Warning: Permanently added '[localhost]:36289' (ECDSA) to the list of known hosts.
2025/08/29 12:29:53 fuzzer started
2025/08/29 12:29:53 dialing manager at localhost:43077
syzkaller login: [   51.769724] cgroup: Unknown subsys name 'net'
[   51.823637] cgroup: Unknown subsys name 'cpuset'
[   51.835540] cgroup: Unknown subsys name 'rlimit'
2025/08/29 12:30:04 syscalls: 2214
2025/08/29 12:30:04 code coverage: enabled
2025/08/29 12:30:04 comparison tracing: enabled
2025/08/29 12:30:04 extra coverage: enabled
2025/08/29 12:30:04 setuid sandbox: enabled
2025/08/29 12:30:04 namespace sandbox: enabled
2025/08/29 12:30:04 Android sandbox: enabled
2025/08/29 12:30:04 fault injection: enabled
2025/08/29 12:30:04 leak checking: enabled
2025/08/29 12:30:04 net packet injection: enabled
2025/08/29 12:30:04 net device setup: enabled
2025/08/29 12:30:04 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 12:30:04 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 12:30:04 USB emulation: enabled
2025/08/29 12:30:04 hci packet injection: enabled
2025/08/29 12:30:04 wifi device emulation: enabled
2025/08/29 12:30:04 802.15.4 emulation: enabled
2025/08/29 12:30:04 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 12:30:04 fetching corpus: 50, signal 25012/28498 (executing program)
2025/08/29 12:30:04 fetching corpus: 100, signal 30677/35746 (executing program)
2025/08/29 12:30:04 fetching corpus: 150, signal 40098/46446 (executing program)
2025/08/29 12:30:04 fetching corpus: 200, signal 48524/56034 (executing program)
2025/08/29 12:30:05 fetching corpus: 250, signal 54301/62972 (executing program)
2025/08/29 12:30:05 fetching corpus: 300, signal 59965/69653 (executing program)
2025/08/29 12:30:05 fetching corpus: 350, signal 65623/76210 (executing program)
2025/08/29 12:30:05 fetching corpus: 400, signal 68045/79727 (executing program)
2025/08/29 12:30:05 fetching corpus: 450, signal 72353/84935 (executing program)
2025/08/29 12:30:05 fetching corpus: 500, signal 76774/90117 (executing program)
2025/08/29 12:30:05 fetching corpus: 550, signal 79982/94146 (executing program)
2025/08/29 12:30:05 fetching corpus: 600, signal 82732/97666 (executing program)
2025/08/29 12:30:05 fetching corpus: 650, signal 84542/100321 (executing program)
2025/08/29 12:30:05 fetching corpus: 700, signal 86230/102908 (executing program)
2025/08/29 12:30:05 fetching corpus: 750, signal 88384/105861 (executing program)
2025/08/29 12:30:06 fetching corpus: 800, signal 90197/108457 (executing program)
2025/08/29 12:30:06 fetching corpus: 850, signal 91969/111026 (executing program)
2025/08/29 12:30:06 fetching corpus: 900, signal 94129/113919 (executing program)
2025/08/29 12:30:06 fetching corpus: 950, signal 95696/116244 (executing program)
2025/08/29 12:30:06 fetching corpus: 1000, signal 99211/119996 (executing program)
2025/08/29 12:30:06 fetching corpus: 1050, signal 101484/122719 (executing program)
2025/08/29 12:30:06 fetching corpus: 1100, signal 102684/124611 (executing program)
2025/08/29 12:30:06 fetching corpus: 1150, signal 103645/126297 (executing program)
2025/08/29 12:30:06 fetching corpus: 1200, signal 104690/127998 (executing program)
2025/08/29 12:30:06 fetching corpus: 1250, signal 106560/130248 (executing program)
2025/08/29 12:30:06 fetching corpus: 1300, signal 108511/132661 (executing program)
2025/08/29 12:30:07 fetching corpus: 1350, signal 109860/134535 (executing program)
2025/08/29 12:30:07 fetching corpus: 1400, signal 111477/136563 (executing program)
2025/08/29 12:30:07 fetching corpus: 1450, signal 112657/138253 (executing program)
2025/08/29 12:30:07 fetching corpus: 1500, signal 113625/139802 (executing program)
2025/08/29 12:30:07 fetching corpus: 1550, signal 114823/141499 (executing program)
2025/08/29 12:30:07 fetching corpus: 1600, signal 115871/143071 (executing program)
2025/08/29 12:30:07 fetching corpus: 1650, signal 117587/144985 (executing program)
2025/08/29 12:30:07 fetching corpus: 1700, signal 118988/146665 (executing program)
2025/08/29 12:30:07 fetching corpus: 1750, signal 119987/148123 (executing program)
2025/08/29 12:30:08 fetching corpus: 1800, signal 121069/149640 (executing program)
2025/08/29 12:30:08 fetching corpus: 1850, signal 122410/151189 (executing program)
2025/08/29 12:30:08 fetching corpus: 1900, signal 123626/152680 (executing program)
2025/08/29 12:30:08 fetching corpus: 1950, signal 124533/153966 (executing program)
2025/08/29 12:30:08 fetching corpus: 2000, signal 125942/155491 (executing program)
2025/08/29 12:30:08 fetching corpus: 2050, signal 126821/156695 (executing program)
2025/08/29 12:30:08 fetching corpus: 2100, signal 127855/157957 (executing program)
2025/08/29 12:30:08 fetching corpus: 2150, signal 128363/158923 (executing program)
2025/08/29 12:30:08 fetching corpus: 2200, signal 129275/160077 (executing program)
2025/08/29 12:30:08 fetching corpus: 2250, signal 130226/161379 (executing program)
2025/08/29 12:30:08 fetching corpus: 2300, signal 131111/162550 (executing program)
2025/08/29 12:30:09 fetching corpus: 2350, signal 131866/163564 (executing program)
2025/08/29 12:30:09 fetching corpus: 2400, signal 132727/164627 (executing program)
2025/08/29 12:30:09 fetching corpus: 2450, signal 133759/165920 (executing program)
2025/08/29 12:30:09 fetching corpus: 2500, signal 134686/167135 (executing program)
2025/08/29 12:30:09 fetching corpus: 2550, signal 135483/168208 (executing program)
2025/08/29 12:30:09 fetching corpus: 2600, signal 136282/169167 (executing program)
2025/08/29 12:30:09 fetching corpus: 2650, signal 137273/170224 (executing program)
2025/08/29 12:30:09 fetching corpus: 2700, signal 137725/171041 (executing program)
2025/08/29 12:30:09 fetching corpus: 2750, signal 138636/172057 (executing program)
2025/08/29 12:30:09 fetching corpus: 2800, signal 139243/172888 (executing program)
2025/08/29 12:30:09 fetching corpus: 2850, signal 140016/173765 (executing program)
2025/08/29 12:30:10 fetching corpus: 2900, signal 141154/174780 (executing program)
2025/08/29 12:30:10 fetching corpus: 2950, signal 141951/175675 (executing program)
2025/08/29 12:30:10 fetching corpus: 3000, signal 142454/176404 (executing program)
2025/08/29 12:30:10 fetching corpus: 3050, signal 143230/177241 (executing program)
2025/08/29 12:30:10 fetching corpus: 3100, signal 143990/178018 (executing program)
2025/08/29 12:30:10 fetching corpus: 3150, signal 144610/178774 (executing program)
2025/08/29 12:30:10 fetching corpus: 3200, signal 145200/179480 (executing program)
2025/08/29 12:30:10 fetching corpus: 3250, signal 145765/180236 (executing program)
2025/08/29 12:30:10 fetching corpus: 3300, signal 146267/180920 (executing program)
2025/08/29 12:30:10 fetching corpus: 3350, signal 147135/181718 (executing program)
2025/08/29 12:30:11 fetching corpus: 3400, signal 147815/182478 (executing program)
2025/08/29 12:30:11 fetching corpus: 3450, signal 148525/183205 (executing program)
2025/08/29 12:30:11 fetching corpus: 3500, signal 148983/183860 (executing program)
2025/08/29 12:30:11 fetching corpus: 3550, signal 149616/184568 (executing program)
2025/08/29 12:30:11 fetching corpus: 3600, signal 150158/185232 (executing program)
2025/08/29 12:30:11 fetching corpus: 3650, signal 150726/185837 (executing program)
2025/08/29 12:30:11 fetching corpus: 3700, signal 151229/186467 (executing program)
2025/08/29 12:30:11 fetching corpus: 3750, signal 151661/187020 (executing program)
2025/08/29 12:30:11 fetching corpus: 3800, signal 152078/187573 (executing program)
2025/08/29 12:30:11 fetching corpus: 3850, signal 152510/188108 (executing program)
2025/08/29 12:30:11 fetching corpus: 3900, signal 153223/188721 (executing program)
2025/08/29 12:30:12 fetching corpus: 3950, signal 153655/189266 (executing program)
2025/08/29 12:30:12 fetching corpus: 4000, signal 154358/189825 (executing program)
2025/08/29 12:30:12 fetching corpus: 4050, signal 154882/190502 (executing program)
2025/08/29 12:30:12 fetching corpus: 4100, signal 155491/191027 (executing program)
2025/08/29 12:30:12 fetching corpus: 4150, signal 155966/191512 (executing program)
2025/08/29 12:30:12 fetching corpus: 4200, signal 156385/191980 (executing program)
2025/08/29 12:30:12 fetching corpus: 4250, signal 156710/192425 (executing program)
2025/08/29 12:30:12 fetching corpus: 4300, signal 157232/192899 (executing program)
2025/08/29 12:30:13 fetching corpus: 4350, signal 157612/193410 (executing program)
2025/08/29 12:30:13 fetching corpus: 4400, signal 158191/193899 (executing program)
2025/08/29 12:30:13 fetching corpus: 4450, signal 158708/194464 (executing program)
2025/08/29 12:30:13 fetching corpus: 4500, signal 159366/194923 (executing program)
2025/08/29 12:30:13 fetching corpus: 4550, signal 159823/195388 (executing program)
2025/08/29 12:30:13 fetching corpus: 4600, signal 160287/195779 (executing program)
2025/08/29 12:30:13 fetching corpus: 4650, signal 160777/196196 (executing program)
2025/08/29 12:30:13 fetching corpus: 4700, signal 161221/196608 (executing program)
2025/08/29 12:30:13 fetching corpus: 4750, signal 161981/196967 (executing program)
2025/08/29 12:30:13 fetching corpus: 4800, signal 162349/196975 (executing program)
2025/08/29 12:30:13 fetching corpus: 4850, signal 162759/197025 (executing program)
2025/08/29 12:30:14 fetching corpus: 4900, signal 163117/197031 (executing program)
2025/08/29 12:30:14 fetching corpus: 4950, signal 163917/197054 (executing program)
2025/08/29 12:30:14 fetching corpus: 5000, signal 164229/197059 (executing program)
2025/08/29 12:30:14 fetching corpus: 5050, signal 164614/197070 (executing program)
2025/08/29 12:30:14 fetching corpus: 5100, signal 164969/197092 (executing program)
2025/08/29 12:30:14 fetching corpus: 5150, signal 165703/197102 (executing program)
2025/08/29 12:30:14 fetching corpus: 5200, signal 166068/197141 (executing program)
2025/08/29 12:30:14 fetching corpus: 5250, signal 166346/197148 (executing program)
2025/08/29 12:30:14 fetching corpus: 5300, signal 166769/197192 (executing program)
2025/08/29 12:30:14 fetching corpus: 5350, signal 167286/197203 (executing program)
2025/08/29 12:30:14 fetching corpus: 5400, signal 167691/197203 (executing program)
2025/08/29 12:30:14 fetching corpus: 5450, signal 168253/197211 (executing program)
2025/08/29 12:30:14 fetching corpus: 5500, signal 168609/197216 (executing program)
2025/08/29 12:30:15 fetching corpus: 5550, signal 169048/197220 (executing program)
2025/08/29 12:30:15 fetching corpus: 5600, signal 169466/197229 (executing program)
2025/08/29 12:30:15 fetching corpus: 5650, signal 170034/197330 (executing program)
2025/08/29 12:30:15 fetching corpus: 5700, signal 170572/197359 (executing program)
2025/08/29 12:30:15 fetching corpus: 5750, signal 170894/197370 (executing program)
2025/08/29 12:30:15 fetching corpus: 5800, signal 171229/197377 (executing program)
2025/08/29 12:30:15 fetching corpus: 5850, signal 171643/197383 (executing program)
2025/08/29 12:30:15 fetching corpus: 5900, signal 172020/197427 (executing program)
2025/08/29 12:30:15 fetching corpus: 5950, signal 172825/197431 (executing program)
2025/08/29 12:30:15 fetching corpus: 6000, signal 173167/197434 (executing program)
2025/08/29 12:30:15 fetching corpus: 6050, signal 173506/197477 (executing program)
2025/08/29 12:30:15 fetching corpus: 6100, signal 173781/197481 (executing program)
2025/08/29 12:30:16 fetching corpus: 6150, signal 174123/197481 (executing program)
2025/08/29 12:30:16 fetching corpus: 6200, signal 174508/197484 (executing program)
2025/08/29 12:30:16 fetching corpus: 6250, signal 174844/197484 (executing program)
2025/08/29 12:30:16 fetching corpus: 6300, signal 175376/197484 (executing program)
2025/08/29 12:30:16 fetching corpus: 6350, signal 175690/197487 (executing program)
2025/08/29 12:30:16 fetching corpus: 6400, signal 175974/197534 (executing program)
2025/08/29 12:30:16 fetching corpus: 6450, signal 176230/197538 (executing program)
2025/08/29 12:30:16 fetching corpus: 6500, signal 176574/197570 (executing program)
2025/08/29 12:30:16 fetching corpus: 6550, signal 177009/197579 (executing program)
2025/08/29 12:30:16 fetching corpus: 6600, signal 177345/197585 (executing program)
2025/08/29 12:30:16 fetching corpus: 6650, signal 177657/197590 (executing program)
2025/08/29 12:30:17 fetching corpus: 6700, signal 178116/197603 (executing program)
2025/08/29 12:30:17 fetching corpus: 6750, signal 178586/197619 (executing program)
2025/08/29 12:30:17 fetching corpus: 6800, signal 178951/197628 (executing program)
2025/08/29 12:30:17 fetching corpus: 6850, signal 179192/197633 (executing program)
2025/08/29 12:30:17 fetching corpus: 6900, signal 179542/197640 (executing program)
2025/08/29 12:30:17 fetching corpus: 6950, signal 179862/197640 (executing program)
2025/08/29 12:30:17 fetching corpus: 7000, signal 180241/197644 (executing program)
2025/08/29 12:30:17 fetching corpus: 7050, signal 180511/197675 (executing program)
2025/08/29 12:30:17 fetching corpus: 7100, signal 180809/197681 (executing program)
2025/08/29 12:30:17 fetching corpus: 7150, signal 181032/197686 (executing program)
2025/08/29 12:30:17 fetching corpus: 7200, signal 181243/197701 (executing program)
2025/08/29 12:30:17 fetching corpus: 7250, signal 181480/197705 (executing program)
2025/08/29 12:30:18 fetching corpus: 7300, signal 181756/197707 (executing program)
2025/08/29 12:30:18 fetching corpus: 7350, signal 181992/197718 (executing program)
2025/08/29 12:30:18 fetching corpus: 7400, signal 182239/197727 (executing program)
2025/08/29 12:30:18 fetching corpus: 7450, signal 182550/197734 (executing program)
2025/08/29 12:30:18 fetching corpus: 7500, signal 182804/197737 (executing program)
2025/08/29 12:30:18 fetching corpus: 7549, signal 183227/197746 (executing program)
2025/08/29 12:30:18 fetching corpus: 7599, signal 183465/197746 (executing program)
2025/08/29 12:30:18 fetching corpus: 7649, signal 183724/197751 (executing program)
2025/08/29 12:30:18 fetching corpus: 7699, signal 184056/197757 (executing program)
2025/08/29 12:30:18 fetching corpus: 7748, signal 184299/197788 (executing program)
2025/08/29 12:30:18 fetching corpus: 7798, signal 184689/197801 (executing program)
2025/08/29 12:30:18 fetching corpus: 7848, signal 184955/197807 (executing program)
2025/08/29 12:30:18 fetching corpus: 7898, signal 185285/197820 (executing program)
2025/08/29 12:30:19 fetching corpus: 7948, signal 185630/197833 (executing program)
2025/08/29 12:30:19 fetching corpus: 7998, signal 185929/197836 (executing program)
2025/08/29 12:30:19 fetching corpus: 8048, signal 186184/197901 (executing program)
2025/08/29 12:30:19 fetching corpus: 8098, signal 186390/197908 (executing program)
2025/08/29 12:30:19 fetching corpus: 8148, signal 186704/197956 (executing program)
2025/08/29 12:30:19 fetching corpus: 8198, signal 186958/197990 (executing program)
2025/08/29 12:30:19 fetching corpus: 8248, signal 187157/197997 (executing program)
2025/08/29 12:30:19 fetching corpus: 8298, signal 187502/197998 (executing program)
2025/08/29 12:30:19 fetching corpus: 8348, signal 187744/198012 (executing program)
2025/08/29 12:30:19 fetching corpus: 8398, signal 187963/198014 (executing program)
2025/08/29 12:30:19 fetching corpus: 8448, signal 188227/198014 (executing program)
2025/08/29 12:30:19 fetching corpus: 8498, signal 188524/198017 (executing program)
2025/08/29 12:30:19 fetching corpus: 8548, signal 188867/198042 (executing program)
2025/08/29 12:30:20 fetching corpus: 8598, signal 189069/198049 (executing program)
2025/08/29 12:30:20 fetching corpus: 8648, signal 189387/198075 (executing program)
2025/08/29 12:30:20 fetching corpus: 8698, signal 189639/198076 (executing program)
2025/08/29 12:30:20 fetching corpus: 8748, signal 189851/198084 (executing program)
2025/08/29 12:30:20 fetching corpus: 8798, signal 190137/198087 (executing program)
2025/08/29 12:30:20 fetching corpus: 8848, signal 190386/198092 (executing program)
2025/08/29 12:30:20 fetching corpus: 8898, signal 190633/198096 (executing program)
2025/08/29 12:30:20 fetching corpus: 8948, signal 190787/198101 (executing program)
2025/08/29 12:30:20 fetching corpus: 8998, signal 190969/198115 (executing program)
2025/08/29 12:30:20 fetching corpus: 9048, signal 191290/198141 (executing program)
2025/08/29 12:30:20 fetching corpus: 9098, signal 191579/198150 (executing program)
2025/08/29 12:30:21 fetching corpus: 9148, signal 191788/198181 (executing program)
2025/08/29 12:30:21 fetching corpus: 9198, signal 192025/198183 (executing program)
2025/08/29 12:30:21 fetching corpus: 9248, signal 192267/198198 (executing program)
2025/08/29 12:30:21 fetching corpus: 9298, signal 192447/198222 (executing program)
2025/08/29 12:30:21 fetching corpus: 9348, signal 192673/198228 (executing program)
2025/08/29 12:30:21 fetching corpus: 9398, signal 192898/198241 (executing program)
2025/08/29 12:30:21 fetching corpus: 9448, signal 193227/198251 (executing program)
2025/08/29 12:30:21 fetching corpus: 9498, signal 193434/198255 (executing program)
2025/08/29 12:30:21 fetching corpus: 9548, signal 193734/198257 (executing program)
2025/08/29 12:30:21 fetching corpus: 9598, signal 193941/198259 (executing program)
2025/08/29 12:30:21 fetching corpus: 9648, signal 194341/198276 (executing program)
2025/08/29 12:30:21 fetching corpus: 9669, signal 194454/198276 (executing program)
2025/08/29 12:30:21 fetching corpus: 9669, signal 194454/198276 (executing program)
2025/08/29 12:30:24 starting 8 fuzzer processes
12:30:24 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000005ac0)=ANY=[@ANYBLOB="741200001200ffff"], 0x1274}], 0x1}, 0x0)
clock_gettime(0x0, &(0x7f0000005940))
recvmmsg(r0, &(0x7f0000005700)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0, 0x0)

12:30:24 executing program 4:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x2, &(0x7f0000000140)=[{0x34, 0x0, 0x0, 0x4}, {0x6}]})
syz_open_dev$tty20(0xc, 0x4, 0x1)

12:30:24 executing program 1:
syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), 0xffffffffffffffff)

12:30:24 executing program 5:
r0 = memfd_create(&(0x7f00000001c0)='--/)\x00', 0x0)
pread64(r0, 0x0, 0xf0ffffff7f0000, 0x0)

12:30:24 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef0100010000009f09c75f000000000000000001000000000000000b0000008000000038000000c20201006b04", 0x66, 0x400}, {&(0x7f00000100c0)="01000000000000000000000000000000000000000401", 0x16, 0x560}], 0x0, &(0x7f0000000780))

12:30:24 executing program 3:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000040)=0x5)
setuid(r2)
ioctl$CDROMREADMODE1(r0, 0x31f, 0x0)

12:30:24 executing program 7:
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x81)
writev(r0, &(0x7f0000001500)=[{&(0x7f0000000040)="12", 0x1}], 0x1)

[   82.205248] audit: type=1400 audit(1756470624.437:7): avc:  denied  { execmem } for  pid=271 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
12:30:24 executing program 6:
timer_create(0xa, 0x0, 0x0)

[   83.384671] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   83.387781] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.390044] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   83.395297] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   83.398039] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.453844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   83.457242] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   83.458812] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   83.460559] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   83.465589] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.466566] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.468956] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.474621] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.477023] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.477036] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.507541] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.516902] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   83.518714] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   83.527623] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   83.547503] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   83.581615] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   83.616727] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   83.620637] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   83.623168] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   83.629716] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   83.633091] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   83.640528] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   83.643761] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   83.645746] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   83.652057] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   83.657637] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   83.665583] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   83.668808] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   83.674951] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   83.677001] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   83.678324] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   83.708590] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   83.709838] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   83.760233] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   83.774971] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   85.478868] Bluetooth: hci0: command tx timeout
[   85.543392] Bluetooth: hci1: command tx timeout
[   85.544274] Bluetooth: hci2: command tx timeout
[   85.606486] Bluetooth: hci3: command tx timeout
[   85.734552] Bluetooth: hci6: command tx timeout
[   85.734780] Bluetooth: hci4: command tx timeout
[   85.798525] Bluetooth: hci5: command tx timeout
[   85.864381] Bluetooth: hci7: command tx timeout
[   87.526420] Bluetooth: hci0: command tx timeout
[   87.590465] Bluetooth: hci2: command tx timeout
[   87.590795] Bluetooth: hci1: command tx timeout
[   87.655461] Bluetooth: hci3: command tx timeout
[   87.782487] Bluetooth: hci4: command tx timeout
[   87.782964] Bluetooth: hci6: command tx timeout
[   87.846403] Bluetooth: hci5: command tx timeout
[   87.910412] Bluetooth: hci7: command tx timeout
[   89.575397] Bluetooth: hci0: command tx timeout
[   89.638407] Bluetooth: hci1: command tx timeout
[   89.638451] Bluetooth: hci2: command tx timeout
[   89.702595] Bluetooth: hci3: command tx timeout
[   89.830486] Bluetooth: hci6: command tx timeout
[   89.831257] Bluetooth: hci4: command tx timeout
[   89.894494] Bluetooth: hci5: command tx timeout
[   89.958533] Bluetooth: hci7: command tx timeout
[   91.622417] Bluetooth: hci0: command tx timeout
[   91.686576] Bluetooth: hci1: command tx timeout
[   91.687171] Bluetooth: hci2: command tx timeout
[   91.751388] Bluetooth: hci3: command tx timeout
[   91.878457] Bluetooth: hci6: command tx timeout
[   91.878542] Bluetooth: hci4: command tx timeout
[   91.943549] Bluetooth: hci5: command tx timeout
[   92.007484] Bluetooth: hci7: command tx timeout
[  120.704428] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.705135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.893452] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.894062] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.006121] kmemleak: Found object by alias at 0x607f1a6328cc
[  121.006140] CPU: 1 UID: 0 PID: 3748 Comm: (d-rfkill) Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  121.006159] Tainted: [W]=WARN
[  121.006162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  121.006170] Call Trace:
[  121.006174]  <TASK>
[  121.006179]  dump_stack_lvl+0xca/0x120
[  121.006208]  __lookup_object+0x94/0xb0
[  121.006226]  delete_object_full+0x27/0x70
[  121.006242]  free_percpu+0x30/0x1160
[  121.006259]  ? arch_uprobe_clear_state+0x16/0x140
[  121.006279]  futex_hash_free+0x38/0xc0
[  121.006294]  mmput+0x2d3/0x390
[  121.006313]  begin_new_exec+0x14bd/0x36c0
[  121.006335]  ? kernel_read+0xcb/0x230
[  121.006349]  load_elf_binary+0x855/0x4f70
[  121.006372]  ? load_misc_binary+0x979/0xcd0
[  121.006390]  ? __pfx_load_elf_binary+0x10/0x10
[  121.006405]  ? find_held_lock+0x2b/0x80
[  121.006423]  ? bprm_execve+0x8b7/0x15a0
[  121.006432]  ? lock_release+0xc8/0x290
[  121.006448]  bprm_execve+0x8d9/0x15a0
[  121.006462]  ? __pfx_bprm_execve+0x10/0x10
[  121.006478]  do_execveat_common+0x5b2/0x770
[  121.006490]  ? __pfx_do_execveat_common+0x10/0x10
[  121.006503]  ? getname_flags.part.0+0x1c6/0x540
[  121.006523]  __x64_sys_execve+0x95/0xc0
[  121.006535]  do_syscall_64+0xbf/0x360
[  121.006547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.006560] RIP: 0033:0x7f86a49e16c7
[  121.006576] Code: Unable to access opcode bytes at 0x7f86a49e169d.
[  121.006581] RSP: 002b:00007fff113a1768 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  121.006593] RAX: ffffffffffffffda RBX: 0000563481f6c690 RCX: 00007f86a49e16c7
[  121.006601] RDX: 0000563481f83e60 RSI: 0000563481f4e420 RDI: 0000563481f42a20
[  121.006608] RBP: 00007fff113a1960 R08: 0000563481f04870 R09: 0000000000000000
[  121.006615] R10: 0000563481f4e780 R11: 0000000000000246 R12: 0000563481f4e420
[  121.006623] R13: 0000000000000000 R14: 0000563481f88180 R15: 0000563481f4e420
[  121.006639]  </TASK>
[  121.006643] kmemleak: Object (percpu) 0x607f1a6328c8 (size 8):
[  121.006650] kmemleak:   comm "syz-executor.2", pid 277, jiffies 4294760507
[  121.006658] kmemleak:   min_count = 1
[  121.006661] kmemleak:   count = 0
[  121.006665] kmemleak:   flags = 0x21
[  121.006669] kmemleak:   checksum = 0
[  121.006673] kmemleak:   backtrace:
[  121.006676]  pcpu_alloc_noprof+0x87a/0x1170
[  121.006691]  fib6_nh_init+0x99a/0x1a00
[  121.006702]  ip6_route_info_create_nh+0x530/0xf80
[  121.006712]  ip6_route_add.part.0+0x59/0x170
[  121.006722]  ip6_route_add+0x48/0x60
[  121.006731]  addrconf_prefix_route+0x21c/0x300
[  121.006742]  addrconf_sit_config+0x6b9/0xa70
[  121.006756]  addrconf_notify+0x39a/0x1920
[  121.006772]  notifier_call_chain+0xc0/0x360
[  121.006782]  call_netdevice_notifiers_info+0xbe/0x140
[  121.006795]  __dev_notify_flags+0x11f/0x2d0
[  121.006808]  netif_change_flags+0x109/0x170
[  121.006822]  do_setlink.constprop.0+0xc4d/0x3df0
[  121.006838]  rtnl_newlink+0x14a8/0x1f30
[  121.006852]  rtnetlink_rcv_msg+0x9c6/0xfc0
[  121.006866]  netlink_rcv_skb+0x147/0x430
[  121.022595] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.031567] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.354450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.355104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.425982] loop2: detected capacity change from 0 to 5
[  121.440916] kmemleak: Cannot insert 0x607f1a6328cc into the object search tree (overlaps existing)
[  121.440933] CPU: 1 UID: 0 PID: 3804 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  121.440952] Tainted: [W]=WARN
[  121.440956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  121.440964] Call Trace:
[  121.440968]  <TASK>
[  121.440973]  dump_stack_lvl+0xca/0x120
[  121.441002]  __link_object+0x190/0x210
[  121.441022]  __create_object+0x48/0x80
[  121.441039]  pcpu_alloc_noprof+0x87a/0x1170
[  121.441065]  __percpu_init_rwsem+0x2d/0x160
[  121.441083]  ? security_sb_alloc+0x75/0x140
[  121.441101]  alloc_super+0x29e/0xb80
[  121.441116]  ? __pfx_super_s_dev_test+0x10/0x10
[  121.441133]  sget_fc+0xfe/0xb80
[  121.441145]  ? __pfx_super_s_dev_set+0x10/0x10
[  121.441163]  get_tree_bdev_flags+0x1b8/0x620
[  121.441174]  ? __pfx_ext4_fill_super+0x10/0x10
[  121.441194]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  121.441206]  ? cap_capable+0xdb/0x3b0
[  121.441224]  ? security_capable+0x2f/0x90
[  121.441240]  vfs_get_tree+0x93/0x340
[  121.441257]  path_mount+0x132d/0x1dd0
[  121.441273]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  121.441288]  ? __pfx_path_mount+0x10/0x10
[  121.441301]  ? kmem_cache_free+0x2a1/0x540
[  121.441313]  ? putname.part.0+0x11b/0x160
[  121.441335]  ? getname_flags.part.0+0x1c6/0x540
[  121.441353]  ? putname.part.0+0x11b/0x160
[  121.441371]  __x64_sys_mount+0x27b/0x300
[  121.441385]  ? __pfx___x64_sys_mount+0x10/0x10
[  121.441404]  do_syscall_64+0xbf/0x360
[  121.441416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.441429] RIP: 0033:0x7ff7c94d504a
[  121.441439] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  121.441451] RSP: 002b:00007ff7c6a48fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  121.441463] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007ff7c94d504a
[  121.441472] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ff7c6a49000
[  121.441480] RBP: 00007ff7c6a49040 R08: 00007ff7c6a49040 R09: 0000000020000000
[  121.441488] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[  121.441495] R13: 0000000020000100 R14: 00007ff7c6a49000 R15: 0000000020000780
[  121.441512]  </TASK>
[  121.441909] kmemleak: Kernel memory leak detector disabled
[  121.441913] kmemleak: Object (percpu) 0x607f1a6328c8 (size 8):
[  121.441920] kmemleak:   comm "syz-executor.2", pid 277, jiffies 4294760507
[  121.441928] kmemleak:   min_count = 1
[  121.441932] kmemleak:   count = 0
[  121.441936] kmemleak:   flags = 0x21
[  121.441940] kmemleak:   checksum = 0
[  121.441944] kmemleak:   backtrace:
[  121.441948]  pcpu_alloc_noprof+0x87a/0x1170
[  121.441964]  fib6_nh_init+0x99a/0x1a00
[  121.441975]  ip6_route_info_create_nh+0x530/0xf80
[  121.441986]  ip6_route_add.part.0+0x59/0x170
[  121.441996]  ip6_route_add+0x48/0x60
[  121.442006]  addrconf_prefix_route+0x21c/0x300
[  121.442018]  addrconf_sit_config+0x6b9/0xa70
[  121.442033]  addrconf_notify+0x39a/0x1920
[  121.442050]  notifier_call_chain+0xc0/0x360
[  121.442062]  call_netdevice_notifiers_info+0xbe/0x140
[  121.442074]  __dev_notify_flags+0x11f/0x2d0
[  121.442089]  netif_change_flags+0x109/0x170
[  121.442103]  do_setlink.constprop.0+0xc4d/0x3df0
[  121.442120]  rtnl_newlink+0x14a8/0x1f30
[  121.442135]  rtnetlink_rcv_msg+0x9c6/0xfc0
[  121.442150]  netlink_rcv_skb+0x147/0x430
[  121.469619] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.470248] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.501979] EXT4-fs (loop2): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  121.507598] kmemleak: Found object by alias at 0x607f1a6328cc
[  121.507612] CPU: 1 UID: 0 PID: 43 Comm: kworker/1:1 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  121.507629] Tainted: [W]=WARN
[  121.507633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  121.507640] Workqueue: events destroy_super_work
[  121.507661] Call Trace:
[  121.507665]  <TASK>
[  121.507670]  dump_stack_lvl+0xca/0x120
[  121.507688]  __lookup_object+0x94/0xb0
[  121.507703]  delete_object_full+0x27/0x70
[  121.507719]  free_percpu+0x30/0x1160
[  121.507738]  percpu_free_rwsem+0x53/0xa0
[  121.507755]  destroy_super_work+0xe3/0x150
[  121.507772]  process_one_work+0x8e1/0x19c0
[  121.507794]  ? __pfx_process_one_work+0x10/0x10
[  121.507808]  ? move_linked_works+0x172/0x270
[  121.507828]  ? assign_work+0x196/0x240
[  121.507843]  worker_thread+0x67e/0xe90
[  121.507857]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  121.507873]  ? __pfx_worker_thread+0x10/0x10
[  121.507887]  kthread+0x3c8/0x740
[  121.507900]  ? __pfx_kthread+0x10/0x10
[  121.507912]  ? ret_from_fork+0x23/0x430
[  121.507930]  ? lock_release+0xc8/0x290
[  121.507944]  ? __pfx_kthread+0x10/0x10
[  121.507957]  ret_from_fork+0x34b/0x430
[  121.507973]  ? __pfx_kthread+0x10/0x10
[  121.507985]  ret_from_fork_asm+0x1a/0x30
[  121.508008]  </TASK>
[  121.508012] kmemleak: Object (percpu) 0x607f1a6328c8 (size 8):
[  121.508019] kmemleak:   comm "syz-executor.2", pid 277, jiffies 4294760507
[  121.508027] kmemleak:   min_count = 1
[  121.508030] kmemleak:   count = 0
[  121.508034] kmemleak:   flags = 0x21
[  121.508038] kmemleak:   checksum = 0
[  121.508041] kmemleak:   backtrace:
[  121.508044]  pcpu_alloc_noprof+0x87a/0x1170
[  121.508059]  fib6_nh_init+0x99a/0x1a00
[  121.508068]  ip6_route_info_create_nh+0x530/0xf80
[  121.508078]  ip6_route_add.part.0+0x59/0x170
[  121.508088]  ip6_route_add+0x48/0x60
[  121.508097]  addrconf_prefix_route+0x21c/0x300
[  121.508107]  addrconf_sit_config+0x6b9/0xa70
[  121.508121]  addrconf_notify+0x39a/0x1920
[  121.508136]  notifier_call_chain+0xc0/0x360
[  121.508146]  call_netdevice_notifiers_info+0xbe/0x140
[  121.508156]  __dev_notify_flags+0x11f/0x2d0
[  121.508169]  netif_change_flags+0x109/0x170
[  121.508182]  do_setlink.constprop.0+0xc4d/0x3df0
[  121.508197]  rtnl_newlink+0x14a8/0x1f30
[  121.508210]  rtnetlink_rcv_msg+0x9c6/0xfc0
[  121.508224]  netlink_rcv_skb+0x147/0x430
[  121.532650] loop2: detected capacity change from 0 to 5
[  121.536488] EXT4-fs (loop2): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
12:31:03 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef0100010000009f09c75f000000000000000001000000000000000b0000008000000038000000c20201006b04", 0x66, 0x400}, {&(0x7f00000100c0)="01000000000000000000000000000000000000000401", 0x16, 0x560}], 0x0, &(0x7f0000000780))

[  121.582685] loop2: detected capacity change from 0 to 5
[  121.587468] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.588045] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.590407] EXT4-fs (loop2): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  121.611535] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.612160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:31:03 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef0100010000009f09c75f000000000000000001000000000000000b0000008000000038000000c20201006b04", 0x66, 0x400}, {&(0x7f00000100c0)="01000000000000000000000000000000000000000401", 0x16, 0x560}], 0x0, &(0x7f0000000780))

[  121.660235] loop2: detected capacity change from 0 to 5
[  121.663592] EXT4-fs (loop2): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
12:31:03 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000872000/0x4000)=nil, 0x4000, 0x17)
madvise(&(0x7f0000875000/0x4000)=nil, 0x4000, 0x15)

[  121.682227] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.682954] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.710151] audit: type=1400 audit(1756470663.936:8): avc:  denied  { open } for  pid=3838 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
12:31:03 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef0100010000009f09c75f000000000000000001000000000000000b0000008000000038000000c20201006b04", 0x66, 0x400}, {&(0x7f00000100c0)="01000000000000000000000000000000000000000401", 0x16, 0x560}], 0x0, &(0x7f0000000780))

[  121.717392] audit: type=1400 audit(1756470663.936:9): avc:  denied  { kernel } for  pid=3838 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.754871] loop2: detected capacity change from 0 to 5
[  121.764295] EXT4-fs (loop2): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  121.809234] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.809861] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:31:04 executing program 6:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r1=>0x0}, &(0x7f0000000040)=0x5)
setuid(r1)
utimes(&(0x7f0000000200)='./file0\x00', &(0x7f0000000540))

12:31:04 executing program 2:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RTC_SET_TIME(r0, 0x40187013, &(0x7f0000000000))

[  121.847436] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.848026] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
12:31:04 executing program 1:
r0 = syz_io_uring_setup(0x6ef9, &(0x7f0000000040), &(0x7f0000800000/0x800000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, 0x0, 0x0)

12:31:04 executing program 2:
r0 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x6, 0x0, r1)

[  121.996599] audit: type=1326 audit(1756470664.229:10): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3881 comm="syz-executor.4" exe="/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3f13ab6b19 code=0x0
[  122.056698] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.057421] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.081722] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.082311] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.129647] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.130276] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.158025] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.158779] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.168063] netlink: 4692 bytes leftover after parsing attributes in process `syz-executor.0'.
[  122.178568] netlink: 4692 bytes leftover after parsing attributes in process `syz-executor.0'.
[  122.179418] netlink: 4692 bytes leftover after parsing attributes in process `syz-executor.0'.
[  122.181204] netlink: 4692 bytes leftover after parsing attributes in process `syz-executor.0'.
[  122.182047] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.182625] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.221455] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.222083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.530956] kmemleak: Automatic memory scanning thread ended
[  122.832180] audit: type=1326 audit(1756470665.064:11): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3881 comm="syz-executor.4" exe="/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3f13ab6b19 code=0x0
12:31:05 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000040)={0x2})

12:31:05 executing program 5:
r0 = memfd_create(&(0x7f00000001c0)='--/)\x00', 0x0)
pread64(r0, 0x0, 0xf0ffffff7f0000, 0x0)

12:31:05 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000005ac0)=ANY=[@ANYBLOB="741200001200ffff"], 0x1274}], 0x1}, 0x0)
clock_gettime(0x0, &(0x7f0000005940))
recvmmsg(r0, &(0x7f0000005700)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0, 0x0)

12:31:05 executing program 2:
r0 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x6, 0x0, r1)

12:31:05 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup2(0x20100000, &(0x7f0000001580)='./file0\x00', &(0x7f00000015c0), 0x0, 0x0)

12:31:05 executing program 3:
modify_ldt$write(0x1, &(0x7f0000000080), 0x10)
modify_ldt$write(0xffffc90000000000, 0x0, 0x0)

12:31:05 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0x2, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000040), 0x4)

12:31:05 executing program 7:
r0 = epoll_create1(0x0)
r1 = eventfd(0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000))
read$eventfd(r1, &(0x7f00000010c0), 0x8)

[  122.955773] netlink: 4692 bytes leftover after parsing attributes in process `syz-executor.0'.
12:31:05 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000005ac0)=ANY=[@ANYBLOB="741200001200ffff"], 0x1274}], 0x1}, 0x0)
clock_gettime(0x0, &(0x7f0000005940))
recvmmsg(r0, &(0x7f0000005700)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0, 0x0)

[  122.966835] netlink: 4692 bytes leftover after parsing attributes in process `syz-executor.0'.
[  122.971406] netlink: 4692 bytes leftover after parsing attributes in process `syz-executor.0'.
12:31:05 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0)

12:31:05 executing program 6:
mlockall(0x2)
r0 = shmget$private(0x0, 0x5000, 0x1800, &(0x7f0000ffb000/0x5000)=nil)
shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x5000)

12:31:05 executing program 5:
r0 = memfd_create(&(0x7f00000001c0)='--/)\x00', 0x0)
pread64(r0, 0x0, 0xf0ffffff7f0000, 0x0)

12:31:05 executing program 2:
r0 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x6, 0x0, r1)

[  123.026634] netlink: 4692 bytes leftover after parsing attributes in process `syz-executor.3'.
[  123.040617] netlink: 4692 bytes leftover after parsing attributes in process `syz-executor.3'.
[  123.049548] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[  123.050683] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[  123.051435] CPU: 0 UID: 0 PID: 3940 Comm: syz-executor.7 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  123.052876] Tainted: [W]=WARN
[  123.053800] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  123.055916] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.057039] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.061594] RSP: 0018:ffff888047fbf300 EFLAGS: 00010012
[  123.062839] RAX: 0000000000000032 RBX: ffffffffffffffa3 RCX: ffffc9000ba5a000
[  123.063582] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000193
[  123.064306] RBP: ffff888047fbf570 R08: ffff88806ce31340 R09: ffffe8ffffc15f28
[  123.065029] R10: 0000000000000000 R11: 1ffff1100d9c6bb1 R12: dffffc0000000000
[  123.065746] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[  123.066478] FS:  00007f4b86f7c700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  123.067309] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.067896] CR2: 000055555e92bc98 CR3: 0000000020889000 CR4: 0000000000350ef0
[  123.068614] Call Trace:
[  123.068877]  <TASK>
[  123.069109]  ? __pfx_perf_tp_event+0x10/0x10
[  123.069566]  ? __lock_acquire+0xc65/0x1b70
[  123.070006]  ? do_raw_spin_lock+0x123/0x260
[  123.070444] netlink: 4692 bytes leftover after parsing attributes in process `syz-executor.3'.
[  123.070447]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  123.070473]  ? perf_trace_run_bpf_submit+0xef/0x180
[  123.072133]  perf_trace_run_bpf_submit+0xef/0x180
[  123.072624]  perf_trace_preemptirq_template+0x259/0x430
[  123.073167]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.073760]  ? smp_call_function_many_cond+0xeec/0x1110
[  123.074300]  ? smp_call_function_many_cond+0xef1/0x1110
[  123.074835]  ? trace_irq_disable.constprop.0+0x3b/0x100
[  123.075379]  ? smp_call_function_many_cond+0xef1/0x1110
[  123.075917]  trace_irq_disable.constprop.0+0xa6/0x100
[  123.076433]  smp_call_function_many_cond+0xef1/0x1110
[  123.076958]  ? __pfx_do_sync_core+0x10/0x10
[  123.077397]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  123.077961]  ? __pfx___text_poke+0x10/0x10
[  123.078385]  ? __pfx_do_sync_core+0x10/0x10
[  123.078818]  on_each_cpu_cond_mask+0x57/0xa0
[  123.079280]  smp_text_poke_batch_finish+0x36b/0xb50
[  123.079788]  ? __pfx___mutex_lock+0x10/0x10
[  123.080226]  ? trace_irq_disable.constprop.0+0x2/0x100
[  123.080747]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[  123.081293]  ? arch_jump_label_transform_queue+0xbd/0x110
[  123.081846]  ? __jump_label_update+0x29a/0x410
[  123.082314]  arch_jump_label_transform_apply+0x1c/0x30
[  123.082845]  jump_label_update+0x376/0x550
[  123.083285]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.083875]  static_key_enable_cpuslocked+0x1b7/0x270
[  123.084398]  static_key_enable+0x1a/0x20
[  123.084815]  tracepoint_add_func+0xaf2/0xec0
[  123.085268]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.085866]  tracepoint_probe_register+0xa4/0xf0
[  123.086343]  ? __pfx_tracepoint_probe_register+0x10/0x10
[  123.086881]  ? pcpu_obj_full_size+0x3c/0x90
[  123.087326]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.087921]  ? pcpu_alloc_noprof+0x12d/0x1170
[  123.088377]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  123.088891]  trace_event_reg+0x297/0x350
[  123.089307]  perf_trace_event_init+0x511/0xa10
[  123.089774]  perf_trace_init+0x1a4/0x2f0
[  123.090185]  perf_tp_event_init+0xa6/0x120
[  123.090619]  perf_try_init_event+0x140/0x9f0
[  123.091070]  perf_event_alloc.part.0+0x118e/0x45f0
[  123.091576]  ? perf_event_alloc.part.0+0x1074/0x45f0
[  123.092097]  ? __fget_files+0x203/0x3b0
[  123.092504]  ? __pfx_perf_event_alloc.part.0+0x10/0x10
[  123.093034]  ? find_held_lock+0x2b/0x80
[  123.093450]  ? __do_sys_perf_event_open+0x11df/0x2c20
[  123.093966]  __do_sys_perf_event_open+0x719/0x2c20
[  123.094461]  ? __pfx___do_sys_perf_event_open+0x10/0x10
[  123.094996]  ? find_held_lock+0x2b/0x80
[  123.095426]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  123.095948]  do_syscall_64+0xbf/0x360
[  123.096336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.096865] RIP: 0033:0x7f4b89a06b19
[  123.097256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.099100] RSP: 002b:00007f4b86f7c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  123.099884] RAX: ffffffffffffffda RBX: 00007f4b89b19f60 RCX: 00007f4b89a06b19
[  123.100605] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[  123.101321] RBP: 00007f4b89a60f6d R08: 0000000000000000 R09: 0000000000000000
[  123.102037] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  123.102755] R13: 00007ffe163cffff R14: 00007f4b86f7c300 R15: 0000000000022000
[  123.103511]  </TASK>
[  123.103752] Modules linked in:
[  123.104088] ---[ end trace 0000000000000000 ]---
[  123.104566] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.105048] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.106878] RSP: 0018:ffff888047fbf300 EFLAGS: 00010012
[  123.107424] RAX: 0000000000000032 RBX: ffffffffffffffa3 RCX: ffffc9000ba5a000
[  123.108142] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000193
[  123.108867] RBP: ffff888047fbf570 R08: ffff88806ce31340 R09: ffffe8ffffc15f28
[  123.109595] R10: 0000000000000000 R11: 1ffff1100d9c6bb1 R12: dffffc0000000000
[  123.110321] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[  123.111050] FS:  00007f4b86f7c700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  123.111889] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.112470] CR2: 000055555e92bc98 CR3: 0000000020889000 CR4: 0000000000350ef0
[  123.113171] note: syz-executor.7[3940] exited with irqs disabled
[  123.113856] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[  123.114959] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[  123.115716] CPU: 0 UID: 0 PID: 3940 Comm: syz-executor.7 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  123.116895] Tainted: [D]=DIE, [W]=WARN
[  123.117275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  123.118085] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.118559] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.120371] RSP: 0018:ffff88806ce08b40 EFLAGS: 00010012
[  123.120906] RAX: 0000000000000032 RBX: ffffffffffffffa3 RCX: 0000000000000002
[  123.121630] RDX: ffff8880174b0000 RSI: ffffffff818995b7 RDI: 0000000000000193
[  123.122355] RBP: ffff88806ce08db0 R08: ffff88806ce313e8 R09: ffffe8ffffc15f28
[  123.123074] R10: 0000000000000000 R11: 0000000000155cc0 R12: dffffc0000000000
[  123.123820] R13: 0000000000000014 R14: ffff88806ce313e8 R15: dffffc0000000000
[  123.124547] FS:  00007f4b86f7c700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  123.125367] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.125953] CR2: 000055555e92bc98 CR3: 0000000020889000 CR4: 0000000000350ef0
[  123.126681] Call Trace:
[  123.126959]  <IRQ>
[  123.127188]  ? __pfx_perf_tp_event+0x10/0x10
[  123.127669]  ? update_load_avg+0x17d/0x1ef0
[  123.128112]  ? update_cfs_group+0x11d/0x260
[  123.128558]  ? kvm_sched_clock_read+0x16/0x30
[  123.129031]  ? enqueue_task_fair+0xded/0x1e00
[  123.129498]  ? check_preempt_wakeup_fair+0x6e/0x950
[  123.130016]  ? wakeup_preempt+0x140/0x2a0
[  123.130439]  ? lock_release+0x1c7/0x290
[  123.130850]  ? lock_release+0x1c7/0x290
[  123.131277]  ? do_raw_spin_unlock+0x53/0x220
[  123.131727]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[  123.132238]  ? try_to_wake_up+0x8ae/0x11d0
[  123.132684]  ? perf_trace_run_bpf_submit+0xef/0x180
[  123.133203]  ? lock_release+0x1c7/0x290
[  123.133610]  perf_trace_run_bpf_submit+0xef/0x180
[  123.134113]  perf_trace_preemptirq_template+0x259/0x430
[  123.134665]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  123.135280]  ? run_timer_softirq+0x107/0x210
[  123.135736]  ? _raw_spin_lock_irq+0x42/0x50
[  123.136178]  ? trace_irq_disable.constprop.0+0x3b/0x100
[  123.136717]  ? _raw_spin_lock_irq+0x42/0x50
[  123.137153]  trace_irq_disable.constprop.0+0xa6/0x100
[  123.137683]  _raw_spin_lock_irq+0x42/0x50
[  123.138103]  run_timer_softirq+0x10f/0x210
[  123.138537]  handle_softirqs+0x1b1/0x770
[  123.138966]  __irq_exit_rcu+0xc4/0x100
[  123.139383]  irq_exit_rcu+0x9/0x20
[  123.139746]  sysvec_apic_timer_interrupt+0x70/0x80
[  123.140254]  </IRQ>
[  123.140490]  <TASK>
[  123.140724]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  123.141252] RIP: 0010:make_task_dead+0xa2/0x3b0
[  123.141724] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 <e8> b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de
[  123.143519] RSP: 0018:ffff888047fbff28 EFLAGS: 00000246
[  123.144058] RAX: 0000000000000001 RBX: ffff8880174b0000 RCX: ffffffff817c2b86
[  123.144768] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[  123.145486] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[  123.146188] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff8880174b0000
[  123.146893] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[  123.147620]  ? trace_irq_enable.constprop.0+0x26/0x100
[  123.148150]  ? make_task_dead+0x214/0x3b0
[  123.148575]  ? make_task_dead+0x214/0x3b0
[  123.148994]  ? do_syscall_64+0xbf/0x360
[  123.149396]  rewind_stack_and_make_dead+0x16/0x20
[  123.149894] RIP: 0033:0x7f4b89a06b19
[  123.150270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.152091] RSP: 002b:00007f4b86f7c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  123.152851] RAX: ffffffffffffffda RBX: 00007f4b89b19f60 RCX: 00007f4b89a06b19
[  123.153563] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[  123.154266] RBP: 00007f4b89a60f6d R08: 0000000000000000 R09: 0000000000000000
[  123.154977] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  123.155701] R13: 00007ffe163cffff R14: 00007f4b86f7c300 R15: 0000000000022000
[  123.156417]  </TASK>
[  123.156661] Modules linked in:
[  123.156993] ---[ end trace 0000000000000000 ]---
[  123.157467] RIP: 0010:perf_tp_event+0x175/0xe70
[  123.157955] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  123.159785] RSP: 0018:ffff888047fbf300 EFLAGS: 00010012
[  123.160314] RAX: 0000000000000032 RBX: ffffffffffffffa3 RCX: ffffc9000ba5a000
[  123.161019] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000193
[  123.161748] RBP: ffff888047fbf570 R08: ffff88806ce31340 R09: ffffe8ffffc15f28
[  123.162460] R10: 0000000000000000 R11: 1ffff1100d9c6bb1 R12: dffffc0000000000
[  123.163171] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[  123.163898] FS:  00007f4b86f7c700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[  123.164709] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.165301] CR2: 000055555e92bc98 CR3: 0000000020889000 CR4: 0000000000350ef0
[  123.166013] Kernel panic - not syncing: Fatal exception in interrupt
[  123.166857] Kernel Offset: disabled
[  123.167236] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
12:31:05  Registers:
info registers vcpu 0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888047fbebf0
R8 =0000000000000000 R9 =ffffed1001761046 R10=0000000000000020 R11=0000000065646f43
R12=0000000000000020 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f4b86f7c700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe2c00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055555e92bc98 CR3=0000000020889000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88800a2ffc18 RCX=0000000000000001 RDX=ffff88800a300001
RSI=ffff88800a2ffc08 RDI=ffff88800a2ff8c0 RBP=ffff88800a2f8000 RSP=ffff88800a2ff840
R8 =0000000000000001 R9 =ffff88800a2ff8f0 R10=000000000003be53 R11=0000000000024c42
R12=ffff88800a2ff901 R13=ffff88800a2ff8f8 R14=ffff88800a2ffc08 R15=ffff88800a2ff8b0
RIP=ffffffff813586ec RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 ffff888000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555575d9d708 CR3=00000000425e7000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000