Warning: Permanently added '[localhost]:7564' (ECDSA) to the list of known hosts. 2025/09/01 12:05:26 fuzzer started 2025/09/01 12:05:27 dialing manager at localhost:35473 syzkaller login: [ 52.229652] cgroup: Unknown subsys name 'net' [ 52.518072] cgroup: Unknown subsys name 'cpuset' [ 52.582397] cgroup: Unknown subsys name 'rlimit' 2025/09/01 12:05:37 syscalls: 2214 2025/09/01 12:05:37 code coverage: enabled 2025/09/01 12:05:37 comparison tracing: enabled 2025/09/01 12:05:37 extra coverage: enabled 2025/09/01 12:05:37 setuid sandbox: enabled 2025/09/01 12:05:37 namespace sandbox: enabled 2025/09/01 12:05:37 Android sandbox: enabled 2025/09/01 12:05:37 fault injection: enabled 2025/09/01 12:05:37 leak checking: enabled 2025/09/01 12:05:37 net packet injection: enabled 2025/09/01 12:05:37 net device setup: enabled 2025/09/01 12:05:37 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 12:05:37 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 12:05:37 USB emulation: enabled 2025/09/01 12:05:37 hci packet injection: enabled 2025/09/01 12:05:37 wifi device emulation: enabled 2025/09/01 12:05:37 802.15.4 emulation: enabled 2025/09/01 12:05:37 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 12:05:37 fetching corpus: 50, signal 24114/27609 (executing program) 2025/09/01 12:05:37 fetching corpus: 100, signal 37669/42496 (executing program) 2025/09/01 12:05:37 fetching corpus: 150, signal 44396/50557 (executing program) 2025/09/01 12:05:38 fetching corpus: 200, signal 49059/56515 (executing program) 2025/09/01 12:05:38 fetching corpus: 250, signal 53709/62366 (executing program) 2025/09/01 12:05:38 fetching corpus: 300, signal 57618/67460 (executing program) 2025/09/01 12:05:38 fetching corpus: 350, signal 60706/71722 (executing program) 2025/09/01 12:05:38 fetching corpus: 400, signal 65373/77322 (executing program) 2025/09/01 12:05:38 fetching corpus: 450, signal 69999/82801 (executing program) 2025/09/01 12:05:38 fetching corpus: 500, signal 72900/86715 (executing program) 2025/09/01 12:05:38 fetching corpus: 550, signal 77123/91703 (executing program) 2025/09/01 12:05:38 fetching corpus: 600, signal 79365/94860 (executing program) 2025/09/01 12:05:38 fetching corpus: 650, signal 81619/97979 (executing program) 2025/09/01 12:05:38 fetching corpus: 700, signal 84738/101769 (executing program) 2025/09/01 12:05:39 fetching corpus: 750, signal 86775/104580 (executing program) 2025/09/01 12:05:39 fetching corpus: 800, signal 89102/107624 (executing program) 2025/09/01 12:05:39 fetching corpus: 850, signal 90791/110078 (executing program) 2025/09/01 12:05:39 fetching corpus: 900, signal 92671/112625 (executing program) 2025/09/01 12:05:39 fetching corpus: 950, signal 93823/114564 (executing program) 2025/09/01 12:05:39 fetching corpus: 1000, signal 95658/117052 (executing program) 2025/09/01 12:05:39 fetching corpus: 1050, signal 97733/119697 (executing program) 2025/09/01 12:05:39 fetching corpus: 1100, signal 98869/121553 (executing program) 2025/09/01 12:05:39 fetching corpus: 1150, signal 100071/123409 (executing program) 2025/09/01 12:05:39 fetching corpus: 1200, signal 101560/125511 (executing program) 2025/09/01 12:05:39 fetching corpus: 1250, signal 102592/127187 (executing program) 2025/09/01 12:05:40 fetching corpus: 1300, signal 103319/128615 (executing program) 2025/09/01 12:05:40 fetching corpus: 1350, signal 104509/130406 (executing program) 2025/09/01 12:05:40 fetching corpus: 1400, signal 106351/132634 (executing program) 2025/09/01 12:05:40 fetching corpus: 1450, signal 107924/134661 (executing program) 2025/09/01 12:05:40 fetching corpus: 1500, signal 109190/136393 (executing program) 2025/09/01 12:05:40 fetching corpus: 1550, signal 110616/138294 (executing program) 2025/09/01 12:05:40 fetching corpus: 1600, signal 111317/139585 (executing program) 2025/09/01 12:05:40 fetching corpus: 1650, signal 112250/141046 (executing program) 2025/09/01 12:05:40 fetching corpus: 1700, signal 113889/142927 (executing program) 2025/09/01 12:05:40 fetching corpus: 1750, signal 115451/144718 (executing program) 2025/09/01 12:05:41 fetching corpus: 1800, signal 116386/146074 (executing program) 2025/09/01 12:05:41 fetching corpus: 1850, signal 117244/147377 (executing program) 2025/09/01 12:05:41 fetching corpus: 1900, signal 118114/148733 (executing program) 2025/09/01 12:05:41 fetching corpus: 1950, signal 118996/150045 (executing program) 2025/09/01 12:05:41 fetching corpus: 2000, signal 120195/151493 (executing program) 2025/09/01 12:05:41 fetching corpus: 2050, signal 121639/153127 (executing program) 2025/09/01 12:05:41 fetching corpus: 2100, signal 122857/154561 (executing program) 2025/09/01 12:05:41 fetching corpus: 2150, signal 123930/155985 (executing program) 2025/09/01 12:05:41 fetching corpus: 2200, signal 125225/157436 (executing program) 2025/09/01 12:05:41 fetching corpus: 2250, signal 126088/158559 (executing program) 2025/09/01 12:05:41 fetching corpus: 2300, signal 126705/159579 (executing program) 2025/09/01 12:05:41 fetching corpus: 2350, signal 127398/160653 (executing program) 2025/09/01 12:05:42 fetching corpus: 2400, signal 128400/161884 (executing program) 2025/09/01 12:05:42 fetching corpus: 2450, signal 129173/162959 (executing program) 2025/09/01 12:05:42 fetching corpus: 2500, signal 131241/164648 (executing program) 2025/09/01 12:05:42 fetching corpus: 2550, signal 132007/165644 (executing program) 2025/09/01 12:05:42 fetching corpus: 2600, signal 132462/166487 (executing program) 2025/09/01 12:05:42 fetching corpus: 2650, signal 133059/167382 (executing program) 2025/09/01 12:05:42 fetching corpus: 2700, signal 133709/168373 (executing program) 2025/09/01 12:05:42 fetching corpus: 2750, signal 134462/169348 (executing program) 2025/09/01 12:05:42 fetching corpus: 2800, signal 135134/170226 (executing program) 2025/09/01 12:05:42 fetching corpus: 2850, signal 135991/171247 (executing program) 2025/09/01 12:05:43 fetching corpus: 2900, signal 136513/172036 (executing program) 2025/09/01 12:05:43 fetching corpus: 2950, signal 137072/172845 (executing program) 2025/09/01 12:05:43 fetching corpus: 3000, signal 137912/173791 (executing program) 2025/09/01 12:05:43 fetching corpus: 3050, signal 138578/174636 (executing program) 2025/09/01 12:05:43 fetching corpus: 3100, signal 139315/175458 (executing program) 2025/09/01 12:05:43 fetching corpus: 3150, signal 139832/176224 (executing program) 2025/09/01 12:05:43 fetching corpus: 3200, signal 140411/177014 (executing program) 2025/09/01 12:05:43 fetching corpus: 3250, signal 141017/177835 (executing program) 2025/09/01 12:05:43 fetching corpus: 3300, signal 141477/178496 (executing program) 2025/09/01 12:05:44 fetching corpus: 3350, signal 142082/179232 (executing program) 2025/09/01 12:05:44 fetching corpus: 3400, signal 142703/179965 (executing program) 2025/09/01 12:05:44 fetching corpus: 3450, signal 143493/180716 (executing program) 2025/09/01 12:05:44 fetching corpus: 3500, signal 143994/181477 (executing program) 2025/09/01 12:05:44 fetching corpus: 3550, signal 144656/182174 (executing program) 2025/09/01 12:05:44 fetching corpus: 3600, signal 145025/182814 (executing program) 2025/09/01 12:05:44 fetching corpus: 3650, signal 146289/183646 (executing program) 2025/09/01 12:05:44 fetching corpus: 3700, signal 146821/184273 (executing program) 2025/09/01 12:05:44 fetching corpus: 3750, signal 147381/184931 (executing program) 2025/09/01 12:05:44 fetching corpus: 3800, signal 148045/185522 (executing program) 2025/09/01 12:05:44 fetching corpus: 3850, signal 149800/186309 (executing program) 2025/09/01 12:05:45 fetching corpus: 3900, signal 150151/186850 (executing program) 2025/09/01 12:05:45 fetching corpus: 3950, signal 150927/187429 (executing program) 2025/09/01 12:05:45 fetching corpus: 4000, signal 151509/187985 (executing program) 2025/09/01 12:05:45 fetching corpus: 4050, signal 152371/188564 (executing program) 2025/09/01 12:05:45 fetching corpus: 4100, signal 152770/189068 (executing program) 2025/09/01 12:05:45 fetching corpus: 4150, signal 153191/189550 (executing program) 2025/09/01 12:05:45 fetching corpus: 4200, signal 154152/190200 (executing program) 2025/09/01 12:05:45 fetching corpus: 4250, signal 154639/190679 (executing program) 2025/09/01 12:05:45 fetching corpus: 4300, signal 155255/191157 (executing program) 2025/09/01 12:05:45 fetching corpus: 4350, signal 155663/191628 (executing program) 2025/09/01 12:05:46 fetching corpus: 4400, signal 156139/192070 (executing program) 2025/09/01 12:05:46 fetching corpus: 4450, signal 156609/192523 (executing program) 2025/09/01 12:05:46 fetching corpus: 4500, signal 156985/192923 (executing program) 2025/09/01 12:05:46 fetching corpus: 4550, signal 157384/193378 (executing program) 2025/09/01 12:05:46 fetching corpus: 4600, signal 157827/193786 (executing program) 2025/09/01 12:05:46 fetching corpus: 4650, signal 158374/194164 (executing program) 2025/09/01 12:05:46 fetching corpus: 4700, signal 158999/194598 (executing program) 2025/09/01 12:05:46 fetching corpus: 4750, signal 159371/194962 (executing program) 2025/09/01 12:05:46 fetching corpus: 4800, signal 159838/195058 (executing program) 2025/09/01 12:05:46 fetching corpus: 4850, signal 160368/195061 (executing program) 2025/09/01 12:05:46 fetching corpus: 4900, signal 160677/195064 (executing program) 2025/09/01 12:05:47 fetching corpus: 4950, signal 161341/195095 (executing program) 2025/09/01 12:05:47 fetching corpus: 5000, signal 161649/195098 (executing program) 2025/09/01 12:05:47 fetching corpus: 5050, signal 162048/195111 (executing program) 2025/09/01 12:05:47 fetching corpus: 5100, signal 162524/195114 (executing program) 2025/09/01 12:05:47 fetching corpus: 5150, signal 163034/195195 (executing program) 2025/09/01 12:05:47 fetching corpus: 5200, signal 163508/195196 (executing program) 2025/09/01 12:05:47 fetching corpus: 5250, signal 163919/195203 (executing program) 2025/09/01 12:05:47 fetching corpus: 5300, signal 164398/195205 (executing program) 2025/09/01 12:05:47 fetching corpus: 5350, signal 164776/195211 (executing program) 2025/09/01 12:05:47 fetching corpus: 5400, signal 165444/195221 (executing program) 2025/09/01 12:05:47 fetching corpus: 5450, signal 165716/195229 (executing program) 2025/09/01 12:05:48 fetching corpus: 5500, signal 166068/195238 (executing program) 2025/09/01 12:05:48 fetching corpus: 5550, signal 166368/195267 (executing program) 2025/09/01 12:05:48 fetching corpus: 5600, signal 166742/195270 (executing program) 2025/09/01 12:05:48 fetching corpus: 5650, signal 166973/195282 (executing program) 2025/09/01 12:05:48 fetching corpus: 5700, signal 167352/195332 (executing program) 2025/09/01 12:05:48 fetching corpus: 5750, signal 167755/195332 (executing program) 2025/09/01 12:05:48 fetching corpus: 5800, signal 168288/195399 (executing program) 2025/09/01 12:05:48 fetching corpus: 5850, signal 170128/195401 (executing program) 2025/09/01 12:05:48 fetching corpus: 5900, signal 170382/195403 (executing program) 2025/09/01 12:05:48 fetching corpus: 5950, signal 170772/195406 (executing program) 2025/09/01 12:05:48 fetching corpus: 6000, signal 171187/195454 (executing program) 2025/09/01 12:05:48 fetching corpus: 6050, signal 171544/195468 (executing program) 2025/09/01 12:05:49 fetching corpus: 6100, signal 171928/195493 (executing program) 2025/09/01 12:05:49 fetching corpus: 6150, signal 172303/195498 (executing program) 2025/09/01 12:05:49 fetching corpus: 6200, signal 172583/195499 (executing program) 2025/09/01 12:05:49 fetching corpus: 6250, signal 172917/195502 (executing program) 2025/09/01 12:05:49 fetching corpus: 6300, signal 173213/195508 (executing program) 2025/09/01 12:05:49 fetching corpus: 6350, signal 173466/195514 (executing program) 2025/09/01 12:05:49 fetching corpus: 6400, signal 173802/195519 (executing program) 2025/09/01 12:05:49 fetching corpus: 6450, signal 174032/195521 (executing program) 2025/09/01 12:05:49 fetching corpus: 6500, signal 174439/195521 (executing program) 2025/09/01 12:05:49 fetching corpus: 6550, signal 174702/195524 (executing program) 2025/09/01 12:05:49 fetching corpus: 6600, signal 174960/195533 (executing program) 2025/09/01 12:05:49 fetching corpus: 6650, signal 175393/195538 (executing program) 2025/09/01 12:05:50 fetching corpus: 6700, signal 175790/195583 (executing program) 2025/09/01 12:05:50 fetching corpus: 6750, signal 176089/195585 (executing program) 2025/09/01 12:05:50 fetching corpus: 6800, signal 176373/195602 (executing program) 2025/09/01 12:05:50 fetching corpus: 6850, signal 176659/195614 (executing program) 2025/09/01 12:05:50 fetching corpus: 6900, signal 176936/195615 (executing program) 2025/09/01 12:05:50 fetching corpus: 6950, signal 177234/195617 (executing program) 2025/09/01 12:05:50 fetching corpus: 7000, signal 177476/195648 (executing program) 2025/09/01 12:05:50 fetching corpus: 7050, signal 177839/195671 (executing program) 2025/09/01 12:05:50 fetching corpus: 7100, signal 178071/195693 (executing program) 2025/09/01 12:05:50 fetching corpus: 7150, signal 178451/195699 (executing program) 2025/09/01 12:05:50 fetching corpus: 7200, signal 178701/195710 (executing program) 2025/09/01 12:05:50 fetching corpus: 7250, signal 178963/195737 (executing program) 2025/09/01 12:05:51 fetching corpus: 7300, signal 179265/195738 (executing program) 2025/09/01 12:05:51 fetching corpus: 7350, signal 180164/195742 (executing program) 2025/09/01 12:05:51 fetching corpus: 7400, signal 180453/195755 (executing program) 2025/09/01 12:05:51 fetching corpus: 7450, signal 180884/195763 (executing program) 2025/09/01 12:05:51 fetching corpus: 7500, signal 181336/195777 (executing program) 2025/09/01 12:05:51 fetching corpus: 7550, signal 181742/195778 (executing program) 2025/09/01 12:05:51 fetching corpus: 7600, signal 182191/195784 (executing program) 2025/09/01 12:05:51 fetching corpus: 7650, signal 182352/195795 (executing program) 2025/09/01 12:05:51 fetching corpus: 7700, signal 182870/195796 (executing program) 2025/09/01 12:05:51 fetching corpus: 7750, signal 183195/195814 (executing program) 2025/09/01 12:05:51 fetching corpus: 7800, signal 183407/195814 (executing program) 2025/09/01 12:05:51 fetching corpus: 7850, signal 183636/195834 (executing program) 2025/09/01 12:05:52 fetching corpus: 7900, signal 183884/195847 (executing program) 2025/09/01 12:05:52 fetching corpus: 7950, signal 184516/195849 (executing program) 2025/09/01 12:05:52 fetching corpus: 8000, signal 184909/195853 (executing program) 2025/09/01 12:05:52 fetching corpus: 8050, signal 185249/195855 (executing program) 2025/09/01 12:05:52 fetching corpus: 8100, signal 185563/195855 (executing program) 2025/09/01 12:05:52 fetching corpus: 8150, signal 185874/195855 (executing program) 2025/09/01 12:05:52 fetching corpus: 8200, signal 186077/195917 (executing program) 2025/09/01 12:05:52 fetching corpus: 8250, signal 186759/195975 (executing program) 2025/09/01 12:05:52 fetching corpus: 8300, signal 187025/195976 (executing program) 2025/09/01 12:05:52 fetching corpus: 8350, signal 187244/195978 (executing program) 2025/09/01 12:05:52 fetching corpus: 8400, signal 187596/195998 (executing program) 2025/09/01 12:05:52 fetching corpus: 8450, signal 187942/196005 (executing program) 2025/09/01 12:05:53 fetching corpus: 8500, signal 188179/196007 (executing program) 2025/09/01 12:05:53 fetching corpus: 8550, signal 188406/196012 (executing program) 2025/09/01 12:05:53 fetching corpus: 8600, signal 188779/196014 (executing program) 2025/09/01 12:05:53 fetching corpus: 8650, signal 189202/196030 (executing program) 2025/09/01 12:05:53 fetching corpus: 8700, signal 189696/196034 (executing program) 2025/09/01 12:05:53 fetching corpus: 8750, signal 189937/196036 (executing program) 2025/09/01 12:05:53 fetching corpus: 8800, signal 190197/196037 (executing program) 2025/09/01 12:05:53 fetching corpus: 8850, signal 190628/196047 (executing program) 2025/09/01 12:05:53 fetching corpus: 8900, signal 190960/196054 (executing program) 2025/09/01 12:05:53 fetching corpus: 8950, signal 191273/196054 (executing program) 2025/09/01 12:05:53 fetching corpus: 9000, signal 191556/196054 (executing program) 2025/09/01 12:05:54 fetching corpus: 9050, signal 191815/196097 (executing program) 2025/09/01 12:05:54 fetching corpus: 9100, signal 192150/196097 (executing program) 2025/09/01 12:05:54 fetching corpus: 9150, signal 192354/196099 (executing program) 2025/09/01 12:05:54 fetching corpus: 9200, signal 192559/196104 (executing program) 2025/09/01 12:05:54 fetching corpus: 9250, signal 192810/196106 (executing program) 2025/09/01 12:05:54 fetching corpus: 9285, signal 192945/196117 (executing program) 2025/09/01 12:05:54 fetching corpus: 9285, signal 192945/196117 (executing program) 2025/09/01 12:05:56 starting 8 fuzzer processes 12:05:56 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmat(0x0, &(0x7f0000ffb000/0x2000)=nil, 0x4000) shmdt(r0) munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) 12:05:56 executing program 7: r0 = perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) 12:05:56 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) openat$procfs(0xffffffffffffff9c, &(0x7f0000000b40)='/proc/stat\x00', 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 12:05:56 executing program 2: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f00000001c0)={0x0, 0x0, 0x41, 0x0, 0x0, r0, 0x0}]) [ 81.918801] audit: type=1400 audit(1756728356.963:7): avc: denied { execmem } for pid=272 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 12:05:56 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x8) ioctl$sock_SIOCSIFBR(r0, 0x8941, 0x0) 12:05:56 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00') pread64(r0, &(0x7f0000000240)=""/42, 0xff30, 0x0) 12:05:56 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x24, &(0x7f0000000300)=ANY=[@ANYRESHEX], 0x90) sendmsg(r0, &(0x7f0000000280)={&(0x7f00000000c0)=@nl=@unspec={0x0, 0x0, 0x0, 0xf5ffffff}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)="866369ed15bf241db3222862d749dac5bfd1325d", 0x14}, {&(0x7f00000001c0)="4150fbb84c8ccf532ef9cc28fdaf31f0dbee28b8", 0x14}], 0x2}, 0x0) 12:05:57 executing program 6: syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}]}) [ 83.059722] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.063452] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.066441] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.070839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 83.073689] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.075970] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 83.077182] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 83.078696] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.079282] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 83.081787] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 83.084987] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 83.094373] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 83.106608] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 83.113469] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.114501] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 83.133740] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.136593] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 83.153922] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 83.161451] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.168454] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.176767] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 83.180918] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 83.188058] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 83.207723] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 83.217835] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 83.227534] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 83.233323] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 83.237527] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 83.242399] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 83.243548] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 83.253806] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 83.256131] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 83.258102] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 83.265696] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 83.267995] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 83.269664] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 83.271383] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 83.279758] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 83.290734] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 83.317018] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 85.149745] Bluetooth: hci0: command tx timeout [ 85.149766] Bluetooth: hci1: command tx timeout [ 85.150509] Bluetooth: hci2: command tx timeout [ 85.213372] Bluetooth: hci3: command tx timeout [ 85.342256] Bluetooth: hci5: command tx timeout [ 85.342276] Bluetooth: hci4: command tx timeout [ 85.405247] Bluetooth: hci6: command tx timeout [ 85.469677] Bluetooth: hci7: command tx timeout [ 87.197470] Bluetooth: hci2: command tx timeout [ 87.198357] Bluetooth: hci1: command tx timeout [ 87.198402] Bluetooth: hci0: command tx timeout [ 87.262213] Bluetooth: hci3: command tx timeout [ 87.389266] Bluetooth: hci4: command tx timeout [ 87.391199] Bluetooth: hci5: command tx timeout [ 87.453261] Bluetooth: hci6: command tx timeout [ 87.518340] Bluetooth: hci7: command tx timeout [ 89.245297] Bluetooth: hci0: command tx timeout [ 89.245760] Bluetooth: hci1: command tx timeout [ 89.246970] Bluetooth: hci2: command tx timeout [ 89.310254] Bluetooth: hci3: command tx timeout [ 89.438259] Bluetooth: hci4: command tx timeout [ 89.438717] Bluetooth: hci5: command tx timeout [ 89.502199] Bluetooth: hci6: command tx timeout [ 89.566510] Bluetooth: hci7: command tx timeout [ 91.293598] Bluetooth: hci2: command tx timeout [ 91.295210] Bluetooth: hci1: command tx timeout [ 91.295241] Bluetooth: hci0: command tx timeout [ 91.357464] Bluetooth: hci3: command tx timeout [ 91.485437] Bluetooth: hci5: command tx timeout [ 91.485460] Bluetooth: hci4: command tx timeout [ 91.549286] Bluetooth: hci6: command tx timeout [ 91.613317] Bluetooth: hci7: command tx timeout [ 122.314668] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.315331] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.475918] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.476963] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.671179] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.671804] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.832904] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.833542] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:06:37 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000540)={0x0, 0x30}}, 0x0) [ 122.970242] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.970842] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.030222] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.030807] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:06:38 executing program 1: prctl$PR_SET_MM_MAP(0x41, 0xe, 0x0, 0x0) 12:06:38 executing program 1: creat(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) write(r1, &(0x7f0000000040)="5ed0d2", 0x3) write(0xffffffffffffffff, 0x0, 0x0) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendfile(r2, r0, 0x0, 0x3) [ 123.185168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.185800] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.198949] ieee802154 phy0 wpan0: encryption failed: -22 12:06:38 executing program 1: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000080)) [ 123.288333] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.288935] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.325356] audit: type=1400 audit(1756728398.372:8): avc: denied { open } for pid=3875 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 123.327119] audit: type=1400 audit(1756728398.373:9): avc: denied { kernel } for pid=3875 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 123.465184] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.465802] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.520706] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.521589] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.537890] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.538685] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.587792] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.588415] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.610290] No source specified [ 123.611496] No source specified [ 123.635010] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.636062] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.676208] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.676819] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.683839] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.684428] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.733787] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.735179] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:06:39 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmat(0x0, &(0x7f0000ffb000/0x2000)=nil, 0x4000) shmdt(r0) munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) 12:06:39 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x0, 0x0) ioctl$FIOCLEX(0xffffffffffffffff, 0x5451) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x240, 0x0) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x0) 12:06:39 executing program 1: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000080)) 12:06:39 executing program 2: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f00000001c0)={0x0, 0x0, 0x41, 0x0, 0x0, r0, 0x0}]) 12:06:39 executing program 7: r0 = perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) 12:06:39 executing program 6: syz_emit_ethernet(0x4e, &(0x7f0000000000)={@link_local, @dev, @void, {@ipv4={0x800, @dccp={{0xc, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x21, 0x0, @local, @private=0xa010101, {[@timestamp_prespec={0x44, 0x16, 0x13, 0x3, 0x0, [{@loopback}, {@broadcast}, {@broadcast}]}]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00\x00W', 0x0, "944856"}}}}}}, 0x0) 12:06:39 executing program 4: syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x4040) 12:06:39 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x24, &(0x7f0000000300)=ANY=[@ANYRESHEX], 0x90) sendmsg(r0, &(0x7f0000000280)={&(0x7f00000000c0)=@nl=@unspec={0x0, 0x0, 0x0, 0xf5ffffff}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)="866369ed15bf241db3222862d749dac5bfd1325d", 0x14}, {&(0x7f00000001c0)="4150fbb84c8ccf532ef9cc28fdaf31f0dbee28b8", 0x14}], 0x2}, 0x0) 12:06:39 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x24, &(0x7f0000000300)=ANY=[@ANYRESHEX], 0x90) sendmsg(r0, &(0x7f0000000280)={&(0x7f00000000c0)=@nl=@unspec={0x0, 0x0, 0x0, 0xf5ffffff}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)="866369ed15bf241db3222862d749dac5bfd1325d", 0x14}, {&(0x7f00000001c0)="4150fbb84c8ccf532ef9cc28fdaf31f0dbee28b8", 0x14}], 0x2}, 0x0) 12:06:39 executing program 6: syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f0000000240), &(0x7f0000000280)={0x1f}, 0x0, 0x0, 0x0) 12:06:39 executing program 4: syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') 12:06:39 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000) msync(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0) 12:06:39 executing program 1: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000080)) 12:06:39 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmat(0x0, &(0x7f0000ffb000/0x2000)=nil, 0x4000) shmdt(r0) munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) [ 124.260408] kmemleak: Found object by alias at 0x607f1a63ec34 [ 124.260428] CPU: 0 UID: 0 PID: 3943 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.260446] Tainted: [W]=WARN [ 124.260450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.260457] Call Trace: [ 124.260462] [ 124.260466] dump_stack_lvl+0xca/0x120 [ 124.260497] __lookup_object+0x94/0xb0 [ 124.260515] delete_object_full+0x27/0x70 [ 124.260532] free_percpu+0x30/0x1160 [ 124.260549] ? arch_uprobe_clear_state+0x16/0x140 [ 124.260570] futex_hash_free+0x38/0xc0 [ 124.260585] mmput+0x2d3/0x390 [ 124.260604] do_exit+0x79d/0x2970 [ 124.260622] ? __pfx_do_exit+0x10/0x10 [ 124.260637] ? find_held_lock+0x2b/0x80 [ 124.260655] ? get_signal+0x835/0x2340 [ 124.260676] do_group_exit+0xd3/0x2a0 [ 124.260691] get_signal+0x2315/0x2340 [ 124.260714] ? __pfx_get_signal+0x10/0x10 [ 124.260731] ? do_futex+0x135/0x370 [ 124.260745] ? __pfx_do_futex+0x10/0x10 [ 124.260760] arch_do_signal_or_restart+0x80/0x790 [ 124.260779] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 124.260795] ? __x64_sys_futex+0x1c9/0x4d0 [ 124.260808] ? __x64_sys_futex+0x1d2/0x4d0 [ 124.260823] ? __pfx___x64_sys_futex+0x10/0x10 [ 124.260838] ? kcov_ioctl+0x386/0x6c0 [ 124.260856] exit_to_user_mode_loop+0x8b/0x110 [ 124.260869] do_syscall_64+0x2f7/0x360 [ 124.260883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.260896] RIP: 0033:0x7f46e5f3bb19 [ 124.260905] Code: Unable to access opcode bytes at 0x7f46e5f3baef. [ 124.260910] RSP: 002b:00007f46e3490218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.260922] RAX: fffffffffffffe00 RBX: 00007f46e604f028 RCX: 00007f46e5f3bb19 [ 124.260930] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f46e604f028 [ 124.260937] RBP: 00007f46e604f020 R08: 0000000000000000 R09: 0000000000000000 [ 124.260945] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f46e604f02c [ 124.260952] R13: 00007ffe5d88cb1f R14: 00007f46e3490300 R15: 0000000000022000 [ 124.260968] [ 124.260972] kmemleak: Object (percpu) 0x607f1a63ec30 (size 8): [ 124.260979] kmemleak: comm "syz-executor.5", pid 3936, jiffies 4294791108 [ 124.260986] kmemleak: min_count = 1 [ 124.260990] kmemleak: count = 0 [ 124.260993] kmemleak: flags = 0x21 [ 124.260997] kmemleak: checksum = 0 [ 124.261001] kmemleak: backtrace: [ 124.261005] pcpu_alloc_noprof+0x87a/0x1170 [ 124.261020] perf_trace_event_init+0x366/0xa10 [ 124.261034] perf_trace_init+0x1a4/0x2f0 [ 124.261046] perf_tp_event_init+0xa6/0x120 [ 124.261063] perf_try_init_event+0x140/0x9f0 [ 124.261077] perf_event_alloc.part.0+0x118e/0x45f0 [ 124.261094] __do_sys_perf_event_open+0x719/0x2c20 [ 124.261107] do_syscall_64+0xbf/0x360 [ 124.261117] entry_SYSCALL_64_after_hwframe+0x77/0x7f 12:06:39 executing program 7: r0 = perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) 12:06:39 executing program 2: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f00000001c0)={0x0, 0x0, 0x41, 0x0, 0x0, r0, 0x0}]) 12:06:39 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x24, &(0x7f0000000300)=ANY=[@ANYRESHEX], 0x90) sendmsg(r0, &(0x7f0000000280)={&(0x7f00000000c0)=@nl=@unspec={0x0, 0x0, 0x0, 0xf5ffffff}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)="866369ed15bf241db3222862d749dac5bfd1325d", 0x14}, {&(0x7f00000001c0)="4150fbb84c8ccf532ef9cc28fdaf31f0dbee28b8", 0x14}], 0x2}, 0x0) 12:06:39 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000200)={0x9}) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x7, 0x13, r0, 0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000000), 0x0, 0x4) 12:06:39 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmat(0x0, &(0x7f0000ffb000/0x2000)=nil, 0x4000) shmdt(r0) munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) 12:06:39 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0) r2 = dup2(r0, r1) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4, 0x13, r2, 0x0) syz_io_uring_submit(r3, 0x0, 0xfffffffffffffffe, 0x0) pkey_mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) 12:06:39 executing program 1: setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e30be12e051656ca28132eba1a51d12f95180d319eef8bb32a4a5275ed0721e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab12e07ac5", 0x51) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'}) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000080)) 12:06:39 executing program 4: syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') 12:06:39 executing program 7: r0 = perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) 12:06:39 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x1d, r0, 0x0, 0x0) 12:06:39 executing program 4: syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') 12:06:39 executing program 2: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f00000001c0)={0x0, 0x0, 0x41, 0x0, 0x0, r0, 0x0}]) [ 124.461522] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI [ 124.462482] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 124.463208] CPU: 1 UID: 0 PID: 3967 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.464492] Tainted: [W]=WARN [ 124.465203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.467032] RIP: 0010:perf_tp_event+0x175/0xe70 [ 124.467987] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 124.472025] RSP: 0018:ffff8880451af800 EFLAGS: 00010212 [ 124.472669] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900090d2000 [ 124.473251] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 124.473823] RBP: ffff8880451afa70 R08: ffff88806cf31340 R09: ffffe8ffffd16c30 [ 124.474404] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 124.475067] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 124.475763] FS: 00007f46e34b1700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 124.476545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.477131] CR2: 0000555578453c58 CR3: 000000000d7b1000 CR4: 0000000000350ef0 [ 124.477828] Call Trace: [ 124.478086] [ 124.478317] ? __mutex_add_waiter+0x202/0x220 [ 124.478798] ? __pfx_perf_tp_event+0x10/0x10 [ 124.479254] ? find_held_lock+0x2b/0x80 [ 124.479668] ? __is_insn_slot_addr+0x136/0x290 [ 124.480148] ? lock_release+0xc8/0x290 [ 124.480554] ? __is_insn_slot_addr+0x140/0x290 [ 124.481033] ? kernel_text_address+0x5b/0xc0 [ 124.481471] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 124.482018] ? __kernel_text_address+0xd/0x40 [ 124.482477] ? unwind_get_return_address+0x59/0xa0 [ 124.482989] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 124.483526] ? arch_stack_walk+0x9c/0xf0 [ 124.483953] ? perf_trace_run_bpf_submit+0xef/0x180 [ 124.484459] perf_trace_run_bpf_submit+0xef/0x180 [ 124.484954] perf_trace_lock+0x337/0x5d0 [ 124.485376] ? __pfx_perf_trace_lock+0x10/0x10 [ 124.485838] ? lock_acquire+0x15e/0x2f0 [ 124.486251] ? futex_ref_get+0x48/0x300 [ 124.486658] ? futex_ref_get+0x114/0x300 [ 124.487062] ? futex_hash+0x15c/0x390 [ 124.487446] lock_release+0x1ab/0x290 [ 124.487844] ? futex_hash+0x15c/0x390 [ 124.488232] futex_ref_get+0x119/0x300 [ 124.488626] ? futex_hash+0x15c/0x390 [ 124.489018] futex_hash+0x70/0x390 [ 124.489384] futex_wake+0x143/0x540 [ 124.489770] ? __pfx_futex_wake+0x10/0x10 [ 124.490178] ? kmem_cache_free+0x2a1/0x540 [ 124.490607] ? fd_install+0x1d8/0x660 [ 124.490991] ? putname.part.0+0x11b/0x160 [ 124.491422] do_futex+0x26d/0x370 [ 124.491777] ? __pfx_do_futex+0x10/0x10 [ 124.492192] __x64_sys_futex+0x1c9/0x4d0 [ 124.492607] ? __x64_sys_openat+0x142/0x200 [ 124.493041] ? __pfx___x64_sys_futex+0x10/0x10 [ 124.493511] do_syscall_64+0xbf/0x360 [ 124.493901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.494425] RIP: 0033:0x7f46e5f3bb19 [ 124.494806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.496579] RSP: 002b:00007f46e34b1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.497331] RAX: ffffffffffffffda RBX: 00007f46e604ef68 RCX: 00007f46e5f3bb19 [ 124.498039] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f46e604ef6c [ 124.498747] RBP: 00007f46e604ef60 R08: 0000000000000000 R09: 0000000000000000 [ 124.499450] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f46e604ef6c [ 124.500150] R13: 00007ffe5d88cb1f R14: 00007f46e34b1300 R15: 0000000000022000 [ 124.500875] [ 124.501114] Modules linked in: [ 124.501551] ---[ end trace 0000000000000000 ]--- [ 124.502020] RIP: 0010:perf_tp_event+0x175/0xe70 [ 124.502512] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 124.504315] RSP: 0018:ffff8880451af800 EFLAGS: 00010212 [ 124.504839] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900090d2000 [ 124.505561] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 124.506276] RBP: ffff8880451afa70 R08: ffff88806cf31340 R09: ffffe8ffffd16c30 [ 124.506916] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 124.507489] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 124.508051] FS: 00007f46e34b1700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 124.508688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.509151] CR2: 0000555578453c58 CR3: 000000000d7b1000 CR4: 0000000000350ef0 [ 124.509715] note: syz-executor.4[3967] exited with preempt_count 1 [ 124.510210] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51 [ 124.510910] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 3967, name: syz-executor.4 [ 124.511593] preempt_count: 0, expected: 0 [ 124.511923] RCU nest depth: 2, expected: 0 [ 124.512267] INFO: lockdep is turned off. 12:06:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736602106c00080120000200004000f8000020004000000000000000000001", 0x25}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}], 0x0, &(0x7f0000011000)) statfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/69) [ 124.512688] CPU: 1 UID: 0 PID: 3967 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.512708] Tainted: [D]=DIE, [W]=WARN [ 124.512712] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.512720] Call Trace: [ 124.512724] [ 124.512729] dump_stack_lvl+0xfa/0x120 [ 124.512755] __might_resched+0x2f3/0x510 [ 124.512770] exit_signals+0x25/0x940 [ 124.512789] do_exit+0x2db/0x2970 [ 124.512803] ? _printk+0xbe/0xf0 [ 124.512816] ? __pfx__printk+0x10/0x10 [ 124.512829] ? __x64_sys_openat+0x142/0x200 [ 124.512847] ? __pfx_do_exit+0x10/0x10 [ 124.512862] make_task_dead+0x174/0x3b0 [ 124.512876] ? do_syscall_64+0xbf/0x360 [ 124.512888] rewind_stack_and_make_dead+0x16/0x20 [ 124.512905] RIP: 0033:0x7f46e5f3bb19 [ 124.512913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.512925] RSP: 002b:00007f46e34b1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.512936] RAX: ffffffffffffffda RBX: 00007f46e604ef68 RCX: 00007f46e5f3bb19 [ 124.512944] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f46e604ef6c [ 124.512952] RBP: 00007f46e604ef60 R08: 0000000000000000 R09: 0000000000000000 [ 124.512959] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f46e604ef6c [ 124.512966] R13: 00007ffe5d88cb1f R14: 00007f46e34b1300 R15: 0000000000022000 [ 124.512977] [ 124.603377] loop5: detected capacity change from 0 to 256 [ 124.605663] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 124.620356] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 12:06:40 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x3, &(0x7f0000000040)=0x5, 0x5db) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) 12:06:40 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_opts(r0, 0x0, 0x9, 0x0, &(0x7f00000000c0)) 12:06:40 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000280)={0x20, r1, 0x1, 0x0, 0x0, {0x22}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}}, 0x0) 12:06:40 executing program 6: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x1d, r0, 0x0, 0x0) 12:06:40 executing program 2: syz_io_uring_complete(0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) syz_usb_connect(0x0, 0x48, &(0x7f00000002c0)={{0x12, 0x1, 0x0, 0xf, 0xe8, 0xe9, 0x0, 0xcf3, 0x311d, 0xa805, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x36, 0x1, 0x0, 0x0, 0xc0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x4, 0xe5, 0x4e, 0xf3, 0x0, [], [{}, {{0x9, 0x5, 0x8, 0x0, 0x0, 0x8, 0x4}}, {{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x6}}, {}]}}]}}]}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_NODE_GET(r0, &(0x7f00000020c0)={0x0, 0x0, &(0x7f0000002080)={&(0x7f0000001e80)={0x14}, 0x14}}, 0x0) 12:06:40 executing program 4: syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') 12:06:40 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736602106c00080120000200004000f8000020004000000000000000000001", 0x25}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}], 0x0, &(0x7f0000011000)) statfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/69) [ 125.348870] loop5: detected capacity change from 0 to 256 [ 125.376728] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 125.384668] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 125.386399] misc raw-gadget: fail, usb_gadget_register_driver returned -16 12:06:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x9, 0x0, &(0x7f0000000240)) [ 125.399498] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI [ 125.400398] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 125.401001] CPU: 1 UID: 0 PID: 3977 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 125.401958] Tainted: [D]=DIE, [W]=WARN [ 125.402265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 125.402935] RIP: 0010:perf_tp_event+0x175/0xe70 [ 125.403322] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 125.404756] RSP: 0018:ffff88804867f800 EFLAGS: 00010212 [ 125.405180] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 125.405752] RDX: ffff888017a90000 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 125.406317] RBP: ffff88804867fa70 R08: ffff88806cf31340 R09: ffffe8ffffd16c30 [ 125.406904] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 125.407475] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 125.408041] FS: 000055557844a400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 125.408679] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.409137] CR2: 00007f219386a000 CR3: 000000001f267000 CR4: 0000000000350ef0 [ 125.409708] Call Trace: [ 125.409922] [ 125.410108] ? __pfx_native_flush_tlb_one_user+0x10/0x10 [ 125.410550] ? __pfx_perf_tp_event+0x10/0x10 [ 125.410928] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 125.411349] ? __pfx_flush_tlb_func+0x10/0x10 [ 125.411711] ? __pfx_flush_tlb_func+0x10/0x10 [ 125.412074] ? smp_call_function_many_cond+0x332/0x1110 [ 125.412510] ? __pfx_should_flush_tlb+0x10/0x10 [ 125.412893] ? __pfx_flush_tlb_func+0x10/0x10 [ 125.413260] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 125.413712] ? __pfx_perf_trace_lock+0x10/0x10 [ 125.414089] ? __pfx_flush_tlb_func+0x10/0x10 [ 125.414453] ? perf_trace_lock+0xb5/0x5d0 [ 125.414821] ? perf_trace_lock+0xb5/0x5d0 [ 125.415161] ? css_rstat_updated+0x1b8/0x4d0 [ 125.415532] ? perf_trace_run_bpf_submit+0xef/0x180 [ 125.415934] perf_trace_run_bpf_submit+0xef/0x180 [ 125.416333] perf_trace_lock+0x337/0x5d0 [ 125.416664] ? __pfx_lru_add+0x10/0x10 [ 125.416989] ? __pfx_perf_trace_lock+0x10/0x10 [ 125.417363] ? do_wp_page+0xb30/0x3430 [ 125.417686] ? get_futex_key+0x592/0x14a0 [ 125.418020] ? futex_ref_get+0x114/0x300 [ 125.418345] ? futex_hash+0x15c/0x390 [ 125.418677] lock_release+0x1ab/0x290 [ 125.418991] ? futex_hash+0x15c/0x390 [ 125.419299] futex_ref_get+0x119/0x300 [ 125.419616] ? futex_hash+0x15c/0x390 [ 125.419925] futex_hash+0x70/0x390 [ 125.420216] futex_wake+0x143/0x540 [ 125.420516] ? ___pte_offset_map+0x176/0x370 [ 125.420879] ? __pfx_futex_wake+0x10/0x10 [ 125.421219] ? __handle_mm_fault+0x753/0x3260 [ 125.421586] ? perf_trace_lock+0xb5/0x5d0 [ 125.421922] ? __pfx___handle_mm_fault+0x10/0x10 [ 125.422311] do_futex+0x26d/0x370 [ 125.422610] ? __pfx_do_futex+0x10/0x10 [ 125.422943] ? __pfx_perf_trace_lock+0x10/0x10 [ 125.423308] ? handle_mm_fault+0x590/0x9b0 [ 125.423649] __x64_sys_futex+0x1c9/0x4d0 [ 125.423974] ? __pfx___x64_sys_futex+0x10/0x10 [ 125.424341] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 125.424755] do_syscall_64+0xbf/0x360 [ 125.425064] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.425470] RIP: 0033:0x7f219375ab19 [ 125.425766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.427192] RSP: 002b:00007ffd30b67f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.427783] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f219375ab19 [ 125.428333] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f219386df68 [ 125.428887] RBP: 00007f219386df60 R08: 0000001b2d32001c R09: 0000000000000000 [ 125.429438] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2193872310 [ 125.429988] R13: 00007ffd30b68060 R14: 00007f219386df60 R15: 000000000001e92f [ 125.430546] [ 125.430750] Modules linked in: [ 125.431033] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#3] SMP KASAN NOPTI [ 125.431890] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] [ 125.432478] CPU: 1 UID: 0 PID: 3977 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 125.433400] Tainted: [D]=DIE, [W]=WARN [ 125.433696] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 125.434331] RIP: 0010:perf_tp_event+0x175/0xe70 [ 125.434723] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 125.436117] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012 [ 125.436534] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 125.437088] RDX: ffff888017a90000 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 125.437647] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd16c30 [ 125.438201] R10: 0000000000000000 R11: ffff88806cf37018 R12: dffffc0000000000 [ 125.438769] R13: 0000000000000024 R14: ffff88806cf31490 R15: dffffc0000000000 [ 125.439320] FS: 000055557844a400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 125.439941] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.440392] CR2: 00007f219386a000 CR3: 000000001f267000 CR4: 0000000000350ef0 [ 125.440943] Call Trace: [ 125.441149] [ 125.441329] ? __pfx_perf_tp_event+0x10/0x10 [ 125.441684] ? stack_depot_save_flags+0x2c/0xa20 [ 125.442058] ? kasan_save_stack+0x34/0x50 [ 125.442385] ? kasan_save_stack+0x24/0x50 [ 125.442725] ? kasan_save_track+0x14/0x30 [ 125.443051] ? __kasan_save_free_info+0x3a/0x60 [ 125.443416] ? __kasan_slab_free+0x3f/0x50 [ 125.443751] ? kmem_cache_free+0x2a1/0x540 [ 125.444080] ? rcu_core+0x7c8/0x1800 [ 125.444378] ? handle_softirqs+0x1b1/0x770 [ 125.444720] ? __irq_exit_rcu+0xc4/0x100 [ 125.445044] ? irq_exit_rcu+0x9/0x20 [ 125.445335] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 125.445741] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 125.446164] ? memset_orig+0x4e/0xb0 [ 125.446459] ? __unwind_start+0x2e/0x7c0 [ 125.446802] ? arch_stack_walk+0x62/0xf0 [ 125.447124] ? stack_trace_save+0x8e/0xc0 [ 125.447455] ? kasan_save_stack+0x24/0x50 [ 125.447782] ? kasan_save_track+0x14/0x30 [ 125.448108] ? __kasan_slab_alloc+0x59/0x70 [ 125.448450] ? kmem_cache_alloc_noprof+0x205/0x690 [ 125.448836] ? __alloc_object+0x2b/0x2c0 [ 125.449165] ? kvm_sched_clock_read+0x16/0x30 [ 125.449526] ? sched_clock+0x37/0x60 [ 125.449824] ? sched_clock_cpu+0x6c/0x4e0 [ 125.450152] ? perf_trace_run_bpf_submit+0xef/0x180 [ 125.450551] perf_trace_run_bpf_submit+0xef/0x180 [ 125.451008] perf_trace_lock+0x337/0x5d0 [ 125.451329] ? place_entity+0x1c/0x410 [ 125.451638] ? kvm_sched_clock_read+0x16/0x30 [ 125.451996] ? __pfx_perf_trace_lock+0x10/0x10 [ 125.452357] ? check_preempt_wakeup_fair+0x6e/0x950 [ 125.452750] ? sched_ttwu_pending+0x2e0/0x4a0 [ 125.453159] lock_release+0x1ab/0x290 [ 125.453583] ? ttwu_do_activate+0x1a4/0x8a0 [ 125.453971] _raw_spin_unlock+0x16/0x40 [ 125.454347] sched_ttwu_pending+0x2e0/0x4a0 [ 125.454712] ? __pfx_try_to_wake_up+0x10/0x10 [ 125.455115] ? __pfx_sched_ttwu_pending+0x10/0x10 [ 125.455520] ? flush_tlb_func+0x24d/0x560 [ 125.455942] __flush_smp_call_function_queue+0x434/0x740 [ 125.456372] __sysvec_call_function_single+0x6d/0x370 [ 125.456806] sysvec_call_function_single+0xa1/0xc0 [ 125.457254] [ 125.457448] [ 125.457667] asm_sysvec_call_function_single+0x1a/0x20 [ 125.458133] RIP: 0010:oops_exit+0x0/0x50 [ 125.458455] Code: 00 3a 00 be ff ff ff ff 48 c7 c7 50 b4 43 86 e8 c6 0f f9 ff 5b e9 50 00 3a 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 36 00 3a 00 8b 1d c0 3d 4f 06 31 ff 89 de e8 57 [ 125.459873] RSP: 0018:ffff88804867f690 EFLAGS: 00000202 [ 125.460284] RAX: 0000000000000000 RBX: 0000000000000293 RCX: ffffffff8139f06f [ 125.460966] RDX: ffff888017a90000 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 125.461604] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f12690 [ 125.462181] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804867f758 [ 125.462869] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000 [ 125.463496] ? add_taint+0x5f/0xd0 [ 125.463803] ? oops_end+0x4a/0xe0 [ 125.464088] oops_end+0x65/0xe0 [ 125.464358] exc_general_protection+0x1a2/0x330 [ 125.464730] asm_exc_general_protection+0x26/0x30 [ 125.465106] RIP: 0010:perf_tp_event+0x175/0xe70 [ 125.465476] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 125.467013] RSP: 0018:ffff88804867f800 EFLAGS: 00010212 [ 125.467539] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002 [ 125.468085] RDX: ffff888017a90000 RSI: ffffffff8189a4e7 RDI: 0000000000000191 [ 125.468676] RBP: ffff88804867fa70 R08: ffff88806cf31340 R09: ffffe8ffffd16c30 [ 125.469316] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 125.469958] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 125.470565] ? perf_tp_event+0x167/0xe70 [ 125.470907] ? __pfx_native_flush_tlb_one_user+0x10/0x10 [ 125.471334] ? __pfx_perf_tp_event+0x10/0x10 [ 125.471690] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 125.472097] ? __pfx_flush_tlb_func+0x10/0x10 [ 125.472453] ? __pfx_flush_tlb_func+0x10/0x10 [ 125.472808] ? smp_call_function_many_cond+0x332/0x1110 [ 125.473227] ? __pfx_should_flush_tlb+0x10/0x10 [ 125.473603] ? __pfx_flush_tlb_func+0x10/0x10 [ 125.473963] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 125.474408] ? __pfx_perf_trace_lock+0x10/0x10 [ 125.474787] ? __pfx_flush_tlb_func+0x10/0x10 [ 125.475145] ? perf_trace_lock+0xb5/0x5d0 [ 125.475475] ? perf_trace_lock+0xb5/0x5d0 [ 125.475806] ? css_rstat_updated+0x1b8/0x4d0 12:06:40 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x3, &(0x7f0000000040)=0x5, 0x5db) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) [ 125.476160] ? perf_trace_run_bpf_submit+0xef/0x180 [ 125.476732] perf_trace_run_bpf_submit+0xef/0x180 [ 125.477118] perf_trace_lock+0x337/0x5d0 [ 125.477508] ? __pfx_lru_add+0x10/0x10 [ 125.477894] ? __pfx_perf_trace_lock+0x10/0x10 [ 125.478310] ? do_wp_page+0xb30/0x3430 [ 125.478715] ? get_futex_key+0x592/0x14a0 [ 125.479040] ? futex_ref_get+0x114/0x300 [ 125.479358] ? futex_hash+0x15c/0x390 [ 125.479724] lock_release+0x1ab/0x290 [ 125.480077] ? futex_hash+0x15c/0x390 [ 125.480413] futex_ref_get+0x119/0x300 [ 125.480804] ? futex_hash+0x15c/0x390 [ 125.481103] futex_hash+0x70/0x390 [ 125.481389] futex_wake+0x143/0x540 [ 125.481755] ? ___pte_offset_map+0x176/0x370 [ 125.482131] ? __pfx_futex_wake+0x10/0x10 [ 125.482520] ? __handle_mm_fault+0x753/0x3260 [ 125.482916] ? perf_trace_lock+0xb5/0x5d0 [ 125.483330] ? __pfx___handle_mm_fault+0x10/0x10 [ 125.483783] do_futex+0x26d/0x370 [ 125.484073] ? __pfx_do_futex+0x10/0x10 [ 125.484403] ? __pfx_perf_trace_lock+0x10/0x10 [ 125.484858] ? handle_mm_fault+0x590/0x9b0 [ 125.485256] __x64_sys_futex+0x1c9/0x4d0 [ 125.485610] ? __pfx___x64_sys_futex+0x10/0x10 [ 125.485975] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 125.486472] do_syscall_64+0xbf/0x360 [ 125.486832] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.487305] RIP: 0033:0x7f219375ab19 [ 125.487598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.489201] RSP: 002b:00007ffd30b67f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.489896] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f219375ab19 [ 125.490484] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f219386df68 [ 125.491051] RBP: 00007f219386df60 R08: 0000001b2d32001c R09: 0000000000000000 [ 125.491603] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2193872310 [ 125.492149] R13: 00007ffd30b68060 R14: 00007f219386df60 R15: 000000000001e92f [ 125.492800] [ 125.492986] Modules linked in: [ 125.493279] ---[ end trace 0000000000000000 ]--- [ 125.493708] RIP: 0010:perf_tp_event+0x175/0xe70 [ 125.494091] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 125.495712] RSP: 0018:ffff8880451af800 EFLAGS: 00010212 [ 125.496124] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc900090d2000 [ 125.496676] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 125.497224] RBP: ffff8880451afa70 R08: ffff88806cf31340 R09: ffffe8ffffd16c30 [ 125.497778] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 125.498383] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 125.499054] FS: 000055557844a400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 125.499699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.500233] CR2: 00007f219386a000 CR3: 000000001f267000 CR4: 0000000000350ef0 [ 125.500875] Kernel panic - not syncing: Fatal exception in interrupt [ 125.501709] Kernel Offset: disabled [ 125.501998] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 12:06:39 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88806cf3c300 RCX=ffffffff816880fc RDX=ffff888016a3b700 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888046327988 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9c6bb1 R12=ffffed100d9e7861 R13=ffff88806cf3c308 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00005555906b4400 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe4c00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2d522000 CR3=000000000e479000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000ff0000 XMM01=00ff0000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00007f06b58b07c800007f06b58b07c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff8880451af0f0 R8 =0000000000000000 R9 =ffffed1001455046 R10=0000000000000000 R11=0000000065646f43 R12=0000000000000005 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f46e34b1700 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe6000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000555578453c58 CR3=000000000d7b1000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=ffffffffffffffffffffffffffffffff XMM03=ffffffffffffffffffffffffffffffff XMM04=ffffffffffffffffffffffffffffffff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000