Warning: Permanently added '[localhost]:55353' (ECDSA) to the list of known hosts. 2025/08/29 12:19:40 fuzzer started 2025/08/29 12:19:40 dialing manager at localhost:43077 syzkaller login: [ 50.882456] cgroup: Unknown subsys name 'net' [ 50.926935] cgroup: Unknown subsys name 'cpuset' [ 50.938687] cgroup: Unknown subsys name 'rlimit' 2025/08/29 12:19:51 syscalls: 2214 2025/08/29 12:19:51 code coverage: enabled 2025/08/29 12:19:51 comparison tracing: enabled 2025/08/29 12:19:51 extra coverage: enabled 2025/08/29 12:19:51 setuid sandbox: enabled 2025/08/29 12:19:51 namespace sandbox: enabled 2025/08/29 12:19:51 Android sandbox: enabled 2025/08/29 12:19:51 fault injection: enabled 2025/08/29 12:19:51 leak checking: enabled 2025/08/29 12:19:51 net packet injection: enabled 2025/08/29 12:19:51 net device setup: enabled 2025/08/29 12:19:51 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 12:19:51 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 12:19:51 USB emulation: enabled 2025/08/29 12:19:51 hci packet injection: enabled 2025/08/29 12:19:51 wifi device emulation: enabled 2025/08/29 12:19:51 802.15.4 emulation: enabled 2025/08/29 12:19:51 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 12:19:51 fetching corpus: 50, signal 18014/21666 (executing program) 2025/08/29 12:19:51 fetching corpus: 100, signal 24173/29427 (executing program) 2025/08/29 12:19:51 fetching corpus: 150, signal 31121/37861 (executing program) 2025/08/29 12:19:51 fetching corpus: 200, signal 39093/47093 (executing program) 2025/08/29 12:19:51 fetching corpus: 250, signal 46428/55562 (executing program) 2025/08/29 12:19:52 fetching corpus: 300, signal 57090/66989 (executing program) 2025/08/29 12:19:52 fetching corpus: 350, signal 61986/72924 (executing program) 2025/08/29 12:19:52 fetching corpus: 400, signal 65782/77708 (executing program) 2025/08/29 12:19:52 fetching corpus: 450, signal 69280/82191 (executing program) 2025/08/29 12:19:52 fetching corpus: 500, signal 71734/85667 (executing program) 2025/08/29 12:19:52 fetching corpus: 550, signal 75532/90215 (executing program) 2025/08/29 12:19:52 fetching corpus: 600, signal 78506/94063 (executing program) 2025/08/29 12:19:52 fetching corpus: 650, signal 81991/98211 (executing program) 2025/08/29 12:19:52 fetching corpus: 700, signal 84332/101355 (executing program) 2025/08/29 12:19:52 fetching corpus: 750, signal 85823/103768 (executing program) 2025/08/29 12:19:53 fetching corpus: 800, signal 89895/108183 (executing program) 2025/08/29 12:19:53 fetching corpus: 850, signal 91501/110534 (executing program) 2025/08/29 12:19:53 fetching corpus: 900, signal 92805/112621 (executing program) 2025/08/29 12:19:53 fetching corpus: 950, signal 94765/115234 (executing program) 2025/08/29 12:19:53 fetching corpus: 1000, signal 96131/117279 (executing program) 2025/08/29 12:19:53 fetching corpus: 1050, signal 100027/121265 (executing program) 2025/08/29 12:19:53 fetching corpus: 1100, signal 102421/124060 (executing program) 2025/08/29 12:19:53 fetching corpus: 1150, signal 104757/126740 (executing program) 2025/08/29 12:19:53 fetching corpus: 1200, signal 105820/128438 (executing program) 2025/08/29 12:19:53 fetching corpus: 1250, signal 107345/130438 (executing program) 2025/08/29 12:19:54 fetching corpus: 1300, signal 108513/132204 (executing program) 2025/08/29 12:19:54 fetching corpus: 1350, signal 109344/133699 (executing program) 2025/08/29 12:19:54 fetching corpus: 1400, signal 110616/135481 (executing program) 2025/08/29 12:19:54 fetching corpus: 1450, signal 111944/137265 (executing program) 2025/08/29 12:19:54 fetching corpus: 1500, signal 113155/138922 (executing program) 2025/08/29 12:19:54 fetching corpus: 1550, signal 114386/140595 (executing program) 2025/08/29 12:19:54 fetching corpus: 1600, signal 115365/142053 (executing program) 2025/08/29 12:19:54 fetching corpus: 1650, signal 116601/143652 (executing program) 2025/08/29 12:19:54 fetching corpus: 1700, signal 118528/145648 (executing program) 2025/08/29 12:19:54 fetching corpus: 1750, signal 120007/147329 (executing program) 2025/08/29 12:19:55 fetching corpus: 1799, signal 120963/148654 (executing program) 2025/08/29 12:19:55 fetching corpus: 1849, signal 121655/149814 (executing program) 2025/08/29 12:19:55 fetching corpus: 1899, signal 122489/151037 (executing program) 2025/08/29 12:19:55 fetching corpus: 1948, signal 122992/152090 (executing program) 2025/08/29 12:19:55 fetching corpus: 1997, signal 123730/153245 (executing program) 2025/08/29 12:19:55 fetching corpus: 2047, signal 124796/154542 (executing program) 2025/08/29 12:19:55 fetching corpus: 2097, signal 125558/155632 (executing program) 2025/08/29 12:19:55 fetching corpus: 2147, signal 126401/156830 (executing program) 2025/08/29 12:19:55 fetching corpus: 2197, signal 127038/157903 (executing program) 2025/08/29 12:19:55 fetching corpus: 2247, signal 127711/158969 (executing program) 2025/08/29 12:19:55 fetching corpus: 2297, signal 128503/160055 (executing program) 2025/08/29 12:19:56 fetching corpus: 2347, signal 129293/161176 (executing program) 2025/08/29 12:19:56 fetching corpus: 2397, signal 130261/162359 (executing program) 2025/08/29 12:19:56 fetching corpus: 2447, signal 130911/163351 (executing program) 2025/08/29 12:19:56 fetching corpus: 2497, signal 131573/164295 (executing program) 2025/08/29 12:19:56 fetching corpus: 2547, signal 132255/165242 (executing program) 2025/08/29 12:19:56 fetching corpus: 2597, signal 133105/166299 (executing program) 2025/08/29 12:19:56 fetching corpus: 2647, signal 134370/167465 (executing program) 2025/08/29 12:19:56 fetching corpus: 2697, signal 135165/168479 (executing program) 2025/08/29 12:19:56 fetching corpus: 2747, signal 135852/169388 (executing program) 2025/08/29 12:19:56 fetching corpus: 2797, signal 136363/170179 (executing program) 2025/08/29 12:19:57 fetching corpus: 2847, signal 137237/171105 (executing program) 2025/08/29 12:19:57 fetching corpus: 2897, signal 138281/172122 (executing program) 2025/08/29 12:19:57 fetching corpus: 2947, signal 138963/172925 (executing program) 2025/08/29 12:19:57 fetching corpus: 2997, signal 139458/173662 (executing program) 2025/08/29 12:19:57 fetching corpus: 3047, signal 140022/174436 (executing program) 2025/08/29 12:19:57 fetching corpus: 3097, signal 141356/175444 (executing program) 2025/08/29 12:19:57 fetching corpus: 3147, signal 141937/176164 (executing program) 2025/08/29 12:19:57 fetching corpus: 3197, signal 142528/176884 (executing program) 2025/08/29 12:19:57 fetching corpus: 3247, signal 143374/177638 (executing program) 2025/08/29 12:19:57 fetching corpus: 3297, signal 144030/178357 (executing program) 2025/08/29 12:19:57 fetching corpus: 3347, signal 144578/179041 (executing program) 2025/08/29 12:19:58 fetching corpus: 3397, signal 145442/180032 (executing program) 2025/08/29 12:19:58 fetching corpus: 3447, signal 145961/180671 (executing program) 2025/08/29 12:19:58 fetching corpus: 3497, signal 146462/181281 (executing program) 2025/08/29 12:19:58 fetching corpus: 3547, signal 147038/181900 (executing program) 2025/08/29 12:19:58 fetching corpus: 3597, signal 147437/182459 (executing program) 2025/08/29 12:19:58 fetching corpus: 3647, signal 148027/183083 (executing program) 2025/08/29 12:19:58 fetching corpus: 3697, signal 148572/183666 (executing program) 2025/08/29 12:19:58 fetching corpus: 3747, signal 149607/184346 (executing program) 2025/08/29 12:19:58 fetching corpus: 3797, signal 150161/184919 (executing program) 2025/08/29 12:19:58 fetching corpus: 3847, signal 150943/185507 (executing program) 2025/08/29 12:19:58 fetching corpus: 3897, signal 151783/186095 (executing program) 2025/08/29 12:19:59 fetching corpus: 3947, signal 152157/186667 (executing program) 2025/08/29 12:19:59 fetching corpus: 3997, signal 153173/187326 (executing program) 2025/08/29 12:19:59 fetching corpus: 4047, signal 154022/187849 (executing program) 2025/08/29 12:19:59 fetching corpus: 4097, signal 154681/188391 (executing program) 2025/08/29 12:19:59 fetching corpus: 4147, signal 155165/188895 (executing program) 2025/08/29 12:19:59 fetching corpus: 4197, signal 155633/189429 (executing program) 2025/08/29 12:19:59 fetching corpus: 4247, signal 156232/189946 (executing program) 2025/08/29 12:19:59 fetching corpus: 4297, signal 156679/190378 (executing program) 2025/08/29 12:19:59 fetching corpus: 4347, signal 157109/190777 (executing program) 2025/08/29 12:20:00 fetching corpus: 4397, signal 157589/191228 (executing program) 2025/08/29 12:20:00 fetching corpus: 4447, signal 158025/191658 (executing program) 2025/08/29 12:20:00 fetching corpus: 4497, signal 158502/192070 (executing program) 2025/08/29 12:20:00 fetching corpus: 4547, signal 158977/192517 (executing program) 2025/08/29 12:20:00 fetching corpus: 4597, signal 159502/192898 (executing program) 2025/08/29 12:20:00 fetching corpus: 4647, signal 160077/193360 (executing program) 2025/08/29 12:20:00 fetching corpus: 4697, signal 160490/193495 (executing program) 2025/08/29 12:20:00 fetching corpus: 4747, signal 160840/193495 (executing program) 2025/08/29 12:20:01 fetching corpus: 4797, signal 161362/193516 (executing program) 2025/08/29 12:20:01 fetching corpus: 4847, signal 161745/193522 (executing program) 2025/08/29 12:20:01 fetching corpus: 4897, signal 162109/193610 (executing program) 2025/08/29 12:20:01 fetching corpus: 4947, signal 162375/193625 (executing program) 2025/08/29 12:20:01 fetching corpus: 4997, signal 162888/193639 (executing program) 2025/08/29 12:20:01 fetching corpus: 5047, signal 163872/193639 (executing program) 2025/08/29 12:20:01 fetching corpus: 5097, signal 164441/193668 (executing program) 2025/08/29 12:20:01 fetching corpus: 5147, signal 164987/193673 (executing program) 2025/08/29 12:20:02 fetching corpus: 5197, signal 165323/193681 (executing program) 2025/08/29 12:20:02 fetching corpus: 5247, signal 165670/193685 (executing program) 2025/08/29 12:20:02 fetching corpus: 5297, signal 166088/193685 (executing program) 2025/08/29 12:20:02 fetching corpus: 5347, signal 166548/193698 (executing program) 2025/08/29 12:20:02 fetching corpus: 5397, signal 166911/193702 (executing program) 2025/08/29 12:20:02 fetching corpus: 5447, signal 167164/193718 (executing program) 2025/08/29 12:20:02 fetching corpus: 5497, signal 167611/193732 (executing program) 2025/08/29 12:20:02 fetching corpus: 5547, signal 168009/193745 (executing program) 2025/08/29 12:20:02 fetching corpus: 5597, signal 168477/193752 (executing program) 2025/08/29 12:20:02 fetching corpus: 5647, signal 168854/193761 (executing program) 2025/08/29 12:20:02 fetching corpus: 5697, signal 169346/193764 (executing program) 2025/08/29 12:20:03 fetching corpus: 5747, signal 169753/193787 (executing program) 2025/08/29 12:20:03 fetching corpus: 5797, signal 170162/193803 (executing program) 2025/08/29 12:20:03 fetching corpus: 5847, signal 170625/193823 (executing program) 2025/08/29 12:20:03 fetching corpus: 5897, signal 171028/193849 (executing program) 2025/08/29 12:20:03 fetching corpus: 5947, signal 171469/193855 (executing program) 2025/08/29 12:20:03 fetching corpus: 5997, signal 171769/193856 (executing program) 2025/08/29 12:20:03 fetching corpus: 6047, signal 172124/193866 (executing program) 2025/08/29 12:20:03 fetching corpus: 6097, signal 172650/193908 (executing program) 2025/08/29 12:20:03 fetching corpus: 6147, signal 173130/193912 (executing program) 2025/08/29 12:20:03 fetching corpus: 6197, signal 173470/193917 (executing program) 2025/08/29 12:20:04 fetching corpus: 6247, signal 173779/193917 (executing program) 2025/08/29 12:20:04 fetching corpus: 6297, signal 174166/193925 (executing program) 2025/08/29 12:20:04 fetching corpus: 6347, signal 174483/193975 (executing program) 2025/08/29 12:20:04 fetching corpus: 6397, signal 174897/193981 (executing program) 2025/08/29 12:20:04 fetching corpus: 6447, signal 175232/193987 (executing program) 2025/08/29 12:20:04 fetching corpus: 6497, signal 175508/193998 (executing program) 2025/08/29 12:20:04 fetching corpus: 6547, signal 175921/194011 (executing program) 2025/08/29 12:20:04 fetching corpus: 6597, signal 176326/194013 (executing program) 2025/08/29 12:20:04 fetching corpus: 6647, signal 176549/194015 (executing program) 2025/08/29 12:20:04 fetching corpus: 6697, signal 176913/194021 (executing program) 2025/08/29 12:20:04 fetching corpus: 6747, signal 177308/194107 (executing program) 2025/08/29 12:20:04 fetching corpus: 6797, signal 177555/194126 (executing program) 2025/08/29 12:20:05 fetching corpus: 6847, signal 177889/194131 (executing program) 2025/08/29 12:20:05 fetching corpus: 6897, signal 178250/194133 (executing program) 2025/08/29 12:20:05 fetching corpus: 6947, signal 178465/194137 (executing program) 2025/08/29 12:20:05 fetching corpus: 6997, signal 178844/194152 (executing program) 2025/08/29 12:20:05 fetching corpus: 7047, signal 179244/194153 (executing program) 2025/08/29 12:20:05 fetching corpus: 7097, signal 179656/194157 (executing program) 2025/08/29 12:20:05 fetching corpus: 7147, signal 180038/194158 (executing program) 2025/08/29 12:20:05 fetching corpus: 7197, signal 180333/194162 (executing program) 2025/08/29 12:20:05 fetching corpus: 7247, signal 180645/194259 (executing program) 2025/08/29 12:20:05 fetching corpus: 7297, signal 180891/194265 (executing program) 2025/08/29 12:20:05 fetching corpus: 7347, signal 181095/194288 (executing program) 2025/08/29 12:20:06 fetching corpus: 7397, signal 181346/194288 (executing program) 2025/08/29 12:20:06 fetching corpus: 7447, signal 181631/194292 (executing program) 2025/08/29 12:20:06 fetching corpus: 7497, signal 181854/194296 (executing program) 2025/08/29 12:20:06 fetching corpus: 7547, signal 182172/194322 (executing program) 2025/08/29 12:20:06 fetching corpus: 7597, signal 182464/194325 (executing program) 2025/08/29 12:20:06 fetching corpus: 7647, signal 182796/194338 (executing program) 2025/08/29 12:20:06 fetching corpus: 7697, signal 183060/194352 (executing program) 2025/08/29 12:20:06 fetching corpus: 7747, signal 183298/194357 (executing program) 2025/08/29 12:20:06 fetching corpus: 7797, signal 183548/194373 (executing program) 2025/08/29 12:20:06 fetching corpus: 7847, signal 183998/194389 (executing program) 2025/08/29 12:20:06 fetching corpus: 7897, signal 184280/194394 (executing program) 2025/08/29 12:20:07 fetching corpus: 7947, signal 184537/194442 (executing program) 2025/08/29 12:20:07 fetching corpus: 7997, signal 184768/194451 (executing program) 2025/08/29 12:20:07 fetching corpus: 8047, signal 185067/194451 (executing program) 2025/08/29 12:20:07 fetching corpus: 8097, signal 185323/194456 (executing program) 2025/08/29 12:20:07 fetching corpus: 8147, signal 185556/194470 (executing program) 2025/08/29 12:20:07 fetching corpus: 8197, signal 185946/194505 (executing program) 2025/08/29 12:20:07 fetching corpus: 8247, signal 186305/194510 (executing program) 2025/08/29 12:20:07 fetching corpus: 8297, signal 186570/194521 (executing program) 2025/08/29 12:20:08 fetching corpus: 8347, signal 186861/194531 (executing program) 2025/08/29 12:20:08 fetching corpus: 8397, signal 187137/194538 (executing program) 2025/08/29 12:20:08 fetching corpus: 8447, signal 187343/194548 (executing program) 2025/08/29 12:20:08 fetching corpus: 8497, signal 187501/194554 (executing program) 2025/08/29 12:20:08 fetching corpus: 8547, signal 187754/194556 (executing program) 2025/08/29 12:20:08 fetching corpus: 8597, signal 187982/194572 (executing program) 2025/08/29 12:20:08 fetching corpus: 8647, signal 188404/194580 (executing program) 2025/08/29 12:20:08 fetching corpus: 8697, signal 188734/194585 (executing program) 2025/08/29 12:20:08 fetching corpus: 8747, signal 188928/194589 (executing program) 2025/08/29 12:20:08 fetching corpus: 8797, signal 189383/194589 (executing program) 2025/08/29 12:20:08 fetching corpus: 8847, signal 189773/194589 (executing program) 2025/08/29 12:20:08 fetching corpus: 8897, signal 190013/194597 (executing program) 2025/08/29 12:20:09 fetching corpus: 8947, signal 190231/194601 (executing program) 2025/08/29 12:20:09 fetching corpus: 8997, signal 190590/194611 (executing program) 2025/08/29 12:20:09 fetching corpus: 9011, signal 190694/194611 (executing program) 2025/08/29 12:20:09 fetching corpus: 9011, signal 190694/194611 (executing program) 2025/08/29 12:20:11 starting 8 fuzzer processes 12:20:11 executing program 0: pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff) mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1) sigaltstack(&(0x7f0000ffd000/0x1000)=nil, 0x0) pkey_mprotect(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x2, 0xffffffffffffffff) 12:20:11 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x4000) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x2000000) 12:20:11 executing program 7: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f00000001c0)={0x0, 0x0, 0x41, 0x0, 0x0, r0, 0x0}]) 12:20:11 executing program 3: r0 = getpid() r1 = pidfd_open(r0, 0x0) waitid$P_PIDFD(0x2, r1, 0x0, 0x4, 0x0) 12:20:11 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x5) setuid(r2) ioctl$PIO_FONT(r0, 0x4b61, 0x0) 12:20:11 executing program 4: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/raw\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="b3530000000000000000190000000c00018008000100", @ANYRES32=r0], 0x20}}, 0x0) [ 81.689952] audit: type=1400 audit(1756470011.492:7): avc: denied { execmem } for pid=271 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 12:20:11 executing program 5: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0xa40024, &(0x7f0000000040)=ANY=[]) symlinkat(&(0x7f0000000040)='./file0/file0\x00', r0, &(0x7f0000000200)='./file0\x00') readlink(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000240)=""/207, 0xcf) readlink(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)=""/170, 0xaa) 12:20:11 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012e00)="ed", 0x1, 0x11080}], 0x0, &(0x7f0000000440)=ANY=[]) [ 82.909859] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.910420] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 82.913504] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.915840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 82.918812] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.919736] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 82.926914] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.929444] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 82.940156] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 82.943785] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 82.967304] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 82.982695] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 82.987849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 82.991164] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 82.993209] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.047124] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.052131] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 83.055807] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 83.062602] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 83.063904] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 83.065022] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 83.067268] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 83.068440] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 83.074050] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.081307] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 83.084273] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 83.086473] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 83.092603] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 83.094683] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.096902] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 83.171040] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 83.181782] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 83.193103] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 83.207617] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 83.226173] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 83.228250] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 83.241606] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 83.274557] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 83.286456] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 83.300742] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 85.001849] Bluetooth: hci0: command tx timeout [ 85.002916] Bluetooth: hci1: command tx timeout [ 85.065484] Bluetooth: hci2: command tx timeout [ 85.129679] Bluetooth: hci4: command tx timeout [ 85.129851] Bluetooth: hci3: command tx timeout [ 85.130323] Bluetooth: hci5: command tx timeout [ 85.385540] Bluetooth: hci6: command tx timeout [ 85.449444] Bluetooth: hci7: command tx timeout [ 87.049455] Bluetooth: hci0: command tx timeout [ 87.050398] Bluetooth: hci1: command tx timeout [ 87.113506] Bluetooth: hci2: command tx timeout [ 87.177754] Bluetooth: hci3: command tx timeout [ 87.178984] Bluetooth: hci4: command tx timeout [ 87.179753] Bluetooth: hci5: command tx timeout [ 87.433576] Bluetooth: hci6: command tx timeout [ 87.497477] Bluetooth: hci7: command tx timeout [ 89.098439] Bluetooth: hci0: command tx timeout [ 89.099262] Bluetooth: hci1: command tx timeout [ 89.161659] Bluetooth: hci2: command tx timeout [ 89.225469] Bluetooth: hci3: command tx timeout [ 89.226306] Bluetooth: hci4: command tx timeout [ 89.226331] Bluetooth: hci5: command tx timeout [ 89.482540] Bluetooth: hci6: command tx timeout [ 89.545473] Bluetooth: hci7: command tx timeout [ 91.145684] Bluetooth: hci1: command tx timeout [ 91.146504] Bluetooth: hci0: command tx timeout [ 91.211181] Bluetooth: hci2: command tx timeout [ 91.273471] Bluetooth: hci5: command tx timeout [ 91.274216] Bluetooth: hci4: command tx timeout [ 91.275058] Bluetooth: hci3: command tx timeout [ 91.529522] Bluetooth: hci6: command tx timeout [ 91.593455] Bluetooth: hci7: command tx timeout [ 119.262460] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.263134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.468704] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.469350] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.242402] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.243020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.391010] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.392015] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.508709] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.510323] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.624763] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.625396] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.710709] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.711325] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.814102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.814783] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.976301] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.977413] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.051778] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.052629] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.059450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.060037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.183015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.183698] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.301674] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.302254] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.336064] audit: type=1400 audit(1756470051.138:8): avc: denied { open } for pid=3883 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 121.339457] audit: type=1400 audit(1756470051.138:9): avc: denied { kernel } for pid=3883 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 121.391193] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.391916] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.437334] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.438613] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.499891] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.500500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.651815] loop6: detected capacity change from 0 to 512 [ 121.659991] EXT4-fs error (device loop6): __ext4_fill_super:5510: inode #2: comm syz-executor.6: iget: special inode unallocated [ 121.661647] EXT4-fs (loop6): get root inode failed [ 121.662064] EXT4-fs (loop6): mount failed 12:20:51 executing program 1: syz_emit_ethernet(0x68, &(0x7f0000000280)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x32, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @mcast1={0x0}, @mcast1={0x0}, [{0x0, 0x1, "424d71cdb998543d"}]}}}}}}, 0x0) 12:20:51 executing program 4: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/raw\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="b3530000000000000000190000000c00018008000100", @ANYRES32=r0], 0x20}}, 0x0) 12:20:51 executing program 7: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f00000001c0)={0x0, 0x0, 0x41, 0x0, 0x0, r0, 0x0}]) 12:20:51 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETAW(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "304d7bb14af5b65b"}) 12:20:51 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) close(r0) 12:20:51 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)={0x1c, r1, 0x301, 0x0, 0x0, {{0x11}, {@val={0x8, 0xc00e}, @void}}}, 0x1c}}, 0x0) 12:20:51 executing program 0: pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff) mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1) sigaltstack(&(0x7f0000ffd000/0x1000)=nil, 0x0) pkey_mprotect(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x2, 0xffffffffffffffff) 12:20:51 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012e00)="ed", 0x1, 0x11080}], 0x0, &(0x7f0000000440)=ANY=[]) [ 121.743239] loop6: detected capacity change from 0 to 512 12:20:51 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)={0x1c, r1, 0x301, 0x0, 0x0, {{0x11}, {@val={0x8, 0xc00e}, @void}}}, 0x1c}}, 0x0) 12:20:51 executing program 5: pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff) mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1) sigaltstack(&(0x7f0000ffd000/0x1000)=nil, 0x0) pkey_mprotect(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x2, 0xffffffffffffffff) 12:20:51 executing program 0: pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff) mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1) sigaltstack(&(0x7f0000ffd000/0x1000)=nil, 0x0) pkey_mprotect(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x2, 0xffffffffffffffff) [ 121.778067] EXT4-fs error (device loop6): __ext4_fill_super:5510: inode #2: comm syz-executor.6: iget: special inode unallocated 12:20:51 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0) r1 = dup(r0) ioctl$VT_ACTIVATE(r1, 0x5386, 0x8000000000004) [ 121.780897] EXT4-fs (loop6): get root inode failed [ 121.781279] EXT4-fs (loop6): mount failed 12:20:51 executing program 4: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/raw\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="b3530000000000000000190000000c00018008000100", @ANYRES32=r0], 0x20}}, 0x0) 12:20:51 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETAW(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "304d7bb14af5b65b"}) 12:20:51 executing program 7: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f00000001c0)={0x0, 0x0, 0x41, 0x0, 0x0, r0, 0x0}]) 12:20:51 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012e00)="ed", 0x1, 0x11080}], 0x0, &(0x7f0000000440)=ANY=[]) 12:20:51 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETAW(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "304d7bb14af5b65b"}) [ 121.902368] kmemleak: Found object by alias at 0x607f1a63a42c [ 121.902391] CPU: 0 UID: 0 PID: 3927 Comm: syz-executor.4 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 121.902410] Tainted: [W]=WARN 12:20:51 executing program 0: pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff) mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1) sigaltstack(&(0x7f0000ffd000/0x1000)=nil, 0x0) pkey_mprotect(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x2, 0xffffffffffffffff) [ 121.902414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.902421] Call Trace: [ 121.902425] [ 121.902429] dump_stack_lvl+0xca/0x120 [ 121.902455] __lookup_object+0x94/0xb0 [ 121.902472] delete_object_full+0x27/0x70 [ 121.902489] free_percpu+0x30/0x1160 [ 121.902505] ? arch_uprobe_clear_state+0x16/0x140 [ 121.902525] futex_hash_free+0x38/0xc0 [ 121.902539] mmput+0x2d3/0x390 [ 121.902558] do_exit+0x79d/0x2970 [ 121.902572] ? signal_wake_up_state+0x85/0x120 [ 121.902588] ? zap_other_threads+0x2b9/0x3a0 [ 121.902604] ? __pfx_do_exit+0x10/0x10 [ 121.902616] ? do_group_exit+0x1c3/0x2a0 [ 121.902629] ? lock_release+0xc8/0x290 [ 121.902651] do_group_exit+0xd3/0x2a0 [ 121.902665] __x64_sys_exit_group+0x3e/0x50 [ 121.902679] x64_sys_call+0x18c5/0x18d0 [ 121.902694] do_syscall_64+0xbf/0x360 [ 121.902707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.902718] RIP: 0033:0x7f8c80844b19 [ 121.902727] Code: Unable to access opcode bytes at 0x7f8c80844aef. [ 121.902732] RSP: 002b:00007ffc9b97c8f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.902744] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f8c80844b19 [ 121.902752] RDX: 00007f8c807f772b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 121.902759] RBP: 0000000000000000 R08: 0000001b2d027bec R09: 0000000000000000 [ 121.902766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.902773] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffc9b97c9e0 [ 121.902789] [ 121.902793] kmemleak: Object (percpu) 0x607f1a63a428 (size 8): [ 121.902799] kmemleak: comm "syz-executor.7", pid 3932, jiffies 4294788578 [ 121.902806] kmemleak: min_count = 1 [ 121.902810] kmemleak: count = 0 [ 121.902814] kmemleak: flags = 0x21 [ 121.902817] kmemleak: checksum = 0 [ 121.902821] kmemleak: backtrace: [ 121.902825] pcpu_alloc_noprof+0x87a/0x1170 [ 121.902840] perf_trace_event_init+0x366/0xa10 [ 121.902853] perf_trace_init+0x1a4/0x2f0 [ 121.902865] perf_tp_event_init+0xa6/0x120 [ 121.902881] perf_try_init_event+0x140/0x9f0 [ 121.902893] perf_event_alloc.part.0+0x118e/0x45f0 [ 121.902910] __do_sys_perf_event_open+0x719/0x2c20 [ 121.902922] do_syscall_64+0xbf/0x360 [ 121.902931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.959449] loop6: detected capacity change from 0 to 512 [ 121.980089] kmemleak: Cannot insert 0x607f1a63a42c into the object search tree (overlaps existing) [ 121.980114] CPU: 0 UID: 0 PID: 3937 Comm: syz-executor.6 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 121.980133] Tainted: [W]=WARN [ 121.980137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.980145] Call Trace: [ 121.980149] [ 121.980154] dump_stack_lvl+0xca/0x120 [ 121.980179] __link_object+0x190/0x210 [ 121.980199] __create_object+0x48/0x80 [ 121.980216] pcpu_alloc_noprof+0x87a/0x1170 [ 121.980242] __percpu_counter_init_many+0x44/0x360 [ 121.980261] ext4_es_register_shrinker+0x1f0/0x430 [ 121.980284] ext4_fill_super+0x6ab3/0xba20 [ 121.980316] ? __pfx_ext4_fill_super+0x10/0x10 [ 121.980333] ? find_held_lock+0x2b/0x80 [ 121.980352] ? setup_bdev_super+0x2ed/0x6e0 [ 121.980371] ? set_blocksize+0x1b4/0x470 [ 121.980383] ? lock_release+0xc8/0x290 [ 121.980398] ? sb_set_blocksize+0x177/0x1c0 [ 121.980409] ? setup_bdev_super+0x31f/0x6e0 [ 121.980429] get_tree_bdev_flags+0x38a/0x620 [ 121.980440] ? __pfx_ext4_fill_super+0x10/0x10 [ 121.980458] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 121.980470] ? cap_capable+0xdb/0x3b0 [ 121.980489] ? security_capable+0x2f/0x90 [ 121.980505] vfs_get_tree+0x93/0x340 [ 121.980523] path_mount+0x132d/0x1dd0 [ 121.980538] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 121.980553] ? __pfx_path_mount+0x10/0x10 [ 121.980566] ? kmem_cache_free+0x2a1/0x540 [ 121.980578] ? putname.part.0+0x11b/0x160 [ 121.980595] ? getname_flags.part.0+0x1c6/0x540 [ 121.980613] ? putname.part.0+0x11b/0x160 [ 121.980631] __x64_sys_mount+0x27b/0x300 [ 121.980644] ? __pfx___x64_sys_mount+0x10/0x10 [ 121.980663] do_syscall_64+0xbf/0x360 [ 121.980675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.980688] RIP: 0033:0x7f17e854a04a [ 121.980697] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.980708] RSP: 002b:00007f17e5abdfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 121.980720] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f17e854a04a [ 121.980728] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f17e5abe000 [ 121.980735] RBP: 00007f17e5abe040 R08: 00007f17e5abe040 R09: 0000000020000000 [ 121.980742] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 121.980749] R13: 0000000020000100 R14: 00007f17e5abe000 R15: 0000000020000440 [ 121.980765] [ 121.981572] kmemleak: Kernel memory leak detector disabled [ 121.981576] kmemleak: Object (percpu) 0x607f1a63a428 (size 8): [ 121.981583] kmemleak: comm "syz-executor.7", pid 3932, jiffies 4294788578 [ 121.981590] kmemleak: min_count = 1 [ 121.981594] kmemleak: count = 0 [ 121.981598] kmemleak: flags = 0x21 [ 121.981602] kmemleak: checksum = 0 [ 121.981606] kmemleak: backtrace: [ 121.981609] pcpu_alloc_noprof+0x87a/0x1170 [ 121.981625] perf_trace_event_init+0x366/0xa10 [ 121.981639] perf_trace_init+0x1a4/0x2f0 [ 121.981651] perf_tp_event_init+0xa6/0x120 [ 121.981668] perf_try_init_event+0x140/0x9f0 [ 121.981681] perf_event_alloc.part.0+0x118e/0x45f0 [ 121.981699] __do_sys_perf_event_open+0x719/0x2c20 [ 121.981713] do_syscall_64+0xbf/0x360 [ 121.981722] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.044721] EXT4-fs error (device loop6): __ext4_fill_super:5510: inode #2: comm syz-executor.6: iget: special inode unallocated [ 122.046108] EXT4-fs (loop6): get root inode failed [ 122.046614] EXT4-fs (loop6): mount failed 12:20:51 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)={0x1c, r1, 0x301, 0x0, 0x0, {{0x11}, {@val={0x8, 0xc00e}, @void}}}, 0x1c}}, 0x0) 12:20:51 executing program 5: pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff) mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1) sigaltstack(&(0x7f0000ffd000/0x1000)=nil, 0x0) pkey_mprotect(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x2, 0xffffffffffffffff) 12:20:51 executing program 4: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/raw\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="b3530000000000000000190000000c00018008000100", @ANYRES32=r0], 0x20}}, 0x0) 12:20:51 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETAW(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "304d7bb14af5b65b"}) 12:20:51 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close(r0) dup2(0xffffffffffffffff, 0xffffffffffffffff) 12:20:51 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x7, 0x0, 0x0) 12:20:51 executing program 7: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0xfff, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f00000001c0)={0x0, 0x0, 0x41, 0x0, 0x0, r0, 0x0}]) 12:20:51 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012e00)="ed", 0x1, 0x11080}], 0x0, &(0x7f0000000440)=ANY=[]) 12:20:51 executing program 0: syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'default', '=static', @val={0x22}}}}]}) 12:20:51 executing program 5: pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff) mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1) sigaltstack(&(0x7f0000ffd000/0x1000)=nil, 0x0) pkey_mprotect(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x2, 0xffffffffffffffff) 12:20:51 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x2200, &(0x7f00000012c0), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff9000/0x7000)=nil, &(0x7f0000001340), &(0x7f0000001380)) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, &(0x7f0000000000), 0x1) [ 122.167920] loop6: detected capacity change from 0 to 512 12:20:51 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)={0x1c, r1, 0x301, 0x0, 0x0, {{0x11}, {@val={0x8, 0xc00e}, @void}}}, 0x1c}}, 0x0) [ 122.189156] EXT4-fs error (device loop6): __ext4_fill_super:5510: inode #2: comm syz-executor.6: iget: special inode unallocated [ 122.202223] EXT4-fs (loop6): get root inode failed [ 122.202754] EXT4-fs (loop6): mount failed 12:20:52 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x20, 0x0, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}]}, 0x20}}, 0x0) 12:20:52 executing program 0: syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96) 12:20:52 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close(r0) dup2(0xffffffffffffffff, 0xffffffffffffffff) 12:20:52 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close(r0) dup2(0xffffffffffffffff, 0xffffffffffffffff) 12:20:52 executing program 3: syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96) 12:20:52 executing program 2: syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96) 12:20:52 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x20, 0x0, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}]}, 0x20}}, 0x0) 12:20:52 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close(r0) dup2(0xffffffffffffffff, 0xffffffffffffffff) 12:20:52 executing program 0: syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96) 12:20:52 executing program 6: r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) tee(r0, r1, 0x8000, 0x0) 12:20:52 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0xf}}, 0x14}}, 0x0) 12:20:52 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x20, 0x0, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}]}, 0x20}}, 0x0) 12:20:52 executing program 6: r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) tee(r0, r1, 0x8000, 0x0) 12:20:52 executing program 0: syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96) 12:20:52 executing program 3: syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96) 12:20:52 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close(r0) dup2(0xffffffffffffffff, 0xffffffffffffffff) 12:20:52 executing program 2: syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96) 12:20:52 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close(r0) dup2(0xffffffffffffffff, 0xffffffffffffffff) 12:20:52 executing program 6: r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) tee(r0, r1, 0x8000, 0x0) [ 122.519266] ------------[ cut here ]------------ [ 122.520211] WARNING: fs/namespace.c:1434 at mntput_no_expire+0x78e/0xbe0, CPU#1: syz-executor.2/284 [ 122.520976] Modules linked in: [ 122.521300] CPU: 1 UID: 0 PID: 284 Comm: syz-executor.2 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 122.523080] Tainted: [W]=WARN [ 122.523821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.525560] RIP: 0010:mntput_no_expire+0x78e/0xbe0 [ 122.526952] Code: 05 16 42 81 04 01 e8 31 f8 91 ff e9 41 fc ff ff e8 b7 50 b4 ff 31 ff 44 89 ee e8 dd 4b b4 ff 45 85 ed 79 09 e8 a3 50 b4 ff 90 <0f> 0b 90 e8 9a 50 b4 ff e8 75 f6 fb 02 31 ff 89 c5 89 c6 e8 ba 4b [ 122.531013] RSP: 0018:ffff88801701fce0 EFLAGS: 00010293 [ 122.531456] RAX: 0000000000000000 RBX: 1ffff11002e03fa1 RCX: ffffffff81bf96d3 [ 122.532019] RDX: ffff88800f499b80 RSI: ffffffff81bf96dd RDI: 0000000000000005 [ 122.532595] RBP: ffff88802001ddc0 R08: 0000000000000001 R09: 0000000000000000 [ 122.533161] R10: 00000000ffffffff R11: 0000000000000001 R12: ffff88801701fd48 [ 122.533742] R13: 00000000ffffffff R14: ffff88802001ddc0 R15: ffff88802001dea8 [ 122.534307] FS: 000055558e06b400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 122.534956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.535436] CR2: 00007ffcc63d1bd8 CR3: 00000000447cd000 CR4: 0000000000350ef0 [ 122.535999] Call Trace: [ 122.536207] [ 122.536410] ? __pfx_mntput_no_expire+0x10/0x10 [ 122.536789] ? dput.part.0+0xce/0x930 [ 122.537105] ? lock_release+0xc8/0x290 [ 122.537456] path_umount+0x6e0/0x1100 [ 122.537765] ? kmem_cache_free+0x2a1/0x540 [ 122.538106] ? __pfx_path_umount+0x10/0x10 [ 122.538460] ? putname.part.0+0x11b/0x160 [ 122.538805] __x64_sys_umount+0x15c/0x190 [ 122.539133] ? __pfx___x64_sys_umount+0x10/0x10 [ 122.539526] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 122.539947] do_syscall_64+0xbf/0x360 [ 122.540262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.540693] RIP: 0033:0x7f6088615f87 [ 122.540993] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.542441] RSP: 002b:00007ffcc63d2318 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 122.543038] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 00007f6088615f87 [ 122.543616] RDX: 00007ffcc63d23e9 RSI: 000000000000000a RDI: 00007ffcc63d23e0 [ 122.544175] RBP: 00007ffcc63d23e0 R08: 00000000ffffffff R09: 00007ffcc63d21b0 [ 122.544753] R10: 000055558e06cc7b R11: 0000000000000246 R12: 00007f608866e105 [ 122.545315] R13: 00007ffcc63d34a0 R14: 000055558e06cc20 R15: 00007ffcc63d34e0 [ 122.545909] [ 122.546101] irq event stamp: 177843 [ 122.546402] hardirqs last enabled at (177853): [] __up_console_sem+0x78/0x80 [ 122.547092] hardirqs last disabled at (177860): [] __up_console_sem+0x5d/0x80 [ 122.547796] softirqs last enabled at (177676): [] handle_softirqs+0x50c/0x770 [ 122.549156] softirqs last disabled at (177879): [] __irq_exit_rcu+0xc4/0x100 [ 122.550457] ---[ end trace 0000000000000000 ]--- 12:20:52 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0xf}}, 0x14}}, 0x0) 12:20:52 executing program 0: syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96) 12:20:52 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x20, 0x0, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}]}, 0x20}}, 0x0) 12:20:52 executing program 3: syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96) 12:20:52 executing program 2: syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96) 12:20:52 executing program 6: r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) tee(r0, r1, 0x8000, 0x0) 12:20:52 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close(r0) dup2(0xffffffffffffffff, 0xffffffffffffffff) 12:20:52 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f00000001c0), 0x4) 12:20:52 executing program 6: futex(&(0x7f0000000880)=0x2, 0xc, 0x1, 0x0, &(0x7f0000001b40), 0x2) 12:20:52 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)={0x14, 0x1a, 0x1, 0x0, 0x0, "", [@generic="02"]}, 0x14}], 0x1}, 0x0) 12:20:52 executing program 4: syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_SETVESABLANK(r1, 0x560c, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r2 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$GIO_SCRNMAP(r2, 0x4b40, &(0x7f00000000c0)=""/233) 12:20:52 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0xf}}, 0x14}}, 0x0) [ 122.671221] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI [ 122.672180] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 122.672899] CPU: 0 UID: 0 PID: 4029 Comm: syz-executor.4 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 122.673891] Tainted: [W]=WARN [ 122.674150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.674823] RIP: 0010:perf_tp_event+0x175/0xe70 [ 122.675227] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 122.676714] RSP: 0018:ffff8880474b7800 EFLAGS: 00010212 [ 122.677154] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90007e30000 [ 122.677757] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 122.678342] RBP: ffff8880474b7a70 R08: ffff88806ce31340 R09: ffffe8ffffc17428 [ 122.678929] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 122.679518] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 122.680106] FS: 00007f8c7dd99700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 122.680775] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.681257] CR2: 00007f8c7dd99718 CR3: 000000000e922000 CR4: 0000000000350ef0 [ 122.681862] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 122.682462] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 122.683053] Call Trace: [ 122.683271] [ 122.683480] ? __pfx_perf_tp_event+0x10/0x10 [ 122.683889] ? perf_trace_lock+0xb5/0x5d0 [ 122.684244] ? __pfx_perf_trace_lock+0x10/0x10 [ 122.684640] ? perf_trace_run_bpf_submit+0xef/0x180 [ 122.685060] perf_trace_run_bpf_submit+0xef/0x180 [ 122.685479] perf_trace_lock+0x337/0x5d0 [ 122.685826] ? __pfx_perf_trace_lock+0x10/0x10 [ 122.686212] ? lock_acquire+0x15e/0x2f0 [ 122.686552] ? futex_ref_get+0x48/0x300 [ 122.686889] ? futex_ref_get+0x114/0x300 [ 122.687225] ? futex_hash+0x15c/0x390 [ 122.687544] lock_release+0x1ab/0x290 [ 122.687870] ? futex_hash+0x15c/0x390 [ 122.688190] futex_ref_get+0x119/0x300 [ 122.688519] ? futex_hash+0x15c/0x390 [ 122.688836] futex_hash+0x70/0x390 [ 122.689141] futex_wake+0x143/0x540 [ 122.689468] ? __pfx_futex_wake+0x10/0x10 [ 122.689828] ? perf_trace_lock+0xb5/0x5d0 [ 122.690184] do_futex+0x26d/0x370 [ 122.690483] ? __pfx_do_futex+0x10/0x10 [ 122.690820] ? lock_acquire+0x15e/0x2f0 [ 122.691155] ? __fget_files+0x34/0x3b0 [ 122.691482] ? find_held_lock+0x2b/0x80 [ 122.691825] __x64_sys_futex+0x1c9/0x4d0 [ 122.692165] ? __fget_files+0x20d/0x3b0 [ 122.692499] ? __pfx___x64_sys_futex+0x10/0x10 [ 122.692887] ? fdget+0x197/0x220 [ 122.693179] do_syscall_64+0xbf/0x360 [ 122.693511] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.693938] RIP: 0033:0x7f8c80844b19 [ 122.694249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.695751] RSP: 002b:00007f8c7dd99218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.696377] RAX: ffffffffffffffda RBX: 00007f8c80958028 RCX: 00007f8c80844b19 [ 122.696966] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8c8095802c [ 122.697558] RBP: 00007f8c80958020 R08: 0000000000000009 R09: 0000000000000000 [ 122.698119] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f8c8095802c [ 122.698653] R13: 00007ffc9b97c6cf R14: 00007f8c7dd99300 R15: 0000000000022000 [ 122.699200] [ 122.699382] Modules linked in: [ 122.699795] ---[ end trace 0000000000000000 ]--- [ 122.700157] RIP: 0010:perf_tp_event+0x175/0xe70 12:20:52 executing program 3: syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000380)='./file0\x00', 0x0, 0x2, &(0x7f0000000500)=[{&(0x7f00000003c0)="a5", 0x1}, {&(0x7f00000004c0)="ef", 0x1}], 0x0, &(0x7f00000006c0)={[{@rodir}], [{@euid_lt}, {@context={'context', 0x3d, 'staff_u'}}, {@fowner_eq}]}) [ 122.700537] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 12:20:52 executing program 0: ppoll(&(0x7f0000002dc0), 0x20000000000000b2, &(0x7f0000002e00), 0x0, 0x0) [ 122.702633] RSP: 0018:ffff8880474b7800 EFLAGS: 00010212 [ 122.703047] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90007e30000 [ 122.703622] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 122.704164] RBP: ffff8880474b7a70 R08: ffff88806ce31340 R09: ffffe8ffffc17428 [ 122.704719] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 122.705267] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 122.705827] FS: 00007f8c7dd99700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000 [ 122.706446] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.706886] CR2: 00007f8c7dd99718 CR3: 000000000e922000 CR4: 0000000000350ef0 [ 122.707436] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 122.707439] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 122.708542] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 122.709082] note: syz-executor.4[4029] exited with preempt_count 1 [ 122.709576] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51 [ 122.710238] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 4029, name: syz-executor.4 [ 122.710880] preempt_count: 0, expected: 0 [ 122.711186] RCU nest depth: 2, expected: 0 [ 122.711513] INFO: lockdep is turned off. [ 122.711629] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 122.711822] CPU: 0 UID: 0 PID: 4029 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 122.711841] Tainted: [D]=DIE, [W]=WARN [ 122.711845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.711852] Call Trace: [ 122.711856] [ 122.711861] dump_stack_lvl+0xfa/0x120 [ 122.711883] __might_resched+0x2f3/0x510 [ 122.711898] exit_signals+0x25/0x940 [ 122.711917] do_exit+0x2db/0x2970 [ 122.711931] ? _printk+0xbe/0xf0 [ 122.711944] ? __pfx__printk+0x10/0x10 [ 122.711957] ? __pfx_do_exit+0x10/0x10 [ 122.711969] ? fdget+0x197/0x220 [ 122.711980] make_task_dead+0x174/0x3b0 [ 122.711993] ? do_syscall_64+0xbf/0x360 [ 122.712003] rewind_stack_and_make_dead+0x16/0x20 [ 122.712019] RIP: 0033:0x7f8c80844b19 [ 122.712028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.712038] RSP: 002b:00007f8c7dd99218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.712049] RAX: ffffffffffffffda RBX: 00007f8c80958028 RCX: 00007f8c80844b19 [ 122.712057] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8c8095802c [ 122.712064] RBP: 00007f8c80958020 R08: 0000000000000009 R09: 0000000000000000 [ 122.712070] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f8c8095802c [ 122.712078] R13: 00007ffc9b97c6cf R14: 00007f8c7dd99300 R15: 0000000000022000 [ 122.712088] 12:20:52 executing program 6: clock_adjtime(0x97a0f663, &(0x7f0000000000)) 12:20:52 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x9, 0x4) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @dev}, 0x10, 0x0}}], 0x1, 0x8000) sendmmsg$inet(r0, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000800)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000940)="61e73c2e65fb9d5d268270cdd32d37c967db9498cf7d8b605d3ca192ebe8ca367fcb1acb54161dfd3f98fe1c723eff8d4788875c2ac06dc6b471278f2ce05b9d115897745d1393939d2a4280e224c136b18ea6e9d3993e4e1cddb7e9830bd491883a7a394ec1ecfb8bc1aa41d1325290fa6855efd4b20275403c13d60670d9a0706b7d749bb2434e59978521fed637ed9f926b8f95f12075b31c7adf73b77d5dedadb9b90ade0e3a4cebb7a7c226476708b885b3713dcae5b286d1c46230ba1dd3f4fa88cb5c2a2c655f1258826594f2f00a72f080753c24666bc947648762798925c5ceecc639a1ff3d5424e4198e3e22e750ca2b04b4b46f3611820ba944ffeda2b5575f402d39b582567e546d2a2f2d46304f00e85ba566dafe10a1546be23118d856bfce0dfacc70534166590fcb53d9a16599139762171be1efb3ca6721fcffbca3036ca13f220ee1d7d12644bd19dd61e7ef256dc365686a5c590317745c1871e9459fbb7ea6d431c57fced86d26ae898e3ac6acad52ac3ab85230eb27c8059dc21d827d29e8ac1b1ba89334f6f57d4045487cd215e851447627a15c85cf7a6170cd11da60996398742db3cf6015bf74d05eedcc28dcf8391b042a50105345846941ef4cddf1b6a6c53efece358f0e9a8687e37e2cd1faf13eafd44f8116695ea4e93aca76ced5a3421f4417386722933c2f8deb5db4bcd8ee91b5c62e9530c974f52688fae23d08b8449503d58d3987ca8f4fbc1c8fda4169403b0dd778cdf162dde72824d6d748b953413672bade41fc8defb4b1bfcea7fc949d80eff53f2ffbf640b9aa34642b3fedf2b0a24a852533112938fed5e75c69f93658a6a5550bc6e38d829345d5353d8990cc7f50f0b04066d10018ba47671cae4a0557394179dda558c4eb4651c8acf751be33af5061c8838b49319b103c47fc0431464e8df19e59dc10703f2ad2269be8d70d13766435090c60f73e514d1c800144579a90f9c3924ae858e986390b4d57ba4b78a835581c43648c19058cac35179e3fa00d833639ca32d8c4571bf015e7c1ee1482f8f4950aaf7e9349b516fa9da205e620dc9e1a3dc738496c639b14d91dcee71ae33ab2c00c3a81b4016ae8feb2d6ca88c25227b97b217ca232c4ced52efee2ebbe72d7190c8f8f9f1eac41b5babf977fac2dc2c691b3ee14f28c1522dba3d746095b00abf429e146e637e932f29e44ffdd84733f63ee802b66b0d6236586ecd5a50baf3f33e96d43e5d692f572fd9728476f0f73cbcc880e89ce76bd155831daa613f03cbadc0728407c775e73bb326cf3653525ca6b407de80d6d40c14a23af75e1c4c69f75d8aa862b2ab25d3326855faad5c48b06cc7016cdea586f6a05231f338a3ef83a04233f8b3c397f8350166b53db996d4d3934203440690d94bce152ccb20bdf1b2908ce4291716c916976f3c6056f6b49e12bbde2cac9feb8c45af13a8be666a330828768c565e970146b842529ff9dfdf027793f68b73341e5640e4936a5e64d1c6de1e2991e564567418fa7aca190da6433e23ef158ee22e22abcdbbbae244670c7028342dc5171d3a0bbff8188a5d766e9fe2bccec0880d7cbc96cd42f5bf2c9c295a6ece4fbde53", 0x481}], 0x1}}], 0x2, 0x0) 12:20:52 executing program 0: ppoll(&(0x7f0000002dc0), 0x20000000000000b2, &(0x7f0000002e00), 0x0, 0x0) 12:20:52 executing program 3: syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000380)='./file0\x00', 0x0, 0x2, &(0x7f0000000500)=[{&(0x7f00000003c0)="a5", 0x1}, {&(0x7f00000004c0)="ef", 0x1}], 0x0, &(0x7f00000006c0)={[{@rodir}], [{@euid_lt}, {@context={'context', 0x3d, 'staff_u'}}, {@fowner_eq}]}) 12:20:52 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) 12:20:52 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000d80), 0x0, 0x0) ioctl$SG_NEXT_CMD_LEN(r0, 0x2202, 0x0) 12:20:52 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x9, 0x4) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @dev}, 0x10, 0x0}}], 0x1, 0x8000) sendmmsg$inet(r0, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000800)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000940)="61e73c2e65fb9d5d268270cdd32d37c967db9498cf7d8b605d3ca192ebe8ca367fcb1acb54161dfd3f98fe1c723eff8d4788875c2ac06dc6b471278f2ce05b9d115897745d1393939d2a4280e224c136b18ea6e9d3993e4e1cddb7e9830bd491883a7a394ec1ecfb8bc1aa41d1325290fa6855efd4b20275403c13d60670d9a0706b7d749bb2434e59978521fed637ed9f926b8f95f12075b31c7adf73b77d5dedadb9b90ade0e3a4cebb7a7c226476708b885b3713dcae5b286d1c46230ba1dd3f4fa88cb5c2a2c655f1258826594f2f00a72f080753c24666bc947648762798925c5ceecc639a1ff3d5424e4198e3e22e750ca2b04b4b46f3611820ba944ffeda2b5575f402d39b582567e546d2a2f2d46304f00e85ba566dafe10a1546be23118d856bfce0dfacc70534166590fcb53d9a16599139762171be1efb3ca6721fcffbca3036ca13f220ee1d7d12644bd19dd61e7ef256dc365686a5c590317745c1871e9459fbb7ea6d431c57fced86d26ae898e3ac6acad52ac3ab85230eb27c8059dc21d827d29e8ac1b1ba89334f6f57d4045487cd215e851447627a15c85cf7a6170cd11da60996398742db3cf6015bf74d05eedcc28dcf8391b042a50105345846941ef4cddf1b6a6c53efece358f0e9a8687e37e2cd1faf13eafd44f8116695ea4e93aca76ced5a3421f4417386722933c2f8deb5db4bcd8ee91b5c62e9530c974f52688fae23d08b8449503d58d3987ca8f4fbc1c8fda4169403b0dd778cdf162dde72824d6d748b953413672bade41fc8defb4b1bfcea7fc949d80eff53f2ffbf640b9aa34642b3fedf2b0a24a852533112938fed5e75c69f93658a6a5550bc6e38d829345d5353d8990cc7f50f0b04066d10018ba47671cae4a0557394179dda558c4eb4651c8acf751be33af5061c8838b49319b103c47fc0431464e8df19e59dc10703f2ad2269be8d70d13766435090c60f73e514d1c800144579a90f9c3924ae858e986390b4d57ba4b78a835581c43648c19058cac35179e3fa00d833639ca32d8c4571bf015e7c1ee1482f8f4950aaf7e9349b516fa9da205e620dc9e1a3dc738496c639b14d91dcee71ae33ab2c00c3a81b4016ae8feb2d6ca88c25227b97b217ca232c4ced52efee2ebbe72d7190c8f8f9f1eac41b5babf977fac2dc2c691b3ee14f28c1522dba3d746095b00abf429e146e637e932f29e44ffdd84733f63ee802b66b0d6236586ecd5a50baf3f33e96d43e5d692f572fd9728476f0f73cbcc880e89ce76bd155831daa613f03cbadc0728407c775e73bb326cf3653525ca6b407de80d6d40c14a23af75e1c4c69f75d8aa862b2ab25d3326855faad5c48b06cc7016cdea586f6a05231f338a3ef83a04233f8b3c397f8350166b53db996d4d3934203440690d94bce152ccb20bdf1b2908ce4291716c916976f3c6056f6b49e12bbde2cac9feb8c45af13a8be666a330828768c565e970146b842529ff9dfdf027793f68b73341e5640e4936a5e64d1c6de1e2991e564567418fa7aca190da6433e23ef158ee22e22abcdbbbae244670c7028342dc5171d3a0bbff8188a5d766e9fe2bccec0880d7cbc96cd42f5bf2c9c295a6ece4fbde53", 0x481}], 0x1}}], 0x2, 0x0) 12:20:52 executing program 0: ppoll(&(0x7f0000002dc0), 0x20000000000000b2, &(0x7f0000002e00), 0x0, 0x0) [ 122.819413] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 12:20:52 executing program 1: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)={[{@uid={'uid', 0x3d, 0xffffffffffffffff}}]}) 12:20:52 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0xf}}, 0x14}}, 0x0) 12:20:52 executing program 4: r0 = socket$unix(0x1, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{0xb1}, {0x6}]}, 0x10) 12:20:52 executing program 6: newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) ioprio_set$uid(0x3, r1, 0x6000) ioprio_get$uid(0x3, 0x0) 12:20:52 executing program 0: ppoll(&(0x7f0000002dc0), 0x20000000000000b2, &(0x7f0000002e00), 0x0, 0x0) 12:20:52 executing program 3: syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000380)='./file0\x00', 0x0, 0x2, &(0x7f0000000500)=[{&(0x7f00000003c0)="a5", 0x1}, {&(0x7f00000004c0)="ef", 0x1}], 0x0, &(0x7f00000006c0)={[{@rodir}], [{@euid_lt}, {@context={'context', 0x3d, 'staff_u'}}, {@fowner_eq}]}) 12:20:52 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x9, 0x4) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @dev}, 0x10, 0x0}}], 0x1, 0x8000) sendmmsg$inet(r0, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000800)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000940)="61e73c2e65fb9d5d268270cdd32d37c967db9498cf7d8b605d3ca192ebe8ca367fcb1acb54161dfd3f98fe1c723eff8d4788875c2ac06dc6b471278f2ce05b9d115897745d1393939d2a4280e224c136b18ea6e9d3993e4e1cddb7e9830bd491883a7a394ec1ecfb8bc1aa41d1325290fa6855efd4b20275403c13d60670d9a0706b7d749bb2434e59978521fed637ed9f926b8f95f12075b31c7adf73b77d5dedadb9b90ade0e3a4cebb7a7c226476708b885b3713dcae5b286d1c46230ba1dd3f4fa88cb5c2a2c655f1258826594f2f00a72f080753c24666bc947648762798925c5ceecc639a1ff3d5424e4198e3e22e750ca2b04b4b46f3611820ba944ffeda2b5575f402d39b582567e546d2a2f2d46304f00e85ba566dafe10a1546be23118d856bfce0dfacc70534166590fcb53d9a16599139762171be1efb3ca6721fcffbca3036ca13f220ee1d7d12644bd19dd61e7ef256dc365686a5c590317745c1871e9459fbb7ea6d431c57fced86d26ae898e3ac6acad52ac3ab85230eb27c8059dc21d827d29e8ac1b1ba89334f6f57d4045487cd215e851447627a15c85cf7a6170cd11da60996398742db3cf6015bf74d05eedcc28dcf8391b042a50105345846941ef4cddf1b6a6c53efece358f0e9a8687e37e2cd1faf13eafd44f8116695ea4e93aca76ced5a3421f4417386722933c2f8deb5db4bcd8ee91b5c62e9530c974f52688fae23d08b8449503d58d3987ca8f4fbc1c8fda4169403b0dd778cdf162dde72824d6d748b953413672bade41fc8defb4b1bfcea7fc949d80eff53f2ffbf640b9aa34642b3fedf2b0a24a852533112938fed5e75c69f93658a6a5550bc6e38d829345d5353d8990cc7f50f0b04066d10018ba47671cae4a0557394179dda558c4eb4651c8acf751be33af5061c8838b49319b103c47fc0431464e8df19e59dc10703f2ad2269be8d70d13766435090c60f73e514d1c800144579a90f9c3924ae858e986390b4d57ba4b78a835581c43648c19058cac35179e3fa00d833639ca32d8c4571bf015e7c1ee1482f8f4950aaf7e9349b516fa9da205e620dc9e1a3dc738496c639b14d91dcee71ae33ab2c00c3a81b4016ae8feb2d6ca88c25227b97b217ca232c4ced52efee2ebbe72d7190c8f8f9f1eac41b5babf977fac2dc2c691b3ee14f28c1522dba3d746095b00abf429e146e637e932f29e44ffdd84733f63ee802b66b0d6236586ecd5a50baf3f33e96d43e5d692f572fd9728476f0f73cbcc880e89ce76bd155831daa613f03cbadc0728407c775e73bb326cf3653525ca6b407de80d6d40c14a23af75e1c4c69f75d8aa862b2ab25d3326855faad5c48b06cc7016cdea586f6a05231f338a3ef83a04233f8b3c397f8350166b53db996d4d3934203440690d94bce152ccb20bdf1b2908ce4291716c916976f3c6056f6b49e12bbde2cac9feb8c45af13a8be666a330828768c565e970146b842529ff9dfdf027793f68b73341e5640e4936a5e64d1c6de1e2991e564567418fa7aca190da6433e23ef158ee22e22abcdbbbae244670c7028342dc5171d3a0bbff8188a5d766e9fe2bccec0880d7cbc96cd42f5bf2c9c295a6ece4fbde53", 0x481}], 0x1}}], 0x2, 0x0) 12:20:52 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x9, 0x4) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @dev}, 0x10, 0x0}}], 0x1, 0x8000) sendmmsg$inet(r0, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000800)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000940)="61e73c2e65fb9d5d268270cdd32d37c967db9498cf7d8b605d3ca192ebe8ca367fcb1acb54161dfd3f98fe1c723eff8d4788875c2ac06dc6b471278f2ce05b9d115897745d1393939d2a4280e224c136b18ea6e9d3993e4e1cddb7e9830bd491883a7a394ec1ecfb8bc1aa41d1325290fa6855efd4b20275403c13d60670d9a0706b7d749bb2434e59978521fed637ed9f926b8f95f12075b31c7adf73b77d5dedadb9b90ade0e3a4cebb7a7c226476708b885b3713dcae5b286d1c46230ba1dd3f4fa88cb5c2a2c655f1258826594f2f00a72f080753c24666bc947648762798925c5ceecc639a1ff3d5424e4198e3e22e750ca2b04b4b46f3611820ba944ffeda2b5575f402d39b582567e546d2a2f2d46304f00e85ba566dafe10a1546be23118d856bfce0dfacc70534166590fcb53d9a16599139762171be1efb3ca6721fcffbca3036ca13f220ee1d7d12644bd19dd61e7ef256dc365686a5c590317745c1871e9459fbb7ea6d431c57fced86d26ae898e3ac6acad52ac3ab85230eb27c8059dc21d827d29e8ac1b1ba89334f6f57d4045487cd215e851447627a15c85cf7a6170cd11da60996398742db3cf6015bf74d05eedcc28dcf8391b042a50105345846941ef4cddf1b6a6c53efece358f0e9a8687e37e2cd1faf13eafd44f8116695ea4e93aca76ced5a3421f4417386722933c2f8deb5db4bcd8ee91b5c62e9530c974f52688fae23d08b8449503d58d3987ca8f4fbc1c8fda4169403b0dd778cdf162dde72824d6d748b953413672bade41fc8defb4b1bfcea7fc949d80eff53f2ffbf640b9aa34642b3fedf2b0a24a852533112938fed5e75c69f93658a6a5550bc6e38d829345d5353d8990cc7f50f0b04066d10018ba47671cae4a0557394179dda558c4eb4651c8acf751be33af5061c8838b49319b103c47fc0431464e8df19e59dc10703f2ad2269be8d70d13766435090c60f73e514d1c800144579a90f9c3924ae858e986390b4d57ba4b78a835581c43648c19058cac35179e3fa00d833639ca32d8c4571bf015e7c1ee1482f8f4950aaf7e9349b516fa9da205e620dc9e1a3dc738496c639b14d91dcee71ae33ab2c00c3a81b4016ae8feb2d6ca88c25227b97b217ca232c4ced52efee2ebbe72d7190c8f8f9f1eac41b5babf977fac2dc2c691b3ee14f28c1522dba3d746095b00abf429e146e637e932f29e44ffdd84733f63ee802b66b0d6236586ecd5a50baf3f33e96d43e5d692f572fd9728476f0f73cbcc880e89ce76bd155831daa613f03cbadc0728407c775e73bb326cf3653525ca6b407de80d6d40c14a23af75e1c4c69f75d8aa862b2ab25d3326855faad5c48b06cc7016cdea586f6a05231f338a3ef83a04233f8b3c397f8350166b53db996d4d3934203440690d94bce152ccb20bdf1b2908ce4291716c916976f3c6056f6b49e12bbde2cac9feb8c45af13a8be666a330828768c565e970146b842529ff9dfdf027793f68b73341e5640e4936a5e64d1c6de1e2991e564567418fa7aca190da6433e23ef158ee22e22abcdbbbae244670c7028342dc5171d3a0bbff8188a5d766e9fe2bccec0880d7cbc96cd42f5bf2c9c295a6ece4fbde53", 0x481}], 0x1}}], 0x2, 0x0) [ 122.900796] tmpfs: Bad value for 'uid' [ 122.901177] tmpfs: Bad value for 'uid' [ 122.905440] tmpfs: Bad value for 'uid' [ 122.905803] tmpfs: Bad value for 'uid' [ 122.911068] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 12:20:52 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x9, 0x4) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @dev}, 0x10, 0x0}}], 0x1, 0x8000) sendmmsg$inet(r0, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000800)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000940)="61e73c2e65fb9d5d268270cdd32d37c967db9498cf7d8b605d3ca192ebe8ca367fcb1acb54161dfd3f98fe1c723eff8d4788875c2ac06dc6b471278f2ce05b9d115897745d1393939d2a4280e224c136b18ea6e9d3993e4e1cddb7e9830bd491883a7a394ec1ecfb8bc1aa41d1325290fa6855efd4b20275403c13d60670d9a0706b7d749bb2434e59978521fed637ed9f926b8f95f12075b31c7adf73b77d5dedadb9b90ade0e3a4cebb7a7c226476708b885b3713dcae5b286d1c46230ba1dd3f4fa88cb5c2a2c655f1258826594f2f00a72f080753c24666bc947648762798925c5ceecc639a1ff3d5424e4198e3e22e750ca2b04b4b46f3611820ba944ffeda2b5575f402d39b582567e546d2a2f2d46304f00e85ba566dafe10a1546be23118d856bfce0dfacc70534166590fcb53d9a16599139762171be1efb3ca6721fcffbca3036ca13f220ee1d7d12644bd19dd61e7ef256dc365686a5c590317745c1871e9459fbb7ea6d431c57fced86d26ae898e3ac6acad52ac3ab85230eb27c8059dc21d827d29e8ac1b1ba89334f6f57d4045487cd215e851447627a15c85cf7a6170cd11da60996398742db3cf6015bf74d05eedcc28dcf8391b042a50105345846941ef4cddf1b6a6c53efece358f0e9a8687e37e2cd1faf13eafd44f8116695ea4e93aca76ced5a3421f4417386722933c2f8deb5db4bcd8ee91b5c62e9530c974f52688fae23d08b8449503d58d3987ca8f4fbc1c8fda4169403b0dd778cdf162dde72824d6d748b953413672bade41fc8defb4b1bfcea7fc949d80eff53f2ffbf640b9aa34642b3fedf2b0a24a852533112938fed5e75c69f93658a6a5550bc6e38d829345d5353d8990cc7f50f0b04066d10018ba47671cae4a0557394179dda558c4eb4651c8acf751be33af5061c8838b49319b103c47fc0431464e8df19e59dc10703f2ad2269be8d70d13766435090c60f73e514d1c800144579a90f9c3924ae858e986390b4d57ba4b78a835581c43648c19058cac35179e3fa00d833639ca32d8c4571bf015e7c1ee1482f8f4950aaf7e9349b516fa9da205e620dc9e1a3dc738496c639b14d91dcee71ae33ab2c00c3a81b4016ae8feb2d6ca88c25227b97b217ca232c4ced52efee2ebbe72d7190c8f8f9f1eac41b5babf977fac2dc2c691b3ee14f28c1522dba3d746095b00abf429e146e637e932f29e44ffdd84733f63ee802b66b0d6236586ecd5a50baf3f33e96d43e5d692f572fd9728476f0f73cbcc880e89ce76bd155831daa613f03cbadc0728407c775e73bb326cf3653525ca6b407de80d6d40c14a23af75e1c4c69f75d8aa862b2ab25d3326855faad5c48b06cc7016cdea586f6a05231f338a3ef83a04233f8b3c397f8350166b53db996d4d3934203440690d94bce152ccb20bdf1b2908ce4291716c916976f3c6056f6b49e12bbde2cac9feb8c45af13a8be666a330828768c565e970146b842529ff9dfdf027793f68b73341e5640e4936a5e64d1c6de1e2991e564567418fa7aca190da6433e23ef158ee22e22abcdbbbae244670c7028342dc5171d3a0bbff8188a5d766e9fe2bccec0880d7cbc96cd42f5bf2c9c295a6ece4fbde53", 0x481}], 0x1}}], 0x2, 0x0) 12:20:52 executing program 6: newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) ioprio_set$uid(0x3, r1, 0x6000) ioprio_get$uid(0x3, 0x0) 12:20:52 executing program 4: r0 = socket$unix(0x1, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{0xb1}, {0x6}]}, 0x10) 12:20:52 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x9, 0x4) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @dev}, 0x10, 0x0}}], 0x1, 0x8000) sendmmsg$inet(r0, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000800)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000940)="61e73c2e65fb9d5d268270cdd32d37c967db9498cf7d8b605d3ca192ebe8ca367fcb1acb54161dfd3f98fe1c723eff8d4788875c2ac06dc6b471278f2ce05b9d115897745d1393939d2a4280e224c136b18ea6e9d3993e4e1cddb7e9830bd491883a7a394ec1ecfb8bc1aa41d1325290fa6855efd4b20275403c13d60670d9a0706b7d749bb2434e59978521fed637ed9f926b8f95f12075b31c7adf73b77d5dedadb9b90ade0e3a4cebb7a7c226476708b885b3713dcae5b286d1c46230ba1dd3f4fa88cb5c2a2c655f1258826594f2f00a72f080753c24666bc947648762798925c5ceecc639a1ff3d5424e4198e3e22e750ca2b04b4b46f3611820ba944ffeda2b5575f402d39b582567e546d2a2f2d46304f00e85ba566dafe10a1546be23118d856bfce0dfacc70534166590fcb53d9a16599139762171be1efb3ca6721fcffbca3036ca13f220ee1d7d12644bd19dd61e7ef256dc365686a5c590317745c1871e9459fbb7ea6d431c57fced86d26ae898e3ac6acad52ac3ab85230eb27c8059dc21d827d29e8ac1b1ba89334f6f57d4045487cd215e851447627a15c85cf7a6170cd11da60996398742db3cf6015bf74d05eedcc28dcf8391b042a50105345846941ef4cddf1b6a6c53efece358f0e9a8687e37e2cd1faf13eafd44f8116695ea4e93aca76ced5a3421f4417386722933c2f8deb5db4bcd8ee91b5c62e9530c974f52688fae23d08b8449503d58d3987ca8f4fbc1c8fda4169403b0dd778cdf162dde72824d6d748b953413672bade41fc8defb4b1bfcea7fc949d80eff53f2ffbf640b9aa34642b3fedf2b0a24a852533112938fed5e75c69f93658a6a5550bc6e38d829345d5353d8990cc7f50f0b04066d10018ba47671cae4a0557394179dda558c4eb4651c8acf751be33af5061c8838b49319b103c47fc0431464e8df19e59dc10703f2ad2269be8d70d13766435090c60f73e514d1c800144579a90f9c3924ae858e986390b4d57ba4b78a835581c43648c19058cac35179e3fa00d833639ca32d8c4571bf015e7c1ee1482f8f4950aaf7e9349b516fa9da205e620dc9e1a3dc738496c639b14d91dcee71ae33ab2c00c3a81b4016ae8feb2d6ca88c25227b97b217ca232c4ced52efee2ebbe72d7190c8f8f9f1eac41b5babf977fac2dc2c691b3ee14f28c1522dba3d746095b00abf429e146e637e932f29e44ffdd84733f63ee802b66b0d6236586ecd5a50baf3f33e96d43e5d692f572fd9728476f0f73cbcc880e89ce76bd155831daa613f03cbadc0728407c775e73bb326cf3653525ca6b407de80d6d40c14a23af75e1c4c69f75d8aa862b2ab25d3326855faad5c48b06cc7016cdea586f6a05231f338a3ef83a04233f8b3c397f8350166b53db996d4d3934203440690d94bce152ccb20bdf1b2908ce4291716c916976f3c6056f6b49e12bbde2cac9feb8c45af13a8be666a330828768c565e970146b842529ff9dfdf027793f68b73341e5640e4936a5e64d1c6de1e2991e564567418fa7aca190da6433e23ef158ee22e22abcdbbbae244670c7028342dc5171d3a0bbff8188a5d766e9fe2bccec0880d7cbc96cd42f5bf2c9c295a6ece4fbde53", 0x481}], 0x1}}], 0x2, 0x0) 12:20:52 executing program 0: newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) ioprio_set$uid(0x3, r1, 0x6000) ioprio_get$uid(0x3, 0x0) 12:20:52 executing program 3: syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000380)='./file0\x00', 0x0, 0x2, &(0x7f0000000500)=[{&(0x7f00000003c0)="a5", 0x1}, {&(0x7f00000004c0)="ef", 0x1}], 0x0, &(0x7f00000006c0)={[{@rodir}], [{@euid_lt}, {@context={'context', 0x3d, 'staff_u'}}, {@fowner_eq}]}) [ 122.977539] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 12:20:52 executing program 6: newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) ioprio_set$uid(0x3, r1, 0x6000) ioprio_get$uid(0x3, 0x0) 12:20:52 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x9, 0x4) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @dev}, 0x10, 0x0}}], 0x1, 0x8000) sendmmsg$inet(r0, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000800)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000940)="61e73c2e65fb9d5d268270cdd32d37c967db9498cf7d8b605d3ca192ebe8ca367fcb1acb54161dfd3f98fe1c723eff8d4788875c2ac06dc6b471278f2ce05b9d115897745d1393939d2a4280e224c136b18ea6e9d3993e4e1cddb7e9830bd491883a7a394ec1ecfb8bc1aa41d1325290fa6855efd4b20275403c13d60670d9a0706b7d749bb2434e59978521fed637ed9f926b8f95f12075b31c7adf73b77d5dedadb9b90ade0e3a4cebb7a7c226476708b885b3713dcae5b286d1c46230ba1dd3f4fa88cb5c2a2c655f1258826594f2f00a72f080753c24666bc947648762798925c5ceecc639a1ff3d5424e4198e3e22e750ca2b04b4b46f3611820ba944ffeda2b5575f402d39b582567e546d2a2f2d46304f00e85ba566dafe10a1546be23118d856bfce0dfacc70534166590fcb53d9a16599139762171be1efb3ca6721fcffbca3036ca13f220ee1d7d12644bd19dd61e7ef256dc365686a5c590317745c1871e9459fbb7ea6d431c57fced86d26ae898e3ac6acad52ac3ab85230eb27c8059dc21d827d29e8ac1b1ba89334f6f57d4045487cd215e851447627a15c85cf7a6170cd11da60996398742db3cf6015bf74d05eedcc28dcf8391b042a50105345846941ef4cddf1b6a6c53efece358f0e9a8687e37e2cd1faf13eafd44f8116695ea4e93aca76ced5a3421f4417386722933c2f8deb5db4bcd8ee91b5c62e9530c974f52688fae23d08b8449503d58d3987ca8f4fbc1c8fda4169403b0dd778cdf162dde72824d6d748b953413672bade41fc8defb4b1bfcea7fc949d80eff53f2ffbf640b9aa34642b3fedf2b0a24a852533112938fed5e75c69f93658a6a5550bc6e38d829345d5353d8990cc7f50f0b04066d10018ba47671cae4a0557394179dda558c4eb4651c8acf751be33af5061c8838b49319b103c47fc0431464e8df19e59dc10703f2ad2269be8d70d13766435090c60f73e514d1c800144579a90f9c3924ae858e986390b4d57ba4b78a835581c43648c19058cac35179e3fa00d833639ca32d8c4571bf015e7c1ee1482f8f4950aaf7e9349b516fa9da205e620dc9e1a3dc738496c639b14d91dcee71ae33ab2c00c3a81b4016ae8feb2d6ca88c25227b97b217ca232c4ced52efee2ebbe72d7190c8f8f9f1eac41b5babf977fac2dc2c691b3ee14f28c1522dba3d746095b00abf429e146e637e932f29e44ffdd84733f63ee802b66b0d6236586ecd5a50baf3f33e96d43e5d692f572fd9728476f0f73cbcc880e89ce76bd155831daa613f03cbadc0728407c775e73bb326cf3653525ca6b407de80d6d40c14a23af75e1c4c69f75d8aa862b2ab25d3326855faad5c48b06cc7016cdea586f6a05231f338a3ef83a04233f8b3c397f8350166b53db996d4d3934203440690d94bce152ccb20bdf1b2908ce4291716c916976f3c6056f6b49e12bbde2cac9feb8c45af13a8be666a330828768c565e970146b842529ff9dfdf027793f68b73341e5640e4936a5e64d1c6de1e2991e564567418fa7aca190da6433e23ef158ee22e22abcdbbbae244670c7028342dc5171d3a0bbff8188a5d766e9fe2bccec0880d7cbc96cd42f5bf2c9c295a6ece4fbde53", 0x481}], 0x1}}], 0x2, 0x0) 12:20:52 executing program 4: r0 = socket$unix(0x1, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{0xb1}, {0x6}]}, 0x10) 12:20:52 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)={0x34, 0x2d, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @nested={0x18, 0x0, 0x0, 0x1, [@typed={0x14, 0x0, 0x0, 0x0, @ipv6=@local}]}]}, 0x34}], 0x1}, 0x0) 12:20:52 executing program 1: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x80081, 0x0) pwrite64(r0, 0x0, 0x0, 0x1db3) 12:20:52 executing program 0: newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) ioprio_set$uid(0x3, r1, 0x6000) ioprio_get$uid(0x3, 0x0) 12:20:52 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x9]}}]}]}]}, 0x44}}, 0x0) [ 123.036720] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.5'. [ 123.037640] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.5'. 12:20:52 executing program 0: newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) ioprio_set$uid(0x3, r1, 0x6000) ioprio_get$uid(0x3, 0x0) 12:20:52 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001b000100060021006159"], 0x2c}}, 0x0) 12:20:52 executing program 4: r0 = socket$unix(0x1, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{0xb1}, {0x6}]}, 0x10) 12:20:52 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x9]}}]}]}]}, 0x44}}, 0x0) 12:20:52 executing program 6: newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) ioprio_set$uid(0x3, r1, 0x6000) ioprio_get$uid(0x3, 0x0) [ 123.089089] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 123.112191] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. 12:20:52 executing program 2: ioctl$BLKFLSBUF(0xffffffffffffffff, 0x1261, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000000280), 0xffffffffffffffff) syz_io_uring_submit(0x0, 0x0, &(0x7f00000020c0)=@IORING_OP_FILES_UPDATE={0x14, 0x2, 0x0, 0x0, 0x2, &(0x7f0000002080)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x5}, 0x0) 12:20:52 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0xa0840, 0x0) ioctl$CDROM_SEND_PACKET(r0, 0x5325, 0x0) 12:20:52 executing program 6: syz_emit_ethernet(0x42, &(0x7f0000001d40)={@local, @broadcast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "b14868", 0x8, 0x2f, 0x0, @mcast1, @private1, {[@fragment={0x73}]}}}}}, 0x0) 12:20:52 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TCXONC(r0, 0x40045436, 0x3) 12:20:52 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x9]}}]}]}]}, 0x44}}, 0x0) 12:20:52 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0) r1 = dup(r0) ioctl$SG_IO(r1, 0x2286, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0}) 12:20:52 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)={0x34, 0x2d, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @nested={0x18, 0x0, 0x0, 0x1, [@typed={0x14, 0x0, 0x0, 0x0, @ipv6=@local}]}]}, 0x34}], 0x1}, 0x0) 12:20:52 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001b000100060021006159"], 0x2c}}, 0x0) [ 123.196740] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.5'. [ 123.203287] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. 12:20:53 executing program 6: syz_emit_ethernet(0x42, &(0x7f0000001d40)={@local, @broadcast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "b14868", 0x8, 0x2f, 0x0, @mcast1, @private1, {[@fragment={0x73}]}}}}}, 0x0) 12:20:53 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x9]}}]}]}]}, 0x44}}, 0x0) 12:20:53 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)={0x34, 0x2d, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @nested={0x18, 0x0, 0x0, 0x1, [@typed={0x14, 0x0, 0x0, 0x0, @ipv6=@local}]}]}, 0x34}], 0x1}, 0x0) [ 123.257475] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.5'. 12:20:53 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001b000100060021006159"], 0x2c}}, 0x0) 12:20:53 executing program 2: ioctl$BLKFLSBUF(0xffffffffffffffff, 0x1261, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000000280), 0xffffffffffffffff) syz_io_uring_submit(0x0, 0x0, &(0x7f00000020c0)=@IORING_OP_FILES_UPDATE={0x14, 0x2, 0x0, 0x0, 0x2, &(0x7f0000002080)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x5}, 0x0) 12:20:53 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0) r1 = dup(r0) ioctl$SG_IO(r1, 0x2286, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0}) [ 123.337796] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. 12:20:53 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001b000100060021006159"], 0x2c}}, 0x0) 12:20:53 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)={0x34, 0x2d, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @nested={0x18, 0x0, 0x0, 0x1, [@typed={0x14, 0x0, 0x0, 0x0, @ipv6=@local}]}]}, 0x34}], 0x1}, 0x0) 12:20:53 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) 12:20:53 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) setgroups(0x0, 0x0) 12:20:53 executing program 6: syz_emit_ethernet(0x42, &(0x7f0000001d40)={@local, @broadcast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "b14868", 0x8, 0x2f, 0x0, @mcast1, @private1, {[@fragment={0x73}]}}}}}, 0x0) 12:20:53 executing program 2: ioctl$BLKFLSBUF(0xffffffffffffffff, 0x1261, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000000280), 0xffffffffffffffff) syz_io_uring_submit(0x0, 0x0, &(0x7f00000020c0)=@IORING_OP_FILES_UPDATE={0x14, 0x2, 0x0, 0x0, 0x2, &(0x7f0000002080)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x5}, 0x0) 12:20:53 executing program 0: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001b000100060021006159"], 0x2c}}, 0x0) 12:20:53 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0) r1 = dup(r0) ioctl$SG_IO(r1, 0x2286, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0}) [ 123.404491] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 123.406192] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.5'. 12:20:53 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00') getdents64(r0, &(0x7f0000000f00)=""/4096, 0x1000) getdents64(r0, 0x0, 0x0) 12:20:53 executing program 6: syz_emit_ethernet(0x42, &(0x7f0000001d40)={@local, @broadcast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "b14868", 0x8, 0x2f, 0x0, @mcast1, @private1, {[@fragment={0x73}]}}}}}, 0x0) 12:20:53 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001b000100060021006159"], 0x2c}}, 0x0) 12:20:53 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) bind$inet6(r0, &(0x7f0000000740)={0xa, 0x4e23, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) 12:20:53 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r0, r1, 0x20000000a, 0x0) 12:20:53 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0) r1 = dup(r0) ioctl$SG_IO(r1, 0x2286, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0}) [ 123.498266] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 123.499159] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 123.499807] CPU: 1 UID: 0 PID: 4175 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 123.500689] Tainted: [D]=DIE, [W]=WARN [ 123.500996] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 123.501643] RIP: 0010:perf_tp_event+0x175/0xe70 [ 123.502026] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 123.503432] RSP: 0018:ffff888048c8f800 EFLAGS: 00010212 [ 123.503848] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 123.504403] RDX: ffff8880489e3700 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 123.504958] RBP: ffff888048c8fa70 R08: ffff88806cf31340 R09: ffffe8ffffd17428 [ 123.505610] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 123.506215] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 123.506805] FS: 000055558b1e9400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 123.507486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.508003] CR2: 000055558b1eac18 CR3: 0000000045d50000 CR4: 0000000000350ef0 [ 123.508631] Call Trace: [ 123.508858] [ 123.509065] ? arch_scale_cpu_capacity+0x17/0xa0 [ 123.509488] ? __pfx_perf_tp_event+0x10/0x10 [ 123.509870] ? __asan_memset+0x24/0x50 [ 123.510230] ? __pfx_perf_trace_lock+0x10/0x10 [ 123.510625] ? perf_trace_lock+0xb5/0x5d0 [ 123.510967] ? perf_trace_lock+0xb5/0x5d0 [ 123.511318] ? kvm_sched_clock_read+0x16/0x30 [ 123.511743] ? sched_clock+0x37/0x60 [ 123.512094] ? sched_clock_cpu+0x6c/0x4e0 [ 123.512492] ? perf_trace_run_bpf_submit+0xef/0x180 [ 123.512945] perf_trace_run_bpf_submit+0xef/0x180 [ 123.513410] perf_trace_lock+0x337/0x5d0 [ 123.513779] ? __pfx_perf_trace_lock+0x10/0x10 [ 123.514203] ? __pfx_perf_trace_lock+0x10/0x10 [ 123.514631] ? get_futex_key+0x592/0x14a0 [ 123.515015] ? futex_ref_get+0x114/0x300 [ 123.515387] ? futex_hash+0x15c/0x390 [ 123.515751] lock_release+0x1ab/0x290 [ 123.516097] ? futex_hash+0x15c/0x390 [ 123.516433] futex_ref_get+0x119/0x300 [ 123.516792] ? futex_hash+0x15c/0x390 [ 123.517148] futex_hash+0x70/0x390 [ 123.517485] futex_wake+0x143/0x540 [ 123.517816] ? put_pid+0x1f/0x30 [ 123.518112] ? kernel_clone+0x204/0x7f0 [ 123.518472] ? __pfx_futex_wake+0x10/0x10 [ 123.518841] ? __pfx_kernel_clone+0x10/0x10 [ 123.519225] ? perf_trace_lock+0xb5/0x5d0 [ 123.519608] ? __pfx___handle_mm_fault+0x10/0x10 [ 123.520031] do_futex+0x26d/0x370 [ 123.520327] ? __pfx_do_futex+0x10/0x10 [ 123.520672] ? __pfx___do_sys_clone+0x10/0x10 [ 123.521078] ? handle_mm_fault+0x590/0x9b0 [ 123.521466] __x64_sys_futex+0x1c9/0x4d0 [ 123.521830] ? __pfx___x64_sys_futex+0x10/0x10 [ 123.522241] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 123.522701] do_syscall_64+0xbf/0x360 [ 123.523047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.523486] RIP: 0033:0x7f8c80844b19 [ 123.523824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.525408] RSP: 002b:00007ffc9b97c748 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.526036] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8c80844b19 [ 123.526667] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8c80957f68 [ 123.527276] RBP: 00007f8c80957f60 R08: 00007f8c7ddba700 R09: 0000000000000000 [ 123.527879] R10: 00007f8c7ddba700 R11: 0000000000000246 R12: 00007f8c8095ca68 [ 123.528506] R13: 00007ffc9b97c850 R14: 00007f8c80957f60 R15: 000000000001e1c7 [ 123.529146] [ 123.529371] Modules linked in: [ 123.529704] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#3] SMP KASAN NOPTI [ 123.530693] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 123.531468] CPU: 1 UID: 0 PID: 4175 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 123.532536] Tainted: [D]=DIE, [W]=WARN [ 123.532881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 123.533618] RIP: 0010:perf_tp_event+0x175/0xe70 [ 123.534044] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 123.535650] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012 [ 123.536122] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 123.536756] RDX: ffff8880489e3700 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 123.537388] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd17428 [ 123.538029] R10: 0000000000000000 R11: ffff88806cf37018 R12: dffffc0000000000 [ 123.538662] R13: 0000000000000024 R14: ffff88806cf31490 R15: dffffc0000000000 [ 123.539297] FS: 000055558b1e9400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 123.540019] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.540494] CR2: 000055558b1eac18 CR3: 0000000045d50000 CR4: 0000000000350ef0 [ 123.541055] Call Trace: [ 123.541264] [ 123.541450] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 123.541871] ? arch_stack_walk+0x9c/0xf0 [ 123.542199] ? __pfx_perf_tp_event+0x10/0x10 [ 123.542551] ? rcu_core+0x7c3/0x1800 [ 123.542850] ? stack_trace_save+0x8e/0xc0 [ 123.543181] ? stack_depot_save_flags+0x2c/0xa20 [ 123.543557] ? kasan_save_stack+0x34/0x50 [ 123.543888] ? kasan_save_stack+0x24/0x50 [ 123.544218] ? kasan_save_track+0x14/0x30 [ 123.544552] ? __kasan_save_free_info+0x3a/0x60 [ 123.544921] ? rcu_core+0x7c3/0x1800 [ 123.545225] ? kasan_save_stack+0x34/0x50 [ 123.545566] ? kasan_save_stack+0x24/0x50 [ 123.545894] ? kasan_record_aux_stack+0x89/0xa0 [ 123.546269] ? __call_rcu_common.constprop.0+0x70/0x960 [ 123.546685] ? delayed_put_task_struct+0xde/0x260 [ 123.547069] ? rcu_core+0x7c8/0x1800 [ 123.547367] ? handle_softirqs+0x1b1/0x770 [ 123.547707] ? __irq_exit_rcu+0xc4/0x100 [ 123.548032] ? irq_exit_rcu+0x9/0x20 [ 123.548324] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 123.548727] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 123.549149] ? __pfx_filter_irq_stacks+0x10/0x10 [ 123.549536] ? stack_depot_save_flags+0x2c/0xa20 [ 123.549911] ? kasan_save_stack+0x34/0x50 [ 123.550238] ? kasan_save_track+0x14/0x30 [ 123.550567] ? __kasan_kmalloc+0x7f/0x90 [ 123.550890] ? kmem_cache_free+0x134/0x540 [ 123.551226] ? kvm_sched_clock_read+0x16/0x30 [ 123.551582] ? sched_clock+0x37/0x60 [ 123.551884] ? sched_clock_cpu+0x6c/0x4e0 [ 123.552216] ? perf_trace_run_bpf_submit+0xef/0x180 [ 123.552613] perf_trace_run_bpf_submit+0xef/0x180 [ 123.552996] perf_trace_lock+0x337/0x5d0 [ 123.553317] ? place_entity+0x300/0x410 [ 123.553647] ? kvm_sched_clock_read+0x16/0x30 [ 123.554008] ? __pfx_perf_trace_lock+0x10/0x10 [ 123.554376] ? check_preempt_wakeup_fair+0x6e/0x950 [ 123.554766] ? rcu_core+0x7c3/0x1800 [ 123.555067] ? sched_ttwu_pending+0x2e0/0x4a0 [ 123.555431] lock_release+0x1ab/0x290 [ 123.555736] ? ttwu_do_activate+0x1a4/0x8a0 [ 123.556080] _raw_spin_unlock+0x16/0x40 [ 123.556397] sched_ttwu_pending+0x2e0/0x4a0 [ 123.556742] ? lock_release+0x1c7/0x290 [ 123.557062] ? __pfx_sched_ttwu_pending+0x10/0x10 [ 123.557454] ? flush_tlb_func+0x3eb/0x560 [ 123.557788] __flush_smp_call_function_queue+0x434/0x740 [ 123.558218] __sysvec_call_function_single+0x6d/0x370 [ 123.558635] sysvec_call_function_single+0xa1/0xc0 [ 123.559021] [ 123.559204] [ 123.559387] asm_sysvec_call_function_single+0x1a/0x20 [ 123.559803] RIP: 0010:oops_exit+0x0/0x50 [ 123.560128] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27 [ 123.561542] RSP: 0018:ffff888048c8f690 EFLAGS: 00000202 [ 123.561976] RAX: 0000000000000000 RBX: 0000000000000293 RCX: ffffffff8139f06f [ 123.562549] RDX: ffff8880489e3700 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 123.563122] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90 [ 123.563688] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888048c8f758 [ 123.564259] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000 [ 123.564832] ? add_taint+0x5f/0xd0 [ 123.565135] ? oops_end+0x4a/0xe0 [ 123.565447] oops_end+0x65/0xe0 [ 123.565732] exc_general_protection+0x1a2/0x330 [ 123.566125] asm_exc_general_protection+0x26/0x30 [ 123.566517] RIP: 0010:perf_tp_event+0x175/0xe70 [ 123.566902] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 123.568368] RSP: 0018:ffff888048c8f800 EFLAGS: 00010212 [ 123.568806] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 123.569389] RDX: ffff8880489e3700 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 123.569964] RBP: ffff888048c8fa70 R08: ffff88806cf31340 R09: ffffe8ffffd17428 [ 123.570540] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 123.571110] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000 [ 123.571695] ? perf_tp_event+0x167/0xe70 [ 123.572046] ? arch_scale_cpu_capacity+0x17/0xa0 [ 123.572456] ? __pfx_perf_tp_event+0x10/0x10 [ 123.572826] ? __asan_memset+0x24/0x50 [ 123.573157] ? __pfx_perf_trace_lock+0x10/0x10 [ 123.573549] ? perf_trace_lock+0xb5/0x5d0 [ 123.573893] ? perf_trace_lock+0xb5/0x5d0 [ 123.574235] ? kvm_sched_clock_read+0x16/0x30 [ 123.574603] ? sched_clock+0x37/0x60 [ 123.574909] ? sched_clock_cpu+0x6c/0x4e0 [ 123.575245] ? perf_trace_run_bpf_submit+0xef/0x180 [ 123.575634] perf_trace_run_bpf_submit+0xef/0x180 [ 123.576017] perf_trace_lock+0x337/0x5d0 [ 123.576334] ? __pfx_perf_trace_lock+0x10/0x10 [ 123.576693] ? __pfx_perf_trace_lock+0x10/0x10 [ 123.577052] ? get_futex_key+0x592/0x14a0 [ 123.577384] ? futex_ref_get+0x114/0x300 [ 123.577699] ? futex_hash+0x15c/0x390 [ 123.577996] lock_release+0x1ab/0x290 [ 123.578296] ? futex_hash+0x15c/0x390 [ 123.578593] futex_ref_get+0x119/0x300 [ 123.578897] ? futex_hash+0x15c/0x390 [ 123.579193] futex_hash+0x70/0x390 [ 123.579475] futex_wake+0x143/0x540 [ 123.579768] ? put_pid+0x1f/0x30 [ 123.580034] ? kernel_clone+0x204/0x7f0 [ 123.580343] ? __pfx_futex_wake+0x10/0x10 [ 123.580669] ? __pfx_kernel_clone+0x10/0x10 [ 123.581004] ? perf_trace_lock+0xb5/0x5d0 [ 123.581326] ? __pfx___handle_mm_fault+0x10/0x10 [ 123.581706] do_futex+0x26d/0x370 [ 123.581983] ? __pfx_do_futex+0x10/0x10 [ 123.582295] ? __pfx___do_sys_clone+0x10/0x10 [ 123.582644] ? handle_mm_fault+0x590/0x9b0 [ 123.582976] __x64_sys_futex+0x1c9/0x4d0 [ 123.583296] ? __pfx___x64_sys_futex+0x10/0x10 [ 123.583657] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 123.584061] do_syscall_64+0xbf/0x360 [ 123.584360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.584758] RIP: 0033:0x7f8c80844b19 [ 123.585045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.586432] RSP: 002b:00007ffc9b97c748 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.587065] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8c80844b19 [ 123.587660] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8c80957f68 [ 123.588206] RBP: 00007f8c80957f60 R08: 00007f8c7ddba700 R09: 0000000000000000 [ 123.588748] R10: 00007f8c7ddba700 R11: 0000000000000246 R12: 00007f8c8095ca68 [ 123.589304] R13: 00007ffc9b97c850 R14: 00007f8c80957f60 R15: 000000000001e1c7 [ 123.589880] [ 123.590066] Modules linked in: [ 123.590327] ---[ end trace 0000000000000000 ]--- [ 123.590688] RIP: 0010:perf_tp_event+0x175/0xe70 [ 123.591052] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 123.592434] RSP: 0018:ffff8880474b7800 EFLAGS: 00010212 [ 123.592844] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc90007e30000 [ 123.593398] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 123.593939] RBP: ffff8880474b7a70 R08: ffff88806ce31340 R09: ffffe8ffffc17428 [ 123.594484] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 123.595025] R13: 000000000000002c R14: ffff88806ce31340 R15: dffffc0000000000 [ 123.595569] FS: 000055558b1e9400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 123.596181] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.596628] CR2: 000055558b1eac18 CR3: 0000000045d50000 CR4: 0000000000350ef0 [ 123.597175] Kernel panic - not syncing: Fatal exception in interrupt [ 123.597874] Kernel Offset: disabled [ 123.598158] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 12:20:52 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000100 RCX=ffffffff81b96dd8 RDX=ffff888019d05280 RSI=ffffffff81b96da3 RDI=0000000000000001 RBP=ffff888019cb7c48 RSP=ffff888019cb7bb0 R8 =0000000000000001 R9 =ffffffff81b964d3 R10=0000000000000001 R11=0000000000000001 R12=ffff888019cb7d24 R13=00000000000007d5 R14=ffff888019cb7ce8 R15=0000000000000001 RIP=ffffffff8173e788 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555571c47400 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe1600000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffcee85804c CR3=00000000400ea000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff88801701f5b0 R8 =0000000000000000 R9 =ffffed100134a046 R10=0000000000000020 R11=0000000000000001 R12=0000000000000020 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055558e06b400 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe0600000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffcc63d1bd8 CR3=00000000447cd000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000000000000000ff000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000