Warning: Permanently added '[localhost]:6414' (ECDSA) to the list of known hosts. 2025/09/01 11:11:13 fuzzer started 2025/09/01 11:11:14 dialing manager at localhost:35473 syzkaller login: [ 52.823138] cgroup: Unknown subsys name 'net' [ 52.908107] cgroup: Unknown subsys name 'cpuset' [ 52.927036] cgroup: Unknown subsys name 'rlimit' 2025/09/01 11:11:26 syscalls: 2214 2025/09/01 11:11:26 code coverage: enabled 2025/09/01 11:11:26 comparison tracing: enabled 2025/09/01 11:11:26 extra coverage: enabled 2025/09/01 11:11:26 setuid sandbox: enabled 2025/09/01 11:11:26 namespace sandbox: enabled 2025/09/01 11:11:26 Android sandbox: enabled 2025/09/01 11:11:26 fault injection: enabled 2025/09/01 11:11:26 leak checking: enabled 2025/09/01 11:11:26 net packet injection: enabled 2025/09/01 11:11:26 net device setup: enabled 2025/09/01 11:11:26 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 11:11:26 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 11:11:26 USB emulation: enabled 2025/09/01 11:11:26 hci packet injection: enabled 2025/09/01 11:11:26 wifi device emulation: enabled 2025/09/01 11:11:26 802.15.4 emulation: enabled 2025/09/01 11:11:26 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 11:11:26 fetching corpus: 50, signal 20572/24117 (executing program) 2025/09/01 11:11:27 fetching corpus: 100, signal 27930/32981 (executing program) 2025/09/01 11:11:27 fetching corpus: 150, signal 34159/40696 (executing program) 2025/09/01 11:11:27 fetching corpus: 200, signal 39274/47200 (executing program) 2025/09/01 11:11:27 fetching corpus: 250, signal 47282/56324 (executing program) 2025/09/01 11:11:27 fetching corpus: 300, signal 55496/65461 (executing program) 2025/09/01 11:11:27 fetching corpus: 350, signal 59757/70746 (executing program) 2025/09/01 11:11:27 fetching corpus: 400, signal 63411/75425 (executing program) 2025/09/01 11:11:27 fetching corpus: 450, signal 67136/80073 (executing program) 2025/09/01 11:11:27 fetching corpus: 500, signal 70509/84323 (executing program) 2025/09/01 11:11:27 fetching corpus: 550, signal 73521/88193 (executing program) 2025/09/01 11:11:27 fetching corpus: 600, signal 75963/91543 (executing program) 2025/09/01 11:11:27 fetching corpus: 650, signal 78510/94892 (executing program) 2025/09/01 11:11:28 fetching corpus: 700, signal 80328/97571 (executing program) 2025/09/01 11:11:28 fetching corpus: 750, signal 82301/100354 (executing program) 2025/09/01 11:11:28 fetching corpus: 800, signal 84200/103026 (executing program) 2025/09/01 11:11:28 fetching corpus: 850, signal 86652/106107 (executing program) 2025/09/01 11:11:28 fetching corpus: 900, signal 88953/109027 (executing program) 2025/09/01 11:11:28 fetching corpus: 950, signal 91297/111931 (executing program) 2025/09/01 11:11:28 fetching corpus: 1000, signal 93448/114626 (executing program) 2025/09/01 11:11:28 fetching corpus: 1050, signal 94596/116522 (executing program) 2025/09/01 11:11:28 fetching corpus: 1100, signal 95970/118577 (executing program) 2025/09/01 11:11:28 fetching corpus: 1150, signal 98391/121331 (executing program) 2025/09/01 11:11:28 fetching corpus: 1200, signal 99901/123403 (executing program) 2025/09/01 11:11:28 fetching corpus: 1250, signal 101471/125477 (executing program) 2025/09/01 11:11:28 fetching corpus: 1300, signal 102502/127103 (executing program) 2025/09/01 11:11:29 fetching corpus: 1350, signal 104386/129310 (executing program) 2025/09/01 11:11:29 fetching corpus: 1400, signal 106030/131345 (executing program) 2025/09/01 11:11:29 fetching corpus: 1450, signal 107994/133555 (executing program) 2025/09/01 11:11:29 fetching corpus: 1500, signal 109963/135751 (executing program) 2025/09/01 11:11:29 fetching corpus: 1550, signal 110831/137228 (executing program) 2025/09/01 11:11:29 fetching corpus: 1600, signal 112169/138945 (executing program) 2025/09/01 11:11:29 fetching corpus: 1650, signal 113639/140681 (executing program) 2025/09/01 11:11:29 fetching corpus: 1700, signal 114669/142159 (executing program) 2025/09/01 11:11:29 fetching corpus: 1750, signal 115461/143421 (executing program) 2025/09/01 11:11:29 fetching corpus: 1800, signal 116395/144736 (executing program) 2025/09/01 11:11:29 fetching corpus: 1850, signal 117433/146117 (executing program) 2025/09/01 11:11:30 fetching corpus: 1900, signal 118921/147750 (executing program) 2025/09/01 11:11:30 fetching corpus: 1950, signal 119791/148993 (executing program) 2025/09/01 11:11:30 fetching corpus: 2000, signal 120885/150323 (executing program) 2025/09/01 11:11:30 fetching corpus: 2050, signal 121839/151600 (executing program) 2025/09/01 11:11:30 fetching corpus: 2100, signal 123195/152988 (executing program) 2025/09/01 11:11:30 fetching corpus: 2150, signal 124424/154316 (executing program) 2025/09/01 11:11:30 fetching corpus: 2200, signal 125139/155355 (executing program) 2025/09/01 11:11:30 fetching corpus: 2250, signal 125924/156434 (executing program) 2025/09/01 11:11:30 fetching corpus: 2300, signal 129713/158911 (executing program) 2025/09/01 11:11:31 fetching corpus: 2350, signal 130625/159973 (executing program) 2025/09/01 11:11:31 fetching corpus: 2400, signal 131640/161105 (executing program) 2025/09/01 11:11:31 fetching corpus: 2450, signal 132678/162234 (executing program) 2025/09/01 11:11:31 fetching corpus: 2500, signal 134066/163490 (executing program) 2025/09/01 11:11:31 fetching corpus: 2550, signal 135331/164648 (executing program) 2025/09/01 11:11:31 fetching corpus: 2600, signal 136440/165697 (executing program) 2025/09/01 11:11:31 fetching corpus: 2650, signal 137107/166542 (executing program) 2025/09/01 11:11:31 fetching corpus: 2700, signal 137700/167353 (executing program) 2025/09/01 11:11:31 fetching corpus: 2750, signal 138271/168184 (executing program) 2025/09/01 11:11:31 fetching corpus: 2800, signal 138827/168957 (executing program) 2025/09/01 11:11:32 fetching corpus: 2850, signal 139475/169747 (executing program) 2025/09/01 11:11:32 fetching corpus: 2900, signal 140061/170563 (executing program) 2025/09/01 11:11:32 fetching corpus: 2950, signal 140788/171334 (executing program) 2025/09/01 11:11:32 fetching corpus: 3000, signal 141612/172144 (executing program) 2025/09/01 11:11:32 fetching corpus: 3050, signal 142584/172992 (executing program) 2025/09/01 11:11:32 fetching corpus: 3100, signal 143254/173700 (executing program) 2025/09/01 11:11:32 fetching corpus: 3150, signal 144026/174385 (executing program) 2025/09/01 11:11:32 fetching corpus: 3200, signal 144638/175104 (executing program) 2025/09/01 11:11:32 fetching corpus: 3250, signal 145037/175704 (executing program) 2025/09/01 11:11:32 fetching corpus: 3300, signal 145674/176370 (executing program) 2025/09/01 11:11:33 fetching corpus: 3350, signal 146141/176967 (executing program) 2025/09/01 11:11:33 fetching corpus: 3400, signal 146824/177589 (executing program) 2025/09/01 11:11:33 fetching corpus: 3450, signal 147519/178279 (executing program) 2025/09/01 11:11:33 fetching corpus: 3500, signal 147959/178869 (executing program) 2025/09/01 11:11:33 fetching corpus: 3550, signal 148560/179438 (executing program) 2025/09/01 11:11:33 fetching corpus: 3600, signal 149128/179982 (executing program) 2025/09/01 11:11:33 fetching corpus: 3650, signal 150369/180645 (executing program) 2025/09/01 11:11:33 fetching corpus: 3700, signal 150984/181177 (executing program) 2025/09/01 11:11:33 fetching corpus: 3750, signal 151543/181688 (executing program) 2025/09/01 11:11:33 fetching corpus: 3800, signal 152102/182206 (executing program) 2025/09/01 11:11:34 fetching corpus: 3850, signal 152812/182710 (executing program) 2025/09/01 11:11:34 fetching corpus: 3900, signal 153193/183164 (executing program) 2025/09/01 11:11:34 fetching corpus: 3950, signal 153602/183586 (executing program) 2025/09/01 11:11:34 fetching corpus: 4000, signal 153954/184004 (executing program) 2025/09/01 11:11:34 fetching corpus: 4050, signal 154481/184425 (executing program) 2025/09/01 11:11:34 fetching corpus: 4100, signal 154991/184887 (executing program) 2025/09/01 11:11:34 fetching corpus: 4150, signal 155335/185291 (executing program) 2025/09/01 11:11:34 fetching corpus: 4200, signal 155774/185712 (executing program) 2025/09/01 11:11:34 fetching corpus: 4250, signal 156216/186117 (executing program) 2025/09/01 11:11:34 fetching corpus: 4300, signal 156528/186525 (executing program) 2025/09/01 11:11:34 fetching corpus: 4350, signal 157049/186945 (executing program) 2025/09/01 11:11:35 fetching corpus: 4400, signal 157476/187289 (executing program) 2025/09/01 11:11:35 fetching corpus: 4450, signal 157807/187647 (executing program) 2025/09/01 11:11:35 fetching corpus: 4500, signal 158522/188063 (executing program) 2025/09/01 11:11:35 fetching corpus: 4550, signal 158900/188404 (executing program) 2025/09/01 11:11:35 fetching corpus: 4600, signal 159393/188685 (executing program) 2025/09/01 11:11:35 fetching corpus: 4650, signal 159924/188701 (executing program) 2025/09/01 11:11:35 fetching corpus: 4700, signal 160353/188705 (executing program) 2025/09/01 11:11:35 fetching corpus: 4750, signal 160743/188726 (executing program) 2025/09/01 11:11:35 fetching corpus: 4800, signal 161180/188729 (executing program) 2025/09/01 11:11:35 fetching corpus: 4850, signal 161606/188740 (executing program) 2025/09/01 11:11:36 fetching corpus: 4900, signal 162184/188796 (executing program) 2025/09/01 11:11:36 fetching corpus: 4950, signal 162554/188798 (executing program) 2025/09/01 11:11:36 fetching corpus: 5000, signal 162833/188816 (executing program) 2025/09/01 11:11:36 fetching corpus: 5050, signal 163316/188816 (executing program) 2025/09/01 11:11:36 fetching corpus: 5100, signal 163771/188816 (executing program) 2025/09/01 11:11:36 fetching corpus: 5150, signal 164187/188817 (executing program) 2025/09/01 11:11:36 fetching corpus: 5200, signal 164813/188824 (executing program) 2025/09/01 11:11:36 fetching corpus: 5250, signal 165115/188841 (executing program) 2025/09/01 11:11:36 fetching corpus: 5300, signal 165576/188863 (executing program) 2025/09/01 11:11:36 fetching corpus: 5350, signal 165963/188867 (executing program) 2025/09/01 11:11:36 fetching corpus: 5400, signal 166278/188882 (executing program) 2025/09/01 11:11:36 fetching corpus: 5450, signal 167310/188885 (executing program) 2025/09/01 11:11:37 fetching corpus: 5500, signal 167772/188898 (executing program) 2025/09/01 11:11:37 fetching corpus: 5550, signal 168232/188903 (executing program) 2025/09/01 11:11:37 fetching corpus: 5600, signal 168582/188904 (executing program) 2025/09/01 11:11:37 fetching corpus: 5650, signal 169047/188915 (executing program) 2025/09/01 11:11:37 fetching corpus: 5700, signal 169473/188917 (executing program) 2025/09/01 11:11:37 fetching corpus: 5750, signal 169981/188954 (executing program) 2025/09/01 11:11:37 fetching corpus: 5800, signal 170200/188974 (executing program) 2025/09/01 11:11:37 fetching corpus: 5850, signal 170739/188993 (executing program) 2025/09/01 11:11:37 fetching corpus: 5900, signal 171138/189005 (executing program) 2025/09/01 11:11:37 fetching corpus: 5950, signal 171549/189069 (executing program) 2025/09/01 11:11:37 fetching corpus: 6000, signal 171901/189071 (executing program) 2025/09/01 11:11:38 fetching corpus: 6050, signal 172339/189082 (executing program) 2025/09/01 11:11:38 fetching corpus: 6100, signal 172653/189089 (executing program) 2025/09/01 11:11:38 fetching corpus: 6150, signal 173058/189094 (executing program) 2025/09/01 11:11:38 fetching corpus: 6200, signal 173561/189125 (executing program) 2025/09/01 11:11:38 fetching corpus: 6250, signal 173855/189129 (executing program) 2025/09/01 11:11:38 fetching corpus: 6300, signal 174087/189129 (executing program) 2025/09/01 11:11:38 fetching corpus: 6350, signal 174792/189142 (executing program) 2025/09/01 11:11:38 fetching corpus: 6400, signal 175102/189168 (executing program) 2025/09/01 11:11:38 fetching corpus: 6450, signal 175484/189175 (executing program) 2025/09/01 11:11:38 fetching corpus: 6500, signal 175805/189240 (executing program) 2025/09/01 11:11:38 fetching corpus: 6550, signal 176061/189244 (executing program) 2025/09/01 11:11:39 fetching corpus: 6600, signal 176301/189286 (executing program) 2025/09/01 11:11:39 fetching corpus: 6650, signal 176590/189287 (executing program) 2025/09/01 11:11:39 fetching corpus: 6700, signal 176855/189319 (executing program) 2025/09/01 11:11:39 fetching corpus: 6750, signal 177306/189329 (executing program) 2025/09/01 11:11:39 fetching corpus: 6800, signal 177537/189332 (executing program) 2025/09/01 11:11:39 fetching corpus: 6850, signal 177775/189334 (executing program) 2025/09/01 11:11:39 fetching corpus: 6900, signal 178175/189342 (executing program) 2025/09/01 11:11:39 fetching corpus: 6950, signal 178630/189342 (executing program) 2025/09/01 11:11:39 fetching corpus: 7000, signal 179136/189351 (executing program) 2025/09/01 11:11:39 fetching corpus: 7050, signal 179353/189353 (executing program) 2025/09/01 11:11:39 fetching corpus: 7100, signal 179704/189356 (executing program) 2025/09/01 11:11:39 fetching corpus: 7150, signal 179916/189366 (executing program) 2025/09/01 11:11:40 fetching corpus: 7200, signal 180265/189366 (executing program) 2025/09/01 11:11:40 fetching corpus: 7250, signal 180524/189372 (executing program) 2025/09/01 11:11:40 fetching corpus: 7300, signal 180701/189375 (executing program) 2025/09/01 11:11:40 fetching corpus: 7350, signal 181021/189393 (executing program) 2025/09/01 11:11:40 fetching corpus: 7400, signal 181236/189396 (executing program) 2025/09/01 11:11:40 fetching corpus: 7450, signal 181807/189397 (executing program) 2025/09/01 11:11:40 fetching corpus: 7500, signal 182031/189400 (executing program) 2025/09/01 11:11:40 fetching corpus: 7550, signal 182350/189404 (executing program) 2025/09/01 11:11:40 fetching corpus: 7600, signal 182663/189408 (executing program) 2025/09/01 11:11:40 fetching corpus: 7650, signal 182988/189418 (executing program) 2025/09/01 11:11:40 fetching corpus: 7700, signal 183264/189421 (executing program) 2025/09/01 11:11:40 fetching corpus: 7750, signal 183592/189423 (executing program) 2025/09/01 11:11:41 fetching corpus: 7800, signal 183894/189430 (executing program) 2025/09/01 11:11:41 fetching corpus: 7850, signal 184139/189430 (executing program) 2025/09/01 11:11:41 fetching corpus: 7900, signal 184406/189441 (executing program) 2025/09/01 11:11:41 fetching corpus: 7950, signal 184733/189442 (executing program) 2025/09/01 11:11:41 fetching corpus: 8000, signal 184979/189442 (executing program) 2025/09/01 11:11:41 fetching corpus: 8050, signal 185159/189446 (executing program) 2025/09/01 11:11:41 fetching corpus: 8100, signal 185356/189456 (executing program) 2025/09/01 11:11:41 fetching corpus: 8150, signal 185640/189456 (executing program) 2025/09/01 11:11:41 fetching corpus: 8200, signal 185962/189460 (executing program) 2025/09/01 11:11:41 fetching corpus: 8250, signal 186500/189463 (executing program) 2025/09/01 11:11:41 fetching corpus: 8300, signal 186781/189497 (executing program) 2025/09/01 11:11:41 fetching corpus: 8329, signal 186964/189498 (executing program) 2025/09/01 11:11:41 fetching corpus: 8329, signal 186964/189498 (executing program) 2025/09/01 11:11:43 starting 8 fuzzer processes 11:11:43 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/fscreate\x00', 0x2, 0x0) read(r0, 0x0, 0x0) 11:11:43 executing program 1: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000240)=""/31, 0x1f}, {&(0x7f00000003c0)=""/243, 0xf3}], 0x2) 11:11:43 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x800, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000080)="376db9b57f52b0a35db21e1129b0027cb17e64c477b9248a754770bbc0b346074c784195eb963b51692b7382fd8545313c8cf0d3859d4129a11a6004293836651aedbb8a6804d98d7a8fabc4cb8a70c79aa3faf6f1360f199c61ddf01ab9ed12953ac3f6c7add74afe8242e96d4b972c5867e4e42026172f0f57d036bff6e42aeb56146bae1303948d9da61baabf", 0x8e}, {&(0x7f0000000140)="87dfa58ab4d83ef9f485b5ccb21d5b94347f8b", 0x13}, {&(0x7f0000000180)="d87bba65dcaed7b770f6bdc1f7663c0f43f0f038e7e91877e7a5bc5dc506cf", 0x1f}, {&(0x7f00000003c0)="0e3289b7c4d5c47fb60ad92e35edb2d29814ce632dd75b6804f1c2610349a8aff4a0ee062b55018037ea323003b8e5a953a4d432db0a0f1da00e07da0443af3915001c515d1c23e7ae85a634ecd1ad64c70f4e627c7976e3686acec61e60bfc72b29cf05c61da7d270b33fc7996a7d7fffd7fd1bcd0cf9a0f7a0e35a63764085bcebf30424eb00c22d0036e273998c842ea71740ef0a4c0e78ca846a5dbcf2279aed20f4f9181f6c91ba9a87981e92b87e4d6362eae881eaf847f3ccfcf756083dd4ade0d17be938e8ff7f447f4df31de725a10a6c023a07542f", 0xda}, {&(0x7f0000000280)="33b960044908a9c59e30f336235537e389b3b9af6b4842473d719b59026c0a6d106767d5a4994b35542e3c16110976365b88040a37e14131ce0d2de050f0d0d4b25cb358a2985ded4fd3e714cba1191988c61ed0c32596aefe", 0x59}, {&(0x7f00000004c0)="f704e3ddacd4efa713389c808631676315b81a473e", 0x15}, {&(0x7f0000000540)="b55bb888cfa5e8eae03d43a350a3a9aed5", 0x11}], 0x7}}, {{&(0x7f0000000c40)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0}}], 0x2, 0x0) 11:11:43 executing program 2: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) poll(&(0x7f00000000c0)=[{r0}], 0x1, 0x6) [ 80.756532] audit: type=1400 audit(1756725103.911:7): avc: denied { execmem } for pid=273 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:11:43 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000def4655f000000000000000001000000000000000b0000000004000008000000d2c20100120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e32313538333830363200"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000efdd79b7c3654313ac0cec53e79dcbaf010040000c00000000000000def4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000000000000000000000000000000004", 0x35, 0x540}, {&(0x7f0000010300)="03", 0x1, 0x640}, {&(0x7f0000010400)="03000000040000000500000017000f000300040000000000000000000f008551", 0x20, 0x800}, {&(0x7f0000010e00)="ed41000000040000def4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1800}], 0x0, &(0x7f0000013800)) 11:11:43 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) mount$9p_virtio(&(0x7f0000000800), &(0x7f0000000840)='./file0\x00', &(0x7f0000000880), 0x2, 0x0) 11:11:44 executing program 5: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000080), 0x0, 0x0, 0x1) 11:11:44 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={[{@sb}]}) [ 82.023270] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 82.028971] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.031937] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.033913] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 82.036346] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.037935] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 82.041401] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 82.045067] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 82.046722] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 82.051599] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.052961] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 82.057997] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 82.060599] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 82.063371] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 82.078904] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 82.114480] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 82.120588] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 82.134126] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 82.134957] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 82.141640] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 82.146602] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 82.148815] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 82.150795] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 82.152127] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 82.153400] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 82.155217] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 82.156561] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 82.158144] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 82.160004] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 82.168892] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 82.170274] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 82.172225] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 82.174941] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 82.178339] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 82.198843] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 82.202206] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 82.203862] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 82.238760] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 82.247075] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 82.248905] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 84.122691] Bluetooth: hci0: command tx timeout [ 84.123263] Bluetooth: hci1: command tx timeout [ 84.124017] Bluetooth: hci2: command tx timeout [ 84.248734] Bluetooth: hci4: command tx timeout [ 84.249370] Bluetooth: hci7: command tx timeout [ 84.315669] Bluetooth: hci6: command tx timeout [ 84.316257] Bluetooth: hci3: command tx timeout [ 84.316725] Bluetooth: hci5: command tx timeout [ 86.171688] Bluetooth: hci2: command tx timeout [ 86.172140] Bluetooth: hci1: command tx timeout [ 86.172523] Bluetooth: hci0: command tx timeout [ 86.296704] Bluetooth: hci7: command tx timeout [ 86.297152] Bluetooth: hci4: command tx timeout [ 86.361770] Bluetooth: hci5: command tx timeout [ 86.362209] Bluetooth: hci3: command tx timeout [ 86.362589] Bluetooth: hci6: command tx timeout [ 88.217725] Bluetooth: hci0: command tx timeout [ 88.218185] Bluetooth: hci1: command tx timeout [ 88.218577] Bluetooth: hci2: command tx timeout [ 88.344715] Bluetooth: hci4: command tx timeout [ 88.345158] Bluetooth: hci7: command tx timeout [ 88.408753] Bluetooth: hci6: command tx timeout [ 88.409190] Bluetooth: hci3: command tx timeout [ 88.409575] Bluetooth: hci5: command tx timeout [ 90.264813] Bluetooth: hci0: command tx timeout [ 90.265257] Bluetooth: hci1: command tx timeout [ 90.265747] Bluetooth: hci2: command tx timeout [ 90.395249] Bluetooth: hci7: command tx timeout [ 90.396671] Bluetooth: hci4: command tx timeout [ 90.456832] Bluetooth: hci5: command tx timeout [ 90.457261] Bluetooth: hci3: command tx timeout [ 90.458693] Bluetooth: hci6: command tx timeout [ 118.324172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.324872] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.523540] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.524275] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.694651] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.695281] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.917332] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.918527] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.926906] audit: type=1400 audit(1756725142.083:8): avc: denied { open } for pid=3757 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 118.935901] audit: type=1400 audit(1756725142.084:9): avc: denied { kernel } for pid=3757 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.176679] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.177317] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.337445] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.338192] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.844720] loop7: detected capacity change from 0 to 1024 [ 119.936021] EXT4-fs error (device loop7): ext4_quota_enable:7134: inode #3: comm syz-executor.7: iget: special inode unallocated [ 119.946011] EXT4-fs error (device loop7): ext4_quota_enable:7136: comm syz-executor.7: Bad quota inode: 3, type: 0 [ 119.962158] EXT4-fs warning (device loop7): ext4_enable_quotas:7174: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 119.974160] EXT4-fs (loop7): mount failed [ 120.031810] loop7: detected capacity change from 0 to 1024 [ 120.073204] EXT4-fs error (device loop7): ext4_quota_enable:7134: inode #3: comm syz-executor.7: iget: special inode unallocated [ 120.080400] EXT4-fs error (device loop7): ext4_quota_enable:7136: comm syz-executor.7: Bad quota inode: 3, type: 0 [ 120.081448] EXT4-fs warning (device loop7): ext4_enable_quotas:7174: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 120.085873] EXT4-fs (loop7): mount failed [ 120.115430] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.116229] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.144850] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.145422] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.213579] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.214305] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.294432] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.295067] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.699858] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.701527] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.706849] No source specified [ 120.715478] No source specified [ 120.824903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.825488] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.137423] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.138169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.163471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.164094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.550683] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.551787] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.632663] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.633286] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.759971] 9pnet_virtio: no channels available for device syz 11:12:24 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0) r1 = dup(r0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000100)={0x53, 0x0, 0x6, 0xe5, @buffer={0x0, 0xe1, &(0x7f0000000180)=""/225}, &(0x7f0000000080)="a873d6abd06f", 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0}) 11:12:24 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) fcntl$lock(r0, 0x20, 0x0) 11:12:24 executing program 0: mount$9p_unix(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) syz_mount_image$vfat(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x1, &(0x7f0000002240)=[{&(0x7f0000000240)="48a3d0c7109a0afb29ffc6fd51332e42d42d0cac6315f06260293de4184af8d812b6dce006393a25763353c046f9afdabff918fbbafc4b243776b9b2fa15e516479f4d96b240cc4267e3e98e0b1852f16b6d91bb8c569b8d25e31de69a0a8a831670b822a28031a18421f406df4e7cf24065ea1c09bbba70f69ed047edee48e5aa701f59fde9b8e79c3f0d91c749922790e7cc48f6c5e4dcbbbf1bb593984e5b5227f7090a367855b84c75fb0e341fd8662c841b097e053d5a2219a1cfef4388cfde4c574b29b46ac35388c20f81fc45967ee10e9e6e16900b8682c27348119a5498e19bbe91a06fe578a0f85a912431377cc38aa4155a8ac8c3939c7049dc13f36f65c0cfc6980e00628db2a30c0bc640aa4bccca542e2cf4f75b078f404095934def8426106d4ae704a07cc8f3c63c10093fee2219c365623ed7422a4031a54d9430e8eaf6175c9156454ea17f60ab8cc50f2cccb3cf855231506023e8e54448e344d61ec141bc08bb841230a67a37d0bfd4955ce2c4c8a72af9436bef4f36cee372313ed1104cb4849ea2e6f92a57bb7b013c5195d4e4f240ebe5119f38254378f9434d515f85a6ab9187c3fc1f977f422aa797d74e3391549fa5c4d51adde82213205175b8d2aa87a7f0995e1b76451888adc899065da2ab305ec011048d982ba9b9401af5a36f29c4f9e118d4984b2bcf3532e2d2d9c6b41534d037aa4917288defbf9ce49b5d98b2005f40177228b677a38ae8f051b7ed0cbf1690ce7ce5a87ba05a8a76d40059be33ed561b9bf6f4aaa78147b1531422f25aab81539b488bff29c14f8691e92cf7d7fad2e20a392aafd5e50e4f724b1fbc6e48a458a84e5c8c20c7d7aef984182ea194512bb971548fa8ec0f23a1e645a09d5c297e8deeac9fdbcf96073afcfbea3f3c1bc90f30e7df2d2d89f548c36e3799b8cb1072f60811b37d1dd83bc8dbcef6fe6390a392d5338699e8de8468c3922b914e8036073864cd28c878d255855b7ff341c85a43d23f1cdc0be5af717bcf94dfe244c5e6657286978081a29daf3cf7a8533895746573a07e25f7b1628ade5892307426bf4335da6caa388b263bb02369f01011769c43966dc4d93fbd763982efa2c9e751750ec2cc3f52b3a43faf1b4012d665fbc7b61a0f701b815a831c317cfff17033d78f683922b696ccb51b4decd0b38a170c15a43e1bd94f557cc96820d6e5d5799eea7f9c7d1c4fd4d8d15f7b536a98539a295675f503a3f0e020bde1d4e6bf0761d8b5b859590ba687c2699023668f972d9bc2f492fc6a79d33d147f6ec017a360cfc92445e5879e08bcd91918779d370635de664ca22a6d183bf1dfe3a8d887d7ab5248dba5e740edd5c2d10c8650f6dbcec0afec9120fc4ec9c66e4378963eb5037deeec589a340f1eb58e0a39ff40e8a1c31b6b6573e288954d96e0797c0d6ea9c0f1deaa9d5cf312a255b1c7f368eaeaccb1badec9e0c6e174f984cdf8338abd940c269784c66567d3e00b190f00d923d65cd29df45fd49e702c459f6f90a480f63504138aaa1f7dfe4a50973c9c030dc24b0cfc7d4be2e9eb85971acbb3a4fcd54123b637e7077c29a838490e8cf04175678cced43ce097e7f049cf5041ce3b83e1ebc904fdaf130d14fd6fdcb4b1095afd69ad6d2e99e26debe4bfaf1b97575d117b23e59770aa38e66278fa415335b4d873b730a65b76047d71c1c5f9c327fcb5154627439bbacf430a9d192d167f98616c7d8b2de18a32ec509a74fd95b69d57b7278d1be78e06e23852a87d1ee33107e4341b086ba9d6819e7c3008529c1fe0f3a72e4eb17e94b127840c5141f443a9d0631260ee1ea4f0d5e8ce2ccdb713952a8c334f3b45d5b6c1de10cb73a799a0f2d5080096f946b524d100747260ba57dd753aa39bcb47c365da14d40445ff1c2cb6761589770f2ebe77577fd2dd796d839722b8fb0553dc95a89168f63b69991b6274ad208a6ccb711f9a839ab20db5b9407314ecfcd8fac7afca17f8e94af4fc6d248719e1900d056ea3b4431a427db4ff792249e6ce3d9e6fd6bc313b9578ebca796260d8cb0fcc37f1982cd2d132f4c38b0978baf158e80a145f231a9cf2b8b9370763599ca42acaa57b05cc38f2ba772412ef4b1b5552e031a29958ab305321a06159fc0e74a24ff6084de70776ec6bd323c545c2eef83bb3373d30036c831e144689a35d7759000be3fd933d1e4fb8a3ff36b1f0b07626deaafb8d67ff274a89821802b4182e571dc6cef09585f88c09181e4b8850ef2412e815357b25bc5058c339e962273ce2e7827ec537ddc6ca1269272bccc1f5b2df426a9f8f344b4c78e89a70ffd7a98edc1b258a4790319f29d914f36b78e5801f74a6700ee052ae9f47b35c291d9a36406f98ef1f4f0887184305172be0a4410aa7c206664f79314b5c0c356b65586a227bb8067db82f22b280de8a810358dbc4e2d9a2395e01c9006ca160ab3b28384be39ba7fb88bbbcb6e61b706d9913067e56845fcaa19f28a5bdf55c36ff1401fbc8f9f669275438b8110c92e370ed9d91493e02c07b2d1d122e9ac9c333b0be35775f3ae518b2aa61af0159e66815732d216396f4a99cdae5858a689d414aeb24746199e51e26b56671111fe4ed6bd6d53baafff879ba149575c1f4cd27cd1f2c648435166fccea9f0941cd9a8aac49332877c16f0840d82b0188cb1ca2aac4dfadf97d35bac17f9bb32e6f26c0b6ba594fc2be2a3a653aa0bfd35ba88f49e5f591d460c7ec568d523b13fa208ff8af0b44b5970b4b057f9ca1ba1446ea58fcc0dd853c73e9e69cea47615f11010ee9d218b7229f981ba4d0d30b4b56f323f35f5e95e758f39e74ddec697a5b73eaf35044cce59cf8f6e044d0c7ab7d7308b7bbc271c7dd7ea1194befa4c39ad46febbd2c048e6f55f2cd9a19e9d7a1afa8df35be1b0f35b43fb9268be98b22ab3ec41e5991fc2c9ed2e9b2c4099dfd1033baee33ee9b88ae21c0edd4d0a5bdf0217c8dbecc0dc93840c716c06d1f94873c62df2223b176e4e58d375aba83e3c56380576a9587a1998de03129ad9f45f48bb72c31bcb4e0bec0e4d861b3787c93c8886fda3a607d5c054a02b4b6e2885518d3812740584423c66f52be0a5cac97b45bcd0ac75086843dae508b2476225d71e0318a0aec74d11617e8c4cd87d63b9d383e2b7c1570bf355f8584b76036ba8fea04f8a2ffb2d137447ee5c776c33b74436805cfa4c8aba23ebc90499298f6aa2a63e933ec34a4800e2349e8f38c22b4125e7dc9d71656b0ec7557241029f23f9166763381479f77a44e79a46bdbfa8b6cc10f60556e367e4026c8eb94c64ae48aa8b9008d85e85a89d0cd3577371117b1117393b83d27d7c77ee33106a5d2f21d4586b536341d71f9d8225250908124ceab1d25e32da302f8bbd1247eb7938399f8b6a47ba05344ee90328293085b68b9d990c8b05d7c99a66a63c951bac67eedfcd1731f7fa4116cbc13d49acff42ced0f2b2738d2fe375be514b2d88379b7e0c05240ddbf526edcb89259bf00cea6a409a84b79f5b5aa4119718fe92980007ce538a8b1cf313fd112b4f4de21ec75e839c7b7cd39180bd70351416f060c2069d43c6696901e38f479d08a692190a5b56f18803e3739241dafde5e2edee51f75f0e3ba3dc1fdf39b33d7b7351137db12aa1d98d3196243487759c5fa5effeeeacb57f7b8490dab5b2c8f424707b03e35ce759e9c867bc89e599879b3ea3fc8d374833a7037de4122b622a6ccdb15bdb04a4a15248b26ea0c13c2f9f3003961598cc72d5a986d5d2983a45d4629f658a1f289b2d119723df6b39acf80a33b1656ecc82c505f7e3d877b3a098741dc430cabc9df3d58c06b282c293368210c560b1033dd9d1db78c6eb5a098969de6fa0f4b55d9e1774d33a00565319eb48c86d3d6c55d2b38b69a82a2cce90b7df20970572099260ed57c4285c8967d3439c0f7107a1ffbf0ff885e960daeed07ba68ee749c8ded1bcdcd89809e46acc69270d63f7905f50f4d510ce17d65346a7b1d5ea06cf82afcf65c7920eb38eef0a022e00a4d1c4ba451a6c12e3fcf8835d34256f09afbbf63ec4b68eb7622da3db2dba11e0161d2410689ece7418b06d69f5227513d5b50c7e7cbb77ada32d0be1ba624267dcc5dc403cb3886b72dd5ee8ba52269ed1d9b9116ad83f16f3923910e80015bf21737b973fb0dc4e9120791baed28ca7f806a783645bb6aad41af5933f9889260ff135bc9ba444a7e79c4ea46db022835170b411faf4740da1e502a217ff2c6efd17a34bb3cc4d288f839fa1c4560649e76bba7d15d04e66b1ea4d2fbdf0641cb4018ca20413856596366716026cf2238b2f2fa275b6d7349e63166bf9b2840b4794c408aaa851bd95e477b6d37797f8bf3faabba8f6b7d71668eb56af80296491ec85c3cc86f2d14ca59db65895ba7c21a5563af29a9136faed595553c169357318cdd9ce0c53876e0446ae2674aba9f3f990c652339ca45706aebf614420a0b7a1c4dbb82fe8e310f44089a2d5141be50e5c0074b43924bb18cd4dc76717a60a667a83c72d91333b641d4cf434e76f98e9db3821255a53d9cfc465a8e61ab04f0b848b959fcde11791dc417e444d2a8858a3946d5ce0644727afd4ba068ca568fb0789e4833ec9d20484682c3717c79c0eaec71b1ef5ea2089c751072322890efd539e459d83feff25f8015088bcf200898d936486d6289c28573c76b360300d5cfa98696110e0bdf831861cfe67d1a95f09a732aafeb4d7812d301400e3edcb62bb1453c3138677de381bedb4f222f6f2d9dd87e4e38c491fe929b5d9ad6c7bd0b55ec0ec0b7c15cb68ffd43b0b220444d5aaa2561637f23a7d7dab9a7c4bf944fe75e7205b6307adae60854b5af03357713a934a3eac61f00e52a7b389e5e0af53767c9798261d4e75f1632660b75200a53f4a55e50350df3f3b0716250d7ccd0a43c6ef9973144739b9981df9e0754b7a01370d3d610e138386b3b0ac29e05498e057e5b8534196005a36e0956e8f220c6252239a225c1b256c7831e6494b07a5ee87e75d870a9995762383db2a9fb670c7fa0c385809e4c937a9e9aebcf346461937a93ecdb4eadcb4fca946c1a0b16ef59cdd6eb2c5c09a5985495d54f94caacd638fd37e487732e1962a4adb5975efd0e49229c560c4fdf60c41d1a62483a4dde11d4a89b2b035fb96b80d288b9b732b05a81099df3c3762a2584652c6d85d70430413bc1c69e140e543933b7ba3f0976c9f0761dbf2f44de0bebffcdcb91b4db1961b7b520fa656e8623fab8b36ea46110dce831366a3c9c2dc5be3d01fea734b9ddd4307977d65bfa2b018f70d935c876393f079b3069b0db8bea1923a2732312ff04e654e9d365bc7dc91384c551d94810a737c1ee3c7c14e86afc509b5d39ff366d586796819915fa18f33164fc703e24b3756df0f3e5c3e441a2614321657b7ed4ff9d626377bf7143715a6eaa376181d75e564bf96bb795ebfbca84b5388cba740c74a38c690ad00e9639803b5dc696a03f80fc83a14b8b359c8ad14356e688128fb58c65e8eb943d23fa2271964c735e6a209ecbcbf06e80a758633ec9c2688de8210b244511a39efa1d07f801b31b8eb4d39aa0541d9316e9e26b8546a70157f30140ed202e2d1a6ffb696a322a512549b3b396c3095cebb8c4085ab221c89e45e7c667804de0e6038a5ca8cd951d5df8d751528f03beea95df5737a8cd2d6ab9e18139bd658a8f2090374ca7c6fcc524e63a", 0xffb, 0x6}], 0x0, 0x0) 11:12:24 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000def4655f000000000000000001000000000000000b0000000004000008000000d2c20100120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e32313538333830363200"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000efdd79b7c3654313ac0cec53e79dcbaf010040000c00000000000000def4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000000000000000000000000000000004", 0x35, 0x540}, {&(0x7f0000010300)="03", 0x1, 0x640}, {&(0x7f0000010400)="03000000040000000500000017000f000300040000000000000000000f008551", 0x20, 0x800}, {&(0x7f0000010e00)="ed41000000040000def4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1800}], 0x0, &(0x7f0000013800)) 11:12:24 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x202000, 0x0) pread64(r0, &(0x7f00000000c0)=""/224, 0xe0, 0xe00000000000) 11:12:24 executing program 2: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, &(0x7f00000000c0)={0x7}, 0x7) fcntl$setpipe(r0, 0x407, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 11:12:24 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={[{@sb}]}) 11:12:24 executing program 4: mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) [ 121.824703] No source specified [ 121.835573] loop7: detected capacity change from 0 to 1024 [ 121.839311] loop0: detected capacity change from 0 to 8 11:12:25 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) fcntl$lock(r0, 0x20, 0x0) 11:12:25 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={[{@sb}]}) [ 121.871900] EXT4-fs error (device loop7): ext4_quota_enable:7134: inode #3: comm syz-executor.7: iget: special inode unallocated [ 121.885440] EXT4-fs error (device loop7): ext4_quota_enable:7136: comm syz-executor.7: Bad quota inode: 3, type: 0 11:12:25 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x202000, 0x0) pread64(r0, &(0x7f00000000c0)=""/224, 0xe0, 0xe00000000000) [ 121.897989] EXT4-fs warning (device loop7): ext4_enable_quotas:7174: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 121.909098] EXT4-fs (loop7): mount failed 11:12:25 executing program 2: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, &(0x7f00000000c0)={0x7}, 0x7) fcntl$setpipe(r0, 0x407, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 11:12:25 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) fcntl$lock(r0, 0x20, 0x0) 11:12:25 executing program 0: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x9, 0x0, 0x2016}}}, 0x7) kexec_load(0x0, 0x0, 0x0, 0x0) 11:12:25 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x44) [ 122.007387] No source specified [ 122.069082] kmemleak: Found object by alias at 0x607f1a637ef4 [ 122.069102] CPU: 1 UID: 0 PID: 3927 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 122.069125] Tainted: [W]=WARN [ 122.069129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.069137] Call Trace: [ 122.069142] [ 122.069147] dump_stack_lvl+0xca/0x120 [ 122.069180] __lookup_object+0x94/0xb0 [ 122.069200] delete_object_full+0x27/0x70 [ 122.069217] free_percpu+0x30/0x1160 [ 122.069235] ? arch_uprobe_clear_state+0x16/0x140 [ 122.069256] futex_hash_free+0x38/0xc0 [ 122.069272] mmput+0x2d3/0x390 [ 122.069291] do_exit+0x79d/0x2970 [ 122.069305] ? signal_wake_up_state+0x85/0x120 [ 122.069322] ? zap_other_threads+0x2b9/0x3a0 [ 122.069338] ? __pfx_do_exit+0x10/0x10 [ 122.069351] ? do_group_exit+0x1c3/0x2a0 [ 122.069365] ? lock_release+0xc8/0x290 [ 122.069383] do_group_exit+0xd3/0x2a0 [ 122.069398] __x64_sys_exit_group+0x3e/0x50 [ 122.069413] x64_sys_call+0x18c5/0x18d0 [ 122.069429] do_syscall_64+0xbf/0x360 [ 122.069443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.069455] RIP: 0033:0x7fa13fa28b19 [ 122.069464] Code: Unable to access opcode bytes at 0x7fa13fa28aef. [ 122.069469] RSP: 002b:00007ffe17138de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.069481] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fa13fa28b19 [ 122.069489] RDX: 00007fa13f9db72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 122.069497] RBP: 0000000000000000 R08: 0000001b2d6213f4 R09: 0000000000000000 [ 122.069504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 122.069511] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe17138ed0 [ 122.069527] [ 122.069531] kmemleak: Object (percpu) 0x607f1a637ef0 (size 8): [ 122.069538] kmemleak: comm "syz-executor.3", pid 3933, jiffies 4294788898 [ 122.069545] kmemleak: min_count = 1 [ 122.069549] kmemleak: count = 0 [ 122.069553] kmemleak: flags = 0x21 [ 122.069557] kmemleak: checksum = 0 [ 122.069561] kmemleak: backtrace: [ 122.069565] pcpu_alloc_noprof+0x87a/0x1170 [ 122.069581] perf_trace_event_init+0x366/0xa10 [ 122.069595] perf_trace_init+0x1a4/0x2f0 [ 122.069612] perf_tp_event_init+0xa6/0x120 [ 122.069629] perf_try_init_event+0x140/0x9f0 [ 122.069643] perf_event_alloc.part.0+0x118e/0x45f0 [ 122.069661] __do_sys_perf_event_open+0x719/0x2c20 [ 122.069674] do_syscall_64+0xbf/0x360 [ 122.069684] entry_SYSCALL_64_after_hwframe+0x77/0x7f 11:12:25 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) fcntl$lock(r0, 0x20, 0x0) 11:12:25 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x202000, 0x0) pread64(r0, &(0x7f00000000c0)=""/224, 0xe0, 0xe00000000000) 11:12:25 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000def4655f000000000000000001000000000000000b0000000004000008000000d2c20100120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e32313538333830363200"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000efdd79b7c3654313ac0cec53e79dcbaf010040000c00000000000000def4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000000000000000000000000000000004", 0x35, 0x540}, {&(0x7f0000010300)="03", 0x1, 0x640}, {&(0x7f0000010400)="03000000040000000500000017000f000300040000000000000000000f008551", 0x20, 0x800}, {&(0x7f0000010e00)="ed41000000040000def4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1800}], 0x0, &(0x7f0000013800)) 11:12:25 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={[{@sb}]}) 11:12:25 executing program 0: ioprio_set$pid(0x2, 0x0, 0x4007) clone3(&(0x7f0000001fc0)={0x100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 11:12:25 executing program 2: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, &(0x7f00000000c0)={0x7}, 0x7) fcntl$setpipe(r0, 0x407, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 11:12:25 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) fcntl$lock(r0, 0x20, 0x0) 11:12:25 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r0, &(0x7f0000000000)=ANY=[], 0x6) recvmmsg(r0, &(0x7f0000002500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) [ 122.201424] loop7: detected capacity change from 0 to 1024 [ 122.223035] No source specified 11:12:25 executing program 0: ioprio_set$pid(0x2, 0x0, 0x4007) clone3(&(0x7f0000001fc0)={0x100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 11:12:25 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x202000, 0x0) pread64(r0, &(0x7f00000000c0)=""/224, 0xe0, 0xe00000000000) [ 122.251524] EXT4-fs error (device loop7): ext4_quota_enable:7134: inode #3: comm syz-executor.7: iget: special inode unallocated [ 122.264821] EXT4-fs error (device loop7): ext4_quota_enable:7136: comm syz-executor.7: Bad quota inode: 3, type: 0 [ 122.269687] EXT4-fs warning (device loop7): ext4_enable_quotas:7174: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. 11:12:25 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) fcntl$lock(r0, 0x20, 0x0) [ 122.287162] EXT4-fs (loop7): mount failed 11:12:25 executing program 6: rseq(&(0x7f0000000180), 0x20, 0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 11:12:25 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)={0x20, 0x5e, 0x101, 0x0, 0x0, "", [@nested={0xd, 0x0, 0x0, 0x1, [@generic="9c6b47272c98c038e6"]}]}, 0x20}], 0x1}, 0x0) 11:12:25 executing program 2: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, &(0x7f00000000c0)={0x7}, 0x7) fcntl$setpipe(r0, 0x407, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 11:12:25 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) fcntl$lock(r0, 0x20, 0x0) [ 122.352909] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 122.359235] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 11:12:25 executing program 6: mmap$IORING_OFF_CQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x12c253965cc1e678, 0xffffffffffffffff, 0x8000000) 11:12:25 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000def4655f000000000000000001000000000000000b0000000004000008000000d2c20100120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e32313538333830363200"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000efdd79b7c3654313ac0cec53e79dcbaf010040000c00000000000000def4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000000000000000000000000000000004", 0x35, 0x540}, {&(0x7f0000010300)="03", 0x1, 0x640}, {&(0x7f0000010400)="03000000040000000500000017000f000300040000000000000000000f008551", 0x20, 0x800}, {&(0x7f0000010e00)="ed41000000040000def4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1800}], 0x0, &(0x7f0000013800)) 11:12:25 executing program 1: arch_prctl$ARCH_SET_GS(0x1001, &(0x7f0000000000)) arch_prctl$ARCH_SET_GS(0x1001, &(0x7f0000000040)) arch_prctl$ARCH_SET_GS(0x1001, &(0x7f0000000080)) arch_prctl$ARCH_SET_GS(0x1001, &(0x7f00000000c0)) arch_prctl$ARCH_SET_GS(0x1001, &(0x7f0000000100)) prctl$PR_SET_THP_DISABLE(0x29, 0x1) arch_prctl$ARCH_SET_GS(0x1001, &(0x7f0000000140)) arch_prctl$ARCH_SET_GS(0x1001, &(0x7f0000000180)) prctl$PR_SET_THP_DISABLE(0x29, 0x0) arch_prctl$ARCH_SET_GS(0x1001, &(0x7f00000001c0)) arch_prctl$ARCH_SET_GS(0x1001, &(0x7f0000000200)) r0 = fork() ptrace(0x8, r0) ioctl$SG_SET_FORCE_PACK_ID(0xffffffffffffffff, 0x227b, &(0x7f00000002c0)=0x1) waitid$P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000580), 0x2, &(0x7f0000000600)) 11:12:25 executing program 0: ioprio_set$pid(0x2, 0x0, 0x4007) clone3(&(0x7f0000001fc0)={0x100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 11:12:25 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)={0x20, 0x5e, 0x101, 0x0, 0x0, "", [@nested={0xd, 0x0, 0x0, 0x1, [@generic="9c6b47272c98c038e6"]}]}, 0x20}], 0x1}, 0x0) [ 122.472240] loop7: detected capacity change from 0 to 1024 11:12:25 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x800}], 0x0, &(0x7f0000000040)) [ 122.490428] EXT4-fs error (device loop7): ext4_quota_enable:7134: inode #3: comm syz-executor.7: iget: special inode unallocated [ 122.492099] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 122.494113] EXT4-fs error (device loop7): ext4_quota_enable:7136: comm syz-executor.7: Bad quota inode: 3, type: 0 [ 122.496813] EXT4-fs warning (device loop7): ext4_enable_quotas:7174: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 122.500581] EXT4-fs (loop7): mount failed [ 122.505170] loop5: detected capacity change from 0 to 8 11:12:25 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x1, &(0x7f0000000200)=[&(0x7f0000ffd000/0x2000)=nil], &(0x7f0000000240)=[0x400, 0x0, 0x0], &(0x7f0000000280), 0x0) 11:12:25 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14}, 0x14}}, 0x40) sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x14, 0x6, 0x1, 0x5}, 0x14}}, 0x0) [ 122.528360] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 11:12:25 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) syncfs(r0) [ 122.537951] loop5: detected capacity change from 0 to 8 [ 122.556579] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 11:12:25 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)={0x20, 0x5e, 0x101, 0x0, 0x0, "", [@nested={0xd, 0x0, 0x0, 0x1, [@generic="9c6b47272c98c038e6"]}]}, 0x20}], 0x1}, 0x0) 11:12:25 executing program 0: ioprio_set$pid(0x2, 0x0, 0x4007) clone3(&(0x7f0000001fc0)={0x100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 122.598526] kmemleak: Found object by alias at 0x607f1a637ef4 [ 122.598549] CPU: 0 UID: 0 PID: 3989 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 122.598568] Tainted: [W]=WARN [ 122.598572] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.598579] Call Trace: [ 122.598583] [ 122.598588] dump_stack_lvl+0xca/0x120 [ 122.598619] __lookup_object+0x94/0xb0 [ 122.598637] delete_object_full+0x27/0x70 [ 122.598653] free_percpu+0x30/0x1160 [ 122.598670] ? arch_uprobe_clear_state+0x16/0x140 [ 122.598691] futex_hash_free+0x38/0xc0 [ 122.598706] mmput+0x2d3/0x390 [ 122.598725] do_exit+0x79d/0x2970 [ 122.598743] ? __pfx_do_exit+0x10/0x10 [ 122.598757] ? find_held_lock+0x2b/0x80 [ 122.598776] ? get_signal+0x835/0x2340 [ 122.598797] do_group_exit+0xd3/0x2a0 [ 122.598812] get_signal+0x2315/0x2340 [ 122.598830] ? put_task_stack+0xd2/0x240 [ 122.598845] ? __pfx_get_signal+0x10/0x10 [ 122.598862] ? __schedule+0xe91/0x3590 [ 122.598883] arch_do_signal_or_restart+0x80/0x790 [ 122.598900] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 122.598917] ? __x64_sys_futex+0x1c9/0x4d0 [ 122.598930] ? __x64_sys_futex+0x1d2/0x4d0 [ 122.598944] ? fput_close_sync+0x114/0x240 [ 122.598961] ? __pfx___x64_sys_futex+0x10/0x10 [ 122.598973] ? __pfx_fput_close_sync+0x10/0x10 [ 122.598989] ? dnotify_flush+0x79/0x4c0 [ 122.599006] exit_to_user_mode_loop+0x8b/0x110 [ 122.599019] do_syscall_64+0x2f7/0x360 [ 122.599032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.599044] RIP: 0033:0x7fa13fa28b19 [ 122.599054] Code: Unable to access opcode bytes at 0x7fa13fa28aef. [ 122.599059] RSP: 002b:00007fa13cf9e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.599071] RAX: 0000000000000001 RBX: 00007fa13fb3bf68 RCX: 00007fa13fa28b19 [ 122.599078] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa13fb3bf6c [ 122.599085] RBP: 00007fa13fb3bf60 R08: 0000000000000016 R09: 0000000000000000 [ 122.599092] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fa13fb3bf6c [ 122.599100] R13: 00007ffe17138bbf R14: 00007fa13cf9e300 R15: 0000000000022000 [ 122.599115] [ 122.599119] kmemleak: Object (percpu) 0x607f1a637ef0 (size 8): [ 122.599126] kmemleak: comm "syz-executor.5", pid 3989, jiffies 4294789360 [ 122.599133] kmemleak: min_count = 1 [ 122.599137] kmemleak: count = 0 [ 122.599140] kmemleak: flags = 0x21 [ 122.599144] kmemleak: checksum = 0 [ 122.599148] kmemleak: backtrace: [ 122.599152] pcpu_alloc_noprof+0x87a/0x1170 [ 122.599167] __alloc_workqueue+0x74b/0x1820 [ 122.599186] alloc_workqueue_noprof+0xc7/0x200 [ 122.599195] loop_configure+0xf73/0x1590 [ 122.599210] lo_ioctl+0x66d/0x1c70 [ 122.599223] blkdev_ioctl+0x27c/0x6c0 [ 122.599234] __x64_sys_ioctl+0x18f/0x210 [ 122.599249] do_syscall_64+0xbf/0x360 [ 122.599259] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.634941] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 11:12:25 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = open$dir(&(0x7f0000000480)='./file0\x00', 0x0, 0x0) rmdir(&(0x7f0000000000)='./file0\x00') openat$incfs(r0, &(0x7f0000000040)='.log\x00', 0x0, 0x0) 11:12:25 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x1, &(0x7f0000000200)=[&(0x7f0000ffd000/0x2000)=nil], &(0x7f0000000240)=[0x400, 0x0, 0x0], &(0x7f0000000280), 0x0) 11:12:25 executing program 5: syz_mount_image$ext4(&(0x7f0000002580)='ext2\x00', &(0x7f00000025c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@journal_path={'journal_path', 0x2c, './file0'}}]}) 11:12:25 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) r2 = dup2(r1, r0) write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x2e) 11:12:25 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)={0x20, 0x5e, 0x101, 0x0, 0x0, "", [@nested={0xd, 0x0, 0x0, 0x1, [@generic="9c6b47272c98c038e6"]}]}, 0x20}], 0x1}, 0x0) [ 122.777676] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI [ 122.778525] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 122.779138] CPU: 0 UID: 0 PID: 4006 Comm: syz-executor.1 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 122.780390] Tainted: [W]=WARN [ 122.780839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.782364] RIP: 0010:perf_tp_event+0x175/0xe70 [ 122.783381] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 122.787628] RSP: 0018:ffff888046e07800 EFLAGS: 00010212 [ 122.788710] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 122.789275] RDX: ffff8880464ab700 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 122.789818] RBP: ffff888046e07a70 R08: ffff88806ce31340 R09: ffffe8ffffc0fef0 [ 122.790345] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 122.790872] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 122.791404] FS: 000055558acdd400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 122.792002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.792432] CR2: 0000555567747708 CR3: 0000000046921000 CR4: 0000000000350ef0 [ 122.792963] Call Trace: [ 122.793159] [ 122.793335] ? arch_scale_cpu_capacity+0x17/0xa0 [ 122.793705] ? __pfx_perf_tp_event+0x10/0x10 [ 122.794039] ? __asan_memset+0x24/0x50 [ 122.794349] ? trace_sched_set_need_resched_tp+0xd4/0x110 [ 122.794766] ? __resched_curr+0x2a2/0x330 [ 122.795082] ? __pfx___resched_curr+0x10/0x10 [ 122.795428] ? perf_trace_run_bpf_submit+0xef/0x180 [ 122.795835] perf_trace_run_bpf_submit+0xef/0x180 [ 122.796202] perf_trace_lock+0x337/0x5d0 [ 122.796515] ? __pfx_perf_trace_lock+0x10/0x10 [ 122.796864] ? lock_acquire+0x15e/0x2f0 [ 122.797168] ? futex_ref_get+0x48/0x300 [ 122.797467] ? futex_ref_get+0x114/0x300 [ 122.797772] ? futex_hash+0x15c/0x390 [ 122.798059] lock_release+0x1ab/0x290 [ 122.798349] ? futex_hash+0x15c/0x390 [ 122.798637] futex_ref_get+0x119/0x300 [ 122.798930] ? futex_hash+0x15c/0x390 [ 122.799215] futex_hash+0x70/0x390 [ 122.799488] futex_wake+0x143/0x540 [ 122.799776] ? find_held_lock+0x2b/0x80 [ 122.800081] ? __pfx_futex_wake+0x10/0x10 [ 122.800398] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 122.800789] ? finish_task_switch.isra.0+0x206/0x840 [ 122.801175] do_futex+0x26d/0x370 [ 122.801446] ? __pfx_do_futex+0x10/0x10 [ 122.801750] ? __pfx___schedule+0x10/0x10 [ 122.802067] __x64_sys_futex+0x1c9/0x4d0 [ 122.802375] ? __pfx___x64_sys_futex+0x10/0x10 [ 122.802721] ? xfd_validate_state+0x55/0x180 [ 122.803062] do_syscall_64+0xbf/0x360 [ 122.803351] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.803748] RIP: 0033:0x7fe54ea74b19 [ 122.804027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.805355] RSP: 002b:00007ffc127ace68 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.805913] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe54ea74b19 [ 122.806435] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe54eb87f68 [ 122.806960] RBP: 00007fe54eb87f60 R08: 00007fe54bfea700 R09: 0000000000000000 [ 122.807483] R10: 00007fe54bfea700 R11: 0000000000000246 R12: 00007fe54eb8c0e8 [ 122.808012] R13: 00007ffc127acf70 R14: 00007fe54eb87f60 R15: 000000000001df2a [ 122.808545] [ 122.808724] Modules linked in: [ 122.808995] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI [ 122.809805] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 122.810360] CPU: 0 UID: 0 PID: 4006 Comm: syz-executor.1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 122.811234] Tainted: [D]=DIE, [W]=WARN [ 122.811520] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.812129] RIP: 0010:perf_tp_event+0x175/0xe70 [ 122.812482] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 122.813803] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012 [ 122.814194] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 122.814715] RDX: ffff8880464ab700 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 122.815235] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc0fef0 [ 122.815766] R10: 0000000000000000 R11: 746e756f63716573 R12: dffffc0000000000 [ 122.816284] R13: 000000000000002c R14: ffff88806ce31490 R15: dffffc0000000000 [ 122.816810] FS: 000055558acdd400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 122.817396] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.817826] CR2: 0000555567747708 CR3: 0000000046921000 CR4: 0000000000350ef0 [ 122.818349] Call Trace: [ 122.818545] [ 122.818718] ? __pfx_perf_tp_event+0x10/0x10 [ 122.819053] ? perf_trace_lock+0xb5/0x5d0 [ 122.819365] ? __pfx_perf_trace_lock+0x10/0x10 [ 122.819711] ? trace_rcu_utilization+0x26/0x190 [ 122.820072] ? rcu_sched_clock_irq+0x7a0/0x2b40 [ 122.820424] ? perf_trace_lock+0xb5/0x5d0 [ 122.820740] ? __pfx_perf_trace_lock+0x10/0x10 [ 122.821088] ? lock_acquire+0x15e/0x2f0 [ 122.821390] ? perf_trace_run_bpf_submit+0xef/0x180 [ 122.821766] perf_trace_run_bpf_submit+0xef/0x180 [ 122.822132] perf_trace_lock+0x337/0x5d0 [ 122.822440] ? __pfx_perf_trace_lock+0x10/0x10 [ 122.822789] ? find_held_lock+0x2b/0x80 [ 122.823093] ? hrtimer_interrupt+0x114/0x830 [ 122.823423] lock_release+0x1ab/0x290 [ 122.823723] ktime_get_update_offsets_now+0xab/0x3c0 [ 122.824104] ? hrtimer_interrupt+0x114/0x830 [ 122.824434] ? __pfx_lapic_next_deadline+0x10/0x10 [ 122.824808] hrtimer_interrupt+0x114/0x830 [ 122.825128] __sysvec_apic_timer_interrupt+0xbb/0x330 [ 122.825516] sysvec_apic_timer_interrupt+0x6b/0x80 [ 122.825886] [ 122.826058] [ 122.826230] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 122.826622] RIP: 0010:oops_exit+0x0/0x50 [ 122.826931] Code: 00 3a 00 be ff ff ff ff 48 c7 c7 50 b4 43 86 e8 c6 0f f9 ff 5b e9 50 00 3a 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 36 00 3a 00 8b 1d c0 3d 4f 06 31 ff 89 de e8 57 [ 122.828257] RSP: 0018:ffff888046e07690 EFLAGS: 00000202 [ 122.828651] RAX: 0000000000000000 RBX: 0000000000000293 RCX: ffffffff8139f06f [ 122.829170] RDX: ffff8880464ab700 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 122.829694] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f12690 [ 122.830213] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888046e07758 [ 122.830735] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000 [ 122.831258] ? add_taint+0x5f/0xd0 [ 122.831530] ? oops_end+0x4a/0xe0 [ 122.831809] oops_end+0x65/0xe0 [ 122.832067] exc_general_protection+0x1a2/0x330 [ 122.832421] asm_exc_general_protection+0x26/0x30 [ 122.832782] RIP: 0010:perf_tp_event+0x175/0xe70 [ 122.833132] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 122.834449] RSP: 0018:ffff888046e07800 EFLAGS: 00010212 [ 122.834843] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 122.835362] RDX: ffff8880464ab700 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 122.835891] RBP: ffff888046e07a70 R08: ffff88806ce31340 R09: ffffe8ffffc0fef0 [ 122.836412] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 122.836934] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 122.837458] ? perf_tp_event+0x167/0xe70 [ 122.837771] ? arch_scale_cpu_capacity+0x17/0xa0 [ 122.838129] ? __pfx_perf_tp_event+0x10/0x10 [ 122.838463] ? __asan_memset+0x24/0x50 [ 122.838770] ? trace_sched_set_need_resched_tp+0xd4/0x110 [ 122.839180] ? __resched_curr+0x2a2/0x330 [ 122.839495] ? __pfx___resched_curr+0x10/0x10 [ 122.839846] ? perf_trace_run_bpf_submit+0xef/0x180 [ 122.840219] perf_trace_run_bpf_submit+0xef/0x180 [ 122.840587] perf_trace_lock+0x337/0x5d0 [ 122.840895] ? __pfx_perf_trace_lock+0x10/0x10 [ 122.841240] ? lock_acquire+0x15e/0x2f0 [ 122.841541] ? futex_ref_get+0x48/0x300 [ 122.841840] ? futex_ref_get+0x114/0x300 [ 122.842141] ? futex_hash+0x15c/0x390 [ 122.842427] lock_release+0x1ab/0x290 [ 122.842724] ? futex_hash+0x15c/0x390 [ 122.843010] futex_ref_get+0x119/0x300 [ 122.843306] ? futex_hash+0x15c/0x390 [ 122.843592] futex_hash+0x70/0x390 [ 122.843871] futex_wake+0x143/0x540 [ 122.844152] ? find_held_lock+0x2b/0x80 [ 122.844491] ? __pfx_futex_wake+0x10/0x10 [ 122.844840] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 122.845268] ? finish_task_switch.isra.0+0x206/0x840 [ 122.845693] do_futex+0x26d/0x370 [ 122.845983] ? __pfx_do_futex+0x10/0x10 [ 122.846332] ? __pfx___schedule+0x10/0x10 [ 122.846709] __x64_sys_futex+0x1c9/0x4d0 [ 122.847075] ? __pfx___x64_sys_futex+0x10/0x10 [ 122.847488] ? xfd_validate_state+0x55/0x180 [ 122.847885] do_syscall_64+0xbf/0x360 [ 122.848216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.848675] RIP: 0033:0x7fe54ea74b19 [ 122.849001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.850615] RSP: 002b:00007ffc127ace68 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.851244] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe54ea74b19 [ 122.851886] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe54eb87f68 [ 122.852506] RBP: 00007fe54eb87f60 R08: 00007fe54bfea700 R09: 0000000000000000 [ 122.853102] R10: 00007fe54bfea700 R11: 0000000000000246 R12: 00007fe54eb8c0e8 [ 122.853718] R13: 00007ffc127acf70 R14: 00007fe54eb87f60 R15: 000000000001df2a [ 122.854335] [ 122.854542] Modules linked in: [ 122.854831] ---[ end trace 0000000000000000 ]--- [ 122.855260] RIP: 0010:perf_tp_event+0x175/0xe70 [ 122.855681] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 122.857265] RSP: 0018:ffff888046e07800 EFLAGS: 00010212 [ 122.857745] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 122.858356] RDX: ffff8880464ab700 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 122.858978] RBP: ffff888046e07a70 R08: ffff88806ce31340 R09: ffffe8ffffc0fef0 [ 122.859631] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 122.860248] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 122.860845] FS: 000055558acdd400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 122.861561] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.862074] CR2: 0000555567747708 CR3: 0000000046921000 CR4: 0000000000350ef0 [ 122.862716] Kernel panic - not syncing: Fatal exception in interrupt [ 122.863503] Kernel Offset: disabled [ 122.863833] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 11:12:26 Registers: info registers vcpu 0 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888046e070f0 R8 =0000000000000000 R9 =ffffed10016d3046 R10=0000000000000034 R11=0000000065646f43 R12=0000000000000034 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055558acdd400 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe0100000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000555567747708 CR3=0000000046921000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fe54eb5b7c000007fe54eb5b7c8 XMM02=00007fe54eb5b7e000007fe54eb5b7c0 XMM03=00007fe54eb5b7c800007fe54eb5b7c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff87862c40 RBX=ffffffff886f1708 RCX=ffffffff8143cbea RDX=0000607f1a655e00 RSI=0000000000000001 RDI=fbfbfbfbfbfbfbfb RBP=fbfbfbfbfbfbfbfb RSP=ffff88800f48fd98 R8 =0000000000000000 R9 =ffffed1001d95300 R10=ffff88800eca9807 R11=1ffff1100d9e6f7b R12=ffffffff886bd780 R13=ffffffff886f1708 R14=ffff88800eced280 R15=0000000000000086 RIP=ffffffff81b35544 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe7400000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2cf21000 CR3=0000000045b40000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000