Debian GNU/Linux 11 syzkaller ttyS0
Warning: Permanently added '[localhost]:3204' (ECDSA) to the list of known hosts.
2025/09/01 09:23:00 fuzzer started
2025/09/01 09:23:00 dialing manager at localhost:35473
syzkaller login: [ 44.723754] cgroup: Unknown subsys name 'net'
[ 44.787915] cgroup: Unknown subsys name 'cpuset'
[ 44.810037] cgroup: Unknown subsys name 'rlimit'
2025/09/01 09:23:11 syscalls: 2214
2025/09/01 09:23:11 code coverage: enabled
2025/09/01 09:23:11 comparison tracing: enabled
2025/09/01 09:23:11 extra coverage: enabled
2025/09/01 09:23:11 setuid sandbox: enabled
2025/09/01 09:23:11 namespace sandbox: enabled
2025/09/01 09:23:11 Android sandbox: enabled
2025/09/01 09:23:11 fault injection: enabled
2025/09/01 09:23:11 leak checking: enabled
2025/09/01 09:23:11 net packet injection: enabled
2025/09/01 09:23:11 net device setup: enabled
2025/09/01 09:23:11 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 09:23:11 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 09:23:11 USB emulation: enabled
2025/09/01 09:23:11 hci packet injection: enabled
2025/09/01 09:23:11 wifi device emulation: enabled
2025/09/01 09:23:11 802.15.4 emulation: enabled
2025/09/01 09:23:11 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 09:23:11 fetching corpus: 45, signal 19816/23249 (executing program)
2025/09/01 09:23:11 fetching corpus: 95, signal 30550/35282 (executing program)
2025/09/01 09:23:11 fetching corpus: 145, signal 35532/41589 (executing program)
2025/09/01 09:23:11 fetching corpus: 195, signal 40856/48111 (executing program)
2025/09/01 09:23:11 fetching corpus: 245, signal 51329/59201 (executing program)
2025/09/01 09:23:11 fetching corpus: 294, signal 54780/63614 (executing program)
2025/09/01 09:23:11 fetching corpus: 344, signal 59848/69398 (executing program)
2025/09/01 09:23:12 fetching corpus: 394, signal 68557/78277 (executing program)
2025/09/01 09:23:12 fetching corpus: 444, signal 71819/82158 (executing program)
2025/09/01 09:23:12 fetching corpus: 494, signal 75232/86099 (executing program)
2025/09/01 09:23:12 fetching corpus: 544, signal 78583/89932 (executing program)
2025/09/01 09:23:12 fetching corpus: 594, signal 80594/92547 (executing program)
2025/09/01 09:23:12 fetching corpus: 644, signal 83949/96167 (executing program)
2025/09/01 09:23:12 fetching corpus: 694, signal 85574/98356 (executing program)
2025/09/01 09:23:12 fetching corpus: 744, signal 87281/100536 (executing program)
2025/09/01 09:23:12 fetching corpus: 793, signal 90228/103642 (executing program)
2025/09/01 09:23:12 fetching corpus: 842, signal 92739/106339 (executing program)
2025/09/01 09:23:13 fetching corpus: 891, signal 94316/108249 (executing program)
2025/09/01 09:23:13 fetching corpus: 941, signal 96273/110402 (executing program)
2025/09/01 09:23:13 fetching corpus: 991, signal 98512/112690 (executing program)
2025/09/01 09:23:13 fetching corpus: 1041, signal 100099/114526 (executing program)
2025/09/01 09:23:13 fetching corpus: 1091, signal 102928/117136 (executing program)
2025/09/01 09:23:13 fetching corpus: 1141, signal 104495/118827 (executing program)
2025/09/01 09:23:13 fetching corpus: 1191, signal 106260/120589 (executing program)
2025/09/01 09:23:13 fetching corpus: 1241, signal 107416/121905 (executing program)
2025/09/01 09:23:13 fetching corpus: 1290, signal 109102/123537 (executing program)
2025/09/01 09:23:14 fetching corpus: 1340, signal 110333/124906 (executing program)
2025/09/01 09:23:14 fetching corpus: 1389, signal 112214/126530 (executing program)
2025/09/01 09:23:14 fetching corpus: 1439, signal 113659/127904 (executing program)
2025/09/01 09:23:14 fetching corpus: 1489, signal 115295/129288 (executing program)
2025/09/01 09:23:14 fetching corpus: 1539, signal 116233/130337 (executing program)
2025/09/01 09:23:14 fetching corpus: 1589, signal 117139/131343 (executing program)
2025/09/01 09:23:14 fetching corpus: 1639, signal 118107/132322 (executing program)
2025/09/01 09:23:14 fetching corpus: 1689, signal 119485/133523 (executing program)
2025/09/01 09:23:14 fetching corpus: 1739, signal 120229/134327 (executing program)
2025/09/01 09:23:15 fetching corpus: 1787, signal 121132/135160 (executing program)
2025/09/01 09:23:15 fetching corpus: 1837, signal 122112/136037 (executing program)
2025/09/01 09:23:15 fetching corpus: 1887, signal 122786/136749 (executing program)
2025/09/01 09:23:15 fetching corpus: 1937, signal 124235/137783 (executing program)
2025/09/01 09:23:15 fetching corpus: 1987, signal 125007/138472 (executing program)
2025/09/01 09:23:15 fetching corpus: 2037, signal 126431/139515 (executing program)
2025/09/01 09:23:15 fetching corpus: 2087, signal 127371/140227 (executing program)
2025/09/01 09:23:15 fetching corpus: 2137, signal 128407/140977 (executing program)
2025/09/01 09:23:15 fetching corpus: 2187, signal 129068/141509 (executing program)
2025/09/01 09:23:15 fetching corpus: 2237, signal 129939/142130 (executing program)
2025/09/01 09:23:16 fetching corpus: 2287, signal 131048/142865 (executing program)
2025/09/01 09:23:16 fetching corpus: 2336, signal 131704/143414 (executing program)
2025/09/01 09:23:16 fetching corpus: 2386, signal 132545/143942 (executing program)
2025/09/01 09:23:16 fetching corpus: 2436, signal 132972/144309 (executing program)
2025/09/01 09:23:16 fetching corpus: 2486, signal 134172/144884 (executing program)
2025/09/01 09:23:16 fetching corpus: 2536, signal 134730/145256 (executing program)
2025/09/01 09:23:16 fetching corpus: 2586, signal 135727/145746 (executing program)
2025/09/01 09:23:16 fetching corpus: 2636, signal 136290/146098 (executing program)
2025/09/01 09:23:16 fetching corpus: 2686, signal 136947/146468 (executing program)
2025/09/01 09:23:16 fetching corpus: 2736, signal 137563/146806 (executing program)
2025/09/01 09:23:16 fetching corpus: 2786, signal 138281/147198 (executing program)
2025/09/01 09:23:17 fetching corpus: 2836, signal 139372/147616 (executing program)
2025/09/01 09:23:17 fetching corpus: 2886, signal 140053/147912 (executing program)
2025/09/01 09:23:17 fetching corpus: 2936, signal 140478/148182 (executing program)
2025/09/01 09:23:17 fetching corpus: 2986, signal 141335/148472 (executing program)
2025/09/01 09:23:17 fetching corpus: 3036, signal 141724/148654 (executing program)
2025/09/01 09:23:17 fetching corpus: 3086, signal 142356/148856 (executing program)
2025/09/01 09:23:17 fetching corpus: 3136, signal 142921/149059 (executing program)
2025/09/01 09:23:17 fetching corpus: 3186, signal 143434/149194 (executing program)
2025/09/01 09:23:17 fetching corpus: 3236, signal 143968/149365 (executing program)
2025/09/01 09:23:18 fetching corpus: 3286, signal 144853/149535 (executing program)
2025/09/01 09:23:18 fetching corpus: 3336, signal 145518/149693 (executing program)
2025/09/01 09:23:18 fetching corpus: 3386, signal 146243/149798 (executing program)
2025/09/01 09:23:18 fetching corpus: 3427, signal 147307/149931 (executing program)
2025/09/01 09:23:18 fetching corpus: 3427, signal 147307/149972 (executing program)
2025/09/01 09:23:18 fetching corpus: 3427, signal 147307/150013 (executing program)
2025/09/01 09:23:18 fetching corpus: 3427, signal 147307/150056 (executing program)
2025/09/01 09:23:18 fetching corpus: 3427, signal 147307/150092 (executing program)
2025/09/01 09:23:18 fetching corpus: 3427, signal 147307/150092 (executing program)
2025/09/01 09:23:20 starting 8 fuzzer processes
09:23:20 executing program 0:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6}]})
09:23:20 executing program 7:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind(r0, &(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x80)
09:23:20 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup3(r1, r0, 0x0)
09:23:20 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r0, 0x4b30, &(0x7f0000000000))
09:23:20 executing program 3:
sched_getaffinity(0x0, 0x8, &(0x7f0000000080))
[ 64.889220] audit: type=1400 audit(1756718600.755:7): avc: denied { execmem } for pid=272 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
09:23:20 executing program 4:
r0 = semget$private(0x0, 0x1, 0x0)
semtimedop(r0, &(0x7f00000014c0)=[{0x0, 0xcd6d}], 0x1, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x0)
09:23:20 executing program 5:
rt_sigqueueinfo(0x0, 0x0, 0x0)
09:23:20 executing program 6:
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid_for_children\x00')
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)
[ 66.063614] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 66.067205] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 66.068904] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 66.072097] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 66.074270] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 66.133845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 66.136696] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 66.138587] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 66.151630] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 66.157455] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 66.188842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 66.196638] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 66.198022] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 66.203727] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 66.206439] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 66.207735] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 66.210916] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 66.213192] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 66.218600] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 66.219578] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 66.223784] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 66.233685] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 66.235530] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 66.237815] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 66.240021] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 66.245564] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 66.250929] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 66.260057] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 66.290295] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 66.291840] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 66.294163] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 66.296287] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 66.300527] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 66.303204] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 66.305538] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 66.312047] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 66.326887] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 66.331391] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 66.369581] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 66.420610] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 68.160650] Bluetooth: hci0: command tx timeout
[ 68.223223] Bluetooth: hci1: command tx timeout
[ 68.286834] Bluetooth: hci2: command tx timeout
[ 68.286892] Bluetooth: hci4: command tx timeout
[ 68.287099] Bluetooth: hci3: command tx timeout
[ 68.350466] Bluetooth: hci6: command tx timeout
[ 68.414407] Bluetooth: hci5: command tx timeout
[ 68.478393] Bluetooth: hci7: command tx timeout
[ 70.206384] Bluetooth: hci0: command tx timeout
[ 70.270480] Bluetooth: hci1: command tx timeout
[ 70.334409] Bluetooth: hci2: command tx timeout
[ 70.334870] Bluetooth: hci3: command tx timeout
[ 70.334903] Bluetooth: hci4: command tx timeout
[ 70.398427] Bluetooth: hci6: command tx timeout
[ 70.462521] Bluetooth: hci5: command tx timeout
[ 70.527433] Bluetooth: hci7: command tx timeout
[ 72.254558] Bluetooth: hci0: command tx timeout
[ 72.319540] Bluetooth: hci1: command tx timeout
[ 72.382465] Bluetooth: hci2: command tx timeout
[ 72.383204] Bluetooth: hci3: command tx timeout
[ 72.384370] Bluetooth: hci4: command tx timeout
[ 72.447378] Bluetooth: hci6: command tx timeout
[ 72.510683] Bluetooth: hci5: command tx timeout
[ 72.575194] Bluetooth: hci7: command tx timeout
[ 74.303580] Bluetooth: hci0: command tx timeout
[ 74.367412] Bluetooth: hci1: command tx timeout
[ 74.430487] Bluetooth: hci4: command tx timeout
[ 74.430515] Bluetooth: hci2: command tx timeout
[ 74.431293] Bluetooth: hci3: command tx timeout
[ 74.496429] Bluetooth: hci6: command tx timeout
[ 74.559467] Bluetooth: hci5: command tx timeout
[ 74.622422] Bluetooth: hci7: command tx timeout
[ 105.816608] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.817254] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.140209] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.141484] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.762888] audit: type=1400 audit(1756718642.629:8): avc: denied { open } for pid=3707 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 106.773997] audit: type=1400 audit(1756718642.629:9): avc: denied { kernel } for pid=3707 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
09:24:02 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup3(r1, r0, 0x0)
09:24:02 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup3(r1, r0, 0x0)
09:24:03 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup3(r1, r0, 0x0)
09:24:03 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup3(r1, r0, 0x0)
09:24:03 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup3(r1, r0, 0x0)
09:24:03 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup3(r1, r0, 0x0)
[ 107.706387] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.707013] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:24:03 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400028001000270000004f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041", 0x21, 0x600}], 0x0, &(0x7f0000010d00)=ANY=[])
mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0x200, 0x1)
[ 107.825595] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.826169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.841017] loop1: detected capacity change from 0 to 6
[ 107.860146] FAT-fs (loop1): Directory bread(block 6) failed
[ 107.863375] FAT-fs (loop1): Directory bread(block 7) failed
[ 107.864225] FAT-fs (loop1): Directory bread(block 8) failed
[ 107.870401] FAT-fs (loop1): Directory bread(block 9) failed
[ 107.886237] FAT-fs (loop1): Directory bread(block 6) failed
[ 107.890279] FAT-fs (loop1): Directory bread(block 7) failed
[ 107.897411] FAT-fs (loop1): Directory bread(block 8) failed
[ 107.898279] FAT-fs (loop1): Directory bread(block 9) failed
[ 107.903689] FAT-fs (loop1): Directory bread(block 6) failed
[ 107.911462] FAT-fs (loop1): Directory bread(block 7) failed
[ 107.963633] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.964275] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:24:03 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400028001000270000004f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041", 0x21, 0x600}], 0x0, &(0x7f0000010d00)=ANY=[])
mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0x200, 0x1)
[ 108.165062] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.165818] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 108.189276] loop1: detected capacity change from 0 to 6
[ 108.207529] FAT-fs (loop1): Directory bread(block 6) failed
[ 108.213227] FAT-fs (loop1): Directory bread(block 7) failed
[ 108.219633] FAT-fs (loop1): Directory bread(block 8) failed
[ 108.224605] FAT-fs (loop1): Directory bread(block 9) failed
[ 108.244541] FAT-fs (loop1): Directory bread(block 6) failed
[ 108.251451] FAT-fs (loop1): Directory bread(block 7) failed
[ 108.258430] FAT-fs (loop1): Directory bread(block 8) failed
[ 108.261462] FAT-fs (loop1): Directory bread(block 9) failed
[ 108.268593] FAT-fs (loop1): Directory bread(block 6) failed
[ 108.271290] FAT-fs (loop1): Directory bread(block 7) failed
[ 108.344937] audit: type=1326 audit(1756718644.211:10): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3842 comm="syz-executor.0" exe="/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55157fcb19 code=0x0
[ 108.528455] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.530107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 108.707340] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.707972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 108.937685] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.938307] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.001744] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.002516] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.190895] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.192264] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.324797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.326010] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.458877] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.459970] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.577755] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.578847] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.797673] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.798708] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.894885] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.895847] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:24:05 executing program 0:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6}]})
[ 110.146490] audit: type=1326 audit(1756718646.012:11): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3916 comm="syz-executor.0" exe="/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55157fcb19 code=0x0
09:24:05 executing program 4:
r0 = semget$private(0x0, 0x1, 0x0)
semtimedop(r0, &(0x7f00000014c0)=[{0x0, 0xcd6d}], 0x1, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x0)
09:24:05 executing program 5:
rt_sigqueueinfo(0x0, 0x0, 0x0)
09:24:05 executing program 6:
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid_for_children\x00')
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)
09:24:05 executing program 3:
sched_getaffinity(0x0, 0x8, &(0x7f0000000080))
09:24:05 executing program 7:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind(r0, &(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x80)
09:24:05 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r0, 0x4b30, &(0x7f0000000000))
09:24:05 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400028001000270000004f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041", 0x21, 0x600}], 0x0, &(0x7f0000010d00)=ANY=[])
mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0x200, 0x1)
[ 110.165568] loop1: detected capacity change from 0 to 6
09:24:06 executing program 7:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind(r0, &(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x80)
09:24:06 executing program 5:
rt_sigqueueinfo(0x0, 0x0, 0x0)
[ 110.190459] FAT-fs (loop1): Directory bread(block 6) failed
[ 110.191385] FAT-fs (loop1): Directory bread(block 7) failed
[ 110.198785] FAT-fs (loop1): Directory bread(block 8) failed
09:24:06 executing program 3:
sched_getaffinity(0x0, 0x8, &(0x7f0000000080))
[ 110.233534] FAT-fs (loop1): Directory bread(block 9) failed
09:24:06 executing program 6:
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid_for_children\x00')
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)
09:24:06 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r0, 0x4b30, &(0x7f0000000000))
[ 110.264069] FAT-fs (loop1): Directory bread(block 6) failed
[ 110.267480] FAT-fs (loop1): Directory bread(block 7) failed
[ 110.274544] FAT-fs (loop1): Directory bread(block 8) failed
[ 110.281262] FAT-fs (loop1): Directory bread(block 9) failed
[ 110.282298] FAT-fs (loop1): Directory bread(block 6) failed
[ 110.292409] FAT-fs (loop1): Directory bread(block 7) failed
09:24:06 executing program 0:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6}]})
09:24:06 executing program 4:
r0 = semget$private(0x0, 0x1, 0x0)
semtimedop(r0, &(0x7f00000014c0)=[{0x0, 0xcd6d}], 0x1, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x0)
09:24:06 executing program 7:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind(r0, &(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x80)
09:24:06 executing program 3:
sched_getaffinity(0x0, 0x8, &(0x7f0000000080))
09:24:06 executing program 5:
rt_sigqueueinfo(0x0, 0x0, 0x0)
09:24:06 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400028001000270000004f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041", 0x21, 0x600}], 0x0, &(0x7f0000010d00)=ANY=[])
mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0x200, 0x1)
09:24:06 executing program 6:
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid_for_children\x00')
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)
09:24:06 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r0, 0x4b30, &(0x7f0000000000))
[ 110.490589] audit: type=1326 audit(1756718646.353:12): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3942 comm="syz-executor.0" exe="/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55157fcb19 code=0x0
[ 110.578004] loop1: detected capacity change from 0 to 6
[ 110.620026] FAT-fs (loop1): Directory bread(block 6) failed
[ 110.629516] FAT-fs (loop1): Directory bread(block 7) failed
[ 110.637256] FAT-fs (loop1): Directory bread(block 8) failed
[ 110.641452] FAT-fs (loop1): Directory bread(block 9) failed
[ 110.653640] FAT-fs (loop1): Directory bread(block 6) failed
[ 110.654472] FAT-fs (loop1): Directory bread(block 7) failed
[ 110.655162] FAT-fs (loop1): Directory bread(block 8) failed
[ 110.656757] FAT-fs (loop1): Directory bread(block 9) failed
[ 110.657562] FAT-fs (loop1): Directory bread(block 6) failed
[ 110.658246] FAT-fs (loop1): Directory bread(block 7) failed
09:24:06 executing program 7:
r0 = semget$private(0x0, 0x1, 0x0)
semtimedop(r0, &(0x7f00000014c0)=[{0x0, 0xcd6d}], 0x1, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x0)
09:24:06 executing program 4:
r0 = semget$private(0x0, 0x1, 0x0)
semtimedop(r0, &(0x7f00000014c0)=[{0x0, 0xcd6d}], 0x1, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x0)
09:24:06 executing program 5:
r0 = getpid()
syz_open_procfs$namespace(r0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
09:24:06 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
geteuid()
09:24:06 executing program 6:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000140)='selinuxfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
09:24:06 executing program 0:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6}]})
[ 110.796663] audit: type=1326 audit(1756718646.661:13): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3965 comm="syz-executor.0" exe="/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55157fcb19 code=0x0
[ 110.823616] kmemleak: Found object by alias at 0x607f1a63daf4
[ 110.823641] CPU: 1 UID: 0 PID: 3965 Comm: syz-executor.0 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 110.823674] Tainted: [W]=WARN
[ 110.823681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 110.823694] Call Trace:
[ 110.823701]
[ 110.823709] dump_stack_lvl+0xca/0x120
[ 110.823749] __lookup_object+0x94/0xb0
[ 110.823780] delete_object_full+0x27/0x70
[ 110.823811] free_percpu+0x30/0x1160
[ 110.823841] ? arch_uprobe_clear_state+0x16/0x140
[ 110.823877] futex_hash_free+0x38/0xc0
[ 110.823902] mmput+0x2d3/0x390
[ 110.823937] do_exit+0x79d/0x2970
[ 110.823965] ? zap_other_threads+0x2b9/0x3a0
[ 110.823996] ? __pfx_do_exit+0x10/0x10
[ 110.824020] ? do_group_exit+0x1c3/0x2a0
[ 110.824046] ? lock_release+0xc8/0x290
[ 110.824076] do_group_exit+0xd3/0x2a0
[ 110.824104] __x64_sys_exit_group+0x3e/0x50
[ 110.824131] x64_sys_call+0x18c5/0x18d0
[ 110.824159] do_syscall_64+0xbf/0x360
[ 110.824182] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 110.824204] RIP: 0033:0x7f55157fcb19
[ 110.824219] Code: Unable to access opcode bytes at 0x7f55157fcaef.
[ 110.824229] RSP: 002b:00007ffcdcbac4b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 110.824250] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f55157fcb19
[ 110.824264] RDX: 00007f55157af72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 110.824277] RBP: 0000000000000000 R08: 0000001b2d02001c R09: 0000000000000000
[ 110.824290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 110.824303] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffcdcbac5a0
[ 110.824338]
[ 110.824345] kmemleak: Object (percpu) 0x607f1a63daf0 (size 8):
[ 110.824357] kmemleak: comm "syz-executor.6", pid 3961, jiffies 4294777421
[ 110.824370] kmemleak: min_count = 1
[ 110.824377] kmemleak: count = 0
[ 110.824384] kmemleak: flags = 0x21
[ 110.824391] kmemleak: checksum = 0
[ 110.824398] kmemleak: backtrace:
[ 110.824404] pcpu_alloc_noprof+0x87a/0x1170
[ 110.824433] perf_trace_event_init+0x366/0xa10
[ 110.824458] perf_trace_init+0x1a4/0x2f0
[ 110.824481] perf_tp_event_init+0xa6/0x120
[ 110.824510] perf_try_init_event+0x140/0x9f0
[ 110.824536] perf_event_alloc.part.0+0x118e/0x45f0
[ 110.824567] __do_sys_perf_event_open+0x719/0x2c20
[ 110.824591] do_syscall_64+0xbf/0x360
[ 110.824609] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 110.832113] kmemleak: Found object by alias at 0x607f1a63dd08
[ 110.832137] CPU: 0 UID: 0 PID: 3963 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 110.832161] Tainted: [W]=WARN
[ 110.832166] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 110.832175] Call Trace:
[ 110.832180]
[ 110.832187] dump_stack_lvl+0xca/0x120
[ 110.832219] __lookup_object+0x94/0xb0
[ 110.832241] delete_object_full+0x27/0x70
09:24:06 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
geteuid()
[ 110.832263] free_percpu+0x30/0x1160
[ 110.832286] ? arch_uprobe_clear_state+0x16/0x140
[ 110.832312] futex_hash_free+0x38/0xc0
[ 110.832337] mmput+0x2d3/0x390
[ 110.832363] do_exit+0x79d/0x2970
[ 110.832381] ? lock_release+0xc8/0x290
[ 110.832403] ? __pfx_do_exit+0x10/0x10
[ 110.832422] ? find_held_lock+0x2b/0x80
[ 110.832445] ? get_signal+0x835/0x2340
[ 110.832471] do_group_exit+0xd3/0x2a0
[ 110.832492] get_signal+0x2315/0x2340
[ 110.832518] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 110.832541] ? __pfx_get_signal+0x10/0x10
[ 110.832563] ? do_futex+0x135/0x370
[ 110.832581] ? __pfx_do_futex+0x10/0x10
[ 110.832601] arch_do_signal_or_restart+0x80/0x790
[ 110.832625] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 110.832647] ? __x64_sys_futex+0x1c9/0x4d0
[ 110.832663] ? __x64_sys_futex+0x1d2/0x4d0
[ 110.832683] ? __pfx___x64_sys_futex+0x10/0x10
[ 110.832701] ? from_kuid_munged+0xaa/0x130
[ 110.832726] exit_to_user_mode_loop+0x8b/0x110
[ 110.832743] do_syscall_64+0x2f7/0x360
[ 110.832760] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 110.832776] RIP: 0033:0x7f22b7d0ab19
[ 110.832788] Code: Unable to access opcode bytes at 0x7f22b7d0aaef.
[ 110.832794] RSP: 002b:00007f22b5280218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 110.832810] RAX: 0000000000000000 RBX: 00007f22b7e1df68 RCX: 00007f22b7d0ab19
[ 110.832820] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f22b7e1df68
[ 110.832829] RBP: 00007f22b7e1df60 R08: 0000000000000000 R09: 0000000000000000
[ 110.832838] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f22b7e1df6c
[ 110.832848] R13: 00007fff5bc9fe0f R14: 00007f22b5280300 R15: 0000000000022000
[ 110.832868]
[ 110.832873] kmemleak: Object (percpu) 0x607f1a63dd04 (size 8):
[ 110.832882] kmemleak: comm "syz-executor.6", pid 3961, jiffies 4294777415
[ 110.832891] kmemleak: min_count = 1
[ 110.832897] kmemleak: count = 0
[ 110.832902] kmemleak: flags = 0x21
[ 110.832907] kmemleak: checksum = 0
[ 110.832912] kmemleak: backtrace:
[ 110.832918] pcpu_alloc_noprof+0x87a/0x1170
[ 110.832942] alloc_vfsmnt+0x135/0x6e0
[ 110.832960] vfs_create_mount.part.0+0x40/0x440
[ 110.832980] path_mount+0x1637/0x1dd0
[ 110.832996] __x64_sys_mount+0x27b/0x300
[ 110.833011] do_syscall_64+0xbf/0x360
[ 110.833024] entry_SYSCALL_64_after_hwframe+0x77/0x7f
09:24:06 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0)
statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96)
09:24:06 executing program 7:
r0 = semget$private(0x0, 0x1, 0x0)
semtimedop(r0, &(0x7f00000014c0)=[{0x0, 0xcd6d}], 0x1, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x0)
09:24:06 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)={0x28, 0x11, 0x1, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='(n\x00'}, @typed={0xd, 0x0, 0x0, 0x0, @str=',\'.),[)/\x00'}]}, 0x28}], 0x1}, 0x0)
09:24:06 executing program 4:
r0 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
io_uring_register$IORING_REGISTER_PROBE(r0, 0xd, 0x0, 0x20)
09:24:06 executing program 5:
socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, 0x0)
openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_aout(r0, &(0x7f0000000200), 0x20)
pselect6(0x40, &(0x7f0000001d80)={0xb3}, 0x0, 0x0, 0x0, 0x0)
09:24:06 executing program 6:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000140)='selinuxfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
09:24:06 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
geteuid()
09:24:06 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0)
statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96)
09:24:06 executing program 4:
r0 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
io_uring_register$IORING_REGISTER_PROBE(r0, 0xd, 0x0, 0x20)
09:24:06 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)={0x28, 0x11, 0x1, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='(n\x00'}, @typed={0xd, 0x0, 0x0, 0x0, @str=',\'.),[)/\x00'}]}, 0x28}], 0x1}, 0x0)
09:24:06 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
geteuid()
09:24:07 executing program 0:
r0 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
io_uring_register$IORING_REGISTER_PROBE(r0, 0xd, 0x0, 0x20)
09:24:07 executing program 7:
r0 = semget$private(0x0, 0x1, 0x0)
semtimedop(r0, &(0x7f00000014c0)=[{0x0, 0xcd6d}], 0x1, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x0)
09:24:07 executing program 4:
r0 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
io_uring_register$IORING_REGISTER_PROBE(r0, 0xd, 0x0, 0x20)
[ 111.215569] kmemleak: Found object by alias at 0x607f1a63dd08
[ 111.215589] CPU: 0 UID: 0 PID: 3995 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.215608] Tainted: [W]=WARN
[ 111.215612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.215619] Call Trace:
[ 111.215623]
[ 111.215628] dump_stack_lvl+0xca/0x120
[ 111.215654] __lookup_object+0x94/0xb0
[ 111.215674] delete_object_full+0x27/0x70
[ 111.215692] free_percpu+0x30/0x1160
[ 111.215709] ? arch_uprobe_clear_state+0x16/0x140
[ 111.215730] futex_hash_free+0x38/0xc0
[ 111.215744] mmput+0x2d3/0x390
[ 111.215764] do_exit+0x79d/0x2970
[ 111.215778] ? signal_wake_up_state+0x85/0x120
[ 111.215794] ? zap_other_threads+0x2b9/0x3a0
[ 111.215810] ? __pfx_do_exit+0x10/0x10
[ 111.215824] ? do_group_exit+0x1c3/0x2a0
[ 111.215838] ? lock_release+0xc8/0x290
[ 111.215854] do_group_exit+0xd3/0x2a0
[ 111.215870] __x64_sys_exit_group+0x3e/0x50
[ 111.215884] x64_sys_call+0x18c5/0x18d0
[ 111.215900] do_syscall_64+0xbf/0x360
[ 111.215913] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.215924] RIP: 0033:0x7f22b7d0ab19
[ 111.215933] Code: Unable to access opcode bytes at 0x7f22b7d0aaef.
[ 111.215938] RSP: 002b:00007fff5bca0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 111.215950] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f22b7d0ab19
[ 111.215958] RDX: 00007f22b7cbd72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 111.215965] RBP: 0000000000000000 R08: 0000001b2ce21e28 R09: 0000000000000000
[ 111.215972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 111.215979] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff5bca0120
[ 111.215998]
[ 111.216002] kmemleak: Object (percpu) 0x607f1a63dd04 (size 8):
[ 111.216009] kmemleak: comm "syz-executor.1", pid 3997, jiffies 4294777808
[ 111.216016] kmemleak: min_count = 1
[ 111.216020] kmemleak: count = 0
[ 111.216024] kmemleak: flags = 0x21
[ 111.216028] kmemleak: checksum = 0
[ 111.216031] kmemleak: backtrace:
[ 111.216035] pcpu_alloc_noprof+0x87a/0x1170
[ 111.216051] alloc_vfsmnt+0x135/0x6e0
[ 111.216065] vfs_create_mount.part.0+0x40/0x440
[ 111.216080] path_mount+0x1637/0x1dd0
[ 111.216091] __x64_sys_mount+0x27b/0x300
[ 111.216103] do_syscall_64+0xbf/0x360
[ 111.216113] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.237195] kmemleak: Cannot insert 0x607f1a63dd08 into the object search tree (overlaps existing)
[ 111.237209] CPU: 0 UID: 0 PID: 4003 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.237226] Tainted: [W]=WARN
[ 111.237230] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.237237] Call Trace:
[ 111.237240]
[ 111.237244] dump_stack_lvl+0xca/0x120
[ 111.237265] __link_object+0x190/0x210
[ 111.237282] __create_object+0x48/0x80
[ 111.237300] pcpu_alloc_noprof+0x87a/0x1170
[ 111.237328] __percpu_counter_init_many+0x44/0x360
[ 111.237344] ? kasan_save_track+0x14/0x30
[ 111.237362] io_uring_alloc_task_context+0xce/0x650
[ 111.237380] ? file_init_path+0x506/0x770
[ 111.237396] ? __pfx_io_uring_alloc_task_context+0x10/0x10
[ 111.237415] ? alloc_file_pseudo+0x1a9/0x220
[ 111.237435] __io_uring_add_tctx_node+0x291/0x4c0
[ 111.237452] ? __pfx___io_uring_add_tctx_node+0x10/0x10
[ 111.237471] ? __anon_inode_getfile+0x177/0x280
[ 111.237491] io_uring_setup+0x1527/0x2000
[ 111.237506] ? __pfx_io_uring_setup+0x10/0x10
[ 111.237530] ? access_error+0x17d/0x380
[ 111.237549] __x64_sys_io_uring_setup+0xc8/0x170
[ 111.237563] do_syscall_64+0xbf/0x360
[ 111.237576] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.237587] RIP: 0033:0x7fcc59b70b19
[ 111.237596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 111.237607] RSP: 002b:00007fcc570e6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 111.237619] RAX: ffffffffffffffda RBX: 00007fcc59c83f60 RCX: 00007fcc59b70b19
[ 111.237626] RDX: 0000000020ffa000 RSI: 0000000020003a00 RDI: 0000000000002262
[ 111.237634] RBP: 0000000020003a00 R08: 0000000020003ac0 R09: 0000000020003ac0
[ 111.237641] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020003ac0
[ 111.237648] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffb000
[ 111.237663]
[ 111.238311] kmemleak: Kernel memory leak detector disabled
[ 111.238315] kmemleak: Object (percpu) 0x607f1a63dd04 (size 8):
[ 111.238322] kmemleak: comm "syz-executor.1", pid 3997, jiffies 4294777808
[ 111.238329] kmemleak: min_count = 1
[ 111.238333] kmemleak: count = 0
[ 111.238336] kmemleak: flags = 0x21
[ 111.238340] kmemleak: checksum = 0
[ 111.238344] kmemleak: backtrace:
[ 111.238347] pcpu_alloc_noprof+0x87a/0x1170
[ 111.238362] alloc_vfsmnt+0x135/0x6e0
[ 111.238376] vfs_create_mount.part.0+0x40/0x440
[ 111.238391] path_mount+0x1637/0x1dd0
[ 111.238402] __x64_sys_mount+0x27b/0x300
[ 111.238414] do_syscall_64+0xbf/0x360
[ 111.238423] entry_SYSCALL_64_after_hwframe+0x77/0x7f
09:24:07 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0)
statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96)
09:24:07 executing program 2:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000140)='selinuxfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
[ 111.342989] ------------[ cut here ]------------
[ 111.343563] WARNING: fs/namespace.c:1434 at mntput_no_expire+0x78e/0xbe0, CPU#0: syz-executor.2/282
[ 111.344343] Modules linked in:
[ 111.344656] CPU: 0 UID: 0 PID: 282 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.346152] Tainted: [W]=WARN
[ 111.346793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.348084] RIP: 0010:mntput_no_expire+0x78e/0xbe0
[ 111.348895] Code: 05 d6 30 81 04 01 e8 71 df 91 ff e9 41 fc ff ff e8 27 47 b4 ff 31 ff 44 89 ee e8 4d 42 b4 ff 45 85 ed 79 09 e8 13 47 b4 ff 90 <0f> 0b 90 e8 0a 47 b4 ff e8 b5 2d fc 02 31 ff 89 c5 89 c6 e8 2a 42
[ 111.352015] RSP: 0018:ffff8880160a7c00 EFLAGS: 00010293
[ 111.352926] RAX: 0000000000000000 RBX: 1ffff11002c14f85 RCX: ffffffff81bfaf93
[ 111.354135] RDX: ffff88800f589b80 RSI: ffffffff81bfaf9d RDI: 0000000000000005
[ 111.355349] RBP: ffff888015d72a80 R08: 0000000000000001 R09: 0000000000000000
[ 111.355927] R10: 00000000ffffffff R11: 0000000000000001 R12: ffff8880160a7c68
[ 111.356521] R13: 00000000ffffffff R14: dead000000000100 R15: ffff888015d72a80
[ 111.357114] FS: 0000555581763400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 111.357775] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 111.358246] CR2: 000055558176cc58 CR3: 000000003cb77000 CR4: 0000000000350ef0
[ 111.358853] Call Trace:
[ 111.359073]
[ 111.359263] ? find_held_lock+0x2b/0x80
[ 111.359632] ? __pfx_mntput_no_expire+0x10/0x10
[ 111.360027] ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 111.360454] ? shrink_dentry_list+0x1a/0x650
[ 111.360827] ? up_write+0x195/0x520
[ 111.361135] namespace_unlock+0x7f1/0x810
[ 111.361503] ? __pfx_namespace_unlock+0x10/0x10
[ 111.361893] ? find_held_lock+0x2b/0x80
[ 111.362227] ? lock_release+0xc8/0x290
[ 111.362575] path_umount+0x6a4/0x1100
[ 111.362893] ? kmem_cache_free+0x2a1/0x540
[ 111.363240] ? __pfx_path_umount+0x10/0x10
[ 111.363621] ? putname.part.0+0x11b/0x160
[ 111.363968] __x64_sys_umount+0x15c/0x190
[ 111.364309] ? __pfx___x64_sys_umount+0x10/0x10
[ 111.364718] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 111.365146] do_syscall_64+0xbf/0x360
[ 111.365491] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.365910] RIP: 0033:0x7f22b7d0bf87
[ 111.366218] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 111.367698] RSP: 002b:00007fff5bc9ef58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 111.368309] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 00007f22b7d0bf87
[ 111.368897] RDX: 00007fff5bc9f029 RSI: 000000000000000a RDI: 00007fff5bc9f020
[ 111.369488] RBP: 00007fff5bc9f020 R08: 00000000ffffffff R09: 00007fff5bc9edf0
[ 111.370063] R10: 0000555581764c7b R11: 0000000000000246 R12: 00007f22b7d64105
[ 111.370648] R13: 00007fff5bca00e0 R14: 0000555581764c20 R15: 00007fff5bca0120
[ 111.371233]
[ 111.371462] irq event stamp: 175175
[ 111.371758] hardirqs last enabled at (175183): [] __up_console_sem+0x78/0x80
[ 111.372471] hardirqs last disabled at (175192): [] __up_console_sem+0x5d/0x80
[ 111.373165] softirqs last enabled at (174954): [] handle_softirqs+0x50c/0x770
[ 111.373897] softirqs last disabled at (174949): [] __irq_exit_rcu+0xc4/0x100
[ 111.374621] ---[ end trace 0000000000000000 ]---
[ 111.407449] ------------[ cut here ]------------
[ 111.407869] WARNING: fs/namespace.c:1434 at mntput_no_expire+0x78e/0xbe0, CPU#0: syz-executor.2/282
[ 111.408641] Modules linked in:
[ 111.408921] CPU: 0 UID: 0 PID: 282 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.409907] Tainted: [W]=WARN
[ 111.410164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.410842] RIP: 0010:mntput_no_expire+0x78e/0xbe0
[ 111.411248] Code: 05 d6 30 81 04 01 e8 71 df 91 ff e9 41 fc ff ff e8 27 47 b4 ff 31 ff 44 89 ee e8 4d 42 b4 ff 45 85 ed 79 09 e8 13 47 b4 ff 90 <0f> 0b 90 e8 0a 47 b4 ff e8 b5 2d fc 02 31 ff 89 c5 89 c6 e8 2a 42
[ 111.412718] RSP: 0018:ffff8880160a7ce0 EFLAGS: 00010293
[ 111.413150] RAX: 0000000000000000 RBX: 1ffff11002c14fa1 RCX: ffffffff81bfaf93
[ 111.413751] RDX: ffff88800f589b80 RSI: ffffffff81bfaf9d RDI: 0000000000000005
[ 111.414336] RBP: ffff888015d72a80 R08: 0000000000000001 R09: 0000000000000000
[ 111.414910] R10: 00000000ffffffff R11: 0000000000000001 R12: ffff8880160a7d48
[ 111.415515] R13: 00000000ffffffff R14: ffff888015d72a80 R15: ffff888015d72b68
[ 111.416087] FS: 0000555581763400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 111.416745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 111.417215] CR2: 000055558053cc98 CR3: 000000003cb77000 CR4: 0000000000350ef0
[ 111.417810] Call Trace:
[ 111.418025]
[ 111.418222] ? __pfx_mntput_no_expire+0x10/0x10
[ 111.418628] ? dput.part.0+0xce/0x930
[ 111.418946] ? lock_release+0xc8/0x290
[ 111.419273] path_umount+0x6e0/0x1100
[ 111.419617] ? kmem_cache_free+0x2a1/0x540
[ 111.419969] ? __pfx_path_umount+0x10/0x10
[ 111.420335] ? putname.part.0+0x11b/0x160
[ 111.420689] __x64_sys_umount+0x15c/0x190
[ 111.421027] ? __pfx___x64_sys_umount+0x10/0x10
[ 111.421429] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 111.421861] do_syscall_64+0xbf/0x360
[ 111.422176] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.422627] RIP: 0033:0x7f22b7d0bf87
[ 111.422935] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 111.424426] RSP: 002b:00007fff5bc9ef58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 111.425035] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 00007f22b7d0bf87
[ 111.425643] RDX: 00007fff5bc9f029 RSI: 000000000000000a RDI: 00007fff5bc9f020
[ 111.426225] RBP: 00007fff5bc9f020 R08: 00000000ffffffff R09: 00007fff5bc9edf0
[ 111.426829] R10: 0000555581764c7b R11: 0000000000000246 R12: 00007f22b7d64105
[ 111.427440] R13: 00007fff5bca00e0 R14: 0000555581764c20 R15: 00007fff5bca0120
[ 111.428860]
[ 111.429062] irq event stamp: 175841
[ 111.429975] hardirqs last enabled at (176151): [] __up_console_sem+0x78/0x80
[ 111.430776] hardirqs last disabled at (176194): [] __up_console_sem+0x5d/0x80
[ 111.431523] softirqs last enabled at (176192): [] handle_softirqs+0x50c/0x770
[ 111.432234] softirqs last disabled at (176159): [] __irq_exit_rcu+0xc4/0x100
[ 111.432953] ---[ end trace 0000000000000000 ]---
09:24:07 executing program 5:
socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, 0x0)
openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_aout(r0, &(0x7f0000000200), 0x20)
pselect6(0x40, &(0x7f0000001d80)={0xb3}, 0x0, 0x0, 0x0, 0x0)
09:24:07 executing program 0:
r0 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
io_uring_register$IORING_REGISTER_PROBE(r0, 0xd, 0x0, 0x20)
09:24:07 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)={0x28, 0x11, 0x1, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='(n\x00'}, @typed={0xd, 0x0, 0x0, 0x0, @str=',\'.),[)/\x00'}]}, 0x28}], 0x1}, 0x0)
09:24:07 executing program 6:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000140)='selinuxfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
09:24:07 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0xc00, 0x0)
statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/96)
09:24:07 executing program 4:
r0 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
io_uring_register$IORING_REGISTER_PROBE(r0, 0xd, 0x0, 0x20)
09:24:07 executing program 2:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000140)='selinuxfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
09:24:07 executing program 7:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000140)='selinuxfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
[ 111.504870] ------------[ cut here ]------------
[ 111.505287] WARNING: fs/namespace.c:1434 at mntput_no_expire+0x78e/0xbe0, CPU#0: syz-executor.6/286
[ 111.506051] Modules linked in:
[ 111.506385] CPU: 0 UID: 0 PID: 286 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.507351] Tainted: [W]=WARN
[ 111.507603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.508253] RIP: 0010:mntput_no_expire+0x78e/0xbe0
[ 111.508672] Code: 05 d6 30 81 04 01 e8 71 df 91 ff e9 41 fc ff ff e8 27 47 b4 ff 31 ff 44 89 ee e8 4d 42 b4 ff 45 85 ed 79 09 e8 13 47 b4 ff 90 <0f> 0b 90 e8 0a 47 b4 ff e8 b5 2d fc 02 31 ff 89 c5 89 c6 e8 2a 42
[ 111.510131] RSP: 0018:ffff888016e5fc00 EFLAGS: 00010293
[ 111.510573] RAX: 0000000000000000 RBX: 1ffff11002dcbf85 RCX: ffffffff81bfaf93
[ 111.511132] RDX: ffff88801be9d280 RSI: ffffffff81bfaf9d RDI: 0000000000000005
[ 111.511720] RBP: ffff88801c5e08c0 R08: 0000000000000001 R09: 0000000000000000
[ 111.512287] R10: 00000000ffffffff R11: 0000000000000001 R12: ffff888016e5fc68
[ 111.512874] R13: 00000000ffffffff R14: dead000000000100 R15: ffff88801c5e08c0
[ 111.513455] FS: 0000555590f21400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 111.514093] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 111.514624] CR2: 00007ffd20728fe8 CR3: 0000000042e50000 CR4: 0000000000350ef0
[ 111.515185] Call Trace:
[ 111.515419]
[ 111.515604] ? __pfx_autoremove_wake_function+0x10/0x10
[ 111.516034] ? __pfx_mntput_no_expire+0x10/0x10
[ 111.516447] ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 111.516834] ? shrink_dentry_list+0x1a/0x650
[ 111.517198] ? up_write+0x195/0x520
[ 111.517515] namespace_unlock+0x7f1/0x810
[ 111.517862] ? __pfx_namespace_unlock+0x10/0x10
[ 111.518240] ? find_held_lock+0x2b/0x80
[ 111.518583] ? lock_release+0xc8/0x290
[ 111.518902] path_umount+0x6a4/0x1100
[ 111.519210] ? kmem_cache_free+0x2a1/0x540
[ 111.519575] ? __pfx_path_umount+0x10/0x10
[ 111.519915] ? putname.part.0+0x11b/0x160
[ 111.520254] __x64_sys_umount+0x15c/0x190
[ 111.520600] ? __pfx___x64_sys_umount+0x10/0x10
[ 111.520975] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 111.521413] do_syscall_64+0xbf/0x360
[ 111.521727] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.522135] RIP: 0033:0x7fec930e9f87
[ 111.522543] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 111.524018] RSP: 002b:00007ffd20729728 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 111.524633] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00007fec930e9f87
[ 111.525196] RDX: 00007ffd207297f9 RSI: 000000000000000a RDI: 00007ffd207297f0
[ 111.525769] RBP: 00007ffd207297f0 R08: 00000000ffffffff R09: 00007ffd207295c0
[ 111.526345] R10: 0000555590f22c7b R11: 0000000000000246 R12: 00007fec93142105
[ 111.526907] R13: 00007ffd2072a8b0 R14: 0000555590f22c20 R15: 00007ffd2072a8f0
[ 111.527566]
[ 111.527764] irq event stamp: 183461
[ 111.528052] hardirqs last enabled at (183469): [] __up_console_sem+0x78/0x80
[ 111.528904] hardirqs last disabled at (183526): [] __up_console_sem+0x5d/0x80
[ 111.529616] softirqs last enabled at (183524): [] handle_softirqs+0x50c/0x770
[ 111.530310] softirqs last disabled at (183477): [] __irq_exit_rcu+0xc4/0x100
[ 111.531694] ---[ end trace 0000000000000000 ]---
[ 111.568462] ------------[ cut here ]------------
[ 111.568875] WARNING: fs/namespace.c:1434 at mntput_no_expire+0x78e/0xbe0, CPU#0: syz-executor.6/286
[ 111.569646] Modules linked in:
[ 111.569917] CPU: 0 UID: 0 PID: 286 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.570865] Tainted: [W]=WARN
[ 111.571116] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.571793] RIP: 0010:mntput_no_expire+0x78e/0xbe0
[ 111.572194] Code: 05 d6 30 81 04 01 e8 71 df 91 ff e9 41 fc ff ff e8 27 47 b4 ff 31 ff 44 89 ee e8 4d 42 b4 ff 45 85 ed 79 09 e8 13 47 b4 ff 90 <0f> 0b 90 e8 0a 47 b4 ff e8 b5 2d fc 02 31 ff 89 c5 89 c6 e8 2a 42
[ 111.573636] RSP: 0018:ffff888016e5fce0 EFLAGS: 00010293
[ 111.574057] RAX: 0000000000000000 RBX: 1ffff11002dcbfa1 RCX: ffffffff81bfaf93
[ 111.574641] RDX: ffff88801be9d280 RSI: ffffffff81bfaf9d RDI: 0000000000000005
[ 111.575199] RBP: ffff88801c5e08c0 R08: 0000000000000001 R09: 0000000000000000
[ 111.575782] R10: 00000000fffffffe R11: 0000000000000001 R12: ffff888016e5fd48
[ 111.576361] R13: 00000000fffffffe R14: ffff88801c5e08c0 R15: ffff88801c5e09a8
[ 111.576921] FS: 0000555590f21400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 111.577566] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 111.578025] CR2: 000000c00d351290 CR3: 0000000042e50000 CR4: 0000000000350ef0
[ 111.578599] Call Trace:
[ 111.578807]
[ 111.578992] ? __pfx_mntput_no_expire+0x10/0x10
[ 111.579397] ? dput.part.0+0xce/0x930
[ 111.579713] ? lock_release+0xc8/0x290
[ 111.580032] path_umount+0x6e0/0x1100
[ 111.580360] ? kmem_cache_free+0x2a1/0x540
[ 111.580703] ? __pfx_path_umount+0x10/0x10
[ 111.581037] ? putname.part.0+0x11b/0x160
[ 111.581391] __x64_sys_umount+0x15c/0x190
[ 111.581722] ? __pfx___x64_sys_umount+0x10/0x10
[ 111.582097] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 111.582534] do_syscall_64+0xbf/0x360
[ 111.582844] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.583251] RIP: 0033:0x7fec930e9f87
[ 111.583586] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 111.585026] RSP: 002b:00007ffd20729728 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 111.585641] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00007fec930e9f87
[ 111.586201] RDX: 00007ffd207297f9 RSI: 000000000000000a RDI: 00007ffd207297f0
[ 111.586774] RBP: 00007ffd207297f0 R08: 00000000ffffffff R09: 00007ffd207295c0
[ 111.587356] R10: 0000555590f22c7b R11: 0000000000000246 R12: 00007fec93142105
[ 111.587922] R13: 00007ffd2072a8b0 R14: 0000555590f22c20 R15: 00007ffd2072a8f0
[ 111.588511]
[ 111.588703] irq event stamp: 184215
[ 111.588986] hardirqs last enabled at (184223): [] __up_console_sem+0x78/0x80
[ 111.589689] hardirqs last disabled at (184232): [] __up_console_sem+0x5d/0x80
[ 111.590384] softirqs last enabled at (184204): [] handle_softirqs+0x50c/0x770
[ 111.591079] softirqs last disabled at (184197): [] __irq_exit_rcu+0xc4/0x100
[ 111.591918] ---[ end trace 0000000000000000 ]---
09:24:07 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
setsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, 0x0, 0x0)
write(r0, &(0x7f00000000c0)="d2a5f3169d97fecea330ccd464a605e8", 0x10)
09:24:07 executing program 6:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000140)='selinuxfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
09:24:07 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)={0x28, 0x11, 0x1, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='(n\x00'}, @typed={0xd, 0x0, 0x0, 0x0, @str=',\'.),[)/\x00'}]}, 0x28}], 0x1}, 0x0)
09:24:07 executing program 2:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000140)='selinuxfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
09:24:07 executing program 0:
r0 = syz_io_uring_setup(0x2262, &(0x7f0000003a00), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000003ac0))
io_uring_register$IORING_REGISTER_PROBE(r0, 0xd, 0x0, 0x20)
09:24:07 executing program 7:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000140)='selinuxfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
09:24:07 executing program 5:
socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, 0x0)
openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_aout(r0, &(0x7f0000000200), 0x20)
pselect6(0x40, &(0x7f0000001d80)={0xb3}, 0x0, 0x0, 0x0, 0x0)
09:24:07 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000400)={0x18, 0x0, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}}, 0x0)
09:24:07 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000400)={0x18, 0x0, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}}, 0x0)
09:24:07 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
setsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, 0x0, 0x0)
write(r0, &(0x7f00000000c0)="d2a5f3169d97fecea330ccd464a605e8", 0x10)
09:24:07 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
setsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, 0x0, 0x0)
write(r0, &(0x7f00000000c0)="d2a5f3169d97fecea330ccd464a605e8", 0x10)
09:24:07 executing program 3:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = io_uring_setup(0x653b, &(0x7f0000000540))
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
[ 111.802756] Oops: general protection fault, probably for non-canonical address 0xfdfffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 111.803681] KASAN: maybe wild-memory-access in range [0xf000000000000190-0xf000000000000197]
[ 111.804346] CPU: 0 UID: 0 PID: 4055 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.805284] Tainted: [W]=WARN
[ 111.805534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.806181] RIP: 0010:perf_tp_event+0x175/0xe70
[ 111.806562] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 111.807988] RSP: 0018:ffff888045f07780 EFLAGS: 00010012
[ 111.808409] RAX: 1e00000000000032 RBX: efffffffffffffa0 RCX: ffffc9000600d000
[ 111.808969] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: f000000000000190
[ 111.809527] RBP: ffff888045f079f0 R08: ffff88806ce31340 R09: ffffe8ffffc15af0
[ 111.810081] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 111.810644] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 111.811200] FS: 00007fcc570e6700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 111.811835] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 111.812295] CR2: 00007fcc59c84018 CR3: 000000000d2a9000 CR4: 0000000000350ef0
[ 111.812858] Call Trace:
[ 111.813064]
[ 111.813250] ? __pfx_perf_tp_event+0x10/0x10
[ 111.813607] ? __asan_memcpy+0x3d/0x60
[ 111.813925] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10
[ 111.814433] ? lock_is_held_type+0x9e/0x120
[ 111.814781] ? ctx_sched_in+0x134/0x9b0
[ 111.815096] ? css_rstat_updated+0x1b8/0x4d0
[ 111.815460] ? __pfx_css_rstat_updated+0x10/0x10
[ 111.815840] ? lock_is_held_type+0x9e/0x120
[ 111.816191] ? perf_trace_run_bpf_submit+0xef/0x180
[ 111.816590] ? lock_is_held_type+0x9e/0x120
[ 111.816938] perf_trace_run_bpf_submit+0xef/0x180
[ 111.817325] perf_trace_preemptirq_template+0x259/0x430
[ 111.817747] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 111.818210] ? check_preempt_wakeup_fair+0x406/0x950
[ 111.818616] ? find_held_lock+0x2b/0x80
[ 111.818940] ? try_to_wake_up+0x8ae/0x11d0
[ 111.819285] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 111.819698] trace_irq_enable.constprop.0+0xa6/0x100
[ 111.820098] trace_hardirqs_on+0x26/0x40
[ 111.820422] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 111.820814] try_to_wake_up+0x8ae/0x11d0
[ 111.821143] ? __pfx_try_to_wake_up+0x10/0x10
[ 111.821504] ? plist_del+0x122/0x270
[ 111.821806] ? find_held_lock+0x2b/0x80
[ 111.822130] ? futex_wake+0x474/0x540
[ 111.822438] wake_up_q+0xa1/0x130
[ 111.822724] futex_wake+0x47e/0x540
[ 111.823021] ? __pfx_futex_wake+0x10/0x10
[ 111.823390] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 111.823796] ? lock_release+0xc8/0x290
[ 111.824113] do_futex+0x26d/0x370
[ 111.824395] ? __pfx_do_futex+0x10/0x10
[ 111.824716] __x64_sys_futex+0x1c9/0x4d0
[ 111.825042] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 111.825504] ? __pfx___x64_sys_futex+0x10/0x10
[ 111.825869] ? xfd_validate_state+0x55/0x180
[ 111.826229] do_syscall_64+0xbf/0x360
[ 111.826539] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.826946] RIP: 0033:0x7fcc59b70b19
[ 111.827239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 111.828660] RSP: 002b:00007fcc570e6218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 111.829262] RAX: ffffffffffffffda RBX: 00007fcc59c83f68 RCX: 00007fcc59b70b19
[ 111.829822] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcc59c83f6c
[ 111.830382] RBP: 00007fcc59c83f60 R08: 000000000000000e R09: 0000000000000000
[ 111.830935] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fcc59c83f6c
[ 111.831490] R13: 00007ffd74aafd8f R14: 00007fcc570e6300 R15: 0000000000022000
[ 111.832046]
[ 111.832233] Modules linked in:
[ 111.832491] ---[ end trace 0000000000000000 ]---
[ 111.832856] RIP: 0010:perf_tp_event+0x175/0xe70
[ 111.833228] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 111.834629] RSP: 0018:ffff888045f07780 EFLAGS: 00010012
[ 111.835042] RAX: 1e00000000000032 RBX: efffffffffffffa0 RCX: ffffc9000600d000
[ 111.835604] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: f000000000000190
[ 111.836154] RBP: ffff888045f079f0 R08: ffff88806ce31340 R09: ffffe8ffffc15af0
[ 111.836712] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 111.837261] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 111.837816] FS: 00007fcc570e6700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 111.838441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 111.838892] CR2: 00007fcc59c84018 CR3: 000000000d2a9000 CR4: 0000000000350ef0
[ 111.839455] note: syz-executor.4[4055] exited with irqs disabled
[ 111.839988] Oops: general protection fault, probably for non-canonical address 0xfdfffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 111.840846] KASAN: maybe wild-memory-access in range [0xf000000000000190-0xf000000000000197]
[ 111.841496] CPU: 0 UID: 0 PID: 4055 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.842419] Tainted: [D]=DIE, [W]=WARN
[ 111.842718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.843366] RIP: 0010:perf_tp_event+0x175/0xe70
[ 111.843739] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 111.845131] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012
[ 111.845543] RAX: 1e00000000000032 RBX: efffffffffffffa0 RCX: ffffffff818998a3
[ 111.846092] RDX: ffff888045f10000 RSI: ffffffff8189a4e7 RDI: f000000000000190
[ 111.846642] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc15af0
[ 111.847189] R10: 0000000000000000 R11: ffff88801e88f498 R12: dffffc0000000000
[ 111.847742] R13: 0000000000000000 R14: ffff88806ce313e8 R15: dffffc0000000000
[ 111.848299] FS: 00007fcc570e6700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 111.848916] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 111.849366] CR2: 00007fcc59c84018 CR3: 000000000d2a9000 CR4: 0000000000350ef0
[ 111.849916] Call Trace:
[ 111.850119]
[ 111.850295] ? __pfx_perf_tp_event+0x10/0x10
[ 111.850649] ? check_preempt_wakeup_fair+0x6e/0x950
[ 111.851042] ? wakeup_preempt+0x140/0x2a0
[ 111.851412] ? lock_release+0x1c7/0x290
[ 111.851729] ? lock_release+0x1c7/0x290
[ 111.852049] ? do_raw_spin_unlock+0x53/0x220
[ 111.852399] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 111.852799] ? try_to_wake_up+0x8ae/0x11d0
[ 111.853135] ? do_raw_spin_lock+0x123/0x260
[ 111.853479] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 111.853848] ? perf_trace_run_bpf_submit+0xef/0x180
[ 111.854243] perf_trace_run_bpf_submit+0xef/0x180
[ 111.854630] perf_trace_preemptirq_template+0x259/0x430
[ 111.855043] ? read_tsc+0x9/0x20
[ 111.855316] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 111.855782] ? clockevents_program_event+0x135/0x360
[ 111.856184] ? tick_program_event+0xac/0x140
[ 111.856530] ? handle_softirqs+0x16e/0x770
[ 111.856868] trace_irq_enable.constprop.0+0xa6/0x100
[ 111.857262] trace_hardirqs_on+0x26/0x40
[ 111.857580] handle_softirqs+0x16e/0x770
[ 111.857912] __irq_exit_rcu+0xc4/0x100
[ 111.858223] irq_exit_rcu+0x9/0x20
[ 111.858506] sysvec_apic_timer_interrupt+0x70/0x80
[ 111.858895]
[ 111.859075]
[ 111.859254] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 111.859669] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 111.860038] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de
[ 111.861436] RSP: 0018:ffff888045f07f28 EFLAGS: 00000246
[ 111.861848] RAX: 0000000000000001 RBX: ffff888045f10000 RCX: ffffffff817c3ab6
[ 111.862398] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 111.862950] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 111.863504] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff888045f10000
[ 111.864054] R13: 0000000000000000 R14: fdfffc0000000032 R15: 0000000000000000
[ 111.864602] ? trace_irq_enable.constprop.0+0x26/0x100
[ 111.865017] ? make_task_dead+0x214/0x3b0
[ 111.865347] ? make_task_dead+0x214/0x3b0
[ 111.865672] ? do_syscall_64+0xbf/0x360
[ 111.865989] rewind_stack_and_make_dead+0x16/0x20
[ 111.866372] RIP: 0033:0x7fcc59b70b19
[ 111.866663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 111.868063] RSP: 002b:00007fcc570e6218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 111.868651] RAX: ffffffffffffffda RBX: 00007fcc59c83f68 RCX: 00007fcc59b70b19
[ 111.869200] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcc59c83f6c
[ 111.869748] RBP: 00007fcc59c83f60 R08: 000000000000000e R09: 0000000000000000
[ 111.870299] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fcc59c83f6c
[ 111.870845] R13: 00007ffd74aafd8f R14: 00007fcc570e6300 R15: 0000000000022000
[ 111.871410]
[ 111.871600] Modules linked in:
[ 111.871860] ---[ end trace 0000000000000000 ]---
[ 111.872229] RIP: 0010:perf_tp_event+0x175/0xe70
[ 111.872602] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 111.874013] RSP: 0018:ffff888045f07780 EFLAGS: 00010012
[ 111.874430] RAX: 1e00000000000032 RBX: efffffffffffffa0 RCX: ffffc9000600d000
[ 111.874987] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: f000000000000190
[ 111.875547] RBP: ffff888045f079f0 R08: ffff88806ce31340 R09: ffffe8ffffc15af0
[ 111.876106] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 111.876660] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 111.877215] FS: 00007fcc570e6700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 111.877846] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 111.878300] CR2: 00007fcc59c84018 CR3: 000000000d2a9000 CR4: 0000000000350ef0
[ 111.878857] Kernel panic - not syncing: Fatal exception in interrupt
[ 111.879619] Kernel Offset: disabled
[ 111.879913] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
09:24:07 Registers:
info registers vcpu 0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff8880160a74d0
R8 =0000000000000000 R9 =ffffed1001891046 R10=0000000000000030 R11=0000000000000001
R12=0000000000000030 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555581763400 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe4500000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055558176cc58 CR3=000000003cb77000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=0000000000000100 RCX=ffffffff81b98698 RDX=ffff888044819b80
RSI=ffffffff81b98663 RDI=0000000000000001 RBP=ffff888045fb7b50 RSP=ffff888045fb7ac0
R8 =0000000000000001 R9 =ffffffff81b97d93 R10=0000000000000001 R11=0000000000000001
R12=ffff888045fb7c2c R13=00000000000007c5 R14=ffff888045fb7bf0 R15=0000000000000001
RIP=ffffffff81b98665 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f855f3128c0 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe4c00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f66e6824718 CR3=000000000a63a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000ff0000000000ff0000 XMM03=000000000f00000000000031706f6f6c
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=000056417b8e1f10000056417b8e1ac0
XMM06=000056417b8b3ca00000000000000000 XMM07=00000000000000000000000000000000
XMM08=732f636f72702f006b63616d7300632e XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000