Warning: Permanently added '[localhost]:48787' (ECDSA) to the list of known hosts.
2025/08/29 09:26:52 fuzzer started
2025/08/29 09:26:53 dialing manager at localhost:43077
syzkaller login: [ 52.324663] cgroup: Unknown subsys name 'net'
[ 52.419029] cgroup: Unknown subsys name 'cpuset'
[ 52.461162] cgroup: Unknown subsys name 'rlimit'
2025/08/29 09:27:03 syscalls: 2214
2025/08/29 09:27:03 code coverage: enabled
2025/08/29 09:27:03 comparison tracing: enabled
2025/08/29 09:27:03 extra coverage: enabled
2025/08/29 09:27:03 setuid sandbox: enabled
2025/08/29 09:27:03 namespace sandbox: enabled
2025/08/29 09:27:03 Android sandbox: enabled
2025/08/29 09:27:03 fault injection: enabled
2025/08/29 09:27:03 leak checking: enabled
2025/08/29 09:27:03 net packet injection: enabled
2025/08/29 09:27:03 net device setup: enabled
2025/08/29 09:27:03 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 09:27:03 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 09:27:03 USB emulation: enabled
2025/08/29 09:27:03 hci packet injection: enabled
2025/08/29 09:27:03 wifi device emulation: enabled
2025/08/29 09:27:03 802.15.4 emulation: enabled
2025/08/29 09:27:03 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 09:27:03 fetching corpus: 50, signal 24656/27938 (executing program)
2025/08/29 09:27:03 fetching corpus: 100, signal 40100/44413 (executing program)
2025/08/29 09:27:03 fetching corpus: 150, signal 46186/51636 (executing program)
2025/08/29 09:27:03 fetching corpus: 200, signal 52794/59166 (executing program)
2025/08/29 09:27:03 fetching corpus: 250, signal 56352/63733 (executing program)
2025/08/29 09:27:03 fetching corpus: 300, signal 58669/67071 (executing program)
2025/08/29 09:27:04 fetching corpus: 350, signal 63337/72503 (executing program)
2025/08/29 09:27:04 fetching corpus: 400, signal 68785/78446 (executing program)
2025/08/29 09:27:04 fetching corpus: 450, signal 73391/83562 (executing program)
2025/08/29 09:27:04 fetching corpus: 500, signal 77169/87781 (executing program)
2025/08/29 09:27:04 fetching corpus: 550, signal 78548/89911 (executing program)
2025/08/29 09:27:04 fetching corpus: 600, signal 80911/92819 (executing program)
2025/08/29 09:27:04 fetching corpus: 650, signal 83749/96068 (executing program)
2025/08/29 09:27:04 fetching corpus: 700, signal 85661/98484 (executing program)
2025/08/29 09:27:04 fetching corpus: 750, signal 88396/101546 (executing program)
2025/08/29 09:27:04 fetching corpus: 800, signal 90017/103729 (executing program)
2025/08/29 09:27:05 fetching corpus: 850, signal 92215/106274 (executing program)
2025/08/29 09:27:05 fetching corpus: 900, signal 93901/108351 (executing program)
2025/08/29 09:27:05 fetching corpus: 950, signal 96358/110924 (executing program)
2025/08/29 09:27:05 fetching corpus: 1000, signal 97865/112743 (executing program)
2025/08/29 09:27:05 fetching corpus: 1050, signal 98718/114078 (executing program)
2025/08/29 09:27:05 fetching corpus: 1100, signal 100293/115912 (executing program)
2025/08/29 09:27:05 fetching corpus: 1150, signal 102143/117831 (executing program)
2025/08/29 09:27:05 fetching corpus: 1200, signal 103666/119522 (executing program)
2025/08/29 09:27:05 fetching corpus: 1250, signal 105037/121057 (executing program)
2025/08/29 09:27:05 fetching corpus: 1300, signal 106096/122321 (executing program)
2025/08/29 09:27:06 fetching corpus: 1350, signal 108100/124181 (executing program)
2025/08/29 09:27:06 fetching corpus: 1400, signal 108831/125191 (executing program)
2025/08/29 09:27:06 fetching corpus: 1450, signal 110407/126775 (executing program)
2025/08/29 09:27:06 fetching corpus: 1500, signal 112241/128348 (executing program)
2025/08/29 09:27:06 fetching corpus: 1550, signal 113042/129296 (executing program)
2025/08/29 09:27:06 fetching corpus: 1600, signal 114155/130406 (executing program)
2025/08/29 09:27:06 fetching corpus: 1650, signal 115233/131526 (executing program)
2025/08/29 09:27:06 fetching corpus: 1700, signal 117158/133059 (executing program)
2025/08/29 09:27:07 fetching corpus: 1750, signal 118391/134105 (executing program)
2025/08/29 09:27:07 fetching corpus: 1800, signal 119016/134817 (executing program)
2025/08/29 09:27:07 fetching corpus: 1850, signal 120692/136165 (executing program)
2025/08/29 09:27:07 fetching corpus: 1900, signal 121723/137073 (executing program)
2025/08/29 09:27:07 fetching corpus: 1950, signal 122544/137887 (executing program)
2025/08/29 09:27:07 fetching corpus: 2000, signal 123441/138688 (executing program)
2025/08/29 09:27:07 fetching corpus: 2050, signal 124536/139551 (executing program)
2025/08/29 09:27:07 fetching corpus: 2100, signal 125572/140350 (executing program)
2025/08/29 09:27:07 fetching corpus: 2150, signal 126510/141157 (executing program)
2025/08/29 09:27:08 fetching corpus: 2200, signal 127471/141858 (executing program)
2025/08/29 09:27:08 fetching corpus: 2250, signal 128023/142455 (executing program)
2025/08/29 09:27:08 fetching corpus: 2300, signal 128903/143158 (executing program)
2025/08/29 09:27:08 fetching corpus: 2350, signal 129430/143639 (executing program)
2025/08/29 09:27:08 fetching corpus: 2400, signal 130404/144289 (executing program)
2025/08/29 09:27:08 fetching corpus: 2450, signal 131238/144859 (executing program)
2025/08/29 09:27:08 fetching corpus: 2500, signal 132146/145420 (executing program)
2025/08/29 09:27:08 fetching corpus: 2550, signal 133150/146002 (executing program)
2025/08/29 09:27:09 fetching corpus: 2600, signal 133978/146454 (executing program)
2025/08/29 09:27:09 fetching corpus: 2650, signal 134936/147012 (executing program)
2025/08/29 09:27:09 fetching corpus: 2700, signal 136086/147533 (executing program)
2025/08/29 09:27:09 fetching corpus: 2750, signal 136661/147925 (executing program)
2025/08/29 09:27:09 fetching corpus: 2800, signal 137528/148382 (executing program)
2025/08/29 09:27:09 fetching corpus: 2850, signal 138020/148701 (executing program)
2025/08/29 09:27:09 fetching corpus: 2900, signal 138559/148962 (executing program)
2025/08/29 09:27:10 fetching corpus: 2950, signal 139529/149434 (executing program)
2025/08/29 09:27:10 fetching corpus: 3000, signal 140345/149723 (executing program)
2025/08/29 09:27:10 fetching corpus: 3050, signal 140901/149974 (executing program)
2025/08/29 09:27:10 fetching corpus: 3100, signal 141413/150225 (executing program)
2025/08/29 09:27:10 fetching corpus: 3150, signal 142119/150467 (executing program)
2025/08/29 09:27:10 fetching corpus: 3200, signal 142660/150682 (executing program)
2025/08/29 09:27:10 fetching corpus: 3250, signal 143292/150890 (executing program)
2025/08/29 09:27:11 fetching corpus: 3300, signal 143973/151077 (executing program)
2025/08/29 09:27:11 fetching corpus: 3350, signal 144501/151224 (executing program)
2025/08/29 09:27:11 fetching corpus: 3400, signal 144869/151341 (executing program)
2025/08/29 09:27:11 fetching corpus: 3450, signal 145689/151557 (executing program)
2025/08/29 09:27:11 fetching corpus: 3500, signal 146240/151672 (executing program)
2025/08/29 09:27:11 fetching corpus: 3550, signal 146740/151774 (executing program)
2025/08/29 09:27:11 fetching corpus: 3600, signal 147295/151884 (executing program)
2025/08/29 09:27:11 fetching corpus: 3650, signal 147858/152054 (executing program)
2025/08/29 09:27:11 fetching corpus: 3700, signal 148307/152077 (executing program)
2025/08/29 09:27:11 fetching corpus: 3750, signal 148912/152088 (executing program)
2025/08/29 09:27:11 fetching corpus: 3795, signal 149778/152089 (executing program)
2025/08/29 09:27:11 fetching corpus: 3795, signal 149778/152089 (executing program)
2025/08/29 09:27:14 starting 8 fuzzer processes
09:27:14 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f0000000600)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
09:27:14 executing program 3:
set_mempolicy(0x3, &(0x7f0000000040)=0xffffffffffffffff, 0x5db)
set_mempolicy(0x0, 0x0, 0x0)
09:27:14 executing program 1:
r0 = io_uring_setup(0x5fff, &(0x7f0000000140))
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffd})
io_uring_register$IORING_REGISTER_FILES(r0, 0x1b, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
09:27:14 executing program 2:
r0 = epoll_create1(0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "b8a0f91c5c00"})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000180))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000280))
09:27:14 executing program 4:
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000380)=@ceph_nfs_fh={0x8, 0x80000}, 0x0)
09:27:14 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x14, 0x0, 0x0, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)
[ 73.193017] audit: type=1400 audit(1756459634.097:7): avc: denied { execmem } for pid=273 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
09:27:14 executing program 5:
r0 = semget$private(0x0, 0x5, 0x0)
semtimedop(r0, &(0x7f0000000100)=[{0x0, 0xff81}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x0, 0x1000}], 0x1)
09:27:14 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040))
[ 74.417711] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 74.420465] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 74.422420] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 74.426786] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 74.431112] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 74.440426] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 74.447530] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 74.453124] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 74.461786] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 74.468179] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 74.481332] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 74.487518] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 74.500216] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 74.517109] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 74.527557] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 74.540641] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 74.542865] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 74.543580] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 74.547806] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 74.551839] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 74.556653] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 74.562372] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 74.566461] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 74.588456] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 74.591496] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 74.602221] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 74.604453] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 74.609339] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 74.616310] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 74.627746] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 74.629585] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 74.638941] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 74.654414] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 74.660733] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 74.664228] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 74.668309] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 74.675434] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 74.677036] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 74.683790] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 74.693231] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 76.510530] Bluetooth: hci1: command tx timeout
[ 76.511176] Bluetooth: hci0: command tx timeout
[ 76.638627] Bluetooth: hci2: command tx timeout
[ 76.638696] Bluetooth: hci6: command tx timeout
[ 76.702153] Bluetooth: hci5: command tx timeout
[ 76.702864] Bluetooth: hci3: command tx timeout
[ 76.703384] Bluetooth: hci4: command tx timeout
[ 76.766128] Bluetooth: hci7: command tx timeout
[ 78.559391] Bluetooth: hci0: command tx timeout
[ 78.561189] Bluetooth: hci1: command tx timeout
[ 78.686129] Bluetooth: hci6: command tx timeout
[ 78.686882] Bluetooth: hci2: command tx timeout
[ 78.750328] Bluetooth: hci3: command tx timeout
[ 78.751249] Bluetooth: hci5: command tx timeout
[ 78.751272] Bluetooth: hci4: command tx timeout
[ 78.815494] Bluetooth: hci7: command tx timeout
[ 80.606692] Bluetooth: hci0: command tx timeout
[ 80.607156] Bluetooth: hci1: command tx timeout
[ 80.734120] Bluetooth: hci2: command tx timeout
[ 80.734559] Bluetooth: hci6: command tx timeout
[ 80.798723] Bluetooth: hci4: command tx timeout
[ 80.800134] Bluetooth: hci3: command tx timeout
[ 80.800247] Bluetooth: hci5: command tx timeout
[ 80.862213] Bluetooth: hci7: command tx timeout
[ 82.655095] Bluetooth: hci1: command tx timeout
[ 82.655142] Bluetooth: hci0: command tx timeout
[ 82.782144] Bluetooth: hci6: command tx timeout
[ 82.782183] Bluetooth: hci2: command tx timeout
[ 82.846178] Bluetooth: hci3: command tx timeout
[ 82.846633] Bluetooth: hci4: command tx timeout
[ 82.848078] Bluetooth: hci5: command tx timeout
[ 82.910127] Bluetooth: hci7: command tx timeout
[ 109.897285] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.897943] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.034689] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.035349] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.146442] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.147387] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.329763] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.330782] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.463085] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.463712] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.523476] audit: type=1400 audit(1756459671.426:8): avc: denied { open } for pid=3839 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 110.531126] audit: type=1400 audit(1756459671.427:9): avc: denied { kernel } for pid=3839 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 110.601858] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.602643] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.690631] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.691997] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.792075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.792727] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.894755] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.895535] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.006926] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.008201] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.039448] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.040010] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.077233] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.077811] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.150382] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.150967] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.197206] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.197814] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.222323] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.222911] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.265755] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.266371] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:27:52 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x14, 0x0, 0x0, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)
09:27:52 executing program 5:
r0 = semget$private(0x0, 0x5, 0x0)
semtimedop(r0, &(0x7f0000000100)=[{0x0, 0xff81}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x0, 0x1000}], 0x1)
09:27:52 executing program 3:
set_mempolicy(0x3, &(0x7f0000000040)=0xffffffffffffffff, 0x5db)
set_mempolicy(0x0, 0x0, 0x0)
09:27:52 executing program 1:
r0 = io_uring_setup(0x5fff, &(0x7f0000000140))
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffd})
io_uring_register$IORING_REGISTER_FILES(r0, 0x1b, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
09:27:52 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f0000000600)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
09:27:52 executing program 4:
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000380)=@ceph_nfs_fh={0x8, 0x80000}, 0x0)
09:27:52 executing program 2:
r0 = epoll_create1(0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "b8a0f91c5c00"})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000180))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000280))
09:27:52 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040))
09:27:52 executing program 3:
set_mempolicy(0x3, &(0x7f0000000040)=0xffffffffffffffff, 0x5db)
set_mempolicy(0x0, 0x0, 0x0)
09:27:52 executing program 4:
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000380)=@ceph_nfs_fh={0x8, 0x80000}, 0x0)
09:27:52 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x14, 0x0, 0x0, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)
09:27:52 executing program 2:
r0 = epoll_create1(0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "b8a0f91c5c00"})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000180))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000280))
09:27:52 executing program 1:
r0 = io_uring_setup(0x5fff, &(0x7f0000000140))
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffd})
io_uring_register$IORING_REGISTER_FILES(r0, 0x1b, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
09:27:52 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040))
09:27:52 executing program 5:
r0 = semget$private(0x0, 0x5, 0x0)
semtimedop(r0, &(0x7f0000000100)=[{0x0, 0xff81}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x0, 0x1000}], 0x1)
09:27:52 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f0000000600)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
09:27:52 executing program 1:
r0 = io_uring_setup(0x5fff, &(0x7f0000000140))
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffd})
io_uring_register$IORING_REGISTER_FILES(r0, 0x1b, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
09:27:52 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x14, 0x0, 0x0, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)
09:27:52 executing program 2:
r0 = epoll_create1(0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "b8a0f91c5c00"})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000180))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000280))
[ 111.698878] kmemleak: Found object by alias at 0x607f1a63965c
[ 111.698898] CPU: 0 UID: 0 PID: 3925 Comm: syz-executor.6 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 111.698916] Tainted: [W]=WARN
09:27:52 executing program 4:
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000380)=@ceph_nfs_fh={0x8, 0x80000}, 0x0)
[ 111.698920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.698927] Call Trace:
[ 111.698931]
[ 111.698936] dump_stack_lvl+0xca/0x120
[ 111.698963] __lookup_object+0x94/0xb0
[ 111.698980] delete_object_full+0x27/0x70
[ 111.698996] free_percpu+0x30/0x1160
[ 111.699012] ? arch_uprobe_clear_state+0x16/0x140
[ 111.699032] futex_hash_free+0x38/0xc0
[ 111.699060] mmput+0x2d3/0x390
[ 111.699079] do_exit+0x79d/0x2970
[ 111.699093] ? signal_wake_up_state+0x85/0x120
[ 111.699108] ? zap_other_threads+0x2b9/0x3a0
[ 111.699124] ? __pfx_do_exit+0x10/0x10
[ 111.699137] ? do_group_exit+0x1c3/0x2a0
[ 111.699150] ? lock_release+0xc8/0x290
[ 111.699167] do_group_exit+0xd3/0x2a0
[ 111.699181] __x64_sys_exit_group+0x3e/0x50
[ 111.699195] x64_sys_call+0x18c5/0x18d0
[ 111.699210] do_syscall_64+0xbf/0x360
09:27:52 executing program 5:
r0 = semget$private(0x0, 0x5, 0x0)
semtimedop(r0, &(0x7f0000000100)=[{0x0, 0xff81}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x0, 0x1000}], 0x1)
[ 111.699222] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.699234] RIP: 0033:0x7fe66794bb19
[ 111.699242] Code: Unable to access opcode bytes at 0x7fe66794baef.
[ 111.699247] RSP: 002b:00007ffc00941f28 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 111.699259] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe66794bb19
[ 111.699266] RDX: 00007fe6678fe72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 111.699273] RBP: 0000000000000000 R08: 0000001b2d6215e4 R09: 0000000000000000
[ 111.699281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 111.699287] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffc00942010
[ 111.699303]
[ 111.699307] kmemleak: Object (percpu) 0x607f1a639658 (size 8):
[ 111.699314] kmemleak: comm "syz-executor.0", pid 3930, jiffies 4294778454
[ 111.699321] kmemleak: min_count = 1
[ 111.699324] kmemleak: count = 0
[ 111.699328] kmemleak: flags = 0x21
[ 111.699332] kmemleak: checksum = 0
[ 111.699335] kmemleak: backtrace:
[ 111.699339] pcpu_alloc_noprof+0x87a/0x1170
[ 111.699353] perf_trace_event_init+0x366/0xa10
[ 111.699367] perf_trace_init+0x1a4/0x2f0
[ 111.699378] perf_tp_event_init+0xa6/0x120
[ 111.699394] perf_try_init_event+0x140/0x9f0
[ 111.699407] perf_event_alloc.part.0+0x118e/0x45f0
[ 111.699423] __do_sys_perf_event_open+0x719/0x2c20
[ 111.699436] do_syscall_64+0xbf/0x360
[ 111.699444] entry_SYSCALL_64_after_hwframe+0x77/0x7f
09:27:52 executing program 3:
set_mempolicy(0x3, &(0x7f0000000040)=0xffffffffffffffff, 0x5db)
set_mempolicy(0x0, 0x0, 0x0)
09:27:52 executing program 1:
r0 = semget$private(0x0, 0x5, 0x0)
semtimedop(r0, &(0x7f0000000100)=[{0x0, 0xff81}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x0, 0x1000}], 0x1)
09:27:52 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f0000000600)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
09:27:52 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000000040))
09:27:52 executing program 2:
r0 = epoll_create1(0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "b8a0f91c5c00"})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000180))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000280))
09:27:52 executing program 4:
pkey_mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0)
read(r0, &(0x7f0000000000), 0x2000)
09:27:52 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x1, 0x0, &(0x7f0000000080))
09:27:52 executing program 5:
timer_create(0x9, 0x0, &(0x7f00000007c0))
clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0})
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, r0+60000000}}, 0x0)
timer_gettime(0x0, &(0x7f0000000280))
09:27:52 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
[ 111.928733] kmemleak: Found object by alias at 0x607f1a63965c
[ 111.928752] CPU: 0 UID: 0 PID: 3949 Comm: syz-executor.6 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 111.928770] Tainted: [W]=WARN
[ 111.928774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.928781] Call Trace:
[ 111.928785]
[ 111.928790] dump_stack_lvl+0xca/0x120
[ 111.928821] __lookup_object+0x94/0xb0
[ 111.928838] delete_object_full+0x27/0x70
[ 111.928854] free_percpu+0x30/0x1160
[ 111.928871] ? arch_uprobe_clear_state+0x16/0x140
09:27:52 executing program 5:
timer_create(0x9, 0x0, &(0x7f00000007c0))
clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0})
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, r0+60000000}}, 0x0)
timer_gettime(0x0, &(0x7f0000000280))
[ 111.928891] futex_hash_free+0x38/0xc0
[ 111.928905] mmput+0x2d3/0x390
[ 111.928924] do_exit+0x79d/0x2970
[ 111.928937] ? signal_wake_up_state+0x85/0x120
[ 111.928953] ? zap_other_threads+0x2b9/0x3a0
[ 111.928968] ? __pfx_do_exit+0x10/0x10
[ 111.928980] ? do_group_exit+0x1c3/0x2a0
[ 111.928994] ? lock_release+0xc8/0x290
[ 111.929011] do_group_exit+0xd3/0x2a0
[ 111.929025] __x64_sys_exit_group+0x3e/0x50
[ 111.929044] x64_sys_call+0x18c5/0x18d0
[ 111.929059] do_syscall_64+0xbf/0x360
[ 111.929071] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.929082] RIP: 0033:0x7fe66794bb19
[ 111.929091] Code: Unable to access opcode bytes at 0x7fe66794baef.
[ 111.929096] RSP: 002b:00007ffc00941f28 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 111.929107] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe66794bb19
[ 111.929115] RDX: 00007fe6678fe72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 111.929123] RBP: 0000000000000000 R08: 0000001b2d6216b0 R09: 0000000000000000
[ 111.929130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 111.929136] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffc00942010
[ 111.929152]
[ 111.929155] kmemleak: Object (percpu) 0x607f1a639658 (size 8):
[ 111.929162] kmemleak: comm "syz-executor.4", pid 3948, jiffies 4294778679
[ 111.929169] kmemleak: min_count = 1
[ 111.929173] kmemleak: count = 0
[ 111.929177] kmemleak: flags = 0x21
[ 111.929181] kmemleak: checksum = 0
[ 111.929185] kmemleak: backtrace:
[ 111.929188] pcpu_alloc_noprof+0x87a/0x1170
[ 111.929203] percpu_ref_init+0x37/0x400
[ 111.929220] blkg_alloc+0xe9/0x7d0
[ 111.929232] blkg_create+0xe08/0x1420
[ 111.929243] bio_associate_blkg_from_css+0xe06/0x1380
[ 111.929257] bio_associate_blkg+0x10e/0x2a0
[ 111.929269] bio_init+0x2dd/0x570
[ 111.929281] bio_alloc_bioset+0x2cf/0x8c0
[ 111.929295] iomap_dio_alloc_bio.isra.0+0x88/0xc0
[ 111.929306] iomap_dio_bio_iter+0x8aa/0x1550
[ 111.929315] __iomap_dio_rw+0x10a1/0x1cf0
[ 111.929324] iomap_dio_rw+0x40/0xa0
[ 111.929333] ext4_file_read_iter+0x2f6/0x4a0
[ 111.929343] vfs_read+0x868/0xc70
[ 111.929353] ksys_read+0x121/0x240
[ 111.929362] do_syscall_64+0xbf/0x360
09:27:52 executing program 2:
r0 = epoll_create1(0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "b8a0f91c5c00"})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000180))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000280))
09:27:52 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x1, 0x0, &(0x7f0000000080))
09:27:52 executing program 1:
r0 = semget$private(0x0, 0x5, 0x0)
semtimedop(r0, &(0x7f0000000100)=[{0x0, 0xff81}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x0, 0x1000}], 0x1)
09:27:52 executing program 5:
timer_create(0x9, 0x0, &(0x7f00000007c0))
clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0})
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, r0+60000000}}, 0x0)
timer_gettime(0x0, &(0x7f0000000280))
09:27:53 executing program 5:
timer_create(0x9, 0x0, &(0x7f00000007c0))
clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0})
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, r0+60000000}}, 0x0)
timer_gettime(0x0, &(0x7f0000000280))
09:27:53 executing program 4:
pkey_mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0)
read(r0, &(0x7f0000000000), 0x2000)
09:27:53 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
09:27:53 executing program 0:
pkey_mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0)
read(r0, &(0x7f0000000000), 0x2000)
09:27:53 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x1, 0x0, &(0x7f0000000080))
09:27:53 executing program 2:
r0 = epoll_create1(0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "b8a0f91c5c00"})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000180))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000280))
09:27:53 executing program 1:
r0 = semget$private(0x0, 0x5, 0x0)
semtimedop(r0, &(0x7f0000000100)=[{0x0, 0xff81}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x0, 0x1000}], 0x1)
09:27:53 executing program 6:
timer_create(0x9, 0x0, &(0x7f00000007c0))
clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0})
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, r0+60000000}}, 0x0)
timer_gettime(0x0, &(0x7f0000000280))
09:27:53 executing program 4:
pkey_mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0)
read(r0, &(0x7f0000000000), 0x2000)
09:27:53 executing program 0:
pkey_mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0)
read(r0, &(0x7f0000000000), 0x2000)
09:27:53 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
[ 112.194864] kmemleak: Found object by alias at 0x607f1a63965c
[ 112.194883] CPU: 0 UID: 0 PID: 3981 Comm: syz-executor.6 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 112.194905] Tainted: [W]=WARN
[ 112.194909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 112.194916] Call Trace:
[ 112.194920]
[ 112.194925] dump_stack_lvl+0xca/0x120
[ 112.194951] __lookup_object+0x94/0xb0
[ 112.194969] delete_object_full+0x27/0x70
[ 112.194985] free_percpu+0x30/0x1160
[ 112.195001] ? arch_uprobe_clear_state+0x16/0x140
[ 112.195020] futex_hash_free+0x38/0xc0
[ 112.195035] mmput+0x2d3/0x390
[ 112.195060] do_exit+0x79d/0x2970
[ 112.195076] ? signal_wake_up_state+0x85/0x120
[ 112.195091] ? zap_other_threads+0x2b9/0x3a0
[ 112.195107] ? __pfx_do_exit+0x10/0x10
[ 112.195119] ? do_group_exit+0x1c3/0x2a0
[ 112.195132] ? lock_release+0xc8/0x290
[ 112.195149] do_group_exit+0xd3/0x2a0
[ 112.195164] __x64_sys_exit_group+0x3e/0x50
[ 112.195177] x64_sys_call+0x18c5/0x18d0
[ 112.195192] do_syscall_64+0xbf/0x360
[ 112.195204] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.195216] RIP: 0033:0x7fe66794bb19
[ 112.195225] Code: Unable to access opcode bytes at 0x7fe66794baef.
[ 112.195230] RSP: 002b:00007ffc00941f28 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 112.195242] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe66794bb19
[ 112.195250] RDX: 00007fe6678fe72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 112.195257] RBP: 0000000000000000 R08: 0000001b2d621870 R09: 0000000000000000
[ 112.195264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 112.195271] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffc00942010
[ 112.195287]
[ 112.195290] kmemleak: Object (percpu) 0x607f1a639658 (size 8):
[ 112.195297] kmemleak: comm "syz-executor.0", pid 3979, jiffies 4294778926
[ 112.195304] kmemleak: min_count = 1
[ 112.195308] kmemleak: count = 0
[ 112.195312] kmemleak: flags = 0x21
[ 112.195315] kmemleak: checksum = 0
[ 112.195319] kmemleak: backtrace:
[ 112.195323] pcpu_alloc_noprof+0x87a/0x1170
[ 112.195337] percpu_ref_init+0x37/0x400
[ 112.195355] blkg_alloc+0xe9/0x7d0
[ 112.195366] blkg_create+0xe08/0x1420
[ 112.195378] bio_associate_blkg_from_css+0xe06/0x1380
[ 112.195391] bio_associate_blkg+0x10e/0x2a0
[ 112.195403] bio_init+0x2dd/0x570
[ 112.195415] bio_alloc_bioset+0x2cf/0x8c0
[ 112.195429] iomap_dio_alloc_bio.isra.0+0x88/0xc0
[ 112.195440] iomap_dio_bio_iter+0x8aa/0x1550
[ 112.195449] __iomap_dio_rw+0x10a1/0x1cf0
[ 112.195458] iomap_dio_rw+0x40/0xa0
[ 112.195467] ext4_file_read_iter+0x2f6/0x4a0
[ 112.195477] vfs_read+0x868/0xc70
[ 112.195487] ksys_read+0x121/0x240
[ 112.195496] do_syscall_64+0xbf/0x360
09:27:53 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x1, 0x0, &(0x7f0000000080))
09:27:53 executing program 0:
pkey_mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0)
read(r0, &(0x7f0000000000), 0x2000)
09:27:53 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029e314a5f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610300000009000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400020820000400008000f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029e314a5f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0f0700000008000000ffffff0fffffff0f00"/64, 0x40, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0f0700000008000000ffffff0fffffff0f00"/64, 0x40, 0x4200}, {&(0x7f0000010700)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0f0700000008000000ffffff0fffffff0f00"/64, 0x40, 0x4400}, {&(0x7f0000010800)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0f0700000008000000ffffff0fffffff0f00"/64, 0x40, 0x4600}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200089eb70325132510000eb70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200089eb70325132510000eb70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200089eb70325132510000eb703251090064000000", 0x120, 0x4800}, {&(0x7f0000010b00)="2e20202020202020202020100089eb70325132510000eb7032510300000000002e2e202020202020202020100089eb70325132510000eb70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200089eb70325132510000eb70325104001a040000", 0x80, 0x5800}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x6800}, {&(0x7f0000011100)='syzkallers\x00'/32, 0x20, 0x7800}, {&(0x7f0000011200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0xb800}], 0x0, &(0x7f0000011300))
09:27:53 executing program 6:
timer_create(0x9, 0x0, &(0x7f00000007c0))
clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0})
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, r0+60000000}}, 0x0)
timer_gettime(0x0, &(0x7f0000000280))
09:27:53 executing program 7:
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/mnt\x00')
ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x8008b705, &(0x7f0000000040))
09:27:53 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
09:27:53 executing program 4:
pkey_mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0)
read(r0, &(0x7f0000000000), 0x2000)
09:27:53 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x117}, @void}}}, 0x1c}}, 0x0)
09:27:53 executing program 2:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='devpts\x00', 0xc0ed0000, 0x0)
[ 112.340356] loop5: detected capacity change from 0 to 184
09:27:53 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x117}, @void}}}, 0x1c}}, 0x0)
09:27:53 executing program 7:
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/mnt\x00')
ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x8008b705, &(0x7f0000000040))
09:27:53 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x25, 0x0, 0x0)
09:27:53 executing program 6:
timer_create(0x9, 0x0, &(0x7f00000007c0))
clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0})
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, r0+60000000}}, 0x0)
timer_gettime(0x0, &(0x7f0000000280))
09:27:53 executing program 4:
r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x1, 0x1)
ppoll(&(0x7f0000000380)=[{r0}], 0x1, &(0x7f0000000400), 0x0, 0x0)
write$snapshot(r0, &(0x7f0000000100)="83", 0x1)
09:27:53 executing program 2:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='devpts\x00', 0xc0ed0000, 0x0)
09:27:53 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x117}, @void}}}, 0x1c}}, 0x0)
[ 112.474894] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 112.475874] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 112.476493] CPU: 1 UID: 0 PID: 4020 Comm: syz-executor.5 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 112.478634] Tainted: [W]=WARN
[ 112.479269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 112.480995] RIP: 0010:perf_tp_event+0x175/0xe70
[ 112.482386] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 112.485785] RSP: 0018:ffff8880159b7800 EFLAGS: 00010212
[ 112.486222] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90005c0b000
[ 112.486798] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 112.487386] RBP: ffff8880159b7a70 R08: ffff88806cf31340 R09: ffffe8ffffd16658
[ 112.487945] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 112.488519] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000
[ 112.489090] FS: 00007f74b5819700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[ 112.489679] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 112.490136] CR2: 00007f74b83b7018 CR3: 000000000e20b000 CR4: 0000000000350ef0
[ 112.490723] Call Trace:
[ 112.490940]
[ 112.491139] ? __pfx_perf_tp_event+0x10/0x10
[ 112.491500] ? lock_is_held_type+0x9e/0x120
[ 112.491847] ? lock_is_held_type+0x9e/0x120
[ 112.492194] ? perf_trace_lock+0xb5/0x5d0
[ 112.492526] ? perf_trace_lock+0xb5/0x5d0
[ 112.492859] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.493226] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.493593] ? find_held_lock+0x2b/0x80
[ 112.493916] ? find_held_lock+0x2b/0x80
[ 112.494236] ? __perf_install_in_context+0x503/0xb90
[ 112.494641] ? lock_release+0xc8/0x290
[ 112.494951] ? do_raw_spin_unlock+0x53/0x220
[ 112.495319] ? perf_trace_run_bpf_submit+0xef/0x180
[ 112.495716] perf_trace_run_bpf_submit+0xef/0x180
[ 112.496111] perf_trace_lock+0x337/0x5d0
[ 112.496440] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.496808] ? lock_acquire+0x15e/0x2f0
[ 112.497132] ? futex_ref_get+0x48/0x300
[ 112.497452] ? futex_ref_get+0x114/0x300
[ 112.497770] ? futex_hash+0x15c/0x390
[ 112.498076] lock_release+0x1ab/0x290
[ 112.498384] ? futex_hash+0x15c/0x390
[ 112.498690] futex_ref_get+0x119/0x300
[ 112.499000] ? futex_hash+0x15c/0x390
[ 112.499310] futex_hash+0x70/0x390
[ 112.499604] futex_wake+0x143/0x540
[ 112.499899] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.500268] ? __pfx_futex_wake+0x10/0x10
[ 112.500607] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 112.501040] ? lock_release+0xc8/0x290
[ 112.501360] do_futex+0x26d/0x370
[ 112.501642] ? __pfx_do_futex+0x10/0x10
[ 112.501961] ? __pfx___do_sys_perf_event_open+0x10/0x10
[ 112.502381] ? find_held_lock+0x2b/0x80
[ 112.502704] __x64_sys_futex+0x1c9/0x4d0
[ 112.503030] ? __pfx___x64_sys_futex+0x10/0x10
[ 112.503411] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 112.503827] do_syscall_64+0xbf/0x360
[ 112.504132] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.504538] RIP: 0033:0x7f74b82a3b19
[ 112.504835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 112.506249] RSP: 002b:00007f74b5819218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 112.506837] RAX: ffffffffffffffda RBX: 00007f74b83b6f68 RCX: 00007f74b82a3b19
[ 112.507405] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f74b83b6f6c
[ 112.507961] RBP: 00007f74b83b6f60 R08: 000000000000000e R09: 0000000000000000
[ 112.508518] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f74b83b6f6c
[ 112.509069] R13: 00007fffb3a41f1f R14: 00007f74b5819300 R15: 0000000000022000
[ 112.509636]
[ 112.509825] Modules linked in:
[ 112.510112] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 112.510969] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 112.511563] CPU: 1 UID: 0 PID: 4020 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 112.512485] Tainted: [D]=DIE, [W]=WARN
[ 112.512795] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 112.513434] RIP: 0010:perf_tp_event+0x175/0xe70
[ 112.513805] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 112.515220] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012
[ 112.515634] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 112.516188] RDX: ffff8880158f8000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 112.516747] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd16658
[ 112.517302] R10: 0000000000000000 R11: ffff88806cf37018 R12: dffffc0000000000
[ 112.517854] R13: 0000000000000024 R14: ffff88806cf31490 R15: dffffc0000000000
[ 112.518407] FS: 00007f74b5819700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[ 112.519032] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 112.519489] CR2: 00007f74b83b7018 CR3: 000000000e20b000 CR4: 0000000000350ef0
[ 112.520043] Call Trace:
[ 112.520249]
[ 112.520428] ? __pfx_perf_tp_event+0x10/0x10
[ 112.520786] ? __lock_acquire+0xc65/0x1b70
[ 112.521128] ? match_held_lock+0xb2/0xd0
[ 112.521456] ? __lock_acquire+0x694/0x1b70
[ 112.521796] ? lock_acquire+0x15e/0x2f0
[ 112.522116] ? perf_trace_run_bpf_submit+0xef/0x180
[ 112.522519] perf_trace_run_bpf_submit+0xef/0x180
[ 112.522903] perf_trace_lock+0x337/0x5d0
[ 112.523235] ? place_entity+0x1c/0x410
[ 112.523547] ? kvm_sched_clock_read+0x16/0x30
[ 112.523906] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.524270] ? check_preempt_wakeup_fair+0x6e/0x950
[ 112.524666] ? sched_ttwu_pending+0x2e0/0x4a0
[ 112.525030] lock_release+0x1ab/0x290
[ 112.525332] ? ttwu_do_activate+0x1a4/0x8a0
[ 112.525674] _raw_spin_unlock+0x16/0x40
[ 112.525991] sched_ttwu_pending+0x2e0/0x4a0
[ 112.526337] ? __pfx_sched_ttwu_pending+0x10/0x10
[ 112.526723] __flush_smp_call_function_queue+0x434/0x740
[ 112.527160] __sysvec_call_function_single+0x6d/0x370
[ 112.527571] sysvec_call_function_single+0xa1/0xc0
[ 112.527959]
[ 112.528142]
[ 112.528324] asm_sysvec_call_function_single+0x1a/0x20
[ 112.528734] RIP: 0010:oops_exit+0x0/0x50
[ 112.529062] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27
[ 112.530471] RSP: 0018:ffff8880159b7690 EFLAGS: 00000202
[ 112.530885] RAX: 000000000002d5a0 RBX: 0000000000000216 RCX: ffffc90005c0b000
[ 112.531447] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007
[ 112.531998] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90
[ 112.532556] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880159b7758
[ 112.533109] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[ 112.533669] ? oops_end+0x4a/0xe0
[ 112.533954] oops_end+0x65/0xe0
[ 112.534225] exc_general_protection+0x1a2/0x330
[ 112.534599] asm_exc_general_protection+0x26/0x30
[ 112.534978] RIP: 0010:perf_tp_event+0x175/0xe70
[ 112.535355] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 112.536757] RSP: 0018:ffff8880159b7800 EFLAGS: 00010212
[ 112.537177] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90005c0b000
[ 112.537731] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 112.538283] RBP: ffff8880159b7a70 R08: ffff88806cf31340 R09: ffffe8ffffd16658
[ 112.538835] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 112.539395] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000
[ 112.539954] ? perf_tp_event+0x167/0xe70
[ 112.540287] ? __pfx_perf_tp_event+0x10/0x10
[ 112.540641] ? lock_is_held_type+0x9e/0x120
[ 112.540991] ? lock_is_held_type+0x9e/0x120
[ 112.541333] ? perf_trace_lock+0xb5/0x5d0
[ 112.541664] ? perf_trace_lock+0xb5/0x5d0
[ 112.541992] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.542354] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.542719] ? find_held_lock+0x2b/0x80
[ 112.543044] ? find_held_lock+0x2b/0x80
[ 112.543371] ? __perf_install_in_context+0x503/0xb90
[ 112.543769] ? lock_release+0xc8/0x290
[ 112.544079] ? do_raw_spin_unlock+0x53/0x220
[ 112.544435] ? perf_trace_run_bpf_submit+0xef/0x180
[ 112.544834] perf_trace_run_bpf_submit+0xef/0x180
[ 112.545219] perf_trace_lock+0x337/0x5d0
[ 112.545546] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.545910] ? lock_acquire+0x15e/0x2f0
[ 112.546228] ? futex_ref_get+0x48/0x300
[ 112.546540] ? futex_ref_get+0x114/0x300
[ 112.546863] ? futex_hash+0x15c/0x390
[ 112.547189] lock_release+0x1ab/0x290
[ 112.547511] ? futex_hash+0x15c/0x390
[ 112.547825] futex_ref_get+0x119/0x300
[ 112.548136] ? futex_hash+0x15c/0x390
[ 112.548442] futex_hash+0x70/0x390
[ 112.548728] futex_wake+0x143/0x540
[ 112.549024] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.549392] ? __pfx_futex_wake+0x10/0x10
[ 112.549726] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 112.550128] ? lock_release+0xc8/0x290
[ 112.550443] do_futex+0x26d/0x370
[ 112.550725] ? __pfx_do_futex+0x10/0x10
[ 112.551043] ? __pfx___do_sys_perf_event_open+0x10/0x10
[ 112.551469] ? find_held_lock+0x2b/0x80
[ 112.551793] __x64_sys_futex+0x1c9/0x4d0
[ 112.552120] ? __pfx___x64_sys_futex+0x10/0x10
[ 112.552489] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 112.552902] do_syscall_64+0xbf/0x360
[ 112.553204] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.553615] RIP: 0033:0x7f74b82a3b19
[ 112.553913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 112.555344] RSP: 002b:00007f74b5819218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 112.555941] RAX: ffffffffffffffda RBX: 00007f74b83b6f68 RCX: 00007f74b82a3b19
[ 112.556500] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f74b83b6f6c
[ 112.557057] RBP: 00007f74b83b6f60 R08: 000000000000000e R09: 0000000000000000
[ 112.557612] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f74b83b6f6c
[ 112.558166] R13: 00007fffb3a41f1f R14: 00007f74b5819300 R15: 0000000000022000
[ 112.558730]
[ 112.558918] Modules linked in:
[ 112.559184] ---[ end trace 0000000000000000 ]---
[ 112.559556] RIP: 0010:perf_tp_event+0x175/0xe70
[ 112.559931] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 112.561353] RSP: 0018:ffff8880159b7800 EFLAGS: 00010212
[ 112.561771] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90005c0b000
[ 112.562334] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 112.562895] RBP: ffff8880159b7a70 R08: ffff88806cf31340 R09: ffffe8ffffd16658
[ 112.563462] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 112.564020] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000
[ 112.564582] FS: 00007f74b5819700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[ 112.565212] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 112.565670] CR2: 00007f74b83b7018 CR3: 000000000e20b000 CR4: 0000000000350ef0
[ 112.566230] Kernel panic - not syncing: Fatal exception in interrupt
[ 113.608479] Shutting down cpus with NMI
[ 113.608890] Kernel Offset: disabled
[ 113.609175] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
09:27:53 Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=00007f07a76fc6c0 RCX=00000000000000fe RDX=00000000000000fd
RSI=0000000000090800 RDI=0000558c3ede9b30 RBP=0000558c3ee1bab0 RSP=00007ffe8b9e26c0
R8 =0000558c3edb45c0 R9 =00307570632f302f R10=0000000000000000 R11=0000000000000246
R12=0000000000000000 R13=0000558c3ede9b30 R14=0000558c3ede9b30 R15=0000558c3eddb700
RIP=00007f07a7bb0ed4 RFL=00000206 [-----P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f07a76fc8c0 00000000 00000000
GS =0000 0000000000000000 00000000 00000000
LDT=0000 fffffe5100000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f004f53b3a4 CR3=000000000c71b000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffff000000ff00000000000000000000
XMM02=00007f07a700307570632f302f716d2f XMM03=7269762f736563697665642f7379732f
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=0000558c3ede45000000558c3ede3fa0
XMM06=000000000000000000000004ffffffff XMM07=00000000000000000000000000000000
XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880159b70f0
R8 =0000000000000000 R9 =ffffed100166b046 R10=0000000000000030 R11=0000000065646f43
R12=0000000000000030 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f74b5819700 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe5100000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f74b83b7018 CR3=000000000e20b000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f74b838a7c000007f74b838a7c8
XMM02=00007f74b838a7e000007f74b838a7c0 XMM03=00007f74b838a7c800007f74b838a7c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000