W]=WARN [ 126.311155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.311789] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.312162] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.313560] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012 [ 126.313974] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 126.314530] RDX: ffff888048061b80 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 126.315079] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc15f48 [ 126.315628] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000 [ 126.316185] R13: 0000000000000024 R14: ffff88806ce31490 R15: dffffc0000000000 [ 126.316734] FS: 00007fd442bdf700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 126.317355] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.317803] CR2: 00007f3ab270e018 CR3: 0000000046e06000 CR4: 0000000000350ef0 [ 126.318366] Call Trace: [ 126.318571] [ 126.318746] ? __update_load_avg_se+0x428/0xa40 [ 126.319123] ? __pfx_perf_tp_event+0x10/0x10 [ 126.319477] ? place_entity+0x1c/0x410 [ 126.319786] ? kvm_sched_clock_read+0x16/0x30 [ 126.320147] ? enqueue_task_fair+0x43a/0x1e00 [ 126.320505] ? check_preempt_wakeup_fair+0x6e/0x950 [ 126.320899] ? wakeup_preempt+0x140/0x2a0 [ 126.321226] ? lock_release+0x1c7/0x290 [ 126.321542] ? lock_release+0x1c7/0x290 [ 126.321858] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.322275] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 126.322676] ? kvm_sched_clock_read+0x16/0x30 [ 126.323035] ? sched_clock+0x37/0x60 [ 126.323334] ? sched_clock_cpu+0x6c/0x4e0 [ 126.323667] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.324062] perf_trace_run_bpf_submit+0xef/0x180 [ 126.324449] perf_trace_lock+0x337/0x5d0 [ 126.324773] ? kvm_sched_clock_read+0x16/0x30 [ 126.325136] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.325499] ? check_preempt_wakeup_fair+0x6e/0x950 [ 126.325891] ? lock_release+0x1c7/0x290 [ 126.326216] ? sched_ttwu_pending+0x2e0/0x4a0 [ 126.326576] lock_release+0x1ab/0x290 [ 126.326878] ? ttwu_do_activate+0x1a4/0x8a0 [ 126.327222] _raw_spin_unlock+0x16/0x40 [ 126.327538] sched_ttwu_pending+0x2e0/0x4a0 [ 126.327885] ? lock_release+0x1c7/0x290 [ 126.328201] ? __pfx_sched_ttwu_pending+0x10/0x10 [ 126.328594] __flush_smp_call_function_queue+0x434/0x740 [ 126.329034] __sysvec_call_function_single+0x6d/0x370 [ 126.329446] sysvec_call_function_single+0xa1/0xc0 [ 126.329836] [ 126.330016] [ 126.330206] asm_sysvec_call_function_single+0x1a/0x20 [ 126.330613] RIP: 0010:oops_exit+0x0/0x50 [ 126.330938] Code: 00 3a 00 be ff ff ff ff 48 c7 c7 50 b4 43 86 e8 c6 0f f9 ff 5b e9 50 00 3a 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 36 00 3a 00 8b 1d c0 3d 4f 06 31 ff 89 de e8 57 [ 126.332330] RSP: 0018:ffff8880480df690 EFLAGS: 00000202 [ 126.332743] RAX: 000000000002f263 RBX: 0000000000000212 RCX: ffffc900063e3000 [ 126.333290] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 126.333841] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f12690 [ 126.334396] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880480df758 [ 126.334951] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000 [ 126.335509] ? oops_end+0x4a/0xe0 [ 126.335798] oops_end+0x65/0xe0 [ 126.336071] exc_general_protection+0x1a2/0x330 [ 126.336449] asm_exc_general_protection+0x26/0x30 [ 126.336826] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.337196] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.338592] RSP: 0018:ffff8880480df800 EFLAGS: 00010212 [ 126.339004] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900063e3000 [ 126.339550] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 126.340101] RBP: ffff8880480dfa70 R08: ffff88806ce31340 R09: ffffe8ffffc15f48 [ 126.340653] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.341199] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 126.341757] ? perf_tp_event+0x167/0xe70 [ 126.342100] ? __pfx_perf_tp_event+0x10/0x10 [ 126.342455] ? kvm_sched_clock_read+0x16/0x30 [ 126.342815] ? local_clock_noinstr+0xf/0xc0 [ 126.343161] ? perf_trace_lock+0xb5/0x5d0 [ 126.343490] ? perf_trace_lock+0xb5/0x5d0 [ 126.343818] ? tracing_gen_ctx_irq_test+0x167/0x1f0 [ 126.344210] ? perf_swevent_event+0x63/0x3f0 [ 126.344564] ? perf_tp_event+0x807/0xe70 [ 126.344892] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.345294] ? __pfx_perf_tp_event+0x10/0x10 [ 126.345647] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 126.346108] ? do_raw_spin_unlock+0x53/0x220 [ 126.346464] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.346858] perf_trace_run_bpf_submit+0xef/0x180 [ 126.347245] perf_trace_lock+0x337/0x5d0 [ 126.347570] ? perf_swevent_event+0x63/0x3f0 [ 126.347928] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.348289] ? perf_trace_lock+0xb5/0x5d0 [ 126.348618] ? __pfx_smp_call_function_single+0x10/0x10 [ 126.349044] ? get_futex_key+0x592/0x14a0 [ 126.349371] ? futex_ref_get+0x114/0x300 [ 126.349689] ? futex_hash+0x15c/0x390 [ 126.349992] lock_release+0x1ab/0x290 [ 126.350303] ? futex_hash+0x15c/0x390 [ 126.350602] futex_ref_get+0x119/0x300 [ 126.350910] ? futex_hash+0x15c/0x390 [ 126.351211] futex_hash+0x70/0x390 [ 126.351497] futex_wake+0x143/0x540 [ 126.351791] ? __pfx_perf_trace_lock+0x10/0x10 [ 126.352154] ? __pfx___mutex_lock+0x10/0x10 [ 126.352497] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 126.352910] ? __pfx_futex_wake+0x10/0x10 [ 126.353244] ? lock_release+0x1c7/0x290 [ 126.353559] ? fd_install+0x1f0/0x660 [ 126.353863] do_futex+0x26d/0x370 [ 126.354149] ? __pfx_do_futex+0x10/0x10 [ 126.354471] __x64_sys_futex+0x1c9/0x4d0 [ 126.354796] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 126.355254] ? __pfx___x64_sys_futex+0x10/0x10 [ 126.355616] ? xfd_validate_state+0x55/0x180 [ 126.355975] do_syscall_64+0xbf/0x360 [ 126.356278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.356680] RIP: 0033:0x7fd445669b19 [ 126.356975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.358372] RSP: 002b:00007fd442bdf218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.358957] RAX: ffffffffffffffda RBX: 00007fd44577cf68 RCX: 00007fd445669b19 [ 126.359505] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd44577cf6c [ 126.360051] RBP: 00007fd44577cf60 R08: 000000000000000e R09: 0000000000000000 [ 126.360599] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fd44577cf6c [ 126.361151] R13: 00007ffd6e51728f R14: 00007fd442bdf300 R15: 0000000000022000 [ 126.361711] [ 126.361899] Modules linked in: [ 126.362160] ---[ end trace 0000000000000000 ]--- [ 126.362523] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.362893] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.364283] RSP: 0018:ffff888046877800 EFLAGS: 00010212 [ 126.364715] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 126.365287] RDX: ffff888045edb700 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 126.365865] RBP: ffff888046877a70 R08: ffff88806ce31340 R09: ffffe8ffffc15f48 [ 126.366448] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.367029] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 126.367608] FS: 00007fd442bdf700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 126.368258] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.368729] CR2: 00007f3ab270e018 CR3: 0000000046e06000 CR4: 0000000000350ef0 [ 126.369306] Kernel panic - not syncing: Fatal exception in interrupt [ 127.414211] Shutting down cpus with NMI [ 127.414628] Kernel Offset: disabled [ 127.414925] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 11:08:04 Registers: info registers vcpu 0 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888046877158 R8 =0000000000000000 R9 =ffffed100176d046 R10=0000000000000031 R11=30376578302f4952 R12=0000000000000031 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055556fd3e400 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe7c00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fc8c6770019 CR3=000000004547e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f3ab26e17c000007f3ab26e17c8 XMM02=00007f3ab26e17e000007f3ab26e17c0 XMM03=00007f3ab26e17c800007f3ab26e17c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88806ce3de20 RCX=ffffffff816880fc RDX=ffff888016f51b80 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888047fc7988 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1 R12=ffffed100d9c7bc5 R13=ffff88806ce3de28 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555591071400 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe5e00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2d222000 CR3=000000000f5e9000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000ff000000000000000000000000 XMM01=00000001000000000000000000000000 XMM02=7463656a6e695f31313230385f7a7973 XMM03=00007fc677c8d7c800007fc677c8d7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000